better prime number generator. improved ELG key generation

2025-07-02 22:46:30 +02:00 · 1997-12-19 11:41:47 +00:00 · 1997-12-19 11:41:47 +00:00 · ee8d92fefa
commit ee8d92fefa
parent 15426c6d96
22 changed files with 1225 additions and 623 deletions
--- a/g10/g10.c
+++ b/g10/g10.c
@ -125,7 +125,7 @@ main( int argc, char **argv )
    { 510, "debug"     ,4|16, "set debugging flags" },
    { 511, "debug-all" ,0, "enable full debugging"},
    { 512, "cache-all" ,0, "hold everything in memory"},
-    { 513, "gen-prime" , 1, "\r" },
+    { 513, "gen-prime" , 0, "\r" },
    { 514, "test"      , 0, "\r" },
    { 515, "change-passphrase", 0, "change the passphrase of your secret keyring"},
    { 515, "fingerprint", 0, "show the fingerprints"},
@ -345,10 +345,26 @@ main( int argc, char **argv )


      case aPrimegen:
-	if( argc )
+	if( argc == 1 ) {
+	    mpi_print( stdout, generate_public_prime( atoi(argv[0]) ), 1);
+	    putchar('\n');
+	}
+	else if( argc == 2 ) {
+	    mpi_print( stdout, generate_elg_prime( atoi(argv[0]),
+						   atoi(argv[1]), NULL ), 1);
+	    putchar('\n');
+	}
+	else if( argc == 3 ) {
+	    MPI g = mpi_alloc(1);
+	    mpi_print( stdout, generate_elg_prime( atoi(argv[0]),
+						   atoi(argv[1]), g ), 1);
+	    printf("\nGenerator: ");
+	    mpi_print( stdout, g, 1 );
+	    putchar('\n');
+	    mpi_free(g);
+	}
+	else
 	    usage(1);
-	mpi_print( stdout, generate_public_prime( pargs.r.ret_int ), 1);
-	putchar('\n');
 	break;

      case aPrintMDs:
@ -366,7 +382,7 @@ main( int argc, char **argv )
 	generate_keypair();
 	break;

-      case aTest: do_test( atoi(*argv) ); break;
+      case aTest: do_test( argc? atoi(*argv): 0 ); break;

      default:
 	if( argc > 1 )
@ -463,9 +479,11 @@ print_mds( const char *fname )
 }


+
 static void
 do_test(int times)
 {
+  #if 0
    MPI t = mpi_alloc( 50 );
    MPI m = mpi_alloc( 50 );
    MPI a = mpi_alloc( 50 );
@ -486,7 +504,34 @@ do_test(int times)


    m_check(NULL);
+  #endif
+  #if 0
+    char *array;
+    int i, j;
+    int n = 6;
+    int m = times;

+    if( m > n )
+	abort();
+    array = m_alloc_clear( n );
+    memset( array, 1, m );
+
+    for(i=0;; i++) {
+	printf("i=%3d: ", i );
+	for(j=0; j < n ; j++ )
+	    if( array[j] )
+		putchar( 'X' );
+	    else
+		putchar( '-' );
+	putchar('\n');
+	m_out_of_n( array, m, n );
+	for(j=0; j < n; j++ )
+	    if( !array[j] )
+		break;
+	if( j == m )
+	    break;
+    }
+  #endif
 }


--- a/g10/kbnode.c
+++ b/g10/kbnode.c
@ -37,6 +37,7 @@ new_kbnode( PACKET *pkt )
    n->next = NULL;
    n->pkt = pkt;
    n->child = NULL;
+    n->flag = 0;
    return n;
 }

@ -138,3 +139,11 @@ walk_kbtree( KBNODE root, KBNODE *context )
    return n;
 }

+void
+clear_kbnode_flags( KBNODE n )
+{
+    for( ; n; n = n->next ) {
+	clear_kbnode_flags( n->child );
+	n->flag = 0;
+    }
+}
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -40,6 +40,7 @@ struct kbnode_struct {
    PACKET *pkt;
    KBNODE next;   /* used to form a link list */
    KBNODE child;
+    int flag;
 };

 /****************
@ -92,6 +93,7 @@ void add_kbnode( KBNODE root, KBNODE node );
 void add_kbnode_as_child( KBNODE root, KBNODE node );
 KBNODE find_kbparent( KBNODE root, KBNODE node );
 KBNODE walk_kbtree( KBNODE root, KBNODE *context );
+void clear_kbnode_flags( KBNODE n );

 /*-- ringedit.c --*/
 int add_keyblock_resource( const char *filename, int force );
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -174,17 +174,14 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
    skc->d.elg.g = sk.g;
    skc->d.elg.y = sk.y;
    skc->d.elg.x = sk.x;
+    skc->d.elg.is_protected = 0;
+    skc->d.elg.protect_algo = 0;

    skc->d.elg.csum = checksum_mpi( skc->d.elg.x );
    /* return an unprotected version of the skc */
    *ret_skc = copy_secret_cert( NULL, skc );

-    if( !dek ) {
-	skc->d.elg.is_protected = 0;
-	skc->d.elg.protect_algo = 0;
-    }
-    else {
-	skc->d.elg.is_protected = 0;
+    if( dek ) {
 	skc->d.elg.protect_algo = CIPHER_ALGO_BLOWFISH;
 	randomize_buffer(skc->d.elg.protect.blowfish.iv, 8, 1);
 	rc = protect_secret_key( skc, dek );
--- a/g10/ringedit.c
+++ b/g10/ringedit.c
@ -53,6 +53,7 @@
 #include "mpi.h"
 #include "iobuf.h"
 #include "keydb.h"
+#include <unistd.h> /* for truncate */


 struct resource_table_struct {
@ -383,6 +384,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
    KBNODE root = NULL;
    KBNODE node, n1, n2;
    IOBUF a;
+    u32 offset, last_offset;

    if( !(rentry=check_pos(kbpos)) )
 	return G10ERR_GENERAL;
@ -399,7 +401,6 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
 	return G10ERR_KEYRING_OPEN;
    }

-
    pkt = m_alloc( sizeof *pkt );
    init_packet(pkt);
    while( (rc=parse_packet(a, pkt)) != -1 ) {
@ -407,11 +408,13 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
 	    free_packet( pkt );
 	    continue;
 	}
+	if( root && ( pkt->pkttype == PKT_PUBLIC_CERT
+		      || pkt->pkttype == PKT_SECRET_CERT ) )
+	    goto ready;
+	offset = iobuf_tell(a);
 	switch( pkt->pkttype ) {
 	  case PKT_PUBLIC_CERT:
 	  case PKT_SECRET_CERT:
-	    if( root )
-		goto ready;
 	    root = new_kbnode( pkt );
 	    pkt = m_alloc( sizeof *pkt );
 	    init_packet(pkt);
@ -423,6 +426,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
 		rc = G10ERR_INV_KEYRING; /* or wrong kbpos */
 		goto ready;
 	    }
+	    offset = last_offset;
 	    /* append the user id */
 	    node = new_kbnode( pkt );
 	    if( !(n1=root->child) )
@ -477,7 +481,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
 	release_kbnode( root );
    else {
 	*ret_root = root;
-	kbpos->length = iobuf_tell( a ) - kbpos->offset;
+	kbpos->length = offset - kbpos->offset;
    }
    free_packet( pkt );
    m_free( pkt );
@ -529,7 +533,68 @@ keyring_insert( KBPOS *kbpos, KBNODE root )
 static int
 keyring_delete( KBPOS *kbpos )
 {
-    return -1;
+    RESTBL *rentry;
+    IOBUF fp;
+    KBNODE kbctx, node;
+    int rc;
+    u32 len;
+    int ctb;
+
+    if( !(rentry = check_pos( kbpos )) )
+	return G10ERR_GENERAL;
+
+
+    /* open the file for read/write */
+    fp = iobuf_openrw( rentry->fname );
+    if( !fp ) {
+	log_error("can't open '%s' for writing\n", rentry->fname );
+	return G10ERR_OPEN_FILE;
+    }
+
+    if( iobuf_seek( fp, kbpos->offset ) ) {
+	log_error("can't seek to %lu: %s\n", kbpos->offset, g10_errstr(rc));
+	iobuf_close(fp);
+	return G10ERR_WRITE_FILE;
+    }
+
+    len = kbpos->length;
+    log_debug("writing a dummy packet of length %lu\n", (ulong)len);
+
+    if( len < 2 )
+	log_bug(NULL);
+
+    if( len < 256 ) {
+	ctb = 0x80;
+	len -= 2;
+    }
+    else if( len < 65536 ) {
+	ctb = 0x81;
+	len -= 3;
+    }
+    else {
+	ctb = 0x82;
+	len -= 5;
+    }
+    iobuf_put(fp, ctb );
+    if( ctb & 2 ) {
+	iobuf_put(fp, len >> 24 );
+	iobuf_put(fp, len >> 16 );
+    }
+    if( ctb & 3 )
+	iobuf_put(fp, len >> 8 );
+    if( iobuf_put(fp, len ) ) {
+	iobuf_close(fp);
+	return G10ERR_WRITE_FILE;
+    }
+    for( ; len; len-- )
+	if( iobuf_put(fp, 0xff ) ) {
+	    iobuf_close(fp);
+	    return G10ERR_WRITE_FILE;
+	}
+
+    iobuf_close(fp);
+
+    return 0;
 }


--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -213,4 +213,19 @@ signature_check( PKT_signature *sig, MD_HANDLE *digest )
 }


+/****************
+ * check the signature pointed to by NODE. This is a key signatures
+ */
+int
+check_key_signature( KBNODE root, KBNODE node )
+{
+    assert( node->pkt->pkttype == PKT_SIGNATURE );
+    assert( (node->pkt->pkt.signature->sig_class&~3) == 0x10 );
+    assert( root->pkt->pkttype == PKT_PUBLIC_CERT );
+
+    /*FIXME!!!!!!*/
+
+    return 0;
+}
+