security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

*** empty log message ***

This commit is contained in:
Werner Koch 1998-05-29 11:53:54 +00:00
parent eed2faab53
commit e284277f04
35 changed files with 1099 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
NEWS
View File

@ -14,6 +14,12 @@ Noteworthy changes in version 0.2.19
* --add-key works and you are now able to generate subkeys.
* It is now possible to generate ElGamal keys in v4 packets to create
valid OpenPGP keys.
* Some new features for better integration into MUAs.
Noteworthy changes in version 0.2.18
------------------------------------

41
README
View File

@ -30,11 +30,10 @@
the United States until Sep 20, 2000). I'm sorry about this, but
this is the world we have created (e.g. by using proprietary software).
Because the OpenPGP standard is still a draft, GNUPG is not yet
compatible with it (or PGP 5) - but it will be. The data structures
used are compatible with PGP 2.x, so it can parse and list such files
and PGP should be able to parse data created by GNUPG and complain
about unsupported algorithms.
Because the OpenPGP standard is still a draft, GNUPG now interoperates
with it and PGP 5. The MUA Mutt will soon support GNUPG; it has a
mode to fallback to another program if the received message has been
created with RSA or IDEA.
The default algorithms used by GNUPG are ElGamal for public-key
encryption and signing; Blowfish with a 128 bit key for protecting
@ -76,31 +75,6 @@
Because we have no hardware device to generate randomness we have to
use this method.
Key generation shows progress by printing different characters to
stderr:
"." Last 10 Miller-Rabin tests failed
"+" Miller-Rabin test succeeded
"!" Reloading the pool with fresh prime numbers
"^" Checking a new value for the generator
"<" Size of one factor decreased
">" Size of one factor increased
The prime number for ElGamal is generated this way:
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize)
2) Select the length of the other prime factors to be at least the size
of q and calculate the number of prime factors needed
3) Make a pool of prime numbers, each of the length determined in step 2
4) Get a new permutation out of the pool or continue with step 3
if we have tested all permutations.
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
6) Check that this prime has the correct length (this may change q if
it seems not to be possible to make a prime of the desired length)
7) Check whether this is a prime using trial divisions and the
Miller-Rabin test.
8) Continue with step 4 if we did not find a prime in step 7.
9) Find a generator for that prime.
You should make a revocation certificate in case someone gets
knowledge of your secret key or you forgot your passphrase:
@ -110,6 +84,13 @@
so that you can print it and (hopefully never) re-create it if
your electronic media fails.
If you decided to create a DSA key, you should add an ElGamal
for encryption:
gpg --add-key user_id_of_your_key
and follow the displayed instructions (select "ElGamal using v4 packets").
You can sign a key with this command:

3
TODO
View File

@ -2,6 +2,9 @@
* add usage arguments to get_key_byname or return a PKC_LIST with
all keys and add a selection.
* add expiration date and other stuff from v4 sigs to the trust
checking.
* add readline support. Must enhance libreadline - Anyone?
* Burn the buffers used by fopen(), or use read(2).

2
VERSION
View File

@ -1 +1 @@
0.2.18a
0.2.19

1
cipher/Makefile.am
View File

@ -11,6 +11,7 @@ libcipher_a_SOURCES = cipher.c \
blowfish.h \
cast5.c \
cast5.h \
des.h \
elgamal.c \
elgamal.h \
md5.c \

1
cipher/Makefile.in
View File

@ -102,6 +102,7 @@ libcipher_a_SOURCES = cipher.c \
blowfish.h \
cast5.c \
cast5.h \
des.h \
elgamal.c \
elgamal.h \
md5.c \

14
cipher/cipher.c
View File

@ -31,6 +31,7 @@
#include "cipher.h"
#include "blowfish.h"
#include "cast5.h"
#include "des.h"
#define STD_BLOCKSIZE 8
@ -38,12 +39,14 @@
#error Invalid BLOWFISH blocksize
#elif CAST5_BLOCKSIZE != STD_BLOCKSIZE
#error Invalid CAST blocksize
#elif DES_BLOCKSIZE != STD_BLOCKSIZE
#error Invalid DES blocksize
#endif
static struct { const char *name; int algo; int keylen; } cipher_names[] = {
{ "IDEA", CIPHER_ALGO_IDEA ,0 },
{ "3DES", CIPHER_ALGO_3DES ,0 },
{ "3DES", CIPHER_ALGO_3DES ,168 },
{ "CAST", CIPHER_ALGO_CAST ,128 },
{ "BLOWFISH160", CIPHER_ALGO_BLOWFISH160 ,160 },
{ "SAFER_SK128", CIPHER_ALGO_SAFER_SK128 ,0 },
@ -123,6 +126,7 @@ check_cipher_algo( int algo )
case CIPHER_ALGO_BLOWFISH160:
case CIPHER_ALGO_BLOWFISH:
case CIPHER_ALGO_CAST:
case CIPHER_ALGO_3DES:
case CIPHER_ALGO_DUMMY:
return 0;
default:
@ -186,7 +190,13 @@ cipher_open( int algo, int mode, int secure )
hd->encrypt = FNCCAST_CRYPT(cast5_encrypt_block);
hd->decrypt = FNCCAST_CRYPT(cast5_decrypt_block);
break;
#if 0
case CIPHER_ALGO_3DES:
hd->setkey = FNCCAST_SETKEY(des_3des_setkey);
hd->encrypt = FNCCAST_CRYPT(des_encrypt_block);
hd->decrypt = FNCCAST_CRYPT(des_decrypt_block);
break;
#endif
case CIPHER_ALGO_DUMMY:
hd->setkey = FNCCAST_SETKEY(dummy_setkey);
hd->encrypt = FNCCAST_CRYPT(dummy_encrypt_block);

525
cipher/des.c Normal file
View File

@ -0,0 +1,525 @@
/* des.c
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* Test values:
*
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "types.h"
#include "des.h"
/* precomputed S boxes */
static const u32 ks0[256] = {
0xD1310BA6,0x98DFB5AC,0x2FFD72DB,0xD01ADFB7,0xB8E1AFED,0x6A267E96,
0xBA7C9045,0xF12C7F99,0x24A19947,0xB3916CF7,0x0801F2E2,0x858EFC16,
0x636920D8,0x71574E69,0xA458FEA3,0xF4933D7E,0x0D95748F,0x728EB658,
0x718BCD58,0x82154AEE,0x7B54A41D,0xC25A59B5,0x9C30D539,0x2AF26013,
0xC5D1B023,0x286085F0,0xCA417918,0xB8DB38EF,0x8E79DCB0,0x603A180E,
0x6C9E0E8B,0xB01E8A3E,0xD71577C1,0xBD314B27,0x78AF2FDA,0x55605C60,
0xE65525F3,0xAA55AB94,0x57489862,0x63E81440,0x55CA396A,0x2AAB10B6,
0xB4CC5C34,0x1141E8CE,0xA15486AF,0x7C72E993,0xB3EE1411,0x636FBC2A,
0x2BA9C55D,0x741831F6,0xCE5C3E16,0x9B87931E,0xAFD6BA33,0x6C24CF5C,
0x7A325381,0x28958677,0x3B8F4898,0x6B4BB9AF,0xC4BFE81B,0x66282193,
0x61D809CC,0xFB21A991,0x487CAC60,0x5DEC8032,0xEF845D5D,0xE98575B1,
0xDC262302,0xEB651B88,0x23893E81,0xD396ACC5,0x0F6D6FF3,0x83F44239,
0x2E0B4482,0xA4842004,0x69C8F04A,0x9E1F9B5E,0x21C66842,0xF6E96C9A,
0x670C9C61,0xABD388F0,0x6A51A0D2,0xD8542F68,0x960FA728,0xAB5133A3,
0x6EEF0B6C,0x137A3BE4,0xBA3BF050,0x7EFB2A98,0xA1F1651D,0x39AF0176,
0x66CA593E,0x82430E88,0x8CEE8619,0x456F9FB4,0x7D84A5C3,0x3B8B5EBE,
0xE06F75D8,0x85C12073,0x401A449F,0x56C16AA6,0x4ED3AA62,0x363F7706,
0x1BFEDF72,0x429B023D,0x37D0D724,0xD00A1248,0xDB0FEAD3,0x49F1C09B,
0x075372C9,0x80991B7B,0x25D479D8,0xF6E8DEF7,0xE3FE501A,0xB6794C3B,
0x976CE0BD,0x04C006BA,0xC1A94FB6,0x409F60C4,0x5E5C9EC2,0x196A2463,
0x68FB6FAF,0x3E6C53B5,0x1339B2EB,0x3B52EC6F,0x6DFC511F,0x9B30952C,
0xCC814544,0xAF5EBD09,0xBEE3D004,0xDE334AFD,0x660F2807,0x192E4BB3,
0xC0CBA857,0x45C8740F,0xD20B5F39,0xB9D3FBDB,0x5579C0BD,0x1A60320A,
0xD6A100C6,0x402C7279,0x679F25FE,0xFB1FA3CC,0x8EA5E9F8,0xDB3222F8,
0x3C7516DF,0xFD616B15,0x2F501EC8,0xAD0552AB,0x323DB5FA,0xFD238760,
0x53317B48,0x3E00DF82,0x9E5C57BB,0xCA6F8CA0,0x1A87562E,0xDF1769DB,
0xD542A8F6,0x287EFFC3,0xAC6732C6,0x8C4F5573,0x695B27B0,0xBBCA58C8,
0xE1FFA35D,0xB8F011A0,0x10FA3D98,0xFD2183B8,0x4AFCB56C,0x2DD1D35B,
0x9A53E479,0xB6F84565,0xD28E49BC,0x4BFB9790,0xE1DDF2DA,0xA4CB7E33,
0x62FB1341,0xCEE4C6E8,0xEF20CADA,0x36774C01,0xD07E9EFE,0x2BF11FB4,
0x95DBDA4D,0xAE909198,0xEAAD8E71,0x6B93D5A0,0xD08ED1D0,0xAFC725E0,
0x8E3C5B2F,0x8E7594B7,0x8FF6E2FB,0xF2122B64,0x8888B812,0x900DF01C,
0x4FAD5EA0,0x688FC31C,0xD1CFF191,0xB3A8C1AD,0x2F2F2218,0xBE0E1777,
0xEA752DFE,0x8B021FA1,0xE5A0CC0F,0xB56F74E8,0x18ACF3D6,0xCE89E299,
0xB4A84FE0,0xFD13E0B7,0x7CC43B81,0xD2ADA8D9,0x165FA266,0x80957705,
0x93CC7314,0x211A1477,0xE6AD2065,0x77B5FA86,0xC75442F5,0xFB9D35CF,
0xEBCDAF0C,0x7B3E89A0,0xD6411BD3,0xAE1E7E49,0x00250E2D,0x2071B35E,
0x226800BB,0x57B8E0AF,0x2464369B,0xF009B91E,0x5563911D,0x59DFA6AA,
0x78C14389,0xD95A537F,0x207D5BA2,0x02E5B9C5,0x83260376,0x6295CFA9,
0x11C81968,0x4E734A41,0xB3472DCA,0x7B14A94A,0x1B510052,0x9A532915,
0xD60F573F,0xBC9BC6E4,0x2B60A476,0x81E67400,0x08BA6FB5,0x571BE91F,
0xF296EC6B,0x2A0DD915,0xB6636521,0xE7B9F9B6,0xFF34052E,0xC5855664,
0x53B02D5D,0xA99F8FA1,0x08BA4799,0x6E85076A };
static const u32 ks1[256] = {
0x4B7A70E9,0xB5B32944,0xDB75092E,0xC4192623,0xAD6EA6B0,0x49A7DF7D,
0x9CEE60B8,0x8FEDB266,0xECAA8C71,0x699A17FF,0x5664526C,0xC2B19EE1,
0x193602A5,0x75094C29,0xA0591340,0xE4183A3E,0x3F54989A,0x5B429D65,
0x6B8FE4D6,0x99F73FD6,0xA1D29C07,0xEFE830F5,0x4D2D38E6,0xF0255DC1,
0x4CDD2086,0x8470EB26,0x6382E9C6,0x021ECC5E,0x09686B3F,0x3EBAEFC9,
0x3C971814,0x6B6A70A1,0x687F3584,0x52A0E286,0xB79C5305,0xAA500737,
0x3E07841C,0x7FDEAE5C,0x8E7D44EC,0x5716F2B8,0xB03ADA37,0xF0500C0D,
0xF01C1F04,0x0200B3FF,0xAE0CF51A,0x3CB574B2,0x25837A58,0xDC0921BD,
0xD19113F9,0x7CA92FF6,0x94324773,0x22F54701,0x3AE5E581,0x37C2DADC,
0xC8B57634,0x9AF3DDA7,0xA9446146,0x0FD0030E,0xECC8C73E,0xA4751E41,
0xE238CD99,0x3BEA0E2F,0x3280BBA1,0x183EB331,0x4E548B38,0x4F6DB908,
0x6F420D03,0xF60A04BF,0x2CB81290,0x24977C79,0x5679B072,0xBCAF89AF,
0xDE9A771F,0xD9930810,0xB38BAE12,0xDCCF3F2E,0x5512721F,0x2E6B7124,
0x501ADDE6,0x9F84CD87,0x7A584718,0x7408DA17,0xBC9F9ABC,0xE94B7D8C,
0xEC7AEC3A,0xDB851DFA,0x63094366,0xC464C3D2,0xEF1C1847,0x3215D908,
0xDD433B37,0x24C2BA16,0x12A14D43,0x2A65C451,0x50940002,0x133AE4DD,
0x71DFF89E,0x10314E55,0x81AC77D6,0x5F11199B,0x043556F1,0xD7A3C76B,
0x3C11183B,0x5924A509,0xF28FE6ED,0x97F1FBFA,0x9EBABF2C,0x1E153C6E,
0x86E34570,0xEAE96FB1,0x860E5E0A,0x5A3E2AB3,0x771FE71C,0x4E3D06FA,
0x2965DCB9,0x99E71D0F,0x803E89D6,0x5266C825,0x2E4CC978,0x9C10B36A,
0xC6150EBA,0x94E2EA78,0xA5FC3C53,0x1E0A2DF4,0xF2F74EA7,0x361D2B3D,
0x1939260F,0x19C27960,0x5223A708,0xF71312B6,0xEBADFE6E,0xEAC31F66,
0xE3BC4595,0xA67BC883,0xB17F37D1,0x018CFF28,0xC332DDEF,0xBE6C5AA5,
0x65582185,0x68AB9802,0xEECEA50F,0xDB2F953B,0x2AEF7DAD,0x5B6E2F84,
0x1521B628,0x29076170,0xECDD4775,0x619F1510,0x13CCA830,0xEB61BD96,
0x0334FE1E,0xAA0363CF,0xB5735C90,0x4C70A239,0xD59E9E0B,0xCBAADE14,
0xEECC86BC,0x60622CA7,0x9CAB5CAB,0xB2F3846E,0x648B1EAF,0x19BDF0CA,
0xA02369B9,0x655ABB50,0x40685A32,0x3C2AB4B3,0x319EE9D5,0xC021B8F7,
0x9B540B19,0x875FA099,0x95F7997E,0x623D7DA8,0xF837889A,0x97E32D77,
0x11ED935F,0x16681281,0x0E358829,0xC7E61FD6,0x96DEDFA1,0x7858BA99,
0x57F584A5,0x1B227263,0x9B83C3FF,0x1AC24696,0xCDB30AEB,0x532E3054,
0x8FD948E4,0x6DBC3128,0x58EBF2EF,0x34C6FFEA,0xFE28ED61,0xEE7C3C73,
0x5D4A14D9,0xE864B7E3,0x42105D14,0x203E13E0,0x45EEE2B6,0xA3AAABEA,
0xDB6C4F15,0xFACB4FD0,0xC742F442,0xEF6ABBB5,0x654F3B1D,0x41CD2105,
0xD81E799E,0x86854DC7,0xE44B476A,0x3D816250,0xCF62A1F2,0x5B8D2646,
0xFC8883A0,0xC1C7B6A3,0x7F1524C3,0x69CB7492,0x47848A0B,0x5692B285,
0x095BBF00,0xAD19489D,0x1462B174,0x23820E00,0x58428D2A,0x0C55F5EA,
0x1DADF43E,0x233F7061,0x3372F092,0x8D937E41,0xD65FECF1,0x6C223BDB,
0x7CDE3759,0xCBEE7460,0x4085F2A7,0xCE77326E,0xA6078084,0x19F8509E,
0xE8EFD855,0x61D99735,0xA969A7AA,0xC50C06C2,0x5A04ABFC,0x800BCADC,
0x9E447A2E,0xC3453484,0xFDD56705,0x0E1E9EC9,0xDB73DBD3,0x105588CD,
0x675FDA79,0xE3674340,0xC5C43465,0x713E38D8,0x3D28F89E,0xF16DFF20,
0x153E21E7,0x8FB03D4A,0xE6E39F2B,0xDB83ADF7 };
static const u32 ks2[256] = {
0xE93D5A68,0x948140F7,0xF64C261C,0x94692934,0x411520F7,0x7602D4F7,
0xBCF46B2E,0xD4A20068,0xD4082471,0x3320F46A,0x43B7D4B7,0x500061AF,
0x1E39F62E,0x97244546,0x14214F74,0xBF8B8840,0x4D95FC1D,0x96B591AF,
0x70F4DDD3,0x66A02F45,0xBFBC09EC,0x03BD9785,0x7FAC6DD0,0x31CB8504,
0x96EB27B3,0x55FD3941,0xDA2547E6,0xABCA0A9A,0x28507825,0x530429F4,
0x0A2C86DA,0xE9B66DFB,0x68DC1462,0xD7486900,0x680EC0A4,0x27A18DEE,
0x4F3FFEA2,0xE887AD8C,0xB58CE006,0x7AF4D6B6,0xAACE1E7C,0xD3375FEC,
0xCE78A399,0x406B2A42,0x20FE9E35,0xD9F385B9,0xEE39D7AB,0x3B124E8B,
0x1DC9FAF7,0x4B6D1856,0x26A36631,0xEAE397B2,0x3A6EFA74,0xDD5B4332,
0x6841E7F7,0xCA7820FB,0xFB0AF54E,0xD8FEB397,0x454056AC,0xBA489527,
0x55533A3A,0x20838D87,0xFE6BA9B7,0xD096954B,0x55A867BC,0xA1159A58,
0xCCA92963,0x99E1DB33,0xA62A4A56,0x3F3125F9,0x5EF47E1C,0x9029317C,
0xFDF8E802,0x04272F70,0x80BB155C,0x05282CE3,0x95C11548,0xE4C66D22,
0x48C1133F,0xC70F86DC,0x07F9C9EE,0x41041F0F,0x404779A4,0x5D886E17,
0x325F51EB,0xD59BC0D1,0xF2BCC18F,0x41113564,0x257B7834,0x602A9C60,
0xDFF8E8A3,0x1F636C1B,0x0E12B4C2,0x02E1329E,0xAF664FD1,0xCAD18115,
0x6B2395E0,0x333E92E1,0x3B240B62,0xEEBEB922,0x85B2A20E,0xE6BA0D99,
0xDE720C8C,0x2DA2F728,0xD0127845,0x95B794FD,0x647D0862,0xE7CCF5F0,
0x5449A36F,0x877D48FA,0xC39DFD27,0xF33E8D1E,0x0A476341,0x992EFF74,
0x3A6F6EAB,0xF4F8FD37,0xA812DC60,0xA1EBDDF8,0x991BE14C,0xDB6E6B0D,
0xC67B5510,0x6D672C37,0x2765D43B,0xDCD0E804,0xF1290DC7,0xCC00FFA3,
0xB5390F92,0x690FED0B,0x667B9FFB,0xCEDB7D9C,0xA091CF0B,0xD9155EA3,
0xBB132F88,0x515BAD24,0x7B9479BF,0x763BD6EB,0x37392EB3,0xCC115979,
0x8026E297,0xF42E312D,0x6842ADA7,0xC66A2B3B,0x12754CCC,0x782EF11C,
0x6A124237,0xB79251E7,0x06A1BBE6,0x4BFB6350,0x1A6B1018,0x11CAEDFA,
0x3D25BDD8,0xE2E1C3C9,0x44421659,0x0A121386,0xD90CEC6E,0xD5ABEA2A,
0x64AF674E,0xDA86A85F,0xBEBFE988,0x64E4C3FE,0x9DBC8057,0xF0F7C086,
0x60787BF8,0x6003604D,0xD1FD8346,0xF6381FB0,0x7745AE04,0xD736FCCC,
0x83426B33,0xF01EAB71,0xB0804187,0x3C005E5F,0x77A057BE,0xBDE8AE24,
0x55464299,0xBF582E61,0x4E58F48F,0xF2DDFDA2,0xF474EF38,0x8789BDC2,
0x5366F9C3,0xC8B38E74,0xB475F255,0x46FCD9B9,0x7AEB2661,0x8B1DDF84,
0x846A0E79,0x915F95E2,0x466E598E,0x20B45770,0x8CD55591,0xC902DE4C,
0xB90BACE1,0xBB8205D0,0x11A86248,0x7574A99E,0xB77F19B6,0xE0A9DC09,
0x662D09A1,0xC4324633,0xE85A1F02,0x09F0BE8C,0x4A99A025,0x1D6EFE10,
0x1AB93D1D,0x0BA5A4DF,0xA186F20F,0x2868F169,0xDCB7DA83,0x573906FE,
0xA1E2CE9B,0x4FCD7F52,0x50115E01,0xA70683FA,0xA002B5C4,0x0DE6D027,
0x9AF88C27,0x773F8641,0xC3604C06,0x61A806B5,0xF0177A28,0xC0F586E0,
0x006058AA,0x30DC7D62,0x11E69ED7,0x2338EA63,0x53C2DD94,0xC2C21634,
0xBBCBEE56,0x90BCB6DE,0xEBFC7DA1,0xCE591D76,0x6F05E409,0x4B7C0188,
0x39720A3D,0x7C927C24,0x86E3725F,0x724D9DB9,0x1AC15BB4,0xD39EB8FC,
0xED545578,0x08FCA5B5,0xD83D7CD3,0x4DAD0FC4,0x1E50EF5E,0xB161E6F8,
0xA28514D9,0x6C51133C,0x6FD5C7E7,0x56E14EC4,0x362ABFCE,0xDDC6C837,
0xD79A3234,0x92638212,0x670EFA8E,0x406000E0 };
static const u32 ks3[256] = {
0x3A39CE37,0xD3FAF5CF,0xABC27737,0x5AC52D1B,0x5CB0679E,0x4FA33742,
0xD3822740,0x99BC9BBE,0xD5118E9D,0xBF0F7315,0xD62D1C7E,0xC700C47B,
0xB78C1B6B,0x21A19045,0xB26EB1BE,0x6A366EB4,0x5748AB2F,0xBC946E79,
0xC6A376D2,0x6549C2C8,0x530FF8EE,0x468DDE7D,0xD5730A1D,0x4CD04DC6,
0x2939BBDB,0xA9BA4650,0xAC9526E8,0xBE5EE304,0xA1FAD5F0,0x6A2D519A,
0x63EF8CE2,0x9A86EE22,0xC089C2B8,0x43242EF6,0xA51E03AA,0x9CF2D0A4,
0x83C061BA,0x9BE96A4D,0x8FE51550,0xBA645BD6,0x2826A2F9,0xA73A3AE1,
0x4BA99586,0xEF5562E9,0xC72FEFD3,0xF752F7DA,0x3F046F69,0x77FA0A59,
0x80E4A915,0x87B08601,0x9B09E6AD,0x3B3EE593,0xE990FD5A,0x9E34D797,
0x2CF0B7D9,0x022B8B51,0x96D5AC3A,0x017DA67D,0xD1CF3ED6,0x7C7D2D28,
0x1F9F25CF,0xADF2B89B,0x5AD6B472,0x5A88F54C,0xE029AC71,0xE019A5E6,
0x47B0ACFD,0xED93FA9B,0xE8D3C48D,0x283B57CC,0xF8D56629,0x79132E28,
0x785F0191,0xED756055,0xF7960E44,0xE3D35E8C,0x15056DD4,0x88F46DBA,
0x03A16125,0x0564F0BD,0xC3EB9E15,0x3C9057A2,0x97271AEC,0xA93A072A,
0x1B3F6D9B,0x1E6321F5,0xF59C66FB,0x26DCF319,0x7533D928,0xB155FDF5,
0x03563482,0x8ABA3CBB,0x28517711,0xC20AD9F8,0xABCC5167,0xCCAD925F,
0x4DE81751,0x3830DC8E,0x379D5862,0x9320F991,0xEA7A90C2,0xFB3E7BCE,
0x5121CE64,0x774FBE32,0xA8B6E37E,0xC3293D46,0x48DE5369,0x6413E680,
0xA2AE0810,0xDD6DB224,0x69852DFD,0x09072166,0xB39A460A,0x6445C0DD,
0x586CDECF,0x1C20C8AE,0x5BBEF7DD,0x1B588D40,0xCCD2017F,0x6BB4E3BB,
0xDDA26A7E,0x3A59FF45,0x3E350A44,0xBCB4CDD5,0x72EACEA8,0xFA6484BB,
0x8D6612AE,0xBF3C6F47,0xD29BE463,0x542F5D9E,0xAEC2771B,0xF64E6370,
0x740E0D8D,0xE75B1357,0xF8721671,0xAF537D5D,0x4040CB08,0x4EB4E2CC,
0x34D2466A,0x0115AF84,0xE1B00428,0x95983A1D,0x06B89FB4,0xCE6EA048,
0x6F3F3B82,0x3520AB82,0x011A1D4B,0x277227F8,0x611560B1,0xE7933FDC,
0xBB3A792B,0x344525BD,0xA08839E1,0x51CE794B,0x2F32C9B7,0xA01FBAC9,
0xE01CC87E,0xBCC7D1F6,0xCF0111C3,0xA1E8AAC7,0x1A908749,0xD44FBD9A,
0xD0DADECB,0xD50ADA38,0x0339C32A,0xC6913667,0x8DF9317C,0xE0B12B4F,
0xF79E59B7,0x43F5BB3A,0xF2D519FF,0x27D9459C,0xBF97222C,0x15E6FC2A,
0x0F91FC71,0x9B941525,0xFAE59361,0xCEB69CEB,0xC2A86459,0x12BAA8D1,
0xB6C1075E,0xE3056A0C,0x10D25065,0xCB03A442,0xE0EC6E0E,0x1698DB3B,
0x4C98A0BE,0x3278E964,0x9F1F9532,0xE0D392DF,0xD3A0342B,0x8971F21E,
0x1B0A7441,0x4BA3348C,0xC5BE7120,0xC37632D8,0xDF359F8D,0x9B992F2E,
0xE60B6F47,0x0FE3F11D,0xE54CDA54,0x1EDAD891,0xCE6279CF,0xCD3E7E6F,
0x1618B166,0xFD2C1D05,0x848FD2C5,0xF6FB2299,0xF523F357,0xA6327623,
0x93A83531,0x56CCCD02,0xACF08162,0x5A75EBB5,0x6E163697,0x88D273CC,
0xDE966292,0x81B949D0,0x4C50901B,0x71C65614,0xE6C6C7BD,0x327A140A,
0x45E1D006,0xC3F27B9A,0xC9AA53FD,0x62A80F00,0xBB25BFE2,0x35BDD2F6,
0x71126905,0xB2040222,0xB6CBCF7C,0xCD769C2B,0x53113EC0,0x1640E3D3,
0x38ABBD60,0x2547ADF0,0xBA38209C,0xF746CE76,0x77AFA1C5,0x20756060,
0x85CBFE4E,0x8AE88DD8,0x7AAAF9B0,0x4CF9AA7E,0x1948C25C,0x02FB8A8C,
0x01C36AE4,0xD6EBE1F9,0x90D4F869,0xA65CDEA0,0x3F09252D,0xC208E69F,
0xB74E6132,0xCE77E25B,0x578FDFE3,0x3AC372E6 };
static const u32 ps[BLOWFISH_ROUNDS+2] = {
0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,0xA4093822,0x299F31D0,
0x082EFA98,0xEC4E6C89,0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917,0x9216D5D9,0x8979FB1B };
#if BLOWFISH_ROUNDS != 16
static inline u32
function_F( BLOWFISH_context *bc, u32 x )
{
u16 a, b, c, d;
#ifdef BIG_ENDIAN_HOST
a = ((byte*)&x)[0];
b = ((byte*)&x)[1];
c = ((byte*)&x)[2];
d = ((byte*)&x)[3];
#else
a = ((byte*)&x)[3];
b = ((byte*)&x)[2];
c = ((byte*)&x)[1];
d = ((byte*)&x)[0];
#endif
return ((bc->s0[a] + bc->s1[b]) ^ bc->s2[c] ) + bc->s3[d];
}
#endif
#ifdef BIG_ENDIAN_HOST
#define F(x) ((( s0[((byte*)&x)[0]] + s1[((byte*)&x)[1]]) \
^ s2[((byte*)&x)[2]]) + s3[((byte*)&x)[3]] )
#else
#define F(x) ((( s0[((byte*)&x)[3]] + s1[((byte*)&x)[2]]) \
^ s2[((byte*)&x)[1]]) + s3[((byte*)&x)[0]] )
#endif
#define R(l,r,i) do { l ^= p[i]; r ^= F(l); } while(0)
static void
encrypt( BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
{
#if BLOWFISH_ROUNDS == 16
u32 xl, xr, *s0, *s1, *s2, *s3, *p;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
s0 = bc->s0;
s1 = bc->s1;
s2 = bc->s2;
s3 = bc->s3;
R( xl, xr, 0);
R( xr, xl, 1);
R( xl, xr, 2);
R( xr, xl, 3);
R( xl, xr, 4);
R( xr, xl, 5);
R( xl, xr, 6);
R( xr, xl, 7);
R( xl, xr, 8);
R( xr, xl, 9);
R( xl, xr, 10);
R( xr, xl, 11);
R( xl, xr, 12);
R( xr, xl, 13);
R( xl, xr, 14);
R( xr, xl, 15);
xl ^= p[BLOWFISH_ROUNDS];
xr ^= p[BLOWFISH_ROUNDS+1];
*ret_xl = xr;
*ret_xr = xl;
#else
u32 xl, xr, temp, *p;
int i;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
for(i=0; i < BLOWFISH_ROUNDS; i++ ) {
xl ^= p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
temp = xl;
xl = xr;
xr = temp;
xr ^= p[BLOWFISH_ROUNDS];
xl ^= p[BLOWFISH_ROUNDS+1];
*ret_xl = xl;
*ret_xr = xr;
#endif
}
static void
decrypt( BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
{
#if BLOWFISH_ROUNDS == 16
u32 xl, xr, *s0, *s1, *s2, *s3, *p;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
s0 = bc->s0;
s1 = bc->s1;
s2 = bc->s2;
s3 = bc->s3;
R( xl, xr, 17);
R( xr, xl, 16);
R( xl, xr, 15);
R( xr, xl, 14);
R( xl, xr, 13);
R( xr, xl, 12);
R( xl, xr, 11);
R( xr, xl, 10);
R( xl, xr, 9);
R( xr, xl, 8);
R( xl, xr, 7);
R( xr, xl, 6);
R( xl, xr, 5);
R( xr, xl, 4);
R( xl, xr, 3);
R( xr, xl, 2);
xl ^= p[1];
xr ^= p[0];
*ret_xl = xr;
*ret_xr = xl;
#else
u32 xl, xr, temp, *p;
int i;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
for(i=BLOWFISH_ROUNDS+1; i > 1; i-- ) {
xl ^= p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
temp = xl;
xl = xr;
xr = temp;
xr ^= p[1];
xl ^= p[0];
*ret_xl = xl;
*ret_xr = xr;
#endif
}
#undef F
#undef R
void
des_encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
encrypt( bc, &d1, &d2 );
outbuf[0] = (d1 >> 24) & 0xff;
outbuf[1] = (d1 >> 16) & 0xff;
outbuf[2] = (d1 >> 8) & 0xff;
outbuf[3] = d1 & 0xff;
outbuf[4] = (d2 >> 24) & 0xff;
outbuf[5] = (d2 >> 16) & 0xff;
outbuf[6] = (d2 >> 8) & 0xff;
outbuf[7] = d2 & 0xff;
}
void
des_decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
decrypt( bc, &d1, &d2 );
outbuf[0] = (d1 >> 24) & 0xff;
outbuf[1] = (d1 >> 16) & 0xff;
outbuf[2] = (d1 >> 8) & 0xff;
outbuf[3] = d1 & 0xff;
outbuf[4] = (d2 >> 24) & 0xff;
outbuf[5] = (d2 >> 16) & 0xff;
outbuf[6] = (d2 >> 8) & 0xff;
outbuf[7] = d2 & 0xff;
}
static void
selftest()
{
BLOWFISH_context c;
byte plain[] = "BLOWFISH";
byte buffer[8];
byte plain3[] = { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 };
byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 };
blowfish_setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
blowfish_encrypt_block( &c, buffer, plain );
if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) )
log_error("wrong blowfish encryption\n");
blowfish_decrypt_block( &c, buffer, buffer );
if( memcmp( buffer, plain, 8 ) )
log_bug("blowfish failed\n");
blowfish_setkey( &c, key3, 8 );
blowfish_encrypt_block( &c, buffer, plain3 );
if( memcmp( buffer, cipher3, 8 ) )
log_error("wrong blowfish encryption (3)\n");
blowfish_decrypt_block( &c, buffer, buffer );
if( memcmp( buffer, plain3, 8 ) )
log_bug("blowfish failed (3)\n");
}
void
des_3des_setkey( DES_context *c, byte *key, unsigned keylen )
{
c->tripledes = 1;
}
void
des_setkey( DES_context *c, byte *key, unsigned keylen )
{
int i, j;
u32 data, datal, datar;
static int initialized;
if( !initialized ) {
initialized = 1;
selftest();
}
c->tripledes = 0;
for(i=0; i < BLOWFISH_ROUNDS+2; i++ )
c->p[i] = ps[i];
for(i=0; i < 256; i++ ) {
c->s0[i] = ks0[i];
c->s1[i] = ks1[i];
c->s2[i] = ks2[i];
c->s3[i] = ks3[i];
}
for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) {
#ifdef BIG_ENDIAN_HOST
((byte*)&data)[0] = key[j];
((byte*)&data)[1] = key[(j+1)%keylen];
((byte*)&data)[2] = key[(j+2)%keylen];
((byte*)&data)[3] = key[(j+3)%keylen];
#else
((byte*)&data)[3] = key[j];
((byte*)&data)[2] = key[(j+1)%keylen];
((byte*)&data)[1] = key[(j+2)%keylen];
((byte*)&data)[0] = key[(j+3)%keylen];
#endif
c->p[i] ^= data;
j = (j+4) % keylen;
}
datal = datar = 0;
for(i=0; i < BLOWFISH_ROUNDS+2; i += 2 ) {
encrypt( c, &datal, &datar );
c->p[i] = datal;
c->p[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s0[i] = datal;
c->s0[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s1[i] = datal;
c->s1[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s2[i] = datal;
c->s2[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s3[i] = datal;
c->s3[i+1] = datar;
}
}

37
cipher/des.h Normal file
View File

@ -0,0 +1,37 @@
/* des.h
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_DES_H
#define G10_DES_H
#include "types.h"
#define DES_BLOCKSIZE 8
#define DES_ROUNDS 16
typedef struct {
int tripledes;
} DES_context;
void des_setkey( DES_context *c, byte *key, unsigned keylen );
void des_3des_setkey( DES_context *c, byte *key, unsigned keylen );
void des_encrypt_block( DES_context *bc, byte *outbuf, byte *inbuf );
void des_decrypt_block( DES_context *bc, byte *outbuf, byte *inbuf );
#endif /*G10_DES_H*/

8
cipher/misc.c
View File

@ -31,8 +31,9 @@ static struct { const char *name; int algo;} pubkey_names[] = {
{ "RSA", PUBKEY_ALGO_RSA },
{ "RSA-E", PUBKEY_ALGO_RSA_E },
{ "RSA-S", PUBKEY_ALGO_RSA_S },
{ "ELGAMAL", PUBKEY_ALGO_ELGAMAL },
{ "ELG", PUBKEY_ALGO_ELGAMAL },
{ "ELG-E", PUBKEY_ALGO_ELGAMAL_E },
{ "ELGAMAL", PUBKEY_ALGO_ELGAMAL },
{ "DSA", PUBKEY_ALGO_DSA },
{NULL} };
@ -76,6 +77,11 @@ pubkey_algo_to_string( int algo )
{
int i;
if( is_ELGAMAL(algo) )
algo = PUBKEY_ALGO_ELGAMAL;
else if( is_RSA(algo) )
algo = PUBKEY_ALGO_RSA;
for(i=0; pubkey_names[i].name; i++ )
if( pubkey_names[i].algo == algo )
return pubkey_names[i].name;

26
doc/DETAILS
View File

@ -11,6 +11,32 @@
to keep them small.
Key generation shows progress by printing different characters to
stderr:
"." Last 10 Miller-Rabin tests failed
"+" Miller-Rabin test succeeded
"!" Reloading the pool with fresh prime numbers
"^" Checking a new value for the generator
"<" Size of one factor decreased
">" Size of one factor increased
The prime number for ElGamal is generated this way:
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize)
2) Select the length of the other prime factors to be at least the size
of q and calculate the number of prime factors needed
3) Make a pool of prime numbers, each of the length determined in step 2
4) Get a new permutation out of the pool or continue with step 3
if we have tested all permutations.
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
6) Check that this prime has the correct length (this may change q if
it seems not to be possible to make a prime of the desired length)
7) Check whether this is a prime using trial divisions and the
Miller-Rabin test.
8) Continue with step 4 if we did not find a prime in step 7.
9) Find a generator for that prime.
Layout of the TrustDB

40
g10/ChangeLog
View File

@ -1,3 +1,43 @@
Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (query_trust_info): New.
* keylist.c (list_one): Add output of trust info
* mainproc (list_node): ditto.
* g10.c (main): full trustdb init if -with-colons and any of the
key list modes.
Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* status.c (STATUS_RSA_OR_IDEA): New.
* sig-check.c (check_signature): Output special status message.
* pubkey-enc.c (get_session_key): Ditto.
* mainproc.c (check_sig_and_print): Changed format of output.
* passpharse.c (passphrase_to_dek): Likewise.
Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aListSecretKeys): New option --list-secret-keys
* keylist.c (std_key_list): Renamed to public_key_list.
(secret_key_list): New
(list_one, list_all): Add support for secret keys.
* getkey.c (get_secret_keyring): New.
* mainproc.c (list_node): Add option --with-colons for secret keys
* sig-check.c (check_key_signature): detection of selfsigs
* mainproc.c (list_node): fixed listing.
* g10.c (aListSecretKeys): New option --always-trust
* pkclist.c (do_we_trust): Override per option added
* status.c (write_status_text): Add a prefix to every output line.
Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10 (--compress-keys): New.
* options.h (compress_keys): New.
* export.c (export_pubkeys): Only compresses with the new option.
Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* passphrase.c (get_last_passphrase): New

3
g10/Makefile.am
View File

@ -5,7 +5,8 @@ EXTRA_DIST = OPTIONS pubring.asc
OMIT_DEPENDENCIES = zlib.h zconf.h
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
bin_PROGRAMS = gpg gpgm gpgd
noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgm
common_source = \
build-packet.c \

40
g10/Makefile.in
View File

@ -97,7 +97,8 @@ EXTRA_DIST = OPTIONS pubring.asc
OMIT_DEPENDENCIES = zlib.h zconf.h
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
bin_PROGRAMS = gpg gpgm gpgd
noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgm
common_source = \
build-packet.c \
@ -166,7 +167,7 @@ gpgm_LDADD = g10maint.o $(LDADD)
mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs
CONFIG_HEADER = ../config.h
CONFIG_CLEAN_FILES =
PROGRAMS = $(bin_PROGRAMS)
PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
DEFS = @DEFS@ -I. -I$(srcdir) -I..
@ -267,6 +268,15 @@ uninstall-binPROGRAMS:
rm -f $(bindir)/`echo $$p|sed '$(transform)'`; \
done
mostlyclean-noinstPROGRAMS:
clean-noinstPROGRAMS:
-test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
distclean-noinstPROGRAMS:
maintainer-clean-noinstPROGRAMS:
.s.o:
$(COMPILE) -c $<
@ -398,25 +408,31 @@ distclean-generic:
maintainer-clean-generic:
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
mostlyclean: mostlyclean-binPROGRAMS mostlyclean-compile \
mostlyclean-tags mostlyclean-depend mostlyclean-generic
mostlyclean: mostlyclean-binPROGRAMS mostlyclean-noinstPROGRAMS \
mostlyclean-compile mostlyclean-tags mostlyclean-depend \
mostlyclean-generic
clean: clean-binPROGRAMS clean-compile clean-tags clean-depend \
clean-generic mostlyclean
clean: clean-binPROGRAMS clean-noinstPROGRAMS clean-compile clean-tags \
clean-depend clean-generic mostlyclean
distclean: distclean-binPROGRAMS distclean-compile distclean-tags \
distclean-depend distclean-generic clean
distclean: distclean-binPROGRAMS distclean-noinstPROGRAMS \
distclean-compile distclean-tags distclean-depend \
distclean-generic clean
-rm -f config.status
maintainer-clean: maintainer-clean-binPROGRAMS maintainer-clean-compile \
maintainer-clean-tags maintainer-clean-depend \
maintainer-clean-generic distclean
maintainer-clean: maintainer-clean-binPROGRAMS \
maintainer-clean-noinstPROGRAMS \
maintainer-clean-compile maintainer-clean-tags \
maintainer-clean-depend maintainer-clean-generic \
distclean
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
.PHONY: default mostlyclean-binPROGRAMS distclean-binPROGRAMS \
clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \
install-binPROGRAMS mostlyclean-compile distclean-compile clean-compile \
install-binPROGRAMS mostlyclean-noinstPROGRAMS distclean-noinstPROGRAMS \
clean-noinstPROGRAMS maintainer-clean-noinstPROGRAMS \
mostlyclean-compile distclean-compile clean-compile \
maintainer-clean-compile tags mostlyclean-tags distclean-tags \
clean-tags maintainer-clean-tags distdir mostlyclean-depend \
distclean-depend clean-depend maintainer-clean-depend info dvi \

14
g10/OPTIONS
View File

@ -38,3 +38,17 @@ sign-key
store
# simply packs the input data into a rfc1991 packet format
list-secret-keys
#
#-----------------------------------------------
#--- options
#-----------------------------------------------
compress-keys
# compress exported key, compress level is still set with "-z" and
# algorithm with --compress-algo" - Default is to not compress keys, as
# this is better for interoperability.

2
g10/export.c
View File

@ -67,7 +67,7 @@ export_pubkeys( STRLIST users )
afx.what = 1;
iobuf_push_filter( out, armor_filter, &afx );
}
if( opt.compress )
if( opt.compress_keys && opt.compress )
iobuf_push_filter( out, compress_filter, &zfx );
if( all ) {

24
g10/g10.c
View File

@ -64,6 +64,7 @@ static ARGPARSE_OPTS opts[] = {
{ 552, "list-sigs", 0, N_("list keys and signatures")},
{ 508, "check-sigs",0, N_("check key signatures")},
{ 515, "fingerprint", 0, N_("list keys and fingerprints")},
{ 558, "list-secret-keys", 0, N_("list secret keys")},
#ifdef IS_G10
{ 503, "gen-key", 0, N_("generate a new key pair")},
{ 554, "add-key", 0, N_("add a subkey to a key pair")},
@ -87,8 +88,8 @@ static ARGPARSE_OPTS opts[] = {
{ 301, NULL, 0, N_("@\nOptions:\n ") },
#ifdef IS_G10
{ 'a', "armor", 0, N_("create ascii armored output")},
#ifdef IS_G10
{ 'u', "local-user",2, N_("use this user-id to sign or decrypt")},
{ 'r', "remote-user", 2, N_("use this user-id for encryption")},
{ 'z', NULL, 1, N_("|N|set compress level N (0 disables)") },
@ -159,6 +160,8 @@ static ARGPARSE_OPTS opts[] = {
{ 552, "list-sig", 0, "@" }, /* alias */
{ 508, "check-sig",0, "@" }, /* alias */
{ 553, "skip-verify",0, "@" },
{ 557, "compress-keys",0, "@"},
{ 559, "always-trust", 0, "@"},
{0} };
@ -169,7 +172,7 @@ enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey, aDeleteSecretKey,
aKMode, aKModeC, aChangePass, aImport, aVerify, aDecrypt, aListKeys,
aListSigs, aKeyadd,
aListSigs, aKeyadd, aListSecretKeys,
aExport, aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs,
aListTrustDB, aListTrustPath, aDeArmor, aEnArmor, aGenRandom, aTest,
aNOP };
@ -474,8 +477,8 @@ main( int argc, char **argv )
&pargs, opts) ) {
switch( pargs.r_opt ) {
#ifdef IS_G10
case 'a': opt.armor = 1; opt.no_armor=0; break;
#ifdef IS_G10
case 'b': detached_sig = 1; set_cmd( &cmd, aSign ); break;
case 'c': set_cmd( &cmd, aSym); break;
case 'd': set_cmd( &cmd, aDecrypt); break;
@ -580,6 +583,9 @@ main( int argc, char **argv )
case 553: opt.skip_verify=1; break;
case 554: set_cmd( &cmd, aKeyadd); break;
case 556: opt.def_compress_algo = pargs.r.ret_int; break;
case 557: opt.compress_keys = 1; break;
case 558: set_cmd( &cmd, aListSecretKeys); break;
case 559: opt.always_trust = 1; break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}
@ -668,7 +674,10 @@ main( int argc, char **argv )
break;
case aKMode:
case aListKeys:
case aListSecretKeys:
case aCheckKeys:
if( opt.with_colons ) /* need this to list the trust */
rc = init_trustdb(1, trustdb_name );
break;
case aListTrustDB: rc = init_trustdb( argc? 1:0, trustdb_name ); break;
default: rc = init_trustdb(1, trustdb_name ); break;
@ -796,12 +805,15 @@ main( int argc, char **argv )
case aListSigs:
opt.list_sigs = 1;
case aListKeys:
std_key_list( argc, argv );
public_key_list( argc, argv );
break;
case aListSecretKeys:
secret_key_list( argc, argv );
break;
case aKMode: /* list keyring */
if( argc < 2 ) /* -kv [userid] */
std_key_list( (argc && **argv)? 1:0, argv );
public_key_list( (argc && **argv)? 1:0, argv );
else if( argc == 2 ) { /* -kv userid keyring */
if( access( argv[1], R_OK ) ) {
log_error(_("can't open %s: %s\n"),
@ -811,7 +823,7 @@ main( int argc, char **argv )
/* add keyring (default keyrings are not registered in this
* special case */
add_keyring( argv[1] );
std_key_list( **argv?1:0, argv );
public_key_list( **argv?1:0, argv );
}
}
else

10
g10/getkey.c
View File

@ -123,6 +123,16 @@ get_keyring( int sequence )
return sl? sl->d : NULL;
}
const char *
get_secret_keyring( int sequence )
{
STRLIST sl;
for(sl = secret_keyrings; sl && sequence; sl = sl->next, sequence-- )
;
return sl? sl->d : NULL;
}
void
add_secret_keyring( const char *name )

1
g10/keydb.h
View File

@ -104,6 +104,7 @@ char *get_last_passphrase(void);
/*-- getkey.c --*/
void add_keyring( const char *name );
const char *get_keyring( int sequence );
const char *get_secret_keyring( int sequence );
void add_secret_keyring( const char *name );
int get_pubkey( PKT_public_cert *pkc, u32 *keyid );
int get_pubkey_byname( PKT_public_cert *pkc, const char *name );

151
g10/keylist.c
View File

@ -35,9 +35,9 @@
#include "main.h"
#include "i18n.h"
static void list_all(void);
static void list_one(const char *name);
static void fingerprint( PKT_public_cert *pkc );
static void list_all(int);
static void list_one(const char *name, int secret);
static void fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc );
/****************
@ -45,25 +45,36 @@ static void fingerprint( PKT_public_cert *pkc );
* If NNAMES is 0; all available keys are listed
*/
void
std_key_list( int nnames, char **names )
public_key_list( int nnames, char **names )
{
if( !nnames )
list_all();
list_all(0);
else { /* List by user id */
for( ; nnames ; nnames--, names++ )
list_one( *names );
list_one( *names, 0 );
}
}
void
secret_key_list( int nnames, char **names )
{
if( !nnames )
list_all(1);
else { /* List by user id */
for( ; nnames ; nnames--, names++ )
list_one( *names, 1 );
}
}
static void
list_all()
list_all( int secret )
{
int i, seq=0;
const char *s;
IOBUF a;
while( (s=get_keyring(seq++)) ) {
while( (s=secret? get_secret_keyring(seq++):get_keyring(seq++)) ) {
if( !(a = iobuf_open(s)) ) {
log_error(_("can't open %s: %s\n"), s, strerror(errno));
continue;
@ -80,9 +91,8 @@ list_all()
}
}
static void
list_one( const char *name )
list_one( const char *name, int secret )
{
int rc = 0;
KBNODE keyblock = NULL;
@ -90,11 +100,14 @@ list_one( const char *name )
KBNODE node;
KBPOS kbpos;
PKT_public_cert *pkc;
PKT_secret_cert *skc;
u32 keyid[2];
int any=0;
int trustletter = 0;
/* search the userid */
rc = find_keyblock_byname( &kbpos, name );
rc = secret? find_secret_keyblock_byname( &kbpos, name )
: find_keyblock_byname( &kbpos, name );
if( rc ) {
log_error("%s: user not found\n", name );
goto leave;
@ -109,29 +122,55 @@ list_one( const char *name )
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
node = find_kbnode( keyblock, secret? PKT_SECRET_CERT : PKT_PUBLIC_CERT );
if( !node ) {
log_error("Oops; public key lost!\n");
log_error("Oops; key lost!\n");
goto leave;
}
pkc = node->pkt->pkt.public_cert;
keyid_from_pkc( pkc, keyid );
if( opt.with_colons )
printf("pub::%u:%d:%08lX%08lX:%s:%u:::",
/* fixme: add trust value here */
nbits_from_pkc( pkc ),
pkc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_pkc( pkc ),
(unsigned)pkc->valid_days
/* fixme: add LID and ownertrust here */
);
else
printf("pub %4u%c/%08lX %s ", nbits_from_pkc( pkc ),
pubkey_letter( pkc->pubkey_algo ),
(ulong)keyid[1],
datestr_from_pkc( pkc ) );
if( secret ) {
pkc = NULL;
skc = node->pkt->pkt.secret_cert;
keyid_from_skc( skc, keyid );
if( opt.with_colons )
printf("sec::%u:%d:%08lX%08lX:%s:%u:::",
nbits_from_skc( skc ),
skc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_skc( skc ),
(unsigned)skc->valid_days
/* fixme: add LID here */ );
else
printf("sec %4u%c/%08lX %s ", nbits_from_skc( skc ),
pubkey_letter( skc->pubkey_algo ),
(ulong)keyid[1],
datestr_from_skc( skc ) );
}
else {
pkc = node->pkt->pkt.public_cert;
skc = NULL;
keyid_from_pkc( pkc, keyid );
if( opt.with_colons ) {
trustletter = query_trust_info( pkc );
printf("pub:%c:%u:%d:%08lX%08lX:%s:%u:",
trustletter,
nbits_from_pkc( pkc ),
pkc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_pkc( pkc ),
(unsigned)pkc->valid_days );
if( pkc->local_id )
printf("%lu", pkc->local_id );
putchar(':');
/* fixme: add ownertrust here */
putchar(':');
}
else
printf("pub %4u%c/%08lX %s ", nbits_from_pkc( pkc ),
pubkey_letter( pkc->pubkey_algo ),
(ulong)keyid[1],
datestr_from_pkc( pkc ) );
}
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
if( node->pkt->pkttype == PKT_USER_ID ) {
@ -148,7 +187,7 @@ list_one( const char *name )
putchar('\n');
if( !any ) {
if( opt.fingerprint )
fingerprint( pkc );
fingerprint( pkc, skc );
any = 1;
}
}
@ -159,14 +198,14 @@ list_one( const char *name )
if( !any ) {
putchar('\n');
if( opt.fingerprint )
fingerprint( pkc ); /* of the main key */
fingerprint( pkc, skc ); /* of the main key */
any = 1;
}
keyid_from_pkc( pkc2, keyid2 );
if( opt.with_colons )
printf("sub::%u:%d:%08lX%08lX:%s:%u:::\n",
/* fixme: add trust value here */
if( opt.with_colons ) {
printf("sub:%c:%u:%d:%08lX%08lX:%s:%u:",
trustletter,
nbits_from_pkc( pkc2 ),
pkc2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
@ -174,12 +213,45 @@ list_one( const char *name )
(unsigned)pkc2->valid_days
/* fixme: add LID and ownertrust here */
);
if( pkc->local_id ) /* use the local_id of the main key??? */
printf("%lu", pkc->local_id );
putchar(':');
putchar(':');
putchar('\n');
}
else
printf("sub %4u%c/%08lX %s\n", nbits_from_pkc( pkc2 ),
pubkey_letter( pkc2->pubkey_algo ),
(ulong)keyid2[1],
datestr_from_pkc( pkc2 ) );
}
else if( node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
u32 keyid2[2];
PKT_secret_cert *skc2 = node->pkt->pkt.secret_cert;
if( !any ) {
putchar('\n');
if( opt.fingerprint )
fingerprint( pkc, skc ); /* of the main key */
any = 1;
}
keyid_from_skc( skc2, keyid2 );
if( opt.with_colons )
printf("ssb::%u:%d:%08lX%08lX:%s:%u:::\n",
nbits_from_skc( skc2 ),
skc2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
datestr_from_skc( skc2 ),
(unsigned)skc2->valid_days
/* fixme: add LID */
);
else
printf("ssb %4u%c/%08lX %s\n", nbits_from_skc( skc2 ),
pubkey_letter( skc2->pubkey_algo ),
(ulong)keyid2[1],
datestr_from_skc( skc2 ) );
}
else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
int sigrc;
@ -187,10 +259,12 @@ list_one( const char *name )
if( !any ) { /* no user id, (maybe a revocation follows)*/
if( sig->sig_class == 0x20 )
puts("[revoked]");
else if( sig->sig_class == 0x18 )
puts("[key binding]");
else
putchar('\n');
if( opt.fingerprint )
fingerprint( pkc );
fingerprint( pkc, skc );
any=1;
}
@ -259,12 +333,13 @@ list_one( const char *name )
}
static void
fingerprint( PKT_public_cert *pkc )
fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc )
{
byte *array, *p;
size_t i, n;
p = array = fingerprint_from_pkc( pkc, &n );
p = array = pkc? fingerprint_from_pkc( pkc, &n )
: fingerprint_from_skc( skc, &n );
if( opt.with_colons ) {
printf("fpr:::::::::");
for(i=0; i < n ; i++, p++ )

3
g10/main.h
View File

@ -117,7 +117,8 @@ int enarmor_file( const char *fname );
int gen_revoke( const char *uname );
/*-- keylist.c --*/
void std_key_list( int nnames, char **names );
void public_key_list( int nnames, char **names );
void secret_key_list( int nnames, char **names );
/*-- verify.c --*/
int verify_signatures( int nfiles, char **files );

229
g10/mainproc.c
View File

@ -23,6 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <time.h>
#include "packet.h"
#include "iobuf.h"
@ -35,7 +36,8 @@
#include "cipher.h"
#include "main.h"
#include "status.h"
#include "i18n.h"
#include "trustdb.h"
/****************
* Structure to hold the context
@ -54,6 +56,8 @@ typedef struct {
KBNODE list; /* the current list of packets */
int have_data;
IOBUF iobuf; /* used to get the filename etc. */
int trustletter; /* temp usage in list_node */
ulong local_id; /* ditto */
} *CTX;
@ -188,8 +192,9 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
if( opt.verbose > 1 )
log_info( "pubkey_enc packet: Good DEK\n" );
}
else
log_error( "pubkey_enc packet: %s\n", g10_errstr(result));
else {
log_error(_("public key decryption failed: %s\n"), g10_errstr(result));
}
free_packet(pkt);
}
@ -213,10 +218,10 @@ proc_encrypted( CTX c, PACKET *pkt )
;
else if( !result ) {
if( opt.verbose > 1 )
log_info("encryption okay\n");
log_info("decryption okay\n");
}
else {
log_error("encryption failed: %s\n", g10_errstr(result));
log_error(_("decryption failed: %s\n"), g10_errstr(result));
}
free_packet(pkt);
c->last_was_session_key = 0;
@ -238,7 +243,7 @@ proc_plaintext( CTX c, PACKET *pkt )
* textmode filter (sigclass 0x01)
*/
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0);
md_start_debug(c->mfx.md, "proc_plaintext");
/*md_start_debug(c->mfx.md, "proc_plaintext");*/
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
md_enable( c->mfx.md, DIGEST_ALGO_TIGER );
@ -289,13 +294,15 @@ proc_compressed( CTX c, PACKET *pkt )
* Returns: 0 = valid signature or an error code
*/
static int
do_check_sig( CTX c, KBNODE node )
do_check_sig( CTX c, KBNODE node, int *is_selfsig )
{
PKT_signature *sig;
MD_HANDLE md;
int algo, rc;
assert( node->pkt->pkttype == PKT_SIGNATURE );
if( is_selfsig )
*is_selfsig = 0;
sig = node->pkt->pkt.signature;
algo = sig->digest_algo;
@ -324,7 +331,7 @@ do_check_sig( CTX c, KBNODE node )
|| sig->sig_class == 0x30 ) { /* classes 0x10..0x17,0x20,0x30 */
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT
|| c->list->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
return check_key_signature( c->list, node, NULL );
return check_key_signature( c->list, node, is_selfsig );
}
else {
log_error("invalid root packet for sigclass %02x\n",
@ -411,16 +418,23 @@ list_node( CTX c, KBNODE node )
if( opt.with_colons ) {
u32 keyid[2];
keyid_from_pkc( pkc, keyid );
printf("%s::%u:%d:%08lX%08lX:%s:%u:::",
if( mainkey ) {
c->local_id = pkc->local_id;
c->trustletter = query_trust_info( pkc );
}
printf("%s:%c:%u:%d:%08lX%08lX:%s:%u:",
mainkey? "pub":"sub",
/* fixme: add trust value here */
c->trustletter,
nbits_from_pkc( pkc ),
pkc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_pkc( pkc ),
(unsigned)pkc->valid_days
/* fixme: add LID and ownertrust here */
);
(unsigned)pkc->valid_days );
if( c->local_id )
printf("%lu", c->local_id );
putchar(':');
/* fixme: add ownertrust here */
putchar(':');
}
else
printf("%s %4u%c/%08lX %s ",
@ -429,79 +443,112 @@ list_node( CTX c, KBNODE node )
pubkey_letter( pkc->pubkey_algo ),
(ulong)keyid_from_pkc( pkc, NULL ),
datestr_from_pkc( pkc ) );
/* and now list all userids with their signatures */
for( node = node->next; node; node = node->next ) {
if( any != 2 && node->pkt->pkttype == PKT_SIGNATURE ) {
if( !any ) {
if( node->pkt->pkt.signature->sig_class == 0x20 )
puts("[revoked]");
else
putchar('\n');
if( mainkey ) {
/* and now list all userids with their signatures */
for( node = node->next; node; node = node->next ) {
if( node->pkt->pkttype == PKT_SIGNATURE ) {
if( !any ) {
if( node->pkt->pkt.signature->sig_class == 0x20 )
puts("[revoked]");
else
putchar('\n');
any = 1;
}
list_node(c, node );
}
list_node(c, node );
any = 1;
}
else if( node->pkt->pkttype == PKT_USER_ID ) {
KBNODE n;
if( any ) {
else if( node->pkt->pkttype == PKT_USER_ID ) {
if( any ) {
if( opt.with_colons )
printf("uid:::::::::");
else
printf( "uid%*s", 28, "" );
}
print_userid( node->pkt );
if( opt.with_colons )
printf("uid:::::::::");
else
printf( "uid%*s", 28, "" );
}
print_userid( node->pkt );
if( opt.with_colons )
putchar(':');
putchar('\n');
if( opt.fingerprint && !any )
print_fingerprint( pkc, NULL );
for( n=node->next; n; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID )
break;
if( n->pkt->pkttype == PKT_SIGNATURE )
list_node(c, n );
}
any=2;
}
else if( mainkey && node->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
if( !any ) {
putchar(':');
putchar('\n');
any = 1;
if( opt.fingerprint && !any )
print_fingerprint( pkc, NULL );
any=1;
}
else if( node->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
if( !any ) {
putchar('\n');
any = 1;
}
list_node(c, node );
}
list_node(c, node );
}
}
if( any != 2 && mainkey )
printf("ERROR: no user id!\n");
else if( any != 2 )
if( !any )
putchar('\n');
}
else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_CERT) )
|| node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
PKT_secret_cert *skc = node->pkt->pkt.secret_cert;
printf("%s %4u%c/%08lX %s ",
if( opt.with_colons ) {
u32 keyid[2];
keyid_from_skc( skc, keyid );
printf("%s::%u:%d:%08lX%08lX:%s:%u:::",
mainkey? "sec":"ssb",
nbits_from_skc( skc ),
skc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_skc( skc ),
(unsigned)skc->valid_days
/* fixme: add LID */ );
}
else
printf("%s %4u%c/%08lX %s ",
mainkey? "sec":"ssb",
nbits_from_skc( skc ),
nbits_from_skc( skc ),
pubkey_letter( skc->pubkey_algo ),
(ulong)keyid_from_skc( skc, NULL ),
datestr_from_skc( skc ) );
/* and now list all userids */
while( (node = find_next_kbnode(node, PKT_USER_ID)) ) {
print_userid( node->pkt );
putchar('\n');
if( opt.fingerprint && !any )
print_fingerprint( NULL, skc );
any=1;
if( mainkey ) {
/* and now list all userids with their signatures */
for( node = node->next; node; node = node->next ) {
if( node->pkt->pkttype == PKT_SIGNATURE ) {
if( !any ) {
if( node->pkt->pkt.signature->sig_class == 0x20 )
puts("[revoked]");
else
putchar('\n');
any = 1;
}
list_node(c, node );
}
else if( node->pkt->pkttype == PKT_USER_ID ) {
if( any ) {
if( opt.with_colons )
printf("uid:::::::::");
else
printf( "uid%*s", 28, "" );
}
print_userid( node->pkt );
if( opt.with_colons )
putchar(':');
putchar('\n');
if( opt.fingerprint && !any )
print_fingerprint( NULL, skc );
any=1;
}
else if( node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
if( !any ) {
putchar('\n');
any = 1;
}
list_node(c, node );
}
}
}
if( !any && mainkey )
printf("ERROR: no user id!\n");
else if( !any )
if( !any )
putchar('\n');
}
else if( node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
int is_selfsig = 0;
int rc2=0;
size_t n;
char *p;
@ -516,13 +563,27 @@ list_node( CTX c, KBNODE node )
fputs("sig", stdout);
if( opt.check_sigs ) {
fflush(stdout);
switch( (rc2=do_check_sig( c, node )) ) {
switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) {
case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break;
case G10ERR_NO_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break;
}
}
else { /* check whether this is a self signature */
u32 keyid[2];
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT
|| c->list->pkt->pkttype == PKT_SECRET_CERT ) {
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT )
keyid_from_pkc( c->list->pkt->pkt.public_cert, keyid );
else
keyid_from_skc( c->list->pkt->pkt.secret_cert, keyid );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
is_selfsig = 1;
}
}
if( opt.with_colons ) {
putchar(':');
if( sigrc != ' ' )
@ -537,6 +598,13 @@ list_node( CTX c, KBNODE node )
printf("[%s] ", g10_errstr(rc2) );
else if( sigrc == '?' )
;
else if( is_selfsig ) {
if( opt.with_colons )
putchar(':');
fputs( sig->sig_class == 0x18? "[keybind]":"[selfsig]", stdout);
if( opt.with_colons )
putchar(':');
}
else {
p = get_user_id( sig->keyid, &n );
print_string( stdout, p, n, opt.with_colons );
@ -711,6 +779,8 @@ static int
check_sig_and_print( CTX c, KBNODE node )
{
PKT_signature *sig = node->pkt->pkt.signature;
time_t stamp = sig->timestamp;
const char *astr, *tstr;
int rc;
if( opt.skip_verify ) {
@ -718,28 +788,25 @@ check_sig_and_print( CTX c, KBNODE node )
return 0;
}
rc = do_check_sig(c, node );
if( !rc || rc == G10ERR_BAD_SIGN ) {
char *p, *buf;
tstr = asctime(localtime (&stamp));
astr = pubkey_algo_to_string( sig->pubkey_algo );
log_info(_("Signature made %.*s using %s key ID %08lX\n"),
strlen(tstr)-1, tstr, astr? astr: "?", (ulong)sig->keyid[1] );
p = get_user_id_string( sig->keyid );
buf = m_alloc( 20 + strlen(p) );
sprintf(buf, "%lu %s", (ulong)sig->timestamp, p );
m_free(p);
if( (p=strchr(buf,'\n')) )
*p = 0; /* just in case ... */
write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, buf );
m_free(buf);
log_info("%s signature from ", rc? "BAD":"Good");
rc = do_check_sig(c, node, NULL );
if( !rc || rc == G10ERR_BAD_SIGN ) {
write_status( rc? STATUS_BADSIG : STATUS_GOODSIG );
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
print_keyid( stderr, sig->keyid );
putc('\"', stderr);
putc('\n', stderr);
if( opt.batch && rc )
g10_exit(1);
}
else {
write_status( STATUS_ERRSIG );
log_error("Can't check signature made by %08lX: %s\n",
(ulong)sig->keyid[1], g10_errstr(rc) );
log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
}
return rc;
}
@ -757,6 +824,8 @@ proc_tree( CTX c, KBNODE node )
if( opt.list_packets )
return;
c->local_id = 0;
c->trustletter = ' ';
if( node->pkt->pkttype == PKT_PUBLIC_CERT
|| node->pkt->pkttype == PKT_PUBKEY_SUBCERT )
list_node( c, node );

2
g10/options.h
View File

@ -45,6 +45,8 @@ struct {
int completes_needed;
const char *homedir;
int skip_verify;
int compress_keys;
int always_trust;
} opt;

26
g10/passphrase.c
View File

@ -31,6 +31,7 @@
#include "cipher.h"
#include "keydb.h"
#include "main.h"
#include "i18n.h"
static int pwfd = -1;
static char *next_pw = NULL;
@ -108,14 +109,25 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
}
if( keyid && !opt.batch && !next_pw ) {
char *ustr;
tty_printf("Need a pass phrase to unlock the secret key for:\n");
tty_printf(" \"" );
ustr = get_user_id_string( keyid );
tty_print_string( ustr, strlen(ustr) );
m_free(ustr);
tty_printf("\"\n\n");
PKT_public_cert *pkc = m_alloc_clear( sizeof *pkc );
size_t n;
char *p;
tty_printf(_("\nYou need a passphrase to unlock the secret key for\n"
"user: \"") );
p = get_user_id( keyid, &n );
tty_print_string( p, n );
m_free(p);
tty_printf("\"\n");
if( !get_pubkey( pkc, keyid ) ) {
const char *s = pubkey_algo_to_string( pkc->pubkey_algo );
tty_printf( _("(%u-bit %s key, ID %08lX, created %s)\n"),
nbits_from_pkc( pkc ), s?s:"?", (ulong)keyid[1],
strtimestamp(pkc->timestamp) );
}
tty_printf("\n");
free_public_cert( pkc );
}
if( next_pw ) {
pw = next_pw;

4
g10/pkclist.c
View File

@ -274,6 +274,10 @@ do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
rc = 1;
m_free(answer);
}
else if( opt.always_trust && !rc ) {
log_info(_("WARNING: Using untrusted key!\n"));
rc = 1;
}
return rc;
}

9
g10/pubkey-enc.c
View File

@ -29,6 +29,7 @@
#include "mpi.h"
#include "keydb.h"
#include "cipher.h"
#include "status.h"
/****************
@ -45,6 +46,11 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
u16 csum, csum2;
PKT_secret_cert *skc = m_alloc_clear( sizeof *skc );
#ifndef HAVE_RSA_CIPHER
if( is_RSA(k->pubkey_algo) )
write_status(STATUS_RSA_OR_IDEA);
#endif
skc->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/
if( (rc = get_seckey( skc, k->keyid )) )
goto leave;
@ -58,7 +64,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
elg_decrypt( plain_dek, k->d.elg.a, k->d.elg.b, &skc->d.elg );
}
#ifdef HAVE_RSA_CIPHER
else if( is_ELGAMAL(k->pubkey_algo) ) {
else if( is_RSA(k->pubkey_algo) ) {
if( DBG_CIPHER )
log_mpidump("Encr DEK frame:", k->d.rsa.rsa_integer );
@ -113,6 +119,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
dek->algo = frame[n++];
switch( dek->algo ) {
case CIPHER_ALGO_IDEA:
write_status(STATUS_RSA_OR_IDEA);
rc = G10ERR_NI_CIPHER;
goto leave;
case CIPHER_ALGO_BLOWFISH160:

3
g10/seckey-cert.c
View File

@ -31,6 +31,7 @@
#include "cipher.h"
#include "main.h"
#include "options.h"
#include "i18n.h"
static int
@ -221,7 +222,7 @@ check_secret_key( PKT_secret_cert *cert )
for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) {
if( i )
log_error("Invalid passphrase; please try again ...\n\n");
log_error(_("Invalid passphrase; please try again ...\n"));
switch( cert->pubkey_algo ) {
case PUBKEY_ALGO_ELGAMAL_E:
case PUBKEY_ALGO_ELGAMAL:

14
g10/sig-check.c
View File

@ -30,6 +30,7 @@
#include "keydb.h"
#include "cipher.h"
#include "main.h"
#include "status.h"
static int do_check( PKT_public_cert *pkc, PKT_signature *sig,
@ -47,6 +48,12 @@ signature_check( PKT_signature *sig, MD_HANDLE digest )
PKT_public_cert *pkc = m_alloc_clear( sizeof *pkc );
int rc=0;
#ifndef HAVE_RSA_CIPHER
if( is_RSA(sig->pubkey_algo) )
write_status(STATUS_RSA_OR_IDEA);
#endif
if( get_pubkey( pkc, sig->keyid ) )
rc = G10ERR_NO_PUBKEY;
else
@ -294,6 +301,13 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
KBNODE snode = find_prev_kbnode( root, node, PKT_PUBKEY_SUBCERT );
if( snode ) {
if( is_selfsig ) {
u32 keyid[2];
keyid_from_pkc( pkc, keyid );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
*is_selfsig = 1;
}
md = md_open( algo, 0 );
hash_public_cert( md, pkc );
hash_public_cert( md, snode->pkt->pkt.public_cert );

2
g10/status.c
View File

@ -56,9 +56,11 @@ write_status_text( int no, const char *text)
case STATUS_BADSIG : s = "BADSIG\n"; break;
case STATUS_ERRSIG : s = "ERRSIG\n"; break;
case STATUS_BADARMOR : s = "BADARMOR\n"; break;
case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA\n"; break;
default: s = "?\n"; break;
}
write( fd, "[GNUPG:] ", 9 );
if( text ) {
write( fd, s, strlen(s)-1 );
write( fd, " ", 1 );

1
g10/status.h
View File

@ -32,6 +32,7 @@
#define STATUS_BADARMOR 7
#define STATUS_RSA_OR_IDEA 8
/*-- status.c --*/

23
g10/trustdb.c
View File

@ -1756,6 +1756,29 @@ check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel )
}
int
query_trust_info( PKT_public_cert *pkc )
{
unsigned trustlevel;
int c;
if( check_trust( pkc, &trustlevel ) )
return '?';
if( trustlevel & TRUST_FLAG_REVOKED )
return 'r';
switch( (trustlevel & TRUST_MASK) ) {
case TRUST_UNKNOWN: c = 'o'; break;
case TRUST_EXPIRED: c = 'e'; break;
case TRUST_UNDEFINED: c = 'q'; break;
case TRUST_NEVER: c = 'n'; break;
case TRUST_MARGINAL: c = 'm'; break;
case TRUST_FULLY: c = 'f'; break;
case TRUST_ULTIMATE: c = 'u'; break;
default: BUG();
}
return c;
}
/****************

17
g10/trustdb.h
View File

@ -24,15 +24,15 @@
/* Trust values must be sorted in ascending order */
#define TRUST_MASK 15
#define TRUST_UNKNOWN 0 /* not yet calculated */
#define TRUST_EXPIRED 1 /* calculation may be invalid */
#define TRUST_UNDEFINED 2 /* not enough information for calculation */
#define TRUST_NEVER 3 /* never trust this pubkey */
#define TRUST_MARGINAL 4 /* marginally trusted */
#define TRUST_FULLY 5 /* fully trusted */
#define TRUST_ULTIMATE 6 /* ultimately trusted */
#define TRUST_UNKNOWN 0 /* o: not yet calculated */
#define TRUST_EXPIRED 1 /* e: calculation may be invalid */
#define TRUST_UNDEFINED 2 /* q: not enough information for calculation */
#define TRUST_NEVER 3 /* n: never trust this pubkey */
#define TRUST_MARGINAL 4 /* m: marginally trusted */
#define TRUST_FULLY 5 /* f: fully trusted */
#define TRUST_ULTIMATE 6 /* u: ultimately trusted */
/* trust values not covered by the mask */
#define TRUST_FLAG_REVOKED 32
#define TRUST_FLAG_REVOKED 32 /* r: revoked */
/*-- trustdb.c --*/
@ -40,6 +40,7 @@ void list_trustdb(const char *username);
void list_trust_path( int max_depth, const char *username );
int init_trustdb( int level, const char *dbname );
int check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel );
int query_trust_info( PKT_public_cert *pkc );
int enum_trust_web( void **context, ulong *lid );
int get_ownertrust( ulong lid, unsigned *r_otrust );
int keyid_from_trustdb( ulong lid, u32 *keyid );

4
po/ChangeLog
View File

@ -1,3 +1,7 @@
Thu May 28 10:44:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* it.po: Add small corrections from Marco
Thu Apr 9 10:03:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* it.po: New version from Marco

4
po/it.po
View File

@ -427,7 +427,7 @@ msgstr "[nomefile]"
#: g10/g10.c:936
#, c-format
msgid "can't open '%s'\n"
msgstr "impossibile aprire '%s'"
msgstr "impossibile aprire '%s'\n"
# #### Md ???
#: g10/pkclist.c:65
@ -616,7 +616,7 @@ msgstr "Le dimensioni della chiave richieste sono %u bit\n"
#: g10/keygen.c:386 g10/keygen.c:390
#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrotondate a %u bit"
msgstr "arrotondate a %u bit\n"
#: g10/keygen.c:397
msgid ""

2
zlib/Makefile
View File

@ -93,7 +93,7 @@ POSUB = po
RANLIB = ranlib
USE_INCLUDED_LIBINTL = yes
USE_NLS = yes
VERSION = 0.2.18a
VERSION = 0.2.19
ZLIBS =
l =