security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Code Activity

*** empty log message ***

Browse Source
This commit is contained in:
Werner Koch 1998-05-29 11:53:54 +00:00
parent eed2faab53
commit e284277f04
35 changed files with 1099 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
NEWS
View File

@ -14,6 +14,12 @@ Noteworthy changes in version 0.2.19
* --add-key works and you are now able to generate subkeys. * --add-key works and you are now able to generate subkeys.
* It is now possible to generate ElGamal keys in v4 packets to create
valid OpenPGP keys.
* Some new features for better integration into MUAs.
Noteworthy changes in version 0.2.18 Noteworthy changes in version 0.2.18
------------------------------------ ------------------------------------

41
README
View File

@ -30,11 +30,10 @@
the United States until Sep 20, 2000). I'm sorry about this, but the United States until Sep 20, 2000). I'm sorry about this, but
this is the world we have created (e.g. by using proprietary software). this is the world we have created (e.g. by using proprietary software).
Because the OpenPGP standard is still a draft, GNUPG is not yet Because the OpenPGP standard is still a draft, GNUPG now interoperates
compatible with it (or PGP 5) - but it will be. The data structures with it and PGP 5. The MUA Mutt will soon support GNUPG; it has a
used are compatible with PGP 2.x, so it can parse and list such files mode to fallback to another program if the received message has been
and PGP should be able to parse data created by GNUPG and complain created with RSA or IDEA.
about unsupported algorithms.
The default algorithms used by GNUPG are ElGamal for public-key The default algorithms used by GNUPG are ElGamal for public-key
encryption and signing; Blowfish with a 128 bit key for protecting encryption and signing; Blowfish with a 128 bit key for protecting
@ -76,31 +75,6 @@
Because we have no hardware device to generate randomness we have to Because we have no hardware device to generate randomness we have to
use this method. use this method.
Key generation shows progress by printing different characters to
stderr:
"." Last 10 Miller-Rabin tests failed
"+" Miller-Rabin test succeeded
"!" Reloading the pool with fresh prime numbers
"^" Checking a new value for the generator
"<" Size of one factor decreased
">" Size of one factor increased
The prime number for ElGamal is generated this way:
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize)
2) Select the length of the other prime factors to be at least the size
of q and calculate the number of prime factors needed
3) Make a pool of prime numbers, each of the length determined in step 2
4) Get a new permutation out of the pool or continue with step 3
if we have tested all permutations.
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
6) Check that this prime has the correct length (this may change q if
it seems not to be possible to make a prime of the desired length)
7) Check whether this is a prime using trial divisions and the
Miller-Rabin test.
8) Continue with step 4 if we did not find a prime in step 7.
9) Find a generator for that prime.
You should make a revocation certificate in case someone gets You should make a revocation certificate in case someone gets
knowledge of your secret key or you forgot your passphrase: knowledge of your secret key or you forgot your passphrase:
@ -110,6 +84,13 @@
so that you can print it and (hopefully never) re-create it if so that you can print it and (hopefully never) re-create it if
your electronic media fails. your electronic media fails.
If you decided to create a DSA key, you should add an ElGamal
for encryption:
gpg --add-key user_id_of_your_key
and follow the displayed instructions (select "ElGamal using v4 packets").
You can sign a key with this command: You can sign a key with this command:

3
TODO
View File

@ -2,6 +2,9 @@
* add usage arguments to get_key_byname or return a PKC_LIST with * add usage arguments to get_key_byname or return a PKC_LIST with
all keys and add a selection. all keys and add a selection.
* add expiration date and other stuff from v4 sigs to the trust
checking.
* add readline support. Must enhance libreadline - Anyone? * add readline support. Must enhance libreadline - Anyone?
* Burn the buffers used by fopen(), or use read(2). * Burn the buffers used by fopen(), or use read(2).

2
VERSION
View File

@ -1 +1 @@
0.2.18a 0.2.19

1
cipher/Makefile.am
View File

@ -11,6 +11,7 @@ libcipher_a_SOURCES = cipher.c \
blowfish.h \ blowfish.h \
cast5.c \ cast5.c \
cast5.h \ cast5.h \
des.h \
elgamal.c \ elgamal.c \
elgamal.h \ elgamal.h \
md5.c \ md5.c \

1
cipher/Makefile.in
View File

@ -102,6 +102,7 @@ libcipher_a_SOURCES = cipher.c \
blowfish.h \ blowfish.h \
cast5.c \ cast5.c \
cast5.h \ cast5.h \
des.h \
elgamal.c \ elgamal.c \
elgamal.h \ elgamal.h \
md5.c \ md5.c \

14
cipher/cipher.c
View File

@ -31,6 +31,7 @@
#include "cipher.h" #include "cipher.h"
#include "blowfish.h" #include "blowfish.h"
#include "cast5.h" #include "cast5.h"
#include "des.h"
#define STD_BLOCKSIZE 8 #define STD_BLOCKSIZE 8
@ -38,12 +39,14 @@
#error Invalid BLOWFISH blocksize #error Invalid BLOWFISH blocksize
#elif CAST5_BLOCKSIZE != STD_BLOCKSIZE #elif CAST5_BLOCKSIZE != STD_BLOCKSIZE
#error Invalid CAST blocksize #error Invalid CAST blocksize
#elif DES_BLOCKSIZE != STD_BLOCKSIZE
#error Invalid DES blocksize
#endif #endif
static struct { const char *name; int algo; int keylen; } cipher_names[] = { static struct { const char *name; int algo; int keylen; } cipher_names[] = {
{ "IDEA", CIPHER_ALGO_IDEA ,0 }, { "IDEA", CIPHER_ALGO_IDEA ,0 },
{ "3DES", CIPHER_ALGO_3DES ,0 }, { "3DES", CIPHER_ALGO_3DES ,168 },
{ "CAST", CIPHER_ALGO_CAST ,128 }, { "CAST", CIPHER_ALGO_CAST ,128 },
{ "BLOWFISH160", CIPHER_ALGO_BLOWFISH160 ,160 }, { "BLOWFISH160", CIPHER_ALGO_BLOWFISH160 ,160 },
{ "SAFER_SK128", CIPHER_ALGO_SAFER_SK128 ,0 }, { "SAFER_SK128", CIPHER_ALGO_SAFER_SK128 ,0 },
@ -123,6 +126,7 @@ check_cipher_algo( int algo )
case CIPHER_ALGO_BLOWFISH160: case CIPHER_ALGO_BLOWFISH160:
case CIPHER_ALGO_BLOWFISH: case CIPHER_ALGO_BLOWFISH:
case CIPHER_ALGO_CAST: case CIPHER_ALGO_CAST:
case CIPHER_ALGO_3DES:
case CIPHER_ALGO_DUMMY: case CIPHER_ALGO_DUMMY:
return 0; return 0;
default: default:
@ -186,7 +190,13 @@ cipher_open( int algo, int mode, int secure )
hd->encrypt = FNCCAST_CRYPT(cast5_encrypt_block); hd->encrypt = FNCCAST_CRYPT(cast5_encrypt_block);
hd->decrypt = FNCCAST_CRYPT(cast5_decrypt_block); hd->decrypt = FNCCAST_CRYPT(cast5_decrypt_block);
break; break;
#if 0
case CIPHER_ALGO_3DES:
hd->setkey = FNCCAST_SETKEY(des_3des_setkey);
hd->encrypt = FNCCAST_CRYPT(des_encrypt_block);
hd->decrypt = FNCCAST_CRYPT(des_decrypt_block);
break;
#endif
case CIPHER_ALGO_DUMMY: case CIPHER_ALGO_DUMMY:
hd->setkey = FNCCAST_SETKEY(dummy_setkey); hd->setkey = FNCCAST_SETKEY(dummy_setkey);
hd->encrypt = FNCCAST_CRYPT(dummy_encrypt_block); hd->encrypt = FNCCAST_CRYPT(dummy_encrypt_block);

525
cipher/des.c Normal file
View File

@ -0,0 +1,525 @@
/* des.c
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* Test values:
*
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "types.h"
#include "des.h"
/* precomputed S boxes */
static const u32 ks0[256] = {
0xD1310BA6,0x98DFB5AC,0x2FFD72DB,0xD01ADFB7,0xB8E1AFED,0x6A267E96,
0xBA7C9045,0xF12C7F99,0x24A19947,0xB3916CF7,0x0801F2E2,0x858EFC16,
0x636920D8,0x71574E69,0xA458FEA3,0xF4933D7E,0x0D95748F,0x728EB658,
0x718BCD58,0x82154AEE,0x7B54A41D,0xC25A59B5,0x9C30D539,0x2AF26013,
0xC5D1B023,0x286085F0,0xCA417918,0xB8DB38EF,0x8E79DCB0,0x603A180E,
0x6C9E0E8B,0xB01E8A3E,0xD71577C1,0xBD314B27,0x78AF2FDA,0x55605C60,
0xE65525F3,0xAA55AB94,0x57489862,0x63E81440,0x55CA396A,0x2AAB10B6,
0xB4CC5C34,0x1141E8CE,0xA15486AF,0x7C72E993,0xB3EE1411,0x636FBC2A,
0x2BA9C55D,0x741831F6,0xCE5C3E16,0x9B87931E,0xAFD6BA33,0x6C24CF5C,
0x7A325381,0x28958677,0x3B8F4898,0x6B4BB9AF,0xC4BFE81B,0x66282193,
0x61D809CC,0xFB21A991,0x487CAC60,0x5DEC8032,0xEF845D5D,0xE98575B1,
0xDC262302,0xEB651B88,0x23893E81,0xD396ACC5,0x0F6D6FF3,0x83F44239,
0x2E0B4482,0xA4842004,0x69C8F04A,0x9E1F9B5E,0x21C66842,0xF6E96C9A,
0x670C9C61,0xABD388F0,0x6A51A0D2,0xD8542F68,0x960FA728,0xAB5133A3,
0x6EEF0B6C,0x137A3BE4,0xBA3BF050,0x7EFB2A98,0xA1F1651D,0x39AF0176,
0x66CA593E,0x82430E88,0x8CEE8619,0x456F9FB4,0x7D84A5C3,0x3B8B5EBE,
0xE06F75D8,0x85C12073,0x401A449F,0x56C16AA6,0x4ED3AA62,0x363F7706,
0x1BFEDF72,0x429B023D,0x37D0D724,0xD00A1248,0xDB0FEAD3,0x49F1C09B,
0x075372C9,0x80991B7B,0x25D479D8,0xF6E8DEF7,0xE3FE501A,0xB6794C3B,
0x976CE0BD,0x04C006BA,0xC1A94FB6,0x409F60C4,0x5E5C9EC2,0x196A2463,
0x68FB6FAF,0x3E6C53B5,0x1339B2EB,0x3B52EC6F,0x6DFC511F,0x9B30952C,
0xCC814544,0xAF5EBD09,0xBEE3D004,0xDE334AFD,0x660F2807,0x192E4BB3,
0xC0CBA857,0x45C8740F,0xD20B5F39,0xB9D3FBDB,0x5579C0BD,0x1A60320A,
0xD6A100C6,0x402C7279,0x679F25FE,0xFB1FA3CC,0x8EA5E9F8,0xDB3222F8,
0x3C7516DF,0xFD616B15,0x2F501EC8,0xAD0552AB,0x323DB5FA,0xFD238760,
0x53317B48,0x3E00DF82,0x9E5C57BB,0xCA6F8CA0,0x1A87562E,0xDF1769DB,
0xD542A8F6,0x287EFFC3,0xAC6732C6,0x8C4F5573,0x695B27B0,0xBBCA58C8,
0xE1FFA35D,0xB8F011A0,0x10FA3D98,0xFD2183B8,0x4AFCB56C,0x2DD1D35B,
0x9A53E479,0xB6F84565,0xD28E49BC,0x4BFB9790,0xE1DDF2DA,0xA4CB7E33,
0x62FB1341,0xCEE4C6E8,0xEF20CADA,0x36774C01,0xD07E9EFE,0x2BF11FB4,
0x95DBDA4D,0xAE909198,0xEAAD8E71,0x6B93D5A0,0xD08ED1D0,0xAFC725E0,
0x8E3C5B2F,0x8E7594B7,0x8FF6E2FB,0xF2122B64,0x8888B812,0x900DF01C,
0x4FAD5EA0,0x688FC31C,0xD1CFF191,0xB3A8C1AD,0x2F2F2218,0xBE0E1777,
0xEA752DFE,0x8B021FA1,0xE5A0CC0F,0xB56F74E8,0x18ACF3D6,0xCE89E299,
0xB4A84FE0,0xFD13E0B7,0x7CC43B81,0xD2ADA8D9,0x165FA266,0x80957705,
0x93CC7314,0x211A1477,0xE6AD2065,0x77B5FA86,0xC75442F5,0xFB9D35CF,
0xEBCDAF0C,0x7B3E89A0,0xD6411BD3,0xAE1E7E49,0x00250E2D,0x2071B35E,
0x226800BB,0x57B8E0AF,0x2464369B,0xF009B91E,0x5563911D,0x59DFA6AA,
0x78C14389,0xD95A537F,0x207D5BA2,0x02E5B9C5,0x83260376,0x6295CFA9,
0x11C81968,0x4E734A41,0xB3472DCA,0x7B14A94A,0x1B510052,0x9A532915,
0xD60F573F,0xBC9BC6E4,0x2B60A476,0x81E67400,0x08BA6FB5,0x571BE91F,
0xF296EC6B,0x2A0DD915,0xB6636521,0xE7B9F9B6,0xFF34052E,0xC5855664,
0x53B02D5D,0xA99F8FA1,0x08BA4799,0x6E85076A };
static const u32 ks1[256] = {
0x4B7A70E9,0xB5B32944,0xDB75092E,0xC4192623,0xAD6EA6B0,0x49A7DF7D,
0x9CEE60B8,0x8FEDB266,0xECAA8C71,0x699A17FF,0x5664526C,0xC2B19EE1,
0x193602A5,0x75094C29,0xA0591340,0xE4183A3E,0x3F54989A,0x5B429D65,
0x6B8FE4D6,0x99F73FD6,0xA1D29C07,0xEFE830F5,0x4D2D38E6,0xF0255DC1,
0x4CDD2086,0x8470EB26,0x6382E9C6,0x021ECC5E,0x09686B3F,0x3EBAEFC9,
0x3C971814,0x6B6A70A1,0x687F3584,0x52A0E286,0xB79C5305,0xAA500737,
0x3E07841C,0x7FDEAE5C,0x8E7D44EC,0x5716F2B8,0xB03ADA37,0xF0500C0D,
0xF01C1F04,0x0200B3FF,0xAE0CF51A,0x3CB574B2,0x25837A58,0xDC0921BD,
0xD19113F9,0x7CA92FF6,0x94324773,0x22F54701,0x3AE5E581,0x37C2DADC,
0xC8B57634,0x9AF3DDA7,0xA9446146,0x0FD0030E,0xECC8C73E,0xA4751E41,
0xE238CD99,0x3BEA0E2F,0x3280BBA1,0x183EB331,0x4E548B38,0x4F6DB908,
0x6F420D03,0xF60A04BF,0x2CB81290,0x24977C79,0x5679B072,0xBCAF89AF,
0xDE9A771F,0xD9930810,0xB38BAE12,0xDCCF3F2E,0x5512721F,0x2E6B7124,
0x501ADDE6,0x9F84CD87,0x7A584718,0x7408DA17,0xBC9F9ABC,0xE94B7D8C,
0xEC7AEC3A,0xDB851DFA,0x63094366,0xC464C3D2,0xEF1C1847,0x3215D908,
0xDD433B37,0x24C2BA16,0x12A14D43,0x2A65C451,0x50940002,0x133AE4DD,
0x71DFF89E,0x10314E55,0x81AC77D6,0x5F11199B,0x043556F1,0xD7A3C76B,
0x3C11183B,0x5924A509,0xF28FE6ED,0x97F1FBFA,0x9EBABF2C,0x1E153C6E,
0x86E34570,0xEAE96FB1,0x860E5E0A,0x5A3E2AB3,0x771FE71C,0x4E3D06FA,
0x2965DCB9,0x99E71D0F,0x803E89D6,0x5266C825,0x2E4CC978,0x9C10B36A,
0xC6150EBA,0x94E2EA78,0xA5FC3C53,0x1E0A2DF4,0xF2F74EA7,0x361D2B3D,
0x1939260F,0x19C27960,0x5223A708,0xF71312B6,0xEBADFE6E,0xEAC31F66,
0xE3BC4595,0xA67BC883,0xB17F37D1,0x018CFF28,0xC332DDEF,0xBE6C5AA5,
0x65582185,0x68AB9802,0xEECEA50F,0xDB2F953B,0x2AEF7DAD,0x5B6E2F84,
0x1521B628,0x29076170,0xECDD4775,0x619F1510,0x13CCA830,0xEB61BD96,
0x0334FE1E,0xAA0363CF,0xB5735C90,0x4C70A239,0xD59E9E0B,0xCBAADE14,
0xEECC86BC,0x60622CA7,0x9CAB5CAB,0xB2F3846E,0x648B1EAF,0x19BDF0CA,
0xA02369B9,0x655ABB50,0x40685A32,0x3C2AB4B3,0x319EE9D5,0xC021B8F7,
0x9B540B19,0x875FA099,0x95F7997E,0x623D7DA8,0xF837889A,0x97E32D77,
0x11ED935F,0x16681281,0x0E358829,0xC7E61FD6,0x96DEDFA1,0x7858BA99,
0x57F584A5,0x1B227263,0x9B83C3FF,0x1AC24696,0xCDB30AEB,0x532E3054,
0x8FD948E4,0x6DBC3128,0x58EBF2EF,0x34C6FFEA,0xFE28ED61,0xEE7C3C73,
0x5D4A14D9,0xE864B7E3,0x42105D14,0x203E13E0,0x45EEE2B6,0xA3AAABEA,
0xDB6C4F15,0xFACB4FD0,0xC742F442,0xEF6ABBB5,0x654F3B1D,0x41CD2105,
0xD81E799E,0x86854DC7,0xE44B476A,0x3D816250,0xCF62A1F2,0x5B8D2646,
0xFC8883A0,0xC1C7B6A3,0x7F1524C3,0x69CB7492,0x47848A0B,0x5692B285,
0x095BBF00,0xAD19489D,0x1462B174,0x23820E00,0x58428D2A,0x0C55F5EA,
0x1DADF43E,0x233F7061,0x3372F092,0x8D937E41,0xD65FECF1,0x6C223BDB,
0x7CDE3759,0xCBEE7460,0x4085F2A7,0xCE77326E,0xA6078084,0x19F8509E,
0xE8EFD855,0x61D99735,0xA969A7AA,0xC50C06C2,0x5A04ABFC,0x800BCADC,
0x9E447A2E,0xC3453484,0xFDD56705,0x0E1E9EC9,0xDB73DBD3,0x105588CD,
0x675FDA79,0xE3674340,0xC5C43465,0x713E38D8,0x3D28F89E,0xF16DFF20,
0x153E21E7,0x8FB03D4A,0xE6E39F2B,0xDB83ADF7 };
static const u32 ks2[256] = {
0xE93D5A68,0x948140F7,0xF64C261C,0x94692934,0x411520F7,0x7602D4F7,
0xBCF46B2E,0xD4A20068,0xD4082471,0x3320F46A,0x43B7D4B7,0x500061AF,
0x1E39F62E,0x97244546,0x14214F74,0xBF8B8840,0x4D95FC1D,0x96B591AF,
0x70F4DDD3,0x66A02F45,0xBFBC09EC,0x03BD9785,0x7FAC6DD0,0x31CB8504,
0x96EB27B3,0x55FD3941,0xDA2547E6,0xABCA0A9A,0x28507825,0x530429F4,
0x0A2C86DA,0xE9B66DFB,0x68DC1462,0xD7486900,0x680EC0A4,0x27A18DEE,
0x4F3FFEA2,0xE887AD8C,0xB58CE006,0x7AF4D6B6,0xAACE1E7C,0xD3375FEC,
0xCE78A399,0x406B2A42,0x20FE9E35,0xD9F385B9,0xEE39D7AB,0x3B124E8B,
0x1DC9FAF7,0x4B6D1856,0x26A36631,0xEAE397B2,0x3A6EFA74,0xDD5B4332,
0x6841E7F7,0xCA7820FB,0xFB0AF54E,0xD8FEB397,0x454056AC,0xBA489527,
0x55533A3A,0x20838D87,0xFE6BA9B7,0xD096954B,0x55A867BC,0xA1159A58,
0xCCA92963,0x99E1DB33,0xA62A4A56,0x3F3125F9,0x5EF47E1C,0x9029317C,
0xFDF8E802,0x04272F70,0x80BB155C,0x05282CE3,0x95C11548,0xE4C66D22,
0x48C1133F,0xC70F86DC,0x07F9C9EE,0x41041F0F,0x404779A4,0x5D886E17,
0x325F51EB,0xD59BC0D1,0xF2BCC18F,0x41113564,0x257B7834,0x602A9C60,
0xDFF8E8A3,0x1F636C1B,0x0E12B4C2,0x02E1329E,0xAF664FD1,0xCAD18115,
0x6B2395E0,0x333E92E1,0x3B240B62,0xEEBEB922,0x85B2A20E,0xE6BA0D99,
0xDE720C8C,0x2DA2F728,0xD0127845,0x95B794FD,0x647D0862,0xE7CCF5F0,
0x5449A36F,0x877D48FA,0xC39DFD27,0xF33E8D1E,0x0A476341,0x992EFF74,
0x3A6F6EAB,0xF4F8FD37,0xA812DC60,0xA1EBDDF8,0x991BE14C,0xDB6E6B0D,
0xC67B5510,0x6D672C37,0x2765D43B,0xDCD0E804,0xF1290DC7,0xCC00FFA3,
0xB5390F92,0x690FED0B,0x667B9FFB,0xCEDB7D9C,0xA091CF0B,0xD9155EA3,
0xBB132F88,0x515BAD24,0x7B9479BF,0x763BD6EB,0x37392EB3,0xCC115979,
0x8026E297,0xF42E312D,0x6842ADA7,0xC66A2B3B,0x12754CCC,0x782EF11C,
0x6A124237,0xB79251E7,0x06A1BBE6,0x4BFB6350,0x1A6B1018,0x11CAEDFA,
0x3D25BDD8,0xE2E1C3C9,0x44421659,0x0A121386,0xD90CEC6E,0xD5ABEA2A,
0x64AF674E,0xDA86A85F,0xBEBFE988,0x64E4C3FE,0x9DBC8057,0xF0F7C086,
0x60787BF8,0x6003604D,0xD1FD8346,0xF6381FB0,0x7745AE04,0xD736FCCC,
0x83426B33,0xF01EAB71,0xB0804187,0x3C005E5F,0x77A057BE,0xBDE8AE24,
0x55464299,0xBF582E61,0x4E58F48F,0xF2DDFDA2,0xF474EF38,0x8789BDC2,
0x5366F9C3,0xC8B38E74,0xB475F255,0x46FCD9B9,0x7AEB2661,0x8B1DDF84,
0x846A0E79,0x915F95E2,0x466E598E,0x20B45770,0x8CD55591,0xC902DE4C,
0xB90BACE1,0xBB8205D0,0x11A86248,0x7574A99E,0xB77F19B6,0xE0A9DC09,
0x662D09A1,0xC4324633,0xE85A1F02,0x09F0BE8C,0x4A99A025,0x1D6EFE10,
0x1AB93D1D,0x0BA5A4DF,0xA186F20F,0x2868F169,0xDCB7DA83,0x573906FE,
0xA1E2CE9B,0x4FCD7F52,0x50115E01,0xA70683FA,0xA002B5C4,0x0DE6D027,
0x9AF88C27,0x773F8641,0xC3604C06,0x61A806B5,0xF0177A28,0xC0F586E0,
0x006058AA,0x30DC7D62,0x11E69ED7,0x2338EA63,0x53C2DD94,0xC2C21634,
0xBBCBEE56,0x90BCB6DE,0xEBFC7DA1,0xCE591D76,0x6F05E409,0x4B7C0188,
0x39720A3D,0x7C927C24,0x86E3725F,0x724D9DB9,0x1AC15BB4,0xD39EB8FC,
0xED545578,0x08FCA5B5,0xD83D7CD3,0x4DAD0FC4,0x1E50EF5E,0xB161E6F8,
0xA28514D9,0x6C51133C,0x6FD5C7E7,0x56E14EC4,0x362ABFCE,0xDDC6C837,
0xD79A3234,0x92638212,0x670EFA8E,0x406000E0 };
static const u32 ks3[256] = {
0x3A39CE37,0xD3FAF5CF,0xABC27737,0x5AC52D1B,0x5CB0679E,0x4FA33742,
0xD3822740,0x99BC9BBE,0xD5118E9D,0xBF0F7315,0xD62D1C7E,0xC700C47B,
0xB78C1B6B,0x21A19045,0xB26EB1BE,0x6A366EB4,0x5748AB2F,0xBC946E79,
0xC6A376D2,0x6549C2C8,0x530FF8EE,0x468DDE7D,0xD5730A1D,0x4CD04DC6,
0x2939BBDB,0xA9BA4650,0xAC9526E8,0xBE5EE304,0xA1FAD5F0,0x6A2D519A,
0x63EF8CE2,0x9A86EE22,0xC089C2B8,0x43242EF6,0xA51E03AA,0x9CF2D0A4,
0x83C061BA,0x9BE96A4D,0x8FE51550,0xBA645BD6,0x2826A2F9,0xA73A3AE1,
0x4BA99586,0xEF5562E9,0xC72FEFD3,0xF752F7DA,0x3F046F69,0x77FA0A59,
0x80E4A915,0x87B08601,0x9B09E6AD,0x3B3EE593,0xE990FD5A,0x9E34D797,
0x2CF0B7D9,0x022B8B51,0x96D5AC3A,0x017DA67D,0xD1CF3ED6,0x7C7D2D28,
0x1F9F25CF,0xADF2B89B,0x5AD6B472,0x5A88F54C,0xE029AC71,0xE019A5E6,
0x47B0ACFD,0xED93FA9B,0xE8D3C48D,0x283B57CC,0xF8D56629,0x79132E28,
0x785F0191,0xED756055,0xF7960E44,0xE3D35E8C,0x15056DD4,0x88F46DBA,
0x03A16125,0x0564F0BD,0xC3EB9E15,0x3C9057A2,0x97271AEC,0xA93A072A,
0x1B3F6D9B,0x1E6321F5,0xF59C66FB,0x26DCF319,0x7533D928,0xB155FDF5,
0x03563482,0x8ABA3CBB,0x28517711,0xC20AD9F8,0xABCC5167,0xCCAD925F,
0x4DE81751,0x3830DC8E,0x379D5862,0x9320F991,0xEA7A90C2,0xFB3E7BCE,
0x5121CE64,0x774FBE32,0xA8B6E37E,0xC3293D46,0x48DE5369,0x6413E680,
0xA2AE0810,0xDD6DB224,0x69852DFD,0x09072166,0xB39A460A,0x6445C0DD,
0x586CDECF,0x1C20C8AE,0x5BBEF7DD,0x1B588D40,0xCCD2017F,0x6BB4E3BB,
0xDDA26A7E,0x3A59FF45,0x3E350A44,0xBCB4CDD5,0x72EACEA8,0xFA6484BB,
0x8D6612AE,0xBF3C6F47,0xD29BE463,0x542F5D9E,0xAEC2771B,0xF64E6370,
0x740E0D8D,0xE75B1357,0xF8721671,0xAF537D5D,0x4040CB08,0x4EB4E2CC,
0x34D2466A,0x0115AF84,0xE1B00428,0x95983A1D,0x06B89FB4,0xCE6EA048,
0x6F3F3B82,0x3520AB82,0x011A1D4B,0x277227F8,0x611560B1,0xE7933FDC,
0xBB3A792B,0x344525BD,0xA08839E1,0x51CE794B,0x2F32C9B7,0xA01FBAC9,
0xE01CC87E,0xBCC7D1F6,0xCF0111C3,0xA1E8AAC7,0x1A908749,0xD44FBD9A,
0xD0DADECB,0xD50ADA38,0x0339C32A,0xC6913667,0x8DF9317C,0xE0B12B4F,
0xF79E59B7,0x43F5BB3A,0xF2D519FF,0x27D9459C,0xBF97222C,0x15E6FC2A,
0x0F91FC71,0x9B941525,0xFAE59361,0xCEB69CEB,0xC2A86459,0x12BAA8D1,
0xB6C1075E,0xE3056A0C,0x10D25065,0xCB03A442,0xE0EC6E0E,0x1698DB3B,
0x4C98A0BE,0x3278E964,0x9F1F9532,0xE0D392DF,0xD3A0342B,0x8971F21E,
0x1B0A7441,0x4BA3348C,0xC5BE7120,0xC37632D8,0xDF359F8D,0x9B992F2E,
0xE60B6F47,0x0FE3F11D,0xE54CDA54,0x1EDAD891,0xCE6279CF,0xCD3E7E6F,
0x1618B166,0xFD2C1D05,0x848FD2C5,0xF6FB2299,0xF523F357,0xA6327623,
0x93A83531,0x56CCCD02,0xACF08162,0x5A75EBB5,0x6E163697,0x88D273CC,
0xDE966292,0x81B949D0,0x4C50901B,0x71C65614,0xE6C6C7BD,0x327A140A,
0x45E1D006,0xC3F27B9A,0xC9AA53FD,0x62A80F00,0xBB25BFE2,0x35BDD2F6,
0x71126905,0xB2040222,0xB6CBCF7C,0xCD769C2B,0x53113EC0,0x1640E3D3,
0x38ABBD60,0x2547ADF0,0xBA38209C,0xF746CE76,0x77AFA1C5,0x20756060,
0x85CBFE4E,0x8AE88DD8,0x7AAAF9B0,0x4CF9AA7E,0x1948C25C,0x02FB8A8C,
0x01C36AE4,0xD6EBE1F9,0x90D4F869,0xA65CDEA0,0x3F09252D,0xC208E69F,
0xB74E6132,0xCE77E25B,0x578FDFE3,0x3AC372E6 };
static const u32 ps[BLOWFISH_ROUNDS+2] = {
0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,0xA4093822,0x299F31D0,
0x082EFA98,0xEC4E6C89,0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917,0x9216D5D9,0x8979FB1B };
#if BLOWFISH_ROUNDS != 16
static inline u32
function_F( BLOWFISH_context *bc, u32 x )
{
u16 a, b, c, d;
#ifdef BIG_ENDIAN_HOST
a = ((byte*)&x)[0];
b = ((byte*)&x)[1];
c = ((byte*)&x)[2];
d = ((byte*)&x)[3];
#else
a = ((byte*)&x)[3];
b = ((byte*)&x)[2];
c = ((byte*)&x)[1];
d = ((byte*)&x)[0];
#endif
return ((bc->s0[a] + bc->s1[b]) ^ bc->s2[c] ) + bc->s3[d];
}
#endif
#ifdef BIG_ENDIAN_HOST
#define F(x) ((( s0[((byte*)&x)[0]] + s1[((byte*)&x)[1]]) \
^ s2[((byte*)&x)[2]]) + s3[((byte*)&x)[3]] )
#else
#define F(x) ((( s0[((byte*)&x)[3]] + s1[((byte*)&x)[2]]) \
^ s2[((byte*)&x)[1]]) + s3[((byte*)&x)[0]] )
#endif
#define R(l,r,i) do { l ^= p[i]; r ^= F(l); } while(0)
static void
encrypt( BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
{
#if BLOWFISH_ROUNDS == 16
u32 xl, xr, *s0, *s1, *s2, *s3, *p;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
s0 = bc->s0;
s1 = bc->s1;
s2 = bc->s2;
s3 = bc->s3;
R( xl, xr, 0);
R( xr, xl, 1);
R( xl, xr, 2);
R( xr, xl, 3);
R( xl, xr, 4);
R( xr, xl, 5);
R( xl, xr, 6);
R( xr, xl, 7);
R( xl, xr, 8);
R( xr, xl, 9);
R( xl, xr, 10);
R( xr, xl, 11);
R( xl, xr, 12);
R( xr, xl, 13);
R( xl, xr, 14);
R( xr, xl, 15);
xl ^= p[BLOWFISH_ROUNDS];
xr ^= p[BLOWFISH_ROUNDS+1];
*ret_xl = xr;
*ret_xr = xl;
#else
u32 xl, xr, temp, *p;
int i;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
for(i=0; i < BLOWFISH_ROUNDS; i++ ) {
xl ^= p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
temp = xl;
xl = xr;
xr = temp;
xr ^= p[BLOWFISH_ROUNDS];
xl ^= p[BLOWFISH_ROUNDS+1];
*ret_xl = xl;
*ret_xr = xr;
#endif
}
static void
decrypt( BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
{
#if BLOWFISH_ROUNDS == 16
u32 xl, xr, *s0, *s1, *s2, *s3, *p;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
s0 = bc->s0;
s1 = bc->s1;
s2 = bc->s2;
s3 = bc->s3;
R( xl, xr, 17);
R( xr, xl, 16);
R( xl, xr, 15);
R( xr, xl, 14);
R( xl, xr, 13);
R( xr, xl, 12);
R( xl, xr, 11);
R( xr, xl, 10);
R( xl, xr, 9);
R( xr, xl, 8);
R( xl, xr, 7);
R( xr, xl, 6);
R( xl, xr, 5);
R( xr, xl, 4);
R( xl, xr, 3);
R( xr, xl, 2);
xl ^= p[1];
xr ^= p[0];
*ret_xl = xr;
*ret_xr = xl;
#else
u32 xl, xr, temp, *p;
int i;
xl = *ret_xl;
xr = *ret_xr;
p = bc->p;
for(i=BLOWFISH_ROUNDS+1; i > 1; i-- ) {
xl ^= p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
temp = xl;
xl = xr;
xr = temp;
xr ^= p[1];
xl ^= p[0];
*ret_xl = xl;
*ret_xr = xr;
#endif
}
#undef F
#undef R
void
des_encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
encrypt( bc, &d1, &d2 );
outbuf[0] = (d1 >> 24) & 0xff;
outbuf[1] = (d1 >> 16) & 0xff;
outbuf[2] = (d1 >> 8) & 0xff;
outbuf[3] = d1 & 0xff;
outbuf[4] = (d2 >> 24) & 0xff;
outbuf[5] = (d2 >> 16) & 0xff;
outbuf[6] = (d2 >> 8) & 0xff;
outbuf[7] = d2 & 0xff;
}
void
des_decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
decrypt( bc, &d1, &d2 );
outbuf[0] = (d1 >> 24) & 0xff;
outbuf[1] = (d1 >> 16) & 0xff;
outbuf[2] = (d1 >> 8) & 0xff;
outbuf[3] = d1 & 0xff;
outbuf[4] = (d2 >> 24) & 0xff;
outbuf[5] = (d2 >> 16) & 0xff;
outbuf[6] = (d2 >> 8) & 0xff;
outbuf[7] = d2 & 0xff;
}
static void
selftest()
{
BLOWFISH_context c;
byte plain[] = "BLOWFISH";
byte buffer[8];
byte plain3[] = { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 };
byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 };
blowfish_setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
blowfish_encrypt_block( &c, buffer, plain );
if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) )
log_error("wrong blowfish encryption\n");
blowfish_decrypt_block( &c, buffer, buffer );
if( memcmp( buffer, plain, 8 ) )
log_bug("blowfish failed\n");
blowfish_setkey( &c, key3, 8 );
blowfish_encrypt_block( &c, buffer, plain3 );
if( memcmp( buffer, cipher3, 8 ) )
log_error("wrong blowfish encryption (3)\n");
blowfish_decrypt_block( &c, buffer, buffer );
if( memcmp( buffer, plain3, 8 ) )
log_bug("blowfish failed (3)\n");
}
void
des_3des_setkey( DES_context *c, byte *key, unsigned keylen )
{
c->tripledes = 1;
}
void
des_setkey( DES_context *c, byte *key, unsigned keylen )
{
int i, j;
u32 data, datal, datar;
static int initialized;
if( !initialized ) {
initialized = 1;
selftest();
}
c->tripledes = 0;
for(i=0; i < BLOWFISH_ROUNDS+2; i++ )
c->p[i] = ps[i];
for(i=0; i < 256; i++ ) {
c->s0[i] = ks0[i];
c->s1[i] = ks1[i];
c->s2[i] = ks2[i];
c->s3[i] = ks3[i];
}
for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) {
#ifdef BIG_ENDIAN_HOST
((byte*)&data)[0] = key[j];
((byte*)&data)[1] = key[(j+1)%keylen];
((byte*)&data)[2] = key[(j+2)%keylen];
((byte*)&data)[3] = key[(j+3)%keylen];
#else
((byte*)&data)[3] = key[j];
((byte*)&data)[2] = key[(j+1)%keylen];
((byte*)&data)[1] = key[(j+2)%keylen];
((byte*)&data)[0] = key[(j+3)%keylen];
#endif
c->p[i] ^= data;
j = (j+4) % keylen;
}
datal = datar = 0;
for(i=0; i < BLOWFISH_ROUNDS+2; i += 2 ) {
encrypt( c, &datal, &datar );
c->p[i] = datal;
c->p[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s0[i] = datal;
c->s0[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s1[i] = datal;
c->s1[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s2[i] = datal;
c->s2[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypt( c, &datal, &datar );
c->s3[i] = datal;
c->s3[i+1] = datar;
}
}

37
cipher/des.h Normal file
View File

@ -0,0 +1,37 @@
/* des.h
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_DES_H
#define G10_DES_H
#include "types.h"
#define DES_BLOCKSIZE 8
#define DES_ROUNDS 16
typedef struct {
int tripledes;
} DES_context;
void des_setkey( DES_context *c, byte *key, unsigned keylen );
void des_3des_setkey( DES_context *c, byte *key, unsigned keylen );
void des_encrypt_block( DES_context *bc, byte *outbuf, byte *inbuf );
void des_decrypt_block( DES_context *bc, byte *outbuf, byte *inbuf );
#endif /*G10_DES_H*/

8
cipher/misc.c
View File

@ -31,8 +31,9 @@ static struct { const char *name; int algo;} pubkey_names[] = {
{ "RSA", PUBKEY_ALGO_RSA }, { "RSA", PUBKEY_ALGO_RSA },
{ "RSA-E", PUBKEY_ALGO_RSA_E }, { "RSA-E", PUBKEY_ALGO_RSA_E },
{ "RSA-S", PUBKEY_ALGO_RSA_S }, { "RSA-S", PUBKEY_ALGO_RSA_S },
{ "ELGAMAL", PUBKEY_ALGO_ELGAMAL },
{ "ELG", PUBKEY_ALGO_ELGAMAL }, { "ELG", PUBKEY_ALGO_ELGAMAL },
{ "ELG-E", PUBKEY_ALGO_ELGAMAL_E },
{ "ELGAMAL", PUBKEY_ALGO_ELGAMAL },
{ "DSA", PUBKEY_ALGO_DSA }, { "DSA", PUBKEY_ALGO_DSA },
{NULL} }; {NULL} };
@ -76,6 +77,11 @@ pubkey_algo_to_string( int algo )
{ {
int i; int i;
if( is_ELGAMAL(algo) )
algo = PUBKEY_ALGO_ELGAMAL;
else if( is_RSA(algo) )
algo = PUBKEY_ALGO_RSA;
for(i=0; pubkey_names[i].name; i++ ) for(i=0; pubkey_names[i].name; i++ )
if( pubkey_names[i].algo == algo ) if( pubkey_names[i].algo == algo )
return pubkey_names[i].name; return pubkey_names[i].name;

26
doc/DETAILS
View File

@ -11,6 +11,32 @@
to keep them small. to keep them small.
Key generation shows progress by printing different characters to
stderr:
"." Last 10 Miller-Rabin tests failed
"+" Miller-Rabin test succeeded
"!" Reloading the pool with fresh prime numbers
"^" Checking a new value for the generator
"<" Size of one factor decreased
">" Size of one factor increased
The prime number for ElGamal is generated this way:
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize)
2) Select the length of the other prime factors to be at least the size
of q and calculate the number of prime factors needed
3) Make a pool of prime numbers, each of the length determined in step 2
4) Get a new permutation out of the pool or continue with step 3
if we have tested all permutations.
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
6) Check that this prime has the correct length (this may change q if
it seems not to be possible to make a prime of the desired length)
7) Check whether this is a prime using trial divisions and the
Miller-Rabin test.
8) Continue with step 4 if we did not find a prime in step 7.
9) Find a generator for that prime.
Layout of the TrustDB Layout of the TrustDB

40
g10/ChangeLog
View File

@ -1,3 +1,43 @@
Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (query_trust_info): New.
* keylist.c (list_one): Add output of trust info
* mainproc (list_node): ditto.
* g10.c (main): full trustdb init if -with-colons and any of the
key list modes.
Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* status.c (STATUS_RSA_OR_IDEA): New.
* sig-check.c (check_signature): Output special status message.
* pubkey-enc.c (get_session_key): Ditto.
* mainproc.c (check_sig_and_print): Changed format of output.
* passpharse.c (passphrase_to_dek): Likewise.
Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aListSecretKeys): New option --list-secret-keys
* keylist.c (std_key_list): Renamed to public_key_list.
(secret_key_list): New
(list_one, list_all): Add support for secret keys.
* getkey.c (get_secret_keyring): New.
* mainproc.c (list_node): Add option --with-colons for secret keys
* sig-check.c (check_key_signature): detection of selfsigs
* mainproc.c (list_node): fixed listing.
* g10.c (aListSecretKeys): New option --always-trust
* pkclist.c (do_we_trust): Override per option added
* status.c (write_status_text): Add a prefix to every output line.
Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10 (--compress-keys): New.
* options.h (compress_keys): New.
* export.c (export_pubkeys): Only compresses with the new option.
Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de) Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* passphrase.c (get_last_passphrase): New * passphrase.c (get_last_passphrase): New

3
g10/Makefile.am
View File

@ -5,7 +5,8 @@ EXTRA_DIST = OPTIONS pubring.asc
OMIT_DEPENDENCIES = zlib.h zconf.h OMIT_DEPENDENCIES = zlib.h zconf.h
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
bin_PROGRAMS = gpg gpgm gpgd noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgm
common_source = \ common_source = \
build-packet.c \ build-packet.c \

40
g10/Makefile.in
View File

@ -97,7 +97,8 @@ EXTRA_DIST = OPTIONS pubring.asc
OMIT_DEPENDENCIES = zlib.h zconf.h OMIT_DEPENDENCIES = zlib.h zconf.h
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
bin_PROGRAMS = gpg gpgm gpgd noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgm
common_source = \ common_source = \
build-packet.c \ build-packet.c \
@ -166,7 +167,7 @@ gpgm_LDADD = g10maint.o $(LDADD)
mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs
CONFIG_HEADER = ../config.h CONFIG_HEADER = ../config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
PROGRAMS = $(bin_PROGRAMS) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
DEFS = @DEFS@ -I. -I$(srcdir) -I.. DEFS = @DEFS@ -I. -I$(srcdir) -I..
@ -267,6 +268,15 @@ uninstall-binPROGRAMS:
rm -f $(bindir)/`echo $$p|sed '$(transform)'`; \ rm -f $(bindir)/`echo $$p|sed '$(transform)'`; \
done done
mostlyclean-noinstPROGRAMS:
clean-noinstPROGRAMS:
-test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
distclean-noinstPROGRAMS:
maintainer-clean-noinstPROGRAMS:
.s.o: .s.o:
$(COMPILE) -c $< $(COMPILE) -c $<
@ -398,25 +408,31 @@ distclean-generic:
maintainer-clean-generic: maintainer-clean-generic:
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
mostlyclean: mostlyclean-binPROGRAMS mostlyclean-compile \ mostlyclean: mostlyclean-binPROGRAMS mostlyclean-noinstPROGRAMS \
mostlyclean-tags mostlyclean-depend mostlyclean-generic mostlyclean-compile mostlyclean-tags mostlyclean-depend \
mostlyclean-generic
clean: clean-binPROGRAMS clean-compile clean-tags clean-depend \ clean: clean-binPROGRAMS clean-noinstPROGRAMS clean-compile clean-tags \
clean-generic mostlyclean clean-depend clean-generic mostlyclean
distclean: distclean-binPROGRAMS distclean-compile distclean-tags \ distclean: distclean-binPROGRAMS distclean-noinstPROGRAMS \
distclean-depend distclean-generic clean distclean-compile distclean-tags distclean-depend \
distclean-generic clean
-rm -f config.status -rm -f config.status
maintainer-clean: maintainer-clean-binPROGRAMS maintainer-clean-compile \ maintainer-clean: maintainer-clean-binPROGRAMS \
maintainer-clean-tags maintainer-clean-depend \ maintainer-clean-noinstPROGRAMS \
maintainer-clean-generic distclean maintainer-clean-compile maintainer-clean-tags \
maintainer-clean-depend maintainer-clean-generic \
distclean
@echo "This command is intended for maintainers to use;" @echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild." @echo "it deletes files that may require special tools to rebuild."
.PHONY: default mostlyclean-binPROGRAMS distclean-binPROGRAMS \ .PHONY: default mostlyclean-binPROGRAMS distclean-binPROGRAMS \
clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \ clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \
install-binPROGRAMS mostlyclean-compile distclean-compile clean-compile \ install-binPROGRAMS mostlyclean-noinstPROGRAMS distclean-noinstPROGRAMS \
clean-noinstPROGRAMS maintainer-clean-noinstPROGRAMS \
mostlyclean-compile distclean-compile clean-compile \
maintainer-clean-compile tags mostlyclean-tags distclean-tags \ maintainer-clean-compile tags mostlyclean-tags distclean-tags \
clean-tags maintainer-clean-tags distdir mostlyclean-depend \ clean-tags maintainer-clean-tags distdir mostlyclean-depend \
distclean-depend clean-depend maintainer-clean-depend info dvi \ distclean-depend clean-depend maintainer-clean-depend info dvi \

14
g10/OPTIONS
View File

@ -38,3 +38,17 @@ sign-key
store store
# simply packs the input data into a rfc1991 packet format # simply packs the input data into a rfc1991 packet format
list-secret-keys
#
#-----------------------------------------------
#--- options
#-----------------------------------------------
compress-keys
# compress exported key, compress level is still set with "-z" and
# algorithm with --compress-algo" - Default is to not compress keys, as
# this is better for interoperability.

2
g10/export.c
View File

@ -67,7 +67,7 @@ export_pubkeys( STRLIST users )
afx.what = 1; afx.what = 1;
iobuf_push_filter( out, armor_filter, &afx ); iobuf_push_filter( out, armor_filter, &afx );
} }
if( opt.compress ) if( opt.compress_keys && opt.compress )
iobuf_push_filter( out, compress_filter, &zfx ); iobuf_push_filter( out, compress_filter, &zfx );
if( all ) { if( all ) {

24
g10/g10.c
View File

@ -64,6 +64,7 @@ static ARGPARSE_OPTS opts[] = {
{ 552, "list-sigs", 0, N_("list keys and signatures")}, { 552, "list-sigs", 0, N_("list keys and signatures")},
{ 508, "check-sigs",0, N_("check key signatures")}, { 508, "check-sigs",0, N_("check key signatures")},
{ 515, "fingerprint", 0, N_("list keys and fingerprints")}, { 515, "fingerprint", 0, N_("list keys and fingerprints")},
{ 558, "list-secret-keys", 0, N_("list secret keys")},
#ifdef IS_G10 #ifdef IS_G10
{ 503, "gen-key", 0, N_("generate a new key pair")}, { 503, "gen-key", 0, N_("generate a new key pair")},
{ 554, "add-key", 0, N_("add a subkey to a key pair")}, { 554, "add-key", 0, N_("add a subkey to a key pair")},
@ -87,8 +88,8 @@ static ARGPARSE_OPTS opts[] = {
{ 301, NULL, 0, N_("@\nOptions:\n ") }, { 301, NULL, 0, N_("@\nOptions:\n ") },
#ifdef IS_G10
{ 'a', "armor", 0, N_("create ascii armored output")}, { 'a', "armor", 0, N_("create ascii armored output")},
#ifdef IS_G10
{ 'u', "local-user",2, N_("use this user-id to sign or decrypt")}, { 'u', "local-user",2, N_("use this user-id to sign or decrypt")},
{ 'r', "remote-user", 2, N_("use this user-id for encryption")}, { 'r', "remote-user", 2, N_("use this user-id for encryption")},
{ 'z', NULL, 1, N_("|N|set compress level N (0 disables)") }, { 'z', NULL, 1, N_("|N|set compress level N (0 disables)") },
@ -159,6 +160,8 @@ static ARGPARSE_OPTS opts[] = {
{ 552, "list-sig", 0, "@" }, /* alias */ { 552, "list-sig", 0, "@" }, /* alias */
{ 508, "check-sig",0, "@" }, /* alias */ { 508, "check-sig",0, "@" }, /* alias */
{ 553, "skip-verify",0, "@" }, { 553, "skip-verify",0, "@" },
{ 557, "compress-keys",0, "@"},
{ 559, "always-trust", 0, "@"},
{0} }; {0} };
@ -169,7 +172,7 @@ enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr, aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey, aDeleteSecretKey, aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey, aDeleteSecretKey,
aKMode, aKModeC, aChangePass, aImport, aVerify, aDecrypt, aListKeys, aKMode, aKModeC, aChangePass, aImport, aVerify, aDecrypt, aListKeys,
aListSigs, aKeyadd, aListSigs, aKeyadd, aListSecretKeys,
aExport, aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs, aExport, aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs,
aListTrustDB, aListTrustPath, aDeArmor, aEnArmor, aGenRandom, aTest, aListTrustDB, aListTrustPath, aDeArmor, aEnArmor, aGenRandom, aTest,
aNOP }; aNOP };
@ -474,8 +477,8 @@ main( int argc, char **argv )
&pargs, opts) ) { &pargs, opts) ) {
switch( pargs.r_opt ) { switch( pargs.r_opt ) {
#ifdef IS_G10
case 'a': opt.armor = 1; opt.no_armor=0; break; case 'a': opt.armor = 1; opt.no_armor=0; break;
#ifdef IS_G10
case 'b': detached_sig = 1; set_cmd( &cmd, aSign ); break; case 'b': detached_sig = 1; set_cmd( &cmd, aSign ); break;
case 'c': set_cmd( &cmd, aSym); break; case 'c': set_cmd( &cmd, aSym); break;
case 'd': set_cmd( &cmd, aDecrypt); break; case 'd': set_cmd( &cmd, aDecrypt); break;
@ -580,6 +583,9 @@ main( int argc, char **argv )
case 553: opt.skip_verify=1; break; case 553: opt.skip_verify=1; break;
case 554: set_cmd( &cmd, aKeyadd); break; case 554: set_cmd( &cmd, aKeyadd); break;
case 556: opt.def_compress_algo = pargs.r.ret_int; break; case 556: opt.def_compress_algo = pargs.r.ret_int; break;
case 557: opt.compress_keys = 1; break;
case 558: set_cmd( &cmd, aListSecretKeys); break;
case 559: opt.always_trust = 1; break;
default : errors++; pargs.err = configfp? 1:2; break; default : errors++; pargs.err = configfp? 1:2; break;
} }
} }
@ -668,7 +674,10 @@ main( int argc, char **argv )
break; break;
case aKMode: case aKMode:
case aListKeys: case aListKeys:
case aListSecretKeys:
case aCheckKeys: case aCheckKeys:
if( opt.with_colons ) /* need this to list the trust */
rc = init_trustdb(1, trustdb_name );
break; break;
case aListTrustDB: rc = init_trustdb( argc? 1:0, trustdb_name ); break; case aListTrustDB: rc = init_trustdb( argc? 1:0, trustdb_name ); break;
default: rc = init_trustdb(1, trustdb_name ); break; default: rc = init_trustdb(1, trustdb_name ); break;
@ -796,12 +805,15 @@ main( int argc, char **argv )
case aListSigs: case aListSigs:
opt.list_sigs = 1; opt.list_sigs = 1;
case aListKeys: case aListKeys:
std_key_list( argc, argv ); public_key_list( argc, argv );
break;
case aListSecretKeys:
secret_key_list( argc, argv );
break; break;
case aKMode: /* list keyring */ case aKMode: /* list keyring */
if( argc < 2 ) /* -kv [userid] */ if( argc < 2 ) /* -kv [userid] */
std_key_list( (argc && **argv)? 1:0, argv ); public_key_list( (argc && **argv)? 1:0, argv );
else if( argc == 2 ) { /* -kv userid keyring */ else if( argc == 2 ) { /* -kv userid keyring */
if( access( argv[1], R_OK ) ) { if( access( argv[1], R_OK ) ) {
log_error(_("can't open %s: %s\n"), log_error(_("can't open %s: %s\n"),
@ -811,7 +823,7 @@ main( int argc, char **argv )
/* add keyring (default keyrings are not registered in this /* add keyring (default keyrings are not registered in this
* special case */ * special case */
add_keyring( argv[1] ); add_keyring( argv[1] );
std_key_list( **argv?1:0, argv ); public_key_list( **argv?1:0, argv );
} }
} }
else else

10
g10/getkey.c
View File

@ -123,6 +123,16 @@ get_keyring( int sequence )
return sl? sl->d : NULL; return sl? sl->d : NULL;
} }
const char *
get_secret_keyring( int sequence )
{
STRLIST sl;
for(sl = secret_keyrings; sl && sequence; sl = sl->next, sequence-- )
;
return sl? sl->d : NULL;
}
void void
add_secret_keyring( const char *name ) add_secret_keyring( const char *name )

1
g10/keydb.h
View File

@ -104,6 +104,7 @@ char *get_last_passphrase(void);
/*-- getkey.c --*/ /*-- getkey.c --*/
void add_keyring( const char *name ); void add_keyring( const char *name );
const char *get_keyring( int sequence ); const char *get_keyring( int sequence );
const char *get_secret_keyring( int sequence );
void add_secret_keyring( const char *name ); void add_secret_keyring( const char *name );
int get_pubkey( PKT_public_cert *pkc, u32 *keyid ); int get_pubkey( PKT_public_cert *pkc, u32 *keyid );
int get_pubkey_byname( PKT_public_cert *pkc, const char *name ); int get_pubkey_byname( PKT_public_cert *pkc, const char *name );

151
g10/keylist.c
View File

@ -35,9 +35,9 @@
#include "main.h" #include "main.h"
#include "i18n.h" #include "i18n.h"
static void list_all(void); static void list_all(int);
static void list_one(const char *name); static void list_one(const char *name, int secret);
static void fingerprint( PKT_public_cert *pkc ); static void fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc );
/**************** /****************
@ -45,25 +45,36 @@ static void fingerprint( PKT_public_cert *pkc );
* If NNAMES is 0; all available keys are listed * If NNAMES is 0; all available keys are listed
*/ */
void void
std_key_list( int nnames, char **names ) public_key_list( int nnames, char **names )
{ {
if( !nnames ) if( !nnames )
list_all(); list_all(0);
else { /* List by user id */ else { /* List by user id */
for( ; nnames ; nnames--, names++ ) for( ; nnames ; nnames--, names++ )
list_one( *names ); list_one( *names, 0 );
}
}
void
secret_key_list( int nnames, char **names )
{
if( !nnames )
list_all(1);
else { /* List by user id */
for( ; nnames ; nnames--, names++ )
list_one( *names, 1 );
} }
} }
static void static void
list_all() list_all( int secret )
{ {
int i, seq=0; int i, seq=0;
const char *s; const char *s;
IOBUF a; IOBUF a;
while( (s=get_keyring(seq++)) ) { while( (s=secret? get_secret_keyring(seq++):get_keyring(seq++)) ) {
if( !(a = iobuf_open(s)) ) { if( !(a = iobuf_open(s)) ) {
log_error(_("can't open %s: %s\n"), s, strerror(errno)); log_error(_("can't open %s: %s\n"), s, strerror(errno));
continue; continue;
@ -80,9 +91,8 @@ list_all()
} }
} }
static void static void
list_one( const char *name ) list_one( const char *name, int secret )
{ {
int rc = 0; int rc = 0;
KBNODE keyblock = NULL; KBNODE keyblock = NULL;
@ -90,11 +100,14 @@ list_one( const char *name )
KBNODE node; KBNODE node;
KBPOS kbpos; KBPOS kbpos;
PKT_public_cert *pkc; PKT_public_cert *pkc;
PKT_secret_cert *skc;
u32 keyid[2]; u32 keyid[2];
int any=0; int any=0;
int trustletter = 0;
/* search the userid */ /* search the userid */
rc = find_keyblock_byname( &kbpos, name ); rc = secret? find_secret_keyblock_byname( &kbpos, name )
: find_keyblock_byname( &kbpos, name );
if( rc ) { if( rc ) {
log_error("%s: user not found\n", name ); log_error("%s: user not found\n", name );
goto leave; goto leave;
@ -109,29 +122,55 @@ list_one( const char *name )
/* get the keyid from the keyblock */ /* get the keyid from the keyblock */
node = find_kbnode( keyblock, PKT_PUBLIC_CERT ); node = find_kbnode( keyblock, secret? PKT_SECRET_CERT : PKT_PUBLIC_CERT );
if( !node ) { if( !node ) {
log_error("Oops; public key lost!\n"); log_error("Oops; key lost!\n");
goto leave; goto leave;
} }
pkc = node->pkt->pkt.public_cert; if( secret ) {
keyid_from_pkc( pkc, keyid ); pkc = NULL;
if( opt.with_colons ) skc = node->pkt->pkt.secret_cert;
printf("pub::%u:%d:%08lX%08lX:%s:%u:::", keyid_from_skc( skc, keyid );
/* fixme: add trust value here */ if( opt.with_colons )
nbits_from_pkc( pkc ), printf("sec::%u:%d:%08lX%08lX:%s:%u:::",
pkc->pubkey_algo, nbits_from_skc( skc ),
(ulong)keyid[0],(ulong)keyid[1], skc->pubkey_algo,
datestr_from_pkc( pkc ), (ulong)keyid[0],(ulong)keyid[1],
(unsigned)pkc->valid_days datestr_from_skc( skc ),
/* fixme: add LID and ownertrust here */ (unsigned)skc->valid_days
); /* fixme: add LID here */ );
else else
printf("pub %4u%c/%08lX %s ", nbits_from_pkc( pkc ), printf("sec %4u%c/%08lX %s ", nbits_from_skc( skc ),
pubkey_letter( pkc->pubkey_algo ), pubkey_letter( skc->pubkey_algo ),
(ulong)keyid[1], (ulong)keyid[1],
datestr_from_pkc( pkc ) ); datestr_from_skc( skc ) );
}
else {
pkc = node->pkt->pkt.public_cert;
skc = NULL;
keyid_from_pkc( pkc, keyid );
if( opt.with_colons ) {
trustletter = query_trust_info( pkc );
printf("pub:%c:%u:%d:%08lX%08lX:%s:%u:",
trustletter,
nbits_from_pkc( pkc ),
pkc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_pkc( pkc ),
(unsigned)pkc->valid_days );
if( pkc->local_id )
printf("%lu", pkc->local_id );
putchar(':');
/* fixme: add ownertrust here */
putchar(':');
}
else
printf("pub %4u%c/%08lX %s ", nbits_from_pkc( pkc ),
pubkey_letter( pkc->pubkey_algo ),
(ulong)keyid[1],
datestr_from_pkc( pkc ) );
}
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) { for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
if( node->pkt->pkttype == PKT_USER_ID ) { if( node->pkt->pkttype == PKT_USER_ID ) {
@ -148,7 +187,7 @@ list_one( const char *name )
putchar('\n'); putchar('\n');
if( !any ) { if( !any ) {
if( opt.fingerprint ) if( opt.fingerprint )
fingerprint( pkc ); fingerprint( pkc, skc );
any = 1; any = 1;
} }
} }
@ -159,14 +198,14 @@ list_one( const char *name )
if( !any ) { if( !any ) {
putchar('\n'); putchar('\n');
if( opt.fingerprint ) if( opt.fingerprint )
fingerprint( pkc ); /* of the main key */ fingerprint( pkc, skc ); /* of the main key */
any = 1; any = 1;
} }
keyid_from_pkc( pkc2, keyid2 ); keyid_from_pkc( pkc2, keyid2 );
if( opt.with_colons ) if( opt.with_colons ) {
printf("sub::%u:%d:%08lX%08lX:%s:%u:::\n", printf("sub:%c:%u:%d:%08lX%08lX:%s:%u:",
/* fixme: add trust value here */ trustletter,
nbits_from_pkc( pkc2 ), nbits_from_pkc( pkc2 ),
pkc2->pubkey_algo, pkc2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1], (ulong)keyid2[0],(ulong)keyid2[1],
@ -174,12 +213,45 @@ list_one( const char *name )
(unsigned)pkc2->valid_days (unsigned)pkc2->valid_days
/* fixme: add LID and ownertrust here */ /* fixme: add LID and ownertrust here */
); );
if( pkc->local_id ) /* use the local_id of the main key??? */
printf("%lu", pkc->local_id );
putchar(':');
putchar(':');
putchar('\n');
}
else else
printf("sub %4u%c/%08lX %s\n", nbits_from_pkc( pkc2 ), printf("sub %4u%c/%08lX %s\n", nbits_from_pkc( pkc2 ),
pubkey_letter( pkc2->pubkey_algo ), pubkey_letter( pkc2->pubkey_algo ),
(ulong)keyid2[1], (ulong)keyid2[1],
datestr_from_pkc( pkc2 ) ); datestr_from_pkc( pkc2 ) );
} }
else if( node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
u32 keyid2[2];
PKT_secret_cert *skc2 = node->pkt->pkt.secret_cert;
if( !any ) {
putchar('\n');
if( opt.fingerprint )
fingerprint( pkc, skc ); /* of the main key */
any = 1;
}
keyid_from_skc( skc2, keyid2 );
if( opt.with_colons )
printf("ssb::%u:%d:%08lX%08lX:%s:%u:::\n",
nbits_from_skc( skc2 ),
skc2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
datestr_from_skc( skc2 ),
(unsigned)skc2->valid_days
/* fixme: add LID */
);
else
printf("ssb %4u%c/%08lX %s\n", nbits_from_skc( skc2 ),
pubkey_letter( skc2->pubkey_algo ),
(ulong)keyid2[1],
datestr_from_skc( skc2 ) );
}
else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) { else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature; PKT_signature *sig = node->pkt->pkt.signature;
int sigrc; int sigrc;
@ -187,10 +259,12 @@ list_one( const char *name )
if( !any ) { /* no user id, (maybe a revocation follows)*/ if( !any ) { /* no user id, (maybe a revocation follows)*/
if( sig->sig_class == 0x20 ) if( sig->sig_class == 0x20 )
puts("[revoked]"); puts("[revoked]");
else if( sig->sig_class == 0x18 )
puts("[key binding]");
else else
putchar('\n'); putchar('\n');
if( opt.fingerprint ) if( opt.fingerprint )
fingerprint( pkc ); fingerprint( pkc, skc );
any=1; any=1;
} }
@ -259,12 +333,13 @@ list_one( const char *name )
} }
static void static void
fingerprint( PKT_public_cert *pkc ) fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc )
{ {
byte *array, *p; byte *array, *p;
size_t i, n; size_t i, n;
p = array = fingerprint_from_pkc( pkc, &n ); p = array = pkc? fingerprint_from_pkc( pkc, &n )
: fingerprint_from_skc( skc, &n );
if( opt.with_colons ) { if( opt.with_colons ) {
printf("fpr:::::::::"); printf("fpr:::::::::");
for(i=0; i < n ; i++, p++ ) for(i=0; i < n ; i++, p++ )

3
g10/main.h
View File

@ -117,7 +117,8 @@ int enarmor_file( const char *fname );
int gen_revoke( const char *uname ); int gen_revoke( const char *uname );
/*-- keylist.c --*/ /*-- keylist.c --*/
void std_key_list( int nnames, char **names ); void public_key_list( int nnames, char **names );
void secret_key_list( int nnames, char **names );
/*-- verify.c --*/ /*-- verify.c --*/
int verify_signatures( int nfiles, char **files ); int verify_signatures( int nfiles, char **files );

229
g10/mainproc.c
View File

@ -23,6 +23,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <time.h>
#include "packet.h" #include "packet.h"
#include "iobuf.h" #include "iobuf.h"
@ -35,7 +36,8 @@
#include "cipher.h" #include "cipher.h"
#include "main.h" #include "main.h"
#include "status.h" #include "status.h"
#include "i18n.h"
#include "trustdb.h"
/**************** /****************
* Structure to hold the context * Structure to hold the context
@ -54,6 +56,8 @@ typedef struct {
KBNODE list; /* the current list of packets */ KBNODE list; /* the current list of packets */
int have_data; int have_data;
IOBUF iobuf; /* used to get the filename etc. */ IOBUF iobuf; /* used to get the filename etc. */
int trustletter; /* temp usage in list_node */
ulong local_id; /* ditto */
} *CTX; } *CTX;
@ -188,8 +192,9 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
if( opt.verbose > 1 ) if( opt.verbose > 1 )
log_info( "pubkey_enc packet: Good DEK\n" ); log_info( "pubkey_enc packet: Good DEK\n" );
} }
else else {
log_error( "pubkey_enc packet: %s\n", g10_errstr(result)); log_error(_("public key decryption failed: %s\n"), g10_errstr(result));
}
free_packet(pkt); free_packet(pkt);
} }
@ -213,10 +218,10 @@ proc_encrypted( CTX c, PACKET *pkt )
; ;
else if( !result ) { else if( !result ) {
if( opt.verbose > 1 ) if( opt.verbose > 1 )
log_info("encryption okay\n"); log_info("decryption okay\n");
} }
else { else {
log_error("encryption failed: %s\n", g10_errstr(result)); log_error(_("decryption failed: %s\n"), g10_errstr(result));
} }
free_packet(pkt); free_packet(pkt);
c->last_was_session_key = 0; c->last_was_session_key = 0;
@ -238,7 +243,7 @@ proc_plaintext( CTX c, PACKET *pkt )
* textmode filter (sigclass 0x01) * textmode filter (sigclass 0x01)
*/ */
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0); c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0);
md_start_debug(c->mfx.md, "proc_plaintext"); /*md_start_debug(c->mfx.md, "proc_plaintext");*/
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
md_enable( c->mfx.md, DIGEST_ALGO_TIGER ); md_enable( c->mfx.md, DIGEST_ALGO_TIGER );
@ -289,13 +294,15 @@ proc_compressed( CTX c, PACKET *pkt )
* Returns: 0 = valid signature or an error code * Returns: 0 = valid signature or an error code
*/ */
static int static int
do_check_sig( CTX c, KBNODE node ) do_check_sig( CTX c, KBNODE node, int *is_selfsig )
{ {
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md; MD_HANDLE md;
int algo, rc; int algo, rc;
assert( node->pkt->pkttype == PKT_SIGNATURE ); assert( node->pkt->pkttype == PKT_SIGNATURE );
if( is_selfsig )
*is_selfsig = 0;
sig = node->pkt->pkt.signature; sig = node->pkt->pkt.signature;
algo = sig->digest_algo; algo = sig->digest_algo;
@ -324,7 +331,7 @@ do_check_sig( CTX c, KBNODE node )
|| sig->sig_class == 0x30 ) { /* classes 0x10..0x17,0x20,0x30 */ || sig->sig_class == 0x30 ) { /* classes 0x10..0x17,0x20,0x30 */
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT if( c->list->pkt->pkttype == PKT_PUBLIC_CERT
|| c->list->pkt->pkttype == PKT_PUBKEY_SUBCERT ) { || c->list->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
return check_key_signature( c->list, node, NULL ); return check_key_signature( c->list, node, is_selfsig );
} }
else { else {
log_error("invalid root packet for sigclass %02x\n", log_error("invalid root packet for sigclass %02x\n",
@ -411,16 +418,23 @@ list_node( CTX c, KBNODE node )
if( opt.with_colons ) { if( opt.with_colons ) {
u32 keyid[2]; u32 keyid[2];
keyid_from_pkc( pkc, keyid ); keyid_from_pkc( pkc, keyid );
printf("%s::%u:%d:%08lX%08lX:%s:%u:::", if( mainkey ) {
c->local_id = pkc->local_id;
c->trustletter = query_trust_info( pkc );
}
printf("%s:%c:%u:%d:%08lX%08lX:%s:%u:",
mainkey? "pub":"sub", mainkey? "pub":"sub",
/* fixme: add trust value here */ c->trustletter,
nbits_from_pkc( pkc ), nbits_from_pkc( pkc ),
pkc->pubkey_algo, pkc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1], (ulong)keyid[0],(ulong)keyid[1],
datestr_from_pkc( pkc ), datestr_from_pkc( pkc ),
(unsigned)pkc->valid_days (unsigned)pkc->valid_days );
/* fixme: add LID and ownertrust here */ if( c->local_id )
); printf("%lu", c->local_id );
putchar(':');
/* fixme: add ownertrust here */
putchar(':');
} }
else else
printf("%s %4u%c/%08lX %s ", printf("%s %4u%c/%08lX %s ",
@ -429,79 +443,112 @@ list_node( CTX c, KBNODE node )
pubkey_letter( pkc->pubkey_algo ), pubkey_letter( pkc->pubkey_algo ),
(ulong)keyid_from_pkc( pkc, NULL ), (ulong)keyid_from_pkc( pkc, NULL ),
datestr_from_pkc( pkc ) ); datestr_from_pkc( pkc ) );
/* and now list all userids with their signatures */ if( mainkey ) {
for( node = node->next; node; node = node->next ) { /* and now list all userids with their signatures */
if( any != 2 && node->pkt->pkttype == PKT_SIGNATURE ) { for( node = node->next; node; node = node->next ) {
if( !any ) { if( node->pkt->pkttype == PKT_SIGNATURE ) {
if( node->pkt->pkt.signature->sig_class == 0x20 ) if( !any ) {
puts("[revoked]"); if( node->pkt->pkt.signature->sig_class == 0x20 )
else puts("[revoked]");
putchar('\n'); else
putchar('\n');
any = 1;
}
list_node(c, node );
} }
list_node(c, node ); else if( node->pkt->pkttype == PKT_USER_ID ) {
any = 1; if( any ) {
} if( opt.with_colons )
else if( node->pkt->pkttype == PKT_USER_ID ) { printf("uid:::::::::");
KBNODE n; else
printf( "uid%*s", 28, "" );
if( any ) { }
print_userid( node->pkt );
if( opt.with_colons ) if( opt.with_colons )
printf("uid:::::::::"); putchar(':');
else
printf( "uid%*s", 28, "" );
}
print_userid( node->pkt );
if( opt.with_colons )
putchar(':');
putchar('\n');
if( opt.fingerprint && !any )
print_fingerprint( pkc, NULL );
for( n=node->next; n; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID )
break;
if( n->pkt->pkttype == PKT_SIGNATURE )
list_node(c, n );
}
any=2;
}
else if( mainkey && node->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
if( !any ) {
putchar('\n'); putchar('\n');
any = 1; if( opt.fingerprint && !any )
print_fingerprint( pkc, NULL );
any=1;
}
else if( node->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
if( !any ) {
putchar('\n');
any = 1;
}
list_node(c, node );
} }
list_node(c, node );
} }
} }
if( any != 2 && mainkey ) if( !any )
printf("ERROR: no user id!\n");
else if( any != 2 )
putchar('\n'); putchar('\n');
} }
else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_CERT) ) else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_CERT) )
|| node->pkt->pkttype == PKT_SECKEY_SUBCERT ) { || node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
PKT_secret_cert *skc = node->pkt->pkt.secret_cert; PKT_secret_cert *skc = node->pkt->pkt.secret_cert;
printf("%s %4u%c/%08lX %s ", if( opt.with_colons ) {
u32 keyid[2];
keyid_from_skc( skc, keyid );
printf("%s::%u:%d:%08lX%08lX:%s:%u:::",
mainkey? "sec":"ssb",
nbits_from_skc( skc ),
skc->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
datestr_from_skc( skc ),
(unsigned)skc->valid_days
/* fixme: add LID */ );
}
else
printf("%s %4u%c/%08lX %s ",
mainkey? "sec":"ssb", mainkey? "sec":"ssb",
nbits_from_skc( skc ), nbits_from_skc( skc ),
pubkey_letter( skc->pubkey_algo ), pubkey_letter( skc->pubkey_algo ),
(ulong)keyid_from_skc( skc, NULL ), (ulong)keyid_from_skc( skc, NULL ),
datestr_from_skc( skc ) ); datestr_from_skc( skc ) );
/* and now list all userids */ if( mainkey ) {
while( (node = find_next_kbnode(node, PKT_USER_ID)) ) { /* and now list all userids with their signatures */
print_userid( node->pkt ); for( node = node->next; node; node = node->next ) {
putchar('\n'); if( node->pkt->pkttype == PKT_SIGNATURE ) {
if( opt.fingerprint && !any ) if( !any ) {
print_fingerprint( NULL, skc ); if( node->pkt->pkt.signature->sig_class == 0x20 )
any=1; puts("[revoked]");
else
putchar('\n');
any = 1;
}
list_node(c, node );
}
else if( node->pkt->pkttype == PKT_USER_ID ) {
if( any ) {
if( opt.with_colons )
printf("uid:::::::::");
else
printf( "uid%*s", 28, "" );
}
print_userid( node->pkt );
if( opt.with_colons )
putchar(':');
putchar('\n');
if( opt.fingerprint && !any )
print_fingerprint( NULL, skc );
any=1;
}
else if( node->pkt->pkttype == PKT_SECKEY_SUBCERT ) {
if( !any ) {
putchar('\n');
any = 1;
}
list_node(c, node );
}
}
} }
if( !any && mainkey ) if( !any )
printf("ERROR: no user id!\n");
else if( !any )
putchar('\n'); putchar('\n');
} }
else if( node->pkt->pkttype == PKT_SIGNATURE ) { else if( node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature; PKT_signature *sig = node->pkt->pkt.signature;
int is_selfsig = 0;
int rc2=0; int rc2=0;
size_t n; size_t n;
char *p; char *p;
@ -516,13 +563,27 @@ list_node( CTX c, KBNODE node )
fputs("sig", stdout); fputs("sig", stdout);
if( opt.check_sigs ) { if( opt.check_sigs ) {
fflush(stdout); fflush(stdout);
switch( (rc2=do_check_sig( c, node )) ) { switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) {
case 0: sigrc = '!'; break; case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break; case G10ERR_BAD_SIGN: sigrc = '-'; break;
case G10ERR_NO_PUBKEY: sigrc = '?'; break; case G10ERR_NO_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break; default: sigrc = '%'; break;
} }
} }
else { /* check whether this is a self signature */
u32 keyid[2];
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT
|| c->list->pkt->pkttype == PKT_SECRET_CERT ) {
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT )
keyid_from_pkc( c->list->pkt->pkt.public_cert, keyid );
else
keyid_from_skc( c->list->pkt->pkt.secret_cert, keyid );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
is_selfsig = 1;
}
}
if( opt.with_colons ) { if( opt.with_colons ) {
putchar(':'); putchar(':');
if( sigrc != ' ' ) if( sigrc != ' ' )
@ -537,6 +598,13 @@ list_node( CTX c, KBNODE node )
printf("[%s] ", g10_errstr(rc2) ); printf("[%s] ", g10_errstr(rc2) );
else if( sigrc == '?' ) else if( sigrc == '?' )
; ;
else if( is_selfsig ) {
if( opt.with_colons )
putchar(':');
fputs( sig->sig_class == 0x18? "[keybind]":"[selfsig]", stdout);
if( opt.with_colons )
putchar(':');
}
else { else {
p = get_user_id( sig->keyid, &n ); p = get_user_id( sig->keyid, &n );
print_string( stdout, p, n, opt.with_colons ); print_string( stdout, p, n, opt.with_colons );
@ -711,6 +779,8 @@ static int
check_sig_and_print( CTX c, KBNODE node ) check_sig_and_print( CTX c, KBNODE node )
{ {
PKT_signature *sig = node->pkt->pkt.signature; PKT_signature *sig = node->pkt->pkt.signature;
time_t stamp = sig->timestamp;
const char *astr, *tstr;
int rc; int rc;
if( opt.skip_verify ) { if( opt.skip_verify ) {
@ -718,28 +788,25 @@ check_sig_and_print( CTX c, KBNODE node )
return 0; return 0;
} }
rc = do_check_sig(c, node ); tstr = asctime(localtime (&stamp));
if( !rc || rc == G10ERR_BAD_SIGN ) { astr = pubkey_algo_to_string( sig->pubkey_algo );
char *p, *buf; log_info(_("Signature made %.*s using %s key ID %08lX\n"),
strlen(tstr)-1, tstr, astr? astr: "?", (ulong)sig->keyid[1] );
p = get_user_id_string( sig->keyid ); rc = do_check_sig(c, node, NULL );
buf = m_alloc( 20 + strlen(p) ); if( !rc || rc == G10ERR_BAD_SIGN ) {
sprintf(buf, "%lu %s", (ulong)sig->timestamp, p ); write_status( rc? STATUS_BADSIG : STATUS_GOODSIG );
m_free(p); log_info(rc? _("BAD signature from \"")
if( (p=strchr(buf,'\n')) ) : _("Good signature from \""));
*p = 0; /* just in case ... */
write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, buf );
m_free(buf);
log_info("%s signature from ", rc? "BAD":"Good");
print_keyid( stderr, sig->keyid ); print_keyid( stderr, sig->keyid );
putc('\"', stderr);
putc('\n', stderr); putc('\n', stderr);
if( opt.batch && rc ) if( opt.batch && rc )
g10_exit(1); g10_exit(1);
} }
else { else {
write_status( STATUS_ERRSIG ); write_status( STATUS_ERRSIG );
log_error("Can't check signature made by %08lX: %s\n", log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
(ulong)sig->keyid[1], g10_errstr(rc) );
} }
return rc; return rc;
} }
@ -757,6 +824,8 @@ proc_tree( CTX c, KBNODE node )
if( opt.list_packets ) if( opt.list_packets )
return; return;
c->local_id = 0;
c->trustletter = ' ';
if( node->pkt->pkttype == PKT_PUBLIC_CERT if( node->pkt->pkttype == PKT_PUBLIC_CERT
|| node->pkt->pkttype == PKT_PUBKEY_SUBCERT ) || node->pkt->pkttype == PKT_PUBKEY_SUBCERT )
list_node( c, node ); list_node( c, node );

2
g10/options.h
View File

@ -45,6 +45,8 @@ struct {
int completes_needed; int completes_needed;
const char *homedir; const char *homedir;
int skip_verify; int skip_verify;
int compress_keys;
int always_trust;
} opt; } opt;

26
g10/passphrase.c
View File

@ -31,6 +31,7 @@
#include "cipher.h" #include "cipher.h"
#include "keydb.h" #include "keydb.h"
#include "main.h" #include "main.h"
#include "i18n.h"
static int pwfd = -1; static int pwfd = -1;
static char *next_pw = NULL; static char *next_pw = NULL;
@ -108,14 +109,25 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
} }
if( keyid && !opt.batch && !next_pw ) { if( keyid && !opt.batch && !next_pw ) {
char *ustr; PKT_public_cert *pkc = m_alloc_clear( sizeof *pkc );
tty_printf("Need a pass phrase to unlock the secret key for:\n"); size_t n;
tty_printf(" \"" ); char *p;
ustr = get_user_id_string( keyid );
tty_print_string( ustr, strlen(ustr) );
m_free(ustr);
tty_printf("\"\n\n");
tty_printf(_("\nYou need a passphrase to unlock the secret key for\n"
"user: \"") );
p = get_user_id( keyid, &n );
tty_print_string( p, n );
m_free(p);
tty_printf("\"\n");
if( !get_pubkey( pkc, keyid ) ) {
const char *s = pubkey_algo_to_string( pkc->pubkey_algo );
tty_printf( _("(%u-bit %s key, ID %08lX, created %s)\n"),
nbits_from_pkc( pkc ), s?s:"?", (ulong)keyid[1],
strtimestamp(pkc->timestamp) );
}
tty_printf("\n");
free_public_cert( pkc );
} }
if( next_pw ) { if( next_pw ) {
pw = next_pw; pw = next_pw;

4
g10/pkclist.c
View File

@ -274,6 +274,10 @@ do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
rc = 1; rc = 1;
m_free(answer); m_free(answer);
} }
else if( opt.always_trust && !rc ) {
log_info(_("WARNING: Using untrusted key!\n"));
rc = 1;
}
return rc; return rc;
} }

9
g10/pubkey-enc.c
View File

@ -29,6 +29,7 @@
#include "mpi.h" #include "mpi.h"
#include "keydb.h" #include "keydb.h"
#include "cipher.h" #include "cipher.h"
#include "status.h"
/**************** /****************
@ -45,6 +46,11 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
u16 csum, csum2; u16 csum, csum2;
PKT_secret_cert *skc = m_alloc_clear( sizeof *skc ); PKT_secret_cert *skc = m_alloc_clear( sizeof *skc );
#ifndef HAVE_RSA_CIPHER
if( is_RSA(k->pubkey_algo) )
write_status(STATUS_RSA_OR_IDEA);
#endif
skc->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/ skc->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/
if( (rc = get_seckey( skc, k->keyid )) ) if( (rc = get_seckey( skc, k->keyid )) )
goto leave; goto leave;
@ -58,7 +64,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
elg_decrypt( plain_dek, k->d.elg.a, k->d.elg.b, &skc->d.elg ); elg_decrypt( plain_dek, k->d.elg.a, k->d.elg.b, &skc->d.elg );
} }
#ifdef HAVE_RSA_CIPHER #ifdef HAVE_RSA_CIPHER
else if( is_ELGAMAL(k->pubkey_algo) ) { else if( is_RSA(k->pubkey_algo) ) {
if( DBG_CIPHER ) if( DBG_CIPHER )
log_mpidump("Encr DEK frame:", k->d.rsa.rsa_integer ); log_mpidump("Encr DEK frame:", k->d.rsa.rsa_integer );
@ -113,6 +119,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
dek->algo = frame[n++]; dek->algo = frame[n++];
switch( dek->algo ) { switch( dek->algo ) {
case CIPHER_ALGO_IDEA: case CIPHER_ALGO_IDEA:
write_status(STATUS_RSA_OR_IDEA);
rc = G10ERR_NI_CIPHER; rc = G10ERR_NI_CIPHER;
goto leave; goto leave;
case CIPHER_ALGO_BLOWFISH160: case CIPHER_ALGO_BLOWFISH160:

3
g10/seckey-cert.c
View File

@ -31,6 +31,7 @@
#include "cipher.h" #include "cipher.h"
#include "main.h" #include "main.h"
#include "options.h" #include "options.h"
#include "i18n.h"
static int static int
@ -221,7 +222,7 @@ check_secret_key( PKT_secret_cert *cert )
for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) { for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) {
if( i ) if( i )
log_error("Invalid passphrase; please try again ...\n\n"); log_error(_("Invalid passphrase; please try again ...\n"));
switch( cert->pubkey_algo ) { switch( cert->pubkey_algo ) {
case PUBKEY_ALGO_ELGAMAL_E: case PUBKEY_ALGO_ELGAMAL_E:
case PUBKEY_ALGO_ELGAMAL: case PUBKEY_ALGO_ELGAMAL:

14
g10/sig-check.c
View File

@ -30,6 +30,7 @@
#include "keydb.h" #include "keydb.h"
#include "cipher.h" #include "cipher.h"
#include "main.h" #include "main.h"
#include "status.h"
static int do_check( PKT_public_cert *pkc, PKT_signature *sig, static int do_check( PKT_public_cert *pkc, PKT_signature *sig,
@ -47,6 +48,12 @@ signature_check( PKT_signature *sig, MD_HANDLE digest )
PKT_public_cert *pkc = m_alloc_clear( sizeof *pkc ); PKT_public_cert *pkc = m_alloc_clear( sizeof *pkc );
int rc=0; int rc=0;
#ifndef HAVE_RSA_CIPHER
if( is_RSA(sig->pubkey_algo) )
write_status(STATUS_RSA_OR_IDEA);
#endif
if( get_pubkey( pkc, sig->keyid ) ) if( get_pubkey( pkc, sig->keyid ) )
rc = G10ERR_NO_PUBKEY; rc = G10ERR_NO_PUBKEY;
else else
@ -294,6 +301,13 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
KBNODE snode = find_prev_kbnode( root, node, PKT_PUBKEY_SUBCERT ); KBNODE snode = find_prev_kbnode( root, node, PKT_PUBKEY_SUBCERT );
if( snode ) { if( snode ) {
if( is_selfsig ) {
u32 keyid[2];
keyid_from_pkc( pkc, keyid );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
*is_selfsig = 1;
}
md = md_open( algo, 0 ); md = md_open( algo, 0 );
hash_public_cert( md, pkc ); hash_public_cert( md, pkc );
hash_public_cert( md, snode->pkt->pkt.public_cert ); hash_public_cert( md, snode->pkt->pkt.public_cert );

2
g10/status.c
View File

@ -56,9 +56,11 @@ write_status_text( int no, const char *text)
case STATUS_BADSIG : s = "BADSIG\n"; break; case STATUS_BADSIG : s = "BADSIG\n"; break;
case STATUS_ERRSIG : s = "ERRSIG\n"; break; case STATUS_ERRSIG : s = "ERRSIG\n"; break;
case STATUS_BADARMOR : s = "BADARMOR\n"; break; case STATUS_BADARMOR : s = "BADARMOR\n"; break;
case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA\n"; break;
default: s = "?\n"; break; default: s = "?\n"; break;
} }
write( fd, "[GNUPG:] ", 9 );
if( text ) { if( text ) {
write( fd, s, strlen(s)-1 ); write( fd, s, strlen(s)-1 );
write( fd, " ", 1 ); write( fd, " ", 1 );

1
g10/status.h
View File

@ -32,6 +32,7 @@
#define STATUS_BADARMOR 7 #define STATUS_BADARMOR 7
#define STATUS_RSA_OR_IDEA 8
/*-- status.c --*/ /*-- status.c --*/

23
g10/trustdb.c
View File

@ -1756,6 +1756,29 @@ check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel )
} }
int
query_trust_info( PKT_public_cert *pkc )
{
unsigned trustlevel;
int c;
if( check_trust( pkc, &trustlevel ) )
return '?';
if( trustlevel & TRUST_FLAG_REVOKED )
return 'r';
switch( (trustlevel & TRUST_MASK) ) {
case TRUST_UNKNOWN: c = 'o'; break;
case TRUST_EXPIRED: c = 'e'; break;
case TRUST_UNDEFINED: c = 'q'; break;
case TRUST_NEVER: c = 'n'; break;
case TRUST_MARGINAL: c = 'm'; break;
case TRUST_FULLY: c = 'f'; break;
case TRUST_ULTIMATE: c = 'u'; break;
default: BUG();
}
return c;
}
/**************** /****************

17
g10/trustdb.h
View File

@ -24,15 +24,15 @@
/* Trust values must be sorted in ascending order */ /* Trust values must be sorted in ascending order */
#define TRUST_MASK 15 #define TRUST_MASK 15
#define TRUST_UNKNOWN 0 /* not yet calculated */ #define TRUST_UNKNOWN 0 /* o: not yet calculated */
#define TRUST_EXPIRED 1 /* calculation may be invalid */ #define TRUST_EXPIRED 1 /* e: calculation may be invalid */
#define TRUST_UNDEFINED 2 /* not enough information for calculation */ #define TRUST_UNDEFINED 2 /* q: not enough information for calculation */
#define TRUST_NEVER 3 /* never trust this pubkey */ #define TRUST_NEVER 3 /* n: never trust this pubkey */
#define TRUST_MARGINAL 4 /* marginally trusted */ #define TRUST_MARGINAL 4 /* m: marginally trusted */
#define TRUST_FULLY 5 /* fully trusted */ #define TRUST_FULLY 5 /* f: fully trusted */
#define TRUST_ULTIMATE 6 /* ultimately trusted */ #define TRUST_ULTIMATE 6 /* u: ultimately trusted */
/* trust values not covered by the mask */ /* trust values not covered by the mask */
#define TRUST_FLAG_REVOKED 32 #define TRUST_FLAG_REVOKED 32 /* r: revoked */
/*-- trustdb.c --*/ /*-- trustdb.c --*/
@ -40,6 +40,7 @@ void list_trustdb(const char *username);
void list_trust_path( int max_depth, const char *username ); void list_trust_path( int max_depth, const char *username );
int init_trustdb( int level, const char *dbname ); int init_trustdb( int level, const char *dbname );
int check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel ); int check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel );
int query_trust_info( PKT_public_cert *pkc );
int enum_trust_web( void **context, ulong *lid ); int enum_trust_web( void **context, ulong *lid );
int get_ownertrust( ulong lid, unsigned *r_otrust ); int get_ownertrust( ulong lid, unsigned *r_otrust );
int keyid_from_trustdb( ulong lid, u32 *keyid ); int keyid_from_trustdb( ulong lid, u32 *keyid );

4
po/ChangeLog
View File

@ -1,3 +1,7 @@
Thu May 28 10:44:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* it.po: Add small corrections from Marco
Thu Apr 9 10:03:14 1998 Werner Koch (wk@isil.d.shuttle.de) Thu Apr 9 10:03:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* it.po: New version from Marco * it.po: New version from Marco

4
po/it.po
View File

@ -427,7 +427,7 @@ msgstr "[nomefile]"
#: g10/g10.c:936 #: g10/g10.c:936
#, c-format #, c-format
msgid "can't open '%s'\n" msgid "can't open '%s'\n"
msgstr "impossibile aprire '%s'" msgstr "impossibile aprire '%s'\n"
# #### Md ??? # #### Md ???
#: g10/pkclist.c:65 #: g10/pkclist.c:65
@ -616,7 +616,7 @@ msgstr "Le dimensioni della chiave richieste sono %u bit\n"
#: g10/keygen.c:386 g10/keygen.c:390 #: g10/keygen.c:386 g10/keygen.c:390
#, c-format #, c-format
msgid "rounded up to %u bits\n" msgid "rounded up to %u bits\n"
msgstr "arrotondate a %u bit" msgstr "arrotondate a %u bit\n"
#: g10/keygen.c:397 #: g10/keygen.c:397
msgid "" msgid ""

2
zlib/Makefile
View File

@ -93,7 +93,7 @@ POSUB = po
RANLIB = ranlib RANLIB = ranlib
USE_INCLUDED_LIBINTL = yes USE_INCLUDED_LIBINTL = yes
USE_NLS = yes USE_NLS = yes
VERSION = 0.2.18a VERSION = 0.2.19
ZLIBS = ZLIBS =
l = l =