security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-02 12:01:32 +01:00
Code Activity

See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch

Browse Source
This commit is contained in:
Werner Koch 1999-12-31 11:44:29 +00:00
parent f8848d9c5c
commit ed0b0e09d3
26 changed files with 362 additions and 356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
BUGS
View File

@ -41,51 +41,22 @@ and after about half a day in the rsync snapshots.
rndunix hangs on hp/ux. The problem is related to my_plcose which is
not always called. (I suggest to use EGD instead of rndunix.)
[ *] #22 1999-07-22
Solaris make has problems with the generated POTFILES - seems to be a
gettext bug. Use GNU make as a workaround.
FIX: 1999-12-03 (meanwhile fixed in gettext)
[ *] #23 1999-09-03 <todd.brooks@yale.edu> 0.9.11
Only the first signature of a cleartext sig seems to be verified.
Can't fix it in 1.0 because the code is semi-frozen.
HMMM: Can't reprodude the bug here - it just works.
[ *] #24 1999-09-05 <marcus@yoyo.cc.monash.edu.au> 0.9.11
Does not link libc and libz expect when removing all "-lc -lz" except
for the last one. This happens on some systems when not using the
GNU ld. This need to be fixed in libtool.
[ **] #25 1999-10-04 <wk@gnupg.org> 1.0
Validity check based on user name is only done when listing a key;
the key ID based checking (selecting the user ID with the most
validity) is used in all other cases. The Edit menu does not have
a way to disable user ID based validity.
FIX: 1999-12-03 (1.0.x only)
[ *] #26 1999-11-11
gpg still does not take UTF8 strings to select a UID.
FIX: 1999-11-12
[ **] #27 1999-11-12 <oren@hishome.net>
Unknown packets (type 17 - photo ID?) mess up the checking
of self-signature because they are simply ignored.
FIX: 1999-11-12 (1.0.x only)
[ *] #28 1999-11-29
--list-key will only emit an error about unknown UIDs when all UIDs
are unknown.
[Postponed for 1.2]
[ *] #30 1999-12-16 <pfeifer@dbai.tuwien.ac.at>
Using -r with a name does not check for multiple recpients and may
lead to unwanted recipients.
[ **] #29 1999-12-01 <karney@pppl.gov>
Using a --gen-key on a new user account (w/o ~./gnupg) doesn't pay
attention to the standard options files, which get's installed
afterwards.
FIX: 1999-12-02
[ *] #31 199-12-24 Jeff Allen <jra@corp.webtv.net>
VPATH build in a subdirectory of the sources does not work for po files.
Next #30
Next #31

32
OBUGS
View File

@ -100,3 +100,35 @@
Ctrl-D does not work correct for messages entered at the tty.
FIX: 1999-06-18 (Better EOF detection on terminals)
[ *] #22 1999-07-22
Solaris make has problems with the generated POTFILES - seems to be a
gettext bug. Use GNU make as a workaround.
FIX: 1999-12-03 (meanwhile fixed in gettext)
[ *] #23 1999-09-03 <todd.brooks@yale.edu> 0.9.11
Only the first signature of a cleartext sig seems to be verified.
Can't fix it in 1.0 because the code is semi-frozen.
HMMM: Can't reprodude the bug here - it just works.
[ **] #25 1999-10-04 <wk@gnupg.org> 1.0
Validity check based on user name is only done when listing a key;
the key ID based checking (selecting the user ID with the most
validity) is used in all other cases. The Edit menu does not have
a way to disable user ID based validity.
FIX: 1999-12-03 (1.0.x only)
[ *] #26 1999-11-11
gpg still does not take UTF8 strings to select a UID.
FIX: 1999-11-12
[ **] #27 1999-11-12 <oren@hishome.net>
Unknown packets (type 17 - photo ID?) mess up the checking
of self-signature because they are simply ignored.
FIX: 1999-11-12 (1.0.x only)
[ **] #29 1999-12-01 <karney@pppl.gov>
Using a --gen-key on a new user account (w/o ~./gnupg) doesn't pay
attention to the standard options files, which get's installed
afterwards.
FIX: 1999-12-02

3
cipher/primegen.c
View File

@ -241,7 +241,8 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
mpi_add_ui(g, g, 1);
if( DBG_CIPHER ) {
log_debug("checking g: ");
mpi_print( stderr, g, 1 );
/*mpi_print( stderr, g, 1 );*/
#warning we need an internal mpi_print for debugging
}
else
progress('^');

24
cipher/pubkey.c
View File

@ -635,6 +635,17 @@ release_mpi_array( MPI *array )
*
* Returns: A pointer to an allocated array of MPIs if the return value is
* zero; the caller has to release this array.
*
* Example of a DSA public key:
* (private-key
* (dsa
* (p <mpi>)
* (g <mpi>)
* (y <mpi>)
* (x <mpi>)
* )
* )
* The <mpi> are expected to be in GCRYMPI_FMT_USG
*/
static int
sexp_to_key( GCRY_SEXP sexp, int want_private, MPI **retarray, int *retalgo)
@ -783,8 +794,8 @@ gcry_pk_decrypt( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP skey )
/****************
* Create a signature.
*
* Caller has to provide a secret kez as the SEXP skey and data expressed
* as a SEXP list hash with only one emelennt which should instantly be
* Caller has to provide a secret key as the SEXP skey and data expressed
* as a SEXP list hash with only one element which should instantly be
* available as a MPI. Later versions of this functions may provide padding
* and other things depending on data.
*
@ -793,6 +804,15 @@ gcry_pk_decrypt( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP skey )
* signature value; the structure of this signature depends on the
* other arguments but is always suitable to be passed to
* gcry_pk_verify
*
* s_hash = (<mpi>)
* s_skey = <key-as-defined-in-sexp_to_key>
* r_sig = (sig-val
* (<algo>
* (<param_name1> <mpi>)
* ...
* (<param_namen> <mpi>)
* ))
*/
int
gcry_pk_sign( GCRY_SEXP *r_sig, GCRY_SEXP s_hash, GCRY_SEXP s_skey )

17
g10/ChangeLog
View File

@ -1,3 +1,20 @@
Fri Dec 31 12:48:31 CET 1999 Werner Koch <wk@gnupg.de>
* keyid.c (do_fingerprint_md): Replaced mpi_get_buffer by gcry_mpi_print.
(v3_keyid): New.
(keyid_from_sk): And use it here.
(keyid_from_pk): Ditto.
(fingerprint_from_sk): Ditto.
(fingerprint_from_pk): Ditto.
* misc.c (mpi_print): New.
* misc.c (checksum_mpi): Now uses gcry_mpi_print to get the data.
* seckey-cert.c (do_check): Replaced mpi_read_from_buffer.
* armor.c (armor_filter): Made the "Comment:" header translatable.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* seckey-cert.c: Removed obsolete mpi_*_protect_flag.

36
g10/armor.c
View File

@ -876,6 +876,8 @@ armor_filter( void *opaque, int control,
}
else if( control == IOBUFCTRL_FLUSH ) {
if( !afx->status ) { /* write the header line */
const char *s;
if( afx->what >= DIM(head_strings) )
log_bug("afx->what=%d", afx->what);
iobuf_writestr(a, "-----");
@ -885,26 +887,24 @@ armor_filter( void *opaque, int control,
iobuf_writestr(a, "Version: GnuPG v" VERSION " ("
PRINTABLE_OS_NAME ")\n");
if( opt.comment_string ) {
const char *s = opt.comment_string;
if( *s ) {
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
/* write the comment string or a default one */
s = opt.comment_string ? opt.comment_string
: _("For info see http://www.gnupg.org");
if( *s ) {
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
}
else
iobuf_writestr(a,
"Comment: For info see http://www.gnupg.org\n");
if( afx->hdrlines )
iobuf_writestr(a, afx->hdrlines);
iobuf_put(a, '\n');

9
g10/keygen.c
View File

@ -26,6 +26,7 @@
#include <errno.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "main.h"
#include "packet.h"
#include "dummy-cipher.h"
@ -83,12 +84,12 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
keygen_add_key_expire( sig, opaque );
buf[0] = CIPHER_ALGO_TWOFISH;
buf[1] = CIPHER_ALGO_CAST5;
buf[0] = GCRY_CIPHER_TWOFISH;
buf[1] = GCRY_CIPHER_CAST5;
build_sig_subpkt( sig, SIGSUBPKT_PREF_SYM, buf, 2 );
buf[0] = DIGEST_ALGO_RMD160;
buf[1] = DIGEST_ALGO_SHA1;
buf[0] = GCRY_MD_RMD160;
buf[1] = GCRY_MD_SHA1;
build_sig_subpkt( sig, SIGSUBPKT_PREF_HASH, buf, 2 );
buf[0] = 2;

107
g10/keyid.c
View File

@ -54,8 +54,7 @@ do_fingerprint_md( PKT_public_key *pk )
{
GCRY_MD_HD md;
unsigned n;
unsigned nb[GNUPG_MAX_NPKEY];
unsigned nn[GNUPG_MAX_NPKEY];
unsigned int nn[GNUPG_MAX_NPKEY];
byte *pp[GNUPG_MAX_NPKEY];
int i;
int npkey = pubkey_get_npkey( pk->pubkey_algo );
@ -65,9 +64,17 @@ do_fingerprint_md( PKT_public_key *pk )
BUG();
n = pk->version < 4 ? 8 : 6;
for(i=0; i < npkey; i++ ) {
nb[i] = mpi_get_nbits(pk->pkey[i]);
pp[i] = mpi_get_buffer( pk->pkey[i], nn+i, NULL );
n += 2 + nn[i];
int rc;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, pk->pkey[i] );
assert( !rc );
/* fixme: we should try to allocate a buffer on the stack */
pp[i] = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, pp[1], &nbytes, pk->pkey[i] );
assert( !rc );
nn[i] = nbytes;
n += nn[i];
}
gcry_md_putc( md, 0x99 ); /* ctb */
@ -96,8 +103,6 @@ do_fingerprint_md( PKT_public_key *pk )
}
gcry_md_putc( md, pk->pubkey_algo );
for(i=0; i < npkey; i++ ) {
gcry_md_putc( md, nb[i]>>8);
gcry_md_putc( md, nb[i] );
gcry_md_write( md, pp[i], nn[i] );
m_free(pp[i]);
}
@ -124,6 +129,30 @@ do_fingerprint_md_sk( PKT_secret_key *sk )
}
static void
v3_keyid( MPI a, u32 *ki )
{
int rc;
byte *buffer;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, a );
assert( !rc );
/* fixme: allocate it on the stack */
buffer = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buffer, &nbytes, a );
assert( !rc );
if( nbytes < 8 ) { /* oops */
ki[0] = ki[1] = 0;
}
else {
memcpy( ki+0, buffer+nbytes-8, 4);
memcpy( ki+1, buffer+nbytes-4, 4);
}
m_free( buffer );
}
/****************
* Get the keyid from the secret key and put it into keyid
* if this is not NULL. Return the 32 low bits of the keyid.
@ -131,15 +160,16 @@ do_fingerprint_md_sk( PKT_secret_key *sk )
u32
keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
{
u32 lowbits;
u32 dummy_keyid[2];
if( !keyid )
keyid = dummy_keyid;
if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
lowbits = pubkey_get_npkey(sk->pubkey_algo) ?
mpi_get_keyid( sk->skey[0], keyid ) : 0; /* take n */
if( pubkey_get_npkey(sk->pubkey_algo) )
v3_keyid( sk->skey[0], keyid ); /* take n */
else
keyid[0] = keyid[1] = 0;
}
else {
const byte *dp;
@ -148,11 +178,10 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1];
gcry_md_close(md);
}
return lowbits;
return keyid[1];
}
@ -163,7 +192,6 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
u32
keyid_from_pk( PKT_public_key *pk, u32 *keyid )
{
u32 lowbits;
u32 dummy_keyid[2];
if( !keyid )
@ -172,11 +200,12 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
if( pk->keyid[0] || pk->keyid[1] ) {
keyid[0] = pk->keyid[0];
keyid[1] = pk->keyid[1];
lowbits = keyid[1];
}
else if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) {
lowbits = pubkey_get_npkey(pk->pubkey_algo) ?
mpi_get_keyid( pk->pkey[0], keyid ) : 0 ; /* from n */
if( pubkey_get_npkey(pk->pubkey_algo) )
v3_keyid( pk->pkey[0], keyid ); /* from n */
else
keyid[0] = keyid[1] = 0;
pk->keyid[0] = keyid[0];
pk->keyid[1] = keyid[1];
}
@ -187,13 +216,12 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1];
gcry_md_close(md);
pk->keyid[0] = keyid[0];
pk->keyid[1] = keyid[1];
}
return lowbits;
return keyid[1];
}
@ -357,11 +385,24 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
if( !md )
BUG();
if( pubkey_get_npkey( pk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( pk->pkey[0], &n, NULL );
gcry_md_write( md, p, n );
int rc;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[0] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[0] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
p = buf = mpi_get_buffer( pk->pkey[1], &n, NULL );
gcry_md_write( md, p, n );
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, pk->pkey[1] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, pk->pkey[1] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
}
gcry_md_final(md);
@ -403,11 +444,25 @@ fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
if( !md )
BUG();
if( pubkey_get_npkey( sk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( sk->skey[1], &n, NULL );
gcry_md_write( md, p, n );
int rc;
size_t nbytes;
#warning Why is the hash sequence for secret keys different
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[1] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[1] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
p = buf = mpi_get_buffer( sk->skey[0], &n, NULL );
gcry_md_write( md, p, n );
rc = gcry_mpi_print( GCRYMPI_FMT_USG, NULL, &nbytes, sk->skey[0] );
assert( !rc );
/* fixme: allocate it on the stack */
buf = m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_USG, buf, &nbytes, sk->skey[0] );
assert( !rc );
gcry_md_write( md, buf, nbytes );
m_free(buf);
}
gcry_md_final(md);

6
g10/main.h
View File

@ -58,8 +58,10 @@ u16 checksum_mpi( MPI a );
u32 buffer_to_u32( const byte *buffer );
int mpi_write( IOBUF out, GCRY_MPI a );
GCRY_MPI mpi_read(IOBUF inp, unsigned *ret_nread );
GCRY_MPI mpi_read_opaque(IOBUF inp, unsigned *ret_nread );
int mpi_write_opaque( IOBUF out, MPI a );
GCRY_MPI mpi_read(IOBUF inp, unsigned int *ret_nread, int secure );
GCRY_MPI mpi_read_opaque(IOBUF inp, unsigned int *ret_nread );
int mpi_print( FILE *fp, MPI a, int mode );
int openpgp_cipher_test_algo( int algo );
int openpgp_pk_test_algo( int algo, unsigned int usage_flags );

64
g10/misc.c
View File

@ -23,6 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
#include <asm/sysinfo.h>
#include <asm/unistd.h>
@ -116,12 +117,13 @@ mpi_write_opaque( IOBUF out, MPI a )
{
size_t nbytes, nbits;
int rc;
char *p;
assert( gcry_mpi_get_flag( a, GCRYMPI_FLAG_OPAQUE ) );
p = gcry_mpi_get_opaque( a, &nbits );
nbytes = (nbits+7) / 8;
iobuf_put( out, nbits >> 8 );
iobuf_put( out, nbits )
iobuf_put( out, nbits );
rc = iobuf_write( out, p, nbytes );
return rc;
}
@ -134,10 +136,10 @@ mpi_write_opaque( IOBUF out, MPI a )
* with MSB first (left padded with zeroes to align on a byte boundary).
*/
MPI
mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
mpi_read(IOBUF inp, unsigned int *ret_nread, int secure)
{
int c, c1, c2, i;
unsigned nbits, nbytes, nread=0;
unsigned int nbits, nbytes, nread=0;
MPI a = NULL;
byte *buf = NULL;
byte *p;
@ -163,8 +165,8 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
nread++;
}
nread += nbytes;
/* FIXME: replace with the gcry_scan function */
a = mpi_read_from_buffer( buf, &nread, secure );
if( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, &nread ) )
a = NULL;
leave:
m_free(buf);
@ -220,6 +222,35 @@ mpi_read_opaque(IOBUF inp, unsigned *ret_nread )
}
int
mpi_print( FILE *fp, MPI a, int mode )
{
int n=0;
if( !a )
return fprintf(fp, "[MPI_NULL]");
if( !mode ) {
unsigned int n1;
n1 = gcry_mpi_get_nbits(a);
n += fprintf(fp, "[%u bits]", n1);
}
else {
int rc;
byte *buffer;
size_t nbytes;
rc = gcry_mpi_print( GCRYMPI_FMT_HEX, NULL, &nbytes, a );
assert( !rc );
buffer = m_is_secure(a)? m_alloc_secure(nbytes) : m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &nbytes, a );
assert( !rc );
fputs( buffer, fp );
n += strlen(buffer);
m_free( buffer );
}
return n;
}
u16
checksum_u16( unsigned n )
@ -244,15 +275,21 @@ checksum( byte *p, unsigned n )
u16
checksum_mpi( MPI a )
{
int rc;
u16 csum;
byte *buffer;
unsigned nbytes;
unsigned nbits;
size_t nbytes;
buffer = mpi_get_buffer( a, &nbytes, NULL );
nbits = mpi_get_nbits(a);
csum = checksum_u16( nbits );
csum += checksum( buffer, nbytes );
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, &nbytes, a );
assert( !rc );
/* fixme: for numbers not in the suecre memory we
* should use a stack based buffer and only allocate
* a larger one when the mpi_print return an error
*/
buffer = m_is_secure(a)? m_alloc_secure(nbytes) : m_alloc(nbytes);
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, buffer, &nbytes, a );
assert( !rc );
csum = checksum( buffer, nbytes );
m_free( buffer );
return csum;
}
@ -388,3 +425,8 @@ pubkey_get_nenc( int algo )
return n > 0? n : 0;
}
int
pubkey_nbits()
{
}

1
g10/options.h
View File

@ -102,6 +102,7 @@ struct {
#define DBG_FILTER (opt.debug & DBG_FILTER_VALUE)
#define DBG_CACHE (opt.debug & DBG_CACHE_VALUE)
#define DBG_TRUST (opt.debug & DBG_TRUST_VALUE)
#define DBG_CIPHER (opt.debug & DBG_CIPHER_VALUE)
#endif /*G10_OPTIONS_H*/

2
g10/parse-packet.c
View File

@ -1423,7 +1423,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
else { /* v3 method: the mpi length is not encrypted */
for(i=npkey; i < nskey; i++ ) {
n = pktlen;
sk->skey[i] = mpi_read_opaque(inp, &n, 0 );
sk->skey[i] = mpi_read_opaque(inp, &n );
pktlen -=n;
if( list_mode ) {
printf( "\tskey[%d]: ", i);

10
g10/seckey-cert.c
View File

@ -109,8 +109,12 @@ do_check( PKT_secret_key *sk )
if( sk->csum == csum ) {
for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
nbytes = ndata;
sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 );
/* fixme: replace by mpi_scan */
assert( m_is_secure( p ) );
res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_PGP,
p, &nbytes);
if( res )
log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
ndata -= nbytes;
p += nbytes;
}
@ -134,6 +138,8 @@ do_check( PKT_secret_key *sk )
res = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
data, &ndata );
if( res )
log_bug("gcry_mpi_scan failed in do_check: rc=%d\n", res);
csum += checksum_mpi( sk->skey[i] );
m_free( buffer );

4
g10/sig-check.c
View File

@ -105,7 +105,7 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey,
NULL ));
}
else if( algo == GCRY_PK_RSA ) {
s_sig = SEXP_CONS( SEXP_NEW( "public-key", 10 ),
s_sig = SEXP_CONS( SEXP_NEW( "sig-val", 0 ),
gcry_sexp_vlist( SEXP_NEW( "rsa", 3 ),
gcry_sexp_new_name_mpi( "s", data[0] ),
NULL ));
@ -167,7 +167,7 @@ do_signature_check( PKT_signature *sig, GCRY_MD_HD digest, u32 *r_expire )
int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
byte *p, *buffer;
if( !(md = gcry_md_open( DIGEST_ALGO_RMD160, 0)) )
if( !(md = gcry_md_open( GCRY_MD_RMD160, 0)) )
BUG();
gcry_md_putc( digest, sig->pubkey_algo );
gcry_md_putc( digest, sig->digest_algo );

4
include/ChangeLog
View File

@ -13,17 +13,14 @@ Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* i18n.h: Add support for simple-gettext.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* util.h (stricmp): Use strcasecmp as replacement.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.h (MD_HANDLE): Assigned a structure name.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
@ -34,7 +31,6 @@ Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.h (DEK): increased max. key length to 32 bytes
Sat Feb 20 21:40:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10lib.h: Removed file and changed all files that includes this.

179
include/g10lib.h
View File

@ -1,179 +0,0 @@
/* g10lib.h - internal defintions for libgcrypt
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This header is to be used inside of libgcrypt in place of gcrypt.h.
* This way we can easily distinguish between internal and external
* usage of gcrypt.h
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10LIB_H
#define G10LIB_H 1
#ifdef _GCRYPT_H
#error gcrypt.h already included
#endif
/* because libgcrypt is distributed along with GnuPG, we need some way
* to do a sanity check. If this macro is defined, we are inside of
* libgcrypt */
#define _GCRYPT_IN_LIBGCRYPT 1
#include <gcrypt.h>
#include "types.h"
#ifdef G10_I18N_H
#error i18n should not be included here
#endif
#define _(a) g10_gettext(a)
#define N_(a) (a)
/*-- gcrypt/global.c --*/
int set_lasterr( int ec );
void *g10_malloc( size_t n );
void *g10_calloc( size_t n, size_t m );
void *g10_malloc_secure( size_t n );
void *g10_calloc_secure( size_t n, size_t m );
void *g10_realloc( void *a, size_t n );
char *g10_strdup( const char * a);
void *g10_xmalloc( size_t n );
void *g10_xcalloc( size_t n, size_t m );
void *g10_xmalloc_secure( size_t n );
void *g10_xcalloc_secure( size_t n, size_t m );
void *g10_xrealloc( void *a, size_t n );
char *g10_xstrdup( const char * a);
void g10_free( void *p );
int g10_is_secure( const void *a );
void g10_check_heap( const void *a );
/*-- gcrypt/misc.c --*/
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
#define G10_GCC_A_NR __attribute__ ((noreturn))
#define G10_GCC_A_PRINTF( f, a ) \
__attribute__ ((format (printf,f,a)))
#define G10_GCC_A_NR_PRINTF( f, a ) \
__attribute__ ((noreturn, format (printf,f,a)))
void g10_bug( const char *file, int line, const char *func ) G10_GCC_A_NR;
#else
#define G10_GCC_A_NR
#define G10_GCC_A_PRINTF( f, a )
#define G10_GCC_A_NR_PRINTF( f, a )
void g10_bug( const char *file, int line );
#endif
const char *g10_gettext( const char *key );
void g10_fatal_error(int rc, const char *text ) G10_GCC_A_NR;
void g10_log( int level, const char *fmt, ... ) G10_GCC_A_PRINTF(2,3);
void g10_log_bug( const char *fmt, ... ) G10_GCC_A_NR_PRINTF(1,2);
void g10_log_fatal( const char *fmt, ... ) G10_GCC_A_NR_PRINTF(1,2);
void g10_log_error( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
void g10_log_info( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
void g10_log_debug( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
/*-- util/{secmem,memory}.c --*/
void *g10_private_malloc( size_t n );
void *g10_private_malloc_secure( size_t n );
int g10_private_is_secure( const void *p );
void g10_private_check_heap( const void *p );
void *g10_private_realloc( void *a, size_t n );
void g10_private_free( void *p );
/*-- cipher/pubkey.c --*/
#ifndef DID_MPI_TYPEDEF
typedef struct gcry_mpi * MPI;
#define DID_MPI_TYPEDEF
#endif
int string_to_pubkey_algo( const char *string );
const char * pubkey_algo_to_string( int algo );
unsigned pubkey_nbits( int algo, MPI *pkey );
int pubkey_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
int pubkey_check_secret_key( int algo, MPI *skey );
int pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey );
int pubkey_decrypt( int algo, MPI *result, MPI *data, MPI *skey );
/*-- primegen.c --*/
MPI generate_secret_prime( unsigned nbits );
MPI generate_public_prime( unsigned nbits );
MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
MPI g, MPI **factors );
/* logging macros */
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
#define BUG() g10_bug( __FILE__ , __LINE__, __FUNCTION__ )
#else
#define BUG() g10_bug( __FILE__ , __LINE__ )
#endif
#define log_hexdump g10_log_hexdump
#define log_bug g10_log_bug
#define log_fatal g10_log_fatal
#define log_error g10_log_error
#define log_info g10_log_info
#define log_debug g10_log_debug
/* replacements of missing functions */
#ifndef HAVE_MEMICMP
int memicmp( const char *a, const char *b, size_t n );
#endif
#ifndef HAVE_STPCPY
char *stpcpy(char *a,const char *b);
#endif
#ifndef HAVE_STRLWR
char *strlwr(char *a);
#endif
#ifndef HAVE_STRTOUL
#define strtoul(a,b,c) ((unsigned long)strtol((a),(b),(c)))
#endif
#ifndef HAVE_MEMMOVE
#define memmove(d, s, n) bcopy((s), (d), (n))
#endif
#ifndef HAVE_STRICMP
#define stricmp(a,b) strcasecmp( (a), (b) )
#endif
#ifndef HAVE_ATEXIT
#define atexit(a) (on_exit((a),0))
#endif
#ifndef HAVE_RAISE
#define raise(a) kill(getpid(), (a))
#endif
/* some handy macros */
#ifndef STR
#define STR(v) #v
#endif
#define STR2(v) STR(v)
#define DIM(v) (sizeof(v)/sizeof((v)[0]))
#define DIMof(type,member) DIM(((type *)0)->member)
#endif /* G10LIB_H */

2
include/memory.h
View File

@ -58,6 +58,8 @@ void m_check( const void *a );
char *m_strdup( const char * a);
#endif
int m_is_secure( const void *a );
size_t m_size( const void *a );
void m_print_stats(const char *prefix);

8
mpi/ChangeLog
View File

@ -1,3 +1,11 @@
Fri Dec 31 12:48:31 CET 1999 Werner Koch <wk@gnupg.de>
* mpicoder.c (mpi_read_from_buffer): Made static.
(gcry_mpi_print): A buffer of NULL is now allowed to get the required
length back.
(mpi_get_keyid): Removed.
(mpi_print): Made static - should be removed.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* Makefile.am (INCLUDES): Add ../gcrypt.

121
mpi/mpicoder.c
View File

@ -32,7 +32,7 @@
#define MAX_EXTERN_MPI_BITS 16384
MPI
static MPI
mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
{
int i, j;
@ -156,7 +156,7 @@ mpi_fromstr(MPI val, const char *str)
* printed.
* FIXME: Replace this by the more generic gcry_mpi_print()
*/
int
static int
mpi_print( FILE *fp, MPI a, int mode )
{
int i, n=0;
@ -202,30 +202,6 @@ g10_log_mpidump( const char *text, MPI a )
fputc('\n', fp);
}
/****************
* Special function to get the low 8 bytes from an mpi.
* This can be used as a keyid; KEYID is an 2 element array.
* Return the low 4 bytes.
*/
u32
mpi_get_keyid( MPI a, u32 *keyid )
{
#if BYTES_PER_MPI_LIMB == 4
if( keyid ) {
keyid[0] = a->nlimbs >= 2? a->d[1] : 0;
keyid[1] = a->nlimbs >= 1? a->d[0] : 0;
}
return a->nlimbs >= 1? a->d[0] : 0;
#elif BYTES_PER_MPI_LIMB == 8
if( keyid ) {
keyid[0] = a->nlimbs? (u32)(a->d[0] >> 32) : 0;
keyid[1] = a->nlimbs? (u32)(a->d[0] & 0xffffffff) : 0;
}
return a->nlimbs? (u32)(a->d[0] & 0xffffffff) : 0;
#else
#error Make this function work with other LIMB sizes
#endif
}
/****************
@ -453,6 +429,7 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
/****************
* Write a using format into buffer which has a length of *NBYTES.
* Returns the number of bytes actually written in nbytes.
* Buffer maybe NULL to query the required length of the buffer
*/
int
gcry_mpi_print( enum gcry_mpi_format format, char *buffer, size_t *nbytes,
@ -465,8 +442,8 @@ gcry_mpi_print( enum gcry_mpi_format format, char *buffer, size_t *nbytes,
return GCRYERR_INV_ARG;
len = *nbytes;
*nbytes = 0;
if( format == GCRYMPI_FMT_STD ) {
byte *s = buffer;
char *tmp;
int extra = 0;
unsigned int n;
@ -480,39 +457,43 @@ gcry_mpi_print( enum gcry_mpi_format format, char *buffer, size_t *nbytes,
extra=1;
}
if( n > len ) {
if( n > len && buffer ) {
m_free(tmp);
return GCRYERR_TOO_SHORT; /* the provided buffer is too short */
}
if( extra )
*s++ = 0;
if( buffer ) {
byte *s = buffer;
if( extra )
*s++ = 0;
memcpy( s, tmp, n-extra );
memcpy( s, tmp, n-extra );
}
m_free(tmp);
*nbytes = n;
return 0;
}
else if( format == GCRYMPI_FMT_PGP ) {
unsigned int n = (nbits + 7)/8;
byte *s = buffer;
char *tmp;
if( a->sign )
return GCRYERR_INV_ARG; /* pgp format can only handle unsigned */
if( n+2 > len )
if( n+2 > len && buffer )
return GCRYERR_TOO_SHORT; /* the provided buffer is too short */
s[0] = nbits >> 8;
s[1] = nbits;
if( buffer ) {
char *tmp;
byte *s = buffer;
s[0] = nbits >> 8;
s[1] = nbits;
tmp = mpi_get_buffer( a, &n, NULL );
memcpy( s+2, tmp, n );
m_free(tmp);
tmp = mpi_get_buffer( a, &n, NULL );
memcpy( s+2, tmp, n );
m_free(tmp);
}
*nbytes = n+2;
return 0;
}
else if( format == GCRYMPI_FMT_SSH ) {
byte *s = buffer;
char *tmp;
int extra = 0;
unsigned int n;
@ -526,24 +507,26 @@ gcry_mpi_print( enum gcry_mpi_format format, char *buffer, size_t *nbytes,
extra=1;
}
if( n+4 > len ) {
if( n+4 > len && buffer ) {
m_free(tmp);
return GCRYERR_TOO_SHORT; /* the provided buffer is too short */
}
*s++ = n >> 24;
*s++ = n >> 16;
*s++ = n >> 8;
*s++ = n;
if( extra )
*s++ = 0;
if( buffer ) {
byte *s = buffer;
*s++ = n >> 24;
*s++ = n >> 16;
*s++ = n >> 8;
*s++ = n;
if( extra )
*s++ = 0;
memcpy( s, tmp, n-extra );
memcpy( s, tmp, n-extra );
}
m_free(tmp);
*nbytes = 4+n;
return 0;
}
else if( format == GCRYMPI_FMT_HEX ) {
byte *s = buffer;
byte *tmp;
int i;
int extra = 0;
@ -553,25 +536,37 @@ gcry_mpi_print( enum gcry_mpi_format format, char *buffer, size_t *nbytes,
if( !n || (*tmp & 0x80) )
extra=1;
if( 2*n+3+1 > len ) {
if( 2*n+3+1 > len && buffer ) {
m_free(tmp);
return GCRYERR_TOO_SHORT; /* the provided buffer is too short */
}
if( a->sign )
*s++ = '-';
if( extra ) {
*s++ = '0';
*s++ = '0';
}
if( buffer ) {
byte *s = buffer;
if( a->sign )
*s++ = '-';
if( extra ) {
*s++ = '0';
*s++ = '0';
}
for(i=0; i < n; i++ ) {
unsigned int c = tmp[i];
*s++ = (c >> 4) < 10? '0'+(c>>4) : 'A'+(c>>4)-10 ;
c &= 15;
*s++ = c < 10? '0'+c : 'A'+c-10 ;
for(i=0; i < n; i++ ) {
unsigned int c = tmp[i];
*s++ = (c >> 4) < 10? '0'+(c>>4) : 'A'+(c>>4)-10 ;
c &= 15;
*s++ = c < 10? '0'+c : 'A'+c-10 ;
}
*s++ = 0;
*nbytes = (char*)s - buffer;
}
*s++ = 0;
*nbytes = (char*)s - buffer;
else {
*nbytes = n;
if( a->sign )
++*nbytes;
if( extra )
*nbytes += 2;
++*nbytes; /* terminating Nul */
}
m_free(tmp);
return 0;
}
else

2
scripts/commit
View File

@ -59,5 +59,5 @@ for i in `find . -name cvs-add -print`; do
fi
done
cvs commit -m "See ChangeLog: $date $name" $*
cvs -z3 commit -m "See ChangeLog: $date $name" $*

3
scripts/mkwebpage
View File

@ -8,7 +8,6 @@ pgm="gnupg-www"
mod="gnupg-www"
MKWEBSITE=$HOME/bin/mkwebsite
cd $myhome
rm -rf $pgm.tmp 2>/dev/null || true
@ -30,6 +29,8 @@ echo "(List generated from CVS: " $(date +%Y-%m-%d) ")" >> $pgm.tmp/en/include-
cd $pgm.tmp
$MKWEBSITE --cvs --use-this-dir $myhome/$pgm.new
cd $myhome
cp -a gph $pgm.new/ || true
rm -rf $pgm.tmp || true
rm -rf $pgm.old || true

6
util/ChangeLog
View File

@ -1,3 +1,9 @@
Fri Dec 31 12:48:31 CET 1999 Werner Koch <wk@gnupg.de>
* memory.c (m_is_secure): New.
* stringhelp.c (trim_trailing_spaces): New.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* strgutil.c (strcasecmp): New.

8
util/memory.c
View File

@ -37,7 +37,7 @@
#include "memory.h"
#include "util.h"
/* FXIME: ugly hack. Need a prototype here bug can't include g10lib.h */
/* FXIME: ugly hack. Need a prototype here but can't include g10lib.h */
int g10_private_is_secure( void *p );
@ -642,4 +642,10 @@ FNAME(strdup)( const char *a FNAMEPRT )
return p;
}
int
m_is_secure( const void *a )
{
return g10_private_is_secure(a);
}

2
util/secmem.c
View File

@ -381,7 +381,7 @@ g10_private_is_secure( const void *p )
/****************
* Warning: This code might be called by an interrupt handler
* and frankly, thre should really be such a handler,
* and frankly, there should really be such a handler,
* to make sure that the memory is wiped out.
* We hope that the OS wipes out mlocked memory after
* receiving a SIGKILL - it really should do so, otherwise

22
util/stringhelp.c
View File

@ -103,6 +103,28 @@ trim_spaces( char *str )
return str ;
}
/****************
* remove trailing white spaces
*/
char *
trim_trailing_spaces( char *string )
{
char *p, *mark;
for( mark = NULL, p = string; *p; p++ ) {
if( isspace( *(byte*)p ) ) {
if( !mark )
mark = p;
}
else
mark = NULL;
}
if( mark )
*mark = '\0' ;
return string ;
}
unsigned

5
util/stringhelp.h
View File

@ -25,9 +25,10 @@
const char *memistr( const char *buf, size_t buflen, const char *sub );
char *mem2str( char *, const void *, size_t);
char *trim_spaces( char *string );
unsigned int trim_trailing_chars( byte *line, unsigned len,
char *trim_trailing_spaces( char *string );
unsigned int trim_trailing_chars( unsigned char *line, unsigned len,
const char *trimchars);
unsigned int trim_trailing_ws( byte *line, unsigned len );
unsigned int trim_trailing_ws( unsigned char *line, unsigned len );
#ifndef HAVE_MEMICMP