security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

new release

Browse source
This commit is contained in:
Werner Koch 1998-05-15 18:49:19 +00:00
parent 0e5a31d7be
commit f9a7043782
28 changed files with 396 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

21
g10/ChangeLog
View file

@ -1,3 +1,24 @@
Fri May 15 17:57:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* sign.c (hash_for): New and used in all places here.
* main.h (DEFAULT_): new macros.
* g10.c (opt.def_digest_algo): Now set to 0
* compress.c (init_compress): Add support for algo 1
* options.h (def_compress_algo): New
* g10.c (main): New option --compress-algo
Fri May 15 13:23:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (print_mds): New feature to print only one hash,
chnaged formatting.
Thu May 14 15:36:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (trap_unaligned) [__alpha__]: New
* g10.c (trap_unaligned): Add call to this to track down SIGBUS
on Alphas (to avoid the slow emulation code).
Wed May 13 11:48:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (do_signature): Support for v4 pakets.

4
g10/OPTIONS
View file

@ -27,6 +27,10 @@ gen-prime
# With three arguments: same as above, but a third argument indicates
# that a generator should also be calculated.
print-md algo
# print the message digest of algorithm ALGO for stdin or all
# given filenames
print-mds
# print all message digests of all give filenames

20
g10/compress.c
View file

@ -40,7 +40,6 @@ init_compress( compress_filter_context_t *zfx, z_stream *zs )
int rc;
int level;
if( opt.compress >= 0 && opt.compress <= 9 )
level = opt.compress;
else if( opt.compress == -1 )
@ -52,7 +51,11 @@ init_compress( compress_filter_context_t *zfx, z_stream *zs )
level = Z_DEFAULT_COMPRESSION;
}
if( (rc = deflateInit( zs, level )) != Z_OK ) {
if( (rc = zfx->algo == 1? deflateInit2( zs, level, Z_DEFLATED,
-13, 8, Z_DEFAULT_STRATEGY)
: deflateInit( zs, level )
) != Z_OK ) {
log_fatal("zlib problem: %s\n", zs->msg? zs->msg :
rc == Z_MEM_ERROR ? "out of core" :
rc == Z_VERSION_ERROR ? "invalid lib version" :
@ -104,8 +107,8 @@ init_uncompress( compress_filter_context_t *zfx, z_stream *zs )
* it forces zlib not to expect a zlib header. This is a
* undocumented feature Peter Gutmann told me about.
*/
if( (rc = zfx->pgpmode? inflateInit2( zs, -13)
: inflateInit( zs )) != Z_OK ) {
if( (rc = zfx->algo == 1? inflateInit2( zs, -13)
: inflateInit( zs )) != Z_OK ) {
log_fatal("zlib problem: %s\n", zs->msg? zs->msg :
rc == Z_MEM_ERROR ? "out of core" :
rc == Z_VERSION_ERROR ? "invalid lib version" :
@ -187,9 +190,11 @@ compress_filter( void *opaque, int control,
PACKET pkt;
PKT_compressed cd;
if( !zfx->algo )
zfx->algo = opt.def_compress_algo;
memset( &cd, 0, sizeof cd );
cd.len = 0;
cd.algorithm = 2; /* zlib */
cd.algorithm = zfx->algo;
init_packet( &pkt );
pkt.pkttype = PKT_COMPRESSED;
pkt.pkt.compressed = &cd;
@ -237,10 +242,9 @@ handle_compressed( PKT_compressed *cd,
int rc;
memset( &cfx, 0, sizeof cfx );
if( cd->algorithm == 1 )
cfx.pgpmode = 1;
else if( cd->algorithm != 2 )
if( cd->algorithm < 1 || cd->algorithm > 2 )
return G10ERR_COMPR_ALGO;
cfx.algo = cd->algorithm;
iobuf_push_filter( cd->buf, compress_filter, &cfx );
if( callback )

3
g10/encode.c
View file

@ -90,7 +90,8 @@ encode_simple( const char *filename, int mode )
if( mode ) {
s2k = m_alloc_clear( sizeof *s2k );
s2k->mode = 1;
s2k->hash_algo = opt.def_digest_algo;
s2k->hash_algo = opt.def_digest_algo ? opt.def_digest_algo
: DEFAULT_DIGEST_ALGO;
cfx.dek = passphrase_to_dek( NULL, opt.def_cipher_algo, s2k, 2 );
if( !cfx.dek || !cfx.dek->keylen ) {
rc = G10ERR_PASSPHRASE;

2
g10/filter.h
View file

@ -53,7 +53,7 @@ typedef struct {
unsigned inbufsize;
byte *outbuf;
unsigned outbufsize;
int pgpmode;
int algo; /* compress algo */
} compress_filter_context_t;

198
g10/g10.c
View file

@ -18,12 +18,6 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/****************
* We use cpp to generate the source g10maint.c (IS_G10MAINT) from this
* source; the main difference is, that g10maint can only work with public
* keys and does not need to lock memory or run suid.
*/
#include <config.h>
#include <errno.h>
#include <stdio.h>
@ -54,11 +48,11 @@
static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("\vCommands:\n ") },
{ 300, NULL, 0, N_("@Commands:\n ") },
#ifdef IS_G10
{ 's', "sign", 0, N_("make a signature")},
{ 539, "clearsign", 0, N_("make a clear text signature") },
{ 's', "sign", 0, N_("|[file]|make a signature")},
{ 539, "clearsign", 0, N_("|[file]|make a clear text signature") },
{ 'b', "detach-sign", 0, N_("make a detached signature")},
{ 'e', "encrypt", 0, N_("encrypt data")},
{ 'c', "symmetric", 0, N_("encryption only with symmetric cipher")},
@ -85,18 +79,19 @@ static ARGPARSE_OPTS opts[] = {
#ifdef IS_G10MAINT
{ 546, "dearmor", 0, N_("De-Armor a file or stdin") },
{ 547, "enarmor", 0, N_("En-Armor a file or stdin") },
{ 555, "print-md" , 0, N_("|algo [files]|print message digests")},
{ 516, "print-mds" , 0, N_("print all message digests")},
{ 513, "gen-prime" , 0, "\r" },
{ 548, "gen-random" , 0, "\r" },
{ 513, "gen-prime" , 0, "@" },
{ 548, "gen-random" , 0, "@" },
#endif
{ 301, NULL, 0, N_("\v\nOptions:\n ") },
{ 301, NULL, 0, N_("@\nOptions:\n ") },
#ifdef IS_G10
{ 'a', "armor", 0, N_("create ascii armored output")},
{ 'u', "local-user",2, N_("use this user-id to sign or decrypt")},
{ 'r', "remote-user", 2, N_("use this user-id for encryption")},
{ 'z', NULL, 1, N_("set compress level (0 disables)") },
{ 'z', NULL, 1, N_("|N|set compress level N (0 disables)") },
{ 't', "textmode", 0, N_("use canonical text mode")},
#endif
{ 'o', "output", 2, N_("use as output file")},
@ -111,22 +106,24 @@ static ARGPARSE_OPTS opts[] = {
{ 510, "debug" ,4|16, N_("set debugging flags")},
{ 511, "debug-all" ,0, N_("enable full debugging")},
{ 512, "status-fd" ,1, N_("write status info to this fd") },
{ 512, "status-fd" ,1, N_("|FD|write status info to this FD") },
{ 534, "no-comment", 0, N_("do not write comment packets")},
{ 535, "completes-needed", 1, N_("(default is 1)")},
{ 536, "marginals-needed", 1, N_("(default is 3)")},
#ifdef IS_G10
{ 527, "cipher-algo", 2 , N_("select default cipher algorithm")},
{ 528, "pubkey-algo", 2 , N_("select default public key algorithm")},
{ 529, "digest-algo", 2 , N_("select default message digest algorithm")},
{ 527, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")},
{ 528, "pubkey-algo", 2 , N_("|NAME|use public key algorithm NAME")},
{ 529, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")},
{ 556, "compress-algo", 1 , N_("|N|use compress algorithm N")},
#else /* some dummies */
{ 527, "cipher-algo", 2 , "\r"},
{ 528, "pubkey-algo", 2 , "\r"},
{ 529, "digest-algo", 2 , "\r"},
{ 527, "cipher-algo", 2 , "@"},
{ 528, "pubkey-algo", 2 , "@"},
{ 529, "digest-algo", 2 , "@"},
{ 556, "compress-algo", 1 , "@"},
#endif
#ifdef IS_G10
{ 302, NULL, 0, N_("\v\nExamples:\n\n"
{ 302, NULL, 0, N_("@\nExamples:\n\n"
" -se -r Bob [file] sign and encrypt for user Bob\n"
" -sat [file] make a clear text signature\n"
" -sb [file] make a detached signature\n"
@ -136,32 +133,32 @@ static ARGPARSE_OPTS opts[] = {
/* hidden options */
#ifdef IS_G10MAINT
{ 514, "test" , 0, "\r" },
{ 531, "list-trustdb",0 , "\r"},
{ 533, "list-trust-path",0, "\r"},
{ 514, "test" , 0, "@" },
{ 531, "list-trustdb",0 , "@"},
{ 533, "list-trust-path",0, "@"},
#endif
#ifdef IS_G10
{ 'k', NULL, 0, "\r"},
{ 504, "delete-secret-key",0, "\r" },
{ 524, "edit-sig" ,0, "\r"}, /* alias for edit-key */
{ 523, "passphrase-fd",1, "\r" },
{ 'k', NULL, 0, "@"},
{ 504, "delete-secret-key",0, "@" },
{ 524, "edit-sig" ,0, "@"}, /* alias for edit-key */
{ 523, "passphrase-fd",1, "@" },
#endif
{ 532, "quick-random", 0, "\r"},
{ 526, "no-verbose", 0, "\r"},
{ 538, "trustdb-name", 2, "\r" },
{ 540, "no-secmem-warning", 0, "\r" }, /* used only by regression tests */
{ 519, "no-armor", 0, "\r"},
{ 520, "no-default-keyring", 0, "\r" },
{ 522, "no-greeting", 0, "\r" },
{ 541, "no-operation", 0, "\r" }, /* used by regression tests */
{ 543, "no-options", 0, "\r" }, /* shortcut for --options /dev/null */
{ 544, "homedir", 2, "\r" }, /* defaults to "~/.gnupg" */
{ 545, "no-batch", 0, "\r" },
{ 549, "with-colons", 0, "\r"},
{ 551, "list-key", 0, "\r" }, /* alias */
{ 552, "list-sig", 0, "\r" }, /* alias */
{ 508, "check-sig",0, "\r" }, /* alias */
{ 553, "skip-verify",0, "\r" },
{ 532, "quick-random", 0, "@"},
{ 526, "no-verbose", 0, "@"},
{ 538, "trustdb-name", 2, "@" },
{ 540, "no-secmem-warning", 0, "@" }, /* used only by regression tests */
{ 519, "no-armor", 0, "@"},
{ 520, "no-default-keyring", 0, "@" },
{ 522, "no-greeting", 0, "@" },
{ 541, "no-operation", 0, "@" }, /* used by regression tests */
{ 543, "no-options", 0, "@" }, /* shortcut for --options /dev/null */
{ 544, "homedir", 2, "@" }, /* defaults to "~/.gnupg" */
{ 545, "no-batch", 0, "@" },
{ 549, "with-colons", 0, "@"},
{ 551, "list-key", 0, "@" }, /* alias */
{ 552, "list-sig", 0, "@" }, /* alias */
{ 508, "check-sig",0, "@" }, /* alias */
{ 553, "skip-verify",0, "@" },
{0} };
@ -173,7 +170,7 @@ enum cmd_values { aNull = 0,
aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey, aDeleteSecretKey,
aKMode, aKModeC, aChangePass, aImport, aVerify, aDecrypt, aListKeys,
aListSigs, aKeyadd,
aExport, aCheckKeys, aGenRevoke, aPrimegen, aPrintMDs,
aExport, aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs,
aListTrustDB, aListTrustPath, aDeArmor, aEnArmor, aGenRandom, aTest,
aNOP };
@ -184,7 +181,7 @@ static void set_cmd( enum cmd_values *ret_cmd,
enum cmd_values new_cmd );
#ifdef IS_G10MAINT
static void print_hex( byte *p, size_t n );
static void print_mds( const char *fname );
static void print_mds( const char *fname, int algo );
static void do_test(int);
#endif
@ -354,8 +351,10 @@ check_opts(void)
log_error(_("selected cipher algorithm is invalid\n"));
if( !opt.def_pubkey_algo || check_pubkey_algo(opt.def_pubkey_algo) )
log_error(_("selected pubkey algorithm is invalid\n"));
if( !opt.def_digest_algo || check_digest_algo(opt.def_digest_algo) )
if( opt.def_digest_algo && check_digest_algo(opt.def_digest_algo) )
log_error(_("selected digest algorithm is invalid\n"));
if( opt.def_compress_algo < 1 || opt.def_compress_algo > 2 )
log_error(_("compress algorithm must be in range %d..%d\n"), 1, 2);
if( opt.completes_needed < 1 )
log_error(_("completes-needed must be greater than 0\n"));
if( opt.marginals_needed < 2 )
@ -389,6 +388,7 @@ main( int argc, char **argv )
enum cmd_values cmd = 0;
const char *trustdb_name = NULL;
trap_unaligned();
#ifdef IS_G10MAINT
secmem_init( 0 ); /* disable use of secmem */
log_set_name("gpgm");
@ -403,9 +403,11 @@ main( int argc, char **argv )
#endif
i18n_init();
opt.compress = -1; /* defaults to standard compress level */
opt.def_cipher_algo = CIPHER_ALGO_BLOWFISH;
opt.def_pubkey_algo = PUBKEY_ALGO_ELGAMAL;
opt.def_digest_algo = DIGEST_ALGO_RMD160;
/* fixme: set the next two to zero and decide where used */
opt.def_cipher_algo = DEFAULT_CIPHER_ALGO;
opt.def_pubkey_algo = DEFAULT_PUBKEY_ALGO;
opt.def_digest_algo = 0;
opt.def_compress_algo = 2;
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.homedir = getenv("GNUPGHOME");
@ -531,6 +533,7 @@ main( int argc, char **argv )
case 546: set_cmd( &cmd, aDeArmor); break;
case 547: set_cmd( &cmd, aEnArmor); break;
case 548: set_cmd( &cmd, aGenRandom); break;
case 555: set_cmd( &cmd, aPrintMD); break;
#endif /* IS_G10MAINT */
case 'o': opt.outfile = pargs.r.ret_str; break;
@ -576,6 +579,7 @@ main( int argc, char **argv )
case 552: set_cmd( &cmd, aListSigs); break;
case 553: opt.skip_verify=1; break;
case 554: set_cmd( &cmd, aKeyadd); break;
case 556: opt.def_compress_algo = pargs.r.ret_int; break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}
@ -656,6 +660,7 @@ main( int argc, char **argv )
switch( cmd ) {
case aPrimegen:
case aPrintMD:
case aPrintMDs:
case aGenRandom:
case aDeArmor:
@ -919,12 +924,32 @@ main( int argc, char **argv )
}
break;
case aPrintMD:
if( argc < 1)
wrong_args("--print-md algo [file]");
else {
int algo = string_to_digest_algo(*argv);
if( !algo )
log_error(_("invalid hash algorithm '%s'\n"), *argv );
else {
argc--; argv++;
if( !argc )
print_mds(NULL, algo);
else {
for(; argc; argc--, argv++ )
print_mds(*argv, algo);
}
}
}
break;
case aPrintMDs:
if( !argc )
print_mds(NULL);
print_mds(NULL,0);
else {
for(; argc; argc--, argv++ )
print_mds(*argv);
print_mds(*argv,0);
}
break;
@ -1002,69 +1027,94 @@ print_hex( byte *p, size_t n )
if( n == 20 ) {
for(i=0; i < n ; i++, i++, p += 2 ) {
if( i )
putchar(' ');
if( i == 10 )
putchar(' ');
printf(" %02X%02X", *p, p[1] );
printf("%02X%02X", *p, p[1] );
}
}
else if( n == 24 ) {
for(i=0; i < n ; i += 4, p += 4 ) {
if( i )
putchar(' ');
if( i == 12 )
putchar(' ');
printf(" %02X%02X%02X%02X", *p, p[1], p[2], p[3] );
printf("%02X%02X%02X%02X", *p, p[1], p[2], p[3] );
}
}
else {
for(i=0; i < n ; i++, p++ ) {
if( i )
putchar(' ');
if( i && !(i%8) )
putchar(' ');
printf(" %02X", *p );
printf("%02X", *p );
}
}
}
static void
print_mds( const char *fname )
print_mds( const char *fname, int algo )
{
FILE *fp;
char buf[1024];
size_t n;
MD_HANDLE md;
char *pname;
if( !fname ) {
fp = stdin;
fname = "[stdin]";
pname = m_strdup("[stdin]: ");
}
else
else {
pname = m_alloc(strlen(fname)+3);
strcpy(stpcpy(pname,fname),": ");
fp = fopen( fname, "rb" );
}
if( !fp ) {
log_error("%s: %s\n", fname, strerror(errno) );
log_error("%s%s\n", pname, strerror(errno) );
m_free(pname);
return;
}
md = md_open( DIGEST_ALGO_MD5, 0 );
md_enable( md, DIGEST_ALGO_SHA1 );
md_enable( md, DIGEST_ALGO_RMD160 );
#ifdef WITH_TIGER_HASH
md_enable( md, DIGEST_ALGO_TIGER );
#endif
md = md_open( 0, 0 );
if( algo )
md_enable( md, algo );
else {
md_enable( md, DIGEST_ALGO_MD5 );
md_enable( md, DIGEST_ALGO_SHA1 );
md_enable( md, DIGEST_ALGO_RMD160 );
#ifdef WITH_TIGER_HASH
md_enable( md, DIGEST_ALGO_TIGER );
#endif
}
while( (n=fread( buf, 1, DIM(buf), fp )) )
md_write( md, buf, n );
if( ferror(fp) )
log_error("%s: %s\n", fname, strerror(errno) );
log_error("%s%s\n", pname, strerror(errno) );
else {
md_final(md);
printf( "%s: MD5 =", fname ); print_hex(md_read(md, DIGEST_ALGO_MD5), 16 );
printf("\n%s: SHA1 =", fname ); print_hex(md_read(md, DIGEST_ALGO_SHA1), 20 );
printf("\n%s: RMD160 =", fname ); print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 );
#ifdef WITH_TIGER_HASH
printf("\n%s: TIGER =", fname ); print_hex(md_read(md, DIGEST_ALGO_TIGER), 24 );
#endif
if( algo ) {
if( fname )
fputs( pname, stdout );
print_hex(md_read(md, algo), md_digest_length(algo) );
}
else {
printf( "%s MD5 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_MD5), 16 );
printf("\n%s SHA1 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_SHA1), 20 );
printf("\n%sRMD160 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 );
#ifdef WITH_TIGER_HASH
printf("\n%s TIGER = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_TIGER), 24 );
#endif
}
putchar('\n');
}
md_close(md);
if( fp != stdin )

6
g10/import.c
View file

@ -177,12 +177,12 @@ read_block( IOBUF a, compress_filter_context_t *cfx,
/* make a linked list of all packets */
switch( pkt->pkttype ) {
case PKT_COMPRESSED:
if( pkt->pkt.compressed->algorithm == 1 )
cfx->pgpmode = 1;
else if( pkt->pkt.compressed->algorithm != 2 ){
if( pkt->pkt.compressed->algorithm < 1
|| pkt->pkt.compressed->algorithm > 2 ) {
rc = G10ERR_COMPR_ALGO;
goto ready;
}
cfx->algo = pkt->pkt.compressed->algorithm;
pkt->pkt.compressed->buf = NULL;
iobuf_push_filter( a, compress_filter, cfx );
free_packet( pkt );

2
g10/keyedit.c
View file

@ -706,7 +706,7 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc,
}
}
md = md_open( digest_algo, 0 );
md_start_debug( md, "make" );
/*md_start_debug( md, "make" );*/
/* hash the public key certificate and the user id */
hash_public_cert( md, pkc );

5
g10/main.h
View file

@ -25,6 +25,10 @@
#include "cipher.h"
#include "keydb.h"
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_BLOWFISH
#define DEFAULT_PUBKEY_ALGO PUBKEY_ALGO_ELGAMAL
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_RMD160
typedef struct {
int header_okay;
@ -41,6 +45,7 @@ typedef struct {
#endif
/*-- misc.c --*/
void trap_unaligned(void);
u16 checksum_u16( unsigned n );
u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( MPI a );

1
g10/mainproc.c
View file

@ -238,6 +238,7 @@ proc_plaintext( CTX c, PACKET *pkt )
* textmode filter (sigclass 0x01)
*/
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0);
md_start_debug(c->mfx.md, "proc_plaintext");
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
md_enable( c->mfx.md, DIGEST_ALGO_TIGER );

31
g10/misc.c
View file

@ -22,10 +22,41 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if defined(__linux__) && defined(__alpha__)
#include <asm/sysinfo.h>
#include <asm/unistd.h>
#endif
#include "util.h"
#include "main.h"
#if defined(__linux__) && defined(__alpha__)
#warning using trap_unaligned
static int
setsysinfo(unsigned long op, void *buffer, unsigned long size,
int *start, void *arg, unsigned long flag)
{
return syscall(__NR_osf_setsysinfo, op, buffer, size, start, arg, flag);
}
void
trap_unaligned(void)
{
unsigned int buf[2];
buf[0] = SSIN_UACPROC;
buf[1] = UAC_SIGBUS | UAC_NOPRINT;
setsysinfo(SSI_NVPAIRS, buf, 1, 0, 0, 0);
}
#else
void
trap_unaligned(void)
{ /* dummy */
}
#endif
u16
checksum_u16( unsigned n )
{

3
g10/options.h
View file

@ -39,13 +39,12 @@ struct {
int def_cipher_algo;
int def_pubkey_algo;
int def_digest_algo;
int def_compress_algo;
int no_comment;
int marginals_needed;
int completes_needed;
const char *homedir;
int skip_verify;
int reserved14;
int reserved15;
} opt;

6
g10/passphrase.c
View file

@ -30,6 +30,7 @@
#include "ttyio.h"
#include "cipher.h"
#include "keydb.h"
#include "main.h"
static int pwfd = -1;
@ -69,10 +70,11 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
s2k = &help_s2k;
s2k->mode = 0;
/* this should be MD5 if cipher is IDEA, but because we do
* not have IDEA, we use the default one, the the user
* not have IDEA, we use the default one, the user
* can select it from the commandline
*/
s2k->hash_algo = opt.def_digest_algo;
s2k->hash_algo = opt.def_digest_algo?opt.def_digest_algo
:DEFAULT_DIGEST_ALGO;
}
if( keyid && !opt.batch ) {

2
g10/sig-check.c
View file

@ -345,7 +345,7 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
keyid_from_pkc( pkc, keyid );
md = md_open( algo, 0 );
md_start_debug(md, "check");
/*md_start_debug(md, "check");*/
hash_public_cert( md, pkc );
hash_uid_node( unode, md, sig );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {

50
g10/sign.c
View file

@ -61,7 +61,17 @@ complete_sig( PKT_signature *sig, PKT_secret_cert *skc, MD_HANDLE md )
return rc;
}
static int
hash_for(int pubkey_algo )
{
if( opt.def_digest_algo )
return opt.def_digest_algo;
if( pubkey_algo == PUBKEY_ALGO_DSA )
return DIGEST_ALGO_SHA1;
if( pubkey_algo == PUBKEY_ALGO_RSA )
return DIGEST_ALGO_MD5;
return DEFAULT_DIGEST_ALGO;
}
@ -148,7 +158,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/* prepare to calculate the MD over the input */
if( opt.textmode && !outfile )
iobuf_push_filter( inp, text_filter, &tfx );
mfx.md = md_open(opt.def_digest_algo, 0);
mfx.md = md_open(0, 0);
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
PKT_secret_cert *skc = skc_rover->skc;
md_enable(mfx.md, hash_for(skc->pubkey_algo));
}
if( !multifile )
iobuf_push_filter( inp, md_filter, &mfx );
@ -174,7 +190,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
skc = skc_rover->skc;
ops = m_alloc_clear( sizeof *ops );
ops->sig_class = opt.textmode && !outfile ? 0x01 : 0x00;
ops->digest_algo = opt.def_digest_algo;
ops->digest_algo = hash_for(skc->pubkey_algo);
ops->pubkey_algo = skc->pubkey_algo;
keyid_from_skc( skc, ops->keyid );
ops->last = !skc_rover->next;
@ -270,6 +286,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
sig = m_alloc_clear( sizeof *sig );
sig->version = skc->version;
keyid_from_skc( skc, sig->keyid );
sig->digest_algo = hash_for(skc->pubkey_algo);
sig->pubkey_algo = skc->pubkey_algo;
sig->timestamp = make_timestamp();
sig->sig_class = opt.textmode && !outfile? 0x01 : 0x00;
@ -314,11 +331,11 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
md_final( md );
if( is_ELGAMAL(sig->pubkey_algo) )
g10_elg_sign( skc, sig, md, opt.def_digest_algo );
g10_elg_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else if( sig->pubkey_algo == PUBKEY_ALGO_DSA )
g10_dsa_sign( skc, sig, md, opt.def_digest_algo );
g10_dsa_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else if( is_RSA(sig->pubkey_algo) )
g10_rsa_sign( skc, sig, md, opt.def_digest_algo );
g10_rsa_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else
BUG();
@ -432,11 +449,14 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
goto leave;
}
/* FIXME: This stuff is not correct if mutliplehash algos are used*/
iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );
if( opt.def_digest_algo == DIGEST_ALGO_MD5 )
if( (opt.def_digest_algo?opt.def_digest_algo:DEFAULT_DIGEST_ALGO)
== DIGEST_ALGO_MD5 )
iobuf_writestr(out, "\n" );
else {
const char *s = digest_algo_to_string(opt.def_digest_algo);
const char *s = digest_algo_to_string(opt.def_digest_algo?
opt.def_digest_algo:DEFAULT_DIGEST_ALGO);
assert(s);
iobuf_writestr(out, "Hash: " );
iobuf_writestr(out, s );
@ -444,7 +464,12 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
}
textmd = md_open(opt.def_digest_algo, 0);
textmd = md_open(0, 0);
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
PKT_secret_cert *skc = skc_rover->skc;
md_enable(textmd, hash_for(skc->pubkey_algo));
}
iobuf_push_filter( inp, text_filter, &tfx );
rc = write_dash_escaped( inp, out, textmd );
if( rc )
@ -467,6 +492,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
sig = m_alloc_clear( sizeof *sig );
sig->version = skc->version;
keyid_from_skc( skc, sig->keyid );
sig->digest_algo = hash_for(skc->pubkey_algo);
sig->pubkey_algo = skc->pubkey_algo;
sig->timestamp = make_timestamp();
sig->sig_class = 0x01;
@ -510,11 +536,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
md_final( md );
if( is_ELGAMAL(sig->pubkey_algo) )
g10_elg_sign( skc, sig, md, opt.def_digest_algo );
g10_elg_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else if( sig->pubkey_algo == PUBKEY_ALGO_DSA )
g10_dsa_sign( skc, sig, md, opt.def_digest_algo );
g10_dsa_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else if( is_RSA(sig->pubkey_algo) )
g10_rsa_sign( skc, sig, md, opt.def_digest_algo );
g10_rsa_sign( skc, sig, md, hash_for(sig->pubkey_algo) );
else
BUG();