Page MenuHome GnuPG
Files F34123976

No OneTemporary
Actions

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.
This document is not UTF8. It was detected as ISO-8859-1 (Latin 1) and converted to UTF8 for display.
diff --git a/ChangeLog b/ChangeLog
index 48d8ac87..7dedbd0a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,1260 +1,1277 @@
+2008-04-18 Werner Koch <wk@g10code.com>
+
+ * configure.ac (AH_BOTTOM): Add CAMELLIA_EXT_SYM_PREFIX.
+
+2008-04-01 Werner Koch <wk@g10code.com>
+
+ * configure.ac (AC_INIT): Fix quoting.
+
+2008-03-19 Werner Koch <wk@g10code.com>
+
+ * configure.ac: Fix the tests for USE_<algo> to either define or
+ undef the macros. Suggested by Dirk Stoecker.
+
+2008-03-18 Werner Koch <wk@g10code.com>
+
+ * configure.ac: Test for uintptr_t.
+
2008-02-18 Werner Koch <wk@g10code.com>
* configure.ac (IS_DEVELOPMENT_VERSION): Set depending on the my_svn.
2007-12-11 Werner Koch <wk@g10code.com>
* configure.ac: We actually require libgpg-error 1.4. Reported by
Tim Mooney.
2007-12-10 Werner Koch <wk@g10code.com>
Released 1.4.0.
* configure.ac: Set LT to C15/A4/R3.
2007-12-05 Werner Koch <wk@g10code.com>
* configure.ac: Add option --disable-padlock-support.
2007-12-03 Werner Koch <wk@g10code.com>
Released 1.3.2.
* configure.ac: Set LT to C15/A4/R2.
* config.sub, config.guess: Update to version 2007-11-19.
2007-10-30 Werner Koch <wk@g10code.com>
* configure.ac: Protect config.h against double inclusion.
2007-10-26 Werner Koch <wk@g10code.com>
Released 1.3.1.
* configure.ac: Set LT to C15/A4/R1.
2007-08-22 Werner Koch <wk@g10code.com>
* README: Rewrite the license description.
* configure.ac (USE_RNDW32, USE_RNDUNIX): Unmark as GPL modules.
2007-08-08 Werner Koch <wk@g10code.com>
* configure.ac: Use $host and not $target.
2007-07-26 Werner Koch <wk@g10code.com>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fix a syntax error
in the test program which lurked there for 4 years. Adjusted name
of libtools global_system_pipe variable and add extra cut stage.
Reported by Gregor Riepl.
2007-06-15 Werner Koch <wk@g10code.com>
* autogen.sh (FORCE): Use = and not == in test to be POSIXly correct.
2007-05-30 Werner Koch <wk@g10code.com>
* configure.ac: Camellia is no longer GPL.
2007-05-24 Werner Koch <wk@g10code.com>
* configure.ac: Try to use -Wpointer-arith.
2007-05-19 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Fix test for optional UDIV and UDIV_QRNND MPI
modules.
2007-05-09 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (ac_cv_mpi_config_done): Unused variable removed.
(ac_cv_mpi_mod_list, MPI_MOD_LIST_LO, MPI_MOD_LIST_O): Removed.
(MPI_MOD_ASM_MPIH_ADD1, MPI_MOD_ASM_MPIH_SUB1,
MPI_MOD_ASM_MPIH_MUL1, MPI_MOD_ASM_MPIH_MUL2,
MPI_MOD_ASM_MPIH_MUL3, MPI_MOD_ASM_MPIH_LSHIFT,
MPI_MOD_ASM_MPIH_RSHIFT, MPI_MOD_ASM_MPIH_UDIV,
MPI_MOD_ASM_MPIH_UDIV_QRNND, MPI_MOD_C_MPIH_ADD1,
MPI_MOD_C_MPIH_SUB1, MPI_MOD_C_MPIH_MUL1, MPI_MOD_C_MPIH_MUL2,
MPI_MOD_C_MPIH_MUL3, MPI_MOD_C_MPIH_LSHIFT, MPI_MOD_C_MPIH_RSHIFT,
MPI_MOD_C_MPIH_UDIV, MPI_MOD_C_MPIH_UDIV_QRNND): New automake
variables.
2007-05-04 Werner Koch <wk@g10code.com>
Released 1.3.0.
* configure.ac: Set LT to C15/A4/R0.
* configure.ac: Require automake 1.10
(AM_PROG_CC_C_O): New.
2007-05-03 Werner Koch <wk@g10code.com>
* configure.ac: Fix detection of GPLed random modules.
2007-05-02 Werner Koch <wk@g10code.com>
* configure.ac (LIBGCRYPT_DIGESTS, LIBGCRYPT_CIPHERS)
(LIBGCRYPT_PUBKEY_CIPHERS): Ac_define lists of algorithms.
(default_ciphers): Don't make camellia a default.
2007-05-02 David Shaw <dshaw@jabberwocky.com>
* NEWS, configure.ac: Add Camellia.
2007-04-30 Werner Koch <wk@g10code.com>
* README.apichanges: Move to doc/.
* Makefile.am (EXTRA_DIST): Removed that file.
2007-04-28 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Allow to specify additional search directories
with --enable-mpi-path.
2007-04-16 Werner Koch <wk@g10code.com>
* configure.ac: Check for sysconf.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Try to use sysconf to get the
page size and use getpagesize only then if available.
2007-03-22 Werner Koch <wk@g10code.com>
* configure.ac: Add support for ECC.
2007-02-22 Werner Koch <wk@g10code.com>
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Use
--enable-random-daemon.
* configure.ac: New option --enable-random-daemon.
Create versioninfo.rc and provide the build information.
2007-02-21 Werner Koch <wk@g10code.com>
* Makefile.am, configure.ac: Ignore w32-dll/.
2007-02-20 Werner Koch <wk@g10code.com>
* configure.ac: Bump LT version to C14/A3/R0 in preparation for a
release.
* autogen.sh: Add option --force.
* configure.ac: New option --disable-endian-check. Use a real
noexecstack test instead of requiring an option. Add SVN version
magic.
2007-02-02 Werner Koch <wk@g10code.com>
* configure.ac (FALLBACK_SOCKLEN_T): Special case for mingw32.
2006-11-15 Werner Koch <wk@g10code.com>
* autogen.sh: Add convenience option --build-amd64.
2006-10-20 Werner Koch <wk@g10code.com>
* Makefile.am (stowinstall): New convenience target.
2006-10-12 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (FALLBACK_SOCKLEN_T): Third time is a charm.
Define gcry_socklen_t, to avoid conflicts with socklen_t
definitions by autoconf.
2006-10-11 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (FALLBACK_SOCKLEN_T): Rewrite in terms of
socklen.m4.
2006-10-11 Marcus Brinkmann <marcus@g10code.de>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Removed.
* configure.ac: Do not call GNUPG_FIX_HDR_VERSION.
2006-10-10 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Invoke AC_CHECK_SOCKLEN_TYPE.
(AC_CONFIG_FILES): Add src/gcrypt.h.
(AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.
2006-10-02 Werner Koch <wk@g10code.com>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Test on HOST and not
TARGET. Hardwire for mingw32. Allow setting via command line when
cross compiling.
2006-08-29 Werner Koch <wk@g10code.com>
* configure.ac (USE_SEED): New.
2006-07-26 Werner Koch <wk@g10code.com>
* configure.ac: New options --enable-noexecstack and
--disable-optimization.
2006-07-04 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC.
* configure.ac: Call gl_TYPE_SOCKLEN_T instead of the other
socklen_t checks.
2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (PTH_LIBS): Add --all to pth-config invocation.
2006-03-14 Werner Koch <wk@g10code.com>
* configure.ac: Check for fctnl and ftruncate.
(HAVE_PTH): Check for GNU Pth.
(HAVE_W32_SYSTEM): Define it.
* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): New. Taken from GnuPG 1.4.
2005-12-08 Werner Koch <wk@g10code.com>
* configure.ac: Changed the random device names for netbsd. From
Christian Biere.
2005-11-02 Moritz Schulte <moritz@g10code.com>
* NEWS: Documented minor API changes.
2005-09-15 Moritz Schulte <moritz@g10code.com>
* Makefile.am (EXTRA_DIST): Depend on README.SVN, not on README.CVS.
2005-06-25 Moritz Schulte <moritz@g10code.com>
* configure.ac: Removed src/libgcrypt.pc from AC_CONFIG_FILES.
2005-06-10 Werner Koch <wk@g10code.com>
* configure.ac: Move detection of basic stuff to the top. For
example we need to know whether gcc is used before testing for it.
Reported by Ralf Fassel.
2005-04-23 Moritz Schulte <moritz@g10code.com>
* acinclude.m4 (TYPE_SOCKLEN_T): New type definition test;
provided by Albert Chin.
* configure.ac: Don't use $(CMD) as it's not portable; use CMD in
backticks instead. Simpler -lnsl/-lsocket test. Use
TYPE_SOCKLEN_T test. Don't forget to set `random_modules'
correctly.
2005-04-22 Moritz Schulte <moritz@g10code.com>
* configure.ac: Added support for pkgconfig; provided by Albert
Chin.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* configure.ac: Integrate Whirlpool.
2005-01-04 Werner Koch <wk@g10code.com>
Updated to automake 1.9.
* acinclude.m4: Updated for use with automake 1.9.
* configure.ac: Require libgpg-error 1.0; not really needed but
that is the first stable version.
* Makefile.am (ACLOCAL_AMFLAGS): New for -I m4.
(AUTOMAKE_OPTIONS): New to create a bzip archive.
2005-02-03 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-08-09 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-07-04 Moritz Schulte <moritz@g10code.com>
* THANKS: Updated.
2004-04-21 Werner Koch <wk@gnupg.org>
* configure.ac: Don't print a warning if GNU make was not found.
2004-05-07 Moritz Schulte <moritz@g10code.de>
* THANKS: Updated.
2004-04-02 Thomas Schwinge <schwinge@nic-nac-project.de>
* autogen.sh: Added ACLOCAL_FLAGS.
2004-04-15 Werner Koch <wk@gnupg.org>
Released 1.2.0.
* configure.ac: Set LT to C12/A1/R1.
2004-04-06 Werner Koch <wk@gnupg.org>
* config.guess, config.sub, ltmain.sh: Updated to those from
libtools 1.5.4.
2004-03-29 Werner Koch <wk@gnupg.org>
Released 1.1.94.
* configure.ac: Set LT to C12/A1/R0.
2004-03-10 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (LIBGCRYPT_CONFIG_LIBS_PTHREAD,
LIBGCRYPT_CONFIG_CFLAGS_PTHREAD, LIBGCRYPT_CONFIG_LIBS_PTH,
LIBGCRYPT_CONFIG_CFLAGS_PTH, have_pth, have_pthread, AC_CHECK_PTH,
AC_CHECK_LIB(pthread), HAVE_PTH, HAVE_PTHREAD): Removed.
2004-03-06 Werner Koch <wk@gnupg.org>
Released 1.1.93.
* configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by
LIBGCRYPT_CONPIG_API_VERSION. Set it to 1. Set LT to C11/A0/R1.
2004-03-05 Werner Koch <wk@gnupg.org>
* configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): New.
2004-02-20 Werner Koch <wk@gnupg.org>
Released 1.1.92.
* configure.ac: Set LT to C11/A0/R0.
2004-02-11 Werner Koch <wk@gnupg.org>
* autogen.sh (check_version): Removed bashism and simplified.
2004-02-06 Werner Koch <wk@gnupg.org>
* configure.ac: Add rfc2268 cipher algorithm.
2004-01-25 Moritz Schulte <mo@g10code.com>
* THANKS: Updated.
2003-12-19 Werner Koch <wk@gnupg.org>
Released 1.1.91.
* configure.ac: Bumbed LT version to C10/A3/R1.
2003-12-08 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): Don't distribute stuff from the now
obsolete scripts dir.
(EXTRA_DIST): Remove README_alpha
* README-alpha: Removed.
* configure.ac (AM_CONFIG_AUX_DIR): Removed.
* COPYING.DOC: Removed.
* Makefile.am (EXTRA_DIST): Added README.CVS and
autogen.sh. Removed COPYING.DOC.
2003-11-14 Werner Koch <wk@gnupg.org>
Released 1.1.90.
* configure.ac: Bumbed LT version to C10/A3/R0.
* configure.ac (have_ld_version_script): Set the default in
a separate test.
(PRINTABLE_OS_NAME): Don't handle the Hurd extra, this leads to
conflicts with BSD based GNU systems. The Hurd has now a working
uname.
2003-11-04 Werner Koch <wk@gnupg.org>
* configure.ac (USE_SHA1): Make sure it is always included.
(USE_RMD160): Removed this AM conditional.
2003-10-31 Werner Koch <wk@gnupg.org>
* configure.ac: Bumbed version number to 1.1.90-cvs for futher
development
Released 1.1.44.
* acinclude.m4 (AC_CHECK_PTH): Added.
* configure.ac: Use it here instead of the generic lib test.
Bumbed LT vesion to C9/A2/R0.
2003-10-27 Werner Koch <wk@gnupg.org>
* configure.ac: Give a hint on where libgpg-error is available.
Reformatted long lines. Don't include gcrypt-defs.h.
(--enable-gcc-warnings): New option.
2003-10-24 Moritz Schulte <mo@g10code.com>
* configure.ac: Check for socklen_t.
2003-10-11 Moritz Schulte <mo@g10code.com>
* acinclude.m4: Update AM_PATH_GPG_ERROR macro.
2003-09-04 Werner Koch <wk@gnupg.org>
Released 1.1.43.
* configure.ac: Require libgpg-error 0.4 due to the prime interface.
2003-08-29 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Re-implemented.
* configure.ac: Use it here.
2003-08-27 Moritz Schulte <mo@g10code.com>
* configure.ac: Substitute: LIBGCRYPT_CONFIG_LIBS_PTHREAD,
LIBGCRYPT_CONFIG_CFLAGS_PTHREAD, LIBGCRYPT_CONFIG_LIBS_PTH,
LIBGCRYPT_CONFIG_CFLAGS_PTH, LIBGCRYPT_THREAD_MODULES.
2003-08-07 Moritz Schulte <moritz@g10code.com>
* configure.ac: Fail, if libgpg-error could not be found.
2003-07-31 Werner Koch <wk@gnupg.org>
Released 1.1.42.
* configure.ac: Set LT version to 7/0/0.
2003-07-30 Werner Koch <wk@gnupg.org>
* AUTHORS (Maintainer): Assigned Moritz as Maintainer.
2003-07-30 Moritz Schulte <moritz@g10code.com>
* NEWS: Include much more complete list of `Interface changes
relative to the 1.1.12 release'.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* configure.ac: Bumbed version number up to 1.1.42-cvs.
2003-07-09 Moritz Schulte <moritz@g10code.com>
* configure.ac: Reintroduce --disable-asm, since it is needed by
mpi/config.links.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* README: Few changes, mention libgpg-error.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* configure.ac (available_ciphers): Removed Serpent, hrrm.
2003-06-17 Moritz Schulte <moritz@g10code.com>
* acinclude.m4: Removed macro definitions: GNUPG_CHECK_FAQPROG,
GNUPG_CHECK_ENDIAN, GNUPG_CHECK_CACHE, GNUPG_CHECK_PIC,
GNUPG_CHECK_EXPORTDYNAMIC, GNUPG_CHECK_IPC, GNUPG_PROG_NM,
GNUPG_SYS_SYMBOL_UNDERSCORE, GNUPG_FUNC_MKDIR_TAKES_ONE_ARG,
GPH_PROG_DB2ANY.
Added macro definitions: AM_PATH_GPG_ERROR.
* configure.ac: Use alternative approach for building based on
conditional sources, which does not make automake eat all your
memory, etc.
Removed unused tests.
Renamed --enable-static-rnd to --enable-random.
Use Autoconf's AC_C_BIGENDIAN macro instead of our own.
Re-organized the whole file.
2003-06-16 Moritz Schulte <moritz@g10code.com>
* configure.ac (AC_CONFIG_FILES): Removed doc/version.sgml.
2003-06-11 Moritz Schulte <moritz@g10code.com>
* configure.ac: Remove --enable-libgpg-error flag.
Ue AC_PATH_GPG_ERROR.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* NEWS: Mention API changes and libgpg-error.
2003-05-25 Moritz Schulte <moritz@g10code.com>
* configure.ac (USE_LIBGPG_ERROR): Implementation of the
--enable-libgpg-error switch.
Define USE_LIBGPG_ERROR in LIBGCRYPT_CONFIG_FLAGS, in case
libgpg-error is used.
2003-05-22 Moritz Schulte <moritz@g10code.com>
* configure.ac (AC_CHECK_HEADERS): Removed unused headers:
termio.h, langinfo.h.
(AC_CHECK_FUNCS): Removed unused functions: strsep, strlwr,
tcgetattr, setrlimit, strftime, nl_langinfo, sigaction,
sigprocmask, fopen64, fstat64.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* README: Documented new configure switches.
Mention the --enable-maintainer-switch.
* configure.ac: Merged some code from GnuPG's configure.ac for
disabling sha512/tiger in case no 64 data types are available.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* configure.ac: Include support for sha512.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* AUTHORS: Updated.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* configure.ac: Implement command line switches: --enable-ciphers,
--enable-pubkey-ciphers and --enable-digests.
Set Automake conditionals and config.h symbols depending on the
selected ciphers, pubkey-ciphers, digests and random-modules.
* acinclude.m4 (LIST_MEMBER): New macro.
* configure.ac: Simplified, removed code for parsing
EXTRA_PROGRAMS from Makefile.am.
2003-04-08 Moritz Schulte <moritz@g10code.com>
* configure.ac: Merged random-module selection code from GnuPG's
configure.ac.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* configure.ac: Removed code for generating contruct.c.
Remove digest modules from the static_modules list, only handle
random module selection.
2003-03-24 Moritz Schulte <moritz@g10code.com>
* NEWS: Mention new CBC_MAC flag.
* AUTHORS (Maintainer): Update entry for Simon Josefsson.
2003-03-04 Moritz Schulte <moritz@g10code.com>
* TODO: Remove item about resetting handles, since
gcry_cipher_reset is implemented by now.
* NEWS: Mentioned gcry_cipher_reset.
2003-01-21 Werner Koch <wk@gnupg.org>
* README (Configure options): New.
* configure.ac (have_ld_version_script): New option
--enable-ld-version-script.
2003-01-20 Simon Josefsson <jas@extundo.com>
* configure.ac (MODULES_IN_CIPHER): Add crc.
2003-01-20 Werner Koch <wk@gnupg.org>
Released 1.1.12.
* configure.ac (LIBGCRYPT_LT_REVISION): Bumbed up.
2002-12-21 Werner Koch <wk@gnupg.org>
Released 1.1.11.
* configure.ac (LIBGCRYPT_LT_CURRENT: Bumbed to 6/5/0 due to a new
interface
2002-12-19 Werner Koch <wk@gnupg.org>
* configure.ac (have_pthread): Check for pthreads in libc.
(have_ld_version_script): New.
2002-11-10 Werner Koch <wk@gnupg.org>
* configure.ac (MODULES_IN_CIPHER): Add md4.c. By Simon Josefsson.
2002-09-20 Werner Koch <wk@gnupg.org>
Released 1.1.10.
* configure.ac (HAVE_DEV_RANDOM_IOCTL): Don't check for it; it is
not used.
(AS_CHECK_HEADERS): Check for sys/select.h.
* Makefile.am (DIST_SUBDIRS): New to include the w32-dll directory
2002-09-18 Timo Schulz <ts@winpt.org>
* configure.ac: Added makefile for the W32 DLL.
2002-09-17 Werner Koch <wk@gnupg.org>
* configure.ac: Check for Pth and Pthreads.
2002-08-23 Werner Koch <wk@gnupg.org>
Released 1.1.9.
* configure.ac (LIBGCRYPT_CONFIG_CFLAGS): Renamed from
LIBGCRYPT_CFLAGS and removed the libpath because it is set by the
config script.
(LIBGCRYPT_LT_REVISION): Set LT version to 5/4/1.
2002-06-25 Werner Koch <wk@gnupg.org>
Released 1.1.8.
* configure.ac: Set LT version to 5/4/0.
2002-05-21 Werner Koch <wk@gnupg.org>
Released 1.1.7.
* configure.ac: Set LT version to 4/3/0.
2002-05-17 Werner Koch <wk@gnupg.org>
* configure.ac: Removed all the dynamic loading stuff.
2002-05-16 Werner Koch <wk@gnupg.org>
* configure.ac: Reordered the C_CHECK_FUNCS.
2002-05-15 Werner Koch <wk@gnupg.org>
* configure.ac: Adjusted for new MPI module stuff.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license to the LGPL.
2002-05-02 Werner Koch <wk@gnupg.org>
* jnlib/: Removed.
* Makefile.am (SUBDIRS): Removed jnlib.
* configure.ac (jnlib/Makefile): Removed.
* configure.ac: Define _REENTRANT.
2002-02-18 Werner Koch <wk@gnupg.org>
* configure.ac (MPI_EXTRA_ASM_OBJS): Use .lo suffix.
(AC_CANONICAL_TARGET): Added.
2002-02-07 Werner Koch <wk@gnupg.org>
Released 1.1.6.
2002-01-24 Werner Koch <wk@gnupg.org>
* jnlib/: Replaced by a fresh copy from GnuPG (actually the NewPG
development branch). Adjusted Makefile.am and jnlib-config.h
accordingly.
2001-12-18 Werner Koch <wk@gnupg.org>
Released 1.1.5.
* Makefile.am (dist-hook): Only look in mpi and scripts for
distfiles; this way we don't include those of a stale "make dist"
directory.
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Make it work with the new
automake.
* configure.ac: Don't chmod db2any.
2001-08-06 Werner Koch <wk@gnupg.org>
* configure.ac: Removed cross compiling hacks.
2001-08-03 Werner Koch <wk@gnupg.org>
Released 1.1.4.
* acinclude.m4 (GNUPG_CHECK_TYPEDEF): Define GNU Source.
Migrated to autoconf 2.52.
* acinclude.m4: Removed GNUPG_LINK_FILES and converted.
* acconfig.h: Removed
* configure.in: Replaced by...
* configure.ac: and modified for use with autoconf 2.52. Replaced
GNUPG_LINK_FILES with AC_CONFIG_LINKS and moved some informational
messages to the end. Removed --enable-m-debug
* tests/: New.
* Makefile.am: Included tests directory
* configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf.
Reported by Chris Adams. Merged some cases.
2001-05-31 Werner Koch <wk@gnupg.org>
Released 1.1.3.
* configure.in: Use _gcry_ prefix when creating the cipher constructor.
* acconfig.h (_GCRYPT_IN_LIBGCRYPT): Define it here.
2001-05-28 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GPH_PROG_DOCBOOK): Removed.
(GPH_PROG_DB2ANY): New. Taken from GPH.
* configure.in: Use it here.
2000-12-19 Werner Koch <wk@gnupg.org>
Major change:
Removed all GnuPG stuff and renamed this piece of software
to gcrypt. The directory gcrypt has been renamed to src.
2000-11-14 Werner Koch <wk@gnupg.org>
Version 1.1.2 released.
2000-11-13 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): VPATH build fix.
2000-10-10 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): Create the version file.
* configure.in: Set the libtool version here, removed the need
for the version file.
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir().
* configure.in: Changes to allow for Solaris random device.
By Nils Ellmenreich.
(--with-egd-socket): New.
* configure.in (GNUPG_HOMEDIR): New.
* configure.in: Check for fstat64 and fopen64
* acinclude.m4 (GNUPG_CHECK_FAQPROG): New.
* configure.in: Test for this.
* configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion.
Tue Aug 22 14:31:15 CEST 2000 Werner Koch <wk@openit.de>
Version 1.1.1
Fri Aug 18 14:27:14 CEST 2000 Werner Koch <wk@openit.de>
* agent/: New.
* Makefile.am, configure.in: Support for the new directory.
Mon Jul 17 16:35:47 CEST 2000 Werner Koch <wk@>
* configure.in (mingw32): Changes to allow for mingw32msvc
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
The big merge between this one and the stable branch 1.0. Still need
to merge TNANKS, AUTHORS and such. It probaly does not compile yet.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code.
* configure.in: Add check for termio.h, wait unctiosn and sigaction.
* acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New.
* acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri.
* configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël.
* acinclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
Contributed by Dave Dykstra.
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
* configure.in: Add a test for unisgned long long.
* configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD.
* configure.in: Add check for clock_gettime
* configure.in (ALL_LINGUAS): Add nl.
* configure.in (ALL_LINGUAS): Add Esperanto.
* configure.in (ALL_LINGUAS): Add sv and ja.
* configure.in: Use /usr/local for CFLAGS and LDFLAGS when
target is freebsd. By Rémi.
* configure.in: Do not set development version when the version has
a dash in it. Suggested by Dave Dykstra.
* configure.in: Removed substitution for doc/gph/Makefile.
Do all the gcc warning only in maintainer mode.
* configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc.
Suggested by Alexandre Oliva.
(-Wall): Moved the settting of gcc warning options near to the end
so that tests don't get confused. Suggested by Paul D. Smith.
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support.
(GNUPG_CHECK_RDYNAMIC): Ditto.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for
librt. Test suggested by Jeff Long.
* acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when
we can't link a test program. This way GNU systems don't need
to link against linrt.
(GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for
DJGPP.
(GNUPG_CHECK_MLOCK): Check whether mlock sits in librt.
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner.
* acconfig.h (HAVE_MLOCK): Added
Mon Mar 13 19:22:46 CET 2000 Werner Koch <wk@openit.de>
* configure.in: Now uses the Docbook M4s from GPH.
Mon Jan 31 17:46:35 CET 2000 Werner Koch <wk@>
* Makefile.am: Re-added tools. By Rémi.
Mon Jan 31 16:37:34 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Create a symlink for types.h in gcrypt/.
Thu Jan 27 18:00:44 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (g10defs.h): Replaced by gnupg-defs.h
Mon Jan 24 13:04:28 CET 2000 Werner Koch <wk@gnupg.de>
* jnlib/ : New.
* configure.in: Do set development version when the version has
a dash in it. Suggested by Dave Dykstra.
Thu Dec 9 17:22:27 CET 1999 Werner Koch <wk@gnupg.de>
* acinclude.m4 (GNUPG_FIX_HDR_VERSION): New.
* configure.in: Check and fix the version number of gcrypt/gcrypt.h
so that it is always the save as VERSION.
Thu Oct 28 16:17:46 CEST 1999 Werner Koch <wk@gnupg.de>
* Started with development series 1.1 on 1999-10-26
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* README-alpha: New
* configure.in: Fixed quoting in test for development version.
* THANKS: Add entries for Michael, Brenno and J Horacio who did
very nice Howto documents - I apoligize for forgetting to mention them
earlier.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add "-lcap" when capabilities are requested.
Add the conditional CROSS_COMPILING.
* Makefile.am: Don't use checks when CROSS_COMPILING.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ALL_LINGUAS): Add pt_PT.
* configure.in: Some tweaks for cross compiling under MingW32
* acconfig.h (USE_STATIC_RNDW32): New.
Tue Sep 7 17:08:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 1.0.0.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Create makefile in doc/gph
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New
* configure.in: use the above.
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.11.
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Minor changes to the OS/2 and Mingw32 system labels.
Add a printable name for Hurd.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Some support for DJGPP (Mark Elbrecht)
Wed Aug 4 10:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.10.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_...
* Makefile.am (DISCLEANFILES): New
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.9.
* configure.in: Print a notice when rndunix is used.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* configure.in: Ditto.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (use_local_zlib): The lost dollar is back.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case.
* configure.in: Another variant of the MX vendor string
* configure.in (--with-capabilities): Some test code (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX.
* configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra).
* VERSION: Now 0.9.8
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add test for docbook-to-man
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd,
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ZLIB,GDBM): Check both, header and lib.
Sat Jun 5 15:30:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (key_present_in_pk_list): New (Michael).
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (IS_DEVELOPMENT_VERSION): Fixed detection.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when
cross-compiling.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Fix for Unisys by Katsuhiro Kondou.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* NEWS: Add a marker line which I forgot to do for 0.9.6.
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* README: Minor updates
* VERSION: Now 0.9.6
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for
amiga-openbsd (Peter Reich)
(GNUPG_PROG_NM): Ditto
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (g10defs.h): Removed.
* configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h
Sat Mar 20 12:55:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Now 0.9.5
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is
now in the latest libtool.
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Removed the need for libtool
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced.
* acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New.
* VERSION: Now 0.9.4
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (dld): Test disabled.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* encode.c (encode_simple): temporary fix.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: New option --enable-static-rnd.
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* BUGS: Now we assign bug numbers.
* OBUGS: New to keep rack o fixed bugs (CVS only)
Fri Feb 19 18:01:54 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Released 0.9.3
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4: Removed gettext macros.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Check for -lsocket and -lnsl.
(osf4): Disable all warnings for DEC's cc.
(-Wall): Add more warning options for gcc
Sat Feb 13 12:04:43 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Changed detection of compiler flags.
* intl/ : Removed directory
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2
* configure.in: a lot of changes to allow selection of modules.
Add support for OS/2.
* acinclude.m4: add some more caching
* README: Spelling and grammar corrections (John A. Martin)
* INSTALL: Ditto.
Wed Jan 20 21:40:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: --enable-m-guard is now default
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* INSTALL: Applied new information how to build rpms by Fabio Coatti
* Makefile.in (gnupg.spec): Changed the names.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* config.links (m68k-atari-mint): New
Tue Jan 12 09:17:19 CET 1999 Gaël Quéri <gqueri@mail.dotcom.fr>
* all: Fixed typos all over the place
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add a way to statically link rndunix
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New.
* configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* README: Replaced the command overview with a short intro.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add check for dlopen in libc (Greg Troxel)
and a new define
* acconfig.h (DLSYM_NEEDS_UNDERSCORE): New.
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m (GNUPG_CHECK_PIC): New
* configure.in, acinclude.m4: Renamed all WK_ to GNUPG_
Tue Dec 8 15:09:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.4.5
Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (USE_RNDLINUX): New.
Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Released 0.4.4
* configure.in (try_asm_modules): For option --disable-asm
Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (MPI_SFLAGS): New.
Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* ABOUT-NLS: New
* configure.in (AC_REVISION): New.
Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Set to 0.4.3
Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): New macro GNUPG_DATADIR.
Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Removed gettext kludge
* acinclude.m4: Add patched AM_WITH_NKS macro
Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Kludge to make AM_GNU_GETTEXT work,
changed some macors to more modern versions. Also
changeg the all makefiles to remove duplicate ../intl.
* acinclude.m4: Removed the gettext stuff, as this
already comes with automake now.
Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (NAME_OF_DEV_RANDOM): New.
(DYNLINK_MOD_CFLAGS): New.
Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): creates include file
* acconfig.h: now includes g10defs.h
* configure.in: Removed G10_LOCALEDIR and GNUPG_LIB
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.
* scripts/gnupg.spec: New template file for RPMs
Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none))
* acinclude.h (WK_CHECK_IPC): New
* configure.in : Add checks for SysV IPC
Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-dynload): New.
Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold)
* configure.in (GNUPG_LIBDIR): New.
Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (fast_random_poll): fixed syntax bug.
Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux
Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* [all files]: Applied Matthew Skala's typo and grammar fixes.
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (getrusage,gettimeofday): New tests.
Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-m-guard): New.
Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in, acinclude.m4, intl/, po/: New macros taken
from GNOME, switched to automake 1.2f
Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (doc/Makefile): New
Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed gettext stuff
Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* checks/*test : restructured the directory.
Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed the name of the package to GNUPG and
chnaged several other names too.
Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (checks): New.
Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (mpi_config_done): Removed asm links caching.
Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): New.
* acconfig.h: Likewise.
Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in : Fixed zlib stuff
* Makefile.am: Likewise
Copyright 1998, 1999, 2000, 2001, 2002, 2003,
- 2004, 2006 Free Software Foundation, Inc.
+ 2004, 2006, 2007, 2008 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/NEWS b/NEWS
index d0c1b0f4..a9d5e8fe 100644
--- a/NEWS
+++ b/NEWS
@@ -1,521 +1,521 @@
Noteworthy changes in version 1.4.1
------------------------------------------------
* Fixed a bug introduced by 1.3.1 which led to the comsumption of far
too much entropy for the intial seeding.
- * Improved AES performance for CFB and CBS modes.
+ * Improved AES performance for CFB and CBC modes.
Noteworthy changes in version 1.4.0 (2007-12-10)
------------------------------------------------
* New configure option --disable-padlock-support which is mostly
useful in case of build problems.
Noteworthy changes in version 1.3.2 (2007-12-03)
------------------------------------------------
* The visibility attribute is now used if supported by the toolchain.
* The ACE engine of VIA processors is now used for AES-128.
* The ASN.1 DER template for SHA-224 has been fixed.
Noteworthy changes in version 1.3.1 (2007-10-26)
------------------------------------------------
* The entire library is now under the LGPL. The helper programs and
the manual are under the GPL. Kudos to Peter Gutmann for giving
permissions to relicense the rndw32 and rndunix modules.
* The Camellia cipher is now under the LGPL and included by default.
* Fixed a bug in the detection of symbol prefixes which inhibited the
build of optimzied assembler code on certain systems.
* Updated the entropy gatherer for W32.
Noteworthy changes in version 1.3.0 (2007-05-04)
------------------------------------------------
* Changed the way the RNG gets initialized. This allows to keep it
uninitialized as long as no random numbers are used. To override
this, the new macro gcry_fast_random_poll may be used. It is in
general a good idea to spread this macro into the application code
to make sure that these polls happen often enough.
* Made the RNG immune against fork without exec.
* Reading and writing the random seed file is now protected by a
fcntl style file lock on systems that provide this function.
* Support for SHA-224 and HMAC using SHA-384 and SHA-512.
* Support for the SEED cipher.
* Support for the Camellia cipher. Note that Camellia is disabled by
default, and that enabling it changes the license of libgcrypt from
LGPL to GPL.
* Support for OFB encryption mode.
* gcry_mpi_rshift does not anymore truncate the shift count.
* Reserved algorithm ranges for use by applications.
* Support for DSA2.
* The new function gcry_md_debug should be used instead of the
gcry_md_start_debug and gcry_md_stop_debug macros.
* New configure option --enable-random-daemon to support a system
wide random daemon. The daemon code is experimental and not yet
very well working. It will eventually allow to keep a global
random pool for the sake of short living processes.
* Non executable stack support is now used by default on systems
supporting it.
* Support for Microsoft Windows.
* Assembler support for the AMD64 architecture.
* New configure option --enable-mpi-path for optimized builds.
* Experimental support for ECDSA; should only be used for testing.
* New control code GCRYCTL_PRINT_CONFIG to print the build
configuration.
* Minor changes to some function declarations. Buffer arguments are
now typed as void pointer. This should not affect any compilation.
Fixed two bugs in return values and clarified documentation.
* Interface changes relative to the 1.2.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_fast_random_poll NEW
gcry_md_debug NEW
gcry_sexp_nth_string NEW
GCRY_MD_SHA224 NEW
GCRY_PK_USAGE_CERT NEW
GCRY_PK_USAGE_AUTH NEW
GCRY_PK_USAGE_UNKN NEW
GCRY_PK_ECDSA NEW
GCRY_CIPHER_SEED NEW
GCRY_CIPHER_CAMELLIA128 NEW
GCRY_CIPHER_CAMELLIA192 NEW
GCRY_CIPHER_CAMELLIA256 NEW
GCRYCTL_FAKED_RANDOM_P NEW
GCRYCTL_PRINT_CONFIG NEW
GCRYCTL_SET_RNDEGD_SOCKET NEW.
gcry_mpi_scan CHANGED: Argument BUFFER is now void*.
gcry_pk_algo_name CHANGED: Returns "?" instead of NULL.
gcry_cipher_algo_name CHANGED: Returns "?" instead of "".
gcry_pk_spec_t CHANGED: Element ALIASES is now const ptr.
gcry_md_write_t CHANGED: Argument BUF is now a const void*.
gcry_md_ctl CHANGED: Argument BUFFER is now void*.
gcry_cipher_encrypt CHANGED: Arguments IN and OUT are now void*.
gcry_cipher_decrypt CHANGED: Arguments IN and OUT are now void*.
gcry_sexp_sprint CHANGED: Argument BUFFER is now void*.
gcry_create_nonce CHANGED: Argument BUFFER is now void*.
gcry_randomize CHANGED: Argument BUFFER is now void*.
gcry_cipher_register CHANGED: Argument ALGORITHM_ID is now int*.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.2.0 (2004-04-15)
------------------------------------------------
* First stable release.
Noteworthy changes in version 1.1.94 (2004-03-29)
-------------------------------------------------
* The support for multi-threaded users goes into its third
incarnation. We removed compile time support for thread libraries.
To support the thread library of your choice, you have to set up
callback handlers at initialization time. New data structures, a
new control command, and default initializers are provided for this
purpose.
* Interface changes relative to the 1.1.93 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
libgcrypt-config --thread OBSOLETE
libgcrypt-pth.la REMOVED
libgcrypt-pthread.la REMOVED
GCRYCTL_SET_THREAD_CBS NEW
struct gcrypt_thread_cbs NEW
enum gcry_thread_option NEW
GCRY_THREAD_OPTION_PTH_IMPL NEW
GCRY_THREAD_OPTION_PTHREAD_IMPL NEW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.1.93 (2004-03-06)
-------------------------------------------------
* The automatic thread library detection has finally been removed.
From now on, only linking explicitely to libgcrypt, libgcrypt-pth
or libgcrypt-pthread is supported.
Noteworthy changes in version 1.1.92 (2004-02-20)
-------------------------------------------------
* Minor bug fixes.
* Included a limited implementation of RFC2268.
* Changed API of the gcry_ac_ functions. Only a very few programs
should be affected by this.
* Interface changes relative to the 1.1.91 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GCRY_CIPHER_RFC2268_40 NEW.
gcry_ac_data_set CHANGED: New argument FLAGS.
gcry_ac_data_get_name CHANGED: New argument FLAGS.
gcry_ac_data_get_index CHANGED: New argument FLAGS.
gcry_ac_key_pair_generate CHANGED: New and reordered arguments.
gcry_ac_key_test CHANGED: New argument HANDLE.
gcry_ac_key_get_nbits CHANGED: New argument HANDLE.
gcry_ac_key_get_grip CHANGED: New argument HANDLE.
gcry_ac_data_search REMOVED.
gcry_ac_data_add REMOVED.
GCRY_AC_DATA_FLAG_NO_BLINDING REMOVED.
GCRY_AC_FLAG_NO_BLINDING NEW: Replaces above.
Noteworthy changes in version 1.1.91 (2003-12-19)
-------------------------------------------------
* Code cleanups and minor bug fixes.
Noteworthy changes in version 1.1.90 (2003-11-14)
-------------------------------------------------
* The use of the GCRY_WEAK_RANDOM level is now deprecated in favor of
the new gcry_create_nonce function.
* gcry_sexp_build now supports a "%b" format to include a memory buffer.
* Minor configuration fixes.
* Interface changes relative to the 1.1.44 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_create_nonce NEW
gcry_sexp_build ENHANCED
Noteworthy changes in version 1.1.44 (2003-10-31)
-------------------------------------------------
* Bug fixes and more code cleanups.
* Enhanced the prime API.
* Interface changes relative to the 1.1.43 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_prime_group_generator NEW
gcry_prime_release_factors NEW
Noteworthy changes in version 1.1.43 (2003-09-04)
-------------------------------------------------
* Bug fixes and internal code cleanups.
* Support for the Serpent cipher algorithm.
* Interface changes relative to the 1.1.42 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_prime_generate NEW
gcry_prime_check NEW
Noteworthy changes in version 1.1.42 (2003-07-31)
-------------------------------------------------
* Major API cleanup. Applications need to be converted to the new
API. See README.apichanges for hints on how to do that. Backward
compatibility is provided where it was possible without too much
effort and did not collide with the overall sanitization effort.
However, this is only for ease of transition. NO DEPRECATED
FUNCTION OR DATA TYPE IS CONSIDERED A PART OF THE API OR ABI AND
WILL BE DROPPED IN THE FUTURE WITHOUT CHANGING THE SONAME OF THE
LIBRARY.
* If gcrypt.h is included in sources compiled by GCC 3.1 or later,
deprecated attributes will warn about use of obsolete functions and
type definitions. You can suppress these warnings by passing
-Wno-deprecated-declarations to the gcc command.
* gcry_check_version must be called from now on to initialize the
library, it is not longer optional.
* Removed `libgcrypt errno' concept.
* Libgcrypt depends on libgpg-error, a library that provides error
codes and according functions for all GnuPG components. Functions
that used to return error codes asa `int' have been changed to
return a code of type `gcry_error_t'. All GCRYERR_* error symbols
have been removed, since they are now contained in libgpg-error
(GPG_ERR_*). All functions and types in libgpg-error have also been
wrapped in Libgcrypt. The new types are gcry_err_code_t and
gcry_err_source_t. The new functions are gcry_err_code,
gcry_err_source, gcry_error, gcry_err_make, gcry_error_from_errno,
gcry_err_make_from_errno, gcry_err_code_from_errno,
gcry_err_code_to_errno, gcry_strsource.
* New function gcry_mpi_dump to help in debugging.
* Added alternative interface for asymmetric cryptography.
* CRC-32, CRC-32 a'la RFC 1510, CRC-24 a'la RFC 2440 are now
supported.
* SHA-256, SHA-384 and SHA-512 are now supported.
* 128 bit Twofish is now supported.
* The random module won't print the "not enough random bytes
available" anymore. A new progress status is issued instead.
* CBC-MAC for block ciphers is now supported, by using a
GCRY_CIPHER_CBC_MAC cipher flag.
* CTR mode for block ciphers is now supported.
* The public RSA exponent can now be specified in key generation.
* RSA blinding is now supported and is used automatically for RSA
decryption. It can be explicitely disabled by using the
`no-blinding' symbol in the `flags' S-Expression or by using the
GCRY_AC_FLAG_DATA_NO_BLINDING flag when using the ac interface.
* gcry_sexp_canon_len does not use a `historically encoded' error
code anymore.
* Interface changes relative to the 1.1.12 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GCRY_MPI DEPRECATED; Use: gcry_mpi_t
GcryMPI DEPRECATED; Use: gcry_mpi_t
GCRY_SEXP DEPRECATED; Use: gcry_sexp_t
GcrySexp DEPRECATED; Use: gcry_sexp_t
GCRY_CIPHER_HD DEPRECATED; Use: gcry_cipher_hd_t
GcryCipherHd DEPRECATED; Use: gcry_cipher_hd_t
GCRY_MD_HD DEPRECATED; Use: gcry_md_hd_t
GcryMDHd DEPRECATED; Use: gcry_md_hd_t
gcry_error_t NEW
gcry_err_code_t NEW
gcry_err_source_t NEW
gcry_err_make NEW
gcry_error NEW
gcry_err_code NEW
gcry_err_source NEW
gcry_err_code_from_errno NEW
gcry_err_code_to_errno NEW
gcry_err_make_from_errno NEW
gcry_error_from_errno NEW
gcry_strsource NEW
GCRYERR_{some error code} REMOVED; Use GPG_ERR_*
from libgpg-error instead.
gcry_errno REMOVED
gcry_sexp_canon_len CHANGED
gcry_sexp_build_array NEW
gcry_mpi_scan CHANGED: New argument to separate in/out args.
gcry_mpi_print CHANGED: Ditto.
gcry_mpi_dump NEW
gcry_cipher_open CHANGED
gcry_cipher_reset NEW
gcry_cipher_register NEW
gcry_cipher_unregister NEW
gcry_cipher_list NEW
gcry_cipher_algo_keylen REPLACED macro with function.
gcry_cipher_algo_blklen REPLACED macro with function.
gcry_pk_register NEW
gcry_pk_unregister NEW
gcry_pk_list NEW
gcry_pk_decrypt ENHANCED: Allows flag to return
complete S-expression.
gcry_md_open CHANGED
gcry_md_copy CHANGED
gcry_md_is_enabled NEW
gcry_md_is_secure NEW
gcry_md_register NEW
gcry_md_unregister NEW
gcry_md_list NEW
gcry_ac_data_t NEW
gcry_ac_key_t NEW
gcry_ac_key_pair_t NEW
gcry_ac_handle_t NEW
gcry_ac_key_spec_rsa_t NEW
gcry_ac_data_new NEW
gcry_ac_data_destroy NEW
gcry_ac_data_set NEW
gcry_ac_data_copy NEW
gcry_ac_data_length NEW
gcry_ac_data_get_name NEW
gcry_ac_data_get_index NEW
gcry_ac_data_clear NEW
gcry_ac_open NEW
gcry_ac_close NEW
gcry_ac_key_init NEW
gcry_ac_key_pair_generate NEW
gcry_ac_key_pair_extract NEW
gcry_ac_key_data_get NEW
gcry_ac_key_test NEW
gcry_ac_key_get_nbits NEW
gcry_ac_key_get_grip NEW
gcry_ac_key_destroy NEW
gcry_ac_key_pair_destroy NEW
gcry_ac_data_encrypt NEW
gcry_ac_data_decrypt NEW
gcry_ac_data_sign NEW
gcry_ac_data_verify NEW
gcry_ac_id_to_name NEW
gcry_ac_name_to_id NEW
gcry_handler_progress_t NEW
gcry_handler_alloc_t NEW
gcry_handler_secure_check_t NEW
gcry_handle_realloc_t NEW
gcry_handler_free_t NEW
gcry_handler_no_mem_t NEW
gcry_handler_error_t NEW
gcry_handler_log_t NEW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.1.12 (2003-01-20)
-------------------------------------------------
* gcry_pk_sign, gcry_pk_verify and gcry_pk_encrypt can now handle an
optional pkcs1 flags parameter in the S-expression. A similar flag
may be passed to gcry_pk_decrypt but it is only syntactically
implemented.
* New convenience macro gcry_md_get_asnoid.
* There is now some real stuff in the manual.
Noteworthy changes in version 1.1.11 (2002-12-21)
-------------------------------------------------
* Don't export internal symbols anymore (currently only for GNU systems)
* New algorithm: MD4
* Implemented ciphertext stealing.
* Smaller bugs fixes and a few new OIDs.
* Interface changes relative to the 1.1.8 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_cipher_cts NEW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.1.10 (2002-09-20)
-------------------------------------------------
* Fixed shared library builds for i386, PPC and Sparc.
* Added simple benchmark tool.
* Replaced the internal mutexes by code which automatically adapts to
the used threading library. Currently Pth and Pthread are
supported. For non-ELF systems the GNU toolchain is now required..
* Added untested support to build Windows DLLs.
Noteworthy changes in version 1.1.9 (2002-08-23)
------------------------------------------------
* Support for plain old DES.
Noteworthy changes in version 1.1.8 (2002-06-25)
------------------------------------------------
* Minor cleanups and exported a few new functions.
* Interface changes relative to the 1.1.7 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_mpi_div NEW
gcry_mpi_mod NEW
gcry_mpi_invm NEW
gcry_mpi_swap NEW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.1.7 (2002-05-21)
------------------------------------------------
* Libgcrypt is now distributed under the terms of the GNU Lesser
General Public License; see the README file for details.
* It is possible to use libgcrypt w/o intialized secure memory.
* Libgcrypt should now be thread safe after the initialization.
gcry_control (GCRYCRL_INITIALIZATION_FINISHED,NULL,0) should have
been called before creating additional threads.
* Interface changes relative to the 1.1.6 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GCRYCTL_DISABLE_INTERNAL_LOCKING NEW
GCRYCTL_DISABLE_SECMEM NEW
GCRYCTL_INITIALIZATION_FINISHED NEW
GCRYCTL_INITIALIZATION_FINISHED_P NEW
GCRYCTL_ANY_INITIALIZATION_P NEW
gcry_strdup NEW
gcry_sexp_create NEW
gcry_sexp_new NEW
gcry_set_progress_handler NEW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Noteworthy changes in version 1.1.6 (2002-02-07)
------------------------------------------------
* Enhanced the S-expression conversion functions.
Noteworthy changes in version 1.1.5 (2001-12-18)
------------------------------------------------
* gcry_{cipher,md}_map_name are now able to map stringified object IDs.
* New functions gcry_sexp_canon_len and gcry_cipher_mode_from_oid.
* Closed some memory leaks.
Noteworthy changes in version 1.1.4 (2001-08-03)
------------------------------------------------
* Arcfour does now work.
* Some minor fixes.
* Added a first test program
* Migrated to autoconf 2.52.
Noteworthy changes in version 1.1.3 (2001-05-31)
------------------------------------------------
* First release of Libgcrypt which is a result of splitting GnuPG
into into libgcrypt and GnuPG.
Copyright 2001, 2002, 2003, 2004, 2007 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 8f91be67..48022245 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3508 +1,3532 @@
+2008-04-18 Werner Koch <wk@g10code.com>
+
+ * ac.c (ac_data_extract): Make static.
+
+ * camellia.h [HAVE_CONFIG_H]: Include config.h.
+
+ * rndw32.c (registry_poll): Only print the performance data
+ problem warning once. Suggested by Simon Josefsson.
+
+2008-03-19 Werner Koch <wk@g10code.com>
+
+ * cipher.c (gcry_cipher_open) [USE_AES]: Init bulk encryption only
+ if requested. Suggested by Dirk Stoecker.
+
+2008-03-18 Werner Koch <wk@g10code.com>
+
+ * sha1.c: Include stdint.h.
+ (transform): Add arg NBLOCKS so that we can work on more than one
+ block and avoid updates of the chaining variables. Changed all
+ callers to use 1.
+ (sha1_write): Replace loop around transform.
+ (transform_aligned) [WORDS_BIGENDIAN]: New.
+ (TRANSFORM): New macro to replace all direct calls of transform.
+
2008-03-17 Werner Koch <wk@g10code.com>
* rijndael.c (_gcry_aes_cfb_dec): New.
(do_encrypt): Factor code out to ..
(do_encrypt_aligned): .. New.
(_gcry_aes_cfb_enc, _gcry_aes_cfb_dec): Use new function.
(do_decrypt): Factor code out to ..
(do_decrypt_aligned): .. new.
(_gcry_aes_cbc_enc, _gcry_aes_cbc_dec): New.
* cipher.c (struct gcry_cipher_handle): Put field IV into new
union U_IV to enforce proper alignment. Change all users.
(do_cfb_decrypt): Optimize.
(do_cbc_encrypt, do_cbc_decrypt): Optimize.
2008-03-15 Werner Koch <wk@g10code.com>
* rijndael.c (_gcry_aes_cfb_enc): New.
* cipher.c (struct gcry_cipher_handle): Add field ALGO and BULK.
(gcry_cipher_open): Set ALGO and BULK.
(do_cfb_encrypt): Optimize.
2008-02-18 Werner Koch <wk@g10code.com>
* rsa.c (_gcry_rsa_verify) [IS_DEVELOPMENT_VERSION]: Print
intermediate results.
2008-01-08 Werner Koch <wk@g10code.com>
* random.c (add_randomness): Do not just increment
POOL_FILLED_COUNTER but update it by the actual amount of data.
2007-12-13 Werner Koch <wk@g10code.com>
* pubkey.c (sexp_data_to_mpi): Support SHA-224.
2007-12-05 Werner Koch <wk@g10code.com>
* rijndael.c (USE_PADLOCK): Depend on ENABLE_PADLOCK_SUPPORT.
* rndhw.c (USE_PADLOCK): Ditto
* rsa.c (secret): Fixed condition test for using CRT. Reported by
Dean Scarff. Fixes bug#864.
(_gcry_rsa_check_secret_key): Return an erro if the optional
parameters are missing.
* pubkey.c (sexp_elements_extract): Add arg ALGO_NAME. Changed all
callers to pass NULL. Add hack to allow for optional RSA
parameters.
(sexp_to_key): Pass algo name to sexp_elements_extract.
2007-12-03 Werner Koch <wk@g10code.com>
* random.c (gcry_random_add_bytes): Implement it.
* rand-internal.h (RANDOM_ORIGIN_EXTERNAL): New.
2007-11-30 Werner Koch <wk@g10code.com>
* rndhw.c: New.
* rndlinux.c (_gcry_rndlinux_gather_random): Try to read 50%
directly from the hwrng.
* random.c (do_fast_random_poll): Also run the hw rng fast poll.
(_gcry_random_dump_stats): Tell whether the hw rng failed.
2007-11-29 Werner Koch <wk@g10code.com>
* rijndael.c (USE_PADLOCK): Define new macro used for ia32.
(RIJNDAEL_context) [USE_PADLOCK]: Add fields USE_PADLOCK and
PADLOCK_KEY.
(do_setkey) [USE_PADLOCK]: Enable padlock if available for 128 bit
AES.
(do_padlock) [USE_PADLOCK]: New.
(rijndael_encrypt, rijndael_decrypt) [USE_PADLOCK]: Divert to
do_padlock.
* cipher.c (cipher_context_alignment_t): New. Use it in this
module in place of PROPERLY_ALIGNED_TYPE.
(NEED_16BYTE_ALIGNED_CONTEXT): Define macro for ia32.
(struct gcry_cipher_handle): Add field HANDLE_OFFSET.
(gcry_cipher_open): Take care of increased alignment requirements.
(gcry_cipher_close): Ditto.
2007-11-28 Werner Koch <wk@g10code.com>
* sha256.c (asn224): Fixed wrong template. It happened due to a
bug in RFC4880. SHA-224 is not in the stable version of libgcrypt
so the consequences are limited to users of this devel version.
2007-10-31 Werner Koch <wk@g10code.com>
* ac.c (gcry_ac_data_new): Remove due to the visibility wrapper.
(gcry_ac_data_destroy, gcry_ac_data_copy, gcry_ac_data_length)
(gcry_ac_data_set, gcry_ac_data_get_name, gcry_ac_data_get_index)
(gcry_ac_data_to_sexp, gcry_ac_data_from_sexp)
(gcry_ac_data_clear, gcry_ac_io_init, gcry_ac_open)
(gcry_ac_close, gcry_ac_key_init, gcry_ac_key_pair_generate)
(gcry_ac_key_pair_extract, gcry_ac_key_destroy)
(gcry_ac_key_pair_destroy, gcry_ac_key_data_get)
(gcry_ac_key_test, gcry_ac_key_get_nbits, gcry_ac_key_get_grip)
(gcry_ac_data_encrypt, gcry_ac_data_decrypt, gcry_ac_data_sign)
(gcry_ac_data_verify, gcry_ac_data_encode, gcry_ac_data_decode)
(gcry_ac_mpi_to_os, gcry_ac_mpi_to_os_alloc, gcry_ac_os_to_mpi)
(gcry_ac_data_encrypt_scheme, gcry_ac_data_decrypt_scheme)
(gcry_ac_data_sign_scheme, gcry_ac_data_verify_scheme)
(gcry_ac_io_init_va): Ditto.
(gcry_ac_id_to_name, gcry_ac_name_to_id): Remove as these
deprecated functions are now implemented by visibility.c.
2007-10-26 Werner Koch <wk@g10code.com>
* rndw32.c: Disable debug flag.
2007-10-25 Werner Koch <wk@g10code.com>
* rndw32.c: Updated from current cryptlib snapshot and modified
for our use. Removed support from pre NT systems.
(slow_gatherer_windows95): Remove.
(_gcry_rndw32_gather_random): Require an NT platform.
(init_system_rng, read_system_rng, read_mbm_data): New.
(slow_gatherer_windowsNT): Rename to ...
(slow_gatherer): .. this. Read system RNG and MBM.
(registry_poll): New with code factored out from slow_gatherer.
2007-08-23 Werner Koch <wk@g10code.com>
* random.c (pool_filled_counter): New.
(add_randomness): Use it.
2007-08-22 Werner Koch <wk@g10code.com>
* rndw32.c, rndunix.c: Switched to LGPL.
2007-05-30 Werner Koch <wk@g10code.com>
* camellia.h, camellia.c: Replace by new LGPL version and adjusted
camellia.h.
2007-05-09 Marcus Brinkmann <marcus@g10code.de>
* ac.c (_gcry_ac_io_init_va, _gcry_ac_io_write, _gcry_ac_io_read):
Adjust users of gcry_ac_io_t because union is not anonymous
anymore.
2007-05-02 Werner Koch <wk@g10code.com>
* camellia-glue.c (camellia_setkey, camellia_encrypt)
(camellia_decrypt): Recalculated used stack size in called
functions.
* camellia.h: Redefine external symbols.
2007-05-02 David Shaw <dshaw@jabberwocky.com>
* Makefile.am, cipher.c: Add Camellia.
* camellia-glue.c: New. The necessary glue to interface libgcrypt
to the stock NTT Camellia distribution.
* camellia.h, camellia.c: The stock NTT Camellia distribution
(GPL).
2007-04-30 David Shaw <dshaw@jabberwocky.com>
* cipher.c: Use #if instead of #ifdef as configure defines the
USE_cipher defines as 0 for disabled.
2007-04-30 Werner Koch <wk@g10code.com>
* rndegd.c (_gcry_rndegd_set_socket_name): New.
2007-04-30 Marcus Brinkmann <marcus@g10code.de>
* ecc.c (ec2os): Fix relocation of short numbers.
* ecc.c (generate_key): Do not allocate D, which will be allocated
by GEN_K. Remove G. Fix test if g_x, g_y resp. q_x, q_y are
requested.
(_gcry_ecc_generate): Release unneeded members of SK.
* pubkey.c (sexp_to_key): Release NAME.
2007-04-28 Marcus Brinkmann <marcus@g10code.de>
* ac.c (gcry_ac_mpi): Remove member NAME_PROVIDED.
(ac_data_mpi_copy, _gcry_ac_data_set, _gcry_ac_data_get_name)
(_gcry_ac_data_get_index, ac_data_construct): Adjust handling of
NAME accordingly.
2007-04-20 Werner Koch <wk@g10code.com>
* ecc.c (domain_parms): Add standard brainpool curves.
2007-04-18 Werner Koch <wk@g10code.com>
* ecc.c (generate_curve): Implement alias mechanism.
* pubkey.c (sexp_elements_extract_ecc): New.
(sexp_to_key): Add special case for ecc.
(sexp_to_key, sexp_to_sig, sexp_to_enc, gcry_pk_genkey): Replace
name_terminated stuff by a call to _gcry_sexp_nth_string.
(gcry_pk_get_keygrip): Ditto.
2007-04-16 Werner Koch <wk@g10code.com>
* ecc.c (_gcry_ecc_generate): Renamed DUMMY to CURVE and use it.
2007-04-13 Marcus Brinkmann <marcus@g10code.de>
* ac.c (ac_data_construct): Cast const away to suppress compiler
warning.
* ecc.c (ecc_generate): Avoid compiler warning for unused argument
DUMMY.
(ecc_verify): Avoid compiler warning for unused arguments CMP and
OPAQUEV.
2007-04-06 Werner Koch <wk@g10code.com>
* sha1.c (oid_spec_sha1): Add another oid from X9.62.
2007-03-28 Werner Koch <wk@g10code.com>
* pubkey.c (gcry_pk_genkey): Do not issue misc-key-info if it is
empty.
(gcry_pk_genkey): New parameter "curve".
* ecc.c: Entirely rewritten with only a few traces of the old
code left.
(_gcry_ecc_generate): New.
(generate_key) New arg NAME.
(generate_curve): Ditto. Return actual number of NBITS.
2007-03-26 Werner Koch <wk@g10code.com>
* pubkey.c (gcry_pk_genkey): Increase size of SKEY array and add a
runtime bounds check.
2007-03-23 Werner Koch <wk@g10code.com>
* ecc.c (ecc_ctx_init, ecc_ctx_free, ecc_mod, ecc_mulm): New.
(duplicate_point, sum_points, escalar_mult): Don't use a
copy of base->p. Replaced all mpi_mulm by ecc_mulm so that we can
experiment with different algorithms.
(generate_key, check_secret_key, sign, verify): Initialize a
computation context for use by ecc_mulm.
2007-03-22 Werner Koch <wk@g10code.com>
* pubkey.c (pubkey_table): Initialize ECC.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Add ecc.c.
* ecc.c: New. Heavily reformatted and changed for use in libgcrypt.
(point_init): New.
(escalar_mult): Make arg R the first arg to be similar to the mpi
functions.
(duplicate_point): Ditto
(sum_points): Ditto
(sign, verify): Remove unneeded copy operations.
(sum_points): Removed memory leaks and optimized some compares.
(verify): Simplified input check.
2007-03-14 Werner Koch <wk@g10code.com>
* random.c (MASK_LEVEL): Removed macro as it was used only at one
place. Open coded it there.
(gcry_randomize, _gcry_update_random_seed_file)
(_gcry_fast_random_poll): Factor lock code out to ..
(lock_pool, unlock_pool): .. new.
(initialize): Look the pool while allocating.
(read_random_source, do_fast_random_poll): Moved intialization to ...
(initialize): .. here.
(_gcry_enable_quick_random_gen): No more need for initialization.
(is_initialized): Moved this global flag to ..
(initialize): .. here and changed all users to unconditionally call
initialize.
(add_randomness): Remove initalization here. It simply can't
happen.
* random.c (enum random_origins): Moved to ..
* rand-internal.h: .. here.
* rndunix.c (_gcry_rndunix_gather_random): Use enum in prototype
for ORIGIN and renamed REQUESTOR to ORIGIN.
* rndegd.c (_gcry_rndegd_gather_random): Ditto.
* rndlinux.c (_gcry_rndlinux_gather_random): Ditto.
* rndw32.c (_gcry_rndw32_gather_random): Ditto.
(_gcry_rndw32_gather_random_fast): Ditto.
2007-03-13 Werner Koch <wk@g10code.com>
* random.c (enum random_origins): New.
(add_randomness): Renamed arg SOURCE to ORIGIN.
(read_random_source): Renamed arg REQUESTOR to ORIGIN.
(getfnc_gather_random): Removed static variable because this
function is only called one and thus we don't need this
optimization.
(_gcry_quick_random_gen): Removed and replaced by..
(_gcry_enable_quick_random_gen): .. this. It is onlyu used to
enable it and it does not make sense to disable it later. Changed
the only one caller too.
(get_random_bytes): Removed.
(gcry_random_bytes, gcry_random_bytes_secure): Implement in terms
of gcry_randomize.
* random-daemon.c (_gcry_daemon_get_random_bytes): Removed.
2007-02-23 Werner Koch <wk@g10code.com>
* elgamal.c (generate): Removed unused variable TEMP.
(test_keys): New arg NODIE.
(generate_using_x, _gcry_elg_generate_using_x): New.
* pubkey.c (pubkey_generate): New arg XVALUE and direct call to
the new elgamal generate fucntion.
(gcry_pk_genkey): Parse the new "xvalue" tag.
2007-02-22 Werner Koch <wk@g10code.com>
* pubkey.c (sexp_data_to_mpi): Handle dynamically allocated
algorithms. Suggested by Neil Dunbar. Fixes bug#596.
* rndw32.c (_gcry_rndw32_gather_random_fast): Make it return void.
* cipher.c (gcry_cipher_algo_name): Simplified.
* random.c: Use the daemon only if compiled with USE_RANDOM_DAEMON.
* Makefile.am (libcipher_la_SOURCES): Build random-daemon support
only if requested.
2007-02-21 Werner Koch <wk@g10code.com>
* random.c (rndpool, keypool): Make unsigned.
(mix_pool): Change char* variables to unsigned char*.
(gcry_randomize): Make arg BUFFER a void*.
(gcry_create_nonce): Ditto.
* rmd160.c (gcry_rmd160_mixblock): Make BUFFER a void*.
(_gcry_rmd160_hash_buffer): Make OUTBUF and BUFFER void*.
* sha1.c (_gcry_sha1_hash_buffer): Ditto.
* cipher.c (gcry_cipher_encrypt, cry_cipher_decrypt): Change
buffer args to void*.
(gcry_cipher_register): Make ALGORITHM_ID a int *.
* md.c (md_start_debug): Make SUFFIX a const char*. Use snprintf.
(gcry_md_debug): New.
(gcry_md_ctl): Changed arg BUFFER from unsigned char*.
* md.c (md_write): Make INBUF a const void*.
(gcry_md_write): Remove needless cast.
* crc.c (crc32_write): Make INBUF a const void*
(update_crc32, crc24rfc2440_write): Ditto.
* sha512.c (sha512_write, transform): Ditto.
* sha256.c (sha256_write, transform): Ditto.
* rmd160.c (rmd160_write, transform): Ditto.
* md5.c (md5_write, transform): Ditto.
* md4.c (md4_write, transform): Ditto.
* sha1.c (sha1_write, transform): Ditto.
* tiger.c (tiger_write, transform): Ditto.
* whirlpool.c (whirlpool_write, whirlpool_add, transform): Ditto.
* elgamal.c (elg_names): Change to a const*.
* dsa.c (dsa_names): Ditto.
* rsa.c (rsa_names): Ditto.
* pubkey.c (gcry_pk_lookup_func_name): Make ALIASES a const.
2007-02-20 Werner Koch <wk@g10code.com>
* rndlinux.c (open_device): Remove unsused arg MINOR.
2007-01-30 Werner Koch <wk@g10code.com>
* sha256.c (oid_spec_sha256): Add alias from pkcs#1.
* sha512.c (oid_spec_sha512): Ditto.
(oid_spec_sha384): Ditto.
2006-12-18 Werner Koch <wk@g10code.com>
* rndlinux.c (set_cloexec_flag): New.
(open_device): Set close-on-exit flags. Suggested by Max
Kellermann. Fixes Debian#403613.
* Makefile.am (AM_CPPFLAGS, AM_CFLAGS): Splitted and merged
Moritz' changes.
(INCLUDES): Removed.
2006-11-30 Werner Koch <wk@g10code.com>
* serpent.c (byte_swap_32): Remove trailing semicolon.
2006-11-15 Werner Koch <wk@g10code.com>
* Makefile.am (INCLUDES): Include ../src/
2006-11-03 Werner Koch <wk@g10code.com>
* random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not
sys/times.h. Reported by Rafaël Carré.
2006-11-05 Moritz Schulte <moritz@g10code.com>
* Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the
new gcrypt.h is used, not the one installed in the system.
2006-10-25 Werner Koch <wk@g10code.com>
* primegen.c (prime_generate_internal): Tweaked use of secure
memory and entropy use. Safe unused primes from the pool. Allocate
at least a pool of 30.
(save_pool_prime, get_pool_prime): New.
2006-10-23 Werner Koch <wk@g10code.com>
* ac.c (_gcry_ac_data_from_sexp): Reset sexp_tmp for failsafe
means. Release sexp_cur if needed. Reported by Dirk Stoecker.
* pubkey.c (pubkeys_registered_lock): Intialized it. It is not
realy needed because this is a mere initialization to 0 anyway.
Noted by Victor Stinner.
2006-10-17 Werner Koch <wk@g10code.com>
* dsa.c (_gcry_dsa_generate2): New.
(generate): New arg QBITS. Add sanity checks for reasonable qbits
and nbits.
* pubkey.c (gcry_pk_genkey): Parse an qbits element.
(pubkey_generate): New arg QBITS. Pass it to the DSA generation.
2006-10-05 Werner Koch <wk@g10code.com>
* md.c (gcry_md_algo_info) <get_asnoid>: Check that the algo is
available.
2006-10-04 David Shaw <dshaw@jabberwocky.com> (wk)
* tiger.c (round): Rename to tiger_round as gcc 4 has a built-in
round function that this conflicts with.
2006-09-11 Werner Koch <wk@g10code.com>
* rndw32.c (slow_gatherer_windowsNT): While adding data use the
size of the diskPerformance and not its address. Has been fixed in
GnuPG more than a year ago. Noted by Lee Fisher.
2006-08-30 Werner Koch <wk@g10code.com>
* pubkey.c (sexp_data_to_mpi): Need to allow "ripemd160" here as
this is the canonical name.
2006-08-29 Hye-Shik Chang <perky@FreeBSD.org> (wk)
* seed.c: New.
2006-08-03 Werner Koch <wk@g10code.com>
* random-daemon.c (_gcry_daemon_initialize_basics): Don't
initialize the socket. Remove arg SOCKETNAME.
(connect_to_socket): Make sure that daemon is set to -1 on error.
(call_daemon): Initialize the socket on the first call.
(_gcry_daemon_randomize, _gcry_daemon_get_random_bytes)
(_gcry_daemon_create_nonce): New arg SOCKETNAME.
* random.c (initialize): Call new daemon initializator.
(get_random_bytes, gcry_randomize, gcry_create_nonce): Pass socket
name to daemon call and reset allow_daemon on failure.
2006-07-26 Werner Koch <wk@g10code.com>
* rmd160.c (_gcry_rmd160_mixblock): Add cast to transform call.
* blowfish.c (selftest): Cast string to usnigned char*.
* primegen.c (prime_generate_internal): Cast unsigned/char*
mismatch in calling m_out_of_n.
(is_prime): Changed COUNT to unsigned int *.
* ac.c (_gcry_ac_data_copy): Initialize DATA_MPIS.
* random.c (gcry_create_nonce): Update the pid after a fork.
Reported by Uoti Urpala.
2006-07-04 Marcus Brinkmann <marcus@g10code.de>
* sha512.c: Fix typo in copyright notice.
2006-06-21 Werner Koch <wk@g10code.com>
* rsa.c (_gcry_rsa_generate): Replace xcalloc by calloc.
* pubkey.c (gcry_pk_encrypt, gcry_pk_sign): Ditto.
(sexp_to_key, sexp_to_sig, sexp_to_enc, gcry_pk_encrypt)
(gcry_pk_sign, gcry_pk_genkey, gcry_pk_get_keygrip): Ditto.
* md.c (md_copy): Ditto.
2006-04-22 Moritz Schulte <moritz@g10code.com>
* random-daemon.c (_gcry_daemon_initialize_basics): New argument:
SOCKETNAME. Passing on to connect_to_socket() if non-NULL.
(connect_to_socket, writen, readn, call_daemon): New functions.
(_gcry_daemon_randomize, _gcry_daemon_get_random_bytes)
(_gcry_daemon_create_nonce): Call call_daemon().
(RANDOM_DAEMON_SOCKET): New symbol.
(daemon_socket): New static variable.
* random.h (_gcry_daemon_initialize_basics): New parameter:
SOCKETNAME.
(_gcry_set_random_daemon_socket): New declaration.
* random.c (initialize_basics): Pass DAEMON_SOCKET_NAME to
_gcry_daemon_initialize_basics.
(_gcry_set_random_daemon_socket): New function, setting
DAEMON_SOCKET_NAME.
2006-04-01 Moritz Schulte <moritz@g10code.com>
* ac.c (eme_pkcs_v1_5_encode): Use KEY_SIZE directly, no need to
call gcry_ac_key_get_nbits.
(eme_pkcs_v1_5_decode): Likewise.
(ac_es_dencode_prepare_pkcs_v1_5): Fill options_em structure with
key_size.
(_gcry_ac_data_dump, gcry_ac_data_dump): New functions.
(_gcry_ac_data_to_sexp, _gcry_ac_data_from_sexp): More or less
rewritten; changed S-Expression format so that it matches the one
used in pubkey.c.
2006-03-15 Werner Koch <wk@g10code.com>
* random-daemon.c: New.
* random.c (_gcry_use_random_daemon): New.
(get_random_bytes, gcry_randomize, gcry_create_nonce): Try
diverting to the daemon functions.
2006-03-14 Werner Koch <wk@g10code.com>
* random.c (lock_seed_file): New.
(read_seed_file, _gcry_update_random_seed_file): Use it.
* random.c (gcry_create_nonce): Detect a fork and re-seed.
(read_pool): Fixed the fork detection; it used to work only for
multi-threaded processes.
2006-03-12 Brad Hards <bradh@frogmouth.net> (wk)
* md.c (md_open): Use new variable macpads_Bsize instead of
hardwiring the block size. Changed at all places.
2006-03-10 Brad Hards <bradh@frogmouth.net> (wk, patch 2005-04-22)
* md.c, sha256.c: Add support for SHA-224.
(sha224_init): New.
2006-01-18 Brad Hards <bradh@frogmouth.net> (wk 2006-03-07)
* cipher.c (cipher_encrypt, cipher_decrypt, do_ofb_encrypt)
(do_ofb_decrypt, gcry_cipher_open): Implement Output Feedback Mode.
2005-11-02 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_algo_name): Return "?" instead of NULL for
unknown algorithm IDs.
* cipher.c (cipher_algo_to_string): Likewise.
2005-11-01 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_algo_info): Don't forget to break after switch
case.
2005-09-19 Werner Koch <wk@g10code.com>
* dsa.c (generate): Add preliminary support for 2 and 4 keys.
Return an error code if the key size is not supported.
(_gcry_dsa_generate): Return an error.
2005-08-22 Werner Koch <wk@g10code.com>
* primegen.c (check_prime): New arg RM_ROUNDS.
(prime_generate_internal): Call it here with 5 rounds as used
before.
(gcry_prime_check): But here with 64 rounds.
(is_prime): Make sure never to use less than 5 rounds.
2005-04-16 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_init): New function.
2005-04-12 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_io_write, _gcry_ac_io_read): Initialize err to
make the compiler happy.
Always use errno, now that gcry_malloc() is guaranteed to set
errno on failure.
(_gcry_ac_data_to_sexp): Don't forget to goto out after error in
loop.
(_gcry_ac_data_to_sexp): Remove unused variable: mpi_list;
(_gcry_ac_data_to_sexp): Always deallocate sexp_buffer.
(_gcry_ac_data_from_sexp): Don't forget to initialize data_set_new.
(_gcry_ac_data_from_sexp): Handle special case, which is
necessary, since gcry_sexp_nth() does not distinguish between
"element does not exist" and "element is the empty list".
(_gcry_ac_io_init_va): Use assert to make sure that mode and type
are correct.
Use gcry_error_t types where gcry_err_code_t types have been used
before.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_data_sign_scheme): Don't forget to initialize
buffer.
* whirlpool.c: New file.
* md.c (digest_table): Add whirlpool.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Added: whirlpool.c.
2005-03-30 Moritz Schulte <moritz@g10code.com>
* ac.c (_gcry_ac_data_from_sexp): Use length of SEXP_CUR, not
length of SEXP; do not forget to set SEXP_TMP to NULL after it has
been released.
(struct gcry_ac_mpi): New member: name_provided.
(_gcry_ac_data_set): Rename variable `name_final' to `name_cp';
remove const qualifier; change code to not cast away const
qualifiers; use name_provided member as well.
(_gcry_ac_data_set, _gcry_ac_data_get_name): Use name_provided
member of named mpi structure.
(gcry_ac_name_to_id): Do not forget to initialize err.
(_gcry_ac_data_get_index): Do not forget to initialize mpi_return;
use gcry_free() instead of free(); remove unnecessary cast; rename
mpi_return and name_return to mpi_cp and name_cp; adjust code.
(ac_data_mpi_copy): Do not cast away const qualifier.
(ac_data_values_destroy): Likewise.
(ac_data_construct): Likewise.
(ac_data_mpi_copy): Initialize flags to GCRY_AC_FLAG_DEALLOC.
(ac_data_extract): Use GCRY_AC_FLAG_DEALLOC instead of
GCRY_AC_FLAG_COPY.
(_gcry_ac_io_init_va, _gcry_ac_io_init, gcry_ac_io_init)
(gcry_ac_io_init_va, _gcry_ac_io_write, _gcry_ac_io_read)
(_gcry_ac_io_read_all, _gcry_ac_io_process): New functions.
(gry_ac_em_dencode_t): Use gcry_ac_io_t in prototype instead of
memroy strings directly; adjust encode/decode functions to use io
objects.
(emsa_pkcs_v1_5_encode_data_cb): New function ...
(emsa_pkcs_v1_5_encode): ... use it here.
(ac_data_dencode): Use io objects.
(_gcry_ac_data_encode, _gcry_ac_data_decode, gcry_ac_data_encode)
(gcry_ac_data_decode): Likewise.
(_gcry_ac_data_encrypt_scheme, gcry_ac_data_encrypt_scheme)
(_gcry_ac_data_decrypt_scheme, gcry_ac_data_decrypt_scheme)
(_gcry_ac_data_sign_scheme, gcry_ac_data_sign_scheme)
(_gcry_ac_data_verify_scheme, gcry_ac_data_verify_scheme):
Likewise.
2005-03-23 Werner Koch <wk@g10code.com>
* rndw32.c (_gcry_rndw32_gather_random_fast): While adding data
use the size of the object and not the one of its address. Bug
reported by Sascha Kiefer.
2005-03-19 Moritz Schulte <moritz@g10code.com>
* cipher.c (do_cbc_encrypt): Be careful to not overwrite data,
which is to be used later on. This happend, in case CTS is
enabled and OUTBUF is equal to INBUF.
2005-02-25 Werner Koch <wk@g10code.com>
* pubkey.c (gcry_pk_get_keygrip): Allow for shadowed-private-key.
2005-02-13 Moritz Schulte <moritz@g10code.com>
* serpent.c: Updated from 1.2 branch:
s/u32_t/u32/ and s/byte_t/byte/. Too match what we have always
used and are using in all other files too
(serpent_test): Moved prototype out of a fucntion.
2005-02-07 Moritz Schulte <moritz@g10code.com>
* ac.c: Major parts rewritten.
* pubkey.c (_gcry_pk_get_elements): New function.
2004-12-09 Werner Koch <wk@g10code.com>
* serpent.c (serpent_setkey): Moved prototype of serpent_test to
outer scope.
2004-09-11 Moritz Schulte <moritz@g10code.com>
* pubkey.c (pubkey_table): Added an alias entry for GCRY_PK_ELG_E.
2004-08-23 Moritz Schulte <moritz@g10code.com>
* ac.c: Do not include <assert.h>.
* rndegd.c: Likewise.
* sha1.c: Likewise.
* rndunix.c: Likewise.
* rndlinux.c: Likewise.
* rmd160.c: Likewise.
* md5.c: Likewise.
* md4.c: Likewise.
* cipher.c: Likewise.
* crc.c: Likewise.
* blowfish.c: Likewise.
* pubkey.c (dummy_generate, dummy_check_secret_key)
(dummy_encrypt, dummy_decrypt, dummy_sign, dummy_verify): Return
err code GPG_ERR_NOT_IMPLEMENTED instead of aborting through
log_bug().
(dummy_get_nbits): Return 0 instead of aborting though log_bug().
2004-08-19 Werner Koch <wk@g10code.de>
* pubkey.c (sexp_data_to_mpi): Changed the zero random byte
substituting code to actually do clever things. Thanks to
Matthias Urlichs for noting the implementation problem.
2004-08-09 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_sign): Fixed memory leak; fix provided by
Modestas Vainius.
2004-07-16 Werner Koch <wk@gnupg.org>
* rijndael.c (do_encrypt): Fix alignment problem. Bugs found by
Matthias Urlichs.
(do_decrypt): Ditto.
(keySched, keySched2): Use 2 macros along with unions in the key
schedule context.
2004-07-14 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_decrypt): Don't forget to free "a". Thanks to
Nikos Mavroyanopoulos.
2004-05-09 Werner Koch <wk@gnupg.org>
* random.c (read_pool): Mix the PID in to better protect after a
fork.
2004-07-04 Moritz Schulte <moritz@g10code.com>
* serpent.c: Use "u32_t" instead of "unsigned long", do not
declare S-Box variables as "register". Fixes failure on
OpenBSD/sparc64, reported by Nikolay Sturm.
2004-05-07 Werner Koch <wk@gnupg.org>
* random.c (initialize): Factored out some code to ..
(initialize_basics): .. new function.
(_gcry_random_initialize): Just call initialize_basics unless the
new arg FULL is set to TRUE.
(_gcry_fast_random_poll): Don't do anything unless the random
system has been really initialized.
2004-05-07 Moritz Schulte <moritz@g10code.de>
* ac.c (gcry_ac_open): Do not dereference NULL pointer. Reported
by Umberto Salsi.
2004-02-20 Werner Koch <wk@gnupg.org>
* primegen.c (check_prime): New args CB_FUNC and CB_ARG; call them
at different stages. Pass these arguments through all callers.
2004-02-06 Werner Koch <wk@gnupg.org>
* des.c: Add a new OID as used by pkcs#12.
* rfc2268.c: New. Taken from libgcrypt.
* cipher.c: Setup the rfc2268 algorithm.
2004-01-25 Moritz Schulte <mo@g10code.com>
* primegen.c (prime_generate_internal): Do not forget to free
`q_factor'; fixed by Brieuc Jeunhomme.
(prime_generate_internal): Do not forget to free `prime'.
2004-01-14 Moritz Schulte <mo@g10code.com>
* ac.c (gcry_ac_data_set): New argument: flags; slightly
rewritten.
(gcry_ac_data_get_name, gcry_ac_data_get_index): Likewise.
(gcry_ac_key_pair_generate): New argument: misc_data; modified
order of arguments.
(gcry_ac_key_test): New argument: handle.
(gcry_ac_key_get_nbits, gcry_ac_key_get_grip): Likewise.
Use GCRY_AC_FLAG_NO_BLINDING instead of
GCRY_AC_DATA_FLAG_NO_BLINDING.
(gcry_ac_mpi): New member: flags.
(gcry_ac_data_search, gcry_ac_data_add): Removed functions.
2003-12-22 Werner Koch <wk@gnupg.org>
* primegen.c (is_prime): Release A2.
2003-12-19 Werner Koch <wk@gnupg.org>
* md.c: Moved a couple of functions down below the data structure
definitions.
(struct gcry_md_context): New field ACTUAL_HANDLE_SIZE.
(md_open): Set it here.
(strcut gcry_md_list): New field ACTUAL_STRUCT_SIZE.
(md_enable): Set it here.
(md_close): Wipe the context memory.
secure memory.
* cipher.c (struct gcry_cipher_handle): New field ACTUAL_HANDLE_SIZE.
(gcry_cipher_open): Set it here.
(gcry_cipher_close): Use it to always wipe out the handle data.
* ac.c (gcry_ac_open): Make sure HANDLE gets initialized even when
the function is not successful.
(gcry_ac_close): Allow a NULL handle.
(gcry_ac_key_destroy, gcry_ac_key_pair_destroy): Ditto.
(gcry_ac_key_get_grip): Return INV_OBJ on error.
* primegen.c (prime_generate_internal): Fixed error code for
failed malloc. Replaced the !err if chain by gotos.
(gcry_prime_group_generator): Remove the extra sanity check.
* md.c: Minor code and comment cleanups.
2003-12-16 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Doc fix. Thanks to Newton Hammet.
2003-12-11 Werner Koch <wk@gnupg.org>
* rndunix.c (slow_poll): Don't use #warning but #error.
* rndegd.c: Changed indentation.
(my_make_filename): Removd the var_arg cruft becuase we
don't need it here. Changed caller.
* rndlinux.c: Changed indentation.
(open_device): Remove the superfluous stat call and clarify
comment.
* rsa.c: Changed indentation.
(secret): Use the standard algorithm if p, q and u are not
available.
(rsa_blind, rsa_unblind): Renamed from _gcry_rsa_blind,
_gcry_rsa_unblind and moved more to the top.
* md4.c: Changed indentation. Removed unnecessary casts.
* md5.c, rmd160.c, sha1.c, tiger.c: Ditto.
* rijndael.c, twofish.c: Ditto.
* serpent.c: Removed unnecessary casts.
* sha256.c, sha512.c: Ditto.
2003-12-09 Werner Koch <wk@gnupg.org>
* dsa.c: Unified indentation style.
* elgamal.c: Ditto.
* des.c (des_key_schedule): Code beautifications.
* blowfish.c: Changed indentation style.
* cast5.c (do_cast_setkey): Ditto.
* pubkey.c (gcry_pk_encrypt): Replaced the chain of if(!err) tests
by straightforward gotos. Other cleanups.
(gcry_pk_decrypt): Ditto.
(gcry_pk_sign): Ditto.
(gcry_pk_verify): Ditto.
(gcry_pk_genkey): Ditto. Use strtoul instead of strtol.
(gcry_pk_ctl): Use GPG_ERR_INV_ARG to indicate bad arguments.
2003-12-07 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_register_default): Undef the helper macro.
(gcry_pk_map_name): Allow NULL for string.
(sexp_to_key): Use memcpy and not strncpy. Use gcry_free and not
free.
(sexp_to_sig): Ditto.
(sexp_to_enc): Ditto. Replaced the chain of if(!err) tests by
straightforward gotos.
2003-12-05 Werner Koch <wk@gnupg.org>
* cipher.c: Documentation cleanups.
(gcry_cipher_mode_from_oid): Allow NULL for STRING.
2003-12-03 Werner Koch <wk@gnupg.org>
* elgamal.c (sign, do_encrypt, gen_k): Make sure that a small K is
only used for encryption.
2003-11-18 Werner Koch <wk@gnupg.org>
* random.h (rndw32_set_dll_name): Removed unused prototype.
* Makefile.am (EXTRA_DIST): Added Manifest.
2003-11-11 Werner Koch <wk@gnupg.org>
* Manifest: New.
2003-11-04 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Use shortcut for SHA1
* sha1.c (_gcry_sha1_hash_buffer): New.
* random.c: Reformatted most functions.
(mix_pool): Moved the failsafe_digest from global
scope to here.
(do_fast_random_poll): Use the generic fucntions even if a fast
gathering function has been used.
(read_pool): Detect a fork and retry.
(gcry_randomize, get_random_bytes): Don't distinguish anymore
between weak and strong random.
(gcry_create_nonce): New.
2003-10-31 Werner Koch <wk@gnupg.org>
* rndw32.c (slow_gatherer_windowsNT): Use a plain buffer for the
disk performance values and not the W32 API structure.
* dsa.c (verify): s/exp/ex/ due to shadowing of a builtin.
* elgamal.c (verify): Ditto.
* ac.c (gcry_ac_data_get_index): s/index/idx/
(gcry_ac_data_copy_internal): Remove the cast in _gcry_malloc.
(gcry_ac_data_add): Must use gcry_realloc instead of realloc.
* pubkey.c (sexp_elements_extract): s/index/idx/ as tribute to the
forehackers.
(gcry_pk_encrypt): Removed shadowed definition of I. Reordered
arguments to malloc for clarity.
(gcry_pk_sign, gcry_pk_genkey): Ditto.
* primegen.c (prime_generate_internal): s/random/randomlevel/.
2003-10-27 Moritz Schulte <mo@g10code.com>
* pubkey.c (gcry_pk_encrypt): Don't forget to deallocate pkey.
2003-10-27 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_add_bytes): Return if buflen is zero to
avoid gcc warning about unsed parameter.
(MASK_LEVEL): Simplified; does now work for signed and unsigned
w/o warnings.
* md.c (md_start_debug): Removed the const from SUFFIX, because
this function is called from the control fucntion which does not
require const.
Prefixed all (pubkey,digest,cipher}_spec_* globale variables with
_gcry_.
* ac.c (ac_key_identifiers): Made static.
* random.c (getfnc_gather_random,getfnc_fast_random_poll): Move
prototypes to ..
* rand-internal.h: .. here
* random.c (getfnc_gather_random): Include rndw32 gatherer.
* rndunix.c, rndw32.c, rndegd.c: Include them here.
* rndlinux.c (_gcry_rndlinux_gather_random): Prepend the _gcry_
prefix. Changed all callers.
* rndegd.c (_gcry_rndegd_gather_random): Likewise.
(_gcry_rndegd_connect_socket): Likewise.
* rndunix.c (_gcry_rndunix_gather_random): Likewise.
(waitpid): Made static.
* rndw32.c: Removed the old and unused winseed.dll cruft.
(_gcry_rndw32_gather_random_fast): Renamed from
gather_random_fast.
(_gcry_rndw32_gather_random): Renamed from gather_random. Note,
that the changes 2003-04-08 somehow got lost.
* sha512.c (sha512_init, sha384_init): Made static.
* cipher.c (do_ctr_decrypt): Removed "return" from this void
function.
2003-10-24 Moritz Schulte <mo@g10code.com>
* serpent.c: Fix an issue on big-endian systems.
* rndw32.c: Removed IS_MODULE -cruft.
* rndlinux.c (rndlinux_gather_random): Likewise.
2003-10-10 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Bail out if NBITS is less than 16.
(prime_generate_internal): Initialize prime variable to suppress
compiler warning. Check pbits, initialize qbits when passed as
zero.
* primegen.c (prime_generate_internal): New arg
ALL_FACTORS. Changed all callers.
(gcry_prime_generate): Make the factors arg optional. Request
all_factors. Make sure PRIME is set to NULL even on error.
(gcry_prime_group_generator): New.
(gcry_prime_release_factors): New.
2003-10-06 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Assert that NBITS is never zero, it
would cause a segv.
2003-09-28 Moritz Schulte <mo@g10code.com>
* ac.c: Include "cipher.h".
2003-09-27 Moritz Schulte <mo@g10code.com>
* rndegd.c (do_read): Return nread instead of nbytes; thanks to
Michael Caerwyn.
2003-09-04 Werner Koch <wk@gnupg.org>
* pubkey.c (_gcry_pk_aliased_algo_name): New.
* ac.c (gcry_ac_open): Use it here.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Add serpent.c
2003-09-02 Moritz Schulte <mo@g10code.com>
* primegen.c (gcry_prime_check, gcry_prime_generate): New
functions.
(prime_generate_internal): New function, based on
_gcry_generate_elg_prime.
(_gcry_generate_elg_prime): Rewritten as a wrapper for
prime_generate_internal.
2003-08-28 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_encrypt): Don't include the flags list in the
return value. This does not make sense and breaks any programs
parsing the output strictly (e.g. current gpgsm).
(gcry_pk_encrypt): If aliases for the algorithm name exists, take
the first one instead of the regular name to adhere to SPKI
conventions.
(gcry_pk_genkey): Ditto.
(gcry_pk_sign): Ditto. Removed unused KEY_ALGO_NAME.
2003-08-19 Moritz Schulte <mo@g10code.com>
* cipher.c: Add support for Serpent
* serpent.c: New file.
2003-08-10 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_blind, _gcry_rsa_unblind): Declare static.
2003-08-09 Timo Schulz <twoaday@freakmail.de>
* random.c (getfnc_gather_random): Don't check NAME_OF_DEV_RANDOM
two times, but also the NAME_OF_DEV_URANDOM device.
2003-08-08 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_enc): Fixed extraction of S-Expression: do not
fail if no `flags' sub S-Expression is found.
2003-07-27 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_lookup_func_oid): Allow for empty OID lists.
2003-07-23 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_construct): New argument: include_flags, only
include `flags' S-expression, if include_flags is true. Adjust
callers. Thanks for triggering a bug caused by `flags'
sub-S-expression where they are not expected to Ralf Schneider.
2003-07-21 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_lookup_func_name): Use new member name
`aliases' instead of `sexp_names'.
* ac.c (gcry_ac_key_data_get): New function.
* cipher.c (gcry_cipher_lookup_func_name): Fix return value.
2003-07-20 Moritz Schulte <moritz@g10code.com>
* blowfish.c: Adjusted for new gcry_cipher_spec_t structure.
* cast5.c: Likewise.
* twofish.c: Likewise.
* arcfour.c: Likewise.
* rijndael.c (rijndael_oids, rijndael192_oids, rijndael256_oids):
New variables, adjust for new gcry_cipher_spec_t structure.
* des.c (oids_tripledes): New variable, adjust for new
gcry_cipher_spec_t structure.
* md.c (oid_table): Removed.
* tiger.c (oid_spec_tiger): New variable.
(digest_spec_tiger): Adjusted for new gry_md_spec_t structure.
* sha512.c (oid_spec_sha512): New variable.
(digest_spec_sha512): Adjusted for new gry_md_spec_t structure.
* sha512.c (oid_spec_sha384): New variable.
(digest_spec_sha384): Adjusted for new gry_md_spec_t structure.
* sha256.c (oid_spec_sha256): New variable.
(digest_spec_sha256): Adjusted for new gry_md_spec_t structure.
* sha1.c (oid_spec_sha1): New variable.
(digest_spec_sha1): Adjusted for new gry_md_spec_t structure.
* rmd160.c (oid_spec_rmd160): New variable.
(digest_spec_rnd160): Adjusted for new gry_md_spec_t structure.
* md5.c (oid_spec_md5): New variable.
(digest_spec_md5): Adjusted for new gry_md_spec_t structure.
* md4.c (oid_spec_md4): New variable.
(digest_spec_md4): Adjusted for new gry_md_spec_t structure.
* crc.c (digest_spec_crc32, digest_spec_crc32_rfc1510,
digest_spec_crc32_rfc2440): Adjusted for new gry_md_spec_t
structure.
2003-07-19 Moritz Schulte <moritz@g10code.com>
* md.c (gcry_md_lookup_func_oid): New function.
(search_oid): New function, copied from cipher.c.
(gcry_md_map_name): Adjust for new search_oid_interface.
* cipher.c (oid_table): Removed table.
(gcry_cipher_lookup_func_oid): New function.
(search_oid): Rewritten to use the module functions.
(gcry_cipher_map_name): Adjust for new search_oid interface.
(gcry_cipher_mode_from_oid): Likewise.
2003-07-18 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Convert ERR to gpg_error_t in
gpg_strerror.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_lookup_func_name): Also check the cipher
name aliases, not just the primary name.
(gcry_cipher_map_name): Remove kludge for aliasing Rijndael to
AES.
* arcfour.c, blowfish.c, cast5.c, des.c, twofish.c: Adjust cipher
specification structures.
* rijndael.c (rijndael_names, rijndael192_names,
rijndael256_names): New variables, use them in the cipher
specifications.
* rmd160test.c: Removed file.
* ac.c, arcfour.c, blowfish.c, cast5.c, cipher.c, des.c, dsa.c,
elgamal.c, md.c, pubkey.c, random.c, rijndael.c, rsa.c, twofish.c:
Used gcry_err* wrappers for libgpg symbols.
* primegen.c (gen_prime): Correct the order arguments to
extra_check.
2003-07-12 Moritz Schulte <moritz@g10code.com>
* ac.c: Replaced all public occurences of gpg_error_t with
gcry_error_t.
* cipher.c: Likewise.
* md.c: Likewise.
* pubkey.c: Likewise.
* random.c: Likewise.
* cipher.c: Added support for TWOFISH128.
2003-07-08 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_copy_internal): New function, based on
gcry_ac_data_copy.
(gcry_ac_data_copy): Made public, use gcry_ac_data_copy_internal.
(gcry_ac_key_init): Use gcry_ac_data_copy_internal.
2003-07-07 Moritz Schulte <moritz@g10code.com>
* ac.c (gcry_ac_data_set): Only release old MPI value if it is
different from the new value. Bug reported by Simon Josefsson
<jas@extundo.com>.
* pubkey.c (gcry_pk_list): New function.
* md.c (gcry_md_list): New function.
* ac.c (gcry_ac_key_pair_generate): Fix calculation of format
string size.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* md.c: Named struct of digest_table `digest_table_entry'.
(digest_table_entry): New member: algorithm; filled in.
(digest_table_entry): Removed unused member: flags.
(gcry_md_register): New argument: algorithm_id, filled in.
(gcry_md_register_default): Used algorithm ID from module
structure.
(gcry_md_map_name): Likewise.
(md_enable): Likewise.
(md_read): Likewise.
(gcry_md_info): Likewise.
* pubkey.c: Named truct for pubkey_table `pubkey_table_entry'.
(pubkey_table_entry): New member: algorithm; filled in.
(gcry_pk_register_default): Used algorithm ID from pubkey_table.
(gcry_pk_register): New argument: algorithm_id, filled in.
(gcry_pk_map_name): Used algorithm ID from module structure.
(gcry_pk_decrypt): Likewise.
(gcry_pk_encrypt): Likewise.
(gcry_pk_verify): Likewise.
(gcry_pk_sign): Likewise.
(gcry_pk_testkey): Likewise.
(gcry_pk_genkey): Likewise.
(gcry_pk_get_nbits): Likewise.
(sexp_to_key): Removed unused variable: algo.
(sexp_to_sig): Likewise.
* cipher.c: Named struct for cipher_table `cipher_table_entry'.
(cipher_table_entry): New member: algorithm; filled in.
(gcry_cipher_register_default): Used algorithm ID from
cipher_table.
(gcry_cipher_register): New argument: algorithm_id, filled in.
(gcry_cipher_map_name): Used algorithm ID from module structure.
* arcfour.c (cipher_spec_arcfour): Removed algorithm ID.
* blowfish.c (cipher_spec_blowfish): Likewise.
* cast5.c (cipher_spec_cast5): Likewise.
* crc.c (digest_spec_crc32): Likewise.
* crc.c (digest_spec_crc32_rfc1510): Likewise.
* crc.c (digest_spec_crc32_rfc2440): Likewise.
* des.c (cipher_spec_des): Likewise.
* des.c (cipher_spec_tripledes): Likewise.
* dsa.c (pubkey_spec_dsa): Likewise.
* elgamal.c (pubkey_spec_elg): Likewise.
* md4.c (digest_spec_md4): Likewise.
* md5.c (digest_spec_md5): Likewise.
* aes.c (cipher_spec_aes): Likewise.
* aes.c (cipher_spec_aes192): Likewise.
* aes.c (cipher_spec_aes256): Likewise.
* rsa.c (pubkey_spec_rsa): Likewise.
* sha1.c (digest_spec_sha1): Likewise.
* sha256.c (digest_spec_sha256): Likewise.
* sha512.c (digest_spec_sha512): Likewise.
* tiger.c (digest_spec_tiger): Likewise.
* twofish.c (cipher_spec_twofish): Likewise.
* twofish.c (cipher_spec_twofish128): Likewise.
* Makefile.am (EXTRA_libcipher_la_SOURCES): Fix list of source
files; reported by Simon Josefsson <jas@extundo.com>.
* pubkey.c: Replaced all occurences of `id' with `algorithm',
since `id' is a keyword in obj-c.
* md.c: Likewise.
* cipher.c: Likewise.
* crc.c, md4.c, md5.c, rmd160.c, sha1.c, sha256.c, tiger.c:
Replaced all occurences of gcry_digest_spec_t with gcry_md_spec_t.
* dsa.c, rsa.c, elgamal.c: Replaced all occurencens of
gcry_pubkey_spec_t with gcry_pk_spec_t.
* md.c: Replaced all occurences of gcry_digest_spec_t with
gcry_md_spec_t.
(gcry_digest_register_default): Renamed to ...
(gcry_md_register_default): ... this; adjusted callers.
(gcry_digest_lookup_func_name): Renamed to ...
(gcry_md_lookup_func_name): ... this; adjusted callers.
(gcry_digest_lookup_name): Renamed to ...
(gcry_md_lookup_name): ... this; adjusted callers.
(gcry_digest_register): Renamed to ...
(gcry_md_register): ... this.
(gcry_digest_unregister): Renamed to ...
(gcry_md_unregister): ... this.
* pubkey.c (gcry_pubkey_register): Renamed to ...
(gcry_pk_register): ... this.
(gcry_pubkey_unregister): Renamed to ...
(gcry_pk_unregister): ... this.
Replaced all occurences of gcry_pubkey_spec_t with gcry_pk_spec_t.
(gcry_pubkey_register_default): Renamed to ...
(gcry_pk_register_default): ... this; adjusted callers.
(gcry_pubkey_lookup_func_name): Renamed to ...
(gcry_pk_lookup_func_name): ... this; adjusted callers.
(gcry_pubkey_lookup_name): Renamed to ...
(gcry_pk_lookup_name): ... this; adjusted callers.
* md.c (gcry_md_hash_buffer): Fix error checking. Thanks to Simon
Josefsson <jas@extunde.com>.
2003-07-04 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_list): New function.
2003-07-01 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_sig): Accept a `flags' S-expression to be more
consistent with sexp_to_enc.
2003-06-30 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libcipher_la_SOURCES): Added: ac.c.
* pubkey.c (_gcry_pk_module_lookup): New function.
(_gcry_pk_module_release): New function.
2003-06-29 Moritz Schulte <moritz@g10code.com>
* ac.c: New file.
2003-06-26 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Trigger BUG correcly with new API.
2003-06-19 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_is_enabled): Fixed.
2003-06-18 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_get_algo_keylen): New.
(gcry_cipher_get_algo_blklen): New.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* arcfour.c, cipher.c, blowfish.c, md.c, cast5.c, pubkey.c, crc.c,
des.c, dsa.c, elgamal.c, md4.c, md5.c, random.c, rijndael.c,
rmd160.c, rsa.c, sha1.c, sha256.c, sha512.c, tiger.c, twofish.c:
Replaced older types GcryDigestSpec, GcryCipherSpec and
GcryPubkeySpec with newer types: gcry_digest_spec_t,
gcry_cipher_spec_t and gcry_pubkey_spec_t.
* md.c (gcry_digest_id_new): Removed function.
(gcry_digest_register): Removed code for generating a new module
ID.
* pubkey.c (gcry_pubkey_id_new): Removed function.
(gcry_pubkey_register): Removed code for generating a new module
ID.
* cipher.c, md.c, pubkey.c: Replace old type GcryModule with newer
one: gcry_module_t.
(gcry_cipher_id_new): Removed function.
(gcry_cipher_register): Removed code for generating a new module
ID.
* cipher.c (gcry_cipher_register): Adjust call to
_gcry_module_add.
(gcry_cipher_register_default): Likewise.
* pubkey.c (gcry_pubkey_register_default): Likewise.
(gcry_pubkey_register): Likewise.
* md.c (gcry_digest_register_default): Likewise.
(gcry_digest_register): Likewise.
* md.c (gcry_digest_lookup_func_id): Removed function.
(gcry_digest_lookup_id): Likewise.
(gcry_digest_id_new): Use _gcry_module_lookup_id instead of
gcry_digest_lookup_id.
(digest_algo_to_string): Likewise.
(check_digest_algo): Likewise.
(md_enable): Likewise.
(md_digest_length): Likewise.
(md_asn_oid): Likewise.
* pubkey.c (gcry_pubkey_lookup_id): Removed function.
(gcry_pubkey_lookup_func_id): Likewise.
(gcry_pubkey_id_new): Use _gcry_module_lookup_id instead of
gcry_pubkey_id_new.
(gcry_pk_algo_name): Likewise.
(disable_pubkey_algo): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_get_npkey): Likewise.
(pubkey_get_nskey): Likewise.
(pubkey_get_nsig): Likewise.
(pubkey_get_nenc): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(gcry_pk_algo_info): Likewise.
* cipher.c (gcry_cipher_lookup_func_id): Removed function.
(gcry_cipher_lookup_id): Likewise.
(cipher_algo_to_string): use _gcry_module_lookup_id instead of
gcry_cipher_lookup_id.
(disable_cipher_algo): Likewise.
(check_cipher_algo): Likewise.
(cipher_get_blocksize): Likewise.
(gcry_cipher_open): Likewise.
(gcry_cipher_id_new): Likewise.
2003-06-17 Moritz Schulte <moritz@g10code.com>
* Makefile.am (GCRYPT_MODULES): Set to @GCRYPT_CIPHERS@,
@GCRYPT_PUBKEY_CIPHERS@, @GCRYPT_DIGESTS@ and @GCRYPT_RANDOM@.
(libcipher_la_DEPENDENCIES): Set to $(GCRYPT_MODULES).
(libcipher_la_LIBADD): Likewise.
(AM_CFLAGS): Added: @GPG_ERROR_CFLAGS@.
(EXTRA_libcipher_la_SOURCES): Added all conditional sources.
* md.c (md_open): Use _gcry_fast_random_poll instead of
fast_random_poll.
* cipher.c (gcry_cipher_open): Likewise.
* random.h (fast_random_poll): Removed macro.
* blowfish.c, md4.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c,
tiger.c: Use Autoconf's WORDS_BIGENDIAN instead of our own
BIG_ENDIAN_HOST.
2003-06-16 Moritz Schulte <moritz@g10code.com>
* random.c (getfnc_gather_random): Do not special-case
USE_ALL_RANDOM_MODULES, make it the default.
* dsa.c: Replace last occurences of old type names with newer
names (i.e. replace MPI with gcry_mpi_t).
* elgamal.c: Likewise.
* primegen.c: Likewise.
* pubkey.c: Likewise.
* rsa.c: Likewise.
2003-06-14 Moritz Schulte <moritz@g10code.com>
* des.c (des_setkey): Add selftest check.
(tripledes_set3keys): Likewise.
(do_tripledes_setkey): Remove selftest check.
(do_des_setkey): Likewise.
2003-06-11 Moritz Schulte <moritz@g10code.com>
* md.c (_gcry_md_init): New function.
* cipher.c (_gcry_cipher_init): New function.
* pubkey.c (_gcry_pk_init): New function.
2003-06-13 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_get_algo): Reverted to old API. This is a
convenience function anyway and error checking is not approriate.
(gcry_md_is_secure): New.
(gcry_md_is_enabled): New.
2003-06-12 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_open): Make sure HANDLE is set to NULL on
error.
2003-06-11 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_open): Make sure H receives either NULL or an
valid handle.
(gcry_md_copy): Swapped arguments so that it is more in lione with
md_open and most other API fucntions like memcpy (destination
comes first). Make sure HANDLE is set to NULL on error.
* rijndael.c (do_encrypt): Hack to force correct alignment. It
seems not to be not sufficient, though. We should rework this
fucntions and remove all these ugly casts. Let the compiler
optimize or have an assembler implementation.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Removed rules serpent, since that is not commited
yet.
2003-06-08 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_encrypt): Improve calculation for size of the
format string.
2003-06-07 Moritz Schulte <moritz@g10code.com>
* arcfour.c, bithelp.h, blowfish.c, cast5.c, cipher.c, crc.c,
des.c, dsa.c, elgamal.c, md4.c, md5.c, md.c, primegen.c, pubkey.c,
rand-internal.h, random.c, random.h, rijndael.c, rmd160.c,
rmd160test.c, rmd.h, rndeged.c, rndlinux.c, rndunix.c, rndw32.c,
rsa.c, sha1.c, sha256.c, sha512.c, tiger.c, twofish.c: Edited all
preprocessor instructions to remove whitespace before the '#'.
This is not required by C89, but there are some compilers out
there that don't like it. Replaced any occurence of the now
deprecated type names with the new ones.
2003-06-04 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_encrypt): Construct an arg_list and use
gcry_sexp_build_array instead of gcry_sexp_build.
(gcry_pk_sign): Likewise.
(gcry_pk_genkey): Likewise.
2003-06-01 Moritz Schulte <moritz@g10code.com>
* dsa.c (_gcry_dsa_generate): Do not check wether the algorithm ID
does indeed belong to DSA.
(_gcry_dsa_sign): Likewise.
(_gcry_dsa_verify): Likewise.
(_gcry_dsa_get_nbits): Likewise.
* elgamal.c (_gcry_elg_check_secret_key): Do not check wether the
algorithm ID does indeed belong to ElGamal.
(_gcry_elg_encrypt): Likewise.
(_gcry_elg_decrypt): Likewise.
(_gcry_elg_sign): Likewise.
(_gcry_elg_verify): Likewise.
(_gcry_elg_get_nbits): Likewise.
(_gcry_elg_generate): Likewise.
* rsa.c (_gcry_rsa_generate): Do not check wether the algorithm ID
does indeed belong to RSA.
(_gcry_rsa_encrypt): Likewise.
(_gcry_rsa_decrypt): Likewise.
(_gcry_rsa_sign): Likewise.
(_gcry_rsa_verify): Likewise.
(_gcry_rsa_get_nbits): Likewise.
2003-05-30 Moritz Schulte <moritz@g10code.com>
* md.c (md_get_algo): Return zero in case to algorithm is enabled.
* md.c (gcry_md_info): Adjusted for new no-errno-API.
(md_final): Likewise.
(gcry_md_get_algo): Likewise.
* pubkey.c (gcry_pk_get_keygrip): Likewise.
(gcry_pk_ctl): Likewise.
(gcry_pk_algo_info): Likewise.
* des.c (selftest): Likewise.
2003-05-29 Moritz Schulte <moritz@g10code.com>
* md.c (md_enable): Do not forget to release module on error.
(gcry_md_open): Adjusted for new no-errno-API.
(md_open): Likewise.
(md_copy): Likewise.
(gcry_md_copy): Likewise.
(gcry_md_setkey): Likewise.
(gcry_md_algo_info): Likewise.
* cipher.c (gcry_cipher_open): Adjusted for new no-errno-API and
also fixed a locking bug.
(gcry_cipher_encrypt): Adjusted for new no-errno-API.
(gcry_cipher_decrypt): Likewise.
(gcry_cipher_ctl): Likewise.
(gcry_cipher_info): Likewise.
(gcry_cipher_algo_info): Likewise.
2003-05-28 Moritz Schulte <moritz@g10code.com>
* md.c (md_enable): Adjusted for libgpg-error.
(gcry_md_enable): Likewise.
(gcry_digest_register_default): Likewise.
(gcry_digest_register): Likewise.
(check_digest_algo): Likewise.
(prepare_macpads): Likewise.
(gcry_md_setkey): Likewise.
(gcry_md_ctl): Likewise.
(gcry_md_get): Likewise.
(gcry_md_algo_info): Likewise.
(gcry_md_info): Likewise.
* dsa.c (_gcry_dsa_generate): Likewise.
(_gcry_dsa_check_secret_key): Likewise.
(_gcry_dsa_sign): Likewie.
(_gcry_dsa_verify): Likewise.
* twofish.c (do_twofish_setkey): Likewise.
(twofish_setkey): Likewise.
* cipher.c (gcry_cipher_register): Likewise.
2003-05-25 Moritz Schulte <moritz@g10code.com>
* rijndael.c (do_setkey): Adjusted for libgpg-error.
(rijndael_setkey): Likewise.
* random.c (gcry_random_add_bytes): Likewise.
* elgamal.c (_gcry_elg_generate): Likewise.
(_gcry_elg_check_secret_key): Likewise.
(_gcry_elg_encrypt): Likewise.
(_gcry_elg_decrypt): Likewise.
(_gcry_elg_sign): Likewise.
(_gcry_elg_verify): Likewise.
* rsa.c (_gcry_rsa_generate): Likewise.
(_gcry_rsa_check_secret_key): Likewise.
(_gcry_rsa_encrypt): Likewise.
(_gcry_rsa_decrypt): Likewise.
(_gcry_rsa_sign): Likewise.
(_gcry_rsa_verify): Likewise.
* pubkey.c (dummy_generate, dummy_check_secret_key, dummy_encrypt,
dummy_decrypt, dummy_sign, dummy_verify): Likewise.
(gcry_pubkey_register): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(sexp_elements_extract): Likewise.
(sexp_to_key): Likewise.
(sexp_to_sig): Likewise.
(sexp_to_enc): Likewise.
(sexp_data_to_mpi): Likewise.
(gcry_pk_encrypt): Likewise.
(gcry_pk_decrypt): Likewise.
(gcry_pk_sign): Likewise.
(gcry_pk_verify): Likewise.
(gcry_pk_testkey): Likewise.
(gcry_pk_genkey): Likewise.
(gcry_pk_ctl): Likewise.
* cipher.c (dummy_setkey): Likewise.
(check_cipher_algo): Likewise.
(gcry_cipher_open): Likewise.
(cipher_setkey): Likewise.
(gcry_cipher_ctl): Likewise.
(cipher_encrypt): Likewise.
(gcry_cipher_encrypt): Likewise.
(cipher_decrypt): Likewise.
(gcry_cipher_decrypt): Likewise.
(gcry_cipher_info): Likewise.
(gcry_cipher_algo_info): Likewise.
* cast5.c (cast_setkey): Likewise.
(do_cast_setkey): Likewise.
* arcfour.c (arcfour_setkey): Likewise.
(do_arcfour_setkey): Likewise.
* blowfish.c (do_bf_setkey): Likewise.
(bf_setkey): Likewise.
* des.c (do_des_setkey): Likewise.
(do_tripledes_setkey): Likewise.
2003-05-22 Moritz Schulte <moritz@g10code.com>
* tiger.c: Merged code ussing the U64_C macro from GnuPG.
* sha512.c: Likewise.
2003-05-17 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_genkey): Fix type: acquire a lock, instead of
releasing it.
2003-05-11 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_testkey): Call REGISTER_DEFAULT_CIPHERS.
(gcry_pk_ctl): Likewise.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* pubkey.c (gcry_pk_genkey): Release sexp after extracted data has
been used.
* md.c (gcry_md_get_algo_dlen): Simplified, simply call
md_digest_length to do the job.
* des.c (do_des_setkey): Check for selftest failure not only
during initialization.
(do_tripledes_setkey): Include check for selftest failure.
* pubkey.c (gcry_pubkey_register_default): New macro
`pubkey_use_dummy', use it.
* elgamal.c (elg_names): New variable.
(pubkey_spec_elg): Include elg_names.
* dsa.c (dsa_names): New variable.
(pubkey_spec_dsa): Include dsa_names.
* rsa.c (rsa_names): New variable.
(pubkey_spec_rsa): Include rsa_names.
* pubkey.c (gcry_pubkey_lookup_func_name): Compare name also with
the names listed in `sexp_names'.
2003-04-24 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_to_key): New variables: module, pubkey. Adjusted
to new module interface.
(sexp_to_key): Changend type of argument `retalgo' from `int *' to
`GcryModule **'. Adjusted all callers. Removed argument:
r_algotblidx.
(sexp_to_sig): Changend type of argument `retalgo' from `int *' to
`GcryModule **'. Adjusted all callers.
(sexp_to_enc): Likewise.
(pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig,
pubkey_get_nenc): Use strlen to find out the number.
* rsa.c: Adjust pubkey_spec_rsa to new internal interface.
* dsa.c: Likewise.
* elgamal.c: Likewise.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* pubkey.c (sexp_elements_extract): New function.
* pubkey.c (sexp_to_key): Removed variable `idx', added `err', use
sexp_elements_extract.
(sexp_to_sig): Likewise.
(sexp_to_enc): Likewise.
* pubkey.c: Terminate list correctly.
* md.c: Include sha512/sha384 in digest_table.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Include support for sha512.c.
* sha512.c: New file, merged from GnuPG, with few modifications
for libgcrypt.
* rand-internal.h: Removed declarations for constructor functions.
* md.c (md_copy): Call _gcry_module_use for incrementing the usage
counter of the digest modules.
* rsa.c: Do not include "rsa.h".
* dsa.c: Do not include "dsa.h".
* elgamal.c: Do not include "elgamal.h".
* des.c: Do not include "des.h".
* cast5.c: Do not include "cast5.h".
* blowfish.c: Do not include "blowfish.h".
* arcfour.c: Do not include "arcfour.h".
* Makefile.am (libcipher_la_DEPENDENCIES): Removed.
(libcipher_la_LIBADD): Removed.
Use Automake conditionals for conditional compilation.
2003-04-13 Moritz Schulte <moritz@g10code.com>
* cipher.c (gcry_cipher_open): Call REGISTER_DEFAULT_CIPHERS.
* md.c (gcry_md_list): New member: module.
(md_enable): New variable: module, changed use of module and
digest.
(md_enable): Initialize member: module.
(md_close): Call _gcry_module_release.
* cipher.c (gcry_cipher_open): New variable: module, changed use of
module and cipher.
(struct gcry_cipher_handle): New member: module.
(gcry_cipher_open): Initialize member: module.
(gcry_cipher_close): Call _gcry_module_release.
2003-04-09 Moritz Schulte <moritz@g10code.com>
* cipher.c: Include "ath.h".
* md.c: Likewise.
* pubkey.c: Likewise.
* cipher.c (ciphers_registered_lock): New variable.
* md.c (digests_registered_lock): New variable.
* pubkey.c (pubkeys_registered_lock): New variable.
* rndlinux.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndlinux_constructor): Removed function.
* rndegd.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndegd_constructor): Removed function.
* rndunix.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndunix_constructor): Removed function.
* rndw32.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rndw32_constructor): Removed function.
* rndegd.c (rndegd_connect_socket): Simplify code for creating the
egd socket address.
(rndegd_connect_socket): Call log_fatal use instead of
g10_log_fatal.
(egd_gather_random): Renamed to ...
(rndegd_gather_random): ... here.
2003-04-08 Moritz Schulte <moritz@g10code.com>
* rndlinux.c: Do not include "dynload.h".
* rndunix.c: Likewise.
* rndw32.c: Likewise.
* rndegd.c (rndegd_connect_socket): Factored out from ...
(egd_gather_random): here; call it.
(egd_socket): New variable.
(egd_gather_random): Initialize fd with egd_socket, do not declare
fd static.
(do_read): Merged few changes from GnuPG. FIXME - not finished?
Do not include "dynload.h".
* rndw32.c (gather_random): Renamed to rndw32_gather_random, do
not declare static.
(gather_random_fast): Renamed to rndw32_gather_random_fast, do not
declare static.
* rndunix.c (gather_random): Renamed to rndunix_gather_random, do
not declare static.
* rndegd.c (gather_random): Renamed to rndegd_gather_random, do
not declare static.
* rndlinux.c (gather_random): Renamed to rndlinux_gather_random,
do not declare static.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libcipher_la_SOURCES): Removed construct.c.
(libcipher_la_SOURCES): Added sha1.c, sha256.c, rmd160.c, md4.c,
md5.c, tiger.c and crc.c
(EXTRA_PROGRAMS): Removed sha1, sha256, rmd160, md4, md5, tiger
and crc. Removed definitions: EXTRA_md4_SOURCES,
EXTRA_md5_SOURCES, EXTRA_rmd160_SOURCES, EXTRA_sha1_SOURCES,
EXTRA_sha256_SOURCES, EXTRA_tiger_SOURCES and EXTRA_crc_SOURCES,
BUILT_SOURCES, DISTCLEANFILES.
* pubkey.c: Do not include "elgamal.h", "dsa.h" and "rsa.h".
* Makefile.am (libcipher_la_SOURCES): Removed rsa.h, elgamal.h,
dsa.h, des.h, cast5.h, arcfour.h and blowfish.h.
* rsa.h: Removed file.
* elgamal.h: Removed file.
* dsa.h: Removed file.
* des.h: Removed file.
* cast5.h: Removed file.
* arcfour.h: Removed file.
* blowfish.h: Removed file.
* Makefile.am (libcipher_la_SOURCES): Removed dynload.c and
dynload.h.
* rsa.c (pubkey_spec_rsa): New variable.
* dsa.c (pubkey_spec_rsa): New variable.
* elgamal.c (pubkey_spec_elg): New variable.
* rsa.c (_gcry_rsa_get_info): Removed function.
* elgamal.c (_gcry_elg_get_info): Removed function.
* dsa.c (_gcry_dsa_get_info): Removed function.
* tiger.c (tiger_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_tiger_constructor): Removed function.
* sha1.c (sha1_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_sha1_constructor): Removed function.
* sha256.c (sha256_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_sha256_constructor): Removed function.
* rmd160.c (rmd160_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_rmd160_constructor): Removed function.
* md5.c (md5_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_md5_constructor): Removed function.
* md4.c (md4_get_info): Removed function.
(gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func): Removed function.
(_gcry_md4_constructor): Removed function.
* crc.c (crc_get_info): Removed function.
* arcfour.c (do_arcfour_setkey): Changed type of context argument
to `void *', added local variable for cast, adjusted callers.
(arcfour_setkey): Likewise.
(encrypt_stream): Likewise.
* cast5.c (cast_setkey): Likewise.
(encrypt_block): Likewise.
* rijndael.c (rijndael_setkey): Likewise.
(rijndael_encrypt): Likewise.
(rijndael_decrypt): Likewise.
* twofish.c (twofish_setkey): Likewise.
(twofish_encrypt): Likewise.
(twofish_decrypt): Likewise.
* des.c (do_des_setkey): Likewise.
(do_des_encrypt): Likewise.
(do_des_encrypt): Likewise.
(do_tripledes_encrypt): Likewise.
(do_tripledes_encrypt): Likewise.
* blowfish.c (bf_setkey: Likewise.
(encrypt_block): Likewise.
(decrypt_block): Likewise.
* arcfour.c (encrypt_stream): Likewise.
* rijndael.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func) Removed function.
* twofish.c (gnupgext_version, func_table): Removed definitions.
(gnupgext_enum_func) Removed function.
* cast5.c (CIPHER_ALGO_CAST5): Removed.
* blowfish.c (FNCCAST_SETKEY, FNCCAST_CRYPT): Removed macros.
(CIPHER_ALGO_BLOWFISH): Removed symbol.
* cast5.c (FNCCAST_SETKEY, FNCCAST_CRYPT): Likewise.
* des.c (selftest_failed): Removed.
(initialized): New variable.
(do_des_setkey): Run selftest, if not yet done.
(FNCCAST_SETKEY, FNCCAST_CRYPT): Removed macros.
* arcfour.c (_gcry_arcfour_get_info): Removed function.
* blowfish.c (_gcry_blowfish_get_info): Removed function.
* cast5.c (_gcry_cast5_get_info): Removed function.
* des.c (_gcry_des_get_info): Removed function.
* rijndael.c (_gcry_rijndael_get_info): Removed function.
* twofish.c (_gcry_twofish_get_info): Removed function.
* arcfour.c (cipher_spec_arcfour): New variable.
* twofish.c (cipher_spec_twofish, cipher_spec_twofish128): New
variables.
* rijndael.c (cipher_spec_aes, cipher_spec_aes192,
cipher_spec256): New variables.
* des.c (cipher_spec_des, cipher_spec_tripledes): New variables.
* cast5.c (cipher_spec_cast5): New variable.
* blowfish.c (cipher_spec_blowfish): Likewise.
* twofish.c: Do not include "dynload.h".
* rijndael.c: Likewise.
* des.c: Likewise.
* cast5.c: Likewise.
* blowfish.c: Likewise.
* cipher.c: Likewise.
* crc.c: Likewise.
* md4.c: Likewise.
* md5.c: Likewise.
* md.c: Likewise.
* pubkey.c: Likewise.
* rijndael.c: Likewise.
* sha1.c: Likewise.
* sha256.c: Likewise.
* arcfour.c: Include "cipher.h".
* twofish.c: Likewise.
* rijndael.c: Likewise.
* des.c: Likewise.
* cast5.c: Likewise.
* blowfish.c: Likewise.
* twofish.c (twofish_setkey): Declared argument `key' const.
(twofish_encrypt): Declared argument `inbuf' const.
(twofish_decrypt): Likewise.
* rijndael.c (rijndael_setkey): Declared argument `key' const.
(rijndael_encrypt): Declared argument `inbuf' const.
(rijndael_decrypt): Likewise.
* des.c (do_des_setkey): Declared argument `key' const.
(do_tripledes_setkey): Likewise.
(do_des_encrypt): Declared argument `inbuf' const.
(do_des_decrypt): Likewise.
(do_tripledes_encrypt): Likewise.
(do_tripledes_decrypt): Likewise.
* cast5.c (encrypt_block): Declared argument `inbuf' const.
(decrypt_block): Likewise.
(cast_setkey): Declared argument `key' const.
* blowfish.c (do_bf_setkey): Declared argument `key' const.
(encrypt_block): Declared argument `inbuf' const.
(encrypt_block): Likewise.
* cipher.c: Remove CIPHER_ALGO_DUMMY related code.
Removed struct cipher_table_s.
Changed definition of cipher_table.
Removed definition of disabled_algos.
(ciphers_registered, default_ciphers_registered): New variables.
(REGISTER_DEFAULT_CIPHERS): New macro.
(dummy_setkey): Declared argument `key' const.
(dummy_encrypt_block): Declared argument `inbuf' const.
(dummy_encrypt_block): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_setkey): Use `unsigned char' instead of `byte'.
(dummy_encrypt_block): Likewise.
(dummy_decrypt_block): Likewise.
(dummy_encrypt_stream): Likewise.
(dummy_decrypt_stream): Likewise.
(gcry_cipher_register_default): New function.
(gcry_cipher_lookup_func_id): New function.
(gcry_cipher_lookup_func_name): New function.
(gcry_cipher_lookup_id): New function.
(gcry_cipher_lookup_name): New function.
(gcry_cipher_id_new): New function.
(gcry_cipher_register): New function.
(gcry_cipher_unregister): New function.
(setup_cipher_table): Removed function.
(load_cipher_modules): Removed function.
(gcry_cipher_map_name): Adjusted to use new module management.
(cipher_algo_to_string): Likewise.
(disable_cipher_algo): Likewise.
(check_cipher_algo): Likewise.
(cipher_get_keylen): Likewise.
(cipher_get_blocksize): Likewise.
(gcry_cipher_open): Likewise.
(struct gcry_cipher_handle): Replaced members algo, algo_index,
blocksize, setkey, encrypt, decrypt, stencrypt, stdecrypt with one
member: cipher.
(gcry_cipher_open): Adjusted code for new handle structure.
(cipher_setkey): Likewise.
(cipher_setiv): Likewise.
(cipher_reset): Likewise.
(do_ecb_encrypt): Likewise.
(do_ecb_decrypt): Likewise.
(do_cbc_encrypt): Likewise.
(do_cbc_decrypt): Likewise.
(do_cfb_encrypt): Likewise.
(do_cfb_decrypt): Likewise.
(do_ctr_encrypt): Likewise.
(cipher_encrypt): Likewise.
(gcry_cipher_encrypt): Likewise.
(cipher_decrypt): Likewise.
(gcry_cipher_decrypt): Likewise.
(cipher_sync): Likewise.
(gcry_cipher_ctl): Likewise.
* pubkey.c: Removed struct pubkey_table_s.
Changed definition of pubkey_table.
Removed definition of disabled_algos.
(pubkeys_registered, default_pubkeys_registered): New variables.
(REGISTER_DEFAULT_PUBKEYS): New macro.
(setup_pubkey_table): Removed function.
(load_pubkey_modules): Removed function.
(gcry_pubkey_register_default): New function.
(gcry_pubkey_lookup_func_id): New function.
(gcry_pubkey_lookup_func_name): New function.
(gcry_pubkey_lookup_id): New function.
(gcry_pubkey_lookup_name): New function.
(gcry_pubkey_id_new): New function.
(gcry_pubkey_register): New function.
(gcry_pubkey_unregister): New function.
(gcry_pk_map_name): Adjusted to use new module management.
(gcry_pk_algo_name): Likewise.
(disable_pubkey_algo): Likewise.
(check_pubkey_algo): Likewise.
(pubkey_get_npkey): Likewise.
(pubkey_get_nskey): Likewise.
(pubkey_get_nsig): Likewise.
(pubkey_get_nenc): Likewise.
(pubkey_generate): Likewise.
(pubkey_check_secret_key): Likewise.
(pubkey_encrypt): Likewise.
(pubkey_decrypt): Likewise.
(pubkey_sign): Likewise.
(pubkey_verify): Likewise.
(gcry_pk_get_nbits): Likewise.
(gcry_pk_algo_info): Likewise.
* md.c: Removed struct md_digest_list_s.
(digest_list): Changed definition.
(digests_registered, default_digests_registered): New variables.
(REGISTER_DEFAULT_DIGESTS): New macro.
(new_list_item): Removed function.
(setup_md_table): Removed function.
(load_digest_module): Removed function.
(gcry_digest_register_default): New function.
(gcry_digest_lookup_func_id): New function.
(gcry_digest_lookup_func_name): New function.
(gcry_digest_lookup_id): New function.
(gcry_digest_lookup_name): New function.
(gcry_digest_id_new): New function.
(gcry_digest_register): New function.
(gcry_digest_unregister): New function.
(GcryDigestEntry): New type.
(struct gcry_md_context): Adjusted type of `list'.
(gcry_md_map_name): Adjusted to use new module management.
(digest_algo_to_string): Likewise.
(check_digest_algo): Likewise.
(md_enable): Likewise.
(md_digest_length): Likewise.
(md_asn_oid): Likewise.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* pubkey.c: Replaced PUBKEY_ALGO_DSA with GCRY_PK_DSA,
PUBKEY_ALGO_RSA with GCRY_PK_RSA and PUBKEY_ALGO_ELGAMAL with
GCRY_PK_ELG.
* dsa.c: Replaced PUBKEY_ALGO_DSA with GCRY_PK_DSA.
2003-04-01 Moritz Schulte <moritz@g10code.com>
* des.c: Removed checks for GCRY_CIPHER_3DES and GCRY_CIPHER_DES.
2003-03-31 Moritz Schulte <moritz@g10code.com>
* tiger.c (tiger_get_info): Do not declare static.
* sha256.c (sha256_get_info): Likewise.
* sha1.c (sha1_get_info): Likewise.
* rmd160.c (rmd160_get_info): Likewise.
* md5.c (md5_get_info): Likewise.
* md4.c (md4_get_info): Likewise.
* crc.c (crc_get_info): Likewise.
* md.c (load_digest_module): Call setup_md_table during
initialization.
(new_list_item): Link new element into digest_list.
* cipher.c (do_ctr_decrypt): Made do_ctr_encrypt act as a wrapper
for do_ctr_encrypt, since these functions are identical.
2003-03-30 Simon Josefsson <jas@extundo.com>
* cipher.c (struct gcry_cipher_handle): Add counter field.
(gcry_cipher_open): Add CTR.
(cipher_reset): Clear counter field.
(do_ctr_encrypt, do_ctr_decrypt): New functions.
(cipher_encrypt, cipher_decrypt): Call CTR functions.
(gcry_cipher_ctl): Add SET_CTR to set counter.
2003-03-30 Moritz Schulte <moritz@g10code.com>
* rsa.c (_gcry_rsa_blind): New function.
(_gcry_rsa_unblind): New function.
(_gcry_rsa_decrypt): Use _gcry_rsa_blind and _gcry_rsa_decrypt.
2003-03-26 Moritz Schulte <moritz@g10code.com>
* dynload.c (_gcry_enum_gnupgext_pubkeys): Adjust `encrypt' and
`decrypt' function arguments.
(_gcry_enum_gnupgext_pubkeys): Likewise.
* dynload.h: Likewise.
* pubkey.c (dummy_decrypt): Add argument: int flags.
(dummy_encrypt): Likewise.
* elgamal.c (_gcry_elg_encrypt): Add argument: int flags.
(_gcry_elg_decrypt): Likewise.
* rsa.c (_gcry_rsa_encrypt): Add argument: int flags.
(_gcry_rsa_decrypt): Likewise.
* pubkey.c: Add `flags' argument to members `encrypt' and
`decrypt' of struct `pubkey_table_s'.
* rsa.h: Add `flags' argument to function declarations.
* elgamal.h: Likewise.
* pubkey.c (sexp_data_to_mpi): New variable: int parsed_flags.
(sexp_data_to_mpi): Set `parsed_flags'.
(sexp_data_to_mpi): New argument: int *flags.
(gcry_pk_encrypt): New variable: int flags.
(gcry_pk_encrypt): Pass `flags' to pubkey_encrypt.
(pubkey_encrypt): New variable: int flags.
(pubkey_encrypt): Pass `flags' to pubkey encrypt function.
(pubkey_decrypt): Likewise.
(pubkey_decrypt): Pass `flags' to pubkey encrypt function.
(gcry_pk_encrypt): Include `flags' s-exp in return list.
(sexp_to_enc): New argument: int *flags.
(gcry_pk_decrypt): New variable: int flags.
(gcry_pk_decrypt): Pass `flags' to pubkey_decrypt.
(sexp_to_enc): New variable: int parsed_flags.
(sexp_to_enc): Set `parsed_flags'.
2003-03-22 Simon Josefsson <jas@extundo.com>
* cipher.c (gcry_cipher_open, do_cbc_encrypt)
(gcry_cipher_encrypt): Support GCRY_CIPHER_CBC_MAC.
(gcry_cipher_ctl): Support GCRYCTL_SET_CBC_MAC.
2003-03-19 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): New args EXTRA_CHECK and EXTRA_CHECK_ARG
to allow for a user callback. Changed all callers.
(_gcry_generate_secret_prime)
(_gcry_generate_public_prime): Ditto, pass them to gen_prime.
* rsa.c (check_exponent): New.
(generate): Use a callback to ensure that a given exponent is
actually generated.
2003-03-12 Moritz Schulte <moritz@g10code.com>
* primegen.c: Initialize `no_of_small_prime_numbers' statically.
(gen_prime): Remove calculation of `no_of_small_prime_numbers'.
2003-03-03 Moritz Schulte <moritz@g10code.com>
* md.c (gcry_md_ctl): Rewritten to use same style like the other
functions dispatchers.
2003-03-02 Moritz Schulte <moritz@g10code.com>
* cipher.c (struct gcry_cipher_handle): New member: algo_index.
(gcry_cipher_open): Allocate memory for two cipher contexts.
Initialize algo_index.
(cipher_setkey): Duplicate context into reserved memory.
(cipher_reset): New function, which resets the context and clear
the IV.
(gcry_cipher_ctl): Call cipher_reset.
2003-02-23 Moritz Schulte <moritz@g10code.com>
* cipher.c: Remove (bogus) `digitp' macro definition.
* md.c: Likewise.
* blowfish.c (burn_stack): Removed.
* arcfour.c (burn_stack): Likewise.
* cast5.c (burn_stack): Likewise.
* des.c (burn_stack): Likewise.
* md4.c (burn_stack): Likewise.
* md5.c (burn_stack): Likewise.
* random.c (burn_stack): Likewise.
* rijndael.c (burn_stack): Likewise.
* rmd160.c (burn_stack): Likewise.
* sha1.c (burn_stack): Likewise.
* sha256.c (burn_stack): Likewise.
* tiger.c (burn_stack): Likewise.
* twofish.c (burn_stack): Likewise.
* blowfish.c: Changed all occurences of burn_stack to
_gcry_burn_stack.
* arcfour.c: Likewise.
* cast5.c: Likewise.
* des.c: Likewise.
* md4.c: Likewise.
* md5.c: Likewise.
* random.c: Likewise.
* rijndael.c: Likewise.
* rmd160.c: Likewise.
* sha1.c: Likewise.
* sha256.c: Likewise.
* tiger.c: Likewise.
* twofish.c: Likewise.
* arcfour.c (_gcry_arcfour_get_info): Use GCRY_CIPHER_ARCFOUR
instead of hard-coded value `301'.
2003-01-24 Werner Koch <wk@gnupg.org>
* random.c (_gcry_register_random_progress): New.
(_gcry_random_progress): New.
* rndlinux.c (gather_random): Call the random progress function.
2003-01-23 Werner Koch <wk@gnupg.org>
* rsa.c (generate): New arg USE_E to request a specific public
exponent.
(_gcry_rsa_generate): Ditto.
* elgamal.c (_gcry_elg_generate): Must add an dummy argument
instead of USE_E.
* dsa.c (_gcry_dsa_generate): Ditto.
* pubkey.c (dummy_generate): Ditto.
(pubkey_generate): Add USE_E arg and pass it down.
(gcry_pk_genkey): Detect "rsa-use-e" parameter and pass it to generate.
* pubkey.c (sexp_to_enc): New arg RET_MODERN.
(gcry_pk_decrypt): Make use of it to return a real S-expression.
Return better error codes.
(gcry_pk_verify): Return better error codes.
2003-01-21 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_add_bytes): Add QUALITY argument, let
function return an error code and disable its core for now.
2003-01-21 Timo Schulz <twoaday@freakmail.de>
* random.c (gcry_random_add_bytes): New. Function to add external
random to the pool.
2003-01-20 Simon Josefsson <jas@extundo.com>
* crc.c: New.
* Makefile.am (EXTRA_PROGRAMS, EXTRA_crc_SOURCES): Add crc.c.
* md.c (gcry_md_get_algo_dlen): Add values for CRC.
2003-01-20 Werner Koch <wk@gnupg.org>
* sha256.c: New.
* bithelp.h (ror): New.
* Makfile.am: Add sha256.c.
* md.c (oid_table): Add values for SHA256 et al.
(gcry_md_get_algo_dlen): Likewise
2003-01-20 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): Implemented keygrips for DSA
and ElGamal.
2003-01-17 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_encrypt): Reworked so that the output will
never contain the plaintext even if the caller did not checked the
return value.
* md.c (gcry_md_get_algo): Changed error code to GCRYERR_GENERAL
because we don't have an invalid md algo but no algorithm enabled.
* pubkey.c (gcry_pk_genkey): Changed error code for bounds check
of table parameters to GCRYERR_INTERNAL.
* md.c (gcry_md_open): Partly reverted Timo's change from
2002-10-10 by removing the check for the algorithm. An algorithm
of 0 is allowed and anyway we should not double check it or check
it using a different function. Also fixed the flags check.
* pubkey.c (gcry_pk_encrypt): Make sure that R_CIPH points to NULL
on error.
(gcry_pk_decrypt): Ditto for R_PLAIN.
(gcry_pk_sign): Ditto for R_SIG.
(gcry_pk_genkey): Ditto for R_KEY.
2003-01-16 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_write): Changed 2nd argument type to void*.
(gcry_md_hash_buffer): Changed type of boths buffers to void*.
(gcry_md_setkey): Changed 2nd argument type to void*.
2003-01-15 Werner Koch <wk@gnupg.org>
* pubkey.c (sexp_data_to_mpi): New. This handles pkcs1 padding.
(gcry_pk_sign, gcry_pk_verify): Use it here.
(gcry_pk_encrypt): And here.
(pubkey_verify): Add debug code.
(sexp_to_enc): Handle flags in the input and return the pkcs1 flag
in a new parameter.
(gcry_pk_decrypt): Prepare for future pkcs1 handling.
2002-12-19 Werner Koch <wk@gnupg.org>
* random.c (_gcry_random_initialize): New.
2002-12-16 Werner Koch <wk@gnupg.org>
* cipher.c: Added a Teletrust specific OID for 3DES.
2002-12-12 Werner Koch <wk@gnupg.org>
* md.c: Added another oddball OIW OID (sha-1WithRSAEncryption).
2002-11-23 Werner Koch <wk@gnupg.org>
* md.c (load_digest_module): Enlarged checked_algos bitmap.
* md4.c (func_table): Fixed entry for md4.
Both by Simon Josephson.
(transform): Copy data to get the alignment straight. Tested only
on i386.
2002-11-10 Simon Josefsson <jas@extundo.com>
* cipher.c (gcry_cipher_open): Don't reject CTS flag.
(do_cbc_encrypt, do_cbc_decrypt, cipher_encrypt)
(gcry_cipher_encrypt, cipher_decrypt)
(gcry_cipher_decrypt): Support CTS flag.
(gcry_cipher_ctl): Toggle CTS flag.
2002-11-10 Werner Koch <wk@gnupg.org>
* md4.c: New. By Simon Josefsson.
* Makefile.am (EXTRA_PROGRAMS): Add md4.c.
* md.c (oid_table,gcry_md_get_algo_dlen): MD4 support.
2002-10-14 Werner Koch <wk@gnupg.org>
* arcfour.c (do_encrypt_stream): Don't use increment op when
assigning to the same variable.
2002-10-10 Timo Schulz <ts@winpt.org>
* pubkey.c (gcry_pk_genkey): Check boundaries.
* md.c (gcry_md_open): Check that algo is available and only
valid flag values are used.
(gcry_md_get_algo): Add error handling.
2002-09-26 Werner Koch <wk@gnupg.org>
* md.c: Include an OID for TIGER.
* tiger.c (tiger_get_info): Use a regular OID.
2002-09-17 Werner Koch <wk@gnupg.org>
* random.c: Replaced mutex.h by the new ath.h. Changed all calls.
2002-09-16 Werner Koch <wk@gnupg.org>
* arcfour.c (do_encrypt_stream): Use register modifier and modulo.
According to Nikos Mavroyanopoulos this increases perfromace on
i386 system noticable. And I always tought gcc is clever enough.
* md5.c (transform): Use register modifier.
* rmd160.c (transform): Ditto.
* sha1.c (transform): Ditto. We hope that there are 6 free registers.
* random.c (gcry_randomize): Rewrote to avoid malloc calls.
* rndlinux.c (gather_random): Replaced remaining fprintfs by log_*.
* arcfour.c (do_arcfour_setkey): Ditto.
* twofish.c (do_twofish_setkey): Ditto.
* rndegd.c (gather_random): Ditto.
* rijndael.c (do_setkey): Ditto.
* random.c (_gcry_random_dump_stats): Ditto.
* primegen.c (_gcry_generate_elg_prime): Ditto.
* des.c (_gcry_des_get_info): Ditto.
* cast5.c (do_cast_setkey): Ditto.
* blowfish.c (do_bf_setkey): Ditto.
2002-08-26 Werner Koch <wk@gnupg.org>
* des.c (weak_keys): Fixed one entry in the table and compared
all entries against the literature.
(selftest): Checksum the weak key table.
2002-08-21 Werner Koch <wk@gnupg.org>
* pubkey.c: Enable keygrip calculation for "openpgp-rsa".
2002-08-17 Werner Koch <wk@gnupg.org>
* cipher.c (setup_cipher_table): Don't overwrite the DES entry
with the entry for DUMMY.
2002-08-14 Werner Koch <wk@gnupg.org>
* des.c (do_des_setkey,do_des_encrypt, do_des_decrypt): New.
(_gcry_des_get_info): Support plain old DES.
* cipher.c (setup_cipher_table): Put DES into the table.
2002-07-25 Werner Koch <wk@gnupg.org>
* rndunix.c (_gcry_rndunix_constructor): Prefixed with _gcry_.
Noted by Stephan Austermuehle.
2002-07-08 Timo Schulz <ts@winpt.org>
* rndw32.c: Replaced the m_ memory functions with the real
gcry_ functions. Renamed all g10_ prefixed functions to log_.
2002-06-12 Werner Koch <wk@gnupg.org>
* rsa.c (generate): Use e = 65537 for now.
2002-06-11 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): Allow a "protected-private-key".
2002-06-05 Timo Schulz <ts@winpt.org>
* cipher.c (gcry_cipher_encrypt, gcry_cipher_decrypt):
Check that the input size is a multiple of the blocksize.
2002-05-23 Werner Koch <wk@gnupg.org>
* md.c (oid_table): Add an rsadsi OID for MD5.
2002-05-21 Werner Koch <wk@gnupg.org>
* primegen.c, elgamal.c, dsa.c (progress): Do not print anything
by default. Pass an extra identifying string to the callback and
reserved 2 argumenst for current and total counters. Changed the
register function prototype.
2002-05-17 Werner Koch <wk@gnupg.org>
* rndegd.c (rndegd_constructor): Fixed name of register function
and prefixed the function name with _gcry_.
* rndw32.c (rndw32_constructor): Ditto.
* tiger.c (tiger_constructor): Ditto.
* Makefile.am: Removed all dynamic loading stuff.
* dynload.c: Ditto. Now only used for the constructor system.
2002-05-15 Werner Koch <wk@gnupg.org>
* random.c (gcry_random_bytes,gcry_random_bytes_secure)
(gcry_randomize): Make sure we are initialized.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license of most files to the LGPL.
2002-05-02 Werner Koch <wk@gnupg.org>
* random.c (_gcry_fast_random_poll): Initialize the module so the
mutex can be used.
* primegen.c (small_prime_numbers): Moved table from smallprime.c
* smallprime.c: File removed.
* des.c (leftkey_swap, rightkey_swap, working_memcmp): Made static.
* cipher.c (gcry_cipher_map_name): Map "RIJNDAEL" to "AES".
* rijndael.c (rijndael_get_info): We do only support a 128 bit
blocksize so it makes sense to change the algorithm strings to
AES.
* tiger.c (tiger_final): Removed superfluous token pasting operators.
* md5.c (md5_final): Ditto.
2002-04-30 Werner Koch <wk@gnupg.org>
* cipher.c: Fixed list of copyright years.
2002-03-18 Werner Koch <wk@gnupg.org>
* random.c (initialize): Initialize the new pool lock mutex.
(_gcry_fast_random_poll): Add locking and moved main
code out to...
(do_fast_random_poll): new function.
(read_pool): Use the new function here.
(get_random_bytes): Add locking.
(_gcry_update_random_seed_file): Ditto.
2002-03-11 Werner Koch <wk@gnupg.org>
* md.c: Add rsaSignatureWithripemd160 to OID table.
2002-02-20 Werner Koch <wk@gnupg.org>
* sha1.c: Removed a left over comment note. The code has been
rewritten from scratch in 1998. Thanks to Niels Möller for
reporting this misleading comment.
2002-02-18 Werner Koch <wk@gnupg.org>
* rndunix.c (rndunix_constructor): Use the the new prefixed
function name. Reported by Jordi Mallach.
2002-02-10 Werner Koch <wk@gnupg.org>
* random.c (mix_pool): Carry an extra failsafe_digest buffer
around to make the function more robust.
2002-02-08 Werner Koch <wk@gnupg.org>
* random.c (add_randomness): Xor new data into the pool and not
just copy it. This avoids any choosen input attacks which are not
serious in our setting because an outsider won't be able to mix
data in and even then we keep going with a PRNG. Thanks to Stefan
Keller for pointing this out.
2002-01-04 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_genkey): Do not release skey - it is static.
* primegen.c (gen_prime): Of course we should use set_bit
and not set_highbit to set the second high bit.
2001-12-18 Werner Koch <wk@gnupg.org>
* rsa.c (generate): Loop until we find the exact modulus size.
Changed the exponent to 41.
(rsa_get_info): s/usage/r_usage/ to avoid shadow warnings.
* primegen.c (gen_prime): Set 2 high order bits for secret primes.
* Makefile.am (DISTCLEANFILES): Include construct.c.
2001-12-17 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_get_keygrip): New - experimental.
2001-12-11 Werner Koch <wk@gnupg.org>
* cipher.c: Added OIDs for AES.
(gcry_cipher_mode_from_oid): New.
(gcry_cipher_map_name): Moved OID search code to ..
(search_oid): .. new function.
2001-12-10 Werner Koch <wk@gnupg.org>
* pubkey.c (gcry_pk_encrypt): Find the signature algorithm by name
and not by number.
* pubkey.c (gcry_pk_encrypt,gcry_pk_decrypt,gcry_pk_sign)
(gcry_pk_verify,gcry_pk_testkey, gcry_pk_genkey)
(gcry_pk_get_nbits): Release the arrays. Noted by Nikos
Mavroyanopoulos.
2001-12-06 Werner Koch <wk@gnupg.org>
* cipher.c (gcry_cipher_map_name): Look also for OIDs prefixed
with "oid." or "OID.".
2001-12-05 Werner Koch <wk@gnupg.org>
* pubkey.c (algo_info_table): Fixed entry for openpgp-rsa.
2001-11-24 Werner Koch <wk@gnupg.org>
* pubkey.c: Added the rsaEncryption OID to the tables.
(sexp_to_key): Add an arg to return the index of the algorithm,
changed all callers.
(gcry_pk_sign): Find the signature algorithm by name and not by
number.
(gcry_pk_get_nbits): Fixed so that we can now really pass a secret
key to get the result.
* md.c (gcry_md_map_name): Look also for OIDs prefixed with "oid."
or "OID." so that an OID string can be used as an S-Exp token.
2001-11-20 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_map_name): Lookup by OID if the the name begins
with a digit.
(oid_table): New.
2001-11-16 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_info): New operator GCRYCTL_IS_ALGO_ENABLED.
2001-11-07 Werner Koch <wk@gnupg.org>
* md.c (gcry_md_hash_buffer): Close the handle which was left open
for algorithms other than rmd160.
2001-08-08 Werner Koch <wk@gnupg.org>
* rndw32.c (gather_random): Use toolhelp in addition to the NT
gatherer for Windows2000. Suggested by Sami Tolvanen.
* random.c (read_pool): Fixed length check, this used to be one
byte to strict. Made an assert out of it because the caller has
already made sure that only poolsize bytes are requested.
Reported by Marcus Brinkmann.
2001-08-03 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_encrypt, cipher_decrypt): Prepare to return
errors. We have to change the interface to all ciphers to make
this really work but we should do so to prepare for hardware
encryption modules.
(gcry_cipher_encrypt, gcry_cipher_decrypt): Return the error and
set lasterr.
(gcry_cipher_ctl): Make sure that errors from setkey are returned.
2001-08-02 Werner Koch <wk@gnupg.org>
* rndlinux.c (gather_random): casted a size_t arg to int so that
the format string is correct. Casting is okay here and avoids
translation changes.
* random.c (fast_random_poll): Do not check the return code of
getrusage.
* rndunix.c: Add a signal.h header to avoid warnings on Solaris 7
and 8.
* tiger.c (print_abc,print_data): Removed.
* rijndael.c, des.c, blowfish.c, twofish.c, cast5.c, arcfour.c
(burn_stack): New. Add wrappers for most functions to be able to
call burn_stack after the function invocation. This methods seems
to be the most portable way to zeroise the stack used. It does
only work on stack frame based machines but it is highly portable
and has no side effects. Just setting the automatic variables at
the end of a function to zero does not work well because the
compiler will optimize them away - marking them as volatile would
be bad for performance.
* md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise.
* random.c (burn_stack): New.
(mix_pool): Use it here to burn the stack of the mixblock function.
* primegen.c (_gcry_generate_elg_prime): Freed q at 3 places.
Thanks to Tommi Komulainen.
* arcfour.c (arcfour_setkey): Check the minimim keylength against
bytes and not bits.
(selftest): Must reset the key before decryption.
2001-05-31 Werner Koch <wk@gnupg.org>
* sha1.c (sha1_init): Made static.
Changed all g10_ prefixed function names as well as some mpi_
function names to cope with the introduced naming changes.
* md.c (prepare_macpads): Made key const.
2001-05-28 Werner Koch <wk@gnupg.org>
* rndegd.c (gather_random): Removed the use of tty_printf.
2001-03-29 Werner Koch <wk@gnupg.org>
* md5.c (md5_final): Fixed calculation of hashed length. Thanks
to disastry@saiknes.lv for pointing out that it was horrible wrong
for more than 512MB of input.
* sha1.c (sha1_final): Ditto.
* rmd160.c (rmd160_final): Ditto.
* tiger.c (tiger_final): Ditto.
* blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to
avoid name clashes with an encrypt function in stdlib.h of
Dynix/PIX. Thanks to Gene Carter.
* elgamal.c (encrypt,do_encrypt): Ditto.
* twofish.c (gnupgext_enum_func): Use only when when compiled as a
module.
* rijndael.c (gnupgext_enum_func): Ditto.
* tiger.c (tiger_get_info): Return "TIGER192" and not just
"TIGER". By Edwin Woudt.
* random.c: Always include time.h - standard requirement. Thanks
to James Troup.
* rndw32.c: Fixes to the macros.
2001-01-11 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_encrypt,gcry_cipher_encrypt): Use blocksize and
not 8.
2000-12-19 Werner Koch <wk@gnupg.org>
Major change:
Removed all GnuPG stuff and renamed this piece of software
to gcrypt.
2000-11-14 Werner Koch <wk@gnupg.org>
* dsa.c (test_keys): Replaced mpi_alloc by gcry_mpi_new and
mpi_free by gcry_mpi_release.
* elgamal.c (test_keys,generate): Ditto, also for mpi_alloc_secure.
* rsa.c (test_keys,generate,rsa_verify): Ditto.
* primegen.c (generate_elg_prime): Ditto.
(gen_prime): Ditto and removed nlimbs.
* rsa.c (generate): Allocate 2 more vars in secure memory.
* Makefile.am (OMIT_DEPENDENCIES): Hack to work around dependency
problems.
2000-10-09 Werner Koch <wk@gnupg.org>
* arcfour.c, arcfour.h: New.
* cipher.c (cipher_encrypt, cipher_decrypt): Add stream mode.
(setup_cipher_table): Add Arcfour.
(gcry_cipher_open): Kludge to allow stream mode.
Wed Oct 4 13:16:18 CEST 2000 Werner Koch <wk@openit.de>
* sha1.c (transform): Use rol() macro. Actually this is not needed
for a newer gcc but there are still aoter compilers.
* rsa.c (test_keys): Use new random function.
* md.c (gcry_md_setkey): New function to overcome problems with
const conflics.
(gcry_md_ctl): Pass set key to the new functions.
* rijndael.c: New.
* cipher.c: Add Rijndael support.
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* rndlinux.c (open_device): Loose random device checking.
By Nils Ellmenreich.
* random.c (fast_random_poll): Check ENOSYS for getrusage.
* rndunix.c: Add 2 sources for QNX. By Sam Roberts.
* pubkey.c (gcry_pk_algo_info): Add GCRYCTL_GET_ALGO_USAGE.
* rsa.c: Changed the comment about the patent.
(secret): Speed up by using the CRT. For a 2k keys this
is about 3 times faster.
(stronger_key_check): New but unused code to check the secret key.
* Makefile.am: Included rsa.[ch].
* pubkey.c: Enabled RSA support.
(pubkey_get_npkey): Removed RSA workaround.
Mon Jul 31 10:04:47 CEST 2000 Werner Koch <wk@openit.de>
* pubkey.c: Replaced all gcry_sexp_{car,cdr}_{data,mpi} by the new
gcry_sexp_nth_{data,mpi} functions.
Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
* pubkey.c (exp_to_key,sexp_to_sig,sexp_to_enc,gcry_pk_encrypt,
gcry_pk_decrypt,gcry_pk_sign,gcry_pk_genkey): Changed to work with
the new S-Exp interface.
Mon Jul 17 16:35:47 CEST 2000 Werner Koch <wk@>
* random.c (gather_faked): Replaced make_timestamp by time(2) again.
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
* md.c (gcry_md_ctl): Support GCRYCTL_{START,STOP}_DUMP.
* Makefile.am: Never compile mingw32 as module.
* Makefile.am: Tweaked module build and removed libtool
* Makefile.am: Replaced -O1 by -O. Suggested by Alec Habig.
* elgamal.c (sign): Removed inactive code.
* rsa.c, rsa.h: New based on the old module version (only in CVS for now).
* pubkey.c (setup_pubkey_table): Added commented support for RSA.
* rndunix.c (waitpid): New. For UTS 2.1. All by Dave Dykstra.
(my_popen): Do the FD_CLOEXEC only if it is available
(start_gatherer): Cope with missing _SC_OPEN_MAX
* rndunix.c: Add some more headers for QNX. By Sam Roberts.
* rndegd.c (gather_random): Shortcut level 0.
* rndunix.c (gather_random): Ditto.
* rndw32.c (gather_random): Ditto.
* rndw32.c: Replaced with code from Cryptlib and commented the old stuff.
* rndw32.c: Add some debuging code enabled by an environment variable.
* random.c (read_seed_file): Binary open for DOSish system
(update_random_seed_file): Ditto.
* random.c [MINGW32]: Include process.h for getpid.
* random.c (fast_random_poll): Add clock_gettime() as fallback for
system which support this POSIX.4 fucntion. By Sam Roberts.
* random.c (read_seed_file): Removed the S_ISLNK test becuase it
is already covered by !S_ISREG and is not defined in Unixware.
Reported by Dave Dykstra.
(update_random_seed_file): Silently ignore update request when pool
is not filled.
* random.c (read_seed_file): New.
(set_random_seed_file): New.
(read_pool): Try to read the seeding file.
(update_random_seed_file): New.
(read_pool): Do an initial extra seeding when level 2 quality random
is requested the first time. This requestes at least POOLSIZE/2 bytes
of entropy. Compined with the seeding file this should make normal
random bytes cheaper and increase the quality of the random bytes
used for key generation.
* random.c (read_pool): Print a more friendly error message in
cases when too much random is requested in one call.
* random.c (fast_random_poll): Check whether RUSAGE_SELF is defined;
this is not the case for some ESIX and Unixware, although they have
getrusage().
* primegen.c (generate_elg_prime): All primes are now generated with
the lowest random quality level. Because they are public anyway we
don't need stronger random and by this we do not drain the systems
entropy so much.
* primegen.c (register_primegen_progress): New.
* dsa.c (register_pk_dsa_progress): New.
* elgamal.c (register_pk_elg_progress): New.
* elgamal.c (wiener_map): New.
(gen_k): Use a much smaller k.
(generate): Calculate the qbits using the wiener map and
choose an x at a size comparable to the one choosen in gen_k
* rmd160.c (rmd160_get_info): Moved casting to the left side due to a
problem with UTS4.3. Suggested by Dave Dykstra.
* sha1.c (sha1_get_info): Ditto.
* tiger.c (tiger_get_info): Ditto.
* md5.c (md5_get_info): Ditto
* des.c (des_get_info): Ditto.
* blowfish.c (blowfish_get_info): Ditto.
* cast5.c (cast5_get_info): Ditto.
* twofish.c (twofish_get_info): Ditto.
Fri Mar 24 11:25:45 CET 2000 Werner Koch <wk@openit.de>
* md.c (md_open): Add hmac arg and allocate space for the pads.
(md_finalize): Add HMAC support.
(md_copy): Ditto.
(md_close): Ditto.
(gcry_md_reset): Ditto.
(gcry_md_ctl): Ditto.
(prepare_macpdas): New.
Mon Mar 13 19:22:46 CET 2000 Werner Koch <wk@openit.de>
* md.c (gcry_md_hash_buffer): Add support for the other algorithms.
Mon Jan 31 16:37:34 CET 2000 Werner Koch <wk@gnupg.de>
* genprime.c (generate_elg_prime): Fixed returned factors which never
worked for non-DSA keys.
Thu Jan 27 18:00:44 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (sexp_to_key): Fixed mem leaks in case of errors.
Mon Jan 24 22:24:38 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (gcry_pk_decrypt): Implemented.
(gcry_pk_encrypt): Implemented.
(gcry_pk_testkey): New.
(gcry_pk_genkey): New.
(pubkey_decrypt): Made static.
(pubkey_encrypt): Ditto.
(pubkey_check_secret_key): Ditto.
(pubkey_generate): Ditto.
Mon Jan 24 13:04:28 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey.c (pubkey_nbits): Removed and replaced by ...
(gcry_pk_get_nbits): this new one.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* dsa.c: s/mpi_powm/gcry_mpi_powm/g
* elgamal.c: Ditto.
* primegen.c: Ditto.
* : Replaced g10_opt_verbose by g10_log_verbosity().
* Makefile.am (INCLUDES): removed intl, add ../gcrypt
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* dynload.c (cmp_filenames): New to replaced compare_filename() in
module.
(register_cipher_extension): Removed the tilde expansion stuff.
* rndeg.c (my_make_filename): New.
* : Replaced header util.h by g10lib.h
* random.c (gather_faked): Replaced make_timestamp by time(2).
Disabled wrning printed with tty_printf.
* rndlinux.c (gather_random): Always use fprintf instead of tty_xxx;
this should be replaced by a callback function.
* primegen.c (gen_prime): Use gcry_mpi_randomize.
(is_prime): Ditto.
* elgamal.c (test_keys): Ditto.
* dsa.c (test_keys): Ditto.
* cipher.c (gcry_cipher_close): Die on invalid handle.
Mon Nov 15 21:36:02 CET 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (gen_k): Use the new random API.
(generate): Ditto.
* dsa.c (gen_k): Ditto.
(generate): Ditto.
Sat Nov 13 17:44:23 CET 1999 Werner Koch <wk@gnupg.de>
* pubkey.c (disable_pubkey_algo): Made static.
(gcry_pk_ctl): New.
* random.c (get_random_bits): Renamed to ...
(get_random_bytes): ... this and made static.
(gcry_random_bytes): New.
(gcry_random_bytes_secure): New.
(randomize_buffer): Renamed to ...
(gcry_randomize): ...this.
* md.c (gcry_md_hash_buffer): New.
* pubkey.c (gcry_pk_algo_info): 4 new commands.
(pubkey_get_npkey): Made static.
(pubkey_get_nskey): Made static.
(pubkey_get_nsig): Made static.
(pubkey_get_nenc): Made static.
* pubkey.c: Removed all G10ERR_xxx.
* cipher.c: Changed all GCRYERR_INV_ALGO to GCRYERR_INV_CIPHER_ALGO.
* md.c: Changed all GCRYERR_INV_ALGO to GCRYERR_INV_MD_ALGO.
* cast5.c (cast_setkey): Changed errocodes to GCRYERR_xxx.
* blowfish.c: Ditto.
* des.c: Ditto.
* twofish.c: Ditto.
* dsa.c: Ditto.
* elgamal.c: Ditto.
* g10c.c: Removed
* cipher.c (gcry_cipher_open): Replaced alloc functions and return NULL
if we are out of core.
* dynload.c: Replaced all memory allocation functions.
* md.c: Ditto.
* primegen.c: Ditto.
* pubkey.c: Ditto.
* random.c: Ditto.
* rndw32.c: Ditto.
* elgamal.c: Ditto.
* dsa.c: Ditto.
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (sign): Hugh found strange code here. Replaced by BUG().
* cipher.c: Merged with gcrypt/symapi.c.
* pubkey.c (string_to_pubkey_algo): Renamed function to ...
(gcry_pk_map_name): ... this.
(pubkey_algo_to_string): Renamed function to ...
(gcry_pk_algo_name): ... this.
(gcry_pk_algo_info): New.
* pubkey.c: Merged with gcrypt/pkapi.c.
* md.c (md_reset): Clear finalized; thanks to Ulf Moeller for
fixing this bug.
* md.c: Merged with gcrypt/mdapi.c
Wed Sep 15 14:39:59 CEST 1999 Michael Roth <mroth@nessie.de>
* des.c: Various speed improvements: One bit pre rotation
trick after initial permutation (Richard Outerbridge).
Finished test of SSLeay Tripple-DES patterns.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndw32.c: New.
Mon Sep 13 10:51:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* bithelp.h: New.
* rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h
Tue Sep 7 16:23:36 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Fixed seds for latest egcc. By Ollivier Robert.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (selftest): Add some testpattern
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using
in place encryption. Pointed out by Frank Stajano.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* md5.c (md5_final): Fix for a SCO cpp bug.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* elgamal.c (elg_check_secret_key,elg_encrypt
elg_decrypt,elg_sign,elg_verify): Sanity check on the args.
* dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto.
* pubkey.c (disable_pubkey_algo): New.
(check_pubkey_algo2): Look at disabled algo table.
* cipher.c (disable_cipher_algo): New.
(check_cipher_algo): Look at disabled algo table.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dsa.c (gen_k): Changed algorithm to consume less random bytes
* elgamal.c (gen_k): Ditto.
* random.c (random_dump_stats): New.
Thu Jul 1 12:47:31 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c, elgamal.c, dsa.c (progess): New and replaced all
fputc with a call to this function.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs.
* cipher.c (do_cbc_encrypt, do_cbc_decrypt): New.
* dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra).
* Makefile.am (install-exec-hook): Removed.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (setup_cipher_table): Enable Twofish
* random.c (fast_random_poll): Disable use of times() for mingw32.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (register_internal_cipher_extension): Minor init fix.
Tue May 4 15:47:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
that we didn't correct for step when passing the prime to the
Rabin-Miller test which led to bad performance (Stefan Keller).
(check_prime): Add a first Fermat test.
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_setiv): Add ivlen arg, changed all callers.
* random.c (randomize_buffer): alway use secure memory because
we can't use m_is_secure() on a statically allocated buffer.
* twofish.c: Replaced some macros by a loop to reduce text size.
* Makefile.am (twofish): No more need for sed editing.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_open): Reversed the changes for AUTO_CFB.
* blowfish.c: Dropped the Blowfish 160 mode.
* cipher.c (cipher_open): Ditto.
(setup_cipher_table): Ditto. And removed support of twofish128
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
* twofish.c: Applied Matthew Skala's patches for 256 bit key.
Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndlinux.c (tty_printf) [IS_MODULE]: Removed.
* rndegd.c (gather_random): Some fixes.
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_read): New.
(gather_random): Changed the implementation.
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c: Nearly a total rewrote.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (context): Fixed alignment
* md.c: Ditto.
* rndegd.c: New
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c: New.
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Modules are now figured out by configure
* construct.c: New. Generated by configure. Changed all modules
to work with that.
* sha1.h: Removed.
* md5.h: Removed.
* twofish.c: Changed interface to allow Twofish/256
* rndunix.c (start_gatherer): Die on SIGPIPE.
Wed Jan 20 18:59:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): Fix to avoid infinite loop.
Sun Jan 17 11:04:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (is_weak_key): Replace system memcmp due to bugs
in SunOS's memcmp.
(des_get_info): Return error on failed selftest.
* twofish.c (twofish_setkey): Return error on failed selftest or
invalid keylength.
* cast5.c (cast_setkey): Ditto.
* blowfish.c (bf_setkey): Return error on failed selftest.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (random_is_faked): New.
* tiger.c: Only compile if we have the u64 type
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): check for setuid.
* Makefile.am: Add a way to staically link random modules
Thu Jan 7 18:00:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_stop_debug): Do a flush first.
(md_open): size of buffer now depends on the secure parameter
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (start_gatherer): Fixed stupid ==/= bug
1998-12-31 Geoff Keating <geoffk@ozemail.com.au>
* des.c (is_weak_key): Rewrite loop end condition.
Tue Dec 29 14:41:47 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c: add unistd.h for getpid().
(RAND_MAX): Fallback value for Sun.
Wed Dec 23 17:12:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_copy): Reset debug.
Mon Dec 14 21:18:49 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c (read_random_source): Changed the interface to the
random gathering function.
(gather_faked): Use new interface.
* dynload.c (dynload_getfnc_fast_random_poll): Ditto.
(dynload_getfnc_gather_random): Ditto.
* rndlinux.c (gather_random): Ditto.
* rndunix.c (gather_random): Ditto.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (SYMBOL_VERSION): New to cope with system which needs
underscores.
* rndunix.c: Rewrote large parts
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (load_extension): increased needed verbosity level.
* random.c (fast_random_poll): Fallback to a default fast random
poll function.
(read_random_source): Always use the faked entroy gatherer if no
gather module is available.
* rndlinux.c (fast_poll): Removed.
* rndunix.c (fast_poll): Removed.
Wed Nov 25 12:33:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-*.c: Removed.
* rndlinux.c : New.
* rndunix.c : New.
* random.c : Restructured the interface to the gather modules.
(intialize): Call constructor functions
(read_radnom_source): Moved to here.
* dynload.c (dynload_getfnc_gather_random): New.
(dynload_getfnc_fast_random_poll): New.
(register_internal_cipher_extension): New.
(register_cipher_extension): Support of internal modules.
Sun Nov 8 17:44:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (read_random_source): Removed the assert.
Mon Oct 19 18:34:30 1998 me,,, (wk@tobold)
* pubkey.c: Hack to allow us to give some info about RSA keys back.
Thu Oct 15 11:47:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c: Support for DLD
Wed Oct 14 12:13:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c: Now uses names from configure for /dev/random.
1998-10-10 SL Baur <steve@altair.xemacs.org>
* Makefile.am: fix sed -O substitutions to catch -O6, etc.
Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-)
* rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto.
Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest): New.
(md_reset): New.
Wed Sep 23 12:27:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned.
Mon Sep 21 06:22:53 1998 Werner Koch (wk@(none))
* des.c: Some patches from Michael.
Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none))
* des.c : New file from Michael Roth <mroth@nessie.de>
Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none))
* blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.
Mon Sep 14 09:19:25 1998 Werner Koch (wk@(none))
* dynload.c (RTLD_NOW): Now defined to 1 if it is undefined.
Mon Sep 7 17:04:33 1998 Werner Koch (wk@(none))
* Makefile.am: Fixes to allow a different build directory
Thu Aug 6 17:25:38 1998 Werner Koch,mobil,,, (wk@tobold)
* random.c (get_random_byte): Removed and changed all callers
to use get_random_bits()
Mon Jul 27 10:30:22 1998 Werner Koch (wk@(none))
* cipher.c : Support for other blocksizes
(cipher_get_blocksize): New.
* twofish.c: New.
* Makefile.am: Add twofish module.
Mon Jul 13 21:30:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Simple alloc if secure_alloc is not set.
(get_random_bits): Ditto.
Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c (load_extension): Function now nbails out if
the program is run setuid.
Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_hash_buffer): New.
Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_open): algos >=100 use standard CFB
Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am: Support for extensions
Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (mix_pool): simpler handling for level 0
Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c: Removed from dist, will reappear as dynload module
Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* pubkey.c: Major changes to allow extensions. Changed the inteface
of all public key ciphers and added the ability to load extensions
on demand.
* misc.c: Removed.
Wed Jun 10 07:52:08 1998 Werner Koch,mobil,,, (wk@tobold)
* dynload.c: New.
* cipher.c: Major changes to allow extensions.
Mon Jun 8 22:43:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Major internal chnages to support extensions.
* blowfish.c (blowfish_get_info): New and made all internal
functions static, changed heder.
* cast5.c (cast5_get_info): Likewise.
Mon Jun 8 12:27:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (transform): Fix for big endian
* cipher.c (do_cfb_decrypt): Big endian fix.
Fri May 22 07:30:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_get_oid): Add a new one for TIGER.
Thu May 21 13:24:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Add support for a dummy cipher
Thu May 14 15:40:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): fixed sigbus - I should better
add Christian von Roques's new implemenation of rmd160_write.
Fri May 8 18:07:44 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New
* random.c: Moved system specific functions to rand-****.c
Fri May 8 14:01:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fast_random_poll): add call to gethrtime.
Tue May 5 21:28:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): choosing x was not correct, could
yield 6 bytes which are not from the random pool, tsss, tsss..
Tue May 5 14:09:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Add arg mode, changed all
callers and implemented mode 1.
Mon Apr 27 14:41:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_get_keylen): New.
Sun Apr 26 14:44:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c, tiger.h: New.
Wed Apr 8 14:57:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (check_pubkey_algo2): New.
Tue Apr 7 18:46:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: New
* misc.c (check_cipher_algo): Moved to cipher.c
* cast5.c: Moved many functions to cipher.c
* blowfish.c: Likewise.
Sat Apr 4 19:52:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* cast5.c: Implemented and tested.
Wed Apr 1 16:38:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): Faster generation of x in some cases.
Thu Mar 19 13:54:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* blowfish.c (blowfish_decode_cfb): changed XOR operation
(blowfish_encode_cfb): Ditto.
Thu Mar 12 14:04:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* sha1.c (transform): Rewrote
* blowfish.c (encrypt): Unrolled for rounds == 16
(decrypt): Ditto.
Tue Mar 10 16:32:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): Unrolled the loop.
Tue Mar 10 13:05:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Add pool_balance stuff.
(get_random_bits): New.
* elgamal.c (elg_generate): Now uses get_random_bits to generate x.
Tue Mar 10 11:33:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest_length): New.
Tue Mar 10 11:27:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c (dsa_verify): Works.
Mon Mar 9 12:59:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c, dsa.h: Removed some unused code.
Wed Mar 4 10:39:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_open): Add call to fast_random_poll.
blowfish.c (blowfish_setkey): Ditto.
Tue Mar 3 13:32:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_mixblock): New.
* random.c: Restructured to start with a new RNG implementation.
* random.h: New.
Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* gost.c, gost.h: Removed because they did only contain trash.
Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fill_buffer): removed error message if n == -1.
Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_enable): No init if called twice.
Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Changed the progress printing.
(gen_prime): Ditto.
Tue Feb 24 12:28:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* md5.c, md.5 : Replaced by a modified version of md5.c from
GNU textutils 1.22.
Wed Feb 18 14:08:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c, md.h : New debugging support
Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (cipher_algo_to_string): New
(pubkey_algo_to_string): New.
(digest_algo_to_string): New.
Copyright 1998,1999,2000,2001,2002,2003,2004,2005,2006
2007, 2008 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/cipher/ac.c b/cipher/ac.c
index a245fa3b..acf708ad 100644
--- a/cipher/ac.c
+++ b/cipher/ac.c
@@ -1,3203 +1,3203 @@
/* ac.c - Alternative interface for asymmetric cryptography.
Copyright (C) 2003, 2004, 2005, 2006
2007 Free Software Foundation, Inc.
This file is part of Libgcrypt.
Libgcrypt is free software; you can redistribute it and/or modify
it under the terms of the GNU Lesser general Public License as
published by the Free Software Foundation; either version 2.1 of
the License, or (at your option) any later version.
Libgcrypt is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <errno.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <stddef.h>
#include <assert.h>
#include "g10lib.h"
#include "cipher.h"
#include "mpi.h"
/* At the moment the ac interface is a wrapper around the pk
interface, but this might change somewhen in the future, depending
on how many people prefer the ac interface. */
/* Mapping of flag numbers to the according strings as it is expected
for S-expressions. */
static struct number_string
{
int number;
const char *string;
} ac_flags[] =
{
{ GCRY_AC_FLAG_NO_BLINDING, "no-blinding" },
};
/* The positions in this list correspond to the values contained in
the gcry_ac_key_type_t enumeration list. */
static const char *ac_key_identifiers[] =
{
"private-key",
"public-key"
};
/* These specifications are needed for key-pair generation; the caller
is allowed to pass additional, algorithm-specific `specs' to
gcry_ac_key_pair_generate. This list is used for decoding the
provided values according to the selected algorithm. */
struct gcry_ac_key_generate_spec
{
int algorithm; /* Algorithm for which this flag is
relevant. */
const char *name; /* Name of this flag. */
size_t offset; /* Offset in the cipher-specific spec
structure at which the MPI value
associated with this flag is to be
found. */
} ac_key_generate_specs[] =
{
{ GCRY_AC_RSA, "rsa-use-e", offsetof (gcry_ac_key_spec_rsa_t, e) },
{ 0 }
};
/* Handle structure. */
struct gcry_ac_handle
{
int algorithm; /* Algorithm ID associated with this
handle. */
const char *algorithm_name; /* Name of the algorithm. */
unsigned int flags; /* Flags, not used yet. */
gcry_module_t module; /* Reference to the algorithm
module. */
};
/* A named MPI value. */
typedef struct gcry_ac_mpi
{
char *name; /* Self-maintained copy of name. */
gcry_mpi_t mpi; /* MPI value. */
unsigned int flags; /* Flags. */
} gcry_ac_mpi_t;
/* A data set, that is simply a list of named MPI values. */
struct gcry_ac_data
{
gcry_ac_mpi_t *data; /* List of named values. */
unsigned int data_n; /* Number of values in DATA. */
};
/* A single key. */
struct gcry_ac_key
{
gcry_ac_data_t data; /* Data in native ac structure. */
gcry_ac_key_type_t type; /* Type of the key. */
};
/* A key pair. */
struct gcry_ac_key_pair
{
gcry_ac_key_t public;
gcry_ac_key_t secret;
};
/*
* Functions for working with data sets.
*/
/* Creates a new, empty data set and store it in DATA. */
gcry_error_t
_gcry_ac_data_new (gcry_ac_data_t *data)
{
gcry_ac_data_t data_new;
gcry_error_t err;
data_new = gcry_malloc (sizeof (*data_new));
if (! data_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
data_new->data = NULL;
data_new->data_n = 0;
*data = data_new;
err = 0;
out:
return err;
}
/* Destroys all the entries in DATA, but not DATA itself. */
static void
ac_data_values_destroy (gcry_ac_data_t data)
{
unsigned int i;
for (i = 0; i < data->data_n; i++)
if (data->data[i].flags & GCRY_AC_FLAG_DEALLOC)
{
gcry_mpi_release (data->data[i].mpi);
gcry_free (data->data[i].name);
}
}
/* Destroys the data set DATA. */
void
_gcry_ac_data_destroy (gcry_ac_data_t data)
{
if (data)
{
ac_data_values_destroy (data);
gcry_free (data->data);
gcry_free (data);
}
}
/* This function creates a copy of the array of named MPIs DATA_MPIS,
which is of length DATA_MPIS_N; the copy is stored in
DATA_MPIS_CP. */
static gcry_error_t
ac_data_mpi_copy (gcry_ac_mpi_t *data_mpis, unsigned int data_mpis_n,
gcry_ac_mpi_t **data_mpis_cp)
{
gcry_ac_mpi_t *data_mpis_new;
gcry_error_t err;
unsigned int i;
gcry_mpi_t mpi;
char *label;
data_mpis_new = gcry_malloc (sizeof (*data_mpis_new) * data_mpis_n);
if (! data_mpis_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
memset (data_mpis_new, 0, sizeof (*data_mpis_new) * data_mpis_n);
err = 0;
for (i = 0; i < data_mpis_n; i++)
{
/* Copy values. */
label = gcry_strdup (data_mpis[i].name);
mpi = gcry_mpi_copy (data_mpis[i].mpi);
if (! (label && mpi))
{
err = gcry_error_from_errno (errno);
gcry_mpi_release (mpi);
gcry_free (label);
break;
}
data_mpis_new[i].flags = GCRY_AC_FLAG_DEALLOC;
data_mpis_new[i].name = label;
data_mpis_new[i].mpi = mpi;
}
if (err)
goto out;
*data_mpis_cp = data_mpis_new;
err = 0;
out:
if (err)
if (data_mpis_new)
{
for (i = 0; i < data_mpis_n; i++)
{
gcry_mpi_release (data_mpis_new[i].mpi);
gcry_free (data_mpis_new[i].name);
}
gcry_free (data_mpis_new);
}
return err;
}
/* Create a copy of the data set DATA and store it in DATA_CP. */
gcry_error_t
_gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data)
{
gcry_ac_mpi_t *data_mpis = NULL;
gcry_ac_data_t data_new;
gcry_error_t err;
/* Allocate data set. */
data_new = gcry_malloc (sizeof (*data_new));
if (! data_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
err = ac_data_mpi_copy (data->data, data->data_n, &data_mpis);
if (err)
goto out;
data_new->data_n = data->data_n;
data_new->data = data_mpis;
*data_cp = data_new;
out:
if (err)
gcry_free (data_new);
return err;
}
/* Returns the number of named MPI values inside of the data set
DATA. */
unsigned int
_gcry_ac_data_length (gcry_ac_data_t data)
{
return data->data_n;
}
/* Add the value MPI to DATA with the label NAME. If FLAGS contains
GCRY_AC_FLAG_COPY, the data set will contain copies of NAME
and MPI. If FLAGS contains GCRY_AC_FLAG_DEALLOC or
GCRY_AC_FLAG_COPY, the values contained in the data set will
be deallocated when they are to be removed from the data set. */
gcry_error_t
_gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t mpi)
{
gcry_error_t err;
gcry_mpi_t mpi_cp;
char *name_cp;
unsigned int i;
name_cp = NULL;
mpi_cp = NULL;
if (flags & ~(GCRY_AC_FLAG_DEALLOC | GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
goto out;
}
if (flags & GCRY_AC_FLAG_COPY)
{
/* Create copies. */
flags |= GCRY_AC_FLAG_DEALLOC;
name_cp = gcry_strdup (name);
mpi_cp = gcry_mpi_copy (mpi);
if (! (name_cp && mpi_cp))
{
err = gcry_error_from_errno (errno);
goto out;
}
}
/* Search for existing entry. */
for (i = 0; i < data->data_n; i++)
if (! strcmp (name, data->data[i].name))
break;
if (i < data->data_n)
{
/* An entry for NAME does already exist. */
if (data->data[i].flags & GCRY_AC_FLAG_DEALLOC)
{
gcry_mpi_release (data->data[i].mpi);
gcry_free (data->data[i].name);
}
}
else
{
/* Create a new entry. */
gcry_ac_mpi_t *ac_mpis;
ac_mpis = gcry_realloc (data->data,
sizeof (*data->data) * (data->data_n + 1));
if (! ac_mpis)
{
err = gcry_error_from_errno (errno);
goto out;
}
if (data->data != ac_mpis)
data->data = ac_mpis;
data->data_n++;
}
data->data[i].name = name_cp ? name_cp : ((char *) name);
data->data[i].mpi = mpi_cp ? mpi_cp : mpi;
data->data[i].flags = flags;
err = 0;
out:
if (err)
{
gcry_mpi_release (mpi_cp);
gcry_free (name_cp);
}
return err;
}
/* Stores the value labelled with NAME found in the data set DATA in
MPI. The returned MPI value will be released in case
gcry_ac_data_set is used to associate the label NAME with a
different MPI value. */
gcry_error_t
_gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t *mpi)
{
gcry_mpi_t mpi_return;
gcry_error_t err;
unsigned int i;
if (flags & ~(GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
goto out;
}
for (i = 0; i < data->data_n; i++)
if (! strcmp (name, data->data[i].name))
break;
if (i == data->data_n)
{
err = gcry_error (GPG_ERR_NOT_FOUND);
goto out;
}
if (flags & GCRY_AC_FLAG_COPY)
{
mpi_return = gcry_mpi_copy (data->data[i].mpi);
if (! mpi_return)
{
err = gcry_error_from_errno (errno); /* FIXME? */
goto out;
}
}
else
mpi_return = data->data[i].mpi;
*mpi = mpi_return;
err = 0;
out:
return err;
}
/* Stores in NAME and MPI the named MPI value contained in the data
set DATA with the index IDX. NAME or MPI may be NULL. The
returned MPI value will be released in case gcry_ac_data_set is
used to associate the label NAME with a different MPI value. */
gcry_error_t
_gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
unsigned int idx,
const char **name, gcry_mpi_t *mpi)
{
gcry_error_t err;
gcry_mpi_t mpi_cp;
char *name_cp;
name_cp = NULL;
mpi_cp = NULL;
if (flags & ~(GCRY_AC_FLAG_COPY))
{
err = gcry_error (GPG_ERR_INV_ARG);
goto out;
}
if (idx >= data->data_n)
{
err = gcry_error (GPG_ERR_INV_ARG);
goto out;
}
if (flags & GCRY_AC_FLAG_COPY)
{
/* Return copies to the user. */
if (name)
{
name_cp = gcry_strdup (data->data[idx].name);
if (! name_cp)
{
err = gcry_error_from_errno (errno);
goto out;
}
}
if (mpi)
{
mpi_cp = gcry_mpi_copy (data->data[idx].mpi);
if (! mpi_cp)
{
err = gcry_error_from_errno (errno);
goto out;
}
}
}
if (name)
*name = name_cp ? name_cp : data->data[idx].name;
if (mpi)
*mpi = mpi_cp ? mpi_cp : data->data[idx].mpi;
err = 0;
out:
if (err)
{
gcry_mpi_release (mpi_cp);
gcry_free (name_cp);
}
return err;
}
/* Convert the data set DATA into a new S-Expression, which is to be
stored in SEXP, according to the identifiers contained in
IDENTIFIERS. */
gcry_error_t
_gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
const char **identifiers)
{
gcry_sexp_t sexp_new;
gcry_error_t err;
char *sexp_buffer;
size_t sexp_buffer_n;
size_t identifiers_n;
const char *label;
gcry_mpi_t mpi;
void **arg_list;
size_t data_n;
unsigned int i;
sexp_buffer_n = 1;
sexp_buffer = NULL;
arg_list = NULL;
err = 0;
/* Calculate size of S-expression representation. */
i = 0;
if (identifiers)
while (identifiers[i])
{
/* For each identifier, we add "(<IDENTIFIER>)". */
sexp_buffer_n += 1 + strlen (identifiers[i]) + 1;
i++;
}
identifiers_n = i;
if (! identifiers_n)
/* If there are NO identifiers, we still add surrounding braces so
that we have a list of named MPI value lists. Otherwise it
wouldn't be too much fun to process these lists. */
sexp_buffer_n += 2;
data_n = _gcry_ac_data_length (data);
for (i = 0; i < data_n; i++)
{
err = gcry_ac_data_get_index (data, 0, i, &label, NULL);
if (err)
break;
/* For each MPI we add "(<LABEL> %m)". */
sexp_buffer_n += 1 + strlen (label) + 4;
}
if (err)
goto out;
/* Allocate buffer. */
sexp_buffer = gcry_malloc (sexp_buffer_n);
if (! sexp_buffer)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Fill buffer. */
*sexp_buffer = 0;
sexp_buffer_n = 0;
/* Add identifiers: (<IDENTIFIER0>(<IDENTIFIER1>...)). */
if (identifiers_n)
{
/* Add nested identifier lists as usual. */
for (i = 0; i < identifiers_n; i++)
sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "(%s",
identifiers[i]);
}
else
{
/* Add special list. */
sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "(");
}
/* Add MPI list. */
arg_list = gcry_malloc (sizeof (*arg_list) * (data_n + 1));
if (! arg_list)
{
err = gcry_error_from_errno (errno);
goto out;
}
for (i = 0; i < data_n; i++)
{
err = gcry_ac_data_get_index (data, 0, i, &label, &mpi);
if (err)
break;
sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n,
"(%s %%m)", label);
arg_list[i] = &data->data[i].mpi;
}
if (err)
goto out;
if (identifiers_n)
{
/* Add closing braces for identifier lists as usual. */
for (i = 0; i < identifiers_n; i++)
sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")");
}
else
{
/* Add closing braces for special list. */
sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")");
}
/* Construct. */
err = gcry_sexp_build_array (&sexp_new, NULL, sexp_buffer, arg_list);
if (err)
goto out;
*sexp = sexp_new;
out:
gcry_free (sexp_buffer);
gcry_free (arg_list);
return err;
}
/* Create a new data set, which is to be stored in DATA_SET, from the
S-Expression SEXP, according to the identifiers contained in
IDENTIFIERS. */
gcry_error_t
_gcry_ac_data_from_sexp (gcry_ac_data_t *data_set, gcry_sexp_t sexp,
const char **identifiers)
{
gcry_ac_data_t data_set_new;
gcry_error_t err;
gcry_sexp_t sexp_cur;
gcry_sexp_t sexp_tmp;
gcry_mpi_t mpi;
char *string;
const char *data;
size_t data_n;
size_t sexp_n;
unsigned int i;
int skip_name;
data_set_new = NULL;
sexp_cur = sexp;
sexp_tmp = NULL;
string = NULL;
mpi = NULL;
err = 0;
/* Process S-expression/identifiers. */
if (identifiers)
{
for (i = 0; identifiers[i]; i++)
{
/* Next identifier. Extract first data item from
SEXP_CUR. */
data = gcry_sexp_nth_data (sexp_cur, 0, &data_n);
if (! ((data_n == strlen (identifiers[i]))
&& (! strncmp (data, identifiers[i], data_n))))
{
/* Identifier mismatch -> error. */
err = gcry_error (GPG_ERR_INV_SEXP);
break;
}
/* Identifier matches. Now we have to distinguish two
cases:
(i) we are at the last identifier:
leave loop
(ii) we are not at the last identifier:
extract next element, which is supposed to be a
sublist. */
if (! identifiers[i + 1])
/* Last identifier. */
break;
else
{
/* Not the last identifier, extract next sublist. */
sexp_tmp = gcry_sexp_nth (sexp_cur, 1);
if (! sexp_tmp)
{
/* Missing sublist. */
err = gcry_error (GPG_ERR_INV_SEXP);
break;
}
/* Release old SEXP_CUR, in case it is not equal to the
original SEXP. */
if (sexp_cur != sexp)
gcry_sexp_release (sexp_cur);
/* Make SEXP_CUR point to the new current sublist. */
sexp_cur = sexp_tmp;
sexp_tmp = NULL;
}
}
if (err)
goto out;
if (i)
{
/* We have at least one identifier in the list, this means
the the list of named MPI values is prefixed, this means
that we need to skip the first item (the list name), when
processing the MPI values. */
skip_name = 1;
}
else
{
/* Since there is no identifiers list, the list of named MPI
values is not prefixed with a list name, therefore the
offset to use is zero. */
skip_name = 0;
}
}
else
/* Since there is no identifiers list, the list of named MPI
values is not prefixed with a list name, therefore the offset
to use is zero. */
skip_name = 0;
/* Create data set from S-expression data. */
err = gcry_ac_data_new (&data_set_new);
if (err)
goto out;
/* Figure out amount of named MPIs in SEXP_CUR. */
if (sexp_cur)
sexp_n = gcry_sexp_length (sexp_cur) - skip_name;
else
sexp_n = 0;
/* Extracte the named MPIs sequentially. */
for (i = 0; i < sexp_n; i++)
{
/* Store next S-Expression pair, which is supposed to consist of
a name and an MPI value, in SEXP_TMP. */
sexp_tmp = gcry_sexp_nth (sexp_cur, i + skip_name);
if (! sexp_tmp)
{
err = gcry_error (GPG_ERR_INV_SEXP);
break;
}
/* Extract name from current S-Expression pair. */
data = gcry_sexp_nth_data (sexp_tmp, 0, &data_n);
string = gcry_malloc (data_n + 1);
if (! string)
{
err = gcry_error_from_errno (errno);
break;
}
memcpy (string, data, data_n);
string[data_n] = 0;
/* Extract MPI value. */
mpi = gcry_sexp_nth_mpi (sexp_tmp, 1, 0);
if (! mpi)
{
err = gcry_error (GPG_ERR_INV_SEXP); /* FIXME? */
break;
}
/* Store named MPI in data_set_new. */
err = gcry_ac_data_set (data_set_new, GCRY_AC_FLAG_DEALLOC, string, mpi);
if (err)
break;
/* gcry_free (string); */
string = NULL;
/* gcry_mpi_release (mpi); */
mpi = NULL;
gcry_sexp_release (sexp_tmp);
sexp_tmp = NULL;
}
if (err)
goto out;
*data_set = data_set_new;
out:
if (sexp_cur != sexp)
gcry_sexp_release (sexp_cur);
gcry_sexp_release (sexp_tmp);
gcry_mpi_release (mpi);
gcry_free (string);
if (err)
gcry_ac_data_destroy (data_set_new);
return err;
}
static void
_gcry_ac_data_dump (const char *prefix, gcry_ac_data_t data)
{
unsigned char *mpi_buffer;
size_t mpi_buffer_n;
unsigned int data_n;
gcry_error_t err;
const char *name;
gcry_mpi_t mpi;
unsigned int i;
if (! data)
return;
mpi_buffer = NULL;
data_n = _gcry_ac_data_length (data);
for (i = 0; i < data_n; i++)
{
err = gcry_ac_data_get_index (data, 0, i, &name, &mpi);
if (err)
{
log_error ("failed to dump data set");
break;
}
err = gcry_mpi_aprint (GCRYMPI_FMT_HEX, &mpi_buffer, &mpi_buffer_n, mpi);
if (err)
{
log_error ("failed to dump data set");
break;
}
log_printf ("%s%s%s: %s\n",
prefix ? prefix : "",
prefix ? ": " : ""
, name, mpi_buffer);
gcry_free (mpi_buffer);
mpi_buffer = NULL;
}
gcry_free (mpi_buffer);
}
/* Dump the named MPI values contained in the data set DATA to
Libgcrypt's logging stream. */
void
gcry_ac_data_dump (const char *prefix, gcry_ac_data_t data)
{
_gcry_ac_data_dump (prefix, data);
}
/* Destroys any values contained in the data set DATA. */
void
_gcry_ac_data_clear (gcry_ac_data_t data)
{
ac_data_values_destroy (data);
gcry_free (data->data);
data->data = NULL;
data->data_n = 0;
}
/*
* Implementation of `ac io' objects.
*/
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments AP. The list of variable arguments to specify depends on
the given TYPE. */
void
_gcry_ac_io_init_va (gcry_ac_io_t *ac_io,
gcry_ac_io_mode_t mode, gcry_ac_io_type_t type, va_list ap)
{
memset (ac_io, 0, sizeof (*ac_io));
assert ((mode == GCRY_AC_IO_READABLE) || (mode == GCRY_AC_IO_WRITABLE));
assert ((type == GCRY_AC_IO_STRING) || (type == GCRY_AC_IO_STRING));
ac_io->mode = mode;
ac_io->type = type;
switch (mode)
{
case GCRY_AC_IO_READABLE:
switch (type)
{
case GCRY_AC_IO_STRING:
ac_io->io.readable.string.data = va_arg (ap, unsigned char *);
ac_io->io.readable.string.data_n = va_arg (ap, size_t);
break;
case GCRY_AC_IO_CALLBACK:
ac_io->io.readable.callback.cb = va_arg (ap, gcry_ac_data_read_cb_t);
ac_io->io.readable.callback.opaque = va_arg (ap, void *);
break;
}
break;
case GCRY_AC_IO_WRITABLE:
switch (type)
{
case GCRY_AC_IO_STRING:
ac_io->io.writable.string.data = va_arg (ap, unsigned char **);
ac_io->io.writable.string.data_n = va_arg (ap, size_t *);
break;
case GCRY_AC_IO_CALLBACK:
ac_io->io.writable.callback.cb = va_arg (ap, gcry_ac_data_write_cb_t);
ac_io->io.writable.callback.opaque = va_arg (ap, void *);
break;
}
break;
}
}
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments. The list of variable arguments to specify depends on
the given TYPE. */
void
_gcry_ac_io_init (gcry_ac_io_t *ac_io,
gcry_ac_io_mode_t mode, gcry_ac_io_type_t type, ...)
{
va_list ap;
va_start (ap, type);
_gcry_ac_io_init_va (ac_io, mode, type, ap);
va_end (ap);
}
/* Write to the IO object AC_IO BUFFER_N bytes from BUFFER. Return
zero on success or error code. */
static gcry_error_t
_gcry_ac_io_write (gcry_ac_io_t *ac_io, unsigned char *buffer, size_t buffer_n)
{
gcry_error_t err;
assert (ac_io->mode == GCRY_AC_IO_WRITABLE);
err = 0;
switch (ac_io->type)
{
case GCRY_AC_IO_STRING:
{
unsigned char *p;
if (*ac_io->io.writable.string.data)
{
p = gcry_realloc (*ac_io->io.writable.string.data,
*ac_io->io.writable.string.data_n + buffer_n);
if (! p)
err = gcry_error_from_errno (errno);
else
{
if (*ac_io->io.writable.string.data != p)
*ac_io->io.writable.string.data = p;
memcpy (p + *ac_io->io.writable.string.data_n, buffer, buffer_n);
*ac_io->io.writable.string.data_n += buffer_n;
}
}
else
{
if (gcry_is_secure (buffer))
p = gcry_malloc_secure (buffer_n);
else
p = gcry_malloc (buffer_n);
if (! p)
err = gcry_error_from_errno (errno);
else
{
memcpy (p, buffer, buffer_n);
*ac_io->io.writable.string.data = p;
*ac_io->io.writable.string.data_n = buffer_n;
}
}
}
break;
case GCRY_AC_IO_CALLBACK:
err = (*ac_io->io.writable.callback.cb) (ac_io->io.writable.callback.opaque,
buffer, buffer_n);
break;
}
return err;
}
/* Read *BUFFER_N bytes from the IO object AC_IO into BUFFER; NREAD
bytes have already been read from the object; on success, store the
amount of bytes read in *BUFFER_N; zero bytes read means EOF.
Return zero on success or error code. */
static gcry_error_t
_gcry_ac_io_read (gcry_ac_io_t *ac_io,
unsigned int nread, unsigned char *buffer, size_t *buffer_n)
{
gcry_error_t err;
assert (ac_io->mode == GCRY_AC_IO_READABLE);
err = 0;
switch (ac_io->type)
{
case GCRY_AC_IO_STRING:
{
size_t bytes_available;
size_t bytes_to_read;
size_t bytes_wanted;
bytes_available = ac_io->io.readable.string.data_n - nread;
bytes_wanted = *buffer_n;
if (bytes_wanted > bytes_available)
bytes_to_read = bytes_available;
else
bytes_to_read = bytes_wanted;
memcpy (buffer, ac_io->io.readable.string.data + nread, bytes_to_read);
*buffer_n = bytes_to_read;
err = 0;
break;
}
case GCRY_AC_IO_CALLBACK:
err = (*ac_io->io.readable.callback.cb)
(ac_io->io.readable.callback.opaque, buffer, buffer_n);
break;
}
return err;
}
/* Read all data available from the IO object AC_IO into newly
allocated memory, storing an appropriate pointer in *BUFFER and the
amount of bytes read in *BUFFER_N. Return zero on success or error
code. */
static gcry_error_t
_gcry_ac_io_read_all (gcry_ac_io_t *ac_io, unsigned char **buffer, size_t *buffer_n)
{
unsigned char *buffer_new;
size_t buffer_new_n;
unsigned char buf[BUFSIZ];
size_t buf_n;
unsigned char *p;
gcry_error_t err;
buffer_new = NULL;
buffer_new_n = 0;
while (1)
{
buf_n = sizeof (buf);
err = _gcry_ac_io_read (ac_io, buffer_new_n, buf, &buf_n);
if (err)
break;
if (buf_n)
{
p = gcry_realloc (buffer_new, buffer_new_n + buf_n);
if (! p)
{
err = gcry_error_from_errno (errno);
break;
}
if (buffer_new != p)
buffer_new = p;
memcpy (buffer_new + buffer_new_n, buf, buf_n);
buffer_new_n += buf_n;
}
else
break;
}
if (err)
goto out;
*buffer_n = buffer_new_n;
*buffer = buffer_new;
out:
if (err)
gcry_free (buffer_new);
return err;
}
/* Read data chunks from the IO object AC_IO until EOF, feeding them
to the callback function CB. Return zero on success or error
code. */
static gcry_error_t
_gcry_ac_io_process (gcry_ac_io_t *ac_io,
gcry_ac_data_write_cb_t cb, void *opaque)
{
unsigned char buffer[BUFSIZ];
unsigned int nread;
size_t buffer_n;
gcry_error_t err;
nread = 0;
while (1)
{
buffer_n = sizeof (buffer);
err = _gcry_ac_io_read (ac_io, nread, buffer, &buffer_n);
if (err)
break;
if (buffer_n)
{
err = (*cb) (opaque, buffer, buffer_n);
if (err)
break;
nread += buffer_n;
}
else
break;
}
return err;
}
/*
* Functions for converting data between the native ac and the
* S-expression structure used by the pk interface.
*/
/* Extract the S-Expression DATA_SEXP into DATA under the control of
TYPE and NAME. This function assumes that S-Expressions are of the
following structure:
(IDENTIFIER [...]
(ALGORITHM <list of named MPI values>)) */
-gcry_error_t
+static gcry_error_t
ac_data_extract (const char *identifier, const char *algorithm,
gcry_sexp_t sexp, gcry_ac_data_t *data)
{
gcry_error_t err;
gcry_sexp_t value_sexp;
gcry_sexp_t data_sexp;
size_t data_sexp_n;
gcry_mpi_t value_mpi;
char *value_name;
const char *data_raw;
size_t data_raw_n;
gcry_ac_data_t data_new;
unsigned int i;
value_sexp = NULL;
data_sexp = NULL;
value_name = NULL;
value_mpi = NULL;
data_new = NULL;
/* Verify that the S-expression contains the correct identifier. */
data_raw = gcry_sexp_nth_data (sexp, 0, &data_raw_n);
if ((! data_raw) || strncmp (identifier, data_raw, data_raw_n))
{
err = gcry_error (GPG_ERR_INV_SEXP);
goto out;
}
/* Extract inner S-expression. */
data_sexp = gcry_sexp_find_token (sexp, algorithm, 0);
if (! data_sexp)
{
err = gcry_error (GPG_ERR_INV_SEXP);
goto out;
}
/* Count data elements. */
data_sexp_n = gcry_sexp_length (data_sexp);
data_sexp_n--;
/* Allocate new data set. */
err = _gcry_ac_data_new (&data_new);
if (err)
goto out;
/* Iterate through list of data elements and add them to the data
set. */
for (i = 0; i < data_sexp_n; i++)
{
/* Get the S-expression of the named MPI, that contains the name
and the MPI value. */
value_sexp = gcry_sexp_nth (data_sexp, i + 1);
if (! value_sexp)
{
err = gcry_error (GPG_ERR_INV_SEXP);
break;
}
/* Extract the name. */
data_raw = gcry_sexp_nth_data (value_sexp, 0, &data_raw_n);
if (! data_raw)
{
err = gcry_error (GPG_ERR_INV_SEXP);
break;
}
/* Extract the MPI value. */
value_mpi = gcry_sexp_nth_mpi (value_sexp, 1, GCRYMPI_FMT_USG);
if (! value_mpi)
{
err = gcry_error (GPG_ERR_INTERNAL); /* FIXME? */
break;
}
/* Duplicate the name. */
value_name = gcry_malloc (data_raw_n + 1);
if (! value_name)
{
err = gcry_error_from_errno (errno);
break;
}
strncpy (value_name, data_raw, data_raw_n);
value_name[data_raw_n] = 0;
err = _gcry_ac_data_set (data_new, GCRY_AC_FLAG_DEALLOC, value_name, value_mpi);
if (err)
break;
gcry_sexp_release (value_sexp);
value_sexp = NULL;
value_name = NULL;
value_mpi = NULL;
}
if (err)
goto out;
/* Copy out. */
*data = data_new;
out:
/* Deallocate resources. */
if (err)
{
_gcry_ac_data_destroy (data_new);
gcry_mpi_release (value_mpi);
gcry_free (value_name);
gcry_sexp_release (value_sexp);
}
gcry_sexp_release (data_sexp);
return err;
}
/* Construct an S-expression from the DATA and store it in
DATA_SEXP. The S-expression will be of the following structure:
(IDENTIFIER [(flags [...])]
(ALGORITHM <list of named MPI values>)) */
static gcry_error_t
ac_data_construct (const char *identifier, int include_flags,
unsigned int flags, const char *algorithm,
gcry_ac_data_t data, gcry_sexp_t *sexp)
{
unsigned int data_length;
gcry_sexp_t sexp_new;
gcry_error_t err;
size_t sexp_format_n;
char *sexp_format;
void **arg_list;
unsigned int i;
arg_list = NULL;
sexp_new = NULL;
sexp_format = NULL;
/* We build a list of arguments to pass to
gcry_sexp_build_array(). */
data_length = _gcry_ac_data_length (data);
arg_list = gcry_malloc (sizeof (*arg_list) * (data_length * 2));
if (! arg_list)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Fill list with MPIs. */
for (i = 0; i < data_length; i++)
{
char **nameaddr = &data->data[i].name;
arg_list[(i * 2) + 0] = nameaddr;
arg_list[(i * 2) + 1] = &data->data[i].mpi;
}
/* Calculate size of format string. */
sexp_format_n = (3
+ (include_flags ? 7 : 0)
+ (algorithm ? (2 + strlen (algorithm)) : 0)
+ strlen (identifier));
for (i = 0; i < data_length; i++)
/* Per-element sizes. */
sexp_format_n += 6;
if (include_flags)
/* Add flags. */
for (i = 0; i < DIM (ac_flags); i++)
if (flags & ac_flags[i].number)
sexp_format_n += strlen (ac_flags[i].string) + 1;
/* Done. */
sexp_format = gcry_malloc (sexp_format_n);
if (! sexp_format)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Construct the format string. */
*sexp_format = 0;
strcat (sexp_format, "(");
strcat (sexp_format, identifier);
if (include_flags)
{
strcat (sexp_format, "(flags");
for (i = 0; i < DIM (ac_flags); i++)
if (flags & ac_flags[i].number)
{
strcat (sexp_format, " ");
strcat (sexp_format, ac_flags[i].string);
}
strcat (sexp_format, ")");
}
if (algorithm)
{
strcat (sexp_format, "(");
strcat (sexp_format, algorithm);
}
for (i = 0; i < data_length; i++)
strcat (sexp_format, "(%s%m)");
if (algorithm)
strcat (sexp_format, ")");
strcat (sexp_format, ")");
/* Create final S-expression. */
err = gcry_sexp_build_array (&sexp_new, NULL, sexp_format, arg_list);
if (err)
goto out;
*sexp = sexp_new;
out:
/* Deallocate resources. */
gcry_free (sexp_format);
gcry_free (arg_list);
if (err)
gcry_sexp_release (sexp_new);
return err;
}
/*
* Handle management.
*/
/* Creates a new handle for the algorithm ALGORITHM and stores it in
HANDLE. FLAGS is not used yet. */
gcry_error_t
_gcry_ac_open (gcry_ac_handle_t *handle,
gcry_ac_id_t algorithm, unsigned int flags)
{
gcry_ac_handle_t handle_new;
const char *algorithm_name;
gcry_module_t module;
gcry_error_t err;
*handle = NULL;
module = NULL;
/* Get name. */
algorithm_name = _gcry_pk_aliased_algo_name (algorithm);
if (! algorithm_name)
{
err = gcry_error (GPG_ERR_PUBKEY_ALGO);
goto out;
}
/* Acquire reference to the pubkey module. */
err = _gcry_pk_module_lookup (algorithm, &module);
if (err)
goto out;
/* Allocate. */
handle_new = gcry_malloc (sizeof (*handle_new));
if (! handle_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Done. */
handle_new->algorithm = algorithm;
handle_new->algorithm_name = algorithm_name;
handle_new->flags = flags;
handle_new->module = module;
*handle = handle_new;
out:
/* Deallocate resources. */
if (err)
_gcry_pk_module_release (module);
return err;
}
/* Destroys the handle HANDLE. */
void
_gcry_ac_close (gcry_ac_handle_t handle)
{
/* Release reference to pubkey module. */
if (handle)
{
_gcry_pk_module_release (handle->module);
gcry_free (handle);
}
}
/*
* Key management.
*/
/* Initialize a key from a given data set. */
/* FIXME/Damn: the argument HANDLE is not only unnecessary, it is
completely WRONG here. */
gcry_error_t
_gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
gcry_ac_key_type_t type, gcry_ac_data_t data)
{
gcry_ac_data_t data_new;
gcry_ac_key_t key_new;
gcry_error_t err;
(void)handle;
/* Allocate. */
key_new = gcry_malloc (sizeof (*key_new));
if (! key_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Copy data set. */
err = _gcry_ac_data_copy (&data_new, data);
if (err)
goto out;
/* Done. */
key_new->data = data_new;
key_new->type = type;
*key = key_new;
out:
if (err)
/* Deallocate resources. */
gcry_free (key_new);
return err;
}
/* Generates a new key pair via the handle HANDLE of NBITS bits and
stores it in KEY_PAIR. In case non-standard settings are wanted, a
pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
matching the selected algorithm, can be given as KEY_SPEC.
MISC_DATA is not used yet. */
gcry_error_t
_gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits,
void *key_spec,
gcry_ac_key_pair_t *key_pair,
gcry_mpi_t **misc_data)
{
gcry_sexp_t genkey_sexp_request;
gcry_sexp_t genkey_sexp_reply;
gcry_ac_data_t key_data_secret;
gcry_ac_data_t key_data_public;
gcry_ac_key_pair_t key_pair_new;
gcry_ac_key_t key_secret;
gcry_ac_key_t key_public;
gcry_sexp_t key_sexp;
gcry_error_t err;
char *genkey_format;
size_t genkey_format_n;
void **arg_list;
size_t arg_list_n;
unsigned int i;
unsigned int j;
(void)misc_data;
key_data_secret = NULL;
key_data_public = NULL;
key_secret = NULL;
key_public = NULL;
genkey_format = NULL;
arg_list = NULL;
genkey_sexp_request = NULL;
genkey_sexp_reply = NULL;
/* Allocate key pair. */
key_pair_new = gcry_malloc (sizeof (struct gcry_ac_key_pair));
if (! key_pair_new)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Allocate keys. */
key_secret = gcry_malloc (sizeof (*key_secret));
if (! key_secret)
{
err = gcry_error_from_errno (errno);
goto out;
}
key_public = gcry_malloc (sizeof (*key_public));
if (! key_public)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Calculate size of the format string, that is used for creating
the request S-expression. */
genkey_format_n = 22;
/* Respect any relevant algorithm specific commands. */
if (key_spec)
for (i = 0; i < DIM (ac_key_generate_specs); i++)
if (handle->algorithm == ac_key_generate_specs[i].algorithm)
genkey_format_n += 6;
/* Create format string. */
genkey_format = gcry_malloc (genkey_format_n);
if (! genkey_format)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Fill format string. */
*genkey_format = 0;
strcat (genkey_format, "(genkey(%s(nbits%d)");
if (key_spec)
for (i = 0; i < DIM (ac_key_generate_specs); i++)
if (handle->algorithm == ac_key_generate_specs[i].algorithm)
strcat (genkey_format, "(%s%m)");
strcat (genkey_format, "))");
/* Build list of argument pointers, the algorithm name and the nbits
are always needed. */
arg_list_n = 2;
/* Now the algorithm specific arguments. */
if (key_spec)
for (i = 0; i < DIM (ac_key_generate_specs); i++)
if (handle->algorithm == ac_key_generate_specs[i].algorithm)
arg_list_n += 2;
/* Allocate list. */
arg_list = gcry_malloc (sizeof (*arg_list) * arg_list_n);
if (! arg_list)
{
err = gcry_error_from_errno (errno);
goto out;
}
arg_list[0] = (void *) &handle->algorithm_name;
arg_list[1] = (void *) &nbits;
if (key_spec)
for (j = 2, i = 0; i < DIM (ac_key_generate_specs); i++)
if (handle->algorithm == ac_key_generate_specs[i].algorithm)
{
/* Add name of this specification flag and the
according member of the spec strucuture. */
arg_list[j++] = (void *)(&ac_key_generate_specs[i].name);
arg_list[j++] = (void *)
(((char *) key_spec)
+ ac_key_generate_specs[i].offset);
/* FIXME: above seems to suck. */
}
/* Construct final request S-expression. */
err = gcry_sexp_build_array (&genkey_sexp_request,
NULL, genkey_format, arg_list);
if (err)
goto out;
/* Perform genkey operation. */
err = gcry_pk_genkey (&genkey_sexp_reply, genkey_sexp_request);
if (err)
goto out;
key_sexp = gcry_sexp_find_token (genkey_sexp_reply, "private-key", 0);
if (! key_sexp)
{
err = gcry_error (GPG_ERR_INTERNAL);
goto out;
}
err = ac_data_extract ("private-key", handle->algorithm_name,
key_sexp, &key_data_secret);
if (err)
goto out;
gcry_sexp_release (key_sexp);
key_sexp = gcry_sexp_find_token (genkey_sexp_reply, "public-key", 0);
if (! key_sexp)
{
err = gcry_error (GPG_ERR_INTERNAL);
goto out;
}
err = ac_data_extract ("public-key", handle->algorithm_name,
key_sexp, &key_data_public);
if (err)
goto out;
/* Done. */
key_secret->type = GCRY_AC_KEY_SECRET;
key_secret->data = key_data_secret;
key_public->type = GCRY_AC_KEY_PUBLIC;
key_public->data = key_data_public;
key_pair_new->secret = key_secret;
key_pair_new->public = key_public;
*key_pair = key_pair_new;
out:
/* Deallocate resources. */
gcry_free (genkey_format);
gcry_free (arg_list);
gcry_sexp_release (genkey_sexp_request);
gcry_sexp_release (genkey_sexp_reply);
if (err)
{
_gcry_ac_data_destroy (key_data_secret);
_gcry_ac_data_destroy (key_data_public);
gcry_free (key_secret);
gcry_free (key_public);
gcry_free (key_pair_new);
}
return err;
}
/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
gcry_ac_key_t
_gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
gcry_ac_key_type_t which)
{
gcry_ac_key_t key;
switch (which)
{
case GCRY_AC_KEY_SECRET:
key = key_pair->secret;
break;
case GCRY_AC_KEY_PUBLIC:
key = key_pair->public;
break;
default:
key = NULL;
break;
}
return key;
}
/* Destroys the key KEY. */
void
_gcry_ac_key_destroy (gcry_ac_key_t key)
{
unsigned int i;
if (key)
{
if (key->data)
{
for (i = 0; i < key->data->data_n; i++)
if (key->data->data[i].mpi != NULL)
gcry_mpi_release (key->data->data[i].mpi);
gcry_free (key->data);
}
gcry_free (key);
}
}
/* Destroys the key pair KEY_PAIR. */
void
_gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair)
{
if (key_pair)
{
gcry_ac_key_destroy (key_pair->secret);
gcry_ac_key_destroy (key_pair->public);
gcry_free (key_pair);
}
}
/* Returns the data set contained in the key KEY. */
gcry_ac_data_t
_gcry_ac_key_data_get (gcry_ac_key_t key)
{
return key->data;
}
/* Verifies that the key KEY is sane via HANDLE. */
gcry_error_t
_gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key)
{
gcry_sexp_t key_sexp;
gcry_error_t err;
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &key_sexp);
if (err)
goto out;
err = gcry_pk_testkey (key_sexp);
out:
gcry_sexp_release (key_sexp);
return gcry_error (err);
}
/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
gcry_error_t
_gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
gcry_ac_key_t key, unsigned int *nbits)
{
gcry_sexp_t key_sexp;
gcry_error_t err;
unsigned int n;
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type],
0, 0, handle->algorithm_name, key->data, &key_sexp);
if (err)
goto out;
n = gcry_pk_get_nbits (key_sexp);
if (! n)
{
err = gcry_error (GPG_ERR_PUBKEY_ALGO);
goto out;
}
*nbits = n;
out:
gcry_sexp_release (key_sexp);
return err;
}
/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
HANDLE. */
gcry_error_t
_gcry_ac_key_get_grip (gcry_ac_handle_t handle,
gcry_ac_key_t key, unsigned char *key_grip)
{
gcry_sexp_t key_sexp;
gcry_error_t err;
unsigned char *ret;
key_sexp = NULL;
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &key_sexp);
if (err)
goto out;
ret = gcry_pk_get_keygrip (key_sexp, key_grip);
if (! ret)
{
err = gcry_error (GPG_ERR_INV_OBJ);
goto out;
}
err = 0;
out:
gcry_sexp_release (key_sexp);
return err;
}
/*
* Functions performing cryptographic operations.
*/
/* Encrypts the plain text MPI value DATA_PLAIN with the key public
KEY under the control of the flags FLAGS and stores the resulting
data set into DATA_ENCRYPTED. */
gcry_error_t
_gcry_ac_data_encrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t data_plain,
gcry_ac_data_t *data_encrypted)
{
gcry_ac_data_t data_encrypted_new;
gcry_ac_data_t data_value;
gcry_sexp_t sexp_request;
gcry_sexp_t sexp_reply;
gcry_sexp_t sexp_key;
gcry_error_t err;
data_encrypted_new = NULL;
sexp_request = NULL;
sexp_reply = NULL;
data_value = NULL;
sexp_key = NULL;
if (key->type != GCRY_AC_KEY_PUBLIC)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &sexp_key);
if (err)
goto out;
err = _gcry_ac_data_new (&data_value);
if (err)
goto out;
err = _gcry_ac_data_set (data_value, 0, "value", data_plain);
if (err)
goto out;
err = ac_data_construct ("data", 1, flags, handle->algorithm_name,
data_value, &sexp_request);
if (err)
goto out;
/* FIXME: error vs. errcode? */
err = gcry_pk_encrypt (&sexp_reply, sexp_request, sexp_key);
if (err)
goto out;
/* Extract data. */
err = ac_data_extract ("enc-val", handle->algorithm_name,
sexp_reply, &data_encrypted_new);
if (err)
goto out;
*data_encrypted = data_encrypted_new;
out:
/* Deallocate resources. */
gcry_sexp_release (sexp_request);
gcry_sexp_release (sexp_reply);
gcry_sexp_release (sexp_key);
_gcry_ac_data_destroy (data_value);
return err;
}
/* Decrypts the encrypted data contained in the data set
DATA_ENCRYPTED with the secret key KEY under the control of the
flags FLAGS and stores the resulting plain text MPI value in
DATA_PLAIN. */
gcry_error_t
_gcry_ac_data_decrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t *data_plain,
gcry_ac_data_t data_encrypted)
{
gcry_mpi_t data_decrypted;
gcry_sexp_t sexp_request;
gcry_sexp_t sexp_reply;
gcry_sexp_t sexp_value;
gcry_sexp_t sexp_key;
gcry_error_t err;
sexp_request = NULL;
sexp_reply = NULL;
sexp_value = NULL;
sexp_key = NULL;
if (key->type != GCRY_AC_KEY_SECRET)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &sexp_key);
if (err)
goto out;
/* Create S-expression from data. */
err = ac_data_construct ("enc-val", 1, flags, handle->algorithm_name,
data_encrypted, &sexp_request);
if (err)
goto out;
/* Decrypt. */
err = gcry_pk_decrypt (&sexp_reply, sexp_request, sexp_key);
if (err)
goto out;
/* Extract plain text. */
sexp_value = gcry_sexp_find_token (sexp_reply, "value", 0);
if (! sexp_value)
{
/* FIXME? */
err = gcry_error (GPG_ERR_GENERAL);
goto out;
}
data_decrypted = gcry_sexp_nth_mpi (sexp_value, 1, GCRYMPI_FMT_USG);
if (! data_decrypted)
{
err = gcry_error (GPG_ERR_GENERAL);
goto out;
}
*data_plain = data_decrypted;
out:
/* Deallocate resources. */
gcry_sexp_release (sexp_request);
gcry_sexp_release (sexp_reply);
gcry_sexp_release (sexp_value);
gcry_sexp_release (sexp_key);
return gcry_error (err);
}
/* Signs the data contained in DATA with the secret key KEY and stores
the resulting signature data set in DATA_SIGNATURE. */
gcry_error_t
_gcry_ac_data_sign (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t *data_signature)
{
gcry_ac_data_t data_signed;
gcry_ac_data_t data_value;
gcry_sexp_t sexp_request;
gcry_sexp_t sexp_reply;
gcry_sexp_t sexp_key;
gcry_error_t err;
data_signed = NULL;
data_value = NULL;
sexp_request = NULL;
sexp_reply = NULL;
sexp_key = NULL;
if (key->type != GCRY_AC_KEY_SECRET)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
err = ac_data_construct (ac_key_identifiers[key->type], 0, 0,
handle->algorithm_name, key->data, &sexp_key);
if (err)
goto out;
err = _gcry_ac_data_new (&data_value);
if (err)
goto out;
err = _gcry_ac_data_set (data_value, 0, "value", data);
if (err)
goto out;
/* Create S-expression holding the data. */
err = ac_data_construct ("data", 1, 0, NULL, data_value, &sexp_request);
if (err)
goto out;
/* Sign. */
err = gcry_pk_sign (&sexp_reply, sexp_request, sexp_key);
if (err)
goto out;
/* Extract data. */
err = ac_data_extract ("sig-val", handle->algorithm_name,
sexp_reply, &data_signed);
if (err)
goto out;
/* Done. */
*data_signature = data_signed;
out:
gcry_sexp_release (sexp_request);
gcry_sexp_release (sexp_reply);
gcry_sexp_release (sexp_key);
_gcry_ac_data_destroy (data_value);
return gcry_error (err);
}
/* Verifies that the signature contained in the data set
DATA_SIGNATURE is indeed the result of signing the data contained
in DATA with the secret key belonging to the public key KEY. */
gcry_error_t
_gcry_ac_data_verify (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t data_signature)
{
gcry_sexp_t sexp_signature;
gcry_ac_data_t data_value;
gcry_sexp_t sexp_data;
gcry_sexp_t sexp_key;
gcry_error_t err;
sexp_signature = NULL;
data_value = NULL;
sexp_data = NULL;
sexp_key = NULL;
err = ac_data_construct ("public-key", 0, 0,
handle->algorithm_name, key->data, &sexp_key);
if (err)
goto out;
if (key->type != GCRY_AC_KEY_PUBLIC)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
/* Construct S-expression holding the signature data. */
err = ac_data_construct ("sig-val", 1, 0, handle->algorithm_name,
data_signature, &sexp_signature);
if (err)
goto out;
err = _gcry_ac_data_new (&data_value);
if (err)
goto out;
err = _gcry_ac_data_set (data_value, 0, "value", data);
if (err)
goto out;
/* Construct S-expression holding the data. */
err = ac_data_construct ("data", 1, 0, NULL, data_value, &sexp_data);
if (err)
goto out;
/* Verify signature. */
err = gcry_pk_verify (sexp_signature, sexp_data, sexp_key);
out:
gcry_sexp_release (sexp_signature);
gcry_sexp_release (sexp_data);
gcry_sexp_release (sexp_key);
_gcry_ac_data_destroy (data_value);
return gcry_error (err);
}
/*
* Implementation of encoding methods (em).
*/
/* Type for functions that encode or decode (hence the name) a
message. */
typedef gcry_error_t (*gcry_ac_em_dencode_t) (unsigned int flags,
void *options,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write);
/* Fill the buffer BUFFER which is BUFFER_N bytes long with non-zero
random bytes of random level LEVEL. */
static void
em_randomize_nonzero (unsigned char *buffer, size_t buffer_n,
gcry_random_level_t level)
{
unsigned char *buffer_rand;
unsigned int buffer_rand_n;
unsigned int zeros;
unsigned int i;
unsigned int j;
for (i = 0; i < buffer_n; i++)
buffer[i] = 0;
do
{
/* Count zeros. */
for (i = zeros = 0; i < buffer_n; i++)
if (! buffer[i])
zeros++;
if (zeros)
{
/* Get random bytes. */
buffer_rand_n = zeros + (zeros / 128);
buffer_rand = gcry_random_bytes_secure (buffer_rand_n, level);
/* Substitute zeros with non-zero random bytes. */
for (i = j = 0; zeros && (i < buffer_n) && (j < buffer_rand_n); i++)
if (! buffer[i])
{
while ((j < buffer_rand_n) && (! buffer_rand[j]))
j++;
if (j < buffer_rand_n)
{
buffer[i] = buffer_rand[j++];
zeros--;
}
else
break;
}
gcry_free (buffer_rand);
}
}
while (zeros);
}
/* Encode a message according to the Encoding Method for Encryption
`PKCS-V1_5' (EME-PKCS-V1_5). */
static gcry_error_t
eme_pkcs_v1_5_encode (unsigned int flags, void *opts,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
gcry_ac_eme_pkcs_v1_5_t *options;
gcry_error_t err;
unsigned char *buffer;
unsigned char *ps;
unsigned char *m;
size_t m_n;
unsigned int ps_n;
unsigned int k;
(void)flags;
options = opts;
buffer = NULL;
m = NULL;
err = _gcry_ac_io_read_all (ac_io_read, &m, &m_n);
if (err)
goto out;
/* Figure out key length in bytes. */
k = options->key_size / 8;
if (m_n > k - 11)
{
/* Key is too short for message. */
err = gcry_error (GPG_ERR_TOO_SHORT);
goto out;
}
/* According to this encoding method, the first byte of the encoded
message is zero. This byte will be lost anyway, when the encoded
message is to be converted into an MPI, that's why we skip
it. */
/* Allocate buffer. */
buffer = gcry_malloc (k - 1);
if (! buffer)
{
err = gcry_error_from_errno (errno);
goto out;
}
/* Generate an octet string PS of length k - mLen - 3 consisting
of pseudorandomly generated nonzero octets. The length of PS
will be at least eight octets. */
ps_n = k - m_n - 3;
ps = buffer + 1;
em_randomize_nonzero (ps, ps_n, GCRY_STRONG_RANDOM);
/* Concatenate PS, the message M, and other padding to form an
encoded message EM of length k octets as:
EM = 0x00 || 0x02 || PS || 0x00 || M. */
buffer[0] = 0x02;
buffer[ps_n + 1] = 0x00;
memcpy (buffer + ps_n + 2, m, m_n);
err = _gcry_ac_io_write (ac_io_write, buffer, k - 1);
out:
gcry_free (buffer);
gcry_free (m);
return err;
}
/* Decode a message according to the Encoding Method for Encryption
`PKCS-V1_5' (EME-PKCS-V1_5). */
static gcry_error_t
eme_pkcs_v1_5_decode (unsigned int flags, void *opts,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
gcry_ac_eme_pkcs_v1_5_t *options;
unsigned char *buffer;
unsigned char *em;
size_t em_n;
gcry_error_t err;
unsigned int i;
unsigned int k;
(void)flags;
options = opts;
buffer = NULL;
em = NULL;
err = _gcry_ac_io_read_all (ac_io_read, &em, &em_n);
if (err)
goto out;
/* Figure out key size. */
k = options->key_size / 8;
/* Search for zero byte. */
for (i = 0; (i < em_n) && em[i]; i++);
/* According to this encoding method, the first byte of the encoded
message should be zero. This byte is lost. */
if (! ((em_n >= 10)
&& (em_n == (k - 1))
&& (em[0] == 0x02)
&& (i < em_n)
&& ((i - 1) >= 8)))
{
err = gcry_error (GPG_ERR_DECRYPT_FAILED);
goto out;
}
i++;
buffer = gcry_malloc (em_n - i);
if (! buffer)
{
err = gcry_error_from_errno (errno);
goto out;
}
memcpy (buffer, em + i, em_n - i);
err = _gcry_ac_io_write (ac_io_write, buffer, em_n - i);
out:
gcry_free (buffer);
gcry_free (em);
return err;
}
static gcry_error_t
emsa_pkcs_v1_5_encode_data_cb (void *opaque,
unsigned char *buffer, size_t buffer_n)
{
gcry_md_hd_t md_handle;
md_handle = opaque;
gcry_md_write (md_handle, buffer, buffer_n);
return 0;
}
/* Encode a message according to the Encoding Method for Signatures
with Appendix `PKCS-V1_5' (EMSA-PKCS-V1_5). */
static gcry_error_t
emsa_pkcs_v1_5_encode (unsigned int flags, void *opts,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
gcry_ac_emsa_pkcs_v1_5_t *options;
gcry_error_t err;
gcry_md_hd_t md;
unsigned char *t;
size_t t_n;
unsigned char *h;
size_t h_n;
unsigned char *ps;
size_t ps_n;
unsigned char *buffer;
size_t buffer_n;
unsigned char asn[100]; /* FIXME, always enough? */
size_t asn_n;
unsigned int i;
(void)flags;
options = opts;
buffer = NULL;
md = NULL;
ps = NULL;
t = NULL;
/* Create hashing handle and get the necessary information. */
err = gcry_md_open (&md, options->md, 0);
if (err)
goto out;
asn_n = DIM (asn);
err = gcry_md_algo_info (options->md, GCRYCTL_GET_ASNOID, asn, &asn_n);
if (err)
goto out;
h_n = gcry_md_get_algo_dlen (options->md);
err = _gcry_ac_io_process (ac_io_read, emsa_pkcs_v1_5_encode_data_cb, md);
if (err)
goto out;
h = gcry_md_read (md, 0);
/* Encode the algorithm ID for the hash function and the hash value
into an ASN.1 value of type DigestInfo with the Distinguished
Encoding Rules (DER), where the type DigestInfo has the syntax:
DigestInfo ::== SEQUENCE {
digestAlgorithm AlgorithmIdentifier,
digest OCTET STRING
}
The first field identifies the hash function and the second
contains the hash value. Let T be the DER encoding of the
DigestInfo value and let tLen be the length in octets of T. */
t_n = asn_n + h_n;
t = gcry_malloc (t_n);
if (! t)
{
err = gcry_error_from_errno (errno);
goto out;
}
for (i = 0; i < asn_n; i++)
t[i] = asn[i];
for (i = 0; i < h_n; i++)
t[asn_n + i] = h[i];
/* If emLen < tLen + 11, output "intended encoded message length
too short" and stop. */
if (options->em_n < t_n + 11)
{
err = gcry_error (GPG_ERR_TOO_SHORT);
goto out;
}
/* Generate an octet string PS consisting of emLen - tLen - 3 octets
with hexadecimal value 0xFF. The length of PS will be at least 8
octets. */
ps_n = options->em_n - t_n - 3;
ps = gcry_malloc (ps_n);
if (! ps)
{
err = gcry_error_from_errno (errno);
goto out;
}
for (i = 0; i < ps_n; i++)
ps[i] = 0xFF;
/* Concatenate PS, the DER encoding T, and other padding to form the
encoded message EM as:
EM = 0x00 || 0x01 || PS || 0x00 || T. */
buffer_n = ps_n + t_n + 3;
buffer = gcry_malloc (buffer_n);
if (! buffer)
{
err = gcry_error_from_errno (errno);
goto out;
}
buffer[0] = 0x00;
buffer[1] = 0x01;
for (i = 0; i < ps_n; i++)
buffer[2 + i] = ps[i];
buffer[2 + ps_n] = 0x00;
for (i = 0; i < t_n; i++)
buffer[3 + ps_n + i] = t[i];
err = _gcry_ac_io_write (ac_io_write, buffer, buffer_n);
out:
gcry_md_close (md);
gcry_free (buffer);
gcry_free (ps);
gcry_free (t);
return err;
}
/* `Actions' for data_dencode(). */
typedef enum dencode_action
{
DATA_ENCODE,
DATA_DECODE,
}
dencode_action_t;
/* Encode or decode a message according to the the encoding method
METHOD; ACTION specifies wether the message that is contained in
BUFFER_IN and of length BUFFER_IN_N should be encoded or decoded.
The resulting message will be stored in a newly allocated buffer in
BUFFER_OUT and BUFFER_OUT_N. */
static gcry_error_t
ac_data_dencode (gcry_ac_em_t method, dencode_action_t action,
unsigned int flags, void *options,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
struct
{
gcry_ac_em_t method;
gcry_ac_em_dencode_t encode;
gcry_ac_em_dencode_t decode;
} methods[] =
{
{ GCRY_AC_EME_PKCS_V1_5,
eme_pkcs_v1_5_encode, eme_pkcs_v1_5_decode },
{ GCRY_AC_EMSA_PKCS_V1_5,
emsa_pkcs_v1_5_encode, NULL },
};
size_t methods_n;
gcry_error_t err;
unsigned int i;
methods_n = sizeof (methods) / sizeof (*methods);
for (i = 0; i < methods_n; i++)
if (methods[i].method == method)
break;
if (i == methods_n)
{
err = gcry_error (GPG_ERR_NOT_FOUND); /* FIXME? */
goto out;
}
err = 0;
switch (action)
{
case DATA_ENCODE:
if (methods[i].encode)
/* FIXME? */
err = (*methods[i].encode) (flags, options, ac_io_read, ac_io_write);
break;
case DATA_DECODE:
if (methods[i].decode)
/* FIXME? */
err = (*methods[i].decode) (flags, options, ac_io_read, ac_io_write);
break;
default:
err = gcry_error (GPG_ERR_INV_ARG);
break;
}
out:
return err;
}
/* Encode a message according to the encoding method METHOD. OPTIONS
must be a pointer to a method-specific structure
(gcry_ac_em*_t). */
gcry_error_t
_gcry_ac_data_encode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
return ac_data_dencode (method, DATA_ENCODE, flags, options,
ac_io_read, ac_io_write);
}
/* Dencode a message according to the encoding method METHOD. OPTIONS
must be a pointer to a method-specific structure
(gcry_ac_em*_t). */
gcry_error_t
_gcry_ac_data_decode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *ac_io_read,
gcry_ac_io_t *ac_io_write)
{
return ac_data_dencode (method, DATA_DECODE, flags, options,
ac_io_read, ac_io_write);
}
/* Convert an MPI into an octet string. */
void
_gcry_ac_mpi_to_os (gcry_mpi_t mpi, unsigned char *os, size_t os_n)
{
unsigned long digit;
gcry_mpi_t base;
unsigned int i;
unsigned int n;
gcry_mpi_t m;
gcry_mpi_t d;
base = gcry_mpi_new (0);
gcry_mpi_set_ui (base, 256);
n = 0;
m = gcry_mpi_copy (mpi);
while (gcry_mpi_cmp_ui (m, 0))
{
n++;
gcry_mpi_div (m, NULL, m, base, 0);
}
gcry_mpi_set (m, mpi);
d = gcry_mpi_new (0);
for (i = 0; (i < n) && (i < os_n); i++)
{
gcry_mpi_mod (d, m, base);
_gcry_mpi_get_ui (d, &digit);
gcry_mpi_div (m, NULL, m, base, 0);
os[os_n - i - 1] = (digit & 0xFF);
}
for (; i < os_n; i++)
os[os_n - i - 1] = 0;
gcry_mpi_release (base);
gcry_mpi_release (d);
gcry_mpi_release (m);
}
/* Convert an MPI into an newly allocated octet string. */
gcry_error_t
_gcry_ac_mpi_to_os_alloc (gcry_mpi_t mpi, unsigned char **os, size_t *os_n)
{
unsigned char *buffer;
size_t buffer_n;
gcry_error_t err;
unsigned int nbits;
nbits = gcry_mpi_get_nbits (mpi);
buffer_n = (nbits + 7) / 8;
buffer = gcry_malloc (buffer_n);
if (! buffer)
{
err = gcry_error_from_errno (errno);
goto out;
}
_gcry_ac_mpi_to_os (mpi, buffer, buffer_n);
*os = buffer;
*os_n = buffer_n;
err = 0;
out:
return err;
}
/* Convert an octet string into an MPI. */
void
_gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n)
{
unsigned int i;
gcry_mpi_t xi;
gcry_mpi_t x;
gcry_mpi_t a;
a = gcry_mpi_new (0);
gcry_mpi_set_ui (a, 1);
x = gcry_mpi_new (0);
gcry_mpi_set_ui (x, 0);
xi = gcry_mpi_new (0);
for (i = 0; i < os_n; i++)
{
gcry_mpi_mul_ui (xi, a, os[os_n - i - 1]);
gcry_mpi_add (x, x, xi);
gcry_mpi_mul_ui (a, a, 256);
}
gcry_mpi_release (xi);
gcry_mpi_release (a);
gcry_mpi_set (mpi, x);
gcry_mpi_release (x); /* FIXME: correct? */
}
/*
* Implementation of Encryption Schemes (ES) and Signature Schemes
* with Appendix (SSA).
*/
/* Schemes consist of two things: encoding methods and cryptographic
primitives.
Since encoding methods are accessible through a common API with
method-specific options passed as an anonymous struct, schemes have
to provide functions that construct this method-specific structure;
this is what the functions of type `gcry_ac_dencode_prepare_t' are
there for. */
typedef gcry_error_t (*gcry_ac_dencode_prepare_t) (gcry_ac_handle_t handle,
gcry_ac_key_t key,
void *opts,
void *opts_em);
/* The `dencode_prepare' function for ES-PKCS-V1_5. */
static gcry_error_t
ac_es_dencode_prepare_pkcs_v1_5 (gcry_ac_handle_t handle, gcry_ac_key_t key,
void *opts, void *opts_em)
{
gcry_ac_eme_pkcs_v1_5_t *options_em;
unsigned int nbits;
gcry_error_t err;
(void)opts;
err = _gcry_ac_key_get_nbits (handle, key, &nbits);
if (err)
goto out;
options_em = opts_em;
options_em->key_size = nbits;
out:
return err;
}
/* The `dencode_prepare' function for SSA-PKCS-V1_5. */
static gcry_error_t
ac_ssa_dencode_prepare_pkcs_v1_5 (gcry_ac_handle_t handle, gcry_ac_key_t key,
void *opts, void *opts_em)
{
gcry_ac_emsa_pkcs_v1_5_t *options_em;
gcry_ac_ssa_pkcs_v1_5_t *options;
gcry_error_t err;
unsigned int k;
options_em = opts_em;
options = opts;
err = _gcry_ac_key_get_nbits (handle, key, &k);
if (err)
goto out;
k = (k + 7) / 8;
options_em->md = options->md;
options_em->em_n = k;
out:
return err;
}
/* Type holding the information about each supported
Encryption/Signature Scheme. */
typedef struct ac_scheme
{
gcry_ac_scheme_t scheme;
gcry_ac_em_t scheme_encoding;
gcry_ac_dencode_prepare_t dencode_prepare;
size_t options_em_n;
} ac_scheme_t;
/* List of supported Schemes. */
static ac_scheme_t ac_schemes[] =
{
{ GCRY_AC_ES_PKCS_V1_5, GCRY_AC_EME_PKCS_V1_5,
ac_es_dencode_prepare_pkcs_v1_5,
sizeof (gcry_ac_eme_pkcs_v1_5_t) },
{ GCRY_AC_SSA_PKCS_V1_5, GCRY_AC_EMSA_PKCS_V1_5,
ac_ssa_dencode_prepare_pkcs_v1_5,
sizeof (gcry_ac_emsa_pkcs_v1_5_t) }
};
/* Lookup a scheme by it's ID. */
static ac_scheme_t *
ac_scheme_get (gcry_ac_scheme_t scheme)
{
ac_scheme_t *ac_scheme;
unsigned int i;
for (i = 0; i < DIM (ac_schemes); i++)
if (scheme == ac_schemes[i].scheme)
break;
if (i == DIM (ac_schemes))
ac_scheme = NULL;
else
ac_scheme = ac_schemes + i;
return ac_scheme;
}
/* Prepares the encoding/decoding by creating an according option
structure. */
static gcry_error_t
ac_dencode_prepare (gcry_ac_handle_t handle, gcry_ac_key_t key, void *opts,
ac_scheme_t scheme, void **opts_em)
{
gcry_error_t err;
void *options_em;
options_em = gcry_malloc (scheme.options_em_n);
if (! options_em)
{
err = gcry_error_from_errno (errno);
goto out;
}
err = (*scheme.dencode_prepare) (handle, key, opts, options_em);
if (err)
goto out;
*opts_em = options_em;
out:
if (err)
free (options_em);
return err;
}
/* Convert a data set into a single MPI; currently, this is only
supported for data sets containing a single MPI. */
static gcry_error_t
ac_data_set_to_mpi (gcry_ac_data_t data, gcry_mpi_t *mpi)
{
gcry_error_t err;
gcry_mpi_t mpi_new;
unsigned int elems;
elems = _gcry_ac_data_length (data);
if (elems != 1)
{
/* FIXME: I guess, we should be more flexible in this respect by
allowing the actual encryption/signature schemes to implement
this conversion mechanism. */
err = gcry_error (GPG_ERR_CONFLICT);
goto out;
}
err = _gcry_ac_data_get_index (data, GCRY_AC_FLAG_COPY, 0, NULL, &mpi_new);
if (err)
goto out;
*mpi = mpi_new;
out:
return err;
}
/* Encrypts the plain text message contained in M, which is of size
M_N, with the public key KEY_PUBLIC according to the Encryption
Scheme SCHEME_ID. HANDLE is used for accessing the low-level
cryptographic primitives. If OPTS is not NULL, it has to be an
anonymous structure specific to the chosen scheme (gcry_ac_es_*_t).
The encrypted message will be stored in C and C_N. */
gcry_error_t
_gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme_id,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_cipher)
{
gcry_error_t err;
gcry_ac_io_t io_em;
unsigned char *em;
size_t em_n;
gcry_mpi_t mpi_plain;
gcry_ac_data_t data_encrypted;
gcry_mpi_t mpi_encrypted;
unsigned char *buffer;
size_t buffer_n;
void *opts_em;
ac_scheme_t *scheme;
(void)flags;
data_encrypted = NULL;
mpi_encrypted = NULL;
mpi_plain = NULL;
opts_em = NULL;
buffer = NULL;
em = NULL;
scheme = ac_scheme_get (scheme_id);
if (! scheme)
{
err = gcry_error (GPG_ERR_NO_ENCRYPTION_SCHEME);
goto out;
}
if (key->type != GCRY_AC_KEY_PUBLIC)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
err = ac_dencode_prepare (handle, key, opts, *scheme, &opts_em);
if (err)
goto out;
_gcry_ac_io_init (&io_em, GCRY_AC_IO_WRITABLE,
GCRY_AC_IO_STRING, &em, &em_n);
err = _gcry_ac_data_encode (scheme->scheme_encoding, 0, opts_em,
io_message, &io_em);
if (err)
goto out;
mpi_plain = gcry_mpi_snew (0);
gcry_ac_os_to_mpi (mpi_plain, em, em_n);
err = _gcry_ac_data_encrypt (handle, 0, key, mpi_plain, &data_encrypted);
if (err)
goto out;
err = ac_data_set_to_mpi (data_encrypted, &mpi_encrypted);
if (err)
goto out;
err = _gcry_ac_mpi_to_os_alloc (mpi_encrypted, &buffer, &buffer_n);
if (err)
goto out;
err = _gcry_ac_io_write (io_cipher, buffer, buffer_n);
out:
gcry_ac_data_destroy (data_encrypted);
gcry_mpi_release (mpi_encrypted);
gcry_mpi_release (mpi_plain);
gcry_free (opts_em);
gcry_free (buffer);
gcry_free (em);
return err;
}
/* Decryptes the cipher message contained in C, which is of size C_N,
with the secret key KEY_SECRET according to the Encryption Scheme
SCHEME_ID. Handle is used for accessing the low-level
cryptographic primitives. If OPTS is not NULL, it has to be an
anonymous structure specific to the chosen scheme (gcry_ac_es_*_t).
The decrypted message will be stored in M and M_N. */
gcry_error_t
_gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme_id,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_cipher,
gcry_ac_io_t *io_message)
{
gcry_ac_io_t io_em;
gcry_error_t err;
gcry_ac_data_t data_encrypted;
unsigned char *em;
size_t em_n;
gcry_mpi_t mpi_encrypted;
gcry_mpi_t mpi_decrypted;
void *opts_em;
ac_scheme_t *scheme;
char *elements_enc;
size_t elements_enc_n;
unsigned char *c;
size_t c_n;
(void)flags;
data_encrypted = NULL;
mpi_encrypted = NULL;
mpi_decrypted = NULL;
elements_enc = NULL;
opts_em = NULL;
em = NULL;
c = NULL;
scheme = ac_scheme_get (scheme_id);
if (! scheme)
{
err = gcry_error (GPG_ERR_NO_ENCRYPTION_SCHEME);
goto out;
}
if (key->type != GCRY_AC_KEY_SECRET)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
err = _gcry_ac_io_read_all (io_cipher, &c, &c_n);
if (err)
goto out;
mpi_encrypted = gcry_mpi_snew (0);
gcry_ac_os_to_mpi (mpi_encrypted, c, c_n);
err = _gcry_pk_get_elements (handle->algorithm, &elements_enc, NULL);
if (err)
goto out;
elements_enc_n = strlen (elements_enc);
if (elements_enc_n != 1)
{
/* FIXME? */
err = gcry_error (GPG_ERR_CONFLICT);
goto out;
}
err = _gcry_ac_data_new (&data_encrypted);
if (err)
goto out;
err = _gcry_ac_data_set (data_encrypted, GCRY_AC_FLAG_COPY | GCRY_AC_FLAG_DEALLOC,
elements_enc, mpi_encrypted);
if (err)
goto out;
err = _gcry_ac_data_decrypt (handle, 0, key, &mpi_decrypted, data_encrypted);
if (err)
goto out;
err = _gcry_ac_mpi_to_os_alloc (mpi_decrypted, &em, &em_n);
if (err)
goto out;
err = ac_dencode_prepare (handle, key, opts, *scheme, &opts_em);
if (err)
goto out;
_gcry_ac_io_init (&io_em, GCRY_AC_IO_READABLE,
GCRY_AC_IO_STRING, em, em_n);
err = _gcry_ac_data_decode (scheme->scheme_encoding, 0, opts_em,
&io_em, io_message);
if (err)
goto out;
out:
_gcry_ac_data_destroy (data_encrypted);
gcry_mpi_release (mpi_encrypted);
gcry_mpi_release (mpi_decrypted);
free (elements_enc);
gcry_free (opts_em);
gcry_free (em);
gcry_free (c);
return err;
}
/* Signs the message contained in M, which is of size M_N, with the
secret key KEY according to the Signature Scheme SCHEME_ID. Handle
is used for accessing the low-level cryptographic primitives. If
OPTS is not NULL, it has to be an anonymous structure specific to
the chosen scheme (gcry_ac_ssa_*_t). The signed message will be
stored in S and S_N. */
gcry_error_t
_gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme_id,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
{
gcry_ac_io_t io_em;
gcry_error_t err;
gcry_ac_data_t data_signed;
unsigned char *em;
size_t em_n;
gcry_mpi_t mpi;
void *opts_em;
unsigned char *buffer;
size_t buffer_n;
gcry_mpi_t mpi_signed;
ac_scheme_t *scheme;
(void)flags;
data_signed = NULL;
mpi_signed = NULL;
opts_em = NULL;
buffer = NULL;
mpi = NULL;
em = NULL;
if (key->type != GCRY_AC_KEY_SECRET)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
scheme = ac_scheme_get (scheme_id);
if (! scheme)
{
/* FIXME: adjust api of scheme_get in respect to err codes. */
err = gcry_error (GPG_ERR_NO_SIGNATURE_SCHEME);
goto out;
}
err = ac_dencode_prepare (handle, key, opts, *scheme, &opts_em);
if (err)
goto out;
_gcry_ac_io_init (&io_em, GCRY_AC_IO_WRITABLE,
GCRY_AC_IO_STRING, &em, &em_n);
err = _gcry_ac_data_encode (scheme->scheme_encoding, 0, opts_em,
io_message, &io_em);
if (err)
goto out;
mpi = gcry_mpi_new (0);
_gcry_ac_os_to_mpi (mpi, em, em_n);
err = _gcry_ac_data_sign (handle, key, mpi, &data_signed);
if (err)
goto out;
err = ac_data_set_to_mpi (data_signed, &mpi_signed);
if (err)
goto out;
err = _gcry_ac_mpi_to_os_alloc (mpi_signed, &buffer, &buffer_n);
if (err)
goto out;
err = _gcry_ac_io_write (io_signature, buffer, buffer_n);
out:
_gcry_ac_data_destroy (data_signed);
gcry_mpi_release (mpi_signed);
gcry_mpi_release (mpi);
gcry_free (opts_em);
gcry_free (buffer);
gcry_free (em);
return err;
}
/* Verifies that the signature contained in S, which is of length S_N,
is indeed the result of signing the message contained in M, which
is of size M_N, with the secret key belonging to the public key
KEY_PUBLIC. If OPTS is not NULL, it has to be an anonymous
structure (gcry_ac_ssa_*_t) specific to the Signature Scheme, whose
ID is contained in SCHEME_ID. */
gcry_error_t
_gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme_id,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
{
gcry_ac_io_t io_em;
gcry_error_t err;
gcry_ac_data_t data_signed;
unsigned char *em;
size_t em_n;
void *opts_em;
gcry_mpi_t mpi_signature;
gcry_mpi_t mpi_data;
ac_scheme_t *scheme;
char *elements_sig;
size_t elements_sig_n;
unsigned char *s;
size_t s_n;
(void)flags;
mpi_signature = NULL;
elements_sig = NULL;
data_signed = NULL;
mpi_data = NULL;
opts_em = NULL;
em = NULL;
s = NULL;
if (key->type != GCRY_AC_KEY_PUBLIC)
{
err = gcry_error (GPG_ERR_WRONG_KEY_USAGE);
goto out;
}
scheme = ac_scheme_get (scheme_id);
if (! scheme)
{
err = gcry_error (GPG_ERR_NO_SIGNATURE_SCHEME);
goto out;
}
err = ac_dencode_prepare (handle, key, opts, *scheme, &opts_em);
if (err)
goto out;
_gcry_ac_io_init (&io_em, GCRY_AC_IO_WRITABLE,
GCRY_AC_IO_STRING, &em, &em_n);
err = _gcry_ac_data_encode (scheme->scheme_encoding, 0, opts_em,
io_message, &io_em);
if (err)
goto out;
mpi_data = gcry_mpi_new (0);
_gcry_ac_os_to_mpi (mpi_data, em, em_n);
err = _gcry_ac_io_read_all (io_signature, &s, &s_n);
if (err)
goto out;
mpi_signature = gcry_mpi_new (0);
_gcry_ac_os_to_mpi (mpi_signature, s, s_n);
err = _gcry_pk_get_elements (handle->algorithm, NULL, &elements_sig);
if (err)
goto out;
elements_sig_n = strlen (elements_sig);
if (elements_sig_n != 1)
{
/* FIXME? */
err = gcry_error (GPG_ERR_CONFLICT);
goto out;
}
err = _gcry_ac_data_new (&data_signed);
if (err)
goto out;
err = _gcry_ac_data_set (data_signed, GCRY_AC_FLAG_COPY | GCRY_AC_FLAG_DEALLOC,
elements_sig, mpi_signature);
if (err)
goto out;
gcry_mpi_release (mpi_signature);
mpi_signature = NULL;
err = _gcry_ac_data_verify (handle, key, mpi_data, data_signed);
out:
_gcry_ac_data_destroy (data_signed);
gcry_mpi_release (mpi_signature);
gcry_mpi_release (mpi_data);
free (elements_sig);
gcry_free (opts_em);
gcry_free (em);
gcry_free (s);
return err;
}
/*
* General functions.
*/
gcry_err_code_t
_gcry_ac_init (void)
{
return 0;
}
diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c
index 29552cec..067af85b 100644
--- a/cipher/camellia-glue.c
+++ b/cipher/camellia-glue.c
@@ -1,238 +1,253 @@
/* camellia-glue.c - Glue for the Camellia cipher
* Copyright (C) 2007 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/* I put all the libgcrypt-specific stuff in this file to keep the
camellia.c/camellia.h files exactly as provided by NTT. If they
update their code, this should make it easier to bring the changes
in. - dshaw
There is one small change which needs to be done: Include the
following code at the top of camellia.h: */
#if 0
-/* Need to redefine the external symbols to keep the libgcrypt name
- space clean. */
-#define Camellia_Ekeygen _gcry_Camellia_Ekeygen
-#define Camellia_EncryptBlock _gcry_Camellia_EncryptBlock
-#define Camellia_DecryptBlock _gcry_Camellia_DecryptBlock
-#define camellia_decrypt128 _gcry_camellia_decrypt128
-#define camellia_decrypt256 _gcry_camellia_decrypt256
-#define camellia_encrypt128 _gcry_camellia_encrypt128
-#define camellia_encrypt256 _gcry_camellia_encrypt256
-#define camellia_setup128 _gcry_camellia_setup128
-#define camellia_setup192 _gcry_camellia_setup192
-#define camellia_setup256 _gcry_camellia_setup256
+
+/* To use Camellia with libraries it is often useful to keep the name
+ * space of the library clean. The following macro is thus useful:
+ *
+ * #define CAMELLIA_EXT_SYM_PREFIX foo_
+ *
+ * This prefixes all external symbols with "foo_".
+ */
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#ifdef CAMELLIA_EXT_SYM_PREFIX
+#define CAMELLIA_PREFIX1(x,y) x ## y
+#define CAMELLIA_PREFIX2(x,y) CAMELLIA_PREFIX1(x,y)
+#define CAMELLIA_PREFIX(x) CAMELLIA_PREFIX2(CAMELLIA_EXT_SYM_PREFIX,x)
+#define Camellia_Ekeygen CAMELLIA_PREFIX(Camellia_Ekeygen)
+#define Camellia_EncryptBlock CAMELLIA_PREFIX(Camellia_EncryptBlock)
+#define Camellia_DecryptBlock CAMELLIA_PREFIX(Camellia_DecryptBlock)
+#define camellia_decrypt128 CAMELLIA_PREFIX(camellia_decrypt128)
+#define camellia_decrypt256 CAMELLIA_PREFIX(camellia_decrypt256)
+#define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128)
+#define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256)
+#define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128)
+#define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192)
+#define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256)
+#endif /*CAMELLIA_EXT_SYM_PREFIX*/
+
#endif /* Code sample. */
#include <config.h>
#include "types.h"
#include "g10lib.h"
#include "cipher.h"
#include "camellia.h"
typedef struct
{
int keybitlength;
KEY_TABLE_TYPE keytable;
} CAMELLIA_context;
static const char *selftest(void);
static gcry_err_code_t
camellia_setkey(void *c, const byte *key, unsigned keylen)
{
CAMELLIA_context *ctx=c;
static int initialized=0;
static const char *selftest_failed=NULL;
if(keylen!=16 && keylen!=24 && keylen!=32)
return GPG_ERR_INV_KEYLEN;
if(!initialized)
{
initialized=1;
selftest_failed=selftest();
if(selftest_failed)
log_error("%s\n",selftest_failed);
}
if(selftest_failed)
return GPG_ERR_SELFTEST_FAILED;
ctx->keybitlength=keylen*8;
Camellia_Ekeygen(ctx->keybitlength,key,ctx->keytable);
_gcry_burn_stack
((19+34+34)*sizeof(u32)+2*sizeof(void*) /* camellia_setup256 */
+(4+32)*sizeof(u32)+2*sizeof(void*) /* camellia_setup192 */
+0+sizeof(int)+2*sizeof(void*) /* Camellia_Ekeygen */
+3*2*sizeof(void*) /* Function calls. */
);
return 0;
}
static void
camellia_encrypt(void *c, byte *outbuf, const byte *inbuf)
{
CAMELLIA_context *ctx=c;
Camellia_EncryptBlock(ctx->keybitlength,inbuf,ctx->keytable,outbuf);
_gcry_burn_stack
(sizeof(int)+2*sizeof(unsigned char *)+sizeof(KEY_TABLE_TYPE)
+4*sizeof(u32)
+2*sizeof(u32*)+4*sizeof(u32)
+2*2*sizeof(void*) /* Function calls. */
);
}
static void
camellia_decrypt(void *c, byte *outbuf, const byte *inbuf)
{
CAMELLIA_context *ctx=c;
Camellia_DecryptBlock(ctx->keybitlength,inbuf,ctx->keytable,outbuf);
_gcry_burn_stack
(sizeof(int)+2*sizeof(unsigned char *)+sizeof(KEY_TABLE_TYPE)
+4*sizeof(u32)
+2*sizeof(u32*)+4*sizeof(u32)
+2*2*sizeof(void*) /* Function calls. */
);
}
static const char *
selftest(void)
{
CAMELLIA_context ctx;
byte scratch[16];
/* These test vectors are from RFC-3713 */
const byte plaintext[]=
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10
};
const byte key_128[]=
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10
};
const byte ciphertext_128[]=
{
0x67,0x67,0x31,0x38,0x54,0x96,0x69,0x73,
0x08,0x57,0x06,0x56,0x48,0xea,0xbe,0x43
};
const byte key_192[]=
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98,
0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77
};
const byte ciphertext_192[]=
{
0xb4,0x99,0x34,0x01,0xb3,0xe9,0x96,0xf8,
0x4e,0xe5,0xce,0xe7,0xd7,0x9b,0x09,0xb9
};
const byte key_256[]=
{
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,
0x98,0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55,
0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff
};
const byte ciphertext_256[]=
{
0x9a,0xcc,0x23,0x7d,0xff,0x16,0xd7,0x6c,
0x20,0xef,0x7c,0x91,0x9e,0x3a,0x75,0x09
};
camellia_setkey(&ctx,key_128,sizeof(key_128));
camellia_encrypt(&ctx,scratch,plaintext);
if(memcmp(scratch,ciphertext_128,sizeof(ciphertext_128))!=0)
return "CAMELLIA-128 test encryption failed.";
camellia_decrypt(&ctx,scratch,scratch);
if(memcmp(scratch,plaintext,sizeof(plaintext))!=0)
return "CAMELLIA-128 test decryption failed.";
camellia_setkey(&ctx,key_192,sizeof(key_192));
camellia_encrypt(&ctx,scratch,plaintext);
if(memcmp(scratch,ciphertext_192,sizeof(ciphertext_192))!=0)
return "CAMELLIA-192 test encryption failed.";
camellia_decrypt(&ctx,scratch,scratch);
if(memcmp(scratch,plaintext,sizeof(plaintext))!=0)
return "CAMELLIA-192 test decryption failed.";
camellia_setkey(&ctx,key_256,sizeof(key_256));
camellia_encrypt(&ctx,scratch,plaintext);
if(memcmp(scratch,ciphertext_256,sizeof(ciphertext_256))!=0)
return "CAMELLIA-256 test encryption failed.";
camellia_decrypt(&ctx,scratch,scratch);
if(memcmp(scratch,plaintext,sizeof(plaintext))!=0)
return "CAMELLIA-256 test decryption failed.";
return NULL;
}
/* These oids are from
<http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications_oid.html>,
retrieved May 1, 2007. */
static gcry_cipher_oid_spec_t camellia128_oids[] =
{
{"1.2.392.200011.61.1.1.1.2", GCRY_CIPHER_MODE_CBC},
{"0.3.4401.5.3.1.9.1", GCRY_CIPHER_MODE_ECB},
{"0.3.4401.5.3.1.9.3", GCRY_CIPHER_MODE_OFB},
{"0.3.4401.5.3.1.9.4", GCRY_CIPHER_MODE_CFB},
{ NULL }
};
static gcry_cipher_oid_spec_t camellia192_oids[] =
{
{"1.2.392.200011.61.1.1.1.3", GCRY_CIPHER_MODE_CBC},
{"0.3.4401.5.3.1.9.21", GCRY_CIPHER_MODE_ECB},
{"0.3.4401.5.3.1.9.23", GCRY_CIPHER_MODE_OFB},
{"0.3.4401.5.3.1.9.24", GCRY_CIPHER_MODE_CFB},
{ NULL }
};
static gcry_cipher_oid_spec_t camellia256_oids[] =
{
{"1.2.392.200011.61.1.1.1.4", GCRY_CIPHER_MODE_CBC},
{"0.3.4401.5.3.1.9.41", GCRY_CIPHER_MODE_ECB},
{"0.3.4401.5.3.1.9.43", GCRY_CIPHER_MODE_OFB},
{"0.3.4401.5.3.1.9.44", GCRY_CIPHER_MODE_CFB},
{ NULL }
};
gcry_cipher_spec_t _gcry_cipher_spec_camellia128 =
{
"CAMELLIA128",NULL,camellia128_oids,CAMELLIA_BLOCK_SIZE,128,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
gcry_cipher_spec_t _gcry_cipher_spec_camellia192 =
{
"CAMELLIA192",NULL,camellia192_oids,CAMELLIA_BLOCK_SIZE,192,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
gcry_cipher_spec_t _gcry_cipher_spec_camellia256 =
{
"CAMELLIA256",NULL,camellia256_oids,CAMELLIA_BLOCK_SIZE,256,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
diff --git a/cipher/camellia.h b/cipher/camellia.h
index 3a92dc4d..4425a3a2 100644
--- a/cipher/camellia.h
+++ b/cipher/camellia.h
@@ -1,77 +1,81 @@
/* camellia.h ver 1.2.0
*
* Copyright (C) 2006,2007
* NTT (Nippon Telegraph and Telephone Corporation).
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef HEADER_CAMELLIA_H
#define HEADER_CAMELLIA_H
/* To use Camellia with libraries it is often useful to keep the name
* space of the library clean. The following macro is thus useful:
*
* #define CAMELLIA_EXT_SYM_PREFIX foo_
*
* This prefixes all external symbols with "foo_".
*/
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
#ifdef CAMELLIA_EXT_SYM_PREFIX
#define CAMELLIA_PREFIX1(x,y) x ## y
#define CAMELLIA_PREFIX2(x,y) CAMELLIA_PREFIX1(x,y)
#define CAMELLIA_PREFIX(x) CAMELLIA_PREFIX2(CAMELLIA_EXT_SYM_PREFIX,x)
#define Camellia_Ekeygen CAMELLIA_PREFIX(Camellia_Ekeygen)
#define Camellia_EncryptBlock CAMELLIA_PREFIX(Camellia_EncryptBlock)
#define Camellia_DecryptBlock CAMELLIA_PREFIX(Camellia_DecryptBlock)
#define camellia_decrypt128 CAMELLIA_PREFIX(camellia_decrypt128)
#define camellia_decrypt256 CAMELLIA_PREFIX(camellia_decrypt256)
#define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128)
#define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256)
#define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128)
#define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192)
#define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256)
#endif /*CAMELLIA_EXT_SYM_PREFIX*/
+
#ifdef __cplusplus
extern "C" {
#endif
#define CAMELLIA_BLOCK_SIZE 16
#define CAMELLIA_TABLE_BYTE_LEN 272
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
void Camellia_Ekeygen(const int keyBitLength,
const unsigned char *rawKey,
KEY_TABLE_TYPE keyTable);
void Camellia_EncryptBlock(const int keyBitLength,
const unsigned char *plaintext,
const KEY_TABLE_TYPE keyTable,
unsigned char *cipherText);
void Camellia_DecryptBlock(const int keyBitLength,
const unsigned char *cipherText,
const KEY_TABLE_TYPE keyTable,
unsigned char *plaintext);
#ifdef __cplusplus
}
#endif
#endif /* HEADER_CAMELLIA_H */
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 9b3b4ff9..66470ee6 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -1,1730 +1,1732 @@
/* cipher.c - cipher dispatcher
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* 2005, 2007 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "g10lib.h"
#include "cipher.h"
#include "ath.h"
#define MAX_BLOCKSIZE 16
#define TABLE_SIZE 14
#define CTX_MAGIC_NORMAL 0x24091964
#define CTX_MAGIC_SECURE 0x46919042
#undef NEED_16BYTE_ALIGNED_CONTEXT
#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__)
#define NEED_16BYTE_ALIGNED_CONTEXT 1
#endif
/* This is the list of the default ciphers, which are included in
libgcrypt. */
static struct cipher_table_entry
{
gcry_cipher_spec_t *cipher;
unsigned int algorithm;
} cipher_table[] =
{
#if USE_BLOWFISH
{ &_gcry_cipher_spec_blowfish, GCRY_CIPHER_BLOWFISH },
#endif
#if USE_DES
{ &_gcry_cipher_spec_des, GCRY_CIPHER_DES },
{ &_gcry_cipher_spec_tripledes, GCRY_CIPHER_3DES },
#endif
#if USE_ARCFOUR
{ &_gcry_cipher_spec_arcfour, GCRY_CIPHER_ARCFOUR },
#endif
#if USE_CAST5
{ &_gcry_cipher_spec_cast5, GCRY_CIPHER_CAST5 },
#endif
#if USE_AES
{ &_gcry_cipher_spec_aes, GCRY_CIPHER_AES},
{ &_gcry_cipher_spec_aes192, GCRY_CIPHER_AES192},
{ &_gcry_cipher_spec_aes256, GCRY_CIPHER_AES256},
#endif
#if USE_TWOFISH
{ &_gcry_cipher_spec_twofish, GCRY_CIPHER_TWOFISH },
{ &_gcry_cipher_spec_twofish128, GCRY_CIPHER_TWOFISH128 },
#endif
#if USE_SERPENT
{ &_gcry_cipher_spec_serpent128, GCRY_CIPHER_SERPENT128 },
{ &_gcry_cipher_spec_serpent192, GCRY_CIPHER_SERPENT192 },
{ &_gcry_cipher_spec_serpent256, GCRY_CIPHER_SERPENT256 },
#endif
#if USE_RFC2268
{ &_gcry_cipher_spec_rfc2268_40, GCRY_CIPHER_RFC2268_40 },
#endif
#if USE_SEED
{ &_gcry_cipher_spec_seed, GCRY_CIPHER_SEED },
#endif
#if USE_CAMELLIA
{ &_gcry_cipher_spec_camellia128, GCRY_CIPHER_CAMELLIA128 },
{ &_gcry_cipher_spec_camellia192, GCRY_CIPHER_CAMELLIA192 },
{ &_gcry_cipher_spec_camellia256, GCRY_CIPHER_CAMELLIA256 },
#endif
{ NULL }
};
/* List of registered ciphers. */
static gcry_module_t ciphers_registered;
/* This is the lock protecting CIPHERS_REGISTERED. */
static ath_mutex_t ciphers_registered_lock = ATH_MUTEX_INITIALIZER;
/* Flag to check wether the default ciphers have already been
registered. */
static int default_ciphers_registered;
/* Convenient macro for registering the default ciphers. */
#define REGISTER_DEFAULT_CIPHERS \
do \
{ \
ath_mutex_lock (&ciphers_registered_lock); \
if (! default_ciphers_registered) \
{ \
gcry_cipher_register_default (); \
default_ciphers_registered = 1; \
} \
ath_mutex_unlock (&ciphers_registered_lock); \
} \
while (0)
/* A VIA processor with the Padlock engine requires an alignment of
most data on a 16 byte boundary. Because we trick out the compiler
while allocating the context, the align attribute as used in
rijndael.c does not work on its own. Thus we need to make sure
that the entire context structure is a aligned on that boundary.
We achieve this by defining a new type and use that instead of our
usual alignment type. */
typedef union
{
PROPERLY_ALIGNED_TYPE foo;
#ifdef NEED_16BYTE_ALIGNED_CONTEXT
char bar[16] __attribute__ ((aligned (16)));
#endif
char c[1];
} cipher_context_alignment_t;
/* The handle structure. */
struct gcry_cipher_handle
{
int magic;
size_t actual_handle_size; /* Allocated size of this handle. */
size_t handle_offset; /* Offset to the malloced block. */
gcry_cipher_spec_t *cipher;
gcry_module_t module;
/* The algorithm id. This is a hack required because the module
interface does not easily allow to retrieve this value. */
int algo;
/* A structure with function pointers for bulk operations. Due to
limitations of the module system (we don't want to change the
API) we need to keep these function pointers here. The cipher
open function intializes them and the actual encryption routines
use them if they are not NULL. */
struct {
void (*cfb_enc)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks);
void (*cfb_dec)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks);
void (*cbc_enc)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks, int cbc_mac);
void (*cbc_dec)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks);
} bulk;
int mode;
unsigned int flags;
/* The initialization vector. To help code optimization we make
sure that it is aligned on an unsigned long and u32 boundary. */
union {
unsigned long dummy_iv;
u32 dummy_u32_iv;
unsigned char iv[MAX_BLOCKSIZE];
} u_iv;
unsigned char lastiv[MAX_BLOCKSIZE];
int unused; /* Number of unused bytes in the IV. */
unsigned char ctr[MAX_BLOCKSIZE]; /* For Counter (CTR) mode. */
/* What follows are two contexts of the cipher in use. The first
one needs to be aligned well enough for the cipher operation
whereas the second one is a copy created by cipher_setkey and
used by cipher_reset. That second copy has no need for proper
aligment because it is only accessed by memcpy. */
cipher_context_alignment_t context;
};
/* These dummy functions are used in case a cipher implementation
refuses to provide it's own functions. */
static gcry_err_code_t
dummy_setkey (void *c, const unsigned char *key, unsigned int keylen)
{
(void)c;
(void)key;
(void)keylen;
return GPG_ERR_NO_ERROR;
}
static void
dummy_encrypt_block (void *c,
unsigned char *outbuf, const unsigned char *inbuf)
{
(void)c;
(void)outbuf;
(void)inbuf;
BUG();
}
static void
dummy_decrypt_block (void *c,
unsigned char *outbuf, const unsigned char *inbuf)
{
(void)c;
(void)outbuf;
(void)inbuf;
BUG();
}
static void
dummy_encrypt_stream (void *c,
unsigned char *outbuf, const unsigned char *inbuf,
unsigned int n)
{
(void)c;
(void)outbuf;
(void)inbuf;
(void)n;
BUG();
}
static void
dummy_decrypt_stream (void *c,
unsigned char *outbuf, const unsigned char *inbuf,
unsigned int n)
{
(void)c;
(void)outbuf;
(void)inbuf;
(void)n;
BUG();
}
/* Internal function. Register all the ciphers included in
CIPHER_TABLE. Note, that this function gets only used by the macro
REGISTER_DEFAULT_CIPHERS which protects it using a mutex. */
static void
gcry_cipher_register_default (void)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
int i;
for (i = 0; !err && cipher_table[i].cipher; i++)
{
if (! cipher_table[i].cipher->setkey)
cipher_table[i].cipher->setkey = dummy_setkey;
if (! cipher_table[i].cipher->encrypt)
cipher_table[i].cipher->encrypt = dummy_encrypt_block;
if (! cipher_table[i].cipher->decrypt)
cipher_table[i].cipher->decrypt = dummy_decrypt_block;
if (! cipher_table[i].cipher->stencrypt)
cipher_table[i].cipher->stencrypt = dummy_encrypt_stream;
if (! cipher_table[i].cipher->stdecrypt)
cipher_table[i].cipher->stdecrypt = dummy_decrypt_stream;
err = _gcry_module_add (&ciphers_registered,
cipher_table[i].algorithm,
(void *) cipher_table[i].cipher,
NULL);
}
if (err)
BUG ();
}
/* Internal callback function. Used via _gcry_module_lookup. */
static int
gcry_cipher_lookup_func_name (void *spec, void *data)
{
gcry_cipher_spec_t *cipher = (gcry_cipher_spec_t *) spec;
char *name = (char *) data;
const char **aliases = cipher->aliases;
int i, ret = ! stricmp (name, cipher->name);
if (aliases)
for (i = 0; aliases[i] && (! ret); i++)
ret = ! stricmp (name, aliases[i]);
return ret;
}
/* Internal callback function. Used via _gcry_module_lookup. */
static int
gcry_cipher_lookup_func_oid (void *spec, void *data)
{
gcry_cipher_spec_t *cipher = (gcry_cipher_spec_t *) spec;
char *oid = (char *) data;
gcry_cipher_oid_spec_t *oid_specs = cipher->oids;
int ret = 0, i;
if (oid_specs)
for (i = 0; oid_specs[i].oid && (! ret); i++)
if (! stricmp (oid, oid_specs[i].oid))
ret = 1;
return ret;
}
/* Internal function. Lookup a cipher entry by it's name. */
static gcry_module_t
gcry_cipher_lookup_name (const char *name)
{
gcry_module_t cipher;
cipher = _gcry_module_lookup (ciphers_registered, (void *) name,
gcry_cipher_lookup_func_name);
return cipher;
}
/* Internal function. Lookup a cipher entry by it's oid. */
static gcry_module_t
gcry_cipher_lookup_oid (const char *oid)
{
gcry_module_t cipher;
cipher = _gcry_module_lookup (ciphers_registered, (void *) oid,
gcry_cipher_lookup_func_oid);
return cipher;
}
/* Register a new cipher module whose specification can be found in
CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representhing this module is stored in MODULE. */
gcry_error_t
gcry_cipher_register (gcry_cipher_spec_t *cipher,
int *algorithm_id,
gcry_module_t *module)
{
gcry_err_code_t err = 0;
gcry_module_t mod;
ath_mutex_lock (&ciphers_registered_lock);
err = _gcry_module_add (&ciphers_registered, 0,
(void *) cipher, &mod);
ath_mutex_unlock (&ciphers_registered_lock);
if (! err)
{
*module = mod;
*algorithm_id = mod->mod_id;
}
return gcry_error (err);
}
/* Unregister the cipher identified by MODULE, which must have been
registered with gcry_cipher_register. */
void
gcry_cipher_unregister (gcry_module_t module)
{
ath_mutex_lock (&ciphers_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&ciphers_registered_lock);
}
/* Locate the OID in the oid table and return the index or -1 when not
found. An opitonal "oid." or "OID." prefix in OID is ignored, the
OID is expected to be in standard IETF dotted notation. The
internal algorithm number is returned in ALGORITHM unless it
ispassed as NULL. A pointer to the specification of the module
implementing this algorithm is return in OID_SPEC unless passed as
NULL.*/
static int
search_oid (const char *oid, int *algorithm, gcry_cipher_oid_spec_t *oid_spec)
{
gcry_module_t module;
int ret = 0;
if (oid && ((! strncmp (oid, "oid.", 4))
|| (! strncmp (oid, "OID.", 4))))
oid += 4;
module = gcry_cipher_lookup_oid (oid);
if (module)
{
gcry_cipher_spec_t *cipher = module->spec;
int i;
for (i = 0; cipher->oids[i].oid && !ret; i++)
if (! stricmp (oid, cipher->oids[i].oid))
{
if (algorithm)
*algorithm = module->mod_id;
if (oid_spec)
*oid_spec = cipher->oids[i];
ret = 1;
}
_gcry_module_release (module);
}
return ret;
}
/* Map STRING to the cipher algorithm identifier. Returns the
algorithm ID of the cipher for the given name or 0 if the name is
not known. It is valid to pass NULL for STRING which results in a
return value of 0. */
int
gcry_cipher_map_name (const char *string)
{
gcry_module_t cipher;
int ret, algorithm = 0;
if (! string)
return 0;
REGISTER_DEFAULT_CIPHERS;
/* If the string starts with a digit (optionally prefixed with
either "OID." or "oid."), we first look into our table of ASN.1
object identifiers to figure out the algorithm */
ath_mutex_lock (&ciphers_registered_lock);
ret = search_oid (string, &algorithm, NULL);
if (! ret)
{
cipher = gcry_cipher_lookup_name (string);
if (cipher)
{
algorithm = cipher->mod_id;
_gcry_module_release (cipher);
}
}
ath_mutex_unlock (&ciphers_registered_lock);
return algorithm;
}
/* Given a STRING with an OID in dotted decimal notation, this
function returns the cipher mode (GCRY_CIPHER_MODE_*) associated
with that OID or 0 if no mode is known. Passing NULL for string
yields a return value of 0. */
int
gcry_cipher_mode_from_oid (const char *string)
{
gcry_cipher_oid_spec_t oid_spec;
int ret = 0, mode = 0;
if (!string)
return 0;
ath_mutex_lock (&ciphers_registered_lock);
ret = search_oid (string, NULL, &oid_spec);
if (ret)
mode = oid_spec.mode;
ath_mutex_unlock (&ciphers_registered_lock);
return mode;
}
/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
static const char *
cipher_algo_to_string (int algorithm)
{
gcry_module_t cipher;
const char *name;
REGISTER_DEFAULT_CIPHERS;
ath_mutex_lock (&ciphers_registered_lock);
cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
if (cipher)
{
name = ((gcry_cipher_spec_t *) cipher->spec)->name;
_gcry_module_release (cipher);
}
else
name = "?";
ath_mutex_unlock (&ciphers_registered_lock);
return name;
}
/* Map the cipher algorithm identifier ALGORITHM to a string
representing this algorithm. This string is the default name as
used by Libgcrypt. An pointer to an empty string is returned for
an unknown algorithm. NULL is never returned. */
const char *
gcry_cipher_algo_name (int algorithm)
{
return cipher_algo_to_string (algorithm);
}
/* Flag the cipher algorithm with the identifier ALGORITHM as
disabled. There is no error return, the function does nothing for
unknown algorithms. Disabled algorithms are vitually not available
in Libgcrypt. */
static void
disable_cipher_algo (int algorithm)
{
gcry_module_t cipher;
REGISTER_DEFAULT_CIPHERS;
ath_mutex_lock (&ciphers_registered_lock);
cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
if (cipher)
{
if (! (cipher->flags & FLAG_MODULE_DISABLED))
cipher->flags |= FLAG_MODULE_DISABLED;
_gcry_module_release (cipher);
}
ath_mutex_unlock (&ciphers_registered_lock);
}
/* Return 0 if the cipher algorithm with indentifier ALGORITHM is
available. Returns a basic error code value if it is not available. */
static gcry_err_code_t
check_cipher_algo (int algorithm)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t cipher;
REGISTER_DEFAULT_CIPHERS;
ath_mutex_lock (&ciphers_registered_lock);
cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
if (cipher)
{
if (cipher->flags & FLAG_MODULE_DISABLED)
err = GPG_ERR_CIPHER_ALGO;
_gcry_module_release (cipher);
}
else
err = GPG_ERR_CIPHER_ALGO;
ath_mutex_unlock (&ciphers_registered_lock);
return err;
}
/* Return the standard length of the key for the cipher algorithm with
the identifier ALGORITHM. This function expects a valid algorithm
and will abort if the algorithm is not available or the length of
the key is not known. */
static unsigned int
cipher_get_keylen (int algorithm)
{
gcry_module_t cipher;
unsigned len = 0;
REGISTER_DEFAULT_CIPHERS;
ath_mutex_lock (&ciphers_registered_lock);
cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
if (cipher)
{
len = ((gcry_cipher_spec_t *) cipher->spec)->keylen;
if (! len)
log_bug ("cipher %d w/o key length\n", algorithm);
_gcry_module_release (cipher);
}
else
log_bug ("cipher %d not found\n", algorithm);
ath_mutex_unlock (&ciphers_registered_lock);
return len;
}
/* Return the block length of the cipher algorithm with the identifier
ALGORITHM. This function expects a valid algorithm and will abort
if the algorithm is not available or the length of the key is not
known. */
static unsigned int
cipher_get_blocksize (int algorithm)
{
gcry_module_t cipher;
unsigned len = 0;
REGISTER_DEFAULT_CIPHERS;
ath_mutex_lock (&ciphers_registered_lock);
cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
if (cipher)
{
len = ((gcry_cipher_spec_t *) cipher->spec)->blocksize;
if (! len)
log_bug ("cipher %d w/o blocksize\n", algorithm);
_gcry_module_release (cipher);
}
else
log_bug ("cipher %d not found\n", algorithm);
ath_mutex_unlock (&ciphers_registered_lock);
return len;
}
/*
Open a cipher handle for use with cipher algorithm ALGORITHM, using
the cipher mode MODE (one of the GCRY_CIPHER_MODE_*) and return a
handle in HANDLE. Put NULL into HANDLE and return an error code if
something goes wrong. FLAGS may be used to modify the
operation. The defined flags are:
GCRY_CIPHER_SECURE: allocate all internal buffers in secure memory.
GCRY_CIPHER_ENABLE_SYNC: Enable the sync operation as used in OpenPGP.
GCRY_CIPHER_CBC_CTS: Enable CTS mode.
GCRY_CIPHER_CBC_MAC: Enable MAC mode.
Values for these flags may be combined using OR.
*/
gcry_error_t
gcry_cipher_open (gcry_cipher_hd_t *handle,
int algo, int mode, unsigned int flags)
{
int secure = (flags & GCRY_CIPHER_SECURE);
gcry_cipher_spec_t *cipher = NULL;
gcry_module_t module = NULL;
gcry_cipher_hd_t h = NULL;
gcry_err_code_t err = 0;
/* If the application missed to call the random poll function, we do
it here to ensure that it is used once in a while. */
_gcry_fast_random_poll ();
REGISTER_DEFAULT_CIPHERS;
/* Fetch the according module and check wether the cipher is marked
available for use. */
ath_mutex_lock (&ciphers_registered_lock);
module = _gcry_module_lookup_id (ciphers_registered, algo);
if (module)
{
/* Found module. */
if (module->flags & FLAG_MODULE_DISABLED)
{
/* Not available for use. */
err = GPG_ERR_CIPHER_ALGO;
_gcry_module_release (module);
}
else
cipher = (gcry_cipher_spec_t *) module->spec;
}
else
err = GPG_ERR_CIPHER_ALGO;
ath_mutex_unlock (&ciphers_registered_lock);
/* check flags */
if ((! err)
&& ((flags & ~(0
| GCRY_CIPHER_SECURE
| GCRY_CIPHER_ENABLE_SYNC
| GCRY_CIPHER_CBC_CTS
| GCRY_CIPHER_CBC_MAC))
|| (flags & GCRY_CIPHER_CBC_CTS & GCRY_CIPHER_CBC_MAC)))
err = GPG_ERR_CIPHER_ALGO;
/* check that a valid mode has been requested */
if (! err)
switch (mode)
{
case GCRY_CIPHER_MODE_ECB:
case GCRY_CIPHER_MODE_CBC:
case GCRY_CIPHER_MODE_CFB:
case GCRY_CIPHER_MODE_OFB:
case GCRY_CIPHER_MODE_CTR:
if ((cipher->encrypt == dummy_encrypt_block)
|| (cipher->decrypt == dummy_decrypt_block))
err = GPG_ERR_INV_CIPHER_MODE;
break;
case GCRY_CIPHER_MODE_STREAM:
if ((cipher->stencrypt == dummy_encrypt_stream)
|| (cipher->stdecrypt == dummy_decrypt_stream))
err = GPG_ERR_INV_CIPHER_MODE;
break;
case GCRY_CIPHER_MODE_NONE:
/* FIXME: issue a warning when this mode is used */
break;
default:
err = GPG_ERR_INV_CIPHER_MODE;
}
/* Perform selftest here and mark this with a flag in cipher_table?
No, we should not do this as it takes too long. Further it does
not make sense to exclude algorithms with failing selftests at
runtime: If a selftest fails there is something seriously wrong
with the system and thus we better die immediately. */
if (! err)
{
size_t size = (sizeof (*h)
+ 2 * cipher->contextsize
- sizeof (cipher_context_alignment_t)
#ifdef NEED_16BYTE_ALIGNED_CONTEXT
+ 15 /* Space for leading alignment gap. */
#endif /*NEED_16BYTE_ALIGNED_CONTEXT*/
);
if (secure)
h = gcry_calloc_secure (1, size);
else
h = gcry_calloc (1, size);
if (! h)
err = gpg_err_code_from_errno (errno);
else
{
size_t off = 0;
#ifdef NEED_16BYTE_ALIGNED_CONTEXT
if ( ((unsigned long)h & 0x0f) )
{
/* The malloced block is not aligned on a 16 byte
boundary. Correct for this. */
off = 16 - ((unsigned long)h & 0x0f);
h = (void*)((char*)h + off);
}
#endif /*NEED_16BYTE_ALIGNED_CONTEXT*/
h->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
h->actual_handle_size = size - off;
h->handle_offset = off;
h->cipher = cipher;
h->module = module;
h->algo = algo;
h->mode = mode;
h->flags = flags;
/* Setup bulk encryption routines. */
switch (algo)
{
+#ifdef USE_AES
case GCRY_CIPHER_AES128:
case GCRY_CIPHER_AES192:
case GCRY_CIPHER_AES256:
h->bulk.cfb_enc = _gcry_aes_cfb_enc;
h->bulk.cfb_dec = _gcry_aes_cfb_dec;
h->bulk.cbc_enc = _gcry_aes_cbc_enc;
h->bulk.cbc_dec = _gcry_aes_cbc_dec;
break;
+#endif /*USE_AES*/
default:
break;
}
}
}
/* Done. */
if (err)
{
if (module)
{
/* Release module. */
ath_mutex_lock (&ciphers_registered_lock);
_gcry_module_release (module);
ath_mutex_unlock (&ciphers_registered_lock);
}
}
*handle = err ? NULL : h;
return gcry_error (err);
}
/* Release all resources associated with the cipher handle H. H may be
NULL in which case this is a no-operation. */
void
gcry_cipher_close (gcry_cipher_hd_t h)
{
size_t off;
if (! h)
return;
if ((h->magic != CTX_MAGIC_SECURE)
&& (h->magic != CTX_MAGIC_NORMAL))
_gcry_fatal_error(GPG_ERR_INTERNAL,
"gcry_cipher_close: already closed/invalid handle");
else
h->magic = 0;
/* Release module. */
ath_mutex_lock (&ciphers_registered_lock);
_gcry_module_release (h->module);
ath_mutex_unlock (&ciphers_registered_lock);
/* We always want to wipe out the memory even when the context has
been allocated in secure memory. The user might have disabled
secure memory or is using his own implementation which does not
do the wiping. To accomplish this we need to keep track of the
actual size of this structure because we have no way to known
how large the allocated area was when using a standard malloc. */
off = h->handle_offset;
wipememory (h, h->actual_handle_size);
gcry_free ((char*)h - off);
}
/* Set the key to be used for the encryption context C to KEY with
length KEYLEN. The length should match the required length. */
static gcry_error_t
cipher_setkey (gcry_cipher_hd_t c, byte *key, unsigned keylen)
{
gcry_err_code_t ret;
ret = (*c->cipher->setkey) (&c->context.c, key, keylen);
if (! ret)
/* Duplicate initial context. */
memcpy ((void *) ((char *) &c->context.c + c->cipher->contextsize),
(void *) &c->context.c,
c->cipher->contextsize);
return gcry_error (ret);
}
/* Set the IV to be used for the encryption context C to IV with
length IVLEN. The length should match the required length. */
static void
cipher_setiv( gcry_cipher_hd_t c, const byte *iv, unsigned ivlen )
{
memset (c->u_iv.iv, 0, c->cipher->blocksize);
if (iv)
{
if (ivlen != c->cipher->blocksize)
log_info ("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
ivlen, (unsigned int)c->cipher->blocksize);
if (ivlen > c->cipher->blocksize)
ivlen = c->cipher->blocksize;
memcpy (c->u_iv.iv, iv, ivlen);
}
c->unused = 0;
}
/* Reset the cipher context to the initial context. This is basically
the same as an release followed by a new. */
static void
cipher_reset (gcry_cipher_hd_t c)
{
memcpy (&c->context.c,
(char *) &c->context.c + c->cipher->contextsize,
c->cipher->contextsize);
memset (c->u_iv.iv, 0, c->cipher->blocksize);
memset (c->lastiv, 0, c->cipher->blocksize);
memset (c->ctr, 0, c->cipher->blocksize);
}
static void
do_ecb_encrypt( gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
unsigned int nblocks )
{
unsigned int n;
for(n=0; n < nblocks; n++ ) {
c->cipher->encrypt ( &c->context.c, outbuf, (byte*)/*arggg*/inbuf );
inbuf += c->cipher->blocksize;
outbuf += c->cipher->blocksize;
}
}
static void
do_ecb_decrypt( gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
unsigned int nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
c->cipher->decrypt ( &c->context.c, outbuf, (byte*)/*arggg*/inbuf );
inbuf += c->cipher->blocksize;
outbuf += c->cipher->blocksize;
}
}
static void
do_cbc_encrypt (gcry_cipher_hd_t c, unsigned char *outbuf,
const unsigned char *inbuf, unsigned int nbytes )
{
unsigned int n;
unsigned char *ivp;
int i;
size_t blocksize = c->cipher->blocksize;
unsigned nblocks = nbytes / blocksize;
if ((c->flags & GCRY_CIPHER_CBC_CTS) && nbytes > blocksize)
{
if ((nbytes % blocksize) == 0)
nblocks--;
}
if (c->bulk.cbc_enc)
{
c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks,
(c->flags & GCRY_CIPHER_CBC_MAC));
inbuf += nblocks * blocksize;
if (!(c->flags & GCRY_CIPHER_CBC_MAC))
outbuf += nblocks * blocksize;
}
else
{
for (n=0; n < nblocks; n++ )
{
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
outbuf[i] = inbuf[i] ^ *ivp++;
c->cipher->encrypt ( &c->context.c, outbuf, outbuf );
memcpy (c->u_iv.iv, outbuf, blocksize );
inbuf += blocksize;
if (!(c->flags & GCRY_CIPHER_CBC_MAC))
outbuf += blocksize;
}
}
if ((c->flags & GCRY_CIPHER_CBC_CTS) && nbytes > blocksize)
{
/* We have to be careful here, since outbuf might be equal to
inbuf. */
int restbytes;
unsigned char b;
if ((nbytes % blocksize) == 0)
restbytes = blocksize;
else
restbytes = nbytes % blocksize;
outbuf -= blocksize;
for (ivp = c->u_iv.iv, i = 0; i < restbytes; i++)
{
b = inbuf[i];
outbuf[blocksize + i] = outbuf[i];
outbuf[i] = b ^ *ivp++;
}
for (; i < blocksize; i++)
outbuf[i] = 0 ^ *ivp++;
c->cipher->encrypt (&c->context.c, outbuf, outbuf);
memcpy (c->u_iv.iv, outbuf, blocksize);
}
}
static void
do_cbc_decrypt (gcry_cipher_hd_t c, unsigned char *outbuf,
const unsigned char *inbuf, unsigned int nbytes)
{
unsigned int n;
unsigned char *ivp;
int i;
size_t blocksize = c->cipher->blocksize;
unsigned int nblocks = nbytes / blocksize;
if ((c->flags & GCRY_CIPHER_CBC_CTS) && nbytes > blocksize)
{
nblocks--;
if ((nbytes % blocksize) == 0)
nblocks--;
memcpy (c->lastiv, c->u_iv.iv, blocksize);
}
if (c->bulk.cbc_dec)
{
c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
inbuf += nblocks * blocksize;
outbuf += nblocks * blocksize;
}
else
{
for (n=0; n < nblocks; n++ )
{
/* Because outbuf and inbuf might be the same, we have to
* save the original ciphertext block. We use lastiv for
* this here because it is not used otherwise. */
memcpy (c->lastiv, inbuf, blocksize);
c->cipher->decrypt ( &c->context.c, outbuf, inbuf );
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
outbuf[i] ^= *ivp++;
memcpy(c->u_iv.iv, c->lastiv, blocksize );
inbuf += c->cipher->blocksize;
outbuf += c->cipher->blocksize;
}
}
if ((c->flags & GCRY_CIPHER_CBC_CTS) && nbytes > blocksize)
{
int restbytes;
if ((nbytes % blocksize) == 0)
restbytes = blocksize;
else
restbytes = nbytes % blocksize;
memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */
memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */
c->cipher->decrypt ( &c->context.c, outbuf, inbuf );
for (ivp=c->u_iv.iv,i=0; i < restbytes; i++ )
outbuf[i] ^= *ivp++;
memcpy(outbuf + blocksize, outbuf, restbytes);
for(i=restbytes; i < blocksize; i++)
c->u_iv.iv[i] = outbuf[i];
c->cipher->decrypt (&c->context.c, outbuf, c->u_iv.iv);
for(ivp=c->lastiv,i=0; i < blocksize; i++ )
outbuf[i] ^= *ivp++;
/* c->lastiv is now really lastlastiv, does this matter? */
}
}
static void
do_cfb_encrypt( gcry_cipher_hd_t c, unsigned char *outbuf,
const unsigned char *inbuf, unsigned int nbytes )
{
unsigned char *ivp;
size_t blocksize = c->cipher->blocksize;
size_t blocksize_x_2 = blocksize + blocksize;
if ( nbytes <= c->unused )
{
/* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV and store input into IV. */
for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused;
nbytes;
nbytes--, c->unused-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
return;
}
if ( c->unused )
{
/* XOR the input with the IV and store input into IV */
nbytes -= c->unused;
for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
}
/* Now we can process complete blocks. We use a loop as long as we
have at least 2 blocks and use conditions for the rest. This
also allows to use a bulk encryption function if available. */
if (nbytes >= blocksize_x_2 && c->bulk.cfb_enc)
{
unsigned int nblocks = nbytes / blocksize;
c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
outbuf += nblocks * blocksize;
inbuf += nblocks * blocksize;
nbytes -= nblocks * blocksize;
}
else
{
while ( nbytes >= blocksize_x_2 )
{
int i;
/* Encrypt the IV. */
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
/* XOR the input with the IV and store input into IV. */
for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
*outbuf++ = (*ivp++ ^= *inbuf++);
nbytes -= blocksize;
}
}
if ( nbytes >= blocksize )
{
int i;
/* Save the current IV and then encrypt the IV. */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
/* XOR the input with the IV and store input into IV */
for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
*outbuf++ = (*ivp++ ^= *inbuf++);
nbytes -= blocksize;
}
if ( nbytes )
{
/* Save the current IV and then encrypt the IV. */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
c->unused = blocksize;
/* Apply the XOR. */
c->unused -= nbytes;
for(ivp=c->u_iv.iv; nbytes; nbytes-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
}
}
static void
do_cfb_decrypt( gcry_cipher_hd_t c, unsigned char *outbuf,
const unsigned char *inbuf, unsigned int nbytes )
{
unsigned char *ivp;
unsigned long temp;
int i;
size_t blocksize = c->cipher->blocksize;
size_t blocksize_x_2 = blocksize + blocksize;
if (nbytes <= c->unused)
{
/* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV and store input into IV. */
for (ivp=c->u_iv.iv+blocksize - c->unused;
nbytes;
nbytes--, c->unused--)
{
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
return;
}
if (c->unused)
{
/* XOR the input with the IV and store input into IV. */
nbytes -= c->unused;
for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- )
{
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
}
/* Now we can process complete blocks. We use a loop as long as we
have at least 2 blocks and use conditions for the rest. This
also allows to use a bulk encryption function if available. */
if (nbytes >= blocksize_x_2 && c->bulk.cfb_dec)
{
unsigned int nblocks = nbytes / blocksize;
c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
outbuf += nblocks * blocksize;
inbuf += nblocks * blocksize;
nbytes -= nblocks * blocksize;
}
else
{
while (nbytes >= blocksize_x_2 )
{
/* Encrypt the IV. */
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
/* XOR the input with the IV and store input into IV. */
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
{
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
nbytes -= blocksize;
}
}
if (nbytes >= blocksize )
{
/* Save the current IV and then encrypt the IV. */
memcpy ( c->lastiv, c->u_iv.iv, blocksize);
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
/* XOR the input with the IV and store input into IV */
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
{
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
nbytes -= blocksize;
}
if (nbytes)
{
/* Save the current IV and then encrypt the IV. */
memcpy ( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
c->unused = blocksize;
/* Apply the XOR. */
c->unused -= nbytes;
for (ivp=c->u_iv.iv; nbytes; nbytes-- )
{
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
}
}
static void
do_ofb_encrypt( gcry_cipher_hd_t c,
byte *outbuf, const byte *inbuf, unsigned nbytes )
{
byte *ivp;
size_t blocksize = c->cipher->blocksize;
if ( nbytes <= c->unused )
{
/* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV */
for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused;
nbytes;
nbytes--, c->unused-- )
*outbuf++ = (*ivp++ ^ *inbuf++);
return;
}
if( c->unused )
{
nbytes -= c->unused;
for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- )
*outbuf++ = (*ivp++ ^ *inbuf++);
}
/* Now we can process complete blocks. */
while ( nbytes >= blocksize )
{
int i;
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
*outbuf++ = (*ivp++ ^ *inbuf++);
nbytes -= blocksize;
}
if ( nbytes )
{ /* process the remaining bytes */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
c->unused = blocksize;
c->unused -= nbytes;
for(ivp=c->u_iv.iv; nbytes; nbytes-- )
*outbuf++ = (*ivp++ ^ *inbuf++);
}
}
static void
do_ofb_decrypt( gcry_cipher_hd_t c,
byte *outbuf, const byte *inbuf, unsigned int nbytes )
{
byte *ivp;
size_t blocksize = c->cipher->blocksize;
if( nbytes <= c->unused )
{
/* Short enough to be encoded by the remaining XOR mask. */
for (ivp=c->u_iv.iv+blocksize - c->unused; nbytes; nbytes--,c->unused--)
*outbuf++ = *ivp++ ^ *inbuf++;
return;
}
if ( c->unused )
{
nbytes -= c->unused;
for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- )
*outbuf++ = *ivp++ ^ *inbuf++;
}
/* Now we can process complete blocks. */
while ( nbytes >= blocksize )
{
int i;
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
*outbuf++ = *ivp++ ^ *inbuf++;
nbytes -= blocksize;
}
if ( nbytes )
{ /* Process the remaining bytes. */
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
c->unused = blocksize;
c->unused -= nbytes;
for (ivp=c->u_iv.iv; nbytes; nbytes-- )
*outbuf++ = *ivp++ ^ *inbuf++;
}
}
static void
do_ctr_encrypt( gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
unsigned int nbytes )
{
unsigned int n;
byte tmp[MAX_BLOCKSIZE];
int i;
for(n=0; n < nbytes; n++)
{
if ((n % c->cipher->blocksize) == 0)
{
c->cipher->encrypt (&c->context.c, tmp, c->ctr);
for (i = c->cipher->blocksize; i > 0; i--)
{
c->ctr[i-1]++;
if (c->ctr[i-1] != 0)
break;
}
}
/* XOR input with encrypted counter and store in output. */
outbuf[n] = inbuf[n] ^ tmp[n % c->cipher->blocksize];
}
}
static void
do_ctr_decrypt( gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
unsigned int nbytes )
{
do_ctr_encrypt (c, outbuf, inbuf, nbytes);
}
/****************
* Encrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same.
* Depending on the mode some contraints apply to NBYTES.
*/
static gcry_err_code_t
cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf,
const byte *inbuf, unsigned int nbytes)
{
gcry_err_code_t rc = GPG_ERR_NO_ERROR;
switch( c->mode ) {
case GCRY_CIPHER_MODE_ECB:
if (!(nbytes%c->cipher->blocksize))
do_ecb_encrypt(c, outbuf, inbuf, nbytes/c->cipher->blocksize );
else
rc = GPG_ERR_INV_ARG;
break;
case GCRY_CIPHER_MODE_CBC:
if (!(nbytes%c->cipher->blocksize)
|| (nbytes > c->cipher->blocksize
&& (c->flags & GCRY_CIPHER_CBC_CTS)))
do_cbc_encrypt(c, outbuf, inbuf, nbytes );
else
rc = GPG_ERR_INV_ARG;
break;
case GCRY_CIPHER_MODE_CFB:
do_cfb_encrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_OFB:
do_ofb_encrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_CTR:
do_ctr_encrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_STREAM:
c->cipher->stencrypt ( &c->context.c,
outbuf, (byte*)/*arggg*/inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_NONE:
if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes );
break;
default:
log_fatal("cipher_encrypt: invalid mode %d\n", c->mode );
rc = GPG_ERR_INV_CIPHER_MODE;
break;
}
return rc;
}
/****************
* Encrypt IN and write it to OUT. If IN is NULL, in-place encryption has
* been requested.
*/
gcry_error_t
gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
const void *in, size_t inlen)
{
gcry_err_code_t err;
if (!in)
/* Caller requested in-place encryption. */
/* Actually cipher_encrypt() does not need to know about it, but
* we may change it in the future to get better performance. */
err = cipher_encrypt (h, out, out, outsize);
else if (outsize < ((h->flags & GCRY_CIPHER_CBC_MAC) ?
h->cipher->blocksize : inlen))
err = GPG_ERR_TOO_SHORT;
else if ((h->mode == GCRY_CIPHER_MODE_ECB
|| (h->mode == GCRY_CIPHER_MODE_CBC
&& (! ((h->flags & GCRY_CIPHER_CBC_CTS)
&& (inlen > h->cipher->blocksize)))))
&& (inlen % h->cipher->blocksize))
err = GPG_ERR_INV_ARG;
else
err = cipher_encrypt (h, out, in, inlen);
if (err && out)
memset (out, 0x42, outsize); /* Failsafe: Make sure that the
plaintext will never make it into
OUT. */
return gcry_error (err);
}
/****************
* Decrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same.
* Depending on the mode some some contraints apply to NBYTES.
*/
static gcry_err_code_t
cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
unsigned int nbytes)
{
gcry_err_code_t rc = GPG_ERR_NO_ERROR;
switch( c->mode ) {
case GCRY_CIPHER_MODE_ECB:
if (!(nbytes%c->cipher->blocksize))
do_ecb_decrypt(c, outbuf, inbuf, nbytes/c->cipher->blocksize );
else
rc = GPG_ERR_INV_ARG;
break;
case GCRY_CIPHER_MODE_CBC:
if (!(nbytes%c->cipher->blocksize)
|| (nbytes > c->cipher->blocksize
&& (c->flags & GCRY_CIPHER_CBC_CTS)))
do_cbc_decrypt(c, outbuf, inbuf, nbytes );
else
rc = GPG_ERR_INV_ARG;
break;
case GCRY_CIPHER_MODE_CFB:
do_cfb_decrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_OFB:
do_ofb_decrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_CTR:
do_ctr_decrypt(c, outbuf, inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_STREAM:
c->cipher->stdecrypt ( &c->context.c,
outbuf, (byte*)/*arggg*/inbuf, nbytes );
break;
case GCRY_CIPHER_MODE_NONE:
if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes );
break;
default:
log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode );
rc = GPG_ERR_INV_CIPHER_MODE;
break;
}
return rc;
}
gcry_error_t
gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
const void *in, size_t inlen)
{
gcry_err_code_t err = 0;
if (!in)
/* Caller requested in-place encryption. */
/* Actually cipher_encrypt() does not need to know about it, but
* we may change it in the future to get better performance. */
err = cipher_decrypt (h, out, out, outsize);
else if (outsize < inlen)
err = GPG_ERR_TOO_SHORT;
else if (((h->mode == GCRY_CIPHER_MODE_ECB)
|| ((h->mode == GCRY_CIPHER_MODE_CBC)
&& (! ((h->flags & GCRY_CIPHER_CBC_CTS)
&& (inlen > h->cipher->blocksize)))))
&& (inlen % h->cipher->blocksize) != 0)
err = GPG_ERR_INV_ARG;
else
err = cipher_decrypt (h, out, in, inlen);
return gcry_error (err);
}
/****************
* Used for PGP's somewhat strange CFB mode. Only works if
* the corresponding flag is set.
*/
static void
cipher_sync( gcry_cipher_hd_t c )
{
if ((c->flags & GCRY_CIPHER_ENABLE_SYNC) && c->unused)
{
memmove (c->u_iv.iv + c->unused,
c->u_iv.iv, c->cipher->blocksize - c->unused);
memcpy (c->u_iv.iv,
c->lastiv + c->cipher->blocksize - c->unused, c->unused);
c->unused = 0;
}
}
gcry_error_t
gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
{
gcry_err_code_t rc = GPG_ERR_NO_ERROR;
switch (cmd)
{
case GCRYCTL_SET_KEY:
rc = cipher_setkey( h, buffer, buflen );
break;
case GCRYCTL_SET_IV:
cipher_setiv( h, buffer, buflen );
break;
case GCRYCTL_RESET:
cipher_reset (h);
break;
case GCRYCTL_CFB_SYNC:
cipher_sync( h );
break;
case GCRYCTL_SET_CBC_CTS:
if (buflen)
if (h->flags & GCRY_CIPHER_CBC_MAC)
rc = GPG_ERR_INV_FLAG;
else
h->flags |= GCRY_CIPHER_CBC_CTS;
else
h->flags &= ~GCRY_CIPHER_CBC_CTS;
break;
case GCRYCTL_SET_CBC_MAC:
if (buflen)
if (h->flags & GCRY_CIPHER_CBC_CTS)
rc = GPG_ERR_INV_FLAG;
else
h->flags |= GCRY_CIPHER_CBC_MAC;
else
h->flags &= ~GCRY_CIPHER_CBC_MAC;
break;
case GCRYCTL_DISABLE_ALGO:
/* this one expects a NULL handle and buffer pointing to an
* integer with the algo number.
*/
if( h || !buffer || buflen != sizeof(int) )
return gcry_error (GPG_ERR_CIPHER_ALGO);
disable_cipher_algo( *(int*)buffer );
break;
case GCRYCTL_SET_CTR:
if (buffer && buflen == h->cipher->blocksize)
memcpy (h->ctr, buffer, h->cipher->blocksize);
else if (buffer == NULL || buflen == 0)
memset (h->ctr, 0, h->cipher->blocksize);
else
rc = GPG_ERR_INV_ARG;
break;
default:
rc = GPG_ERR_INV_OP;
}
return gcry_error (rc);
}
/****************
* Return information about the cipher handle.
*/
gcry_error_t
gcry_cipher_info( gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
(void)h;
(void)buffer;
(void)nbytes;
switch (cmd)
{
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
/****************
* Return information about the given cipher algorithm
* WHAT select the kind of information returned:
* GCRYCTL_GET_KEYLEN:
* Return the length of the key, if the algorithm
* supports multiple key length, the maximum supported value
* is returnd. The length is return as number of octets.
* buffer and nbytes must be zero.
* The keylength is returned in _bytes_.
* GCRYCTL_GET_BLKLEN:
* Return the blocklength of the algorithm counted in octets.
* buffer and nbytes must be zero.
* GCRYCTL_TEST_ALGO:
* Returns 0 when the specified algorithm is available for use.
* buffer and nbytes must be zero.
*
* Note: Because this function is in most cases used to return an
* integer value, we can make it easier for the caller to just look at
* the return value. The caller will in all cases consult the value
* and thereby detecting whether a error occured or not (i.e. while checking
* the block size)
*/
gcry_error_t
gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
unsigned int ui;
switch (what)
{
case GCRYCTL_GET_KEYLEN:
if (buffer || (! nbytes))
err = GPG_ERR_CIPHER_ALGO;
else
{
ui = cipher_get_keylen (algo);
if ((ui > 0) && (ui <= 512))
*nbytes = (size_t) ui / 8;
else
/* The only reason is an invalid algo or a strange
blocksize. */
err = GPG_ERR_CIPHER_ALGO;
}
break;
case GCRYCTL_GET_BLKLEN:
if (buffer || (! nbytes))
err = GPG_ERR_CIPHER_ALGO;
else
{
ui = cipher_get_blocksize (algo);
if ((ui > 0) && (ui < 10000))
*nbytes = ui;
else
/* The only reason is an invalid algo or a strange
blocksize. */
err = GPG_ERR_CIPHER_ALGO;
}
break;
case GCRYCTL_TEST_ALGO:
if (buffer || nbytes)
err = GPG_ERR_INV_ARG;
else
err = check_cipher_algo (algo);
break;
default:
err = GPG_ERR_INV_OP;
}
return gcry_error (err);
}
size_t
gcry_cipher_get_algo_keylen (int algo)
{
size_t n;
if (gcry_cipher_algo_info( algo, GCRYCTL_GET_KEYLEN, NULL, &n))
n = 0;
return n;
}
size_t
gcry_cipher_get_algo_blklen (int algo)
{
size_t n;
if (gcry_cipher_algo_info( algo, GCRYCTL_GET_BLKLEN, NULL, &n))
n = 0;
return n;
}
gcry_err_code_t
_gcry_cipher_init (void)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
REGISTER_DEFAULT_CIPHERS;
return err;
}
/* Get a list consisting of the IDs of the loaded cipher modules. If
LIST is zero, write the number of loaded cipher modules to
LIST_LENGTH and return. If LIST is non-zero, the first
*LIST_LENGTH algorithm IDs are stored in LIST, which must be of
according size. In case there are less cipher modules than
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t
gcry_cipher_list (int *list, int *list_length)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
ath_mutex_lock (&ciphers_registered_lock);
err = _gcry_module_list (ciphers_registered, list, list_length);
ath_mutex_unlock (&ciphers_registered_lock);
return err;
}
diff --git a/cipher/rndw32.c b/cipher/rndw32.c
index b04482db..74007e31 100644
--- a/cipher/rndw32.c
+++ b/cipher/rndw32.c
@@ -1,963 +1,972 @@
/* rndw32.c - W32 entropy gatherer
* Copyright (C) 1999, 2000, 2002, 2003, 2007 Free Software Foundation, Inc.
* Copyright Peter Gutmann, Matt Thomlinson and Blake Coverett 1996-2006
*
* This file is part of Libgcrypt.
*
*************************************************************************
* The code here is based on code from Cryptlib 3.0 beta by Peter Gutmann.
* Source file misc/rndwin32.c "Win32 Randomness-Gathering Code" with this
* copyright notice:
*
* This module is part of the cryptlib continuously seeded pseudorandom
* number generator. For usage conditions, see lib_rand.c
*
* [Here is the notice from lib_rand.c, which is now called dev_sys.c]
*
* This module and the misc/rnd*.c modules represent the cryptlib
* continuously seeded pseudorandom number generator (CSPRNG) as described in
* my 1998 Usenix Security Symposium paper "The generation of random numbers
* for cryptographic purposes".
*
* The CSPRNG code is copyright Peter Gutmann (and various others) 1996,
* 1997, 1998, 1999, all rights reserved. Redistribution of the CSPRNG
* modules and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice
* and this permission notice in its entirety.
*
* 2. Redistributions in binary form must reproduce the copyright notice in
* the documentation and/or other materials provided with the distribution.
*
* 3. A copy of any bugfixes or enhancements made must be provided to the
* author, <pgut001@cs.auckland.ac.nz> to allow them to be added to the
* baseline version of the code.
*
* ALTERNATIVELY, the code may be distributed under the terms of the
* GNU Lesser General Public License, version 2.1 or any later version
* published by the Free Software Foundation, in which case the
* provisions of the GNU LGPL are required INSTEAD OF the above
* restrictions.
*
* Although not required under the terms of the LGPL, it would still
* be nice if you could make any changes available to the author to
* allow a consistent code base to be maintained.
*************************************************************************
* The above alternative was changed from GPL to LGPL on 2007-08-22 with
* permission from Peter Gutmann:
*==========
From: pgut001 <pgut001@cs.auckland.ac.nz>
Subject: Re: LGPL for the windows entropy gatherer
To: wk@gnupg.org
Date: Wed, 22 Aug 2007 03:05:42 +1200
Hi,
>As of now libgcrypt is GPL under Windows due to that module and some people
>would really like to see it under LGPL too. Can you do such a license change
>to LGPL version 2? Note that LGPL give the user the option to relicense it
>under GPL, so the change would be pretty easy and backwar compatible.
Sure. I assumed that since GPG was GPLd, you'd prefer the GPL for the entropy
code as well, but Ian asked for LGPL as an option so as of the next release
I'll have LGPL in there. You can consider it to be retroactive, so your
current version will be LGPLd as well.
Peter.
*==========
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <errno.h>
#include <string.h>
#ifdef __GNUC__
#include <stdint.h>
#endif
#include <windows.h>
#include "types.h"
#include "g10lib.h"
#include "rand-internal.h"
/* Definitions which are missing from the current GNU Windows32Api. */
#ifndef IOCTL_DISK_PERFORMANCE
#define IOCTL_DISK_PERFORMANCE 0x00070020
#endif
/* This used to be (6*8+5*4+8*2), but Peter Gutmann figured a larger
value in a newer release. So we use a far larger value. */
#define SIZEOF_DISK_PERFORMANCE_STRUCT 256
/* We don't include wincrypt.h so define it here. */
#define HCRYPTPROV HANDLE
/* When we query the performance counters, we allocate an initial buffer and
* then reallocate it as required until RegQueryValueEx() stops returning
* ERROR_MORE_DATA. The following values define the initial buffer size and
* step size by which the buffer is increased
*/
#define PERFORMANCE_BUFFER_SIZE 65536 /* Start at 64K */
#define PERFORMANCE_BUFFER_STEP 16384 /* Step by 16K */
/* The number of bytes to read from the system RNG on each slow poll. */
#define SYSTEMRNG_BYTES 64
/* Intel Chipset CSP type and name */
#define PROV_INTEL_SEC 22
#define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider"
/* Type definitions for function pointers to call NetAPI32 functions. */
typedef DWORD (WINAPI *NETSTATISTICSGET)(LPWSTR szServer, LPWSTR szService,
DWORD dwLevel, DWORD dwOptions,
LPBYTE *lpBuffer);
typedef DWORD (WINAPI *NETAPIBUFFERSIZE)(LPVOID lpBuffer, LPDWORD cbBuffer);
typedef DWORD (WINAPI *NETAPIBUFFERFREE)(LPVOID lpBuffer);
/* Type definitions for function pointers to call native NT functions. */
typedef DWORD (WINAPI *NTQUERYSYSTEMINFORMATION)(DWORD systemInformationClass,
PVOID systemInformation,
ULONG systemInformationLength,
PULONG returnLength);
typedef DWORD (WINAPI *NTQUERYINFORMATIONPROCESS)
(HANDLE processHandle, DWORD processInformationClass,
PVOID processInformation, ULONG processInformationLength,
PULONG returnLength);
typedef DWORD (WINAPI *NTPOWERINFORMATION)
(DWORD powerInformationClass, PVOID inputBuffer,
ULONG inputBufferLength, PVOID outputBuffer, ULONG outputBufferLength );
/* Type definitions for function pointers to call CryptoAPI functions. */
typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *phProv,
LPCTSTR pszContainer,
LPCTSTR pszProvider,
DWORD dwProvType,
DWORD dwFlags);
typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,
BYTE *pbBuffer);
typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV hProv, DWORD dwFlags);
/* Somewhat alternative functionality available as a direct call, for
Windows XP and newer. This is the CryptoAPI RNG, which isn't anywhere
near as good as the HW RNG, but we use it if it's present on the basis
that at least it can't make things any worse. This direct access version
is only available under Windows XP, we don't go out of our way to access
the more general CryptoAPI one since the main purpose of using it is to
take advantage of any possible future hardware RNGs that may be added,
for example via TCPA devices. */
typedef BOOL (WINAPI *RTLGENRANDOM)(PVOID RandomBuffer,
ULONG RandomBufferLength);
/* MBM data structures, originally by Alexander van Kaam, converted to C by
Anders@Majland.org, finally updated by Chris Zahrt <techn0@iastate.edu> */
#define BusType char
#define SMBType char
#define SensorType char
typedef struct
{
SensorType iType; /* Type of sensor. */
int Count; /* Number of sensor for that type. */
} SharedIndex;
typedef struct
{
SensorType ssType; /* Type of sensor */
unsigned char ssName[12]; /* Name of sensor */
char sspadding1[3]; /* Padding of 3 bytes */
double ssCurrent; /* Current value */
double ssLow; /* Lowest readout */
double ssHigh; /* Highest readout */
long ssCount; /* Total number of readout */
char sspadding2[4]; /* Padding of 4 bytes */
long double ssTotal; /* Total amout of all readouts */
char sspadding3[6]; /* Padding of 6 bytes */
double ssAlarm1; /* Temp & fan: high alarm; voltage: % off */
double ssAlarm2; /* Temp: low alarm */
} SharedSensor;
typedef struct
{
short siSMB_Base; /* SMBus base address */
BusType siSMB_Type; /* SMBus/Isa bus used to access chip */
SMBType siSMB_Code; /* SMBus sub type, Intel, AMD or ALi */
char siSMB_Addr; /* Address of sensor chip on SMBus */
unsigned char siSMB_Name[41]; /* Nice name for SMBus */
short siISA_Base; /* ISA base address of sensor chip on ISA */
int siChipType; /* Chip nr, connects with Chipinfo.ini */
char siVoltageSubType; /* Subvoltage option selected */
} SharedInfo;
typedef struct
{
double sdVersion; /* Version number (example: 51090) */
SharedIndex sdIndex[10]; /* Sensor index */
SharedSensor sdSensor[100]; /* Sensor info */
SharedInfo sdInfo; /* Misc.info */
unsigned char sdStart[41]; /* Start time */
/* We don't use the next two fields both because they're not random
and because it provides a nice safety margin in case of data size
mis- estimates (we always under-estimate the buffer size). */
#if 0
unsigned char sdCurrent[41]; /* Current time */
unsigned char sdPath[256]; /* MBM path */
#endif /*0*/
} SharedData;
/* One time intialized handles and function pointers. We use dynamic
loading of the DLLs to do without them in case libgcrypt does not
need any random. */
static HANDLE hNetAPI32;
static NETSTATISTICSGET pNetStatisticsGet;
static NETAPIBUFFERSIZE pNetApiBufferSize;
static NETAPIBUFFERFREE pNetApiBufferFree;
static HANDLE hNTAPI;
static NTQUERYSYSTEMINFORMATION pNtQuerySystemInformation;
static NTQUERYINFORMATIONPROCESS pNtQueryInformationProcess;
static NTPOWERINFORMATION pNtPowerInformation;
static HANDLE hAdvAPI32;
static CRYPTACQUIRECONTEXT pCryptAcquireContext;
static CRYPTGENRANDOM pCryptGenRandom;
static CRYPTRELEASECONTEXT pCryptReleaseContext;
static RTLGENRANDOM pRtlGenRandom;
/* Other module global variables. */
static int system_rng_available; /* Whether a system RNG is available. */
static HCRYPTPROV hRNGProv; /* Handle to Intel RNG CSP. */
static int debug_me; /* Debug flag. */
/* Try and connect to the system RNG if there's one present. */
static void
init_system_rng (void)
{
system_rng_available = 0;
hRNGProv = NULL;
hAdvAPI32 = GetModuleHandle ("AdvAPI32.dll");
if (!hAdvAPI32)
return;
pCryptAcquireContext = (CRYPTACQUIRECONTEXT)
GetProcAddress (hAdvAPI32, "CryptAcquireContextA");
pCryptGenRandom = (CRYPTGENRANDOM)
GetProcAddress (hAdvAPI32, "CryptGenRandom");
pCryptReleaseContext = (CRYPTRELEASECONTEXT)
GetProcAddress (hAdvAPI32, "CryptReleaseContext");
/* Get a pointer to the native randomness function if it's available.
This isn't exported by name, so we have to get it by ordinal. */
pRtlGenRandom = (RTLGENRANDOM)
GetProcAddress (hAdvAPI32, "SystemFunction036");
/* Try and connect to the PIII RNG CSP. The AMD 768 southbridge (from
the 760 MP chipset) also has a hardware RNG, but there doesn't appear
to be any driver support for this as there is for the Intel RNG so we
can't do much with it. OTOH the Intel RNG is also effectively dead
as well, mostly due to virtually nonexistant support/marketing by
Intel, it's included here mostly for form's sake. */
if ( (!pCryptAcquireContext || !pCryptGenRandom || !pCryptReleaseContext
|| !pCryptAcquireContext (&hRNGProv, NULL, INTEL_DEF_PROV,
PROV_INTEL_SEC, 0) )
&& !pRtlGenRandom)
{
hAdvAPI32 = NULL;
}
else
system_rng_available = 1;
}
/* Read data from the system RNG if availavle. */
static void
read_system_rng (void (*add)(const void*, size_t, enum random_origins),
enum random_origins requester)
{
BYTE buffer[ SYSTEMRNG_BYTES + 8 ];
int quality = 0;
if (!system_rng_available)
return;
/* Read SYSTEMRNG_BYTES bytes from the system RNG. We don't rely on
this for all our randomness requirements (particularly the
software RNG) in case it's broken in some way. */
if (hRNGProv)
{
if (pCryptGenRandom (hRNGProv, SYSTEMRNG_BYTES, buffer))
quality = 80;
}
else if (pRtlGenRandom)
{
if ( pRtlGenRandom (buffer, SYSTEMRNG_BYTES))
quality = 50;
}
if (quality > 0)
{
if (debug_me)
log_debug ("rndw32#read_system_rng: got %d bytes of quality %d\n",
SYSTEMRNG_BYTES, quality);
(*add) (buffer, SYSTEMRNG_BYTES, requester);
wipememory (buffer, SYSTEMRNG_BYTES);
}
}
/* Read data from MBM. This communicates via shared memory, so all we
need to do is map a file and read the data out. */
static void
read_mbm_data (void (*add)(const void*, size_t, enum random_origins),
enum random_origins requester)
{
HANDLE hMBMData;
SharedData *mbmDataPtr;
hMBMData = OpenFileMapping (FILE_MAP_READ, FALSE, "$M$B$M$5$S$D$" );
if (hMBMData)
{
mbmDataPtr = (SharedData*)MapViewOfFile (hMBMData, FILE_MAP_READ,0,0,0);
if (mbmDataPtr)
{
if (debug_me)
log_debug ("rndw32#read_mbm_data: got %d bytes\n",
(int)sizeof (SharedData));
(*add) (mbmDataPtr, sizeof (SharedData), requester);
UnmapViewOfFile (mbmDataPtr);
}
CloseHandle (hMBMData);
}
}
/* Fallback method using the registry to poll the statistics. */
static void
registry_poll (void (*add)(const void*, size_t, enum random_origins),
enum random_origins requester)
{
static int cbPerfData = PERFORMANCE_BUFFER_SIZE;
int iterations;
DWORD dwSize, status;
PERF_DATA_BLOCK *pPerfData;
/* Get information from the system performance counters. This can take a
few seconds to do. In some environments the call to RegQueryValueEx()
can produce an access violation at some random time in the future, in
some cases adding a short delay after the following code block makes
the problem go away. This problem is extremely difficult to
reproduce, I haven't been able to get it to occur despite running it
on a number of machines. MS knowledge base article Q178887 covers
this type of problem, it's typically caused by an external driver or
other program that adds its own values under the
HKEY_PERFORMANCE_DATA key. The NT kernel, via Advapi32.dll, calls the
required external module to map in the data inside an SEH try/except
block, so problems in the module's collect function don't pop up until
after it has finished, so the fault appears to occur in Advapi32.dll.
There may be problems in the NT kernel as well though, a low-level
memory checker indicated that ExpandEnvironmentStrings() in
Kernel32.dll, called an interminable number of calls down inside
RegQueryValueEx(), was overwriting memory (it wrote twice the
allocated size of a buffer to a buffer allocated by the NT kernel).
OTOH this could be coming from the external module calling back into
the kernel, which eventually causes the problem described above.
Possibly as an extension of the problem that the krnlWaitSemaphore()
call above works around, running two instances of cryptlib (e.g. two
applications that use it) under NT4 can result in one of them hanging
in the RegQueryValueEx() call. This happens only under NT4 and is
hard to reproduce in any consistent manner.
One workaround that helps a bit is to read the registry as a remote
(rather than local) registry, it's possible that the use of a network
RPC call isolates the calling app from the problem in that whatever
service handles the RPC is taking the hit and not affecting the
calling app. Since this would require another round of extensive
testing to verify and the NT native API call is working fine, we'll
stick with the native API call for now.
Some versions of NT4 had a problem where the amount of data returned
was mis-reported and would never settle down, because of this the code
below includes a safety-catch that bails out after 10 attempts have
been made, this results in no data being returned but at does ensure
that the thread will terminate.
In addition to these problems the code in RegQueryValueEx() that
estimates the amount of memory required to return the performance
counter information isn't very accurate (it's much worse than the
"slightly-inaccurate" level that the MS docs warn about, it's usually
wildly off) since it always returns a worst-case estimate which is
usually nowhere near the actual amount required. For example it may
report that 128K of memory is required, but only return 64K of data.
Even worse than the registry-based performance counters is the
performance data helper (PDH) shim that tries to make the counters
look like the old Win16 API (which is also used by Win95). Under NT
this can consume tens of MB of memory and huge amounts of CPU time
while it gathers its data, and even running once can still consume
about 1/2MB of memory */
pPerfData = gcry_xmalloc (cbPerfData);
for (iterations=0; iterations < 10; iterations++)
{
dwSize = cbPerfData;
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: get perf data\n" );
status = RegQueryValueEx (HKEY_PERFORMANCE_DATA, "Global", NULL,
NULL, (LPBYTE) pPerfData, &dwSize);
if (status == ERROR_SUCCESS)
{
if (!memcmp (pPerfData->Signature, L"PERF", 8))
(*add) ( pPerfData, dwSize, requester );
else
log_debug ("rndw32: no PERF signature\n");
break;
}
else if (status == ERROR_MORE_DATA)
{
cbPerfData += PERFORMANCE_BUFFER_STEP;
pPerfData = gcry_xrealloc (pPerfData, cbPerfData);
}
else
{
- log_debug ("rndw32: get performance data problem: ec=%ld\n",
- status);
+ static int been_here;
+
+ /* Silence the error message. In particular under Wine (as
+ of 2008) we would get swamped with such diagnotiscs. One
+ such diagnotiscs should be enough. */
+ if (been_here != status)
+ {
+ been_here = status;
+ log_debug ("rndw32: get performance data problem: ec=%ld\n",
+ status);
+ }
break;
}
}
gcry_free (pPerfData);
/* Although this isn't documented in the Win32 API docs, it's necessary
to explicitly close the HKEY_PERFORMANCE_DATA key after use (it's
implicitly opened on the first call to RegQueryValueEx()). If this
isn't done then any system components which provide performance data
can't be removed or changed while the handle remains active. */
RegCloseKey (HKEY_PERFORMANCE_DATA);
}
static void
slow_gatherer ( void (*add)(const void*, size_t, enum random_origins),
enum random_origins requester )
{
static int is_initialized = 0;
static int is_workstation = 1;
HANDLE hDevice;
DWORD dwType, dwSize, dwResult;
ULONG ulSize;
int drive_no, status;
int no_results = 0;
void *buffer;
if ( !is_initialized )
{
HKEY hKey;
if ( debug_me )
log_debug ("rndw32#slow_gatherer: init toolkit\n" );
/* Find out whether this is an NT server or workstation if necessary */
if (RegOpenKeyEx (HKEY_LOCAL_MACHINE,
"SYSTEM\\CurrentControlSet\\Control\\ProductOptions",
0, KEY_READ, &hKey) == ERROR_SUCCESS)
{
BYTE szValue[32 + 8];
dwSize = 32;
if ( debug_me )
log_debug ("rndw32#slow_gatherer: check product options\n" );
status = RegQueryValueEx (hKey, "ProductType", 0, NULL,
szValue, &dwSize);
if (status == ERROR_SUCCESS && stricmp (szValue, "WinNT"))
{
/* Note: There are (at least) three cases for ProductType:
WinNT = NT Workstation, ServerNT = NT Server, LanmanNT =
NT Server acting as a Domain Controller. */
is_workstation = 0;
if ( debug_me )
log_debug ("rndw32: this is a NT server\n");
}
RegCloseKey (hKey);
}
/* The following are fixed for the lifetime of the process so we
only add them once */
/* readPnPData (); - we have not implemented that. */
/* Initialize the NetAPI32 function pointers if necessary */
hNetAPI32 = LoadLibrary ("NETAPI32.DLL");
if (hNetAPI32)
{
if (debug_me)
log_debug ("rndw32#slow_gatherer: netapi32 loaded\n" );
pNetStatisticsGet = (NETSTATISTICSGET)
GetProcAddress (hNetAPI32, "NetStatisticsGet");
pNetApiBufferSize = (NETAPIBUFFERSIZE)
GetProcAddress (hNetAPI32, "NetApiBufferSize");
pNetApiBufferFree = (NETAPIBUFFERFREE)
GetProcAddress (hNetAPI32, "NetApiBufferFree");
if (!pNetStatisticsGet || !pNetApiBufferSize || !pNetApiBufferFree)
{
FreeLibrary (hNetAPI32);
hNetAPI32 = NULL;
log_debug ("rndw32: No NETAPI found\n" );
}
}
/* Initialize the NT kernel native API function pointers if necessary */
hNTAPI = GetModuleHandle ("NTDll.dll");
if (hNTAPI)
{
/* Get a pointer to the NT native information query functions */
pNtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)
GetProcAddress (hNTAPI, "NtQuerySystemInformation");
pNtQueryInformationProcess = (NTQUERYINFORMATIONPROCESS)
GetProcAddress (hNTAPI, "NtQueryInformationProcess");
pNtPowerInformation = (NTPOWERINFORMATION)
GetProcAddress(hNTAPI, "NtPowerInformation");
if (!pNtQuerySystemInformation || !pNtQueryInformationProcess)
hNTAPI = NULL;
}
is_initialized = 1;
}
read_system_rng ( add, requester );
read_mbm_data ( add, requester );
/* Get network statistics. Note: Both NT Workstation and NT Server by
default will be running both the workstation and server services. The
heuristic below is probably useful though on the assumption that the
majority of the network traffic will be via the appropriate service.
In any case the network statistics return almost no randomness. */
{
LPBYTE lpBuffer;
if (hNetAPI32
&& !pNetStatisticsGet (NULL,
is_workstation ? L"LanmanWorkstation" :
L"LanmanServer", 0, 0, &lpBuffer))
{
if ( debug_me )
log_debug ("rndw32#slow_gatherer: get netstats\n" );
pNetApiBufferSize (lpBuffer, &dwSize);
(*add) ( lpBuffer, dwSize, requester );
pNetApiBufferFree (lpBuffer);
}
}
/* Get disk I/O statistics for all the hard drives. 100 is an
arbitrary failsafe limit. */
for (drive_no = 0; drive_no < 100 ; drive_no++)
{
char diskPerformance[SIZEOF_DISK_PERFORMANCE_STRUCT + 8];
char szDevice[50];
/* Check whether we can access this device. */
snprintf (szDevice, sizeof szDevice, "\\\\.\\PhysicalDrive%d",
drive_no);
hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, OPEN_EXISTING, 0, NULL);
if (hDevice == INVALID_HANDLE_VALUE)
break; /* No more drives. */
/* Note: This only works if you have turned on the disk performance
counters with 'diskperf -y'. These counters are off by default. */
dwSize = sizeof diskPerformance;
if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0,
diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
&dwSize, NULL))
{
if ( debug_me )
log_debug ("rndw32#slow_gatherer: iostat drive %d\n",
drive_no);
(*add) (diskPerformance, dwSize, requester);
}
else
{
log_info ("NOTE: you should run 'diskperf -y' "
"to enable the disk statistics\n");
}
CloseHandle (hDevice);
}
/* In theory we should be using the Win32 performance query API to obtain
unpredictable data from the system, however this is so unreliable (see
the multiple sets of comments in registryPoll()) that it's too risky
to rely on it except as a fallback in emergencies. Instead, we rely
mostly on the NT native API function NtQuerySystemInformation(), which
has the dual advantages that it doesn't have as many (known) problems
as the Win32 equivalent and that it doesn't access the data indirectly
via pseudo-registry keys, which means that it's much faster. Note
that the Win32 equivalent actually works almost all of the time, the
problem is that on one or two systems it can fail in strange ways that
are never the same and can't be reproduced on any other system, which
is why we use the native API here. Microsoft officially documented
this function in early 2003, so it'll be fairly safe to use. */
if ( !hNTAPI )
{
registry_poll (add, requester);
return;
}
/* Scan the first 64 possible information types (we don't bother with
increasing the buffer size as we do with the Win32 version of the
performance data read, we may miss a few classes but it's no big deal).
This scan typically yields around 20 pieces of data, there's nothing
in the range 65...128 so chances are there won't be anything above
there either. */
buffer = gcry_xmalloc (PERFORMANCE_BUFFER_SIZE);
for (dwType = 0; dwType < 64; dwType++)
{
switch (dwType)
{
/* Some information types are write-only (the IDs are shared with
a set-information call), we skip these. */
case 26: case 27: case 38: case 46: case 47: case 48: case 52:
continue;
/* ID 53 = SystemSessionProcessInformation reads input from the
output buffer, which has to contain a session ID and pointer
to the actual buffer in which to store the session information.
Because this isn't a standard query, we skip this. */
case 53:
continue;
}
/* Query the info for this ID. Some results (for example for
ID = 6, SystemCallCounts) are only available in checked builds
of the kernel. A smaller subcless of results require that
certain system config flags be set, for example
SystemObjectInformation requires that the
FLG_MAINTAIN_OBJECT_TYPELIST be set in NtGlobalFlags. To avoid
having to special-case all of these, we try reading each one and
only use those for which we get a success status. */
dwResult = pNtQuerySystemInformation (dwType, buffer,
PERFORMANCE_BUFFER_SIZE - 2048,
&ulSize);
if (dwResult != ERROR_SUCCESS)
continue;
/* Some calls (e.g. ID = 23, SystemProcessorStatistics, and ID = 24,
SystemDpcInformation) incorrectly return a length of zero, so we
manually adjust the length to the correct value. */
if ( !ulSize )
{
if (dwType == 23)
ulSize = 6 * sizeof (ULONG);
else if (dwType == 24)
ulSize = 5 * sizeof (ULONG);
}
/* If we got some data back, add it to the entropy pool. */
if (ulSize > 0 && ulSize <= PERFORMANCE_BUFFER_SIZE - 2048)
{
if (debug_me)
log_debug ("rndw32#slow_gatherer: %lu bytes from sysinfo %ld\n",
ulSize, dwType);
(*add) (buffer, ulSize, requester);
no_results++;
}
}
/* Now we would do the same for the process information. This
call would rather ugly in that it requires an exact length
match for the data returned, failing with a
STATUS_INFO_LENGTH_MISMATCH error code (0xC0000004) if the
length isn't an exact match. It requires a compiler to handle
complex nested structs, alignment issues, and so on, and
without the headers in which the entries are declared it's
almost impossible to do. Thus we don't. */
/* Finally, do the same for the system power status information. There
are only a limited number of useful information types available so we
restrict ourselves to the useful types. In addition since this
function doesn't return length information, we have to hardcode in
length data. */
if (pNtPowerInformation)
{
static const struct { int type; int size; } powerInfo[] = {
{ 0, 128 }, /* SystemPowerPolicyAc */
{ 1, 128 }, /* SystemPowerPolicyDc */
{ 4, 64 }, /* SystemPowerCapabilities */
{ 5, 48 }, /* SystemBatteryState */
{ 11, 48 }, /* ProcessorInformation */
{ 12, 24 }, /* SystemPowerInformation */
{ -1, -1 }
};
int i;
/* The 100 is a failsafe limit. */
for (i = 0; powerInfo[i].type != -1 && i < 100; i++ )
{
/* Query the info for this ID */
dwResult = pNtPowerInformation (powerInfo[i].type, NULL, 0, buffer,
PERFORMANCE_BUFFER_SIZE - 2048);
if (dwResult != ERROR_SUCCESS)
continue;
if (debug_me)
log_debug ("rndw32#slow_gatherer: %u bytes from powerinfo %d\n",
powerInfo[i].size, i);
(*add) (buffer, powerInfo[i].size, requester);
no_results++;
}
assert (i < 100);
}
gcry_free (buffer);
/* We couldn't get enough results from the kernel, fall back to the
somewhat troublesome registry poll. */
if (no_results < 15)
registry_poll (add, requester);
}
int
_gcry_rndw32_gather_random (void (*add)(const void*, size_t,
enum random_origins),
enum random_origins origin,
size_t length, int level )
{
static int is_initialized;
if (!level)
return 0;
/* We don't differentiate between level 1 and 2 here because there
is no internal entropy pool as a scary resource. It may all work
slower, but because our entropy source will never block but
deliver some not easy to measure entropy, we assume level 2. */
if (!is_initialized)
{
OSVERSIONINFO osvi = { sizeof( osvi ) };
GetVersionEx( &osvi );
if ( osvi.dwPlatformId != VER_PLATFORM_WIN32_NT)
log_fatal ("can only run on a Windows NT platform\n" );
init_system_rng ();
is_initialized = 1;
}
if (debug_me)
log_debug ("rndw32#gather_random: ori=%d len=%u lvl=%d\n",
origin, (unsigned int)length, level );
slow_gatherer (add, origin);
return 0;
}
void
_gcry_rndw32_gather_random_fast (void (*add)(const void*, size_t,
enum random_origins),
enum random_origins origin)
{
static int addedFixedItems = 0;
if ( debug_me )
log_debug ("rndw32#gather_random_fast: ori=%d\n", origin );
/* Get various basic pieces of system information: Handle of active
window, handle of window with mouse capture, handle of clipboard
owner handle of start of clpboard viewer list, pseudohandle of
current process, current process ID, pseudohandle of current
thread, current thread ID, handle of desktop window, handle of
window with keyboard focus, whether system queue has any events,
cursor position for last message, 1 ms time for last message,
handle of window with clipboard open, handle of process heap,
handle of procs window station, types of events in input queue,
and milliseconds since Windows was started. */
{
byte buffer[20*sizeof(ulong)], *bufptr;
bufptr = buffer;
#define ADD(f) do { ulong along = (ulong)(f); \
memcpy (bufptr, &along, sizeof (along) ); \
bufptr += sizeof (along); \
} while (0)
ADD ( GetActiveWindow ());
ADD ( GetCapture ());
ADD ( GetClipboardOwner ());
ADD ( GetClipboardViewer ());
ADD ( GetCurrentProcess ());
ADD ( GetCurrentProcessId ());
ADD ( GetCurrentThread ());
ADD ( GetCurrentThreadId ());
ADD ( GetDesktopWindow ());
ADD ( GetFocus ());
ADD ( GetInputState ());
ADD ( GetMessagePos ());
ADD ( GetMessageTime ());
ADD ( GetOpenClipboardWindow ());
ADD ( GetProcessHeap ());
ADD ( GetProcessWindowStation ());
ADD ( GetQueueStatus (QS_ALLEVENTS));
ADD ( GetTickCount ());
assert ( bufptr-buffer < sizeof (buffer) );
(*add) ( buffer, bufptr-buffer, origin );
#undef ADD
}
/* Get multiword system information: Current caret position, current
mouse cursor position. */
{
POINT point;
GetCaretPos (&point);
(*add) ( &point, sizeof (point), origin );
GetCursorPos (&point);
(*add) ( &point, sizeof (point), origin );
}
/* Get percent of memory in use, bytes of physical memory, bytes of
free physical memory, bytes in paging file, free bytes in paging
file, user bytes of address space, and free user bytes. */
{
MEMORYSTATUS memoryStatus;
memoryStatus.dwLength = sizeof (MEMORYSTATUS);
GlobalMemoryStatus (&memoryStatus);
(*add) ( &memoryStatus, sizeof (memoryStatus), origin );
}
/* Get thread and process creation time, exit time, time in kernel
mode, and time in user mode in 100ns intervals. */
{
HANDLE handle;
FILETIME creationTime, exitTime, kernelTime, userTime;
DWORD minimumWorkingSetSize, maximumWorkingSetSize;
handle = GetCurrentThread ();
GetThreadTimes (handle, &creationTime, &exitTime,
&kernelTime, &userTime);
(*add) ( &creationTime, sizeof (creationTime), origin );
(*add) ( &exitTime, sizeof (exitTime), origin );
(*add) ( &kernelTime, sizeof (kernelTime), origin );
(*add) ( &userTime, sizeof (userTime), origin );
handle = GetCurrentProcess ();
GetProcessTimes (handle, &creationTime, &exitTime,
&kernelTime, &userTime);
(*add) ( &creationTime, sizeof (creationTime), origin );
(*add) ( &exitTime, sizeof (exitTime), origin );
(*add) ( &kernelTime, sizeof (kernelTime), origin );
(*add) ( &userTime, sizeof (userTime), origin );
/* Get the minimum and maximum working set size for the current
process. */
GetProcessWorkingSetSize (handle, &minimumWorkingSetSize,
&maximumWorkingSetSize);
(*add) ( &minimumWorkingSetSize,
sizeof (minimumWorkingSetSize), origin );
(*add) ( &maximumWorkingSetSize,
sizeof (maximumWorkingSetSize), origin );
}
/* The following are fixed for the lifetime of the process so we only
* add them once */
if (!addedFixedItems)
{
STARTUPINFO startupInfo;
/* Get name of desktop, console window title, new window
position and size, window flags, and handles for stdin,
stdout, and stderr. */
startupInfo.cb = sizeof (STARTUPINFO);
GetStartupInfo (&startupInfo);
(*add) ( &startupInfo, sizeof (STARTUPINFO), origin );
addedFixedItems = 1;
}
/* The performance of QPC varies depending on the architecture it's
running on and on the OS, the MS documentation is vague about the
details because it varies so much. Under Win9x/ME it reads the
1.193180 MHz PIC timer. Under NT/Win2K/XP it may or may not read the
64-bit TSC depending on the HAL and assorted other circumstances,
generally on machines with a uniprocessor HAL
KeQueryPerformanceCounter() uses a 3.579545MHz timer and on machines
with a multiprocessor or APIC HAL it uses the TSC (the exact time
source is controlled by the HalpUse8254 flag in the kernel). That
choice of time sources is somewhat peculiar because on a
multiprocessor machine it's theoretically possible to get completely
different TSC readings depending on which CPU you're currently
running on, while for uniprocessor machines it's not a problem.
However, the kernel appears to synchronise the TSCs across CPUs at
boot time (it resets the TSC as part of its system init), so this
shouldn't really be a problem. Under WinCE it's completely platform-
dependant, if there's no hardware performance counter available, it
uses the 1ms system timer.
Another feature of the TSC (although it doesn't really affect us here)
is that mobile CPUs will turn off the TSC when they idle, Pentiums
will change the rate of the counter when they clock-throttle (to
match the current CPU speed), and hyperthreading Pentiums will turn
it off when both threads are idle (this more or less makes sense,
since the CPU will be in the halted state and not executing any
instructions to count).
To make things unambiguous, we detect a CPU new enough to call RDTSC
directly by checking for CPUID capabilities, and fall back to QPC if
this isn't present. */
#ifdef __GNUC__
/* FIXME: We need to implement the CPU feature tests first. */
/* if (cpu_has_feature_rdtsc) */
/* { */
/* uint32_t lo, hi; */
/* We cannot use "=A", since this would use %rax on x86_64. */
/* __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi)); */
/* Ignore high 32 bits, hwich are >1s res. */
/* (*add) (&lo, 4, origin ); */
/* } */
/* else */
#endif /*!__GNUC__*/
{
LARGE_INTEGER performanceCount;
if (QueryPerformanceCounter (&performanceCount))
{
if ( debug_me )
log_debug ("rndw32#gather_random_fast: perf data\n");
(*add) (&performanceCount, sizeof (performanceCount), origin);
}
else
{
/* Millisecond accuracy at best... */
DWORD aword = GetTickCount ();
(*add) (&aword, sizeof (aword), origin );
}
}
}
diff --git a/cipher/sha1.c b/cipher/sha1.c
index 9c81f680..fe80aba8 100644
--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@@ -1,371 +1,529 @@
/* sha1.c - SHA1 hash function
- * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2001, 2002, 2003, 2008 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
/* Test vectors:
*
* "abc"
* A999 3E36 4706 816A BA3E 2571 7850 C26C 9CD0 D89D
*
* "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
* 8498 3E44 1C3B D26E BAAE 4AA1 F951 29E5 E546 70F1
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
#include "g10lib.h"
#include "memory.h"
#include "bithelp.h"
#include "cipher.h"
-typedef struct {
- u32 h0,h1,h2,h3,h4;
- u32 nblocks;
- byte buf[64];
- int count;
+
+/* A macro to test whether P is properly aligned for an u32 type.
+ Note that config.h provides a suitable replacement for uintptr_t if
+ it does not exist in stdint.h. */
+#if __GNUC__ >= 2
+# define U32_ALIGNED_P(p) (!(((uintptr_t)p) % __alignof__ (u32)))
+#else
+# define U32_ALIGNED_P(p) (!(((uintptr_t)p) % sizeof (u32)))
+#endif
+
+#if WORDS_BIGENDIAN
+#define TRANSFORM(x,d,n) do { if (U32_ALIGNED_P ((x))) \
+ transform_aligned ((x), (d), (n)); \
+ else \
+ transform ((x), (d), (n)); \
+ } while (0)
+#else
+#define TRANSFORM(x,d,n) transform ((x), (d), (n))
+#endif
+
+
+
+typedef struct
+{
+ u32 h0,h1,h2,h3,h4;
+ u32 nblocks;
+ unsigned char buf[64];
+ int count;
} SHA1_CONTEXT;
+
static void
sha1_init (void *context)
{
SHA1_CONTEXT *hd = context;
hd->h0 = 0x67452301;
hd->h1 = 0xefcdab89;
hd->h2 = 0x98badcfe;
hd->h3 = 0x10325476;
hd->h4 = 0xc3d2e1f0;
hd->nblocks = 0;
hd->count = 0;
}
-/****************
- * Transform the message X which consists of 16 32-bit-words
- */
-static void
-transform ( SHA1_CONTEXT *hd, const unsigned char *data )
-{
- register u32 a,b,c,d,e,tm;
- u32 x[16];
-
- /* Get values from the chaining vars. */
- a = hd->h0;
- b = hd->h1;
- c = hd->h2;
- d = hd->h3;
- e = hd->h4;
-
-#ifdef WORDS_BIGENDIAN
- memcpy( x, data, 64 );
-#else
- {
- int i;
- byte *p2;
- for(i=0, p2=(byte*)x; i < 16; i++, p2 += 4 )
- {
- p2[3] = *data++;
- p2[2] = *data++;
- p2[1] = *data++;
- p2[0] = *data++;
- }
- }
-#endif
-
-
+/* Round function macros. */
#define K1 0x5A827999L
#define K2 0x6ED9EBA1L
#define K3 0x8F1BBCDCL
#define K4 0xCA62C1D6L
#define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) )
#define F2(x,y,z) ( x ^ y ^ z )
#define F3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) )
#define F4(x,y,z) ( x ^ y ^ z )
-
-
-#define M(i) ( tm = x[i&0x0f] ^ x[(i-14)&0x0f] \
- ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f] \
- , (x[i&0x0f] = rol(tm, 1)) )
-
+#define M(i) ( tm = x[ i &0x0f] \
+ ^ x[(i-14)&0x0f] \
+ ^ x[(i-8) &0x0f] \
+ ^ x[(i-3) &0x0f], \
+ (x[i&0x0f] = rol(tm, 1)))
#define R(a,b,c,d,e,f,k,m) do { e += rol( a, 5 ) \
- + f( b, c, d ) \
- + k \
- + m; \
+ + f( b, c, d ) \
+ + k \
+ + m; \
b = rol( b, 30 ); \
} while(0)
- R( a, b, c, d, e, F1, K1, x[ 0] );
- R( e, a, b, c, d, F1, K1, x[ 1] );
- R( d, e, a, b, c, F1, K1, x[ 2] );
- R( c, d, e, a, b, F1, K1, x[ 3] );
- R( b, c, d, e, a, F1, K1, x[ 4] );
- R( a, b, c, d, e, F1, K1, x[ 5] );
- R( e, a, b, c, d, F1, K1, x[ 6] );
- R( d, e, a, b, c, F1, K1, x[ 7] );
- R( c, d, e, a, b, F1, K1, x[ 8] );
- R( b, c, d, e, a, F1, K1, x[ 9] );
- R( a, b, c, d, e, F1, K1, x[10] );
- R( e, a, b, c, d, F1, K1, x[11] );
- R( d, e, a, b, c, F1, K1, x[12] );
- R( c, d, e, a, b, F1, K1, x[13] );
- R( b, c, d, e, a, F1, K1, x[14] );
- R( a, b, c, d, e, F1, K1, x[15] );
- R( e, a, b, c, d, F1, K1, M(16) );
- R( d, e, a, b, c, F1, K1, M(17) );
- R( c, d, e, a, b, F1, K1, M(18) );
- R( b, c, d, e, a, F1, K1, M(19) );
- R( a, b, c, d, e, F2, K2, M(20) );
- R( e, a, b, c, d, F2, K2, M(21) );
- R( d, e, a, b, c, F2, K2, M(22) );
- R( c, d, e, a, b, F2, K2, M(23) );
- R( b, c, d, e, a, F2, K2, M(24) );
- R( a, b, c, d, e, F2, K2, M(25) );
- R( e, a, b, c, d, F2, K2, M(26) );
- R( d, e, a, b, c, F2, K2, M(27) );
- R( c, d, e, a, b, F2, K2, M(28) );
- R( b, c, d, e, a, F2, K2, M(29) );
- R( a, b, c, d, e, F2, K2, M(30) );
- R( e, a, b, c, d, F2, K2, M(31) );
- R( d, e, a, b, c, F2, K2, M(32) );
- R( c, d, e, a, b, F2, K2, M(33) );
- R( b, c, d, e, a, F2, K2, M(34) );
- R( a, b, c, d, e, F2, K2, M(35) );
- R( e, a, b, c, d, F2, K2, M(36) );
- R( d, e, a, b, c, F2, K2, M(37) );
- R( c, d, e, a, b, F2, K2, M(38) );
- R( b, c, d, e, a, F2, K2, M(39) );
- R( a, b, c, d, e, F3, K3, M(40) );
- R( e, a, b, c, d, F3, K3, M(41) );
- R( d, e, a, b, c, F3, K3, M(42) );
- R( c, d, e, a, b, F3, K3, M(43) );
- R( b, c, d, e, a, F3, K3, M(44) );
- R( a, b, c, d, e, F3, K3, M(45) );
- R( e, a, b, c, d, F3, K3, M(46) );
- R( d, e, a, b, c, F3, K3, M(47) );
- R( c, d, e, a, b, F3, K3, M(48) );
- R( b, c, d, e, a, F3, K3, M(49) );
- R( a, b, c, d, e, F3, K3, M(50) );
- R( e, a, b, c, d, F3, K3, M(51) );
- R( d, e, a, b, c, F3, K3, M(52) );
- R( c, d, e, a, b, F3, K3, M(53) );
- R( b, c, d, e, a, F3, K3, M(54) );
- R( a, b, c, d, e, F3, K3, M(55) );
- R( e, a, b, c, d, F3, K3, M(56) );
- R( d, e, a, b, c, F3, K3, M(57) );
- R( c, d, e, a, b, F3, K3, M(58) );
- R( b, c, d, e, a, F3, K3, M(59) );
- R( a, b, c, d, e, F4, K4, M(60) );
- R( e, a, b, c, d, F4, K4, M(61) );
- R( d, e, a, b, c, F4, K4, M(62) );
- R( c, d, e, a, b, F4, K4, M(63) );
- R( b, c, d, e, a, F4, K4, M(64) );
- R( a, b, c, d, e, F4, K4, M(65) );
- R( e, a, b, c, d, F4, K4, M(66) );
- R( d, e, a, b, c, F4, K4, M(67) );
- R( c, d, e, a, b, F4, K4, M(68) );
- R( b, c, d, e, a, F4, K4, M(69) );
- R( a, b, c, d, e, F4, K4, M(70) );
- R( e, a, b, c, d, F4, K4, M(71) );
- R( d, e, a, b, c, F4, K4, M(72) );
- R( c, d, e, a, b, F4, K4, M(73) );
- R( b, c, d, e, a, F4, K4, M(74) );
- R( a, b, c, d, e, F4, K4, M(75) );
- R( e, a, b, c, d, F4, K4, M(76) );
- R( d, e, a, b, c, F4, K4, M(77) );
- R( c, d, e, a, b, F4, K4, M(78) );
- R( b, c, d, e, a, F4, K4, M(79) );
-
- /* Update chaining vars. */
- hd->h0 += a;
- hd->h1 += b;
- hd->h2 += c;
- hd->h3 += d;
- hd->h4 += e;
+
+
+/*
+ * Transform NBLOCKS of each 64 bytes (16 32-bit words) at DATA.
+ * Unaligned version.
+ */
+static void
+transform (SHA1_CONTEXT *hd, const unsigned char *data, size_t nblocks)
+{
+ register u32 a, b, c, d, e; /* Local copies of the chaining variables. */
+ register u32 tm; /* Helper. */
+ u32 x[16]; /* The array we work on. */
+
+ /* Loop over all blocks. */
+ for ( ;nblocks; nblocks--)
+ {
+#ifdef WORDS_BIGENDIAN
+ memcpy (x, data, 64);
+ data += 64;
+#else
+ {
+ int i;
+ unsigned char *p;
+
+ for(i=0, p=(unsigned char*)x; i < 16; i++, p += 4 )
+ {
+ p[3] = *data++;
+ p[2] = *data++;
+ p[1] = *data++;
+ p[0] = *data++;
+ }
+ }
+#endif
+ /* Get the values of the chaining variables. */
+ a = hd->h0;
+ b = hd->h1;
+ c = hd->h2;
+ d = hd->h3;
+ e = hd->h4;
+
+ /* Transform. */
+ R( a, b, c, d, e, F1, K1, x[ 0] );
+ R( e, a, b, c, d, F1, K1, x[ 1] );
+ R( d, e, a, b, c, F1, K1, x[ 2] );
+ R( c, d, e, a, b, F1, K1, x[ 3] );
+ R( b, c, d, e, a, F1, K1, x[ 4] );
+ R( a, b, c, d, e, F1, K1, x[ 5] );
+ R( e, a, b, c, d, F1, K1, x[ 6] );
+ R( d, e, a, b, c, F1, K1, x[ 7] );
+ R( c, d, e, a, b, F1, K1, x[ 8] );
+ R( b, c, d, e, a, F1, K1, x[ 9] );
+ R( a, b, c, d, e, F1, K1, x[10] );
+ R( e, a, b, c, d, F1, K1, x[11] );
+ R( d, e, a, b, c, F1, K1, x[12] );
+ R( c, d, e, a, b, F1, K1, x[13] );
+ R( b, c, d, e, a, F1, K1, x[14] );
+ R( a, b, c, d, e, F1, K1, x[15] );
+ R( e, a, b, c, d, F1, K1, M(16) );
+ R( d, e, a, b, c, F1, K1, M(17) );
+ R( c, d, e, a, b, F1, K1, M(18) );
+ R( b, c, d, e, a, F1, K1, M(19) );
+ R( a, b, c, d, e, F2, K2, M(20) );
+ R( e, a, b, c, d, F2, K2, M(21) );
+ R( d, e, a, b, c, F2, K2, M(22) );
+ R( c, d, e, a, b, F2, K2, M(23) );
+ R( b, c, d, e, a, F2, K2, M(24) );
+ R( a, b, c, d, e, F2, K2, M(25) );
+ R( e, a, b, c, d, F2, K2, M(26) );
+ R( d, e, a, b, c, F2, K2, M(27) );
+ R( c, d, e, a, b, F2, K2, M(28) );
+ R( b, c, d, e, a, F2, K2, M(29) );
+ R( a, b, c, d, e, F2, K2, M(30) );
+ R( e, a, b, c, d, F2, K2, M(31) );
+ R( d, e, a, b, c, F2, K2, M(32) );
+ R( c, d, e, a, b, F2, K2, M(33) );
+ R( b, c, d, e, a, F2, K2, M(34) );
+ R( a, b, c, d, e, F2, K2, M(35) );
+ R( e, a, b, c, d, F2, K2, M(36) );
+ R( d, e, a, b, c, F2, K2, M(37) );
+ R( c, d, e, a, b, F2, K2, M(38) );
+ R( b, c, d, e, a, F2, K2, M(39) );
+ R( a, b, c, d, e, F3, K3, M(40) );
+ R( e, a, b, c, d, F3, K3, M(41) );
+ R( d, e, a, b, c, F3, K3, M(42) );
+ R( c, d, e, a, b, F3, K3, M(43) );
+ R( b, c, d, e, a, F3, K3, M(44) );
+ R( a, b, c, d, e, F3, K3, M(45) );
+ R( e, a, b, c, d, F3, K3, M(46) );
+ R( d, e, a, b, c, F3, K3, M(47) );
+ R( c, d, e, a, b, F3, K3, M(48) );
+ R( b, c, d, e, a, F3, K3, M(49) );
+ R( a, b, c, d, e, F3, K3, M(50) );
+ R( e, a, b, c, d, F3, K3, M(51) );
+ R( d, e, a, b, c, F3, K3, M(52) );
+ R( c, d, e, a, b, F3, K3, M(53) );
+ R( b, c, d, e, a, F3, K3, M(54) );
+ R( a, b, c, d, e, F3, K3, M(55) );
+ R( e, a, b, c, d, F3, K3, M(56) );
+ R( d, e, a, b, c, F3, K3, M(57) );
+ R( c, d, e, a, b, F3, K3, M(58) );
+ R( b, c, d, e, a, F3, K3, M(59) );
+ R( a, b, c, d, e, F4, K4, M(60) );
+ R( e, a, b, c, d, F4, K4, M(61) );
+ R( d, e, a, b, c, F4, K4, M(62) );
+ R( c, d, e, a, b, F4, K4, M(63) );
+ R( b, c, d, e, a, F4, K4, M(64) );
+ R( a, b, c, d, e, F4, K4, M(65) );
+ R( e, a, b, c, d, F4, K4, M(66) );
+ R( d, e, a, b, c, F4, K4, M(67) );
+ R( c, d, e, a, b, F4, K4, M(68) );
+ R( b, c, d, e, a, F4, K4, M(69) );
+ R( a, b, c, d, e, F4, K4, M(70) );
+ R( e, a, b, c, d, F4, K4, M(71) );
+ R( d, e, a, b, c, F4, K4, M(72) );
+ R( c, d, e, a, b, F4, K4, M(73) );
+ R( b, c, d, e, a, F4, K4, M(74) );
+ R( a, b, c, d, e, F4, K4, M(75) );
+ R( e, a, b, c, d, F4, K4, M(76) );
+ R( d, e, a, b, c, F4, K4, M(77) );
+ R( c, d, e, a, b, F4, K4, M(78) );
+ R( b, c, d, e, a, F4, K4, M(79) );
+
+ /* Update the chaining variables. */
+ hd->h0 += a;
+ hd->h1 += b;
+ hd->h2 += c;
+ hd->h3 += d;
+ hd->h4 += e;
+ }
}
+#ifdef WORDS_BIGENDIAN
+/*
+ * Transform NBLOCKS of each 64 bytes (16 32-bit words) at DATA. This
+ * version requires that DATA is aligned on a u32 boundary. Note that
+ * we can do this only on big endian machines because we need to sawp
+ * bytes on little endian anyway.
+ */
+static void
+transform_aligned (SHA1_CONTEXT *hd, const unsigned char *data, size_t nblocks)
+{
+ register u32 a, b, c, d, e; /* Local copies of the chaining variables. */
+ register u32 tm; /* Helper. */
+ const u32 *x; /* 32 bit pointer we use for processing. */
+
+ x = (const u32*)data;
+
+ /* Loop over all blocks. */
+ for ( ;nblocks; nblocks--, x += 16)
+ {
+ /* Get the values of the chaining variables. */
+ a = hd->h0;
+ b = hd->h1;
+ c = hd->h2;
+ d = hd->h3;
+ e = hd->h4;
+
+ /* Transform. */
+ R( a, b, c, d, e, F1, K1, x[ 0] );
+ R( e, a, b, c, d, F1, K1, x[ 1] );
+ R( d, e, a, b, c, F1, K1, x[ 2] );
+ R( c, d, e, a, b, F1, K1, x[ 3] );
+ R( b, c, d, e, a, F1, K1, x[ 4] );
+ R( a, b, c, d, e, F1, K1, x[ 5] );
+ R( e, a, b, c, d, F1, K1, x[ 6] );
+ R( d, e, a, b, c, F1, K1, x[ 7] );
+ R( c, d, e, a, b, F1, K1, x[ 8] );
+ R( b, c, d, e, a, F1, K1, x[ 9] );
+ R( a, b, c, d, e, F1, K1, x[10] );
+ R( e, a, b, c, d, F1, K1, x[11] );
+ R( d, e, a, b, c, F1, K1, x[12] );
+ R( c, d, e, a, b, F1, K1, x[13] );
+ R( b, c, d, e, a, F1, K1, x[14] );
+ R( a, b, c, d, e, F1, K1, x[15] );
+ R( e, a, b, c, d, F1, K1, M(16) );
+ R( d, e, a, b, c, F1, K1, M(17) );
+ R( c, d, e, a, b, F1, K1, M(18) );
+ R( b, c, d, e, a, F1, K1, M(19) );
+ R( a, b, c, d, e, F2, K2, M(20) );
+ R( e, a, b, c, d, F2, K2, M(21) );
+ R( d, e, a, b, c, F2, K2, M(22) );
+ R( c, d, e, a, b, F2, K2, M(23) );
+ R( b, c, d, e, a, F2, K2, M(24) );
+ R( a, b, c, d, e, F2, K2, M(25) );
+ R( e, a, b, c, d, F2, K2, M(26) );
+ R( d, e, a, b, c, F2, K2, M(27) );
+ R( c, d, e, a, b, F2, K2, M(28) );
+ R( b, c, d, e, a, F2, K2, M(29) );
+ R( a, b, c, d, e, F2, K2, M(30) );
+ R( e, a, b, c, d, F2, K2, M(31) );
+ R( d, e, a, b, c, F2, K2, M(32) );
+ R( c, d, e, a, b, F2, K2, M(33) );
+ R( b, c, d, e, a, F2, K2, M(34) );
+ R( a, b, c, d, e, F2, K2, M(35) );
+ R( e, a, b, c, d, F2, K2, M(36) );
+ R( d, e, a, b, c, F2, K2, M(37) );
+ R( c, d, e, a, b, F2, K2, M(38) );
+ R( b, c, d, e, a, F2, K2, M(39) );
+ R( a, b, c, d, e, F3, K3, M(40) );
+ R( e, a, b, c, d, F3, K3, M(41) );
+ R( d, e, a, b, c, F3, K3, M(42) );
+ R( c, d, e, a, b, F3, K3, M(43) );
+ R( b, c, d, e, a, F3, K3, M(44) );
+ R( a, b, c, d, e, F3, K3, M(45) );
+ R( e, a, b, c, d, F3, K3, M(46) );
+ R( d, e, a, b, c, F3, K3, M(47) );
+ R( c, d, e, a, b, F3, K3, M(48) );
+ R( b, c, d, e, a, F3, K3, M(49) );
+ R( a, b, c, d, e, F3, K3, M(50) );
+ R( e, a, b, c, d, F3, K3, M(51) );
+ R( d, e, a, b, c, F3, K3, M(52) );
+ R( c, d, e, a, b, F3, K3, M(53) );
+ R( b, c, d, e, a, F3, K3, M(54) );
+ R( a, b, c, d, e, F3, K3, M(55) );
+ R( e, a, b, c, d, F3, K3, M(56) );
+ R( d, e, a, b, c, F3, K3, M(57) );
+ R( c, d, e, a, b, F3, K3, M(58) );
+ R( b, c, d, e, a, F3, K3, M(59) );
+ R( a, b, c, d, e, F4, K4, M(60) );
+ R( e, a, b, c, d, F4, K4, M(61) );
+ R( d, e, a, b, c, F4, K4, M(62) );
+ R( c, d, e, a, b, F4, K4, M(63) );
+ R( b, c, d, e, a, F4, K4, M(64) );
+ R( a, b, c, d, e, F4, K4, M(65) );
+ R( e, a, b, c, d, F4, K4, M(66) );
+ R( d, e, a, b, c, F4, K4, M(67) );
+ R( c, d, e, a, b, F4, K4, M(68) );
+ R( b, c, d, e, a, F4, K4, M(69) );
+ R( a, b, c, d, e, F4, K4, M(70) );
+ R( e, a, b, c, d, F4, K4, M(71) );
+ R( d, e, a, b, c, F4, K4, M(72) );
+ R( c, d, e, a, b, F4, K4, M(73) );
+ R( b, c, d, e, a, F4, K4, M(74) );
+ R( a, b, c, d, e, F4, K4, M(75) );
+ R( e, a, b, c, d, F4, K4, M(76) );
+ R( d, e, a, b, c, F4, K4, M(77) );
+ R( c, d, e, a, b, F4, K4, M(78) );
+ R( b, c, d, e, a, F4, K4, M(79) );
+
+ /* Update the chaining variables. */
+ hd->h0 += a;
+ hd->h1 += b;
+ hd->h2 += c;
+ hd->h3 += d;
+ hd->h4 += e;
+ }
+}
+#endif /* WORDS_BIGENDIAN */
+
+
/* Update the message digest with the contents
* of INBUF with length INLEN.
*/
static void
sha1_write( void *context, const void *inbuf_arg, size_t inlen)
{
const unsigned char *inbuf = inbuf_arg;
SHA1_CONTEXT *hd = context;
+ size_t nblocks;
- if( hd->count == 64 ) /* flush the buffer */
+ if (hd->count == 64) /* Flush the buffer. */
{
- transform( hd, hd->buf );
+ TRANSFORM( hd, hd->buf, 1 );
_gcry_burn_stack (88+4*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
- if( !inbuf )
+ if (!inbuf)
return;
- if( hd->count )
+ if (hd->count)
{
- for( ; inlen && hd->count < 64; inlen-- )
+ for (; inlen && hd->count < 64; inlen--)
hd->buf[hd->count++] = *inbuf++;
- sha1_write( hd, NULL, 0 );
- if( !inlen )
+ sha1_write (hd, NULL, 0);
+ if (!inlen)
return;
}
- while( inlen >= 64 )
+ nblocks = inlen / 64;
+ if (nblocks)
{
- transform( hd, inbuf );
+ TRANSFORM (hd, inbuf, nblocks);
hd->count = 0;
- hd->nblocks++;
- inlen -= 64;
- inbuf += 64;
+ hd->nblocks += nblocks;
+ inlen -= nblocks * 64;
+ inbuf += nblocks * 64;
}
_gcry_burn_stack (88+4*sizeof(void*));
- for( ; inlen && hd->count < 64; inlen-- )
+
+ /* Save remaining bytes. */
+ for (; inlen && hd->count < 64; inlen--)
hd->buf[hd->count++] = *inbuf++;
}
/* The routine final terminates the computation and
* returns the digest.
* The handle is prepared for a new cycle, but adding bytes to the
* handle will the destroy the returned buffer.
* Returns: 20 bytes representing the digest.
*/
static void
sha1_final(void *context)
{
SHA1_CONTEXT *hd = context;
u32 t, msb, lsb;
- byte *p;
+ unsigned char *p;
sha1_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a byte count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) /* enough room */
{
hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else /* need one extra block */
{
hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
sha1_write(hd, NULL, 0); /* flush */;
memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = msb >> 24;
hd->buf[57] = msb >> 16;
hd->buf[58] = msb >> 8;
hd->buf[59] = msb ;
hd->buf[60] = lsb >> 24;
hd->buf[61] = lsb >> 16;
hd->buf[62] = lsb >> 8;
hd->buf[63] = lsb ;
- transform( hd, hd->buf );
+ TRANSFORM( hd, hd->buf, 1 );
_gcry_burn_stack (88+4*sizeof(void*));
p = hd->buf;
#ifdef WORDS_BIGENDIAN
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
#else /* little endian */
#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
*p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0)
#endif
X(0);
X(1);
X(2);
X(3);
X(4);
#undef X
}
-static byte *
+static unsigned char *
sha1_read( void *context )
{
SHA1_CONTEXT *hd = context;
return hd->buf;
}
/****************
* Shortcut functions which puts the hash value of the supplied buffer
* into outbuf which must have a size of 20 bytes.
*/
void
_gcry_sha1_hash_buffer (void *outbuf, const void *buffer, size_t length)
{
SHA1_CONTEXT hd;
sha1_init (&hd);
sha1_write (&hd, buffer, length);
sha1_final (&hd);
memcpy (outbuf, hd.buf, 20);
}
-static byte asn[15] = /* Object ID is 1.3.14.3.2.26 */
+static unsigned char asn[15] = /* Object ID is 1.3.14.3.2.26 */
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
static gcry_md_oid_spec_t oid_spec_sha1[] =
{
/* iso.member-body.us.rsadsi.pkcs.pkcs-1.5 (sha1WithRSAEncryption) */
{ "1.2.840.113549.1.1.5" },
/* iso.member-body.us.x9-57.x9cm.3 (dsaWithSha1)*/
{ "1.2.840.10040.4.3" },
/* from NIST's OIW (sha1) */
{ "1.3.14.3.2.26" },
/* from NIST OIW (sha-1WithRSAEncryption) */
{ "1.3.14.3.2.29" },
/* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha1 */
{ "1.2.840.10045.4.1" },
{ NULL },
};
gcry_md_spec_t _gcry_digest_spec_sha1 =
{
"SHA1", asn, DIM (asn), oid_spec_sha1, 20,
sha1_init, sha1_write, sha1_final, sha1_read,
sizeof (SHA1_CONTEXT)
};
diff --git a/configure.ac b/configure.ac
index 8e3c78a7..59826a37 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,1111 +1,1140 @@
# Configure.ac script for Libgcrypt
# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006,
-# 2007 Free Software Foundation, Inc.
+# 2007, 2008 Free Software Foundation, Inc.
#
# This file is part of Libgcrypt.
#
# Libgcrypt is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# Libgcrypt is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
#
# (Process this file with autoconf to produce a configure script.)
AC_REVISION($Revision$)
AC_PREREQ(2.60)
min_automake_version="1.10"
# Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [1.4.1])
m4_define([my_issvn], [yes])
m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \
|| echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')]))
-AC_INIT([libgcrypt], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]),
+AC_INIT([libgcrypt],
+ [my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision])],
[bug-libgcrypt@gnupg.org])
# LT Version numbers, remember to change them just *before* a release.
# (Interfaces removed: CURRENT++, AGE=0, REVISION=0)
# (Interfaces added: CURRENT++, AGE++, REVISION=0)
# (No interfaces changed: REVISION++)
LIBGCRYPT_LT_CURRENT=15
LIBGCRYPT_LT_AGE=4
LIBGCRYPT_LT_REVISION=3
# If the API is changed in an incompatible way: increment the next counter.
LIBGCRYPT_CONFIG_API_VERSION=1
NEED_GPG_ERROR_VERSION=1.4
is_development_version=my_issvn
BUILD_REVISION=svn_revision
PACKAGE=$PACKAGE_NAME
VERSION=$PACKAGE_VERSION
AC_CONFIG_SRCDIR([src/libgcrypt.vers])
AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
AM_CONFIG_HEADER(config.h)
AC_CANONICAL_HOST
AM_MAINTAINER_MODE
AH_TOP([
#ifndef _GCRYPT_CONFIG_H_INCLUDED
#define _GCRYPT_CONFIG_H_INCLUDED
/* need this, because some autoconf tests rely on this (e.g. stpcpy)
* and it should be used for new programs */
#define _GNU_SOURCE 1
])
AH_BOTTOM([
#define _GCRYPT_IN_LIBGCRYPT 1
/* If the configure check for endianness has been disabled, get it from
OS macros. This is intended for making fat binary builds on OS X. */
#ifdef DISABLED_ENDIAN_CHECK
# if defined(__BIG_ENDIAN__)
# define WORDS_BIGENDIAN 1
# elif defined(__LITTLE_ENDIAN__)
# undef WORDS_BIGENDIAN
# else
# error "No endianness found"
# endif
#endif /*DISABLED_ENDIAN_CHECK*/
+/* We basically use the original Camellia source. Make sure the symbols
+ properly prefixed. */
+#define CAMELLIA_EXT_SYM_PREFIX _gcry_
+
+
#endif /*_GCRYPT_CONFIG_H_INCLUDED*/
])
AH_VERBATIM([_REENTRANT],
[/* To allow the use of Libgcrypt in multithreaded programs we have to use
special features from the library. */
#ifndef _REENTRANT
# define _REENTRANT 1
#endif
])
AC_SUBST(LIBGCRYPT_LT_CURRENT)
AC_SUBST(LIBGCRYPT_LT_AGE)
AC_SUBST(LIBGCRYPT_LT_REVISION)
AC_SUBST(PACKAGE)
AC_SUBST(VERSION)
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package])
AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package])
######################
## Basic checks. ### (we need some results later on (e.g. $GCC)
######################
AC_PROG_MAKE_SET
missing_dir=`cd $ac_aux_dir && pwd`
AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir)
AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir)
AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir)
AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
# AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
AC_PROG_CC
AC_PROG_CPP
AM_PROG_CC_C_O
AM_PROG_AS
AC_ISC_POSIX
AC_PROG_INSTALL
AC_PROG_AWK
AC_LIBTOOL_WIN32_DLL
AC_LIBTOOL_RC
AM_PROG_LIBTOOL
##########################
## General definitions. ##
##########################
# Used by libgcrypt-config
LIBGCRYPT_CONFIG_LIBS="-lgcrypt"
LIBGCRYPT_CONFIG_CFLAGS=""
# Definitions for symmetric ciphers.
available_ciphers="arcfour blowfish cast5 des aes twofish serpent rfc2268 seed"
available_ciphers="$available_ciphers camellia"
enabled_ciphers=""
# Definitions for public-key ciphers.
available_pubkey_ciphers="dsa elgamal rsa ecc"
enabled_pubkey_ciphers=""
# Definitions for message digests.
available_digests="crc md4 md5 rmd160 sha1 sha256"
available_digests_64="sha512 tiger whirlpool"
enabled_digests=""
# Definitions for random modules.
available_random_modules="linux egd unix"
auto_random_modules="$available_random_modules"
# Supported thread backends.
LIBGCRYPT_THREAD_MODULES=""
# Other definitions.
print_egd_notice=no
have_w32_system=no
# Setup some stuff depending on host.
case "${host}" in
*-*-mingw32*)
available_random_modules="w32"
ac_cv_have_dev_random=no
have_w32_system=yes
AC_DEFINE(USE_ONLY_8DOT3,1,
[set this to limit filenames to the 8.3 format])
AC_DEFINE(HAVE_DRIVE_LETTERS,1,
[defined if we must run on a stupid file system])
AC_DEFINE(HAVE_DOSISH_SYSTEM,1,
[defined if we run on some of the PCDOS like systems
(DOS, Windoze. OS/2) with special properties like
no file modes])
;;
i?86-emx-os2 | i?86-*-os2*emx)
# OS/2 with the EMX environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
;;
i?86-*-msdosdjgpp*)
# DOS with the DJGPP environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
;;
*-*-freebsd*)
# FreeBSD
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
;;
*-*-hpux*)
if test -z "$GCC" ; then
CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE"
fi
;;
*-dec-osf4*)
if test -z "$GCC" ; then
# Suppress all warnings
# to get rid of the unsigned/signed char mismatch warnings.
CFLAGS="$CFLAGS -w"
fi
;;
m68k-atari-mint)
;;
*)
;;
esac
if test "$have_w32_system" = yes; then
AC_DEFINE(HAVE_W32_SYSTEM,1, [Defined if we run on a W32 API based system])
fi
AM_CONDITIONAL(HAVE_W32_SYSTEM, test "$have_w32_system" = yes)
# A printable OS Name is sometimes useful.
case "${host}" in
*-*-mingw32*)
PRINTABLE_OS_NAME="MingW32"
;;
i?86-emx-os2 | i?86-*-os2*emx )
PRINTABLE_OS_NAME="OS/2"
;;
i?86-*-msdosdjgpp*)
PRINTABLE_OS_NAME="MSDOS/DJGPP"
;;
*-linux*)
PRINTABLE_OS_NAME="GNU/Linux"
;;
*)
PRINTABLE_OS_NAME=`uname -s || echo "Unknown"`
;;
esac
# Figure out the name of the random device
case "${host}" in
*-openbsd*)
# FIXME: Are these the best flags for OpenBSD?
NAME_OF_DEV_RANDOM="/dev/srandom"
NAME_OF_DEV_URANDOM="/dev/urandom"
# DYNLINK_MOD_CFLAGS="-shared -rdynamic $CFLAGS_PIC -Wl,-Bshareable -Wl,-x"
;;
*-solaris* | *-irix* | *-dec-osf* | *-netbsd* )
NAME_OF_DEV_RANDOM="/dev/random"
NAME_OF_DEV_URANDOM="/dev/random"
# DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
;;
*)
NAME_OF_DEV_RANDOM="/dev/random"
NAME_OF_DEV_URANDOM="/dev/urandom"
# -shared is a gcc-ism. Find pic flags from GNUPG_CHECK_PIC.
# if test -n "$GCC" ; then
# DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
# else
# DYNLINK_MOD_CFLAGS="$CFLAGS_PIC"
# fi
;;
esac
AC_ARG_ENABLE(endian-check,
AC_HELP_STRING([--disable-endian-check],
[disable the endian check and trust the OS provided macros]),
endiancheck=$enableval,endiancheck=yes)
if test x"$endiancheck" = xyes ; then
AC_C_BIGENDIAN
else
AC_DEFINE(DISABLED_ENDIAN_CHECK,1,[configure did not test for endianess])
fi
AC_CHECK_SIZEOF(unsigned short, 2)
AC_CHECK_SIZEOF(unsigned int, 4)
AC_CHECK_SIZEOF(unsigned long, 4)
AC_CHECK_SIZEOF(unsigned long long, 0)
+AC_TYPE_UINTPTR_T
+
if test "$ac_cv_sizeof_unsigned_short" = "0" \
|| test "$ac_cv_sizeof_unsigned_int" = "0" \
|| test "$ac_cv_sizeof_unsigned_long" = "0"; then
AC_MSG_WARN([Hmmm, something is wrong with the sizes - using defaults]);
fi
# Do we have any 64-bit data types?
if test "$ac_cv_sizeof_unsigned_int" != "8" \
&& test "$ac_cv_sizeof_unsigned_long" != "8" \
&& test "$ac_cv_sizeof_unsigned_long_long" != "8" \
&& test "$ac_cv_sizeof_uint64_t" != "8"; then
AC_MSG_WARN([No 64-bit types. Disabling TIGER/192, SHA-384, and SHA-512])
else
available_digests="$available_digests $available_digests_64"
fi
# If not specified otherwise, all available algorithms will be
# included.
default_ciphers="$available_ciphers"
default_pubkey_ciphers="$available_pubkey_ciphers"
default_digests="$available_digests"
############################
## Command line switches. ##
############################
# Implementation of the --enable-ciphers switch.
AC_ARG_ENABLE(ciphers,
AC_HELP_STRING([--enable-ciphers=ciphers],
[select the symmetric ciphers to include]),
[enabled_ciphers=`echo $enableval | tr ',:' ' ' | tr '[A-Z]' '[a-z]'`],
[enabled_ciphers=""])
if test "x$enabled_ciphers" = "x" \
-o "$enabled_ciphers" = "yes" \
-o "$enabled_ciphers" = "no"; then
enabled_ciphers=$default_ciphers
fi
AC_MSG_CHECKING([which symmetric ciphers to include])
for cipher in $enabled_ciphers; do
LIST_MEMBER($cipher, $available_ciphers)
if test "$found" = "0"; then
AC_MSG_ERROR([unsupported cipher "$cipher" specified])
fi
done
AC_MSG_RESULT([$enabled_ciphers])
# Implementation of the --enable-pubkey-ciphers switch.
AC_ARG_ENABLE(pubkey-ciphers,
AC_HELP_STRING([--enable-pubkey-ciphers=ciphers],
[select the public-key ciphers to include]),
[enabled_pubkey_ciphers=`echo $enableval | tr ',:' ' ' | tr '[A-Z]' '[a-z]'`],
[enabled_pubkey_ciphers=""])
if test "x$enabled_pubkey_ciphers" = "x" \
-o "$enabled_pubkey_ciphers" = "yes" \
-o "$enabled_pubkey_ciphers" = "no"; then
enabled_pubkey_ciphers=$default_pubkey_ciphers
fi
AC_MSG_CHECKING([which public-key ciphers to include])
for cipher in $enabled_pubkey_ciphers; do
LIST_MEMBER($cipher, $available_pubkey_ciphers)
if test "$found" = "0"; then
AC_MSG_ERROR([unsupported public-key cipher specified])
fi
done
AC_MSG_RESULT([$enabled_pubkey_ciphers])
# Implementation of the --enable-digests switch.
AC_ARG_ENABLE(digests,
AC_HELP_STRING([--enable-digests=digests],
[select the message digests to include]),
[enabled_digests=`echo $enableval | tr ',:' ' ' | tr '[A-Z]' '[a-z]'`],
[enabled_digests=""])
if test "x$enabled_digests" = "x" \
-o "$enabled_digests" = "yes" \
-o "$enabled_digests" = "no"; then
enabled_digests=$default_digests
fi
AC_MSG_CHECKING([which message digests to include])
for digest in $enabled_digests; do
LIST_MEMBER($digest, $available_digests)
if test "$found" = "0"; then
AC_MSG_ERROR([unsupported message digest specified])
fi
done
AC_MSG_RESULT([$enabled_digests])
# Implementation of the --enable-random switch.
AC_ARG_ENABLE(random,
AC_HELP_STRING([--enable-random=name],
[select which random number generator to use]),
[random=`echo $enableval | tr '[A-Z]' '[a-z]'`],
[])
if test "x$random" = "x" -o "$random" = "yes" -o "$random" = "no"; then
random=default
fi
AC_MSG_CHECKING([which random module to use])
if test "$random" != "default" -a "$random" != "auto"; then
LIST_MEMBER($random, $available_random_modules)
if test "$found" = "0"; then
AC_MSG_ERROR([unsupported random module specified])
fi
fi
AC_MSG_RESULT($random)
# Implementation of the --disable-dev-random switch.
AC_MSG_CHECKING([whether use of /dev/random is requested])
AC_ARG_ENABLE(dev-random,
[ --disable-dev-random disable the use of dev random],
try_dev_random=$enableval, try_dev_random=yes)
AC_MSG_RESULT($try_dev_random)
# Implementation of the --with-egd-socket switch.
AC_ARG_WITH(egd-socket,
[ --with-egd-socket=NAME Use NAME for the EGD socket)],
egd_socket_name="$withval", egd_socket_name="" )
AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, "$egd_socket_name",
[Define if you don't want the default EGD socket name.
For details see cipher/rndegd.c])
# Implementation of the --enable-random-daemon
AC_MSG_CHECKING([whether the experimental random daemon is requested])
AC_ARG_ENABLE([random-daemon],
AC_HELP_STRING([--enable-random-daemon],
[Build and support the experimental gcryptrnd]),
[use_random_daemon=$enableval],
[use_random_daemon=no])
AC_MSG_RESULT($use_random_daemon)
if test x$use_random_daemon = xyes ; then
AC_DEFINE(USE_RANDOM_DAEMON,1,
[Define to support the experimental random daemon])
fi
AM_CONDITIONAL(USE_RANDOM_DAEMON, test x$use_random_daemon = xyes)
# Implementation of --disable-asm.
AC_MSG_CHECKING([whether MPI assembler modules are requested])
AC_ARG_ENABLE([asm],
AC_HELP_STRING([--disable-asm],
[Disable MPI assembler modules]),
[try_asm_modules=$enableval],
[try_asm_modules=yes])
AC_MSG_RESULT($try_asm_modules)
# Implementation of the --enable-m-guard switch.
AC_MSG_CHECKING([whether memory guard is requested])
AC_ARG_ENABLE(m-guard,
AC_HELP_STRING([--enable-m-guard],
[Enable memory guard facility]),
[use_m_guard=$enableval], [use_m_guard=no])
AC_MSG_RESULT($use_m_guard)
if test "$use_m_guard" = yes ; then
AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature])
fi
# Implementation of the --with-capabilities switch.
# Check whether we want to use Linux capabilities
AC_MSG_CHECKING([whether use of capabilities is requested])
AC_ARG_WITH(capabilities,
AC_HELP_STRING([--with-capabilities],
[Use linux capabilities [default=no]]),
[use_capabilities="$withval"],[use_capabilities=no])
AC_MSG_RESULT($use_capabilities)
# Implementation of the --disable-padlock-support switch.
AC_MSG_CHECKING([whether padlock support is requested])
AC_ARG_ENABLE(padlock-support,
AC_HELP_STRING([--disable-padlock-support],
[Disable support for the PadLock Engine of VIA processors]),
padlocksupport=$enableval,padlocksupport=yes)
AC_MSG_RESULT($padlocksupport)
if test x"$padlocksupport" = xyes ; then
AC_DEFINE(ENABLE_PADLOCK_SUPPORT, 1,
[Enable support for the PadLock engine.])
fi
AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME",
[A human readable text with the name of the OS])
# For some systems we know that we have ld_version scripts.
# Use it then as default.
have_ld_version_script=no
case "${host}" in
*-*-linux*)
have_ld_version_script=yes
;;
*-*-gnu*)
have_ld_version_script=yes
;;
esac
AC_ARG_ENABLE([ld-version-script],
AC_HELP_STRING([--enable-ld-version-script],
[enable/disable use of linker version script.
(default is system dependent)]),
[have_ld_version_script=$enableval],
[ : ] )
AM_CONDITIONAL(HAVE_LD_VERSION_SCRIPT, test "$have_ld_version_script" = "yes")
AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, "$NAME_OF_DEV_RANDOM",
[defined to the name of the strong random device])
AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, "$NAME_OF_DEV_URANDOM",
[defined to the name of the weaker random device])
###############################
#### Checks for libraries. ####
###############################
#
# gpg-error is required.
#
AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION")
if test "x$GPG_ERROR_LIBS" = "x"; then
AC_MSG_ERROR([libgpg-error is needed.
See ftp://ftp.gnupg.org/gcrypt/libgpg-error/ .])
fi
AC_DEFINE(GPG_ERR_SOURCE_DEFAULT, GPG_ERR_SOURCE_GCRYPT,
[The default error source for libgcrypt.])
#
# Check whether the GNU Pth library is available. We require this
# to build the optional gcryptrnd program.
#
AC_ARG_WITH(pth-prefix,
AC_HELP_STRING([--with-pth-prefix=PFX],
[prefix where GNU Pth is installed (optional)]),
pth_config_prefix="$withval", pth_config_prefix="")
if test x$pth_config_prefix != x ; then
PTH_CONFIG="$pth_config_prefix/bin/pth-config"
fi
if test "$use_random_daemon" = "yes"; then
AC_PATH_PROG(PTH_CONFIG, pth-config, no)
if test "$PTH_CONFIG" = "no"; then
AC_MSG_WARN([[
***
*** To build the Libgcrypt's random number daemon
*** we need the support of the GNU Portable Threads Library.
*** Download it from ftp://ftp.gnu.org/gnu/pth/
*** On a Debian GNU/Linux system you might want to try
*** apt-get install libpth-dev
***]])
else
GNUPG_PTH_VERSION_CHECK([1.3.7])
if test $have_pth = yes; then
PTH_CFLAGS=`$PTH_CONFIG --cflags`
PTH_LIBS=`$PTH_CONFIG --ldflags`
PTH_LIBS="$PTH_LIBS `$PTH_CONFIG --libs --all`"
AC_DEFINE(USE_GNU_PTH, 1,
[Defined if the GNU Portable Thread Library should be used])
AC_DEFINE(HAVE_PTH, 1,
[Defined if the GNU Pth is available])
fi
fi
fi
AC_SUBST(PTH_CFLAGS)
AC_SUBST(PTH_LIBS)
# Solaris needs -lsocket and -lnsl. Unisys system includes
# gethostbyname in libsocket but needs libnsl for socket.
AC_SEARCH_LIBS(setsockopt, [socket], ,
[AC_SEARCH_LIBS(setsockopt, [socket], , , [-lnsl])])
AC_SEARCH_LIBS(setsockopt, [nsl])
##################################
#### Checks for header files. ####
##################################
AC_HEADER_STDC
AC_CHECK_HEADERS(unistd.h sys/select.h)
##########################################
#### Checks for typedefs, structures, ####
#### and compiler characteristics. ####
##########################################
AC_C_CONST
AC_C_INLINE
AC_TYPE_SIZE_T
AC_TYPE_SIGNAL
AC_DECL_SYS_SIGLIST
GNUPG_CHECK_TYPEDEF(byte, HAVE_BYTE_TYPEDEF)
GNUPG_CHECK_TYPEDEF(ushort, HAVE_USHORT_TYPEDEF)
GNUPG_CHECK_TYPEDEF(ulong, HAVE_ULONG_TYPEDEF)
GNUPG_CHECK_TYPEDEF(u16, HAVE_U16_TYPEDEF)
GNUPG_CHECK_TYPEDEF(u32, HAVE_U32_TYPEDEF)
gl_TYPE_SOCKLEN_T
case "${host}" in
*-*-mingw32*)
# socklen_t may or may not be defined depending on what headers
# are included. To be safe we use int as this is the actual type.
FALLBACK_SOCKLEN_T="typedef int gcry_socklen_t;"
;;
*)
if test ".$gl_cv_socklen_t_equiv" = "."; then
FALLBACK_SOCKLEN_T="typedef socklen_t gcry_socklen_t;"
else
FALLBACK_SOCKLEN_T="typedef ${gl_cv_socklen_t_equiv} gcry_socklen_t;"
fi
esac
AC_SUBST(FALLBACK_SOCKLEN_T)
#
# Check for ELF visibility support.
#
AC_CACHE_CHECK(whether the visibility attribute is supported,
gcry_cv_visibility_attribute,
[gcry_cv_visibility_attribute=no
AC_LANG_CONFTEST([AC_LANG_SOURCE(
[[int foo __attribute__ ((visibility ("hidden"))) = 1;
int bar __attribute__ ((visibility ("protected"))) = 1;
]])])
if ${CC-cc} -Werror -S conftest.c -o conftest.s \
1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then
if grep '\.hidden.*foo' conftest.s >/dev/null 2>&1 ; then
if grep '\.protected.*bar' conftest.s >/dev/null 2>&1; then
gcry_cv_visibility_attribute=yes
fi
fi
fi
])
if test "$gcry_cv_visibility_attribute" = "yes"; then
AC_CACHE_CHECK(for broken visibility attribute,
gcry_cv_broken_visibility_attribute,
[gcry_cv_broken_visibility_attribute=yes
AC_LANG_CONFTEST([AC_LANG_SOURCE(
[[int foo (int x);
int bar (int x) __asm__ ("foo")
__attribute__ ((visibility ("hidden")));
int bar (int x) { return x; }
]])])
if ${CC-cc} -Werror -S conftest.c -o conftest.s \
1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then
if grep '\.hidden@<:@ _@:>@foo' conftest.s >/dev/null 2>&1;
then
gcry_cv_broken_visibility_attribute=no
fi
fi
])
fi
if test "$gcry_cv_visibility_attribute" = "yes"; then
AC_CACHE_CHECK(for broken alias attribute,
gcry_cv_broken_alias_attribute,
[gcry_cv_broken_alias_attribute=yes
AC_LANG_CONFTEST([AC_LANG_SOURCE(
[[extern int foo (int x) __asm ("xyzzy");
int bar (int x) { return x; }
extern __typeof (bar) foo __attribute ((weak, alias ("bar")));
extern int dfoo;
extern __typeof (dfoo) dfoo __asm ("abccb");
int dfoo = 1;
]])])
if ${CC-cc} -Werror -S conftest.c -o conftest.s \
1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then
if grep 'xyzzy' conftest.s >/dev/null 2>&1 && \
grep 'abccb' conftest.s >/dev/null 2>&1; then
gcry_cv_broken_alias_attribute=no
fi
fi
])
fi
if test "$gcry_cv_visibility_attribute" = "yes"; then
AC_CACHE_CHECK(if gcc supports -fvisibility=hidden,
gcry_cv_gcc_has_f_visibility,
[gcry_cv_gcc_has_f_visibility=no
_gcc_cflags_save=$CFLAGS
CFLAGS="-fvisibility=hidden"
AC_COMPILE_IFELSE(AC_LANG_PROGRAM([]),
gcry_cv_gcc_has_f_visibility=yes)
CFLAGS=$_gcc_cflags_save;
])
fi
if test "$gcry_cv_visibility_attribute" = "yes" \
&& test "$gcry_cv_broken_visibility_attribute" != "yes" \
&& test "$gcry_cv_broken_alias_attribute" != "yes" \
&& test "$gcry_cv_gcc_has_f_visibility" = "yes"
then
AC_DEFINE(GCRY_USE_VISIBILITY, 1,
[Define to use the GNU C visibility attribute.])
CFLAGS="$CFLAGS -fvisibility=hidden"
fi
#######################################
#### Checks for library functions. ####
#######################################
AC_FUNC_VPRINTF
# We have replacements for these in src/missing-string.c
AC_CHECK_FUNCS(stpcpy strcasecmp)
# We have replacements for these in src/g10lib.h
AC_CHECK_FUNCS(strtoul memmove stricmp atexit raise)
# Other checks
AC_CHECK_FUNCS(strerror rand mmap getpagesize sysconf waitpid wait4)
AC_CHECK_FUNCS(gettimeofday getrusage gethrtime clock_gettime)
AC_CHECK_FUNCS(fcntl ftruncate)
GNUPG_CHECK_MLOCK
# Check whether we can use Linux capabilities as requested.
if test "$use_capabilities" = "yes" ; then
use_capabilities=no
AC_CHECK_HEADERS(sys/capability.h)
if test "$ac_cv_header_sys_capability_h" = "yes" ; then
AC_CHECK_LIB(cap, cap_init, ac_need_libcap=1)
if test "$ac_cv_lib_cap_cap_init" = "yes"; then
AC_DEFINE(USE_CAPABILITIES,1,
[define if capabilities should be used])
LIBS="$LIBS -lcap"
use_capabilities=yes
fi
fi
if test "$use_capabilities" = "no" ; then
AC_MSG_WARN([[
***
*** The use of capabilities on this system is not possible.
*** You need a recent Linux kernel and some patches:
*** fcaps-2.2.9-990610.patch (kernel patch for 2.2.9)
*** fcap-module-990613.tar.gz (kernel module)
*** libcap-1.92.tar.gz (user mode library and utilities)
*** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN
*** set (filesystems menu). Be warned: This code is *really* ALPHA.
***]])
fi
fi
# Check whether a random device is available.
if test "$try_dev_random" = yes ; then
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
[if test -r "$NAME_OF_DEV_RANDOM" && test -r "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
if test "$ac_cv_have_dev_random" = yes; then
AC_DEFINE(HAVE_DEV_RANDOM,1,
[defined if the system supports a random device] )
fi
else
AC_MSG_CHECKING(for random device)
ac_cv_have_dev_random=no
AC_MSG_RESULT(has been disabled)
fi
# Figure out the random modules for this configuration.
if test "$random" = "default"; then
# Select default value.
if test "$ac_cv_have_dev_random" = yes; then
# Try Linuxish random device.
random_modules="linux"
else
case "${host}" in
*-*-mingw32*|*-*-cygwin*)
# Windows random device.
random_modules="w32"
;;
*)
# Build everything, allow to select at runtime.
random_modules="$auto_random_modules"
;;
esac
fi
else
if test "$random" = "auto"; then
# Build everything, allow to select at runtime.
random_modules="$auto_random_modules"
else
random_modules="$random"
fi
fi
#
# Setup assembler stuff.
#
GNUPG_SYS_SYMBOL_UNDERSCORE()
AC_ARG_ENABLE(mpi-path,
AC_HELP_STRING([--enable-mpi-path=EXTRA_PATH],
[prepend EXTRA_PATH to list of CPU specific optimizations]),
mpi_extra_path="$enableval",mpi_extra_path="")
AC_MSG_CHECKING(for mpi assembler functions)
if test -f $srcdir/mpi/config.links ; then
. $srcdir/mpi/config.links
AC_CONFIG_LINKS("$mpi_ln_list")
ac_cv_mpi_sflags="$mpi_sflags"
AC_MSG_RESULT(done)
else
AC_MSG_RESULT(failed)
AC_MSG_ERROR([mpi/config.links missing!])
fi
MPI_SFLAGS="$ac_cv_mpi_sflags"
AC_SUBST(MPI_SFLAGS)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_ADD1, test "$mpi_mod_asm_mpih_add1" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_SUB1, test "$mpi_mod_asm_mpih_sub1" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_MUL1, test "$mpi_mod_asm_mpih_mul1" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_MUL2, test "$mpi_mod_asm_mpih_mul2" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_MUL3, test "$mpi_mod_asm_mpih_mul3" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_LSHIFT, test "$mpi_mod_asm_mpih_lshift" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_MPIH_RSHIFT, test "$mpi_mod_asm_mpih_rshift" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_UDIV, test "$mpi_mod_asm_udiv" = yes)
AM_CONDITIONAL(MPI_MOD_ASM_UDIV_QRNND, test "$mpi_mod_asm_udiv_qrnnd" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_ADD1, test "$mpi_mod_c_mpih_add1" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_SUB1, test "$mpi_mod_c_mpih_sub1" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_MUL1, test "$mpi_mod_c_mpih_mul1" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_MUL2, test "$mpi_mod_c_mpih_mul2" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_MUL3, test "$mpi_mod_c_mpih_mul3" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_LSHIFT, test "$mpi_mod_c_mpih_lshift" = yes)
AM_CONDITIONAL(MPI_MOD_C_MPIH_RSHIFT, test "$mpi_mod_c_mpih_rshift" = yes)
AM_CONDITIONAL(MPI_MOD_C_UDIV, test "$mpi_mod_c_udiv" = yes)
AM_CONDITIONAL(MPI_MOD_C_UDIV_QRNND, test "$mpi_mod_c_udiv_qrnnd" = yes)
if test "$is_development_version" = "yes"; then
AC_DEFINE(IS_DEVELOPMENT_VERSION,1,
[Defined if this is not a regular release])
fi
AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes)
# This is handy for debugging so the compiler doesn't rearrange
# things and eliminate variables.
AC_ARG_ENABLE(optimization,
AC_HELP_STRING([--disable-optimization],
[disable compiler optimization]),
[if test $enableval = no ; then
CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'`
fi])
AC_ARG_ENABLE(gcc-warnings,
AC_HELP_STRING([--enable-gcc-warnings],
[enable more verbose gcc warnings]),
[more_gcc_warnings="$enableval"],
[more_gcc_warnings="no"])
if test "$GCC" = yes; then
if test "$USE_MAINTAINER_MODE" = "yes" ||
test "$more_gcc_warnings" = "yes"; then
CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes"
if test "$more_gcc_warnings" = "yes"; then
CFLAGS="$CFLAGS -W -Wextra -Wbad-function-cast"
CFLAGS="$CFLAGS -Wwrite-strings"
CFLAGS="$CFLAGS -Wdeclaration-after-statement"
CFLAGS="$CFLAGS -Wno-missing-field-initializers"
CFLAGS="$CFLAGS -Wno-sign-compare"
# Note: We don't use -Wunreachable-code because this gives
# warnings for all asserts and many inline functions like
# gpg_error (gcc 4.1.2 20060928).
fi
else
CFLAGS="$CFLAGS -Wall"
fi
AC_MSG_CHECKING([if gcc supports -Wpointer-arith])
_gcc_cflags_save=$CFLAGS
CFLAGS="-Wpointer-arith"
AC_COMPILE_IFELSE(AC_LANG_PROGRAM([]),_gcc_wopt=yes,_gcc_wopt=no)
AC_MSG_RESULT($_gcc_wopt)
CFLAGS=$_gcc_cflags_save;
if test x"$_gcc_wopt" = xyes ; then
CFLAGS="$CFLAGS -Wpointer-arith"
fi
fi
# Check whether as(1) supports a noeexecstack feature. This test
# includes an override option.
CL_AS_NOEXECSTACK
AC_SUBST(LIBGCRYPT_CONFIG_API_VERSION)
AC_SUBST(LIBGCRYPT_CONFIG_LIBS)
AC_SUBST(LIBGCRYPT_CONFIG_CFLAGS)
AC_SUBST(LIBGCRYPT_THREAD_MODULES)
AC_CONFIG_COMMANDS([gcrypt-conf],[[
chmod +x src/libgcrypt-config
]],[[
prefix=$prefix
exec_prefix=$exec_prefix
libdir=$libdir
datadir=$datadir
DATADIRNAME=$DATADIRNAME
]])
#####################
#### Conclusion. ####
#####################
# Define conditional sources and config.h symbols depending on the
# selected ciphers, pubkey-ciphers, digests and random modules.
LIST_MEMBER(arcfour, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS arcfour.lo"
-AC_DEFINE_UNQUOTED(USE_ARCFOUR, $found,
- [Defined if this module should be included])
+if test "$found" = "1"; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS arcfour.lo"
+ AC_DEFINE(USE_ARCFOUR, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(blowfish, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS blowfish.lo"
-AC_DEFINE_UNQUOTED(USE_BLOWFISH, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS blowfish.lo"
+ AC_DEFINE(USE_BLOWFISH, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(cast5, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS cast5.lo"
-AC_DEFINE_UNQUOTED(USE_CAST5, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS cast5.lo"
+ AC_DEFINE(USE_CAST5, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(des, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS des.lo"
-AC_DEFINE_UNQUOTED(USE_DES, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS des.lo"
+ AC_DEFINE(USE_DES, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(aes, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS rijndael.lo"
-AC_DEFINE_UNQUOTED(USE_AES, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS rijndael.lo"
+ AC_DEFINE(USE_AES, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(twofish, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS twofish.lo"
-AC_DEFINE_UNQUOTED(USE_TWOFISH, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS twofish.lo"
+ AC_DEFINE(USE_TWOFISH, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(serpent, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS serpent.lo"
-AC_DEFINE_UNQUOTED(USE_SERPENT, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS serpent.lo"
+ AC_DEFINE(USE_SERPENT, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(rfc2268, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS rfc2268.lo"
-AC_DEFINE_UNQUOTED(USE_RFC2268, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS rfc2268.lo"
+ AC_DEFINE(USE_RFC2268, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(seed, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS seed.lo"
-AC_DEFINE_UNQUOTED(USE_SEED, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS seed.lo"
+ AC_DEFINE(USE_SEED, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(camellia, $enabled_ciphers)
-test "$found" = "1" && GCRYPT_CIPHERS="$GCRYPT_CIPHERS camellia.lo camellia-glue.lo"
-AC_DEFINE_UNQUOTED(USE_CAMELLIA, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_CIPHERS="$GCRYPT_CIPHERS camellia.lo camellia-glue.lo"
+ AC_DEFINE(USE_CAMELLIA, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(dsa, $enabled_pubkey_ciphers)
-test "$found" = "1" && GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS dsa.lo"
-AC_DEFINE_UNQUOTED(USE_DSA, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS dsa.lo"
+ AC_DEFINE(USE_DSA, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(rsa, $enabled_pubkey_ciphers)
-test "$found" = "1" && GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS rsa.lo"
-AC_DEFINE_UNQUOTED(USE_RSA, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS rsa.lo"
+ AC_DEFINE(USE_RSA, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(elgamal, $enabled_pubkey_ciphers)
-test "$found" = "1" \
- && GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS elgamal.lo"
-AC_DEFINE_UNQUOTED(USE_ELGAMAL, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS elgamal.lo"
+ AC_DEFINE(USE_ELGAMAL, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(ecc, $enabled_pubkey_ciphers)
-test "$found" = "1" \
- && GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS ecc.lo"
-AC_DEFINE_UNQUOTED(USE_ECC, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_PUBKEY_CIPHERS="$GCRYPT_PUBKEY_CIPHERS ecc.lo"
+ AC_DEFINE(USE_ECC, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(crc, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS crc.lo"
-AC_DEFINE_UNQUOTED(USE_CRC, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS crc.lo"
+ AC_DEFINE(USE_CRC, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(md4, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS md4.lo"
-AC_DEFINE_UNQUOTED(USE_MD4, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS md4.lo"
+ AC_DEFINE(USE_MD4, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(md5, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS md5.lo"
-AC_DEFINE_UNQUOTED(USE_MD5, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS md5.lo"
+ AC_DEFINE(USE_MD5, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(sha256, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha256.lo"
-AC_DEFINE_UNQUOTED(USE_SHA256, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha256.lo"
+ AC_DEFINE(USE_SHA256, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(sha512, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha512.lo"
-AC_DEFINE_UNQUOTED(USE_SHA512, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS sha512.lo"
+ AC_DEFINE(USE_SHA512, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(tiger, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS tiger.lo"
-AC_DEFINE_UNQUOTED(USE_TIGER, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS tiger.lo"
+ AC_DEFINE(USE_TIGER, 1, [Defined if this module should be included])
+fi
LIST_MEMBER(whirlpool, $enabled_digests)
-test "$found" = "1" && GCRYPT_DIGESTS="$GCRYPT_DIGESTS whirlpool.lo"
-AC_DEFINE_UNQUOTED(USE_WHIRLPOOL, $found,
- [Defined if this module should be included])
+if test "$found" = "1" ; then
+ GCRYPT_DIGESTS="$GCRYPT_DIGESTS whirlpool.lo"
+ AC_DEFINE(USE_WHIRLPOOL, 1, [Defined if this module should be included])
+fi
# rmd160 and sha1 should be included always.
GCRYPT_DIGESTS="$GCRYPT_DIGESTS rmd160.lo sha1.lo"
-AC_DEFINE_UNQUOTED(USE_RMD160, 1, [Defined if this module should be included])
-AC_DEFINE_UNQUOTED(USE_SHA1, 1, [Defined if this module should be included])
+AC_DEFINE(USE_RMD160, 1, [Defined if this module should be included])
+AC_DEFINE(USE_SHA1, 1, [Defined if this module should be included])
LIST_MEMBER(linux, $random_modules)
-test "$found" = "1" && GCRYPT_RANDOM="$GCRYPT_RANDOM rndlinux.lo"
-AC_DEFINE_UNQUOTED(USE_RNDLINUX, $found,
- [Defined if the /dev/random based RNG should be used.])
-
+if test "$found" = "1" ; then
+ GCRYPT_RANDOM="$GCRYPT_RANDOM rndlinux.lo"
+ AC_DEFINE(USE_RNDLINUX, 1, [Defined if the /dev/random RNG should be used.])
+fi
LIST_MEMBER(unix, $random_modules)
-test "$found" = "1" && GCRYPT_RANDOM="$GCRYPT_RANDOM rndunix.lo"
-AC_DEFINE_UNQUOTED(USE_RNDUNIX, $found,
- [Defined if the default Unix RNG should be used.])
-if test "$found" = "1"; then
+if test "$found" = "1" ; then
+ GCRYPT_RANDOM="$GCRYPT_RANDOM rndunix.lo"
+ AC_DEFINE(USE_RNDUNIX, 1, [Defined if the default Unix RNG should be used.])
print_egd_notice=yes
fi
LIST_MEMBER(egd, $random_modules)
-test "$found" = "1" && GCRYPT_RANDOM="$GCRYPT_RANDOM rndegd.lo"
-AC_DEFINE_UNQUOTED(USE_RNDEGD, $found,
- [Defined if the EGD based RNG should be used.])
+if test "$found" = "1" ; then
+ GCRYPT_RANDOM="$GCRYPT_RANDOM rndegd.lo"
+ AC_DEFINE(USE_RNDEGD, 1, [Defined if the EGD based RNG should be used.])
+fi
LIST_MEMBER(w32, $random_modules)
-test "$found" = "1" && GCRYPT_RANDOM="$GCRYPT_RANDOM rndw32.lo"
-AC_DEFINE_UNQUOTED(USE_RNDW32, $found,
- [Defined if the Windows specific RNG should be used.])
+if test "$found" = "1" ; then
+ GCRYPT_RANDOM="$GCRYPT_RANDOM rndw32.lo"
+ AC_DEFINE(USE_RNDW32, 1,
+ [Defined if the Windows specific RNG should be used.])
+fi
AC_SUBST([GCRYPT_CIPHERS])
AC_SUBST([GCRYPT_PUBKEY_CIPHERS])
AC_SUBST([GCRYPT_DIGESTS])
AC_SUBST([GCRYPT_RANDOM])
AC_SUBST(LIBGCRYPT_CIPHERS, $enabled_ciphers)
AC_SUBST(LIBGCRYPT_PUBKEY_CIPHERS, $enabled_pubkey_ciphers)
AC_SUBST(LIBGCRYPT_DIGESTS, $enabled_digests)
# For printing the configuration we need a colon separated list of
# algorithm names.
tmp=`echo "$enabled_ciphers" | tr ' ' : `
AC_DEFINE_UNQUOTED(LIBGCRYPT_CIPHERS, "$tmp",
[List of available cipher algorithms])
tmp=`echo "$enabled_pubkey_ciphers" | tr ' ' : `
AC_DEFINE_UNQUOTED(LIBGCRYPT_PUBKEY_CIPHERS, "$tmp",
[List of available public key cipher algorithms])
tmp=`echo "$enabled_digests" | tr ' ' : `
AC_DEFINE_UNQUOTED(LIBGCRYPT_DIGESTS, "$tmp",
[List of available digest algorithms])
# Generate extended version information for W32.
if test "$have_w32_system" = yes; then
BUILD_TIMESTAMP=`date --iso-8601=minutes`
changequote(,)dnl
BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'`
changequote([,])dnl
BUILD_FILEVERSION="${BUILD_FILEVERSION}${BUILD_REVISION}"
fi
AC_SUBST(BUILD_REVISION)
AC_SUBST(BUILD_TIMESTAMP)
AC_SUBST(BUILD_FILEVERSION)
AC_DEFINE_UNQUOTED(BUILD_REVISION, "$BUILD_REVISION",
[Subversion revision used to build this package])
# And create the files.
AC_CONFIG_FILES([
Makefile
m4/Makefile
mpi/Makefile
cipher/Makefile
doc/Makefile
src/Makefile
src/gcrypt.h
src/libgcrypt-config
src/versioninfo.rc
tests/Makefile
])
AC_OUTPUT
# Give some feedback
echo "
Libgcrypt v${VERSION} has been configured as follows:
Platform: $PRINTABLE_OS_NAME ($host)
"
if test "$print_egd_notice" = "yes"; then
cat <<G10EOF
The performance of the Unix random gatherer module (rndunix) is not
very good and it does not keep the entropy pool over multiple
invocations of Libgcrypt base applications. The suggested way to
overcome this problem is to use the
Entropy Gathering Daemon (EGD)
which provides a entropy source for the whole system. It is written
in Perl and available at the GnuPG FTP servers. To enable EGD you
should rerun configure with the option "--enable-static-rnd=egd".
For more information consult the GnuPG webpages:
http://www.gnupg.org/download.html#egd
G10EOF
fi
if test -n "$gpl"; then
echo "Please note that you are building a version of Libgcrypt with"
echo " $gpl"
echo "included. These parts are licensed under the GPL and thus the"
echo "use of this library has to comply with the conditions of the GPL."
fi
diff --git a/src/ChangeLog b/src/ChangeLog
index 5be65475..25faf359 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,1842 +1,1847 @@
+2008-04-18 Werner Koch <wk@g10code.com>
+
+ * missing-string.c (vasprintf): Remove. It is not used. Reported
+ by Simon Josefsson.
+
2008-03-11 Werner Koch <wk@g10code.com>
* gcrypt.h.in (gcry_ac_em_t, gcry_ac_scheme_t): Remove trailing
comma for full C-89 compatibility.
2008-01-21 Marcus Brinkmann <marcus@g10code.de>
* hwfeatures.c (detect_ia32_gnuc): Fix inline asm.
2007-12-11 Werner Koch <wk@g10code.com>
* visibility.c (gcry_md_hash_buffer): Don't use return vor a void
function. Hey, why does gcc not complain about this?
(gcry_ac_io_init_va): Ditto.
2007-12-05 Werner Koch <wk@g10code.com>
* hwfeatures.c (detect_ia32_gnuc): Depend on ENABLE_PADLOCK_SUPPORT.
2007-12-03 Werner Koch <wk@g10code.com>
* misc.c (_gcry_logv): Use abort for error levels fatal and bug as
this is more approriate for a library. Terminate the secmem
before doing so.
(_gcry_fatal_error): Terminate secmem before abort.
* secmem.c (_gcry_secmem_malloc_internal): Use log_bug instead of
exit.
2007-11-29 Werner Koch <wk@g10code.com>
* hwfeatures.c (detect_ia32_gnuc): Detect Padlock engine.
2007-11-13 Werner Koch <wk@g10code.com>
* gcrypt.h.in (_GCRY_GCC_ATTR_MALLOC): Fixed gcc version check.
Reported by Gabriele Monti.
2007-10-31 Werner Koch <wk@g10code.com>
* global.c (gcry_control): Factor most code out to ..
(_gcry_vcontrol): .. new.
* sexp.c (_gcry_sexp_vbuild): New.
* mpi.h (_gcry_mpi_set, _gcry_mpi_set_ui, _gcry_mpi_invm): Remove
prototypes as they are already in gcrypt.h.
2007-10-30 Werner Koch <wk@g10code.com>
* sexp.c (gcry_sexp_nth_string): Replace by _gcry_sexp_nth_string.
* visibility.h, visibility.c: New.
* g10lib.h: Include visibility.h instead of gcrypt.h.
* globals.c (_gcry_malloc): Rename to ..
(do_malloc): .. this.
* hwfeatures.c: New.
* global.c (global_init): Detect features.
(print_config): Print them.
2007-08-22 Werner Koch <wk@g10code.com>
* dumpsexp.c: New.
* Makefile.am (bin_PROGRAMS): Install it.
* getrandom.c (print_version): Use new standard license line.
* gcryptrnd.c (print_version): Ditto.
2007-06-06 Werner Koch <wk@g10code.com>
* gcrypt.h.in (GCRY_THREAD_OPTION_PTH_IMPL): Factror network
related code out so that the prototypes can be adjusted for W32.
(_GCRY_THREAD_OPTION_PTH_IMPL_NET): New.
2007-05-09 Werner Koch <wk@g10code.com>
* libgcrypt.m4: Print found version on success.
2007-05-09 Marcus Brinkmann <marcus@g10code.de>
* gcrypt.h.in (gcry_ac_io_t): Add name for anonymous union, and mark
all members as internal (actually: deprecated).
2007-05-04 Werner Koch <wk@g10code.com>
* Makefile.am (.rc.lo): New to replace gmake specific suffix rule.
2007-05-03 Werner Koch <wk@g10code.com>
* libgcrypt.def (gcry_sexp_nth_string): New.
* Makefile.am (EXTRA_DIST): Add libgcrypt.def.
2007-05-02 Werner Koch <wk@g10code.com>
* global.c (print_config): Print ciphers, digests and pubkeys.
2007-05-02 David Shaw <dshaw@jabberwocky.com>
* cipher.h, gcrypt.h.in: Add Camellia.
2007-04-30 Werner Koch <wk@g10code.com>
* gcrypt.h.in (GCRYCTL_PRINT_CONFIG): New.
(GCRYCTL_SET_RNDEGD_SOCKET): New.
* global.c (gcry_control): Add GCRYCTL_PRINT_CONFIG and
GCRYCTL_SET_RNDEGD_SOCKET.
(print_config): New.
* misc.c (_gcry_log_info_with_dummy_fp): New.
2007-04-18 Werner Koch <wk@g10code.com>
* gcrypt.h.in (gcry_sexp_nth_string): New.
* sexp.c (gcry_sexp_nth_data): Factored code out to ...
(sexp_nth_data): ... new.
(gcry_sexp_nth_string): New.
(gcry_sexp_nth_mpi): Reimplemented in terms of sexp_ntd_data.
2007-04-16 Werner Koch <wk@g10code.com>
* secmem.c (init_pool): Use sysconf() if available to determine
page size.
2007-03-22 Werner Koch <wk@g10code.com>
* mpi.h (mpi_mod): New.
(mpi_new, mpi_snew): New.
* gcrypt.h.in: Add GCRY_PK_ECDSA.
2007-03-16 Werner Koch <wk@g10code.com>
* gcrypt.h.in (GCRY_THREAD_OPTION_PTHREAD_IMPL): Fixed typo
introduced by me on 2006-10-23.
2007-02-22 Werner Koch <wk@g10code.com>
* gcrypt.h.in (gcry_ac_id_to_name, gcry_ac_name_to_id): Mark as
deprecated.
* libgcrypt.def (gcry_fast_random_poll): Removed - it is a macro.
(gcry_cipher_register, gcry_cipher_unregister): New.
(gcry_md_register, gcry_md_unregister): New.
(gcry_pk_register, gcry_pk_unregister): New.
(gcry_ac_data_from_sexp, gcry_ac_data_to_sexp): New.
(gcry_ac_io_init, gcry_ac_io_init_va): New.
(gcry_ac_data_encrypt_scheme, gcry_ac_data_decrypt_scheme): New.
(gcry_ac_data_sign_scheme, gcry_ac_data_verify_scheme): New.
* missing-string.c: Include stdio.h for the vsprintf prototype.
* ath.h (struct ath_ops) [_WIN32]: Use int instead of socklen_t.
2007-02-21 Werner Koch <wk@g10code.com>
* libgcrypt.def (gcry_create_nonce, gcry_fast_random_poll)
(gcry_md_debug): New.
* libgcrypt-config.in: Remove duplicates from --cflags and --libs.
Print a error for option --thread.
* gcrypt.h.in (gcry_sexp_sprint): Change BUFFER from char* to void*.
(gcry_md_ctl): Change BUFFER from unsigned char* to void*.
(gcry_md_debug): New.
(gcry_cipher_encrypt, gcry_cipher_decrypt): Change buffer args to
void*.
(gcry_randomize): Change BUFFER to void.
(gcry_create_nonce): Ditto.
* libgcrypt.vers (gcry_md_debug): New.
* sexp.c (gcry_sexp_sprint): Ditto.
(normalize): Make P unsigned.
(gcry_sexp_nth_data): Cast return value to char*.
(sexp_sscan): Fix sign/unsigned conflicts.
(whitespacep): Change P to char*.
(unquote_string): Change STRING to char*.
(convert_to_hex): Change DEST to char*.
(convert_to_string): Change DEST and P to char*.
(convert_to_token): Chnage DEST to char*.
(gcry_sexp_canon_len): Change DISPHINT to unsigned char*.
* gcrypt-module.h (gcry_pk_spec): Made ALIASES a const.
(gcry_md_write_t): Changed BUF to a const void*.
2007-02-12 Werner Koch <wk@g10code.com>
* gcrypt.h.in: Include stdlib.h for the sake fo the trheading
macros. Suggested by Andreas Metzler.
* secmem.c (ptr_into_pool_p): New.
(_gcry_private_is_secure): Implement in terms of new function.
(BLOCK_VALID): Removed. Replaced all users by new function.
2007-01-31 Werner Koch <wk@g10code.com>
* secmem.c (_gcry_private_is_secure): Fixed severe implementation
flaw. Might be the reason for some of the more obscure bugs.
(MB_WIPE_OUT): Use wipememory2.
2006-10-23 Werner Koch <wk@g10code.com>
* gcrypt.h.in (GCRY_THREAD_OPTION_PTHREAD_IMPL): Add some cast for
use by C-doubleplus. In general I don't like this but due to
public demand I give up ;-)
2006-10-19 Werner Koch <wk@g10code.com>
* global.c (gcry_control) <GCRYCTL_INIT_SECMEM>: Return an error
if the memory could not be locked.
* secmem.c (not_locked): New.
(_gcry_secmem_get_flags): Return that flag.
* secmem.h (GCRY_SECMEM_FLAG_NOT_LOCKED): New.
2006-10-05 Werner Koch <wk@g10code.com>
* module.c (_gcry_module_id_new): Don't assign modules in the range
the range of 1024..4096.
* gcrypt.h (GCRY_MD_USER, GCRY_MD_USER_LAST): New
(GCRY_PK_USER, GCRY_PK_USER_LAST): New.
(GCRY_CIPHER_USER, GCRY_CIPHER_USER_LAST): New.
2006-10-12 Marcus Brinkmann <marcus@g10code.de>
* gcrypt.h.in: Replace socklen_t with gcry_socklen_t.
2006-10-11 Marcus Brinkmann <marcus@g10code.de>
* gcrypt.h.in: Replace version by @VERSION@.
2006-10-10 Marcus Brinkmann <marcus@g10code.de>
* gcrypt.h: Add fallback type for socklen_t. Move to ...
* gcrypt.h.in: ... this file.
* Makefile.am (EXTRA_DIST): Add gcrypt.h.in.
2006-09-04 Werner Koch <wk@g10code.com>
* gcrypt.h: Removed some trailing comma in enums.
2006-08-29 Werner Koch <wk@g10code.com>
* global.c (gcry_xrealloc): Pass secure flag to outofcore handler.
* gcrypt.h (GCRY_CIPHER_SEED): New.
2006-08-21 Werner Koch <wk@g10code.com>
* gcrypt.h (GCRYCTL_FAKED_RANDOM_P): New.
2006-07-29 Marcus Brinkmann <marcus@g10code.de>
* secmem.c (init_pool): Close FD after establishing the mapping.
2006-07-12 Marcus Brinkmann <marcus@g10code.de>
* ath.c (ath_mutex_destroy): Microoptimize destruction of unused
statitically initialized mutexes. Suggested by Victor Stinner
<victor.stinner@inl.fr>.
* gcrypt.h (GCRY_THREAD_OPTION_PTHREAD_IMPL,
(GCRY_THREAD_OPTION_PTH_IMPL): Add missing initializers to
suppress gcc warning.
Submitted by Victor Stinner <victor.stinner@inl.fr>.
2006-07-04 Marcus Brinkmann <marcus@g10code.de>
* ath.c: Avoid warning about double defined type byte and other
hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH).
* ath.h, gcrypt.h, tests/benchmark.c, src/types.h: Likewise.
* gcrypt.h: Revert last change, and instead:
[_WIN32 || __WIN32__]: Do not include <sys/socket.h>, but
<winsock2.h> and <ws2tcpip.h>.
Suggested by Simon Josefsson <jas@extundo.com>.
* Makefile.am (install-data-local, uninstall-local, %.lo,
(install-def-file, uninstall-def-file): New targets.
(LTRCCOMPILE, gcrypt_res, gcrypt_res_ldflag, no_undefined,
(export_symbols, gcrypt_deps): New variables.
* versioninfo.rc.in: New file.
* libgcrypt.def: New file from ../w32-dll/libgcrypt.def.
* gcrypt.h [!HAVE_SYS_SOCKET_H]: Do not include sys/socket.h, but
the appropriate windows socket header.
2006-06-21 Werner Koch <wk@g10code.com>
* global.c (gcry_xcalloc, gcry_xcalloc_secure): Made safe against
integer overflow.
* sexp.c (make_space): Return an error on out of core.
(sexp_sscan): Remove all xmalloc style calls and return proper
error codes on allocation failures.
(gcry_sexp_find_token): Ditto.
(gcry_sexp_nth):
* sexp.c (gcry_sexp_find_token): Re-indented and removed a cruft
"while(level);" which fortunately had no effect.
2006-04-28 Werner Koch <wk@g10code.com>
* gcrypt.h (GCRY_MD_SHA224): Change value from 306 to 11 to match
the use in OpenPGP. There has been no release yet, so we can
safely do it.
2006-04-22 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_ctl_cmds): New commands:
GCRYCTL_SET_RANDOM_DAEMON_SOCKET, GCRYCTL_USE_RANDOM_DAEMON.
* global.c (gcry_control): Handle new commands, calling
_gcry_set_random_daemon_socket() and _gcry_use_random_daemon().
2006-04-18 Werner Koch <wk@g10code.com>
* gcrypt.h (GCRY_PK_USAGE_CERT, GCRY_PK_USAGE_AUTH)
(GCRY_PK_USAGE_UNKN): New.
2006-04-01 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_ac_eme_pkcs_v1_5): Removed members: key, handle;
added member: key_size.
* secmem.c (MB_FLAG_ACTIVE): Write braces around MB_FLAG_ACTIVE
definition.
2006-03-15 Werner Koch <wk@g10code.com>
* getrandom.c: New.
2006-03-14 Werner Koch <wk@g10code.com>
* gcryptrnd.c: New.
2006-03-10 Werner Koch <wk@g10code.com>
* gcrypt.h: Add GCRY_MD_SHA224.
2005-11-02 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Update comments for functions: gcry_cipher_algo_name,
gcry_pk_algo_name.
2005-10-31 Moritz Schulte <moritz@g10code.com>
* global.c: Added documentation.
2005-10-16 Moritz Schulte <moritz@g10code.com>
* global.c (global_init): Use gcry_error_t instead of
gcry_err_code_t; use goto instead of if constructs.
* stdmem.c: Inserted description of the layered memory management
in Libgcrypt.
* g10lib.h: Removed G10_I18N_H related check; it seems to be a
GnuPG relict (Libgcrypt does not define this symbol anywhere).
(FLAG_MODULE_DISABLED): Don't forget parantheses around shifted
value.
Removed GCC_ATTR_PURE macro definitions, since gcrypt.h does
already contain such a macro named _GCRY_GCC_ATTR_PURE, which we
can use here as well.
Likewise for GCC_ATTR_MALLOC and _GCRY_GCC_ATTR_MALLOC.
* stdmem.h: Use _GCRY_GCC_ATTR_MALLOC instead of GCC_ATTR_MALLOC.
* secmem.h: Likewise.
2005-10-09 Moritz Schulte <moritz@g10code.com>
* global.c (gcry_control): Call global_init() after passing thread
cbs to ath. global_init() MUST to be called AFTER passing the cbs
to ath and BEFORE calling library functions, which make use of
ath. This change combines cbs installing with ath initialization
and thus removes the need to call other library initialization
functions inbetween like e.g. gcry_check_version().
2005-10-01 Moritz Schulte <moritz@g10code.com>
* ath.c: Assign copyright to FSF.
* ath.h: Likewise.
2005-06-25 Moritz Schulte <moritz@g10code.com>
* Makefile.am (pkgconfigdir, pkgconfig_DATA): Removed variables.
* libgcrypt.pc.in: Removed file - we do not want to support a
second, foreign configuration system.
2005-06-17 Moritz Schulte <moritz@g10code.com>
* global.c (gcry_xstrdup): Removed superfluous strcpy call.
2005-04-22 Moritz Schulte <moritz@g10code.com>
* Makefile.am (pkgconfigdir, pkgconfig_DATA): New; support for
pkgconfig provided by Albert Chin.
* libgcrypt.pc.in (Cflags): New file.
2005-04-16 Moritz Schulte <moritz@g10code.com>
* g10lib.h (_gcry_ac_init): Declare.
* global.c (global_init): Call _gcry_ac_init; don't forget to set
err.
2005-04-14 Werner Koch <wk@g10code.com>
* sexp.c (whitespacep): New.
(sexp_sscan): Replaced isdigit and isspace by whitespacep and
digitp.
2005-04-11 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_md_algos): Added: GCRY_MD_WHIRLPOOL.
* cipher.h (_gcry_digest_spec_whirlpool): Declare.
2005-03-30 Moritz Schulte <moritz@g10code.com>
* libgcrypt.vers: Added: gcry_ac_io_init, gry_ac_io_init_va.
* gcrypt.h (gcry_ac_data_read_cb_t, gcry_ac_data_write_cb_t,
gcry_ac_io_mode_t, gcry_ac_io_type_t, gcry_ac_io_t): New types.
(gcry_ac_io_init_va): Declare function.
(gcry_ac_data_encode, gcry_ac_data_decode,
gcry_ac_data_encrypt_scheme, gcry_ac_data_decrypt_scheme,
gcry_ac_data_sign_scheme, gcry_ac_data_verify_scheme): Use
gcry_ac_io_type_t objects instead of memory strings directly.
2005-03-03 Moritz Schulte <moritz@g10code.com>
* libgcrypt.vers: Added: gcry_ac_data_to_sexp() and
gcry_ac_data_from_sexp().
2005-02-22 Werner Koch <wk@g10code.com>
* global.c (_gcry_malloc): Make sure ERRNO is set if we return
NULL. Remove unneeded initialization of M to allow the compiler
to catch errors.
(gcry_realloc): Make sure ERRNO is set if we return NULL>
2005-02-13 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Declare new functions: gcry_ac_data_encrypt_scheme,
gcry_ac_data_decrypt_scheme, gcry_ac_data_sign_scheme,
gcry_ac_data_verify_scheme, gcry_ac_data_encode,
gcry_ac_data_decode, gcry_ac_data_to_sexp, gcry_ac_data_from_sexp.
New types: gcry_ac_emsa_pkcs_v1_5_t, gcry_ac_ssa_pkcs_v1_5_t,
gcry_md_algo_t.
New enumeration lists: gcry_ac_scheme_t, gcry_ac_em_t.
* libgcrypt.vers: Added new ac functions.
* g10lib.h: Declare function: _gcry_pk_get_elements.
* mpi.h (mpi_get_ui): New macro.
Declare function: _gcry_mpi_get_ui.
2004-11-09 Werner Koch <wk@g10code.com>
* gcrypt.h: Removed 3 trailing commas from enums. Noted by Heiko
Stamer.
2004-09-21 Werner Koch <wk@g10code.de>
* sexp.c (sexp_sscan): Removed C++ style comments. Noted by Yoann
Vandoorselaere.
2004-08-23 Moritz Schulte <moritz@g10code.com>
* global.c: Do not include <assert.h>.
* sexp.c: Likewise.
* module.c: Likewise.
* misc.c: Likewise.
2004-08-18 Moritz Schulte <moritz@g10code.com>
* secmem.c (_gcry_secmem_init): Try to lock pool into core not
only when running with root privileges.
2004-08-16 Werner Koch <wk@g10code.de>
* secmem.h (_gcry_secmem_set_flags,_gcry_secmem_get_flags):
Removed __pure__.
(GCRY_SECMEM_FLAG_NO_WARNING): Put macro value into parens.
* secmem.c (_gcry_secmem_init): Defer printing of the warning.
2004-08-10 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Include <sys/time.h>, thanks to Simon Josefsson.
2004-05-07 Werner Koch <wk@gnupg.org>
* gcrypt.h: Added GCRYCTL_FAST_POLL.
(gcry_fast_random_poll): New.
* global.c (gcry_control) <INITIALIZATION_FINISHED>: Do only basic
random subsystem init.
(gcry_control) <FAST_POLL>: New.
2004-04-22 Marcus Brinkmann <marcus@g10code.de>
* libgcrypt.m4: Quote first argument to AC_DEFUN.
2004-04-15 Werner Koch <wk@gnupg.org>
* secmem.c (_gcry_secmem_malloc_internal): Removed old extra info
error output.
(_gcry_secmem_term): Use wipememory2 here.
* misc.c (_gcry_burn_stack): Use wipememory to avoid optimizations.
* string.c: Removed. Was never used.
* global.c (gcry_strdup): Replaced by the version from string.c
(gcry_xstrdup): Rewritten.
* gcrypt.h: Removed duplicate prototype for gcry_strdup.
2004-03-29 Werner Koch <wk@gnupg.org>
* secmem.c (_gcry_secmem_realloc): Fixed double unlock; bug
manifested itself due to the more rigorous checking in the changed
ath.h
* libgcrypt-config.in (Options): Ignore the obsolete --threads
option for now.
2004-03-17 Marcus Brinkmann <marcus@g10code.de>
* libgcrypt-config.in (includedir, libdir): Quote'em. Use
$gpg_error_cflags and $gpg_error_libs. Fix construction of
$includes.
2004-03-14 Marcus Brinkmann <marcus@g10code.de>
* libgcrypt-config.in (includedir, libdir): New variables. For
--cflags, don't test $cflags. Also check against /include for the
GNU/Hurd. Don't overwrite but extend $cflags_final. Likewise for
--libs.
2004-03-10 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (ltlib_libgcrypt_pthread, ltlib_libgcrypt_pth): Removed.
(lib_LTLIBRARIES): Remove those variables from here.
(libgcrypt_pthread_la_SOURCES, libgcrypt_pthread_la_LDFLAGS,
(libgcrypt_pthread_la_DEPENDENCIES, libgcrypt_pthread_la_LIBADD,
(libgcrypt_pth_la_SOURCES, libgcrypt_pth_la_LDFLAGS,
(libgcrypt_pth_la_DEPENDENCIES, libgcrypt_pth_la_LIBADD,
(noinst_LTLIBRARIES): Removed.
(libgcrypt_real_la_SOURCES): Merge with ...
(libgcrypt_la_SOURCES): ... likewise.
(libgcrypt_real_la_DEPENDENCIES): Merge with ...
(libgcrypt_la_DEPENDENCIES): ... this.
(libgcrypt_real_la_LIBADD): Merge with ...
(libgcrypt_la_LIBADD): ... this.
* libgcrypt-config.in (libs_pthread, libs_pth, cflags_pth)
(cflags_pthread, thread_module, thread_modules): Removed.
(Options): Remove --thread option from help output. If the option
is specified, output an error and exit.
For --cflags and --libs option, remove pth and pthread from output.
* gcrypt.h: Include <sys/types.h> and <sys/socket.h>.
(enum gcry_ctl_cmds): Add GCRYCTL_SET_THREAD_CBS.
(gcry_thread_cbs): New struct.
* global.c (gcry_control): Implement GCRYCTL_SET_THREAD_CBS.
(global_init): Don't call ath_init here.
* ath.h: Rewritten.
* ath.c: Rewritten.
2004-03-06 Werner Koch <wk@gnupg.org>
* libgcrypt-config.in: s/--soname-number/--api-version/
* libgcrypt.m4: Changed test for API version.
2004-03-05 Werner Koch <wk@gnupg.org>
* libgcrypt.m4: Optionally check the SONAME number.
* libgcrypt-config.in: Add option --soname-number
2004-03-01 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (libgcrypt_la_SOURCES): Add ath.c.
* ath.c (ath_init): Add missing function.
* Makefile.am (ath_pth_src): Removed.
(ath_pthread_src): Removed.
(libgcrypt_la_SOURCES): Remove ath-compat, $(ath_pth_src) and
$(ath_pthread_src).
* ath-compat.c, ath-pth-compat.c, ath-pthread-compat.c: Files
removed.
2004-02-20 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRY_PRIME_CHECK_AT_GOT_PRIME)
(GCRY_PRIME_CHECK_AT_FINISH),
(GCRY_PRIME_CHECK_AT_MAYBE_PRIME): New.
2004-02-18 Werner Koch <wk@gnupg.org>
* libgcrypt-config.in: Ignore setting of --prefix.
2004-02-13 Werner Koch <wk@gnupg.org>
* gcrypt.h: Added GCRY_CIPHER_RFC2268_128, alsthough not yet
supported.
2004-02-06 Werner Koch <wk@gnupg.org>
* gcrypt.h: Added GCRY_CIPHER_RFC2268_40.
2004-02-03 Werner Koch <wk@gnupg.org>
* secmem.c (_gcry_secmem_init): Do not print the "not locked into
core warning" if the NO_WARNING flag has been set.
* sexp.c (sexp_sscan): Allocate result in secure memory if BUFFER
is in secure memory. Switch to secure memory for the a secure %b
format item. Extra paranoid wipe on error.
(gcry_sexp_release): Added paranoid wiping for securely allocated
S-expressions.
2004-01-25 Moritz Schulte <mo@g10code.com>
* ath.h: Include <config.h>.
2004-01-12 Moritz Schulte <mo@g10code.com>
* gcrypt.h: Adjusted declarations of: gcry_ac_data_set,
gcry_ac_data_get_name, gcry_ac_data_get_index,
gcry_ac_key_pair_generate, gcry_ac_key_test,
gcry_ac_key_get_nbits, gcry_ac_key_get_grip.
* gcrypt.h (GCRY_AC_FLAG_DATA_NO_BLINDING): Removed symbol.
(GCRY_AC_FLAG_DEALLOC, GCRY_AC_FLAG_COPY)
(GCRY_AC_FLAG_NO_BLINDING): New symbols.
* global.c (gcry_strdup): Removed function.
* string.c: New file.
* Makefile.am (libgcrypt_real_la_SOURCES): Added: string.c.
* string.c (gcry_strdup): New function.
* gcrypt.h (gcry_strdup): Declare.
2003-12-19 Werner Koch <wk@gnupg.org>
* g10lib.h (wipememory, wipememory2): New; taken from gnupg.
2003-11-14 Werner Koch <wk@gnupg.org>
* global.c (gcry_strdup): Don't copy the string after a malloc
error.
2003-11-11 Werner Koch <wk@gnupg.org>
* sexp.c (sexp_sscan): Implemented "%b" format specifier.
2003-11-11 Moritz Schulte <mo@g10code.com>
* libgcrypt.m4: Do not set prefix when calling libgcrypt-config.
Thanks to Nikos Mavroyanopoulos.
2003-11-08 Moritz Schulte <mo@g10code.com>
* cipher.h (small_prime_numbers): Removed declaration.
(PUBKEY_FLAG_NO_BLINDING): Put braces around shift.
2003-11-04 Werner Koch <wk@gnupg.org>
* cipher.h (_gcry_sha1_has_buffer): New.
* gcrypt.h (gcry_create_nonce): New.
2003-10-31 Werner Koch <wk@gnupg.org>
* libgcrypt.vers (_gcry_generate_elg_prime): Removed this symbol;
gnutls does not need it anymore.
* secmem.c (mb_get_new): s/pool/block/ due to global pool.
* misc.c (gcry_set_log_handler): s/logf/f/ to avoid shadowing
warning against a builtin.
* ath-pth-compat.c: cast pth_connect to get rid of the const
prototype.
2003-10-27 Werner Koch <wk@gnupg.org>
* ath.h (ATH_MUTEX_INITIALIZER): Removed spurious semicolon.
2003-10-27 Moritz Schulte <mo@g10code.com>
* libgcrypt-config.in: Include libs/cflags of libgpg-error.
* sexp.c (sexp_sscan): Cleaned up, deallocate scanned sexp on
error.
* module.c (MODULE_ID_MIN): New symbol, use it.
2003-10-27 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_pk_testkey): Doc fix.
2003-09-29 Moritz Schulte <mo@g10code.com>
* libgcrypt-config.in: Fix --algorithms option.
2003-10-23 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_err_code): Use GPG_ERR_INLINE instead of
__inline__.
* secmem.c (lock_pool): Don't print the warning for certain
systems, handle ENOMEM.
2003-10-21 Werner Koch <wk@gnupg.org>
* secmem.c (_gcry_secmem_dump_stats): Fixed format sepcifier for a
size_t. Reported by Stephane Corthesy.
2003-10-10 Werner Koch <wk@gnupg.org>
* global.c (_gcry_malloc): Handle the no_secure_memory option.
* gcrypt.h (gcry_prime_group_generator): New.
(gcry_prime_release_factors): New.
2003-10-07 Werner Koch <wk@gnupg.org>
* sexp.c (sexp_sscan): Check that parenthesis are matching.
2003-09-28 Moritz Schulte <mo@g10code.com>
* g10lib.h: Declare: _gcry_malloc.
(GCRY_ALLOC_FLAG_SECURE): New symbol.
* global.c (_gcry_malloc): New function...
(gcry_malloc): ... use it.
(gcry_malloc_secure): Likewise.
* ath.c: Change License to LGPL.
* ath-pthread-compat.c: Likewise.
* ath-pthread.c: Likewise.
* ath-pth-compat.c: Likewise.
* ath-pth.c: Likewise.
* ath.h: Likewise.
* ath-compat.c: Likewise.
* secmem.c (_gcry_secmem_realloc): Do not forget to release secmem
lock. Thanks to low halo for triggering this bug.
2003-09-04 Werner Koch <wk@gnupg.org>
* gcrypt.h (_GCRY_ERR_SOURCE_DEFAULT): Removed cruft.
(gcry_prime_check_func_t): Renamed arg for clarity.
2003-09-02 Moritz Schulte <mo@g10code.com>
* gcrypt.h (GCRY_PRIME_FLAG_SPECIAL_FACTOR): New symbol.
2003-09-01 Moritz Schulte <mo@g10code.com>
* gcrypt.h (gcry_random_level_t): New type.
(gcry_prime_check_func_t): Likewise.
(GCRY_PRIME_FLAG_SECRET): New symbol.
(gcry_prime_generate, gcry_prime_check): Declare functions.
2003-08-28 Werner Koch <wk@gnupg.org>
* Makefile.am (libgcrypt_pth_la_LDFLAGS): Removed PTH_CFLAGS cruft.
2003-08-27 Moritz Schulte <mo@g10code.com>
* global.c (gcry_control): Remove call to ath_deinit.
* Makefile.am (libgcrypt_real_la_DEPENDENCIES): Fixed.
(libgcrypt_real_la_LIBADD): Fixed.
Removed unecessary variables.
* libgcrypt-config.in: Adjusted script for new thread handling.
* Makefile.am: New version, based on GPGMEs Makefile.am.
* ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c,
ath-pthread.c, ath-pthread-compat.c: New files, merged from GPGME.
* ath.c, ath.h, ath-pthread.c, ath-pth.c: Removed files.
2003-08-08 Moritz Schulte <moritz@g10code.com>
* global.c (gcry_realloc): Remove FIXME about `clearing out
realloced memory', since _gcry_secmem_realloc takes care of
overwriting old memory.
2003-08-07 Werner Koch <wk@gnupg.org>
* module.c (_gcry_module_release): Don't act if module is NULL.
2003-07-30 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (enum gcry_ac_id): Added: GCRY_AC_ELG_E.
Reverted change: use gcry_md_flags enumeration list instead of
defines.
2003-07-29 Werner Koch <wk@gnupg.org>
* global.c (gcry_control): Add GCRYCTL_SET_RANDOM_SEED_FILE and
GCRYCTL_UPDATE_RANDOM_SEED_FILE.
* gcrypt.h: Ditto. Renamed index to idx, so avoid warning
related to the old index function.
2003-07-28 Moritz Schulte <moritz@g10code.com>
* global.c (gcry_err_code_from_errno, gcry_err_code_to_errno)
(gcry_err_make_from_errno, gcry_error_from_errno): New functions.
* gcrypt.h: Declared: gcry_err_code_from_errno,
gcry_err_code_to_errno, gcry_err_make_from_errno,
gcry_error_from_errno.
* Makefile.am (include_HEADERS): Added: gcrypt-module.h.
* gcrypt.h: Include <gcrypt-module.h>.
* gcrypt-module.h: New file.
2003-07-27 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_mpi_scan, gcry_mpi_print): API change.
(gcry_mpi_dump): New.
2003-07-21 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Declared: gcry_ac_key_data_get.
(gcry_pk_spec): Renamed member `sexp_names' into `aliases'.
2003-07-20 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_md_oid_spec_t): New type.
(gcry_md_spec): New member: oids.
2003-07-19 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_cipher_oid_spec_t): New type.
(gcry_cipher_spec): New member: oids;
2003-07-18 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_mpi_set_opaque): Add a warning comment.
2003-07-15 Moritz Schulte <moritz@g10code.com>
* secmem.c (compress_pool): Remove function, since unused blocks
are automatically concatenad.
* gcrypt.h: Bumped version number up to 1.1.42-cvs.
2003-07-14 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_cipher_spec): New member: aliases.
* Makefile.am (noinst_PROGRAMS, testapi_SOURCES, testapai_LDADD,
benchmark_SOURCES, benchmark_LDADD): Removed.
* benchmark.c, testapi.c: Removed files.
* mpi.h: Removed disabled typedef.
* g10lib.h: Likewise.
* benchmark.c, g10lib.h, gcrypt.h, global.c, module.c, sexp.c:
Used gcry_err* wrappers for libgpg-error symbols.
2003-07-12 Moritz Schulte <moritz@g10code.com>
* global.c: Likewise.
* gcrypt.h: New type: gcry_error_t, gcry_err_code_t and
gcry_err_source_t.
(gcry_err_make, gcry_error, gcry_err_code, gcry_err_source): New
functions.
* global.c (gcry_strerror): New function.
(gcry_strsource): New function.
* gcrypt.h: New symbol: GCRY_CIPHER_TWOFISH128.
2003-07-09 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (enum gcry_md_flags): Removed, used define instead,
since that is more common than an enumeration list when it comes
to flags that can be bitwise ORed.
2003-07-08 Moritz Schulte <moritz@g10code.com>
* global.c: Use new types for handlers.
* gcrypt.h: Declare: gcry_ac_data_copy.
2003-07-07 Moritz Schulte <moritz@g10code.com>
* sexp.c (gcry_sexp_build_array): Use dummy argument pointer.
Thanks to Simon Josefsson <jas@extunde.com>.
* gcrypt.h: Declare: gcry_cipher_list, gcry_pk_list, gcry_md_list.
2003-07-05 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Declare: gcry_cipher_register, gcry_cipher_unregister,
gcry_md_register, gcry_md_unregister, gcry_pk_register,
gcry_pk_unregister.
(gcry_cipher_spec): Removed member: algorithm.
(gcry_pk_spec): Likewise.
(gcry_md_spec): Likewise.
Adjusted declarations: gcry_cipher_register, gcry_pk_register,
gcry_md_register.
* module.c: Replaced all occurences of `id' with `mod_id', since
`id' is a keyword in obj-c.
* gcrypt.h (gcry_cipher_spec): Renamed member `id' to `algorithm'.
(gcry_pk_spec): Likewise.
(gcry_md_spec): Likewise.
* cipher.h: Removed types: gcry_pubkey_generate_t,
gcry_pubkey_check_secret_key_t, gcry_pubkey_encrypt_t,
gcry_pubkey_decrypt_t, gcry_pubkey_sign_t, gcry_pubkey_verify_t,
gcry_pubkey_get_nbits_t, gcry_pk_spec_t, gcry_digest_init_t,
gcry_digest_write_t, gcry_digest_final_t, gcry_digest_read_t,
gcry_digest_spec_t, gcry_cipher_setkey_t, gcry_cipher_encrypt_t,
gcry_cipher_decrypt_t, gcry_cipher_stencrypt_t,
gcry_cipher_stdecrypt_t, gcry_cipher_spec_t.
* gcrypt.h: New types: gcry_pk_generate_t,
gcry_pk_check_secret_key_t, gcry_pk_encrypt_t, gcry_pk_decrypt_t,
gcry_pk_sign_t, gcry_pk_verify_t, gcry_pk_get_nbits_t,
gcry_pk_spec_t, gcry_md_init_t, gcry_md_write_t, gcry_md_final_t,
gcry_md_read_t, gcry_md_spec_t, gcry_cipher_setkey_t,
gcry_cipher_encrypt_t, gcry_cipher_decrypt_t,
gcry_cipher_stencrypt_t, gcry_cipher_stdecrypt_t,
gcry_cipher_spec_t, gcry_module_t.
2003-07-04 Moritz Schulte <moritz@g10code.com>
* module.c (_gcry_module_list): New function.
2003-07-02 Moritz Schulte <moritz@g10code.com>
* module.c (_gcry_module_lookup): Fixed typo.
* gcrypt.h: Added all definitions and declarations necessary for
the new ac interface.
2003-06-30 Moritz Schulte <moritz@g10code.com>
* g10lib.h: Added declarations: _gcry_pk_module_lookup,
_gcry_pk_module_release.
2003-06-18 Werner Koch <wk@gnupg.org>
* benchmark.c (cipher_bench): Adjusted for new API of get_blklen
and get_keylen.
* gcrypt.h (gcry_cipher_get_algo_blklen)
(gcry_cipher_get_algo_keylen): Replaced macro by funcion.
2003-06-18 Moritz Schulte <moritz@g10code.com>
* cipher.h: Renamed types GcryDigestSpec, GcryCipherSpec and
GcryPubkeySpec into: gcry_digest_spec_t, gcry_cipher_spec_t and
gcry_pubkey_spec_t.
(gcry_pubkey_spec): Defined member `id' as unsigned.
(gcry_digest_spec): Likewise.
(gcry_cipher_spec): Likewise.
* module.c (_gcry_module_id_new): New function.
(_gcry_module_add): Generate a new ID via _gcry_module_id_new in
case `id' is zero.
* g10lib.h, module.c: Replace old type GcryModule with newer one:
gcry_module_t.
* module.c (_gcry_module_add): Added argument `id', use it.
* g10lib.h: Added declaration: _gcry_module_lookup_id.
(_gcry_module_add): Added argument `id'.
* module.c (_gcry_module_lookup_id): New function.
* g10lib.h (struct gcry_module): New member: id.
* gcrypt.h: New type: gcry_handler_progress_t,
gcry_handler_alloc_t, gcry_haandler_secure_check_t,
gcry_handler_realloc_t, gcry_handler_free_t,
gcry_handler_no_mem_t, gcry_handler_error_t, gcry_handler_log_t.
Use new types.
* cipher.h: Include <gcrypt.h>.
New types: gcry_pk_generate_t, gcry_pk_check_secret_key_t,
gcry_pk_encrypt_t, gcry_pk_decrypt_t, gcry_pk_sign_t,
gcry_pk_verify_t, gcry_pk_get_nbits_t, gcry_md_init_t,
gcry_md_write_t, gcry_md_final_t, gcry_md_read_t,
gcry_cipher_setkey_t, gcry_cipher_encrypt_t,
gcry_cipher_decrypt_t, gcry_cipher_stencrypt_t,
gcry_cipher_stdecrypt_t.
Use new types.
2003-06-17 Moritz Schulte <moritz@g10code.com>
* Makefile.am (AM_CFLAGS): Added: @GPG_ERROR_CFLAGS@.
2003-06-16 Moritz Schulte <moritz@g10code.com>
* g10lib.h: Replace last occurences of old type names with newer
names (i.e. replace MPI with gcry_mpi_t).
* mpi.h: Likewise.
* sexp.c: Likewise.
2003-06-15 Moritz Schulte <moritz@g10code.com>
* testapi.c (test_genkey): Use gpg_strerror instead of
gcry_strerror.
* global.c (gcry_control): Fixed typo.
* misc.c (_gcry_fatal_error): Use gpg_strerror instead of
gcry_strerror.
* types.h (STRLIST): Removed type since it is not used.
2003-06-11 Moritz Schulte <moritz@g10code.com>
* global.c (global_init): Call: _gcry_cipher_init, _gcry_md_init,
_gcry_pk_init.
* g10lib.h: Declare: _gcry_cipher_init, _gcry_md_init,
_gcry_pk_init.
* global.c (gcry_strerror): Remove compatibility code.
* Makefile.am: Remove support libgpg-error special handling.
(AM_CPPFLAGS): Add @GPG_ERROR_CFLAGS@
* gcrypt.h: Likewise.
2003-06-13 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_md_get_algo): Reverted to old API. This is a
convenience function anyway and error checking is not approriate.
(gcry_md_is_enabled): New.
(gcry_md_is_secure): Replaced macro by function and reverted to old
API.
2003-06-11 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRYERR): Define _GCRY_ERR_SOURCE_DEFAULT instead of
GPG_ERR_SOURCE_DEFAULT, so that libgpg-error still works despite
the use of the old gcrypt error codes.
(gcry_md_copy): Swapped arguments.
2003-06-09 Moritz Schulte <moritz@g10code.com>
* Makefile.am: Support for libgpg-error.
2003-06-08 Moritz Schulte <moritz@g10code.com>
* sexp.c (gcry_sexp_create): Expect sane error values from
gcry_sexp_canon_len instead of the `historical' values.
2003-06-07 Moritz Schulte <moritz@g10code.com>
* ath.c, ath.c, ath-pth.c, ath-pthread.c, benchmark.c, cipher.h,
g10lib.h, gcrypt.h, global.c, misc.c, missing-string.c, module.c,
mpi.h, secmem.c, secmem.h, sexp.c, stdmem.c, stdmem.h, testapi.c,
types.h: Edited all preprocessor instructions to remove whitespace
before the '#'. This is not required by C89, but there are some
compilers out there that don't like it. Replaced any occurence of
the now deprecated type names with the new ones.
* gcrypt.h: Re-organized checking for gcc features; New macro:
_GCRY_GCC_ATTR_DEPRECATED.
Include copy of libgpg-error's gpg-error.h in order to make it
easy to build libgcrypt without needing libgpg-error.h.
(GCRY_MPI, GcryMPI, GCRY_SEXP, GcrySexp, GCRY_CIPHER_HD,
GcryCipherHd, GCRY_MD_HD, GcryMDHd): Declared deprecated.
(gcry_mpi_t, gcry_sexp_t, gcry_cipher_hd_t, gcry_md_hd_t): New
types.
2003-06-04 Moritz Schulte <moritz@g10code.com>
* sexp.c (sexp_sscan): New argument: arg_list, adjusted all
callers.
(ARG_NEXT): New macro.
(sexp_sscan): Use ARG_NEXT for receiving format string arguments.
(gcry_sexp_build_array): New function.
2003-06-02 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Added some comments describing the gcry_sexp_*
functions.
Include <gpg-error.h> instead of <gpg/error.h>.
2003-06-01 Moritz Schulte <moritz@g10code.com>
* sexp.c (OLDPARSECODE): Removed macro...
(gcry_sexp_canon_len): ... and do not use it.
* gcrypt.h (gcry_errno): Removed declaration.
* g10lib.h (string_to_pubkey_algo, pubkey_algo_to_string,
pubkey_nbits): Removed declarations for non-existing functions.
2003-05-31 Moritz Schulte <moritz@g10code.com>
* cipher.h (is_RSA, is_ELGAMAL): Removed macros.
* g10lib.h (set_lasterr): Removed macro.
(_gcry_set_lasterr): Removed declaration.
* gcrypt.h: Changed declarations for: gcry_pk_algo_info,
gcry_md_open, gcry_md_copy, gcry_md_algo_info, gcry_md_info,
gcry_md_get_algo, gcry_random_add_bytes.
(gcry_md_is_secure): Adjust macro for new API.
2003-05-29 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Changed declarations for: gcry_cipher_open,
gcry_cipher_info, gcry_cipher_algo_info.
(gcry_cipher_get_algo_keylen): Adjuster for new
gcry_cipher_algo_info interface.
(gcry_cipher_get_algo_blklen): Likewise.
* global.c (gcry_errno): Removed function.
(gcry_strerror): Do not use gcry_errno.
(_gcry_set_lasterr): Removed function.
(last_ec): Removed variable.
2003-05-27 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (enum gcry_cipher_algos): Make Serpent IDs do not
conflict with OpenPGP. Reported by Timo Schulz.
* global.c (gcry_control): Fixed name of enum list.
2003-05-25 Moritz Schulte <moritz@g10code.com>
* cipher.h (gcry_cipher_spec): Adjust return type of `setkey' for
libgpg-error.
(gcry_pubkey_spec): Adjust return type of `generate',
`check_secret_key', `encrypt', `decrypt', `sign' and `verify' for
libgpg-error.
* sexp.c (gcry_sexp_canon_len): Adjusted for libgpg-error.
(gcry_sexp_create): Likewise.
(gcry_sexp_new): Likewise.
(sexp_sscan): Likewise.
(gcry_sexp_build): Likewise.
(gcry_sexp_sscan): Likewise.
* module.c (_gcry_module_add): Likewise.
* global.c (last_ec): Change type to gpg_error_t.
(gcry_control): Adjust for libgpg-error.
(gcry_errno): Likewise.
(gcry_strerror): Likewise.
(_gcry_set_lasterr): Likewise.
(gcry_xmalloc): Likewise.
(gcry_xrealloc): Likewise.
2003-05-22 Moritz Schulte <moritz@g10code.com>
* types.h: Merged code from GnuPG regarding U64_C.
* missing-string.c (strsep): Removed function.
* g10lib.h: Removed declarations: strsep, strlwr.
* secmem.c (secmem_lock): New variable.
(SECMEM_LOCK, SECMEM_UNLOCK): New macros.
(_gcry_secmem_set_flags): Use SECMEM_LOCK and SECMEM_UNLOCK.
(_gcry_secmem_get_flags): Likewise.
(_gcry_secmem_init): Likewie.
(_gcry_secmem_malloc): Likewise.
(_gcry_secmem_free): Likewise.
(_gcry_secmem_malloc): Renamed to ...
(_gcry_secmem_malloc_internal): ... this.
(_gcry_secmem_malloc): New function, use SECMEM_LOCK,
SECMEM_UNLOCK, call _gcry_secmem_malloc_internal.
(_gcry_secmem_free): Renamed to ...
(_gcry_secmem_free_internal): ... this.
(_gcry_secmem_free): New function, use SECMEM_LOCK, SECMEM_UNLOCK,
call _gcry_secmem_free_internal.
(_gcry_secmem_realloc): Use SECMEM_LOCK, SECMEM_UNLOCK, call
_gcry_secmem_malloc_internal and _gcry_secmem_free_internal.
(_gcry_private_is_secure): Use SECMEM_LOCK, SECMEM_UNLOCK.
(_gcry_secmem_dump_stats): Likewise.
(_gcry_secmem_malloc_internal): Removed unused variable:
compressed.
Include "ath.h".
2003-05-21 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (GCRY_CIPHER_SERPENT128, GCRY_CIPHER_SERPENT192,
GCRY_CIPHER_SERPENT256): New symbols.
2003-05-19 Moritz Schulte <moritz@g10code.com>
* gcrypt.h: Reversed changes from 2003-03-03 since they would have
been an unnecessary ABI break.
2003-05-13 Moritz Schulte <moritz@g10code.com>
* secmem.c (stats_update): New function.
(BLOCK_HEAD_SIZE): New symbol.
(MB_FLAG_ACTIVE): New symbol.
(ADDR_TO_BLOCK, BLOCK_VALID): New macros.
(mb_get_next): New function.
(mb_get_prev): New function.
(mb_merge): New function.
(mb_get_new): New function.
(unused_blocks): Removed variable.
(init_pool): Initialize new memory pool.
(_gcry_secmem_malloc): Use new heap management code.
(_gcry_secmem_free): Likewise.
(_gcry_secmem_realloc): Likewise.
Renamed type MEMBLOCK to memblock_t.
2003-04-27 Moritz Schulte <moritz@g10code.com>
* cipher.h (gcry_pubkey_spec): New member: sexp_names.
2003-04-23 Moritz Schulte <moritz@g10code.com>
* cipher.h (gcry_pubkey_spec): Removed members: npkey, nskey,
nenc, nsig.
(gcry_pubkey_spec): Added members: elements_pkey, elements_skey,
elements_enc, elements_sig, elements_grip.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* g10lib.h (GcryModule): New typedef.
* gcrypt.h (gcry_cipher_register, gcry_cipher_unregister,
gcry_digest_register, gcry_digest_unregister,
gcry_pubkey_register, gcry_pubkey_unregister): Function
declarations removed - for now.
* gcrypt.h (GcryModule): Declaration removed.
* gcrypt.h (GcryPubkeySpec, GcryDigestSpec, GcryCipherSpec):
Types Moved...
* cipher.h: ... here.
2003-04-17 Moritz Schulte <moritz@g10code.com>
* cipher.h: Declare digest_spec_sha512 and digest_spec_384.
2003-04-16 Moritz Schulte <moritz@g10code.com>
* module.c (_gcry_module_use): New function.
* g10lib.h (_gcry_module_use): Declare function.
* libgcrypt-config.in: Support for --algorithms switch, which
prints the algorithms included in the built libgcrypt.
* global.c (gcry_set_progress_handler): Register progress
functions depending on the enabled algorithms.
2003-04-07 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libgcrypt_la_SOURCES): Added module.c
* module.c: New file.
(_gcry_module_add): New function.
(_gcry_module_drop): New function.
(_gcry_module_lookup): New function.
(_gcry_module_release): New function.
* g10lib.h (GcryModule): New types.
(FLAG_MODULE_DISABLED): New symbol.
Added declarations for _gcry_module_add, _gcry_module_release and
_gcry_module_lookup.
* gcrypt.h: New types: GcryPubkeySpec, GcryDigestSpec,
GcryCipherSpec.
Added declarations for: gcry_cipher_register,
gcry_cipher_unregister, gcry_digest_register,
gcry_digest_unregister, gcry_pubkey_register and
gcry_pubkey_unregister.
* cipher.h: Removed symbols: CIPHER_ALGO_NONE, CIPHER_ALGO_IDEA,
CIPHER_ALGO_3DES, CIPHER_ALGO_CAST5, CIPHER_ALGO_BLOWFISH,
CIPHER_ALGO_SAFER_SK128, CIPHER_ALGO_DES_SK, CIPHER_ALGO_TWOFISH,
CIPHER_ALGO_TWOFISH_OLD, CIPHER_ALGO_DUMMY, PUBKEY_USAGE_SIG,
PUBKEY_USAGE_ENC, DIGEST_ALGO_MD5, DIGEST_ALGO_SHA1,
DIGEST_ALGO_RMD160, DIGEST_ALGO_TIGER, PUBKEY_ALGO_RSA,
PUBKEY_ALGO_RSA_E, PUBKEY_ALGO_RSA_S, PUBKEY_ALGO_DSA,
PUBKEY_ALGO_ELGAMAL, PUBKEY_ALGO_ELGAMAL_E.
2003-04-02 Moritz Schulte <moritz@g10code.com>
* benchmark.c (md_bench): Fix error message.
2003-03-31 Moritz Schulte <moritz@g10code.com>
* benchmark.c (cipher_bench): Added CTR mode.
2003-03-30 Simon Josefsson <jas@extundo.com>
* gcrypt.h (enum gcry_control_cmds): Add GCRY_SET_CTR.
(enum gcry_cipher_modes): Add GCRY_CIPHER_MODE_CTR.
(gcry_cipher_setctr): New macro to set counter.
2003-03-19 Moritz Schulte <moritz@g10code.com>
* cipher.h (PUBKEY_FLAG_NO_BLINDING): New symbol.
2003-03-22 Simon Josefsson <jas@extundo.com>
* gcrypt.h: Add GCRYCTL_SET_CBC_MAC and GCRY_CIPHER_CBC_MAC.
2003-03-19 Werner Koch <wk@gnupg.org>
* g10lib.h: Adjusted primegen.c prototypes.
2003-03-12 Werner Koch <wk@gnupg.org>
* sexp.c (sexp_sscan): Initialize NM. Thanks to Ian Peters for
valgrinding this.
2003-03-06 Moritz Schulte <mo@g10code.com>
* secmem.h (GCRY_SECMEM_FLAG_NO_WARNING,
GCRY_SECMEM_FLAG_SUSPEND_WARNING): New symbols.
* global.c (gcry_control): Use
GCRY_SECMEM_FLAG_{NO,SUSPEND}_WARNING, instead of hard-coded
values.
* secmem.c (_gcry_secmem_set_flags): Likewise.
* secmem.c (_gcry_secmem_get_flags): Likewise.
2003-03-03 Moritz Schulte <moritz@g10code.com>
* misc.c: Removed old FIXME, since there is already a function to
set the value of `verbosity_level'.
* gcrypt.h: Removed enumeration list: gcry_ctl_cmds.
New enumeration lists: gcry_global_control_cmds,
gcry_control_cmds, gcry_info_cmds, gcry_algo_info_cmds.
2003-03-02 Moritz Schulte <moritz@g10code.com>
* gcrypt.h (gcry_cipher_reset): New macro for resetting a handle.
2003-02-28 Moritz Schulte <moritz@g10code.com>
* secmem.c (DEFAULT_PAGESIZE): New symbol.
(init_pool): Use DEFAULT_PAGESIZE.
2003-02-23 Moritz Schulte <moritz@g10code.com>
* secmem.h: Fix typo in declaration of _gcry_secmem_term.
* sexp.c: Move macro definitions of `digitp', `octdigit', `alphap'
and `hexdigit' ...
* g10lib.h: ... here.
* misc.c (_gcry_burn_stack): New function (former name:
burn_stack).
* g10lib.h (burn_stack): Declare _gcry_burn_stack().
2003-01-24 Werner Koch <wk@gnupg.org>
* global.c (gcry_set_progress_handler): Register a random progress
handler.
2003-01-23 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRY_ENABLE_QUICK_RANDOM): New.
* global.c (gcry_control): Make use of it.
2003-01-21 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_random_add_bytes): Add QUALITY argument.
2003-01-21 Timo Schulz <twoaday@freakmail.de>
* gcrypt.h (gcry_random_add_bytes): New.
2003-01-20 Simon Josefsson <jas@extundo.com>
* gcrypt.h (gcry_md_algos): Add GCRY_MD_CRC32,
GCRY_MD_CRC32_RFC1510, GCRY_MD_CRC24_RFC2440.
2003-01-16 Werner Koch <wk@gnupg.org>
* gcrypt.h (gcry_md_write): Changed type of 2nd argument to void*.
(gcry_md_hash_buffer): Changed type of both buffers to void*.
(gcry_md_setkey): Changed type of 2nd argument to void*.
(gcry_md_get_asnoid): New.
2003-01-15 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_length): Fixed. This was seriously broken.
2003-01-14 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRYERR_INV_FLAG), global.c (gcry_strerror): New.
2003-01-02 Werner Koch <wk@gnupg.org>
* libgcrypt.vers: Temporary export _gcry_generate_elg_prime for
use by GNUTLS.
2002-12-21 Werner Koch <wk@gnupg.org>
* gcrypt.h: Make use of gcc's pure and malloc attributes
(gcry_md_putc): Use a helper variable to avoid multiple
evaluation of H.
* g10lib.h, stdmem.h, secmem.h: Use gcc attributes pure and malloc.
* stdmem.c (use_m_guard): Don't default to yes.
2002-12-19 Werner Koch <wk@gnupg.org>
* global.c (global_init): The meat was never run due to a faulty
check. Thanks to Nikos for pointing this out.
* global.c (gcry_control): Return 1 and not -1 for the
initialization tests.
* libgcrypt.vers: New.
* Makefile.am: Use this instead of the build symbol file.
* global.c (gcry_control) <initialization>: Call the random module
initializer to make sure that the pool lock flag has been
initialized.
2002-12-09 Werner Koch <wk@gnupg.org>
* global.c (gcry_calloc,gcry_calloc_secure): Check for overflow.
Noted by Florian Weimer.
2002-11-10 Simon Josefsson <jas@extundo.com>
* gcrypt.h (gcry_ctl_cmds): New GCRYCTL_SET_CBC_CTS control flag.
(gcry_cipher_flags): New GCRY_CIPHER_CBC_CTS gcry_cipher_open() flag.
(gcry_cipher_cts): New macro for toggling CTS.
2002-11-10 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRY_MD_MD4): New. We use a non OpenPGP value here.
2002-09-20 Werner Koch <wk@gnupg.org>
* ath.c: Include sys.time.h if sys/select.h does not exist.
(ath_select, ath_waitpid): Shortcut for Windows.
* ath.h: Include some Windows headers. By Timo.
2002-09-18 Werner Koch <wk@gnupg.org>
* ath.h: Prefix ath_deinit.
2002-09-17 Werner Koch <wk@gnupg.org>
* benchmark.c: New.
(mpi_bench, do_powm): Add a a simple test for RSA.
* global.c (global_init): New. Use it instead of the setting
any_init_done. Initialize the ATH system.
(gcry_check_version): Hook global_init in. This is the suggested
way to initialize the library.
(_gcry_no_internal_locking): Removed. We simply call a ath_deinit
and leave it to ATH to disbale the locking.
* ath.c, ath.h, ath-pth.c, ath-pthread.c: New. Taken from GPGME.
* mutex.h: Removed.
* Makefile.am (ath_components): New.
2002-09-16 Werner Koch <wk@gnupg.org>
* secmem.c (_gcry_secmem_dump_stats): Replaced fprintf by log_*.
2002-08-23 Werner Koch <wk@gnupg.org>
* missing-string.c: Removed unneeded strlwr.
* libgcrypt.m4: Made much more simple.
* libgcrypt-config.in: Made --prefix work for --libs.
2002-08-14 Werner Koch <wk@gnupg.org>
* gcrypt.h: Add GCRY_CIPGER_DES. Included string.h for size_t.
Suggested by Simon Josefsson.
2002-07-25 Werner Koch <wk@gnupg.org>
* cipher.h: Added prototypes for progress functions.
* global.c: Include cipher.h for those prototypes.
* stdmem.c (_gcry_private_realloc): Replaced void* by char * for
pointer arithmetic reasons. Noted by Stephan Austermuehle.
2002-06-24 Werner Koch <wk@gnupg.org>
* missing-string.c: Include ctype.h.
* gcrypt.h (gcry_mpi_invm, gcry_mpi_div, gcry_mpi_mod)
(gcry_mpi_swap): New.
2002-06-18 Werner Koch <wk@gnupg.org>
* gcrypt.h: Added a bunch of brief function descriptions.
2002-05-21 Werner Koch <wk@gnupg.org>
* misc.c (_gcry_log_printf): Don't initialize a va_list. Noted by
Jeff Johnson.
* global.c (gcry_set_progress_handler): New.
* gcrypt.h: Replaced the typedef for byte.
2002-05-16 Werner Koch <wk@gnupg.org>
* missing-string.c: New.
* gcrypt.h: Add new error codes GCRYERR_SEXP_ and typedefs
GcryMPI, GcrySexp, GcryCipherHd, GcryMDHd as aliases for the old
ones using an underscore.
* global.c (gcry_strerror): Add strings fro the new error codes.
* sexp.c (gcry_sexp_canon_len): Use a macro to convert from new to
old error codes.
(gcry_sexp_create,gcry_sexp_new): New.
2002-05-15 Werner Koch <wk@gnupg.org>
* mutex.h (DEFINE_LOCAL_MUTEX): Macro to define a mutex and
initialize it so that we can detect an unitialized mutex and don't
read from stdin.
2002-05-14 Werner Koch <wk@gnupg.org>
Changed license of all files to the LGPL.
2002-05-07 Werner Koch <wk@gnupg.org>
* global.c (gcry_control): Add commands
GCRYCTL_ANY_INITIALIZATION_P and GCRYCTL_INITIALIZATION_FINISHED_P
so that other libraries are able to check for required
initializations.
2002-05-02 Werner Koch <wk@gnupg.org>
* gcrypt.h (GCRYCTL_DISABLE_INTERNAL_LOCKING): New.
* global.c (gcry_control): Implement it.
(_gcry_no_internal_locking): New.
* mutex.h: Prefixed all fucntions with _gcry_. Bypass all
functions when desired.
* gcrypt.h (GCRYCTL_DISABLE_SECMEM): New.
* global.c (gcry_control,gcry_malloc_secure,gcry_is_secure):
Implement it here.
* secmem.c (_gcry_private_is_secure): Return false if the pool is
not initialized.
* gcrypt.h (GCRYCTL_INITIALIZATION_FINISHED): New.
* gcrypt.h (gcry_cipher_algos): Replaced RINDAEL by AES and change
the macros to expand from rijdael to aes.
* stdmem.c (_gcry_private_malloc): Return NULL for 0 byte allocation.
(_gcry_private_malloc_secure): Ditto.
* g10lib.h: Copied the JNLIB_GCC macros from ../jnlib/mischelp.h
and removed the inclusion of that file.
2002-04-15 Werner Koch <wk@gnupg.org>
* global.c (gcry_strdup): New.
2002-03-18 Werner Koch <wk@gnupg.org>
* mutex.h: New file with a portable thread mutex implementation
written by Marcus Brinkmann. Taken from GPGME.
2002-02-18 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_sscan): Don't initialize the dummy
variable. Suggested by Jordi Mallach.
2002-01-31 Werner Koch <wk@gnupg.org>
* sexp.c (suitable_encoding,convert_to_hex,convert_to_string)
(convert_to_token): New.
(gcry_sexp_sprint): Better formatting of advanced encoding, does
now insert LFs and escapes all unprintable characters.
(unquote_string): New.
(sexp_sscan): Implemented the missing conversion of quoted strings.
2002-01-26 Werner Koch <wk@gnupg.org>
* libgcrypt-config.in: Add copyright notice.
2002-01-11 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_canon_len): Fixed last change.
2002-01-01 Timo Schulz <ts@winpt.org>
* stdmem.c (_gcry_private_realloc): If pointer is NULL now realloc
behaves like malloc.
2001-12-20 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_canon_len): Describe the error codes and
return an error if this is not a S-Exp; i.e. it does not start
with an open parenthesis.
2001-12-18 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_canon_len): Fixed the test on NULL buffer.
* Makefile.am (DISTCLEANFILES): Include libgcrypt.sym
* sexp.c: Removed the commented test code because we now have a
test in ../tests/
2001-12-17 Werner Koch <wk@gnupg.org>
* sexp.c (gcry_sexp_canon_len): New.
2001-12-11 Werner Koch <wk@gnupg.org>
* gcrypt.h: Fixed AES128 macro, add enum for OFB mode.
2001-12-05 Werner Koch <wk@gnupg.org>
* misc.c (_gcry_log_printf): New.
* sexp.c (dump_string,gcry_sexp_dump): Use logging functions
instead of stderr.
2001-11-16 Werner Koch <wk@gnupg.org>
* gcrypt.h: New constant GCRYCTL_IS_ALGO_ENABLED.
2001-10-02 Werner Koch <wk@gnupg.org>
* gcrypt.h: Removed a couple of trailing commas.
2001-08-28 Werner Koch <wk@gnupg.org>
* sexp.c (sexp_sscan): Add an argument to enable the
arg_ptr. Changed all callers. Suggested by Tom Holroyd.
2001-08-03 Werner Koch <wk@gnupg.org>
* global.c (gcry_strerror): Updated list of error codes.
2001-07-23 Werner Koch <wk@gnupg.org>
* gcrypt.h: Replaced the last ulong. Noted by Rami Lehti.
2001-05-31 Werner Koch <wk@gnupg.org>
* gcrypt.h, mpi.h: Made some mpi functions public.
* wrapper.c: Removed.
* global.c: Renamed all g10_ prefixed functions which had wrappers
to gcry_xxx. So we now use the exported memory functions inernally.
Renamed all g10_ prefixed functions to _gcry_ prefixed ones.
* g10lib.h (_GCRYPT_IN_LIBGCRYPT): Replace defintion by a test on it.
2001-05-28 Werner Koch <wk@gnupg.org>
* libgcrypt.m4: Check GCRYPT_VERSION macro and not LIBGCRYPT_VERSION.
* mpi.h: Removed mpi_fromstr prototype.
2001-01-11 Werner Koch <wk@gnupg.org>
* Makefile.am (libgcrypt_la_SOURCES): Add mpi.h
2000-12-19 Werner Koch <wk@gnupg.org>
* types.h: Moved from ../include to here.
Major change:
Removed all GnuPG stuff and renamed this piece of software
to gcrypt.
2000-11-14 Werner Koch <wk@gnupg.org>
* mpi.h: Moved to ../mpi.
* Makefile.am (OMIT_DEPENDENCIES): Hack to work around dependency
problems.
2000-10-11 Werner Koch <wk@gnupg.org>
* mpi.h: Changed the way mpi_limb_t is defined.
2000-10-10 Werner Koch <wk@gnupg.org>
* Makefile.am: Take version-info from configure.
2000-10-09 Werner Koch <wk@gnupg.org>
* gcrypt.h: New cipher mode, new algo Arcfour and new error code
GCRYERR_INV_CIPHER_MODE.
* global.c (gcry_strerror): New errorcode.
Wed Oct 4 13:16:18 CEST 2000 Werner Koch <wk@openit.de>
* gcrypt.h (gcry_md_setkey): Replaced macro by function prototype.
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* gcrypt.h (GCRYCTL_GET_ALGO_USAGE): New.
* secmem.c (secmem_realloc): check for failed secmem_malloc. By
Matt Kraai.
Mon Jul 31 10:04:47 CEST 2000 Werner Koch <wk@openit.de>
* sexp.c: Removed the datalen fields from list tags.
(gcry_sexp_car_data,gcry_sexp_cdr_data,gcry_sexp_car_mpi,
gcry_sexp_cdr_mpi): Removed.
(gcry_sexp_nth,gcry_sexp_nth_data,gcry_sexp_nth_mpi): New.
Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de>
* sexp.c (sexp_sscan): Fixed reallocation to secure memory.
(new_empty_list): Removed
(gcry_sexp_length): New.
(gcry_sexp_enum): Removed.
(normalize): New. Reworked the whole thing to use NULL for an empty list.
(make_space): New instead of the macro.
Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
* sexp.c: Major rewrite.
(gcry_sexp_sscan): Reordered arguments. Moved functionality to ..
(sexp_sscan): .. this.
(gcry_sexp_build): New.
(gcry_sexp_new_name_mpi, gcry_sexp_new_name_data, gcry_sexp_new_data,
gcry_sexp_new_mpi): Removed.
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
* gcrypt.h (gcry_md_start_debug, gcry_md_stop_debug): New.
(gcry_ctl_cmds): New control values
* sexp.c (gcry_sexp_sscan): Add hex format parsing.
* secmem.c (lock_pool): Check for ENOSYS return my mlock() on old SCOs.
(pool_is_mmapped): Made volatile.
(lock_pool): No more warning for QNX. By Sam Roberts.
(lock_pool,secmem_init): Additional check for dropped privs.
2000-03-21 09:18:48 Werner Koch (wk@habibti.gnupg.de)
* gcrypt.h (gcry_md_setkey): New.
(GCRY_MD_FLAG_HMAC): New.
Mon Jan 31 16:37:34 CET 2000 Werner Koch <wk@gnupg.de>
* Makefile.am: Add g10lib.h
Thu Jan 27 18:00:44 CET 2000 Werner Koch <wk@gnupg.de>
* sexp.c (gcry_sexp_sscan): Allow NULL for erroff.
Mon Jan 24 22:24:38 CET 2000 Werner Koch <wk@gnupg.de>
* sexp.c (gcry_sexp_alist): New.
Mon Jan 24 13:04:28 CET 2000 Werner Koch <wk@gnupg.de>
* secmem.c: Moved from ../util to here.
* secmem.h: New.
* stdmem.c: New. Based on the old ../util/memory.c.
* stdmem.h: New.
Wed Dec 8 21:58:32 CET 1999 Werner Koch <wk@gnupg.de>
* gcrypt.m4: New.
* gcrypt-config: New.
* mpi.h (mpi_get_nbit_info): Removed
(mpi_set_nbit_info): Removed.
(struct gcry_mpi): Removed the nbits field.
* misc.c (g10_log_verbosity): New.
* global.c (g10_xstrdup): New.
* mpiapi.c: Removed.
* mpi.h: Moved from ../include to here. Removed some obsolete
prototypes and the iobuf.h header.
* cipher.h: Moved from ../include to here. Removed the mpi.h header.
* g10lib.h: Moved from ../include to here.
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* sexp.c (dump_string): New. Taken from gnupg/util/miscutil.c.
(do_dump_list): s/print_string/dump_string/.
* testapi.c: New.
* mpiapi.c (gcry_mpi_randomize): Use new random API.
Sat Nov 13 17:44:23 CET 1999 Werner Koch <wk@gnupg.de>
* gloabl.c (gcry_control): Add cases for dumping random
and secmem stats.
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* pkapi.c: Removed.
* symapi.c: Removed.
* g10lib.h: Moved to ../include.
* mdapi.c: Removed.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* sexp.c: New.
Tue Dec 8 13:15:16 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* gcrypt.h: New
* mpiapi.c: New
Copyright (C) 1998,1999,2000,2001,2002,2003
2004, 2005 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/src/missing-string.c b/src/missing-string.c
index 5e43b2a8..a5e56c3f 100644
--- a/src/missing-string.c
+++ b/src/missing-string.c
@@ -1,152 +1,55 @@
/* missing-string.c - missing string utilities
* Copyright (C) 1994, 1998, 1999, 2000, 2001,
* 2003 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include "g10lib.h"
#ifndef HAVE_STPCPY
char *
stpcpy(char *a,const char *b)
{
while( *b )
*a++ = *b++;
*a = 0;
return (char*)a;
}
#endif
#ifndef HAVE_STRCASECMP
int
strcasecmp( const char *a, const char *b )
{
for( ; *a && *b; a++, b++ ) {
if( *a != *b && toupper(*a) != toupper(*b) )
break;
}
return *(const byte*)a - *(const byte*)b;
}
#endif
-
-#ifdef __MINGW32__
-/*
- * Like vsprintf but provides a pointer to malloc'd storage, which
- * must be freed by the caller (gcry_free). Taken from libiberty as
- * found in gcc-2.95.2 and a little bit modernized.
- * FIXME: Write a new CRT for W32.
- */
-int
-vasprintf ( char **result, const char *format, va_list args)
-{
- const char *p = format;
- /* Add one to make sure that it is never zero, which might cause malloc
- to return NULL. */
- int total_width = strlen (format) + 1;
- va_list ap;
-
- /* this is not really portable but works under Windows */
- memcpy ( &ap, &args, sizeof (va_list));
-
- while (*p != '\0')
- {
- if (*p++ == '%')
- {
- while (strchr ("-+ #0", *p))
- ++p;
- if (*p == '*')
- {
- ++p;
- total_width += abs (va_arg (ap, int));
- }
- else
- {
- char *endp;
- total_width += strtoul (p, &endp, 10);
- p = endp;
- }
- if (*p == '.')
- {
- ++p;
- if (*p == '*')
- {
- ++p;
- total_width += abs (va_arg (ap, int));
- }
- else
- {
- char *endp;
- total_width += strtoul (p, &endp, 10);
- p = endp;
- }
- }
- while (strchr ("hlL", *p))
- ++p;
- /* Should be big enough for any format specifier except %s
- and floats. */
- total_width += 30;
- switch (*p)
- {
- case 'd':
- case 'i':
- case 'o':
- case 'u':
- case 'x':
- case 'X':
- case 'c':
- (void) va_arg (ap, int);
- break;
- case 'f':
- case 'e':
- case 'E':
- case 'g':
- case 'G':
- (void) va_arg (ap, double);
- /* Since an ieee double can have an exponent of 307, we'll
- make the buffer wide enough to cover the gross case. */
- total_width += 307;
-
- case 's':
- total_width += strlen (va_arg (ap, char *));
- break;
- case 'p':
- case 'n':
- (void) va_arg (ap, char *);
- break;
- }
- }
- }
- *result = gcry_malloc (total_width);
- if (*result != NULL)
- return vsprintf (*result, format, args);
- else
- return 0;
-}
-
-#endif /*__MINGW32__*/
-
diff --git a/tests/basic.c b/tests/basic.c
index 85f7ef5b..abaebfee 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -1,1990 +1,1993 @@
/* basic.c - basic regression tests
* Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include "../src/gcrypt.h"
typedef struct test_spec_pubkey_key
{
const char *secret;
const char *public;
const char *grip;
}
test_spec_pubkey_key_t;
typedef struct test_spec_pubkey
{
int id;
int flags;
test_spec_pubkey_key_t key;
}
test_spec_pubkey_t;
#define FLAG_CRYPT (1 << 0)
#define FLAG_SIGN (1 << 1)
#define FLAG_GRIP (1 << 2)
static int verbose;
static int error_count;
static void
fail (const char *format, ...)
{
va_list arg_ptr;
va_start (arg_ptr, format);
vfprintf (stderr, format, arg_ptr);
va_end (arg_ptr);
error_count++;
}
static void
die (const char *format, ...)
{
va_list arg_ptr;
va_start (arg_ptr, format);
vfprintf (stderr, format, arg_ptr);
va_end (arg_ptr);
exit (1);
}
#define MAX_DATA_LEN 100
void
progress_handler (void *cb_data, const char *what, int printchar,
int current, int total)
{
(void)cb_data;
(void)what;
(void)current;
(void)total;
if (printchar == '\n')
fputs ( "<LF>", stdout);
else
putchar (printchar);
fflush (stdout);
}
static void
check_cbc_mac_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
unsigned char plaintext[MAX_DATA_LEN];
size_t plaintextlen;
char mac[MAX_DATA_LEN];
}
tv[] =
{
{ GCRY_CIPHER_AES,
"chicken teriyaki",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\x23\x8f\x6d\xc7\x53\x6a\x62\x97\x11\xc4\xa5\x16\x43\xea\xb0\xb6" },
{ GCRY_CIPHER_3DES,
"abcdefghABCDEFGH01234567",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\x5c\x11\xf0\x01\x47\xbd\x3d\x3a" },
{ GCRY_CIPHER_DES,
"abcdefgh",
"This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
0, "\xfa\x4b\xdf\x9d\xfa\xab\x01\x70" }
};
gcry_cipher_hd_t hd;
unsigned char out[MAX_DATA_LEN];
int i, blklen, keylen;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting CBC MAC checks.\n");
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hd,
tv[i].algo,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_MAC);
if (!hd)
{
fail ("cbc-mac algo %d, grcy_open_cipher failed: %s\n",
tv[i].algo, gpg_strerror (err));
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("cbc-mac algo %d, gcry_cipher_get_algo_blklen failed\n",
tv[i].algo);
gcry_cipher_close (hd);
return;
}
keylen = gcry_cipher_get_algo_keylen (tv[i].algo);
if (!keylen)
{
fail ("cbc-mac algo %d, gcry_cipher_get_algo_keylen failed\n",
tv[i].algo);
return;
}
err = gcry_cipher_setkey (hd, tv[i].key, keylen);
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_setkey failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_setiv failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking CBC MAC for %s [%i]\n",
gcry_cipher_algo_name (tv[i].algo),
tv[i].algo);
err = gcry_cipher_encrypt (hd,
out, blklen,
tv[i].plaintext,
tv[i].plaintextlen ?
tv[i].plaintextlen :
strlen ((char*)tv[i].plaintext));
if (err)
{
fail ("cbc-mac algo %d, gcry_cipher_encrypt failed: %s\n",
tv[i].algo, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
#if 0
{
int j;
for (j = 0; j < gcry_cipher_get_algo_blklen (tv[i].algo); j++)
printf ("\\x%02x", out[j] & 0xFF);
printf ("\n");
}
#endif
if (memcmp (tv[i].mac, out, blklen))
fail ("cbc-mac algo %d, encrypt mismatch entry %d\n", tv[i].algo, i);
gcry_cipher_close (hd);
}
if (verbose)
fprintf (stderr, "Completed CBC MAC checks.\n");
}
static void
check_aes128_cbc_cts_cipher (void)
{
char key[128 / 8] = "chicken teriyaki";
unsigned char plaintext[] =
"I would like the General Gau's Chicken, please, and wonton soup.";
struct tv
{
unsigned char out[MAX_DATA_LEN];
int inlen;
} tv[] =
{
{ "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
"\x97",
17 },
{ "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
31 },
{ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
32 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
47 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
48 },
{ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
64 },
};
gcry_cipher_hd_t hd;
unsigned char out[MAX_DATA_LEN];
int i;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting AES128 CBC CTS checks.\n");
err = gcry_cipher_open (&hd,
GCRY_CIPHER_AES,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
if (err)
{
fail ("aes-cbc-cts, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
err = gcry_cipher_setkey (hd, key, 128 / 8);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking encryption for length %i\n", tv[i].inlen);
err = gcry_cipher_encrypt (hd, out, MAX_DATA_LEN,
plaintext, tv[i].inlen);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_encrypt failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (memcmp (tv[i].out, out, tv[i].inlen))
fail ("aes-cbc-cts, encrypt mismatch entry %d\n", i);
err = gcry_cipher_setiv (hd, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (verbose)
fprintf (stderr, " checking decryption for length %i\n", tv[i].inlen);
err = gcry_cipher_decrypt (hd, out, tv[i].inlen, NULL, 0);
if (err)
{
fail ("aes-cbc-cts, gcry_cipher_decrypt failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
if (memcmp (plaintext, out, tv[i].inlen))
fail ("aes-cbc-cts, decrypt mismatch entry %d\n", i);
}
gcry_cipher_close (hd);
if (verbose)
fprintf (stderr, "Completed AES128 CBC CTS checks.\n");
}
static void
check_ctr_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char ctr[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd\xff" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e\x5b\x4f\x09\x02\x0d\xb0\x3e\xab" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x1e\x03\x1d\xda\x2f\xbe\x03\xd1\x79\x21\x70\xa0\xf3\x00\x9c\xee" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x1a\xbc\x93\x24\x17\x52\x1c\xa2\x4f\x2b\x04\x59\xfe\x7e\x6e\x0b" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x09\x03\x39\xec\x0a\xa6\xfa\xef\xd5\xcc\xc2\xc6\xf4\xce\x8e\x94" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x1e\x36\xb2\x6b\xd1\xeb\xc6\x70\xd1\xbd\x1d\x66\x56\x20\xab\xf7" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x4f\x78\xa7\xf6\xd2\x98\x09\x58\x5a\x97\xda\xec\x58\xc6\xb0\x50" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xf4\x43\xe3\xca\x4d\x62\xb5\x9a\xca\x84\xe9\x90\xca\xca\xf5\xc5" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x2b\x09\x30\xda\xa2\x3d\xe9\x4c\xe8\x70\x17\xba\x2d\x84\x98\x8d" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6\x13\xc2\xdd\x08\x45\x79\x41\xa6" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
if (verbose)
fprintf (stderr, "Starting CTR cipher checks.\n");
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
if (err)
{
fail ("aes-ctr, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-ctr, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-ctr, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-ctr, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setctr (hde, tv[i].ctr, blklen);
if (!err)
err = gcry_cipher_setctr (hdd, tv[i].ctr, blklen);
if (err)
{
fail ("aes-ctr, gcry_cipher_setctr failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (verbose)
fprintf (stderr, " checking CTR mode for for %s [%i]\n",
gcry_cipher_algo_name (tv[i].algo),
tv[i].algo);
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen == -1 ?
strlen ((char*)tv[i].data[j].plaintext) :
tv[i].data[j].inlen);
if (err)
{
fail ("aes-ctr, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ctr, encrypt mismatch entry %d:%d\n", i, j);
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-ctr, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ctr, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
if (verbose)
fprintf (stderr, "Completed CTR cipher checks.\n");
}
static void
check_cfb_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xc8\xa6\x45\x37\xa0\xb3\xa9\x3f\xcd\xe3\xcd\xad\x9f\x1c\xe5\x8b"},
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x26\x75\x1f\x67\xa3\xcb\xb1\x40\xb1\x80\x8c\xf1\x87\xa4\xf4\xdf" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xc0\x4b\x05\x35\x7c\x5d\x1c\x0e\xea\xc4\xc6\x6f\x9f\xf7\xf2\xe6" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x67\xce\x7f\x7f\x81\x17\x36\x21\x96\x1a\x2b\x70\x17\x1d\x3d\x7a" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x2e\x1e\x8a\x1d\xd5\x9b\x88\xb1\xc8\xe6\x0f\xed\x1e\xfa\xc4\xc9" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\xc0\x5f\x9f\x9c\xa9\x83\x4f\xa0\x42\xae\x8f\xba\x58\x4b\x09\xff" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x39\xff\xed\x14\x3b\x28\xb1\xc8\x32\x11\x3c\x63\x31\xe5\x40\x7b" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\xdf\x10\x13\x24\x15\xe5\x4b\x92\xa1\x3e\xd0\xa8\x26\x7a\xe2\xf9" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x75\xa3\x85\x74\x1a\xb9\xce\xf8\x20\x31\x62\x3d\x55\xb1\xe4\x71" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
if (err)
{
fail ("aes-cfb, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-cfb, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-cfb, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-cfb, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-cfb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen);
if (err)
{
fail ("aes-cfb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen)) {
fail ("aes-cfb, encrypt mismatch entry %d:%d\n", i, j);
}
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-cfb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-cfb, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
}
static void
check_ofb_cipher (void)
{
struct tv
{
int algo;
char key[MAX_DATA_LEN];
char iv[MAX_DATA_LEN];
struct data
{
unsigned char plaintext[MAX_DATA_LEN];
int inlen;
char out[MAX_DATA_LEN];
}
data[MAX_DATA_LEN];
} tv[] =
{
/* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
{ GCRY_CIPHER_AES,
"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5\x3c\x52\xda\xc5\x4e\xd8\x25"},
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x97\x40\x05\x1e\x9c\x5f\xec\xf6\x43\x44\xf7\xa8\x22\x60\xed\xcc" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x30\x4c\x65\x28\xf6\x59\xc7\x78\x66\xa5\x10\xd9\xc1\xd6\xae\x5e" },
}
},
{ GCRY_CIPHER_AES192,
"\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
"\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\xfc\xc2\x8b\x8d\x4c\x63\x83\x7c\x09\xe8\x17\x00\xc1\x10\x04\x01" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x8d\x9a\x9a\xea\xc0\xf6\x59\x6f\x55\x9c\x6d\x4d\xaf\x59\xa5\xf2" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x6d\x9f\x20\x08\x57\xca\x6c\x3e\x9c\xac\x52\x4b\xd9\xac\xc9\x2a" },
}
},
{ GCRY_CIPHER_AES256,
"\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
"\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
{ { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
16,
"\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
{ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
16,
"\x4f\xeb\xdc\x67\x40\xd2\x0b\x3a\xc8\x8f\x6a\xd8\x2a\x4f\xb0\x8d" },
{ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
16,
"\x71\xab\x47\xa0\x86\xe8\x6e\xed\xf3\x9d\x1c\x5b\xba\x97\xc4\x08" },
{ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
16,
"\x01\x26\x14\x1d\x67\xf3\x7b\xe8\x53\x8f\x5a\x8b\xe7\x40\xe4\x84" }
}
}
};
gcry_cipher_hd_t hde, hdd;
unsigned char out[MAX_DATA_LEN];
int i, j, keylen, blklen;
gcry_error_t err = 0;
for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
{
err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
if (!err)
err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
if (err)
{
fail ("aes-ofb, grcy_open_cipher failed: %s\n", gpg_strerror (err));
return;
}
keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
if (!keylen)
{
fail ("aes-ofb, gcry_cipher_get_algo_keylen failed\n");
return;
}
err = gcry_cipher_setkey (hde, tv[i].key, keylen);
if (!err)
err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setkey failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
if (!blklen)
{
fail ("aes-ofb, gcry_cipher_get_algo_blklen failed\n");
return;
}
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
for (j = 0; tv[i].data[j].inlen; j++)
{
err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
tv[i].data[j].plaintext,
tv[i].data[j].inlen);
if (err)
{
fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
if (err)
{
fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
}
err = gcry_cipher_reset(hde);
if (!err)
err = gcry_cipher_reset(hdd);
if (err)
{
fail ("aes-ofb, gcry_cipher_reset (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
/* gcry_cipher_reset clears the IV */
err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
if (!err)
err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
if (err)
{
fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
/* this time we encrypt and decrypt one byte at a time */
for (j = 0; tv[i].data[j].inlen; j++)
{
int byteNum;
for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
{
err = gcry_cipher_encrypt (hde, out+byteNum, 1,
(tv[i].data[j].plaintext) + byteNum,
1);
if (err)
{
fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
}
if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
{
err = gcry_cipher_decrypt (hdd, out+byteNum, 1, NULL, 0);
if (err)
{
fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
i, j, gpg_strerror (err));
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
return;
}
}
if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
}
gcry_cipher_close (hde);
gcry_cipher_close (hdd);
}
}
static void
check_one_cipher (int algo, int mode, int flags)
{
gcry_cipher_hd_t hd;
char key[32];
unsigned char plain[16], in[16], out[16];
int keylen;
gcry_error_t err = 0;
memcpy (key, "0123456789abcdef.,;/[]{}-=ABCDEF", 32);
memcpy (plain, "foobar42FOOBAR17", 16);
keylen = gcry_cipher_get_algo_keylen (algo);
if (!keylen)
{
fail ("algo %d, mode %d, gcry_cipher_get_algo_keylen failed\n",
algo, mode);
return;
}
if (keylen < 40 / 8 || keylen > 32)
{
fail ("algo %d, mode %d, keylength problem (%d)\n", algo, mode, keylen);
return;
}
err = gcry_cipher_open (&hd, algo, mode, flags);
if (err)
{
fail ("algo %d, mode %d, grcy_open_cipher failed: %s\n",
algo, mode, gpg_strerror (err));
return;
}
err = gcry_cipher_setkey (hd, key, keylen);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_setkey failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
err = gcry_cipher_encrypt (hd, out, 16, plain, 16);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_encrypt failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
gcry_cipher_reset (hd);
err = gcry_cipher_decrypt (hd, in, 16, out, 16);
if (err)
{
fail ("algo %d, mode %d, gcry_cipher_decrypt failed: %s\n",
algo, mode, gpg_strerror (err));
gcry_cipher_close (hd);
return;
}
gcry_cipher_close (hd);
if (memcmp (plain, in, 16))
fail ("algo %d, mode %d, encrypt-decrypt mismatch\n", algo, mode);
}
static void
check_ciphers (void)
{
static int algos[] = {
#if USE_BLOWFISH
GCRY_CIPHER_BLOWFISH,
#endif
#if USE_DES
GCRY_CIPHER_DES,
GCRY_CIPHER_3DES,
#endif
#if USE_CAST5
GCRY_CIPHER_CAST5,
#endif
#if USE_AES
GCRY_CIPHER_AES,
GCRY_CIPHER_AES192,
GCRY_CIPHER_AES256,
#endif
#if USE_TWOFISH
GCRY_CIPHER_TWOFISH,
GCRY_CIPHER_TWOFISH128,
#endif
#if USE_SERPENT
GCRY_CIPHER_SERPENT128,
GCRY_CIPHER_SERPENT192,
GCRY_CIPHER_SERPENT256,
#endif
#if USE_RFC2268
GCRY_CIPHER_RFC2268_40,
#endif
#if USE_SEED
GCRY_CIPHER_SEED,
#endif
#if USE_CAMELLIA
GCRY_CIPHER_CAMELLIA128,
GCRY_CIPHER_CAMELLIA192,
GCRY_CIPHER_CAMELLIA256,
#endif
0
};
static int algos2[] = {
#if USE_ARCFOUR
GCRY_CIPHER_ARCFOUR,
#endif
0
};
int i;
if (verbose)
fprintf (stderr, "Starting Cipher checks.\n");
for (i = 0; algos[i]; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i]\n",
gcry_cipher_algo_name (algos[i]),
gcry_cipher_map_name (gcry_cipher_algo_name (algos[i])));
check_one_cipher (algos[i], GCRY_CIPHER_MODE_ECB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CFB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_OFB, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, 0);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
check_one_cipher (algos[i], GCRY_CIPHER_MODE_CTR, 0);
}
for (i = 0; algos2[i]; i++)
{
if (verbose)
fprintf (stderr, " checking `%s'\n",
gcry_cipher_algo_name (algos2[i]));
check_one_cipher (algos2[i], GCRY_CIPHER_MODE_STREAM, 0);
}
/* we have now run all cipher's selftests */
if (verbose)
fprintf (stderr, "Completed Cipher checks.\n");
/* TODO: add some extra encryption to test the higher level functions */
}
static void
check_one_md (int algo, const char *data, int len, const char *expect)
{
gcry_md_hd_t hd, hd2;
unsigned char *p;
int mdlen;
int i;
gcry_error_t err = 0;
err = gcry_md_open (&hd, algo, 0);
if (err)
{
fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err));
return;
}
mdlen = gcry_md_get_algo_dlen (algo);
if (mdlen < 1 || mdlen > 500)
{
fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen);
return;
}
if (*data == '!' && !data[1])
{ /* hash one million times a "a" */
char aaa[1000];
+ /* Write in odd size chunks so that we test the buffering. */
memset (aaa, 'a', 1000);
for (i = 0; i < 1000; i++)
- gcry_md_write (hd, aaa, 1000);
+ gcry_md_write (hd, aaa, 1000);
}
else
gcry_md_write (hd, data, len);
err = gcry_md_copy (&hd2, hd);
if (err)
{
fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
}
gcry_md_close (hd);
p = gcry_md_read (hd2, algo);
if (memcmp (p, expect, mdlen))
{
printf ("computed: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", p[i] & 0xFF);
printf ("\nexpected: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", expect[i] & 0xFF);
printf ("\n");
fail ("algo %d, digest mismatch\n", algo);
}
gcry_md_close (hd2);
}
+
static void
check_digests (void)
{
static struct algos
{
int md;
const char *data;
const char *expect;
} algos[] =
{
{ GCRY_MD_MD4, "",
"\x31\xD6\xCF\xE0\xD1\x6A\xE9\x31\xB7\x3C\x59\xD7\xE0\xC0\x89\xC0" },
{ GCRY_MD_MD4, "a",
"\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb\x24" },
{ GCRY_MD_MD4, "message digest",
"\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01\x4b" },
{ GCRY_MD_MD5, "",
"\xD4\x1D\x8C\xD9\x8F\x00\xB2\x04\xE9\x80\x09\x98\xEC\xF8\x42\x7E" },
{ GCRY_MD_MD5, "a",
"\x0C\xC1\x75\xB9\xC0\xF1\xB6\xA8\x31\xC3\x99\xE2\x69\x77\x26\x61" },
{ GCRY_MD_MD5, "abc",
"\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72" },
{ GCRY_MD_MD5, "message digest",
"\xF9\x6B\x69\x7D\x7C\xB7\x93\x8D\x52\x5A\x2F\x31\xAA\xF1\x61\xD0" },
{ GCRY_MD_SHA1, "abc",
"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
"\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
{ GCRY_MD_SHA1,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE"
"\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" },
{ GCRY_MD_SHA1, "!" /* kludge for "a"*1000000 */ ,
"\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E"
"\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" },
/* From RFC3874 */
{ GCRY_MD_SHA224, "abc",
"\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55\xb3"
"\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7" },
{ GCRY_MD_SHA224,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01\x50"
"\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25" },
{ GCRY_MD_SHA224, "!",
"\x20\x79\x46\x55\x98\x0c\x91\xd8\xbb\xb4\xc1\xea\x97\x61\x8a\x4b"
"\xf0\x3f\x42\x58\x19\x48\xb2\xee\x4e\xe7\xad\x67" },
{ GCRY_MD_SHA256, "abc",
"\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
"\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
{ GCRY_MD_SHA256,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39"
"\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1" },
{ GCRY_MD_SHA256, "!",
"\xcd\xc7\x6e\x5c\x99\x14\xfb\x92\x81\xa1\xc7\xe2\x84\xd7\x3e\x67"
"\xf1\x80\x9a\x48\xa4\x97\x20\x0e\x04\x6d\x39\xcc\xc7\x11\x2c\xd0" },
{ GCRY_MD_SHA384, "abc",
"\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
"\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
"\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34\xc8\x25\xa7" },
{ GCRY_MD_SHA512, "abc",
"\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
"\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
"\x21\x92\x99\x2A\x27\x4F\xC1\xA8\x36\xBA\x3C\x23\xA3\xFE\xEB\xBD"
"\x45\x4D\x44\x23\x64\x3C\xE8\x0E\x2A\x9A\xC9\x4F\xA5\x4C\xA4\x9F" },
{ GCRY_MD_RMD160, "",
"\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28"
"\x08\x97\x7e\xe8\xf5\x48\xb2\x25\x8d\x31" },
{ GCRY_MD_RMD160, "a",
"\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae"
"\x34\x7b\xe6\xf4\xdc\x83\x5a\x46\x7f\xfe" },
{ GCRY_MD_RMD160, "abc",
"\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
"\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc" },
{ GCRY_MD_RMD160, "message digest",
"\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8"
"\x81\xb1\x23\xa8\x5f\xfa\x21\x59\x5f\x36" },
{ GCRY_MD_CRC32, "", "\x00\x00\x00\x00" },
{ GCRY_MD_CRC32, "foo", "\x8c\x73\x65\x21" },
{ GCRY_MD_CRC32_RFC1510, "", "\x00\x00\x00\x00" },
{ GCRY_MD_CRC32_RFC1510, "foo", "\x73\x32\xbc\x33" },
{ GCRY_MD_CRC32_RFC1510, "test0123456789", "\xb8\x3e\x88\xd6" },
{ GCRY_MD_CRC32_RFC1510, "MASSACHVSETTS INSTITVTE OF TECHNOLOGY",
"\xe3\x41\x80\xf7" },
#if 0
{ GCRY_MD_CRC32_RFC1510, "\x80\x00", "\x3b\x83\x98\x4b" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x08", "\x0e\xdb\x88\x32" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x80", "\xed\xb8\x83\x20" },
#endif
{ GCRY_MD_CRC32_RFC1510, "\x80", "\xed\xb8\x83\x20" },
#if 0
{ GCRY_MD_CRC32_RFC1510, "\x80\x00\x00\x00", "\xed\x59\xb6\x3b" },
{ GCRY_MD_CRC32_RFC1510, "\x00\x00\x00\x01", "\x77\x07\x30\x96" },
#endif
{ GCRY_MD_CRC24_RFC2440, "", "\xb7\x04\xce" },
{ GCRY_MD_CRC24_RFC2440, "foo", "\x4f\xc2\x55" },
{ GCRY_MD_TIGER, "",
"\x24\xF0\x13\x0C\x63\xAC\x93\x32\x16\x16\x6E\x76"
"\xB1\xBB\x92\x5F\xF3\x73\xDE\x2D\x49\x58\x4E\x7A" },
{ GCRY_MD_TIGER, "abc",
"\xF2\x58\xC1\xE8\x84\x14\xAB\x2A\x52\x7A\xB5\x41"
"\xFF\xC5\xB8\xBF\x93\x5F\x7B\x95\x1C\x13\x29\x51" },
{ GCRY_MD_TIGER, "Tiger",
"\x9F\x00\xF5\x99\x07\x23\x00\xDD\x27\x6A\xBB\x38"
"\xC8\xEB\x6D\xEC\x37\x79\x0C\x11\x6F\x9D\x2B\xDF" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefg"
"hijklmnopqrstuvwxyz0123456789+-",
"\x87\xFB\x2A\x90\x83\x85\x1C\xF7\x47\x0D\x2C\xF8"
"\x10\xE6\xDF\x9E\xB5\x86\x44\x50\x34\xA5\xA3\x86" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdef"
"ghijklmnopqrstuvwxyz+0123456789",
"\x46\x7D\xB8\x08\x63\xEB\xCE\x48\x8D\xF1\xCD\x12"
"\x61\x65\x5D\xE9\x57\x89\x65\x65\x97\x5F\x91\x97" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham",
"\x0C\x41\x0A\x04\x29\x68\x86\x8A\x16\x71\xDA\x5A"
"\x3F\xD2\x9A\x72\x5E\xC1\xE4\x57\xD3\xCD\xB3\x03" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham, proceedings of Fa"
"st Software Encryption 3, Cambridge.",
"\xEB\xF5\x91\xD5\xAF\xA6\x55\xCE\x7F\x22\x89\x4F"
"\xF8\x7F\x54\xAC\x89\xC8\x11\xB6\xB0\xDA\x31\x93" },
{ GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
"by Ross Anderson and Eli Biham, proceedings of Fa"
"st Software Encryption 3, Cambridge, 1996.",
"\x3D\x9A\xEB\x03\xD1\xBD\x1A\x63\x57\xB2\x77\x4D"
"\xFD\x6D\x5B\x24\xDD\x68\x15\x1D\x50\x39\x74\xFC" },
{ GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefgh"
"ijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRS"
"TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
"\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE"
"\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" },
{ GCRY_MD_WHIRLPOOL, "",
"\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26"
"\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7"
"\x3E\x83\xBE\x69\x8B\x28\x8F\xEB\xCF\x88\xE3\xE0\x3C\x4F\x07\x57"
"\xEA\x89\x64\xE5\x9B\x63\xD9\x37\x08\xB1\x38\xCC\x42\xA6\x6E\xB3" },
{ GCRY_MD_WHIRLPOOL, "a",
"\x8A\xCA\x26\x02\x79\x2A\xEC\x6F\x11\xA6\x72\x06\x53\x1F\xB7\xD7"
"\xF0\xDF\xF5\x94\x13\x14\x5E\x69\x73\xC4\x50\x01\xD0\x08\x7B\x42"
"\xD1\x1B\xC6\x45\x41\x3A\xEF\xF6\x3A\x42\x39\x1A\x39\x14\x5A\x59"
"\x1A\x92\x20\x0D\x56\x01\x95\xE5\x3B\x47\x85\x84\xFD\xAE\x23\x1A" },
{ GCRY_MD_WHIRLPOOL, "a",
"\x8A\xCA\x26\x02\x79\x2A\xEC\x6F\x11\xA6\x72\x06\x53\x1F\xB7\xD7"
"\xF0\xDF\xF5\x94\x13\x14\x5E\x69\x73\xC4\x50\x01\xD0\x08\x7B\x42"
"\xD1\x1B\xC6\x45\x41\x3A\xEF\xF6\x3A\x42\x39\x1A\x39\x14\x5A\x59"
"\x1A\x92\x20\x0D\x56\x01\x95\xE5\x3B\x47\x85\x84\xFD\xAE\x23\x1A" },
{ GCRY_MD_WHIRLPOOL,
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"\xDC\x37\xE0\x08\xCF\x9E\xE6\x9B\xF1\x1F\x00\xED\x9A\xBA\x26\x90"
"\x1D\xD7\xC2\x8C\xDE\xC0\x66\xCC\x6A\xF4\x2E\x40\xF8\x2F\x3A\x1E"
"\x08\xEB\xA2\x66\x29\x12\x9D\x8F\xB7\xCB\x57\x21\x1B\x92\x81\xA6"
"\x55\x17\xCC\x87\x9D\x7B\x96\x21\x42\xC6\x5F\x5A\x7A\xF0\x14\x67" },
{ GCRY_MD_WHIRLPOOL,
"!",
"\x0C\x99\x00\x5B\xEB\x57\xEF\xF5\x0A\x7C\xF0\x05\x56\x0D\xDF\x5D"
"\x29\x05\x7F\xD8\x6B\x20\xBF\xD6\x2D\xEC\xA0\xF1\xCC\xEA\x4A\xF5"
"\x1F\xC1\x54\x90\xED\xDC\x47\xAF\x32\xBB\x2B\x66\xC3\x4F\xF9\xAD"
"\x8C\x60\x08\xAD\x67\x7F\x77\x12\x69\x53\xB2\x26\xE4\xED\x8B\x01" },
{ 0 },
};
int i;
if (verbose)
fprintf (stderr, "Starting hash checks.\n");
- for (i = 0; algos[i].md; i++)
+ for (i = 0; i < 1 && algos[i].md; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i] for length %zi\n",
gcry_md_algo_name (algos[i].md),
algos[i].md,
- strlen(algos[i].data));
+ !strcmp (algos[i].data, "!")?
+ 1000000 : strlen(algos[i].data));
check_one_md (algos[i].md, algos[i].data, strlen (algos[i].data),
algos[i].expect);
}
if (verbose)
fprintf (stderr, "Completed hash checks.\n");
}
static void
check_one_hmac (int algo, const char *data, int datalen,
const char *key, int keylen, const char *expect)
{
gcry_md_hd_t hd, hd2;
unsigned char *p;
int mdlen;
int i;
gcry_error_t err = 0;
err = gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC);
if (err)
{
fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err));
return;
}
mdlen = gcry_md_get_algo_dlen (algo);
if (mdlen < 1 || mdlen > 500)
{
fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen);
return;
}
gcry_md_setkey( hd, key, keylen );
gcry_md_write (hd, data, datalen);
err = gcry_md_copy (&hd2, hd);
if (err)
{
fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
}
gcry_md_close (hd);
p = gcry_md_read (hd2, algo);
if (0 == p)
fail("algo %d, hmac gcry_md_read failed\n", algo);
if (memcmp (p, expect, mdlen))
{
printf ("computed: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", p[i] & 0xFF);
printf ("\nexpected: ");
for (i = 0; i < mdlen; i++)
printf ("%02x ", expect[i] & 0xFF);
printf ("\n");
fail ("algo %d, digest mismatch\n", algo);
}
gcry_md_close (hd2);
}
static void
check_hmac (void)
{
static struct algos
{
int md;
const char *data;
const char *key;
const char *expect;
} algos[] =
{
{ GCRY_MD_MD5, "what do ya want for nothing?", "Jefe",
"\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38" },
{ GCRY_MD_MD5,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
"\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d" },
{ GCRY_MD_MD5,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA",
"\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6" },
{ GCRY_MD_MD5,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x69\x7e\xaf\x0a\xca\x3a\x3a\xea\x3a\x75\x16\x47\x46\xff\xaa\x79" },
{ GCRY_MD_MD5, "Test With Truncation",
"\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c",
"\x56\x46\x1e\xf2\x34\x2e\xdc\x00\xf9\xba\xb9\x95\x69\x0e\xfd\x4c" },
{ GCRY_MD_MD5, "Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa",
"\x6b\x1a\xb7\xfe\x4b\xd7\xbf\x8f\x0b\x62\xe6\xce\x61\xb9\xd0\xcd" },
{ GCRY_MD_MD5,
"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa",
"\x6f\x63\x0f\xad\x67\xcd\xa0\xee\x1f\xb1\xf5\x62\xdb\x3a\xa5\x3e", },
{ GCRY_MD_SHA256, "what do ya want for nothing?", "Jefe",
"\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a"
"\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43" },
{ GCRY_MD_SHA256,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88"
"\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7" },
{ GCRY_MD_SHA256,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7"
"\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe" },
{ GCRY_MD_SHA256,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08"
"\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b" },
{ GCRY_MD_SHA256,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f"
"\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54" },
{ GCRY_MD_SHA256,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5\xb0\xe9\x44"
"\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f\x51\x53\x5c\x3a\x35\xe2" },
{ GCRY_MD_SHA224, "what do ya want for nothing?", "Jefe",
"\xa3\x0e\x01\x09\x8b\xc6\xdb\xbf\x45\x69\x0f\x3a\x7e\x9e\x6d\x0f"
"\x8b\xbe\xa2\xa3\x9e\x61\x48\x00\x8f\xd0\x5e\x44" },
{ GCRY_MD_SHA224,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47"
"\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22" },
{ GCRY_MD_SHA224,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x7f\xb3\xcb\x35\x88\xc6\xc1\xf6\xff\xa9\x69\x4d\x7d\x6a\xd2\x64"
"\x93\x65\xb0\xc1\xf6\x5d\x69\xd1\xec\x83\x33\xea" },
{ GCRY_MD_SHA224,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x6c\x11\x50\x68\x74\x01\x3c\xac\x6a\x2a\xbc\x1b\xb3\x82\x62"
"\x7c\xec\x6a\x90\xd8\x6e\xfc\x01\x2d\xe7\xaf\xec\x5a" },
{ GCRY_MD_SHA224,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x95\xe9\xa0\xdb\x96\x20\x95\xad\xae\xbe\x9b\x2d\x6f\x0d\xbc\xe2"
"\xd4\x99\xf1\x12\xf2\xd2\xb7\x27\x3f\xa6\x87\x0e" },
{ GCRY_MD_SHA224,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x3a\x85\x41\x66\xac\x5d\x9f\x02\x3f\x54\xd5\x17\xd0\xb3\x9d\xbd"
"\x94\x67\x70\xdb\x9c\x2b\x95\xc9\xf6\xf5\x65\xd1" },
{ GCRY_MD_SHA384, "what do ya want for nothing?", "Jefe",
"\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b\x1b"
"\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22\x44\x5e"
"\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa\xb2\x16\x49" },
{ GCRY_MD_SHA384,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15"
"\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea"
"\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6" },
{ GCRY_MD_SHA384,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8\x6f"
"\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66\x14\x4b"
"\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01\xa3\x4f\x27" },
{ GCRY_MD_SHA384,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\x3e\x8a\x69\xb7\x78\x3c\x25\x85\x19\x33\xab\x62\x90\xaf\x6c\xa7"
"\x7a\x99\x81\x48\x08\x50\x00\x9c\xc5\x57\x7c\x6e\x1f\x57\x3b\x4e"
"\x68\x01\xdd\x23\xc4\xa7\xd6\x79\xcc\xf8\xa3\x86\xc6\x74\xcf\xfb" },
{ GCRY_MD_SHA384,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x4e\xce\x08\x44\x85\x81\x3e\x90\x88\xd2\xc6\x3a\x04\x1b\xc5\xb4"
"\x4f\x9e\xf1\x01\x2a\x2b\x58\x8f\x3c\xd1\x1f\x05\x03\x3a\xc4\xc6"
"\x0c\x2e\xf6\xab\x40\x30\xfe\x82\x96\x24\x8d\xf1\x63\xf4\x49\x52" },
{ GCRY_MD_SHA384,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x66\x17\x17\x8e\x94\x1f\x02\x0d\x35\x1e\x2f\x25\x4e\x8f\xd3\x2c"
"\x60\x24\x20\xfe\xb0\xb8\xfb\x9a\xdc\xce\xbb\x82\x46\x1e\x99\xc5"
"\xa6\x78\xcc\x31\xe7\x99\x17\x6d\x38\x60\xe6\x11\x0c\x46\x52\x3e" },
{ GCRY_MD_SHA512, "what do ya want for nothing?", "Jefe",
"\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0\xa3"
"\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25\x05\x54"
"\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd"
"\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37" },
{ GCRY_MD_SHA512,
"Hi There",
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0"
"\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde"
"\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4"
"\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54" },
{ GCRY_MD_SHA512,
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd"
"\xdd\xdd\xdd\xdd\xdd",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA\xAA",
"\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b\xe9"
"\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27\x9d\x39"
"\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07"
"\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb" },
{ GCRY_MD_SHA512,
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd"
"\xcd\xcd\xcd\xcd\xcd",
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19",
"\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6\x1d\x4a\xf7"
"\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f\x80\x50\x36\x1e\xe3\xdb"
"\xa9\x1c\xa5\xc1\x1a\xa2\x5e\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63"
"\xa5\xf1\x97\x41\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd" },
{ GCRY_MD_SHA512,
"Test Using Larger Than Block-Size Key - Hash Key First",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd\x7b\xe8\xb4"
"\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b\x01\x37\x83\xf8\xf3\x52"
"\x6b\x56\xd0\x37\xe0\x5f\x25\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52"
"\x95\xe6\x4f\x73\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98" },
{ GCRY_MD_SHA512,
"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.",
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"
"\xaa\xaa\xaa",
"\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd"
"\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44"
"\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15"
"\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58" },
{ 0 },
};
int i;
if (verbose)
fprintf (stderr, "Starting hashed MAC checks.\n");
for (i = 0; algos[i].md; i++)
{
if (verbose)
fprintf (stderr, " checking %s [%i] for length %zi\n",
gcry_md_algo_name (algos[i].md),
algos[i].md,
strlen(algos[i].data));
check_one_hmac (algos[i].md, algos[i].data, strlen (algos[i].data),
algos[i].key, strlen(algos[i].key),
algos[i].expect);
}
if (verbose)
fprintf (stderr, "Completed hashed MAC checks.\n");
}
/* Check that the signature SIG matches the hash HASH. PKEY is the
public key used for the verification. BADHASH is a hasvalue which
should; result in a bad signature status. */
static void
verify_one_signature (gcry_sexp_t pkey, gcry_sexp_t hash,
gcry_sexp_t badhash, gcry_sexp_t sig)
{
gcry_error_t rc;
rc = gcry_pk_verify (sig, hash, pkey);
if (rc)
fail ("gcry_pk_verify failed: %s\n", gpg_strerror (rc));
rc = gcry_pk_verify (sig, badhash, pkey);
if (gcry_err_code (rc) != GPG_ERR_BAD_SIGNATURE)
fail ("gcry_pk_verify failed to detect a bad signature: %s\n",
gpg_strerror (rc));
}
/* Test the public key sign function using the private ket SKEY. PKEY
is used for verification. */
static void
check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey)
{
gcry_error_t rc;
gcry_sexp_t sig, badhash, hash;
int dataidx;
static const char baddata[] =
"(data\n (flags pkcs1)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203041#))\n";
static struct
{
const char *data;
int expected_rc;
} datas[] =
{
{ "(data\n (flags pkcs1)\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
0 },
/* This test is to see whether hash algorithms not hard wired in
pubkey.c are detected: */
{ "(data\n (flags pkcs1)\n"
" (hash oid.1.3.14.3.2.29 "
" #11223344556677889900AABBCCDDEEFF10203040#))\n",
0 },
{ "(data\n (flags )\n"
" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
GPG_ERR_CONFLICT },
{ "(data\n (flags pkcs1)\n"
" (hash foo #11223344556677889900AABBCCDDEEFF10203040#))\n",
GPG_ERR_DIGEST_ALGO },
{ "(data\n (flags )\n" " (value #11223344556677889900AA#))\n",
0 },
{ "(data\n (flags )\n" " (value #0090223344556677889900AA#))\n",
0 },
{ "(data\n (flags raw)\n" " (value #11223344556677889900AA#))\n",
0 },
{ "(data\n (flags pkcs1)\n"
" (value #11223344556677889900AA#))\n",
GPG_ERR_CONFLICT },
{ "(data\n (flags raw foo)\n"
" (value #11223344556677889900AA#))\n",
GPG_ERR_INV_FLAG },
{ NULL }
};
(void)n;
rc = gcry_sexp_sscan (&badhash, NULL, baddata, strlen (baddata));
if (rc)
die ("converting data failed: %s\n", gpg_strerror (rc));
for (dataidx = 0; datas[dataidx].data; dataidx++)
{
if (verbose)
fprintf (stderr, " signature test %d\n", dataidx);
rc = gcry_sexp_sscan (&hash, NULL, datas[dataidx].data,
strlen (datas[dataidx].data));
if (rc)
die ("converting data failed: %s\n", gpg_strerror (rc));
rc = gcry_pk_sign (&sig, hash, skey);
if (gcry_err_code (rc) != datas[dataidx].expected_rc)
fail ("gcry_pk_sign failed: %s\n", gpg_strerror (rc));
if (!rc)
verify_one_signature (pkey, hash, badhash, sig);
gcry_sexp_release (sig);
sig = NULL;
gcry_sexp_release (hash);
hash = NULL;
}
gcry_sexp_release (badhash);
}
static void
check_pubkey_grip (int n, const unsigned char *grip,
gcry_sexp_t skey, gcry_sexp_t pkey)
{
unsigned char sgrip[20], pgrip[20];
if (!gcry_pk_get_keygrip (skey, sgrip))
die ("get keygrip for private RSA key failed\n");
if (!gcry_pk_get_keygrip (pkey, pgrip))
die ("[%i] get keygrip for public RSA key failed\n", n);
if (memcmp (sgrip, pgrip, 20))
fail ("[%i] keygrips don't match\n", n);
if (memcmp (sgrip, grip, 20))
fail ("wrong keygrip for RSA key\n");
}
static void
do_check_one_pubkey (int n, gcry_sexp_t skey, gcry_sexp_t pkey,
const unsigned char *grip, int flags)
{
if (flags & FLAG_SIGN)
check_pubkey_sign (n, skey, pkey);
if (grip && (flags & FLAG_GRIP))
check_pubkey_grip (n, grip, skey, pkey);
}
static void
check_one_pubkey (int n, test_spec_pubkey_t spec)
{
gcry_error_t err = GPG_ERR_NO_ERROR;
gcry_sexp_t skey, pkey;
err = gcry_sexp_sscan (&skey, NULL, spec.key.secret,
strlen (spec.key.secret));
if (!err)
err = gcry_sexp_sscan (&pkey, NULL, spec.key.public,
strlen (spec.key.public));
if (err)
die ("converting sample key failed: %s\n", gpg_strerror (err));
do_check_one_pubkey (n, skey, pkey,
(const unsigned char*)spec.key.grip, spec.flags);
gcry_sexp_release (skey);
gcry_sexp_release (pkey);
}
static void
get_keys_new (gcry_sexp_t *pkey, gcry_sexp_t *skey)
{
gcry_sexp_t key_spec, key, pub_key, sec_key;
int rc;
if (verbose)
fprintf (stderr, " generating RSA key:");
rc = gcry_sexp_new (&key_spec,
"(genkey (rsa (nbits 4:1024)))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gpg_strerror (rc));
rc = gcry_pk_genkey (&key, key_spec);
gcry_sexp_release (key_spec);
if (rc)
die ("error generating RSA key: %s\n", gpg_strerror (rc));
pub_key = gcry_sexp_find_token (key, "public-key", 0);
if (! pub_key)
die ("public part missing in key\n");
sec_key = gcry_sexp_find_token (key, "private-key", 0);
if (! sec_key)
die ("private part missing in key\n");
gcry_sexp_release (key);
*pkey = pub_key;
*skey = sec_key;
}
static void
check_one_pubkey_new (int n)
{
gcry_sexp_t skey, pkey;
get_keys_new (&pkey, &skey);
do_check_one_pubkey (n, skey, pkey, NULL, FLAG_SIGN | FLAG_CRYPT);
}
/* Run all tests for the public key functions. */
static void
check_pubkey (void)
{
test_spec_pubkey_t pubkeys[] =
{
{
GCRY_PK_RSA, FLAG_CRYPT | FLAG_SIGN,
{ "(private-key\n"
" (rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B11"
" 7D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BD"
" C543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21"
" C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)\n"
" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
" fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)\n"
" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9"
" 35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)\n"
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))\n",
"(public-key\n"
" (rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)))\n",
"\x32\x10\x0c\x27\x17\x3e\xf6\xe9\xc4\xe9"
"\xa2\x5d\x3d\x69\xf8\x6d\x37\xa4\xf9\x39"}
},
{
GCRY_PK_DSA, FLAG_SIGN,
{ "(private-key\n"
" (DSA\n"
" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)\n"
" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)\n"
" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)\n"
" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)\n"
" (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))\n",
"(public-key\n"
" (DSA\n"
" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
" 96273899DD8B2BB46CD6ECA263FAF04A28903503D59062A8865D2AE8ADFB5191"
" CF36FFB562D0E2F5809801A1F675DAE59698A9E01EFE8D7DCFCA084F4C6F5A44"
" 44D499A06FFAEA5E8EF5E01F2FD20A7B7EF3F6968AFBA1FB8D91F1559D52D8777B#)\n"
" (q #00EB7B5751D25EBBB7BD59D920315FD840E19AEBF9#)\n"
" (g #1574363387FDFD1DDF38F4FBE135BB20C7EE4772FB94C337AF86EA8E49666503"
" AE04B6BE81A2F8DD095311E0217ACA698A11E6C5D33CCDAE71498ED35D13991E"
" B02F09AB40BD8F4C5ED8C75DA779D0AE104BC34C960B002377068AB4B5A1F984"
" 3FBA91F537F1B7CAC4D8DD6D89B0D863AF7025D549F9C765D2FC07EE208F8D15#)\n"
" (y #64B11EF8871BE4AB572AA810D5D3CA11A6CDBC637A8014602C72960DB135BF46"
" A1816A724C34F87330FC9E187C5D66897A04535CC2AC9164A7150ABFA8179827"
" 6E45831AB811EEE848EBB24D9F5F2883B6E5DDC4C659DEF944DCFD80BF4D0A20"
" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)))\n",
"\xc6\x39\x83\x1a\x43\xe5\x05\x5d\xc6\xd8"
"\x4a\xa6\xf9\xeb\x23\xbf\xa9\x12\x2d\x5b" }
},
{
GCRY_PK_ELG, FLAG_SIGN | FLAG_CRYPT,
{ "(private-key\n"
" (ELG\n"
" (p #00B93B93386375F06C2D38560F3B9C6D6D7B7506B20C1773F73F8DE56E6CD65D"
" F48DFAAA1E93F57A2789B168362A0F787320499F0B2461D3A4268757A7B27517"
" B7D203654A0CD484DEC6AF60C85FEB84AAC382EAF2047061FE5DAB81A20A0797"
" 6E87359889BAE3B3600ED718BE61D4FC993CC8098A703DD0DC942E965E8F18D2A7#)\n"
" (g #05#)\n"
" (y #72DAB3E83C9F7DD9A931FDECDC6522C0D36A6F0A0FEC955C5AC3C09175BBFF2B"
" E588DB593DC2E420201BEB3AC17536918417C497AC0F8657855380C1FCF11C5B"
" D20DB4BEE9BDF916648DE6D6E419FA446C513AAB81C30CB7B34D6007637BE675"
" 56CE6473E9F9EE9B9FADD275D001563336F2186F424DEC6199A0F758F6A00FF4#)\n"
" (x #03C28900087B38DABF4A0AB98ACEA39BB674D6557096C01D72E31C16BDD32214#)))\n",
"(public-key\n"
" (ELG\n"
" (p #00B93B93386375F06C2D38560F3B9C6D6D7B7506B20C1773F73F8DE56E6CD65D"
" F48DFAAA1E93F57A2789B168362A0F787320499F0B2461D3A4268757A7B27517"
" B7D203654A0CD484DEC6AF60C85FEB84AAC382EAF2047061FE5DAB81A20A0797"
" 6E87359889BAE3B3600ED718BE61D4FC993CC8098A703DD0DC942E965E8F18D2A7#)\n"
" (g #05#)\n"
" (y #72DAB3E83C9F7DD9A931FDECDC6522C0D36A6F0A0FEC955C5AC3C09175BBFF2B"
" E588DB593DC2E420201BEB3AC17536918417C497AC0F8657855380C1FCF11C5B"
" D20DB4BEE9BDF916648DE6D6E419FA446C513AAB81C30CB7B34D6007637BE675"
" 56CE6473E9F9EE9B9FADD275D001563336F2186F424DEC6199A0F758F6A00FF4#)))\n",
"\xa7\x99\x61\xeb\x88\x83\xd2\xf4\x05\xc8"
"\x4f\xba\x06\xf8\x78\x09\xbc\x1e\x20\xe5" }
},
};
int i;
if (verbose)
fprintf (stderr, "Starting public key checks.\n");
for (i = 0; i < sizeof (pubkeys) / sizeof (*pubkeys); i++)
if (pubkeys[i].id)
check_one_pubkey (i, pubkeys[i]);
if (verbose)
fprintf (stderr, "Completed public key checks.\n");
if (verbose)
fprintf (stderr, "Starting additional public key checks.\n");
for (i = 0; i < sizeof (pubkeys) / sizeof (*pubkeys); i++)
if (pubkeys[i].id)
check_one_pubkey_new (i);
if (verbose)
fprintf (stderr, "Completed additional public key checks.\n");
}
int
main (int argc, char **argv)
{
int debug = 0;
if (argc > 1 && !strcmp (argv[1], "--verbose"))
verbose = 1;
else if (argc > 1 && !strcmp (argv[1], "--debug"))
verbose = debug = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
if (verbose)
gcry_set_progress_handler (progress_handler, NULL);
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
/* No valuable keys are create, so we can speed up our RNG. */
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
check_ciphers ();
check_aes128_cbc_cts_cipher ();
check_cbc_mac_cipher ();
check_ctr_cipher ();
check_cfb_cipher ();
check_ofb_cipher ();
check_digests ();
check_hmac ();
check_pubkey ();
if (verbose)
fprintf (stderr, "\nAll tests completed. Errors: %i\n", error_count);
return error_count ? 1 : 0;
}
diff --git a/tests/pubkey.c b/tests/pubkey.c
index ac68a21e..f3e65158 100644
--- a/tests/pubkey.c
+++ b/tests/pubkey.c
@@ -1,369 +1,369 @@
/* pubkey.c - Public key encryption/decryption tests
* Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "../src/gcrypt.h"
/* Sample RSA keys, taken from basic.c. */
static const char sample_private_key_1[] =
"(private-key\n"
" (openpgp-rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
"2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
"ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
"891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B11"
"7D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BD"
"C543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21"
"C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)\n"
" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
"fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)\n"
" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9"
"35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)\n"
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
"ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)\n"
" )\n"
")\n";
/* The same key as above but without p, q and u to test the non CRT case. */
static const char sample_private_key_1_1[] =
"(private-key\n"
" (openpgp-rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
"2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
"ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
"891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B11"
"7D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BD"
"C543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21"
"C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)\n"
" )\n"
")\n";
/* The same key as above but just without q to test the non CRT case. This
should fail. */
static const char sample_private_key_1_2[] =
"(private-key\n"
" (openpgp-rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
"2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
"ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
"891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B11"
"7D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BD"
"C543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21"
"C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)\n"
" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213"
"fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)\n"
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
"ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)\n"
" )\n"
")\n";
static const char sample_public_key_1[] =
"(public-key\n"
" (rsa\n"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
"2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291"
"ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7"
"891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)\n"
" (e #010001#)\n"
" )\n"
")\n";
static int verbose;
static void
die (const char *format, ...)
{
va_list arg_ptr ;
va_start( arg_ptr, format ) ;
vfprintf (stderr, format, arg_ptr );
va_end(arg_ptr);
exit (1);
}
static void
check_keys_crypt (gcry_sexp_t pkey, gcry_sexp_t skey,
gcry_sexp_t plain0, gpg_err_code_t decrypt_fail_code)
{
gcry_sexp_t plain1, cipher, l;
gcry_mpi_t x0, x1;
int rc;
int have_flags;
/* Extract data from plaintext. */
l = gcry_sexp_find_token (plain0, "value", 0);
x0 = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
/* Encrypt data. */
rc = gcry_pk_encrypt (&cipher, plain0, pkey);
if (rc)
die ("encryption failed: %s\n", gcry_strerror (rc));
l = gcry_sexp_find_token (cipher, "flags", 0);
have_flags = !!l;
gcry_sexp_release (l);
/* Decrypt data. */
rc = gcry_pk_decrypt (&plain1, cipher, skey);
gcry_sexp_release (cipher);
if (rc)
{
if (decrypt_fail_code && gpg_err_code (rc) == decrypt_fail_code)
return; /* This is the expected failure code. */
die ("decryption failed: %s\n", gcry_strerror (rc));
}
/* Extract decrypted data. Note that for compatibility reasons, the
output of gcry_pk_decrypt depends on whether a flags lists (even
if empty) occurs in its input data. Because we passed the output
of encrypt directly to decrypt, such a flag value won't be there
as of today. We check it anyway. */
l = gcry_sexp_find_token (plain1, "value", 0);
if (l)
{
if (!have_flags)
die ("compatibility mode of pk_decrypt broken\n");
gcry_sexp_release (plain1);
x1 = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
gcry_sexp_release (l);
}
else
{
if (have_flags)
die ("compatibility mode of pk_decrypt broken\n");
x1 = gcry_sexp_nth_mpi (plain1, 0, GCRYMPI_FMT_USG);
gcry_sexp_release (plain1);
}
/* Compare. */
if (gcry_mpi_cmp (x0, x1))
die ("data corrupted\n");
}
static void
check_keys (gcry_sexp_t pkey, gcry_sexp_t skey, unsigned int nbits_data,
gpg_err_code_t decrypt_fail_code)
{
gcry_sexp_t plain;
gcry_mpi_t x;
int rc;
/* Create plain text. */
x = gcry_mpi_new (nbits_data);
gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM);
rc = gcry_sexp_build (&plain, NULL, "(data (flags raw) (value %m))", x);
if (rc)
die ("converting data for encryption failed: %s\n",
gcry_strerror (rc));
check_keys_crypt (pkey, skey, plain, decrypt_fail_code);
gcry_sexp_release (plain);
gcry_mpi_release (x);
/* Create plain text. */
x = gcry_mpi_new (nbits_data);
gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM);
rc = gcry_sexp_build (&plain, NULL,
"(data (flags raw no-blinding) (value %m))", x);
if (rc)
die ("converting data for encryption failed: %s\n",
gcry_strerror (rc));
check_keys_crypt (pkey, skey, plain, decrypt_fail_code);
gcry_sexp_release (plain);
}
static void
get_keys_sample (gcry_sexp_t *pkey, gcry_sexp_t *skey, int secret_variant)
{
gcry_sexp_t pub_key, sec_key;
int rc;
static const char *secret;
switch (secret_variant)
{
case 0: secret = sample_private_key_1; break;
case 1: secret = sample_private_key_1_1; break;
case 2: secret = sample_private_key_1_2; break;
default: die ("BUG\n");
}
rc = gcry_sexp_sscan (&pub_key, NULL, sample_public_key_1,
strlen (sample_public_key_1));
if (!rc)
rc = gcry_sexp_sscan (&sec_key, NULL, secret, strlen (secret));
if (rc)
die ("converting sample keys failed: %s\n", gcry_strerror (rc));
*pkey = pub_key;
*skey = sec_key;
}
static void
get_keys_new (gcry_sexp_t *pkey, gcry_sexp_t *skey)
{
gcry_sexp_t key_spec, key, pub_key, sec_key;
int rc;
rc = gcry_sexp_new (&key_spec,
"(genkey (rsa (nbits 4:1024)))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gcry_strerror (rc));
rc = gcry_pk_genkey (&key, key_spec);
gcry_sexp_release (key_spec);
if (rc)
die ("error generating RSA key: %s\n", gcry_strerror (rc));
pub_key = gcry_sexp_find_token (key, "public-key", 0);
if (! pub_key)
die ("public part missing in key\n");
sec_key = gcry_sexp_find_token (key, "private-key", 0);
if (! sec_key)
die ("private part missing in key\n");
gcry_sexp_release (key);
*pkey = pub_key;
*skey = sec_key;
}
static void
get_elg_key_new (gcry_sexp_t *pkey, gcry_sexp_t *skey, int fixed_x)
{
gcry_sexp_t key_spec, key, pub_key, sec_key;
int rc;
rc = gcry_sexp_new
(&key_spec,
(fixed_x
? "(genkey (elg (nbits 4:1024)(xvalue my.not-so-secret.key)))"
: "(genkey (elg (nbits 3:512)))"),
0, 1);
if (rc)
die ("error creating S-expression: %s\n", gcry_strerror (rc));
rc = gcry_pk_genkey (&key, key_spec);
gcry_sexp_release (key_spec);
if (rc)
die ("error generating Elgamal key: %s\n", gcry_strerror (rc));
pub_key = gcry_sexp_find_token (key, "public-key", 0);
if (!pub_key)
die ("public part missing in key\n");
sec_key = gcry_sexp_find_token (key, "private-key", 0);
if (!sec_key)
die ("private part missing in key\n");
gcry_sexp_release (key);
*pkey = pub_key;
*skey = sec_key;
}
static void
check_run (void)
{
gpg_error_t err;
gcry_sexp_t pkey, skey;
int variant;
for (variant=0; variant < 3; variant++)
{
if (verbose)
fprintf (stderr, "Checking sample key (%d).\n", variant);
get_keys_sample (&pkey, &skey, variant);
/* Check gcry_pk_testkey which requires all elements. */
err = gcry_pk_testkey (skey);
if ((variant == 0 && err)
|| (variant > 0 && gpg_err_code (err) != GPG_ERR_NO_OBJ))
die ("gcry_pk_testkey failed: %s\n", gpg_strerror (err));
/* Run the usual check but expect an error from variant 2. */
check_keys (pkey, skey, 800, variant == 2? GPG_ERR_NO_OBJ : 0);
gcry_sexp_release (pkey);
gcry_sexp_release (skey);
}
if (verbose)
fprintf (stderr, "Checking generated RSA key.\n");
get_keys_new (&pkey, &skey);
check_keys (pkey, skey, 800, 0);
gcry_sexp_release (pkey);
gcry_sexp_release (skey);
if (verbose)
fprintf (stderr, "Checking generated Elgamal key.\n");
get_elg_key_new (&pkey, &skey, 0);
check_keys (pkey, skey, 400, 0);
gcry_sexp_release (pkey);
gcry_sexp_release (skey);
if (verbose)
fprintf (stderr, "Checking passphrase generated Elgamal key.\n");
get_elg_key_new (&pkey, &skey, 1);
check_keys (pkey, skey, 800, 0);
gcry_sexp_release (pkey);
gcry_sexp_release (skey);
}
int
main (int argc, char **argv)
{
int debug = 0;
int i;
if (argc > 1 && !strcmp (argv[1], "--verbose"))
verbose = 1;
else if (argc > 1 && !strcmp (argv[1], "--debug"))
verbose = debug = 1;
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
if (!gcry_check_version (GCRYPT_VERSION))
- /*die ("version mismatch\n")*/;
+ die ("version mismatch\n");
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
/* No valuable keys are create, so we can speed up our RNG. */
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
for (i=0; i < 2; i++)
check_run ();
return 0;
}

File Metadata

Mime Type
text/x-diff
Expires
Sun, Dec 7, 12:27 AM (55 m, 22 s)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
f1/02/5b252e5348a3300bd3fd9f7442b7

Event Timeline