security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch

Browse source
This commit is contained in:
Werner Koch 1999-12-31 11:44:29 +00:00
parent f8848d9c5c
commit ed0b0e09d3
26 changed files with 362 additions and 356 deletions
Download patch file Download diff file Expand all files Collapse all files

17
g10/ChangeLog
View file

@ -1,3 +1,20 @@
Fri Dec 31 12:48:31 CET 1999 Werner Koch <wk@gnupg.de>
* keyid.c (do_fingerprint_md): Replaced mpi_get_buffer by gcry_mpi_print.
(v3_keyid): New.
(keyid_from_sk): And use it here.
(keyid_from_pk): Ditto.
(fingerprint_from_sk): Ditto.
(fingerprint_from_pk): Ditto.
* misc.c (mpi_print): New.
* misc.c (checksum_mpi): Now uses gcry_mpi_print to get the data.
* seckey-cert.c (do_check): Replaced mpi_read_from_buffer.
* armor.c (armor_filter): Made the "Comment:" header translatable.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* seckey-cert.c: Removed obsolete mpi_*_protect_flag.

36
g10/armor.c
View file

@ -876,6 +876,8 @@ armor_filter( void *opaque, int control,
}
else if( control == IOBUFCTRL_FLUSH ) {
if( !afx->status ) { /* write the header line */
const char *s;
if( afx->what >= DIM(head_strings) )
log_bug("afx->what=%d", afx->what);
iobuf_writestr(a, "-----");
@ -885,26 +887,24 @@ armor_filter( void *opaque, int control,
iobuf_writestr(a, "Version: GnuPG v" VERSION " ("
PRINTABLE_OS_NAME ")\n");
if( opt.comment_string ) {
const char *s = opt.comment_string;
if( *s ) {
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
/* write the comment string or a default one */
s = opt.comment_string ? opt.comment_string
: _("For info see http://www.gnupg.org");
if( *s ) {
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
}
else
iobuf_writestr(a,
"Comment: For info see http://www.gnupg.org\n");
if( afx->hdrlines )
iobuf_writestr(a, afx->hdrlines);
iobuf_put(a, '\n');

9
g10/keygen.c
View file

@ -26,6 +26,7 @@
#include <errno.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "main.h"
#include "packet.h"
#include "dummy-cipher.h"
@ -83,12 +84,12 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
keygen_add_key_expire( sig, opaque );
buf[0] = CIPHER_ALGO_TWOFISH;
buf[1] = CIPHER_ALGO_CAST5;
buf[0] = GCRY_CIPHER_TWOFISH;
buf[1] = GCRY_CIPHER_CAST5;
build_sig_subpkt( sig, SIGSUBPKT_PREF_SYM, buf, 2 );
buf[0] = DIGEST_ALGO_RMD160;
buf[1] = DIGEST_ALGO_SHA1;
buf[0] = GCRY_MD_RMD160;
buf[1] = GCRY_MD_SHA1;
build_sig_subpkt( sig, SIGSUBPKT_PREF_HASH, buf, 2 );
buf[0] = 2;

107
g10/keyid.c
View file

@ -54,8 +54,7 @@ do_fingerprint_md( PKT_public_key *pk )
{
GCRY_MD_HD md;
unsigned n;
unsigned nb[GNUPG_MAX_NPKEY];
unsigned nn[GNUPG_MAX_NPKEY];
unsigned int nn[GNUPG_MAX_NPKEY];
byte *pp[GNUPG_MAX_NPKEY];
int i;
int npkey = pubkey_get_npkey( pk->pubkey_algo );
@ -65,9 +64,17 @@ do_fingerprint_md( PKT_public_key *pk )
BUG();
n = pk->version < 4 ? 8 : 6;
for(i=0; i < npkey; i++ ) {
nb[i] = mpi_get_nbits(pk->pkey[i]);
pp[i] = mpi_get_buffer( pk->pkey[i], nn+i, NULL );
n += 2 + nn[i];
int rc;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, pk->pkey[i] );
assert( !rc );
/* fixme: we should try to allocate a buffer on the stack */
pp[i] = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, pp[1], &nbytes, pk->pkey[i] );
assert( !rc );
nn[i] = nbytes;
n += nn[i];
}
gcry_md_putc( md, 0x99 ); /* ctb */
@ -96,8 +103,6 @@ do_fingerprint_md( PKT_public_key *pk )
}
gcry_md_putc( md, pk->pubkey_algo );
for(i=0; i < npkey; i++ ) {
gcry_md_putc( md, nb[i]>>8);
gcry_md_putc( md, nb[i] );
gcry_md_write( md, pp[i], nn[i] );
m_free(pp[i]);
}
@ -124,6 +129,30 @@ do_fingerprint_md_sk( PKT_secret_key *sk )
}
static void
v3_keyid( MPI a, u32 *ki )
{
int rc;
byte *buffer;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, a );
assert( !rc );
/* fixme: allocate it on the stack */
buffer = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buffer, &nbytes, a );
assert( !rc );
if( nbytes < 8 ) { /* oops */
ki[0] = ki[1] = 0;
}
else {
memcpy( ki+0, buffer+nbytes-8, 4);
memcpy( ki+1, buffer+nbytes-4, 4);
}
m_free( buffer );
}
/****************
* Get the keyid from the secret key and put it into keyid
* if this is not NULL. Return the 32 low bits of the keyid.
@ -131,15 +160,16 @@ do_fingerprint_md_sk( PKT_secret_key *sk )
u32
keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
{
u32 lowbits;
u32 dummy_keyid[2];
if( !keyid )
keyid = dummy_keyid;
if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
lowbits = pubkey_get_npkey(sk->pubkey_algo) ?
mpi_get_keyid( sk->skey[0], keyid ) : 0; /* take n */
if( pubkey_get_npkey(sk->pubkey_algo) )
v3_keyid( sk->skey[0], keyid ); /* take n */
else
keyid[0] = keyid[1] = 0;
}
else {
const byte *dp;
@ -148,11 +178,10 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1];
gcry_md_close(md);
}
return lowbits;
return keyid[1];
}
@ -163,7 +192,6 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
u32
keyid_from_pk( PKT_public_key *pk, u32 *keyid )
{
u32 lowbits;
u32 dummy_keyid[2];
if( !keyid )
@ -172,11 +200,12 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
if( pk->keyid[0] || pk->keyid[1] ) {
keyid[0] = pk->keyid[0];
keyid[1] = pk->keyid[1];
lowbits = keyid[1];
}
else if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) {
lowbits = pubkey_get_npkey(pk->pubkey_algo) ?
mpi_get_keyid( pk->pkey[0], keyid ) : 0 ; /* from n */
if( pubkey_get_npkey(pk->pubkey_algo) )
v3_keyid( pk->pkey[0], keyid ); /* from n */
else
keyid[0] = keyid[1] = 0;
pk->keyid[0] = keyid[0];
pk->keyid[1] = keyid[1];
}
@ -187,13 +216,12 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1];
gcry_md_close(md);
pk->keyid[0] = keyid[0];
pk->keyid[1] = keyid[1];
}
return lowbits;
return keyid[1];
}
@ -357,11 +385,24 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
if( !md )
BUG();
if( pubkey_get_npkey( pk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( pk->pkey[0], &n, NULL );
gcry_md_write( md, p, n );
int rc;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[0] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[0] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
p = buf = mpi_get_buffer( pk->pkey[1], &n, NULL );
gcry_md_write( md, p, n );
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[1] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[1] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
}
gcry_md_final(md);
@ -403,11 +444,25 @@ fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
if( !md )
BUG();
if( pubkey_get_npkey( sk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( sk->skey[1], &n, NULL );
gcry_md_write( md, p, n );
int rc;
size_t nbytes;
#warning Why is the hash sequence for secret keys different
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[1] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[1] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
p = buf = mpi_get_buffer( sk->skey[0], &n, NULL );
gcry_md_write( md, p, n );
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[0] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[0] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
}
gcry_md_final(md);

6
g10/main.h
View file

@ -58,8 +58,10 @@ u16 checksum_mpi( MPI a );
u32 buffer_to_u32( const byte *buffer );
int mpi_write( IOBUF out, GCRY_MPI a );
GCRY_MPI mpi_read(IOBUF inp, unsigned *ret_nread );
GCRY_MPI mpi_read_opaque(IOBUF inp, unsigned *ret_nread );
int mpi_write_opaque( IOBUF out, MPI a );
GCRY_MPI mpi_read(IOBUF inp, unsigned int *ret_nread, int secure );
GCRY_MPI mpi_read_opaque(IOBUF inp, unsigned int *ret_nread );
int mpi_print( FILE *fp, MPI a, int mode );
int openpgp_cipher_test_algo( int algo );
int openpgp_pk_test_algo( int algo, unsigned int usage_flags );

64
g10/misc.c
View file

@ -23,6 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
#include <asm/sysinfo.h>
#include <asm/unistd.h>
@ -116,12 +117,13 @@ mpi_write_opaque( IOBUF out, MPI a )
{
size_t nbytes, nbits;
int rc;
char *p;
assert( gcry_mpi_get_flag( a, GCRYMPI_FLAG_OPAQUE ) );
p = gcry_mpi_get_opaque( a, &nbits );
nbytes = (nbits+7) / 8;
iobuf_put( out, nbits >> 8 );
iobuf_put( out, nbits )
iobuf_put( out, nbits );
rc = iobuf_write( out, p, nbytes );
return rc;
}
@ -134,10 +136,10 @@ mpi_write_opaque( IOBUF out, MPI a )
* with MSB first (left padded with zeroes to align on a byte boundary).
*/
MPI
mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
mpi_read(IOBUF inp, unsigned int *ret_nread, int secure)
{
int c, c1, c2, i;
unsigned nbits, nbytes, nread=0;
unsigned int nbits, nbytes, nread=0;
MPI a = NULL;
byte *buf = NULL;
byte *p;
@ -163,8 +165,8 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
nread++;
}
nread += nbytes;
/* FIXME: replace with the gcry_scan function */
a = mpi_read_from_buffer( buf, &nread, secure );
if( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, &nread ) )
a = NULL;
leave:
m_free(buf);
@ -220,6 +222,35 @@ mpi_read_opaque(IOBUF inp, unsigned *ret_nread )
}
int
mpi_print( FILE *fp, MPI a, int mode )
{
int n=0;
if( !a )
return fprintf(fp, "[MPI_NULL]");
if( !mode ) {
unsigned int n1;
n1 = gcry_mpi_get_nbits(a);
n += fprintf(fp, "[%u bits]", n1);
}
else {
int rc;
byte *buffer;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_HEX, NULL, &nbytes, a );
assert( !rc );
buffer = m_is_secure(a)? m_alloc_secure(nbytes) : m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &nbytes, a );
assert( !rc );
fputs( buffer, fp );
n += strlen(buffer);
m_free( buffer );
}
return n;
}
u16
checksum_u16( unsigned n )
@ -244,15 +275,21 @@ checksum( byte *p, unsigned n )
u16
checksum_mpi( MPI a )
{
int rc;
u16 csum;
byte *buffer;
unsigned nbytes;
unsigned nbits;
size_t nbytes;
buffer = mpi_get_buffer( a, &nbytes, NULL );
nbits = mpi_get_nbits(a);
csum = checksum_u16( nbits );
csum += checksum( buffer, nbytes );
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, a );
assert( !rc );
/* fixme: for numbers not in the suecre memory we
* should use a stack based buffer and only allocate
* a larger one when the mpi_print return an error
*/
buffer = m_is_secure(a)? m_alloc_secure(nbytes) : m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, buffer, &nbytes, a );
assert( !rc );
csum = checksum( buffer, nbytes );
m_free( buffer );
return csum;
}
@ -388,3 +425,8 @@ pubkey_get_nenc( int algo )
return n > 0? n : 0;
}
int
pubkey_nbits()
{
}

1
g10/options.h
View file

@ -102,6 +102,7 @@ struct {
#define DBG_FILTER (opt.debug & DBG_FILTER_VALUE)
#define DBG_CACHE (opt.debug & DBG_CACHE_VALUE)
#define DBG_TRUST (opt.debug & DBG_TRUST_VALUE)
#define DBG_CIPHER (opt.debug & DBG_CIPHER_VALUE)
#endif /*G10_OPTIONS_H*/

2
g10/parse-packet.c
View file

@ -1423,7 +1423,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
else { /* v3 method: the mpi length is not encrypted */
for(i=npkey; i < nskey; i++ ) {
n = pktlen;
sk->skey[i] = mpi_read_opaque(inp, &n, 0 );
sk->skey[i] = mpi_read_opaque(inp, &n );
pktlen -=n;
if( list_mode ) {
printf( "\tskey[%d]: ", i);

10
g10/seckey-cert.c
View file

@ -109,8 +109,12 @@ do_check( PKT_secret_key *sk )
if( sk->csum == csum ) {
for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
nbytes = ndata;
sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 );
/* fixme: replace by mpi_scan */
assert( m_is_secure( p ) );
res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_PGP,
p, &nbytes);
if( res )
log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
ndata -= nbytes;
p += nbytes;
}
@ -134,6 +138,8 @@ do_check( PKT_secret_key *sk )
res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
data, &ndata );
if( res )
log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
csum += checksum_mpi( sk->skey[i] );
m_free( buffer );

4
g10/sig-check.c
View file

@ -105,7 +105,7 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey,
NULL ));
}
else if( algo == GCRY_PK_RSA ) {
s_sig = SEXP_CONS( SEXP_NEW( "public-key", 10 ),
s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ),
gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ),
gcry_sexp_new_name_mpi( "s", data[0] ),
NULL ));
@ -167,7 +167,7 @@ do_signature_check( PKT_signature *sig, GCRY_MD_HD digest, u32 *r_expire )
int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
byte *p, *buffer;
if( !(md = gcry_md_open( DIGEST_ALGO_RMD160, 0)) )
if( !(md = gcry_md_open( GCRY_MD_RMD160, 0)) )
BUG();
gcry_md_putc( digest, sig->pubkey_algo );
gcry_md_putc( digest, sig->digest_algo );