Page MenuHome GnuPG
Files F35336957

No OneTemporary
Actions

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.
This document is not UTF8. It was detected as ISO-8859-1 (Latin 1) and converted to UTF8 for display.
diff --git a/ChangeLog b/ChangeLog
index 442618dd..2ba55c31 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,1130 +1,1133 @@
2007-02-22 Werner Koch <wk@g10code.com>
+ * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Use
+ --enable-random-daemon.
+
* configure.ac: New option --enable-random-daemon.
Create versioninfo.rc and provide the build information.
2007-02-21 Werner Koch <wk@g10code.com>
- * Makefile.am, configure.ac: Ignore w32-dll/
+ * Makefile.am, configure.ac: Ignore w32-dll/.
2007-02-20 Werner Koch <wk@g10code.com>
* configure.ac: Bump LT version to C14/A3/R0 in preparation for a
release.
* autogen.sh: Add option --force.
* configure.ac: New option --disable-endian-check. Use a real
noexecstack test instead of requiring an option. Add SVN version
magic.
2007-02-02 Werner Koch <wk@g10code.com>
* configure.ac (FALLBACK_SOCKLEN_T): Special case for mingw32.
2006-11-15 Werner Koch <wk@g10code.com>
* autogen.sh: Add convenience option --build-amd64.
2006-10-20 Werner Koch <wk@g10code.com>
* Makefile.am (stowinstall): New convenience target.
2006-10-12 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (FALLBACK_SOCKLEN_T): Third time is a charm.
Define gcry_socklen_t, to avoid conflicts with socklen_t
definitions by autoconf.
2006-10-11 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (FALLBACK_SOCKLEN_T): Rewrite in terms of
socklen.m4.
2006-10-11 Marcus Brinkmann <marcus@g10code.de>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Removed.
* configure.ac: Do not call GNUPG_FIX_HDR_VERSION.
2006-10-10 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Invoke AC_CHECK_SOCKLEN_TYPE.
(AC_CONFIG_FILES): Add src/gcrypt.h.
(AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.
2006-10-02 Werner Koch <wk@g10code.com>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Test on HOST and not
TARGET. Hardwire for mingw32. Allow setting via command line when
cross compiling.
2006-08-29 Werner Koch <wk@g10code.com>
* configure.ac (USE_SEED): New.
2006-07-26 Werner Koch <wk@g10code.com>
* configure.ac: New options --enable-noexecstack and
--disable-optimization.
2006-07-04 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC.
* configure.ac: Call gl_TYPE_SOCKLEN_T instead of the other
socklen_t checks.
2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (PTH_LIBS): Add --all to pth-config invocation.
2006-03-14 Werner Koch <wk@g10code.com>
* configure.ac: Check for fctnl and ftruncate.
(HAVE_PTH): Check for GNU Pth.
(HAVE_W32_SYSTEM): Define it.
* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): New. Taken from GnuPG 1.4.
2005-12-08 Werner Koch <wk@g10code.com>
* configure.ac: Changed the random device names for netbsd. From
Christian Biere.
2005-11-02 Moritz Schulte <moritz@g10code.com>
* NEWS: Documented minor API changes.
2005-09-15 Moritz Schulte <moritz@g10code.com>
* Makefile.am (EXTRA_DIST): Depend on README.SVN, not on README.CVS.
2005-06-25 Moritz Schulte <moritz@g10code.com>
* configure.ac: Removed src/libgcrypt.pc from AC_CONFIG_FILES.
2005-06-10 Werner Koch <wk@g10code.com>
* configure.ac: Move detection of basic stuff to the top. For
example we need to know whether gcc is used before testing for it.
Reported by Ralf Fassel.
2005-04-23 Moritz Schulte <moritz@g10code.com>
* acinclude.m4 (TYPE_SOCKLEN_T): New type definition test;
provided by Albert Chin.
* configure.ac: Don't use $(CMD) as it's not portable; use CMD in
backticks instead. Simpler -lnsl/-lsocket test. Use
TYPE_SOCKLEN_T test. Don't forget to set `random_modules'
correctly.
2005-04-22 Moritz Schulte <moritz@g10code.com>
* configure.ac: Added support for pkgconfig; provided by Albert
Chin.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* configure.ac: Integrate Whirlpool.
2005-01-04 Werner Koch <wk@g10code.com>
Updated to automake 1.9.
* acinclude.m4: Updated for use with automake 1.9.
* configure.ac: Require libgpg-error 1.0; not really needed but
that is the first stable version.
* Makefile.am (ACLOCAL_AMFLAGS): New for -I m4.
(AUTOMAKE_OPTIONS): New to create a bzip archive.
2005-02-03 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-08-09 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-07-04 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-04-21 Werner Koch <wk@gnupg.org>
* configure.ac: Don't print a warning if GNU make was not found.
2004-05-07 Moritz Schulte <moritz@g10code.de>
* THANKS: Updated.
2004-04-02 Thomas Schwinge <schwinge@nic-nac-project.de>
* autogen.sh: Added ACLOCAL_FLAGS.
2004-04-15 Werner Koch <wk@gnupg.org>
Released 1.2.0.
* configure.ac: Set LT to C12/A1/R1.
2004-04-06 Werner Koch <wk@gnupg.org>
* config.guess, config.sub, ltmain.sh: Updated to those from
libtools 1.5.4.
2004-03-29 Werner Koch <wk@gnupg.org>
Released 1.1.94.
* configure.ac: Set LT to C12/A1/R0.
2004-03-10 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (LIBGCRYPT_CONFIG_LIBS_PTHREAD,
LIBGCRYPT_CONFIG_CFLAGS_PTHREAD, LIBGCRYPT_CONFIG_LIBS_PTH,
LIBGCRYPT_CONFIG_CFLAGS_PTH, have_pth, have_pthread, AC_CHECK_PTH,
AC_CHECK_LIB(pthread), HAVE_PTH, HAVE_PTHREAD): Removed.
2004-03-06 Werner Koch <wk@gnupg.org>
Released 1.1.93.
* configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by
LIBGCRYPT_CONPIG_API_VERSION. Set it to 1. Set LT to C11/A0/R1.
2004-03-05 Werner Koch <wk@gnupg.org>
* configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): New.
2004-02-20 Werner Koch <wk@gnupg.org>
Released 1.1.92.
* configure.ac: Set LT to C11/A0/R0.
2004-02-11 Werner Koch <wk@gnupg.org>
* autogen.sh (check_version): Removed bashism and simplified.
2004-02-06 Werner Koch <wk@gnupg.org>
* configure.ac: Add rfc2268 cipher algorithm.
2004-01-25 Moritz Schulte <mo@g10code.com>
* THANKS: Updated.
2003-12-19 Werner Koch <wk@gnupg.org>
Released 1.1.91.
* configure.ac: Bumbed LT version to C10/A3/R1.
2003-12-08 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): Don't distribute stuff from the now
obsolete scripts dir.
(EXTRA_DIST): Remove README_alpha
* README-alpha: Removed.
* configure.ac (AM_CONFIG_AUX_DIR): Removed.
* COPYING.DOC: Removed.
* Makefile.am (EXTRA_DIST): Added README.CVS and
autogen.sh. Removed COPYING.DOC.
2003-11-14 Werner Koch <wk@gnupg.org>
Released 1.1.90.
* configure.ac: Bumbed LT version to C10/A3/R0.
* configure.ac (have_ld_version_script): Set the default in
a separate test.
(PRINTABLE_OS_NAME): Don't handle the Hurd extra, this leads to
conflicts with BSD based GNU systems. The Hurd has now a working
uname.
2003-11-04 Werner Koch <wk@gnupg.org>
* configure.ac (USE_SHA1): Make sure it is always included.
(USE_RMD160): Removed this AM conditional.
2003-10-31 Werner Koch <wk@gnupg.org>
* configure.ac: Bumbed version number to 1.1.90-cvs for futher
development
Released 1.1.44.
* acinclude.m4 (AC_CHECK_PTH): Added.
* configure.ac: Use it here instead of the generic lib test.
Bumbed LT vesion to C9/A2/R0.
2003-10-27 Werner Koch <wk@gnupg.org>
* configure.ac: Give a hint on where libgpg-error is available.
Reformatted long lines. Don't include gcrypt-defs.h.
(--enable-gcc-warnings): New option.
2003-10-24 Moritz Schulte <mo@g10code.com>
* configure.ac: Check for socklen_t.
2003-10-11 Moritz Schulte <mo@g10code.com>
* acinclude.m4: Update AM_PATH_GPG_ERROR macro.
2003-09-04 Werner Koch <wk@gnupg.org>
Released 1.1.43.
* configure.ac: Require libgpg-error 0.4 due to the prime interface.
2003-08-29 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Re-implemented.
* configure.ac: Use it here.
2003-08-27 Moritz Schulte <mo@g10code.com>
* configure.ac: Substitute: LIBGCRYPT_CONFIG_LIBS_PTHREAD,
LIBGCRYPT_CONFIG_CFLAGS_PTHREAD, LIBGCRYPT_CONFIG_LIBS_PTH,
LIBGCRYPT_CONFIG_CFLAGS_PTH, LIBGCRYPT_THREAD_MODULES.
2003-08-07 Moritz Schulte <moritz@g10code.com>
* configure.ac: Fail, if libgpg-error could not be found.
2003-07-31 Werner Koch <wk@gnupg.org>
Released 1.1.42.
* configure.ac: Set LT version to 7/0/0.
2003-07-30 Werner Koch <wk@gnupg.org>
* AUTHORS (Maintainer): Assigned Moritz as Maintainer.
2003-07-30 Moritz Schulte <moritz@g10code.com>
* NEWS: Include much more complete list of `Interface changes
relative to the 1.1.12 release'.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* configure.ac: Bumbed version number up to 1.1.42-cvs.
2003-07-09 Moritz Schulte <moritz@g10code.com>
* configure.ac: Reintroduce --disable-asm, since it is needed by
mpi/config.links.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* README: Few changes, mention libgpg-error.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* configure.ac (available_ciphers): Removed Serpent, hrrm.
2003-06-17 Moritz Schulte <moritz@g10code.com>
* acinclude.m4: Removed macro definitions: GNUPG_CHECK_FAQPROG,
GNUPG_CHECK_ENDIAN, GNUPG_CHECK_CACHE, GNUPG_CHECK_PIC,
GNUPG_CHECK_EXPORTDYNAMIC, GNUPG_CHECK_IPC, GNUPG_PROG_NM,
GNUPG_SYS_SYMBOL_UNDERSCORE, GNUPG_FUNC_MKDIR_TAKES_ONE_ARG,
GPH_PROG_DB2ANY.
Added macro definitions: AM_PATH_GPG_ERROR.
* configure.ac: Use alternative approach for building based on
conditional sources, which does not make automake eat all your
memory, etc.
Removed unused tests.
Renamed --enable-static-rnd to --enable-random.
Use Autoconf's AC_C_BIGENDIAN macro instead of our own.
Re-organized the whole file.
2003-06-16 Moritz Schulte <moritz@g10code.com>
* configure.ac (AC_CONFIG_FILES): Removed doc/version.sgml.
2003-06-11 Moritz Schulte <moritz@g10code.com>
* configure.ac: Remove --enable-libgpg-error flag.
Ue AC_PATH_GPG_ERROR.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* NEWS: Mention API changes and libgpg-error.
2003-05-25 Moritz Schulte <moritz@g10code.com>
* configure.ac (USE_LIBGPG_ERROR): Implementation of the
--enable-libgpg-error switch.
Define USE_LIBGPG_ERROR in LIBGCRYPT_CONFIG_FLAGS, in case
libgpg-error is used.
2003-05-22 Moritz Schulte <moritz@g10code.com>
* configure.ac (AC_CHECK_HEADERS): Removed unused headers:
termio.h, langinfo.h.
(AC_CHECK_FUNCS): Removed unused functions: strsep, strlwr,
tcgetattr, setrlimit, strftime, nl_langinfo, sigaction,
sigprocmask, fopen64, fstat64.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* README: Documented new configure switches.
Mention the --enable-maintainer-switch.
* configure.ac: Merged some code from GnuPG's configure.ac for
disabling sha512/tiger in case no 64 data types are available.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* configure.ac: Include support for sha512.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* AUTHORS: Updated.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* configure.ac: Implement command line switches: --enable-ciphers,
--enable-pubkey-ciphers and --enable-digests.
Set Automake conditionals and config.h symbols depending on the
selected ciphers, pubkey-ciphers, digests and random-modules.
* acinclude.m4 (LIST_MEMBER): New macro.
* configure.ac: Simplified, removed code for parsing
EXTRA_PROGRAMS from Makefile.am.
2003-04-08 Moritz Schulte <moritz@g10code.com>
* configure.ac: Merged random-module selection code from GnuPG's
configure.ac.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* configure.ac: Removed code for generating contruct.c.
Remove digest modules from the static_modules list, only handle
random module selection.
2003-03-24 Moritz Schulte <moritz@g10code.com>
* NEWS: Mention new CBC_MAC flag.
* AUTHORS (Maintainer): Update entry for Simon Josefsson.
2003-03-04 Moritz Schulte <moritz@g10code.com>
* TODO: Remove item about resetting handles, since
gcry_cipher_reset is implemented by now.
* NEWS: Mentioned gcry_cipher_reset.
2003-01-21 Werner Koch <wk@gnupg.org>
* README (Configure options): New.
* configure.ac (have_ld_version_script): New option
--enable-ld-version-script.
2003-01-20 Simon Josefsson <jas@extundo.com>
* configure.ac (MODULES_IN_CIPHER): Add crc.
2003-01-20 Werner Koch <wk@gnupg.org>
Released 1.1.12.
* configure.ac (LIBGCRYPT_LT_REVISION): Bumbed up.
2002-12-21 Werner Koch <wk@gnupg.org>
Released 1.1.11.
* configure.ac (LIBGCRYPT_LT_CURRENT: Bumbed to 6/5/0 due to a new
interface
2002-12-19 Werner Koch <wk@gnupg.org>
* configure.ac (have_pthread): Check for pthreads in libc.
(have_ld_version_script): New.
2002-11-10 Werner Koch <wk@gnupg.org>
* configure.ac (MODULES_IN_CIPHER): Add md4.c. By Simon Josefsson.
2002-09-20 Werner Koch <wk@gnupg.org>
Released 1.1.10.
* configure.ac (HAVE_DEV_RANDOM_IOCTL): Don't check for it; it is
not used.
(AS_CHECK_HEADERS): Check for sys/select.h.
* Makefile.am (DIST_SUBDIRS): New to include the w32-dll directory
2002-09-18 Timo Schulz <ts@winpt.org>
* configure.ac: Added makefile for the W32 DLL.
2002-09-17 Werner Koch <wk@gnupg.org>
* configure.ac: Check for Pth and Pthreads.
2002-08-23 Werner Koch <wk@gnupg.org>
Released 1.1.9.
* configure.ac (LIBGCRYPT_CONFIG_CFLAGS): Renamed from
LIBGCRYPT_CFLAGS and removed the libpath because it is set by the
config script.
(LIBGCRYPT_LT_REVISION): Set LT version to 5/4/1.
2002-06-25 Werner Koch <wk@gnupg.org>
Released 1.1.8.
* configure.ac: Set LT version to 5/4/0.
2002-05-21 Werner Koch <wk@gnupg.org>
Released 1.1.7.
* configure.ac: Set LT version to 4/3/0.
2002-05-17 Werner Koch <wk@gnupg.org>
* configure.ac: Removed all the dynamic loading stuff.
2002-05-16 Werner Koch <wk@gnupg.org>
* configure.ac: Reordered the C_CHECK_FUNCS.
2002-05-15 Werner Koch <wk@gnupg.org>
* configure.ac: Adjusted for new MPI module stuff.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license to the LGPL.
2002-05-02 Werner Koch <wk@gnupg.org>
* jnlib/: Removed.
* Makefile.am (SUBDIRS): Removed jnlib.
* configure.ac (jnlib/Makefile): Removed.
* configure.ac: Define _REENTRANT.
2002-02-18 Werner Koch <wk@gnupg.org>
* configure.ac (MPI_EXTRA_ASM_OBJS): Use .lo suffix.
(AC_CANONICAL_TARGET): Added.
2002-02-07 Werner Koch <wk@gnupg.org>
Released 1.1.6.
2002-01-24 Werner Koch <wk@gnupg.org>
* jnlib/: Replaced by a fresh copy from GnuPG (actually the NewPG
development branch). Adjusted Makefile.am and jnlib-config.h
accordingly.
2001-12-18 Werner Koch <wk@gnupg.org>
Released 1.1.5.
* Makefile.am (dist-hook): Only look in mpi and scripts for
distfiles; this way we don't include those of a stale "make dist"
directory.
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Make it work with the new
automake.
* configure.ac: Don't chmod db2any.
2001-08-06 Werner Koch <wk@gnupg.org>
* configure.ac: Removed cross compiling hacks.
2001-08-03 Werner Koch <wk@gnupg.org>
Released 1.1.4.
* acinclude.m4 (GNUPG_CHECK_TYPEDEF): Define GNU Source.
Migrated to autoconf 2.52.
* acinclude.m4: Removed GNUPG_LINK_FILES and converted.
* acconfig.h: Removed
* configure.in: Replaced by...
* configure.ac: and modified for use with autoconf 2.52. Replaced
GNUPG_LINK_FILES with AC_CONFIG_LINKS and moved some informational
messages to the end. Removed --enable-m-debug
* tests/: New.
* Makefile.am: Included tests directory
* configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf.
Reported by Chris Adams. Merged some cases.
2001-05-31 Werner Koch <wk@gnupg.org>
Released 1.1.3.
* configure.in: Use _gcry_ prefix when creating the cipher constructor.
* acconfig.h (_GCRYPT_IN_LIBGCRYPT): Define it here.
2001-05-28 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GPH_PROG_DOCBOOK): Removed.
(GPH_PROG_DB2ANY): New. Taken from GPH.
* configure.in: Use it here.
2000-12-19 Werner Koch <wk@gnupg.org>
Major change:
Removed all GnuPG stuff and renamed this piece of software
to gcrypt. The directory gcrypt has been renamed to src.
2000-11-14 Werner Koch <wk@gnupg.org>
Version 1.1.2 released.
2000-11-13 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): VPATH build fix.
2000-10-10 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): Create the version file.
* configure.in: Set the libtool version here, removed the need
for the version file.
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir().
* configure.in: Changes to allow for Solaris random device.
By Nils Ellmenreich.
(--with-egd-socket): New.
* configure.in (GNUPG_HOMEDIR): New.
* configure.in: Check for fstat64 and fopen64
* acinclude.m4 (GNUPG_CHECK_FAQPROG): New.
* configure.in: Test for this.
* configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion.
Tue Aug 22 14:31:15 CEST 2000 Werner Koch <wk@openit.de>
Version 1.1.1
Fri Aug 18 14:27:14 CEST 2000 Werner Koch <wk@openit.de>
* agent/: New.
* Makefile.am, configure.in: Support for the new directory.
Mon Jul 17 16:35:47 CEST 2000 Werner Koch <wk@>
* configure.in (mingw32): Changes to allow for mingw32msvc
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
The big merge between this one and the stable branch 1.0. Still need
to merge TNANKS, AUTHORS and such. It probaly does not compile yet.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code.
* configure.in: Add check for termio.h, wait unctiosn and sigaction.
* acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New.
* acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri.
* configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël.
* acinclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
Contributed by Dave Dykstra.
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
* configure.in: Add a test for unisgned long long.
* configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD.
* configure.in: Add check for clock_gettime
* configure.in (ALL_LINGUAS): Add nl.
* configure.in (ALL_LINGUAS): Add Esperanto.
* configure.in (ALL_LINGUAS): Add sv and ja.
* configure.in: Use /usr/local for CFLAGS and LDFLAGS when
target is freebsd. By Rémi.
* configure.in: Do not set development version when the version has
a dash in it. Suggested by Dave Dykstra.
* configure.in: Removed substitution for doc/gph/Makefile.
Do all the gcc warning only in maintainer mode.
* configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc.
Suggested by Alexandre Oliva.
(-Wall): Moved the settting of gcc warning options near to the end
so that tests don't get confused. Suggested by Paul D. Smith.
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support.
(GNUPG_CHECK_RDYNAMIC): Ditto.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for
librt. Test suggested by Jeff Long.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when
we can't link a test program. This way GNU systems don't need
to link against linrt.
(GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for
DJGPP.
(GNUPG_CHECK_MLOCK): Check whether mlock sits in librt.
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner.
* acconfig.h (HAVE_MLOCK): Added
Mon Mar 13 19:22:46 CET 2000 Werner Koch <wk@openit.de>
* configure.in: Now uses the Docbook M4s from GPH.
Mon Jan 31 17:46:35 CET 2000 Werner Koch <wk@>
* Makefile.am: Re-added tools. By Rémi.
Mon Jan 31 16:37:34 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Create a symlink for types.h in gcrypt/.
Thu Jan 27 18:00:44 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (g10defs.h): Replaced by gnupg-defs.h
Mon Jan 24 13:04:28 CET 2000 Werner Koch <wk@gnupg.de>
* jnlib/ : New.
* configure.in: Do set development version when the version has
a dash in it. Suggested by Dave Dykstra.
Thu Dec 9 17:22:27 CET 1999 Werner Koch <wk@gnupg.de>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): New.
* configure.in: Check and fix the version number of gcrypt/gcrypt.h
so that it is always the save as VERSION.
Thu Oct 28 16:17:46 CEST 1999 Werner Koch <wk@gnupg.de>
* Started with development series 1.1 on 1999-10-26
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* README-alpha: New
* configure.in: Fixed quoting in test for development version.
* THANKS: Add entries for Michael, Brenno and J Horacio who did
very nice Howto documents - I apoligize for forgetting to mention them
earlier.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add "-lcap" when capabilities are requested.
Add the conditional CROSS_COMPILING.
* Makefile.am: Don't use checks when CROSS_COMPILING.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ALL_LINGUAS): Add pt_PT.
* configure.in: Some tweaks for cross compiling under MingW32
* acconfig.h (USE_STATIC_RNDW32): New.
Tue Sep 7 17:08:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 1.0.0.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Create makefile in doc/gph
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New
* configure.in: use the above.
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.11.
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Minor changes to the OS/2 and Mingw32 system labels.
Add a printable name for Hurd.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Some support for DJGPP (Mark Elbrecht)
Wed Aug 4 10:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.10.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_...
* Makefile.am (DISCLEANFILES): New
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.9.
* configure.in: Print a notice when rndunix is used.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* configure.in: Ditto.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (use_local_zlib): The lost dollar is back.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case.
* configure.in: Another variant of the MX vendor string
* configure.in (--with-capabilities): Some test code (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX.
* configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra).
* VERSION: Now 0.9.8
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add test for docbook-to-man
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd,
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ZLIB,GDBM): Check both, header and lib.
Sat Jun 5 15:30:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (key_present_in_pk_list): New (Michael).
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (IS_DEVELOPMENT_VERSION): Fixed detection.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when
cross-compiling.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Fix for Unisys by Katsuhiro Kondou.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* NEWS: Add a marker line which I forgot to do for 0.9.6.
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* README: Minor updates
* VERSION: Now 0.9.6
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for
amiga-openbsd (Peter Reich)
(GNUPG_PROG_NM): Ditto
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (g10defs.h): Removed.
* configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h
Sat Mar 20 12:55:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Now 0.9.5
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is
now in the latest libtool.
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Removed the need for libtool
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced.
* acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New.
* VERSION: Now 0.9.4
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (dld): Test disabled.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* encode.c (encode_simple): temporary fix.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: New option --enable-static-rnd.
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* BUGS: Now we assign bug numbers.
* OBUGS: New to keep rack o fixed bugs (CVS only)
Fri Feb 19 18:01:54 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Released 0.9.3
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4: Removed gettext macros.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Check for -lsocket and -lnsl.
(osf4): Disable all warnings for DEC's cc.
(-Wall): Add more warning options for gcc
Sat Feb 13 12:04:43 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Changed detection of compiler flags.
* intl/ : Removed directory
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2
* configure.in: a lot of changes to allow selection of modules.
Add support for OS/2.
* acinclude.m4: add some more caching
* README: Spelling and grammar corrections (John A. Martin)
* INSTALL: Ditto.
Wed Jan 20 21:40:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: --enable-m-guard is now default
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* INSTALL: Applied new information how to build rpms by Fabio Coatti
* Makefile.in (gnupg.spec): Changed the names.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* config.links (m68k-atari-mint): New
Tue Jan 12 09:17:19 CET 1999 Gaël Quéri <gqueri@mail.dotcom.fr>
* all: Fixed typos all over the place
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add a way to statically link rndunix
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New.
* configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* README: Replaced the command overview with a short intro.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add check for dlopen in libc (Greg Troxel)
and a new define
* acconfig.h (DLSYM_NEEDS_UNDERSCORE): New.
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m (GNUPG_CHECK_PIC): New
* configure.in, acinclude.m4: Renamed all WK_ to GNUPG_
Tue Dec 8 15:09:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.4.5
Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (USE_RNDLINUX): New.
Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Released 0.4.4
* configure.in (try_asm_modules): For option --disable-asm
Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (MPI_SFLAGS): New.
Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* ABOUT-NLS: New
* configure.in (AC_REVISION): New.
Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Set to 0.4.3
Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): New macro GNUPG_DATADIR.
Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Removed gettext kludge
* acinclude.m4: Add patched AM_WITH_NKS macro
Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Kludge to make AM_GNU_GETTEXT work,
changed some macors to more modern versions. Also
changeg the all makefiles to remove duplicate ../intl.
* acinclude.m4: Removed the gettext stuff, as this
already comes with automake now.
Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (NAME_OF_DEV_RANDOM): New.
(DYNLINK_MOD_CFLAGS): New.
Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): creates include file
* acconfig.h: now includes g10defs.h
* configure.in: Removed G10_LOCALEDIR and GNUPG_LIB
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.
* scripts/gnupg.spec: New template file for RPMs
Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none))
* acinclude.h (WK_CHECK_IPC): New
* configure.in : Add checks for SysV IPC
Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-dynload): New.
Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold)
* configure.in (GNUPG_LIBDIR): New.
Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (fast_random_poll): fixed syntax bug.
Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux
Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* [all files]: Applied Matthew Skala's typo and grammar fixes.
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (getrusage,gettimeofday): New tests.
Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-m-guard): New.
Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in, acinclude.m4, intl/, po/: New macros taken
from GNOME, switched to automake 1.2f
Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (doc/Makefile): New
Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed gettext stuff
Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* checks/*test : restructured the directory.
Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed the name of the package to GNUPG and
chnaged several other names too.
Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (checks): New.
Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (mpi_config_done): Removed asm links caching.
Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): New.
* acconfig.h: Likewise.
Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in : Fixed zlib stuff
* Makefile.am: Likewise
Copyright 1998, 1999, 2000, 2001, 2002, 2003,
2004, 2006 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/Makefile.am b/Makefile.am
index f706593c..085c5956 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,51 +1,52 @@
## Process this file with automake to produce Makefile.in
# Copyright (C) 1992, 1999, 2000, 2002 Free Software Foundation, Inc.
#
# This file is part of Libgcrypt.
#
# Libgcrypt is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# Libgcrypt is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
ACLOCAL_AMFLAGS = -I m4
AUTOMAKE_OPTIONS = dist-bzip2
+DISTCHECK_CONFIGURE_FLAGS = --enable-random-daemon
DIST_SUBDIRS = m4 mpi cipher src doc tests
SUBDIRS = mpi cipher src doc tests
EXTRA_DIST = BUGS autogen.sh README.apichanges README.SVN
DISTCLEANFILES =
# Add all the files listed in "distfiles" files to the distribution,
# apply version number s to some files and create a VERSION file which
# we need for the Prereq: patch file trick.
dist-hook:
@set -e; \
for file in `cd $(top_srcdir); \
find mpi -type f -name distfiles`; do \
dir=`dirname $$file` ; $(mkinstalldirs) $(distdir)/$$dir ; \
for i in distfiles `cat $(top_srcdir)/$$file` ; do \
ln $(top_srcdir)/$$dir/$$i $(distdir)/$$dir/$$i 2> /dev/null \
|| cp -p $(top_srcdir)/$$dir/$$i $(distdir)/$$dir/$$i; \
done ; \
done
@set -e; \
echo "$(VERSION)" > $(distdir)/VERSION
stowinstall:
$(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/libgcrypt
diff --git a/THANKS b/THANKS
index 6ae582af..fa37666a 100644
--- a/THANKS
+++ b/THANKS
@@ -1,152 +1,153 @@
Libgcrypt is based on the GnuPG code. Here is a list of people, who
helped in GnuPG and Libgcrypt development. Please help us to keep it
complete and free of errors.
Allan Clark allanc@sco.com
Anand Kumria wildfire@progsoc.uts.edu.au
Andreas Metzler ametzler at downhill.at.eu.org
Ariel T Glenn ariel@columbia.edu
Bodo Moeller Bodo_Moeller@public.uni-hamburg.de
Brenno de Winter brenno@dewinter.com
Brian Moore bem@cmc.net
Brian Warner warner@lothar.com
Brieuc Jeunhomme bbp@via.ecp.fr
Bryan Fullerton bryanf@samurai.com
Caskey L. Dickson caskey@technocage.com
Cees van de Griend cees-list@griend.xs4all.nl
Charles Levert charles@comm.polymtl.ca
Christian Biere christianbiere@gmx.de
Christian Grothoff grothoff@cs.purdue.edu
Christian von Roques roques@pond.sub.org
Christopher Oliver oliver@fritz.traverse.net
Christian Recktenwald chris@citecs.de
Daniel Eisenbud eisenbud@cs.swarthmore.edu
Daniel Koening dan@mail.isis.de
David Ellement ellement@sdd.hp.com
Detlef Lannert lannert@lannert.rz.uni-duesseldorf.de
Dirk Lattermann dlatt@t-online.de
Dirk Stoecker gcrypt@dstoecker.de
Ed Boraas ecxjo@esperanto.org
Enzo Michelangeli em@MailAndNews.com
Ernst Molitor ernst.molitor@uni-bonn.de
Fabio Coatti cova@felix.unife.it
Felix von Leitner leitner@amdiv.de
Frank Heckenbach heckenb@mi.uni-erlangen.de
Frank Stajano frank.stajano@cl.cam.ac.uk
Gaël Quéri gqueri@mail.dotcom.fr
Gerlinde Klaes gk@u64.de
Greg Louis glouis@dynamicro.on.ca
Greg Troxel gdt@ir.bbn.com
Gregory Steuck steuck@iname.com
Geoff Keating geoffk@ozemail.com.au
Harald Denker harry@hal.westfalen.de
Hendrik Buschkamp buschkamp@rheumanet.org
Holger Schurig holger@d.om.org
Hugh Daniel hugh@toad.com
Ian McKellar imckellar@harvestroad.com.au
Ian Peters itp@ximian.com
Janusz A. Urbanowicz alex@bofh.torun.pl
James Troup james@nocrew.org
Jean-loup Gailly gzip@prep.ai.mit.edu
Jeff Johnson jbj@redhat.com
Jens Bachem bachem@rrz.uni-koeln.de
J Horacio MG homega@ciberia.es
Joachim Backes backes@rhrk.uni-kl.de
Jordi Mallach jordi@sindominio.net
John A. Martin jam@jamux.com
Johnny Teveßen j.tevessen@gmx.de
Jörg Schilling schilling@fokus.gmd.de
Jun Kuriyama kuriyama@sky.rim.or.jp
Karl Fogel kfogel@guanabana.onshore.com
Karsten Thygesen karthy@kom.auc.dk
Katsuhiro Kondou kondou@nec.co.jp
Kazu Yamamoto kazu@iijlab.net
Lars Kellogg-Stedman lars@bu.edu
Lee Fisher blibbet at gmail dot com
Marco d'Itri md@linux.it
Mark Adler madler@alumni.caltech.edu
Mark Elbrecht snowball3@bigfoot.com
Markus Friedl Markus.Friedl@informatik.uni-erlangen.de
Matthias Urlichs smurf@smurf.noris.de
Martin Kahlert martin.kahlert@provi.de
Martin Hamilton
Martin Schulte schulte@thp.uni-koeln.de
Matthew Skala mskala@ansuz.sooke.bc.ca
Max Kellermann max@duempel.org
Max Valianskiy maxcom@maxcom.ml.org
Michael Fischer v. Mollard mfvm@gmx.de
Michael Roth mroth@nessie.de
Michael Sobolev mss@despair.transas.com
Michele Baldessari michele@pupazzo.org
Modestas Vainius geromanas@mailas.com
+Neil Dunbar neil.dunbar at pobox.com
Neil Spring nspring@cs.washington.edu
Newton Hammet newton@hammet.net
Nicolas Graner Nicolas.Graner@cri.u-psud.fr
NIIBE Yutaka gniibe@chroot.org
Niklas Hernaeus
Nikolay Sturm sturm@sec.informatik.tu-darmstadt.de
Nikos Mavroyanopoulos nmav@hellug.gr
Nimrod Zimerman zimerman@forfree.at
N J Doye nic@niss.ac.uk
Oliver Haakert haakert@hsp.de
Oskari Jääskeläinen f33003a@cc.hut.fi
Paul D. Smith psmith@baynetworks.com
Philippe Laliberte arsphl@oeil.qc.ca
Peter Gutmann pgut001@cs.auckland.ac.nz
QingLong qinglong@bolizm.ihep.su
Rafael Ávila de Espíndola rafael.espindola@gmail.com
Rafaël Carré funman@videolan.org
Ralf Fassel ralf@akutech.de
Ralf Hildebrandt Ralf.Hildebrandt@innominate.com
Ralf Schneider ralf@tapfere-schneiderleins.de
Ralph Gillen gillen@theochem.uni-duesseldorf.de
Rami Lehti Rami.Lehti@finland.sun.com
Randolph Chung tausq@debian.org
Randy mcclellr@oit.edu
Rat ratinox@peorth.gweep.net
Reinhard Wobst R.Wobst@ifw-dresden.de
Rémi Guyomarch rguyom@mail.dotcom.fr
Reuben Sumner rasumner@wisdom.weizmann.ac.il
Richard Outerbridge outer@interlog.com
Roddy Strachan roddy@satlink.com.au
Roland Rosenfeld roland@spinnaker.rhein.de
Ross Golder rossigee@bigfoot.com
Serge Munhoven munhoven@mema.ucl.ac.be
Simon Josefsson jas@extundo.com
SL Baur steve@xemacs.org
Stephan Austermuehle au@hcsd.de
Stephane Corthesy stephane@sente.ch
Stefan Karrmann S.Karrmann@gmx.net
Stefan Keller dres@cs.tu-berlin.de
Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn zahn@berlin.snafu.de
Steven Bakker steven@icoe.att.com
Susanne Schultz schultz@hsp.de
Thiago Jung Bauermann jungmann@cwb.matrix.com.br
Thomas Roessler roessler@guug.de
Tom Holroyd tomh@po.crl.go.jp
Tom Spindler dogcow@home.merit.edu
Tom Zerucha tzeruch@ceddec.com
Tomas Fasth tomas.fasth@twinspot.net
Tommi Komulainen Tommi.Komulainen@iki.fi
Thomas Mikkelsen tbm@image.dk
Ulf Möller 3umoelle@informatik.uni-hamburg.de
Umberto Salsi salsi@icosaedro.it
Uoti Urpala
Urko Lusa ulusa@euskalnet.net
Victor Stinner haypo@inl.fr
Walter Koch koch@u32.de
Werner Koch wk@gnupg.org
Wim Vandeputte wim@kd85.com
nbecker@hns.com
Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/TODO b/TODO
index 95ea299c..c867e6f8 100644
--- a/TODO
+++ b/TODO
@@ -1,83 +1,82 @@
What's left to do -*- outline -*-
* Updated the FSF's directory.
-* Add more tests.
-
* udiv-qrnbd.o should get build as *.lo [HPUX]
* Allow operation using RSA keys consisting of the OpenSSL list of
parameters and allow for a third form where the private Exponent
is not given (saves space).
* Add a warning to the manual, to check that libgcrypt actually has
been compiled with thread support when used by a threaded
application.
-* write an autoconf test to check whether the linker supports a
- version script.
+* linker script test
+ Write an autoconf test to check whether the linker supports a
+ version script.
* Make use of the forthcoming visibility attribute.
* Add attributes to the MPI functions.
-* Write tests for the progress function
-
* In case the ac interface will be more popular than the pk interface,
the asymmetric ciphers could be changed for convenient interaction
with the ac interface (i.e. by using ac's `data sets') and the pk
interface could be changed to be a wrapper for the ac interface.
* cipher/pubkey.c and pubkey implementaions.
Don't rely on the secure memory based wiping function but add an
extra wiping.
* update/improve documentation
- it's outdated for e.g. gcry_pk_algo_info.
- document algorithm capabilities
* Use builtin bit functions of gcc 3.4
* Consider using a daemon to maintain he random pool
-
- The down side of this is that we can't assume that the random das
+ [Partly done]
+ The down side of this is that we can't assume that the random has
has always been stored in "secure memory". And we rely on that
sniffing of Unix domain sockets is not possible. We can implement
this simply by detecting a special prefixed random seed name and
divert in this case to the daemon. There are several benefits with
such an approach: We keep the state of the RNG over invocations of
libgcrypt based applications, don't need time consuming
initialization of the pool and in case the entropy collectros need
to run that bunch of Unix utilities we don't waste their precious
results.
* Out of memory handler for secure memory should do proper logging
There is no shortage of standard memory, so logging is most likely
possible.
-* signed vs. unsigned.
- Sync the code with 1.2 where we have fixed all these issues.
-
* mpi_print does not use secure memory
for internal variables.
* gry_mpi_lshift is missing
* Add OAEP
* Next API break:
** gcry_ac_io_t
Remove use of anonymous union.
* ac.c
- There are still some things fishy. The fixes I did todat
+ There are still some things fishy. The fixes I did today
(2006-10-23) seem to cure just a symptom. Needs a complete review.
* gcryptrnd.c
- Requires test for pth and other stuff.
+ Requires a test for pth [done] as well as some other tests.
* secmem.c
Check whether the memory block is valid before releasing it and
print a diagnosic, like glibc does.
+* Tests
+ We need a lot more tests. Lets keep an ever growing list here.
+** Write tests for the progress function
+
+
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 645d9ebb..b8ff7c5a 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3197 +1,3200 @@
2007-02-22 Werner Koch <wk@g10code.com>
+ * pubkey.c (sexp_data_to_mpi): Handle dynamically allocated
+ algorithms. Suggested by Neil Dunbar. Fixes bug#596.
+
* rndw32.c (_gcry_rndw32_gather_random_fast): Make it return void.
* cipher.c (gcry_cipher_algo_name): Simplified.
* random.c: Use the daemon only if compiled with USE_RANDOM_DAEMON.
* Makefile.am (libcipher_la_SOURCES): Build random-daemon support
only if requested.
2007-02-21 Werner Koch <wk@g10code.com>
* random.c (rndpool, keypool): Make unsigned.
(mix_pool): Change char* variables to unsigned char*.
(gcry_randomize): Make arg BUFFER a void*.
(gcry_create_nonce): Ditto.
* rmd160.c (gcry_rmd160_mixblock): Make BUFFER a void*.
(_gcry_rmd160_hash_buffer): Make OUTBUF and BUFFER void*.
* sha1.c (_gcry_sha1_hash_buffer): Ditto.
* cipher.c (gcry_cipher_encrypt, cry_cipher_decrypt): Change
buffer args to void*.
(gcry_cipher_register): Make ALGORITHM_ID a int *.
* md.c (md_start_debug): Make SUFFIX a const char*. Use snprintf.
(gcry_md_debug): New.
(gcry_md_ctl): Changed arg BUFFER from unsigned char*.
* md.c (md_write): Make INBUF a const void*.
(gcry_md_write): Remove needless cast.
* crc.c (crc32_write): Make INBUF a const void*
(update_crc32, crc24rfc2440_write): Ditto.
* sha512.c (sha512_write, transform): Ditto.
* sha256.c (sha256_write, transform): Ditto.
* rmd160.c (rmd160_write, transform): Ditto.
* md5.c (md5_write, transform): Ditto.
* md4.c (md4_write, transform): Ditto.
* sha1.c (sha1_write, transform): Ditto.
* tiger.c (tiger_write, transform): Ditto.
* whirlpool.c (whirlpool_write, whirlpool_add, transform): Ditto.
* elgamal.c (elg_names): Change to a const*.
* dsa.c (dsa_names): Ditto.
* rsa.c (rsa_names): Ditto.
* pubkey.c (gcry_pk_lookup_func_name): Make ALIASES a const.
2007-02-20 Werner Koch <wk@g10code.com>
* rndlinux.c (open_device): Remove unsused arg MINOR.
2007-01-30 Werner Koch <wk@g10code.com>
* sha256.c (oid_spec_sha256): Add alias from pkcs#1.
* sha512.c (oid_spec_sha512): Ditto.
(oid_spec_sha384): Ditto.
2006-12-18 Werner Koch <wk@g10code.com>
* rndlinux.c (set_cloexec_flag): New.
(open_device): Set close-on-exit flags. Suggested by Max
Kellermann. Fixes Debian#403613.
* Makefile.am (AM_CPPFLAGS, AM_CFLAGS): Splitted and merged
Moritz' changes.
(INCLUDES): Removed.
2006-11-30 Werner Koch <wk@g10code.com>
* serpent.c (byte_swap_32): Remove trailing semicolon.
2006-11-15 Werner Koch <wk@g10code.com>
* Makefile.am (INCLUDES): Include ../src/
2006-11-03 Werner Koch <wk@g10code.com>
* random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not
sys/times.h. Reported by Rafaël Carré.
2006-11-05 Moritz Schulte <moritz@g10code.com>
* Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the
new gcrypt.h is used, not the one installed in the system.
2006-10-25 Werner Koch <wk@g10code.com>
* primegen.c (prime_generate_internal): Tweaked use of secure
memory and entropy use. Safe unused primes from the pool. Allocate
at least a pool of 30.
(save_pool_prime, get_pool_prime): New.
2006-10-23 Werner Koch <wk@g10code.com>
* ac.c (_gcry_ac_data_from_sexp): Reset sexp_tmp for failsafe
means. Release sexp_cur if needed. Reported by Dirk Stoecker.
* pubkey.c (pubkeys_registered_lock): Intialized it. It is not
realy needed because this is a mere initialization to 0 anyway.
Noted by Victor Stinner.
2006-10-17 Werner Koch <wk@g10code.com>
* dsa.c (_gcry_dsa_generate2): New.
(generate): New arg QBITS. Add sanity checks for reasonable qbits
and nbits.
* pubkey.c (gcry_pk_genkey): Parse an qbits element.
(pubkey_generate): New arg QBITS. Pass it to the DSA generation.
2006-10-05 Werner Koch <wk@g10code.com>
* md.c (gcry_md_algo_info) <get_asnoid>: Check that the algo is
available.
2006-10-04 David Shaw <dshaw@jabberwocky.com> (wk)
* tiger.c (round): Rename to tiger_round as gcc 4 has a built-in
round function that this conflicts with.
2006-09-11 Werner Koch <wk@g10code.com>
* rndw32.c (slow_gatherer_windowsNT): While adding data use the
size of the diskPerformance and not its address. Has been fixed in
GnuPG more than a year ago. Noted by Lee Fisher.
2006-08-30 Werner Koch <wk@g10code.com>
* pubkey.c (sexp_data_to_mpi): Need to allow "ripemd160" here as
this is the canonical name.
2006-08-29 Hye-Shik Chang <perky@FreeBSD.org> (wk)
* seed.c: New.
2006-08-03 Werner Koch <wk@g10code.com>
* random-daemon.c (_gcry_daemon_initialize_basics): Don't
initialize the socket. Remove arg SOCKETNAME.
(connect_to_socket): Make sure that daemon is set to -1 on error.
(call_daemon): Initialize the socket on the first call.
(_gcry_daemon_randomize, _gcry_daemon_get_random_bytes)
(_gcry_daemon_create_nonce): New arg SOCKETNAME.
* random.c (initialize): Call new daemon initializator.
(get_random_bytes, gcry_randomize, gcry_create_nonce): Pass socket
name to daemon call and reset allow_daemon on failure.
2006-07-26 Werner Koch <wk@g10code.com>
* rmd160.c (_gcry_rmd160_mixblock): Add cast to transform call.
* blowfish.c (selftest): Cast string to usnigned char*.
* primegen.c (prime_generate_internal): Cast unsigned/char*
mismatch in calling m_out_of_n.
(is_prime): Changed COUNT to unsigned int *.
* ac.c (_gcry_ac_data_copy): Initialize DATA_MPIS.
* random.c (gcry_create_nonce): Update the pid after a fork.
Reported by Uoti Urpala.
2006-07-04 Marcus Brinkmann <marcus@g10code.de>
* sha512.c: Fix typo in copyright notice.
2006-06-21 Werner Koch <wk@g10code.com>
* rsa.c (_gcry_rsa_generate): Replace xcalloc by calloc.
* pubkey.c (gcry_pk_encrypt, gcry_pk_sign): Ditto.
(sexp_to_key, sexp_to_sig, sexp_to_enc, gcry_pk_encrypt)
(gcry_pk_sign, gcry_pk_genkey, gcry_pk_get_keygrip): Ditto.
* md.c (md_copy): Ditto.
2006-04-22 Moritz Schulte <moritz@g10code.com>
* random-daemon.c (_gcry_daemon_initialize_basics): New argument:
SOCKETNAME. Passing on to connect_to_socket() if non-NULL.
(connect_to_socket, writen, readn, call_daemon): New functions.
(_gcry_daemon_randomize, _gcry_daemon_get_random_bytes)
(_gcry_daemon_create_nonce): Call call_daemon().
(RANDOM_DAEMON_SOCKET): New symbol.
(daemon_socket): New static variable.
* random.h (_gcry_daemon_initialize_basics): New parameter:
SOCKETNAME.
(_gcry_set_random_daemon_socket): New declaration.
* random.c (initialize_basics): Pass DAEMON_SOCKET_NAME to
_gcry_daemon_initialize_basics.
(_gcry_set_random_daemon_socket): New function, setting
DAEMON_SOCKET_NAME.
2006-04-01 Moritz Schulte <moritz@g10code.com>
* ac.c (eme_pkcs_v1_5_encode): Use KEY_SIZE directly, no need to
call gcry_ac_key_get_nbits.
(eme_pkcs_v1_5_decode): Likewise.
(ac_es_dencode_prepare_pkcs_v1_5): Fill options_em structure with
key_size.
(_gcry_ac_data_dump, gcry_ac_data_dump): New functions.
(_gcry_ac_data_to_sexp, _gcry_ac_data_from_sexp): More or less
rewritten; changed S-Expression format so that it matches the one
used in pubkey.c.
2006-03-15 Werner Koch <wk@g10code.com>
* random-daemon.c: New.
* random.c (_gcry_use_random_daemon): New.
(get_random_bytes, gcry_randomize, gcry_create_nonce): Try
diverting to the daemon functions.
2006-03-14 Werner Koch <wk@g10code.com>
* random.c (lock_seed_file): New.
(read_seed_file, _gcry_update_random_seed_file): Use it.
* random.c (gcry_create_nonce): Detect a fork and re-seed.
(read_pool): Fixed the fork detection; it used to work only for
multi-threaded processes.
2006-03-12 Brad Hards <bradh@frogmouth.net> (wk)
* md.c (md_open): Use new variable macpads_Bsize instead of
hardwiring the block size. Changed at all places.
2006-03-10 Brad Hards <bradh@frogmouth.net> (wk, patch 2005-04-22)
* md.c, sha256.c: Add support for SHA-224.
(sha224_init): New.
2006-01-18 Brad Hards <bradh@frogmouth.net> (wk 2006-03-07)
* cipher.c (cipher_encrypt, cipher_decrypt, do_ofb_encrypt)
(do_ofb_decrypt, gcry_cipher_open): Implement Output Feedback Mode.
2005-11-02 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_algo_name): Return "?" instead of NULL for
unknown algorithm IDs.
* cipher.c (cipher_algo_to_string): Likewise.
2005-11-01 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_algo_info): Don't forget to break after switch
case.
2005-09-19 Werner Koch <wk@g10code.com>
* dsa.c (generate): Add preliminary support for 2 and 4 keys.
Return an error code if the key size is not supported.
(_gcry_dsa_generate): Return an error.
2005-08-22 Werner Koch <wk@g10code.com>
* primegen.c (check_prime): New arg RM_ROUNDS.
(prime_generate_internal): Call it here with 5 rounds as used
before.
(gcry_prime_check): But here with 64 rounds.
(is_prime): Make sure never to use less than 5 rounds.
2005-04-16 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_init): New function.
2005-04-12 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_io_write, _gcry_ac_io_read): Initialize err to
make the compiler happy.
Always use errno, now that gcry_malloc() is guaranteed to set
errno on failure.
(_gcry_ac_data_to_sexp): Don't forget to goto out after error in
loop.
(_gcry_ac_data_to_sexp): Remove unused variable: mpi_list;
(_gcry_ac_data_to_sexp): Always deallocate sexp_buffer.
(_gcry_ac_data_from_sexp): Don't forget to initialize data_set_new.
(_gcry_ac_data_from_sexp): Handle special case, which is
necessary, since gcry_sexp_nth() does not distinguish between
"element does not exist" and "element is the empty list".
(_gcry_ac_io_init_va): Use assert to make sure that mode and type
are correct.
Use gcry_error_t types where gcry_err_code_t types have been used
before.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_data_sign_scheme): Don't forget to initialize
buffer.
* whirlpool.c: New file.
* md.c (digest_table): Add whirlpool.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Added: whirlpool.c.
2005-03-30 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_data_from_sexp): Use length of SEXP_CUR, not
length of SEXP; do not forget to set SEXP_TMP to NULL after it has
been released.
(struct gcry_ac_mpi): New member: name_provided.
(_gcry_ac_data_set): Rename variable `name_final' to `name_cp';
remove const qualifier; change code to not cast away const
qualifiers; use name_provided member as well.
(_gcry_ac_data_set, _gcry_ac_data_get_name): Use name_provided
member of named mpi structure.
(gcry_ac_name_to_id): Do not forget to initialize err.
(_gcry_ac_data_get_index): Do not forget to initialize mpi_return;
use gcry_free() instead of free(); remove unnecessary cast; rename
mpi_return and name_return to mpi_cp and name_cp; adjust code.
(ac_data_mpi_copy): Do not cast away const qualifier.
(ac_data_values_destroy): Likewise.
(ac_data_construct): Likewise.
(ac_data_mpi_copy): Initialize flags to GCRY_AC_FLAG_DEALLOC.
(ac_data_extract): Use GCRY_AC_FLAG_DEALLOC instead of
GCRY_AC_FLAG_COPY.
(_gcry_ac_io_init_va, _gcry_ac_io_init, gcry_ac_io_init)
(gcry_ac_io_init_va, _gcry_ac_io_write, _gcry_ac_io_read)
(_gcry_ac_io_read_all, _gcry_ac_io_process): New functions.
(gry_ac_em_dencode_t): Use gcry_ac_io_t in prototype instead of
memroy strings directly; adjust encode/decode functions to use io
objects.
(emsa_pkcs_v1_5_encode_data_cb): New function ...
(emsa_pkcs_v1_5_encode): ... use it here.
(ac_data_dencode): Use io objects.
(_gcry_ac_data_encode, _gcry_ac_data_decode, gcry_ac_data_encode)
(gcry_ac_data_decode): Likewise.
(_gcry_ac_data_encrypt_scheme, gcry_ac_data_encrypt_scheme)
(_gcry_ac_data_decrypt_scheme, gcry_ac_data_decrypt_scheme)
(_gcry_ac_data_sign_scheme, gcry_ac_data_sign_scheme)
(_gcry_ac_data_verify_scheme, gcry_ac_data_verify_scheme):
Likewise.
2005-03-23 Werner Koch <wk@g10code.com>
* rndw32.c (_gcry_rndw32_gather_random_fast): While adding data
use the size of the object and not the one of its address. Bug
reported by Sascha Kiefer.
2005-03-19 Moritz Schulte <moritz@g10code.com>
* cipher.c (do_cbc_encrypt): Be careful to not overwrite data,
which is to be used later on. This happend, in case CTS is
enabled and OUTBUF is equal to INBUF.
2005-02-25 Werner Koch <wk@g10code.com>
* pubkey.c (gcry_pk_get_keygrip): Allow for shadowed-private-key.
2005-02-13 Moritz Schulte <moritz@g10code.com>
* serpent.c: Updated from 1.2 branch:
s/u32_t/u32/ and s/byte_t/byte/. Too match what we have always
used and are using in all other files too
(serpent_test): Moved prototype out of a fucntion.
2005-02-07 Moritz Schulte <moritz@g10code.com>
* ac.c: Major parts rewritten.
* pubkey.c (_gcry_pk_get_elements): New function.
2004-12-09 Werner Koch <wk@g10code.com>
* serpent.c (serpent_setkey): Moved prototype of serpent_test to
outer scope.
2004-09-11 Moritz Schulte <moritz@g10code.com>
* pubkey.c (pubkey_table): Added an alias entry for GCRY_PK_ELG_E.
2004-08-23 Moritz Schulte <moritz@g10code.com>
* ac.c: Do not include <assert.h>.
* rndegd.c: Likewise.
* sha1.c: Likewise.
* rndunix.c: Likewise.
* rndlinux.c: Likewise.
* rmd160.c: Likewise.
* md5.c: Likewise.
* md4.c: Likewise.
* cipher.c: Likewise.
* crc.c: Likewise.
* blowfish.c: Likewise.
* pubkey.c (dummy_generate, dummy_check_secret_key)
(dummy_encrypt, dummy_decrypt, dummy_sign, dummy_verify): Return
err code GPG_ERR_NOT_IMPLEMENTED instead of aborting through
log_bug().
(dummy_get_nbits): Return 0 instead of aborting though log_bug().
2004-08-19 Werner Koch <wk@g10code.de>
* pubkey.c (sexp_data_to_mpi): Changed the zero random byte
substituting code to actually do clever things. Thanks to
Matthias Urlichs for noting the implementation problem.
2004-08-09 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_sign): Fixed memory leak; fix provided by
Modestas Vainius.
2004-07-16 Werner Koch <wk@gnupg.org>
* rijndael.c (do_encrypt): Fix alignment problem. Bugs found by
Matthias Urlichs.
(do_decrypt): Ditto.
(keySched, keySched2): Use 2 macros along with unions in the key
schedule context.
2004-07-14 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_decrypt): Don't forget to free "a". Thanks to
Nikos Mavroyanopoulos.
2004-05-09 Werner Koch <wk@gnupg.org>
* random.c (read_pool): Mix the PID in to better protect after a
fork.
2004-07-04 Moritz Schulte <moritz@g10code.com>
* serpent.c: Use "u32_t" instead of "unsigned long", do not
declare S-Box variables as "register". Fixes failure on
OpenBSD/sparc64, reported by Nikolay Sturm.
2004-05-07 Werner Koch <wk@gnupg.org>
* random.c (initialize): Factored out some code to ..
(initialize_basics): .. new function.
(_gcry_random_initialize): Just call initialize_basics unless the
new arg FULL is set to TRUE.
(_gcry_fast_random_poll): Don't do anything unless the random
system has been really initialized.
2004-05-07 Moritz Schulte <moritz@g10code.de>
* ac.c (gcry_ac_open): Do not dereference NULL pointer. Reported
by Umberto Salsi.
2004-02-20 Werner Koch <wk@gnupg.org>
* primegen.c (check_prime): New args CB_FUNC and CB_ARG; call them
at different stages. Pass these arguments through all callers.
2004-02-06 Werner Koch <wk@gnupg.org>
* des.c: Add a new OID as used by pkcs#12.
* rfc2268.c: New. Taken from libgcrypt.
* cipher.c: Setup the rfc2268 algorithm.
2004-01-25 Moritz Schulte <mo@g10code.com>
* primegen.c (prime_generate_internal): Do not forget to free
`q_factor'; fixed by Brieuc Jeunhomme.
(prime_generate_internal): Do not forget to free `prime'.
2004-01-14 Moritz Schulte <mo@g10code.com>
* ac.c (gcry_ac_data_set): New argument: flags; slightly
rewritten.
(gcry_ac_data_get_name, gcry_ac_data_get_index): Likewise.
(gcry_ac_key_pair_generate): New argument: misc_data; modified
order of arguments.
(gcry_ac_key_test): New argument: handle.
(gcry_ac_key_get_nbits, gcry_ac_key_get_grip): Likewise.
Use GCRY_AC_FLAG_NO_BLINDING instead of
GCRY_AC_DATA_FLAG_NO_BLINDING.
(gcry_ac_mpi): New member: flags.
(gcry_ac_data_search, gcry_ac_data_add): Removed functions.
2003-12-22 Werner Koch <wk@gnupg.org>
* primegen.c (is_prime): Release A2.
2003-12-19 Werner Koch <wk@gnupg.org>
* md.c: Moved a couple of functions down below the data structure
definitions.
(struct gcry_md_context): New field ACTUAL_HANDLE_SIZE.
(md_open): Set it here.
(strcut gcry_md_list): New field ACTUAL_STRUCT_SIZE.
(md_enable): Set it here.
(md_close): Wipe the context memory.
secure memory.
* cipher.c (struct gcry_cipher_handle): New field ACTUAL_HANDLE_SIZE.
(gcry_cipher_open): Set it here.
(gcry_cipher_close): Use it to always wipe out the handle data.
* ac.c (gcry_ac_open): Make sure HANDLE gets initialized even when
the function is not successful.
(gcry_ac_close): Allow a NULL handle.
(gcry_ac_key_destroy, gcry_ac_key_pair_destroy): Ditto.
(gcry_ac_key_get_grip): Return INV_OBJ on error.
* primegen.c (prime_generate_internal): Fixed error code for
failed malloc. Replaced the !err if chain by gotos.
(gcry_prime_group_generator): Remove the extra sanity check.
* md.c: Minor code and comment cleanups.
2003-12-16 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Doc fix. Thanks to Newton Hammet.
2003-12-11 Werner Koch <wk@gnupg.org>
* rndunix.c (slow_poll): Don't use #warning but #error.
* rndegd.c: Changed indentation.
(my_make_filename): Removd the var_arg cruft becuase we
don't need it here. Changed caller.
* rndlinux.c: Changed indentation.
(open_device): Remove the superfluous stat call and clarify
comment.
* rsa.c: Changed indentation.
(secret): Use the standard algorithm if p, q and u are not
available.
(rsa_blind, rsa_unblind): Renamed from _gcry_rsa_blind,
_gcry_rsa_unblind and moved more to the top.
* md4.c: Changed indentation. Removed unnecessary casts.
* md5.c, rmd160.c, sha1.c, tiger.c: Ditto.
* rijndael.c, twofish.c: Ditto.
* serpent.c: Removed unnecessary casts.
* sha256.c, sha512.c: Ditto.
2003-12-09 Werner Koch <wk@gnupg.org>
* dsa.c: Unified indentation style.
* elgamal.c: Ditto.
* des.c (des_key_schedule): Code beautifications.
* blowfish.c: Changed indentation style.
* cast5.c (do_cast_setkey): Ditto.
* pubkey.c (gcry_pk_encrypt): Replaced the chain of if(!err) tests
by straightforward gotos. Other cleanups.
(gcry_pk_decrypt): Ditto.
(gcry_pk_sign): Ditto.
(gcry_pk_verify): Ditto.
(gcry_pk_genkey): Ditto. Use strtoul instead of strtol.
(gcry_pk_ctl): Use GPG_ERR_INV_ARG to indicate bad arguments.
2003-12-07 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_register_default): Undef the helper macro.
(gcry_pk_map_name): Allow NULL for string.
(sexp_to_key): Use memcpy and not strncpy. Use gcry_free and not
free.
(sexp_to_sig): Ditto.
(sexp_to_enc): Ditto. Replaced the chain of if(!err) tests by
straightforward gotos.
2003-12-05 Werner Koch <wk@gnupg.org>
* cipher.c: Documentation cleanups.
(gcry_cipher_mode_from_oid): Allow NULL for STRING.
2003-12-03 Werner Koch <wk@gnupg.org>
* elgamal.c (sign, do_encrypt, gen_k): Make sure that a small K is
only used for encryption.
2003-11-18 Werner Koch <wk@gnupg.org>
* random.h (rndw32_set_dll_name): Removed unused prototype.
* Makefile.am (EXTRA_DIST): Added Manifest.
2003-11-11 Werner Koch <wk@gnupg.org>
* Manifest: New.
2003-11-04 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Use shortcut for SHA1
* sha1.c (_gcry_sha1_hash_buffer): New.
* random.c: Reformatted most functions.
(mix_pool): Moved the failsafe_digest from global
scope to here.
(do_fast_random_poll): Use the generic fucntions even if a fast
gathering function has been used.
(read_pool): Detect a fork and retry.
(gcry_randomize, get_random_bytes): Don't distinguish anymore
between weak and strong random.
(gcry_create_nonce): New.
2003-10-31 Werner Koch <wk@gnupg.org>
* rndw32.c (slow_gatherer_windowsNT): Use a plain buffer for the
disk performance values and not the W32 API structure.
* dsa.c (verify): s/exp/ex/ due to shadowing of a builtin.
* elgamal.c (verify): Ditto.
* ac.c (gcry_ac_data_get_index): s/index/idx/
(gcry_ac_data_copy_internal): Remove the cast in _gcry_malloc.
(gcry_ac_data_add): Must use gcry_realloc instead of realloc.
* pubkey.c (sexp_elements_extract): s/index/idx/ as tribute to the
forehackers.
(gcry_pk_encrypt): Removed shadowed definition of I. Reordered
arguments to malloc for clarity.
(gcry_pk_sign, gcry_pk_genkey): Ditto.
* primegen.c (prime_generate_internal): s/random/randomlevel/.
2003-10-27 Moritz Schulte <mo@g10code.com>
* pubkey.c (gcry_pk_encrypt): Don't forget to deallocate pkey.
2003-10-27 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_add_bytes): Return if buflen is zero to
avoid gcc warning about unsed parameter.
(MASK_LEVEL): Simplified; does now work for signed and unsigned
w/o warnings.
* md.c (md_start_debug): Removed the const from SUFFIX, because
this function is called from the control fucntion which does not
require const.
Prefixed all (pubkey,digest,cipher}_spec_* globale variables with
_gcry_.
* ac.c (ac_key_identifiers): Made static.
* random.c (getfnc_gather_random,getfnc_fast_random_poll): Move
prototypes to ..
* rand-internal.h: .. here
* random.c (getfnc_gather_random): Include rndw32 gatherer.
* rndunix.c, rndw32.c, rndegd.c: Include them here.
* rndlinux.c (_gcry_rndlinux_gather_random): Prepend the _gcry_
prefix. Changed all callers.
* rndegd.c (_gcry_rndegd_gather_random): Likewise.
(_gcry_rndegd_connect_socket): Likewise.
* rndunix.c (_gcry_rndunix_gather_random): Likewise.
(waitpid): Made static.
* rndw32.c: Removed the old and unused winseed.dll cruft.
(_gcry_rndw32_gather_random_fast): Renamed from
gather_random_fast.
(_gcry_rndw32_gather_random): Renamed from gather_random. Note,
that the changes 2003-04-08 somehow got lost.
* sha512.c (sha512_init, sha384_init): Made static.
* cipher.c (do_ctr_decrypt): Removed "return" from this void
function.
2003-10-24 Moritz Schulte <mo@g10code.com>
* serpent.c: Fix an issue on big-endian systems.
* rndw32.c: Removed IS_MODULE -cruft.
* rndlinux.c (rndlinux_gather_random): Likewise.
2003-10-10 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Bail out if NBITS is less than 16.
(prime_generate_internal): Initialize prime variable to suppress
compiler warning. Check pbits, initialize qbits when passed as
zero.
* primegen.c (prime_generate_internal): New arg
ALL_FACTORS. Changed all callers.
(gcry_prime_generate): Make the factors arg optional. Request
all_factors. Make sure PRIME is set to NULL even on error.
(gcry_prime_group_generator): New.
(gcry_prime_release_factors): New.
2003-10-06 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Assert that NBITS is never zero, it
would cause a segv.
2003-09-28 Moritz Schulte <mo@g10code.com>
* ac.c: Include "cipher.h".
2003-09-27 Moritz Schulte <mo@g10code.com>
* rndegd.c (do_read): Return nread instead of nbytes; thanks to
Michael Caerwyn.
2003-09-04 Werner Koch <wk@gnupg.org>
* pubkey.c (_gcry_pk_aliased_algo_name): New.
* ac.c (gcry_ac_open): Use it here.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Add serpent.c
2003-09-02 Moritz Schulte <mo@g10code.com>
* primegen.c (gcry_prime_check, gcry_prime_generate): New
functions.
(prime_generate_internal): New function, based on
_gcry_generate_elg_prime.
(_gcry_generate_elg_prime): Rewritten as a wrapper for
prime_generate_internal.
2003-08-28 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_encrypt): Don't include the flags list in the
return value. This does not make sense and breaks any programs
parsing the output strictly (e.g. current gpgsm).
(gcry_pk_encrypt): If aliases for the algorithm name exists, take
the first one instead of the regular name to adhere to SPKI
conventions.
(gcry_pk_genkey): Ditto.
(gcry_pk_sign): Ditto. Removed unused KEY_ALGO_NAME.
2003-08-19 Moritz Schulte <mo@g10code.com>
* cipher.c: Add support for Serpent
* serpent.c: New file.
2003-08-10 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_blind, _gcry_rsa_unblind): Declare static.
2003-08-09 Timo Schulz <twoaday@freakmail.de>
* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM
two times, but also the NAME_OF_DEV_URANDOM device.
2003-08-08 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_enc): Fixed extraction of S-Expression: do not
fail if no `flags' sub S-Expression is found.
2003-07-27 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_lookup_func_oid): Allow for empty OID lists.
2003-07-23 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_construct): New argument: include_flags, only
include `flags' S-expression, if include_flags is true. Adjust
callers. Thanks for triggering a bug caused by `flags'
sub-S-expression where they are not expected to Ralf Schneider.
2003-07-21 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_lookup_func_name): Use new member name
`aliases' instead of `sexp_names'.
* ac.c (gcry_ac_key_data_get): New function.
* cipher.c (gcry_cipher_lookup_func_name): Fix return value.
2003-07-20 Moritz Schulte <moritz@g10code.com>
* blowfish.c: Adjusted for new gcry_cipher_spec_t structure.
* cast5.c: Likewise.
* twofish.c: Likewise.
* arcfour.c: Likewise.
* rijndael.c (rijndael_oids, rijndael192_oids, rijndael256_oids):
New variables, adjust for new gcry_cipher_spec_t structure.
* des.c (oids_tripledes): New variable, adjust for new
gcry_cipher_spec_t structure.
* md.c (oid_table): Removed.
* tiger.c (oid_spec_tiger): New variable.
(digest_spec_tiger): Adjusted for new gry_md_spec_t structure.
* sha512.c (oid_spec_sha512): New variable.
(digest_spec_sha512): Adjusted for new gry_md_spec_t structure.
* sha512.c (oid_spec_sha384): New variable.
(digest_spec_sha384): Adjusted for new gry_md_spec_t structure.
* sha256.c (oid_spec_sha256): New variable.
(digest_spec_sha256): Adjusted for new gry_md_spec_t structure.
* sha1.c (oid_spec_sha1): New variable.
(digest_spec_sha1): Adjusted for new gry_md_spec_t structure.
* rmd160.c (oid_spec_rmd160): New variable.
(digest_spec_rnd160): Adjusted for new gry_md_spec_t structure.
* md5.c (oid_spec_md5): New variable.
(digest_spec_md5): Adjusted for new gry_md_spec_t structure.
* md4.c (oid_spec_md4): New variable.
(digest_spec_md4): Adjusted for new gry_md_spec_t structure.
* crc.c (digest_spec_crc32, digest_spec_crc32_rfc1510,
digest_spec_crc32_rfc2440): Adjusted for new gry_md_spec_t
structure.
2003-07-19 Moritz Schulte <moritz@g10code.com>
* md.c (gcry_md_lookup_func_oid): New function.
(search_oid): New function, copied from cipher.c.
(gcry_md_map_name): Adjust for new search_oid_interface.
* cipher.c (oid_table): Removed table.
(gcry_cipher_lookup_func_oid): New function.
(search_oid): Rewritten to use the module functions.
(gcry_cipher_map_name): Adjust for new search_oid interface.
(gcry_cipher_mode_from_oid): Likewise.
2003-07-18 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Convert ERR to gpg_error_t in
gpg_strerror.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_lookup_func_name): Also check the cipher
name aliases, not just the primary name.
(gcry_cipher_map_name): Remove kludge for aliasing Rijndael to
AES.
* arcfour.c, blowfish.c, cast5.c, des.c, twofish.c: Adjust cipher
specification structures.
* rijndael.c (rijndael_names, rijndael192_names,
rijndael256_names): New variables, use them in the cipher
specifications.
* rmd160test.c: Removed file.
* ac.c, arcfour.c, blowfish.c, cast5.c, cipher.c, des.c, dsa.c,
elgamal.c, md.c, pubkey.c, random.c, rijndael.c, rsa.c, twofish.c:
Used gcry_err* wrappers for libgpg symbols.
* primegen.c (gen_prime): Correct the order arguments to
extra_check.
2003-07-12 Moritz Schulte <moritz@g10code.com>
* ac.c: Replaced all public occurences of gpg_error_t with
gcry_error_t.
* cipher.c: Likewise.
* md.c: Likewise.
* pubkey.c: Likewise.
* random.c: Likewise.
* cipher.c: Added support for TWOFISH128.
2003-07-08 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_copy_internal): New function, based on
gcry_ac_data_copy.
(gcry_ac_data_copy): Made public, use gcry_ac_data_copy_internal.
(gcry_ac_key_init): Use gcry_ac_data_copy_internal.
2003-07-07 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_set): Only release old MPI value if it is
different from the new value. Bug reported by Simon Josefsson
<jas@extundo.com>.
* pubkey.c (gcry_pk_list): New function.
* md.c (gcry_md_list): New function.
* ac.c (gcry_ac_key_pair_generate): Fix calculation of format
string size.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* md.c: Named struct of digest_table `digest_table_entry'.
(digest_table_entry): New member: algorithm; filled in.
(digest_table_entry): Removed unused member: flags.
(gcry_md_register): New argument: algorithm_id, filled in.
(gcry_md_register_default): Used algorithm ID from module
structure.
(gcry_md_map_name): Likewise.
(md_enable): Likewise.
(md_read): Likewise.
(gcry_md_info): Likewise.
* pubkey.c: Named truct for pubkey_table `pubkey_table_entry'.
(pubkey_table_entry): New member: algorithm; filled in.
(gcry_pk_register_default): Used algorithm ID from pubkey_table.
(gcry_pk_register): New argument: algorithm_id, filled in.
(gcry_pk_map_name): Used algorithm ID from module structure.
(gcry_pk_decrypt): Likewise.
(gcry_pk_encrypt): Likewise.
(gcry_pk_verify): Likewise.
(gcry_pk_sign): Likewise.
(gcry_pk_testkey): Likewise.
(gcry_pk_genkey): Likewise.
(gcry_pk_get_nbits): Likewise.
(sexp_to_key): Removed unused variable: algo.
(sexp_to_sig): Likewise.
* cipher.c: Named struct for cipher_table `cipher_table_entry'.
(cipher_table_entry): New member: algorithm; filled in.
(gcry_cipher_register_default): Used algorithm ID from
cipher_table.
(gcry_cipher_register): New argument: algorithm_id, filled in.
(gcry_cipher_map_name): Used algorithm ID from module structure.
* arcfour.c (cipher_spec_arcfour): Removed algorithm ID.
* blowfish.c (cipher_spec_blowfish): Likewise.
* cast5.c (cipher_spec_cast5): Likewise.
* crc.c (digest_spec_crc32): Likewise.
* crc.c (digest_spec_crc32_rfc1510): Likewise.
* crc.c (digest_spec_crc32_rfc2440): Likewise.
* des.c (cipher_spec_des): Likewise.
* des.c (cipher_spec_tripledes): Likewise.
* dsa.c (pubkey_spec_dsa): Likewise.
* elgamal.c (pubkey_spec_elg): Likewise.
* md4.c (digest_spec_md4): Likewise.
* md5.c (digest_spec_md5): Likewise.
* aes.c (cipher_spec_aes): Likewise.
* aes.c (cipher_spec_aes192): Likewise.
* aes.c (cipher_spec_aes256): Likewise.
* rsa.c (pubkey_spec_rsa): Likewise.
* sha1.c (digest_spec_sha1): Likewise.
* sha256.c (digest_spec_sha256): Likewise.
* sha512.c (digest_spec_sha512): Likewise.
* tiger.c (digest_spec_tiger): Likewise.
* twofish.c (cipher_spec_twofish): Likewise.
* twofish.c (cipher_spec_twofish128): Likewise.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Fix list of source
files; reported by Simon Josefsson <jas@extundo.com>.
* pubkey.c: Replaced all occurences of `id' with `algorithm',
since `id' is a keyword in obj-c.
* md.c: Likewise.
* cipher.c: Likewise.
* crc.c, md4.c, md5.c, rmd160.c, sha1.c, sha256.c, tiger.c:
Replaced all occurences of gcry_digest_spec_t with gcry_md_spec_t.
* dsa.c, rsa.c, elgamal.c: Replaced all occurencens of
gcry_pubkey_spec_t with gcry_pk_spec_t.
* md.c: Replaced all occurences of gcry_digest_spec_t with
gcry_md_spec_t.
(gcry_digest_register_default): Renamed to ...
(gcry_md_register_default): ... this; adjusted callers.
(gcry_digest_lookup_func_name): Renamed to ...
(gcry_md_lookup_func_name): ... this; adjusted callers.
(gcry_digest_lookup_name): Renamed to ...
(gcry_md_lookup_name): ... this; adjusted callers.
(gcry_digest_register): Renamed to ...
(gcry_md_register): ... this.
(gcry_digest_unregister): Renamed to ...
(gcry_md_unregister): ... this.
* pubkey.c (gcry_pubkey_register): Renamed to ...
(gcry_pk_register): ... this.
(gcry_pubkey_unregister): Renamed to ...
(gcry_pk_unregister): ... this.
Replaced all occurences of gcry_pubkey_spec_t with gcry_pk_spec_t.
(gcry_pubkey_register_default): Renamed to ...
(gcry_pk_register_default): ... this; adjusted callers.
(gcry_pubkey_lookup_func_name): Renamed to ...
(gcry_pk_lookup_func_name): ... this; adjusted callers.
(gcry_pubkey_lookup_name): Renamed to ...
(gcry_pk_lookup_name): ... this; adjusted callers.
* md.c (gcry_md_hash_buffer): Fix error checking. Thanks to Simon
Josefsson <jas@extunde.com>.
2003-07-04 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_list): New function.
2003-07-01 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_sig): Accept a `flags' S-expression to be more
consistent with sexp_to_enc.
2003-06-30 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libcipher_la_SOURCES): Added: ac.c.
* pubkey.c (_gcry_pk_module_lookup): New function.
(_gcry_pk_module_release): New function.
2003-06-29 Moritz Schulte <moritz@g10code.com>
* ac.c: New file.
2003-06-26 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Trigger BUG correcly with new API.
2003-06-19 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_is_enabled): Fixed.
2003-06-18 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_get_algo_keylen): New.
(gcry_cipher_get_algo_blklen): New.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* arcfour.c, cipher.c, blowfish.c, md.c, cast5.c, pubkey.c, crc.c,
des.c, dsa.c, elgamal.c, md4.c, md5.c, random.c, rijndael.c,
rmd160.c, rsa.c, sha1.c, sha256.c, sha512.c, tiger.c, twofish.c:
Replaced older types GcryDigestSpec, GcryCipherSpec and
GcryPubkeySpec with newer types: gcry_digest_spec_t,
gcry_cipher_spec_t and gcry_pubkey_spec_t.
* md.c (gcry_digest_id_new): Removed function.
(gcry_digest_register): Removed code for generating a new module
ID.
* pubkey.c (gcry_pubkey_id_new): Removed function.
(gcry_pubkey_register): Removed code for generating a new module
ID.
* cipher.c, md.c, pubkey.c: Replace old type GcryModule with newer
one: gcry_module_t.
(gcry_cipher_id_new): Removed function.
(gcry_cipher_register): Removed code for generating a new module
ID.
* cipher.c (gcry_cipher_register): Adjust call to
_gcry_module_add.
(gcry_cipher_register_default): Likewise.
* pubkey.c (gcry_pubkey_register_default): Likewise.
(gcry_pubkey_register): Likewise.
* md.c (gcry_digest_register_default): Likewise.
(gcry_digest_register): Likewise.
* md.c (gcry_digest_lookup_func_id): Removed function.
(gcry_digest_lookup_id): Likewise.
(gcry_digest_id_new): Use _gcry_module_lookup_id instead of
gcry_digest_lookup_id.
(digest_algo_to_string): Likewise.
(check_digest_algo): Likewise.
(md_enable): Likewise.
(md_digest_length): Likewise.
(md_asn_oid): Likewise.
* pubkey.c (gcry_pubkey_lookup_id): Removed function.
(gcry_pubkey_lookup_func_id): Likewise.
(gcry_pubkey_id_new): Use _gcry_module_lookup_id instead of
gcry_pubkey_id_new.
(gcry_pk_algo_name): Likewise.
(disable_pubkey_algo): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_get_npkey): Likewise.
(pubkey_get_nskey): Likewise.
(pubkey_get_nsig): Likewise.
(pubkey_get_nenc): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(gcry_pk_algo_info): Likewise.
* cipher.c (gcry_cipher_lookup_func_id): Removed function.
(gcry_cipher_lookup_id): Likewise.
(cipher_algo_to_string): use _gcry_module_lookup_id instead of
gcry_cipher_lookup_id.
(disable_cipher_algo): Likewise.
(check_cipher_algo): Likewise.
(cipher_get_blocksize): Likewise.
(gcry_cipher_open): Likewise.
(gcry_cipher_id_new): Likewise.
2003-06-17 Moritz Schulte <moritz@g10code.com>
* Makefile.am (GCRYPT_MODULES): Set to @GCRYPT_CIPHERS@,
@GCRYPT_PUBKEY_CIPHERS@, @GCRYPT_DIGESTS@ and @GCRYPT_RANDOM@.
(libcipher_la_DEPENDENCIES): Set to $(GCRYPT_MODULES).
(libcipher_la_LIBADD): Likewise.
(AM_CFLAGS): Added: @GPG_ERROR_CFLAGS@.
(EXTRA_libcipher_la_SOURCES): Added all conditional sources.
* md.c (md_open): Use _gcry_fast_random_poll instead of
fast_random_poll.
* cipher.c (gcry_cipher_open): Likewise.
* random.h (fast_random_poll): Removed macro.
* blowfish.c, md4.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c,
tiger.c: Use Autoconf's WORDS_BIGENDIAN instead of our own
BIG_ENDIAN_HOST.
2003-06-16 Moritz Schulte <moritz@g10code.com>
* random.c (getfnc_gather_random): Do not special-case
USE_ALL_RANDOM_MODULES, make it the default.
* dsa.c: Replace last occurences of old type names with newer
names (i.e. replace MPI with gcry_mpi_t).
* elgamal.c: Likewise.
* primegen.c: Likewise.
* pubkey.c: Likewise.
* rsa.c: Likewise.
2003-06-14 Moritz Schulte <moritz@g10code.com>
* des.c (des_setkey): Add selftest check.
(tripledes_set3keys): Likewise.
(do_tripledes_setkey): Remove selftest check.
(do_des_setkey): Likewise.
2003-06-11 Moritz Schulte <moritz@g10code.com>
* md.c (_gcry_md_init): New function.
* cipher.c (_gcry_cipher_init): New function.
* pubkey.c (_gcry_pk_init): New function.
2003-06-13 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_get_algo): Reverted to old API. This is a
convenience function anyway and error checking is not approriate.
(gcry_md_is_secure): New.
(gcry_md_is_enabled): New.
2003-06-12 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_open): Make sure HANDLE is set to NULL on
error.
2003-06-11 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_open): Make sure H receives either NULL or an
valid handle.
(gcry_md_copy): Swapped arguments so that it is more in lione with
md_open and most other API fucntions like memcpy (destination
comes first). Make sure HANDLE is set to NULL on error.
* rijndael.c (do_encrypt): Hack to force correct alignment. It
seems not to be not sufficient, though. We should rework this
fucntions and remove all these ugly casts. Let the compiler
optimize or have an assembler implementation.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Removed rules serpent, since that is not commited
yet.
2003-06-08 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_encrypt): Improve calculation for size of the
format string.
2003-06-07 Moritz Schulte <moritz@g10code.com>
* arcfour.c, bithelp.h, blowfish.c, cast5.c, cipher.c, crc.c,
des.c, dsa.c, elgamal.c, md4.c, md5.c, md.c, primegen.c, pubkey.c,
rand-internal.h, random.c, random.h, rijndael.c, rmd160.c,
rmd160test.c, rmd.h, rndeged.c, rndlinux.c, rndunix.c, rndw32.c,
rsa.c, sha1.c, sha256.c, sha512.c, tiger.c, twofish.c: Edited all
preprocessor instructions to remove whitespace before the '#'.
This is not required by C89, but there are some compilers out
there that don't like it. Replaced any occurence of the now
deprecated type names with the new ones.
2003-06-04 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_encrypt): Construct an arg_list and use
gcry_sexp_build_array instead of gcry_sexp_build.
(gcry_pk_sign): Likewise.
(gcry_pk_genkey): Likewise.
2003-06-01 Moritz Schulte <moritz@g10code.com>
* dsa.c (_gcry_dsa_generate): Do not check wether the algorithm ID
does indeed belong to DSA.
(_gcry_dsa_sign): Likewise.
(_gcry_dsa_verify): Likewise.
(_gcry_dsa_get_nbits): Likewise.
* elgamal.c (_gcry_elg_check_secret_key): Do not check wether the
algorithm ID does indeed belong to ElGamal.
(_gcry_elg_encrypt): Likewise.
(_gcry_elg_decrypt): Likewise.
(_gcry_elg_sign): Likewise.
(_gcry_elg_verify): Likewise.
(_gcry_elg_get_nbits): Likewise.
(_gcry_elg_generate): Likewise.
* rsa.c (_gcry_rsa_generate): Do not check wether the algorithm ID
does indeed belong to RSA.
(_gcry_rsa_encrypt): Likewise.
(_gcry_rsa_decrypt): Likewise.
(_gcry_rsa_sign): Likewise.
(_gcry_rsa_verify): Likewise.
(_gcry_rsa_get_nbits): Likewise.
2003-05-30 Moritz Schulte <moritz@g10code.com>
* md.c (md_get_algo): Return zero in case to algorithm is enabled.
* md.c (gcry_md_info): Adjusted for new no-errno-API.
(md_final): Likewise.
(gcry_md_get_algo): Likewise.
* pubkey.c (gcry_pk_get_keygrip): Likewise.
(gcry_pk_ctl): Likewise.
(gcry_pk_algo_info): Likewise.
* des.c (selftest): Likewise.
2003-05-29 Moritz Schulte <moritz@g10code.com>
* md.c (md_enable): Do not forget to release module on error.
(gcry_md_open): Adjusted for new no-errno-API.
(md_open): Likewise.
(md_copy): Likewise.
(gcry_md_copy): Likewise.
(gcry_md_setkey): Likewise.
(gcry_md_algo_info): Likewise.
* cipher.c (gcry_cipher_open): Adjusted for new no-errno-API and
also fixed a locking bug.
(gcry_cipher_encrypt): Adjusted for new no-errno-API.
(gcry_cipher_decrypt): Likewise.
(gcry_cipher_ctl): Likewise.
(gcry_cipher_info): Likewise.
(gcry_cipher_algo_info): Likewise.
2003-05-28 Moritz Schulte <moritz@g10code.com>
* md.c (md_enable): Adjusted for libgpg-error.
(gcry_md_enable): Likewise.
(gcry_digest_register_default): Likewise.
(gcry_digest_register): Likewise.
(check_digest_algo): Likewise.
(prepare_macpads): Likewise.
(gcry_md_setkey): Likewise.
(gcry_md_ctl): Likewise.
(gcry_md_get): Likewise.
(gcry_md_algo_info): Likewise.
(gcry_md_info): Likewise.
* dsa.c (_gcry_dsa_generate): Likewise.
(_gcry_dsa_check_secret_key): Likewise.
(_gcry_dsa_sign): Likewie.
(_gcry_dsa_verify): Likewise.
* twofish.c (do_twofish_setkey): Likewise.
(twofish_setkey): Likewise.
* cipher.c (gcry_cipher_register): Likewise.
2003-05-25 Moritz Schulte <moritz@g10code.com>
* rijndael.c (do_setkey): Adjusted for libgpg-error.
(rijndael_setkey): Likewise.
* random.c (gcry_random_add_bytes): Likewise.
* elgamal.c (_gcry_elg_generate): Likewise.
(_gcry_elg_check_secret_key): Likewise.
(_gcry_elg_encrypt): Likewise.
(_gcry_elg_decrypt): Likewise.
(_gcry_elg_sign): Likewise.
(_gcry_elg_verify): Likewise.
* rsa.c (_gcry_rsa_generate): Likewise.
(_gcry_rsa_check_secret_key): Likewise.
(_gcry_rsa_encrypt): Likewise.
(_gcry_rsa_decrypt): Likewise.
(_gcry_rsa_sign): Likewise.
(_gcry_rsa_verify): Likewise.
* pubkey.c (dummy_generate, dummy_check_secret_key, dummy_encrypt,
dummy_decrypt, dummy_sign, dummy_verify): Likewise.
(gcry_pubkey_register): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(sexp_elements_extract): Likewise.
(sexp_to_key): Likewise.
(sexp_to_sig): Likewise.
(sexp_to_enc): Likewise.
(sexp_data_to_mpi): Likewise.
(gcry_pk_encrypt): Likewise.
(gcry_pk_decrypt): Likewise.
(gcry_pk_sign): Likewise.
(gcry_pk_verify): Likewise.
(gcry_pk_testkey): Likewise.
(gcry_pk_genkey): Likewise.
(gcry_pk_ctl): Likewise.
* cipher.c (dummy_setkey): Likewise.
(check_cipher_algo): Likewise.
(gcry_cipher_open): Likewise.
(cipher_setkey): Likewise.
(gcry_cipher_ctl): Likewise.
(cipher_encrypt): Likewise.
(gcry_cipher_encrypt): Likewise.
(cipher_decrypt): Likewise.
(gcry_cipher_decrypt): Likewise.
(gcry_cipher_info): Likewise.
(gcry_cipher_algo_info): Likewise.
* cast5.c (cast_setkey): Likewise.
(do_cast_setkey): Likewise.
* arcfour.c (arcfour_setkey): Likewise.
(do_arcfour_setkey): Likewise.
* blowfish.c (do_bf_setkey): Likewise.
(bf_setkey): Likewise.
* des.c (do_des_setkey): Likewise.
(do_tripledes_setkey): Likewise.
2003-05-22 Moritz Schulte <moritz@g10code.com>
* tiger.c: Merged code ussing the U64_C macro from GnuPG.
* sha512.c: Likewise.
2003-05-17 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_genkey): Fix type: acquire a lock, instead of
releasing it.
2003-05-11 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_testkey): Call REGISTER_DEFAULT_CIPHERS.
(gcry_pk_ctl): Likewise.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_genkey): Release sexp after extracted data has
been used.
* md.c (gcry_md_get_algo_dlen): Simplified, simply call
md_digest_length to do the job.
* des.c (do_des_setkey): Check for selftest failure not only
during initialization.
(do_tripledes_setkey): Include check for selftest failure.
* pubkey.c (gcry_pubkey_register_default): New macro
`pubkey_use_dummy', use it.
* elgamal.c (elg_names): New variable.
(pubkey_spec_elg): Include elg_names.
* dsa.c (dsa_names): New variable.
(pubkey_spec_dsa): Include dsa_names.
* rsa.c (rsa_names): New variable.
(pubkey_spec_rsa): Include rsa_names.
* pubkey.c (gcry_pubkey_lookup_func_name): Compare name also with
the names listed in `sexp_names'.
2003-04-24 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_key): New variables: module, pubkey. Adjusted
to new module interface.
(sexp_to_key): Changend type of argument `retalgo' from `int *' to
`GcryModule **'. Adjusted all callers. Removed argument:
r_algotblidx.
(sexp_to_sig): Changend type of argument `retalgo' from `int *' to
`GcryModule **'. Adjusted all callers.
(sexp_to_enc): Likewise.
(pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig,
pubkey_get_nenc): Use strlen to find out the number.
* rsa.c: Adjust pubkey_spec_rsa to new internal interface.
* dsa.c: Likewise.
* elgamal.c: Likewise.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_elements_extract): New function.
* pubkey.c (sexp_to_key): Removed variable `idx', added `err', use
sexp_elements_extract.
(sexp_to_sig): Likewise.
(sexp_to_enc): Likewise.
* pubkey.c: Terminate list correctly.
* md.c: Include sha512/sha384 in digest_table.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Include support for sha512.c.
* sha512.c: New file, merged from GnuPG, with few modifications
for libgcrypt.
* rand-internal.h: Removed declarations for constructor functions.
* md.c (md_copy): Call _gcry_module_use for incrementing the usage
counter of the digest modules.
* rsa.c: Do not include "rsa.h".
* dsa.c: Do not include "dsa.h".
* elgamal.c: Do not include "elgamal.h".
* des.c: Do not include "des.h".
* cast5.c: Do not include "cast5.h".
* blowfish.c: Do not include "blowfish.h".
* arcfour.c: Do not include "arcfour.h".
* Makefile.am (libcipher_la_DEPENDENCIES): Removed.
(libcipher_la_LIBADD): Removed.
Use Automake conditionals for conditional compilation.
2003-04-13 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_open): Call REGISTER_DEFAULT_CIPHERS.
* md.c (gcry_md_list): New member: module.
(md_enable): New variable: module, changed use of module and
digest.
(md_enable): Initialize member: module.
(md_close): Call _gcry_module_release.
* cipher.c (gcry_cipher_open): New variable: module, changed use of
module and cipher.
(struct gcry_cipher_handle): New member: module.
(gcry_cipher_open): Initialize member: module.
(gcry_cipher_close): Call _gcry_module_release.
2003-04-09 Moritz Schulte <moritz@g10code.com>
* cipher.c: Include "ath.h".
* md.c: Likewise.
* pubkey.c: Likewise.
* cipher.c (ciphers_registered_lock): New variable.
* md.c (digests_registered_lock): New variable.
* pubkey.c (pubkeys_registered_lock): New variable.
* rndlinux.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndlinux_constructor): Removed function.
* rndegd.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndegd_constructor): Removed function.
* rndunix.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndunix_constructor): Removed function.
* rndw32.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndw32_constructor): Removed function.
* rndegd.c (rndegd_connect_socket): Simplify code for creating the
egd socket address.
(rndegd_connect_socket): Call log_fatal use instead of
g10_log_fatal.
(egd_gather_random): Renamed to ...
(rndegd_gather_random): ... here.
2003-04-08 Moritz Schulte <moritz@g10code.com>
* rndlinux.c: Do not include "dynload.h".
* rndunix.c: Likewise.
* rndw32.c: Likewise.
* rndegd.c (rndegd_connect_socket): Factored out from ...
(egd_gather_random): here; call it.
(egd_socket): New variable.
(egd_gather_random): Initialize fd with egd_socket, do not declare
fd static.
(do_read): Merged few changes from GnuPG. FIXME - not finished?
Do not include "dynload.h".
* rndw32.c (gather_random): Renamed to rndw32_gather_random, do
not declare static.
(gather_random_fast): Renamed to rndw32_gather_random_fast, do not
declare static.
* rndunix.c (gather_random): Renamed to rndunix_gather_random, do
not declare static.
* rndegd.c (gather_random): Renamed to rndegd_gather_random, do
not declare static.
* rndlinux.c (gather_random): Renamed to rndlinux_gather_random,
do not declare static.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libcipher_la_SOURCES): Removed construct.c.
(libcipher_la_SOURCES): Added sha1.c, sha256.c, rmd160.c, md4.c,
md5.c, tiger.c and crc.c
(EXTRA_PROGRAMS): Removed sha1, sha256, rmd160, md4, md5, tiger
and crc. Removed definitions: EXTRA_md4_SOURCES,
EXTRA_md5_SOURCES, EXTRA_rmd160_SOURCES, EXTRA_sha1_SOURCES,
EXTRA_sha256_SOURCES, EXTRA_tiger_SOURCES and EXTRA_crc_SOURCES,
BUILT_SOURCES, DISTCLEANFILES.
* pubkey.c: Do not include "elgamal.h", "dsa.h" and "rsa.h".
* Makefile.am (libcipher_la_SOURCES): Removed rsa.h, elgamal.h,
dsa.h, des.h, cast5.h, arcfour.h and blowfish.h.
* rsa.h: Removed file.
* elgamal.h: Removed file.
* dsa.h: Removed file.
* des.h: Removed file.
* cast5.h: Removed file.
* arcfour.h: Removed file.
* blowfish.h: Removed file.
* Makefile.am (libcipher_la_SOURCES): Removed dynload.c and
dynload.h.
* rsa.c (pubkey_spec_rsa): New variable.
* dsa.c (pubkey_spec_rsa): New variable.
* elgamal.c (pubkey_spec_elg): New variable.
* rsa.c (_gcry_rsa_get_info): Removed function.
* elgamal.c (_gcry_elg_get_info): Removed function.
* dsa.c (_gcry_dsa_get_info): Removed function.
* tiger.c (tiger_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_tiger_constructor): Removed function.
* sha1.c (sha1_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_sha1_constructor): Removed function.
* sha256.c (sha256_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_sha256_constructor): Removed function.
* rmd160.c (rmd160_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rmd160_constructor): Removed function.
* md5.c (md5_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_md5_constructor): Removed function.
* md4.c (md4_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_md4_constructor): Removed function.
* crc.c (crc_get_info): Removed function.
* arcfour.c (do_arcfour_setkey): Changed type of context argument
to `void *', added local variable for cast, adjusted callers.
(arcfour_setkey): Likewise.
(encrypt_stream): Likewise.
* cast5.c (cast_setkey): Likewise.
(encrypt_block): Likewise.
* rijndael.c (rijndael_setkey): Likewise.
(rijndael_encrypt): Likewise.
(rijndael_decrypt): Likewise.
* twofish.c (twofish_setkey): Likewise.
(twofish_encrypt): Likewise.
(twofish_decrypt): Likewise.
* des.c (do_des_setkey): Likewise.
(do_des_encrypt): Likewise.
(do_des_encrypt): Likewise.
(do_tripledes_encrypt): Likewise.
(do_tripledes_encrypt): Likewise.
* blowfish.c (bf_setkey: Likewise.
(encrypt_block): Likewise.
(decrypt_block): Likewise.
* arcfour.c (encrypt_stream): Likewise.
* rijndael.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func) Removed function.
* twofish.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func) Removed function.
* cast5.c (CIPHER_ALGO_CAST5): Removed.
* blowfish.c (FNCCAST_SETKEY, FNCCAST_CRYPT): Removed macros.
(CIPHER_ALGO_BLOWFISH): Removed symbol.
* cast5.c (FNCCAST_SETKEY, FNCCAST_CRYPT): Likewise.
* des.c (selftest_failed): Removed.
(initialized): New variable.
(do_des_setkey): Run selftest, if not yet done.
(FNCCAST_SETKEY, FNCCAST_CRYPT): Removed macros.
* arcfour.c (_gcry_arcfour_get_info): Removed function.
* blowfish.c (_gcry_blowfish_get_info): Removed function.
* cast5.c (_gcry_cast5_get_info): Removed function.
* des.c (_gcry_des_get_info): Removed function.
* rijndael.c (_gcry_rijndael_get_info): Removed function.
* twofish.c (_gcry_twofish_get_info): Removed function.
* arcfour.c (cipher_spec_arcfour): New variable.
* twofish.c (cipher_spec_twofish, cipher_spec_twofish128): New
variables.
* rijndael.c (cipher_spec_aes, cipher_spec_aes192,
cipher_spec256): New variables.
* des.c (cipher_spec_des, cipher_spec_tripledes): New variables.
* cast5.c (cipher_spec_cast5): New variable.
* blowfish.c (cipher_spec_blowfish): Likewise.
* twofish.c: Do not include "dynload.h".
* rijndael.c: Likewise.
* des.c: Likewise.
* cast5.c: Likewise.
* blowfish.c: Likewise.
* cipher.c: Likewise.
* crc.c: Likewise.
* md4.c: Likewise.
* md5.c: Likewise.
* md.c: Likewise.
* pubkey.c: Likewise.
* rijndael.c: Likewise.
* sha1.c: Likewise.
* sha256.c: Likewise.
* arcfour.c: Include "cipher.h".
* twofish.c: Likewise.
* rijndael.c: Likewise.
* des.c: Likewise.
* cast5.c: Likewise.
* blowfish.c: Likewise.
* twofish.c (twofish_setkey): Declared argument `key' const.
(twofish_encrypt): Declared argument `inbuf' const.
(twofish_decrypt): Likewise.
* rijndael.c (rijndael_setkey): Declared argument `key' const.
(rijndael_encrypt): Declared argument `inbuf' const.
(rijndael_decrypt): Likewise.
* des.c (do_des_setkey): Declared argument `key' const.
(do_tripledes_setkey): Likewise.
(do_des_encrypt): Declared argument `inbuf' const.
(do_des_decrypt): Likewise.
(do_tripledes_encrypt): Likewise.
(do_tripledes_decrypt): Likewise.
* cast5.c (encrypt_block): Declared argument `inbuf' const.
(decrypt_block): Likewise.
(cast_setkey): Declared argument `key' const.
* blowfish.c (do_bf_setkey): Declared argument `key' const.
(encrypt_block): Declared argument `inbuf' const.
(encrypt_block): Likewise.
* cipher.c: Remove CIPHER_ALGO_DUMMY related code.
Removed struct cipher_table_s.
Changed definition of cipher_table.
Removed definition of disabled_algos.
(ciphers_registered, default_ciphers_registered): New variables.
(REGISTER_DEFAULT_CIPHERS): New macro.
(dummy_setkey): Declared argument `key' const.
(dummy_encrypt_block): Declared argument `inbuf' const.
(dummy_encrypt_block): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_setkey): Use `unsigned char' instead of `byte'.
(dummy_encrypt_block): Likewise.
(dummy_decrypt_block): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_decrypt_stream): Likewise.
(gcry_cipher_register_default): New function.
(gcry_cipher_lookup_func_id): New function.
(gcry_cipher_lookup_func_name): New function.
(gcry_cipher_lookup_id): New function.
(gcry_cipher_lookup_name): New function.
(gcry_cipher_id_new): New function.
(gcry_cipher_register): New function.
(gcry_cipher_unregister): New function.
(setup_cipher_table): Removed function.
(load_cipher_modules): Removed function.
(gcry_cipher_map_name): Adjusted to use new module management.
(cipher_algo_to_string): Likewise.
(disable_cipher_algo): Likewise.
(check_cipher_algo): Likewise.
(cipher_get_keylen): Likewise.
(cipher_get_blocksize): Likewise.
(gcry_cipher_open): Likewise.
(struct gcry_cipher_handle): Replaced members algo, algo_index,
blocksize, setkey, encrypt, decrypt, stencrypt, stdecrypt with one
member: cipher.
(gcry_cipher_open): Adjusted code for new handle structure.
(cipher_setkey): Likewise.
(cipher_setiv): Likewise.
(cipher_reset): Likewise.
(do_ecb_encrypt): Likewise.
(do_ecb_decrypt): Likewise.
(do_cbc_encrypt): Likewise.
(do_cbc_decrypt): Likewise.
(do_cfb_encrypt): Likewise.
(do_cfb_decrypt): Likewise.
(do_ctr_encrypt): Likewise.
(cipher_encrypt): Likewise.
(gcry_cipher_encrypt): Likewise.
(cipher_decrypt): Likewise.
(gcry_cipher_decrypt): Likewise.
(cipher_sync): Likewise.
(gcry_cipher_ctl): Likewise.
* pubkey.c: Removed struct pubkey_table_s.
Changed definition of pubkey_table.
Removed definition of disabled_algos.
(pubkeys_registered, default_pubkeys_registered): New variables.
(REGISTER_DEFAULT_PUBKEYS): New macro.
(setup_pubkey_table): Removed function.
(load_pubkey_modules): Removed function.
(gcry_pubkey_register_default): New function.
(gcry_pubkey_lookup_func_id): New function.
(gcry_pubkey_lookup_func_name): New function.
(gcry_pubkey_lookup_id): New function.
(gcry_pubkey_lookup_name): New function.
(gcry_pubkey_id_new): New function.
(gcry_pubkey_register): New function.
(gcry_pubkey_unregister): New function.
(gcry_pk_map_name): Adjusted to use new module management.
(gcry_pk_algo_name): Likewise.
(disable_pubkey_algo): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_get_npkey): Likewise.
(pubkey_get_nskey): Likewise.
(pubkey_get_nsig): Likewise.
(pubkey_get_nenc): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(gcry_pk_get_nbits): Likewise.
(gcry_pk_algo_info): Likewise.
* md.c: Removed struct md_digest_list_s.
(digest_list): Changed definition.
(digests_registered, default_digests_registered): New variables.
(REGISTER_DEFAULT_DIGESTS): New macro.
(new_list_item): Removed function.
(setup_md_table): Removed function.
(load_digest_module): Removed function.
(gcry_digest_register_default): New function.
(gcry_digest_lookup_func_id): New function.
(gcry_digest_lookup_func_name): New function.
(gcry_digest_lookup_id): New function.
(gcry_digest_lookup_name): New function.
(gcry_digest_id_new): New function.
(gcry_digest_register): New function.
(gcry_digest_unregister): New function.
(GcryDigestEntry): New type.
(struct gcry_md_context): Adjusted type of `list'.
(gcry_md_map_name): Adjusted to use new module management.
(digest_algo_to_string): Likewise.
(check_digest_algo): Likewise.
(md_enable): Likewise.
(md_digest_length): Likewise.
(md_asn_oid): Likewise.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* pubkey.c: Replaced PUBKEY_ALGO_DSA with GCRY_PK_DSA,
PUBKEY_ALGO_RSA with GCRY_PK_RSA and PUBKEY_ALGO_ELGAMAL with
GCRY_PK_ELG.
* dsa.c: Replaced PUBKEY_ALGO_DSA with GCRY_PK_DSA.
2003-04-01 Moritz Schulte <moritz@g10code.com>
* des.c: Removed checks for GCRY_CIPHER_3DES and GCRY_CIPHER_DES.
2003-03-31 Moritz Schulte <moritz@g10code.com>
* tiger.c (tiger_get_info): Do not declare static.
* sha256.c (sha256_get_info): Likewise.
* sha1.c (sha1_get_info): Likewise.
* rmd160.c (rmd160_get_info): Likewise.
* md5.c (md5_get_info): Likewise.
* md4.c (md4_get_info): Likewise.
* crc.c (crc_get_info): Likewise.
* md.c (load_digest_module): Call setup_md_table during
initialization.
(new_list_item): Link new element into digest_list.
* cipher.c (do_ctr_decrypt): Made do_ctr_encrypt act as a wrapper
for do_ctr_encrypt, since these functions are identical.
2003-03-30 Simon Josefsson <jas@extundo.com>
* cipher.c (struct gcry_cipher_handle): Add counter field.
(gcry_cipher_open): Add CTR.
(cipher_reset): Clear counter field.
(do_ctr_encrypt, do_ctr_decrypt): New functions.
(cipher_encrypt, cipher_decrypt): Call CTR functions.
(gcry_cipher_ctl): Add SET_CTR to set counter.
2003-03-30 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_blind): New function.
(_gcry_rsa_unblind): New function.
(_gcry_rsa_decrypt): Use _gcry_rsa_blind and _gcry_rsa_decrypt.
2003-03-26 Moritz Schulte <moritz@g10code.com>
* dynload.c (_gcry_enum_gnupgext_pubkeys): Adjust `encrypt' and
`decrypt' function arguments.
(_gcry_enum_gnupgext_pubkeys): Likewise.
* dynload.h: Likewise.
* pubkey.c (dummy_decrypt): Add argument: int flags.
(dummy_encrypt): Likewise.
* elgamal.c (_gcry_elg_encrypt): Add argument: int flags.
(_gcry_elg_decrypt): Likewise.
* rsa.c (_gcry_rsa_encrypt): Add argument: int flags.
(_gcry_rsa_decrypt): Likewise.
* pubkey.c: Add `flags' argument to members `encrypt' and
`decrypt' of struct `pubkey_table_s'.
* rsa.h: Add `flags' argument to function declarations.
* elgamal.h: Likewise.
* pubkey.c (sexp_data_to_mpi): New variable: int parsed_flags.
(sexp_data_to_mpi): Set `parsed_flags'.
(sexp_data_to_mpi): New argument: int *flags.
(gcry_pk_encrypt): New variable: int flags.
(gcry_pk_encrypt): Pass `flags' to pubkey_encrypt.
(pubkey_encrypt): New variable: int flags.
(pubkey_encrypt): Pass `flags' to pubkey encrypt function.
(pubkey_decrypt): Likewise.
(pubkey_decrypt): Pass `flags' to pubkey encrypt function.
(gcry_pk_encrypt): Include `flags' s-exp in return list.
(sexp_to_enc): New argument: int *flags.
(gcry_pk_decrypt): New variable: int flags.
(gcry_pk_decrypt): Pass `flags' to pubkey_decrypt.
(sexp_to_enc): New variable: int parsed_flags.
(sexp_to_enc): Set `parsed_flags'.
2003-03-22 Simon Josefsson <jas@extundo.com>
* cipher.c (gcry_cipher_open, do_cbc_encrypt)
(gcry_cipher_encrypt): Support GCRY_CIPHER_CBC_MAC.
(gcry_cipher_ctl): Support GCRYCTL_SET_CBC_MAC.
2003-03-19 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): New args EXTRA_CHECK and EXTRA_CHECK_ARG
to allow for a user callback. Changed all callers.
(_gcry_generate_secret_prime)
(_gcry_generate_public_prime): Ditto, pass them to gen_prime.
* rsa.c (check_exponent): New.
(generate): Use a callback to ensure that a given exponent is
actually generated.
2003-03-12 Moritz Schulte <moritz@g10code.com>
* primegen.c: Initialize `no_of_small_prime_numbers' statically.
(gen_prime): Remove calculation of `no_of_small_prime_numbers'.
2003-03-03 Moritz Schulte <moritz@g10code.com>
* md.c (gcry_md_ctl): Rewritten to use same style like the other
functions dispatchers.
2003-03-02 Moritz Schulte <moritz@g10code.com>
* cipher.c (struct gcry_cipher_handle): New member: algo_index.
(gcry_cipher_open): Allocate memory for two cipher contexts.
Initialize algo_index.
(cipher_setkey): Duplicate context into reserved memory.
(cipher_reset): New function, which resets the context and clear
the IV.
(gcry_cipher_ctl): Call cipher_reset.
2003-02-23 Moritz Schulte <moritz@g10code.com>
* cipher.c: Remove (bogus) `digitp' macro definition.
* md.c: Likewise.
* blowfish.c (burn_stack): Removed.
* arcfour.c (burn_stack): Likewise.
* cast5.c (burn_stack): Likewise.
* des.c (burn_stack): Likewise.
* md4.c (burn_stack): Likewise.
* md5.c (burn_stack): Likewise.
* random.c (burn_stack): Likewise.
* rijndael.c (burn_stack): Likewise.
* rmd160.c (burn_stack): Likewise.
* sha1.c (burn_stack): Likewise.
* sha256.c (burn_stack): Likewise.
* tiger.c (burn_stack): Likewise.
* twofish.c (burn_stack): Likewise.
* blowfish.c: Changed all occurences of burn_stack to
_gcry_burn_stack.
* arcfour.c: Likewise.
* cast5.c: Likewise.
* des.c: Likewise.
* md4.c: Likewise.
* md5.c: Likewise.
* random.c: Likewise.
* rijndael.c: Likewise.
* rmd160.c: Likewise.
* sha1.c: Likewise.
* sha256.c: Likewise.
* tiger.c: Likewise.
* twofish.c: Likewise.
* arcfour.c (_gcry_arcfour_get_info): Use GCRY_CIPHER_ARCFOUR
instead of hard-coded value `301'.
2003-01-24 Werner Koch <wk@gnupg.org>
* random.c (_gcry_register_random_progress): New.
(_gcry_random_progress): New.
* rndlinux.c (gather_random): Call the random progress function.
2003-01-23 Werner Koch <wk@gnupg.org>
* rsa.c (generate): New arg USE_E to request a specific public
exponent.
(_gcry_rsa_generate): Ditto.
* elgamal.c (_gcry_elg_generate): Must add an dummy argument
instead of USE_E.
* dsa.c (_gcry_dsa_generate): Ditto.
* pubkey.c (dummy_generate): Ditto.
(pubkey_generate): Add USE_E arg and pass it down.
(gcry_pk_genkey): Detect "rsa-use-e" parameter and pass it to generate.
* pubkey.c (sexp_to_enc): New arg RET_MODERN.
(gcry_pk_decrypt): Make use of it to return a real S-expression.
Return better error codes.
(gcry_pk_verify): Return better error codes.
2003-01-21 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_add_bytes): Add QUALITY argument, let
function return an error code and disable its core for now.
2003-01-21 Timo Schulz <twoaday@freakmail.de>
* random.c (gcry_random_add_bytes): New. Function to add external
random to the pool.
2003-01-20 Simon Josefsson <jas@extundo.com>
* crc.c: New.
* Makefile.am (EXTRA_PROGRAMS, EXTRA_crc_SOURCES): Add crc.c.
* md.c (gcry_md_get_algo_dlen): Add values for CRC.
2003-01-20 Werner Koch <wk@gnupg.org>
* sha256.c: New.
* bithelp.h (ror): New.
* Makfile.am: Add sha256.c.
* md.c (oid_table): Add values for SHA256 et al.
(gcry_md_get_algo_dlen): Likewise
2003-01-20 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): Implemented keygrips for DSA
and ElGamal.
2003-01-17 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_encrypt): Reworked so that the output will
never contain the plaintext even if the caller did not checked the
return value.
* md.c (gcry_md_get_algo): Changed error code to GCRYERR_GENERAL
because we don't have an invalid md algo but no algorithm enabled.
* pubkey.c (gcry_pk_genkey): Changed error code for bounds check
of table parameters to GCRYERR_INTERNAL.
* md.c (gcry_md_open): Partly reverted Timo's change from
2002-10-10 by removing the check for the algorithm. An algorithm
of 0 is allowed and anyway we should not double check it or check
it using a different function. Also fixed the flags check.
* pubkey.c (gcry_pk_encrypt): Make sure that R_CIPH points to NULL
on error.
(gcry_pk_decrypt): Ditto for R_PLAIN.
(gcry_pk_sign): Ditto for R_SIG.
(gcry_pk_genkey): Ditto for R_KEY.
2003-01-16 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_write): Changed 2nd argument type to void*.
(gcry_md_hash_buffer): Changed type of boths buffers to void*.
(gcry_md_setkey): Changed 2nd argument type to void*.
2003-01-15 Werner Koch <wk@gnupg.org>
* pubkey.c (sexp_data_to_mpi): New. This handles pkcs1 padding.
(gcry_pk_sign, gcry_pk_verify): Use it here.
(gcry_pk_encrypt): And here.
(pubkey_verify): Add debug code.
(sexp_to_enc): Handle flags in the input and return the pkcs1 flag
in a new parameter.
(gcry_pk_decrypt): Prepare for future pkcs1 handling.
2002-12-19 Werner Koch <wk@gnupg.org>
* random.c (_gcry_random_initialize): New.
2002-12-16 Werner Koch <wk@gnupg.org>
* cipher.c: Added a Teletrust specific OID for 3DES.
2002-12-12 Werner Koch <wk@gnupg.org>
* md.c: Added another oddball OIW OID (sha-1WithRSAEncryption).
2002-11-23 Werner Koch <wk@gnupg.org>
* md.c (load_digest_module): Enlarged checked_algos bitmap.
* md4.c (func_table): Fixed entry for md4.
Both by Simon Josephson.
(transform): Copy data to get the alignment straight. Tested only
on i386.
2002-11-10 Simon Josefsson <jas@extundo.com>
* cipher.c (gcry_cipher_open): Don't reject CTS flag.
(do_cbc_encrypt, do_cbc_decrypt, cipher_encrypt)
(gcry_cipher_encrypt, cipher_decrypt)
(gcry_cipher_decrypt): Support CTS flag.
(gcry_cipher_ctl): Toggle CTS flag.
2002-11-10 Werner Koch <wk@gnupg.org>
* md4.c: New. By Simon Josefsson.
* Makefile.am (EXTRA_PROGRAMS): Add md4.c.
* md.c (oid_table,gcry_md_get_algo_dlen): MD4 support.
2002-10-14 Werner Koch <wk@gnupg.org>
* arcfour.c (do_encrypt_stream): Don't use increment op when
assigning to the same variable.
2002-10-10 Timo Schulz <ts@winpt.org>
* pubkey.c (gcry_pk_genkey): Check boundaries.
* md.c (gcry_md_open): Check that algo is available and only
valid flag values are used.
(gcry_md_get_algo): Add error handling.
2002-09-26 Werner Koch <wk@gnupg.org>
* md.c: Include an OID for TIGER.
* tiger.c (tiger_get_info): Use a regular OID.
2002-09-17 Werner Koch <wk@gnupg.org>
* random.c: Replaced mutex.h by the new ath.h. Changed all calls.
2002-09-16 Werner Koch <wk@gnupg.org>
* arcfour.c (do_encrypt_stream): Use register modifier and modulo.
According to Nikos Mavroyanopoulos this increases perfromace on
i386 system noticable. And I always tought gcc is clever enough.
* md5.c (transform): Use register modifier.
* rmd160.c (transform): Ditto.
* sha1.c (transform): Ditto. We hope that there are 6 free registers.
* random.c (gcry_randomize): Rewrote to avoid malloc calls.
* rndlinux.c (gather_random): Replaced remaining fprintfs by log_*.
* arcfour.c (do_arcfour_setkey): Ditto.
* twofish.c (do_twofish_setkey): Ditto.
* rndegd.c (gather_random): Ditto.
* rijndael.c (do_setkey): Ditto.
* random.c (_gcry_random_dump_stats): Ditto.
* primegen.c (_gcry_generate_elg_prime): Ditto.
* des.c (_gcry_des_get_info): Ditto.
* cast5.c (do_cast_setkey): Ditto.
* blowfish.c (do_bf_setkey): Ditto.
2002-08-26 Werner Koch <wk@gnupg.org>
* des.c (weak_keys): Fixed one entry in the table and compared
all entries against the literature.
(selftest): Checksum the weak key table.
2002-08-21 Werner Koch <wk@gnupg.org>
* pubkey.c: Enable keygrip calculation for "openpgp-rsa".
2002-08-17 Werner Koch <wk@gnupg.org>
* cipher.c (setup_cipher_table): Don't overwrite the DES entry
with the entry for DUMMY.
2002-08-14 Werner Koch <wk@gnupg.org>
* des.c (do_des_setkey,do_des_encrypt, do_des_decrypt): New.
(_gcry_des_get_info): Support plain old DES.
* cipher.c (setup_cipher_table): Put DES into the table.
2002-07-25 Werner Koch <wk@gnupg.org>
* rndunix.c (_gcry_rndunix_constructor): Prefixed with _gcry_.
Noted by Stephan Austermuehle.
2002-07-08 Timo Schulz <ts@winpt.org>
* rndw32.c: Replaced the m_ memory functions with the real
gcry_ functions. Renamed all g10_ prefixed functions to log_.
2002-06-12 Werner Koch <wk@gnupg.org>
* rsa.c (generate): Use e = 65537 for now.
2002-06-11 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): Allow a "protected-private-key".
2002-06-05 Timo Schulz <ts@winpt.org>
* cipher.c (gcry_cipher_encrypt, gcry_cipher_decrypt):
Check that the input size is a multiple of the blocksize.
2002-05-23 Werner Koch <wk@gnupg.org>
* md.c (oid_table): Add an rsadsi OID for MD5.
2002-05-21 Werner Koch <wk@gnupg.org>
* primegen.c, elgamal.c, dsa.c (progress): Do not print anything
by default. Pass an extra identifying string to the callback and
reserved 2 argumenst for current and total counters. Changed the
register function prototype.
2002-05-17 Werner Koch <wk@gnupg.org>
* rndegd.c (rndegd_constructor): Fixed name of register function
and prefixed the function name with _gcry_.
* rndw32.c (rndw32_constructor): Ditto.
* tiger.c (tiger_constructor): Ditto.
* Makefile.am: Removed all dynamic loading stuff.
* dynload.c: Ditto. Now only used for the constructor system.
2002-05-15 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_bytes,gcry_random_bytes_secure)
(gcry_randomize): Make sure we are initialized.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license of most files to the LGPL.
2002-05-02 Werner Koch <wk@gnupg.org>
* random.c (_gcry_fast_random_poll): Initialize the module so the
mutex can be used.
* primegen.c (small_prime_numbers): Moved table from smallprime.c
* smallprime.c: File removed.
* des.c (leftkey_swap, rightkey_swap, working_memcmp): Made static.
* cipher.c (gcry_cipher_map_name): Map "RIJNDAEL" to "AES".
* rijndael.c (rijndael_get_info): We do only support a 128 bit
blocksize so it makes sense to change the algorithm strings to
AES.
* tiger.c (tiger_final): Removed superfluous token pasting operators.
* md5.c (md5_final): Ditto.
2002-04-30 Werner Koch <wk@gnupg.org>
* cipher.c: Fixed list of copyright years.
2002-03-18 Werner Koch <wk@gnupg.org>
* random.c (initialize): Initialize the new pool lock mutex.
(_gcry_fast_random_poll): Add locking and moved main
code out to...
(do_fast_random_poll): new function.
(read_pool): Use the new function here.
(get_random_bytes): Add locking.
(_gcry_update_random_seed_file): Ditto.
2002-03-11 Werner Koch <wk@gnupg.org>
* md.c: Add rsaSignatureWithripemd160 to OID table.
2002-02-20 Werner Koch <wk@gnupg.org>
* sha1.c: Removed a left over comment note. The code has been
rewritten from scratch in 1998. Thanks to Niels Möller for
reporting this misleading comment.
2002-02-18 Werner Koch <wk@gnupg.org>
* rndunix.c (rndunix_constructor): Use the the new prefixed
function name. Reported by Jordi Mallach.
2002-02-10 Werner Koch <wk@gnupg.org>
* random.c (mix_pool): Carry an extra failsafe_digest buffer
around to make the function more robust.
2002-02-08 Werner Koch <wk@gnupg.org>
* random.c (add_randomness): Xor new data into the pool and not
just copy it. This avoids any choosen input attacks which are not
serious in our setting because an outsider won't be able to mix
data in and even then we keep going with a PRNG. Thanks to Stefan
Keller for pointing this out.
2002-01-04 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_genkey): Do not release skey - it is static.
* primegen.c (gen_prime): Of course we should use set_bit
and not set_highbit to set the second high bit.
2001-12-18 Werner Koch <wk@gnupg.org>
* rsa.c (generate): Loop until we find the exact modulus size.
Changed the exponent to 41.
(rsa_get_info): s/usage/r_usage/ to avoid shadow warnings.
* primegen.c (gen_prime): Set 2 high order bits for secret primes.
* Makefile.am (DISTCLEANFILES): Include construct.c.
2001-12-17 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): New - experimental.
2001-12-11 Werner Koch <wk@gnupg.org>
* cipher.c: Added OIDs for AES.
(gcry_cipher_mode_from_oid): New.
(gcry_cipher_map_name): Moved OID search code to ..
(search_oid): .. new function.
2001-12-10 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_encrypt): Find the signature algorithm by name
and not by number.
* pubkey.c (gcry_pk_encrypt,gcry_pk_decrypt,gcry_pk_sign)
(gcry_pk_verify,gcry_pk_testkey, gcry_pk_genkey)
(gcry_pk_get_nbits): Release the arrays. Noted by Nikos
Mavroyanopoulos.
2001-12-06 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_map_name): Look also for OIDs prefixed
with "oid." or "OID.".
2001-12-05 Werner Koch <wk@gnupg.org>
* pubkey.c (algo_info_table): Fixed entry for openpgp-rsa.
2001-11-24 Werner Koch <wk@gnupg.org>
* pubkey.c: Added the rsaEncryption OID to the tables.
(sexp_to_key): Add an arg to return the index of the algorithm,
changed all callers.
(gcry_pk_sign): Find the signature algorithm by name and not by
number.
(gcry_pk_get_nbits): Fixed so that we can now really pass a secret
key to get the result.
* md.c (gcry_md_map_name): Look also for OIDs prefixed with "oid."
or "OID." so that an OID string can be used as an S-Exp token.
2001-11-20 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_map_name): Lookup by OID if the the name begins
with a digit.
(oid_table): New.
2001-11-16 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_info): New operator GCRYCTL_IS_ALGO_ENABLED.
2001-11-07 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Close the handle which was left open
for algorithms other than rmd160.
2001-08-08 Werner Koch <wk@gnupg.org>
* rndw32.c (gather_random): Use toolhelp in addition to the NT
gatherer for Windows2000. Suggested by Sami Tolvanen.
* random.c (read_pool): Fixed length check, this used to be one
byte to strict. Made an assert out of it because the caller has
already made sure that only poolsize bytes are requested.
Reported by Marcus Brinkmann.
2001-08-03 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_encrypt, cipher_decrypt): Prepare to return
errors. We have to change the interface to all ciphers to make
this really work but we should do so to prepare for hardware
encryption modules.
(gcry_cipher_encrypt, gcry_cipher_decrypt): Return the error and
set lasterr.
(gcry_cipher_ctl): Make sure that errors from setkey are returned.
2001-08-02 Werner Koch <wk@gnupg.org>
* rndlinux.c (gather_random): casted a size_t arg to int so that
the format string is correct. Casting is okay here and avoids
translation changes.
* random.c (fast_random_poll): Do not check the return code of
getrusage.
* rndunix.c: Add a signal.h header to avoid warnings on Solaris 7
and 8.
* tiger.c (print_abc,print_data): Removed.
* rijndael.c, des.c, blowfish.c, twofish.c, cast5.c, arcfour.c
(burn_stack): New. Add wrappers for most functions to be able to
call burn_stack after the function invocation. This methods seems
to be the most portable way to zeroise the stack used. It does
only work on stack frame based machines but it is highly portable
and has no side effects. Just setting the automatic variables at
the end of a function to zero does not work well because the
compiler will optimize them away - marking them as volatile would
be bad for performance.
* md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise.
* random.c (burn_stack): New.
(mix_pool): Use it here to burn the stack of the mixblock function.
* primegen.c (_gcry_generate_elg_prime): Freed q at 3 places.
Thanks to Tommi Komulainen.
* arcfour.c (arcfour_setkey): Check the minimim keylength against
bytes and not bits.
(selftest): Must reset the key before decryption.
2001-05-31 Werner Koch <wk@gnupg.org>
* sha1.c (sha1_init): Made static.
Changed all g10_ prefixed function names as well as some mpi_
function names to cope with the introduced naming changes.
* md.c (prepare_macpads): Made key const.
2001-05-28 Werner Koch <wk@gnupg.org>
* rndegd.c (gather_random): Removed the use of tty_printf.
2001-03-29 Werner Koch <wk@gnupg.org>
* md5.c (md5_final): Fixed calculation of hashed length. Thanks
to disastry@saiknes.lv for pointing out that it was horrible wrong
for more than 512MB of input.
* sha1.c (sha1_final): Ditto.
* rmd160.c (rmd160_final): Ditto.
* tiger.c (tiger_final): Ditto.
* blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to
avoid name clashes with an encrypt function in stdlib.h of
Dynix/PIX. Thanks to Gene Carter.
* elgamal.c (encrypt,do_encrypt): Ditto.
* twofish.c (gnupgext_enum_func): Use only when when compiled as a
module.
* rijndael.c (gnupgext_enum_func): Ditto.
* tiger.c (tiger_get_info): Return "TIGER192" and not just
"TIGER". By Edwin Woudt.
* random.c: Always include time.h - standard requirement. Thanks
to James Troup.
* rndw32.c: Fixes to the macros.
2001-01-11 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_encrypt,gcry_cipher_encrypt): Use blocksize and
not 8.
2000-12-19 Werner Koch <wk@gnupg.org>
Major change:
Removed all GnuPG stuff and renamed this piece of software
to gcrypt.
2000-11-14 Werner Koch <wk@gnupg.org>
* dsa.c (test_keys): Replaced mpi_alloc by gcry_mpi_new and
mpi_free by gcry_mpi_release.
* elgamal.c (test_keys,generate): Ditto, also for mpi_alloc_secure.
* rsa.c (test_keys,generate,rsa_verify): Ditto.
* primegen.c (generate_elg_prime): Ditto.
(gen_prime): Ditto and removed nlimbs.
* rsa.c (generate): Allocate 2 more vars in secure memory.
* Makefile.am (OMIT_DEPENDENCIES): Hack to work around dependency
problems.
2000-10-09 Werner Koch <wk@gnupg.org>
* arcfour.c, arcfour.h: New.
* cipher.c (cipher_encrypt, cipher_decrypt): Add stream mode.
(setup_cipher_table): Add Arcfour.
(gcry_cipher_open): Kludge to allow stream mode.
Wed Oct 4 13:16:18 CEST 2000 Werner Koch <wk@openit.de>
* sha1.c (transform): Use rol() macro. Actually this is not needed
for a newer gcc but there are still aoter compilers.
* rsa.c (test_keys): Use new random function.
* md.c (gcry_md_setkey): New function to overcome problems with
const conflics.
(gcry_md_ctl): Pass set key to the new functions.
* rijndael.c: New.
* cipher.c: Add Rijndael support.
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* rndlinux.c (open_device): Loose random device checking.
By Nils Ellmenreich.
* random.c (fast_random_poll): Check ENOSYS for getrusage.
* rndunix.c: Add 2 sources for QNX. By Sam Roberts.
* pubkey.c (gcry_pk_algo_info): Add GCRYCTL_GET_ALGO_USAGE.
* rsa.c: Changed the comment about the patent.
(secret): Speed up by using the CRT. For a 2k keys this
is about 3 times faster.
(stronger_key_check): New but unused code to check the secret key.
* Makefile.am: Included rsa.[ch].
* pubkey.c: Enabled RSA support.
(pubkey_get_npkey): Removed RSA workaround.
Mon Jul 31 10:04:47 CEST 2000 Werner Koch <wk@openit.de>
* pubkey.c: Replaced all gcry_sexp_{car,cdr}_{data,mpi} by the new
gcry_sexp_nth_{data,mpi} functions.
Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
* pubkey.c (exp_to_key,sexp_to_sig,sexp_to_enc,gcry_pk_encrypt,
gcry_pk_decrypt,gcry_pk_sign,gcry_pk_genkey): Changed to work with
the new S-Exp interface.
Mon Jul 17 16:35:47 CEST 2000 Werner Koch <wk@>
* random.c (gather_faked): Replaced make_timestamp by time(2) again.
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
* md.c (gcry_md_ctl): Support GCRYCTL_{START,STOP}_DUMP.
* Makefile.am: Never compile mingw32 as module.
* Makefile.am: Tweaked module build and removed libtool
* Makefile.am: Replaced -O1 by -O. Suggested by Alec Habig.
* elgamal.c (sign): Removed inactive code.
* rsa.c, rsa.h: New based on the old module version (only in CVS for now).
* pubkey.c (setup_pubkey_table): Added commented support for RSA.
* rndunix.c (waitpid): New. For UTS 2.1. All by Dave Dykstra.
(my_popen): Do the FD_CLOEXEC only if it is available
(start_gatherer): Cope with missing _SC_OPEN_MAX
* rndunix.c: Add some more headers for QNX. By Sam Roberts.
* rndegd.c (gather_random): Shortcut level 0.
* rndunix.c (gather_random): Ditto.
* rndw32.c (gather_random): Ditto.
* rndw32.c: Replaced with code from Cryptlib and commented the old stuff.
* rndw32.c: Add some debuging code enabled by an environment variable.
* random.c (read_seed_file): Binary open for DOSish system
(update_random_seed_file): Ditto.
* random.c [MINGW32]: Include process.h for getpid.
* random.c (fast_random_poll): Add clock_gettime() as fallback for
system which support this POSIX.4 fucntion. By Sam Roberts.
* random.c (read_seed_file): Removed the S_ISLNK test becuase it
is already covered by !S_ISREG and is not defined in Unixware.
Reported by Dave Dykstra.
(update_random_seed_file): Silently ignore update request when pool
is not filled.
* random.c (read_seed_file): New.
(set_random_seed_file): New.
(read_pool): Try to read the seeding file.
(update_random_seed_file): New.
(read_pool): Do an initial extra seeding when level 2 quality random
is requested the first time. This requestes at least POOLSIZE/2 bytes
of entropy. Compined with the seeding file this should make normal
random bytes cheaper and increase the quality of the random bytes
used for key generation.
* random.c (read_pool): Print a more friendly error message in
cases when too much random is requested in one call.
* random.c (fast_random_poll): Check whether RUSAGE_SELF is defined;
this is not the case for some ESIX and Unixware, although they have
getrusage().
* primegen.c (generate_elg_prime): All primes are now generated with
the lowest random quality level. Because they are public anyway we
don't need stronger random and by this we do not drain the systems
entropy so much.
* primegen.c (register_primegen_progress): New.
* dsa.c (register_pk_dsa_progress): New.
* elgamal.c (register_pk_elg_progress): New.
* elgamal.c (wiener_map): New.
(gen_k): Use a much smaller k.
(generate): Calculate the qbits using the wiener map and
choose an x at a size comparable to the one choosen in gen_k
* rmd160.c (rmd160_get_info): Moved casting to the left side due to a
problem with UTS4.3. Suggested by Dave Dykstra.
* sha1.c (sha1_get_info): Ditto.
* tiger.c (tiger_get_info): Ditto.
* md5.c (md5_get_info): Ditto
* des.c (des_get_info): Ditto.
* blowfish.c (blowfish_get_info): Ditto.
* cast5.c (cast5_get_info): Ditto.
* twofish.c (twofish_get_info): Ditto.
Fri Mar 24 11:25:45 CET 2000 Werner Koch <wk@openit.de>
* md.c (md_open): Add hmac arg and allocate space for the pads.
(md_finalize): Add HMAC support.
(md_copy): Ditto.
(md_close): Ditto.
(gcry_md_reset): Ditto.
(gcry_md_ctl): Ditto.
(prepare_macpdas): New.
Mon Mar 13 19:22:46 CET 2000 Werner Koch <wk@openit.de>
* md.c (gcry_md_hash_buffer): Add support for the other algorithms.
Mon Jan 31 16:37:34 CET 2000 Werner Koch <wk@gnupg.de>
* genprime.c (generate_elg_prime): Fixed returned factors which never
worked for non-DSA keys.
Thu Jan 27 18:00:44 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (sexp_to_key): Fixed mem leaks in case of errors.
Mon Jan 24 22:24:38 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (gcry_pk_decrypt): Implemented.
(gcry_pk_encrypt): Implemented.
(gcry_pk_testkey): New.
(gcry_pk_genkey): New.
(pubkey_decrypt): Made static.
(pubkey_encrypt): Ditto.
(pubkey_check_secret_key): Ditto.
(pubkey_generate): Ditto.
Mon Jan 24 13:04:28 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (pubkey_nbits): Removed and replaced by ...
(gcry_pk_get_nbits): this new one.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* dsa.c: s/mpi_powm/gcry_mpi_powm/g
* elgamal.c: Ditto.
* primegen.c: Ditto.
* : Replaced g10_opt_verbose by g10_log_verbosity().
* Makefile.am (INCLUDES): removed intl, add ../gcrypt
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* dynload.c (cmp_filenames): New to replaced compare_filename() in
module.
(register_cipher_extension): Removed the tilde expansion stuff.
* rndeg.c (my_make_filename): New.
* : Replaced header util.h by g10lib.h
* random.c (gather_faked): Replaced make_timestamp by time(2).
Disabled wrning printed with tty_printf.
* rndlinux.c (gather_random): Always use fprintf instead of tty_xxx;
this should be replaced by a callback function.
* primegen.c (gen_prime): Use gcry_mpi_randomize.
(is_prime): Ditto.
* elgamal.c (test_keys): Ditto.
* dsa.c (test_keys): Ditto.
* cipher.c (gcry_cipher_close): Die on invalid handle.
Mon Nov 15 21:36:02 CET 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (gen_k): Use the new random API.
(generate): Ditto.
* dsa.c (gen_k): Ditto.
(generate): Ditto.
Sat Nov 13 17:44:23 CET 1999 Werner Koch <wk@gnupg.de>
* pubkey.c (disable_pubkey_algo): Made static.
(gcry_pk_ctl): New.
* random.c (get_random_bits): Renamed to ...
(get_random_bytes): ... this and made static.
(gcry_random_bytes): New.
(gcry_random_bytes_secure): New.
(randomize_buffer): Renamed to ...
(gcry_randomize): ...this.
* md.c (gcry_md_hash_buffer): New.
* pubkey.c (gcry_pk_algo_info): 4 new commands.
(pubkey_get_npkey): Made static.
(pubkey_get_nskey): Made static.
(pubkey_get_nsig): Made static.
(pubkey_get_nenc): Made static.
* pubkey.c: Removed all G10ERR_xxx.
* cipher.c: Changed all GCRYERR_INV_ALGO to GCRYERR_INV_CIPHER_ALGO.
* md.c: Changed all GCRYERR_INV_ALGO to GCRYERR_INV_MD_ALGO.
* cast5.c (cast_setkey): Changed errocodes to GCRYERR_xxx.
* blowfish.c: Ditto.
* des.c: Ditto.
* twofish.c: Ditto.
* dsa.c: Ditto.
* elgamal.c: Ditto.
* g10c.c: Removed
* cipher.c (gcry_cipher_open): Replaced alloc functions and return NULL
if we are out of core.
* dynload.c: Replaced all memory allocation functions.
* md.c: Ditto.
* primegen.c: Ditto.
* pubkey.c: Ditto.
* random.c: Ditto.
* rndw32.c: Ditto.
* elgamal.c: Ditto.
* dsa.c: Ditto.
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (sign): Hugh found strange code here. Replaced by BUG().
* cipher.c: Merged with gcrypt/symapi.c.
* pubkey.c (string_to_pubkey_algo): Renamed function to ...
(gcry_pk_map_name): ... this.
(pubkey_algo_to_string): Renamed function to ...
(gcry_pk_algo_name): ... this.
(gcry_pk_algo_info): New.
* pubkey.c: Merged with gcrypt/pkapi.c.
* md.c (md_reset): Clear finalized; thanks to Ulf Moeller for
fixing this bug.
* md.c: Merged with gcrypt/mdapi.c
Wed Sep 15 14:39:59 CEST 1999 Michael Roth <mroth@nessie.de>
* des.c: Various speed improvements: One bit pre rotation
trick after initial permutation (Richard Outerbridge).
Finished test of SSLeay Tripple-DES patterns.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndw32.c: New.
Mon Sep 13 10:51:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* bithelp.h: New.
* rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h
Tue Sep 7 16:23:36 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Fixed seds for latest egcc. By Ollivier Robert.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (selftest): Add some testpattern
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using
in place encryption. Pointed out by Frank Stajano.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* md5.c (md5_final): Fix for a SCO cpp bug.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* elgamal.c (elg_check_secret_key,elg_encrypt
elg_decrypt,elg_sign,elg_verify): Sanity check on the args.
* dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto.
* pubkey.c (disable_pubkey_algo): New.
(check_pubkey_algo2): Look at disabled algo table.
* cipher.c (disable_cipher_algo): New.
(check_cipher_algo): Look at disabled algo table.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dsa.c (gen_k): Changed algorithm to consume less random bytes
* elgamal.c (gen_k): Ditto.
* random.c (random_dump_stats): New.
Thu Jul 1 12:47:31 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c, elgamal.c, dsa.c (progess): New and replaced all
fputc with a call to this function.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs.
* cipher.c (do_cbc_encrypt, do_cbc_decrypt): New.
* dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra).
* Makefile.am (install-exec-hook): Removed.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (setup_cipher_table): Enable Twofish
* random.c (fast_random_poll): Disable use of times() for mingw32.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (register_internal_cipher_extension): Minor init fix.
Tue May 4 15:47:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
that we didn't correct for step when passing the prime to the
Rabin-Miller test which led to bad performance (Stefan Keller).
(check_prime): Add a first Fermat test.
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_setiv): Add ivlen arg, changed all callers.
* random.c (randomize_buffer): alway use secure memory because
we can't use m_is_secure() on a statically allocated buffer.
* twofish.c: Replaced some macros by a loop to reduce text size.
* Makefile.am (twofish): No more need for sed editing.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_open): Reversed the changes for AUTO_CFB.
* blowfish.c: Dropped the Blowfish 160 mode.
* cipher.c (cipher_open): Ditto.
(setup_cipher_table): Ditto. And removed support of twofish128
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
* twofish.c: Applied Matthew Skala's patches for 256 bit key.
Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndlinux.c (tty_printf) [IS_MODULE]: Removed.
* rndegd.c (gather_random): Some fixes.
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_read): New.
(gather_random): Changed the implementation.
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c: Nearly a total rewrote.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (context): Fixed alignment
* md.c: Ditto.
* rndegd.c: New
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c: New.
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Modules are now figured out by configure
* construct.c: New. Generated by configure. Changed all modules
to work with that.
* sha1.h: Removed.
* md5.h: Removed.
* twofish.c: Changed interface to allow Twofish/256
* rndunix.c (start_gatherer): Die on SIGPIPE.
Wed Jan 20 18:59:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): Fix to avoid infinite loop.
Sun Jan 17 11:04:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (is_weak_key): Replace system memcmp due to bugs
in SunOS's memcmp.
(des_get_info): Return error on failed selftest.
* twofish.c (twofish_setkey): Return error on failed selftest or
invalid keylength.
* cast5.c (cast_setkey): Ditto.
* blowfish.c (bf_setkey): Return error on failed selftest.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (random_is_faked): New.
* tiger.c: Only compile if we have the u64 type
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): check for setuid.
* Makefile.am: Add a way to staically link random modules
Thu Jan 7 18:00:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_stop_debug): Do a flush first.
(md_open): size of buffer now depends on the secure parameter
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (start_gatherer): Fixed stupid ==/= bug
1998-12-31 Geoff Keating <geoffk@ozemail.com.au>
* des.c (is_weak_key): Rewrite loop end condition.
Tue Dec 29 14:41:47 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c: add unistd.h for getpid().
(RAND_MAX): Fallback value for Sun.
Wed Dec 23 17:12:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_copy): Reset debug.
Mon Dec 14 21:18:49 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c (read_random_source): Changed the interface to the
random gathering function.
(gather_faked): Use new interface.
* dynload.c (dynload_getfnc_fast_random_poll): Ditto.
(dynload_getfnc_gather_random): Ditto.
* rndlinux.c (gather_random): Ditto.
* rndunix.c (gather_random): Ditto.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (SYMBOL_VERSION): New to cope with system which needs
underscores.
* rndunix.c: Rewrote large parts
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (load_extension): increased needed verbosity level.
* random.c (fast_random_poll): Fallback to a default fast random
poll function.
(read_random_source): Always use the faked entroy gatherer if no
gather module is available.
* rndlinux.c (fast_poll): Removed.
* rndunix.c (fast_poll): Removed.
Wed Nov 25 12:33:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-*.c: Removed.
* rndlinux.c : New.
* rndunix.c : New.
* random.c : Restructured the interface to the gather modules.
(intialize): Call constructor functions
(read_radnom_source): Moved to here.
* dynload.c (dynload_getfnc_gather_random): New.
(dynload_getfnc_fast_random_poll): New.
(register_internal_cipher_extension): New.
(register_cipher_extension): Support of internal modules.
Sun Nov 8 17:44:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (read_random_source): Removed the assert.
Mon Oct 19 18:34:30 1998 me,,, (wk@tobold)
* pubkey.c: Hack to allow us to give some info about RSA keys back.
Thu Oct 15 11:47:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c: Support for DLD
Wed Oct 14 12:13:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c: Now uses names from configure for /dev/random.
1998-10-10 SL Baur <steve@altair.xemacs.org>
* Makefile.am: fix sed -O substitutions to catch -O6, etc.
Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-)
* rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto.
Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest): New.
(md_reset): New.
Wed Sep 23 12:27:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned.
Mon Sep 21 06:22:53 1998 Werner Koch (wk@(none))
* des.c: Some patches from Michael.
Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none))
* des.c : New file from Michael Roth <mroth@nessie.de>
Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none))
* blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.
Mon Sep 14 09:19:25 1998 Werner Koch (wk@(none))
* dynload.c (RTLD_NOW): Now defined to 1 if it is undefined.
Mon Sep 7 17:04:33 1998 Werner Koch (wk@(none))
* Makefile.am: Fixes to allow a different build directory
Thu Aug 6 17:25:38 1998 Werner Koch,mobil,,, (wk@tobold)
* random.c (get_random_byte): Removed and changed all callers
to use get_random_bits()
Mon Jul 27 10:30:22 1998 Werner Koch (wk@(none))
* cipher.c : Support for other blocksizes
(cipher_get_blocksize): New.
* twofish.c: New.
* Makefile.am: Add twofish module.
Mon Jul 13 21:30:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Simple alloc if secure_alloc is not set.
(get_random_bits): Ditto.
Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c (load_extension): Function now nbails out if
the program is run setuid.
Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_hash_buffer): New.
Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_open): algos >=100 use standard CFB
Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am: Support for extensions
Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (mix_pool): simpler handling for level 0
Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c: Removed from dist, will reappear as dynload module
Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* pubkey.c: Major changes to allow extensions. Changed the inteface
of all public key ciphers and added the ability to load extensions
on demand.
* misc.c: Removed.
Wed Jun 10 07:52:08 1998 Werner Koch,mobil,,, (wk@tobold)
* dynload.c: New.
* cipher.c: Major changes to allow extensions.
Mon Jun 8 22:43:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Major internal chnages to support extensions.
* blowfish.c (blowfish_get_info): New and made all internal
functions static, changed heder.
* cast5.c (cast5_get_info): Likewise.
Mon Jun 8 12:27:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (transform): Fix for big endian
* cipher.c (do_cfb_decrypt): Big endian fix.
Fri May 22 07:30:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_get_oid): Add a new one for TIGER.
Thu May 21 13:24:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Add support for a dummy cipher
Thu May 14 15:40:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): fixed sigbus - I should better
add Christian von Roques's new implemenation of rmd160_write.
Fri May 8 18:07:44 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New
* random.c: Moved system specific functions to rand-****.c
Fri May 8 14:01:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fast_random_poll): add call to gethrtime.
Tue May 5 21:28:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): choosing x was not correct, could
yield 6 bytes which are not from the random pool, tsss, tsss..
Tue May 5 14:09:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Add arg mode, changed all
callers and implemented mode 1.
Mon Apr 27 14:41:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_get_keylen): New.
Sun Apr 26 14:44:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c, tiger.h: New.
Wed Apr 8 14:57:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (check_pubkey_algo2): New.
Tue Apr 7 18:46:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: New
* misc.c (check_cipher_algo): Moved to cipher.c
* cast5.c: Moved many functions to cipher.c
* blowfish.c: Likewise.
Sat Apr 4 19:52:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* cast5.c: Implemented and tested.
Wed Apr 1 16:38:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): Faster generation of x in some cases.
Thu Mar 19 13:54:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* blowfish.c (blowfish_decode_cfb): changed XOR operation
(blowfish_encode_cfb): Ditto.
Thu Mar 12 14:04:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* sha1.c (transform): Rewrote
* blowfish.c (encrypt): Unrolled for rounds == 16
(decrypt): Ditto.
Tue Mar 10 16:32:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): Unrolled the loop.
Tue Mar 10 13:05:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Add pool_balance stuff.
(get_random_bits): New.
* elgamal.c (elg_generate): Now uses get_random_bits to generate x.
Tue Mar 10 11:33:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest_length): New.
Tue Mar 10 11:27:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c (dsa_verify): Works.
Mon Mar 9 12:59:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c, dsa.h: Removed some unused code.
Wed Mar 4 10:39:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_open): Add call to fast_random_poll.
blowfish.c (blowfish_setkey): Ditto.
Tue Mar 3 13:32:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_mixblock): New.
* random.c: Restructured to start with a new RNG implementation.
* random.h: New.
Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* gost.c, gost.h: Removed because they did only contain trash.
Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fill_buffer): removed error message if n == -1.
Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_enable): No init if called twice.
Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Changed the progress printing.
(gen_prime): Ditto.
Tue Feb 24 12:28:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* md5.c, md.5 : Replaced by a modified version of md5.c from
GNU textutils 1.22.
Wed Feb 18 14:08:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c, md.h : New debugging support
Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (cipher_algo_to_string): New
(pubkey_algo_to_string): New.
(digest_algo_to_string): New.
Copyright 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/cipher/md.c b/cipher/md.c
index 706d2744..28860135 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -1,1298 +1,1298 @@
/* md.c - message digest dispatcher
* Copyright (C) 1998, 1999, 2002, 2003, 2006 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "g10lib.h"
#include "cipher.h"
#include "ath.h"
#include "rmd.h"
static struct digest_table_entry
{
gcry_md_spec_t *digest;
unsigned int algorithm;
} digest_table[] =
{
#if USE_CRC
{ &_gcry_digest_spec_crc32, GCRY_MD_CRC32 },
{ &_gcry_digest_spec_crc32_rfc1510, GCRY_MD_CRC32_RFC1510 },
{ &_gcry_digest_spec_crc24_rfc2440, GCRY_MD_CRC24_RFC2440 },
#endif
#if USE_MD4
{ &_gcry_digest_spec_md4, GCRY_MD_MD4 },
#endif
#if USE_MD5
{ &_gcry_digest_spec_md5, GCRY_MD_MD5 },
#endif
#if USE_RMD160
{ &_gcry_digest_spec_rmd160, GCRY_MD_RMD160 },
#endif
#if USE_SHA1
{ &_gcry_digest_spec_sha1, GCRY_MD_SHA1 },
#endif
#if USE_SHA256
{ &_gcry_digest_spec_sha256, GCRY_MD_SHA256 },
{ &_gcry_digest_spec_sha224, GCRY_MD_SHA224 },
#endif
#if USE_SHA512
{ &_gcry_digest_spec_sha512, GCRY_MD_SHA512 },
{ &_gcry_digest_spec_sha384, GCRY_MD_SHA384 },
#endif
#if USE_TIGER
{ &_gcry_digest_spec_tiger, GCRY_MD_TIGER },
#endif
#if USE_WHIRLPOOL
{ &_gcry_digest_spec_whirlpool, GCRY_MD_WHIRLPOOL },
#endif
{ NULL },
};
/* List of registered digests. */
static gcry_module_t digests_registered;
/* This is the lock protecting DIGESTS_REGISTERED. */
static ath_mutex_t digests_registered_lock = ATH_MUTEX_INITIALIZER;
/* Flag to check wether the default ciphers have already been
registered. */
static int default_digests_registered;
typedef struct gcry_md_list
{
gcry_md_spec_t *digest;
gcry_module_t module;
struct gcry_md_list *next;
size_t actual_struct_size; /* Allocated size of this structure. */
PROPERLY_ALIGNED_TYPE context;
} GcryDigestEntry;
/* this structure is put right after the gcry_md_hd_t buffer, so that
* only one memory block is needed. */
struct gcry_md_context
{
int magic;
size_t actual_handle_size; /* Allocated size of this handle. */
int secure;
FILE *debug;
int finalized;
GcryDigestEntry *list;
byte *macpads;
int macpads_Bsize; /* Blocksize as used for the HMAC pads. */
};
#define CTX_MAGIC_NORMAL 0x11071961
#define CTX_MAGIC_SECURE 0x16917011
/* Convenient macro for registering the default digests. */
#define REGISTER_DEFAULT_DIGESTS \
do \
{ \
ath_mutex_lock (&digests_registered_lock); \
if (! default_digests_registered) \
{ \
gcry_md_register_default (); \
default_digests_registered = 1; \
} \
ath_mutex_unlock (&digests_registered_lock); \
} \
while (0)
static const char * digest_algo_to_string( int algo );
static gcry_err_code_t check_digest_algo (int algo);
static gcry_err_code_t md_open (gcry_md_hd_t *h, int algo,
int secure, int hmac);
static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo);
static gcry_err_code_t md_copy (gcry_md_hd_t a, gcry_md_hd_t *b);
static void md_close (gcry_md_hd_t a);
static void md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen);
static void md_final(gcry_md_hd_t a);
static byte *md_read( gcry_md_hd_t a, int algo );
static int md_get_algo( gcry_md_hd_t a );
static int md_digest_length( int algo );
static const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
static void md_start_debug ( gcry_md_hd_t a, const char *suffix );
static void md_stop_debug ( gcry_md_hd_t a );
/* Internal function. Register all the ciphers included in
CIPHER_TABLE. Returns zero on success or an error code. */
static void
gcry_md_register_default (void)
{
gcry_err_code_t err = 0;
int i;
for (i = 0; (! err) && digest_table[i].digest; i++)
err = _gcry_module_add (&digests_registered,
digest_table[i].algorithm,
(void *) digest_table[i].digest,
NULL);
if (err)
BUG ();
}
/* Internal callback function. */
static int
gcry_md_lookup_func_name (void *spec, void *data)
{
gcry_md_spec_t *digest = (gcry_md_spec_t *) spec;
char *name = (char *) data;
return (! stricmp (digest->name, name));
}
/* Internal callback function. Used via _gcry_module_lookup. */
static int
gcry_md_lookup_func_oid (void *spec, void *data)
{
gcry_md_spec_t *digest = (gcry_md_spec_t *) spec;
char *oid = (char *) data;
gcry_md_oid_spec_t *oid_specs = digest->oids;
int ret = 0, i;
if (oid_specs)
{
for (i = 0; oid_specs[i].oidstring && (! ret); i++)
if (! stricmp (oid, oid_specs[i].oidstring))
ret = 1;
}
return ret;
}
/* Internal function. Lookup a digest entry by it's name. */
static gcry_module_t
gcry_md_lookup_name (const char *name)
{
gcry_module_t digest;
digest = _gcry_module_lookup (digests_registered, (void *) name,
gcry_md_lookup_func_name);
return digest;
}
/* Internal function. Lookup a cipher entry by it's oid. */
static gcry_module_t
gcry_md_lookup_oid (const char *oid)
{
gcry_module_t digest;
digest = _gcry_module_lookup (digests_registered, (void *) oid,
gcry_md_lookup_func_oid);
return digest;
}
/* Register a new digest module whose specification can be found in
DIGEST. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representhing this module is stored in MODULE. */
gcry_error_t
gcry_md_register (gcry_md_spec_t *digest,
unsigned int *algorithm_id,
gcry_module_t *module)
{
gcry_err_code_t err = 0;
gcry_module_t mod;
ath_mutex_lock (&digests_registered_lock);
err = _gcry_module_add (&digests_registered, 0,
(void *) digest, &mod);
ath_mutex_unlock (&digests_registered_lock);
if (! err)
{
*module = mod;
*algorithm_id = mod->mod_id;
}
return gcry_error (err);
}
/* Unregister the digest identified by ID, which must have been
registered with gcry_digest_register. */
void
gcry_md_unregister (gcry_module_t module)
{
ath_mutex_lock (&digests_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&digests_registered_lock);
}
static int
search_oid (const char *oid, int *algorithm, gcry_md_oid_spec_t *oid_spec)
{
gcry_module_t module;
int ret = 0;
if (oid && ((! strncmp (oid, "oid.", 4))
|| (! strncmp (oid, "OID.", 4))))
oid += 4;
module = gcry_md_lookup_oid (oid);
if (module)
{
gcry_md_spec_t *digest = module->spec;
int i;
for (i = 0; digest->oids[i].oidstring && !ret; i++)
if (! stricmp (oid, digest->oids[i].oidstring))
{
if (algorithm)
*algorithm = module->mod_id;
if (oid_spec)
*oid_spec = digest->oids[i];
ret = 1;
}
_gcry_module_release (module);
}
return ret;
}
/****************
* Map a string to the digest algo
*/
int
gcry_md_map_name (const char *string)
{
gcry_module_t digest;
int ret, algorithm = 0;
if (! string)
return 0;
REGISTER_DEFAULT_DIGESTS;
/* If the string starts with a digit (optionally prefixed with
either "OID." or "oid."), we first look into our table of ASN.1
object identifiers to figure out the algorithm */
ath_mutex_lock (&digests_registered_lock);
ret = search_oid (string, &algorithm, NULL);
if (! ret)
{
- /* Not found, search for an acording diget name. */
+ /* Not found, search a matching digest name. */
digest = gcry_md_lookup_name (string);
if (digest)
{
algorithm = digest->mod_id;
_gcry_module_release (digest);
}
}
ath_mutex_unlock (&digests_registered_lock);
return algorithm;
}
/****************
* Map a digest algo to a string
*/
static const char *
digest_algo_to_string (int algorithm)
{
const char *name = NULL;
gcry_module_t digest;
REGISTER_DEFAULT_DIGESTS;
ath_mutex_lock (&digests_registered_lock);
digest = _gcry_module_lookup_id (digests_registered, algorithm);
if (digest)
{
name = ((gcry_md_spec_t *) digest->spec)->name;
_gcry_module_release (digest);
}
ath_mutex_unlock (&digests_registered_lock);
return name;
}
/****************
* This function simply returns the name of the algorithm or some constant
* string when there is no algo. It will never return NULL.
* Use the macro gcry_md_test_algo() to check whether the algorithm
* is valid.
*/
const char *
gcry_md_algo_name (int algorithm)
{
const char *s = digest_algo_to_string (algorithm);
return s ? s : "?";
}
static gcry_err_code_t
check_digest_algo (int algorithm)
{
gcry_err_code_t rc = 0;
gcry_module_t digest;
REGISTER_DEFAULT_DIGESTS;
ath_mutex_lock (&digests_registered_lock);
digest = _gcry_module_lookup_id (digests_registered, algorithm);
if (digest)
_gcry_module_release (digest);
else
rc = GPG_ERR_DIGEST_ALGO;
ath_mutex_unlock (&digests_registered_lock);
return rc;
}
/****************
* Open a message digest handle for use with algorithm ALGO.
* More algorithms may be added by md_enable(). The initial algorithm
* may be 0.
*/
static gcry_err_code_t
md_open (gcry_md_hd_t *h, int algo, int secure, int hmac)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
int bufsize = secure ? 512 : 1024;
struct gcry_md_context *ctx;
gcry_md_hd_t hd;
size_t n;
/* Allocate a memory area to hold the caller visible buffer with it's
* control information and the data required by this module. Set the
* context pointer at the beginning to this area.
* We have to use this strange scheme because we want to hide the
* internal data but have a variable sized buffer.
*
* +---+------+---........------+-------------+
* !ctx! bctl ! buffer ! private !
* +---+------+---........------+-------------+
* ! ^
* !---------------------------!
*
* We have to make sure that private is well aligned.
*/
n = sizeof (struct gcry_md_handle) + bufsize;
n = ((n + sizeof (PROPERLY_ALIGNED_TYPE) - 1)
/ sizeof (PROPERLY_ALIGNED_TYPE)) * sizeof (PROPERLY_ALIGNED_TYPE);
/* Allocate and set the Context pointer to the private data */
if (secure)
hd = gcry_malloc_secure (n + sizeof (struct gcry_md_context));
else
hd = gcry_malloc (n + sizeof (struct gcry_md_context));
if (! hd)
err = gpg_err_code_from_errno (errno);
if (! err)
{
hd->ctx = ctx = (struct gcry_md_context *) ((char *) hd + n);
/* Setup the globally visible data (bctl in the diagram).*/
hd->bufsize = n - sizeof (struct gcry_md_handle) + 1;
hd->bufpos = 0;
/* Initialize the private data. */
memset (hd->ctx, 0, sizeof *hd->ctx);
ctx->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
ctx->actual_handle_size = n + sizeof (struct gcry_md_context);
ctx->secure = secure;
if (hmac)
{
if ( (GCRY_MD_SHA384 == algo) || (GCRY_MD_SHA512 == algo) ) {
ctx->macpads_Bsize = 128;
ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize));
} else {
ctx->macpads_Bsize = 64;
ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize));
}
if (! ctx->macpads)
{
err = gpg_err_code_from_errno (errno);
md_close (hd);
}
}
}
if (! err)
{
/* FIXME: should we really do that? - yes [-wk] */
_gcry_fast_random_poll ();
if (algo)
{
err = md_enable (hd, algo);
if (err)
md_close (hd);
}
}
if (! err)
*h = hd;
return err;
}
/* Create a message digest object for algorithm ALGO. FLAGS may be
given as an bitwise OR of the gcry_md_flags values. ALGO may be
given as 0 if the algorithms to be used are later set using
gcry_md_enable. H is guaranteed to be a valid handle or NULL on
error. */
gcry_error_t
gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_md_hd_t hd;
if ((flags & ~(GCRY_MD_FLAG_SECURE | GCRY_MD_FLAG_HMAC)))
err = GPG_ERR_INV_ARG;
else
{
err = md_open (&hd, algo, (flags & GCRY_MD_FLAG_SECURE),
(flags & GCRY_MD_FLAG_HMAC));
}
*h = err? NULL : hd;
return gcry_error (err);
}
static gcry_err_code_t
md_enable (gcry_md_hd_t hd, int algorithm)
{
struct gcry_md_context *h = hd->ctx;
gcry_md_spec_t *digest = NULL;
GcryDigestEntry *entry;
gcry_module_t module;
gcry_err_code_t err = 0;
for (entry = h->list; entry; entry = entry->next)
if (entry->module->mod_id == algorithm)
return err; /* already enabled */
REGISTER_DEFAULT_DIGESTS;
ath_mutex_lock (&digests_registered_lock);
module = _gcry_module_lookup_id (digests_registered, algorithm);
ath_mutex_unlock (&digests_registered_lock);
if (! module)
{
log_debug ("md_enable: algorithm %d not available\n", algorithm);
err = GPG_ERR_DIGEST_ALGO;
}
else
digest = (gcry_md_spec_t *) module->spec;
if (! err)
{
size_t size = (sizeof (*entry)
+ digest->contextsize
- sizeof (entry->context));
/* And allocate a new list entry. */
if (h->secure)
entry = gcry_malloc_secure (size);
else
entry = gcry_malloc (size);
if (! entry)
err = gpg_err_code_from_errno (errno);
else
{
entry->digest = digest;
entry->module = module;
entry->next = h->list;
entry->actual_struct_size = size;
h->list = entry;
/* And init this instance. */
entry->digest->init (&entry->context.c);
}
}
if (err)
{
if (module)
{
ath_mutex_lock (&digests_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&digests_registered_lock);
}
}
return err;
}
gcry_error_t
gcry_md_enable (gcry_md_hd_t hd, int algorithm)
{
gcry_err_code_t err = md_enable (hd, algorithm);
return gcry_error (err);
}
static gcry_err_code_t
md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
struct gcry_md_context *a = ahd->ctx;
struct gcry_md_context *b;
GcryDigestEntry *ar, *br;
gcry_md_hd_t bhd;
size_t n;
if (ahd->bufpos)
md_write (ahd, NULL, 0);
n = (char *) ahd->ctx - (char *) ahd;
if (a->secure)
bhd = gcry_malloc_secure (n + sizeof (struct gcry_md_context));
else
bhd = gcry_malloc (n + sizeof (struct gcry_md_context));
if (! bhd)
err = gpg_err_code_from_errno (errno);
if (! err)
{
bhd->ctx = b = (struct gcry_md_context *) ((char *) bhd + n);
/* No need to copy the buffer due to the write above. */
assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1));
bhd->bufsize = ahd->bufsize;
bhd->bufpos = 0;
assert (! ahd->bufpos);
memcpy (b, a, sizeof *a);
b->list = NULL;
b->debug = NULL;
if (a->macpads)
{
b->macpads = gcry_malloc_secure (2*(a->macpads_Bsize));
if (! b->macpads)
{
err = gpg_err_code_from_errno (errno);
md_close (bhd);
}
else
memcpy (b->macpads, a->macpads, (2*(a->macpads_Bsize)));
}
}
/* Copy the complete list of algorithms. The copied list is
reversed, but that doesn't matter. */
if (!err)
{
for (ar = a->list; ar; ar = ar->next)
{
if (a->secure)
br = gcry_malloc_secure (sizeof *br
+ ar->digest->contextsize
- sizeof(ar->context));
else
br = gcry_malloc (sizeof *br
+ ar->digest->contextsize
- sizeof (ar->context));
if (!br)
{
err = gpg_err_code_from_errno (errno);
md_close (bhd);
break;
}
memcpy (br, ar, (sizeof (*br) + ar->digest->contextsize
- sizeof (ar->context)));
br->next = b->list;
b->list = br;
/* Add a reference to the module. */
ath_mutex_lock (&digests_registered_lock);
_gcry_module_use (br->module);
ath_mutex_unlock (&digests_registered_lock);
}
}
if (a->debug && !err)
md_start_debug (bhd, "unknown");
if (!err)
*b_hd = bhd;
return err;
}
gcry_error_t
gcry_md_copy (gcry_md_hd_t *handle, gcry_md_hd_t hd)
{
gcry_err_code_t err = md_copy (hd, handle);
if (err)
*handle = NULL;
return gcry_error (err);
}
/*
* Reset all contexts and discard any buffered stuff. This may be used
* instead of a md_close(); md_open().
*/
void
gcry_md_reset (gcry_md_hd_t a)
{
GcryDigestEntry *r;
a->bufpos = a->ctx->finalized = 0;
for (r = a->ctx->list; r; r = r->next)
{
memset (r->context.c, 0, r->digest->contextsize);
(*r->digest->init) (&r->context.c);
}
if (a->ctx->macpads)
md_write (a, a->ctx->macpads, a->ctx->macpads_Bsize); /* inner pad */
}
static void
md_close (gcry_md_hd_t a)
{
GcryDigestEntry *r, *r2;
if (! a)
return;
if (a->ctx->debug)
md_stop_debug (a);
for (r = a->ctx->list; r; r = r2)
{
r2 = r->next;
ath_mutex_lock (&digests_registered_lock);
_gcry_module_release (r->module);
ath_mutex_unlock (&digests_registered_lock);
wipememory (r, r->actual_struct_size);
gcry_free (r);
}
if (a->ctx->macpads)
{
wipememory (a->ctx->macpads, 2*(a->ctx->macpads_Bsize));
gcry_free(a->ctx->macpads);
}
wipememory (a, a->ctx->actual_handle_size);
gcry_free(a);
}
void
gcry_md_close (gcry_md_hd_t hd)
{
md_close (hd);
}
static void
md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen)
{
GcryDigestEntry *r;
if (a->ctx->debug)
{
if (a->bufpos && fwrite (a->buf, a->bufpos, 1, a->ctx->debug) != 1)
BUG();
if (inlen && fwrite (inbuf, inlen, 1, a->ctx->debug) != 1)
BUG();
}
for (r = a->ctx->list; r; r = r->next)
{
if (a->bufpos)
(*r->digest->write) (&r->context.c, a->buf, a->bufpos);
(*r->digest->write) (&r->context.c, inbuf, inlen);
}
a->bufpos = 0;
}
void
gcry_md_write (gcry_md_hd_t hd, const void *inbuf, size_t inlen)
{
md_write (hd, inbuf, inlen);
}
static void
md_final (gcry_md_hd_t a)
{
GcryDigestEntry *r;
if (a->ctx->finalized)
return;
if (a->bufpos)
md_write (a, NULL, 0);
for (r = a->ctx->list; r; r = r->next)
(*r->digest->final) (&r->context.c);
a->ctx->finalized = 1;
if (a->ctx->macpads)
{
/* Finish the hmac. */
int algo = md_get_algo (a);
byte *p = md_read (a, algo);
size_t dlen = md_digest_length (algo);
gcry_md_hd_t om;
gcry_err_code_t err = md_open (&om, algo, a->ctx->secure, 0);
if (err)
_gcry_fatal_error (err, NULL);
md_write (om, (a->ctx->macpads)+(a->ctx->macpads_Bsize), a->ctx->macpads_Bsize);
md_write (om, p, dlen);
md_final (om);
/* Replace our digest with the mac (they have the same size). */
memcpy (p, md_read (om, algo), dlen);
md_close (om);
}
}
static gcry_err_code_t
prepare_macpads( gcry_md_hd_t hd, const byte *key, size_t keylen)
{
int i;
int algo = md_get_algo( hd );
byte *helpkey = NULL;
byte *ipad, *opad;
if ( !algo )
return GPG_ERR_DIGEST_ALGO; /* i.e. no algo enabled */
if ( keylen > 64 )
{
helpkey = gcry_malloc_secure ( md_digest_length( algo ) );
if ( !helpkey )
return gpg_err_code_from_errno (errno);
gcry_md_hash_buffer ( algo, helpkey, key, keylen );
key = helpkey;
keylen = md_digest_length( algo );
assert ( keylen <= 64 );
}
memset ( hd->ctx->macpads, 0, 2*(hd->ctx->macpads_Bsize) );
ipad = hd->ctx->macpads;
opad = (hd->ctx->macpads)+(hd->ctx->macpads_Bsize);
memcpy ( ipad, key, keylen );
memcpy ( opad, key, keylen );
for (i=0; i < (hd->ctx->macpads_Bsize); i++ )
{
ipad[i] ^= 0x36;
opad[i] ^= 0x5c;
}
gcry_free( helpkey );
return GPG_ERR_NO_ERROR;
}
gcry_error_t
gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen)
{
gcry_err_code_t rc = 0;
switch (cmd)
{
case GCRYCTL_FINALIZE:
md_final (hd);
break;
case GCRYCTL_SET_KEY:
rc = gcry_err_code (gcry_md_setkey (hd, buffer, buflen));
break;
case GCRYCTL_START_DUMP:
md_start_debug (hd, buffer);
break;
case GCRYCTL_STOP_DUMP:
md_stop_debug ( hd );
break;
default:
rc = GPG_ERR_INV_OP;
}
return gcry_error (rc);
}
gcry_error_t
gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen)
{
gcry_err_code_t rc = GPG_ERR_NO_ERROR;
if (! hd->ctx->macpads)
rc = GPG_ERR_CONFLICT;
else
{
rc = prepare_macpads (hd, key, keylen);
if (! rc)
gcry_md_reset (hd);
}
return gcry_error (rc);
}
/* The new debug interface. If SUFFIX is a string it creates an debug
file for the context HD. IF suffix is NULL, the file is closed and
debugging is stopped. */
void
gcry_md_debug (gcry_md_hd_t hd, const char *suffix)
{
if (suffix)
md_start_debug (hd, suffix);
else
md_stop_debug (hd);
}
/****************
* if ALGO is null get the digest for the used algo (which should be only one)
*/
static byte *
md_read( gcry_md_hd_t a, int algo )
{
GcryDigestEntry *r = a->ctx->list;
if (! algo)
{
/* return the first algorithm */
if (r && r->next)
log_debug("more than algorithm in md_read(0)\n");
return r->digest->read( &r->context.c );
}
else
{
for (r = a->ctx->list; r; r = r->next)
if (r->module->mod_id == algo)
return r->digest->read (&r->context.c);
}
BUG();
return NULL;
}
/*
* Read out the complete digest, this function implictly finalizes
* the hash.
*/
byte *
gcry_md_read (gcry_md_hd_t hd, int algo)
{
gcry_md_ctl (hd, GCRYCTL_FINALIZE, NULL, 0);
return md_read (hd, algo);
}
/****************
* This function combines md_final and md_read but keeps the context
* intact. This function can be used to calculate intermediate
* digests. The digest is copied into buffer and the digestlength is
* returned. If buffer is NULL only the needed size for buffer is returned.
* buflen gives the max size of buffer. If the buffer is too shourt to
* hold the complete digest, the buffer is filled with as many bytes are
* possible and this value is returned.
*/
#if 0
static int
md_digest( gcry_md_hd_t a, int algo, byte *buffer, int buflen )
{
struct md_digest_list_s *r = NULL;
char *context;
char *digest;
if( a->bufpos )
md_write( a, NULL, 0 );
if( !algo ) { /* return digest for the first algorithm */
if( (r=a->ctx->list) && r->next )
log_debug("more than algorithm in md_digest(0)\n");
}
else {
for(r=a->ctx->list; r; r = r->next )
if( r->algo == algo )
break;
}
if( !r )
BUG();
if( !buffer )
return r->mdlen;
/* I don't want to change the interface, so I simply work on a copy
* of the context (extra overhead - should be fixed)*/
context = a->ctx->secure ? gcry_xmalloc_secure( r->contextsize )
: gcry_xmalloc( r->contextsize );
memcpy( context, r->context.c, r->contextsize );
(*r->digest->final)( context );
digest = (*r->digest->read)( context );
if( buflen > r->mdlen )
buflen = r->mdlen;
memcpy( buffer, digest, buflen );
gcry_free(context);
return buflen;
}
#endif
/*
* Read out an intermediate digest. Not yet fucntional.
*/
gcry_err_code_t
gcry_md_get (gcry_md_hd_t hd, int algo, byte *buffer, int buflen)
{
(void)hd;
(void)algo;
(void)buffer;
(void)buflen;
/*md_digest ... */
return GPG_ERR_INTERNAL;
}
/*
* Shortcut function to hash a buffer with a given algo. The only
* guaranteed supported algorithms are RIPE-MD160 and SHA-1. The
* supplied digest buffer must be large enough to store the resulting
* hash. No error is returned, the function will abort on an invalid
* algo. DISABLED_ALGOS are ignored here. */
void
gcry_md_hash_buffer (int algo, void *digest,
const void *buffer, size_t length)
{
if (algo == GCRY_MD_SHA1)
_gcry_sha1_hash_buffer (digest, buffer, length);
else if (algo == GCRY_MD_RMD160)
_gcry_rmd160_hash_buffer (digest, buffer, length);
else
{
/* For the others we do not have a fast function, so we use the
normal functions. */
gcry_md_hd_t h;
gpg_err_code_t err = md_open (&h, algo, 0, 0);
if (err)
log_bug ("gcry_md_open failed for algo %d: %s",
algo, gpg_strerror (gcry_error(err)));
md_write (h, (byte *) buffer, length);
md_final (h);
memcpy (digest, md_read (h, algo), md_digest_length (algo));
md_close (h);
}
}
static int
md_get_algo (gcry_md_hd_t a)
{
GcryDigestEntry *r = a->ctx->list;
if (r && r->next)
log_error("WARNING: more than algorithm in md_get_algo()\n");
return r ? r->module->mod_id : 0;
}
int
gcry_md_get_algo (gcry_md_hd_t hd)
{
return md_get_algo (hd);
}
/****************
* Return the length of the digest
*/
static int
md_digest_length (int algorithm)
{
gcry_module_t digest;
int mdlen = 0;
REGISTER_DEFAULT_DIGESTS;
ath_mutex_lock (&digests_registered_lock);
digest = _gcry_module_lookup_id (digests_registered, algorithm);
if (digest)
{
mdlen = ((gcry_md_spec_t *) digest->spec)->mdlen;
_gcry_module_release (digest);
}
ath_mutex_unlock (&digests_registered_lock);
return mdlen;
}
/****************
* Return the length of the digest in bytes.
* This function will return 0 in case of errors.
*/
unsigned int
gcry_md_get_algo_dlen (int algorithm)
{
return md_digest_length (algorithm);
}
/* Hmmm: add a mode to enumerate the OIDs
* to make g10/sig-check.c more portable */
static const byte *
md_asn_oid (int algorithm, size_t *asnlen, size_t *mdlen)
{
const byte *asnoid = NULL;
gcry_module_t digest;
REGISTER_DEFAULT_DIGESTS;
ath_mutex_lock (&digests_registered_lock);
digest = _gcry_module_lookup_id (digests_registered, algorithm);
if (digest)
{
if (asnlen)
*asnlen = ((gcry_md_spec_t *) digest->spec)->asnlen;
if (mdlen)
*mdlen = ((gcry_md_spec_t *) digest->spec)->mdlen;
asnoid = ((gcry_md_spec_t *) digest->spec)->asnoid;
_gcry_module_release (digest);
}
else
log_bug ("no ASN.1 OID for md algo %d\n", algorithm);
ath_mutex_unlock (&digests_registered_lock);
return asnoid;
}
/****************
* Return information about the given cipher algorithm
* WHAT select the kind of information returned:
* GCRYCTL_TEST_ALGO:
* Returns 0 when the specified algorithm is available for use.
* buffer and nbytes must be zero.
* GCRYCTL_GET_ASNOID:
* Return the ASNOID of the algorithm in buffer. if buffer is NULL, only
* the required length is returned.
*
* Note: Because this function is in most cases used to return an
* integer value, we can make it easier for the caller to just look at
* the return value. The caller will in all cases consult the value
* and thereby detecting whether a error occured or not (i.e. while checking
* the block size)
*/
gcry_error_t
gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
switch (what)
{
case GCRYCTL_TEST_ALGO:
if (buffer || nbytes)
err = GPG_ERR_INV_ARG;
else
err = check_digest_algo (algo);
break;
case GCRYCTL_GET_ASNOID:
/* We need to check that the algo is available because
md_asn_oid would otherwise raise an assertion. */
err = check_digest_algo (algo);
if (!err)
{
const char unsigned *asn;
size_t asnlen;
asn = md_asn_oid (algo, &asnlen, NULL);
if (buffer && (*nbytes >= asnlen))
{
memcpy (buffer, asn, asnlen);
*nbytes = asnlen;
}
else if ((! buffer) && nbytes)
*nbytes = asnlen;
else
{
if (buffer)
err = GPG_ERR_TOO_SHORT;
else
err = GPG_ERR_INV_ARG;
}
}
break;
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
static void
md_start_debug ( gcry_md_hd_t md, const char *suffix )
{
static int idx=0;
char buf[50];
if ( md->ctx->debug )
{
log_debug("Oops: md debug already started\n");
return;
}
idx++;
snprintf (buf, DIM(buf)-1, "dbgmd-%05d.%.10s", idx, suffix );
md->ctx->debug = fopen(buf, "w");
if ( !md->ctx->debug )
log_debug("md debug: can't open %s\n", buf );
}
static void
md_stop_debug( gcry_md_hd_t md )
{
if ( md->ctx->debug )
{
if ( md->bufpos )
md_write ( md, NULL, 0 );
fclose (md->ctx->debug);
md->ctx->debug = NULL;
}
#ifdef HAVE_U64_TYPEDEF
{ /* a kludge to pull in the __muldi3 for Solaris */
volatile u32 a = (u32)(ulong)md;
volatile u64 b = 42;
volatile u64 c;
c = a * b;
}
#endif
}
/*
* Return information about the digest handle.
* GCRYCTL_IS_SECURE:
* Returns 1 when the handle works on secured memory
* otherwise 0 is returned. There is no error return.
* GCRYCTL_IS_ALGO_ENABLED:
* Returns 1 if the algo is enanled for that handle.
* The algo must be passed as the address of an int.
*/
gcry_error_t
gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
switch (cmd)
{
case GCRYCTL_IS_SECURE:
*nbytes = h->ctx->secure;
break;
case GCRYCTL_IS_ALGO_ENABLED:
{
GcryDigestEntry *r;
int algo;
if ( !buffer || (nbytes && (*nbytes != sizeof (int))))
err = GPG_ERR_INV_ARG;
else
{
algo = *(int*)buffer;
*nbytes = 0;
for(r=h->ctx->list; r; r = r->next ) {
if (r->module->mod_id == algo)
{
*nbytes = 1;
break;
}
}
}
break;
}
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
gcry_err_code_t
_gcry_md_init (void)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
REGISTER_DEFAULT_DIGESTS;
return err;
}
int
gcry_md_is_secure (gcry_md_hd_t a)
{
size_t value;
if (gcry_md_info (a, GCRYCTL_IS_SECURE, NULL, &value))
value = 1; /* It seems to be better to assume secure memory on
error. */
return value;
}
int
gcry_md_is_enabled (gcry_md_hd_t a, int algo)
{
size_t value;
value = sizeof algo;
if (gcry_md_info (a, GCRYCTL_IS_ALGO_ENABLED, &algo, &value))
value = 0;
return value;
}
/* Get a list consisting of the IDs of the loaded message digest
modules. If LIST is zero, write the number of loaded message
digest modules to LIST_LENGTH and return. If LIST is non-zero, the
first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
of according size. In case there are less message digest modules
than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
number. */
gcry_error_t
gcry_md_list (int *list, int *list_length)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
ath_mutex_lock (&digests_registered_lock);
err = _gcry_module_list (digests_registered, list, list_length);
ath_mutex_unlock (&digests_registered_lock);
return err;
}
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 228b0d04..a833c3dd 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -1,2540 +1,2560 @@
/* pubkey.c - pubkey dispatcher
* Copyright (C) 1998, 1999, 2000, 2002, 2003,
* 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "g10lib.h"
#include "mpi.h"
#include "cipher.h"
#include "ath.h"
static gcry_err_code_t pubkey_decrypt (int algo, gcry_mpi_t *result,
gcry_mpi_t *data, gcry_mpi_t *skey,
int flags);
static gcry_err_code_t pubkey_sign (int algo, gcry_mpi_t *resarr,
gcry_mpi_t hash, gcry_mpi_t *skey);
static gcry_err_code_t pubkey_verify (int algo, gcry_mpi_t hash,
gcry_mpi_t *data, gcry_mpi_t *pkey,
int (*cmp) (void *, gcry_mpi_t),
void *opaque);
/* This is the list of the default public-key ciphers included in
libgcrypt. */
static struct pubkey_table_entry
{
gcry_pk_spec_t *pubkey;
unsigned int algorithm;
} pubkey_table[] =
{
#if USE_RSA
{ &_gcry_pubkey_spec_rsa, GCRY_PK_RSA },
#endif
#if USE_ELGAMAL
{ &_gcry_pubkey_spec_elg, GCRY_PK_ELG },
{ &_gcry_pubkey_spec_elg, GCRY_PK_ELG_E },
#endif
#if USE_DSA
{ &_gcry_pubkey_spec_dsa, GCRY_PK_DSA },
#endif
{ NULL, 0 },
};
/* List of registered ciphers. */
static gcry_module_t pubkeys_registered;
/* This is the lock protecting PUBKEYS_REGISTERED. */
static ath_mutex_t pubkeys_registered_lock = ATH_MUTEX_INITIALIZER;;
/* Flag to check wether the default pubkeys have already been
registered. */
static int default_pubkeys_registered;
/* Convenient macro for registering the default digests. */
#define REGISTER_DEFAULT_PUBKEYS \
do \
{ \
ath_mutex_lock (&pubkeys_registered_lock); \
if (! default_pubkeys_registered) \
{ \
gcry_pk_register_default (); \
default_pubkeys_registered = 1; \
} \
ath_mutex_unlock (&pubkeys_registered_lock); \
} \
while (0)
/* These dummy functions are used in case a cipher implementation
refuses to provide it's own functions. */
static gcry_err_code_t
dummy_generate (int algorithm, unsigned int nbits, unsigned long dummy,
gcry_mpi_t *skey, gcry_mpi_t **retfactors)
{
(void)algorithm;
(void)nbits;
(void)dummy;
(void)skey;
(void)retfactors;
return GPG_ERR_NOT_IMPLEMENTED;
}
static gcry_err_code_t
dummy_check_secret_key (int algorithm, gcry_mpi_t *skey)
{
(void)algorithm;
(void)skey;
return GPG_ERR_NOT_IMPLEMENTED;
}
static gcry_err_code_t
dummy_encrypt (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data,
gcry_mpi_t *pkey, int flags)
{
(void)algorithm;
(void)resarr;
(void)data;
(void)pkey;
(void)flags;
return GPG_ERR_NOT_IMPLEMENTED;
}
static gcry_err_code_t
dummy_decrypt (int algorithm, gcry_mpi_t *result, gcry_mpi_t *data,
gcry_mpi_t *skey, int flags)
{
(void)algorithm;
(void)result;
(void)data;
(void)skey;
(void)flags;
return GPG_ERR_NOT_IMPLEMENTED;
}
static gcry_err_code_t
dummy_sign (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data,
gcry_mpi_t *skey)
{
(void)algorithm;
(void)resarr;
(void)data;
(void)skey;
return GPG_ERR_NOT_IMPLEMENTED;
}
static gcry_err_code_t
dummy_verify (int algorithm, gcry_mpi_t hash, gcry_mpi_t *data,
gcry_mpi_t *pkey,
int (*cmp) (void *, gcry_mpi_t), void *opaquev)
{
(void)algorithm;
(void)hash;
(void)data;
(void)pkey;
(void)cmp;
(void)opaquev;
return GPG_ERR_NOT_IMPLEMENTED;
}
static unsigned
dummy_get_nbits (int algorithm, gcry_mpi_t *pkey)
{
(void)algorithm;
(void)pkey;
return 0;
}
/* Internal function. Register all the pubkeys included in
PUBKEY_TABLE. Returns zero on success or an error code. */
static void
gcry_pk_register_default (void)
{
gcry_err_code_t err = 0;
int i;
for (i = 0; (! err) && pubkey_table[i].pubkey; i++)
{
#define pubkey_use_dummy(func) \
if (! pubkey_table[i].pubkey->func) \
pubkey_table[i].pubkey->func = dummy_##func;
pubkey_use_dummy (generate);
pubkey_use_dummy (check_secret_key);
pubkey_use_dummy (encrypt);
pubkey_use_dummy (decrypt);
pubkey_use_dummy (sign);
pubkey_use_dummy (verify);
pubkey_use_dummy (get_nbits);
#undef pubkey_use_dummy
err = _gcry_module_add (&pubkeys_registered,
pubkey_table[i].algorithm,
(void *) pubkey_table[i].pubkey, NULL);
}
if (err)
BUG ();
}
/* Internal callback function. Used via _gcry_module_lookup. */
static int
gcry_pk_lookup_func_name (void *spec, void *data)
{
gcry_pk_spec_t *pubkey = (gcry_pk_spec_t *) spec;
char *name = (char *) data;
const char **aliases = pubkey->aliases;
int ret = stricmp (name, pubkey->name);
while (ret && *aliases)
ret = stricmp (name, *aliases++);
return ! ret;
}
/* Internal function. Lookup a pubkey entry by it's name. */
static gcry_module_t
gcry_pk_lookup_name (const char *name)
{
gcry_module_t pubkey;
pubkey = _gcry_module_lookup (pubkeys_registered, (void *) name,
gcry_pk_lookup_func_name);
return pubkey;
}
/* Register a new pubkey module whose specification can be found in
PUBKEY. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representhing this module is stored in MODULE. */
gcry_error_t
gcry_pk_register (gcry_pk_spec_t *pubkey,
unsigned int *algorithm_id,
gcry_module_t *module)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t mod;
ath_mutex_lock (&pubkeys_registered_lock);
err = _gcry_module_add (&pubkeys_registered, 0,
(void *) pubkey, &mod);
ath_mutex_unlock (&pubkeys_registered_lock);
if (! err)
{
*module = mod;
*algorithm_id = mod->mod_id;
}
return err;
}
/* Unregister the pubkey identified by ID, which must have been
registered with gcry_pk_register. */
void
gcry_pk_unregister (gcry_module_t module)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
}
static void
release_mpi_array (gcry_mpi_t *array)
{
for (; *array; array++)
{
mpi_free(*array);
*array = NULL;
}
}
/****************
* Map a string to the pubkey algo
*/
int
gcry_pk_map_name (const char *string)
{
gcry_module_t pubkey;
int algorithm = 0;
if (!string)
return 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = gcry_pk_lookup_name (string);
if (pubkey)
{
algorithm = pubkey->mod_id;
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return algorithm;
}
/* Map the public key algorithm whose ID is contained in ALGORITHM to
a string representation of the algorithm name. For unknown
algorithm IDs this functions returns "?". */
const char *
gcry_pk_algo_name (int algorithm)
{
gcry_module_t pubkey;
const char *name;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
name = ((gcry_pk_spec_t *) pubkey->spec)->name;
_gcry_module_release (pubkey);
}
else
name = "?";
ath_mutex_unlock (&pubkeys_registered_lock);
return name;
}
/* A special version of gcry_pk_algo name to return the first aliased
name of the algorithm. This is required to adhere to the spki
specs where the algorithm names are lowercase. */
const char *
_gcry_pk_aliased_algo_name (int algorithm)
{
const char *name = NULL;
gcry_module_t module;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
gcry_pk_spec_t *pubkey = (gcry_pk_spec_t *) module->spec;
name = pubkey->aliases? *pubkey->aliases : NULL;
if (!name || !*name)
name = pubkey->name;
_gcry_module_release (module);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return name;
}
static void
disable_pubkey_algo (int algorithm)
{
gcry_module_t pubkey;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
if (! (pubkey-> flags & FLAG_MODULE_DISABLED))
pubkey->flags |= FLAG_MODULE_DISABLED;
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
}
/****************
* A USE of 0 means: don't care.
*/
static gcry_err_code_t
check_pubkey_algo (int algorithm, unsigned use)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_pk_spec_t *pubkey;
gcry_module_t module;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
pubkey = (gcry_pk_spec_t *) module->spec;
if (((use & GCRY_PK_USAGE_SIGN)
&& (! (pubkey->use & GCRY_PK_USAGE_SIGN)))
|| ((use & GCRY_PK_USAGE_ENCR)
&& (! (pubkey->use & GCRY_PK_USAGE_ENCR))))
err = GPG_ERR_WRONG_PUBKEY_ALGO;
else if (module->flags & FLAG_MODULE_DISABLED)
err = GPG_ERR_PUBKEY_ALGO;
_gcry_module_release (module);
}
else
err = GPG_ERR_PUBKEY_ALGO;
ath_mutex_unlock (&pubkeys_registered_lock);
return err;
}
/****************
* Return the number of public key material numbers
*/
static int
pubkey_get_npkey (int algorithm)
{
gcry_module_t pubkey;
int npkey = 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
npkey = strlen (((gcry_pk_spec_t *) pubkey->spec)->elements_pkey);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return npkey;
}
/****************
* Return the number of secret key material numbers
*/
static int
pubkey_get_nskey (int algorithm)
{
gcry_module_t pubkey;
int nskey = 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
nskey = strlen (((gcry_pk_spec_t *) pubkey->spec)->elements_skey);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return nskey;
}
/****************
* Return the number of signature material numbers
*/
static int
pubkey_get_nsig (int algorithm)
{
gcry_module_t pubkey;
int nsig = 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
nsig = strlen (((gcry_pk_spec_t *) pubkey->spec)->elements_sig);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return nsig;
}
/****************
* Return the number of encryption material numbers
*/
static int
pubkey_get_nenc (int algorithm)
{
gcry_module_t pubkey;
int nenc = 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
nenc = strlen (((gcry_pk_spec_t *) pubkey->spec)->elements_enc);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return nenc;
}
static gcry_err_code_t
pubkey_generate (int algorithm, unsigned int nbits, unsigned int qbits,
unsigned long use_e,
gcry_mpi_t *skey, gcry_mpi_t **retfactors)
{
gcry_err_code_t err = GPG_ERR_PUBKEY_ALGO;
gcry_module_t pubkey;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
/* Hack to pass QBITS to the DSA generation. */
if (qbits && pubkey->spec == &_gcry_pubkey_spec_dsa)
err = _gcry_dsa_generate2
(algorithm, nbits, qbits, 0, skey, retfactors);
else
err = ((gcry_pk_spec_t *) pubkey->spec)->generate
(algorithm, nbits, use_e, skey, retfactors);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return err;
}
static gcry_err_code_t
pubkey_check_secret_key (int algorithm, gcry_mpi_t *skey)
{
gcry_err_code_t err = GPG_ERR_PUBKEY_ALGO;
gcry_module_t pubkey;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
err = ((gcry_pk_spec_t *) pubkey->spec)->check_secret_key
(algorithm, skey);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
return err;
}
/****************
* This is the interface to the public key encryption. Encrypt DATA
* with PKEY and put it into RESARR which should be an array of MPIs
* of size PUBKEY_MAX_NENC (or less if the algorithm allows this -
* check with pubkey_get_nenc() )
*/
static gcry_err_code_t
pubkey_encrypt (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data,
gcry_mpi_t *pkey, int flags)
{
gcry_pk_spec_t *pubkey;
gcry_module_t module;
gcry_err_code_t rc;
int i;
if (DBG_CIPHER)
{
log_debug ("pubkey_encrypt: algo=%d\n", algorithm);
for(i = 0; i < pubkey_get_npkey (algorithm); i++)
log_mpidump (" pkey:", pkey[i]);
log_mpidump (" data:", data);
}
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
pubkey = (gcry_pk_spec_t *) module->spec;
rc = pubkey->encrypt (algorithm, resarr, data, pkey, flags);
_gcry_module_release (module);
goto ready;
}
rc = GPG_ERR_PUBKEY_ALGO;
ready:
ath_mutex_unlock (&pubkeys_registered_lock);
if (!rc && DBG_CIPHER)
{
for(i = 0; i < pubkey_get_nenc (algorithm); i++)
log_mpidump(" encr:", resarr[i] );
}
return rc;
}
/****************
* This is the interface to the public key decryption.
* ALGO gives the algorithm to use and this implicitly determines
* the size of the arrays.
* result is a pointer to a mpi variable which will receive a
* newly allocated mpi or NULL in case of an error.
*/
static gcry_err_code_t
pubkey_decrypt (int algorithm, gcry_mpi_t *result, gcry_mpi_t *data,
gcry_mpi_t *skey, int flags)
{
gcry_pk_spec_t *pubkey;
gcry_module_t module;
gcry_err_code_t rc;
int i;
*result = NULL; /* so the caller can always do a mpi_free */
if (DBG_CIPHER)
{
log_debug ("pubkey_decrypt: algo=%d\n", algorithm);
for(i = 0; i < pubkey_get_nskey (algorithm); i++)
log_mpidump (" skey:", skey[i]);
for(i = 0; i < pubkey_get_nenc (algorithm); i++)
log_mpidump (" data:", data[i]);
}
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
pubkey = (gcry_pk_spec_t *) module->spec;
rc = pubkey->decrypt (algorithm, result, data, skey, flags);
_gcry_module_release (module);
goto ready;
}
rc = GPG_ERR_PUBKEY_ALGO;
ready:
ath_mutex_unlock (&pubkeys_registered_lock);
if (! rc && DBG_CIPHER)
log_mpidump (" plain:", *result);
return rc;
}
/****************
* This is the interface to the public key signing.
* Sign data with skey and put the result into resarr which
* should be an array of MPIs of size PUBKEY_MAX_NSIG (or less if the
* algorithm allows this - check with pubkey_get_nsig() )
*/
static gcry_err_code_t
pubkey_sign (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data,
gcry_mpi_t *skey)
{
gcry_pk_spec_t *pubkey;
gcry_module_t module;
gcry_err_code_t rc;
int i;
if (DBG_CIPHER)
{
log_debug ("pubkey_sign: algo=%d\n", algorithm);
for(i = 0; i < pubkey_get_nskey (algorithm); i++)
log_mpidump (" skey:", skey[i]);
log_mpidump(" data:", data );
}
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
pubkey = (gcry_pk_spec_t *) module->spec;
rc = pubkey->sign (algorithm, resarr, data, skey);
_gcry_module_release (module);
goto ready;
}
rc = GPG_ERR_PUBKEY_ALGO;
ready:
ath_mutex_unlock (&pubkeys_registered_lock);
if (! rc && DBG_CIPHER)
for (i = 0; i < pubkey_get_nsig (algorithm); i++)
log_mpidump (" sig:", resarr[i]);
return rc;
}
/****************
* Verify a public key signature.
* Return 0 if the signature is good
*/
static gcry_err_code_t
pubkey_verify (int algorithm, gcry_mpi_t hash, gcry_mpi_t *data,
gcry_mpi_t *pkey,
int (*cmp)(void *, gcry_mpi_t), void *opaquev)
{
gcry_pk_spec_t *pubkey;
gcry_module_t module;
gcry_err_code_t rc;
int i;
if (DBG_CIPHER)
{
log_debug ("pubkey_verify: algo=%d\n", algorithm);
for (i = 0; i < pubkey_get_npkey (algorithm); i++)
log_mpidump (" pkey:", pkey[i]);
for (i = 0; i < pubkey_get_nsig (algorithm); i++)
log_mpidump (" sig:", data[i]);
log_mpidump (" hash:", hash);
}
ath_mutex_lock (&pubkeys_registered_lock);
module = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (module)
{
pubkey = (gcry_pk_spec_t *) module->spec;
rc = pubkey->verify (algorithm, hash, data, pkey, cmp, opaquev);
_gcry_module_release (module);
goto ready;
}
rc = GPG_ERR_PUBKEY_ALGO;
ready:
ath_mutex_unlock (&pubkeys_registered_lock);
return rc;
}
/* Internal function. */
static gcry_err_code_t
sexp_elements_extract (gcry_sexp_t key_sexp, const char *element_names,
gcry_mpi_t *elements)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
int i, idx;
const char *name;
gcry_sexp_t list;
for (name = element_names, idx = 0; *name && !err; name++, idx++)
{
list = gcry_sexp_find_token (key_sexp, name, 1);
if (! list)
err = GPG_ERR_NO_OBJ;
else
{
elements[idx] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG);
gcry_sexp_release (list);
if (! elements[idx])
err = GPG_ERR_INV_OBJ;
}
}
if (err)
{
for (i = 0; i < idx; i++)
if (elements[i])
gcry_free (elements[i]);
}
return err;
}
/****************
* Convert a S-Exp with either a private or a public key to our
* internal format. Currently we do only support the following
* algorithms:
* dsa
* rsa
* openpgp-dsa
* openpgp-rsa
* openpgp-elg
* openpgp-elg-sig
* Provide a SE with the first element be either "private-key" or
* or "public-key". It is followed by a list with its first element
* be one of the above algorithm identifiers and the remaning
* elements are pairs with parameter-id and value.
* NOTE: we look through the list to find a list beginning with
* "private-key" or "public-key" - the first one found is used.
*
* FIXME: Allow for encrypted secret keys here.
*
* Returns: A pointer to an allocated array of MPIs if the return value is
* zero; the caller has to release this array.
*
* Example of a DSA public key:
* (private-key
* (dsa
* (p <mpi>)
* (g <mpi>)
* (y <mpi>)
* (x <mpi>)
* )
* )
* The <mpi> are expected to be in GCRYMPI_FMT_USG
*/
static gcry_err_code_t
sexp_to_key (gcry_sexp_t sexp, int want_private, gcry_mpi_t **retarray,
gcry_module_t *retalgo)
{
gcry_sexp_t list, l2;
const char *name;
size_t n;
const char *elems;
gcry_mpi_t *array;
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t module;
gcry_pk_spec_t *pubkey;
/* check that the first element is valid */
list = gcry_sexp_find_token( sexp, want_private? "private-key"
:"public-key", 0 );
if( !list )
return GPG_ERR_INV_OBJ; /* Does not contain a public-
or private-key object */
l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
name = gcry_sexp_nth_data( list, 0, &n );
if( !name ) {
gcry_sexp_release ( list );
return GPG_ERR_INV_OBJ; /* invalid structure of object */
}
{
char *name_terminated;
name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
{
err = gpg_err_code_from_errno (errno);
gcry_sexp_release (list);
return err;
}
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
ath_mutex_lock (&pubkeys_registered_lock);
module = gcry_pk_lookup_name (name_terminated);
ath_mutex_unlock (&pubkeys_registered_lock);
gcry_free (name_terminated);
}
if (! module)
{
gcry_sexp_release (list);
return GPG_ERR_PUBKEY_ALGO; /* unknown algorithm */
}
else
pubkey = (gcry_pk_spec_t *) module->spec;
elems = want_private ? pubkey->elements_skey : pubkey->elements_pkey;
array = gcry_calloc (strlen (elems) + 1, sizeof (*array));
if (! array)
err = gpg_err_code_from_errno (errno);
if (! err)
err = sexp_elements_extract (list, elems, array);
if (list)
gcry_sexp_release (list);
if (err)
{
if (array)
gcry_free (array);
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
}
else
{
*retarray = array;
*retalgo = module;
}
return err;
}
static gcry_err_code_t
sexp_to_sig (gcry_sexp_t sexp, gcry_mpi_t **retarray,
gcry_module_t *retalgo)
{
gcry_sexp_t list, l2;
const char *name;
size_t n;
const char *elems;
gcry_mpi_t *array;
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t module;
gcry_pk_spec_t *pubkey;
/* check that the first element is valid */
list = gcry_sexp_find_token( sexp, "sig-val" , 0 );
if( !list )
return GPG_ERR_INV_OBJ; /* Does not contain a signature value object */
l2 = gcry_sexp_nth (list, 1);
if(! l2)
{
gcry_sexp_release (list);
return GPG_ERR_NO_OBJ; /* no cadr for the sig object */
}
name = gcry_sexp_nth_data( l2, 0, &n );
if( !name ) {
gcry_sexp_release ( list );
gcry_sexp_release ( l2 );
return GPG_ERR_INV_OBJ; /* invalid structure of object */
}
else if (n == 5 && (! memcmp (name, "flags", 5))) {
/* Skip flags, since they are not used but just here for the
sake of consistent S-expressions. */
gcry_sexp_release (l2);
l2 = gcry_sexp_nth (list, 2);
if (! l2)
{
gcry_sexp_release (list);
return GPG_ERR_INV_OBJ;
}
name = gcry_sexp_nth_data (l2, 0, &n);
}
{
char *name_terminated;
name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
{
err = gcry_err_code_from_errno (errno);
gcry_sexp_release (l2);
gcry_sexp_release (list);
return err;
}
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
ath_mutex_lock (&pubkeys_registered_lock);
module = gcry_pk_lookup_name (name_terminated);
ath_mutex_unlock (&pubkeys_registered_lock);
gcry_free (name_terminated);
}
if (! module)
{
gcry_sexp_release (l2);
gcry_sexp_release (list);
return GPG_ERR_PUBKEY_ALGO; /* unknown algorithm */
}
else
pubkey = (gcry_pk_spec_t *) module->spec;
elems = pubkey->elements_sig;
array = gcry_calloc (strlen (elems) + 1 , sizeof (*array));
if (! array)
err = gpg_err_code_from_errno (errno);
if (! err)
err = sexp_elements_extract (list, elems, array);
gcry_sexp_release (l2);
gcry_sexp_release (list);
if (err)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
if (array)
gcry_free (array);
}
else
{
*retarray = array;
*retalgo = module;
}
return err;
}
/****************
* Take sexp and return an array of MPI as used for our internal decrypt
* function.
* s_data = (enc-val
* [(flags [pkcs1])
* (<algo>
* (<param_name1> <mpi>)
* ...
* (<param_namen> <mpi>)
* ))
* RET_MODERN is set to true when at least an empty flags list has been found.
*/
static gcry_err_code_t
sexp_to_enc (gcry_sexp_t sexp, gcry_mpi_t **retarray, gcry_module_t *retalgo,
int *ret_modern, int *ret_want_pkcs1, int *flags)
{
gcry_sexp_t list = NULL, l2 = NULL;
gcry_pk_spec_t *pubkey = NULL;
gcry_module_t module = NULL;
const char *name;
size_t n;
int parsed_flags = 0;
const char *elems;
gcry_mpi_t *array = NULL;
gcry_err_code_t err = GPG_ERR_NO_ERROR;
*ret_want_pkcs1 = 0;
*ret_modern = 0;
/* check that the first element is valid */
list = gcry_sexp_find_token (sexp, "enc-val" , 0);
if (! list)
{
err = GPG_ERR_INV_OBJ; /* Does not contain an encrypted value object */
goto leave;
}
l2 = gcry_sexp_nth (list, 1);
if (! l2)
{
err = GPG_ERR_NO_OBJ; /* no cdr for the data object */
goto leave;
}
/* Extract identifier of sublist. */
name = gcry_sexp_nth_data (l2, 0, &n);
if (! name)
{
err = GPG_ERR_INV_OBJ; /* invalid structure of object */
goto leave;
}
if ((n == 5) && (! memcmp (name, "flags", 5)))
{
/* There is a flags element - process it */
const char *s;
int i;
*ret_modern = 1;
for (i = gcry_sexp_length (l2) - 1; i > 0; i--)
{
s = gcry_sexp_nth_data (l2, i, &n);
if (! s)
; /* not a data element - ignore */
else if (n == 3 && ! memcmp (s, "raw", 3))
; /* just a dummy because it is the default */
else if (n == 5 && ! memcmp (s, "pkcs1", 5))
*ret_want_pkcs1 = 1;
else if (n == 11 && ! memcmp (s, "no-blinding", 11))
parsed_flags |= PUBKEY_FLAG_NO_BLINDING;
else
{
err = GPG_ERR_INV_FLAG;
goto leave;
}
}
/* Get the next which has the actual data */
gcry_sexp_release (l2);
l2 = gcry_sexp_nth (list, 2);
if (! l2)
{
err = GPG_ERR_NO_OBJ; /* no cdr for the data object */
goto leave;
}
/* Extract sublist identifier. */
name = gcry_sexp_nth_data (l2, 0, &n);
if (! name)
{
err = GPG_ERR_INV_OBJ; /* invalid structure of object */
goto leave;
}
gcry_sexp_release (list);
list = l2;
l2 = NULL;
}
{
char *name_terminated;
name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
{
err = gcry_err_code_from_errno (errno);
goto leave;
}
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
ath_mutex_lock (&pubkeys_registered_lock);
module = gcry_pk_lookup_name (name_terminated);
ath_mutex_unlock (&pubkeys_registered_lock);
gcry_free (name_terminated);
if (! module)
{
err = GPG_ERR_PUBKEY_ALGO; /* unknown algorithm */
goto leave;
}
pubkey = (gcry_pk_spec_t *) module->spec;
}
elems = pubkey->elements_enc;
array = gcry_calloc (strlen (elems) + 1, sizeof (*array));
if (! array)
{
err = gpg_err_code_from_errno (errno);
goto leave;
}
err = sexp_elements_extract (list, elems, array);
leave:
if (list)
gcry_sexp_release (list);
if (l2)
gcry_sexp_release (l2);
if (err)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
if (array)
gcry_free (array);
}
else
{
*retarray = array;
*retalgo = module;
*flags = parsed_flags;
}
return err;
}
/* Take the hash value and convert into an MPI, suitable for for
passing to the low level functions. We currently support the
old style way of passing just a MPI and the modern interface which
allows to pass flags so that we can choose between raw and pkcs1
padding - may be more padding options later.
(<mpi>)
or
(data
[(flags [pkcs1])]
[(hash <algo> <value>)]
[(value <text>)]
)
Either the VALUE or the HASH element must be present for use
with signatures. VALUE is used for encryption.
NBITS is the length of the key in bits.
*/
static gcry_err_code_t
sexp_data_to_mpi (gcry_sexp_t input, unsigned int nbits, gcry_mpi_t *ret_mpi,
int for_encryption, int *flags)
{
gcry_err_code_t rc = 0;
gcry_sexp_t ldata, lhash, lvalue;
int i;
size_t n;
const char *s;
int is_raw = 0, is_pkcs1 = 0, unknown_flag=0;
int parsed_flags = 0, dummy_flags;
if (! flags)
flags = &dummy_flags;
*ret_mpi = NULL;
ldata = gcry_sexp_find_token (input, "data", 0);
if (!ldata)
{ /* assume old style */
*ret_mpi = gcry_sexp_nth_mpi (input, 0, 0);
return *ret_mpi ? GPG_ERR_NO_ERROR : GPG_ERR_INV_OBJ;
}
/* see whether there is a flags object */
{
gcry_sexp_t lflags = gcry_sexp_find_token (ldata, "flags", 0);
if (lflags)
{ /* parse the flags list. */
for (i=gcry_sexp_length (lflags)-1; i > 0; i--)
{
s = gcry_sexp_nth_data (lflags, i, &n);
if (!s)
; /* not a data element*/
else if ( n == 3 && !memcmp (s, "raw", 3))
is_raw = 1;
else if ( n == 5 && !memcmp (s, "pkcs1", 5))
is_pkcs1 = 1;
else if (n == 11 && ! memcmp (s, "no-blinding", 11))
parsed_flags |= PUBKEY_FLAG_NO_BLINDING;
else
unknown_flag = 1;
}
gcry_sexp_release (lflags);
}
}
if (!is_pkcs1 && !is_raw)
is_raw = 1; /* default to raw */
/* Get HASH or MPI */
lhash = gcry_sexp_find_token (ldata, "hash", 0);
lvalue = lhash? NULL : gcry_sexp_find_token (ldata, "value", 0);
if (!(!lhash ^ !lvalue))
rc = GPG_ERR_INV_OBJ; /* none or both given */
else if (unknown_flag)
rc = GPG_ERR_INV_FLAG;
else if (is_raw && is_pkcs1 && !for_encryption)
rc = GPG_ERR_CONFLICT;
else if (is_raw && lvalue)
{
*ret_mpi = gcry_sexp_nth_mpi (lvalue, 1, 0);
if (!*ret_mpi)
rc = GPG_ERR_INV_OBJ;
}
else if (is_pkcs1 && lvalue && for_encryption)
{ /* Create pkcs#1 block type 2 padding. */
unsigned char *frame = NULL;
size_t nframe = (nbits+7) / 8;
const void * value;
size_t valuelen;
unsigned char *p;
if ( !(value=gcry_sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
rc = GPG_ERR_INV_OBJ;
else if (valuelen + 7 > nframe || !nframe)
{
/* Can't encode a VALUELEN value in a NFRAME bytes frame. */
rc = GPG_ERR_TOO_SHORT; /* the key is too short */
}
else if ( !(frame = gcry_malloc_secure (nframe)))
rc = gpg_err_code_from_errno (errno);
else
{
n = 0;
frame[n++] = 0;
frame[n++] = 2; /* block type */
i = nframe - 3 - valuelen;
assert (i > 0);
p = gcry_random_bytes_secure (i, GCRY_STRONG_RANDOM);
/* Replace zero bytes by new values. */
for (;;)
{
int j, k;
unsigned char *pp;
/* Count the zero bytes. */
for (j=k=0; j < i; j++)
{
if (!p[j])
k++;
}
if (!k)
break; /* Okay: no (more) zero bytes. */
k += k/128 + 3; /* Better get some more. */
pp = gcry_random_bytes_secure (k, GCRY_STRONG_RANDOM);
for (j=0; j < i && k; )
{
if (!p[j])
p[j] = pp[--k];
if (p[j])
j++;
}
gcry_free (pp);
}
memcpy (frame+n, p, i);
n += i;
gcry_free (p);
frame[n++] = 0;
memcpy (frame+n, value, valuelen);
n += valuelen;
assert (n == nframe);
/* FIXME, error checking? */
gcry_mpi_scan (ret_mpi, GCRYMPI_FMT_USG, frame, n, &nframe);
}
gcry_free(frame);
}
else if (is_pkcs1 && lhash && !for_encryption)
{ /* Create pkcs#1 block type 1 padding. */
if (gcry_sexp_length (lhash) != 3)
rc = GPG_ERR_INV_OBJ;
else if ( !(s=gcry_sexp_nth_data (lhash, 1, &n)) || !n )
rc = GPG_ERR_INV_OBJ;
else
{
static struct { const char *name; int algo; } hashnames[] =
{ { "sha1", GCRY_MD_SHA1 },
{ "md5", GCRY_MD_MD5 },
{ "sha256", GCRY_MD_SHA256 },
{ "ripemd160", GCRY_MD_RMD160 },
{ "rmd160", GCRY_MD_RMD160 },
{ "sha384", GCRY_MD_SHA384 },
{ "sha512", GCRY_MD_SHA512 },
{ "md2", GCRY_MD_MD2 },
{ "md4", GCRY_MD_MD4 },
{ "tiger", GCRY_MD_TIGER },
{ "haval", GCRY_MD_HAVAL },
{ NULL, 0 }
};
int algo;
byte asn[100];
byte *frame = NULL;
size_t nframe = (nbits+7) / 8;
const void * value;
size_t valuelen;
size_t asnlen, dlen;
for (i=0; hashnames[i].name; i++)
{
if ( strlen (hashnames[i].name) == n
&& !memcmp (hashnames[i].name, s, n))
break;
}
+ if (hashnames[i].name)
+ algo = hashnames[i].algo;
+ else
+ {
+ /* In case of not listed or dynamically allocated hash
+ algorithm we fall back to this somewhat slower
+ method. Further, it also allows to use OIDs as
+ algorithm names. */
+ char *tmpname;
+
+ tmpname = gcry_malloc (n+1);
+ if (!tmpname)
+ algo = 0; /* Out of core - silently give up. */
+ else
+ {
+ memcpy (tmpname, s, n);
+ tmpname[n] = 0;
+ algo = gcry_md_map_name (tmpname);
+ gcry_free (tmpname);
+ }
+ }
- algo = hashnames[i].algo;
asnlen = DIM(asn);
dlen = gcry_md_get_algo_dlen (algo);
- if (!hashnames[i].name)
+ if (!algo)
rc = GPG_ERR_DIGEST_ALGO;
else if ( !(value=gcry_sexp_nth_data (lhash, 2, &valuelen))
|| !valuelen )
rc = GPG_ERR_INV_OBJ;
else if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
{
/* We don't have yet all of the above algorithms. */
rc = GPG_ERR_NOT_IMPLEMENTED;
}
else if ( valuelen != dlen )
{
/* Hash value does not match the length of digest for
the given algorithm. */
rc = GPG_ERR_CONFLICT;
}
else if( !dlen || dlen + asnlen + 4 > nframe)
{
/* Can't encode an DLEN byte digest MD into a NFRAME
byte frame. */
rc = GPG_ERR_TOO_SHORT;
}
else if ( !(frame = gcry_malloc (nframe)) )
rc = gpg_err_code_from_errno (errno);
else
{ /* Assemble the pkcs#1 block type 1. */
n = 0;
frame[n++] = 0;
frame[n++] = 1; /* block type */
i = nframe - valuelen - asnlen - 3 ;
assert (i > 1);
memset (frame+n, 0xff, i );
n += i;
frame[n++] = 0;
memcpy (frame+n, asn, asnlen);
n += asnlen;
memcpy (frame+n, value, valuelen );
n += valuelen;
assert (n == nframe);
/* convert it into an MPI, FIXME: error checking? */
gcry_mpi_scan (ret_mpi, GCRYMPI_FMT_USG, frame, n, &nframe);
}
gcry_free (frame);
}
}
else
rc = GPG_ERR_CONFLICT;
gcry_sexp_release (ldata);
gcry_sexp_release (lhash);
gcry_sexp_release (lvalue);
if (!rc)
*flags = parsed_flags;
return rc;
}
/*
Do a PK encrypt operation
Caller has to provide a public key as the SEXP pkey and data as a
SEXP with just one MPI in it. Alternativly S_DATA might be a
complex S-Expression, similar to the one used for signature
verification. This provides a flag which allows to handle PKCS#1
block type 2 padding. The function returns a a sexp which may be
passed to to pk_decrypt.
Returns: 0 or an errorcode.
s_data = See comment for sexp_data_to_mpi
s_pkey = <key-as-defined-in-sexp_to_key>
r_ciph = (enc-val
(<algo>
(<param_name1> <mpi>)
...
(<param_namen> <mpi>)
))
*/
gcry_error_t
gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
{
gcry_mpi_t *pkey = NULL, data = NULL, *ciph = NULL;
const char *algo_name, *algo_elems;
int flags;
gcry_err_code_t rc;
gcry_pk_spec_t *pubkey = NULL;
gcry_module_t module = NULL;
REGISTER_DEFAULT_PUBKEYS;
*r_ciph = NULL;
/* get the key */
rc = sexp_to_key (s_pkey, 0, &pkey, &module);
if (rc)
goto leave;
assert (module);
pubkey = (gcry_pk_spec_t *) module->spec;
/* If aliases for the algorithm name exists, take the first one
instead of the regular name to adhere to SPKI conventions. We
assume that the first alias name is the lowercase version of the
regular one. This change is required for compatibility with
1.1.12 generated S-expressions. */
algo_name = pubkey->aliases? *pubkey->aliases : NULL;
if (!algo_name || !*algo_name)
algo_name = pubkey->name;
algo_elems = pubkey->elements_enc;
/* Get the stuff we want to encrypt. */
rc = sexp_data_to_mpi (s_data, gcry_pk_get_nbits (s_pkey), &data, 1,
&flags);
if (rc)
goto leave;
/* Now we can encrypt DATA to CIPH. */
ciph = gcry_calloc (strlen (algo_elems) + 1, sizeof (*ciph));
if (!ciph)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
rc = pubkey_encrypt (module->mod_id, ciph, data, pkey, flags);
mpi_free (data);
data = NULL;
if (rc)
goto leave;
/* We did it. Now build the return list */
{
char *string, *p;
int i;
size_t nelem = strlen (algo_elems);
size_t needed = 19 + strlen (algo_name) + (nelem * 5);
void **arg_list;
/* Build the string. */
string = p = gcry_malloc (needed);
if (!string)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
p = stpcpy ( p, "(enc-val(" );
p = stpcpy ( p, algo_name );
for (i=0; algo_elems[i]; i++ )
{
*p++ = '(';
*p++ = algo_elems[i];
p = stpcpy ( p, "%m)" );
}
strcpy ( p, "))" );
/* And now the ugly part: We don't have a function to pass an
* array to a format string, so we have to do it this way :-(. */
/* FIXME: There is now such a format spefier, so we can could
change the code to be more clear. */
arg_list = malloc (nelem * sizeof *arg_list);
if (!arg_list)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
for (i = 0; i < nelem; i++)
arg_list[i] = ciph + i;
rc = gcry_sexp_build_array (r_ciph, NULL, string, arg_list);
free (arg_list);
if (rc)
BUG ();
gcry_free (string);
}
leave:
if (pkey)
{
release_mpi_array (pkey);
gcry_free (pkey);
}
if (ciph)
{
release_mpi_array (ciph);
gcry_free (ciph);
}
if (module)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
}
return gcry_error (rc);
}
/*
Do a PK decrypt operation
Caller has to provide a secret key as the SEXP skey and data in a
format as created by gcry_pk_encrypt. For historic reasons the
function returns simply an MPI as an S-expression part; this is
deprecated and the new method should be used which returns a real
S-expressionl this is selected by adding at least an empty flags
list to S_DATA.
Returns: 0 or an errorcode.
s_data = (enc-val
[(flags)]
(<algo>
(<param_name1> <mpi>)
...
(<param_namen> <mpi>)
))
s_skey = <key-as-defined-in-sexp_to_key>
r_plain= Either an incomplete S-expression without the parentheses
or if the flags list is used (even if empty) a real S-expression:
(value PLAIN).
*/
gcry_error_t
gcry_pk_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t s_skey)
{
gcry_mpi_t *skey = NULL, *data = NULL, plain = NULL;
int modern, want_pkcs1, flags;
gcry_err_code_t rc;
gcry_module_t module_enc = NULL, module_key = NULL;
gcry_pk_spec_t *pubkey = NULL;
REGISTER_DEFAULT_PUBKEYS;
*r_plain = NULL;
rc = sexp_to_key (s_skey, 1, &skey, &module_key);
if (rc)
goto leave;
rc = sexp_to_enc (s_data, &data, &module_enc, &modern, &want_pkcs1, &flags);
if (rc)
goto leave;
if (module_key->mod_id != module_enc->mod_id)
{
rc = GPG_ERR_CONFLICT; /* Key algo does not match data algo. */
goto leave;
}
pubkey = (gcry_pk_spec_t *) module_key->spec;
rc = pubkey_decrypt (module_key->mod_id, &plain, data, skey, flags);
if (rc)
goto leave;
if (gcry_sexp_build (r_plain, NULL, modern? "(value %m)" : "%m", plain))
BUG ();
leave:
if (skey)
{
release_mpi_array (skey);
gcry_free (skey);
}
if (plain)
mpi_free (plain);
if (data)
{
release_mpi_array (data);
gcry_free (data);
}
if (module_key || module_enc)
{
ath_mutex_lock (&pubkeys_registered_lock);
if (module_key)
_gcry_module_release (module_key);
if (module_enc)
_gcry_module_release (module_enc);
ath_mutex_unlock (&pubkeys_registered_lock);
}
return gcry_error (rc);
}
/*
Create a signature.
Caller has to provide a secret key as the SEXP skey and data
expressed as a SEXP list hash with only one element which should
instantly be available as a MPI. Alternatively the structure given
below may be used for S_HASH, it provides the abiliy to pass flags
to the operation; the only flag defined by now is "pkcs1" which
does PKCS#1 block type 1 style padding.
Returns: 0 or an errorcode.
In case of 0 the function returns a new SEXP with the
signature value; the structure of this signature depends on the
other arguments but is always suitable to be passed to
gcry_pk_verify
s_hash = See comment for sexp_data_to_mpi
s_skey = <key-as-defined-in-sexp_to_key>
r_sig = (sig-val
(<algo>
(<param_name1> <mpi>)
...
(<param_namen> <mpi>)))
*/
gcry_error_t
gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
{
gcry_mpi_t *skey = NULL, hash = NULL, *result = NULL;
gcry_pk_spec_t *pubkey = NULL;
gcry_module_t module = NULL;
const char *algo_name, *algo_elems;
int i;
gcry_err_code_t rc;
REGISTER_DEFAULT_PUBKEYS;
*r_sig = NULL;
rc = sexp_to_key (s_skey, 1, &skey, &module);
if (rc)
goto leave;
assert (module);
pubkey = (gcry_pk_spec_t *) module->spec;
algo_name = pubkey->aliases? *pubkey->aliases : NULL;
if (!algo_name || !*algo_name)
algo_name = pubkey->name;
algo_elems = pubkey->elements_sig;
/* Get the stuff we want to sign. Note that pk_get_nbits does also
work on a private key. */
rc = sexp_data_to_mpi (s_hash, gcry_pk_get_nbits (s_skey),
&hash, 0, NULL);
if (rc)
goto leave;
result = gcry_calloc (strlen (algo_elems) + 1, sizeof (*result));
if (!result)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
rc = pubkey_sign (module->mod_id, result, hash, skey);
if (rc)
goto leave;
{
char *string, *p;
size_t nelem, needed = strlen (algo_name) + 20;
void **arg_list;
nelem = strlen (algo_elems);
/* Count elements, so that we can allocate enough space. */
needed += 10 * nelem;
/* Build the string. */
string = p = gcry_malloc (needed);
if (!string)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
p = stpcpy (p, "(sig-val(");
p = stpcpy (p, algo_name);
for (i = 0; algo_elems[i]; i++)
{
*p++ = '(';
*p++ = algo_elems[i];
p = stpcpy (p, "%m)");
}
strcpy (p, "))");
arg_list = malloc (nelem * sizeof *arg_list);
if (!arg_list)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
for (i = 0; i < nelem; i++)
arg_list[i] = result + i;
rc = gcry_sexp_build_array (r_sig, NULL, string, arg_list);
free (arg_list);
if (rc)
BUG ();
gcry_free (string);
}
leave:
if (skey)
{
release_mpi_array (skey);
gcry_free (skey);
}
if (hash)
mpi_free (hash);
if (result)
{
release_mpi_array (result);
gcry_free (result);
}
return gcry_error (rc);
}
/*
Verify a signature.
Caller has to supply the public key pkey, the signature sig and his
hashvalue data. Public key has to be a standard public key given
as an S-Exp, sig is a S-Exp as returned from gcry_pk_sign and data
must be an S-Exp like the one in sign too. */
gcry_error_t
gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
{
gcry_module_t module_key = NULL, module_sig = NULL;
gcry_mpi_t *pkey = NULL, hash = NULL, *sig = NULL;
gcry_err_code_t rc;
REGISTER_DEFAULT_PUBKEYS;
rc = sexp_to_key (s_pkey, 0, &pkey, &module_key);
if (rc)
goto leave;
rc = sexp_to_sig (s_sig, &sig, &module_sig);
if (rc)
goto leave;
if (module_key->mod_id != module_sig->mod_id)
{
rc = GPG_ERR_CONFLICT;
goto leave;
}
rc = sexp_data_to_mpi (s_hash, gcry_pk_get_nbits (s_pkey), &hash, 0, 0);
if (rc)
goto leave;
rc = pubkey_verify (module_key->mod_id, hash, sig, pkey, NULL, NULL);
leave:
if (pkey)
{
release_mpi_array (pkey);
gcry_free (pkey);
}
if (sig)
{
release_mpi_array (sig);
gcry_free (sig);
}
if (hash)
mpi_free (hash);
if (module_key || module_sig)
{
ath_mutex_lock (&pubkeys_registered_lock);
if (module_key)
_gcry_module_release (module_key);
if (module_sig)
_gcry_module_release (module_sig);
ath_mutex_unlock (&pubkeys_registered_lock);
}
return gcry_error (rc);
}
/*
Test a key.
This may be used either for a public or a secret key to see whether
internal structre is valid.
Returns: 0 or an errorcode.
s_key = <key-as-defined-in-sexp_to_key> */
gcry_error_t
gcry_pk_testkey (gcry_sexp_t s_key)
{
gcry_module_t module = NULL;
gcry_mpi_t *key = NULL;
gcry_err_code_t rc;
REGISTER_DEFAULT_PUBKEYS;
/* Note we currently support only secret key checking. */
rc = sexp_to_key (s_key, 1, &key, &module);
if (! rc)
{
rc = pubkey_check_secret_key (module->mod_id, key);
release_mpi_array (key);
gcry_free (key);
}
return gcry_error (rc);
}
/*
Create a public key pair and return it in r_key.
How the key is created depends on s_parms:
(genkey
(algo
(parameter_name_1 ....)
....
(parameter_name_n ....)
))
The key is returned in a format depending on the
algorithm. Both, private and secret keys are returned
and optionally some additional informatin.
For elgamal we return this structure:
(key-data
(public-key
(elg
(p <mpi>)
(g <mpi>)
(y <mpi>)
)
)
(private-key
(elg
(p <mpi>)
(g <mpi>)
(y <mpi>)
(x <mpi>)
)
)
(misc-key-info
(pm1-factors n1 n2 ... nn)
))
*/
gcry_error_t
gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
{
gcry_pk_spec_t *pubkey = NULL;
gcry_module_t module = NULL;
gcry_sexp_t list = NULL, l2 = NULL;
const char *name;
size_t n;
gcry_err_code_t rc = GPG_ERR_NO_ERROR;
int i;
const char *algo_name = NULL;
int algo;
const char *sec_elems = NULL, *pub_elems = NULL;
gcry_mpi_t skey[10], *factors = NULL;
unsigned int nbits = 0;
unsigned long use_e = 0;
unsigned int qbits;
char *name_terminated;
REGISTER_DEFAULT_PUBKEYS;
skey[0] = NULL;
*r_key = NULL;
list = gcry_sexp_find_token (s_parms, "genkey", 0);
if (!list)
{
rc = GPG_ERR_INV_OBJ; /* Does not contain genkey data. */
goto leave;
}
l2 = gcry_sexp_cadr (list);
gcry_sexp_release (list);
list = l2;
l2 = NULL;
if (! list)
{
rc = GPG_ERR_NO_OBJ; /* No cdr for the genkey. */
goto leave;
}
name = gcry_sexp_nth_data (list, 0, &n);
if (! name)
{
rc = GPG_ERR_INV_OBJ; /* Algo string missing. */
goto leave;
}
name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
ath_mutex_lock (&pubkeys_registered_lock);
module = gcry_pk_lookup_name (name_terminated);
ath_mutex_unlock (&pubkeys_registered_lock);
gcry_free (name_terminated);
if (! module)
{
rc = GPG_ERR_PUBKEY_ALGO; /* Unknown algorithm. */
goto leave;
}
pubkey = (gcry_pk_spec_t *) module->spec;
algo = module->mod_id;
algo_name = pubkey->aliases? *pubkey->aliases : NULL;
if (!algo_name || !*algo_name)
algo_name = pubkey->name;
pub_elems = pubkey->elements_pkey;
sec_elems = pubkey->elements_skey;
/* Handle the optional rsa-use-e element. */
l2 = gcry_sexp_find_token (list, "rsa-use-e", 0);
if (l2)
{
char buf[50];
name = gcry_sexp_nth_data (l2, 1, &n);
if ((! name) || (n >= DIM (buf) - 1))
{
rc = GPG_ERR_INV_OBJ; /* No value or value too large. */
goto leave;
}
memcpy (buf, name, n);
buf[n] = 0;
use_e = strtoul (buf, NULL, 0);
gcry_sexp_release (l2);
l2 = NULL;
}
else
use_e = 65537; /* Not given, use the value generated by old versions. */
/* Handle the optional qbits element. */
l2 = gcry_sexp_find_token (list, "qbits", 0);
if (l2)
{
char buf[50];
name = gcry_sexp_nth_data (l2, 1, &n);
if ((! name) || (n >= DIM (buf) - 1))
{
rc = GPG_ERR_INV_OBJ; /* No value or value too large. */
goto leave;
}
memcpy (buf, name, n);
buf[n] = 0;
qbits = (unsigned int)strtoul (buf, NULL, 0);
gcry_sexp_release (l2);
l2 = NULL;
}
else
qbits = 0;
/* Now parse the required nbits element. */
l2 = gcry_sexp_find_token (list, "nbits", 0);
gcry_sexp_release (list);
list = l2;
l2 = NULL;
if (! list)
{
rc = GPG_ERR_NO_OBJ; /* No nbits parameter. */
goto leave;
}
name = gcry_sexp_nth_data (list, 1, &n);
if (! name)
{
rc = GPG_ERR_INV_OBJ; /* nbits without a cdr. */
goto leave;
}
name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
nbits = (unsigned int) strtoul (name_terminated, NULL, 0);
gcry_free (name_terminated);
rc = pubkey_generate (module->mod_id, nbits, qbits, use_e, skey, &factors);
if (rc)
goto leave;
{
char *string, *p;
size_t nelem=0, nelem_cp = 0, needed=0;
gcry_mpi_t mpis[30];
nelem = strlen (pub_elems) + strlen (sec_elems);
for (i = 0; factors[i]; i++)
nelem++;
nelem_cp = nelem;
needed += nelem * 10;
needed += 2 * strlen (algo_name) + 300;
if (nelem > DIM (mpis))
BUG ();
/* Build the string. */
nelem = 0;
string = p = gcry_malloc (needed);
if (!string)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
p = stpcpy (p, "(key-data");
p = stpcpy (p, "(public-key(");
p = stpcpy (p, algo_name);
for(i = 0; pub_elems[i]; i++)
{
*p++ = '(';
*p++ = pub_elems[i];
p = stpcpy (p, "%m)");
mpis[nelem++] = skey[i];
}
p = stpcpy (p, "))");
p = stpcpy (p, "(private-key(");
p = stpcpy (p, algo_name);
for (i = 0; sec_elems[i]; i++)
{
*p++ = '(';
*p++ = sec_elems[i];
p = stpcpy (p, "%m)");
mpis[nelem++] = skey[i];
}
p = stpcpy (p, "))");
/* Very ugly hack to make release_mpi_array() work FIXME */
skey[i] = NULL;
p = stpcpy (p, "(misc-key-info(pm1-factors");
for(i = 0; factors[i]; i++)
{
p = stpcpy (p, "%m");
mpis[nelem++] = factors[i];
}
strcpy (p, ")))");
while (nelem < DIM (mpis))
mpis[nelem++] = NULL;
{
int elem_n = strlen (pub_elems) + strlen (sec_elems);
void **arg_list;
arg_list = malloc (nelem_cp * sizeof *arg_list);
if (!arg_list)
{
rc = gpg_err_code_from_errno (errno);
goto leave;
}
for (i = 0; i < elem_n; i++)
arg_list[i] = mpis + i;
for (; i < nelem_cp; i++)
arg_list[i] = factors + i - elem_n;
rc = gcry_sexp_build_array (r_key, NULL, string, arg_list);
free (arg_list);
if (rc)
BUG ();
assert (DIM (mpis) == 30); /* Reminder to make sure that the
array gets increased if new
parameters are added. */
}
gcry_free (string);
}
leave:
release_mpi_array (skey);
/* Don't free SKEY itself, it is a static array. */
if (factors)
{
release_mpi_array ( factors );
gcry_free (factors);
}
if (l2)
gcry_sexp_release (l2);
if (list)
gcry_sexp_release (list);
if (module)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
}
return gcry_error (rc);
}
/*
Get the number of nbits from the public key.
Hmmm: Should we have really this function or is it better to have a
more general function to retrieve different propoerties of the key? */
unsigned int
gcry_pk_get_nbits (gcry_sexp_t key)
{
gcry_module_t module = NULL;
gcry_pk_spec_t *pubkey;
gcry_mpi_t *keyarr = NULL;
unsigned int nbits = 0;
gcry_err_code_t rc;
REGISTER_DEFAULT_PUBKEYS;
rc = sexp_to_key (key, 0, &keyarr, &module);
if (rc == GPG_ERR_INV_OBJ)
rc = sexp_to_key (key, 1, &keyarr, &module);
if (rc)
return 0; /* Error - 0 is a suitable indication for that. */
pubkey = (gcry_pk_spec_t *) module->spec;
nbits = (*pubkey->get_nbits) (module->mod_id, keyarr);
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
release_mpi_array (keyarr);
gcry_free (keyarr);
return nbits;
}
/* Return the so called KEYGRIP which is the SHA-1 hash of the public
key parameters expressed in a way depended on the algorithm.
ARRAY must either be 20 bytes long or NULL; in the latter case a
newly allocated array of that size is returned, otherwise ARRAY or
NULL is returned to indicate an error which is most likely an
unknown algorithm. The function accepts public or secret keys. */
unsigned char *
gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
{
gcry_sexp_t list = NULL, l2 = NULL;
gcry_pk_spec_t *pubkey = NULL;
gcry_module_t module = NULL;
const char *s, *name;
size_t n;
int idx;
int is_rsa;
const char *elems;
gcry_md_hd_t md = NULL;
REGISTER_DEFAULT_PUBKEYS;
/* Check that the first element is valid. */
list = gcry_sexp_find_token (key, "public-key", 0);
if (! list)
list = gcry_sexp_find_token (key, "private-key", 0);
if (! list)
list = gcry_sexp_find_token (key, "protected-private-key", 0);
if (! list)
list = gcry_sexp_find_token (key, "shadowed-private-key", 0);
if (! list)
return NULL; /* No public- or private-key object. */
l2 = gcry_sexp_cadr (list);
gcry_sexp_release (list);
list = l2;
l2 = NULL;
name = gcry_sexp_nth_data (list, 0, &n);
if (! name)
goto fail; /* Invalid structure of object. */
{
char *name_terminated = gcry_malloc (n + 1);
if (!name_terminated)
goto fail;
memcpy (name_terminated, name, n);
name_terminated[n] = 0;
ath_mutex_lock (&pubkeys_registered_lock);
module = gcry_pk_lookup_name (name_terminated);
ath_mutex_unlock (&pubkeys_registered_lock);
gcry_free (name_terminated);
}
if (! module)
goto fail; /* unknown algorithm */
pubkey = (gcry_pk_spec_t *) module->spec;
/* FIXME, special handling should be implemented by the algorithms,
not by the libgcrypt core. */
is_rsa = module->mod_id == GCRY_PK_RSA;
elems = pubkey->elements_grip;
if (! elems)
goto fail; /* no grip parameter */
if (gcry_md_open (&md, GCRY_MD_SHA1, 0))
goto fail;
for (idx = 0, s = elems; *s; s++, idx++)
{
const char *data;
size_t datalen;
l2 = gcry_sexp_find_token (list, s, 1);
if (! l2)
goto fail;
data = gcry_sexp_nth_data (l2, 1, &datalen);
if (! data)
goto fail;
if (!is_rsa)
{
char buf[30];
sprintf (buf, "(1:%c%u:", *s, (unsigned int)datalen);
gcry_md_write (md, buf, strlen (buf));
}
/* PKCS-15 says that for RSA only the modulus should be hashed -
however, it is not clear wether this is meant to has the raw
bytes assuming this is an unsigned integer or whether the DER
required 0 should be prefixed. We hash the raw bytes. For
non-RSA we hash S-expressions. */
gcry_md_write (md, data, datalen);
gcry_sexp_release (l2);
if (!is_rsa)
gcry_md_write (md, ")", 1);
}
if (!array)
{
array = gcry_malloc (20);
if (! array)
goto fail;
}
memcpy (array, gcry_md_read (md, GCRY_MD_SHA1), 20);
gcry_md_close (md);
gcry_sexp_release (list);
return array;
fail:
if (l2)
gcry_sexp_release (l2);
if (md)
gcry_md_close (md);
gcry_sexp_release (list);
return NULL;
}
gcry_error_t
gcry_pk_ctl (int cmd, void *buffer, size_t buflen)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
REGISTER_DEFAULT_PUBKEYS;
switch (cmd)
{
case GCRYCTL_DISABLE_ALGO:
/* This one expects a buffer pointing to an integer with the
algo number. */
if ((! buffer) || (buflen != sizeof (int)))
err = GPG_ERR_INV_ARG;
else
disable_pubkey_algo (*((int *) buffer));
break;
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
/*
Return information about the given algorithm
WHAT select the kind of information returned:
GCRYCTL_TEST_ALGO:
Returns 0 when the specified algorithm is available for use.
Buffer must be NULL, nbytes may have the address of a variable
with the required usage of the algorithm. It may be 0 for don't
care or a combination of the GCRY_PK_USAGE_xxx flags;
GCRYCTL_GET_ALGO_USAGE:
Return the usage glafs for the give algo. An invalid alog
does return 0. Disabled algos are ignored here becuase we
only want to know whether the algo is at all capable of
the usage.
Note: Because this function is in most cases used to return an
integer value, we can make it easier for the caller to just look at
the return value. The caller will in all cases consult the value
and thereby detecting whether a error occured or not (i.e. while
checking the block size) */
gcry_error_t
gcry_pk_algo_info (int algorithm, int what, void *buffer, size_t *nbytes)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
switch (what)
{
case GCRYCTL_TEST_ALGO:
{
int use = nbytes ? *nbytes : 0;
if (buffer)
err = GPG_ERR_INV_ARG;
else if (check_pubkey_algo (algorithm, use))
err = GPG_ERR_PUBKEY_ALGO;
break;
}
case GCRYCTL_GET_ALGO_USAGE:
{
gcry_module_t pubkey;
int use = 0;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
use = ((gcry_pk_spec_t *) pubkey->spec)->use;
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
/* FIXME? */
*nbytes = use;
break;
}
case GCRYCTL_GET_ALGO_NPKEY:
{
/* FIXME? */
int npkey = pubkey_get_npkey (algorithm);
*nbytes = npkey;
break;
}
case GCRYCTL_GET_ALGO_NSKEY:
{
/* FIXME? */
int nskey = pubkey_get_nskey (algorithm);
*nbytes = nskey;
break;
}
case GCRYCTL_GET_ALGO_NSIGN:
{
/* FIXME? */
int nsign = pubkey_get_nsig (algorithm);
*nbytes = nsign;
break;
}
case GCRYCTL_GET_ALGO_NENCR:
{
/* FIXME? */
int nencr = pubkey_get_nenc (algorithm);
*nbytes = nencr;
break;
}
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
gcry_err_code_t
_gcry_pk_init (void)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
REGISTER_DEFAULT_PUBKEYS;
return err;
}
gcry_err_code_t
_gcry_pk_module_lookup (int algorithm, gcry_module_t *module)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t pubkey;
REGISTER_DEFAULT_PUBKEYS;
ath_mutex_lock (&pubkeys_registered_lock);
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
*module = pubkey;
else
err = GPG_ERR_PUBKEY_ALGO;
ath_mutex_unlock (&pubkeys_registered_lock);
return err;
}
void
_gcry_pk_module_release (gcry_module_t module)
{
ath_mutex_lock (&pubkeys_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&pubkeys_registered_lock);
}
/* Get a list consisting of the IDs of the loaded pubkey modules. If
LIST is zero, write the number of loaded pubkey modules to
LIST_LENGTH and return. If LIST is non-zero, the first
*LIST_LENGTH algorithm IDs are stored in LIST, which must be of
according size. In case there are less pubkey modules than
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t
gcry_pk_list (int *list, int *list_length)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
ath_mutex_lock (&pubkeys_registered_lock);
err = _gcry_module_list (pubkeys_registered, list, list_length);
ath_mutex_unlock (&pubkeys_registered_lock);
return err;
}
gcry_err_code_t
_gcry_pk_get_elements (int algo, char **enc, char **sig)
{
gcry_module_t pubkey;
gcry_pk_spec_t *spec;
gcry_err_code_t err;
char *enc_cp;
char *sig_cp;
REGISTER_DEFAULT_PUBKEYS;
enc_cp = NULL;
sig_cp = NULL;
spec = NULL;
pubkey = _gcry_module_lookup_id (pubkeys_registered, algo);
if (! pubkey)
{
err = GPG_ERR_INTERNAL;
goto out;
}
spec = pubkey->spec;
if (enc)
{
enc_cp = strdup (spec->elements_enc);
if (! enc_cp)
{
err = gpg_err_code_from_errno (errno);
goto out;
}
}
if (sig)
{
sig_cp = strdup (spec->elements_sig);
if (! sig_cp)
{
err = gpg_err_code_from_errno (errno);
goto out;
}
}
if (enc)
*enc = enc_cp;
if (sig)
*sig = sig_cp;
err = 0;
out:
_gcry_module_release (pubkey);
if (err)
{
free (enc_cp);
free (sig_cp);
}
return err;
}
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 4dd2da24..07d5af04 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,437 +1,439 @@
2007-02-22 Werner Koch <wk@g10code.com>
+ * basic.c (check_pubkey_sign): Also try signing using an OID.
+
* Makefile.am (TESTS) [W32]: Removed pkbench for now.
* pkbench.c (benchmark): Fixed for W32.
2007-02-21 Werner Koch <wk@g10code.com>
* hmac.c (check_one_mac): Make pointer args const.
* basic.c (check_one_md): Ditto.
(check_one_hmac): Ditto.
* keygen.c (progress_cb): Filter out line feeds.
* basic.c (progress_handler): Ditto.
2006-12-18 Werner Koch <wk@g10code.com>
* Makefile.am (AM_CFLAGS, AM_CPPFLAGS): Splitted and merged with
Moritz' changes.
(INCLUDES): Removed.
* keygen.c (progress_handler): New.
(main): Use it in verbose mode.
2006-11-05 Moritz Schulte <moritz@g10code.com>
* Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the
new gcrypt.h is used, not the one installed in the system.
2006-10-17 Werner Koch <wk@g10code.com>
* keygen.c (check_rsa_keys): Also create an 1536 bit DSA key.
2006-08-03 Werner Koch <wk@g10code.com>
* t-mpi-bit.c: New.
2006-07-06 Werner Koch <wk@g10code.com>
* benchmark.c (main): New option --use-random-daemon. New command
strongrandom.
(random_bench): New arg VERY_STRONG.
2006-03-14 Werner Koch <wk@g10code.com>
* benchmark.c (main): Allow for seed file argument to random bench.
* basic.c (main): Use progress handler only in verbose mode.
(main): Speed up test key generation.
* ac-data.c (check_sexp_conversion, check_run): Take care of VERBOSE.
* ac.c (main): Ditto.
* pubkey.c (main): Ditto.
* pkbench.c (main): Ditto.
* keygen.c (main): Ditto.
(check_rsa_keys): Print key only in verbose mode.
2006-03-10 Brad Hards <bradh@frogmouth.net> (wk, patch 2006-02-18)
* basic.c (check_one_hmac, check_hmac): New.
2006-03-07 Werner Koch <wk@g10code.com>
* benchmark.c (cipher_bench): Add OFB mode.
2006-01-18 Brad Hards <bradh@frogmouth.net> (wk 2006-03-07)
* basic.c: Added test cases for OFB and CFB modes. Fixed some
compiler warnings for signedness.
2005-11-12 Moritz Schulte <moritz@g10code.com>
* ac-data.c: Added way more test cases.
2005-09-15 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added keygrip.
* keygrip.c: New.
2005-09-19 Werner Koch <wk@g10code.com>
* benchmark.c (dsa_bench): New.
2005-08-19 Werner Koch <wk@g10code.com>
* hmac.c (main): Added all FIPS tests.
2005-08-18 Werner Koch <wk@g10code.com>
* hmac.c: New.
2005-04-22 Moritz Schulte <moritz@g10code.com>
* tsexp.c: Include <config.h> in case HAVE_CONFIG_H is defined;
thanks to Albert Chin.
* testapi.c: Likewise.
* register.c: Likewise.
* pubkey.c: Likewise.
* prime.c: Likewise.
* pkbench.c: Likewise.
* keygen.c: Likewise.
* benchmark.c: Likewise.
* basic.c: Likewise.
* ac-schemes.c: Likewise.
* ac-data.c: Likewise.
* ac.c: Likewise.
2005-04-16 Moritz Schulte <moritz@g10code.com>
* ac-data.c (check_run): Include new test.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* basic.c (check_digests): Add tests for Whirlpool.
2005-03-30 Moritz Schulte <moritz@g10code.com>
* ac-schemes.c: New file.
* ac-data.c: New file.
* Makefile.am (TESTS): Added ac-schemes and ac-data.
2004-09-15 Moritz Schulte <moritz@g10code.com>
* pkbench.c: Include <time.h>.
2004-08-24 Moritz Schulte <moritz@g10code.com>
* pkbench.c (context_init): Improve generation of test data.
2004-08-23 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added: pkbench.
* pkbench.c: New file.
2004-02-25 Werner Koch <wk@gnupg.org>
* Makefile.am (TEST): Add benchmark.
* benchmark.c (md_bench, cipher_bench): Allow NULL arg to to run
tests for all algorithms.
(main): Run all tests by default.
2004-02-03 Werner Koch <wk@gnupg.org>
* tsexp.c (basic): New pass to check secure memory switching.
2004-01-12 Moritz Schulte <mo@g10code.com>
* ac.c (check_one): Adjust to new ac API.
2003-11-22 Werner Koch <wk@gnupg.org>
* pubkey.c (check_keys_crypt): Fixed my last patch.
2003-11-11 Werner Koch <wk@gnupg.org>
* tsexp.c (basic): Add pass structure and a test for the %b
format.
2003-11-04 Werner Koch <wk@gnupg.org>
* Makefile.am (noinst_PROGRAMS): Use this so that test programs
get always build.
* keygen.c (check_nonce): New.
(main): Add a basic check for the nocen function.
2003-10-31 Werner Koch <wk@gnupg.org>
* basic.c (check_aes128_cbc_cts_cipher): Make it a prototype
* ac.c (check_run): Comment unused variable.
2003-10-10 Werner Koch <wk@gnupg.org>
* prime.c (check_primes): Generate a generator and avoid printing
unless in verbose mode.
2003-10-07 Werner Koch <wk@gnupg.org>
* tsexp.c (check_sscan): New.
2003-09-04 Werner Koch <wk@gnupg.org>
* pubkey.c (check_keys_crypt): Fix for compatibility mode.
2003-09-02 Moritz Schulte <mo@g10code.com>
* Makefile.am (TESTS): Added: prime.
* prime.c: New file.
2003-08-27 Moritz Schulte <mo@g10code.com>
* basic.c (check_ciphers): Added: Serpent.
Write braces around flags.
2003-08-04 Moritz Schulte <moritz@g10code.com>
* benchmark.c (do_powm): Adjust for new gcry_mpi_scan interface.
2003-07-23 Moritz Schulte <moritz@g10code.com>
* ac.c (key_copy): New function...
(check_one): ... use it.
2003-07-22 Moritz Schulte <moritz@g10code.com>
* basic.c (check_ciphers): Use gcry_cipher_map_name.
2003-07-18 Moritz Schulte <moritz@g10code.com>
* ac.c (check_run): Renamed to ...
(check_one): ... this, changed calling interface.
(check_run): New function.
* register.c: Adjust gcry_cipher_spec_t structure.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* register.c: Adjust cipher specification structure.
* benchmark.c: New file.
* testapi.c: New file.
* Makefile.am (EXTRA_PROGRAMS): Set to: benchmark testapi.
(check_PROGRAMS): Set to: $(TESTS).
2003-07-12 Moritz Schulte <moritz@g10code.com>
* ac.c, basic.c, keygen.c, register.c, sexp.c, tsexp.c: Used
gcry_err* wrappers for libgpg symbols.
* basic.c (check_ciphers): Added: GCRY_CIPHER_TWOFISH128.
2003-07-08 Moritz Schulte <moritz@g10code.com>
* Makefile.am (LIBS): Remove: -lpthread.
* basic.c (check_one_cipher): Fix variable initialization. Thanks
to Simon Joseffson <jas@extundo.com>.
2003-07-07 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added: register.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* register.c (check_run): Adjusted for new gcry_cipher_register API.
2003-07-02 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added: ac.
* ac.c: New file.
2003-06-18 Werner Koch <wk@gnupg.org>
* basic.c (check_cbc_mac_cipher): Adjusted for new API of get_blklen
and get_keylen.
(check_ctr_cipher): Ditto.
(check_one_cipher): Ditto.
(check_one_md): Adjusted for new API of gcry_md_copy.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* register.c: Replace old type GcryModule with newer one:
gcry_module_t.
Adjusted for new API.
* Makefile.am (AM_CFLAGS): Added: @GPG_ERROR_CFLAGS@.
2003-06-15 Moritz Schulte <moritz@g10code.com>
* basic.c (get_keys_new): New function.
(do_check_one_pubkey): New function ...
(check_one_pubkey): ... use it.
(progress_handler): New function.
(main): Use gcry_set_progress_handler.
2003-06-14 Moritz Schulte <moritz@g10code.com>
* basic.c: Replaced calls to gcry_strerror with calls to
gpg_strerror.
(check_one_md): Adjust for new gcry_md_copy API.
* tsexp.c: Likewise.
* keygen.c: Likewise.
2003-06-12 Moritz Schulte <moritz@g10code.com>
* basic.c: Changed here and there, reorganized pubkey checks,
added DSA and ELG keys.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* basic.c, keygen.c, pubkey.c, register.c, tsexp.c: Changed to use
new API.
2003-06-01 Moritz Schulte <moritz@g10code.com>
* tsexp.c (canon_len): Adjust for new gcry_sexp_canon_len API.
2003-05-26 Moritz Schulte <moritz@g10code.com>
* basic.c (verify_one_signature): Adjust for libgpg-error.
(check_pubkey_sign): Likewise.
(check_pubkey): Likewise.
* basic.c (check_pubkey_sign): Likewise.
* tsexp.c (canon_len): Likewise.
(back_and_forth_one): Likewise.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* pubkey.c: Changed the sample private key to contain the
identifier `openpgp-rsa' instead of `rsa'.
* basic.c (check_digests): Enabled/fixed some tests for TIGER.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Removed `register' for now.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* basic.c (check_digests): Include checks for SHA512 and SHA384.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* basic.c (check_one_md): Also test md_copy.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added register.
* register.c: New file.
2003-03-30 Simon Josefsson <jas@extundo.com>
* basic.c (check_one_cipher): New. Test CTR.
(main): Call it.
(check_ciphers): Check CTR mode.
2003-03-26 Moritz Schulte <moritz@g10code.com>
* Makefile.am (TESTS): Added pubkey.
* pubkey.c: New file.
2003-03-22 Simon Josefsson <jas@extundo.com>
* basic.c (check_cbc_mac_cipher): New.
(main): Use it.
2003-03-19 Werner Koch <wk@gnupg.org>
* keygen.c (check_rsa_keys): Don't expect an exponent when asking
for e=0.
(check_generated_rsa_key): Just print exponent if EXPECTED_E is 0.
2003-03-02 Moritz Schulte <moritz@g10code.com>
* basic.c (check_one_cipher): Use gcry_cipher_reset() instead of
gcry_cipher_close(), gcry_cipher_open and gcry_cipher_setkey().
2003-01-23 Werner Koch <wk@gnupg.org>
* keygen.c: New.
2003-01-20 Simon Josefsson <jas@extundo.com>
* basic.c (check_digests): Add CRC.
(check_one_md): Print computed and expected values on error.
2003-01-20 Werner Koch <wk@gnupg.org>
* basic.c (check_one_md): Kludge to check a one million "a".
(check_digests): Add checks for SHA-256.
2003-01-20 Werner Koch <wk@gnupg.org>
* basic.c (check_pubkey): Check the keygrip for the sample key.
2003-01-15 Werner Koch <wk@gnupg.org>
* basic.c (verify_one_signature,check_pubkey_sign)
(check_pubkey): New.
(main): Check public key functions. Add a --debug option.
2002-11-23 Werner Koch <wk@gnupg.org>
* basic.c (check_digests): Add another test for MD4. By Simon
Josefsson.
2002-11-10 Simon Josefsson <jas@extundo.com>
* basic.c (check_aes128_cbc_cts_cipher): New function.
(check_one_cipher): Add flags parameter.
(check_ciphers): Support flags parameter.
(main): Check CTS.
2002-11-10 Werner Koch <wk@gnupg.org>
* basic.c (check_one_md): New. By Simon Josefsson.
(check_digests): New tests for MD4. By Simon.
2002-08-26 Werner Koch <wk@gnupg.org>
* basic.c (check_ciphers): Check simple DES.
2002-05-16 Werner Koch <wk@gnupg.org>
* tsexp.c (back_and_forth): Very minimal test of the new functions.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license of all files to the LGPL.
2002-05-02 Werner Koch <wk@gnupg.org>
* basic.c: Add option --verbose.
2002-01-11 Werner Koch <wk@gnupg.org>
* tsexp.c (canon_len): Fixed tests.
2001-12-18 Werner Koch <wk@gnupg.org>
* tsexp.c: New.
Copyright 2001, 2002, 2003 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/tests/basic.c b/tests/basic.c
index f20f7b59..de4adeae 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -1,1959 +1,1965 @@
/* basic.c - basic regression tests
* Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include "../src/gcrypt.h"
typedef struct test_spec_pubkey_key
{
const char *secret;
const char *public;
const char *grip;
}
test_spec_pubkey_key_t;
typedef struct test_spec_pubkey
{
int id;
int flags;
test_spec_pubkey_key_t key;
}
test_spec_pubkey_t;
#define FLAG_CRYPT (1 << 0)
#define FLAG_SIGN (1 << 1)
#define FLAG_GRIP (1 << 2)
static int verbose;
static int error_count;
static void
fail (const char *format, ...)
{
va_list arg_ptr;
va_start (arg_ptr, format);
vfprintf (stderr, format, arg_ptr);
va_end (arg_ptr);
error_count++;
}
static void
die (const char *format, ...)
{
va_list arg_ptr;
va_start (arg_ptr, format);
vfprintf (stderr, format, arg_ptr);
va_end (arg_ptr);
exit (1);
}
#define MAX_DATA_LEN 100
void
progress_handler (void *cb_data, const char *what, int printchar,
int current, int total)
{
(void)cb_data;
(void)what;
(void)current;
(void)total;
if (printchar == '\n')
fputs ( "<LF>", stdout);
else
putchar (printchar);
fflush (stdout);
}
static void
check_cbc_mac_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
unsigned char plaintext[MAX_DATA_LEN];
size_t plaintextlen;
char mac[MAX_DATA_LEN];
}
tv[] =
{
{ GCRY_CIPHER_AES,
"chicken teriyaki",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\x23\x8f\x6d\xc7\x53\x6a\x62\x97\x11\xc4\xa5\x16\x43\xea\xb0\xb6" },
{ GCRY_CIPHER_3DES,
"abcdefghABCDEFGH01234567",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\x5c\x11\xf0\x01\x47\xbd\x3d\x3a" },
{ GCRY_CIPHER_DES,
"abcdefgh",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\xfa\x4b\xdf\x9d\xfa\xab\x01\x70" }
};
gcry_cipher_hd_t hd;
unsigned char out[MAX_DATA_LEN];
int i, blklen, keylen;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting CBC MAC checks.\n");
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hd,
tv[i].algo,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_MAC);
if (!hd)
{
fail ("cbc-mac algo %d, grcy_open_cipher failed: %s\n",
tv[i].algo, gpg_strerror (err));
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("cbc-mac algo %d, gcry_cipher_get_algo_blklen failed\n",
tv[i].algo);
gcry_cipher_close (hd);
return;
}
keylen = gcry_cipher_get_algo_keylen (tv[i].algo);
if (!keylen)
{
fail ("cbc-mac algo %d, gcry_cipher_get_algo_keylen failed\n",
tv[i].algo);
return;
}
err = gcry_cipher_setkey (hd, tv[i].key, keylen);
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_setkey failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_setiv failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking CBC MAC for %s [%i]\n",
gcry_cipher_algo_name (tv[i].algo),
tv[i].algo);
err = gcry_cipher_encrypt (hd,
out, blklen,
tv[i].plaintext,
tv[i].plaintextlen ?
tv[i].plaintextlen :
strlen ((char*)tv[i].plaintext));
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_encrypt failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
#if 0
{
int j;
for (j = 0; j < gcry_cipher_get_algo_blklen (tv[i].algo); j++)
printf ("\\x%02x", out[j] & 0xFF);
printf ("\n");
}
#endif
if (memcmp (tv[i].mac, out, blklen))
fail ("cbc-mac algo %d, encrypt mismatch entry %d\n", tv[i].algo, i);
gcry_cipher_close (hd);
}
if (verbose)
fprintf (stderr, "Completed CBC MAC checks.\n");
}
static void
check_aes128_cbc_cts_cipher (void)
{
char key[128 / 8] = "chicken teriyaki";
unsigned char plaintext[] =
"I would like the General Gau's Chicken, please, and wonton soup.";
struct tv
{
unsigned char out[MAX_DATA_LEN];
int inlen;
} tv[] =
{
{ "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
"\x97",
17 },
{ "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
31 },
{ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
32 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
47 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
48 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
64 },
};
gcry_cipher_hd_t hd;
unsigned char out[MAX_DATA_LEN];
int i;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting AES128 CBC CTS checks.\n");
err = gcry_cipher_open (&hd,
GCRY_CIPHER_AES,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
if (err)
{
fail ("aes-cbc-cts, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
err = gcry_cipher_setkey (hd, key, 128 / 8);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking encryption for length %i\n", tv[i].inlen);
err = gcry_cipher_encrypt (hd, out, MAX_DATA_LEN,
plaintext, tv[i].inlen);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_encrypt failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (memcmp (tv[i].out, out, tv[i].inlen))
fail ("aes-cbc-cts, encrypt mismatch entry %d\n", i);
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking decryption for length %i\n", tv[i].inlen);
err = gcry_cipher_decrypt (hd, out, tv[i].inlen, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_decrypt failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (memcmp (plaintext, out, tv[i].inlen))
fail ("aes-cbc-cts, decrypt mismatch entry %d\n", i);
}
gcry_cipher_close (hd);
if (verbose)
fprintf (stderr, "Completed AES128 CBC CTS checks.\n");
}
static void
check_ctr_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char ctr[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd\xff" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e\x5b\x4f\x09\x02\x0d\xb0\x3e\xab" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x1e\x03\x1d\xda\x2f\xbe\x03\xd1\x79\x21\x70\xa0\xf3\x00\x9c\xee" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x1a\xbc\x93\x24\x17\x52\x1c\xa2\x4f\x2b\x04\x59\xfe\x7e\x6e\x0b" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x09\x03\x39\xec\x0a\xa6\xfa\xef\xd5\xcc\xc2\xc6\xf4\xce\x8e\x94" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x1e\x36\xb2\x6b\xd1\xeb\xc6\x70\xd1\xbd\x1d\x66\x56\x20\xab\xf7" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x4f\x78\xa7\xf6\xd2\x98\x09\x58\x5a\x97\xda\xec\x58\xc6\xb0\x50" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xf4\x43\xe3\xca\x4d\x62\xb5\x9a\xca\x84\xe9\x90\xca\xca\xf5\xc5" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x2b\x09\x30\xda\xa2\x3d\xe9\x4c\xe8\x70\x17\xba\x2d\x84\x98\x8d" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6\x13\xc2\xdd\x08\x45\x79\x41\xa6" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting CTR cipher checks.\n");
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
if (err)
{
fail ("aes-ctr, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-ctr, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-ctr, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-ctr, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setctr (hde, tv[i].ctr, blklen);
if (!err)
err = gcry_cipher_setctr (hdd, tv[i].ctr, blklen);
if (err)
{
fail ("aes-ctr, gcry_cipher_setctr failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (verbose)
fprintf (stderr, " checking CTR mode for for %s [%i]\n",
gcry_cipher_algo_name (tv[i].algo),
tv[i].algo);
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen == -1 ?
strlen ((char*)tv[i].data[j].plaintext) :
tv[i].data[j].inlen);
if (err)
{
fail ("aes-ctr, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ctr, encrypt mismatch entry %d:%d\n", i, j);
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-ctr, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ctr, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
if (verbose)
fprintf (stderr, "Completed CTR cipher checks.\n");
}
static void
check_cfb_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xc8\xa6\x45\x37\xa0\xb3\xa9\x3f\xcd\xe3\xcd\xad\x9f\x1c\xe5\x8b"},
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x26\x75\x1f\x67\xa3\xcb\xb1\x40\xb1\x80\x8c\xf1\x87\xa4\xf4\xdf" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xc0\x4b\x05\x35\x7c\x5d\x1c\x0e\xea\xc4\xc6\x6f\x9f\xf7\xf2\xe6" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x67\xce\x7f\x7f\x81\x17\x36\x21\x96\x1a\x2b\x70\x17\x1d\x3d\x7a" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x2e\x1e\x8a\x1d\xd5\x9b\x88\xb1\xc8\xe6\x0f\xed\x1e\xfa\xc4\xc9" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xc0\x5f\x9f\x9c\xa9\x83\x4f\xa0\x42\xae\x8f\xba\x58\x4b\x09\xff" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x39\xff\xed\x14\x3b\x28\xb1\xc8\x32\x11\x3c\x63\x31\xe5\x40\x7b" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\xdf\x10\x13\x24\x15\xe5\x4b\x92\xa1\x3e\xd0\xa8\x26\x7a\xe2\xf9" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x75\xa3\x85\x74\x1a\xb9\xce\xf8\x20\x31\x62\x3d\x55\xb1\xe4\x71" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
if (err)
{
fail ("aes-cfb, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-cfb, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-cfb, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-cfb, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-cfb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen);
if (err)
{
fail ("aes-cfb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen)) {
fail ("aes-cfb, encrypt mismatch entry %d:%d\n", i, j);
}
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-cfb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-cfb, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
}
static void
check_ofb_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5\x3c\x52\xda\xc5\x4e\xd8\x25"},
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x97\x40\x05\x1e\x9c\x5f\xec\xf6\x43\x44\xf7\xa8\x22\x60\xed\xcc" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x30\x4c\x65\x28\xf6\x59\xc7\x78\x66\xa5\x10\xd9\xc1\xd6\xae\x5e" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xfc\xc2\x8b\x8d\x4c\x63\x83\x7c\x09\xe8\x17\x00\xc1\x10\x04\x01" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x8d\x9a\x9a\xea\xc0\xf6\x59\x6f\x55\x9c\x6d\x4d\xaf\x59\xa5\xf2" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x6d\x9f\x20\x08\x57\xca\x6c\x3e\x9c\xac\x52\x4b\xd9\xac\xc9\x2a" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x4f\xeb\xdc\x67\x40\xd2\x0b\x3a\xc8\x8f\x6a\xd8\x2a\x4f\xb0\x8d" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x71\xab\x47\xa0\x86\xe8\x6e\xed\xf3\x9d\x1c\x5b\xba\x97\xc4\x08" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x01\x26\x14\x1d\x67\xf3\x7b\xe8\x53\x8f\x5a\x8b\xe7\x40\xe4\x84" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
if (err)
{
fail ("aes-ofb, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-ofb, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-ofb, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen);
if (err)
{
fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
}
err = gcry_cipher_reset(hde);
if (!err)
err = gcry_cipher_reset(hdd);
if (err)
{
fail ("aes-ofb, gcry_cipher_reset (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
/* gcry_cipher_reset clears the IV */
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
/* this time we encrypt and decrypt one byte at a time */
for (j = 0; tv[i].data[j].inlen; j++)
{
int byteNum;
for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
{
err = gcry_cipher_encrypt (hde, out+byteNum, 1,
(tv[i].data[j].plaintext) + byteNum,
1);
if (err)
{
fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
{
err = gcry_cipher_decrypt (hdd, out+byteNum, 1, NULL, 0);
if (err)
{
fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
}
static void
check_one_cipher (int algo, int mode, int flags)
{
gcry_cipher_hd_t hd;
char key[32];
unsigned char plain[16], in[16], out[16];
int keylen;
gcry_error_t err = 0;
memcpy (key, "0123456789abcdef.,;/[]{}-=ABCDEF", 32);
memcpy (plain, "foobar42FOOBAR17", 16);
keylen = gcry_cipher_get_algo_keylen (algo);
if (!keylen)
{
fail ("algo %d, mode %d, gcry_cipher_get_algo_keylen failed\n",
algo, mode);
return;
}
if (keylen < 40 / 8 || keylen > 32)
{
fail ("algo %d, mode %d, keylength problem (%d)\n", algo, mode, keylen);
return;
}
err = gcry_cipher_open (&hd, algo, mode, flags);
if (err)
{
fail ("algo %d, mode %d, grcy_open_cipher failed: %s\n",
algo, mode, gpg_strerror (err));
return;
}
err = gcry_cipher_setkey (hd, key, keylen);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_setkey failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
err = gcry_cipher_encrypt (hd, out, 16, plain, 16);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_encrypt failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
gcry_cipher_reset (hd);
err = gcry_cipher_decrypt (hd, in, 16, out, 16);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_decrypt failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
gcry_cipher_close (hd);
if (memcmp (plain, in, 16))
fail ("algo %d, mode %d, encrypt-decrypt mismatch\n", algo, mode);
}
static void
check_ciphers (void)
{
static int algos[] = {
GCRY_CIPHER_3DES,
GCRY_CIPHER_CAST5,
GCRY_CIPHER_BLOWFISH,
GCRY_CIPHER_AES,
GCRY_CIPHER_AES192,
GCRY_CIPHER_AES256,
GCRY_CIPHER_TWOFISH,
GCRY_CIPHER_TWOFISH128,
GCRY_CIPHER_DES,
GCRY_CIPHER_SERPENT128,
GCRY_CIPHER_SERPENT192,
GCRY_CIPHER_SERPENT256,
GCRY_CIPHER_SEED,
0
};
static int algos2[] = {
GCRY_CIPHER_ARCFOUR,
0
};
int i;
if (verbose)
fprintf (stderr, "Starting Cipher checks.\n");
for (i = 0; algos[i]; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i]\n",
gcry_cipher_algo_name (algos[i]),
gcry_cipher_map_name (gcry_cipher_algo_name (algos[i])));
check_one_cipher (algos[i], GCRY_CIPHER_MODE_ECB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CFB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_OFB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CTR, 0);
}
for (i = 0; algos2[i]; i++)
{
if (verbose)
fprintf (stderr, " checking `%s'\n",
gcry_cipher_algo_name (algos2[i]));
check_one_cipher (algos2[i], GCRY_CIPHER_MODE_STREAM, 0);
}
/* we have now run all cipher's selftests */
if (verbose)
fprintf (stderr, "Completed Cipher checks.\n");
/* TODO: add some extra encryption to test the higher level functions */
}
static void
check_one_md (int algo, const char *data, int len, const char *expect)
{
gcry_md_hd_t hd, hd2;
unsigned char *p;
int mdlen;
int i;
gcry_error_t err = 0;
err = gcry_md_open (&hd, algo, 0);
if (err)
{
fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err));
return;
}
mdlen = gcry_md_get_algo_dlen (algo);
if (mdlen < 1 || mdlen > 500)
{
fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen);
return;
}
if (*data == '!' && !data[1])
{ /* hash one million times a "a" */
char aaa[1000];
memset (aaa, 'a', 1000);
for (i = 0; i < 1000; i++)
gcry_md_write (hd, aaa, 1000);
}
else
gcry_md_write (hd, data, len);
err = gcry_md_copy (&hd2, hd);
if (err)
{
fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
}
gcry_md_close (hd);
p = gcry_md_read (hd2, algo);
if (memcmp (p, expect, mdlen))
{
printf ("computed: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", p[i] & 0xFF);
printf ("\nexpected: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", expect[i] & 0xFF);
printf ("\n");
fail ("algo %d, digest mismatch\n", algo);
}
gcry_md_close (hd2);
}
static void
check_digests (void)
{
static struct algos
{
int md;
const char *data;
const char *expect;
} algos[] =
{
{ GCRY_MD_MD4, "",
"\x31\xD6\xCF\xE0\xD1\x6A\xE9\x31\xB7\x3C\x59\xD7\xE0\xC0\x89\xC0" },
{ GCRY_MD_MD4, "a",
"\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb\x24" },
{ GCRY_MD_MD4, "message digest",
"\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01\x4b" },
{ GCRY_MD_MD5, "",
"\xD4\x1D\x8C\xD9\x8F\x00\xB2\x04\xE9\x80\x09\x98\xEC\xF8\x42\x7E" },
{ GCRY_MD_MD5, "a",
"\x0C\xC1\x75\xB9\xC0\xF1\xB6\xA8\x31\xC3\x99\xE2\x69\x77\x26\x61" },
{ GCRY_MD_MD5, "abc",
"\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72" },
{ GCRY_MD_MD5, "message digest",
"\xF9\x6B\x69\x7D\x7C\xB7\x93\x8D\x52\x5A\x2F\x31\xAA\xF1\x61\xD0" },
{ GCRY_MD_SHA1, "abc",
"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
"\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
{ GCRY_MD_SHA1,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE"
"\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" },
{ GCRY_MD_SHA1, "!" /* kludge for "a"*1000000 */ ,
"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E"
"\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" },
/* From RFC3874 */
{ GCRY_MD_SHA224, "abc",
"\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55\xb3"
"\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7" },
{ GCRY_MD_SHA224,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01\x50"
"\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25" },
{ GCRY_MD_SHA224, "!",
"\x20\x79\x46\x55\x98\x0c\x91\xd8\xbb\xb4\xc1\xea\x97\x61\x8a\x4b"
"\xf0\x3f\x42\x58\x19\x48\xb2\xee\x4e\xe7\xad\x67" },
{ GCRY_MD_SHA256, "abc",
"\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
"\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
{ GCRY_MD_SHA256,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39"
"\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1" },
{ GCRY_MD_SHA256, "!",
"\xcd\xc7\x6e\x5c\x99\x14\xfb\x92\x81\xa1\xc7\xe2\x84\xd7\x3e\x67"
"\xf1\x80\x9a\x48\xa4\x97\x20\x0e\x04\x6d\x39\xcc\xc7\x11\x2c\xd0" },
{ GCRY_MD_SHA384, "abc",
"\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
"\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
"\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34\xc8\x25\xa7" },
{ GCRY_MD_SHA512, "abc",
"\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
"\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
"\x21\x92\x99\x2A\x27\x4F\xC1\xA8\x36\xBA\x3C\x23\xA3\xFE\xEB\xBD"
"\x45\x4D\x44\x23\x64\x3C\xE8\x0E\x2A\x9A\xC9\x4F\xA5\x4C\xA4\x9F" },
{ GCRY_MD_RMD160, "",
"\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28"
"\x08\x97\x7e\xe8\xf5\x48\xb2\x25\x8d\x31" },
{ GCRY_MD_RMD160, "a",
"\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae"
"\x34\x7b\xe6\xf4\xdc\x83\x5a\x46\x7f\xfe" },
{ GCRY_MD_RMD160, "abc",
"\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
"\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc" },
{ GCRY_MD_RMD160, "message digest",
"\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8"
"\x81\xb1\x23\xa8\x5f\xfa\x21\x59\x5f\x36" },
{ GCRY_MD_CRC32, "", "\x00\x00\x00\x00" },
{ GCRY_MD_CRC32, "foo", "\x8c\x73\x65\x21" },
{ GCRY_MD_CRC32_RFC1510, "", "\x00\x00\x00\x00" },
{ GCRY_MD_CRC32_RFC1510, "foo", "\x73\x32\xbc\x33" },
{ GCRY_MD_CRC32_RFC1510, "test0123456789", "\xb8\x3e\x88\xd6" },
{ GCRY_MD_CRC32_RFC1510, "MASSACHVSETTS INSTITVTE OF TECHNOLOGY",
"\xe3\x41\x80\xf7" },
#if 0
{ GCRY_MD_CRC32_RFC1510, "\x80\x00", "\x3b\x83\x98\x4b" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x08", "\x0e\xdb\x88\x32" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x80", "\xed\xb8\x83\x20" },
#endif
{ GCRY_MD_CRC32_RFC1510, "\x80", "\xed\xb8\x83\x20" },
#if 0
{ GCRY_MD_CRC32_RFC1510, "\x80\x00\x00\x00", "\xed\x59\xb6\x3b" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x00\x00\x01", "\x77\x07\x30\x96" },
#endif
{ GCRY_MD_CRC24_RFC2440, "", "\xb7\x04\xce" },
{ GCRY_MD_CRC24_RFC2440, "foo", "\x4f\xc2\x55" },
{ GCRY_MD_TIGER, "",
"\x24\xF0\x13\x0C\x63\xAC\x93\x32\x16\x16\x6E\x76"
"\xB1\xBB\x92\x5F\xF3\x73\xDE\x2D\x49\x58\x4E\x7A" },
{ GCRY_MD_TIGER, "abc",
"\xF2\x58\xC1\xE8\x84\x14\xAB\x2A\x52\x7A\xB5\x41"
"\xFF\xC5\xB8\xBF\x93\x5F\x7B\x95\x1C\x13\x29\x51" },
{ GCRY_MD_TIGER, "Tiger",
"\x9F\x00\xF5\x99\x07\x23\x00\xDD\x27\x6A\xBB\x38"
"\xC8\xEB\x6D\xEC\x37\x79\x0C\x11\x6F\x9D\x2B\xDF" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefg"
"hijklmnopqrstuvwxyz0123456789+-",
"\x87\xFB\x2A\x90\x83\x85\x1C\xF7\x47\x0D\x2C\xF8"
"\x10\xE6\xDF\x9E\xB5\x86\x44\x50\x34\xA5\xA3\x86" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdef"
"ghijklmnopqrstuvwxyz+0123456789",
"\x46\x7D\xB8\x08\x63\xEB\xCE\x48\x8D\xF1\xCD\x12"
"\x61\x65\x5D\xE9\x57\x89\x65\x65\x97\x5F\x91\x97" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham",
"\x0C\x41\x0A\x04\x29\x68\x86\x8A\x16\x71\xDA\x5A"
"\x3F\xD2\x9A\x72\x5E\xC1\xE4\x57\xD3\xCD\xB3\x03" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham, proceedings of Fa"
"st Software Encryption 3, Cambridge.",
"\xEB\xF5\x91\xD5\xAF\xA6\x55\xCE\x7F\x22\x89\x4F"
"\xF8\x7F\x54\xAC\x89\xC8\x11\xB6\xB0\xDA\x31\x93" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham, proceedings of Fa"
"st Software Encryption 3, Cambridge, 1996.",
"\x3D\x9A\xEB\x03\xD1\xBD\x1A\x63\x57\xB2\x77\x4D"
"\xFD\x6D\x5B\x24\xDD\x68\x15\x1D\x50\x39\x74\xFC" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefgh"
"ijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRS"
"TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
"\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE"
"\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" },
{ GCRY_MD_WHIRLPOOL, "",
"\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26"
"\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7"
"\x3E\x83\xBE\x69\x8B\x28\x8F\xEB\xCF\x88\xE3\xE0\x3C\x4F\x07\x57"
"\xEA\x89\x64\xE5\x9B\x63\xD9\x37\x08\xB1\x38\xCC\x42\xA6\x6E\xB3" },
{ GCRY_MD_WHIRLPOOL, "a",
"\x8A\xCA\x26\x02\x79\x2A\xEC\x6F\x11\xA6\x72\x06\x53\x1F\xB7\xD7"
"\xF0\xDF\xF5\x94\x13\x14\x5E\x69\x73\xC4\x50\x01\xD0\x08\x7B\x42"
"\xD1\x1B\xC6\x45\x41\x3A\xEF\xF6\x3A\x42\x39\x1A\x39\x14\x5A\x59"
"\x1A\x92\x20\x0D\x56\x01\x95\xE5\x3B\x47\x85\x84\xFD\xAE\x23\x1A" },
{ GCRY_MD_WHIRLPOOL, "a",
"\x8A\xCA\x26\x02\x79\x2A\xEC\x6F\x11\xA6\x72\x06\x53\x1F\xB7\xD7"
"\xF0\xDF\xF5\x94\x13\x14\x5E\x69\x73\xC4\x50\x01\xD0\x08\x7B\x42"
"\xD1\x1B\xC6\x45\x41\x3A\xEF\xF6\x3A\x42\x39\x1A\x39\x14\x5A\x59"
"\x1A\x92\x20\x0D\x56\x01\x95\xE5\x3B\x47\x85\x84\xFD\xAE\x23\x1A" },
{ GCRY_MD_WHIRLPOOL,
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"\xDC\x37\xE0\x08\xCF\x9E\xE6\x9B\xF1\x1F\x00\xED\x9A\xBA\x26\x90"
"\x1D\xD7\xC2\x8C\xDE\xC0\x66\xCC\x6A\xF4\x2E\x40\xF8\x2F\x3A\x1E"
"\x08\xEB\xA2\x66\x29\x12\x9D\x8F\xB7\xCB\x57\x21\x1B\x92\x81\xA6"
"\x55\x17\xCC\x87\x9D\x7B\x96\x21\x42\xC6\x5F\x5A\x7A\xF0\x14\x67" },
{ GCRY_MD_WHIRLPOOL,
"!",
"\x0C\x99\x00\x5B\xEB\x57\xEF\xF5\x0A\x7C\xF0\x05\x56\x0D\xDF\x5D"
"\x29\x05\x7F\xD8\x6B\x20\xBF\xD6\x2D\xEC\xA0\xF1\xCC\xEA\x4A\xF5"
"\x1F\xC1\x54\x90\xED\xDC\x47\xAF\x32\xBB\x2B\x66\xC3\x4F\xF9\xAD"
"\x8C\x60\x08\xAD\x67\x7F\x77\x12\x69\x53\xB2\x26\xE4\xED\x8B\x01" },
{ 0 },
};
int i;
if (verbose)
fprintf (stderr, "Starting hash checks.\n");
for (i = 0; algos[i].md; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i] for length %zi\n",
gcry_md_algo_name (algos[i].md),
algos[i].md,
strlen(algos[i].data));
check_one_md (algos[i].md, algos[i].data, strlen (algos[i].data),
algos[i].expect);
}
if (verbose)
fprintf (stderr, "Completed hash checks.\n");
}
static void
check_one_hmac (int algo, const char *data, int datalen,
const char *key, int keylen, const char *expect)
{
gcry_md_hd_t hd, hd2;
unsigned char *p;
int mdlen;
int i;
gcry_error_t err = 0;
err = gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC);
if (err)
{
fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err));
return;
}
mdlen = gcry_md_get_algo_dlen (algo);
if (mdlen < 1 || mdlen > 500)
{
fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen);
return;
}
gcry_md_setkey( hd, key, keylen );
gcry_md_write (hd, data, datalen);
err = gcry_md_copy (&hd2, hd);
if (err)
{
fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
}
gcry_md_close (hd);
p = gcry_md_read (hd2, algo);
if (0 == p)
fail("algo %d, hmac gcry_md_read failed\n", algo);
if (memcmp (p, expect, mdlen))
{
printf ("computed: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", p[i] & 0xFF);
printf ("\nexpected: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", expect[i] & 0xFF);
printf ("\n");
fail ("algo %d, digest mismatch\n", algo);
}
gcry_md_close (hd2);
}
static void
check_hmac (void)
{
static struct algos
{
int md;
const char *data;
const char *key;
const char *expect;
} algos[] =
{
{ GCRY_MD_MD5, "what do ya want for nothing?", "Jefe",
"\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38" },
{ GCRY_MD_MD5,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
"\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d" },
{ GCRY_MD_MD5,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA",
"\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6" },
{ GCRY_MD_MD5,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x69\x7e\xaf\x0a\xca\x3a\x3a\xea\x3a\x75\x16\x47\x46\xff\xaa\x79" },
{ GCRY_MD_MD5, "Test With Truncation",
"\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c",
"\x56\x46\x1e\xf2\x34\x2e\xdc\x00\xf9\xba\xb9\x95\x69\x0e\xfd\x4c" },
{ GCRY_MD_MD5, "Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa",
"\x6b\x1a\xb7\xfe\x4b\xd7\xbf\x8f\x0b\x62\xe6\xce\x61\xb9\xd0\xcd" },
{ GCRY_MD_MD5,
"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa",
"\x6f\x63\x0f\xad\x67\xcd\xa0\xee\x1f\xb1\xf5\x62\xdb\x3a\xa5\x3e", },
{ GCRY_MD_SHA256, "what do ya want for nothing?", "Jefe",
"\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a"
"\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43" },
{ GCRY_MD_SHA256,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88"
"\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7" },
{ GCRY_MD_SHA256,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7"
"\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe" },
{ GCRY_MD_SHA256,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08"
"\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b" },
{ GCRY_MD_SHA256,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f"
"\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54" },
{ GCRY_MD_SHA256,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5\xb0\xe9\x44"
"\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f\x51\x53\x5c\x3a\x35\xe2" },
{ GCRY_MD_SHA224, "what do ya want for nothing?", "Jefe",
"\xa3\x0e\x01\x09\x8b\xc6\xdb\xbf\x45\x69\x0f\x3a\x7e\x9e\x6d\x0f"
"\x8b\xbe\xa2\xa3\x9e\x61\x48\x00\x8f\xd0\x5e\x44" },
{ GCRY_MD_SHA224,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47"
"\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22" },
{ GCRY_MD_SHA224,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x7f\xb3\xcb\x35\x88\xc6\xc1\xf6\xff\xa9\x69\x4d\x7d\x6a\xd2\x64"
"\x93\x65\xb0\xc1\xf6\x5d\x69\xd1\xec\x83\x33\xea" },
{ GCRY_MD_SHA224,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x6c\x11\x50\x68\x74\x01\x3c\xac\x6a\x2a\xbc\x1b\xb3\x82\x62"
"\x7c\xec\x6a\x90\xd8\x6e\xfc\x01\x2d\xe7\xaf\xec\x5a" },
{ GCRY_MD_SHA224,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x95\xe9\xa0\xdb\x96\x20\x95\xad\xae\xbe\x9b\x2d\x6f\x0d\xbc\xe2"
"\xd4\x99\xf1\x12\xf2\xd2\xb7\x27\x3f\xa6\x87\x0e" },
{ GCRY_MD_SHA224,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x3a\x85\x41\x66\xac\x5d\x9f\x02\x3f\x54\xd5\x17\xd0\xb3\x9d\xbd"
"\x94\x67\x70\xdb\x9c\x2b\x95\xc9\xf6\xf5\x65\xd1" },
{ GCRY_MD_SHA384, "what do ya want for nothing?", "Jefe",
"\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b\x1b"
"\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22\x44\x5e"
"\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa\xb2\x16\x49" },
{ GCRY_MD_SHA384,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15"
"\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea"
"\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6" },
{ GCRY_MD_SHA384,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8\x6f"
"\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66\x14\x4b"
"\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01\xa3\x4f\x27" },
{ GCRY_MD_SHA384,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x3e\x8a\x69\xb7\x78\x3c\x25\x85\x19\x33\xab\x62\x90\xaf\x6c\xa7"
"\x7a\x99\x81\x48\x08\x50\x00\x9c\xc5\x57\x7c\x6e\x1f\x57\x3b\x4e"
"\x68\x01\xdd\x23\xc4\xa7\xd6\x79\xcc\xf8\xa3\x86\xc6\x74\xcf\xfb" },
{ GCRY_MD_SHA384,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x4e\xce\x08\x44\x85\x81\x3e\x90\x88\xd2\xc6\x3a\x04\x1b\xc5\xb4"
"\x4f\x9e\xf1\x01\x2a\x2b\x58\x8f\x3c\xd1\x1f\x05\x03\x3a\xc4\xc6"
"\x0c\x2e\xf6\xab\x40\x30\xfe\x82\x96\x24\x8d\xf1\x63\xf4\x49\x52" },
{ GCRY_MD_SHA384,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x66\x17\x17\x8e\x94\x1f\x02\x0d\x35\x1e\x2f\x25\x4e\x8f\xd3\x2c"
"\x60\x24\x20\xfe\xb0\xb8\xfb\x9a\xdc\xce\xbb\x82\x46\x1e\x99\xc5"
"\xa6\x78\xcc\x31\xe7\x99\x17\x6d\x38\x60\xe6\x11\x0c\x46\x52\x3e" },
{ GCRY_MD_SHA512, "what do ya want for nothing?", "Jefe",
"\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0\xa3"
"\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25\x05\x54"
"\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd"
"\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37" },
{ GCRY_MD_SHA512,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0"
"\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde"
"\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4"
"\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54" },
{ GCRY_MD_SHA512,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b\xe9"
"\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27\x9d\x39"
"\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07"
"\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb" },
{ GCRY_MD_SHA512,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6\x1d\x4a\xf7"
"\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f\x80\x50\x36\x1e\xe3\xdb"
"\xa9\x1c\xa5\xc1\x1a\xa2\x5e\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63"
"\xa5\xf1\x97\x41\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd" },
{ GCRY_MD_SHA512,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd\x7b\xe8\xb4"
"\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b\x01\x37\x83\xf8\xf3\x52"
"\x6b\x56\xd0\x37\xe0\x5f\x25\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52"
"\x95\xe6\x4f\x73\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98" },
{ GCRY_MD_SHA512,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd"
"\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44"
"\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15"
"\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58" },
{ 0 },
};
int i;
if (verbose)
fprintf (stderr, "Starting hashed MAC checks.\n");
for (i = 0; algos[i].md; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i] for length %zi\n",
gcry_md_algo_name (algos[i].md),
algos[i].md,
strlen(algos[i].data));
check_one_hmac (algos[i].md, algos[i].data, strlen (algos[i].data),
algos[i].key, strlen(algos[i].key),
algos[i].expect);
}
if (verbose)
fprintf (stderr, "Completed hashed MAC checks.\n");
}
/* Check that the signature SIG matches the hash HASH. PKEY is the
public key used for the verification. BADHASH is a hasvalue which
should; result in a bad signature status. */
static void
verify_one_signature (gcry_sexp_t pkey, gcry_sexp_t hash,
gcry_sexp_t badhash, gcry_sexp_t sig)
{
gcry_error_t rc;
rc = gcry_pk_verify (sig, hash, pkey);
if (rc)
fail ("gcry_pk_verify failed: %s\n", gpg_strerror (rc));
rc = gcry_pk_verify (sig, badhash, pkey);
if (gcry_err_code (rc) != GPG_ERR_BAD_SIGNATURE)
fail ("gcry_pk_verify failed to detect a bad signature: %s\n",
gpg_strerror (rc));
}
/* Test the public key sign function using the private ket SKEY. PKEY
is used for verification. */
static void
check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey)
{
gcry_error_t rc;
gcry_sexp_t sig, badhash, hash;
int dataidx;
static const char baddata[] =
"(data\n (flags pkcs1)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203041#))\n";
static struct
{
const char *data;
int expected_rc;
} datas[] =
{
{ "(data\n (flags pkcs1)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
0 },
+ /* This test is to see whether hash algorithms not hard wired in
+ pubkey.c are detected: */
+ { "(data\n (flags pkcs1)\n"
+ " (hash oid.1.3.14.3.2.29 "
+ " #11223344556677889900AABBCCDDEEFF10203040#))\n",
+ 0 },
{ "(data\n (flags )\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
GPG_ERR_CONFLICT },
{ "(data\n (flags pkcs1)\n"
" (hash foo #11223344556677889900AABBCCDDEEFF10203040#))\n",
GPG_ERR_DIGEST_ALGO },
{ "(data\n (flags )\n" " (value #11223344556677889900AA#))\n",
0 },
{ "(data\n (flags )\n" " (value #0090223344556677889900AA#))\n",
0 },
{ "(data\n (flags raw)\n" " (value #11223344556677889900AA#))\n",
0 },
{ "(data\n (flags pkcs1)\n"
" (value #11223344556677889900AA#))\n",
GPG_ERR_CONFLICT },
{ "(data\n (flags raw foo)\n"
" (value #11223344556677889900AA#))\n",
GPG_ERR_INV_FLAG },
{ NULL }
};
(void)n;
rc = gcry_sexp_sscan (&badhash, NULL, baddata, strlen (baddata));
if (rc)
die ("converting data failed: %s\n", gpg_strerror (rc));
for (dataidx = 0; datas[dataidx].data; dataidx++)
{
if (verbose)
fprintf (stderr, " signature test %d\n", dataidx);
rc = gcry_sexp_sscan (&hash, NULL, datas[dataidx].data,
strlen (datas[dataidx].data));
if (rc)
die ("converting data failed: %s\n", gpg_strerror (rc));
rc = gcry_pk_sign (&sig, hash, skey);
if (gcry_err_code (rc) != datas[dataidx].expected_rc)
fail ("gcry_pk_sign failed: %s\n", gpg_strerror (rc));
if (!rc)
verify_one_signature (pkey, hash, badhash, sig);
gcry_sexp_release (sig);
sig = NULL;
gcry_sexp_release (hash);
hash = NULL;
}
gcry_sexp_release (badhash);
}
static void
check_pubkey_grip (int n, const unsigned char *grip,
gcry_sexp_t skey, gcry_sexp_t pkey)
{
unsigned char sgrip[20], pgrip[20];
if (!gcry_pk_get_keygrip (skey, sgrip))
die ("get keygrip for private RSA key failed\n");
if (!gcry_pk_get_keygrip (pkey, pgrip))
die ("[%i] get keygrip for public RSA key failed\n", n);
if (memcmp (sgrip, pgrip, 20))
fail ("[%i] keygrips don't match\n", n);
if (memcmp (sgrip, grip, 20))
fail ("wrong keygrip for RSA key\n");
}
static void
do_check_one_pubkey (int n, gcry_sexp_t skey, gcry_sexp_t pkey,
const unsigned char *grip, int flags)
{
if (flags & FLAG_SIGN)
check_pubkey_sign (n, skey, pkey);
if (grip && (flags & FLAG_GRIP))
check_pubkey_grip (n, grip, skey, pkey);
}
static void
check_one_pubkey (int n, test_spec_pubkey_t spec)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
gcry_sexp_t skey, pkey;
err = gcry_sexp_sscan (&skey, NULL, spec.key.secret,
strlen (spec.key.secret));
if (!err)
err = gcry_sexp_sscan (&pkey, NULL, spec.key.public,
strlen (spec.key.public));
if (err)
die ("converting sample key failed: %s\n", gpg_strerror (err));
do_check_one_pubkey (n, skey, pkey,
(const unsigned char*)spec.key.grip, spec.flags);
gcry_sexp_release (skey);
gcry_sexp_release (pkey);
}
static void
get_keys_new (gcry_sexp_t *pkey, gcry_sexp_t *skey)
{
gcry_sexp_t key_spec, key, pub_key, sec_key;
int rc;
if (verbose)
fprintf (stderr, " generating RSA key:");
rc = gcry_sexp_new (&key_spec,
"(genkey (rsa (nbits 4:1024)))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gpg_strerror (rc));
rc = gcry_pk_genkey (&key, key_spec);
gcry_sexp_release (key_spec);
if (rc)
die ("error generating RSA key: %s\n", gpg_strerror (rc));
pub_key = gcry_sexp_find_token (key, "public-key", 0);
if (! pub_key)
die ("public part missing in key\n");
sec_key = gcry_sexp_find_token (key, "private-key", 0);
if (! sec_key)
die ("private part missing in key\n");
gcry_sexp_release (key);
*pkey = pub_key;
*skey = sec_key;
}
static void
check_one_pubkey_new (int n)
{
gcry_sexp_t skey, pkey;
get_keys_new (&pkey, &skey);
do_check_one_pubkey (n, skey, pkey, NULL, FLAG_SIGN | FLAG_CRYPT);
}
/* Run all tests for the public key functions. */
static void
check_pubkey (void)
{
test_spec_pubkey_t pubkeys[] =
{
{
GCRY_PK_RSA, FLAG_CRYPT | FLAG_SIGN,
{ "(private-key\n"
" (rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B11"
" 7D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BD"
" C543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21"
" C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)\n"
" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
" fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)\n"
" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9"
" 35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)\n"
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))\n",
"(public-key\n"
" (rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)))\n",
"\x32\x10\x0c\x27\x17\x3e\xf6\xe9\xc4\xe9"
"\xa2\x5d\x3d\x69\xf8\x6d\x37\xa4\xf9\x39"}
},
{
GCRY_PK_DSA, FLAG_SIGN,
{ "(private-key\n"
" (DSA\n"
" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)\n"
" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)\n"
" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)\n"
" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)\n"
" (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))\n",
"(public-key\n"
" (DSA\n"
" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)\n"
" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)\n"
" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)\n"
" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)))\n",
"\xc6\x39\x83\x1a\x43\xe5\x05\x5d\xc6\xd8"
"\x4a\xa6\xf9\xeb\x23\xbf\xa9\x12\x2d\x5b" }
},
{
GCRY_PK_ELG, FLAG_SIGN | FLAG_CRYPT,
{ "(private-key\n"
" (ELG\n"
" (p #00B93B93386375F06C2D38560F3B9C6D6D7B7506B20C1773F73F8DE56E6CD65D"
" F48DFAAA1E93F57A2789B168362A0F787320499F0B2461D3A4268757A7B27517"
" B7D203654A0CD484DEC6AF60C85FEB84AAC382EAF2047061FE5DAB81A20A0797"
" 6E87359889BAE3B3600ED718BE61D4FC993CC8098A703DD0DC942E965E8F18D2A7#)\n"
" (g #05#)\n"
" (y #72DAB3E83C9F7DD9A931FDECDC6522C0D36A6F0A0FEC955C5AC3C09175BBFF2B"
" E588DB593DC2E420201BEB3AC17536918417C497AC0F8657855380C1FCF11C5B"
" D20DB4BEE9BDF916648DE6D6E419FA446C513AAB81C30CB7B34D6007637BE675"
" 56CE6473E9F9EE9B9FADD275D001563336F2186F424DEC6199A0F758F6A00FF4#)\n"
" (x #03C28900087B38DABF4A0AB98ACEA39BB674D6557096C01D72E31C16BDD32214#)))\n",
"(public-key\n"
" (ELG\n"
" (p #00B93B93386375F06C2D38560F3B9C6D6D7B7506B20C1773F73F8DE56E6CD65D"
" F48DFAAA1E93F57A2789B168362A0F787320499F0B2461D3A4268757A7B27517"
" B7D203654A0CD484DEC6AF60C85FEB84AAC382EAF2047061FE5DAB81A20A0797"
" 6E87359889BAE3B3600ED718BE61D4FC993CC8098A703DD0DC942E965E8F18D2A7#)\n"
" (g #05#)\n"
" (y #72DAB3E83C9F7DD9A931FDECDC6522C0D36A6F0A0FEC955C5AC3C09175BBFF2B"
" E588DB593DC2E420201BEB3AC17536918417C497AC0F8657855380C1FCF11C5B"
" D20DB4BEE9BDF916648DE6D6E419FA446C513AAB81C30CB7B34D6007637BE675"
" 56CE6473E9F9EE9B9FADD275D001563336F2186F424DEC6199A0F758F6A00FF4#)))\n",
"\xa7\x99\x61\xeb\x88\x83\xd2\xf4\x05\xc8"
"\x4f\xba\x06\xf8\x78\x09\xbc\x1e\x20\xe5" }
},
};
int i;
if (verbose)
fprintf (stderr, "Starting public key checks.\n");
for (i = 0; i < sizeof (pubkeys) / sizeof (*pubkeys); i++)
if (pubkeys[i].id)
check_one_pubkey (i, pubkeys[i]);
if (verbose)
fprintf (stderr, "Completed public key checks.\n");
if (verbose)
fprintf (stderr, "Starting additional public key checks.\n");
for (i = 0; i < sizeof (pubkeys) / sizeof (*pubkeys); i++)
if (pubkeys[i].id)
check_one_pubkey_new (i);
if (verbose)
fprintf (stderr, "Completed additional public key checks.\n");
}
int
main (int argc, char **argv)
{
int debug = 0;
if (argc > 1 && !strcmp (argv[1], "--verbose"))
verbose = 1;
else if (argc > 1 && !strcmp (argv[1], "--debug"))
verbose = debug = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
if (verbose)
gcry_set_progress_handler (progress_handler, NULL);
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
/* No valuable keys are create, so we can speed up our RNG. */
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
check_ciphers ();
check_aes128_cbc_cts_cipher ();
check_cbc_mac_cipher ();
check_ctr_cipher ();
check_cfb_cipher ();
check_ofb_cipher ();
check_digests ();
check_hmac ();
check_pubkey ();
if (verbose)
fprintf (stderr, "\nAll tests completed. Errors: %i\n", error_count);
return error_count ? 1 : 0;
}
diff --git a/tests/pkbench.c b/tests/pkbench.c
index 5ce9b0e2..c6286c8e 100644
--- a/tests/pkbench.c
+++ b/tests/pkbench.c
@@ -1,376 +1,376 @@
/* pkbench.c - Pubkey menchmarking
* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <gcrypt.h>
#include <assert.h>
#include <stdlib.h>
#include <sys/mman.h>
#include <sys/stat.h>
#ifndef HAVE_W32_SYSTEM
#include <sys/times.h>
-#endif HAVE_W32_SYSTEM
+#endif /*HAVE_W32_SYSTEM*/
#include <unistd.h>
#include <fcntl.h>
#include <time.h>
typedef struct context
{
gcry_sexp_t key_secret;
gcry_sexp_t key_public;
gcry_sexp_t data;
gcry_sexp_t data_encrypted;
gcry_sexp_t data_signed;
} *context_t;
typedef int (*work_t) (context_t context, unsigned int final);
static void
benchmark (work_t worker, context_t context)
{
clock_t timer_start, timer_stop;
unsigned int loop = 10;
unsigned int i = 0;
struct tms timer;
int ret = 0;
#ifdef HAVE_W32_SYSTEM
timer_start = clock ();
#else
times (&timer);
timer_start = timer.tms_utime;
#endif
for (i = 0; i < loop; i++)
{
ret = (*worker) (context, (i + 1) == loop);
if (! ret)
break;
}
#ifdef HAVE_W32_SYSTEM
timer_stop = clock ();
#else
times (&timer);
timer_stop = timer.tms_utime;
#endif
if (ret)
printf ("%.0f ms\n",
(((double) ((timer_stop - timer_start) / loop)) / CLOCKS_PER_SEC)
* 10000000);
else
printf ("[skipped]\n");
}
static int
work_encrypt (context_t context, unsigned int final)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
gcry_sexp_t data_encrypted = NULL;
int ret = 1;
err = gcry_pk_encrypt (&data_encrypted,
context->data, context->key_public);
if (gpg_err_code (err) == GPG_ERR_NOT_IMPLEMENTED)
{
err = GPG_ERR_NO_ERROR;
ret = 0;
}
else
{
assert (! err);
if (final)
context->data_encrypted = data_encrypted;
else
gcry_sexp_release (data_encrypted);
}
return ret;
}
static int
work_decrypt (context_t context, unsigned int final)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
int ret = 1;
if (! context->data_encrypted)
ret = 0;
else
{
gcry_sexp_t data_decrypted = NULL;
err = gcry_pk_decrypt (&data_decrypted,
context->data_encrypted,
context->key_secret);
assert (! err);
if (final)
{
gcry_sexp_release (context->data_encrypted);
context->data_encrypted = NULL;
}
gcry_sexp_release (data_decrypted);
}
return ret;
}
static int
work_sign (context_t context, unsigned int final)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
gcry_sexp_t data_signed = NULL;
int ret = 1;
err = gcry_pk_sign (&data_signed,
context->data, context->key_secret);
if (gpg_err_code (err) == GPG_ERR_NOT_IMPLEMENTED)
{
err = GPG_ERR_NO_ERROR;
ret = 0;
}
else
{
assert (! err);
if (final)
context->data_signed = data_signed;
else
gcry_sexp_release (data_signed);
}
return ret;
}
static int
work_verify (context_t context, unsigned int final)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
int ret = 1;
if (! context->data_signed)
ret = 0;
else
{
err = gcry_pk_verify (context->data_signed,
context->data,
context->key_public);
assert (! err);
if (final)
{
gcry_sexp_release (context->data_signed);
context->data_signed = NULL;
}
}
return ret;
}
static void
process_key_pair (context_t context)
{
struct
{
work_t worker;
const char *identifier;
} worker_functions[] = { { work_encrypt, "encrypt" },
{ work_decrypt, "decrypt" },
{ work_sign, "sign" },
{ work_verify, "verify" } };
unsigned int i = 0;
for (i = 0; i < (sizeof (worker_functions) / sizeof (*worker_functions)); i++)
{
printf ("%s: ", worker_functions[i].identifier);
benchmark (worker_functions[i].worker, context);
}
}
static void
context_init (context_t context, gcry_sexp_t key_secret, gcry_sexp_t key_public)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
unsigned int key_size = 0;
gcry_mpi_t data = NULL;
gcry_sexp_t data_sexp = NULL;
key_size = gcry_pk_get_nbits (key_secret);
assert (key_size);
data = gcry_mpi_new (key_size);
assert (data);
gcry_mpi_randomize (data, key_size, GCRY_STRONG_RANDOM);
gcry_mpi_clear_bit (data, key_size - 1);
err = gcry_sexp_build (&data_sexp, NULL,
"(data (flags raw) (value %m))",
data);
assert (! err);
gcry_mpi_release (data);
context->key_secret = key_secret;
context->key_public = key_public;
context->data = data_sexp;
context->data_encrypted = NULL;
context->data_signed = NULL;
}
static void
context_destroy (context_t context)
{
gcry_sexp_release (context->key_secret);
gcry_sexp_release (context->key_public);
gcry_sexp_release (context->data);
}
static void
process_key_pair_file (const char *key_pair_file)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
void *key_pair_buffer = NULL;
gcry_sexp_t key_pair_sexp = NULL;
gcry_sexp_t key_secret_sexp = NULL;
gcry_sexp_t key_public_sexp = NULL;
struct context context = { NULL };
struct stat statbuf;
int key_pair_fd = -1;
int ret = 0;
ret = stat (key_pair_file, &statbuf);
assert (! ret);
key_pair_fd = open (key_pair_file, O_RDONLY);
assert (key_pair_fd != -1);
key_pair_buffer = mmap (NULL, statbuf.st_size, PROT_READ,
MAP_PRIVATE, key_pair_fd, 0);
assert (key_pair_buffer != MAP_FAILED);
err = gcry_sexp_sscan (&key_pair_sexp, NULL,
key_pair_buffer, statbuf.st_size);
assert (! err);
key_secret_sexp = gcry_sexp_find_token (key_pair_sexp, "private-key", 0);
assert (key_secret_sexp);
key_public_sexp = gcry_sexp_find_token (key_pair_sexp, "public-key", 0);
assert (key_public_sexp);
gcry_sexp_release (key_pair_sexp);
ret = munmap (key_pair_buffer, statbuf.st_size);
assert (! ret);
ret = close (key_pair_fd);
assert (! ret);
context_init (&context, key_secret_sexp, key_public_sexp);
printf ("Key file: %s\n", key_pair_file);
process_key_pair (&context);
printf ("\n");
context_destroy (&context);
}
static const char *program_name = NULL;
static void
print_usage (int err)
{
fprintf (err ? stderr : stdout,
"Usage: %s [--help ] [ --genkey <algorithm>,<size> ] <key files ...>\n\n",
program_name);
exit (err);
}
static void
generate_key (const char *algorithm, const char *key_size)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
size_t key_pair_buffer_size = 0;
char *key_pair_buffer = NULL;
gcry_sexp_t key_spec = NULL;
gcry_sexp_t key_pair = NULL;
err = gcry_sexp_build (&key_spec, NULL,
"(genkey (%s (nbits %s)))",
algorithm, key_size);
assert (! err);
err = gcry_pk_genkey (&key_pair, key_spec);
assert (! err);
key_pair_buffer_size = gcry_sexp_sprint (key_pair, GCRYSEXP_FMT_ADVANCED,
NULL, 0);
key_pair_buffer = malloc (key_pair_buffer_size);
assert (key_pair_buffer);
gcry_sexp_sprint (key_pair, GCRYSEXP_FMT_ADVANCED,
key_pair_buffer, key_pair_buffer_size);
printf ("%.*s", key_pair_buffer_size, key_pair_buffer);
}
int
main (int argc, char **argv)
{
program_name = argc ? argv[0] : "";
gcry_control (GCRYCTL_DISABLE_SECMEM);
if (argv[1] && ((! strcmp (argv[1], "--help"))
|| (! strcmp (argv[1], "-h"))))
print_usage (0);
else if (argv[1] && ((! strcmp (argv[1], "--genkey"))
|| (! strcmp (argv[1], "-g"))))
{
char *algorithm = NULL;
char *key_size = NULL;
/* No valuable keys are create, so we can speed up our RNG. */
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
if (argv[2])
{
algorithm = argv[2];
key_size = strchr (algorithm, ',');
if (key_size)
{
*key_size = 0;
key_size++;
}
}
if (algorithm && key_size)
generate_key (algorithm, key_size);
else
print_usage (EXIT_FAILURE);
}
else
{
unsigned int i = 0;
for (i = 1; (i < argc); i++)
process_key_pair_file (argv[i]);
}
return EXIT_SUCCESS;
}

File Metadata

Mime Type
text/x-diff
Expires
Fri, Feb 6, 8:11 AM (12 h, 1 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
e2/89/8bb05cdefccb91d644d358b26f9a

Event Timeline