Page MenuHome GnuPG
Files F37558647

No OneTemporary
Actions

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.
This document is not UTF8. It was detected as ISO-8859-1 (Latin 1) and converted to UTF8 for display.
diff --git a/ChangeLog b/ChangeLog
index ff660371c..b14febd69 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,940 +1,946 @@
+2002-08-02 Werner Koch <wk@gnupg.org>
+
+ * configure.ac: Removed all extension stuff but keep the tests for
+ dlopen. We don't need to figure out the flags required. All
+ stuff is now statically loaded.
+
2002-07-30 David Shaw <dshaw@jabberwocky.com>
* README, configure.ac: --with-exec-path is now clarified into
--disable-keyserver-path
* NEWS: changes since 1.1.90.
2002-07-24 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well
as a SUBST for Makefiles.
2002-07-22 Timo Schulz <ts@winpt.org>
* configure.ac: Replace the 'c:/' variables with 'c:\' due
to the fact we already use '\' in the remaining code.
2002-07-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add --with-mailprog to override the use of
sendmail with another MTA. We can use anything that follows the
"$MAILPROG -t" convention.
2002-07-04 David Shaw <dshaw@jabberwocky.com>
* configure.ac: --enable-exec-path should be a 'with'. Fix 'no'
cases of --with-exec-path and --with-photo-viewer.
* README: Document --disable-exec, --disable-photo-viewers,
--disable-keyserver-helpers, --enable-exec-path, and
--with-photo-viewer.
* configure.ac: Add --with-photo-viewer to lock the viewer at
compile time and --disable-keyserver-helpers and
--disable-photo-viewers to allow disabling one without disabling
the other.
2002-07-03 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path
to a fixed value.
2002-07-01 Werner Koch <wk@gnupg.org>
* configure.ac: Set version number to 1.1.91.
Released 1.1.90.
* INSTALL: Replaced by generic install file.
* README: Marked as development version and moved most stuff of
the old INSTALL file to here.
2002-06-30 Werner Koch <wk@gnupg.org>
* configure.ac: Link W32 version against libwsock32.
2002-06-29 Werner Koch <wk@gnupg.org>
* configure.ac (development_version): New.
(HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used.
* BUGS, AUTHORS: Add a note on how to send security related bug
reports.
2002-06-20 David Shaw <dshaw@jabberwocky.com>
* NEWS: changes since 1.0.7.
* configure.ac: Set new version number (1.1.90), and fix Solaris
compiler flags for shared objects.
2002-06-11 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Move -lsocket and -lnsl checks before LDAP link
tests so they work properly on Solaris. Noted by David Champion.
Also, check for the Mozilla LDAP library if the OpenLDAP library
check fails. Put -lsocket and -lnsl in NETLIBS rather than LIBS
so not all programs are forced to link to them.
2002-06-05 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add a switch for the experimental external HKP
keyserver interface.
2002-05-22 Werner Koch <wk@gnupg.org>
* configure.ac: Check for strcasecmp and strncasecmp. Removed
stricmp and memicmp checks.
2002-05-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: If LDAP comes up unusable, try #including <lber.h>
before giving up. Old versions of OpenLDAP require that.
2002-05-03 David Shaw <dshaw@jabberwocky.com>
* configure.ac: In g10defs.h, use \ for the directory separator
when HAVE_DOSISH_SYSTEM is on.
* configure.ac: Add --disable-exec flag to disable all remote
program execution. --disable-exec implies --disable-ldap and
--disable-mailto. Also look in /usr/lib for sendmail. If
sendmail is not found, do not default - just fail.
2002-04-30 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Try and link to a sample LDAP program to check if
the LDAP we're about to use is really sane. The most common
problem (using a very old OpenLDAP), could be fixed with an extra
#include, but this would not be very portable to other LDAP
libraries.
2002-04-29 Werner Koch <wk@gnupg.org>
Released 1.0.7.
* README: Fixed some minor things.
2002-04-25 Werner Koch <wk@gnupg.org>
* configure.ac: Check for locale.h and setlocale
2002-04-24 David Shaw <dshaw@jabberwocky.com>
* Update NEWS with recent changes.
2002-04-19 Werner Koch <wk@gnupg.org>
Released 1.0.6e snapshot.
2002-04-12 Werner Koch <wk@gnupg.org>
* configure.ac: Add a warning note to the definition of the
EXTSEP macros.
2002-04-09 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek
translations. s/es_ES/es/.
2002-03-06 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): s/pt_PT/pt/
2002-03-04 David Shaw <dshaw@jabberwocky.com>
* Add a AC_DEFINE(_GNU_SOURCE). Since this is always defined in
config.h, the various autoconf tests should be tested with it
enabled. This also works around a compiler warning caused by a
minor header bug in glibc 2.1 that causes fseeko to be defined
when building gpg, but not when tested for in configure.
2002-03-03 Werner Koch <wk@gnupg.org>
Release 1.0.6d snapshot.
2002-01-04 David Shaw <dshaw@jabberwocky.com>
* NEWS: about symmetric messages and fixed file sizes.
2001-12-22 Werner Koch <wk@gnupg.org>
Released 1.0.6c snapshot.
* configure.ac (AH_BOTTOM): Moved EXEC_TEMPFILE_ONLY to here.
* acconfig.h: Removed, it should no longer be used.
2001-12-21 David Shaw <dshaw@jabberwocky.com>
* Add an acconfig.h to define EXEC_TEMPFILE_ONLY on platforms that
can't do fork/exec.
2001-12-21 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): We should also look in include for
distfiles.
(EXTRA_DIST): Remove VERSION because it is generated by dist-hook.
2001-12-20 David Shaw <dshaw@jabberwocky.com>
* configure.ac: replacement function for mkdtemp()
2001-12-19 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Check for stat()
2001-12-19 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Support Cygwin target
* configure.ac [CYGWIN32]: Don't build tiger. By Disastry.
2001-12-18 Werner Koch <wk@gnupg.org>
* Makefile.am (SUBDIRS): Add keyserver.
(dist-hook): Only look in mpi and scripts for distfiles; this way
we don't include those of a stale "make dist" directory.
2001-10-23 Werner Koch <wk@gnupg.org>
Released 1.0.6b snapshot.
2001-10-22 Werner Koch <wk@gnupg.org>
* configure.ac: Fixed for automake 1.5
2001-10-17 Werner Koch <wk@gnupg.org>
* README: Removed note on local_ID.
2001-09-28 Werner Koch <wk@gnupg.org>
* configure.ac: From now on add a string "-cvs" to the version to
indicate that this is a pre-release of the given version number.
2001-09-26 Werner Koch <wk@gnupg.org>
* configure.ac [MINGW32]: Switched from wsock.dll to ws2_32.dll.
2001-09-09 Werner Koch <wk@gnupg.org>
* configure.ac: autoconf changed the name of the maintainer mode
flag, so that not all warnings where enabled. Fixed that.
Reported by Dirk Meyer.
2001-09-07 Werner Koch <wk@gnupg.org>
* configure.ac: Test for strsep().
2001-09-03 Werner Koch <wk@gnupg.org>
* configure.ac: Removed GDBM tests.
2001-08-23 Werner Koch <wk@gnupg.org>
* configure.in (AC_FUNC_FSEEKO): Add.
(AC_CHECK_FUNCS): Remove fseeko. By Paul Eggert <eggert@twinsun.com>.
2001-08-22 Werner Koch <wk@gnupg.org>
* configure.ac (gethrtime): Enhanced the test by running a test
program.
* INSTALL: Removed the note about Solaris problems because the
above test should catch this.
2001-08-20 Werner Koch <wk@gnupg.org>
* acinclude.m4: Add check for plock if mlock is broken.
* configure.ac: Use regular tests for -lsocket and -lnsl,
more thorough test for gethrtime, allow specifying the path to
the zlib library if it is not in the default compiler/linker
search path, use ${datadir}. All these test enhancements are by
Albert Chin.
* configure.ac: Set some compiler flags for dec-osf and hpux. By
Tim Mooney.
* configure.ac: Create g10defs.h with EXTSEP_S et al.
2001-08-03 Werner Koch <wk@gnupg.org>
* configure.ac (VERSION,PACKAGE): Fixed quoting.
2001-07-26 Werner Koch <wk@gnupg.org>
* configure.ac: Finally got it running with the new autoconf. Had
to define PACKAGE and VERSION and to add -I.. to each Makefile.am.
2001-07-09 Werner Koch <wk@gnupg.org>
Migrated to autoconf 2.50.
* acinclude.m4: Removed the temporary LFS macros and GNUPG_LINK_FILES.
* acconfig.h: Removed
* configure.in: Replaced by...
* configure.ac: and modified for use with autoconf 2.50, use a
literal string for the version number. Replaced GNUPG_LINK_FILES
with AC_CONFIG_LINKS and moved some informational messages to the end.
* VERSION: Removed.
* Makefile.am (DISTCLEANFILES): gettext is better now; no more
need to remove the libintl.h symlink.
(dist-hook): Create VERSION file.
2001-06-08 Werner Koch <wk@gnupg.org>
* configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf.
Reported by Chris Adams. Merged some cases.
2001-05-29 Werner Koch <wk@gnupg.org>
Released version 1.0.6.
2001-05-28 Werner Koch <wk@gnupg.org>
* configure.in (BUILD_INCLUDED_LIBINTL): Set to no for W32.
2001-04-29 Werner Koch <wk@gnupg.org>
Released version 1.0.5.
2001-04-28 Werner Koch <wk@gnupg.org>
Updated all copyright notices.
2001-04-27 Werner Koch <wk@gnupg.org>
* README: Removed a few outdated paragraphs.
2001-04-17 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_CHECK_DOCBOOK_TO_TEXI): New.
(GNUPG_CHECK_TYPEDEF): Define _GNU_SOURCE because we will use it
anyway.
* configure.in: Use it here.
* configure.in (ALL_LINGUAS): Add Estonian translation by Toomas Soome.
(use_m_debug): Removed --enable-m-debug because it does not work
anymore.
2001-04-06 Werner Koch <wk@gnupg.org>
* configure.in (ALL_LINGUAS): Add Turkish translation. Thanks
to Nilgun Belma Buguner.
2001-03-18 Werner Koch <wk@gnupg.org>
* configure.in: Hardwire the use of -lsocket for some
systems. Thanks to Reinhard Wobst.
2001-03-13 Werner Koch <wk@gnupg.org>
* configure.in: Add copyright notice and -lwsock32.
2001-03-12 Werner Koch <wk@gnupg.org>
* INSTALL: Add a note to VPATH builds.
2001-03-08 Werner Koch <wk@gnupg.org>
* debian/: Applied update from James.
Added copyright and license notices to some more files.
2001-01-18 Werner Koch <wk@gnupg.org>
* configure.in: Removed tool definitions for MingW32
2000-11-17 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_CHECK_FAQPROG): Do not prinnt the warning.
2000-11-11 Paul Eggert <eggert@twinsun.com>
Actually Paul's patches are dated 2000-20-17; I applied them today
and merged some ChangeLog entries (wk@gnupg.org).
* configure.in (AC_SYS_LARGEFILE): Add.
(try_large_file): Remove. All uses removed.
(AC_CHECK_FUNCS): Remove fopen64 and fstat64.
* acinclude.m4 (AC_SYS_LARGEFILE_TEST_INCLUDES,
AC_SYS_LARGEFILE_MACRO_VALUE, AC_SYS_LARGEFILE): New macros,
taken from GNU tar.
* configure.in (AC_CHECK_FUNCS): Add fseeko.
2000-10-17 Werner Koch <wk@gnupg.org>
* configure.in: Disabled fopen64 checks for Solaris and HPUX.
2000-10-13 Werner Koch <wk@gnupg.org>
* configure.in: Append mpi/mpi-asm-defs.h to g10defs.h
2000-10-09 Werner Koch <wk@gnupg.org>
* acinclude.m4: Changed wording of the faqprog.pl warning.
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Set DYNLINK_MOD_CFLAGS for Irix. It seems that Irix
needs the -shared flag. In 1.1 we are going to use libtool, so this
module stuff will get redesigned anyway. Suggested by Jeff Long.
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_FAQPROG): New.
* configure.in: Test for this.
* configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion.
Wed Sep 6 17:55:47 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Check for fstat64 and fopen64
Wed Sep 6 14:59:09 CEST 2000 Werner Koch <wk@openit.de>
* configure.in (GNUPG_HOMEDIR): New.
Fri Aug 25 16:05:38 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Changes to allow for Solaris random device.
By Nils Ellmenreich.
(--with-egd-socket): New.
Wed Aug 23 19:52:51 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir().
Wed Jul 19 11:26:43 CEST 2000 Werner Koch <wk@openit.de>
* configure.in (mingw32): Changes to allow for mingw32msvc
Fri Jul 14 10:17:30 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code.
Wed Jul 12 13:32:06 CEST 2000 Werner Koch <wk@openit.de>
Version 1.0.2
Fri Jun 9 10:09:52 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Add check for termio.h, wait unctiosn and sigaction.
Wed Jun 7 19:19:09 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri.
* configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël.
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
* acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
Contributed by Dave Dykstra.
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
* configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested
by Dave Dykstra.
Tue May 30 16:37:55 CEST 2000 Werner Koch <wk@openit.de>
Version 1.0.1-ePit-1
Sun May 28 13:55:17 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support.
(GNUPG_CHECK_RDYNAMIC): Ditto.
Wed Apr 19 10:57:26 CEST 2000 Werner Koch <wk@openit.de>
* acconfig.h (HAVE_MLOCK): Added
Wed Mar 22 13:50:24 CET 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for
librt. Test suggested by Jeff Long.
Fri Mar 17 17:50:25 CET 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when
we can't link a test program. This way GNU systems don't need
to link against linrt.
(GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney.
2000-03-14 12:07:54 Werner Koch (wk@habibti.openit.de)
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for
DJGPP.
(GNUPG_CHECK_MLOCK): Check whether mlock sits in librt.
* configure.in: Add a test for unisgned long long.
Tue Mar 7 18:45:31 CET 2000 Werner Koch <wk@gnupg.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner.
* configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD.
Thu Mar 2 15:37:46 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Add check for clock_gettime
Wed Feb 23 10:07:57 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add nl.
Wed Feb 16 16:25:09 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add Esperanto.
Wed Feb 16 14:09:00 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add sv and ja.
* AUTHORS: Converted to a more compact format.
* INSTALL: Wrote a note about a Solaris problem.
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Use /usr/local for CFLAGS and LDFLAGS when
target is freebsd. By Rémi.
Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Do not set development version when the version has
a dash in it. Suggested by Dave Dykstra.
Thu Dec 16 10:07:58 CET 1999 Werner Koch <wk@gnupg.de>
* VERSION: Set to 1.0.1.
* configure.in: Removed substitution for doc/gph/Makefile.
Do all the gcc warning only in maintainer mode.
Thu Dec 9 10:31:05 CET 1999 Werner Koch <wk@gnupg.de>
* INSTALL: Add a hint for AIX. By Jos Backus.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc.
Suggested by Alexandre Oliva.
(-Wall): Moved the settting of gcc warning options near to the end
so that tests don't get confused. Suggested by Paul D. Smith.
Mon Nov 22 11:14:53 CET 1999 Werner Koch <wk@gnupg.de>
* BUGS: Replaced content with a link to the online list.
Fri Nov 12 20:33:19 CET 1999 Werner Koch <wk@gnupg.de>
* README: Fixed a type and add a note about the gnupg-i18n ML.
Thu Oct 28 16:08:20 CEST 1999 Werner Koch <wk@gnupg.de>
* acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New.
Sat Oct 9 20:34:41 CEST 1999 Werner Koch <wk@gnupg.de>
* configure.in: Tweaked handling of random modules and removed
dummy support for libgcrypt.
* Makefile.am: Removed libgcrypt support.
* cgrypt/ : Removed.
* Makefile.am: Removed libtool.
Fri Oct 8 20:32:01 CEST 1999 Werner Koch <wk@gnupg.de>
* configure.in: Fixed quoting in test for development version.
* THANKS: Add entries for Michael, Brenno and J Horacio who did
very nice Howto documents - I apoligize for forgetting to mention them
earlier.
Tue Sep 28 20:54:37 CEST 1999 Werner Koch <wk@gnupg.de>
* textfilter.c (copy_clearsig_text) [__MINGW32__): Use CR,LF.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add "-lcap" when capabilities are requested.
Add the conditional CROSS_COMPILING.
* Makefile.am: Don't use checks when CROSS_COMPILING.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ALL_LINGUAS): Add pt_PT.
* configure.in: Some tweaks for cross compiling under MingW32
* acconfig.h (USE_STATIC_RNDW32): New.
Tue Sep 7 17:08:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 1.0.0.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Create makefile in doc/gph
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New
* configure.in: use the above.
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.11.
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Minor changes to the OS/2 and Mingw32 system labels.
Add a printable name for Hurd.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Some support for DJGPP (Mark Elbrecht)
Wed Aug 4 10:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.10.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_...
* Makefile.am (DISCLEANFILES): New
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.9.
* configure.in: Print a notice when rndunix is used.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* configure.in: Ditto.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (use_local_zlib): The lost dollar is back.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case.
* configure.in: Another variant of the MX vendor string
* configure.in (--with-capabilities): Some test code (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX.
* configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra).
* VERSION: Now 0.9.8
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add test for docbook-to-man
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd,
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ZLIB,GDBM): Check both, header and lib.
Sat Jun 5 15:30:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (key_present_in_pk_list): New (Michael).
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (IS_DEVELOPMENT_VERSION): Fixed detection.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when
cross-compiling.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Fix for Unisys by Katsuhiro Kondou.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* NEWS: Add a marker line which I forgot to do for 0.9.6.
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* README: Minor updates
* VERSION: Now 0.9.6
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for
amiga-openbsd (Peter Reich)
(GNUPG_PROG_NM): Ditto
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (g10defs.h): Removed.
* configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h
Sat Mar 20 12:55:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Now 0.9.5
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is
now in the latest libtool.
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Removed the need for libtool
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced.
* acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New.
* VERSION: Now 0.9.4
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (dld): Test disabled.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* encode.c (encode_simple): temporary fix.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: New option --enable-static-rnd.
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* BUGS: Now we assign bug numbers.
* OBUGS: New to keep rack o fixed bugs (CVS only)
Fri Feb 19 18:01:54 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Released 0.9.3
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4: Removed gettext macros.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Check for -lsocket and -lnsl.
(osf4): Disable all warnings for DEC's cc.
(-Wall): Add more warning options for gcc
Sat Feb 13 12:04:43 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Changed detection of compiler flags.
* intl/ : Removed directory
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2
* configure.in: a lot of changes to allow selection of modules.
Add support for OS/2.
* acinclude.m4: add some more caching
* README: Spelling and grammar corrections (John A. Martin)
* INSTALL: Ditto.
Wed Jan 20 21:40:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: --enable-m-guard is now default
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* INSTALL: Applied new information how to build rpms by Fabio Coatti
* Makefile.in (gnupg.spec): Changed the names.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* config.links (m68k-atari-mint): New
Tue Jan 12 09:17:19 CET 1999 Gaël Quéri <gqueri@mail.dotcom.fr>
* all: Fixed typos all over the place
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add a way to statically link rndunix
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New.
* configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* README: Replaced the command overview with a short intro.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add check for dlopen in libc (Greg Troxel)
and a new define
* acconfig.h (DLSYM_NEEDS_UNDERSCORE): New.
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m (GNUPG_CHECK_PIC): New
* configure.in, acinclude.m4: Renamed all WK_ to GNUPG_
Tue Dec 8 15:09:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.4.5
Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (USE_RNDLINUX): New.
Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Released 0.4.4
* configure.in (try_asm_modules): For option --disable-asm
Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (MPI_SFLAGS): New.
Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* ABOUT-NLS: New
* configure.in (AC_REVISION): New.
Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Set to 0.4.3
Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): New macro GNUPG_DATADIR.
Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Removed gettext kludge
* acinclude.m4: Add patched AM_WITH_NKS macro
Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Kludge to make AM_GNU_GETTEXT work,
changed some macors to more modern versions. Also
changeg the all makefiles to remove duplicate ../intl.
* acinclude.m4: Removed the gettext stuff, as this
already comes with automake now.
Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (NAME_OF_DEV_RANDOM): New.
(DYNLINK_MOD_CFLAGS): New.
Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): creates include file
* acconfig.h: now includes g10defs.h
* configure.in: Removed G10_LOCALEDIR and GNUPG_LIB
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.
* scripts/gnupg.spec: New template file for RPMs
Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none))
* acinclude.h (WK_CHECK_IPC): New
* configure.in : Add checks for SysV IPC
Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-dynload): New.
Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold)
* configure.in (GNUPG_LIBDIR): New.
Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (fast_random_poll): fixed syntax bug.
Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux
Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* [all files]: Applied Matthew Skala's typo and grammar fixes.
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (getrusage,gettimeofday): New tests.
Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-m-guard): New.
Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in, acinclude.m4, intl/, po/: New macros taken
from GNOME, switched to automake 1.2f
Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (doc/Makefile): New
Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed gettext stuff
Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* checks/*test : restructured the directory.
Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed the name of the package to GNUPG and
chnaged several other names too.
Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (checks): New.
Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (mpi_config_done): Removed asm links caching.
Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): New.
* acconfig.h: Likewise.
Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in : Fixed zlib stuff
* Makefile.am: Likewise
Copyright 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/NEWS b/NEWS
index e5b52bba0..20b4e11dc 100644
--- a/NEWS
+++ b/NEWS
@@ -1,1212 +1,1216 @@
Noteworthy changes in version 1.1.91
-------------------------------------------------
+ * All modules are now linked statically; the --load-extension
+ option is in general not useful anymore. The only exception is
+ to specify the deprecated idea cipher.
+
* When using --batch with one of the --delete-key commands, the
key must be specified by fingerprint. See the man page for
details.
* There are now various ways to restrict the ability GnuPG has to
exec external programs (for the keyserver helpers or photo ID
viewers). Read the README file for the complete list.
* New export option to leave off attribute packets (photo IDs)
during export. This is useful when exporting to HKP keyservers
which do not understand attribute packets.
* New import option to repair during import the HKP keyserver
mangling multiple subkeys bug. Note that this cannot completely
repair the damaged key as some crucial data is removed by the
keyserver, but it does at least give you back one subkey. This
is on by default for keyserver --recv-keys, and off by default
for regular --import.
* The keyserver helper programs now live in
/usr/[local/]libexec/gnupg by default. If you are upgrading
from 1.0.7, you might want to delete your old copies in
/usr/[local/]bin. If you use an OS that does not use libexec
for whatever reason, use --libexecdir=/usr/local/lib to place
the keyserver helpers there.
* The LDAP keyserver handler now works properly with very old
(version 1) LDAP keyservers.
Noteworthy changes in version 1.1.90 (2002-07-01)
-------------------------------------------------
* New commands: --personal-cipher-preferences,
--personal-digest-preferences, and
--personal-compress-preferences allow the user to specify which
algorithms are to be preferred. Note that this does not permit
using an algorithm that is not present in the recipient's
preferences (which would violate the OpenPGP standard). This
just allows sorting the preferences differently.
* New "group" command to refer to several keys with one name.
* A warning is issued if the user forces the use of an algorithm
that is not listed in the recipient's preferences.
* Full revocation key (aka "designated revoker") support.
* The preferred hash algorithms on a key are consulted when
encrypting a signed message to that key. Note that this is
disabled by default by a SHA1 preference in
--personal-digest-preferences.
* --cert-digest-algo allows the user to specify the hash algorithm
to use when signing a key rather than the default SHA1 (or MD5
for PGP2 keys). Do not use this feature unless you fully
understand the implications of this.
* --pgp7 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 7.x.
* New --attribute-fd command for frontends and scripts to get the
contents of attribute packets (i.e. photos)
* In expert mode, the user can now re-sign a v3 key with a v4
self-signature. This does not change the v3 key into a v4 key,
but it does allow the user to use preferences, primary ID flags,
etc.
* Significantly improved photo ID support on non-unixlike
platforms.
* The version number has jumped ahead to 1.1.90 to skip over the
old version 1.1 and to get ready for the upcoming 1.2.
* ElGamal sign and encrypt is not anymore allowed in the key
generation dialog unless in expert mode. RSA sign and encrypt
has been added with the same restrictions.
* [W32] Keyserver access does work with Windows NT.
Noteworthy changes in version 1.0.7 (2002-04-29)
------------------------------------------------
* Secret keys are now stored and exported in a new format which
uses SHA-1 for integrity checks. This format renders the
Rosa/Klima attack useless. Other OpenPGP implementations might
not yet support this, so the option --simple-sk-checksum creates
the old vulnerable format.
* The default cipher algorithm for encryption is now CAST5,
default hash algorithm is SHA-1. This will give us better
interoperability with other OpenPGP implementations.
* Symmetric encrypted messages now use a fixed file size if
possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
6, and 7. Note this was only an issue with RFC-1991 style
symmetric messages.
* Photographic user ID support. This uses an external program to
view the images.
* Enhanced keyserver support via keyserver "plugins". GnuPG comes
with plugins for the NAI LDAP keyserver as well as the HKP email
keyserver. It retains internal support for the HKP HTTP
keyserver.
* Nonrevocable signatures are now supported. If a user signs a
key nonrevocably, this signature cannot be taken back so be
careful!
* Multiple signature classes are usable when signing a key to
specify how carefully the key information (fingerprint, photo
ID, etc) was checked.
* --pgp2 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 2.x.
* --pgp6 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 6.x.
* Signatures may now be given an expiration date. When signing a
key with an expiration date, the user is prompted whether they
want their signature to expire at the same time.
* Revocation keys (designated revokers) are now supported if
present. There is currently no way to designate new keys as
designated revokers.
* Permissions on the .gnupg directory and its files are checked
for safety.
* --expert mode enables certain silly things such as signing a
revoked user id, expired key, or revoked key.
* Some fixes to build cleanly under Cygwin32.
* New tool gpgsplit to split OpenPGP data formats into packets.
* New option --preserve-permissions.
* Subkeys created in the future are not used for encryption or
signing unless the new option --ignore-valid-from is used.
* Revoked user-IDs are not listed unless signatures are listed too
or we are in verbose mode.
* There is no default comment string with ascii armors anymore
except for revocation certificates and --enarmor mode.
* The command "primary" in the edit menu can be used to change the
primary UID, "setpref" and "updpref" can be used to change the
preferences.
* Fixed the preference handling; since 1.0.5 they were erroneously
matched against against the latest user ID and not the given one.
* RSA key generation.
* Merged Stefan's patches for RISC OS in. See comments in
scripts/build-riscos.
* It is now possible to sign and conventional encrypt a message (-cs).
* The MDC feature flag is supported and can be set by using
the "updpref" edit command.
* The status messages GOODSIG and BADSIG are now returning the primary
UID, encoded using %XX escaping (but with spaces left as spaces,
so that it should not break too much)
* Support for GDBM based keyrings has been removed.
* The entire keyring management has been revamped.
* The way signature stati are store has changed so that v3
signatures can be supported. To increase the speed of many
operations for existing keyrings you can use the new
--rebuild-keydb-caches command.
* The entire key validation process (trustdb) has been revamped.
See the man page entries for --update-trustdb, --check-trustdb
and --no-auto-check-trustdb.
* --trusted-keys is again obsolete, --edit can be used to set the
ownertrust of any key to ultimately trusted.
* A subkey is never used to sign keys.
* Read only keyrings are now handled as expected.
Noteworthy changes in version 1.0.6 (2001-05-29)
------------------------------------------------
* Security fix for a format string bug in the tty code.
* Fixed format string bugs in all PO files.
* Removed Russian translation due to too many bugs. The FTP
server has an unofficial but better translation in the contrib
directory.
* Fixed expire time calculation and keyserver access.
* The usual set of minor bug fixes and enhancements.
* non-writable keyrings are now correctly handled.
Noteworthy changes in version 1.0.5 (2001-04-29)
------------------------------------------------
* WARNING: The semantics of --verify have changed to address a
problem with detached signature detection. --verify now ignores
signed material given on stdin unless this is requested by using
a "-" as the name for the file with the signed material. Please
check all your detached signature handling applications and make
sure that they don't pipe the signed material to stdin without
using a filename together with "-" on the the command line.
* WARNING: Corrected hash calculation for input data larger than
512M - it was just wrong, so you might notice bad signature in
some very big files. It may be wise to keep an old copy of
GnuPG around.
* Secret keys are no longer imported unless you use the new option
--allow-secret-key-import. This is a kludge and future versions will
handle it in another way.
* New command "showpref" in the --edit-key menu to show an easier
to understand preference listing.
* There is now the notation of a primary user ID. For example, it
is printed with a signature verification as the first user ID;
revoked user IDs are not printed there anymore. In general the
primary user ID is the one with the latest self-signature.
* New --charset=utf-8 to bypass all internal conversions.
* Large File Support (LFS) is now working.
* New options: --ignore-crc-error, --no-sig-create-check,
--no-sig-cache, --fixed_list_mode, --no-expensive-trust-checks,
--enable-special-filenames and --use-agent. See man page.
* New command --pipemode, which can be used to run gpg as a
co-process. Currently only the verification of detached
signatures are working. See doc/DETAILS.
* Keyserver support for the W32 version.
* Rewritten key selection code so that GnuPG can better cope with
multiple subkeys, expire dates and so. The drawback is that it
is slower.
* A whole lot of bug fixes.
* The verification status of self-signatures are now cached. To
increase the speed of key list operations for existing keys you
can do the following in your GnuPG homedir (~/.gnupg):
cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \
rm pubring.gpg && gpg --import x
Only v4 keys (i.e not the old RSA keys) benefit from this caching.
* New translations: Estonian, Turkish.
Noteworthy changes in version 1.0.4 (2000-10-17)
------------------------------------------------
* Fixed a serious bug which could lead to false signature verification
results when more than one signature is fed to gpg. This is the
primary reason for releasing this version.
* New utility gpgv which is a stripped down version of gpg to
be used to verify signatures against a list of trusted keys.
* Rijndael (AES) is now supported and listed with top preference.
* --with-colons now works with --print-md[s].
Noteworthy changes in version 1.0.3 (2000-09-18)
------------------------------------------------
* Fixed problems with piping to/from other MS-Windows software
* Expiration time of the primary key can be changed again.
* Revoked user IDs are now marked in the output of --list-key
* New options --show-session-key and --override-session-key
to help the British folks to somewhat minimize the danger
of this Orwellian RIP bill.
* New options --merge-only and --try-all-secrets.
* New configuration option --with-egd-socket.
* The --trusted-key option is back after it left us with 0.9.5
* RSA is supported. Key generation does not yet work but will come
soon.
* CAST5 and SHA-1 are now the default algorithms to protect the key
and for symmetric-only encryption. This should solve a couple
of compatibility problems because the old algorithms are optional
according to RFC2440
* Twofish and MDC enhanced encryption is now used. PGP 7 supports
this. Older versions of GnuPG don't support it, so they should be
upgraded to at least 1.0.2
Noteworthy changes in version 1.0.2 (2000-07-12)
----------------------------------------------
* Fixed expiration handling of encryption keys.
* Add an experimental feature to do unattended key generation.
* The user is now asked for the reason of revocation as required
by the new OpenPGP draft.
* There is a ~/.gnupg/random_seed file now which saves the
state of the internal RNG and increases system performance
somewhat. This way the full entropy source is only used in
cases were it is really required.
Use the option --no-random-seed-file to disable this feature.
* New options --ignore-time-conflict and --lock-never.
* Some fixes for the W32 version.
* The entropy.dll is not anymore used by the W32 version but replaced
by code derived from Cryptlib.
* Encryption is now much faster: About 2 times for 1k bit keys
and 8 times for 4k keys.
* New encryption keys are generated in a way which allows a much
faster decryption.
* New command --export-secret-subkeys which outputs the
the _primary_ key with it's secret parts deleted. This is
useful for automated decryption/signature creation as it
allows to keep the real secret primary key offline and
thereby protecting the key certificates and allowing to
create revocations for the subkeys. See the FAQ for a
procedure to install such secret keys.
* Keygeneration now writes to the first writeable keyring or
as default to the one in the homedirectory. Prior versions
ignored all --keyring options.
* New option --command-fd to take user input from a file descriptor;
to be used with --status-fd by software which uses GnuPG as a backend.
* There is a new status PROGRESS which is used to show progress during
key generation.
* Support for the new MDC encryption packets. To create them either
--force-mdc must be use or cipher algorithm with a blocksize other
than 64 bits is to be used. --openpgp currently disables MDC packets
entirely. This option should not yet be used.
* New option --no-auto-key-retrieve to disable retrieving of
a missing public key from a keyserver, when a keyserver has been set.
* Danish translation
Noteworthy changes in version 1.0.1 (1999-12-16)
-----------------------------------
* New command --verify-files. New option --fast-list-mode.
* $http_proxy is now used when --honor-http-proxy is set.
* Fixed some minor bugs and the problem with conventional encrypted
packets which did use the gpg v3 partial length headers.
* Add Indonesian and Portugese translations.
* Fixed a bug with symmetric-only encryption using the non-default 3DES.
The option --emulate-3des-s2k-bug may be used to decrypt documents
which have been encrypted this way; this should be done immediately
as this workaround will be remove in 1.1
* Can now handle (but not display) PGP's photo IDs. I don't know the
format of that packet but after stripping a few bytes from the start
it looks like a JPEG (at least my test data). Handling of this
package is required because otherwise it would mix up the
self signatures and you can't import those keys.
* Passing non-ascii user IDs on the commandline should now work in all
cases.
* New keys are now generated with an additional preference to Blowfish.
* Removed the GNU Privacy Handbook from the distribution as it will go
into a separate one.
Noteworthy changes in version 1.0.0 (1999-09-07)
-----------------------------------
* Add a very preliminary version of the GNU Privacy Handbook to
the distribution (lynx doc/gph/index.html).
* Changed the version number to GnuPG 2001 ;-)
Noteworthy changes in version 0.9.11
------------------------------------
* UTF-8 strings are now correctly printed (if --charset is set correctly).
Output of --with-colons remains C-style escaped UTF-8.
* Workaround for a problem with PGP 5 detached signature in textmode.
* Fixed a problem when importing new subkeys (duplicated signatures).
Noteworthy changes in version 0.9.10
------------------------------------
* Some strange new options to help pgpgpg
* Cleaned up the dox a bit.
Noteworthy changes in version 0.9.9
-----------------------------------
* New options --[no-]utf8-strings.
* New edit-menu commands "enable" and "disable" for entire keys.
* You will be asked for a filename if gpg cannot deduce one.
* Changes to support libtool which is needed for the development
of libgcrypt.
* New script tools/lspgpot to help transferring assigned
trustvalues from PGP to GnuPG.
* New commands --lsign-key and made --sign-key a shortcut for --edit
and sign.
* New options (#122--126 ;-) --[no-]default-recipient[-self],
--disable-{cipher,pubkey}-algo. See the man page.
* Enhanced info output in case of multiple recipients and fixed exit code.
* New option --allow-non-selfsigned-uid to work around a problem with
the German IN way of separating signing and encryption keys.
Noteworthy changes in version 0.9.8
-----------------------------------
* New subcommand "delsig" in the edit menu.
* The name of the output file is not anymore the one which is
embedded in the processed message, but the used filename with
the extension stripped. To revert to the old behaviour you can
use the option --use-embedded-filename.
* Another hack to cope with pgp2 generated detached signatures.
* latin-2 character set works (--charset=iso-8859-2).
* New option --with-key-data to list the public key parameters.
New option -N to insert notations and a --set-policy-url.
A couple of other options to allow reseting of options.
* Better support for HPUX.
Noteworthy changes in version 0.9.7
-----------------------------------
* Add some work arounds for a bugs in pgp 2 which led to bad signatures
when used with canonical texts in some cases.
* Enhanced some status outputs.
Noteworthy changes in version 0.9.6
-----------------------------------
* Twofish is now statically linked by default. The experimental 128 bit
version is now disabled. Full support will be available as soon as
the OpenPGP WG has decided on an interpretation of rfc2440.
* Dropped support for the ancient Blowfish160 which is not OpenPGP.
* Merged gpgm and gpg into one binary.
* Add "revsig" and "revkey" commands to the edit menu. It is now
possible to revoke signature and subkeys.
Noteworthy changes in version 0.9.5
-----------------------------------
* New command "lsign" in the keyedit menu to create non-exportable
signatures. Removed --trusted-keys option.
* A bunch of changes to the key validation code.
* --list-trust-path now has an optional --with-colons format.
* New command --recv-keys to import keys from an keyserver.
Noteworthy changes in version 0.9.4
-----------------------------------
* New configure option --enable-static-rnd=[egd|linux|unix|none]
to select a random gathering module for static linking.
* The original text is now verbatim copied to a cleartext signed message.
* Bugfixes but there are still a couple of bugs.
Noteworthy changes in version 0.9.3
-----------------------------------
* Changed the internal design of getkey which now allows a
efficient lookup of multiple keys and add a word match mode.
* New options --[no-]encrypt-to.
* Some changes to the configure stuff. Switched to automake 1.4.
Removed intl/ from CVS, autogen.sh now uses gettextize.
* Preferences now include Twofish. Removed preference to Blowfish with
a special hack to suppress the "not listed in preferences" warning;
this is to allow us to switch completely to Twofish in the near future.
* Changed the locking stuff.
* Print all user ids of a good signature.
Noteworthy changes in version 0.9.2
-----------------------------------
* add some additional time warp checks.
* Option --keyserver and command --send-keys to utilize HKP servers.
* Upgraded to zlib 1.1.3 and fixed an inflate bug
* More cleanup on the cleartext signatures.
Noteworthy changes in version 0.9.1
-----------------------------------
* Polish language support.
* When querying the passphrase, the key ID of the primary key is
displayed along with the one of the used secondary key.
* Fixed a bug occurring when decrypting pgp 5 encrypted messages,
fixed an infinite loop bug in the 3DES code and in the code
which looks for trusted signatures.
* Fixed a bug in the mpi library which caused signatures not to
compare okay.
* Rewrote the handling of cleartext signatures; the code is now
better maintainable (I hope so).
* New status output VALIDSIG only for valid signatures together
with the fingerprint of the signer's key.
Noteworthy changes in version 0.9.0
-----------------------------------
* --export does now only exports rfc2440 compatible keys; the
old behaviour is available with --export-all.
Generation of v3 ElGamal (sign and encrypt) keys is not longer
supported.
* Fixed the uncompress bug.
* Rewrote the rndunix module. There are two environment variables
used for debugging now: GNUPG_RNDUNIX_DBG give the file to write
debugging information (use "-" for stdout) and if GNUPG_RNDUNIX_DBGALL
is set, all programs which are only tried are also printed.
* New option --escape-from-lines to "dash-escape" "From " lines to
prevent mailers to change them to ">From ". This is not enabled by
default because it is not in compliance with rfc2440 - however, you
should turn it on.
Noteworthy changes in version 0.4.5
-----------------------------------
* The keyrings and the trustdb is now locked, so that
other GnuPG processes won't damage these files. You
may want to put the option --lock-once into your options file.
* The latest self-signatures are now used; this enables --import
to see updated preferences etc.
* Import of subkeys should now work.
* Random gathering modules may now be loaded as extensions. Add
such a module for most Unices but it is very experimental!
* Brazilian language support.
Noteworthy changes in version 0.4.4
-----------------------------------
* Fixed the way the key expiration time is stored. If you have
an expiration time on your key you should fix it with --edit-key
and the command "expire". I apologize for this inconvenience.
* Add option --charset to support "koi8-r" encoding of user ids.
(Not yet tested).
* Preferences should now work again. You should run
"gpgm --check-trustdb \*" to rebuild all preferences.
* Checking of certificates should now work but this needs a lot
of testing. Key validation values are now cached in the
trustdb; they should be recalculated as needed, but you may
use --check-trustdb or --update-trustdb to do this.
* Spanish translation by Urko Lusa.
* Patch files are from now on signed. See the man page
for the new option --not-dash-escaped.
* New syntax: --edit-key <userID> [<commands>]
If you run it without --batch the commands are executed and then
you are put into normal mode unless you use "quit" or "save" as
one of the commands. When in batch mode, the program quits after
the last command, so you have to use "save" if you did some changes.
It does not yet work completely, but may be used to list so the
keys etc.
Noteworthy changes in version 0.4.3
-----------------------------------
* Fixed the gettext configure bug.
* Kludge for RSA keys: keyid and length of a RSA key are
correctly reported, but you get an error if you try to use
this key (If you do not have the non-US version).
* Experimental support for keyrings stored in a GDBM database.
This is *much* faster than a standard keyring. You will notice
that the import gets slower with time; the reason is that all
new keys are used to verify signatures of previous inserted
keys. Use "--keyring gnupg-gdbm:<name-of-gdbm-file>". This is
not (yet) supported for secret keys.
* A Russian language file in the distribution (alternatives are in
the contrib directory of the FTP servers)
* commandline option processing now works as expected for GNU programs
with the exception that you can't mix options and normal arguments.
* Now --list-key lists all matching keys. This is needed in some
other places too.
Noteworthy changes in version 0.4.2
-----------------------------------
* This is only a snapshot: There are still a few bugs.
* Fixed this huge memory leak.
* Redesigned the trust database: You should run "gpgm --check-trustdb".
New command --update-trustdb, which adds new key from the public
keyring into your trustdb
* Fixed a bug in the armor code, leading to invalid packet errors.
(a workaround for this was to use --no-armor). The shorten line
length (64 instead of 72) fixes a problem with pgp5 and keyservers.
* comment packets are not anymore generated. "--export" filters
them out. One Exception: The comment packets in a secret keyring
are still used because they carry the factorization of the public
prime product.
* --import now only looks for KEYBLOCK headers, so you can now simply
remove the "- " in front of such a header if someone accidently signed
such a message or the keyblock is part of a cleartext signed message.
* --with-colons now lists the key expiration time and not anymore
the valid period.
* Some keyblocks created with old releases have a wrong sequence
of packets, so that the keyservers don't accept these keys.
Simply using "--edit-key" fixes the problem.
* New option --force-v3-sigs to generate signed messages which are
compatible to PGP 5.
* Add some code to support DLD (for non ELF systems) - but this is
not tested because my BSD box is currently broken.
* New command "expire" in the edit-key menu.
Noteworthy changes in version 0.4.1
-----------------------------------
* A secondary key is used when the primary key is specified but cannot
be used for the operation (if it is a sign-only key).
* GNUPG can now handle concatenated armored messages: There is still a
bug if different kinds of messages are mixed.
* Iterated+Salted passphrases now work. If want to be sure that PGP5
is able to handle them you may want to use the options
"--s2k-mode 3 --s2k-cipher-algo cast5 --s2k-digest-algo sha1"
when changing a passphrase.
* doc/OpenPGP talks about OpenPGP compliance, doc/HACKING gives
a few hints about the internal structure.
* Checked gnupg against the August 1998 draft (07) and I believe
it is in compliance with this document (except for one point).
* Fixed some bugs in the import merging code and rewrote some
code for the trustdb.
Noteworthy changes in version 0.4.0
-----------------------------------
* Triple DES is now supported. Michael Roth did this piece of
needed work. We have now all the coded needed to be OpenPGP
compliant.
* Added a simple rpm spec file (see INSTALL).
* detached and armored signatures are now using "PGP SIGNATURE",
except when --rfc1991 is used.
* All times which are not in the yyyy-mm-dd format are now printed
in local time.
Noteworthy changes in version 0.3.5
-----------------------------------
* New option --throw-keyid to create anonymous enciphered messages.
If gpg detects such a message it tires all available secret keys
in turn so decode it. This is a gnupg extension and not in OpenPGP
but it has been discussed there and afaik some products use this
scheme too (Suggested by Nimrod Zimmerman).
* Fixed a bug with 5 byte length headers.
* --delete-[secret-]key is now also available in gpgm.
* cleartext signatures are not anymore converted to LF only.
* Fixed a trustdb problem. Run "gpgm --check-trustdb" to fix old
trust dbs.
* Building in another directory should now work.
* Weak key detection mechanism (Niklas Hernaeus).
Noteworthy changes in version 0.3.4
-----------------------------------
* New options --comment and --set-filename; see g10/OPTIONS
* yes/no, y/n localized.
* Fixed some bugs.
Noteworthy changes in version 0.3.3
-----------------------------------
* IMPORTANT: I found yet another bug in the way the secret keys
are encrypted - I did it the way pgp 2.x did it, but OpenPGP
and pgp 5.x specify another (in some aspects simpler) method.
To convert your secret keys you have to do this:
1. Build the new release but don't install it and keep
a copy of the old program.
2. Disable the network, make sure that you are the only
user, be sure that there are no Trojan horses etc ....
3. Use your old gpg (version 0.3.[12]) and set the
passphrases of ALL your secret keys to empty!
(gpg --change-passphrase your-user-id).
4. Save your ownertrusts (see the next point)
5. rm ~/.gnupg/trustdb.gpg
6. install the new version of gpg (0.3.3)
7. For every secret key call "gpg --edit-key your-user-id",
enter "passwd" at the prompt, follow the instructions and
change your password back, enter "save" to store it.
8. Restore the ownertrust (see next point).
* The format of the trust database has changed; you must delete
the old one, so gnupg can create a new one.
IMPORTANT: Use version 0.3.[12] to save your assigned ownertrusts
("gpgm --list-ownertrust >saved-trust"); then build this new version
and restore the ownertrust with this new version
("gpgm --import-ownertrust saved-trust"). Please note that
--list-ownertrust has been renamed to --export-ownertrust in this
release and it does now only export defined ownertrusts.
* The command --edit-key now provides a commandline driven menu
which can be used for various tasks. --sign-key is only an
an alias to --edit-key and maybe removed in future: use the
command "sign" of this new menu - you can select which user ids
you want to sign.
* Alternate user ids can now be created an signed.
* Owner trust values can now be changed with --edit-key (trust)
* GNUPG can now run as a coprocess; this enables sophisticated
frontends. tools/shmtest.c is a simple sample implementation.
This needs some more work: all tty_xxx() are to be replaced
by cpr_xxx() and some changes in the display logics is needed.
* Removed options --gen-prime and --gen-random.
* Removed option --add-key; use --edit-key instead.
* Removed option --change-passphrase; use --edit-key instead.
* Signatures are now checked even if the output file could not
be created. Command "--verify" tries to find the detached data.
* gpg now disables core dumps.
* compress and symmetric cipher preferences are now used.
Because there is no 3DES yet, this is replaced by Blowfish.
* We have added the Twofish as an experimental cipher algorithm.
Many thanks to Matthew Skala for doing this work.
Twofish is the AES submission from Schneier et al.; see
"www.counterpane.com/twofish.html" for more information.
* Started with a help system: If you enter a question mark at some
prompt; you should get a specific help for this prompt.
* There is no more backup copy of the secret keyring.
* A lot of new bugs. I think this release is not as stable as
the previous one.
Noteworthy changes in version 0.3.2
-----------------------------------
* Fixed some bugs when using --textmode (-seat)
* Now displays the trust status of a positive verified message.
* Keyrings are now scanned in the sequence they are added with
--[secret-]keyring. Note that the default keyring is implicitly
added as the very first one unless --no-default-keyring is used.
* Fixed setuid and dlopen bug.
Noteworthy changes in version 0.3.1
-----------------------------------
* Partial headers are now written in the OpenPGP format if
a key in a v4 packet is used.
* Removed some unused options, removed the gnupg.sig stuff.
* Key lookup by name now returns a key which can be used for
the desired action.
* New options --list-ownertrust (gpgm) to make a backup copy
of the ownertrust values you assigned.
* clear signature headers are now in compliance with OpenPGP.
Noteworthy changes in version 0.3.0
-----------------------------------
* New option --emulate-checksum-bug. If your passphrase does not
work anymore, use this option and --change-passphrase to rewrite
your passphrase.
* More complete v4 key support: Preferences and expiration time
is set into the self signature.
* Key generation defaults to DSA/ElGamal keys, so that new keys are
interoperable with pgp5
* DSA key generation is faster and key generation does not anymore
remove entropy from the random generator (the primes are public
parameters, so there is really no need for a cryptographic secure
prime number generator which we had used).
* A complete new structure for representing the key parameters.
* Removed most public key knowledge into the cipher library.
* Support for dynamic loading of new algorithms.
* Moved tiger to an extension module.
Noteworthy changes in version 0.2.19
------------------------------------
* Replaced /dev/urandom in checks with new tool mk-tdata.
* Some assembler file cleanups; some more functions for the Alpha.
* Tiger has now the OpenPGP assigned number 6. Because the OID has
changed, old signatures using this algorithm can't be verified.
* gnupg now encrypts the compressed packed and not any longer in the
reverse order; anyway it can decrypt both versions. Thanks to Tom
for telling me this (not security related) bug.
* --add-key works and you are now able to generate subkeys.
* It is now possible to generate ElGamal keys in v4 packets to create
valid OpenPGP keys.
* Some new features for better integration into MUAs.
Noteworthy changes in version 0.2.18
------------------------------------
* Splitted cipher/random.c, add new option "--disable-dev-random"
to configure to support the development of a random source for
other systems. Prepared sourcefiles rand-unix.c, rand-w32.c
and rand-dummy.c (which is used to allow compilation on systems
without a random source).
* Fixed a small bug in the key generation (it was possible that 48 bits
of a key were not taken from the random pool)
* Add key generation for DSA and v4 signatures.
* Add a function trap_unaligned(), so that a SIGBUS is issued on
Alphas and not the slow emulation code is used. And success: rmd160
raised a SIGBUS.
* Enhanced the formatting facility of argparse and changed the use of
\r,\v to @ because gettext does not like it.
* New option "--compress-algo 1" to allow the creation of compressed
messages which are readable by PGP and "--print-md" (gpgm) to make
speed measurement easier.
Noteworthy changes in version 0.2.17
------------------------------------
* Comment packets are now of private type 61.
* Passphrase code still used a 160 bit blowfish key, added a
silly workaround. Please change your passphrase again - sorry.
* Conventional encryption now uses a type 3 packet to describe the
used algorithms.
* The new algorithm number for Blowfish is 20, 16 is still used for
encryption only; for signing it is only used when it is in a v3 packet,
so that GNUPG keys are still valid.
Noteworthy changes in version 0.2.16
------------------------------------
* Add experimental support for the TIGER/192 message digest algorithm.
(But there is only a dummy ASN OID).
* Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB
mode. I renamed the old cipher to Blowfish160. Because the OpenPGP
group refused to assign me a number for Blowfish160, I have to
drop support for this in the future. You should use
"--change-passphrase" to recode your current passphrase with 128
bit Blowfish.
Noteworthy changes in version 0.2.15
------------------------------------
* Fixed a bug with the old checksum calculation for secret keys.
If you run the program without --batch, a warning does inform
you if your secret key needs to be converted; simply use
--change-passphrase to recalculate the checksum. Please do this
soon, as the compatible mode will be removed sometime in the future.
* CAST5 works (using the PGP's special CFB mode).
* Again somewhat more PGP 5 compatible.
* Some new test cases
Noteworthy changes in version 0.2.14
------------------------------------
* Changed the internal handling of keyrings.
* Add support to list PGP 5 keyrings with subkeys
* Timestamps of signatures are now verified.
* A expiration time can now be specified during key generation.
* Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform.
Reduced the amount of random bytes needed for key generation in
some cases.
Noteworthy changes in version 0.2.13
------------------------------------
* Verify of DSA signatures works.
* Re-implemented the slower random number generator.
Noteworthy changes in version 0.2.12
------------------------------------
* --delete-key checks that there is no secret key. The new
option --delete-secret-key maybe used to delete a secret key.
* "-kv" now works as expected. Options "--list-{keys,sigs]"
and "--check-sigs" are now working.
* New options "--verify" and "--decrypt" to better support integration
into MUAs (partly done for Mutt).
* New option "--with-colons" to make parsing of key lists easier.
Noteworthy changes in version 0.2.11
------------------------------------
* GPG now asks for a recipient's name if option "-r" is not used.
* If there is no good trust path, the program asks whether to use
the public keys anyway.
* "--delete-key" works for public keys. What semantics shall I use
when there is a secret key too? Delete the secret key or leave him
and auto-regenerate the public key, next time the secret key is used?
Noteworthy changes in version 0.2.10
------------------------------------
* Code for the alpha is much faster (about 20 times); the data
was misaligned and the kernel traps this, so nearly all time
was used by system to trap the misalignments and to write
syslog messages. Shame on me and thanks to Ralph for
pointing me at this while drinking some beer yesterday.
* Changed some configure options and add an option
--disable-m-guard to remove the memory checking code
and to compile everything with optimization on.
* New environment variable GNUPGHOME, which can be used to set
another homedir than ~/.gnupg. Changed default homedir for
Windoze version to c:/gnupg.
* Fixed detached signatures; detached PGP signatures caused a SEGV.
* The Windoze version works (as usual w/o a strong RNG).
Noteworthy changes in version 0.2.9
-----------------------------------
* Fixed FreeBSD bug.
* Added a simple man page.
* Switched to automake1.2f and a newer gettext.
Noteworthy changes in version 0.2.8
-----------------------------------
* Changed the name to GNUPG, the binaries are called gpg and gpgm.
You must rename rename the directory "~/.g10" to ~/.gnupg/, rename
{pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg
and g10.sig to gnupg.sig.
* New or changed passphrases are now salted.
Noteworthy changes in version 0.2.7
-----------------------------------
* New command "gen-revoke" to create a key revocation certificate.
* New option "homedir" to set the homedir (which defaults to "~/.g10").
This directory is created if it does not exists (only the last
part of the name and not the complete hierarchy)
* Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import")
* New commands "dearmor/enarmor" for g10maint. These are mainly
used for internal test purposes.
* Option --version now conforming to the GNU standards and lists
the available ciphers, message digests and public key algorithms.
* Assembler code for m68k (not tested).
* "make check" works.
Noteworthy changes in version 0.2.6
-----------------------------------
* Option "--export" works.
Noteworthy changes in version 0.2.5
-----------------------------------
* Added zlib for systems which don't have it.
Use "./configure --with-zlib" to link with the static version.
* Generalized some more functions and rewrote the encoding of
message digests into MPIs.
* Enhanced the checkit script
Noteworthy changes in version 0.2.4
-----------------------------------
* nearly doubled the speed of the ElGamal signature verification.
* backup copies of keyrings are created.
* assembler stuff for Pentium; gives about 15% better performance.
* fixed a lot of bugs.
Noteworthy changes in version 0.2.3
-----------------------------------
* Found a bug in the calculation of ELG fingerprints. This is now
fixed, but all existing fingerprints and keyids for ELG keys
are not any more valid.
* armor should now work; including clear signed text.
* moved some options to the new program g10maint
* It's now 64 bit clean and runs fine on an alpha--linux.
* Key generation is much faster now. I fixed this by using not
so strong random number for the primes (this was a bug because the
ElGamal primes are public parameters and it does not make sense
to generate them from strong random). The real secret is the x value
which is still generated from strong (okay: /dev/random) random bits.
* added option "--status-fd": see g10/OPTIONS
* We have secure memory on systems which support mlock().
It is not complete yet, because we do not have signal handler
which does a cleanup in very case.
We should also check the ulimit for the user in the case
that the admin does not have set a limit on locked pages.
* started with internationalization support.
* The logic to handle the web of trust is now implemented. It is
has some bugs; but I'm going to change the algorithm anyway.
It works by calculating the trustlevel on the fly. It may ask
you to provide trust parameters if the calculated trust probability
is too low. I will write a paper which discusses this new approach.
* a couple of changes to the configure script.
* New option "--quick-random" which uses a much quicker random
number generator. Keys generated while this option is in effect
are flags with "INSECURE!" in the user-id. This is a development
only option.
* Read support for new version packets (OpenPGP).
* Comment packets are now of correct OpenPGP type 16. Old comment
packets written by G10 are detected because they always start with
a hash which is an invalid version byte.
* The string "(INSECURE!)" is appended to a new user-id if this
is generated on a system without a good random number generator.
Copyright 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/README b/README
index cd5216c43..0e2f3059b 100644
--- a/README
+++ b/README
@@ -1,663 +1,662 @@
GnuPG - The GNU Privacy Guard
-------------------------------
Version 1.1
Copyright 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
****************************************************
** Please note that is is a DEVELOPMENT VERSION **
** and as such not suitable for production use **
** unless you really know what you are doing. **
****************************************************
Intro
-----
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC2440.
GnuPG works best on GNU/Linux or *BSD systems. Most other Unices
are also supported but are not as well tested as the Free Unices.
See http://www.gnupg.org/gnupg.html#supsys for a list of systems
which are known to work.
See the file COPYING for copyright and warranty information.
Because GnuPG does not use use any patented algorithm it cannot be
compatible with PGP2 versions. PGP 2.x uses IDEA (which is patented
worldwide).
The default algorithms are DSA and ElGamal. ElGamal for signing
is still available, but because of the larger size of such
signatures it is deprecated (Please note that the GnuPG
implementation of ElGamal signatures is *not* insecure). Symmetric
algorithms are: AES, 3DES, Blowfish, CAST5 and Twofish
Digest algorithms available are MD5, RIPEMD160 and SHA1.
Installation
------------
Please read the file INSTALL and the sections in this file
related to the installation. Here is a quick summary:
1) Check that you have unmodified sources. The below on how
to do this. Don't skip it - this is an important step!
2) Unpack the TAR. With GNU tar you can do it this way:
"tar xzvf gnupg-x.y.z.tar.gz"
3) "cd gnupg-x.y.z"
4) "./configure"
5) "make"
6) "make install"
7) You end up with a "gpg" binary in /usr/local/bin.
8) To avoid swapping out of sensitive data, you can install "gpg" as
suid root. If you don't do so, you may want to add the option
"no-secmem-warning" to ~/.gnupg/options
How to Verify the Source
------------------------
In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:
a) If you already have a trusted Version of GnuPG installed, you
can simply check the supplied signature:
$ gpg --verify gnupg-x.y.z.tar.gz.asc
This checks that the detached signature gnupg-x.y.z.tar.gz.asc
is indeed a a signature of gnupg-x.y.z.tar.gz. The key used to
create this signature is:
"pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>"
If you do not have this key, you can get it from the source in
the file doc/samplekeys.asc (use "gpg --import doc/samplekeys.asc"
to add it to the keyring) or from any keyserver. You have to
make sure that this is really the key and not a faked one. You
can do this by comparing the output of:
$ gpg --fingerprint 0x57548DCD
with the elsewhere published fingerprint
Please note, that you have to use an old version of GnuPG to
do all this stuff. *Never* use the version which you are going
to check!
b) If you don't have any of the above programs, you have to verify
the MD5 checksum:
$ md5sum gnupg-x.y.z.tar.gz
This should yield an output _similar_ to this:
fd9351b26b3189c1d577f0970f9dcadc gnupg-x.y.z.tar.gz
Now check that this checksum is _exactly_ the same as the one
published via the announcement list and probably via Usenet.
Documentation
-------------
The manual will be distributed separate under the name "gph".
An online version of the latest manual draft is available at the
GnuPG web pages:
http://www.gnupg.org/gph/
A list of frequently asked questions is available in GnuPG's
distibution in the file doc/FAQ and online as:
http://www.gnupg.org/faq.html
A couple of HOWTO documents are available online; for a listing see:
http://www.gnupg.org/docs.html#howtos
A man page with a description of all commands and options gets installed
along with the program.
Introduction
------------
Here is a brief overview on how to use GnuPG - it is strongly suggested
that you read the manual and other information about the use of
cryptography. GnuPG is only a tool, secure usage requires that
YOU KNOW WHAT YOU ARE DOING.
If you already have a DSA key from PGP 5 (they call them DH/ElGamal)
you can simply copy the pgp keyrings over the GnuPG keyrings after
running gpg once to create the correct directory.
The normal way to create a key is
gpg --gen-key
This asks some questions and then starts key generation. To create
good random numbers for the key parameters, GnuPG needs to gather
enough noise (entropy) from your system. If you see no progress
during key generation you should start some other activities such
as mouse moves or hitting on the CTRL and SHIFT keys.
Generate a key ONLY on a machine where you have direct physical
access - don't do it over the network or on a machine used also
by others - especially if you have no access to the root account.
When you are asked for a passphrase use a good one which you can
easy remember. Don't make the passphrase too long because you have
to type it for every decryption or signing; but, - AND THIS IS VERY
IMPORTANT - use a good one that is not easily to guess because the
security of the whole system relies on your secret key and the
passphrase that protects it when someone gains access to your secret
keyring. A good way to select a passphrase is to figure out a short
nonsense sentence which makes some sense for you and modify it by
inserting extra spaces, non-letters and changing the case of some
characters - this is really easy to remember especially if you
associate some pictures with it.
Next, you should create a revocation certificate in case someone
gets knowledge of your secret key or you forgot your passphrase
gpg --gen-revoke your_user_id
Run this command and store the revocation certificate away. The output
is always ASCII armored, so that you can print it and (hopefully
never) re-create it if your electronic media fails.
Now you can use your key to create digital signatures
gpg -s file
This creates a file "file.gpg" which is compressed and has a
signature attached.
gpg -sa file
Same as above, but creates a file "file.asc" which is ASCII armored
and and ready for sending by mail. It is better to use your
mailers features to create signatures (The mailer uses GnuPG to do
this) because the mailer has the ability to MIME encode such
signatures - but this is not a security issue.
gpg -s -o out file
Creates a signature of "file", but writes the output to the file
"out".
Everyone who knows your public key (you can and should publish
your key by putting it on a key server, a web page or in your .plan
file) is now able to check whether you really signed this text
gpg --verify file
GnuPG now checks whether the signature is valid and prints an
appropriate message. If the signature is good, you know at least
that the person (or machine) has access to the secret key which
corresponds to the published public key.
If you run gpg without an option it will verify the signature and
create a new file that is identical to the original. gpg can also
run as a filter, so that you can pipe data to verify trough it
cat signed-file | gpg | wc -l
which will check the signature of signed-file and then display the
number of lines in the original file.
To send a message encrypted to someone you can use
gpg -e -r heine file
This encrypts "file" with the public key of the user "heine" and
writes it to "file.gpg"
echo "hello" | gpg -ea -r heine | mail heine
Ditto, but encrypts "hello\n" and mails it as ASCII armored message
to the user with the mail address heine.
gpg -se -r heine file
This encrypts "file" with the public key of "heine" and writes it
to "file.gpg" after signing it with your user id.
gpg -se -r heine -u Suttner file
Ditto, but sign the file with your alternative user id "Suttner"
GnuPG has some options to help you publish public keys. This is
called "exporting" a key, thus
gpg --export >all-my-keys
exports all the keys in the keyring and writes them (in a binary
format) to "all-my-keys". You may then mail "all-my-keys" as an
MIME attachment to someone else or put it on an FTP server. To
export only some user IDs, you give them as arguments on the command
line.
To mail a public key or put it on a web page you have to create
the key in ASCII armored format
gpg --export --armor | mail panther@tiger.int
This will send all your public keys to your friend panther.
If you have received a key from someone else you can put it
into your public keyring. This is called "importing"
gpg --import [filenames]
New keys are appended to your keyring and already existing
keys are updated. Note that GnuPG does not import keys that
are not self-signed.
Because anyone can claim that a public key belongs to her
we must have some way to check that a public key really belongs
to the owner. This can be achieved by comparing the key during
a phone call. Sure, it is not very easy to compare a binary file
by reading the complete hex dump of the file - GnuPG (and nearly
every other program used for management of cryptographic keys)
provides other solutions.
gpg --fingerprint <username>
prints the so called "fingerprint" of the given username which
is a sequence of hex bytes (which you may have noticed in mail
sigs or on business cards) that uniquely identifies the public
key - different keys will always have different fingerprints.
It is easy to compare fingerprints by phone and I suggest
that you print your fingerprint on the back of your business
card. To see the fingerprints of the secondary keys, you can
give the command twice; but this is normally not needed.
If you don't know the owner of the public key you are in trouble.
Suppose however that friend of yours knows someone who knows someone
who has met the owner of the public key at some computer conference.
Suppose that all the people between you and the public key holder
may now act as introducers to you. Introducers signing keys thereby
certify that they know the owner of the keys they sign. If you then
trust all the introducers to have correctly signed other keys, you
can be be sure that the other key really belongs to the one who
claims to own it..
There are 2 steps to validate a key:
1. First check that there is a complete chain
of signed keys from the public key you want to use
and your key and verify each signature.
2. Make sure that you have full trust in the certificates
of all the introduces between the public key holder and
you.
Step 2 is the more complicated part because there is no easy way
for a computer to decide who is trustworthy and who is not. GnuPG
leaves this decision to you and will ask you for a trust value
(here also referenced as the owner-trust of a key) for every key
needed to check the chain of certificates. You may choose from:
a) "I don't know" - then it is not possible to use any
of the chains of certificates, in which this key is used
as an introducer, to validate the target key. Use this if
you don't know the introducer.
b) "I do not trust" - Use this if you know that the introducer
does not do a good job in certifying other keys. The effect
is the same as with a) but for a) you may later want to
change the value because you got new information about this
introducer.
c) "I trust marginally" - Use this if you assume that the
introducer knows what he is doing. Together with some
other marginally trusted keys, GnuPG validates the target
key then as good.
d) "I fully trust" - Use this if you really know that this
introducer does a good job when certifying other keys.
If all the introducer are of this trust value, GnuPG
normally needs only one chain of signatures to validate
a target key okay. (But this may be adjusted with the help
of some options).
This information is confidential because it gives your personal
opinion on the trustworthiness of someone else. Therefore this data
is not stored in the keyring but in the "trustdb"
(~/.gnupg/trustdb.gpg). Do not assign a high trust value just
because the introducer is a friend of yours - decide how well she
understands the implications of key signatures and you may want to
tell her more about public key cryptography so you can later change
the trust value you assigned.
Okay, here is how GnuPG helps you with key management. Most stuff
is done with the --edit-key command
gpg --edit-key <keyid or username>
GnuPG displays some information about the key and then prompts
for a command (enter "help" to see a list of commands and see
the man page for a more detailed explanation). To sign a key
you select the user ID you want to sign by entering the number
that is displayed in the leftmost column (or do nothing if the
key has only one user ID) and then enter the command "sign" and
follow all the prompts. When you are ready, give the command
"save" (or use "quit" to cancel your actions).
If you want to sign the key with another of your user IDs, you
must give an "-u" option on the command line together with the
"--edit-key".
Normally you want to sign only one user ID because GnuPG
uses only one and this keeps the public key certificate
small. Because such key signatures are very important you
should make sure that the signatories of your key sign a user ID
which is very likely to stay for a long time - choose one with an
email address you have full control of or do not enter an email
address at all. In future GnuPG will have a way to tell which
user ID is the one with an email address you prefer - because
you have no signatures on this email address it is easy to change
this address. Remember, your signatories sign your public key (the
primary one) together with one of your user IDs - so it is not possible
to change the user ID later without voiding all the signatures.
Tip: If you hear about a key signing party on a computer conference
join it because this is a very convenient way to get your key
certified (But remember that signatures have nothing to to with the
trust you assign to a key).
8 Ways to Specify a User ID
--------------------------
There are several ways to specify a user ID, here are some examples.
* Only by the short keyid (prepend a zero if it begins with A..F):
"234567C4"
"0F34E556E"
"01347A56A"
"0xAB123456
* By a complete keyid:
"234AABBCC34567C4"
"0F323456784E56EAB"
"01AB3FED1347A5612"
"0x234AABBCC34567C4"
* By a fingerprint:
"1234343434343434C434343434343434"
"123434343434343C3434343434343734349A3434"
"0E12343434343434343434EAB3484343434343434"
The first one is MD5 the others are ripemd160 or sha1.
* By an exact string:
"=Heinrich Heine <heinrichh@uni-duesseldorf.de>"
* By an email address:
"<heinrichh@uni-duesseldorf.de>"
* By word match
"+Heinrich Heine duesseldorf"
All words must match exactly (not case sensitive) and appear in
any order in the user ID. Words are any sequences of letters,
digits, the underscore and characters with bit 7 set.
* Or by the usual substring:
"Heine"
"*Heine"
The '*' indicates substring search explicitly.
Batch mode
----------
If you use the option "--batch", GnuPG runs in non-interactive mode and
never prompts for input data. This does not even allow entering the
passphrase. Until we have a better solution (something like ssh-agent),
you can use the option "--passphrase-fd n", which works like PGP's
PGPPASSFD.
Batch mode also causes GnuPG to terminate as soon as a BAD signature is
detected.
Exit status
-----------
GnuPG returns with an exit status of 1 if in batch mode and a bad signature
has been detected or 2 or higher for all other errors. You should parse
stderr or, better, the output of the fd specified with --status-fd to get
detailed information about the errors.
Configure options
-----------------
Here is a list of configure options which are sometime useful
for installation.
--enable-static-rnd=<name>
Force the use of the random byte gathering
module <name>. Default is either to use /dev/random
- or the standard Uix module. Value for name:
+ or the standard Unix module. Value for name:
egd - Use the module which accesses the
Entropy Gathering Daemon. See the webpages
for more information about it.
unix - Use the standard Unix module which does not
have a very good performance.
linux - Use the module which accesses /dev/random.
This is the first choice and the default one
for GNU/Linux or *BSD.
- none - Do not linkl any module in but rely on
- a dynmically loaded modules.
--with-egd-socket=<name>
This is only used when EGD is used as random
gatherer. GnuPG uses by default "~/.gnupg/entropy"
as the socket to connect EGD. Using this option the
socket name can be changed. You may use any filename
here with 2 exceptions: a filename starting with
"~/" uses the socket in the homedirectory of the user
and one starting with a "=" uses a socket in the
GnuPG homedirectory which is bye default "~/.gnupg".
--with-included-zlib
Forces usage of the local zlib sources. Default is
to use the (shared) library of the system.
--with-included-gettext
Forces usage of the local gettext sources instead of
the one provided by your system.
--disable-nls
Disable NLS support (See the file ABOUT-NLS)
--enable-m-guard
Enable the integrated malloc checking code. Please
note that this feature does not work on all CPUs
(e.g. SunOS 5.7 on UltraSparc-2) and might give
you a bus error.
--disable-dynload
If you have problems with dynamic loading, this
- option disables all dynamic loading stuff.
+ option disables all dynamic loading stuff. Note
+ that the use of dynamic linking is very limited.
--disable-asm
Do not use assembler modules. It is not possible
to use this on some CPU types.
--disable-exec
Disable all remote program execution. This
disables photo ID viewing as well as all keyserver
types aside from HKP.
--disable-photo-viewers
Disable only photo ID viewing.
--disable-keyserver-helpers
Disable only keyserver helpers (not including
HKP).
--disable-keyserver-path
Disables the user's ability to use the exec-path
feature to add additional search directories when
executing a keyserver helper.
--with-photo-viewer=FIXED_VIEWER
Force the photo viewer to be FIXED_VIEWER and
disable any ability for the user to change it in
their options file.
Installation Problems
---------------------
If you get unresolved externals "gettext" you should run configure
again with the option "--with-included-gettext"; this is version
0.10.35 which is available at alpha.gnu.org.
If you have other compile problems, try the configure options
"--with-included-zlib" or "--disable-nls" (See ABOUT-NLS) or
--disable-dynload.
We can't check all assembler files, so if you have problems
assembling them (or the program crashes) use --disable-asm with
./configure. The configure scripts may consider several
subdirectories to get all available assembler files; be sure to
delete the correct ones. The assembler replacements are in C and
in mpi/generic; never delete udiv-qrnnd.S in any CPU directory,
because there may be no C substitute. Don't forget to delete
"config.cache" and run "./config.status --recheck".
Some make tools are broken - the best solution is to use GNU's
make. Try gmake or grab the sources from a GNU archive and
install them.
On some OSF you may get unresolved externals. This is a libtool
problem and the workaround is to manually remove all the "-lc -lz"
but the last one from the linker line and execute them manually.
On some architectures you see warnings like:
longlong.h:175: warning: function declaration isn't a prototype
or
http.c:647: warning: cast increases required alignment of target type
This doesn't matter and we know about it (actually it is due to
some warning options which we have enabled for gcc)
Specific problems on some machines
----------------------------------
* IBM RS/6000 running AIX:
Due to a change in gcc (since version 2.8) the MPI stuff may
not build. In this case try to run configure using:
CFLAGS="-g -O2 -mcpu=powerpc" ./configure
* Compaq C V6.2 for alpha:
You may want to use the option "-msg-disable ptrmismatch1"
to get rid of the sign/unsigned char mismatch warnings.
* SVR4.2 (ESIX V4.2 cc)
Due to problems with the ESIX as, you probably want to do
CFLAGS="-O -K pentium" ./configure --disable-asm
Reported by Reinhard Wobst.
The Random Device
-----------------
Random devices are available in Linux, FreeBSD and OpenBSD.
Operating systems without a random devices must use another
entropy collector. One entropy collector called rndunix and
available as an extension module. You should put the line:
load-extension rndunix
into your ~/.gnupg/options file unless you have used the proper
configure option.
This collector works by running a lot of commands that yield more
or less unpredictable output and feds this as entropy into the
random generator - It should work reliably but you should check
whether it produces good output for your version of Unix. There
are some debug options to help you (see cipher/rndunix.c).
Creating an RPM package
-----------------------
The file scripts/gnupg.spec is used to build a RPM package (both
binary and src):
1. copy the spec file into /usr/src/redhat/SPECS
2. copy the tar file into /usr/src/redhat/SOURCES
3. type: rpm -ba SPECS/gnupg.spec
Or use the -t (--tarbuild) option of rpm:
1. rpm -ta gnupg-x.x.x.tar.gz
The binary rpm file can now be found in /usr/src/redhat/RPMS, source
rpm in /usr/src/redhat/SRPMS
How to Get More Information
---------------------------
The primary WWW page is "http://www.gnupg.org"
The primary FTP site is "ftp://ftp.gnupg.org/gcrypt/"
See http://www.gnupg.org/mirrors.html for a list of mirrors
and use them if possible. You may also find GnuPG mirrored on
some of the regular GNU mirrors.
We have some mailing lists dedicated to GnuPG:
gnupg-announce@gnupg.org For important announcements like
new versions and such stuff.
This is a moderated list and has
very low traffic.
gnupg-users@gnupg.org For general user discussion and
help.
gnupg-devel@gnupg.org GnuPG developers main forum.
You subscribe to one of the list by sending mail with a subject
of "subscribe" to x-request@gnupg.org, where x is the name of the
mailing list (gnupg-announce, gnupg-users, etc.). An archive of
the mailing lists is available at http://lists.gnupg.org .
The gnupg.org domain is hosted in Germany to avoid possible legal
problems (technical advices may count as a violation of ITAR).
Please direct bug reports to <gnupg-bugs@gnu.org> or post
them direct to the mailing list <gnupg-devel@gnupg.org>.
Please direct questions about GnuPG to the users mailing list or
one of the pgp newsgroups; please do not direct questions to one
of the authors directly as we are busy working on improvements
and bug fixes. Both mailing lists are watched by the authors
and we try to answer questions when time allows us to do so.
Commercial grade support for GnuPG is available; please see
the GNU service directory or search other resources.
diff --git a/THANKS b/THANKS
index a87a0238e..1bb173a68 100644
--- a/THANKS
+++ b/THANKS
@@ -1,227 +1,228 @@
GnuPG was originally written by Werner Koch. Other people contributed by
reporting problems, suggesting various improvements or submitting actual
code. Here is a list of those people. Help me keep it complete and free of
errors.
Adam Mitchell adam@cafe21.org
Albert Chin china@thewrittenword.com
Alec Habig habig@budoe2.bu.edu
Allan Clark allanc@sco.com
Anand Kumria wildfire@progsoc.uts.edu.au
Andreas Haumer andreas@xss.co.at
Anthony Mulcahy anthony@kcn.ne.jp
Ariel T Glenn ariel@columbia.edu
Bodo Moeller Bodo_Moeller@public.uni-hamburg.de
Brendan O'Dea bod@debian.org
Brenno de Winter brenno@dewinter.com
Brian M. Carlson karlsson@hal-pc.org
Brian Moore bem@cmc.net
Brian Warner warner@lothar.com
Bryan Fullerton bryanf@samurai.com
Caskey L. Dickson caskey@technocage.com
Cees van de Griend cees-list@griend.xs4all.nl
Charles Levert charles@comm.polymtl.ca
Chip Salzenberg chip@valinux.com
Chris Adams cmadams@hiwaay.net
+Christian Biere christianbiere@gmx.de
Christian Kurz shorty@debian.org
Christian von Roques roques@pond.sub.org
Christopher Oliver oliver@fritz.traverse.net
Christian Recktenwald chris@citecs.de
Dan Winship danw@helixcode.com
Daniel Eisenbud eisenbud@cs.swarthmore.edu
Daniel Koening dan@mail.isis.de
Daniel Resare daniel@resare.com
Dave Dykstra dwd@bell-labs.com
David C Niemi niemi@tuxers.net
David Champion dgc@uchicago.edu
David Ellement ellement@sdd.hp.com
David Hallinan hallinan@rtd.com
David Hollenberg dhollen@ISI.EDU
David Mathog MATHOG@seqaxp.bio.caltech.edu
David R. Bergstein dbergstein@home.com
David Shaw dshaw@jabberwocky.com
Detlef Lannert lannert@lannert.rz.uni-duesseldorf.de
Dimitri dmitri@advantrix.com
Dirk Lattermann dlatt@t-online.de
Dirk Meyer dirk.meyer@dinoex.sub.org
Disastry Disastry@saiknes.lv
Douglas Calvert dfc@anize.org
Ed Boraas ecxjo@esperanto.org
Edmund GRIMLEY EVANS edmundo@rano.org
Edwin Woudt edwin@woudt.nl
Enzo Michelangeli em@MailAndNews.com
Ernst Molitor ernst.molitor@uni-bonn.de
Fabio Coatti cova@ferrara.linux.it
Felix von Leitner leitner@amdiv.de
fish stiqz fish@analog.org
Florian Weimer Florian.Weimer@rus.uni-stuttgart.de
Francesco Potorti pot@gnu.org
Frank Donahoe fdonahoe@wilkes1.wilkes.edu
Frank Heckenbach heckenb@mi.uni-erlangen.de
Frank Stajano frank.stajano@cl.cam.ac.uk
Frank Tobin ftobin@uiuc.edu
Gabriel Rosenkoetter gr@eclipsed.net
Gaël Quéri gael@lautre.net
Gene Carter gcarter@lanier.com
Georg Schwarz georg.schwarz@iname.com
Giampaolo Tomassoni g.tomassoni@libero.it
Gilbert Fernandes gilbert_fernandes@hotmail.com
Greg Louis glouis@dynamicro.on.ca
Greg Troxel gdt@ir.bbn.com
Gregory Steuck steuck@iname.com
Geoff Keating geoffk@ozemail.com.au
Harald Denker harry@hal.westfalen.de
Holger Baust Holger.Baust@freenet-ag.de
Hendrik Buschkamp buschkamp@rheumanet.org
Holger Schurig holger@d.om.org
Holger Smolinski smolinsk@de.ibm.com
Holger Trapp Holger.Trapp@informatik.tu-chemnitz.de
Hugh Daniel hugh@toad.com
Huy Le huyle@ugcs.caltech.edu
Ian McKellar imckellar@harvestroad.com.au
Ivo Timmermans itimmermans@bigfoot.com
Jan Krueger max@physics.otago.ac.nz
Jan Niehusmann jan@gondor.com
Janusz A. Urbanowicz alex@bofh.torun.pl
James Troup james@nocrew.org
Jean-loup Gailly gzip@prep.ai.mit.edu
Jeff Long long@kestrel.cc.ukans.edu
Jeffery Von Ronne jronne@ics.uci.edu
Jens Bachem bachem@rrz.uni-koeln.de
Jeroen C. van Gelderen jeroen@vangelderen.org
J Horacio MG homega@ciberia.es
J. Michael Ashley jashley@acm.org
Jim Bauer jfbauer@home.com
Jim Small cavenewt@my-deja.com
Joachim Backes backes@rhrk.uni-kl.de
Joe Rhett jrhett@isite.net
John A. Martin jam@jamux.com
Johnny Teveßen j.tevessen@gmx.de
Jörg Schilling schilling@fokus.gmd.de
Jos Backus Jos.Backus@nl.origin-it.com
Jun Kuriyama kuriyama@sky.rim.or.jp
Kahil D. Jallad kdj4@cs.columbia.edu
Karl Fogel kfogel@guanabana.onshore.com
Karsten Thygesen karthy@kom.auc.dk
Katsuhiro Kondou kondou@nec.co.jp
Kazu Yamamoto kazu@iijlab.net
Keith Clayton keith@claytons.org
Kevin Ryde user42@zip.com.au
Klaus Singvogel ks@caldera.de
Kurt Garloff garloff@suse.de
Lars Kellogg-Stedman lars@bu.edu
L. Sassaman rabbi@quickie.net
M Taylor mctaylor@privacy.nb.ca
Marcel Waldvogel mwa@arl.wustl.edu
Marco d'Itri md@linux.it
Marco Parrone marc0@autistici.org
Marcus Brinkmann Marcus.Brinkmann@ruhr-uni-bochum.de
Mark Adler madler@alumni.caltech.edu
Mark Elbrecht snowball3@bigfoot.com
Mark Pettit pettit@yahoo-inc.com
Markus Friedl Markus.Friedl@informatik.uni-erlangen.de
Martin Kahlert martin.kahlert@provi.de
Martin Hamilton
Martin Schulte schulte@thp.uni-koeln.de
Matt Kraai kraai@alumni.carnegiemellon.edu
Matthew Skala mskala@ansuz.sooke.bc.ca
Matthew Wilcox matthew@wil.cx
Matthias Urlichs smurf@noris.de
Max Valianskiy maxcom@maxcom.ml.org
Michael Engels michael.engels@uni-duesseldorf.de
Michael Fischer v. Mollard mfvm@gmx.de
Michael Roth mroth@nessie.de
Michael Sobolev mss@despair.transas.com
Michael Tokarev mjt@tls.msk.ru
Nicolas Graner Nicolas.Graner@cri.u-psud.fr
Mike McEwan mike@lotusland.demon.co.uk
Neal H Walfield neal@cs.uml.edu
NIIBE Yutaka gniibe@chroot.org
Niklas Hernaeus
Nimrod Zimerman zimerman@forfree.at
N J Doye nic@niss.ac.uk
Oliver Haakert haakert@hsp.de
Oskari Jääskeläinen f33003a@cc.hut.fi
Pascal Scheffers Pascal@scheffers.net
Paul D. Smith psmith@baynetworks.com
Per Cederqvist ceder@lysator.liu.se
Phil Blundell pb@debian.org
Philippe Laliberte arsphl@oeil.qc.ca
Peter Fales psfales@lucent.com
Peter Gutmann pgut001@cs.auckland.ac.nz
Peter Marschall Peter.Marschall@gedos.de
Peter Valchev pvalchev@openbsd.org
Piotr Krukowiecki piotr@pingu.ii.uj.edu.pl
QingLong qinglong@bolizm.ihep.su
Ralph Gillen gillen@theochem.uni-duesseldorf.de
Rat ratinox@peorth.gweep.net
Reinhard Wobst R.Wobst@ifw-dresden.de
Rémi Guyomarch rguyom@mail.dotcom.fr
Reuben Sumner rasumner@wisdom.weizmann.ac.il
Richard Outerbridge outer@interlog.com
Robert Joop rj@rainbow.in-berlin.de
Roddy Strachan roddy@satlink.com.au
Roger Sondermann r.so@bigfoot.com
Roland Rosenfeld roland@spinnaker.rhein.de
Roman Pavlik rp@tns.cz
Ross Golder rossigee@bigfoot.com
Sam Roberts sam@cogent.ca
Sami Tolvanen sami@tolvanen.com
Sean MacLennan seanm@netwinder.org
Sebastian Klemke packet@convergence.de
Serge Munhoven munhoven@mema.ucl.ac.be
SL Baur steve@xemacs.org
Stefan Bellon sbellon@sbellon.de
Stefan Karrmann S.Karrmann@gmx.net
Stefan Keller dres@cs.tu-berlin.de
Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn zahn@berlin.snafu.de
Steven Bakker steven@icoe.att.com
Steven Murdoch sjmurdoch@bigfoot.com
Susanne Schultz schultz@hsp.de
Ted Cabeen secabeen@pobox.com
Thiago Jung Bauermann jungmann@cwb.matrix.com.br
Thomas Roessler roessler@guug.de
Tim Mooney mooney@dogbert.cc.ndsu.nodak.edu
Timo Schulz towaday@freakmail.de
Tom Spindler dogcow@home.merit.edu
Tom Zerucha tzeruch@ceddec.com
Tomas Fasth tomas.fasth@twinspot.net
Tommi Komulainen Tommi.Komulainen@iki.fi
Thomas Klausner wiz@danbala.ifoer.tuwien.ac.at
Tomasz Kozlowski tomek@rentec.com
Thomas Mikkelsen tbm@image.dk
Ulf Möller 3umoelle@informatik.uni-hamburg.de
Urko Lusa ulusa@euskalnet.net
Vincent P. Broman broman@spawar.navy.mil
W Lewis wiml@hhhh.org
Walter Hofmann Walter.Hofmann@physik.stud.uni-erlangen.de
Walter Koch koch@hsp.de
Wayne Chapeskie waynec@spinnaker.com
Werner Koch wk@gnupg.org
Wim Vandeputte bunbun@reptile.rug.ac.be
Winona Brown win@huh.org
Yosiaki IIDA iida@ring.gr.jp
Yoshihiro Kajiki kajiki@ylug.org
disastry@saiknes.lv
nbecker@hns.com
Thanks to the German Unix User Group for sponsoring this project,
Martin Hamilton for hosting the first mailing list and OpenIT for
cheap hosting conditions.
The development of this software has partly been funded by the German
Ministry for Economics and Technology under grant VIB3-68553.168-001/1999.
Many thanks to my wife Gerlinde for having so much patience with
me while hacking late in the evening.
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 77efc4449..6599a51bc 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,918 +1,956 @@
+2002-08-03 Werner Koch <wk@gnupg.org>
+
+ * rndegd.c (do_read): Handle case when read returns 0 to avoid
+ gpg hanging when EGD died. By Christian Biere.
+
+2002-08-02 Werner Koch <wk@gnupg.org>
+
+ The big extension removal.
+
+ * Makefile.am: Removed all extension stuff.
+ * dynload.c: Removed everything except for
+ register_cipher_extension.
+ (dynload_enum_module_names): New.
+ * dynload.h: Removed.
+ * random.c (getfnc_gather_random,getfnc_fast_random_poll):
+ New. Replaced all dynload functions with these ones.
+ * rndunix.c (rndunix_gather_random): Renamed from
+ gather_random. Made global. Removed all dynload stuff.
+ * rndlinux.c (rndlinux_gather_random): Likewise.
+ * rndegd.c (rndegd_gather_random): Likewise.
+ * rndw32.c (rndw32_gather_random)
+ (rndw32_gather_random_fast): Likewise. Also removed the unsued
+ entropy dll code.
+ * md.c (new_list_item): Changed return value to indicate whether
+ an algorithms was loaded.
+ (load_digest_module): Simplified by removing all the dynload code.
+ * algorithms.h: New.
+ * md5.c (md5_get_info): Made global. Removed all dynload stuff.
+ * rmd160.c (rmd160_get_info): Likewise.
+ * sha1.c (sha1_get_info): Likewise.
+ * tiger.c (tiger_get_info): Likewise. Return NULL if we can't use
+ this module.
+ * idea-stub.c: New.
+ * blowfish.h (idea_get_info): Add prototype.
+ * cipher.c (setup_cipher_table): Try to load IDEA.
+ (load_cipher_modules): Removed all dynload code.
+ * pubkey.c (load_pubkey_modules): Removed the dynloading code.
+
2002-07-25 David Shaw <dshaw@jabberwocky.com>
* random.c: "warning" -> "WARNING"
2002-07-02 Werner Koch <wk@gnupg.org>
* rndw32.c (slow_gatherer_windowsNT): Use a simple array for the
disk performance structure and increase it to the size required by
W2000.
2002-06-29 Werner Koch <wk@gnupg.org>
* rndlinux.c: Removed HAVE_LINUX_RANDOM_H conditional because it
was never used and the configure test did set the wrong macro
anyway.
2002-05-07 Stefan Bellon <sbellon@sbellon.de>
* md.c (md_start_debug): Use EXTSEP_S instead of ".".
2002-04-24 Werner Koch <wk@gnupg.org>
* tiger.c (tiger_final): Removed superfluous token pasting operators.
* md5.c (md5_final): Ditto.
2002-04-22 Stefan Bellon <sbellon@sbellon.de>
* rndriscos.c (func_table): Made func a function pointer.
(init_device): Improved loading of CryptRandom module.
2002-04-18 Werner Koch <wk@gnupg.org>
* rndlinux.c, rndegd.c, rndunix.c (func_table): Made func a
function pointer. Note that we still need to change the module
interface to cope with data vs function pointer problems. Hmmm,
even dlsym has a problem with this.
2002-04-10 David Shaw <dshaw@jabberwocky.com>
* cipher.c (setup_cipher_table, cipher_open, cipher_encrypt,
cipher_decrypt, dummy_setkey, dummy_encrypt_block,
dummy_decrypt_block): the dummy cipher should only be built on
development versions.
2002-04-06 Werner Koch <wk@gnupg.org>
* rijndael.c (rijndael_get_info): We do only support a 128 bit
blocksize so it makes sense to change the algorithm strings to
AES.
* cipher.c (string_to_cipher_algo): Map "RIJNDAEL" to "AES".
2002-02-14 Werner Koch <wk@gnupg.org>
* random.c (mix_pool): Removed the failsafe stuff again. It makes
the code more complicate and may give the path to more bugs.
2002-02-10 Werner Koch <wk@gnupg.org>
* random.c (mix_pool): Carry an extra failsafe_digest buffer
around to make the function more robust.
2002-02-08 Werner Koch <wk@gnupg.org>
* random.c (add_randomness): Xor new data into the pool and not
just copy it. This avoids any choosen input attacks which are not
serious in our setting because an outsider won't be able to mix
data in and even then we keep going with a PRNG. Thanks to Stefan
Keller for pointing this out.
2002-01-02 Stefan Bellon <sbellon@sbellon.de>
* rndriscos.c [__riscos__]: Updated include file name.
2001-12-21 Werner Koch <wk@gnupg.org>
* Makefile.am (DISCLEANFILES): Add construct.c
2001-12-19 Werner Koch <wk@gnupg.org>
* rndw32.c [CYGWIN32]: Include winioctl.h. By Disastry.
2001-11-08 Werner Koch <wk@gnupg.org>
* primegen.c (gen_prime): Set 2 high order bits for secret primes.
* rsa.c (generate): Loop until we find the exact modulus size.
Changed the exponent to 41.
2001-10-22 Werner Koch <wk@gnupg.org>
* Makefile.am: Need to use $(EXEEXT) where approriate.
2001-09-09 Werner Koch <wk@gnupg.org>
* rsa.c (rsa_get_info): s/usage/r_usage/ to avoid shadow warnings.
2001-08-24 Werner Koch <wk@gnupg.org>
* md.c (md_write): Made buf arg const.
2001-08-22 Werner Koch <wk@gnupg.org>
* random.c (fast_random_poll): Don't use gethrtime if it is broken.
2001-08-20 Werner Koch <wk@gnupg.org>
Applied patches from Stefan Bellon <sbellon@sbellon.de> to support
RISC OS. Nearly all of these patches are identified by the
__riscos__ macro.
* blowfish.c, twofish.c: Added pragmas for use with a Norcraft
compiler.
* dynload.c, md5.c, rmd160.c, sha1.c: Minor patches for RISC OS.
* rndriscos.c: New.
* rnd-internal.h: Added prototype.
* random.c (fast_random_poll): Use '#if defined' instead of just
'defined'; needed for RISC OS.
* primegen.c (gen_prime): count? are now ints for consistence
with is_prime().
2001-08-08 Werner Koch <wk@gnupg.org>
* rndw32.c (gather_random): Use toolhelp in addition to the NT
gatherer for Windows2000. Suggested by Sami Tolvanen.
* random.c (read_pool): Fixed length check, this used to be one
byte to strict. Made an assert out of it because the caller has
already made sure that only poolsize bytes are requested.
Reported by Marcus Brinkmann.
2001-07-18 Werner Koch <wk@gnupg.org>
* rndlinux.c (gather_random): casted a size_t arg to int so that
the format string is correct. Casting is okay here and avoids
translation changes.
2001-06-12 Werner Koch <wk@gnupg.org>
* cipher.c (string_to_cipher_algo): Use ascii_strcasecmp().
* md.c (string_to_digest_algo): Ditto.
* pubkey.c (string_to_pubkey_algo): Ditto.
* rndw32.c (slow_gatherer_windowsNT): Ditto. Not really needed
here but anyway.
2001-04-29 Werner Koch <wk@gnupg.org>
* random.c (fast_random_poll): Do not check the return code of
getrusage.
2001-04-17 Werner Koch <wk@gnupg.org>
* rndunix.c: Add a signal.h header to avoid warnings on Solaris 7
and 8.
2001-04-16 Werner Koch <wk@gnupg.org>
* dynload.c [__MINGW32__]: Applied patch from Timo Schulz to make
it work under W32. This patches is based on the one from
Disastry@saiknes.lv
2001-04-06 Werner Koch <wk@gnupg.org>
* rijndael.c, des.c, blowfish.c, twofish.c, cast5.c (burn_stack):
New. Add wrappers for most functions to be able to call
burn_stack after the function invocation. This methods seems to be
the most portable way to zeroise the stack used. It does only work
on stack frame based machines but it is highly portable and has no
side effects. Just setting the automatic variables at the end of
a function to zero does not work well because the compiler will
optimize them away - marking them as volatile would be bad for
performance.
* md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise.
* random.c (burn_stack): New.
(mix_pool): Use it here to burn the stack of the mixblock function.
2001-04-02 Werner Koch <wk@gnupg.org>
* primegen.c (generate_elg_prime): I was not initialized for mode
!= 1. Freed q at 3 places. Thanks to Tommi Komulainen.
2001-03-28 Werner Koch <wk@gnupg.org>
* md5.c (md5_final): Fixed calculation of hashed length. Thanks
to disastry@saiknes.lv for pointing out that it was horrible wrong
for more than 512MB of input.
* sha1.c (sha1_final): Ditto.
* rmd160.c (rmd160_final): Ditto.
* tiger.c (tiger_final): Ditto.
2001-03-19 Werner Koch <wk@gnupg.org>
* blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to
avoid name clahses with an encrypt function in stdlib.h of
Dynix/PIX. Thanks to Gene Carter.
* elgamal.c (encrypt,do_encrypt): Ditto.
2001-03-12 Werner Koch <wk@gnupg.org>
* twofish.c (gnupgext_enum_func): Add some static when comnpiled
as a module.
* tiger.c (tiger_get_info): Return "TIGER192" and not just
"TIGER". By Edwin Woudt.
2001-03-08 Werner Koch <wk@gnupg.org>
* random.c: Always include time.h - standard requirement. Thanks
to James Troup.
2001-01-18 Werner Koch <wk@gnupg.org>
* rndw32.c: Fixed typo and wrong ifdef for VER_PLATFORM* macro
2001-01-12 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_encrypt,cipher_encrypt): Use blocksize and
not 8 for CBC mode (However: we don't use CBS in OpenPGP).
2000-11-22 Werner Koch <wk@gnupg.org>
* rndegd.c (gather_random): Fixed default socket to be '=entropy'.
Thanks to Tomasz Kozlowski.
2000-10-12 Werner Koch <wk@gnupg.org>
* rijndael.c: New.
* cipher.c: Add Rijndael support.
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
* sha1.c (transform): Use rol() macro. Actually this is not needed
for a newer gcc but there are still aoter compilers.
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
* random.c (fast_random_poll): Check ENOSYS for getrusage.
* rndunix.c: Add 2 sources for QNX. By Sam Roberts.
Wed Sep 13 18:12:34 CEST 2000 Werner Koch <wk@openit.de>
* rsa.c (secret): Speed up by using the CRT. For a 2k keys this
is about 3 times faster.
(stronger_key_check): New but unused code to check the secret key.
Wed Sep 6 17:55:47 CEST 2000 Werner Koch <wk@openit.de>
* rsa.c: Changed the comment about the patent.
* Makefile.am: Included rsa.[ch].
* pubkey.c: Enabled RSA support.
(pubkey_get_npkey): Removed RSA workaround.
Fri Aug 25 16:05:38 CEST 2000 Werner Koch <wk@openit.de>
* rndlinux.c (open_device): Loose random device checking.
By Nils Ellmenreich.
* rndegd.c (gather_random): Name of socket is nom configurable.
Wed Jun 28 11:54:44 CEST 2000 Werner Koch <wk@>
* rsa.c, rsa.h: New based on the old module version (only in CVS for now).
* pubkey.c (setup_pubkey_table): Added commented support for RSA.
Fri Jun 9 10:09:52 CEST 2000 Werner Koch <wk@openit.de>
* rndunix.c (waitpid): New. For UTS 2.1. All by Dave Dykstra.
(my_popen): Do the FD_CLOEXEC only if it is available
(start_gatherer): Cope with missing _SC_OPEN_MAX
Sun May 28 13:55:17 CEST 2000 Werner Koch <wk@openit.de>
* random.c (read_seed_file): Binary open for DOSish system
(update_random_seed_file): Ditto.
* rndw32.c: Add some debuging code enabled by an environment variable.
Tue May 23 09:19:00 CEST 2000 Werner Koch <wk@openit.de>
* rndw32.c: Started with alternative code to replace entropy.dll
Thu May 18 11:38:54 CEST 2000 Werner Koch <wk@openit.de>
* primegen.c (register_primegen_progress): New.
* dsa.c (register_pk_dsa_progress): New.
* elgamal.c (register_pk_elg_progress): New.
Fri Apr 14 19:37:08 CEST 2000 Werner Koch <wk@openit.de>
* twofish.c (twofish_get_info): Fixed warning about cast.
Tue Mar 28 14:26:58 CEST 2000 Werner Koch <wk@openit.de>
* random.c [MINGW32]: Include process.h for getpid.
Thu Mar 2 15:37:46 CET 2000 Werner Koch <wk@gnupg.de>
* random.c (fast_random_poll): Add clock_gettime() as fallback for
system which support this POSIX.4 fucntion. By Sam Roberts.
* rndunix.c: Add some more headers for QNX. By Sam Roberts.
* random.c (read_seed_file): Removed the S_ISLNK test becuase it
is already covered by !S_ISREG and is not defined in Unixware.
Reported by Dave Dykstra.
* sha1.c (sha1_get_info): Removed those stupid double lines. Dave
is really a good lint.
Wed Feb 23 10:07:57 CET 2000 Werner Koch <wk@gnupg.de>
* twofish.c (twofish_get_info): Add some const to the casts. By Martin
Kahlert.
Mon Feb 14 14:30:20 CET 2000 Werner Koch <wk@gnupg.de>
(update_random_seed_file): Silently ignore update request when pool
is not filled.
Fri Feb 11 17:44:40 CET 2000 Werner Koch <wk@gnupg.de>
* random.c (read_seed_file): New.
(set_random_seed_file): New.
(read_pool): Try to read the seeding file.
(update_random_seed_file): New.
(read_pool): Do an initial extra seeding when level 2 quality random
is requested the first time. This requestes at least POOLSIZE/2 bytes
of entropy. Compined with the seeding file this should make normal
random bytes cheaper and increase the quality of the random bytes
used for key generation.
* rndegd.c (gather_random): Shortcut level 0.
* rndunix.c (gather_random): Ditto.
* rndw32.c (gather_random): Ditto.
Fri Jan 14 18:32:01 CET 2000 Werner Koch <wk@gnupg.de>
* rmd160.c (rmd160_get_info): Moved casting to the left side due to a
problem with UTS4.3. Suggested by Dave Dykstra.
* sha1.c (sha1_get_info): Ditto.
* tiger.c (tiger_get_info): Ditto.
* md5.c (md5_get_info): Ditto
* des.c (des_get_info): Ditto.
* blowfish.c (blowfish_get_info): Ditto.
* cast5.c (cast5_get_info): Ditto.
* twofish.c (twofish_get_info): Ditto.
Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de>
* elgamal.c (wiener_map): New.
(gen_k): Use a much smaller k.
(generate): Calculate the qbits using the wiener map and
choose an x at a size comparable to the one choosen in gen_k
* random.c (read_pool): Print a more friendly error message in
cases when too much random is requested in one call.
* Makefile.am (tiger): Replaced -O1 by -O. Suggested by Alec Habig.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* primegen.c (generate_elg_prime): All primes are now generated with
the lowest random quality level. Becuase they are public anyway we
don't need stronger random and by this we do not drain the systems
entropy so much.
Thu Oct 28 16:08:20 CEST 1999 Werner Koch <wk@gnupg.de>
* random.c (fast_random_poll): Check whether RUSAGE_SELF is defined;
this is not the case for some ESIX and Unixware, although they have
getrusage().
* elgamal.c (sign): Hugh found strange code here. Replaced by BUG().
Mon Oct 11 09:24:12 CEST 1999 Werner Koch <wk@gnupg.de>
* rndw32.c (gather_random): Handle PCP_SEEDER_TOO_SMALL.
Sat Oct 9 20:34:41 CEST 1999 Werner Koch <wk@gnupg.de>
* Makefile.am: Tweaked module build and removed libtool
Fri Oct 8 20:32:01 CEST 1999 Werner Koch <wk@gnupg.de>
* rndw32.c (load_and_init_winseed): Use the Registry to locate the DLL
Mon Oct 4 21:23:04 CEST 1999 Werner Koch <wk@gnupg.de>
* md.c (md_reset): Clear finalized; thanks to Ulf Moeller for
fixing this bug.
Sat Sep 18 12:51:51 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Never compile mingw32 as module
Wed Sep 15 14:39:59 CEST 1999 Michael Roth <mroth@nessie.de>
* des.c: Various speed improvements: One bit pre rotation
trick after initial permutation (Richard Outerbridge).
Finished test of SSLeay Tripple-DES patterns.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndw32.c: New.
Mon Sep 13 10:51:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* bithelp.h: New.
* rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h
Tue Sep 7 16:23:36 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Fixed seds for latest egcc. By Ollivier Robert.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (selftest): Add some testpattern
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using
in place encryption. Pointed out by Frank Stajano.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* md5.c (md5_final): Fix for a SCO cpp bug.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* elgamal.c (elg_check_secret_key,elg_encrypt
elg_decrypt,elg_sign,elg_verify): Sanity check on the args.
* dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto.
* pubkey.c (disable_pubkey_algo): New.
(check_pubkey_algo2): Look at disabled algo table.
* cipher.c (disable_cipher_algo): New.
(check_cipher_algo): Look at disabled algo table.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dsa.c (gen_k): Changed algorithm to consume less random bytes
* elgamal.c (gen_k): Ditto.
* random.c (random_dump_stats): New.
Thu Jul 1 12:47:31 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c, elgamal.c, dsa.c (progess): New and replaced all
fputc with a call to this function.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs.
* cipher.c (do_cbc_encrypt, do_cbc_decrypt): New.
* dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra).
* Makefile.am (install-exec-hook): Removed.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (setup_cipher_table): Enable Twofish
* random.c (fast_random_poll): Disable use of times() for mingw32.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (register_internal_cipher_extension): Minor init fix.
Tue May 4 15:47:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
that we didn't correct for step when passing the prime to the
Rabin-Miller test which led to bad performance (Stefan Keller).
(check_prime): Add a first Fermat test.
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_setiv): Add ivlen arg, changed all callers.
* random.c (randomize_buffer): alway use secure memory because
we can't use m_is_secure() on a statically allocated buffer.
* twofish.c: Replaced some macros by a loop to reduce text size.
* Makefile.am (twofish): No more need for sed editing.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_open): Reversed the changes for AUTO_CFB.
* blowfish.c: Dropped the Blowfish 160 mode.
* cipher.c (cipher_open): Ditto.
(setup_cipher_table): Ditto. And removed support of twofish128
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
* twofish.c: Applied Matthew Skala's patches for 256 bit key.
Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (get_random_bits): Can now handle requests > POOLSIZE
* cipher.c (cipher_open): Now uses standard CFB for automode if
the blocksize is gt 8 (according to rfc2440).
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndlinux.c (tty_printf) [IS_MODULE]: Removed.
* rndegd.c (gather_random): Some fixes.
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c (do_read): New.
(gather_random): Changed the implementation.
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c: Nearly a total rewrote.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (context): Fixed alignment
* md.c: Ditto.
* rndegd.c: New
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndegd.c: New.
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Modules are now figured out by configure
* construct.c: New. Generated by configure. Changed all modules
to work with that.
* sha1.h: Removed.
* md5.h: Removed.
* twofish.c: Changed interface to allow Twofish/256
* rndunix.c (start_gatherer): Die on SIGPIPE.
Wed Jan 20 18:59:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): Fix to avoid infinite loop.
Sun Jan 17 11:04:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* des.c (is_weak_key): Replace system memcmp due to bugs
in SunOS's memcmp.
(des_get_info): Return error on failed selftest.
* twofish.c (twofish_setkey): Return error on failed selftest or
invalid keylength.
* cast5.c (cast_setkey): Ditto.
* blowfish.c (bf_setkey): Return error on failed selftest.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* random.c (random_is_faked): New.
* tiger.c: Only compile if we have the u64 type
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (gather_random): check for setuid.
* Makefile.am: Add a way to staically link random modules
Thu Jan 7 18:00:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_stop_debug): Do a flush first.
(md_open): size of buffer now depends on the secure parameter
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* rndunix.c (start_gatherer): Fixed stupid ==/= bug
1998-12-31 Geoff Keating <geoffk@ozemail.com.au>
* des.c (is_weak_key): Rewrite loop end condition.
Tue Dec 29 14:41:47 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c: add unistd.h for getpid().
(RAND_MAX): Fallback value for Sun.
Wed Dec 23 17:12:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* md.c (md_copy): Reset debug.
Mon Dec 14 21:18:49 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* random.c (read_random_source): Changed the interface to the
random gathering function.
(gather_faked): Use new interface.
* dynload.c (dynload_getfnc_fast_random_poll): Ditto.
(dynload_getfnc_gather_random): Ditto.
* rndlinux.c (gather_random): Ditto.
* rndunix.c (gather_random): Ditto.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (SYMBOL_VERSION): New to cope with system which needs
underscores.
* rndunix.c: Rewrote large parts
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* dynload.c (load_extension): increased needed verbosity level.
* random.c (fast_random_poll): Fallback to a default fast random
poll function.
(read_random_source): Always use the faked entroy gatherer if no
gather module is available.
* rndlinux.c (fast_poll): Removed.
* rndunix.c (fast_poll): Removed.
Wed Nov 25 12:33:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-*.c: Removed.
* rndlinux.c : New.
* rndunix.c : New.
* random.c : Restructured the interface to the gather modules.
(intialize): Call constructor functions
(read_radnom_source): Moved to here.
* dynload.c (dynload_getfnc_gather_random): New.
(dynload_getfnc_fast_random_poll): New.
(register_internal_cipher_extension): New.
(register_cipher_extension): Support of internal modules.
Sun Nov 8 17:44:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (read_random_source): Removed the assert.
Mon Oct 19 18:34:30 1998 me,,, (wk@tobold)
* pubkey.c: Hack to allow us to give some info about RSA keys back.
Thu Oct 15 11:47:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c: Support for DLD
Wed Oct 14 12:13:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c: Now uses names from configure for /dev/random.
1998-10-10 SL Baur <steve@altair.xemacs.org>
* Makefile.am: fix sed -O substitutions to catch -O6, etc.
Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-)
* rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto.
Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest): New.
(md_reset): New.
Wed Sep 23 12:27:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned.
Mon Sep 21 06:22:53 1998 Werner Koch (wk@(none))
* des.c: Some patches from Michael.
Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none))
* des.c : New file from Michael Roth <mroth@nessie.de>
Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none))
* blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.
Mon Sep 14 09:19:25 1998 Werner Koch (wk@(none))
* dynload.c (RTLD_NOW): Now defined to 1 if it is undefined.
Mon Sep 7 17:04:33 1998 Werner Koch (wk@(none))
* Makefile.am: Fixes to allow a different build directory
Thu Aug 6 17:25:38 1998 Werner Koch,mobil,,, (wk@tobold)
* random.c (get_random_byte): Removed and changed all callers
to use get_random_bits()
Mon Jul 27 10:30:22 1998 Werner Koch (wk@(none))
* cipher.c : Support for other blocksizes
(cipher_get_blocksize): New.
* twofish.c: New.
* Makefile.am: Add twofish module.
Mon Jul 13 21:30:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Simple alloc if secure_alloc is not set.
(get_random_bits): Ditto.
Thu Jul 9 13:01:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* dynload.c (load_extension): Function now nbails out if
the program is run setuid.
Wed Jul 8 18:58:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_hash_buffer): New.
Thu Jul 2 10:50:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_open): algos >=100 use standard CFB
Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am: Support for extensions
Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (mix_pool): simpler handling for level 0
Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c: Removed from dist, will reappear as dynload module
Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* pubkey.c: Major changes to allow extensions. Changed the inteface
of all public key ciphers and added the ability to load extensions
on demand.
* misc.c: Removed.
Wed Jun 10 07:52:08 1998 Werner Koch,mobil,,, (wk@tobold)
* dynload.c: New.
* cipher.c: Major changes to allow extensions.
Mon Jun 8 22:43:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Major internal chnages to support extensions.
* blowfish.c (blowfish_get_info): New and made all internal
functions static, changed heder.
* cast5.c (cast5_get_info): Likewise.
Mon Jun 8 12:27:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c (transform): Fix for big endian
* cipher.c (do_cfb_decrypt): Big endian fix.
Fri May 22 07:30:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_get_oid): Add a new one for TIGER.
Thu May 21 13:24:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: Add support for a dummy cipher
Thu May 14 15:40:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): fixed sigbus - I should better
add Christian von Roques's new implemenation of rmd160_write.
Fri May 8 18:07:44 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New
* random.c: Moved system specific functions to rand-****.c
Fri May 8 14:01:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fast_random_poll): add call to gethrtime.
Tue May 5 21:28:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): choosing x was not correct, could
yield 6 bytes which are not from the random pool, tsss, tsss..
Tue May 5 14:09:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Add arg mode, changed all
callers and implemented mode 1.
Mon Apr 27 14:41:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_get_keylen): New.
Sun Apr 26 14:44:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c, tiger.h: New.
Wed Apr 8 14:57:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (check_pubkey_algo2): New.
Tue Apr 7 18:46:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c: New
* misc.c (check_cipher_algo): Moved to cipher.c
* cast5.c: Moved many functions to cipher.c
* blowfish.c: Likewise.
Sat Apr 4 19:52:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* cast5.c: Implemented and tested.
Wed Apr 1 16:38:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* elgamal.c (elg_generate): Faster generation of x in some cases.
Thu Mar 19 13:54:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* blowfish.c (blowfish_decode_cfb): changed XOR operation
(blowfish_encode_cfb): Ditto.
Thu Mar 12 14:04:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* sha1.c (transform): Rewrote
* blowfish.c (encrypt): Unrolled for rounds == 16
(decrypt): Ditto.
Tue Mar 10 16:32:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (transform): Unrolled the loop.
Tue Mar 10 13:05:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (read_pool): Add pool_balance stuff.
(get_random_bits): New.
* elgamal.c (elg_generate): Now uses get_random_bits to generate x.
Tue Mar 10 11:33:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_digest_length): New.
Tue Mar 10 11:27:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c (dsa_verify): Works.
Mon Mar 9 12:59:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c, dsa.h: Removed some unused code.
Wed Mar 4 10:39:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_open): Add call to fast_random_poll.
blowfish.c (blowfish_setkey): Ditto.
Tue Mar 3 13:32:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* rmd160.c (rmd160_mixblock): New.
* random.c: Restructured to start with a new RNG implementation.
* random.h: New.
Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* gost.c, gost.h: Removed because they did only conatin trash.
Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fill_buffer): removed error message if n == -1.
Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_enable): No init if called twice.
Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Changed the progress printing.
(gen_prime): Ditto.
Tue Feb 24 12:28:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* md5.c, md.5 : Replaced by a modified version of md5.c from
GNU textutils 1.22.
Wed Feb 18 14:08:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c, md.h : New debugging support
Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (cipher_algo_to_string): New
(pubkey_algo_to_string): New.
(digest_algo_to_string): New.
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 83e81877e..59aae94d7 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -1,114 +1,68 @@
-# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
#
# This file is part of GnuPG.
#
# GnuPG is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
## Process this file with automake to produce Makefile.in
-
INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
noinst_LIBRARIES = libcipher.a
-# The configure script greps the module names from the EXTRA_PROGRAMS line
-EXTRA_PROGRAMS = rndlinux rndunix rndegd rndw32 sha1 rmd160 md5 tiger
-
-EXTRA_rndlinux_SOURCES = rndlinux.c
-EXTRA_rndunix_SOURCES = rndunix.c
-EXTRA_rndegd_SOURCES = rndegd.c
-EXTRA_rndw32_SOURCES = rndw32.c
-EXTRA_md5_SOURCES = md5.c
-EXTRA_rmd160_SOURCES = rmd160.c
-EXTRA_sha1_SOURCES = sha1.c
-EXTRA_tiger_SOURCES = tiger.c
-
-
-if ENABLE_GNUPG_EXTENSIONS
-pkglib_PROGRAMS = @DYNAMIC_CIPHER_MODS@
-else
-pkglib_PROGRAMS =
-endif
-
-
-DYNLINK_MOD_CFLAGS = -DIS_MODULE @DYNLINK_MOD_CFLAGS@
-
-#libcipher_a_LDFLAGS =
libcipher_a_SOURCES = cipher.c \
pubkey.c \
md.c \
dynload.c \
- dynload.h \
bithelp.h \
des.c \
des.h \
twofish.c \
blowfish.c \
blowfish.h \
cast5.c \
cast5.h \
rijndael.c \
elgamal.c \
elgamal.h \
rsa.c rsa.h \
primegen.c \
random.h \
random.c \
rand-internal.h \
rmd.h \
dsa.h \
dsa.c \
g10c.c \
smallprime.c \
- construct.c
-
-# configure creates the constructor file
-BUILT_SOURCES = construct.c
-DISTCLEANFILES = construct.c
+ algorithms.h \
+ rndlinux.c \
+ rndunix.c \
+ rndegd.c \
+ rndw32.c \
+ md5.c \
+ rmd160.c \
+ sha1.c \
+ tiger.c
-libcipher_a_DEPENDENCIES = @STATIC_CIPHER_OBJS@
-libcipher_a_LIBADD = @STATIC_CIPHER_OBJS@
+EXTRA_libcipher_a_SOURCES = idea-stub.c
-
-# If I remember it correct, automake 1.4 has a feature to set
-# fooFLAGS depending on the program. So we should check it out.
-
-tiger$(EXEEXT): $(srcdir)/tiger.c
- `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o tiger $(srcdir)/tiger.c | \
- sed -e 's/-O[2-9s]*/-O/g' `
+libcipher_a_DEPENDENCIES = @IDEA_O@
+libcipher_a_LIBADD = @IDEA_O@
tiger.o: $(srcdir)/tiger.c
`echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9s]*/-O1/g' `
-#twofish: $(srcdir)/twofish.c
-# `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \
-# sed -e 's/-O[0-9s]*/ /g' `
-
-twofish: $(srcdir)/twofish.c
- $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c
-
-#twofish.o: $(srcdir)/twofish.c
-# `echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9s]*/ /g' `
-
-
-rndunix$(EXEEXT): $(srcdir)/rndunix.c
- $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndunix $(srcdir)/rndunix.c
-
-rndlinux$(EXEEXT): $(srcdir)/rndlinux.c
- $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndlinux $(srcdir)/rndlinux.c
-
-rndegd$(EXEEXT): $(srcdir)/rndegd.c
- $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndegd $(srcdir)/rndegd.c
diff --git a/cipher/algorithms.h b/cipher/algorithms.h
new file mode 100644
index 000000000..a6b910612
--- /dev/null
+++ b/cipher/algorithms.h
@@ -0,0 +1,66 @@
+/* algorithms.h - prototypes for algorithm functions.
+ * Copyright (C) 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef GNUPG_ALGORITHMS_H
+#define GNUPG_ALGORITHMS_H 1
+
+const char *dynload_enum_module_names (int seq);
+
+
+
+const char *
+md5_get_info (int algo, size_t *contextsize,
+ byte **r_asnoid, int *r_asnlen, int *r_mdlen,
+ void (**r_init)( void *c ),
+ void (**r_write)( void *c, byte *buf, size_t nbytes ),
+ void (**r_final)( void *c ),
+ byte *(**r_read)( void *c )
+ );
+
+
+const char *
+rmd160_get_info (int algo, size_t *contextsize,
+ byte **r_asnoid, int *r_asnlen, int *r_mdlen,
+ void (**r_init)( void *c ),
+ void (**r_write)( void *c, byte *buf, size_t nbytes ),
+ void (**r_final)( void *c ),
+ byte *(**r_read)( void *c )
+ );
+
+const char *
+sha1_get_info (int algo, size_t *contextsize,
+ byte **r_asnoid, int *r_asnlen, int *r_mdlen,
+ void (**r_init)( void *c ),
+ void (**r_write)( void *c, byte *buf, size_t nbytes ),
+ void (**r_final)( void *c ),
+ byte *(**r_read)( void *c )
+ );
+
+const char *
+tiger_get_info (int algo, size_t *contextsize,
+ byte **r_asnoid, int *r_asnlen, int *r_mdlen,
+ void (**r_init)( void *c ),
+ void (**r_write)( void *c, byte *buf, size_t nbytes ),
+ void (**r_final)( void *c ),
+ byte *(**r_read)( void *c )
+ );
+
+
+
+#endif /*GNUPG_ALGORITHMS_H*/
diff --git a/cipher/blowfish.h b/cipher/blowfish.h
index bed034c73..46e302288 100644
--- a/cipher/blowfish.h
+++ b/cipher/blowfish.h
@@ -1,54 +1,62 @@
/* blowfish.h
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_BLOWFISH_H
#define G10_BLOWFISH_H
#include "types.h"
const char *
blowfish_get_info( int algo, size_t *keylen,
size_t *blocksize, size_t *contextsize,
int (**setkeyf)( void *c, byte *key, unsigned keylen ),
void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
);
/* this is just a kludge for the time we have not yet chnaged the cipher
* stuff to the scheme we use for random and digests */
const char *
twofish_get_info( int algo, size_t *keylen,
size_t *blocksize, size_t *contextsize,
int (**setkeyf)( void *c, byte *key, unsigned keylen ),
void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
);
-/* this is just a kludge for the time we have not yet chnaged the cipher
+/* this is just a kludge for the time we have not yet changed the cipher
* stuff to the scheme we use for random and digests */
const char *
rijndael_get_info( int algo, size_t *keylen,
size_t *blocksize, size_t *contextsize,
int (**setkeyf)( void *c, byte *key, unsigned keylen ),
void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
);
+const char *
+idea_get_info( int algo, size_t *keylen,
+ size_t *blocksize, size_t *contextsize,
+ int (**setkeyf)( void *c, byte *key, unsigned keylen ),
+ void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+ void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+ );
+
#endif /*G10_BLOWFISH_H*/
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 2744f041a..761ec9b99 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -1,712 +1,673 @@
/* cipher.c - cipher dispatcher
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "util.h"
#include "errors.h"
#include "cipher.h"
#include "des.h"
#include "blowfish.h"
#include "cast5.h"
-#include "dynload.h"
#define MAX_BLOCKSIZE 16
#define TABLE_SIZE 14
struct cipher_table_s {
const char *name;
int algo;
size_t blocksize;
size_t keylen;
size_t contextsize; /* allocate this amount of context */
int (*setkey)( void *c, byte *key, unsigned keylen );
void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
};
static struct cipher_table_s cipher_table[TABLE_SIZE];
static int disabled_algos[TABLE_SIZE];
struct cipher_handle_s {
int algo;
int mode;
size_t blocksize;
byte iv[MAX_BLOCKSIZE]; /* (this should be ulong aligned) */
byte lastiv[MAX_BLOCKSIZE];
int unused; /* in IV */
int (*setkey)( void *c, byte *key, unsigned keylen );
void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
PROPERLY_ALIGNED_TYPE context;
};
#ifdef IS_DEVELOPMENT_VERSION
static int
dummy_setkey( void *c, byte *key, unsigned keylen ) { return 0; }
static void
dummy_encrypt_block( void *c, byte *outbuf, byte *inbuf ) { BUG(); }
static void
dummy_decrypt_block( void *c, byte *outbuf, byte *inbuf ) { BUG(); }
#endif
/****************
* Put the static entries into the table.
*/
static void
setup_cipher_table(void)
{
int i;
i = 0;
cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL;
cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL192;
cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL256;
cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_TWOFISH;
cipher_table[i].name = twofish_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_BLOWFISH;
cipher_table[i].name = blowfish_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_CAST5;
cipher_table[i].name = cast5_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_3DES;
cipher_table[i].name = des_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
+ cipher_table[i].algo = CIPHER_ALGO_IDEA;
+ cipher_table[i].name = idea_get_info( cipher_table[i].algo,
+ &cipher_table[i].keylen,
+ &cipher_table[i].blocksize,
+ &cipher_table[i].contextsize,
+ &cipher_table[i].setkey,
+ &cipher_table[i].encrypt,
+ &cipher_table[i].decrypt );
+ if (cipher_table[i].name)
+ i++; /* Note that IDEA is usually no available. */
#ifdef IS_DEVELOPMENT_VERSION
cipher_table[i].algo = CIPHER_ALGO_DUMMY;
cipher_table[i].name = "DUMMY";
cipher_table[i].blocksize = 8;
cipher_table[i].keylen = 128;
cipher_table[i].contextsize = 0;
cipher_table[i].setkey = dummy_setkey;
cipher_table[i].encrypt = dummy_encrypt_block;
cipher_table[i].decrypt = dummy_decrypt_block;
i++;
#endif
for( ; i < TABLE_SIZE; i++ )
cipher_table[i].name = NULL;
}
/****************
* Try to load all modules and return true if new modules are available
*/
static int
load_cipher_modules(void)
{
- static int done = 0;
- static int initialized = 0;
- void *context = NULL;
- struct cipher_table_s *ct;
- int ct_idx;
- int i;
- const char *name;
- int any = 0;
-
- if( !initialized ) {
- cipher_modules_constructor();
- setup_cipher_table(); /* load static modules on the first call */
- initialized = 1;
- return 1;
- }
+ static int initialized = 0;
- if( done )
- return 0;
- done = 1;
-
- for(ct_idx=0, ct = cipher_table; ct_idx < TABLE_SIZE; ct_idx++,ct++ ) {
- if( !ct->name )
- break;
- }
- if( ct_idx >= TABLE_SIZE-1 )
- BUG(); /* table already full */
- /* now load all extensions */
- while( (name = enum_gnupgext_ciphers( &context, &ct->algo,
- &ct->keylen, &ct->blocksize, &ct->contextsize,
- &ct->setkey, &ct->encrypt, &ct->decrypt)) ) {
- if( ct->blocksize != 8 && ct->blocksize != 16 ) {
- log_info("skipping cipher %d: unsupported blocksize\n", ct->algo);
- continue;
- }
- for(i=0; cipher_table[i].name; i++ )
- if( cipher_table[i].algo == ct->algo )
- break;
- if( cipher_table[i].name ) {
- log_info("skipping cipher %d: already loaded\n", ct->algo );
- continue;
- }
- /* put it into the table */
- if( g10_opt_verbose > 1 )
- log_info("loaded cipher %d (%s)\n", ct->algo, name);
- ct->name = name;
- ct_idx++;
- ct++;
- any = 1;
- /* check whether there are more available table slots */
- if( ct_idx >= TABLE_SIZE-1 ) {
- log_info("cipher table full; ignoring other extensions\n");
- break;
- }
+ if (!initialized )
+ {
+ setup_cipher_table(); /* load static modules on the first call */
+ initialized = 1;
+ return 1;
}
- enum_gnupgext_ciphers( &context, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL );
- return any;
+ return 0;
}
/****************
* Map a string to the cipher algo
*/
int
string_to_cipher_algo( const char *string )
{
int i;
const char *s;
/* kludge to alias RIJNDAEL to AES */
if ( *string == 'R' || *string == 'r')
{
if (!ascii_strcasecmp (string, "RIJNDAEL"))
string = "AES";
else if (!ascii_strcasecmp (string, "RIJNDAEL192"))
string = "AES192";
else if (!ascii_strcasecmp (string, "RIJNDAEL256"))
string = "AES256";
}
do
{
for(i=0; (s=cipher_table[i].name); i++ )
{
if( !ascii_strcasecmp( s, string ) )
return cipher_table[i].algo;
}
} while( load_cipher_modules() );
return 0;
}
/****************
* Map a cipher algo to a string
*/
const char *
cipher_algo_to_string( int algo )
{
int i;
do {
for(i=0; cipher_table[i].name; i++ )
if( cipher_table[i].algo == algo )
return cipher_table[i].name;
} while( load_cipher_modules() );
return NULL;
}
void
disable_cipher_algo( int algo )
{
int i;
for(i=0; i < DIM(disabled_algos); i++ ) {
if( !disabled_algos[i] || disabled_algos[i] == algo ) {
disabled_algos[i] = algo;
return;
}
}
/* fixme: we should use a linked list */
log_fatal("can't disable cipher algo %d: table full\n", algo );
}
/****************
* Return 0 if the cipher algo is available
*/
int
check_cipher_algo( int algo )
{
int i;
do {
for(i=0; cipher_table[i].name; i++ )
if( cipher_table[i].algo == algo ) {
for(i=0; i < DIM(disabled_algos); i++ ) {
if( disabled_algos[i] == algo )
return G10ERR_CIPHER_ALGO;
}
return 0; /* okay */
}
} while( load_cipher_modules() );
return G10ERR_CIPHER_ALGO;
}
unsigned
cipher_get_keylen( int algo )
{
int i;
unsigned len = 0;
do {
for(i=0; cipher_table[i].name; i++ ) {
if( cipher_table[i].algo == algo ) {
len = cipher_table[i].keylen;
if( !len )
log_bug("cipher %d w/o key length\n", algo );
return len;
}
}
} while( load_cipher_modules() );
log_bug("cipher %d not found\n", algo );
return 0;
}
unsigned
cipher_get_blocksize( int algo )
{
int i;
unsigned len = 0;
do {
for(i=0; cipher_table[i].name; i++ ) {
if( cipher_table[i].algo == algo ) {
len = cipher_table[i].blocksize;
if( !len )
log_bug("cipher %d w/o blocksize\n", algo );
return len;
}
}
} while( load_cipher_modules() );
log_bug("cipher %d not found\n", algo );
return 0;
}
/****************
* Open a cipher handle for use with algorithm ALGO, in mode MODE
* and put it into secure memory if SECURE is true.
*/
CIPHER_HANDLE
cipher_open( int algo, int mode, int secure )
{
CIPHER_HANDLE hd;
int i;
fast_random_poll();
do {
for(i=0; cipher_table[i].name; i++ )
if( cipher_table[i].algo == algo )
break;
} while( !cipher_table[i].name && load_cipher_modules() );
if( !cipher_table[i].name ) {
log_fatal("cipher_open: algorithm %d not available\n", algo );
return NULL;
}
/* ? perform selftest here and mark this with a flag in cipher_table ? */
hd = secure ? m_alloc_secure_clear( sizeof *hd
+ cipher_table[i].contextsize
- sizeof(PROPERLY_ALIGNED_TYPE) )
: m_alloc_clear( sizeof *hd + cipher_table[i].contextsize
- sizeof(PROPERLY_ALIGNED_TYPE) );
hd->algo = algo;
hd->blocksize = cipher_table[i].blocksize;
hd->setkey = cipher_table[i].setkey;
hd->encrypt = cipher_table[i].encrypt;
hd->decrypt = cipher_table[i].decrypt;
if( mode == CIPHER_MODE_AUTO_CFB ) {
if( algo >= 100 )
hd->mode = CIPHER_MODE_CFB;
else
hd->mode = CIPHER_MODE_PHILS_CFB;
}
else
hd->mode = mode;
#ifdef IS_DEVELOPMENT_VERSION
if( algo == CIPHER_ALGO_DUMMY )
hd->mode = CIPHER_MODE_DUMMY;
#endif
return hd;
}
void
cipher_close( CIPHER_HANDLE c )
{
m_free(c);
}
int
cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen )
{
return (*c->setkey)( &c->context.c, key, keylen );
}
void
cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
{
memset( c->iv, 0, c->blocksize );
if( iv ) {
if( ivlen != c->blocksize )
log_info("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
ivlen, (unsigned)c->blocksize );
if( ivlen > c->blocksize )
ivlen = c->blocksize;
memcpy( c->iv, iv, ivlen );
}
c->unused = 0;
}
static void
do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
(*c->encrypt)( &c->context.c, outbuf, inbuf );
inbuf += c->blocksize;
outbuf += c->blocksize;
}
}
static void
do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
(*c->decrypt)( &c->context.c, outbuf, inbuf );
inbuf += c->blocksize;
outbuf += c->blocksize;
}
}
static void
do_cbc_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned int n;
byte *ivp;
int i;
size_t blocksize = c->blocksize;
for(n=0; n < nblocks; n++ ) {
/* fixme: the xor should works on words and not on
* bytes. Maybe it is a good idea to enhance the cipher backend
* API to allow for CBC handling in the backend */
for(ivp=c->iv,i=0; i < blocksize; i++ )
outbuf[i] = inbuf[i] ^ *ivp++;
(*c->encrypt)( &c->context.c, outbuf, outbuf );
memcpy(c->iv, outbuf, blocksize );
inbuf += c->blocksize;
outbuf += c->blocksize;
}
}
static void
do_cbc_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned int n;
byte *ivp;
int i;
size_t blocksize = c->blocksize;
for(n=0; n < nblocks; n++ ) {
/* because outbuf and inbuf might be the same, we have
* to save the original ciphertext block. We use lastiv
* for this here because it is not used otherwise */
memcpy(c->lastiv, inbuf, blocksize );
(*c->decrypt)( &c->context.c, outbuf, inbuf );
for(ivp=c->iv,i=0; i < blocksize; i++ )
outbuf[i] ^= *ivp++;
memcpy(c->iv, c->lastiv, blocksize );
inbuf += c->blocksize;
outbuf += c->blocksize;
}
}
static void
do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
{
byte *ivp;
size_t blocksize = c->blocksize;
if( nbytes <= c->unused ) {
/* short enough to be encoded by the remaining XOR mask */
/* XOR the input with the IV and store input into IV */
for(ivp=c->iv+c->blocksize - c->unused; nbytes; nbytes--, c->unused-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
return;
}
if( c->unused ) {
/* XOR the input with the IV and store input into IV */
nbytes -= c->unused;
for(ivp=c->iv+blocksize - c->unused; c->unused; c->unused-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
}
/* now we can process complete blocks */
while( nbytes >= blocksize ) {
int i;
/* encrypt the IV (and save the current one) */
memcpy( c->lastiv, c->iv, blocksize );
(*c->encrypt)( &c->context.c, c->iv, c->iv );
/* XOR the input with the IV and store input into IV */
for(ivp=c->iv,i=0; i < blocksize; i++ )
*outbuf++ = (*ivp++ ^= *inbuf++);
nbytes -= blocksize;
}
if( nbytes ) { /* process the remaining bytes */
/* encrypt the IV (and save the current one) */
memcpy( c->lastiv, c->iv, blocksize );
(*c->encrypt)( &c->context.c, c->iv, c->iv );
c->unused = blocksize;
/* and apply the xor */
c->unused -= nbytes;
for(ivp=c->iv; nbytes; nbytes-- )
*outbuf++ = (*ivp++ ^= *inbuf++);
}
}
static void
do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
{
byte *ivp;
ulong temp;
size_t blocksize = c->blocksize;
if( nbytes <= c->unused ) {
/* short enough to be encoded by the remaining XOR mask */
/* XOR the input with the IV and store input into IV */
for(ivp=c->iv+blocksize - c->unused; nbytes; nbytes--,c->unused--){
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
return;
}
if( c->unused ) {
/* XOR the input with the IV and store input into IV */
nbytes -= c->unused;
for(ivp=c->iv+blocksize - c->unused; c->unused; c->unused-- ) {
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
}
/* now we can process complete blocks */
while( nbytes >= blocksize ) {
int i;
/* encrypt the IV (and save the current one) */
memcpy( c->lastiv, c->iv, blocksize );
(*c->encrypt)( &c->context.c, c->iv, c->iv );
/* XOR the input with the IV and store input into IV */
for(ivp=c->iv,i=0; i < blocksize; i++ ) {
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
nbytes -= blocksize;
}
if( nbytes ) { /* process the remaining bytes */
/* encrypt the IV (and save the current one) */
memcpy( c->lastiv, c->iv, blocksize );
(*c->encrypt)( &c->context.c, c->iv, c->iv );
c->unused = blocksize;
/* and apply the xor */
c->unused -= nbytes;
for(ivp=c->iv; nbytes; nbytes-- ) {
temp = *inbuf++;
*outbuf++ = *ivp ^ temp;
*ivp++ = temp;
}
}
}
/****************
* Encrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same.
* Depending on the mode some some contraints apply to NBYTES.
*/
void
cipher_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
{
switch( c->mode ) {
case CIPHER_MODE_ECB:
assert(!(nbytes%c->blocksize));
do_ecb_encrypt(c, outbuf, inbuf, nbytes/c->blocksize );
break;
case CIPHER_MODE_CBC:
assert(!(nbytes%c->blocksize));
do_cbc_encrypt(c, outbuf, inbuf, nbytes/c->blocksize );
break;
case CIPHER_MODE_CFB:
case CIPHER_MODE_PHILS_CFB:
do_cfb_encrypt(c, outbuf, inbuf, nbytes );
break;
#ifdef IS_DEVELOPMENT_VERSION
case CIPHER_MODE_DUMMY:
if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes );
break;
#endif
default: log_fatal("cipher_encrypt: invalid mode %d\n", c->mode );
}
}
/****************
* Decrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same.
* Depending on the mode some some contraints apply to NBYTES.
*/
void
cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
{
switch( c->mode ) {
case CIPHER_MODE_ECB:
assert(!(nbytes%c->blocksize));
do_ecb_decrypt(c, outbuf, inbuf, nbytes/c->blocksize );
break;
case CIPHER_MODE_CBC:
assert(!(nbytes%c->blocksize));
do_cbc_decrypt(c, outbuf, inbuf, nbytes/c->blocksize );
break;
case CIPHER_MODE_CFB:
case CIPHER_MODE_PHILS_CFB:
do_cfb_decrypt(c, outbuf, inbuf, nbytes );
break;
#ifdef IS_DEVELOPMENT_VERSION
case CIPHER_MODE_DUMMY:
if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes );
break;
#endif
default: log_fatal("cipher_decrypt: invalid mode %d\n", c->mode );
}
}
/****************
* Used for PGP's somewhat strange CFB mode. Only works if
* the handle is in PHILS_CFB mode
*/
void
cipher_sync( CIPHER_HANDLE c )
{
if( c->mode == CIPHER_MODE_PHILS_CFB && c->unused ) {
memmove(c->iv + c->unused, c->iv, c->blocksize - c->unused );
memcpy(c->iv, c->lastiv + c->blocksize - c->unused, c->unused);
c->unused = 0;
}
}
diff --git a/cipher/dynload.c b/cipher/dynload.c
index 09cd1366a..38c6a0c35 100644
--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@@ -1,681 +1,103 @@
/* dynload.c - load cipher extensions
- * Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
-#ifdef HAVE_DL_DLOPEN
- #include <dlfcn.h>
-#elif defined(HAVE_DLD_DLD_LINK)
- #include <dld.h>
-#elif defined(HAVE_DL_SHL_LOAD)
- #include <dl.h>
- #include <errno.h>
-#endif
-#ifdef __MINGW32__
- #include <windows.h>
-#endif
#include "util.h"
#include "cipher.h"
-#include "dynload.h"
-
-#ifdef WITH_SYMBOL_UNDERSCORE
- #define SYMBOL_VERSION "_gnupgext_version"
- #define SYMBOL_ENUM "_gnupgext_enum_func"
-#else
- #define SYMBOL_VERSION "gnupgext_version"
- #define SYMBOL_ENUM "gnupgext_enum_func"
-#endif
-
-
-#ifndef RTLD_NOW
- #define RTLD_NOW 1
-#endif
-
-#ifdef HAVE_DL_SHL_LOAD /* HPUX has shl_load instead of dlopen */
-#define HAVE_DL_DLOPEN
-#define dlopen(PATHNAME,MODE) \
- ((void *) shl_load(PATHNAME, DYNAMIC_PATH | \
- (((MODE) & RTLD_NOW) ? BIND_IMMEDIATE : BIND_DEFERRED), 0L))
-#define dlclose(HANDLE) shl_unload((shl_t) (HANDLE))
-#define dlerror() (errno == 0 ? NULL : strerror(errno))
-
-static void *
-dlsym(void *handle, char *name)
-{
- void *addr;
- if (shl_findsym((shl_t *)&handle,name,(short)TYPE_UNDEFINED,&addr) != 0) {
- return NULL;
- }
- return addr;
-}
-#endif /*HAVE_DL_SHL_LOAD*/
-
-#ifdef __MINGW32__
-#define HAVE_DL_DLOPEN
-#define USE_DYNAMIC_LINKING
-
-static int last_error = 0;
-
-void*
-dlopen(const char *pathname, int mode)
-{
- void *h = LoadLibrary( pathname );
- if (!h) {
- log_error( "LoadLibrary failed ec=%d\n", (int)GetLastError() );
- last_error = 1;
- return NULL;
- }
- return h;
-}
-
-int
-dlclose( void *handle )
-{
- last_error = 0;
- return FreeLibrary( handle );
-}
-
-char*
-dlerror(void)
-{
- static char dlerrstr[10];
- if (last_error) {
- sprintf(dlerrstr, "%d", (int)GetLastError() );
- return dlerrstr;
- }
- return NULL;
-}
-
-void*
-dlsym( void *handle, const char *name )
-{
- void *h = GetProcAddress( handle, name );
- if (!h) {
- log_error( "GetProcAddress failed ec=%d\n", (int)GetLastError() );
- last_error = 1;
- return NULL;
- }
- return h;
-}
-#endif /*__MINGW32__*/
-
-
-
+#include "algorithms.h"
typedef struct ext_list {
struct ext_list *next;
- int internal;
- #ifdef HAVE_DL_DLOPEN
- void *handle; /* handle from dlopen() */
- #else
- int handle; /* if the function has been loaded, this is true */
- #endif
- int failed; /* already tried but failed */
- void * (*enumfunc)(int, int*, int*, int*);
- char *hintstr; /* pointer into name */
char name[1];
} *EXTLIST;
static EXTLIST extensions;
-typedef struct {
- EXTLIST r;
- int seq1;
- int seq2;
- void *sym;
- int reqalgo;
-} ENUMCONTEXT;
-
-
-#ifdef HAVE_DLD_DLD_LINK
-static char *mainpgm_path;
-static int did_dld_init;
-static int dld_available;
-#endif
-
-
-/****************
+/* This is actually not used anymore but we keep a list of already
+ * set extensions modules here.
+ *
+ * Here is the ancient comment:
* Register an extension module. The last registered module will
* be loaded first. A name may have a list of classes
* appended; e.g:
* mymodule.so(1:17,3:20,3:109)
* means that this module provides digest algorithm 17 and public key
* algorithms 20 and 109. This is only a hint but if it is there the
* loader may decide to only load a module which claims to have a
* requested algorithm.
*
* mainpgm is the path to the program which wants to load a module
* it is only used in some environments.
*/
void
register_cipher_extension( const char *mainpgm, const char *fname )
{
EXTLIST r, el, intex;
char *p, *pe;
- #ifdef HAVE_DLD_DLD_LINK
- if( !mainpgm_path && mainpgm && *mainpgm )
- mainpgm_path = m_strdup(mainpgm);
- #endif
if( *fname != DIRSEP_C ) { /* do tilde expansion etc */
char *tmp;
if( strchr(fname, DIRSEP_C) )
tmp = make_filename(fname, NULL);
else
tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
el = m_alloc_clear( sizeof *el + strlen(tmp) );
strcpy(el->name, tmp );
m_free(tmp);
}
else {
el = m_alloc_clear( sizeof *el + strlen(fname) );
strcpy(el->name, fname );
}
/* check whether we have a class hint */
- if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
+ if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] )
*p = *pe = 0;
- el->hintstr = p+1;
- }
- else
- el->hintstr = NULL;
/* check that it is not already registered */
intex = NULL;
- for(r = extensions; r; r = r->next ) {
- if( !compare_filenames(r->name, el->name) ) {
- log_info("extension `%s' already registered\n", el->name );
- m_free(el);
- return;
- }
- else if( r->internal )
- intex = r;
- }
- /* and register */
- /* we put them after the internal extension modules */
- /* this is so that the external modules do not get loaded */
- /* as soon as the internal modules are requested */
- if( intex ) {
- el->next = intex->next;
- intex->next = el;
- }
- else {
- el->next = extensions;
- extensions = el;
- }
-}
-
-void
-register_internal_cipher_extension(
- const char *module_id,
- void * (*enumfunc)(int, int*, int*, int*)
- )
-{
- EXTLIST r, el;
-
- el = m_alloc_clear( sizeof *el + strlen(module_id) );
- strcpy(el->name, module_id );
- el->internal = 1;
-
- /* check that it is not already registered */
for(r = extensions; r; r = r->next ) {
if( !compare_filenames(r->name, el->name) ) {
log_info("extension `%s' already registered\n", el->name );
m_free(el);
return;
}
}
/* and register */
- el->enumfunc = enumfunc;
- #ifdef HAVE_DL_DLOPEN
- el->handle = (void*)1;
- #else
- el->handle = 1;
- #endif
el->next = extensions;
extensions = el;
}
-
-static int
-load_extension( EXTLIST el )
-{
- #ifdef USE_DYNAMIC_LINKING
- char **name;
- #ifdef HAVE_DL_DLOPEN
- const char *err;
- int seq = 0;
- int class, vers;
- void *sym;
- #else
- unsigned long addr;
- int rc;
- #endif
-
- #ifndef __MINGW32__
- /* make sure we are not setuid */
- if( getuid() != geteuid() )
- log_bug("trying to load an extension while still setuid\n");
- #endif
-
- /* now that we are not setuid anymore, we can safely load modules */
- #ifdef HAVE_DL_DLOPEN
- el->handle = dlopen(el->name, RTLD_NOW);
- if( !el->handle ) {
- log_error("%s: error loading extension: %s\n", el->name, dlerror() );
- goto failure;
- }
- name = (char**)dlsym(el->handle, SYMBOL_VERSION);
- if( (err=dlerror()) ) {
- log_error("%s: not a gnupg extension: %s\n", el->name, err );
- goto failure;
- }
- #else /* have dld */
- if( !did_dld_init ) {
- did_dld_init = 1;
- if( !mainpgm_path )
- log_error("DLD is not correctly initialized\n");
- else {
- rc = dld_init( dld_find_executable(mainpgm_path) );
- if( rc )
- log_error("DLD init failed: %s\n", dld_strerror(rc) );
- else
- dld_available = 1;
- }
- }
- if( !dld_available ) {
- log_error("%s: DLD not available\n", el->name );
- goto failure;
- }
-
- rc = dld_link( el->name );
- if( rc ) {
- log_error("%s: error loading extension: %s\n",
- el->name, dld_strerror(rc) );
- goto failure;
- }
- addr = dld_get_symbol(SYMBOL_VERSION);
- if( !addr ) {
- log_error("%s: not a gnupg extension: %s\n",
- el->name, dld_strerror(dld_errno) );
- goto failure;
- }
- name = (char**)addr;
- #endif
-
- if( g10_opt_verbose > 1 )
- log_info("%s: %s%s%s%s\n", el->name, *name,
- el->hintstr? " (":"",
- el->hintstr? el->hintstr:"",
- el->hintstr? ")":"");
-
- #ifdef HAVE_DL_DLOPEN
- sym = dlsym(el->handle, SYMBOL_ENUM);
- if( (err=dlerror()) ) {
- log_error("%s: invalid gnupg extension: %s\n", el->name, err );
- goto failure;
- }
- el->enumfunc = (void *(*)(int,int*,int*,int*))sym;
- #else /* dld */
- addr = dld_get_func(SYMBOL_ENUM);
- if( !addr ) {
- log_error("%s: invalid gnupg extension: %s\n",
- el->name, dld_strerror(dld_errno) );
- goto failure;
- }
- rc = dld_function_executable_p(SYMBOL_ENUM);
- if( rc ) {
- log_error("%s: extension function is not executable: %s\n",
- el->name, dld_strerror(rc) );
- goto failure;
- }
- el->enumfunc = (void *(*)(int,int*,int*,int*))addr;
- el->handle = 1; /* mark as usable */
- #endif
-
- #ifdef HAVE_DL_DLOPEN
- if( g10_opt_verbose > 2 ) {
- /* list the contents of the module */
- while( (sym = (*el->enumfunc)(0, &seq, &class, &vers)) ) {
- if( vers != 1 ) {
- log_info("%s: ignoring func with version %d\n",el->name,vers);
- continue;
- }
- switch( class ) {
- case 11:
- case 21:
- case 31:
- log_info("%s: provides %s algorithm %d\n", el->name,
- class == 11? "md" :
- class == 21? "cipher" : "pubkey",
- *(int*)sym);
- break;
- default:
- /*log_debug("%s: skipping class %d\n", el->name, class);*/
- break;
- }
- }
- }
- #endif
- return 0;
-
- failure:
- #ifdef HAVE_DL_DLOPEN
- if( el->handle ) {
- dlclose(el->handle);
- el->handle = NULL;
- }
- #endif
- el->failed = 1;
- #endif /*USE_DYNAMIC_LINKING*/
- return -1;
-}
-
-#ifdef __riscos__
-typedef
-const char *(*DIGESTS_CAST)(int, size_t*,byte**, int*, int*,
- void (**)(void*),
- void (**)(void*,byte*,size_t),
- void (**)(void*),byte *(**)(void*));
-#endif /* __riscos__ */
-
-int
-enum_gnupgext_digests( void **enum_context,
- int *algo,
- const char *(**r_get_info)( int, size_t*,byte**, int*, int*,
- void (**)(void*),
- void (**)(void*,byte*,size_t),
- void (**)(void*),byte *(**)(void*)) )
-{
- EXTLIST r;
- ENUMCONTEXT *ctx;
-
- if( !*enum_context ) { /* init context */
- ctx = m_alloc_clear( sizeof( *ctx ) );
- ctx->r = extensions;
- ctx->reqalgo = *algo;
- *enum_context = ctx;
- }
- else if( !algo ) { /* release the context */
- m_free(*enum_context);
- *enum_context = NULL;
- return 0;
- }
- else
- ctx = *enum_context;
-
- for( r = ctx->r; r; r = r->next ) {
- int class, vers;
-
- if( r->failed )
- continue;
- if( !r->handle && load_extension(r) )
- continue;
- /* get a digest info function */
- if( ctx->sym )
- goto inner_loop;
- while( (ctx->sym = (*r->enumfunc)(10, &ctx->seq1, &class, &vers)) ) {
- void *sym;
- /* must check class because enumfunc may be wrong coded */
- if( vers != 1 || class != 10 )
- continue;
- inner_loop:
-#ifndef __riscos__
- *r_get_info = ctx->sym;
-#else /* __riscos__ */
- *r_get_info = (DIGESTS_CAST) ctx->sym;
-#endif /* __riscos__ */
- while( (sym = (*r->enumfunc)(11, &ctx->seq2, &class, &vers)) ) {
- if( vers != 1 || class != 11 )
- continue;
- *algo = *(int*)sym;
- ctx->r = r;
- return 1;
- }
- ctx->seq2 = 0;
- }
- ctx->seq1 = 0;
- }
- ctx->r = r;
- return 0;
-}
-
-#ifdef __riscos__
-typedef
-const char *(*CIPHERS_CAST)(int, size_t*, size_t*, size_t*,
- int (**)( void *, byte *, unsigned),
- void (**)( void *, byte *, byte *),
- void (**)( void *, byte *, byte *));
-#endif /* __riscos__ */
-
+/* Return the module name with index SEQ, return NULL as as indication
+ for end of list. */
const char *
-enum_gnupgext_ciphers( void **enum_context, int *algo,
- size_t *keylen, size_t *blocksize, size_t *contextsize,
- int (**setkeyf)( void *c, byte *key, unsigned keylen ),
- void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
- void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
- )
+dynload_enum_module_names (int seq)
{
- EXTLIST r;
- ENUMCONTEXT *ctx;
- const char * (*finfo)(int, size_t*, size_t*, size_t*,
- int (**)( void *, byte *, unsigned),
- void (**)( void *, byte *, byte *),
- void (**)( void *, byte *, byte *));
+ EXTLIST el = extensions;
- if( !*enum_context ) { /* init context */
- ctx = m_alloc_clear( sizeof( *ctx ) );
- ctx->r = extensions;
- *enum_context = ctx;
- }
- else if( !algo ) { /* release the context */
- m_free(*enum_context);
- *enum_context = NULL;
- return NULL;
- }
- else
- ctx = *enum_context;
-
- for( r = ctx->r; r; r = r->next ) {
- int class, vers;
-
- if( r->failed )
- continue;
- if( !r->handle && load_extension(r) )
- continue;
- /* get a cipher info function */
- if( ctx->sym )
- goto inner_loop;
- while( (ctx->sym = (*r->enumfunc)(20, &ctx->seq1, &class, &vers)) ) {
- void *sym;
- /* must check class because enumfunc may be wrong coded */
- if( vers != 1 || class != 20 )
- continue;
- inner_loop:
-#ifndef __riscos__
- finfo = ctx->sym;
-#else /* __riscos__ */
- finfo = (CIPHERS_CAST) ctx->sym;
-#endif /* __riscos__ */
- while( (sym = (*r->enumfunc)(21, &ctx->seq2, &class, &vers)) ) {
- const char *algname;
- if( vers != 1 || class != 21 )
- continue;
- *algo = *(int*)sym;
- algname = (*finfo)( *algo, keylen, blocksize, contextsize,
- setkeyf, encryptf, decryptf );
- if( algname ) {
- ctx->r = r;
- return algname;
- }
- }
- ctx->seq2 = 0;
- }
- ctx->seq1 = 0;
- }
- ctx->r = r;
- return NULL;
-}
-
-#ifdef __riscos__
-typedef
-const char *(*PUBKEYS_CAST)(int, int *, int *, int *, int *, int *,
- int (**)(int, unsigned, MPI *, MPI **),
- int (**)(int, MPI *),
- int (**)(int, MPI *, MPI , MPI *),
- int (**)(int, MPI *, MPI *, MPI *),
- int (**)(int, MPI *, MPI , MPI *),
- int (**)(int, MPI , MPI *, MPI *,
- int (*)(void*,MPI), void *),
- unsigned (**)( int , MPI *));
-#endif /* __riscos__ */
-
-const char *
-enum_gnupgext_pubkeys( void **enum_context, int *algo,
- int *npkey, int *nskey, int *nenc, int *nsig, int *use,
- int (**generate)( int algo, unsigned nbits, MPI *skey, MPI **retfactors ),
- int (**check_secret_key)( int algo, MPI *skey ),
- int (**encryptf)( int algo, MPI *resarr, MPI data, MPI *pkey ),
- int (**decryptf)( int algo, MPI *result, MPI *data, MPI *skey ),
- int (**sign)( int algo, MPI *resarr, MPI data, MPI *skey ),
- int (**verify)( int algo, MPI hash, MPI *data, MPI *pkey,
- int (*cmp)(void *, MPI), void *opaquev ),
- unsigned (**get_nbits)( int algo, MPI *pkey ) )
-{
- EXTLIST r;
- ENUMCONTEXT *ctx;
- const char * (*finfo)( int, int *, int *, int *, int *, int *,
- int (**)( int, unsigned, MPI *, MPI **),
- int (**)( int, MPI * ),
- int (**)( int, MPI *, MPI , MPI * ),
- int (**)( int, MPI *, MPI *, MPI * ),
- int (**)( int, MPI *, MPI , MPI * ),
- int (**)( int, MPI , MPI *, MPI *,
- int (*)(void*,MPI), void *),
- unsigned (**)( int , MPI * ) );
-
- if( !*enum_context ) { /* init context */
- ctx = m_alloc_clear( sizeof( *ctx ) );
- ctx->r = extensions;
- *enum_context = ctx;
- }
- else if( !algo ) { /* release the context */
- m_free(*enum_context);
- *enum_context = NULL;
- return NULL;
- }
- else
- ctx = *enum_context;
-
- for( r = ctx->r; r; r = r->next ) {
- int class, vers;
-
- if( r->failed )
- continue;
- if( !r->handle && load_extension(r) )
- continue;
- /* get a pubkey info function */
- if( ctx->sym )
- goto inner_loop;
- while( (ctx->sym = (*r->enumfunc)(30, &ctx->seq1, &class, &vers)) ) {
- void *sym;
- if( vers != 1 || class != 30 )
- continue;
- inner_loop:
-#ifndef __riscos__
- finfo = ctx->sym;
-#else /* __riscos__ */
- finfo = (PUBKEYS_CAST) ctx->sym;
-#endif /* __riscos__ */
- while( (sym = (*r->enumfunc)(31, &ctx->seq2, &class, &vers)) ) {
- const char *algname;
- if( vers != 1 || class != 31 )
- continue;
- *algo = *(int*)sym;
- algname = (*finfo)( *algo, npkey, nskey, nenc, nsig, use,
- generate, check_secret_key, encryptf,
- decryptf, sign, verify, get_nbits );
- if( algname ) {
- ctx->r = r;
- return algname;
- }
- }
- ctx->seq2 = 0;
- }
- ctx->seq1 = 0;
- }
- ctx->r = r;
- return NULL;
-}
-
-
-int (*
-dynload_getfnc_gather_random())(void (*)(const void*, size_t, int), int,
- size_t, int)
-{
- EXTLIST r;
- void *sym;
-
- for( r = extensions; r; r = r->next ) {
- int seq, class, vers;
-
- if( r->failed )
- continue;
- if( !r->handle && load_extension(r) )
- continue;
- seq = 0;
- while( (sym = (*r->enumfunc)(40, &seq, &class, &vers)) ) {
- if( vers != 1 || class != 40 )
- continue;
- return (int (*)(void (*)(const void*, size_t, int), int,
- size_t, int))sym;
- }
- }
- return NULL;
+ for (; el && el->name && seq; el = el->next, seq--)
+ ;
+ return el? el->name:NULL;
}
-
-
-void (*
-dynload_getfnc_fast_random_poll())( void (*)(const void*, size_t, int), int)
-{
- EXTLIST r;
- void *sym;
-
- for( r = extensions; r; r = r->next ) {
- int seq, class, vers;
-
- if( r->failed )
- continue;
- if( !r->handle && load_extension(r) )
- continue;
- seq = 0;
- while( (sym = (*r->enumfunc)(41, &seq, &class, &vers)) ) {
- if( vers != 1 || class != 41 )
- continue;
- return (void (*)( void (*)(const void*, size_t, int), int))sym;
- }
- }
- return NULL;
-}
-
diff --git a/cipher/idea-stub.c b/cipher/idea-stub.c
new file mode 100644
index 000000000..3a9782037
--- /dev/null
+++ b/cipher/idea-stub.c
@@ -0,0 +1,187 @@
+/* idea-stub.c - Dummy module for the deprecated IDEA cipher.
+ * Copyright (C) 2002 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* IDEA is a patented algorithm and therefore the use of IDEA in
+ countries where this patent is valid can not be allowed due to the
+ terms of the GNU General Public License. Those restrictions are
+ there to help protecting the freedom of software. For more
+ information on the nonsense of software patents and the general
+ problem with this, please see http://www.noepatents.org.
+
+ However for research purposes and in certain situations it might be
+ useful to use this algorithm anyway.
+
+ We provide this stub which will dynload a idea module and is only
+ used if the configure run did't found statically linked file.
+ See http://www.gnupg.org/why-not-dea.html for details.
+*/
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#ifdef HAVE_DL_DLOPEN
+ #include <dlfcn.h>
+#endif
+#ifdef __MINGW32__
+ #include <windows.h>
+#endif
+#include "util.h"
+#include "algorithms.h"
+
+#ifndef RTLD_NOW
+ #define RTLD_NOW 1
+#endif
+
+
+#ifdef __MINGW32__
+#define HAVE_DL_DLOPEN
+#define USE_DYNAMIC_LINKING
+
+static int last_error = 0;
+
+void*
+dlopen (const char *pathname, int mode)
+{
+ void *h = LoadLibrary (pathname);
+ if (!h)
+ {
+ log_error ("LoadLibrary failed ec=%d\n", (int)GetLastError());
+ last_error = 1;
+ return NULL;
+ }
+ return h;
+}
+
+int
+dlclose ( void *handle )
+{
+ last_error = 0;
+ return FreeLibrary (handle);
+}
+
+char*
+dlerror (void)
+{
+ static char dlerrstr[10];
+ if (last_error)
+ {
+ sprintf(dlerrstr, "%d", (int)GetLastError() );
+ return dlerrstr;
+ }
+ return NULL;
+}
+
+void*
+dlsym ( void *handle, const char *name )
+{
+ void *h = GetProcAddress (handle, name);
+ if (!h)
+ {
+ log_error ("GetProcAddress failed ec=%d\n", (int)GetLastError());
+ last_error = 1;
+ }
+ return h;
+}
+#endif /*__MINGW32__*/
+
+/* We do only support dlopen and the Windows emulation of it. */
+#ifndef HAVE_DL_DLOPEN
+#undef USE_DYNAMIC_LINKING
+#endif
+
+
+static void *
+load_module (const char *name)
+{
+#ifdef USE_DYNAMIC_LINKING
+ const char *err;
+ void *handle;
+ void *sym;
+
+#ifndef __MINGW32__
+ /* Make sure we are not setuid. */
+ if (getuid() != geteuid())
+ log_bug("trying to load an extension while still setuid\n");
+#endif
+
+ handle = dlopen (name, RTLD_NOW);
+ if (!name)
+ {
+ /*log_error ("error loading module `%s': %s\n", name, dlerror());*/
+ goto failure;
+ }
+
+ sym = dlsym (handle, "idea_get_info");
+ if (dlerror ())
+ sym = dlsym (handle, "_idea_get_info");
+ if ((err=dlerror()))
+ {
+ log_info ("invalid module `%s': %s\n", name, err);
+ goto failure;
+ }
+
+ return sym;
+
+ failure:
+ if (handle)
+ dlclose (handle);
+#endif /*USE_DYNAMIC_LINKING*/
+ return NULL;
+}
+
+
+const char *
+idea_get_info( int algo, size_t *keylen,
+ size_t *blocksize, size_t *contextsize,
+ int (**r_setkey)( void *c, byte *key, unsigned keylen ),
+ void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
+ void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
+ )
+{
+ static int initialized;
+ static const char * (*info_fnc)(int, size_t*, size_t*, size_t*,
+ int (**)( void *, byte *, unsigned),
+ void (**)( void *, byte *, byte *),
+ void (**)( void *, byte *, byte *));
+ const char *rstr;
+ int i;
+
+ if (!initialized)
+ {
+ initialized = 1;
+ for (i=0; (rstr = dynload_enum_module_names (i)); i++)
+ {
+ info_fnc = load_module (rstr);
+ if (info_fnc)
+ break;
+ }
+ }
+ if (!info_fnc)
+ return NULL; /* dynloadable module not found. */
+ rstr = info_fnc (algo, keylen, blocksize, contextsize,
+ r_setkey, r_encrypt, r_decrypt);
+ if (rstr && *keylen == 128 && *blocksize == 8
+ && *r_setkey && *r_encrypt && r_decrypt)
+ return rstr;
+ return NULL;
+}
+
diff --git a/cipher/md.c b/cipher/md.c
index 49728638b..85c1f5b2a 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -1,524 +1,488 @@
/* md.c - message digest dispatcher
- * Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "util.h"
#include "cipher.h"
#include "errors.h"
-#include "dynload.h"
-#include "rmd.h"
-
+#include "algorithms.h"
/****************
* This structure is used for the list of available algorithms
* and for the list of algorithms in MD_HANDLE.
*/
struct md_digest_list_s {
struct md_digest_list_s *next;
const char *name;
int algo;
byte *asnoid;
int asnlen;
int mdlen;
void (*init)( void *c );
void (*write)( void *c, byte *buf, size_t nbytes );
void (*final)( void *c );
byte *(*read)( void *c );
size_t contextsize; /* allocate this amount of context */
PROPERLY_ALIGNED_TYPE context;
};
static struct md_digest_list_s *digest_list;
static struct md_digest_list_s *
-new_list_item( int algo,
+new_list_item (int algo,
const char *(*get_info)( int, size_t*,byte**, int*, int*,
void (**)(void*),
void (**)(void*,byte*,size_t),
- void (**)(void*),byte *(**)(void*)) )
+ void (**)(void*),byte *(**)(void*)))
{
- struct md_digest_list_s *r;
-
- r = m_alloc_clear( sizeof *r );
- r->algo = algo,
- r->name = (*get_info)( algo, &r->contextsize,
- &r->asnoid, &r->asnlen, &r->mdlen,
- &r->init, &r->write, &r->final, &r->read );
- if( !r->name ) {
- m_free(r);
- r = NULL;
+ struct md_digest_list_s *r;
+
+ r = m_alloc_clear (sizeof *r );
+ r->algo = algo;
+ r->name = (*get_info)( algo, &r->contextsize,
+ &r->asnoid, &r->asnlen, &r->mdlen,
+ &r->init, &r->write, &r->final, &r->read );
+ if (!r->name )
+ {
+ m_free(r);
+ r = NULL;
+ }
+ if (r)
+ {
+ r->next = digest_list;
+ digest_list = r;
}
- return r;
+ return r;
}
-/****************
- * Try to load the modules with the requeste algorithm
- * and return true if new modules are available
- * If req_alog is -1 try to load all digest algorithms.
+/*
+ Load all available hash algorithms and return true. Subsequent
+ calls will return 0.
*/
static int
-load_digest_module( int req_algo )
+load_digest_module (void)
{
- static int initialized = 0;
- static u32 checked_algos[256/32];
- static int checked_all = 0;
- struct md_digest_list_s *r;
- void *context = NULL;
- int algo;
- int any = 0;
- const char *(*get_info)( int, size_t*,byte**, int*, int*,
- void (**)(void*),
- void (**)(void*,byte*,size_t),
- void (**)(void*),byte *(**)(void*));
-
- if( !initialized ) {
- cipher_modules_constructor();
- initialized = 1;
- }
- algo = req_algo;
- if( algo > 255 || !algo )
- return 0; /* algorithm number too high (does not fit into out bitmap)*/
- if( checked_all )
- return 0; /* already called with -1 */
- if( algo < 0 )
- checked_all = 1;
- else if( (checked_algos[algo/32] & (1 << (algo%32))) )
- return 0; /* already checked and not found */
- else
- checked_algos[algo/32] |= (1 << (algo%32));
-
- while( enum_gnupgext_digests( &context, &algo, &get_info ) ) {
- if( req_algo != -1 && algo != req_algo )
- continue;
- for(r=digest_list; r; r = r->next )
- if( r->algo == algo )
- break;
- if( r ) {
- log_info("skipping digest %d: already loaded\n", algo );
- continue;
- }
- r = new_list_item( algo, get_info );
- if( ! r ) {
- log_info("skipping digest %d: no name\n", algo );
- continue;
- }
- /* put it into the list */
- if( g10_opt_verbose > 1 )
- log_info("loaded digest %d\n", algo);
- r->next = digest_list;
- digest_list = r;
- any = 1;
- if( req_algo != -1 )
- break;
- }
- enum_gnupgext_digests( &context, NULL, NULL );
- return any;
-}
+ static int initialized = 0;
+ if (initialized)
+ return 0;
+ initialized = 1;
+
+ /* We load them in reverse order so that the most
+ frequently used are the first in the list. */
+ new_list_item (DIGEST_ALGO_TIGER, tiger_get_info);
+ if (!new_list_item (DIGEST_ALGO_MD5, md5_get_info))
+ BUG ();
+ if (!new_list_item (DIGEST_ALGO_RMD160, rmd160_get_info))
+ BUG ();
+ if (!new_list_item (DIGEST_ALGO_SHA1, sha1_get_info))
+ BUG ();
+
+ return 1;
+}
/****************
- * Map a string to the digest algo
- */
+ * Map a string to the digest algo */
int
string_to_digest_algo( const char *string )
{
struct md_digest_list_s *r;
do {
for(r = digest_list; r; r = r->next )
if( !ascii_strcasecmp( r->name, string ) )
return r->algo;
- } while( !r && load_digest_module(-1) );
+ } while( !r && load_digest_module () );
return 0;
}
/****************
* Map a digest algo to a string
*/
const char *
digest_algo_to_string( int algo )
{
struct md_digest_list_s *r;
do {
for(r = digest_list; r; r = r->next )
if( r->algo == algo )
return r->name;
- } while( !r && load_digest_module( algo ) );
+ } while( !r && load_digest_module () );
return NULL;
}
int
check_digest_algo( int algo )
{
struct md_digest_list_s *r;
do {
for(r = digest_list; r; r = r->next )
if( r->algo == algo )
return 0;
- } while( !r && load_digest_module(algo) );
+ } while( !r && load_digest_module () );
return G10ERR_DIGEST_ALGO;
}
/****************
* Open a message digest handle for use with algorithm ALGO.
* More algorithms may be added by md_enable(). The initial algorithm
* may be 0.
*/
MD_HANDLE
md_open( int algo, int secure )
{
MD_HANDLE hd;
int bufsize;
if( secure ) {
bufsize = 512 - sizeof( *hd );
hd = m_alloc_secure_clear( sizeof *hd + bufsize );
}
else {
bufsize = 1024 - sizeof( *hd );
hd = m_alloc_clear( sizeof *hd + bufsize );
}
hd->bufsize = bufsize+1; /* hd has already one byte allocated */
hd->secure = secure;
if( algo )
md_enable( hd, algo );
fast_random_poll();
return hd;
}
void
md_enable( MD_HANDLE h, int algo )
{
struct md_digest_list_s *r, *ac;
for( ac=h->list; ac; ac = ac->next )
if( ac->algo == algo )
return ; /* already enabled */
/* find the algorithm */
do {
for(r = digest_list; r; r = r->next )
if( r->algo == algo )
break;
- } while( !r && load_digest_module( algo ) );
+ } while( !r && load_digest_module () );
if( !r ) {
log_error("md_enable: algorithm %d not available\n", algo );
return;
}
/* and allocate a new list entry */
ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize
- sizeof(r->context) )
: m_alloc( sizeof *ac + r->contextsize
- sizeof(r->context) );
*ac = *r;
ac->next = h->list;
h->list = ac;
/* and init this instance */
(*ac->init)( &ac->context.c );
}
MD_HANDLE
md_copy( MD_HANDLE a )
{
MD_HANDLE b;
struct md_digest_list_s *ar, *br;
if( a->bufcount )
md_write( a, NULL, 0 );
b = a->secure ? m_alloc_secure( sizeof *b + a->bufsize - 1 )
: m_alloc( sizeof *b + a->bufsize - 1 );
memcpy( b, a, sizeof *a + a->bufsize - 1 );
b->list = NULL;
b->debug = NULL;
/* and now copy the complete list of algorithms */
/* I know that the copied list is reversed, but that doesn't matter */
for( ar=a->list; ar; ar = ar->next ) {
br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize
- sizeof(ar->context) )
: m_alloc( sizeof *br + ar->contextsize
- sizeof(ar->context) );
memcpy( br, ar, sizeof(*br) + ar->contextsize
- sizeof(ar->context) );
br->next = b->list;
b->list = br;
}
if( a->debug )
md_start_debug( b, "unknown" );
return b;
}
/****************
* Reset all contexts and discard any buffered stuff. This may be used
* instead of a md_close(); md_open().
*/
void
md_reset( MD_HANDLE a )
{
struct md_digest_list_s *r;
a->bufcount = a->finalized = 0;
for( r=a->list; r; r = r->next ) {
memset( r->context.c, 0, r->contextsize );
(*r->init)( &r->context.c );
}
}
void
md_close(MD_HANDLE a)
{
struct md_digest_list_s *r, *r2;
if( !a )
return;
if( a->debug )
md_stop_debug(a);
for(r=a->list; r; r = r2 ) {
r2 = r->next;
m_free(r);
}
m_free(a);
}
void
md_write( MD_HANDLE a, const byte *inbuf, size_t inlen)
{
struct md_digest_list_s *r;
if( a->debug ) {
if( a->bufcount && fwrite(a->buffer, a->bufcount, 1, a->debug ) != 1 )
BUG();
if( inlen && fwrite(inbuf, inlen, 1, a->debug ) != 1 )
BUG();
}
for(r=a->list; r; r = r->next ) {
(*r->write)( &r->context.c, a->buffer, a->bufcount );
/* Fixme: all ->write fnc should take a const byte* */
(*r->write)( &r->context.c, (byte*)inbuf, inlen );
}
a->bufcount = 0;
}
void
md_final(MD_HANDLE a)
{
struct md_digest_list_s *r;
if( a->finalized )
return;
if( a->bufcount )
md_write( a, NULL, 0 );
for(r=a->list; r; r = r->next ) {
(*r->final)( &r->context.c );
}
a->finalized = 1;
}
/****************
* if ALGO is null get the digest for the used algo (which should be only one)
*/
byte *
md_read( MD_HANDLE a, int algo )
{
struct md_digest_list_s *r;
if( !algo ) { /* return the first algorithm */
if( (r=a->list) ) {
if( r->next )
log_debug("more than algorithm in md_read(0)\n");
return (*r->read)( &r->context.c );
}
}
else {
for(r=a->list; r; r = r->next )
if( r->algo == algo )
return (*r->read)( &r->context.c );
}
BUG();
return NULL;
}
/****************
* This function combines md_final and md_read but keeps the context
* intact. This function can be used to calculate intermediate
* digests. The digest is copied into buffer and the digestlength is
* returned. If buffer is NULL only the needed size for buffer is returned.
* buflen gives the max size of buffer. If the buffer is too shourt to
* hold the complete digest, the buffer is filled with as many bytes are
* possible and this value is returned.
*/
int
md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen )
{
struct md_digest_list_s *r = NULL;
char *context;
char *digest;
if( a->bufcount )
md_write( a, NULL, 0 );
if( !algo ) { /* return digest for the first algorithm */
if( (r=a->list) && r->next )
log_debug("more than algorithm in md_digest(0)\n");
}
else {
for(r=a->list; r; r = r->next )
if( r->algo == algo )
break;
}
if( !r )
BUG();
if( !buffer )
return r->mdlen;
/* I don't want to change the interface, so I simply work on a copy
* the context (extra overhead - should be fixed)*/
context = a->secure ? m_alloc_secure( r->contextsize )
: m_alloc( r->contextsize );
memcpy( context, r->context.c, r->contextsize );
(*r->final)( context );
digest = (*r->read)( context );
if( buflen > r->mdlen )
buflen = r->mdlen;
memcpy( buffer, digest, buflen );
m_free(context);
return buflen;
}
int
md_get_algo( MD_HANDLE a )
{
struct md_digest_list_s *r;
if( (r=a->list) ) {
if( r->next )
log_error("WARNING: more than algorithm in md_get_algo()\n");
return r->algo;
}
return 0;
}
/****************
* Return the length of the digest
*/
int
md_digest_length( int algo )
{
struct md_digest_list_s *r;
do {
for(r = digest_list; r; r = r->next ) {
if( r->algo == algo )
return r->mdlen;
}
- } while( !r && load_digest_module( algo ) );
+ } while( !r && load_digest_module () );
log_error("WARNING: no length for md algo %d\n", algo);
return 0;
}
/* Hmmm: add a mode to enumerate the OIDs
* to make g10/sig-check.c more portable */
const byte *
md_asn_oid( int algo, size_t *asnlen, size_t *mdlen )
{
struct md_digest_list_s *r;
do {
for(r = digest_list; r; r = r->next ) {
if( r->algo == algo ) {
if( asnlen )
*asnlen = r->asnlen;
if( mdlen )
*mdlen = r->mdlen;
return r->asnoid;
}
}
- } while( !r && load_digest_module( algo ) );
+ } while( !r && load_digest_module () );
log_bug("no asn for md algo %d\n", algo);
return NULL;
}
void
md_start_debug( MD_HANDLE md, const char *suffix )
{
static int idx=0;
char buf[25];
if( md->debug ) {
log_debug("Oops: md debug already started\n");
return;
}
idx++;
sprintf(buf, "dbgmd-%05d" EXTSEP_S "%.10s", idx, suffix );
md->debug = fopen(buf, "w");
if( !md->debug )
log_debug("md debug: can't open %s\n", buf );
}
void
md_stop_debug( MD_HANDLE md )
{
if( md->debug ) {
if( md->bufcount )
md_write( md, NULL, 0 );
fclose(md->debug);
md->debug = NULL;
}
- #ifdef HAVE_U64_TYPEDEF
+#ifdef HAVE_U64_TYPEDEF
{ /* a kludge to pull in the __muldi3 for Solaris */
volatile u32 a = (u32)(ulong)md;
volatile u64 b = 42;
volatile u64 c;
c = a * b;
}
- #endif
+#endif
}
diff --git a/cipher/md5.c b/cipher/md5.c
index ef6886eb4..ca605b6fd 100644
--- a/cipher/md5.c
+++ b/cipher/md5.c
@@ -1,427 +1,367 @@
/* md5.c - MD5 Message-Digest Algorithm
* Copyright (C) 1995, 1996, 1998, 1999,
* 2000, 2001 Free Software Foundation, Inc.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2, or (at your option) any
* later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* According to the definition of MD5 in RFC 1321 from April 1992.
* NOTE: This is *not* the same file as the one from glibc.
*/
/* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
/* Heavily modified for GnuPG by <wk@gnupg.org> */
/* Test values:
* "" D4 1D 8C D9 8F 00 B2 04 E9 80 09 98 EC F8 42 7E
* "a" 0C C1 75 B9 C0 F1 B6 A8 31 C3 99 E2 69 77 26 61
* "abc 90 01 50 98 3C D2 4F B0 D6 96 3F 7D 28 E1 7F 72
* "message digest" F9 6B 69 7D 7C B7 93 8D 52 5A 2F 31 AA F1 61 D0
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
-#include "dynload.h"
+#include "algorithms.h"
#include "bithelp.h"
typedef struct {
u32 A,B,C,D; /* chaining variables */
u32 nblocks;
byte buf[64];
int count;
} MD5_CONTEXT;
static void
md5_init( MD5_CONTEXT *ctx )
{
ctx->A = 0x67452301;
ctx->B = 0xefcdab89;
ctx->C = 0x98badcfe;
ctx->D = 0x10325476;
ctx->nblocks = 0;
ctx->count = 0;
}
/* These are the four functions used in the four steps of the MD5 algorithm
and defined in the RFC 1321. The first function is a little bit optimized
(as found in Colin Plumbs public domain implementation). */
/* #define FF(b, c, d) ((b & c) | (~b & d)) */
#define FF(b, c, d) (d ^ (b & (c ^ d)))
#define FG(b, c, d) FF (d, b, c)
#define FH(b, c, d) (b ^ c ^ d)
#define FI(b, c, d) (c ^ (b | ~d))
static void
burn_stack (int bytes)
{
char buf[128];
memset (buf, 0, sizeof buf);
bytes -= sizeof buf;
if (bytes > 0)
burn_stack (bytes);
}
/****************
* transform n*64 bytes
*/
static void
/*transform( MD5_CONTEXT *ctx, const void *buffer, size_t len )*/
transform( MD5_CONTEXT *ctx, byte *data )
{
u32 correct_words[16];
u32 A = ctx->A;
u32 B = ctx->B;
u32 C = ctx->C;
u32 D = ctx->D;
u32 *cwp = correct_words;
#ifdef BIG_ENDIAN_HOST
{ int i;
byte *p2, *p1;
for(i=0, p1=data, p2=(byte*)correct_words; i < 16; i++, p2 += 4 ) {
p2[3] = *p1++;
p2[2] = *p1++;
p2[1] = *p1++;
p2[0] = *p1++;
}
}
#else
memcpy( correct_words, data, 64 );
#endif
#define OP(a, b, c, d, s, T) \
do \
{ \
a += FF (b, c, d) + (*cwp++) + T; \
a = rol(a, s); \
a += b; \
} \
while (0)
/* Before we start, one word about the strange constants.
They are defined in RFC 1321 as
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
*/
/* Round 1. */
OP (A, B, C, D, 7, 0xd76aa478);
OP (D, A, B, C, 12, 0xe8c7b756);
OP (C, D, A, B, 17, 0x242070db);
OP (B, C, D, A, 22, 0xc1bdceee);
OP (A, B, C, D, 7, 0xf57c0faf);
OP (D, A, B, C, 12, 0x4787c62a);
OP (C, D, A, B, 17, 0xa8304613);
OP (B, C, D, A, 22, 0xfd469501);
OP (A, B, C, D, 7, 0x698098d8);
OP (D, A, B, C, 12, 0x8b44f7af);
OP (C, D, A, B, 17, 0xffff5bb1);
OP (B, C, D, A, 22, 0x895cd7be);
OP (A, B, C, D, 7, 0x6b901122);
OP (D, A, B, C, 12, 0xfd987193);
OP (C, D, A, B, 17, 0xa679438e);
OP (B, C, D, A, 22, 0x49b40821);
#undef OP
#define OP(f, a, b, c, d, k, s, T) \
do \
{ \
a += f (b, c, d) + correct_words[k] + T; \
a = rol(a, s); \
a += b; \
} \
while (0)
/* Round 2. */
OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
OP (FG, D, A, B, C, 6, 9, 0xc040b340);
OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
OP (FG, D, A, B, C, 10, 9, 0x02441453);
OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
/* Round 3. */
OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
OP (FH, D, A, B, C, 8, 11, 0x8771f681);
OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
OP (FH, B, C, D, A, 6, 23, 0x04881d05);
OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
/* Round 4. */
OP (FI, A, B, C, D, 0, 6, 0xf4292244);
OP (FI, D, A, B, C, 7, 10, 0x432aff97);
OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
OP (FI, C, D, A, B, 6, 15, 0xa3014314);
OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
/* Put checksum in context given as argument. */
ctx->A += A;
ctx->B += B;
ctx->C += C;
ctx->D += D;
}
/* The routine updates the message-digest context to
* account for the presence of each of the characters inBuf[0..inLen-1]
* in the message whose digest is being computed.
*/
static void
md5_write( MD5_CONTEXT *hd, byte *inbuf, size_t inlen)
{
if( hd->count == 64 ) { /* flush the buffer */
transform( hd, hd->buf );
burn_stack (80+6*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->count ) {
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
md5_write( hd, NULL, 0 );
if( !inlen )
return;
}
while( inlen >= 64 ) {
transform( hd, inbuf );
hd->count = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
burn_stack (80+6*sizeof(void*));
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
}
/* The routine final terminates the message-digest computation and
* ends with the desired message digest in mdContext->digest[0...15].
* The handle is prepared for a new MD5 cycle.
* Returns 16 bytes representing the digest.
*/
static void
md5_final( MD5_CONTEXT *hd )
{
u32 t, msb, lsb;
byte *p;
md5_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a byte count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) { /* enough room */
hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else { /* need one extra block */
hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
md5_write(hd, NULL, 0); /* flush */;
memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = lsb ;
hd->buf[57] = lsb >> 8;
hd->buf[58] = lsb >> 16;
hd->buf[59] = lsb >> 24;
hd->buf[60] = msb ;
hd->buf[61] = msb >> 8;
hd->buf[62] = msb >> 16;
hd->buf[63] = msb >> 24;
transform( hd, hd->buf );
burn_stack (80+6*sizeof(void*));
p = hd->buf;
#ifdef BIG_ENDIAN_HOST
#define X(a) do { *p++ = hd-> a ; *p++ = hd-> a >> 8; \
*p++ = hd-> a >> 16; *p++ = hd-> a >> 24; } while(0)
#else /* little endian */
#define X(a) do { *(u32*)p = hd-> a ; p += 4; } while(0)
#endif
X(A);
X(B);
X(C);
X(D);
#undef X
}
static byte *
md5_read( MD5_CONTEXT *hd )
{
return hd->buf;
}
/****************
* Return some information about the algorithm. We need algo here to
* distinguish different flavors of the algorithm.
* Returns: A pointer to string describing the algorithm or NULL if
* the ALGO is invalid.
*/
-static const char *
+const char *
md5_get_info( int algo, size_t *contextsize,
byte **r_asnoid, int *r_asnlen, int *r_mdlen,
void (**r_init)( void *c ),
void (**r_write)( void *c, byte *buf, size_t nbytes ),
void (**r_final)( void *c ),
byte *(**r_read)( void *c )
)
{
static byte asn[18] = /* Object ID is 1.2.840.113549.2.5 */
{ 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86,0x48,
0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 };
if( algo != 1 )
return NULL;
*contextsize = sizeof(MD5_CONTEXT);
*r_asnoid = asn;
*r_asnlen = DIM(asn);
*r_mdlen = 16;
*(void (**)(MD5_CONTEXT *))r_init = md5_init;
*(void (**)(MD5_CONTEXT *, byte*, size_t))r_write = md5_write;
*(void (**)(MD5_CONTEXT *))r_final = md5_final;
*(byte *(**)(MD5_CONTEXT *))r_read = md5_read;
return "MD5";
}
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "MD5 ($Revision$)";
-
-static struct {
- int class;
- int version;
- int value;
- void (*func)(void);
-} func_table[] = {
- { 10, 1, 0, (void(*)(void))md5_get_info },
- { 11, 1, 1 },
-};
-
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if( i >= DIM(func_table) || i < 0 )
- return NULL;
- *class = func_table[i].class;
- *vers = func_table[i].version;
- switch( *class ) {
- case 11: case 21: case 31: ret = &func_table[i].value; break;
-#ifndef __riscos__
- default: ret = func_table[i].func; break;
-#else /* __riscos__ */
- default: ret = (void *) func_table[i].func; break;
-#endif /* __riscos__ */
- }
- i++;
- } while( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-
-
-
-#ifndef IS_MODULE
-void
-md5_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version, gnupgext_enum_func );
-}
-#endif
-
-
-
-/* end of file */
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 9136fa544..853c518be 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -1,618 +1,559 @@
/* pubkey.c - pubkey dispatcher
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "util.h"
#include "errors.h"
#include "mpi.h"
#include "cipher.h"
#include "elgamal.h"
#include "dsa.h"
#include "rsa.h"
-#include "dynload.h"
-
#define TABLE_SIZE 10
struct pubkey_table_s {
const char *name;
int algo;
int npkey;
int nskey;
int nenc;
int nsig;
int use;
int (*generate)( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
int (*check_secret_key)( int algo, MPI *skey );
int (*encrypt)( int algo, MPI *resarr, MPI data, MPI *pkey );
int (*decrypt)( int algo, MPI *result, MPI *data, MPI *skey );
int (*sign)( int algo, MPI *resarr, MPI data, MPI *skey );
int (*verify)( int algo, MPI hash, MPI *data, MPI *pkey,
int (*cmp)(void *, MPI), void *opaquev );
unsigned (*get_nbits)( int algo, MPI *pkey );
};
static struct pubkey_table_s pubkey_table[TABLE_SIZE];
static int disabled_algos[TABLE_SIZE];
+#if 0
static int
dummy_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
{ log_bug("no generate() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
static int
dummy_check_secret_key( int algo, MPI *skey )
{ log_bug("no check_secret_key() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
+#endif
static int
dummy_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
{ log_bug("no encrypt() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
static int
dummy_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
{ log_bug("no decrypt() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
static int
dummy_sign( int algo, MPI *resarr, MPI data, MPI *skey )
{ log_bug("no sign() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
static int
dummy_verify( int algo, MPI hash, MPI *data, MPI *pkey,
int (*cmp)(void *, MPI), void *opaquev )
{ log_bug("no verify() for %d\n", algo ); return G10ERR_PUBKEY_ALGO; }
+#if 0
static unsigned
dummy_get_nbits( int algo, MPI *pkey )
{ log_bug("no get_nbits() for %d\n", algo ); return 0; }
-
+#endif
/****************
* Put the static entries into the table.
* This is out constructor function which fill the table
* of algorithms with the one we have statically linked.
*/
static void
setup_pubkey_table(void)
{
int i;
i = 0;
pubkey_table[i].algo = PUBKEY_ALGO_ELGAMAL;
pubkey_table[i].name = elg_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = elg_generate;
pubkey_table[i].check_secret_key = elg_check_secret_key;
pubkey_table[i].encrypt = elg_encrypt;
pubkey_table[i].decrypt = elg_decrypt;
pubkey_table[i].sign = elg_sign;
pubkey_table[i].verify = elg_verify;
pubkey_table[i].get_nbits = elg_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
pubkey_table[i].algo = PUBKEY_ALGO_ELGAMAL_E;
pubkey_table[i].name = elg_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = elg_generate;
pubkey_table[i].check_secret_key = elg_check_secret_key;
pubkey_table[i].encrypt = elg_encrypt;
pubkey_table[i].decrypt = elg_decrypt;
pubkey_table[i].sign = elg_sign;
pubkey_table[i].verify = elg_verify;
pubkey_table[i].get_nbits = elg_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
pubkey_table[i].algo = PUBKEY_ALGO_DSA;
pubkey_table[i].name = dsa_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = dsa_generate;
pubkey_table[i].check_secret_key = dsa_check_secret_key;
pubkey_table[i].encrypt = dummy_encrypt;
pubkey_table[i].decrypt = dummy_decrypt;
pubkey_table[i].sign = dsa_sign;
pubkey_table[i].verify = dsa_verify;
pubkey_table[i].get_nbits = dsa_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
pubkey_table[i].algo = PUBKEY_ALGO_RSA;
pubkey_table[i].name = rsa_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = rsa_generate;
pubkey_table[i].check_secret_key = rsa_check_secret_key;
pubkey_table[i].encrypt = rsa_encrypt;
pubkey_table[i].decrypt = rsa_decrypt;
pubkey_table[i].sign = rsa_sign;
pubkey_table[i].verify = rsa_verify;
pubkey_table[i].get_nbits = rsa_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
pubkey_table[i].algo = PUBKEY_ALGO_RSA_E;
pubkey_table[i].name = rsa_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = rsa_generate;
pubkey_table[i].check_secret_key = rsa_check_secret_key;
pubkey_table[i].encrypt = rsa_encrypt;
pubkey_table[i].decrypt = rsa_decrypt;
pubkey_table[i].sign = dummy_sign;
pubkey_table[i].verify = dummy_verify;
pubkey_table[i].get_nbits = rsa_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
pubkey_table[i].algo = PUBKEY_ALGO_RSA_S;
pubkey_table[i].name = rsa_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
&pubkey_table[i].nskey,
&pubkey_table[i].nenc,
&pubkey_table[i].nsig,
&pubkey_table[i].use );
pubkey_table[i].generate = rsa_generate;
pubkey_table[i].check_secret_key = rsa_check_secret_key;
pubkey_table[i].encrypt = dummy_encrypt;
pubkey_table[i].decrypt = dummy_decrypt;
pubkey_table[i].sign = rsa_sign;
pubkey_table[i].verify = rsa_verify;
pubkey_table[i].get_nbits = rsa_get_nbits;
if( !pubkey_table[i].name )
BUG();
i++;
for( ; i < TABLE_SIZE; i++ )
pubkey_table[i].name = NULL;
}
/****************
* Try to load all modules and return true if new modules are available
*/
static int
load_pubkey_modules(void)
{
static int initialized = 0;
- static int done = 0;
- void *context = NULL;
- struct pubkey_table_s *ct;
- int ct_idx;
- int i;
- const char *name;
- int any = 0;
-
if( !initialized ) {
- cipher_modules_constructor();
setup_pubkey_table();
initialized = 1;
return 1;
}
- if( done )
- return 0;
- done = 1;
- for(ct_idx=0, ct = pubkey_table; ct_idx < TABLE_SIZE; ct_idx++,ct++ ) {
- if( !ct->name )
- break;
- }
- if( ct_idx >= TABLE_SIZE-1 )
- BUG(); /* table already full */
- /* now load all extensions */
- while( (name = enum_gnupgext_pubkeys( &context, &ct->algo,
- &ct->npkey, &ct->nskey, &ct->nenc,
- &ct->nsig, &ct->use,
- &ct->generate,
- &ct->check_secret_key,
- &ct->encrypt,
- &ct->decrypt,
- &ct->sign,
- &ct->verify,
- &ct->get_nbits )) ) {
- for(i=0; pubkey_table[i].name; i++ )
- if( pubkey_table[i].algo == ct->algo )
- break;
- if( pubkey_table[i].name ) {
- log_info("skipping pubkey %d: already loaded\n", ct->algo );
- continue;
- }
-
- if( !ct->generate ) ct->generate = dummy_generate;
- if( !ct->check_secret_key ) ct->check_secret_key =
- dummy_check_secret_key;
- if( !ct->encrypt ) ct->encrypt = dummy_encrypt;
- if( !ct->decrypt ) ct->decrypt = dummy_decrypt;
- if( !ct->sign ) ct->sign = dummy_sign;
- if( !ct->verify ) ct->verify = dummy_verify;
- if( !ct->get_nbits ) ct->get_nbits= dummy_get_nbits;
- /* put it into the table */
- if( g10_opt_verbose > 1 )
- log_info("loaded pubkey %d (%s)\n", ct->algo, name);
- ct->name = name;
- ct_idx++;
- ct++;
- any = 1;
- /* check whether there are more available table slots */
- if( ct_idx >= TABLE_SIZE-1 ) {
- log_info("pubkey table full; ignoring other extensions\n");
- break;
- }
- }
- enum_gnupgext_pubkeys( &context, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, NULL, NULL, NULL );
- return any;
+ return 0;
}
/****************
* Map a string to the pubkey algo
*/
int
string_to_pubkey_algo( const char *string )
{
int i;
const char *s;
do {
for(i=0; (s=pubkey_table[i].name); i++ )
if( !ascii_strcasecmp( s, string ) )
return pubkey_table[i].algo;
} while( load_pubkey_modules() );
return 0;
}
/****************
* Map a pubkey algo to a string
*/
const char *
pubkey_algo_to_string( int algo )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].name;
} while( load_pubkey_modules() );
return NULL;
}
void
disable_pubkey_algo( int algo )
{
int i;
for(i=0; i < DIM(disabled_algos); i++ ) {
if( !disabled_algos[i] || disabled_algos[i] == algo ) {
disabled_algos[i] = algo;
return;
}
}
log_fatal("can't disable pubkey algo %d: table full\n", algo );
}
int
check_pubkey_algo( int algo )
{
return check_pubkey_algo2( algo, 0 );
}
/****************
* a use of 0 means: don't care
*/
int
check_pubkey_algo2( int algo, unsigned use )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo ) {
if( (use & PUBKEY_USAGE_SIG)
&& !(pubkey_table[i].use & PUBKEY_USAGE_SIG) )
return G10ERR_WR_PUBKEY_ALGO;
if( (use & PUBKEY_USAGE_ENC)
&& !(pubkey_table[i].use & PUBKEY_USAGE_ENC) )
return G10ERR_WR_PUBKEY_ALGO;
for(i=0; i < DIM(disabled_algos); i++ ) {
if( disabled_algos[i] == algo )
return G10ERR_PUBKEY_ALGO;
}
return 0; /* okay */
}
} while( load_pubkey_modules() );
return G10ERR_PUBKEY_ALGO;
}
/****************
* Return the number of public key material numbers
*/
int
pubkey_get_npkey( int algo )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].npkey;
} while( load_pubkey_modules() );
return 0;
}
/****************
* Return the number of secret key material numbers
*/
int
pubkey_get_nskey( int algo )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nskey;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 6; /* see the RSA keyids */
return 0;
}
/****************
* Return the number of signature material numbers
*/
int
pubkey_get_nsig( int algo )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nsig;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 1; /* see the RSA keyids */
return 0;
}
/****************
* Return the number of encryption material numbers
*/
int
pubkey_get_nenc( int algo )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nenc;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 1; /* see the RSA keyids */
return 0;
}
/****************
* Get the number of nbits from the public key
*/
unsigned
pubkey_nbits( int algo, MPI *pkey )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return (*pubkey_table[i].get_nbits)( algo, pkey );
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* we always wanna see the length of a key :-) */
return mpi_get_nbits( pkey[0] );
return 0;
}
int
pubkey_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return (*pubkey_table[i].generate)( algo, nbits,
skey, retfactors );
} while( load_pubkey_modules() );
return G10ERR_PUBKEY_ALGO;
}
int
pubkey_check_secret_key( int algo, MPI *skey )
{
int i;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return (*pubkey_table[i].check_secret_key)( algo, skey );
} while( load_pubkey_modules() );
return G10ERR_PUBKEY_ALGO;
}
/****************
* This is the interface to the public key encryption.
* Encrypt DATA with PKEY and put it into RESARR which
* should be an array of MPIs of size PUBKEY_MAX_NENC (or less if the
* algorithm allows this - check with pubkey_get_nenc() )
*/
int
pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
{
int i, rc;
if( DBG_CIPHER ) {
log_debug("pubkey_encrypt: algo=%d\n", algo );
for(i=0; i < pubkey_get_npkey(algo); i++ )
log_mpidump(" pkey:", pkey[i] );
log_mpidump(" data:", data );
}
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo ) {
rc = (*pubkey_table[i].encrypt)( algo, resarr, data, pkey );
goto ready;
}
} while( load_pubkey_modules() );
rc = G10ERR_PUBKEY_ALGO;
ready:
if( !rc && DBG_CIPHER ) {
for(i=0; i < pubkey_get_nenc(algo); i++ )
log_mpidump(" encr:", resarr[i] );
}
return rc;
}
/****************
* This is the interface to the public key decryption.
* ALGO gives the algorithm to use and this implicitly determines
* the size of the arrays.
* result is a pointer to a mpi variable which will receive a
* newly allocated mpi or NULL in case of an error.
*/
int
pubkey_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
{
int i, rc;
*result = NULL; /* so the caller can always do an mpi_free */
if( DBG_CIPHER ) {
log_debug("pubkey_decrypt: algo=%d\n", algo );
for(i=0; i < pubkey_get_nskey(algo); i++ )
log_mpidump(" skey:", skey[i] );
for(i=0; i < pubkey_get_nenc(algo); i++ )
log_mpidump(" data:", data[i] );
}
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo ) {
rc = (*pubkey_table[i].decrypt)( algo, result, data, skey );
goto ready;
}
} while( load_pubkey_modules() );
rc = G10ERR_PUBKEY_ALGO;
ready:
if( !rc && DBG_CIPHER ) {
log_mpidump(" plain:", *result );
}
return rc;
}
/****************
* This is the interface to the public key signing.
* Sign data with skey and put the result into resarr which
* should be an array of MPIs of size PUBKEY_MAX_NSIG (or less if the
* algorithm allows this - check with pubkey_get_nsig() )
*/
int
pubkey_sign( int algo, MPI *resarr, MPI data, MPI *skey )
{
int i, rc;
if( DBG_CIPHER ) {
log_debug("pubkey_sign: algo=%d\n", algo );
for(i=0; i < pubkey_get_nskey(algo); i++ )
log_mpidump(" skey:", skey[i] );
log_mpidump(" data:", data );
}
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo ) {
rc = (*pubkey_table[i].sign)( algo, resarr, data, skey );
goto ready;
}
} while( load_pubkey_modules() );
rc = G10ERR_PUBKEY_ALGO;
ready:
if( !rc && DBG_CIPHER ) {
for(i=0; i < pubkey_get_nsig(algo); i++ )
log_mpidump(" sig:", resarr[i] );
}
return rc;
}
/****************
* Verify a public key signature.
* Return 0 if the signature is good
*/
int
pubkey_verify( int algo, MPI hash, MPI *data, MPI *pkey,
int (*cmp)(void *, MPI), void *opaquev )
{
int i, rc;
do {
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo ) {
rc = (*pubkey_table[i].verify)( algo, hash, data, pkey,
cmp, opaquev );
goto ready;
}
} while( load_pubkey_modules() );
rc = G10ERR_PUBKEY_ALGO;
ready:
return rc;
}
diff --git a/cipher/rand-internal.h b/cipher/rand-internal.h
index 6f5b52bae..eb81174f8 100644
--- a/cipher/rand-internal.h
+++ b/cipher/rand-internal.h
@@ -1,31 +1,35 @@
/* rand-internal.h - header to glue the random functions
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_RAND_INTERNAL_H
#define G10_RAND_INTERNAL_H
-void rndlinux_constructor(void);
-void rndunix_constructor(void);
-void rndw32_constructor(void);
-void rndos2_constructor(void);
-void rndatari_constructor(void);
-void rndmvs_constructor(void);
-void rndriscos_constructor(void);
+int rndunix_gather_random (void (*add)(const void*, size_t, int),
+ int requester, size_t length, int level);
+int rndlinux_gather_random (void (*add)(const void*, size_t, int),
+ int requester, size_t length, int level);
+int rndegd_gather_random (void (*add)(const void*, size_t, int),
+ int requester, size_t length, int level );
+int rndw32_gather_random (void (*add)(const void*, size_t, int),
+ int requester, size_t length, int level);
+int rndw32_gather_random_fast (void (*add)(const void*, size_t, int),
+ int requester );
+
#endif /*G10_RAND_INTERNAL_H*/
diff --git a/cipher/random.c b/cipher/random.c
index 2c958d9d4..1d7bf8a93 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -1,687 +1,717 @@
/* random.c - random number generator
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/****************
* This random number generator is modelled after the one described
* in Peter Gutmann's Paper: "Software Generation of Practically
* Strong Random Numbers".
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <errno.h>
#include <string.h>
#include <time.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <fcntl.h>
#ifdef HAVE_GETHRTIME
#include <sys/times.h>
#endif
#ifdef HAVE_GETTIMEOFDAY
#include <sys/times.h>
#endif
#ifdef HAVE_GETRUSAGE
#include <sys/resource.h>
#endif
#ifdef __MINGW32__
#include <process.h>
#endif
#include "util.h"
#include "rmd.h"
#include "ttyio.h"
#include "i18n.h"
#include "random.h"
#include "rand-internal.h"
-#include "dynload.h"
-
+#include "algorithms.h"
#ifndef RAND_MAX /* for SunOS */
#define RAND_MAX 32767
#endif
#if SIZEOF_UNSIGNED_LONG == 8
#define ADD_VALUE 0xa5a5a5a5a5a5a5a5
#elif SIZEOF_UNSIGNED_LONG == 4
#define ADD_VALUE 0xa5a5a5a5
#else
#error weird size for an unsigned long
#endif
#define BLOCKLEN 64 /* hash this amount of bytes */
#define DIGESTLEN 20 /* into a digest of this length (rmd160) */
/* poolblocks is the number of digests which make up the pool
* and poolsize must be a multiple of the digest length
* to make the AND operations faster, the size should also be
* a multiple of ulong
*/
#define POOLBLOCKS 30
#define POOLSIZE (POOLBLOCKS*DIGESTLEN)
#if (POOLSIZE % SIZEOF_UNSIGNED_LONG)
#error Please make sure that poolsize is a multiple of ulong
#endif
#define POOLWORDS (POOLSIZE / SIZEOF_UNSIGNED_LONG)
static int is_initialized;
#define MASK_LEVEL(a) do {if( a > 2 ) a = 2; else if( a < 0 ) a = 0; } while(0)
static char *rndpool; /* allocated size is POOLSIZE+BLOCKLEN */
static char *keypool; /* allocated size is POOLSIZE+BLOCKLEN */
static size_t pool_readpos;
static size_t pool_writepos;
static int pool_filled;
static int pool_balance;
static int just_mixed;
static int did_initial_extra_seeding;
static char *seed_file_name;
static int allow_seed_file_update;
static int secure_alloc;
static int quick_test;
static int faked_rng;
static void read_pool( byte *buffer, size_t length, int level );
static void add_randomness( const void *buffer, size_t length, int source );
static void random_poll(void);
static void read_random_source( int requester, size_t length, int level);
static int gather_faked( void (*add)(const void*, size_t, int), int requester,
size_t length, int level );
static struct {
ulong mixrnd;
ulong mixkey;
ulong slowpolls;
ulong fastpolls;
ulong getbytes1;
ulong ngetbytes1;
ulong getbytes2;
ulong ngetbytes2;
ulong addbytes;
ulong naddbytes;
} rndstats;
+
+static int (*
+getfnc_gather_random (void))(void (*)(const void*, size_t, int), int,
+ size_t, int)
+{
+#ifdef USE_RNDLINUX
+ return rndlinux_gather_random;
+#endif
+#ifdef USE_RNDUNIX
+ return rndunix_gather_random;
+#endif
+#ifdef USE_RNDEGD
+ return rndegd_gather_random;
+#endif
+#ifdef USE_RNDW32
+ return rndw32_gather_random;
+#endif
+ return NULL;
+}
+
+static void (*
+getfnc_fast_random_poll (void))( void (*)(const void*, size_t, int), int)
+{
+#ifdef USE_RNDW32
+ return rndw32_gather_random_fast;
+#endif
+ return NULL;
+}
+
+
+
static void
initialize(void)
{
/* The data buffer is allocated somewhat larger, so that
* we can use this extra space (which is allocated in secure memory)
* as a temporary hash buffer */
rndpool = secure_alloc ? m_alloc_secure_clear(POOLSIZE+BLOCKLEN)
: m_alloc_clear(POOLSIZE+BLOCKLEN);
keypool = secure_alloc ? m_alloc_secure_clear(POOLSIZE+BLOCKLEN)
: m_alloc_clear(POOLSIZE+BLOCKLEN);
is_initialized = 1;
- cipher_modules_constructor();
}
static void
burn_stack (int bytes)
{
char buf[128];
memset (buf, 0, sizeof buf);
bytes -= sizeof buf;
if (bytes > 0)
burn_stack (bytes);
}
void
random_dump_stats()
{
fprintf(stderr,
"random usage: poolsize=%d mixed=%lu polls=%lu/%lu added=%lu/%lu\n"
" outmix=%lu getlvl1=%lu/%lu getlvl2=%lu/%lu\n",
POOLSIZE, rndstats.mixrnd, rndstats.slowpolls, rndstats.fastpolls,
rndstats.naddbytes, rndstats.addbytes,
rndstats.mixkey, rndstats.ngetbytes1, rndstats.getbytes1,
rndstats.ngetbytes2, rndstats.getbytes2 );
}
void
secure_random_alloc()
{
secure_alloc = 1;
}
int
quick_random_gen( int onoff )
{
int last;
read_random_source(0,0,0); /* init */
last = quick_test;
if( onoff != -1 )
quick_test = onoff;
return faked_rng? 1 : last;
}
/****************
* Fill the buffer with LENGTH bytes of cryptographically strong
* random bytes. level 0 is not very strong, 1 is strong enough
* for most usage, 2 is good for key generation stuff but may be very slow.
*/
void
randomize_buffer( byte *buffer, size_t length, int level )
{
char *p = get_random_bits( length*8, level, 1 );
memcpy( buffer, p, length );
m_free(p);
}
int
random_is_faked()
{
if( !is_initialized )
initialize();
return faked_rng || quick_test;
}
/****************
* Return a pointer to a randomized buffer of level 0 and LENGTH bits
* caller must free the buffer.
* Note: The returned value is rounded up to bytes.
*/
byte *
get_random_bits( size_t nbits, int level, int secure )
{
byte *buf, *p;
size_t nbytes = (nbits+7)/8;
if( quick_test && level > 1 )
level = 1;
MASK_LEVEL(level);
if( level == 1 ) {
rndstats.getbytes1 += nbytes;
rndstats.ngetbytes1++;
}
else if( level >= 2 ) {
rndstats.getbytes2 += nbytes;
rndstats.ngetbytes2++;
}
buf = secure && secure_alloc ? m_alloc_secure( nbytes ) : m_alloc( nbytes );
for( p = buf; nbytes > 0; ) {
size_t n = nbytes > POOLSIZE? POOLSIZE : nbytes;
read_pool( p, n, level );
nbytes -= n;
p += n;
}
return buf;
}
/****************
* Mix the pool
*/
static void
mix_pool(byte *pool)
{
char *hashbuf = pool + POOLSIZE;
char *p, *pend;
int i, n;
RMD160_CONTEXT md;
rmd160_init( &md );
#if DIGESTLEN != 20
#error must have a digest length of 20 for ripe-md-160
#endif
/* loop over the pool */
pend = pool + POOLSIZE;
memcpy(hashbuf, pend - DIGESTLEN, DIGESTLEN );
memcpy(hashbuf+DIGESTLEN, pool, BLOCKLEN-DIGESTLEN);
rmd160_mixblock( &md, hashbuf);
memcpy(pool, hashbuf, 20 );
p = pool;
for( n=1; n < POOLBLOCKS; n++ ) {
memcpy(hashbuf, p, DIGESTLEN );
p += DIGESTLEN;
if( p+DIGESTLEN+BLOCKLEN < pend )
memcpy(hashbuf+DIGESTLEN, p+DIGESTLEN, BLOCKLEN-DIGESTLEN);
else {
char *pp = p+DIGESTLEN;
for(i=DIGESTLEN; i < BLOCKLEN; i++ ) {
if( pp >= pend )
pp = pool;
hashbuf[i] = *pp++;
}
}
rmd160_mixblock( &md, hashbuf);
memcpy(p, hashbuf, 20 );
}
burn_stack (384); /* for the rmd160_mixblock() */
}
void
set_random_seed_file( const char *name )
{
if( seed_file_name )
BUG();
seed_file_name = m_strdup( name );
}
/****************
* Read in a seed form the random_seed file
* and return true if this was successful
*/
static int
read_seed_file(void)
{
int fd;
struct stat sb;
unsigned char buffer[POOLSIZE];
int n;
if( !seed_file_name )
return 0;
#ifdef HAVE_DOSISH_SYSTEM
fd = open( seed_file_name, O_RDONLY | O_BINARY );
#else
fd = open( seed_file_name, O_RDONLY );
#endif
if( fd == -1 && errno == ENOENT) {
allow_seed_file_update = 1;
return 0;
}
if( fd == -1 ) {
log_info(_("can't open `%s': %s\n"), seed_file_name, strerror(errno) );
return 0;
}
if( fstat( fd, &sb ) ) {
log_info(_("can't stat `%s': %s\n"), seed_file_name, strerror(errno) );
close(fd);
return 0;
}
if( !S_ISREG(sb.st_mode) ) {
log_info(_("`%s' is not a regular file - ignored\n"), seed_file_name );
close(fd);
return 0;
}
if( !sb.st_size ) {
log_info(_("note: random_seed file is empty\n") );
close(fd);
allow_seed_file_update = 1;
return 0;
}
if( sb.st_size != POOLSIZE ) {
log_info(_("WARNING: invalid size of random_seed file - not used\n") );
close(fd);
return 0;
}
do {
n = read( fd, buffer, POOLSIZE );
} while( n == -1 && errno == EINTR );
if( n != POOLSIZE ) {
log_fatal(_("can't read `%s': %s\n"), seed_file_name,strerror(errno) );
close(fd);
return 0;
}
close(fd);
add_randomness( buffer, POOLSIZE, 0 );
/* add some minor entropy to the pool now (this will also force a mixing) */
{ pid_t x = getpid();
add_randomness( &x, sizeof(x), 0 );
}
{ time_t x = time(NULL);
add_randomness( &x, sizeof(x), 0 );
}
{ clock_t x = clock();
add_randomness( &x, sizeof(x), 0 );
}
/* And read a few bytes from our entropy source. By using
* a level of 0 this will not block and might not return anything
* with some entropy drivers, however the rndlinux driver will use
* /dev/urandom and return some stuff - Do not read to much as we
* want to be friendly to the scare system entropy resource. */
read_random_source( 0, 16, 0 );
allow_seed_file_update = 1;
return 1;
}
void
update_random_seed_file()
{
ulong *sp, *dp;
int fd, i;
if( !seed_file_name || !is_initialized || !pool_filled )
return;
if( !allow_seed_file_update ) {
log_info(_("note: random_seed file not updated\n"));
return;
}
/* copy the entropy pool to a scratch pool and mix both of them */
for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
i < POOLWORDS; i++, dp++, sp++ ) {
*dp = *sp + ADD_VALUE;
}
mix_pool(rndpool); rndstats.mixrnd++;
mix_pool(keypool); rndstats.mixkey++;
#ifdef HAVE_DOSISH_SYSTEM
fd = open( seed_file_name, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,
S_IRUSR|S_IWUSR );
#else
fd = open( seed_file_name, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR );
#endif
if( fd == -1 ) {
log_info(_("can't create `%s': %s\n"), seed_file_name, strerror(errno) );
return;
}
do {
i = write( fd, keypool, POOLSIZE );
} while( i == -1 && errno == EINTR );
if( i != POOLSIZE ) {
log_info(_("can't write `%s': %s\n"), seed_file_name, strerror(errno) );
}
if( close(fd) )
log_info(_("can't close `%s': %s\n"), seed_file_name, strerror(errno) );
}
static void
read_pool( byte *buffer, size_t length, int level )
{
int i;
ulong *sp, *dp;
if( length > POOLSIZE ) {
log_bug("too many random bits requested\n");
}
if( !pool_filled ) {
if( read_seed_file() )
pool_filled = 1;
}
/* For level 2 quality (key generation) we alwas make
* sure that the pool has been seeded enough initially */
if( level == 2 && !did_initial_extra_seeding ) {
size_t needed;
pool_balance = 0;
needed = length - pool_balance;
if( needed < POOLSIZE/2 )
needed = POOLSIZE/2;
else if( needed > POOLSIZE )
BUG();
read_random_source( 3, needed, 2 );
pool_balance += needed;
did_initial_extra_seeding=1;
}
/* for level 2 make sure that there is enough random in the pool */
if( level == 2 && pool_balance < length ) {
size_t needed;
if( pool_balance < 0 )
pool_balance = 0;
needed = length - pool_balance;
if( needed > POOLSIZE )
BUG();
read_random_source( 3, needed, 2 );
pool_balance += needed;
}
/* make sure the pool is filled */
while( !pool_filled )
random_poll();
/* do always a fast random poll */
fast_random_poll();
if( !level ) { /* no need for cryptographic strong random */
/* create a new pool */
for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
i < POOLWORDS; i++, dp++, sp++ )
*dp = *sp + ADD_VALUE;
/* must mix both pools */
mix_pool(rndpool); rndstats.mixrnd++;
mix_pool(keypool); rndstats.mixkey++;
memcpy( buffer, keypool, length );
}
else {
/* mix the pool (if add_randomness() didn't it) */
if( !just_mixed ) {
mix_pool(rndpool);
rndstats.mixrnd++;
}
/* create a new pool */
for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
i < POOLWORDS; i++, dp++, sp++ )
*dp = *sp + ADD_VALUE;
/* and mix both pools */
mix_pool(rndpool); rndstats.mixrnd++;
mix_pool(keypool); rndstats.mixkey++;
/* read the required data
* we use a readpoiter to read from a different postion each
* time */
while( length-- ) {
*buffer++ = keypool[pool_readpos++];
if( pool_readpos >= POOLSIZE )
pool_readpos = 0;
pool_balance--;
}
if( pool_balance < 0 )
pool_balance = 0;
/* and clear the keypool */
memset( keypool, 0, POOLSIZE );
}
}
/****************
* Add LENGTH bytes of randomness from buffer to the pool.
* source may be used to specify the randomness source.
* Source is:
* 0 - used ony for initialization
* 1 - fast random poll function
* 2 - normal poll function
* 3 - used when level 2 random quality has been requested
* to do an extra pool seed.
*/
static void
add_randomness( const void *buffer, size_t length, int source )
{
const byte *p = buffer;
if( !is_initialized )
initialize();
rndstats.addbytes += length;
rndstats.naddbytes++;
while( length-- ) {
rndpool[pool_writepos++] ^= *p++;
if( pool_writepos >= POOLSIZE ) {
if( source > 1 )
pool_filled = 1;
pool_writepos = 0;
mix_pool(rndpool); rndstats.mixrnd++;
just_mixed = !length;
}
}
}
static void
random_poll()
{
rndstats.slowpolls++;
read_random_source( 2, POOLSIZE/5, 1 );
}
void
fast_random_poll()
{
static void (*fnc)( void (*)(const void*, size_t, int), int) = NULL;
static int initialized = 0;
rndstats.fastpolls++;
if( !initialized ) {
if( !is_initialized )
initialize();
initialized = 1;
- fnc = dynload_getfnc_fast_random_poll();
+ fnc = getfnc_fast_random_poll();
}
if( fnc ) {
(*fnc)( add_randomness, 1 );
return;
}
/* fall back to the generic function */
#if defined(HAVE_GETHRTIME) && !defined(HAVE_BROKEN_GETHRTIME)
{ hrtime_t tv;
/* On some Solaris and HPUX system gethrtime raises an SIGILL, but we
* checked this with configure */
tv = gethrtime();
add_randomness( &tv, sizeof(tv), 1 );
}
#elif defined (HAVE_GETTIMEOFDAY)
{ struct timeval tv;
if( gettimeofday( &tv, NULL ) )
BUG();
add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 );
}
#elif defined (HAVE_CLOCK_GETTIME)
{ struct timespec tv;
if( clock_gettime( CLOCK_REALTIME, &tv ) == -1 )
BUG();
add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
add_randomness( &tv.tv_nsec, sizeof(tv.tv_nsec), 1 );
}
#else /* use times */
#ifndef HAVE_DOSISH_SYSTEM
{ struct tms buf;
times( &buf );
add_randomness( &buf, sizeof buf, 1 );
}
#endif
#endif
#ifdef HAVE_GETRUSAGE
#ifndef RUSAGE_SELF
#ifdef __GCC__
#warning There is no RUSAGE_SELF on this system
#endif
#else
{ struct rusage buf;
/* QNX/Neutrino does return ENOSYS - so we just ignore it and
* add whatever is in buf. In a chroot environment it might not
* work at all (i.e. because /proc/ is not accessible), so we better
* ignore all error codes and hope for the best
*/
getrusage( RUSAGE_SELF, &buf );
add_randomness( &buf, sizeof buf, 1 );
memset( &buf, 0, sizeof buf );
}
#endif
#endif
/* time and clock are available on all systems - so
* we better do it just in case one of the above functions
* didn't work */
{ time_t x = time(NULL);
add_randomness( &x, sizeof(x), 1 );
}
{ clock_t x = clock();
add_randomness( &x, sizeof(x), 1 );
}
}
static void
read_random_source( int requester, size_t length, int level )
{
static int (*fnc)(void (*)(const void*, size_t, int), int,
size_t, int) = NULL;
if( !fnc ) {
if( !is_initialized )
initialize();
- fnc = dynload_getfnc_gather_random();
+ fnc = getfnc_gather_random();
if( !fnc ) {
faked_rng = 1;
fnc = gather_faked;
}
if( !requester && !length && !level )
return; /* init only */
}
if( (*fnc)( add_randomness, requester, length, level ) < 0 )
log_fatal("No way to gather entropy for the RNG\n");
}
static int
gather_faked( void (*add)(const void*, size_t, int), int requester,
size_t length, int level )
{
static int initialized=0;
size_t n;
char *buffer, *p;
if( !initialized ) {
log_info(_("WARNING: using insecure random number generator!!\n"));
tty_printf(_("The random number generator is only a kludge to let\n"
"it run - it is in no way a strong RNG!\n\n"
"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
initialized=1;
#ifdef HAVE_RAND
srand(make_timestamp()*getpid());
#else
srandom(make_timestamp()*getpid());
#endif
}
p = buffer = m_alloc( length );
n = length;
#ifdef HAVE_RAND
while( n-- )
*p++ = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
#else
while( n-- )
*p++ = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
#endif
add_randomness( buffer, length, requester );
m_free(buffer);
return 0; /* okay */
}
+
diff --git a/cipher/rmd160.c b/cipher/rmd160.c
index e35647af6..54dec6a15 100644
--- a/cipher/rmd160.c
+++ b/cipher/rmd160.c
@@ -1,652 +1,588 @@
/* rmd160.c - RIPE-MD160
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "rmd.h"
-#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */
-#include "dynload.h"
+#include "cipher.h" /* for rmd160_hash_buffer */
+#include "algorithms.h"
#include "bithelp.h"
/*********************************
* RIPEMD-160 is not patented, see (as of 25.10.97)
* http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
* Note that the code uses Little Endian byteorder, which is good for
* 386 etc, but we must add some conversion when used on a big endian box.
*
*
* Pseudo-code for RIPEMD-160
*
* RIPEMD-160 is an iterative hash function that operates on 32-bit words.
* The round function takes as input a 5-word chaining variable and a 16-word
* message block and maps this to a new chaining variable. All operations are
* defined on 32-bit words. Padding is identical to that of MD4.
*
*
* RIPEMD-160: definitions
*
*
* nonlinear functions at bit level: exor, mux, -, mux, -
*
* f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15)
* f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31)
* f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47)
* f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63)
* f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79)
*
*
* added constants (hexadecimal)
*
* K(j) = 0x00000000 (0 <= j <= 15)
* K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2))
* K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3))
* K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5))
* K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7))
* K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2))
* K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3))
* K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5))
* K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7))
* K'(j) = 0x00000000 (64 <= j <= 79)
*
*
* selection of message word
*
* r(j) = j (0 <= j <= 15)
* r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
* r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
* r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
* r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
* r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
* r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
* r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
* r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
* r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
*
*
* amount for rotate left (rol)
*
* s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
* s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
* s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
* s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
* s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
* s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
* s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
* s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
* s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
* s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
*
*
* initial value (hexadecimal)
*
* h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476;
* h4 = 0xC3D2E1F0;
*
*
* RIPEMD-160: pseudo-code
*
* It is assumed that the message after padding consists of t 16-word blocks
* that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15.
* The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left
* shift (rotate) over s positions.
*
*
* for i := 0 to t-1 {
* A := h0; B := h1; C := h2; D = h3; E = h4;
* A' := h0; B' := h1; C' := h2; D' = h3; E' = h4;
* for j := 0 to 79 {
* T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E;
* A := E; E := D; D := rol_10(C); C := B; B := T;
* T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)]
[+] K'(j)) [+] E';
* A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T;
* }
* T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A';
* h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T;
* }
*/
/* Some examples:
* "" 9c1185a5c5e9fc54612808977ee8f548b2258d31
* "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
* "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
* "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36
* "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc
* "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b
* "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189
* 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb
* 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528
*/
static void
burn_stack (int bytes)
{
char buf[150];
memset (buf, 0, sizeof buf);
bytes -= sizeof buf;
if (bytes > 0)
burn_stack (bytes);
}
void
rmd160_init( RMD160_CONTEXT *hd )
{
hd->h0 = 0x67452301;
hd->h1 = 0xEFCDAB89;
hd->h2 = 0x98BADCFE;
hd->h3 = 0x10325476;
hd->h4 = 0xC3D2E1F0;
hd->nblocks = 0;
hd->count = 0;
}
/****************
* Transform the message X which consists of 16 32-bit-words
*/
static void
transform( RMD160_CONTEXT *hd, byte *data )
{
u32 a,b,c,d,e,aa,bb,cc,dd,ee,t;
#ifdef BIG_ENDIAN_HOST
u32 x[16];
{ int i;
byte *p2, *p1;
for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) {
p2[3] = *p1++;
p2[2] = *p1++;
p2[1] = *p1++;
p2[0] = *p1++;
}
}
#else
#if 0
u32 *x =(u32*)data;
#else
/* this version is better because it is always aligned;
* The performance penalty on a 586-100 is about 6% which
* is acceptable - because the data is more local it might
* also be possible that this is faster on some machines.
* This function (when compiled with -02 on gcc 2.7.2)
* executes on a 586-100 (39.73 bogomips) at about 1900kb/sec;
* [measured with a 4MB data and "gpgm --print-md rmd160"] */
u32 x[16];
memcpy( x, data, 64 );
#endif
#endif
#define K0 0x00000000
#define K1 0x5A827999
#define K2 0x6ED9EBA1
#define K3 0x8F1BBCDC
#define K4 0xA953FD4E
#define KK0 0x50A28BE6
#define KK1 0x5C4DD124
#define KK2 0x6D703EF3
#define KK3 0x7A6D76E9
#define KK4 0x00000000
#define F0(x,y,z) ( (x) ^ (y) ^ (z) )
#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) )
#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) )
#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) )
#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) )
#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
a = rol(t,s) + e; \
c = rol(c,10); \
} while(0)
/* left lane */
a = hd->h0;
b = hd->h1;
c = hd->h2;
d = hd->h3;
e = hd->h4;
R( a, b, c, d, e, F0, K0, 0, 11 );
R( e, a, b, c, d, F0, K0, 1, 14 );
R( d, e, a, b, c, F0, K0, 2, 15 );
R( c, d, e, a, b, F0, K0, 3, 12 );
R( b, c, d, e, a, F0, K0, 4, 5 );
R( a, b, c, d, e, F0, K0, 5, 8 );
R( e, a, b, c, d, F0, K0, 6, 7 );
R( d, e, a, b, c, F0, K0, 7, 9 );
R( c, d, e, a, b, F0, K0, 8, 11 );
R( b, c, d, e, a, F0, K0, 9, 13 );
R( a, b, c, d, e, F0, K0, 10, 14 );
R( e, a, b, c, d, F0, K0, 11, 15 );
R( d, e, a, b, c, F0, K0, 12, 6 );
R( c, d, e, a, b, F0, K0, 13, 7 );
R( b, c, d, e, a, F0, K0, 14, 9 );
R( a, b, c, d, e, F0, K0, 15, 8 );
R( e, a, b, c, d, F1, K1, 7, 7 );
R( d, e, a, b, c, F1, K1, 4, 6 );
R( c, d, e, a, b, F1, K1, 13, 8 );
R( b, c, d, e, a, F1, K1, 1, 13 );
R( a, b, c, d, e, F1, K1, 10, 11 );
R( e, a, b, c, d, F1, K1, 6, 9 );
R( d, e, a, b, c, F1, K1, 15, 7 );
R( c, d, e, a, b, F1, K1, 3, 15 );
R( b, c, d, e, a, F1, K1, 12, 7 );
R( a, b, c, d, e, F1, K1, 0, 12 );
R( e, a, b, c, d, F1, K1, 9, 15 );
R( d, e, a, b, c, F1, K1, 5, 9 );
R( c, d, e, a, b, F1, K1, 2, 11 );
R( b, c, d, e, a, F1, K1, 14, 7 );
R( a, b, c, d, e, F1, K1, 11, 13 );
R( e, a, b, c, d, F1, K1, 8, 12 );
R( d, e, a, b, c, F2, K2, 3, 11 );
R( c, d, e, a, b, F2, K2, 10, 13 );
R( b, c, d, e, a, F2, K2, 14, 6 );
R( a, b, c, d, e, F2, K2, 4, 7 );
R( e, a, b, c, d, F2, K2, 9, 14 );
R( d, e, a, b, c, F2, K2, 15, 9 );
R( c, d, e, a, b, F2, K2, 8, 13 );
R( b, c, d, e, a, F2, K2, 1, 15 );
R( a, b, c, d, e, F2, K2, 2, 14 );
R( e, a, b, c, d, F2, K2, 7, 8 );
R( d, e, a, b, c, F2, K2, 0, 13 );
R( c, d, e, a, b, F2, K2, 6, 6 );
R( b, c, d, e, a, F2, K2, 13, 5 );
R( a, b, c, d, e, F2, K2, 11, 12 );
R( e, a, b, c, d, F2, K2, 5, 7 );
R( d, e, a, b, c, F2, K2, 12, 5 );
R( c, d, e, a, b, F3, K3, 1, 11 );
R( b, c, d, e, a, F3, K3, 9, 12 );
R( a, b, c, d, e, F3, K3, 11, 14 );
R( e, a, b, c, d, F3, K3, 10, 15 );
R( d, e, a, b, c, F3, K3, 0, 14 );
R( c, d, e, a, b, F3, K3, 8, 15 );
R( b, c, d, e, a, F3, K3, 12, 9 );
R( a, b, c, d, e, F3, K3, 4, 8 );
R( e, a, b, c, d, F3, K3, 13, 9 );
R( d, e, a, b, c, F3, K3, 3, 14 );
R( c, d, e, a, b, F3, K3, 7, 5 );
R( b, c, d, e, a, F3, K3, 15, 6 );
R( a, b, c, d, e, F3, K3, 14, 8 );
R( e, a, b, c, d, F3, K3, 5, 6 );
R( d, e, a, b, c, F3, K3, 6, 5 );
R( c, d, e, a, b, F3, K3, 2, 12 );
R( b, c, d, e, a, F4, K4, 4, 9 );
R( a, b, c, d, e, F4, K4, 0, 15 );
R( e, a, b, c, d, F4, K4, 5, 5 );
R( d, e, a, b, c, F4, K4, 9, 11 );
R( c, d, e, a, b, F4, K4, 7, 6 );
R( b, c, d, e, a, F4, K4, 12, 8 );
R( a, b, c, d, e, F4, K4, 2, 13 );
R( e, a, b, c, d, F4, K4, 10, 12 );
R( d, e, a, b, c, F4, K4, 14, 5 );
R( c, d, e, a, b, F4, K4, 1, 12 );
R( b, c, d, e, a, F4, K4, 3, 13 );
R( a, b, c, d, e, F4, K4, 8, 14 );
R( e, a, b, c, d, F4, K4, 11, 11 );
R( d, e, a, b, c, F4, K4, 6, 8 );
R( c, d, e, a, b, F4, K4, 15, 5 );
R( b, c, d, e, a, F4, K4, 13, 6 );
aa = a; bb = b; cc = c; dd = d; ee = e;
/* right lane */
a = hd->h0;
b = hd->h1;
c = hd->h2;
d = hd->h3;
e = hd->h4;
R( a, b, c, d, e, F4, KK0, 5, 8);
R( e, a, b, c, d, F4, KK0, 14, 9);
R( d, e, a, b, c, F4, KK0, 7, 9);
R( c, d, e, a, b, F4, KK0, 0, 11);
R( b, c, d, e, a, F4, KK0, 9, 13);
R( a, b, c, d, e, F4, KK0, 2, 15);
R( e, a, b, c, d, F4, KK0, 11, 15);
R( d, e, a, b, c, F4, KK0, 4, 5);
R( c, d, e, a, b, F4, KK0, 13, 7);
R( b, c, d, e, a, F4, KK0, 6, 7);
R( a, b, c, d, e, F4, KK0, 15, 8);
R( e, a, b, c, d, F4, KK0, 8, 11);
R( d, e, a, b, c, F4, KK0, 1, 14);
R( c, d, e, a, b, F4, KK0, 10, 14);
R( b, c, d, e, a, F4, KK0, 3, 12);
R( a, b, c, d, e, F4, KK0, 12, 6);
R( e, a, b, c, d, F3, KK1, 6, 9);
R( d, e, a, b, c, F3, KK1, 11, 13);
R( c, d, e, a, b, F3, KK1, 3, 15);
R( b, c, d, e, a, F3, KK1, 7, 7);
R( a, b, c, d, e, F3, KK1, 0, 12);
R( e, a, b, c, d, F3, KK1, 13, 8);
R( d, e, a, b, c, F3, KK1, 5, 9);
R( c, d, e, a, b, F3, KK1, 10, 11);
R( b, c, d, e, a, F3, KK1, 14, 7);
R( a, b, c, d, e, F3, KK1, 15, 7);
R( e, a, b, c, d, F3, KK1, 8, 12);
R( d, e, a, b, c, F3, KK1, 12, 7);
R( c, d, e, a, b, F3, KK1, 4, 6);
R( b, c, d, e, a, F3, KK1, 9, 15);
R( a, b, c, d, e, F3, KK1, 1, 13);
R( e, a, b, c, d, F3, KK1, 2, 11);
R( d, e, a, b, c, F2, KK2, 15, 9);
R( c, d, e, a, b, F2, KK2, 5, 7);
R( b, c, d, e, a, F2, KK2, 1, 15);
R( a, b, c, d, e, F2, KK2, 3, 11);
R( e, a, b, c, d, F2, KK2, 7, 8);
R( d, e, a, b, c, F2, KK2, 14, 6);
R( c, d, e, a, b, F2, KK2, 6, 6);
R( b, c, d, e, a, F2, KK2, 9, 14);
R( a, b, c, d, e, F2, KK2, 11, 12);
R( e, a, b, c, d, F2, KK2, 8, 13);
R( d, e, a, b, c, F2, KK2, 12, 5);
R( c, d, e, a, b, F2, KK2, 2, 14);
R( b, c, d, e, a, F2, KK2, 10, 13);
R( a, b, c, d, e, F2, KK2, 0, 13);
R( e, a, b, c, d, F2, KK2, 4, 7);
R( d, e, a, b, c, F2, KK2, 13, 5);
R( c, d, e, a, b, F1, KK3, 8, 15);
R( b, c, d, e, a, F1, KK3, 6, 5);
R( a, b, c, d, e, F1, KK3, 4, 8);
R( e, a, b, c, d, F1, KK3, 1, 11);
R( d, e, a, b, c, F1, KK3, 3, 14);
R( c, d, e, a, b, F1, KK3, 11, 14);
R( b, c, d, e, a, F1, KK3, 15, 6);
R( a, b, c, d, e, F1, KK3, 0, 14);
R( e, a, b, c, d, F1, KK3, 5, 6);
R( d, e, a, b, c, F1, KK3, 12, 9);
R( c, d, e, a, b, F1, KK3, 2, 12);
R( b, c, d, e, a, F1, KK3, 13, 9);
R( a, b, c, d, e, F1, KK3, 9, 12);
R( e, a, b, c, d, F1, KK3, 7, 5);
R( d, e, a, b, c, F1, KK3, 10, 15);
R( c, d, e, a, b, F1, KK3, 14, 8);
R( b, c, d, e, a, F0, KK4, 12, 8);
R( a, b, c, d, e, F0, KK4, 15, 5);
R( e, a, b, c, d, F0, KK4, 10, 12);
R( d, e, a, b, c, F0, KK4, 4, 9);
R( c, d, e, a, b, F0, KK4, 1, 12);
R( b, c, d, e, a, F0, KK4, 5, 5);
R( a, b, c, d, e, F0, KK4, 8, 14);
R( e, a, b, c, d, F0, KK4, 7, 6);
R( d, e, a, b, c, F0, KK4, 6, 8);
R( c, d, e, a, b, F0, KK4, 2, 13);
R( b, c, d, e, a, F0, KK4, 13, 6);
R( a, b, c, d, e, F0, KK4, 14, 5);
R( e, a, b, c, d, F0, KK4, 0, 15);
R( d, e, a, b, c, F0, KK4, 3, 13);
R( c, d, e, a, b, F0, KK4, 9, 11);
R( b, c, d, e, a, F0, KK4, 11, 11);
t = hd->h1 + d + cc;
hd->h1 = hd->h2 + e + dd;
hd->h2 = hd->h3 + a + ee;
hd->h3 = hd->h4 + b + aa;
hd->h4 = hd->h0 + c + bb;
hd->h0 = t;
}
/* Update the message digest with the contents
* of INBUF with length INLEN.
*/
static void
rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen)
{
if( hd->count == 64 ) { /* flush the buffer */
transform( hd, hd->buf );
burn_stack (108+5*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->count ) {
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
rmd160_write( hd, NULL, 0 );
if( !inlen )
return;
}
while( inlen >= 64 ) {
transform( hd, inbuf );
hd->count = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
burn_stack (108+5*sizeof(void*));
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
}
/****************
* Apply the rmd160 transform function on the buffer which must have
* a length 64 bytes. Do not use this function together with the
* other functions, use rmd160_init to initialize internal variables.
* Returns: 16 bytes in buffer with the mixed contentes of buffer.
*/
void
rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer )
{
char *p = buffer;
transform( hd, buffer );
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
X(0);
X(1);
X(2);
X(3);
X(4);
#undef X
}
/* The routine terminates the computation
*/
static void
rmd160_final( RMD160_CONTEXT *hd )
{
u32 t, msb, lsb;
byte *p;
rmd160_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a byte count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) { /* enough room */
hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else { /* need one extra block */
hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
rmd160_write(hd, NULL, 0); /* flush */;
memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = lsb ;
hd->buf[57] = lsb >> 8;
hd->buf[58] = lsb >> 16;
hd->buf[59] = lsb >> 24;
hd->buf[60] = msb ;
hd->buf[61] = msb >> 8;
hd->buf[62] = msb >> 16;
hd->buf[63] = msb >> 24;
transform( hd, hd->buf );
burn_stack (108+5*sizeof(void*));
p = hd->buf;
#ifdef BIG_ENDIAN_HOST
#define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \
*p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0)
#else /* little endian */
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
#endif
X(0);
X(1);
X(2);
X(3);
X(4);
#undef X
}
static byte *
rmd160_read( RMD160_CONTEXT *hd )
{
return hd->buf;
}
/****************
* Shortcut functions which puts the hash value of the supplied buffer
* into outbuf which must have a size of 20 bytes.
*/
void
rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length )
{
RMD160_CONTEXT hd;
rmd160_init( &hd );
rmd160_write( &hd, (byte*)buffer, length );
rmd160_final( &hd );
memcpy( outbuf, hd.buf, 20 );
}
/****************
* Return some information about the algorithm. We need algo here to
* distinguish different flavors of the algorithm.
* Returns: A pointer to string describing the algorithm or NULL if
* the ALGO is invalid.
*/
-static const char *
+const char *
rmd160_get_info( int algo, size_t *contextsize,
byte **r_asnoid, int *r_asnlen, int *r_mdlen,
void (**r_init)( void *c ),
void (**r_write)( void *c, byte *buf, size_t nbytes ),
void (**r_final)( void *c ),
byte *(**r_read)( void *c )
)
{
static byte asn[15] = /* Object ID is 1.3.36.3.2.1 */
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
if( algo != 3 )
return NULL;
*contextsize = sizeof(RMD160_CONTEXT);
*r_asnoid = asn;
*r_asnlen = DIM(asn);
*r_mdlen = 20;
*(void (**)(RMD160_CONTEXT *))r_init = rmd160_init;
*(void (**)(RMD160_CONTEXT *, byte*, size_t))r_write = rmd160_write;
*(void (**)(RMD160_CONTEXT *))r_final = rmd160_final;
*(byte *(**)(RMD160_CONTEXT *))r_read = rmd160_read;
return "RIPEMD160";
}
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "RMD160 ($Revision$)";
-
-static struct {
- int class;
- int version;
- int value;
- void (*func)(void);
-} func_table[] = {
- { 10, 1, 0, (void(*)(void))rmd160_get_info },
- { 11, 1, 3 },
-};
-
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- switch( *class ) {
- case 11:
- case 21:
- case 31:
- ret = &func_table[i].value;
- break;
- default:
-#ifndef __riscos__
- ret = func_table[i].func;
-#else /* __riscos__ */
- ret = (void *) func_table[i].func;
-#endif /* __riscos__ */
- break;
- }
- i++;
- } while( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-
-
-
-#ifndef IS_MODULE
-void
-rmd160_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version, gnupgext_enum_func );
-}
-#endif
-
diff --git a/cipher/rndegd.c b/cipher/rndegd.c
index 64226eabb..7503ab464 100644
--- a/cipher/rndegd.c
+++ b/cipher/rndegd.c
@@ -1,255 +1,208 @@
/* rndegd.c - interface to the EGD
- * Copyright (C) 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
+
+#ifdef USE_RNDEG
+
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <errno.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include "types.h"
#include "util.h"
#include "ttyio.h"
-#include "dynload.h"
+#include "algorithms.h"
#include "cipher.h"
+#include "i18n.h"
-#ifdef IS_MODULE
- #define _(a) (a)
-#else
- #include "i18n.h"
-#endif
#ifndef offsetof
#define offsetof(type, member) ((size_t) &((type *)0)->member)
#endif
static int
do_write( int fd, void *buf, size_t nbytes )
{
size_t nleft = nbytes;
int nwritten;
while( nleft > 0 ) {
nwritten = write( fd, buf, nleft);
if( nwritten < 0 ) {
if( errno == EINTR )
continue;
return -1;
}
nleft -= nwritten;
buf = (char*)buf + nwritten;
}
return 0;
}
static int
do_read( int fd, void *buf, size_t nbytes )
{
int n, nread = 0;
do {
do {
n = read(fd, (char*)buf + nread, nbytes );
} while( n == -1 && errno == EINTR );
if( n == -1 )
return -1;
+ else if( n == 0 ) {
+ /* EGD probably died. */
+ errno = ECONNRESET;
+ return -1;
+ }
nread += n;
} while( nread < nbytes );
return nbytes;
}
/****************
* Note: we always use the highest level.
* TO boost the performance we may want to add some
* additional code for level 1
*
* Using a level of 0 should never block and better add nothing
* to the pool. So this is just a dummy for EGD.
*/
-static int
-gather_random( void (*add)(const void*, size_t, int), int requester,
+int
+rndegd_gather_random( void (*add)(const void*, size_t, int), int requester,
size_t length, int level )
{
static int fd = -1;
int n;
byte buffer[256+2];
int nbytes;
int do_restart = 0;
if( !length )
return 0;
if( !level )
return 0;
restart:
if( do_restart ) {
if( fd != -1 ) {
close( fd );
fd = -1;
}
}
if( fd == -1 ) {
const char *bname = NULL;
char *name;
struct sockaddr_un addr;
int addr_len;
#ifdef EGD_SOCKET_NAME
bname = EGD_SOCKET_NAME;
#endif
if ( !bname || !*bname )
bname = "=entropy";
if ( *bname == '=' && bname[1] )
name = make_filename( g10_opt_homedir, bname+1 , NULL );
else
name = make_filename( bname , NULL );
if ( strlen(name)+1 >= sizeof addr.sun_path )
g10_log_fatal ("EGD socketname is too long\n");
memset( &addr, 0, sizeof addr );
addr.sun_family = AF_UNIX;
strcpy( addr.sun_path, name );
addr_len = offsetof( struct sockaddr_un, sun_path )
+ strlen( addr.sun_path );
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if( fd == -1 )
g10_log_fatal("can't create unix domain socket: %s\n",
strerror(errno) );
if( connect( fd, (struct sockaddr*)&addr, addr_len) == -1 )
g10_log_fatal("can't connect to `%s': %s\n",
name, strerror(errno) );
m_free(name);
}
do_restart = 0;
nbytes = length < 255? length : 255;
/* first time we do it with a non blocking request */
buffer[0] = 1; /* non blocking */
buffer[1] = nbytes;
if( do_write( fd, buffer, 2 ) == -1 )
g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) );
n = do_read( fd, buffer, 1 );
if( n == -1 ) {
g10_log_error("read error on EGD: %s\n", strerror(errno));
do_restart = 1;
goto restart;
}
n = buffer[0];
if( n ) {
n = do_read( fd, buffer, n );
if( n == -1 ) {
g10_log_error("read error on EGD: %s\n", strerror(errno));
do_restart = 1;
goto restart;
}
(*add)( buffer, n, requester );
length -= n;
}
if( length ) {
- #ifdef IS_MODULE
- fprintf( stderr,
- #else
tty_printf(
- #endif
_("Please wait, entropy is being gathered. Do some work if it would\n"
"keep you from getting bored, because it will improve the quality\n"
"of the entropy.\n") );
}
while( length ) {
nbytes = length < 255? length : 255;
buffer[0] = 2; /* blocking */
buffer[1] = nbytes;
if( do_write( fd, buffer, 2 ) == -1 )
g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) );
n = do_read( fd, buffer, nbytes );
if( n == -1 ) {
g10_log_error("read error on EGD: %s\n", strerror(errno));
do_restart = 1;
goto restart;
}
(*add)( buffer, n, requester );
length -= n;
}
memset(buffer, 0, sizeof(buffer) );
return 0; /* success */
}
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "RNDEGD ($Revision$)";
-
-static struct {
- int class;
- int version;
- int (*func)(void);
-} func_table[] = {
- { 40, 1, (int (*)(void))gather_random },
-};
-
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if ( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- ret = func_table[i].func;
- i++;
- } while ( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-#ifndef IS_MODULE
-void
-rndegd_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version,
- gnupgext_enum_func );
-}
-#endif
-
+#endif /*USE_RNDEGD*/
diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c
index 0b138fcda..c31b7f71c 100644
--- a/cipher/rndlinux.c
+++ b/cipher/rndlinux.c
@@ -1,240 +1,164 @@
/* rndlinux.c - raw random number for OSes with /dev/random
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
+
+#ifdef USE_RNDLINUX
+
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <errno.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/stat.h>
#ifdef HAVE_GETTIMEOFDAY
#include <sys/times.h>
#endif
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#if 0
#include <sys/ioctl.h>
#include <asm/types.h>
#include <linux/random.h>
#endif
#include "types.h"
#include "util.h"
#include "ttyio.h"
-#include "dynload.h"
+#include "algorithms.h"
-#ifdef IS_MODULE
- #define _(a) (a)
-#else
- #include "i18n.h"
-#endif
+#include "i18n.h"
static int open_device( const char *name, int minor );
-static int gather_random( void (*add)(const void*, size_t, int), int requester,
- size_t length, int level );
+
#if 0
#ifdef HAVE_DEV_RANDOM_IOCTL
static ulong
get_entropy_count( int fd )
{
ulong count;
if( ioctl( fd, RNDGETENTCNT, &count ) == -1 )
g10_log_fatal("ioctl(RNDGETENTCNT) failed: %s\n", strerror(errno) );
return count;
}
#endif
#endif
/****************
* Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists), ...)
*/
static int
open_device( const char *name, int minor )
{
int fd;
struct stat sb;
fd = open( name, O_RDONLY );
if( fd == -1 )
g10_log_fatal("can't open %s: %s\n", name, strerror(errno) );
if( fstat( fd, &sb ) )
g10_log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
/* Don't check device type for better portability */
/* if( (!S_ISCHR(sb.st_mode)) && (!S_ISFIFO(sb.st_mode)) )
g10_log_fatal("invalid random device!\n" ); */
return fd;
}
/****************
* Note: Using a level of 0 should never block and better add nothing
* to the pool. This is easy to accomplish with /dev/urandom.
*/
-static int
-gather_random( void (*add)(const void*, size_t, int), int requester,
+int
+rndlinux_gather_random( void (*add)(const void*, size_t, int), int requester,
size_t length, int level )
{
static int fd_urandom = -1;
static int fd_random = -1;
int fd;
int n;
int warn=0;
byte buffer[768];
if( level >= 2 ) {
if( fd_random == -1 )
fd_random = open_device( NAME_OF_DEV_RANDOM, 8 );
fd = fd_random;
}
else {
/* this will also be used for elve 0 but by using /dev/urandom
* we can be sure that oit will never block. */
if( fd_urandom == -1 )
fd_urandom = open_device( NAME_OF_DEV_URANDOM, 9 );
fd = fd_urandom;
}
#if 0
#ifdef HAVE_DEV_RANDOM_IOCTL
g10_log_info("entropy count of %d is %lu\n", fd, get_entropy_count(fd) );
#endif
#endif
while( length ) {
fd_set rfds;
struct timeval tv;
int rc;
FD_ZERO(&rfds);
FD_SET(fd, &rfds);
tv.tv_sec = 3;
tv.tv_usec = 0;
if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
if( !warn )
- #ifdef IS_MODULE
- fprintf(stderr,
- #else
tty_printf(
- #endif
_("\n"
"Not enough random bytes available. Please do some other work to give\n"
"the OS a chance to collect more entropy! (Need %d more bytes)\n"), (int)length );
warn = 1;
continue;
}
else if( rc == -1 ) {
- #ifdef IS_MODULE
- fprintf(stderr,
- #else
tty_printf(
- #endif
"select() error: %s\n", strerror(errno));
continue;
}
do {
int nbytes = length < sizeof(buffer)? length : sizeof(buffer);
n = read(fd, buffer, nbytes );
if( n >= 0 && n > nbytes ) {
g10_log_error("bogus read from random device (n=%d)\n", n );
n = nbytes;
}
} while( n == -1 && errno == EINTR );
if( n == -1 )
g10_log_fatal("read error on random device: %s\n", strerror(errno));
(*add)( buffer, n, requester );
length -= n;
}
memset(buffer, 0, sizeof(buffer) );
return 0; /* success */
}
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "RNDLINUX ($Revision$)";
-
-static struct {
- int class;
- int version;
- int (*func)(void);
-} func_table[] = {
- { 40, 1, (int (*)(void))gather_random },
-};
-
-
-
-/****************
- * Enumerate the names of the functions together with informations about
- * this function. Set sequence to an integer with a initial value of 0 and
- * do not change it.
- * If what is 0 all kind of functions are returned.
- * Return values: class := class of function:
- * 10 = message digest algorithm info function
- * 11 = integer with available md algorithms
- * 20 = cipher algorithm info function
- * 21 = integer with available cipher algorithms
- * 30 = public key algorithm info function
- * 31 = integer with available pubkey algorithms
- * 40 = get gather_random function
- * 41 = get fast_random_poll function
- * version = interface version of the function/pointer
- * (currently this is 1 for all functions)
- */
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if ( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- ret = func_table[i].func;
- i++;
- } while ( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-#ifndef IS_MODULE
-void
-rndlinux_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version,
- gnupgext_enum_func );
-}
-#endif
-
+#endif /*USE_RNDLINUX*/
diff --git a/cipher/rndunix.c b/cipher/rndunix.c
index a46b5ec97..c8d140efe 100644
--- a/cipher/rndunix.c
+++ b/cipher/rndunix.c
@@ -1,915 +1,852 @@
/****************************************************************************
* *
* *
* Unix Randomness-Gathering Code *
* *
* Copyright Peter Gutmann, Paul Kendall, and Chris Wedgwood 1996-1999. *
* Heavily modified for GnuPG by Werner Koch *
* *
* *
****************************************************************************/
/* This module is part of the cryptlib continuously seeded pseudorandom
number generator. For usage conditions, see lib_rand.c
[Here is the notice from lib_rand.c:]
This module and the misc/rnd*.c modules represent the cryptlib
continuously seeded pseudorandom number generator (CSPRNG) as described in
my 1998 Usenix Security Symposium paper "The generation of random numbers
for cryptographic purposes".
The CSPRNG code is copyright Peter Gutmann (and various others) 1996,
1997, 1998, 1999, all rights reserved. Redistribution of the CSPRNG
modules and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice
and this permission notice in its entirety.
2. Redistributions in binary form must reproduce the copyright notice in
the documentation and/or other materials provided with the distribution.
3. A copy of any bugfixes or enhancements made must be provided to the
author, <pgut001@cs.auckland.ac.nz> to allow them to be added to the
baseline version of the code.
ALTERNATIVELY, the code may be distributed under the terms of the GNU
General Public License, version 2 or any later version published by the
Free Software Foundation, in which case the provisions of the GNU GPL are
required INSTEAD OF the above restrictions.
Although not required under the terms of the GPL, it would still be nice if
you could make any changes available to the author to allow a consistent
code base to be maintained */
/* General includes */
#include <config.h>
+
+#ifdef USE_RNDUNIX
+
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <assert.h>
/* OS-specific includes */
#ifdef __osf__
/* Somewhere in the morass of system-specific cruft which OSF/1 pulls in
* via the following includes are various endianness defines, so we
* undefine the cryptlib ones, which aren't really needed for this module
* anyway */
#undef BIG_ENDIAN
#undef LITTLE_ENDIAN
#endif /* __osf__ */
#include <unistd.h>
#include <fcntl.h>
#include <pwd.h>
#ifndef __QNX__
#include <sys/errno.h>
#include <sys/ipc.h>
#endif /* __QNX__ */
#include <sys/time.h> /* SCO and SunOS need this before resource.h */
#ifndef __QNX__
#include <sys/resource.h>
#endif /* __QNX__ */
#if defined( _AIX ) || defined( __QNX__ )
#include <sys/select.h>
#endif /* _AIX || __QNX__ */
#ifndef __QNX__
#include <sys/shm.h>
#include <signal.h>
#include <sys/signal.h>
#endif /* __QNX__ */
#include <sys/stat.h>
#include <sys/types.h> /* Verschiedene komische Typen */
#if defined( __hpux ) && ( OS_VERSION == 9 )
#include <vfork.h>
#endif /* __hpux 9.x, after that it's in unistd.h */
#include <sys/wait.h>
/* #include <kitchensink.h> */
#ifdef __QNX__
#include <signal.h>
#include <process.h>
#endif /* __QNX__ */
#include <errno.h>
#include "types.h" /* for byte and u32 typedefs */
#ifndef IS_MODULE
#include "dynload.h"
#endif
#include "util.h"
#ifndef EAGAIN
#define EAGAIN EWOULDBLOCK
#endif
#ifndef STDIN_FILENO
#define STDIN_FILENO 0
#endif
#ifndef STDOUT_FILENO
#define STDOUT_FILENO 1
#endif
#define GATHER_BUFSIZE 49152 /* Usually about 25K are filled */
/* The structure containing information on random-data sources. Each
* record contains the source and a relative estimate of its usefulness
* (weighting) which is used to scale the number of kB of output from the
* source (total = data_bytes / usefulness). Usually the weighting is in the
* range 1-3 (or 0 for especially useless sources), resulting in a usefulness
* rating of 1...3 for each kB of source output (or 0 for the useless
* sources).
*
* If the source is constantly changing (certain types of network statistics
* have this characteristic) but the amount of output is small, the weighting
* is given as a negative value to indicate that the output should be treated
* as if a minimum of 1K of output had been obtained. If the source produces
* a lot of output then the scale factor is fractional, resulting in a
* usefulness rating of < 1 for each kB of source output.
*
* In order to provide enough randomness to satisfy the requirements for a
* slow poll, we need to accumulate at least 20 points of usefulness (a
* typical system should get about 30 points).
*
* Some potential options are missed out because of special considerations.
* pstat -i and pstat -f can produce amazing amounts of output (the record
* is 600K on an Oracle server) which floods the buffer and doesn't yield
* anything useful (apart from perhaps increasing the entropy of the vmstat
* output a bit), so we don't bother with this. pstat in general produces
* quite a bit of output, but it doesn't change much over time, so it gets
* very low weightings. netstat -s produces constantly-changing output but
* also produces quite a bit of it, so it only gets a weighting of 2 rather
* than 3. The same holds for netstat -in, which gets 1 rather than 2.
*
* Some binaries are stored in different locations on different systems so
* alternative paths are given for them. The code sorts out which one to
* run by itself, once it finds an exectable somewhere it moves on to the
* next source. The sources are arranged roughly in their order of
* usefulness, occasionally sources which provide a tiny amount of
* relatively useless data are placed ahead of ones which provide a large
* amount of possibly useful data because another 100 bytes can't hurt, and
* it means the buffer won't be swamped by one or two high-output sources.
* All the high-output sources are clustered towards the end of the list
* for this reason. Some binaries are checked for in a certain order, for
* example under Slowaris /usr/ucb/ps understands aux as an arg, but the
* others don't. Some systems have conditional defines enabling alternatives
* to commands which don't understand the usual options but will provide
* enough output (in the form of error messages) to look like they're the
* real thing, causing alternative options to be skipped (we can't check the
* return either because some commands return peculiar, non-zero status even
* when they're working correctly).
*
* In order to maximise use of the buffer, the code performs a form of run-
* length compression on its input where a repeated sequence of bytes is
* replaced by the occurrence count mod 256. Some commands output an awful
* lot of whitespace, this measure greatly increases the amount of data we
* can fit in the buffer.
*
* When we scale the weighting using the SC() macro, some preprocessors may
* give a division by zero warning for the most obvious expression
* 'weight ? 1024 / weight : 0' (and gcc 2.7.2.2 dies with a division by zero
* trap), so we define a value SC_0 which evaluates to zero when fed to
* '1024 / SC_0' */
#define SC( weight ) ( 1024 / weight ) /* Scale factor */
#define SC_0 16384 /* SC( SC_0 ) evalutes to 0 */
static struct RI {
const char *path; /* Path to check for existence of source */
const char *arg; /* Args for source */
const int usefulness; /* Usefulness of source */
FILE *pipe; /* Pipe to source as FILE * */
int pipeFD; /* Pipe to source as FD */
pid_t pid; /* pid of child for waitpid() */
int length; /* Quantity of output produced */
const int hasAlternative; /* Whether source has alt.location */
} dataSources[] = {
{ "/bin/vmstat", "-s", SC(-3), NULL, 0, 0, 0, 1 },
{ "/usr/bin/vmstat", "-s", SC(-3), NULL, 0, 0, 0, 0},
{ "/bin/vmstat", "-c", SC(-3), NULL, 0, 0, 0, 1 },
{ "/usr/bin/vmstat", "-c", SC(-3), NULL, 0, 0, 0, 0},
{ "/usr/bin/pfstat", NULL, SC(-2), NULL, 0, 0, 0, 0},
{ "/bin/vmstat", "-i", SC(-2), NULL, 0, 0, 0, 1 },
{ "/usr/bin/vmstat", "-i", SC(-2), NULL, 0, 0, 0, 0},
{ "/usr/ucb/netstat", "-s", SC(2), NULL, 0, 0, 0, 1 },
{ "/usr/bin/netstat", "-s", SC(2), NULL, 0, 0, 0, 1 },
{ "/usr/sbin/netstat", "-s", SC(2), NULL, 0, 0, 0, 1},
{ "/usr/etc/netstat", "-s", SC(2), NULL, 0, 0, 0, 0},
{ "/usr/bin/nfsstat", NULL, SC(2), NULL, 0, 0, 0, 0},
{ "/usr/ucb/netstat", "-m", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/bin/netstat", "-m", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/sbin/netstat", "-m", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/etc/netstat", "-m", SC(-1), NULL, 0, 0, 0, 0 },
{ "/bin/netstat", "-in", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/ucb/netstat", "-in", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/bin/netstat", "-in", SC(-1), NULL, 0, 0, 0, 1 },
{ "/usr/sbin/netstat", "-in", SC(-1), NULL, 0, 0, 0, 1},
{ "/usr/etc/netstat", "-in", SC(-1), NULL, 0, 0, 0, 0},
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.7.1.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* UDP in */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.7.4.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* UDP out */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.4.3.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* IP ? */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.6.10.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* TCP ? */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.6.11.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* TCP ? */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.6.13.0",
SC(-1), NULL, 0, 0, 0, 0 }, /* TCP ? */
{ "/usr/bin/mpstat", NULL, SC(1), NULL, 0, 0, 0, 0 },
{ "/usr/bin/w", NULL, SC(1), NULL, 0, 0, 0, 1 },
{ "/usr/bsd/w", NULL, SC(1), NULL, 0, 0, 0, 0 },
{ "/usr/bin/df", NULL, SC(1), NULL, 0, 0, 0, 1 },
{ "/bin/df", NULL, SC(1), NULL, 0, 0, 0, 0 },
{ "/usr/sbin/portstat", NULL, SC(1), NULL, 0, 0, 0, 0 },
{ "/usr/bin/iostat", NULL, SC(SC_0), NULL, 0, 0, 0, 0 },
{ "/usr/bin/uptime", NULL, SC(SC_0), NULL, 0, 0, 0, 1 },
{ "/usr/bsd/uptime", NULL, SC(SC_0), NULL, 0, 0, 0, 0 },
{ "/bin/vmstat", "-f", SC(SC_0), NULL, 0, 0, 0, 1 },
{ "/usr/bin/vmstat", "-f", SC(SC_0), NULL, 0, 0, 0, 0 },
{ "/bin/vmstat", NULL, SC(SC_0), NULL, 0, 0, 0, 1 },
{ "/usr/bin/vmstat", NULL, SC(SC_0), NULL, 0, 0, 0, 0 },
{ "/usr/ucb/netstat", "-n", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/usr/bin/netstat", "-n", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/usr/sbin/netstat", "-n", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/usr/etc/netstat", "-n", SC(0.5), NULL, 0, 0, 0, 0 },
#if defined( __sgi ) || defined( __hpux )
{ "/bin/ps", "-el", SC(0.3), NULL, 0, 0, 0, 1 },
#endif /* __sgi || __hpux */
{ "/usr/ucb/ps", "aux", SC(0.3), NULL, 0, 0, 0, 1 },
{ "/usr/bin/ps", "aux", SC(0.3), NULL, 0, 0, 0, 1 },
{ "/bin/ps", "aux", SC(0.3), NULL, 0, 0, 0, 0 },
{ "/bin/ps", "-A", SC(0.3), NULL, 0, 0, 0, 0 }, /*QNX*/
{ "/usr/bin/ipcs", "-a", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/bin/ipcs", "-a", SC(0.5), NULL, 0, 0, 0, 0 },
/* Unreliable source, depends on system usage */
{ "/etc/pstat", "-p", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/bin/pstat", "-p", SC(0.5), NULL, 0, 0, 0, 0 },
{ "/etc/pstat", "-S", SC(0.2), NULL, 0, 0, 0, 1 },
{ "/bin/pstat", "-S", SC(0.2), NULL, 0, 0, 0, 0 },
{ "/etc/pstat", "-v", SC(0.2), NULL, 0, 0, 0, 1 },
{ "/bin/pstat", "-v", SC(0.2), NULL, 0, 0, 0, 0 },
{ "/etc/pstat", "-x", SC(0.2), NULL, 0, 0, 0, 1 },
{ "/bin/pstat", "-x", SC(0.2), NULL, 0, 0, 0, 0 },
{ "/etc/pstat", "-t", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/bin/pstat", "-t", SC(0.1), NULL, 0, 0, 0, 0 },
/* pstat is your friend */
{ "/usr/bin/last", "-n 50", SC(0.3), NULL, 0, 0, 0, 1 },
#ifdef __sgi
{ "/usr/bsd/last", "-50", SC(0.3), NULL, 0, 0, 0, 0 },
#endif /* __sgi */
#ifdef __hpux
{ "/etc/last", "-50", SC(0.3), NULL, 0, 0, 0, 0 },
#endif /* __hpux */
{ "/usr/bsd/last", "-n 50", SC(0.3), NULL, 0, 0, 0, 0 },
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.5.1.0",
SC(0.1), NULL, 0, 0, 0, 0 }, /* ICMP ? */
{ "/usr/sbin/snmp_request", "localhost public get 1.3.6.1.2.1.5.3.0",
SC(0.1), NULL, 0, 0, 0, 0 }, /* ICMP ? */
{ "/etc/arp", "-a", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/usr/etc/arp", "-a", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/usr/bin/arp", "-a", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/usr/sbin/arp", "-a", SC(0.1), NULL, 0, 0, 0, 0 },
{ "/usr/sbin/ripquery", "-nw 1 127.0.0.1",
SC(0.1), NULL, 0, 0, 0, 0 },
{ "/bin/lpstat", "-t", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/usr/bin/lpstat", "-t", SC(0.1), NULL, 0, 0, 0, 1 },
{ "/usr/ucb/lpstat", "-t", SC(0.1), NULL, 0, 0, 0, 0 },
{ "/usr/bin/tcpdump", "-c 5 -efvvx", SC(1), NULL, 0, 0, 0, 0 },
/* This is very environment-dependant. If network traffic is low, it'll
* probably time out before delivering 5 packets, which is OK because
* it'll probably be fixed stuff like ARP anyway */
{ "/usr/sbin/advfsstat", "-b usr_domain",
SC(SC_0), NULL, 0, 0, 0, 0},
{ "/usr/sbin/advfsstat", "-l 2 usr_domain",
SC(0.5), NULL, 0, 0, 0, 0},
{ "/usr/sbin/advfsstat", "-p usr_domain",
SC(SC_0), NULL, 0, 0, 0, 0},
/* This is a complex and screwball program. Some systems have things
* like rX_dmn, x = integer, for RAID systems, but the statistics are
* pretty dodgy */
#ifdef __QNXNTO__
{ "/bin/pidin", "-F%A%B%c%d%E%I%J%K%m%M%n%N%p%P%S%s%T", SC(0.3),
NULL, 0, 0, 0, 0 },
#endif
#if 0
/* The following aren't enabled since they're somewhat slow and not very
* unpredictable, however they give an indication of the sort of sources
* you can use (for example the finger might be more useful on a
* firewalled internal network) */
{ "/usr/bin/finger", "@ml.media.mit.edu", SC(0.9), NULL, 0, 0, 0, 0 },
{ "/usr/local/bin/wget", "-O - http://lavarand.sgi.com/block.html",
SC(0.9), NULL, 0, 0, 0, 0 },
{ "/bin/cat", "/usr/spool/mqueue/syslog", SC(0.9), NULL, 0, 0, 0, 0 },
#endif /* 0 */
{ NULL, NULL, 0, NULL, 0, 0, 0, 0 }
};
static byte *gather_buffer; /* buffer for gathering random noise */
static int gather_buffer_size; /* size of the memory buffer */
static uid_t gatherer_uid;
/* The message structure used to communicate with the parent */
typedef struct {
int usefulness; /* usefulness of data */
int ndata; /* valid bytes in data */
char data[500]; /* gathered data */
} GATHER_MSG;
#ifndef HAVE_WAITPID
pid_t
waitpid(pid_t pid, int *statptr, int options)
{
#ifdef HAVE_WAIT4
return wait4(pid, statptr, options, NULL);
#else
/* If wait4 is also not available, try wait3 for SVR3 variants */
/* Less ideal because can't actually request a specific pid */
/* For that reason, first check to see if pid is for an */
/* existing process. */
int tmp_pid, dummystat;;
if (kill(pid, 0) == -1) {
errno = ECHILD;
return -1;
}
if (statptr == NULL)
statptr = &dummystat;
while (((tmp_pid = wait3(statptr, options, 0)) != pid) &&
(tmp_pid != -1) && (tmp_pid != 0) && (pid != -1))
;
return tmp_pid;
#endif
}
#endif
/* Under SunOS popen() doesn't record the pid of the child process. When
* pclose() is called, instead of calling waitpid() for the correct child, it
* calls wait() repeatedly until the right child is reaped. The problem is
* that this reaps any other children that happen to have died at that
* moment, and when their pclose() comes along, the process hangs forever.
* The fix is to use a wrapper for popen()/pclose() which saves the pid in
* the dataSources structure (code adapted from GNU-libc's popen() call).
*
* Aut viam inveniam aut faciam */
static FILE *
my_popen(struct RI *entry)
{
int pipedes[2];
FILE *stream;
/* Create the pipe */
if (pipe(pipedes) < 0)
return (NULL);
/* Fork off the child ("vfork() is like an OS orgasm. All OS's want to
* do it, but most just end up faking it" - Chris Wedgwood). If your OS
* supports it, you should try to use vfork() here because it's somewhat
* more efficient */
#if defined( sun ) || defined( __ultrix__ ) || defined( __osf__ ) || \
defined(__hpux)
entry->pid = vfork();
#else /* */
entry->pid = fork();
#endif /* Unixen which have vfork() */
if (entry->pid == (pid_t) - 1) {
/* The fork failed */
close(pipedes[0]);
close(pipedes[1]);
return (NULL);
}
if (entry->pid == (pid_t) 0) {
struct passwd *passwd;
/* We are the child. Make the read side of the pipe be stdout */
if (dup2(pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0)
exit(127);
/* Now that everything is set up, give up our permissions to make
* sure we don't read anything sensitive. If the getpwnam() fails,
* we default to -1, which is usually nobody */
if (gatherer_uid == (uid_t)-1 && \
(passwd = getpwnam("nobody")) != NULL)
gatherer_uid = passwd->pw_uid;
setuid(gatherer_uid);
/* Close the pipe descriptors */
close(pipedes[STDIN_FILENO]);
close(pipedes[STDOUT_FILENO]);
/* Try and exec the program */
execl(entry->path, entry->path, entry->arg, NULL);
/* Die if the exec failed */
exit(127);
}
/* We are the parent. Close the irrelevant side of the pipe and open
* the relevant side as a new stream. Mark our side of the pipe to
* close on exec, so new children won't see it */
close(pipedes[STDOUT_FILENO]);
#ifdef FD_CLOEXEC
fcntl(pipedes[STDIN_FILENO], F_SETFD, FD_CLOEXEC);
#endif
stream = fdopen(pipedes[STDIN_FILENO], "r");
if (stream == NULL) {
int savedErrno = errno;
/* The stream couldn't be opened or the child structure couldn't be
* allocated. Kill the child and close the other side of the pipe */
kill(entry->pid, SIGKILL);
if (stream == NULL)
close(pipedes[STDOUT_FILENO]);
else
fclose(stream);
waitpid(entry->pid, NULL, 0);
entry->pid = 0;
errno = savedErrno;
return (NULL);
}
return (stream);
}
static int
my_pclose(struct RI *entry)
{
int status = 0;
if (fclose(entry->pipe))
return (-1);
/* We ignore the return value from the process because some programs
* return funny values which would result in the input being discarded
* even if they executed successfully. This isn't a problem because the
* result data size threshold will filter out any programs which exit
* with a usage message without producing useful output */
if (waitpid(entry->pid, NULL, 0) != entry->pid)
status = -1;
entry->pipe = NULL;
entry->pid = 0;
return (status);
}
/* Unix slow poll (without special support for Linux)
*
* If a few of the randomness sources create a large amount of output then
* the slowPoll() stops once the buffer has been filled (but before all the
* randomness sources have been sucked dry) so that the 'usefulness' factor
* remains below the threshold. For this reason the gatherer buffer has to
* be fairly sizeable on moderately loaded systems. This is something of a
* bug since the usefulness should be influenced by the amount of output as
* well as the source type */
static int
slow_poll(FILE *dbgfp, int dbgall, size_t *nbytes )
{
int moreSources;
struct timeval tv;
fd_set fds;
#if defined( __hpux )
size_t maxFD = 0;
#else
int maxFD = 0;
#endif /* OS-specific brokenness */
int bufPos, i, usefulness = 0;
/* Fire up each randomness source */
FD_ZERO(&fds);
for (i = 0; dataSources[i].path != NULL; i++) {
/* Since popen() is a fairly heavy function, we check to see whether
* the executable exists before we try to run it */
if (access(dataSources[i].path, X_OK)) {
if( dbgfp && dbgall )
fprintf(dbgfp, "%s not present%s\n", dataSources[i].path,
dataSources[i].hasAlternative ?
", has alternatives" : "");
dataSources[i].pipe = NULL;
}
else
dataSources[i].pipe = my_popen(&dataSources[i]);
if (dataSources[i].pipe != NULL) {
dataSources[i].pipeFD = fileno(dataSources[i].pipe);
if (dataSources[i].pipeFD > maxFD)
maxFD = dataSources[i].pipeFD;
#ifdef O_NONBLOCK /* Ohhh what a hack (used for Atari) */
fcntl(dataSources[i].pipeFD, F_SETFL, O_NONBLOCK);
#endif
FD_SET(dataSources[i].pipeFD, &fds);
dataSources[i].length = 0;
/* If there are alternatives for this command, don't try and
* execute them */
while (dataSources[i].hasAlternative) {
if( dbgfp && dbgall )
fprintf(dbgfp, "Skipping %s\n", dataSources[i + 1].path);
i++;
}
}
}
/* Suck all the data we can get from each of the sources */
bufPos = 0;
moreSources = 1;
while (moreSources && bufPos <= gather_buffer_size) {
/* Wait for data to become available from any of the sources, with a
* timeout of 10 seconds. This adds even more randomness since data
* becomes available in a nondeterministic fashion. Kudos to HP's QA
* department for managing to ship a select() which breaks its own
* prototype */
tv.tv_sec = 10;
tv.tv_usec = 0;
#if defined( __hpux ) && ( OS_VERSION == 9 )
if (select(maxFD + 1, (int *)&fds, NULL, NULL, &tv) == -1)
#else /* */
if (select(maxFD + 1, &fds, NULL, NULL, &tv) == -1)
#endif /* __hpux */
break;
/* One of the sources has data available, read it into the buffer */
for (i = 0; dataSources[i].path != NULL; i++) {
if( dataSources[i].pipe && FD_ISSET(dataSources[i].pipeFD, &fds)) {
size_t noBytes;
if ((noBytes = fread(gather_buffer + bufPos, 1,
gather_buffer_size - bufPos,
dataSources[i].pipe)) == 0) {
if (my_pclose(&dataSources[i]) == 0) {
int total = 0;
/* Try and estimate how much entropy we're getting
* from a data source */
if (dataSources[i].usefulness) {
if (dataSources[i].usefulness < 0)
total = (dataSources[i].length + 999)
/ -dataSources[i].usefulness;
else
total = dataSources[i].length
/ dataSources[i].usefulness;
}
if( dbgfp )
fprintf(dbgfp,
"%s %s contributed %d bytes, "
"usefulness = %d\n", dataSources[i].path,
(dataSources[i].arg != NULL) ?
dataSources[i].arg : "",
dataSources[i].length, total);
if( dataSources[i].length )
usefulness += total;
}
dataSources[i].pipe = NULL;
}
else {
int currPos = bufPos;
int endPos = bufPos + noBytes;
/* Run-length compress the input byte sequence */
while (currPos < endPos) {
int ch = gather_buffer[currPos];
/* If it's a single byte, just copy it over */
if (ch != gather_buffer[currPos + 1]) {
gather_buffer[bufPos++] = ch;
currPos++;
}
else {
int count = 0;
/* It's a run of repeated bytes, replace them
* with the byte count mod 256 */
while ((ch == gather_buffer[currPos])
&& currPos < endPos) {
count++;
currPos++;
}
gather_buffer[bufPos++] = count;
noBytes -= count - 1;
}
}
/* Remember the number of (compressed) bytes of input we
* obtained */
dataSources[i].length += noBytes;
}
}
}
/* Check if there is more input available on any of the sources */
moreSources = 0;
FD_ZERO(&fds);
for (i = 0; dataSources[i].path != NULL; i++) {
if (dataSources[i].pipe != NULL) {
FD_SET(dataSources[i].pipeFD, &fds);
moreSources = 1;
}
}
}
if( dbgfp ) {
fprintf(dbgfp, "Got %d bytes, usefulness = %d\n", bufPos, usefulness);
fflush(dbgfp);
}
*nbytes = bufPos;
return usefulness;
}
/****************
* Start the gatherer process which writes messages of
* type GATHERER_MSG to pipedes
*/
static void
start_gatherer( int pipefd )
{
FILE *dbgfp = NULL;
int dbgall;
{
const char *s = getenv("GNUPG_RNDUNIX_DBG");
if( s ) {
dbgfp = (*s=='-' && !s[1])? stdout : fopen(s, "a");
if( !dbgfp )
g10_log_info("can't open debug file `%s': %s\n",
s, strerror(errno) );
else
fprintf(dbgfp,"\nSTART RNDUNIX DEBUG pid=%d\n", (int)getpid());
}
dbgall = !!getenv("GNUPG_RNDUNIX_DBGALL");
}
/* close all files but the ones we need */
{ int nmax, n1, n2, i;
#ifdef _SC_OPEN_MAX
if( (nmax=sysconf( _SC_OPEN_MAX )) < 0 ) {
#ifdef _POSIX_OPEN_MAX
nmax = _POSIX_OPEN_MAX;
#else
nmax = 20; /* assume a reasonable value */
#endif
}
#else
nmax = 20; /* assume a reasonable value */
#endif
n1 = fileno( stderr );
n2 = dbgfp? fileno( dbgfp ) : -1;
for(i=0; i < nmax; i++ ) {
if( i != n1 && i != n2 && i != pipefd )
close(i);
}
errno = 0;
}
/* Set up the buffer */
gather_buffer_size = GATHER_BUFSIZE;
gather_buffer = malloc( gather_buffer_size );
if( !gather_buffer ) {
g10_log_error("out of core while allocating the gatherer buffer\n");
exit(2);
}
/* Reset the SIGC(H)LD handler to the system default. This is necessary
* because if the program which cryptlib is a part of installs its own
* SIGC(H)LD handler, it will end up reaping the cryptlib children before
* cryptlib can. As a result, my_pclose() will call waitpid() on a
* process which has already been reaped by the installed handler and
* return an error, so the read data won't be added to the randomness
* pool. There are two types of SIGC(H)LD naming, the SysV SIGCLD and
* the BSD/Posix SIGCHLD, so we need to handle either possibility */
#ifdef SIGCLD
signal(SIGCLD, SIG_DFL);
#else
signal(SIGCHLD, SIG_DFL);
#endif
fclose(stderr); /* Arrghh!! It's Stuart code!! */
for(;;) {
GATHER_MSG msg;
size_t nbytes;
const char *p;
msg.usefulness = slow_poll( dbgfp, dbgall, &nbytes );
p = gather_buffer;
while( nbytes ) {
msg.ndata = nbytes > sizeof(msg.data)? sizeof(msg.data) : nbytes;
memcpy( msg.data, p, msg.ndata );
nbytes -= msg.ndata;
p += msg.ndata;
while( write( pipefd, &msg, sizeof(msg) ) != sizeof(msg) ) {
if( errno == EINTR )
continue;
if( errno == EAGAIN ) {
struct timeval tv;
tv.tv_sec = 0;
tv.tv_usec = 50000;
select(0, NULL, NULL, NULL, &tv);
continue;
}
if( errno == EPIPE ) /* parent has exited, so give up */
exit(0);
/* we can't do very much here because stderr is closed */
if( dbgfp )
fprintf(dbgfp, "gatherer can't write to pipe: %s\n",
strerror(errno) );
/* we start a new poll to give the system some time */
nbytes = 0;
break;
}
}
}
/* we are killed when the parent dies */
}
static int
read_a_msg( int fd, GATHER_MSG *msg )
{
char *buffer = (char*)msg;
size_t length = sizeof( *msg );
int n;
do {
do {
n = read(fd, buffer, length );
} while( n == -1 && errno == EINTR );
if( n == -1 )
return -1;
buffer += n;
length -= n;
} while( length );
return 0;
}
/****************
* Using a level of 0 should never block and better add nothing
* to the pool. So this is just a dummy for this gatherer.
*/
-static int
-gather_random( void (*add)(const void*, size_t, int), int requester,
- size_t length, int level )
+int
+rndunix_gather_random( void (*add)(const void*, size_t, int), int requester,
+ size_t length, int level )
{
static pid_t gatherer_pid = 0;
static int pipedes[2];
GATHER_MSG msg;
size_t n;
if( !level )
return 0;
if( !gatherer_pid ) {
/* make sure we are not setuid */
if( getuid() != geteuid() )
BUG();
/* time to start the gatherer process */
if( pipe( pipedes ) ) {
g10_log_error("pipe() failed: %s\n", strerror(errno));
return -1;
}
gatherer_pid = fork();
if( gatherer_pid == -1 ) {
g10_log_error("can't for gatherer process: %s\n", strerror(errno));
return -1;
}
if( !gatherer_pid ) {
start_gatherer( pipedes[1] );
/* oops, can't happen */
return -1;
}
}
/* now read from the gatherer */
while( length ) {
int goodness;
ulong subtract;
if( read_a_msg( pipedes[0], &msg ) ) {
g10_log_error("reading from gatherer pipe failed: %s\n",
strerror(errno));
return -1;
}
if( level > 1 ) {
if( msg.usefulness > 30 )
goodness = 100;
else if ( msg.usefulness )
goodness = msg.usefulness * 100 / 30;
else
goodness = 0;
}
else if( level ) {
if( msg.usefulness > 15 )
goodness = 100;
else if ( msg.usefulness )
goodness = msg.usefulness * 100 / 15;
else
goodness = 0;
}
else
goodness = 100; /* goodness of level 0 is always 100 % */
n = msg.ndata;
if( n > length )
n = length;
(*add)( msg.data, n, requester );
/* this is the trick how e cope with the goodness */
subtract = (ulong)n * goodness / 100;
/* subtract at least 1 byte to avoid infinite loops */
length -= subtract ? subtract : 1;
}
return 0;
}
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "RNDUNIX ($Revision$)";
-
-
-static struct {
- int class;
- int version;
- int (*func)(void);
-} func_table[] = {
- { 40, 1, (int (*)(void))gather_random },
-};
-
-/****************
- * Enumerate the names of the functions together with informations about
- * this function. Set sequence to an integer with a initial value of 0 and
- * do not change it.
- * If what is 0 all kind of functions are returned.
- * Return values: class := class of function:
- * 10 = message digest algorithm info function
- * 11 = integer with available md algorithms
- * 20 = cipher algorithm info function
- * 21 = integer with available cipher algorithms
- * 30 = public key algorithm info function
- * 31 = integer with available pubkey algorithms
- * 40 = get read_random_source() function
- * 41 = get fast_random_poll function
- * version = interface version of the function/pointer
- * (currently this is 1 for all functions)
- */
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if ( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- ret = func_table[i].func;
- i++;
- } while ( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-#ifndef IS_MODULE
-void
-rndunix_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version,
- gnupgext_enum_func );
-}
-#endif
-
-
+#endif /*USE_RNDUNIX*/
diff --git a/cipher/rndw32.c b/cipher/rndw32.c
index f58d45866..87aa20878 100644
--- a/cipher/rndw32.c
+++ b/cipher/rndw32.c
@@ -1,972 +1,704 @@
/* rndw32.c - W32 entropy gatherer
- * Copyright (C) 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
* Copyright Peter Gutmann, Matt Thomlinson and Blake Coverett 1996-1999
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*
*************************************************************************
* The code here is based on code from Cryptlib 3.0 beta by Peter Gutmann.
* Source file misc/rndwin32.c "Win32 Randomness-Gathering Code" with this
* copyright notice:
*
* This module is part of the cryptlib continuously seeded pseudorandom
* number generator. For usage conditions, see lib_rand.c
*
* [Here is the notice from lib_rand.c, which is now called dev_sys.c]
*
* This module and the misc/rnd*.c modules represent the cryptlib
* continuously seeded pseudorandom number generator (CSPRNG) as described in
* my 1998 Usenix Security Symposium paper "The generation of random numbers
* for cryptographic purposes".
*
* The CSPRNG code is copyright Peter Gutmann (and various others) 1996,
* 1997, 1998, 1999, all rights reserved. Redistribution of the CSPRNG
* modules and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice
* and this permission notice in its entirety.
*
* 2. Redistributions in binary form must reproduce the copyright notice in
* the documentation and/or other materials provided with the distribution.
*
* 3. A copy of any bugfixes or enhancements made must be provided to the
* author, <pgut001@cs.auckland.ac.nz> to allow them to be added to the
* baseline version of the code.
*
* ALTERNATIVELY, the code may be distributed under the terms of the GNU
* General Public License, version 2 or any later version published by the
* Free Software Foundation, in which case the provisions of the GNU GPL are
* required INSTEAD OF the above restrictions.
*
* Although not required under the terms of the GPL, it would still be nice if
* you could make any changes available to the author to allow a consistent
* code base to be maintained
*************************************************************************
*/
#include <config.h>
+
+#ifdef USE_RNDW32
+
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <errno.h>
#include <string.h>
#include <windows.h>
#ifdef __CYGWIN32__
# include <winioctl.h>
#endif
#include "types.h"
#include "util.h"
-#include "dynload.h"
-
-/* We do not use the netropy DLL anymore because a standalone program is
- * easier to maintain and */
-/*#define USE_ENTROPY_DLL*/
+#include "algorithms.h"
-
-
-#ifdef IS_MODULE
- #define _(a) (a)
-#else
- #include "i18n.h"
-#endif
+#include "i18n.h"
static int debug_me;
-#ifdef USE_ENTROPY_DLL
-
-#define WIN32_SLOW_SEEDER 0
-#define WIN32_FAST_SEEDER 1
-
-#define PCP_SUCCESS 0
-#define PCP_NULL_POINTER 1
-#define PCP_SEEDER_FAILED 2
-#define PCP_SEEDER_NO_MEM 3
-#define PCP_SEEDER_TOO_SMALL 4
-#define PCP_DLL_LOAD_FAILED 5
-#define PCP_UNKNOWN_PLATFORM 6
-#define PCP_ERROR_VERSION 7
-#define PCP_DLL_FUNC 8
-#define PCP_UNKNOWN_SEEDER_TYPE 9
-
-
-/****************
- * We sometimes get a SEEDER_TOO_SMALL error, in which case we increment
- * the internal buffer by SEEDER_INC_CHUNK until we reach MAX_SEEDER_SIZE
- * MAX_SEEDER_SIZE is used as an arbitrary limit to protect against
- * bugs in Winseed.
- */
-#define MAX_SEEDER_SIZE 500000
-#define SEEDER_INC_CHUNK 50000
-
-
-typedef void *WIN32_SEEDER;
-
-static WIN32_SEEDER (WINAPI *create_instance)( byte type, unsigned int *reason);
-static void (WINAPI *delete_instance)( WIN32_SEEDER that );
-static unsigned int (WINAPI *get_internal_seed_size)( WIN32_SEEDER that );
-static void (WINAPI *set_internal_seed_size)( WIN32_SEEDER that,
- unsigned int new_size);
-static unsigned int (WINAPI *get_expected_seed_size)( WIN32_SEEDER that);
-static unsigned int (WINAPI *get_seed)( WIN32_SEEDER that, byte *buffer,
- unsigned int *desired_length);
-
-static WIN32_SEEDER slow_seeder, fast_seeder;
-static byte *entropy_buffer;
-static size_t entropy_buffer_size;
-
-/****************
- * Load and initialize the winseed DLL
- * NOTE: winseed is not part of the GnuPG distribution. It should be available
- * at the GNU crypto FTP server site.
- * We do not load the DLL on demand to have a better control over the
- * location of the library.
- */
-static void
-load_and_init_winseed( void )
-{
- HANDLE hInstance;
- void *addr;
- unsigned int reason = 0;
- unsigned int n1, n2;
- const char *dllname;
-
- dllname = read_w32_registry_string( "HKEY_LOCAL_MACHINE",
- "Software\\GNU\\GnuPG",
- "EntropyDLL" );
- if( !dllname )
- dllname = "c:/gnupg/entropy.dll";
-
- hInstance = LoadLibrary( dllname );
- if( !hInstance )
- goto failure;
- if( !(addr = GetProcAddress( hInstance, "WS_create_instance" )) )
- goto failure;
- create_instance = addr;
- if( !(addr = GetProcAddress( hInstance, "WS_delete_instance" )) )
- goto failure;
- delete_instance = addr;
- if( !(addr = GetProcAddress( hInstance, "WS_get_internal_seed_size" )) )
- goto failure;
- get_internal_seed_size = addr;
- if( !(addr = GetProcAddress( hInstance, "WS_set_internal_seed_size" )) )
- goto failure;
- set_internal_seed_size = addr;
- if( !(addr = GetProcAddress( hInstance, "WS_get_expected_seed_size" )) )
- goto failure;
- get_expected_seed_size = addr;
- if( !(addr = GetProcAddress( hInstance, "WS_get_seed" )) )
- goto failure;
- get_seed = addr;
-
- /* we have all the functions - init the system */
- slow_seeder = create_instance( WIN32_SLOW_SEEDER, &reason);
- if( !slow_seeder ) {
- g10_log_fatal("error creating winseed slow seeder: rc=%u\n", reason );
- goto failure;
- }
- fast_seeder = create_instance( WIN32_FAST_SEEDER, &reason);
- if( !fast_seeder ) {
- g10_log_fatal("error creating winseed fast seeder: rc=%u\n", reason );
- goto failure;
- }
- n1 = get_internal_seed_size( slow_seeder );
- /*g10_log_info("slow buffer size=%u\n", n1);*/
- n2 = get_internal_seed_size( fast_seeder );
- /*g10_log_info("fast buffer size=%u\n", n2);*/
-
- entropy_buffer_size = n1 > n2? n1: n2;
- entropy_buffer = m_alloc( entropy_buffer_size );
- /*g10_log_info("using a buffer of size=%u\n", entropy_buffer_size );*/
-
- return;
-
- failure:
- g10_log_fatal("error loading winseed DLL `%s'\n", dllname );
-}
-
-
-
-
-
-/* Note: we always use the highest level.
- * TO boost the performance we may want to add some
- * additional code for level 1
- */
-static int
-gather_random( void (*add)(const void*, size_t, int), int requester,
- size_t length, int level )
-{
- unsigned int result;
- unsigned int nbytes;
-
- if( !level )
- return 0;
-
- if( !slow_seeder )
- load_and_init_winseed();
-
- /* Our estimation on how much entropy we should use is very vague.
- * Winseed delivers some amount of entropy on each slow poll and
- * we add it to our random pool. Depending on the required quality
- * level we adjust the requested length so that for higher quality
- * we make sure to add more entropy to our pool. However, as we don't
- * like to waste any entropy collected by winseed, we always add
- * at least everything we got from winseed.
- */
- if( level > 1 )
- length *= 100;
- else if( level > 0 )
- length *= 10;
-
- for(;;) {
- nbytes = entropy_buffer_size;
- result = get_seed( slow_seeder, entropy_buffer, &nbytes);
- if( result == PCP_SEEDER_TOO_SMALL ) {
- unsigned int n1 = get_internal_seed_size( slow_seeder );
-
- if( n1 > MAX_SEEDER_SIZE ) {
- g10_log_fatal("rndw32: internal seeder problem (size=%u)\n",
- n1);
- return -1; /* actually never reached */
- }
- n1 += SEEDER_INC_CHUNK;
- set_internal_seed_size( slow_seeder, n1 );
- if( n1 > entropy_buffer_size ) {
- entropy_buffer_size = n1;
- entropy_buffer = m_realloc( entropy_buffer,
- entropy_buffer_size );
- }
- continue;
- }
-
-
- if( result ) {
- g10_log_fatal("rndw32: get_seed(slow) failed: rc=%u\n", result);
- return -1; /* actually never reached */
- }
- /*g10_log_info("rndw32: slow poll level %d, need %u, got %u\n",
- level, (unsigned int)length, (unsigned int)nbytes );*/
- (*add)( entropy_buffer, nbytes, requester );
- if( length <= nbytes )
- return 0; /* okay */
- length -= nbytes;
- }
-}
-
-static int
-gather_random_fast( void (*add)(const void*, size_t, int), int requester )
-{
- unsigned int result;
- unsigned int nbytes;
-
- if( !fast_seeder )
- load_and_init_winseed();
-
- /* winseed delivers a constant ammount of entropy for a fast
- * poll. We can simply use this and add it to the pool; no need
- * a loop like it is used in the slow poll */
- nbytes = entropy_buffer_size;
- result = get_seed( fast_seeder, entropy_buffer, &nbytes);
- if( result ) {
- g10_log_fatal("rndw32: get_seed(fast) failed: rc=%u\n", result);
- return -1; /* actually never reached */
- }
- /*g10_log_info("rndw32: fast poll got %u\n", (unsigned int)nbytes );*/
- (*add)( entropy_buffer, nbytes, requester );
- return 0;
-}
-
-#else /* !USE_ENTROPY_DLL */
-/* This is the new code which does not require the entropy.dll */
-
/*
* Definitions which are missing from the current GNU Windows32Api
*/
#ifndef TH32CS_SNAPHEAPLIST
#define TH32CS_SNAPHEAPLIST 1
#define TH32CS_SNAPPROCESS 2
#define TH32CS_SNAPTHREAD 4
#define TH32CS_SNAPMODULE 8
#define TH32CS_SNAPALL (1|2|4|8)
#define TH32CS_INHERIT 0x80000000
#endif /*TH32CS_SNAPHEAPLIST*/
#ifndef IOCTL_DISK_PERFORMANCE
#define IOCTL_DISK_PERFORMANCE 0x00070020
#endif
#ifndef VER_PLATFORM_WIN32_WINDOWS
#define VER_PLATFORM_WIN32_WINDOWS 1
#endif
#define SIZEOF_DISK_PERFORMANCE_STRUCT (6*8+5*4+8*2)
typedef struct {
DWORD dwSize;
DWORD th32ProcessID;
DWORD th32HeapID;
DWORD dwFlags;
} HEAPLIST32;
typedef struct {
DWORD dwSize;
HANDLE hHandle;
DWORD dwAddress;
DWORD dwBlockSize;
DWORD dwFlags;
DWORD dwLockCount;
DWORD dwResvd;
DWORD th32ProcessID;
DWORD th32HeapID;
} HEAPENTRY32;
typedef struct {
DWORD dwSize;
DWORD cntUsage;
DWORD th32ProcessID;
DWORD th32DefaultHeapID;
DWORD th32ModuleID;
DWORD cntThreads;
DWORD th32ParentProcessID;
LONG pcPriClassBase;
DWORD dwFlags;
char szExeFile[260];
} PROCESSENTRY32;
typedef struct {
DWORD dwSize;
DWORD cntUsage;
DWORD th32ThreadID;
DWORD th32OwnerProcessID;
LONG tpBasePri;
LONG tpDeltaPri;
DWORD dwFlags;
} THREADENTRY32;
typedef struct {
DWORD dwSize;
DWORD th32ModuleID;
DWORD th32ProcessID;
DWORD GlblcntUsage;
DWORD ProccntUsage;
BYTE *modBaseAddr;
DWORD modBaseSize;
HMODULE hModule;
char szModule[256];
char szExePath[260];
} MODULEENTRY32;
/* Type definitions for function pointers to call Toolhelp32 functions
* used with the windows95 gatherer */
typedef BOOL (WINAPI * MODULEWALK) (HANDLE hSnapshot, MODULEENTRY32 *lpme);
typedef BOOL (WINAPI * THREADWALK) (HANDLE hSnapshot, THREADENTRY32 *lpte);
typedef BOOL (WINAPI * PROCESSWALK) (HANDLE hSnapshot, PROCESSENTRY32 *lppe);
typedef BOOL (WINAPI * HEAPLISTWALK) (HANDLE hSnapshot, HEAPLIST32 *lphl);
typedef BOOL (WINAPI * HEAPFIRST) (HEAPENTRY32 *lphe, DWORD th32ProcessID,
DWORD th32HeapID);
typedef BOOL (WINAPI * HEAPNEXT) (HEAPENTRY32 *lphe);
typedef HANDLE (WINAPI * CREATESNAPSHOT) (DWORD dwFlags, DWORD th32ProcessID);
/* Type definitions for function pointers to call NetAPI32 functions */
typedef DWORD (WINAPI * NETSTATISTICSGET) (LPWSTR szServer, LPWSTR szService,
DWORD dwLevel, DWORD dwOptions,
LPBYTE * lpBuffer);
typedef DWORD (WINAPI * NETAPIBUFFERSIZE) (LPVOID lpBuffer, LPDWORD cbBuffer);
typedef DWORD (WINAPI * NETAPIBUFFERFREE) (LPVOID lpBuffer);
/* When we query the performance counters, we allocate an initial buffer and
* then reallocate it as required until RegQueryValueEx() stops returning
* ERROR_MORE_DATA. The following values define the initial buffer size and
* step size by which the buffer is increased
*/
#define PERFORMANCE_BUFFER_SIZE 65536 /* Start at 64K */
#define PERFORMANCE_BUFFER_STEP 16384 /* Step by 16K */
static void
slow_gatherer_windows95( void (*add)(const void*, size_t, int), int requester )
{
static CREATESNAPSHOT pCreateToolhelp32Snapshot = NULL;
static MODULEWALK pModule32First = NULL;
static MODULEWALK pModule32Next = NULL;
static PROCESSWALK pProcess32First = NULL;
static PROCESSWALK pProcess32Next = NULL;
static THREADWALK pThread32First = NULL;
static THREADWALK pThread32Next = NULL;
static HEAPLISTWALK pHeap32ListFirst = NULL;
static HEAPLISTWALK pHeap32ListNext = NULL;
static HEAPFIRST pHeap32First = NULL;
static HEAPNEXT pHeap32Next = NULL;
HANDLE hSnapshot;
/* initialize the Toolhelp32 function pointers */
if ( !pCreateToolhelp32Snapshot ) {
HANDLE hKernel;
if ( debug_me )
log_debug ("rndw32#slow_gatherer_95: init toolkit\n" );
/* Obtain the module handle of the kernel to retrieve the addresses
* of the Toolhelp32 functions */
if ( ( !(hKernel = GetModuleHandle ("KERNEL32.DLL"))) ) {
g10_log_fatal ( "rndw32: can't get module handle\n" );
}
/* Now get pointers to the functions */
pCreateToolhelp32Snapshot = (CREATESNAPSHOT) GetProcAddress (hKernel,
"CreateToolhelp32Snapshot");
pModule32First = (MODULEWALK) GetProcAddress (hKernel, "Module32First");
pModule32Next = (MODULEWALK) GetProcAddress (hKernel, "Module32Next");
pProcess32First = (PROCESSWALK) GetProcAddress (hKernel,
"Process32First");
pProcess32Next = (PROCESSWALK) GetProcAddress (hKernel,
"Process32Next");
pThread32First = (THREADWALK) GetProcAddress (hKernel, "Thread32First");
pThread32Next = (THREADWALK) GetProcAddress (hKernel, "Thread32Next");
pHeap32ListFirst = (HEAPLISTWALK) GetProcAddress (hKernel,
"Heap32ListFirst");
pHeap32ListNext = (HEAPLISTWALK) GetProcAddress (hKernel,
"Heap32ListNext");
pHeap32First = (HEAPFIRST) GetProcAddress (hKernel, "Heap32First");
pHeap32Next = (HEAPNEXT) GetProcAddress (hKernel, "Heap32Next");
if ( !pCreateToolhelp32Snapshot
|| !pModule32First || !pModule32Next
|| !pProcess32First || !pProcess32Next
|| !pThread32First || !pThread32Next
|| !pHeap32ListFirst || !pHeap32ListNext
|| !pHeap32First || !pHeap32Next ) {
g10_log_fatal ( "rndw32: failed to get a toolhep function\n" );
}
}
/* Take a snapshot of everything we can get to which is currently
* in the system */
if ( !(hSnapshot = pCreateToolhelp32Snapshot (TH32CS_SNAPALL, 0)) ) {
g10_log_fatal ( "rndw32: failed to take a toolhelp snapshot\n" );
}
/* Walk through the local heap */
{ HEAPLIST32 hl32;
hl32.dwSize = sizeof (HEAPLIST32);
if (pHeap32ListFirst (hSnapshot, &hl32)) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_95: walk heap\n" );
do {
HEAPENTRY32 he32;
/* First add the information from the basic Heaplist32 struct */
(*add) ( &hl32, sizeof (hl32), requester );
/* Now walk through the heap blocks getting information
* on each of them */
he32.dwSize = sizeof (HEAPENTRY32);
if (pHeap32First (&he32, hl32.th32ProcessID, hl32.th32HeapID)){
do {
(*add) ( &he32, sizeof (he32), requester );
} while (pHeap32Next (&he32));
}
} while (pHeap32ListNext (hSnapshot, &hl32));
}
}
/* Walk through all processes */
{ PROCESSENTRY32 pe32;
pe32.dwSize = sizeof (PROCESSENTRY32);
if (pProcess32First (hSnapshot, &pe32)) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_95: walk processes\n" );
do {
(*add) ( &pe32, sizeof (pe32), requester );
} while (pProcess32Next (hSnapshot, &pe32));
}
}
/* Walk through all threads */
{ THREADENTRY32 te32;
te32.dwSize = sizeof (THREADENTRY32);
if (pThread32First (hSnapshot, &te32)) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_95: walk threads\n" );
do {
(*add) ( &te32, sizeof (te32), requester );
} while (pThread32Next (hSnapshot, &te32));
}
}
/* Walk through all modules associated with the process */
{ MODULEENTRY32 me32;
me32.dwSize = sizeof (MODULEENTRY32);
if (pModule32First (hSnapshot, &me32)) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_95: walk modules\n" );
do {
(*add) ( &me32, sizeof (me32), requester );
} while (pModule32Next (hSnapshot, &me32));
}
}
CloseHandle (hSnapshot);
}
static void
slow_gatherer_windowsNT( void (*add)(const void*, size_t, int), int requester )
{
static int is_initialized = 0;
static NETSTATISTICSGET pNetStatisticsGet = NULL;
static NETAPIBUFFERSIZE pNetApiBufferSize = NULL;
static NETAPIBUFFERFREE pNetApiBufferFree = NULL;
static int is_workstation = 1;
static int cbPerfData = PERFORMANCE_BUFFER_SIZE;
PERF_DATA_BLOCK *pPerfData;
HANDLE hDevice, hNetAPI32 = NULL;
DWORD dwSize, status;
int nDrive;
if ( !is_initialized ) {
HKEY hKey;
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: init toolkit\n" );
/* Find out whether this is an NT server or workstation if necessary */
if (RegOpenKeyEx (HKEY_LOCAL_MACHINE,
"SYSTEM\\CurrentControlSet\\Control\\ProductOptions",
0, KEY_READ, &hKey) == ERROR_SUCCESS) {
BYTE szValue[32];
dwSize = sizeof (szValue);
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: check product options\n" );
status = RegQueryValueEx (hKey, "ProductType", 0, NULL,
szValue, &dwSize);
if (status == ERROR_SUCCESS
&& ascii_strcasecmp (szValue, "WinNT")) {
/* Note: There are (at least) three cases for ProductType:
* WinNT = NT Workstation, ServerNT = NT Server, LanmanNT =
* NT Server acting as a Domain Controller */
is_workstation = 0;
if ( debug_me )
log_debug ("rndw32: this is a NT server\n");
}
RegCloseKey (hKey);
}
/* Initialize the NetAPI32 function pointers if necessary */
if ( (hNetAPI32 = LoadLibrary ("NETAPI32.DLL")) ) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: netapi32 loaded\n" );
pNetStatisticsGet = (NETSTATISTICSGET) GetProcAddress (hNetAPI32,
"NetStatisticsGet");
pNetApiBufferSize = (NETAPIBUFFERSIZE) GetProcAddress (hNetAPI32,
"NetApiBufferSize");
pNetApiBufferFree = (NETAPIBUFFERFREE) GetProcAddress (hNetAPI32,
"NetApiBufferFree");
if ( !pNetStatisticsGet
|| !pNetApiBufferSize || !pNetApiBufferFree ) {
FreeLibrary (hNetAPI32);
hNetAPI32 = NULL;
g10_log_debug ("rndw32: No NETAPI found\n" );
}
}
is_initialized = 1;
}
/* Get network statistics. Note: Both NT Workstation and NT Server by
* default will be running both the workstation and server services. The
* heuristic below is probably useful though on the assumption that the
* majority of the network traffic will be via the appropriate service.
* In any case the network statistics return almost no randomness */
{ LPBYTE lpBuffer;
if (hNetAPI32 && !pNetStatisticsGet (NULL,
is_workstation ? L"LanmanWorkstation" :
L"LanmanServer", 0, 0, &lpBuffer) ) {
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: get netstats\n" );
pNetApiBufferSize (lpBuffer, &dwSize);
(*add) ( lpBuffer, dwSize,requester );
pNetApiBufferFree (lpBuffer);
}
}
/* Get disk I/O statistics for all the hard drives */
for (nDrive = 0;; nDrive++) {
char diskPerformance[SIZEOF_DISK_PERFORMANCE_STRUCT];
char szDevice[50];
/* Check whether we can access this device */
sprintf (szDevice, "\\\\.\\PhysicalDrive%d", nDrive);
hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, OPEN_EXISTING, 0, NULL);
if (hDevice == INVALID_HANDLE_VALUE)
break;
/* Note: This only works if you have turned on the disk performance
* counters with 'diskperf -y'. These counters are off by default */
if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0,
diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
&dwSize, NULL))
{
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: iostats drive %d\n",
nDrive );
(*add) (diskPerformance, dwSize, requester );
}
else {
log_info ("NOTE: you should run 'diskperf -y' "
"to enable the disk statistics\n");
}
CloseHandle (hDevice);
}
#if 0 /* we don't need this in GnuPG */
/* Wait for any async keyset driver binding to complete. You may be
* wondering what this call is doing here... the reason it's necessary is
* because RegQueryValueEx() will hang indefinitely if the async driver
* bind is in progress. The problem occurs in the dynamic loading and
* linking of driver DLL's, which work as follows:
*
* hDriver = LoadLibrary( DRIVERNAME );
* pFunction1 = ( TYPE_FUNC1 ) GetProcAddress( hDriver, NAME_FUNC1 );
* pFunction2 = ( TYPE_FUNC1 ) GetProcAddress( hDriver, NAME_FUNC2 );
*
* If RegQueryValueEx() is called while the GetProcAddress()'s are in
* progress, it will hang indefinitely. This is probably due to some
* synchronisation problem in the NT kernel where the GetProcAddress()
* calls affect something like a module reference count or function
* reference count while RegQueryValueEx() is trying to take a snapshot
* of the statistics, which include the reference counts. Because of
* this, we have to wait until any async driver bind has completed
* before we can call RegQueryValueEx() */
waitSemaphore (SEMAPHORE_DRIVERBIND);
#endif
/* Get information from the system performance counters. This can take
* a few seconds to do. In some environments the call to
* RegQueryValueEx() can produce an access violation at some random time
* in the future, adding a short delay after the following code block
* makes the problem go away. This problem is extremely difficult to
* reproduce, I haven't been able to get it to occur despite running it
* on a number of machines. The best explanation for the problem is that
* on the machine where it did occur, it was caused by an external driver
* or other program which adds its own values under the
* HKEY_PERFORMANCE_DATA key. The NT kernel calls the required external
* modules to map in the data, if there's a synchronisation problem the
* external module would write its data at an inappropriate moment,
* causing the access violation. A low-level memory checker indicated
* that ExpandEnvironmentStrings() in KERNEL32.DLL, called an
* interminable number of calls down inside RegQueryValueEx(), was
* overwriting memory (it wrote twice the allocated size of a buffer to a
* buffer allocated by the NT kernel). This may be what's causing the
* problem, but since it's in the kernel there isn't much which can be
* done.
*
* In addition to these problems the code in RegQueryValueEx() which
* estimates the amount of memory required to return the performance
* counter information isn't very accurate, since it always returns a
* worst-case estimate which is usually nowhere near the actual amount
* required. For example it may report that 128K of memory is required,
* but only return 64K of data */
{ pPerfData = m_alloc (cbPerfData);
for (;;) {
dwSize = cbPerfData;
if ( debug_me )
log_debug ("rndw32#slow_gatherer_nt: get perf data\n" );
status = RegQueryValueEx (HKEY_PERFORMANCE_DATA, "Global", NULL,
NULL, (LPBYTE) pPerfData, &dwSize);
if (status == ERROR_SUCCESS) {
if (!memcmp (pPerfData->Signature, L"PERF", 8)) {
(*add) ( pPerfData, dwSize, requester );
}
else
g10_log_debug ( "rndw32: no PERF signature\n");
break;
}
else if (status == ERROR_MORE_DATA) {
cbPerfData += PERFORMANCE_BUFFER_STEP;
pPerfData = m_realloc (pPerfData, cbPerfData);
}
else {
g10_log_debug ( "rndw32: get performance data problem\n");
break;
}
}
m_free (pPerfData);
}
/* Although this isn't documented in the Win32 API docs, it's necessary
to explicitly close the HKEY_PERFORMANCE_DATA key after use (it's
implicitly opened on the first call to RegQueryValueEx()). If this
isn't done then any system components which provide performance data
can't be removed or changed while the handle remains active */
RegCloseKey (HKEY_PERFORMANCE_DATA);
}
-static int
-gather_random( void (*add)(const void*, size_t, int), int requester,
- size_t length, int level )
+int
+rndw32_gather_random (void (*add)(const void*, size_t, int), int requester,
+ size_t length, int level )
{
static int is_initialized;
static int is_windowsNT, has_toolhelp;
if( !level )
return 0;
/* We don't differentiate between level 1 and 2 here because
* there is no nternal entropy pool as a scary resource. It may
* all work slower, but because our entropy source will never
* block but deliver some not easy to measure entropy, we assume level 2
*/
if ( !is_initialized ) {
OSVERSIONINFO osvi = { sizeof( osvi ) };
DWORD platform;
GetVersionEx( &osvi );
platform = osvi.dwPlatformId;
is_windowsNT = platform == VER_PLATFORM_WIN32_NT;
has_toolhelp = (platform == VER_PLATFORM_WIN32_WINDOWS
|| (is_windowsNT && osvi.dwMajorVersion >= 5));
if ( platform == VER_PLATFORM_WIN32s ) {
g10_log_fatal("can't run on a W32s platform\n" );
}
is_initialized = 1;
if ( debug_me )
log_debug ("rndw32#gather_random: platform=%d\n", (int)platform );
}
if ( debug_me )
log_debug ("rndw32#gather_random: req=%d len=%u lvl=%d\n",
requester, (unsigned int)length, level );
if ( has_toolhelp ) {
slow_gatherer_windows95 ( add, requester );
}
if ( is_windowsNT ) {
slow_gatherer_windowsNT ( add, requester );
}
return 0;
}
-static int
-gather_random_fast( void (*add)(const void*, size_t, int), int requester )
+int
+rndw32_gather_random_fast( void (*add)(const void*, size_t, int), int requester )
{
static int addedFixedItems = 0;
if ( debug_me )
log_debug ("rndw32#gather_random_fast: req=%d\n", requester );
/* Get various basic pieces of system information: Handle of active
* window, handle of window with mouse capture, handle of clipboard owner
* handle of start of clpboard viewer list, pseudohandle of current
* process, current process ID, pseudohandle of current thread, current
* thread ID, handle of desktop window, handle of window with keyboard
* focus, whether system queue has any events, cursor position for last
* message, 1 ms time for last message, handle of window with clipboard
* open, handle of process heap, handle of procs window station, types of
* events in input queue, and milliseconds since Windows was started */
{ byte buffer[20*sizeof(ulong)], *bufptr;
bufptr = buffer;
#define ADD(f) do { ulong along = (ulong)(f); \
memcpy (bufptr, &along, sizeof (along) ); \
bufptr += sizeof (along); } while (0)
ADD ( GetActiveWindow ());
ADD ( GetCapture ());
ADD ( GetClipboardOwner ());
ADD ( GetClipboardViewer ());
ADD ( GetCurrentProcess ());
ADD ( GetCurrentProcessId ());
ADD ( GetCurrentThread ());
ADD ( GetCurrentThreadId ());
ADD ( GetDesktopWindow ());
ADD ( GetFocus ());
ADD ( GetInputState ());
ADD ( GetMessagePos ());
ADD ( GetMessageTime ());
ADD ( GetOpenClipboardWindow ());
ADD ( GetProcessHeap ());
ADD ( GetProcessWindowStation ());
ADD ( GetQueueStatus (QS_ALLEVENTS));
ADD ( GetTickCount ());
assert ( bufptr-buffer < sizeof (buffer) );
(*add) ( buffer, bufptr-buffer, requester );
#undef ADD
}
/* Get multiword system information: Current caret position, current
* mouse cursor position */
{ POINT point;
GetCaretPos (&point);
(*add) ( &point, sizeof (point), requester );
GetCursorPos (&point);
(*add) ( &point, sizeof (point), requester );
}
/* Get percent of memory in use, bytes of physical memory, bytes of free
* physical memory, bytes in paging file, free bytes in paging file, user
* bytes of address space, and free user bytes */
{ MEMORYSTATUS memoryStatus;
memoryStatus.dwLength = sizeof (MEMORYSTATUS);
GlobalMemoryStatus (&memoryStatus);
(*add) ( &memoryStatus, sizeof (memoryStatus), requester );
}
/* Get thread and process creation time, exit time, time in kernel mode,
and time in user mode in 100ns intervals */
{ HANDLE handle;
FILETIME creationTime, exitTime, kernelTime, userTime;
DWORD minimumWorkingSetSize, maximumWorkingSetSize;
handle = GetCurrentThread ();
GetThreadTimes (handle, &creationTime, &exitTime,
&kernelTime, &userTime);
(*add) ( &creationTime, sizeof (creationTime), requester );
(*add) ( &exitTime, sizeof (exitTime), requester );
(*add) ( &kernelTime, sizeof (kernelTime), requester );
(*add) ( &userTime, sizeof (userTime), requester );
handle = GetCurrentProcess ();
GetProcessTimes (handle, &creationTime, &exitTime,
&kernelTime, &userTime);
(*add) ( &creationTime, sizeof (creationTime), requester );
(*add) ( &exitTime, sizeof (exitTime), requester );
(*add) ( &kernelTime, sizeof (kernelTime), requester );
(*add) ( &userTime, sizeof (userTime), requester );
/* Get the minimum and maximum working set size for the current process */
GetProcessWorkingSetSize (handle, &minimumWorkingSetSize,
&maximumWorkingSetSize);
(*add) ( &minimumWorkingSetSize,
sizeof (&minimumWorkingSetSize), requester );
(*add) ( &maximumWorkingSetSize,
sizeof (&maximumWorkingSetSize), requester );
}
/* The following are fixed for the lifetime of the process so we only
* add them once */
if (!addedFixedItems) {
STARTUPINFO startupInfo;
/* Get name of desktop, console window title, new window position and
* size, window flags, and handles for stdin, stdout, and stderr */
startupInfo.cb = sizeof (STARTUPINFO);
GetStartupInfo (&startupInfo);
(*add) ( &startupInfo, sizeof (STARTUPINFO), requester );
addedFixedItems = 1;
}
/* The performance of QPC varies depending on the architecture it's
* running on and on the OS. Under NT it reads the CPU's 64-bit timestamp
* counter (at least on a Pentium and newer '486's, it hasn't been tested
* on anything without a TSC), under Win95 it reads the 1.193180 MHz PIC
* timer. There are vague mumblings in the docs that it may fail if the
* appropriate hardware isn't available (possibly '386's or MIPS machines
* running NT), but who's going to run NT on a '386? */
{ LARGE_INTEGER performanceCount;
if (QueryPerformanceCounter (&performanceCount)) {
if ( debug_me )
log_debug ("rndw32#gather_random_fast: perf data\n");
(*add) (&performanceCount, sizeof (&performanceCount), requester);
}
else { /* Millisecond accuracy at best... */
DWORD aword = GetTickCount ();
(*add) (&aword, sizeof (aword), requester );
}
}
return 0;
}
-
-
-
-#endif /* !USE_ENTROPY_DLL */
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "RNDW32 ($Revision$)";
-
-static struct {
- int class;
- int version;
- void *func;
-} func_table[] = {
- { 40, 1, gather_random },
- { 41, 1, gather_random_fast },
-};
-
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- debug_me = !!getenv("DEBUG_RNDW32");
-
- do {
- if ( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- ret = func_table[i].func;
- i++;
- } while ( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-#ifndef IS_MODULE
-void
-rndw32_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version,
- gnupgext_enum_func );
-}
-#endif
-
+#endif /*USE_RNDW32*/
diff --git a/cipher/sha1.c b/cipher/sha1.c
index 77749e4ee..06ca2532b 100644
--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@@ -1,425 +1,359 @@
/* sha1.c - SHA1 hash function
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* Please see below for more legal information!
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* Test vectors:
*
* "abc"
* A999 3E36 4706 816A BA3E 2571 7850 C26C 9CD0 D89D
*
* "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
* 8498 3E44 1C3B D26E BAAE 4AA1 F951 29E5 E546 70F1
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
-#include "dynload.h"
+#include "algorithms.h"
#include "bithelp.h"
typedef struct {
u32 h0,h1,h2,h3,h4;
u32 nblocks;
byte buf[64];
int count;
} SHA1_CONTEXT;
static void
burn_stack (int bytes)
{
char buf[128];
memset (buf, 0, sizeof buf);
bytes -= sizeof buf;
if (bytes > 0)
burn_stack (bytes);
}
void
sha1_init( SHA1_CONTEXT *hd )
{
hd->h0 = 0x67452301;
hd->h1 = 0xefcdab89;
hd->h2 = 0x98badcfe;
hd->h3 = 0x10325476;
hd->h4 = 0xc3d2e1f0;
hd->nblocks = 0;
hd->count = 0;
}
/****************
* Transform the message X which consists of 16 32-bit-words
*/
static void
transform( SHA1_CONTEXT *hd, byte *data )
{
u32 a,b,c,d,e,tm;
u32 x[16];
/* get values from the chaining vars */
a = hd->h0;
b = hd->h1;
c = hd->h2;
d = hd->h3;
e = hd->h4;
#ifdef BIG_ENDIAN_HOST
memcpy( x, data, 64 );
#else
{ int i;
byte *p2;
for(i=0, p2=(byte*)x; i < 16; i++, p2 += 4 ) {
p2[3] = *data++;
p2[2] = *data++;
p2[1] = *data++;
p2[0] = *data++;
}
}
#endif
#define K1 0x5A827999L
#define K2 0x6ED9EBA1L
#define K3 0x8F1BBCDCL
#define K4 0xCA62C1D6L
#define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) )
#define F2(x,y,z) ( x ^ y ^ z )
#define F3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) )
#define F4(x,y,z) ( x ^ y ^ z )
#define M(i) ( tm = x[i&0x0f] ^ x[(i-14)&0x0f] \
^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f] \
, (x[i&0x0f] = rol(tm,1)) )
#define R(a,b,c,d,e,f,k,m) do { e += rol( a, 5 ) \
+ f( b, c, d ) \
+ k \
+ m; \
b = rol( b, 30 ); \
} while(0)
R( a, b, c, d, e, F1, K1, x[ 0] );
R( e, a, b, c, d, F1, K1, x[ 1] );
R( d, e, a, b, c, F1, K1, x[ 2] );
R( c, d, e, a, b, F1, K1, x[ 3] );
R( b, c, d, e, a, F1, K1, x[ 4] );
R( a, b, c, d, e, F1, K1, x[ 5] );
R( e, a, b, c, d, F1, K1, x[ 6] );
R( d, e, a, b, c, F1, K1, x[ 7] );
R( c, d, e, a, b, F1, K1, x[ 8] );
R( b, c, d, e, a, F1, K1, x[ 9] );
R( a, b, c, d, e, F1, K1, x[10] );
R( e, a, b, c, d, F1, K1, x[11] );
R( d, e, a, b, c, F1, K1, x[12] );
R( c, d, e, a, b, F1, K1, x[13] );
R( b, c, d, e, a, F1, K1, x[14] );
R( a, b, c, d, e, F1, K1, x[15] );
R( e, a, b, c, d, F1, K1, M(16) );
R( d, e, a, b, c, F1, K1, M(17) );
R( c, d, e, a, b, F1, K1, M(18) );
R( b, c, d, e, a, F1, K1, M(19) );
R( a, b, c, d, e, F2, K2, M(20) );
R( e, a, b, c, d, F2, K2, M(21) );
R( d, e, a, b, c, F2, K2, M(22) );
R( c, d, e, a, b, F2, K2, M(23) );
R( b, c, d, e, a, F2, K2, M(24) );
R( a, b, c, d, e, F2, K2, M(25) );
R( e, a, b, c, d, F2, K2, M(26) );
R( d, e, a, b, c, F2, K2, M(27) );
R( c, d, e, a, b, F2, K2, M(28) );
R( b, c, d, e, a, F2, K2, M(29) );
R( a, b, c, d, e, F2, K2, M(30) );
R( e, a, b, c, d, F2, K2, M(31) );
R( d, e, a, b, c, F2, K2, M(32) );
R( c, d, e, a, b, F2, K2, M(33) );
R( b, c, d, e, a, F2, K2, M(34) );
R( a, b, c, d, e, F2, K2, M(35) );
R( e, a, b, c, d, F2, K2, M(36) );
R( d, e, a, b, c, F2, K2, M(37) );
R( c, d, e, a, b, F2, K2, M(38) );
R( b, c, d, e, a, F2, K2, M(39) );
R( a, b, c, d, e, F3, K3, M(40) );
R( e, a, b, c, d, F3, K3, M(41) );
R( d, e, a, b, c, F3, K3, M(42) );
R( c, d, e, a, b, F3, K3, M(43) );
R( b, c, d, e, a, F3, K3, M(44) );
R( a, b, c, d, e, F3, K3, M(45) );
R( e, a, b, c, d, F3, K3, M(46) );
R( d, e, a, b, c, F3, K3, M(47) );
R( c, d, e, a, b, F3, K3, M(48) );
R( b, c, d, e, a, F3, K3, M(49) );
R( a, b, c, d, e, F3, K3, M(50) );
R( e, a, b, c, d, F3, K3, M(51) );
R( d, e, a, b, c, F3, K3, M(52) );
R( c, d, e, a, b, F3, K3, M(53) );
R( b, c, d, e, a, F3, K3, M(54) );
R( a, b, c, d, e, F3, K3, M(55) );
R( e, a, b, c, d, F3, K3, M(56) );
R( d, e, a, b, c, F3, K3, M(57) );
R( c, d, e, a, b, F3, K3, M(58) );
R( b, c, d, e, a, F3, K3, M(59) );
R( a, b, c, d, e, F4, K4, M(60) );
R( e, a, b, c, d, F4, K4, M(61) );
R( d, e, a, b, c, F4, K4, M(62) );
R( c, d, e, a, b, F4, K4, M(63) );
R( b, c, d, e, a, F4, K4, M(64) );
R( a, b, c, d, e, F4, K4, M(65) );
R( e, a, b, c, d, F4, K4, M(66) );
R( d, e, a, b, c, F4, K4, M(67) );
R( c, d, e, a, b, F4, K4, M(68) );
R( b, c, d, e, a, F4, K4, M(69) );
R( a, b, c, d, e, F4, K4, M(70) );
R( e, a, b, c, d, F4, K4, M(71) );
R( d, e, a, b, c, F4, K4, M(72) );
R( c, d, e, a, b, F4, K4, M(73) );
R( b, c, d, e, a, F4, K4, M(74) );
R( a, b, c, d, e, F4, K4, M(75) );
R( e, a, b, c, d, F4, K4, M(76) );
R( d, e, a, b, c, F4, K4, M(77) );
R( c, d, e, a, b, F4, K4, M(78) );
R( b, c, d, e, a, F4, K4, M(79) );
/* update chainig vars */
hd->h0 += a;
hd->h1 += b;
hd->h2 += c;
hd->h3 += d;
hd->h4 += e;
}
/* Update the message digest with the contents
* of INBUF with length INLEN.
*/
static void
sha1_write( SHA1_CONTEXT *hd, byte *inbuf, size_t inlen)
{
if( hd->count == 64 ) { /* flush the buffer */
transform( hd, hd->buf );
burn_stack (88+4*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->count ) {
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
sha1_write( hd, NULL, 0 );
if( !inlen )
return;
}
while( inlen >= 64 ) {
transform( hd, inbuf );
hd->count = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
burn_stack (88+4*sizeof(void*));
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
}
/* The routine final terminates the computation and
* returns the digest.
* The handle is prepared for a new cycle, but adding bytes to the
* handle will the destroy the returned buffer.
* Returns: 20 bytes representing the digest.
*/
static void
sha1_final(SHA1_CONTEXT *hd)
{
u32 t, msb, lsb;
byte *p;
sha1_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a byte count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) { /* enough room */
hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else { /* need one extra block */
hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
sha1_write(hd, NULL, 0); /* flush */;
memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = msb >> 24;
hd->buf[57] = msb >> 16;
hd->buf[58] = msb >> 8;
hd->buf[59] = msb ;
hd->buf[60] = lsb >> 24;
hd->buf[61] = lsb >> 16;
hd->buf[62] = lsb >> 8;
hd->buf[63] = lsb ;
transform( hd, hd->buf );
burn_stack (88+4*sizeof(void*));
p = hd->buf;
#ifdef BIG_ENDIAN_HOST
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
#else /* little endian */
#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
*p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0)
#endif
X(0);
X(1);
X(2);
X(3);
X(4);
#undef X
}
static byte *
sha1_read( SHA1_CONTEXT *hd )
{
return hd->buf;
}
/****************
* Return some information about the algorithm. We need algo here to
* distinguish different flavors of the algorithm.
* Returns: A pointer to string describing the algorithm or NULL if
* the ALGO is invalid.
*/
-static const char *
+const char *
sha1_get_info( int algo, size_t *contextsize,
byte **r_asnoid, int *r_asnlen, int *r_mdlen,
void (**r_init)( void *c ),
void (**r_write)( void *c, byte *buf, size_t nbytes ),
void (**r_final)( void *c ),
byte *(**r_read)( void *c )
)
{
static byte asn[15] = /* Object ID is 1.3.14.3.2.26 */
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
if( algo != 2 )
return NULL;
*contextsize = sizeof(SHA1_CONTEXT);
*r_asnoid = asn;
*r_asnlen = DIM(asn);
*r_mdlen = 20;
*(void (**)(SHA1_CONTEXT *))r_init = sha1_init;
*(void (**)(SHA1_CONTEXT *, byte*, size_t))r_write = sha1_write;
*(void (**)(SHA1_CONTEXT *))r_final = sha1_final;
*(byte *(**)(SHA1_CONTEXT *))r_read = sha1_read;
return "SHA1";
}
-
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "SHA1 ($Revision$)";
-
-static struct {
- int class;
- int version;
- int value;
- void (*func)(void);
-} func_table[] = {
- { 10, 1, 0, (void(*)(void))sha1_get_info },
- { 11, 1, 2 },
-};
-
-
-#ifndef IS_MODULE
-static
-#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if( i >= DIM(func_table) || i < 0 ) {
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- switch( *class ) {
- case 11:
- case 21:
- case 31:
- ret = &func_table[i].value;
- break;
- default:
-#ifndef __riscos__
- ret = func_table[i].func;
-#else /* __riscos__ */
- ret = (void *) func_table[i].func;
-#endif /* __riscos__ */
- break;
- }
- i++;
- } while( what && what != *class );
-
- *sequence = i;
- return ret;
-}
-
-
-
-
-#ifndef IS_MODULE
-void
-sha1_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version, gnupgext_enum_func );
-}
-#endif
-
diff --git a/cipher/tiger.c b/cipher/tiger.c
index 6da715d48..b5e8a8aad 100644
--- a/cipher/tiger.c
+++ b/cipher/tiger.c
@@ -1,1008 +1,932 @@
/* tiger.c - The TIGER hash function
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
-
+#include "algorithms.h"
#ifdef HAVE_U64_TYPEDEF
/* we really need it here, but as this is only experiment we
* can live without Tiger */
typedef struct {
u64 a, b, c;
byte buf[64];
int count;
u32 nblocks;
} TIGER_CONTEXT;
/*********************************
* Okay, okay, this is not the fastest code - improvements are welcome.
*
*/
/* Some test vectors:
* "" 24F0130C63AC9332 16166E76B1BB925F F373DE2D49584E7A
* "abc" F258C1E88414AB2A 527AB541FFC5B8BF 935F7B951C132951
* "Tiger" 9F00F599072300DD 276ABB38C8EB6DEC 37790C116F9D2BDF
* "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"
* 87FB2A9083851CF7 470D2CF810E6DF9E B586445034A5A386
* "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789"
* 467DB80863EBCE48 8DF1CD1261655DE9 57896565975F9197
* "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham"
* 0C410A042968868A 1671DA5A3FD29A72 5EC1E457D3CDB303
* "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proc"
* "eedings of Fast Software Encryption 3, Cambridge."
* EBF591D5AFA655CE 7F22894FF87F54AC 89C811B6B0DA3193
* "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proc"
* "eedings of Fast Software Encryption 3, Cambridge, 1996."
* 3D9AEB03D1BD1A63 57B2774DFD6D5B24 DD68151D503974FC
* "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEF"
* "GHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"
* 00B83EB4E53440C5 76AC6AAEE0A74858 25FD15E70A59FFE4
*/
static u64 sbox1[256] = {
0x02aab17cf7e90c5eLL /* 0 */, 0xac424b03e243a8ecLL /* 1 */,
0x72cd5be30dd5fcd3LL /* 2 */, 0x6d019b93f6f97f3aLL /* 3 */,
0xcd9978ffd21f9193LL /* 4 */, 0x7573a1c9708029e2LL /* 5 */,
0xb164326b922a83c3LL /* 6 */, 0x46883eee04915870LL /* 7 */,
0xeaace3057103ece6LL /* 8 */, 0xc54169b808a3535cLL /* 9 */,
0x4ce754918ddec47cLL /* 10 */, 0x0aa2f4dfdc0df40cLL /* 11 */,
0x10b76f18a74dbefaLL /* 12 */, 0xc6ccb6235ad1ab6aLL /* 13 */,
0x13726121572fe2ffLL /* 14 */, 0x1a488c6f199d921eLL /* 15 */,
0x4bc9f9f4da0007caLL /* 16 */, 0x26f5e6f6e85241c7LL /* 17 */,
0x859079dbea5947b6LL /* 18 */, 0x4f1885c5c99e8c92LL /* 19 */,
0xd78e761ea96f864bLL /* 20 */, 0x8e36428c52b5c17dLL /* 21 */,
0x69cf6827373063c1LL /* 22 */, 0xb607c93d9bb4c56eLL /* 23 */,
0x7d820e760e76b5eaLL /* 24 */, 0x645c9cc6f07fdc42LL /* 25 */,
0xbf38a078243342e0LL /* 26 */, 0x5f6b343c9d2e7d04LL /* 27 */,
0xf2c28aeb600b0ec6LL /* 28 */, 0x6c0ed85f7254bcacLL /* 29 */,
0x71592281a4db4fe5LL /* 30 */, 0x1967fa69ce0fed9fLL /* 31 */,
0xfd5293f8b96545dbLL /* 32 */, 0xc879e9d7f2a7600bLL /* 33 */,
0x860248920193194eLL /* 34 */, 0xa4f9533b2d9cc0b3LL /* 35 */,
0x9053836c15957613LL /* 36 */, 0xdb6dcf8afc357bf1LL /* 37 */,
0x18beea7a7a370f57LL /* 38 */, 0x037117ca50b99066LL /* 39 */,
0x6ab30a9774424a35LL /* 40 */, 0xf4e92f02e325249bLL /* 41 */,
0x7739db07061ccae1LL /* 42 */, 0xd8f3b49ceca42a05LL /* 43 */,
0xbd56be3f51382f73LL /* 44 */, 0x45faed5843b0bb28LL /* 45 */,
0x1c813d5c11bf1f83LL /* 46 */, 0x8af0e4b6d75fa169LL /* 47 */,
0x33ee18a487ad9999LL /* 48 */, 0x3c26e8eab1c94410LL /* 49 */,
0xb510102bc0a822f9LL /* 50 */, 0x141eef310ce6123bLL /* 51 */,
0xfc65b90059ddb154LL /* 52 */, 0xe0158640c5e0e607LL /* 53 */,
0x884e079826c3a3cfLL /* 54 */, 0x930d0d9523c535fdLL /* 55 */,
0x35638d754e9a2b00LL /* 56 */, 0x4085fccf40469dd5LL /* 57 */,
0xc4b17ad28be23a4cLL /* 58 */, 0xcab2f0fc6a3e6a2eLL /* 59 */,
0x2860971a6b943fcdLL /* 60 */, 0x3dde6ee212e30446LL /* 61 */,
0x6222f32ae01765aeLL /* 62 */, 0x5d550bb5478308feLL /* 63 */,
0xa9efa98da0eda22aLL /* 64 */, 0xc351a71686c40da7LL /* 65 */,
0x1105586d9c867c84LL /* 66 */, 0xdcffee85fda22853LL /* 67 */,
0xccfbd0262c5eef76LL /* 68 */, 0xbaf294cb8990d201LL /* 69 */,
0xe69464f52afad975LL /* 70 */, 0x94b013afdf133e14LL /* 71 */,
0x06a7d1a32823c958LL /* 72 */, 0x6f95fe5130f61119LL /* 73 */,
0xd92ab34e462c06c0LL /* 74 */, 0xed7bde33887c71d2LL /* 75 */,
0x79746d6e6518393eLL /* 76 */, 0x5ba419385d713329LL /* 77 */,
0x7c1ba6b948a97564LL /* 78 */, 0x31987c197bfdac67LL /* 79 */,
0xde6c23c44b053d02LL /* 80 */, 0x581c49fed002d64dLL /* 81 */,
0xdd474d6338261571LL /* 82 */, 0xaa4546c3e473d062LL /* 83 */,
0x928fce349455f860LL /* 84 */, 0x48161bbacaab94d9LL /* 85 */,
0x63912430770e6f68LL /* 86 */, 0x6ec8a5e602c6641cLL /* 87 */,
0x87282515337ddd2bLL /* 88 */, 0x2cda6b42034b701bLL /* 89 */,
0xb03d37c181cb096dLL /* 90 */, 0xe108438266c71c6fLL /* 91 */,
0x2b3180c7eb51b255LL /* 92 */, 0xdf92b82f96c08bbcLL /* 93 */,
0x5c68c8c0a632f3baLL /* 94 */, 0x5504cc861c3d0556LL /* 95 */,
0xabbfa4e55fb26b8fLL /* 96 */, 0x41848b0ab3baceb4LL /* 97 */,
0xb334a273aa445d32LL /* 98 */, 0xbca696f0a85ad881LL /* 99 */,
0x24f6ec65b528d56cLL /* 100 */, 0x0ce1512e90f4524aLL /* 101 */,
0x4e9dd79d5506d35aLL /* 102 */, 0x258905fac6ce9779LL /* 103 */,
0x2019295b3e109b33LL /* 104 */, 0xf8a9478b73a054ccLL /* 105 */,
0x2924f2f934417eb0LL /* 106 */, 0x3993357d536d1bc4LL /* 107 */,
0x38a81ac21db6ff8bLL /* 108 */, 0x47c4fbf17d6016bfLL /* 109 */,
0x1e0faadd7667e3f5LL /* 110 */, 0x7abcff62938beb96LL /* 111 */,
0xa78dad948fc179c9LL /* 112 */, 0x8f1f98b72911e50dLL /* 113 */,
0x61e48eae27121a91LL /* 114 */, 0x4d62f7ad31859808LL /* 115 */,
0xeceba345ef5ceaebLL /* 116 */, 0xf5ceb25ebc9684ceLL /* 117 */,
0xf633e20cb7f76221LL /* 118 */, 0xa32cdf06ab8293e4LL /* 119 */,
0x985a202ca5ee2ca4LL /* 120 */, 0xcf0b8447cc8a8fb1LL /* 121 */,
0x9f765244979859a3LL /* 122 */, 0xa8d516b1a1240017LL /* 123 */,
0x0bd7ba3ebb5dc726LL /* 124 */, 0xe54bca55b86adb39LL /* 125 */,
0x1d7a3afd6c478063LL /* 126 */, 0x519ec608e7669eddLL /* 127 */,
0x0e5715a2d149aa23LL /* 128 */, 0x177d4571848ff194LL /* 129 */,
0xeeb55f3241014c22LL /* 130 */, 0x0f5e5ca13a6e2ec2LL /* 131 */,
0x8029927b75f5c361LL /* 132 */, 0xad139fabc3d6e436LL /* 133 */,
0x0d5df1a94ccf402fLL /* 134 */, 0x3e8bd948bea5dfc8LL /* 135 */,
0xa5a0d357bd3ff77eLL /* 136 */, 0xa2d12e251f74f645LL /* 137 */,
0x66fd9e525e81a082LL /* 138 */, 0x2e0c90ce7f687a49LL /* 139 */,
0xc2e8bcbeba973bc5LL /* 140 */, 0x000001bce509745fLL /* 141 */,
0x423777bbe6dab3d6LL /* 142 */, 0xd1661c7eaef06eb5LL /* 143 */,
0xa1781f354daacfd8LL /* 144 */, 0x2d11284a2b16affcLL /* 145 */,
0xf1fc4f67fa891d1fLL /* 146 */, 0x73ecc25dcb920adaLL /* 147 */,
0xae610c22c2a12651LL /* 148 */, 0x96e0a810d356b78aLL /* 149 */,
0x5a9a381f2fe7870fLL /* 150 */, 0xd5ad62ede94e5530LL /* 151 */,
0xd225e5e8368d1427LL /* 152 */, 0x65977b70c7af4631LL /* 153 */,
0x99f889b2de39d74fLL /* 154 */, 0x233f30bf54e1d143LL /* 155 */,
0x9a9675d3d9a63c97LL /* 156 */, 0x5470554ff334f9a8LL /* 157 */,
0x166acb744a4f5688LL /* 158 */, 0x70c74caab2e4aeadLL /* 159 */,
0xf0d091646f294d12LL /* 160 */, 0x57b82a89684031d1LL /* 161 */,
0xefd95a5a61be0b6bLL /* 162 */, 0x2fbd12e969f2f29aLL /* 163 */,
0x9bd37013feff9fe8LL /* 164 */, 0x3f9b0404d6085a06LL /* 165 */,
0x4940c1f3166cfe15LL /* 166 */, 0x09542c4dcdf3defbLL /* 167 */,
0xb4c5218385cd5ce3LL /* 168 */, 0xc935b7dc4462a641LL /* 169 */,
0x3417f8a68ed3b63fLL /* 170 */, 0xb80959295b215b40LL /* 171 */,
0xf99cdaef3b8c8572LL /* 172 */, 0x018c0614f8fcb95dLL /* 173 */,
0x1b14accd1a3acdf3LL /* 174 */, 0x84d471f200bb732dLL /* 175 */,
0xc1a3110e95e8da16LL /* 176 */, 0x430a7220bf1a82b8LL /* 177 */,
0xb77e090d39df210eLL /* 178 */, 0x5ef4bd9f3cd05e9dLL /* 179 */,
0x9d4ff6da7e57a444LL /* 180 */, 0xda1d60e183d4a5f8LL /* 181 */,
0xb287c38417998e47LL /* 182 */, 0xfe3edc121bb31886LL /* 183 */,
0xc7fe3ccc980ccbefLL /* 184 */, 0xe46fb590189bfd03LL /* 185 */,
0x3732fd469a4c57dcLL /* 186 */, 0x7ef700a07cf1ad65LL /* 187 */,
0x59c64468a31d8859LL /* 188 */, 0x762fb0b4d45b61f6LL /* 189 */,
0x155baed099047718LL /* 190 */, 0x68755e4c3d50baa6LL /* 191 */,
0xe9214e7f22d8b4dfLL /* 192 */, 0x2addbf532eac95f4LL /* 193 */,
0x32ae3909b4bd0109LL /* 194 */, 0x834df537b08e3450LL /* 195 */,
0xfa209da84220728dLL /* 196 */, 0x9e691d9b9efe23f7LL /* 197 */,
0x0446d288c4ae8d7fLL /* 198 */, 0x7b4cc524e169785bLL /* 199 */,
0x21d87f0135ca1385LL /* 200 */, 0xcebb400f137b8aa5LL /* 201 */,
0x272e2b66580796beLL /* 202 */, 0x3612264125c2b0deLL /* 203 */,
0x057702bdad1efbb2LL /* 204 */, 0xd4babb8eacf84be9LL /* 205 */,
0x91583139641bc67bLL /* 206 */, 0x8bdc2de08036e024LL /* 207 */,
0x603c8156f49f68edLL /* 208 */, 0xf7d236f7dbef5111LL /* 209 */,
0x9727c4598ad21e80LL /* 210 */, 0xa08a0896670a5fd7LL /* 211 */,
0xcb4a8f4309eba9cbLL /* 212 */, 0x81af564b0f7036a1LL /* 213 */,
0xc0b99aa778199abdLL /* 214 */, 0x959f1ec83fc8e952LL /* 215 */,
0x8c505077794a81b9LL /* 216 */, 0x3acaaf8f056338f0LL /* 217 */,
0x07b43f50627a6778LL /* 218 */, 0x4a44ab49f5eccc77LL /* 219 */,
0x3bc3d6e4b679ee98LL /* 220 */, 0x9cc0d4d1cf14108cLL /* 221 */,
0x4406c00b206bc8a0LL /* 222 */, 0x82a18854c8d72d89LL /* 223 */,
0x67e366b35c3c432cLL /* 224 */, 0xb923dd61102b37f2LL /* 225 */,
0x56ab2779d884271dLL /* 226 */, 0xbe83e1b0ff1525afLL /* 227 */,
0xfb7c65d4217e49a9LL /* 228 */, 0x6bdbe0e76d48e7d4LL /* 229 */,
0x08df828745d9179eLL /* 230 */, 0x22ea6a9add53bd34LL /* 231 */,
0xe36e141c5622200aLL /* 232 */, 0x7f805d1b8cb750eeLL /* 233 */,
0xafe5c7a59f58e837LL /* 234 */, 0xe27f996a4fb1c23cLL /* 235 */,
0xd3867dfb0775f0d0LL /* 236 */, 0xd0e673de6e88891aLL /* 237 */,
0x123aeb9eafb86c25LL /* 238 */, 0x30f1d5d5c145b895LL /* 239 */,
0xbb434a2dee7269e7LL /* 240 */, 0x78cb67ecf931fa38LL /* 241 */,
0xf33b0372323bbf9cLL /* 242 */, 0x52d66336fb279c74LL /* 243 */,
0x505f33ac0afb4eaaLL /* 244 */, 0xe8a5cd99a2cce187LL /* 245 */,
0x534974801e2d30bbLL /* 246 */, 0x8d2d5711d5876d90LL /* 247 */,
0x1f1a412891bc038eLL /* 248 */, 0xd6e2e71d82e56648LL /* 249 */,
0x74036c3a497732b7LL /* 250 */, 0x89b67ed96361f5abLL /* 251 */,
0xffed95d8f1ea02a2LL /* 252 */, 0xe72b3bd61464d43dLL /* 253 */,
0xa6300f170bdc4820LL /* 254 */, 0xebc18760ed78a77aLL /* 255 */
};
static u64 sbox2[256] = {
0xe6a6be5a05a12138LL /* 256 */, 0xb5a122a5b4f87c98LL /* 257 */,
0x563c6089140b6990LL /* 258 */, 0x4c46cb2e391f5dd5LL /* 259 */,
0xd932addbc9b79434LL /* 260 */, 0x08ea70e42015aff5LL /* 261 */,
0xd765a6673e478cf1LL /* 262 */, 0xc4fb757eab278d99LL /* 263 */,
0xdf11c6862d6e0692LL /* 264 */, 0xddeb84f10d7f3b16LL /* 265 */,
0x6f2ef604a665ea04LL /* 266 */, 0x4a8e0f0ff0e0dfb3LL /* 267 */,
0xa5edeef83dbcba51LL /* 268 */, 0xfc4f0a2a0ea4371eLL /* 269 */,
0xe83e1da85cb38429LL /* 270 */, 0xdc8ff882ba1b1ce2LL /* 271 */,
0xcd45505e8353e80dLL /* 272 */, 0x18d19a00d4db0717LL /* 273 */,
0x34a0cfeda5f38101LL /* 274 */, 0x0be77e518887caf2LL /* 275 */,
0x1e341438b3c45136LL /* 276 */, 0xe05797f49089ccf9LL /* 277 */,
0xffd23f9df2591d14LL /* 278 */, 0x543dda228595c5cdLL /* 279 */,
0x661f81fd99052a33LL /* 280 */, 0x8736e641db0f7b76LL /* 281 */,
0x15227725418e5307LL /* 282 */, 0xe25f7f46162eb2faLL /* 283 */,
0x48a8b2126c13d9feLL /* 284 */, 0xafdc541792e76eeaLL /* 285 */,
0x03d912bfc6d1898fLL /* 286 */, 0x31b1aafa1b83f51bLL /* 287 */,
0xf1ac2796e42ab7d9LL /* 288 */, 0x40a3a7d7fcd2ebacLL /* 289 */,
0x1056136d0afbbcc5LL /* 290 */, 0x7889e1dd9a6d0c85LL /* 291 */,
0xd33525782a7974aaLL /* 292 */, 0xa7e25d09078ac09bLL /* 293 */,
0xbd4138b3eac6edd0LL /* 294 */, 0x920abfbe71eb9e70LL /* 295 */,
0xa2a5d0f54fc2625cLL /* 296 */, 0xc054e36b0b1290a3LL /* 297 */,
0xf6dd59ff62fe932bLL /* 298 */, 0x3537354511a8ac7dLL /* 299 */,
0xca845e9172fadcd4LL /* 300 */, 0x84f82b60329d20dcLL /* 301 */,
0x79c62ce1cd672f18LL /* 302 */, 0x8b09a2add124642cLL /* 303 */,
0xd0c1e96a19d9e726LL /* 304 */, 0x5a786a9b4ba9500cLL /* 305 */,
0x0e020336634c43f3LL /* 306 */, 0xc17b474aeb66d822LL /* 307 */,
0x6a731ae3ec9baac2LL /* 308 */, 0x8226667ae0840258LL /* 309 */,
0x67d4567691caeca5LL /* 310 */, 0x1d94155c4875adb5LL /* 311 */,
0x6d00fd985b813fdfLL /* 312 */, 0x51286efcb774cd06LL /* 313 */,
0x5e8834471fa744afLL /* 314 */, 0xf72ca0aee761ae2eLL /* 315 */,
0xbe40e4cdaee8e09aLL /* 316 */, 0xe9970bbb5118f665LL /* 317 */,
0x726e4beb33df1964LL /* 318 */, 0x703b000729199762LL /* 319 */,
0x4631d816f5ef30a7LL /* 320 */, 0xb880b5b51504a6beLL /* 321 */,
0x641793c37ed84b6cLL /* 322 */, 0x7b21ed77f6e97d96LL /* 323 */,
0x776306312ef96b73LL /* 324 */, 0xae528948e86ff3f4LL /* 325 */,
0x53dbd7f286a3f8f8LL /* 326 */, 0x16cadce74cfc1063LL /* 327 */,
0x005c19bdfa52c6ddLL /* 328 */, 0x68868f5d64d46ad3LL /* 329 */,
0x3a9d512ccf1e186aLL /* 330 */, 0x367e62c2385660aeLL /* 331 */,
0xe359e7ea77dcb1d7LL /* 332 */, 0x526c0773749abe6eLL /* 333 */,
0x735ae5f9d09f734bLL /* 334 */, 0x493fc7cc8a558ba8LL /* 335 */,
0xb0b9c1533041ab45LL /* 336 */, 0x321958ba470a59bdLL /* 337 */,
0x852db00b5f46c393LL /* 338 */, 0x91209b2bd336b0e5LL /* 339 */,
0x6e604f7d659ef19fLL /* 340 */, 0xb99a8ae2782ccb24LL /* 341 */,
0xccf52ab6c814c4c7LL /* 342 */, 0x4727d9afbe11727bLL /* 343 */,
0x7e950d0c0121b34dLL /* 344 */, 0x756f435670ad471fLL /* 345 */,
0xf5add442615a6849LL /* 346 */, 0x4e87e09980b9957aLL /* 347 */,
0x2acfa1df50aee355LL /* 348 */, 0xd898263afd2fd556LL /* 349 */,
0xc8f4924dd80c8fd6LL /* 350 */, 0xcf99ca3d754a173aLL /* 351 */,
0xfe477bacaf91bf3cLL /* 352 */, 0xed5371f6d690c12dLL /* 353 */,
0x831a5c285e687094LL /* 354 */, 0xc5d3c90a3708a0a4LL /* 355 */,
0x0f7f903717d06580LL /* 356 */, 0x19f9bb13b8fdf27fLL /* 357 */,
0xb1bd6f1b4d502843LL /* 358 */, 0x1c761ba38fff4012LL /* 359 */,
0x0d1530c4e2e21f3bLL /* 360 */, 0x8943ce69a7372c8aLL /* 361 */,
0xe5184e11feb5ce66LL /* 362 */, 0x618bdb80bd736621LL /* 363 */,
0x7d29bad68b574d0bLL /* 364 */, 0x81bb613e25e6fe5bLL /* 365 */,
0x071c9c10bc07913fLL /* 366 */, 0xc7beeb7909ac2d97LL /* 367 */,
0xc3e58d353bc5d757LL /* 368 */, 0xeb017892f38f61e8LL /* 369 */,
0xd4effb9c9b1cc21aLL /* 370 */, 0x99727d26f494f7abLL /* 371 */,
0xa3e063a2956b3e03LL /* 372 */, 0x9d4a8b9a4aa09c30LL /* 373 */,
0x3f6ab7d500090fb4LL /* 374 */, 0x9cc0f2a057268ac0LL /* 375 */,
0x3dee9d2dedbf42d1LL /* 376 */, 0x330f49c87960a972LL /* 377 */,
0xc6b2720287421b41LL /* 378 */, 0x0ac59ec07c00369cLL /* 379 */,
0xef4eac49cb353425LL /* 380 */, 0xf450244eef0129d8LL /* 381 */,
0x8acc46e5caf4deb6LL /* 382 */, 0x2ffeab63989263f7LL /* 383 */,
0x8f7cb9fe5d7a4578LL /* 384 */, 0x5bd8f7644e634635LL /* 385 */,
0x427a7315bf2dc900LL /* 386 */, 0x17d0c4aa2125261cLL /* 387 */,
0x3992486c93518e50LL /* 388 */, 0xb4cbfee0a2d7d4c3LL /* 389 */,
0x7c75d6202c5ddd8dLL /* 390 */, 0xdbc295d8e35b6c61LL /* 391 */,
0x60b369d302032b19LL /* 392 */, 0xce42685fdce44132LL /* 393 */,
0x06f3ddb9ddf65610LL /* 394 */, 0x8ea4d21db5e148f0LL /* 395 */,
0x20b0fce62fcd496fLL /* 396 */, 0x2c1b912358b0ee31LL /* 397 */,
0xb28317b818f5a308LL /* 398 */, 0xa89c1e189ca6d2cfLL /* 399 */,
0x0c6b18576aaadbc8LL /* 400 */, 0xb65deaa91299fae3LL /* 401 */,
0xfb2b794b7f1027e7LL /* 402 */, 0x04e4317f443b5bebLL /* 403 */,
0x4b852d325939d0a6LL /* 404 */, 0xd5ae6beefb207ffcLL /* 405 */,
0x309682b281c7d374LL /* 406 */, 0xbae309a194c3b475LL /* 407 */,
0x8cc3f97b13b49f05LL /* 408 */, 0x98a9422ff8293967LL /* 409 */,
0x244b16b01076ff7cLL /* 410 */, 0xf8bf571c663d67eeLL /* 411 */,
0x1f0d6758eee30da1LL /* 412 */, 0xc9b611d97adeb9b7LL /* 413 */,
0xb7afd5887b6c57a2LL /* 414 */, 0x6290ae846b984fe1LL /* 415 */,
0x94df4cdeacc1a5fdLL /* 416 */, 0x058a5bd1c5483affLL /* 417 */,
0x63166cc142ba3c37LL /* 418 */, 0x8db8526eb2f76f40LL /* 419 */,
0xe10880036f0d6d4eLL /* 420 */, 0x9e0523c9971d311dLL /* 421 */,
0x45ec2824cc7cd691LL /* 422 */, 0x575b8359e62382c9LL /* 423 */,
0xfa9e400dc4889995LL /* 424 */, 0xd1823ecb45721568LL /* 425 */,
0xdafd983b8206082fLL /* 426 */, 0xaa7d29082386a8cbLL /* 427 */,
0x269fcd4403b87588LL /* 428 */, 0x1b91f5f728bdd1e0LL /* 429 */,
0xe4669f39040201f6LL /* 430 */, 0x7a1d7c218cf04adeLL /* 431 */,
0x65623c29d79ce5ceLL /* 432 */, 0x2368449096c00bb1LL /* 433 */,
0xab9bf1879da503baLL /* 434 */, 0xbc23ecb1a458058eLL /* 435 */,
0x9a58df01bb401eccLL /* 436 */, 0xa070e868a85f143dLL /* 437 */,
0x4ff188307df2239eLL /* 438 */, 0x14d565b41a641183LL /* 439 */,
0xee13337452701602LL /* 440 */, 0x950e3dcf3f285e09LL /* 441 */,
0x59930254b9c80953LL /* 442 */, 0x3bf299408930da6dLL /* 443 */,
0xa955943f53691387LL /* 444 */, 0xa15edecaa9cb8784LL /* 445 */,
0x29142127352be9a0LL /* 446 */, 0x76f0371fff4e7afbLL /* 447 */,
0x0239f450274f2228LL /* 448 */, 0xbb073af01d5e868bLL /* 449 */,
0xbfc80571c10e96c1LL /* 450 */, 0xd267088568222e23LL /* 451 */,
0x9671a3d48e80b5b0LL /* 452 */, 0x55b5d38ae193bb81LL /* 453 */,
0x693ae2d0a18b04b8LL /* 454 */, 0x5c48b4ecadd5335fLL /* 455 */,
0xfd743b194916a1caLL /* 456 */, 0x2577018134be98c4LL /* 457 */,
0xe77987e83c54a4adLL /* 458 */, 0x28e11014da33e1b9LL /* 459 */,
0x270cc59e226aa213LL /* 460 */, 0x71495f756d1a5f60LL /* 461 */,
0x9be853fb60afef77LL /* 462 */, 0xadc786a7f7443dbfLL /* 463 */,
0x0904456173b29a82LL /* 464 */, 0x58bc7a66c232bd5eLL /* 465 */,
0xf306558c673ac8b2LL /* 466 */, 0x41f639c6b6c9772aLL /* 467 */,
0x216defe99fda35daLL /* 468 */, 0x11640cc71c7be615LL /* 469 */,
0x93c43694565c5527LL /* 470 */, 0xea038e6246777839LL /* 471 */,
0xf9abf3ce5a3e2469LL /* 472 */, 0x741e768d0fd312d2LL /* 473 */,
0x0144b883ced652c6LL /* 474 */, 0xc20b5a5ba33f8552LL /* 475 */,
0x1ae69633c3435a9dLL /* 476 */, 0x97a28ca4088cfdecLL /* 477 */,
0x8824a43c1e96f420LL /* 478 */, 0x37612fa66eeea746LL /* 479 */,
0x6b4cb165f9cf0e5aLL /* 480 */, 0x43aa1c06a0abfb4aLL /* 481 */,
0x7f4dc26ff162796bLL /* 482 */, 0x6cbacc8e54ed9b0fLL /* 483 */,
0xa6b7ffefd2bb253eLL /* 484 */, 0x2e25bc95b0a29d4fLL /* 485 */,
0x86d6a58bdef1388cLL /* 486 */, 0xded74ac576b6f054LL /* 487 */,
0x8030bdbc2b45805dLL /* 488 */, 0x3c81af70e94d9289LL /* 489 */,
0x3eff6dda9e3100dbLL /* 490 */, 0xb38dc39fdfcc8847LL /* 491 */,
0x123885528d17b87eLL /* 492 */, 0xf2da0ed240b1b642LL /* 493 */,
0x44cefadcd54bf9a9LL /* 494 */, 0x1312200e433c7ee6LL /* 495 */,
0x9ffcc84f3a78c748LL /* 496 */, 0xf0cd1f72248576bbLL /* 497 */,
0xec6974053638cfe4LL /* 498 */, 0x2ba7b67c0cec4e4cLL /* 499 */,
0xac2f4df3e5ce32edLL /* 500 */, 0xcb33d14326ea4c11LL /* 501 */,
0xa4e9044cc77e58bcLL /* 502 */, 0x5f513293d934fcefLL /* 503 */,
0x5dc9645506e55444LL /* 504 */, 0x50de418f317de40aLL /* 505 */,
0x388cb31a69dde259LL /* 506 */, 0x2db4a83455820a86LL /* 507 */,
0x9010a91e84711ae9LL /* 508 */, 0x4df7f0b7b1498371LL /* 509 */,
0xd62a2eabc0977179LL /* 510 */, 0x22fac097aa8d5c0eLL /* 511 */
};
static u64 sbox3[256] = {
0xf49fcc2ff1daf39bLL /* 512 */, 0x487fd5c66ff29281LL /* 513 */,
0xe8a30667fcdca83fLL /* 514 */, 0x2c9b4be3d2fcce63LL /* 515 */,
0xda3ff74b93fbbbc2LL /* 516 */, 0x2fa165d2fe70ba66LL /* 517 */,
0xa103e279970e93d4LL /* 518 */, 0xbecdec77b0e45e71LL /* 519 */,
0xcfb41e723985e497LL /* 520 */, 0xb70aaa025ef75017LL /* 521 */,
0xd42309f03840b8e0LL /* 522 */, 0x8efc1ad035898579LL /* 523 */,
0x96c6920be2b2abc5LL /* 524 */, 0x66af4163375a9172LL /* 525 */,
0x2174abdcca7127fbLL /* 526 */, 0xb33ccea64a72ff41LL /* 527 */,
0xf04a4933083066a5LL /* 528 */, 0x8d970acdd7289af5LL /* 529 */,
0x8f96e8e031c8c25eLL /* 530 */, 0xf3fec02276875d47LL /* 531 */,
0xec7bf310056190ddLL /* 532 */, 0xf5adb0aebb0f1491LL /* 533 */,
0x9b50f8850fd58892LL /* 534 */, 0x4975488358b74de8LL /* 535 */,
0xa3354ff691531c61LL /* 536 */, 0x0702bbe481d2c6eeLL /* 537 */,
0x89fb24057deded98LL /* 538 */, 0xac3075138596e902LL /* 539 */,
0x1d2d3580172772edLL /* 540 */, 0xeb738fc28e6bc30dLL /* 541 */,
0x5854ef8f63044326LL /* 542 */, 0x9e5c52325add3bbeLL /* 543 */,
0x90aa53cf325c4623LL /* 544 */, 0xc1d24d51349dd067LL /* 545 */,
0x2051cfeea69ea624LL /* 546 */, 0x13220f0a862e7e4fLL /* 547 */,
0xce39399404e04864LL /* 548 */, 0xd9c42ca47086fcb7LL /* 549 */,
0x685ad2238a03e7ccLL /* 550 */, 0x066484b2ab2ff1dbLL /* 551 */,
0xfe9d5d70efbf79ecLL /* 552 */, 0x5b13b9dd9c481854LL /* 553 */,
0x15f0d475ed1509adLL /* 554 */, 0x0bebcd060ec79851LL /* 555 */,
0xd58c6791183ab7f8LL /* 556 */, 0xd1187c5052f3eee4LL /* 557 */,
0xc95d1192e54e82ffLL /* 558 */, 0x86eea14cb9ac6ca2LL /* 559 */,
0x3485beb153677d5dLL /* 560 */, 0xdd191d781f8c492aLL /* 561 */,
0xf60866baa784ebf9LL /* 562 */, 0x518f643ba2d08c74LL /* 563 */,
0x8852e956e1087c22LL /* 564 */, 0xa768cb8dc410ae8dLL /* 565 */,
0x38047726bfec8e1aLL /* 566 */, 0xa67738b4cd3b45aaLL /* 567 */,
0xad16691cec0dde19LL /* 568 */, 0xc6d4319380462e07LL /* 569 */,
0xc5a5876d0ba61938LL /* 570 */, 0x16b9fa1fa58fd840LL /* 571 */,
0x188ab1173ca74f18LL /* 572 */, 0xabda2f98c99c021fLL /* 573 */,
0x3e0580ab134ae816LL /* 574 */, 0x5f3b05b773645abbLL /* 575 */,
0x2501a2be5575f2f6LL /* 576 */, 0x1b2f74004e7e8ba9LL /* 577 */,
0x1cd7580371e8d953LL /* 578 */, 0x7f6ed89562764e30LL /* 579 */,
0xb15926ff596f003dLL /* 580 */, 0x9f65293da8c5d6b9LL /* 581 */,
0x6ecef04dd690f84cLL /* 582 */, 0x4782275fff33af88LL /* 583 */,
0xe41433083f820801LL /* 584 */, 0xfd0dfe409a1af9b5LL /* 585 */,
0x4325a3342cdb396bLL /* 586 */, 0x8ae77e62b301b252LL /* 587 */,
0xc36f9e9f6655615aLL /* 588 */, 0x85455a2d92d32c09LL /* 589 */,
0xf2c7dea949477485LL /* 590 */, 0x63cfb4c133a39ebaLL /* 591 */,
0x83b040cc6ebc5462LL /* 592 */, 0x3b9454c8fdb326b0LL /* 593 */,
0x56f56a9e87ffd78cLL /* 594 */, 0x2dc2940d99f42bc6LL /* 595 */,
0x98f7df096b096e2dLL /* 596 */, 0x19a6e01e3ad852bfLL /* 597 */,
0x42a99ccbdbd4b40bLL /* 598 */, 0xa59998af45e9c559LL /* 599 */,
0x366295e807d93186LL /* 600 */, 0x6b48181bfaa1f773LL /* 601 */,
0x1fec57e2157a0a1dLL /* 602 */, 0x4667446af6201ad5LL /* 603 */,
0xe615ebcacfb0f075LL /* 604 */, 0xb8f31f4f68290778LL /* 605 */,
0x22713ed6ce22d11eLL /* 606 */, 0x3057c1a72ec3c93bLL /* 607 */,
0xcb46acc37c3f1f2fLL /* 608 */, 0xdbb893fd02aaf50eLL /* 609 */,
0x331fd92e600b9fcfLL /* 610 */, 0xa498f96148ea3ad6LL /* 611 */,
0xa8d8426e8b6a83eaLL /* 612 */, 0xa089b274b7735cdcLL /* 613 */,
0x87f6b3731e524a11LL /* 614 */, 0x118808e5cbc96749LL /* 615 */,
0x9906e4c7b19bd394LL /* 616 */, 0xafed7f7e9b24a20cLL /* 617 */,
0x6509eadeeb3644a7LL /* 618 */, 0x6c1ef1d3e8ef0edeLL /* 619 */,
0xb9c97d43e9798fb4LL /* 620 */, 0xa2f2d784740c28a3LL /* 621 */,
0x7b8496476197566fLL /* 622 */, 0x7a5be3e6b65f069dLL /* 623 */,
0xf96330ed78be6f10LL /* 624 */, 0xeee60de77a076a15LL /* 625 */,
0x2b4bee4aa08b9bd0LL /* 626 */, 0x6a56a63ec7b8894eLL /* 627 */,
0x02121359ba34fef4LL /* 628 */, 0x4cbf99f8283703fcLL /* 629 */,
0x398071350caf30c8LL /* 630 */, 0xd0a77a89f017687aLL /* 631 */,
0xf1c1a9eb9e423569LL /* 632 */, 0x8c7976282dee8199LL /* 633 */,
0x5d1737a5dd1f7abdLL /* 634 */, 0x4f53433c09a9fa80LL /* 635 */,
0xfa8b0c53df7ca1d9LL /* 636 */, 0x3fd9dcbc886ccb77LL /* 637 */,
0xc040917ca91b4720LL /* 638 */, 0x7dd00142f9d1dcdfLL /* 639 */,
0x8476fc1d4f387b58LL /* 640 */, 0x23f8e7c5f3316503LL /* 641 */,
0x032a2244e7e37339LL /* 642 */, 0x5c87a5d750f5a74bLL /* 643 */,
0x082b4cc43698992eLL /* 644 */, 0xdf917becb858f63cLL /* 645 */,
0x3270b8fc5bf86ddaLL /* 646 */, 0x10ae72bb29b5dd76LL /* 647 */,
0x576ac94e7700362bLL /* 648 */, 0x1ad112dac61efb8fLL /* 649 */,
0x691bc30ec5faa427LL /* 650 */, 0xff246311cc327143LL /* 651 */,
0x3142368e30e53206LL /* 652 */, 0x71380e31e02ca396LL /* 653 */,
0x958d5c960aad76f1LL /* 654 */, 0xf8d6f430c16da536LL /* 655 */,
0xc8ffd13f1be7e1d2LL /* 656 */, 0x7578ae66004ddbe1LL /* 657 */,
0x05833f01067be646LL /* 658 */, 0xbb34b5ad3bfe586dLL /* 659 */,
0x095f34c9a12b97f0LL /* 660 */, 0x247ab64525d60ca8LL /* 661 */,
0xdcdbc6f3017477d1LL /* 662 */, 0x4a2e14d4decad24dLL /* 663 */,
0xbdb5e6d9be0a1eebLL /* 664 */, 0x2a7e70f7794301abLL /* 665 */,
0xdef42d8a270540fdLL /* 666 */, 0x01078ec0a34c22c1LL /* 667 */,
0xe5de511af4c16387LL /* 668 */, 0x7ebb3a52bd9a330aLL /* 669 */,
0x77697857aa7d6435LL /* 670 */, 0x004e831603ae4c32LL /* 671 */,
0xe7a21020ad78e312LL /* 672 */, 0x9d41a70c6ab420f2LL /* 673 */,
0x28e06c18ea1141e6LL /* 674 */, 0xd2b28cbd984f6b28LL /* 675 */,
0x26b75f6c446e9d83LL /* 676 */, 0xba47568c4d418d7fLL /* 677 */,
0xd80badbfe6183d8eLL /* 678 */, 0x0e206d7f5f166044LL /* 679 */,
0xe258a43911cbca3eLL /* 680 */, 0x723a1746b21dc0bcLL /* 681 */,
0xc7caa854f5d7cdd3LL /* 682 */, 0x7cac32883d261d9cLL /* 683 */,
0x7690c26423ba942cLL /* 684 */, 0x17e55524478042b8LL /* 685 */,
0xe0be477656a2389fLL /* 686 */, 0x4d289b5e67ab2da0LL /* 687 */,
0x44862b9c8fbbfd31LL /* 688 */, 0xb47cc8049d141365LL /* 689 */,
0x822c1b362b91c793LL /* 690 */, 0x4eb14655fb13dfd8LL /* 691 */,
0x1ecbba0714e2a97bLL /* 692 */, 0x6143459d5cde5f14LL /* 693 */,
0x53a8fbf1d5f0ac89LL /* 694 */, 0x97ea04d81c5e5b00LL /* 695 */,
0x622181a8d4fdb3f3LL /* 696 */, 0xe9bcd341572a1208LL /* 697 */,
0x1411258643cce58aLL /* 698 */, 0x9144c5fea4c6e0a4LL /* 699 */,
0x0d33d06565cf620fLL /* 700 */, 0x54a48d489f219ca1LL /* 701 */,
0xc43e5eac6d63c821LL /* 702 */, 0xa9728b3a72770dafLL /* 703 */,
0xd7934e7b20df87efLL /* 704 */, 0xe35503b61a3e86e5LL /* 705 */,
0xcae321fbc819d504LL /* 706 */, 0x129a50b3ac60bfa6LL /* 707 */,
0xcd5e68ea7e9fb6c3LL /* 708 */, 0xb01c90199483b1c7LL /* 709 */,
0x3de93cd5c295376cLL /* 710 */, 0xaed52edf2ab9ad13LL /* 711 */,
0x2e60f512c0a07884LL /* 712 */, 0xbc3d86a3e36210c9LL /* 713 */,
0x35269d9b163951ceLL /* 714 */, 0x0c7d6e2ad0cdb5faLL /* 715 */,
0x59e86297d87f5733LL /* 716 */, 0x298ef221898db0e7LL /* 717 */,
0x55000029d1a5aa7eLL /* 718 */, 0x8bc08ae1b5061b45LL /* 719 */,
0xc2c31c2b6c92703aLL /* 720 */, 0x94cc596baf25ef42LL /* 721 */,
0x0a1d73db22540456LL /* 722 */, 0x04b6a0f9d9c4179aLL /* 723 */,
0xeffdafa2ae3d3c60LL /* 724 */, 0xf7c8075bb49496c4LL /* 725 */,
0x9cc5c7141d1cd4e3LL /* 726 */, 0x78bd1638218e5534LL /* 727 */,
0xb2f11568f850246aLL /* 728 */, 0xedfabcfa9502bc29LL /* 729 */,
0x796ce5f2da23051bLL /* 730 */, 0xaae128b0dc93537cLL /* 731 */,
0x3a493da0ee4b29aeLL /* 732 */, 0xb5df6b2c416895d7LL /* 733 */,
0xfcabbd25122d7f37LL /* 734 */, 0x70810b58105dc4b1LL /* 735 */,
0xe10fdd37f7882a90LL /* 736 */, 0x524dcab5518a3f5cLL /* 737 */,
0x3c9e85878451255bLL /* 738 */, 0x4029828119bd34e2LL /* 739 */,
0x74a05b6f5d3ceccbLL /* 740 */, 0xb610021542e13ecaLL /* 741 */,
0x0ff979d12f59e2acLL /* 742 */, 0x6037da27e4f9cc50LL /* 743 */,
0x5e92975a0df1847dLL /* 744 */, 0xd66de190d3e623feLL /* 745 */,
0x5032d6b87b568048LL /* 746 */, 0x9a36b7ce8235216eLL /* 747 */,
0x80272a7a24f64b4aLL /* 748 */, 0x93efed8b8c6916f7LL /* 749 */,
0x37ddbff44cce1555LL /* 750 */, 0x4b95db5d4b99bd25LL /* 751 */,
0x92d3fda169812fc0LL /* 752 */, 0xfb1a4a9a90660bb6LL /* 753 */,
0x730c196946a4b9b2LL /* 754 */, 0x81e289aa7f49da68LL /* 755 */,
0x64669a0f83b1a05fLL /* 756 */, 0x27b3ff7d9644f48bLL /* 757 */,
0xcc6b615c8db675b3LL /* 758 */, 0x674f20b9bcebbe95LL /* 759 */,
0x6f31238275655982LL /* 760 */, 0x5ae488713e45cf05LL /* 761 */,
0xbf619f9954c21157LL /* 762 */, 0xeabac46040a8eae9LL /* 763 */,
0x454c6fe9f2c0c1cdLL /* 764 */, 0x419cf6496412691cLL /* 765 */,
0xd3dc3bef265b0f70LL /* 766 */, 0x6d0e60f5c3578a9eLL /* 767 */
};
static u64 sbox4[256] = {
0x5b0e608526323c55LL /* 768 */, 0x1a46c1a9fa1b59f5LL /* 769 */,
0xa9e245a17c4c8ffaLL /* 770 */, 0x65ca5159db2955d7LL /* 771 */,
0x05db0a76ce35afc2LL /* 772 */, 0x81eac77ea9113d45LL /* 773 */,
0x528ef88ab6ac0a0dLL /* 774 */, 0xa09ea253597be3ffLL /* 775 */,
0x430ddfb3ac48cd56LL /* 776 */, 0xc4b3a67af45ce46fLL /* 777 */,
0x4ececfd8fbe2d05eLL /* 778 */, 0x3ef56f10b39935f0LL /* 779 */,
0x0b22d6829cd619c6LL /* 780 */, 0x17fd460a74df2069LL /* 781 */,
0x6cf8cc8e8510ed40LL /* 782 */, 0xd6c824bf3a6ecaa7LL /* 783 */,
0x61243d581a817049LL /* 784 */, 0x048bacb6bbc163a2LL /* 785 */,
0xd9a38ac27d44cc32LL /* 786 */, 0x7fddff5baaf410abLL /* 787 */,
0xad6d495aa804824bLL /* 788 */, 0xe1a6a74f2d8c9f94LL /* 789 */,
0xd4f7851235dee8e3LL /* 790 */, 0xfd4b7f886540d893LL /* 791 */,
0x247c20042aa4bfdaLL /* 792 */, 0x096ea1c517d1327cLL /* 793 */,
0xd56966b4361a6685LL /* 794 */, 0x277da5c31221057dLL /* 795 */,
0x94d59893a43acff7LL /* 796 */, 0x64f0c51ccdc02281LL /* 797 */,
0x3d33bcc4ff6189dbLL /* 798 */, 0xe005cb184ce66af1LL /* 799 */,
0xff5ccd1d1db99beaLL /* 800 */, 0xb0b854a7fe42980fLL /* 801 */,
0x7bd46a6a718d4b9fLL /* 802 */, 0xd10fa8cc22a5fd8cLL /* 803 */,
0xd31484952be4bd31LL /* 804 */, 0xc7fa975fcb243847LL /* 805 */,
0x4886ed1e5846c407LL /* 806 */, 0x28cddb791eb70b04LL /* 807 */,
0xc2b00be2f573417fLL /* 808 */, 0x5c9590452180f877LL /* 809 */,
0x7a6bddfff370eb00LL /* 810 */, 0xce509e38d6d9d6a4LL /* 811 */,
0xebeb0f00647fa702LL /* 812 */, 0x1dcc06cf76606f06LL /* 813 */,
0xe4d9f28ba286ff0aLL /* 814 */, 0xd85a305dc918c262LL /* 815 */,
0x475b1d8732225f54LL /* 816 */, 0x2d4fb51668ccb5feLL /* 817 */,
0xa679b9d9d72bba20LL /* 818 */, 0x53841c0d912d43a5LL /* 819 */,
0x3b7eaa48bf12a4e8LL /* 820 */, 0x781e0e47f22f1ddfLL /* 821 */,
0xeff20ce60ab50973LL /* 822 */, 0x20d261d19dffb742LL /* 823 */,
0x16a12b03062a2e39LL /* 824 */, 0x1960eb2239650495LL /* 825 */,
0x251c16fed50eb8b8LL /* 826 */, 0x9ac0c330f826016eLL /* 827 */,
0xed152665953e7671LL /* 828 */, 0x02d63194a6369570LL /* 829 */,
0x5074f08394b1c987LL /* 830 */, 0x70ba598c90b25ce1LL /* 831 */,
0x794a15810b9742f6LL /* 832 */, 0x0d5925e9fcaf8c6cLL /* 833 */,
0x3067716cd868744eLL /* 834 */, 0x910ab077e8d7731bLL /* 835 */,
0x6a61bbdb5ac42f61LL /* 836 */, 0x93513efbf0851567LL /* 837 */,
0xf494724b9e83e9d5LL /* 838 */, 0xe887e1985c09648dLL /* 839 */,
0x34b1d3c675370cfdLL /* 840 */, 0xdc35e433bc0d255dLL /* 841 */,
0xd0aab84234131be0LL /* 842 */, 0x08042a50b48b7eafLL /* 843 */,
0x9997c4ee44a3ab35LL /* 844 */, 0x829a7b49201799d0LL /* 845 */,
0x263b8307b7c54441LL /* 846 */, 0x752f95f4fd6a6ca6LL /* 847 */,
0x927217402c08c6e5LL /* 848 */, 0x2a8ab754a795d9eeLL /* 849 */,
0xa442f7552f72943dLL /* 850 */, 0x2c31334e19781208LL /* 851 */,
0x4fa98d7ceaee6291LL /* 852 */, 0x55c3862f665db309LL /* 853 */,
0xbd0610175d53b1f3LL /* 854 */, 0x46fe6cb840413f27LL /* 855 */,
0x3fe03792df0cfa59LL /* 856 */, 0xcfe700372eb85e8fLL /* 857 */,
0xa7be29e7adbce118LL /* 858 */, 0xe544ee5cde8431ddLL /* 859 */,
0x8a781b1b41f1873eLL /* 860 */, 0xa5c94c78a0d2f0e7LL /* 861 */,
0x39412e2877b60728LL /* 862 */, 0xa1265ef3afc9a62cLL /* 863 */,
0xbcc2770c6a2506c5LL /* 864 */, 0x3ab66dd5dce1ce12LL /* 865 */,
0xe65499d04a675b37LL /* 866 */, 0x7d8f523481bfd216LL /* 867 */,
0x0f6f64fcec15f389LL /* 868 */, 0x74efbe618b5b13c8LL /* 869 */,
0xacdc82b714273e1dLL /* 870 */, 0xdd40bfe003199d17LL /* 871 */,
0x37e99257e7e061f8LL /* 872 */, 0xfa52626904775aaaLL /* 873 */,
0x8bbbf63a463d56f9LL /* 874 */, 0xf0013f1543a26e64LL /* 875 */,
0xa8307e9f879ec898LL /* 876 */, 0xcc4c27a4150177ccLL /* 877 */,
0x1b432f2cca1d3348LL /* 878 */, 0xde1d1f8f9f6fa013LL /* 879 */,
0x606602a047a7ddd6LL /* 880 */, 0xd237ab64cc1cb2c7LL /* 881 */,
0x9b938e7225fcd1d3LL /* 882 */, 0xec4e03708e0ff476LL /* 883 */,
0xfeb2fbda3d03c12dLL /* 884 */, 0xae0bced2ee43889aLL /* 885 */,
0x22cb8923ebfb4f43LL /* 886 */, 0x69360d013cf7396dLL /* 887 */,
0x855e3602d2d4e022LL /* 888 */, 0x073805bad01f784cLL /* 889 */,
0x33e17a133852f546LL /* 890 */, 0xdf4874058ac7b638LL /* 891 */,
0xba92b29c678aa14aLL /* 892 */, 0x0ce89fc76cfaadcdLL /* 893 */,
0x5f9d4e0908339e34LL /* 894 */, 0xf1afe9291f5923b9LL /* 895 */,
0x6e3480f60f4a265fLL /* 896 */, 0xeebf3a2ab29b841cLL /* 897 */,
0xe21938a88f91b4adLL /* 898 */, 0x57dfeff845c6d3c3LL /* 899 */,
0x2f006b0bf62caaf2LL /* 900 */, 0x62f479ef6f75ee78LL /* 901 */,
0x11a55ad41c8916a9LL /* 902 */, 0xf229d29084fed453LL /* 903 */,
0x42f1c27b16b000e6LL /* 904 */, 0x2b1f76749823c074LL /* 905 */,
0x4b76eca3c2745360LL /* 906 */, 0x8c98f463b91691bdLL /* 907 */,
0x14bcc93cf1ade66aLL /* 908 */, 0x8885213e6d458397LL /* 909 */,
0x8e177df0274d4711LL /* 910 */, 0xb49b73b5503f2951LL /* 911 */,
0x10168168c3f96b6bLL /* 912 */, 0x0e3d963b63cab0aeLL /* 913 */,
0x8dfc4b5655a1db14LL /* 914 */, 0xf789f1356e14de5cLL /* 915 */,
0x683e68af4e51dac1LL /* 916 */, 0xc9a84f9d8d4b0fd9LL /* 917 */,
0x3691e03f52a0f9d1LL /* 918 */, 0x5ed86e46e1878e80LL /* 919 */,
0x3c711a0e99d07150LL /* 920 */, 0x5a0865b20c4e9310LL /* 921 */,
0x56fbfc1fe4f0682eLL /* 922 */, 0xea8d5de3105edf9bLL /* 923 */,
0x71abfdb12379187aLL /* 924 */, 0x2eb99de1bee77b9cLL /* 925 */,
0x21ecc0ea33cf4523LL /* 926 */, 0x59a4d7521805c7a1LL /* 927 */,
0x3896f5eb56ae7c72LL /* 928 */, 0xaa638f3db18f75dcLL /* 929 */,
0x9f39358dabe9808eLL /* 930 */, 0xb7defa91c00b72acLL /* 931 */,
0x6b5541fd62492d92LL /* 932 */, 0x6dc6dee8f92e4d5bLL /* 933 */,
0x353f57abc4beea7eLL /* 934 */, 0x735769d6da5690ceLL /* 935 */,
0x0a234aa642391484LL /* 936 */, 0xf6f9508028f80d9dLL /* 937 */,
0xb8e319a27ab3f215LL /* 938 */, 0x31ad9c1151341a4dLL /* 939 */,
0x773c22a57bef5805LL /* 940 */, 0x45c7561a07968633LL /* 941 */,
0xf913da9e249dbe36LL /* 942 */, 0xda652d9b78a64c68LL /* 943 */,
0x4c27a97f3bc334efLL /* 944 */, 0x76621220e66b17f4LL /* 945 */,
0x967743899acd7d0bLL /* 946 */, 0xf3ee5bcae0ed6782LL /* 947 */,
0x409f753600c879fcLL /* 948 */, 0x06d09a39b5926db6LL /* 949 */,
0x6f83aeb0317ac588LL /* 950 */, 0x01e6ca4a86381f21LL /* 951 */,
0x66ff3462d19f3025LL /* 952 */, 0x72207c24ddfd3bfbLL /* 953 */,
0x4af6b6d3e2ece2ebLL /* 954 */, 0x9c994dbec7ea08deLL /* 955 */,
0x49ace597b09a8bc4LL /* 956 */, 0xb38c4766cf0797baLL /* 957 */,
0x131b9373c57c2a75LL /* 958 */, 0xb1822cce61931e58LL /* 959 */,
0x9d7555b909ba1c0cLL /* 960 */, 0x127fafdd937d11d2LL /* 961 */,
0x29da3badc66d92e4LL /* 962 */, 0xa2c1d57154c2ecbcLL /* 963 */,
0x58c5134d82f6fe24LL /* 964 */, 0x1c3ae3515b62274fLL /* 965 */,
0xe907c82e01cb8126LL /* 966 */, 0xf8ed091913e37fcbLL /* 967 */,
0x3249d8f9c80046c9LL /* 968 */, 0x80cf9bede388fb63LL /* 969 */,
0x1881539a116cf19eLL /* 970 */, 0x5103f3f76bd52457LL /* 971 */,
0x15b7e6f5ae47f7a8LL /* 972 */, 0xdbd7c6ded47e9ccfLL /* 973 */,
0x44e55c410228bb1aLL /* 974 */, 0xb647d4255edb4e99LL /* 975 */,
0x5d11882bb8aafc30LL /* 976 */, 0xf5098bbb29d3212aLL /* 977 */,
0x8fb5ea14e90296b3LL /* 978 */, 0x677b942157dd025aLL /* 979 */,
0xfb58e7c0a390acb5LL /* 980 */, 0x89d3674c83bd4a01LL /* 981 */,
0x9e2da4df4bf3b93bLL /* 982 */, 0xfcc41e328cab4829LL /* 983 */,
0x03f38c96ba582c52LL /* 984 */, 0xcad1bdbd7fd85db2LL /* 985 */,
0xbbb442c16082ae83LL /* 986 */, 0xb95fe86ba5da9ab0LL /* 987 */,
0xb22e04673771a93fLL /* 988 */, 0x845358c9493152d8LL /* 989 */,
0xbe2a488697b4541eLL /* 990 */, 0x95a2dc2dd38e6966LL /* 991 */,
0xc02c11ac923c852bLL /* 992 */, 0x2388b1990df2a87bLL /* 993 */,
0x7c8008fa1b4f37beLL /* 994 */, 0x1f70d0c84d54e503LL /* 995 */,
0x5490adec7ece57d4LL /* 996 */, 0x002b3c27d9063a3aLL /* 997 */,
0x7eaea3848030a2bfLL /* 998 */, 0xc602326ded2003c0LL /* 999 */,
0x83a7287d69a94086LL /* 1000 */, 0xc57a5fcb30f57a8aLL /* 1001 */,
0xb56844e479ebe779LL /* 1002 */, 0xa373b40f05dcbce9LL /* 1003 */,
0xd71a786e88570ee2LL /* 1004 */, 0x879cbacdbde8f6a0LL /* 1005 */,
0x976ad1bcc164a32fLL /* 1006 */, 0xab21e25e9666d78bLL /* 1007 */,
0x901063aae5e5c33cLL /* 1008 */, 0x9818b34448698d90LL /* 1009 */,
0xe36487ae3e1e8abbLL /* 1010 */, 0xafbdf931893bdcb4LL /* 1011 */,
0x6345a0dc5fbbd519LL /* 1012 */, 0x8628fe269b9465caLL /* 1013 */,
0x1e5d01603f9c51ecLL /* 1014 */, 0x4de44006a15049b7LL /* 1015 */,
0xbf6c70e5f776cbb1LL /* 1016 */, 0x411218f2ef552bedLL /* 1017 */,
0xcb0c0708705a36a3LL /* 1018 */, 0xe74d14754f986044LL /* 1019 */,
0xcd56d9430ea8280eLL /* 1020 */, 0xc12591d7535f5065LL /* 1021 */,
0xc83223f1720aef96LL /* 1022 */, 0xc3a0396f7363a51fLL /* 1023 */
};
static void
print_abc( const char *text, u64 a, u64 b, u64 c )
{
/*printf("%s: %08X%08X %08X%08X %08X%08X\n",
text,
(u32)(a>>32),
(u32)(a),
(u32)(b>>32),
(u32)(b),
(u32)(c>>32),
(u32)(c) );*/
}
static void
print_data( const char *text, u64 a, u64 b, u64 c,
u64 d, u64 e, u64 f,
u64 g, u64 h )
{
/*printf("%s: %08X%08X %08X%08X %08X%08X %08X%08X\n"
"%s %08X%08X %08X%08X %08X%08X %08X%08X\n",
text,
(u32)(a>>32),
(u32)(a),
(u32)(b>>32),
(u32)(b),
(u32)(c>>32),
(u32)(c),
(u32)(d>>32),
(u32)(d),
text,
(u32)(e>>32),
(u32)(e),
(u32)(f>>32),
(u32)(f),
(u32)(g>>32),
(u32)(g),
(u32)(h>>32),
(u32)(h) );*/
}
static void
burn_stack (int bytes)
{
char buf[256];
memset (buf, 0, sizeof buf);
bytes -= sizeof buf;
if (bytes > 0)
burn_stack (bytes);
}
static void
tiger_init( TIGER_CONTEXT *hd )
{
hd->a = 0x0123456789abcdefLL;
hd->b = 0xfedcba9876543210LL;
hd->c = 0xf096a5b4c3b2e187LL;
hd->nblocks = 0;
hd->count = 0;
}
static void
round( u64 *ra, u64 *rb, u64 *rc, u64 x, int mul )
{
u64 a = *ra;
u64 b = *rb;
u64 c = *rc;
c ^= x;
a -= sbox1[ c & 0xff ] ^ sbox2[ (c >> 16) & 0xff ]
^ sbox3[ (c >> 32) & 0xff ] ^ sbox4[ (c >> 48) & 0xff ];
b += sbox4[ (c >> 8) & 0xff ] ^ sbox3[ (c >> 24) & 0xff ]
^ sbox2[ (c >> 40) & 0xff ] ^ sbox1[ (c >> 56) & 0xff ];
b *= mul;
*ra = a;
*rb = b;
*rc = c;
}
static void
pass( u64 *ra, u64 *rb, u64 *rc, u64 *x, int mul )
{
u64 a = *ra;
u64 b = *rb;
u64 c = *rc;
round( &a, &b, &c, x[0], mul );
round( &b, &c, &a, x[1], mul );
round( &c, &a, &b, x[2], mul );
round( &a, &b, &c, x[3], mul );
round( &b, &c, &a, x[4], mul );
round( &c, &a, &b, x[5], mul );
round( &a, &b, &c, x[6], mul );
round( &b, &c, &a, x[7], mul );
*ra = a;
*rb = b;
*rc = c;
}
static void
key_schedule( u64 *x )
{
x[0] -= x[7] ^ 0xa5a5a5a5a5a5a5a5LL;
x[1] ^= x[0];
x[2] += x[1];
x[3] -= x[2] ^ ((~x[1]) << 19 );
x[4] ^= x[3];
x[5] += x[4];
x[6] -= x[5] ^ ((~x[4]) >> 23 );
x[7] ^= x[6];
x[0] += x[7];
x[1] -= x[0] ^ ((~x[7]) << 19 );
x[2] ^= x[1];
x[3] += x[2];
x[4] -= x[3] ^ ((~x[2]) >> 23 );
x[5] ^= x[4];
x[6] += x[5];
x[7] -= x[6] ^ 0x0123456789abcdefLL;
}
/****************
* Transform the message DATA which consists of 512 bytes (8 words)
*/
static void
transform( TIGER_CONTEXT *hd, byte *data )
{
u64 a,b,c,aa,bb,cc;
u64 x[8];
#ifdef BIG_ENDIAN_HOST
#define MKWORD(d,n) \
( ((u64)(d)[8*(n)+7]) << 56 | ((u64)(d)[8*(n)+6]) << 48 \
| ((u64)(d)[8*(n)+5]) << 40 | ((u64)(d)[8*(n)+4]) << 32 \
| ((u64)(d)[8*(n)+3]) << 24 | ((u64)(d)[8*(n)+2]) << 16 \
| ((u64)(d)[8*(n)+1]) << 8 | ((u64)(d)[8*(n) ]) )
x[0] = MKWORD(data, 0);
x[1] = MKWORD(data, 1);
x[2] = MKWORD(data, 2);
x[3] = MKWORD(data, 3);
x[4] = MKWORD(data, 4);
x[5] = MKWORD(data, 5);
x[6] = MKWORD(data, 6);
x[7] = MKWORD(data, 7);
#undef MKWORD
#else
memcpy( &x[0], data, 64 );
#endif
/* save */
a = aa = hd->a;
b = bb = hd->b;
c = cc = hd->c;
print_data(" key0", x[0], x[1], x[2], x[3], x[4], x[5], x[6], x[7] );
print_abc(" init", a, b, c );
pass( &a, &b, &c, x, 5);
print_abc("pass1", a, b, c );
key_schedule( x );
pass( &c, &a, &b, x, 7);
print_abc("pass2", a, b, c );
key_schedule( x );
pass( &b, &c, &a, x, 9);
print_abc("pass3", a, b, c );
/* feedforward */
a ^= aa;
b -= bb;
c += cc;
/* store */
hd->a = a;
hd->b = b;
hd->c = c;
}
/* Update the message digest with the contents
* of INBUF with length INLEN.
*/
static void
tiger_write( TIGER_CONTEXT *hd, byte *inbuf, size_t inlen)
{
if( hd->count == 64 ) { /* flush the buffer */
transform( hd, hd->buf );
burn_stack (21*8+11*sizeof(void*));
hd->count = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->count ) {
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
tiger_write( hd, NULL, 0 );
if( !inlen )
return;
}
while( inlen >= 64 ) {
transform( hd, inbuf );
hd->count = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
burn_stack (21*8+11*sizeof(void*));
for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++;
}
/* The routine terminates the computation
*/
static void
tiger_final( TIGER_CONTEXT *hd )
{
u32 t, msb, lsb;
byte *p;
tiger_write(hd, NULL, 0); /* flush */;
t = hd->nblocks;
/* multiply by 64 to make a byte count */
lsb = t << 6;
msb = t >> 26;
/* add the count */
t = lsb;
if( (lsb += hd->count) < t )
msb++;
/* multiply by 8 to make a bit count */
t = lsb;
lsb <<= 3;
msb <<= 3;
msb |= t >> 29;
if( hd->count < 56 ) { /* enough room */
hd->buf[hd->count++] = 0x01; /* pad */
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else { /* need one extra block */
hd->buf[hd->count++] = 0x01; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
tiger_write(hd, NULL, 0); /* flush */;
memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buf[56] = lsb ;
hd->buf[57] = lsb >> 8;
hd->buf[58] = lsb >> 16;
hd->buf[59] = lsb >> 24;
hd->buf[60] = msb ;
hd->buf[61] = msb >> 8;
hd->buf[62] = msb >> 16;
hd->buf[63] = msb >> 24;
transform( hd, hd->buf );
burn_stack (21*8+11*sizeof(void*));
p = hd->buf;
#ifdef BIG_ENDIAN_HOST
#define X(a) do { *(u64*)p = hd-> a ; p += 8; } while(0)
#else /* little endian */
#define X(a) do { *p++ = hd-> a >> 56; *p++ = hd-> a >> 48; \
*p++ = hd-> a >> 40; *p++ = hd-> a >> 32; \
*p++ = hd-> a >> 24; *p++ = hd-> a >> 16; \
*p++ = hd-> a >> 8; *p++ = hd-> a; } while(0)
#endif
X(a);
X(b);
X(c);
#undef X
}
static byte *
tiger_read( TIGER_CONTEXT *hd )
{
return hd->buf;
}
+#endif /*HAVE_U64_TYPEDEF*/
+
/****************
* Return some information about the algorithm. We need algo here to
* distinguish different flavors of the algorithm.
* Returns: A pointer to string describing the algorithm or NULL if
* the ALGO is invalid.
*/
-static const char *
+const char *
tiger_get_info( int algo, size_t *contextsize,
byte **r_asnoid, int *r_asnlen, int *r_mdlen,
void (**r_init)( void *c ),
void (**r_write)( void *c, byte *buf, size_t nbytes ),
void (**r_final)( void *c ),
byte *(**r_read)( void *c )
)
{
+#ifdef HAVE_U64_TYPEDEF
/* 40: SEQUENCE {
* 12: SEQUENCE {
* 8: OCTET STRING :54 49 47 45 52 31 39 32
* 0: NULL
* : }
* 24: OCTET STRING
* : }
*
* By replacing the 5th byte (0x04) with 0x16 we would have;
* 8: IA5String 'TIGER192'
+ * Fixme: We should use a registered OID.
*/
static byte asn[18] =
{ 0x30, 0x28, 0x30, 0x0c, 0x04, 0x08, 0x54, 0x49, 0x47,
0x45, 0x52, 0x31, 0x39, 0x32, 0x05, 0x00, 0x04, 0x18 };
if( algo != 6 )
return NULL;
*contextsize = sizeof(TIGER_CONTEXT);
*r_asnoid = asn;
*r_asnlen = DIM(asn);
*r_mdlen = 24;
*(void (**)(TIGER_CONTEXT *))r_init = tiger_init;
*(void (**)(TIGER_CONTEXT *, byte*, size_t))r_write = tiger_write;
*(void (**)(TIGER_CONTEXT *))r_final = tiger_final;
*(byte *(**)(TIGER_CONTEXT *))r_read = tiger_read;
return "TIGER192";
-}
-
-
-
-#ifndef IS_MODULE
-static
-#endif
-const char * const gnupgext_version = "TIGER ($Revision$)";
-
-static struct {
- int class;
- int version;
- int value;
- void (*func)(void);
-} func_table[] = {
- { 10, 1, 0, (void(*)(void))tiger_get_info },
- { 11, 1, 6 },
-};
-
-
-
-/****************
- * Enumerate the names of the functions together with informations about
- * this function. Set sequence to an integer with a initial value of 0 and
- * do not change it.
- * If what is 0 all kind of functions are returned.
- * Return values: class := class of function:
- * 10 = message digest algorithm info function
- * 11 = integer with available md algorithms
- * 20 = cipher algorithm info function
- * 21 = integer with available cipher algorithms
- * 30 = public key algorithm info function
- * 31 = integer with available pubkey algorithms
- * version = interface version of the function/pointer
- * (currently this is 1 for all functions)
- */
-#ifndef IS_MODULE
-static
+#else /*!HAVE_U64_TYPEDEF*/
+ return NULL; /* Alorithm not available. */
#endif
-void *
-gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
-{
- void *ret;
- int i = *sequence;
-
- do {
- if( i >= DIM(func_table) || i < 0 ) {
- /*fprintf(stderr, "failed\n");*/
- return NULL;
- }
- *class = func_table[i].class;
- *vers = func_table[i].version;
- switch( *class ) {
- case 11:
- case 21:
- case 31:
- ret = &func_table[i].value;
- break;
- default:
- ret = func_table[i].func;
- break;
- }
- i++;
- } while( what && what != *class );
-
- *sequence = i;
- /*fprintf(stderr, "success\n");*/
- return ret;
-}
-
-
-
-#ifndef IS_MODULE
-void
-tiger_constructor(void)
-{
- register_internal_cipher_extension( gnupgext_version,
- gnupgext_enum_func );
}
-#endif
-
-
-#endif /* HAVE_U64_TYPEDEF */
-
diff --git a/configure.ac b/configure.ac
index 0918e2782..546859026 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,1045 +1,869 @@
dnl Configure.ac script for GnuPG
dnl Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
dnl
dnl This file is part of GnuPG.
dnl
dnl GnuPG is free software; you can redistribute it and/or modify
dnl it under the terms of the GNU General Public License as published by
dnl the Free Software Foundation; either version 2 of the License, or
dnl (at your option) any later version.
dnl
dnl GnuPG is distributed in the hope that it will be useful,
dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
dnl GNU General Public License for more details.
dnl
dnl You should have received a copy of the GNU General Public License
dnl along with this program; if not, write to the Free Software
dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
dnl
dnl (Process this file with autoconf to produce a configure script.)
dnlAC_REVISION($Revision$)dnl
AC_PREREQ(2.52)
# Please enter the version number here and set development_version to
# yes if the minor number is odd or you feel that the default check
# for a development version is not sufficient.
AC_INIT(gnupg, 1.1.91, bug-gnupg@gnu.org)
development_version=yes
ALL_LINGUAS="cs da de eo el es et fr gl id it ja nl pl pt_BR pt sv tr"
-static_modules="sha1 md5 rmd160"
-static_random_module=""
PACKAGE=$PACKAGE_NAME
VERSION=$PACKAGE_VERSION
AC_CONFIG_AUX_DIR(scripts)
AC_CONFIG_SRCDIR(g10/g10.c)
AC_CANONICAL_TARGET()
AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
AM_CONFIG_HEADER(config.h)
AC_SUBST(PACKAGE)
AC_SUBST(VERSION)
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package])
AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package])
AC_DEFINE(_GNU_SOURCE,1,[Some tests rely on this (stpcpy) and it should be used for new programs anyway])
-AC_PROG_AWK
-
-MODULES_IN_CIPHER=`$AWK '/^EXTRA_PROGRAMS/ { for(i=3;i<=NF;i++) print $i}' \
- $srcdir/cipher/Makefile.am`
-
dnl
dnl Check for random module options
dnl
-dnl Fixme: get the list of available modules from MODULES_IN_CIPHER
-dnl and check against this list
-
-AC_MSG_CHECKING([which static random module to use])
+AC_MSG_CHECKING([which random module to use])
AC_ARG_ENABLE(static-rnd,
[ --enable-static-rnd=[egd|unix|linux|none] ],
[use_static_rnd=$enableval], [use_static_rnd=default] )
if test "$use_static_rnd" = no; then
use_static_rnd=default
fi
case "$use_static_rnd" in
- egd | linux | unix | none | default )
+ egd | linux | unix | default )
AC_MSG_RESULT($use_static_rnd)
;;
* )
AC_MSG_RESULT(invalid argument)
AC_MSG_ERROR(there is no random module rnd$use_static_rnd)
;;
esac
AC_ARG_WITH(egd-socket,
[ --with-egd-socket=NAME use NAME for the EGD socket],
egd_socket_name="$withval", egd_socket_name="" )
AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, "$egd_socket_name",
[Define if you don't want the default EGD socket name.
For details see cipher/rndegd.c])
dnl
dnl See whether the user wants to disable checking for /dev/random
AC_MSG_CHECKING([whether use of /dev/random is requested])
AC_ARG_ENABLE(dev-random,
[ --disable-dev-random disable the use of dev random],
try_dev_random=$enableval, try_dev_random=yes)
AC_MSG_RESULT($try_dev_random)
dnl
dnl Check other options
dnl
AC_MSG_CHECKING([whether use of extensions is requested])
AC_ARG_ENABLE(dynload,
[ --disable-dynload disable use of extensions],
try_dynload=$enableval, try_dynload=yes)
AC_MSG_RESULT($try_dynload)
AC_MSG_CHECKING([whether assembler modules are requested])
AC_ARG_ENABLE(asm,
[ --disable-asm do not use assembler modules],
try_asm_modules=$enableval, try_asm_modules=yes)
AC_MSG_RESULT($try_asm_modules)
AC_MSG_CHECKING([whether memory guard is requested])
AC_ARG_ENABLE(m-guard,
[ --enable-m-guard enable memory guard facility],
use_m_guard=$enableval, use_m_guard=no)
AC_MSG_RESULT($use_m_guard)
if test "$use_m_guard" = yes ; then
AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature])
fi
AC_MSG_CHECKING([whether to enable external program execution])
AC_ARG_ENABLE(exec,
[ --disable-exec disable all external program execution],
use_exec=$enableval, use_exec=yes)
AC_MSG_RESULT($use_exec)
if test "$use_exec" = no ; then
AC_DEFINE(NO_EXEC,1,[Define to disable all external program execution])
fi
if test "$use_exec" = yes ; then
AC_MSG_CHECKING([whether to enable photo ID viewing])
AC_ARG_ENABLE(photo-viewers,
[ --disable-photo-viewers disable photo ID viewers],
[if test "$enableval" = no ; then
AC_DEFINE(DISABLE_PHOTO_VIEWER,1,[define to disable photo viewing])
fi],enableval=yes)
gnupg_cv_enable_photo_viewers=$enableval
AC_MSG_RESULT($enableval)
if test "$gnupg_cv_enable_photo_viewers" = yes ; then
AC_MSG_CHECKING([whether to use a fixed photo ID viewer])
AC_ARG_WITH(photo-viewer,
[ --with-photo-viewer=FIXED_VIEWER set a fixed photo ID viewer],
[if test "$withval" = yes ; then
withval=no
elif test "$withval" != no ; then
AC_DEFINE_UNQUOTED(FIXED_PHOTO_VIEWER,"$withval",
[if set, restrict photo-viewer to this])
fi],withval=no)
AC_MSG_RESULT($withval)
fi
AC_MSG_CHECKING([whether to enable external keyserver helpers])
AC_ARG_ENABLE(keyserver-helpers,
[ --disable-keyserver-helpers disable all external keyserver support],
[if test "$enableval" = no ; then
AC_DEFINE(DISABLE_KEYSERVER_HELPERS,1,
[define to disable keyserver helpers])
fi],enableval=yes)
gnupg_cv_enable_keyserver_helpers=$enableval
AC_MSG_RESULT($enableval)
if test "$gnupg_cv_enable_keyserver_helpers" = yes ; then
AC_MSG_CHECKING([whether LDAP keyserver support is requested])
AC_ARG_ENABLE(ldap,
[ --disable-ldap disable LDAP keyserver interface],
try_ldap=$enableval, try_ldap=yes)
AC_MSG_RESULT($try_ldap)
AC_MSG_CHECKING([whether experimental external hkp keyserver support is requested])
AC_ARG_ENABLE(external-hkp,
[ --enable-external-hkp enable experimental external HKP keyserver interface],
try_hkp=$enableval, try_hkp=no)
AC_MSG_RESULT($try_hkp)
if test "$try_hkp" = yes ; then
GPGKEYS_HKP="gpgkeys_hkp"
AC_DEFINE(USE_EXTERNAL_HKP,1,[define to use the experimental external HKP keyserver interface])
fi
AC_MSG_CHECKING([whether email keyserver support is requested])
AC_ARG_ENABLE(mailto,
[ --disable-mailto disable email keyserver interface],
try_mailto=$enableval, try_mailto=yes)
AC_MSG_RESULT($try_mailto)
fi
AC_MSG_CHECKING([whether to disable keyserver exec-path])
AC_ARG_ENABLE(keyserver-path,
[ --disable-keyserver-path disable the exec-path option for keyserver helpers],
[if test "$enableval" = no ; then
AC_DEFINE(DISABLE_KEYSERVER_PATH,1,[define to disable exec-path for keyserver helpers])
fi],enableval=yes)
AC_MSG_RESULT($enableval)
fi
AC_MSG_CHECKING([whether included zlib is requested])
AC_ARG_WITH(included-zlib,
[ --with-included-zlib use the zlib code included here],
[g10_force_zlib=yes], [g10_force_zlib=no] )
AC_MSG_RESULT($g10_force_zlib)
dnl
dnl Check whether we want to use Linux capabilities
dnl
AC_MSG_CHECKING([whether use of capabilities is requested])
AC_ARG_WITH(capabilities,
[ --with-capabilities use linux capabilities [default=no]],
[use_capabilities="$withval"],[use_capabilities=no])
AC_MSG_RESULT($use_capabilities)
AH_BOTTOM([
#if !(defined(HAVE_FORK) && defined(HAVE_PIPE) && defined(HAVE_WAITPID))
#define EXEC_TEMPFILE_ONLY
#endif
#include "g10defs.h"
])
AM_MAINTAINER_MODE
dnl Checks for programs.
-dnl
-dnl Setup some stuff depending on host/target.
-dnl
-case "${target}" in
- *-*-mingw32*)
- disallowed_modules="rndunix rndlinux rndegd"
- ;;
- *-*-cygwin*)
- disallowed_modules="rndunix rndlinux rndegd tiger"
- ;;
- *)
- disallowed_modules="rndw32"
- ;;
-esac
-
AC_PROG_MAKE_SET
AM_SANITY_CHECK
missing_dir=`cd $ac_aux_dir && pwd`
AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir)
AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir)
AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir)
AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
AC_PROG_CC
AC_PROG_CPP
AC_PATH_PROG(PERL,"perl")
AC_ISC_POSIX
AC_SYS_LARGEFILE
AC_PROG_INSTALL
AC_PROG_AWK
AC_CHECK_PROG(DOCBOOK_TO_MAN, docbook-to-man, yes, no)
AM_CONDITIONAL(HAVE_DOCBOOK_TO_MAN, test "$ac_cv_prog_DOCBOOK_TO_MAN" = yes)
GNUPG_CHECK_FAQPROG
GNUPG_CHECK_DOCBOOK_TO_TEXI
MPI_OPT_FLAGS=""
try_gettext=yes
case "${target}" in
*-*-mingw32*|*-*-cygwin*)
# special stuff for Windoze NT
ac_cv_have_dev_random=no
AC_DEFINE(USE_ONLY_8DOT3,1,
[set this to limit filenames to the 8.3 format])
AC_DEFINE(HAVE_DRIVE_LETTERS,1,
[defined if we must run on a stupid file system])
AC_DEFINE(HAVE_DOSISH_SYSTEM,1,
[defined if we run on some of the PCDOS like systems
(DOS, Windoze. OS/2) with special properties like
no file modes])
AC_DEFINE(USE_SIMPLE_GETTEXT,1,
[because the Unix gettext has too much overhead on
MingW32 systems and these systems lack Posix functions,
we use a simplified version of gettext])
try_gettext="no"
;;
i?86-emx-os2 | i?86-*-os2*emx )
# OS/2 with the EMX environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
try_gettext="no"
;;
i?86-*-msdosdjgpp*)
# DOS with the DJGPP environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
try_gettext="no"
;;
*-*-freebsd*)
# FreeBSD
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
;;
*-*-hpux*)
if test -z "$GCC" ; then
CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE"
fi
;;
*-dec-osf4*)
if test -z "$GCC" ; then
# Suppress all warnings
# to get rid of the unsigned/signed char mismatch warnings.
CFLAGS="$CFLAGS -w"
fi
;;
*-dec-osf5*)
if test -z "$GCC" ; then
# Use the newer compiler `-msg_disable ptrmismatch' to
# get rid of the unsigned/signed char mismatch warnings.
# Using this may hide other pointer mismatch warnings, but
# it at least lets other warning classes through
CFLAGS="$CFLAGS -msg_disable ptrmismatch"
fi
;;
m68k-atari-mint)
;;
*)
;;
esac
AC_SUBST(MPI_OPT_FLAGS)
GNUPG_SYS_SYMBOL_UNDERSCORE
-GNUPG_CHECK_PIC
-GNUPG_CHECK_EXPORTDYNAMIC
-if test "$NO_PIC" = yes; then
- try_dynload=no
-fi
dnl Must check for network library requirements before doing link tests
dnl for ldap, for example. If ldap libs are static (or dynamic and without
dnl ELF runtime link paths), then link will fail and LDAP support won't
dnl be detected.
AC_CHECK_FUNC(gethostbyname, , AC_CHECK_LIB(nsl, gethostbyname,
[NETLIBS="-lnsl $NETLIBS"]))
AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt,
[NETLIBS="-lsocket $NETLIBS"]))
# Try and link a LDAP test program to weed out unusable LDAP
# libraries. -lldap -llber -lresolv is for OpenLDAP. -lldapssl41 is
# for Mozilla LDAP.
if test "$try_ldap" = yes ; then
for LDAPLIBS in "-lldap -llber -lresolv" "-lldapssl41"; do
_ldap_save_libs=$LIBS
LIBS="$LDAPLIBS $NETLIBS $LIBS"
AC_MSG_CHECKING([whether LDAP via \"$LDAPLIBS\" is present and sane])
AC_TRY_LINK([#include <ldap.h>],[ldap_open("foobar",1234);],
[gnupg_cv_func_ldap_init=yes],[gnupg_cv_func_ldap_init=no])
AC_MSG_RESULT([$gnupg_cv_func_ldap_init])
if test $gnupg_cv_func_ldap_init = no; then
AC_MSG_CHECKING([whether I can make LDAP be sane with lber.h])
AC_TRY_LINK([#include <lber.h>
#include <ldap.h>],[ldap_open("foobar",1234);],
[gnupg_cv_func_ldaplber_init=yes],[gnupg_cv_func_ldaplber_init=no])
AC_MSG_RESULT([$gnupg_cv_func_ldaplber_init])
fi
if test "$gnupg_cv_func_ldaplber_init" = yes ; then
AC_DEFINE(NEED_LBER_H,1,[Define if the LDAP library requires including lber.h before ldap.h])
fi
if test "$gnupg_cv_func_ldap_init" = yes || \
test "$gnupg_cv_func_ldaplber_init" = yes ; then
GPGKEYS_LDAP="gpgkeys_ldap"
fi
LIBS=$_ldap_save_libs
if test "$GPGKEYS_LDAP" != "" ; then break; fi
done
fi
AC_SUBST(GPGKEYS_LDAP)
AC_SUBST(LDAPLIBS)
dnl This isn't necessarily sendmail itself, but anything that gives a
dnl sendmail-ish interface to the outside world. That includes qmail,
dnl postfix, etc. Basically, anything that can handle "sendmail -t".
if test "$try_mailto" = yes ; then
AC_ARG_WITH(mailprog,[ --with-mailprog=NAME use "NAME -t" for mail transport],,with_mailprog=yes)
if test "$with_mailprog" = yes ; then
AC_PATH_PROG(SENDMAIL,sendmail,,$PATH:/usr/sbin:/usr/libexec:/usr/lib)
if test "$ac_cv_path_SENDMAIL" ; then
GPGKEYS_MAILTO="gpgkeys_mailto"
fi
elif test "$with_mailprog" != no ; then
AC_MSG_CHECKING([for a mail transport program])
AC_SUBST(SENDMAIL,$with_mailprog)
AC_MSG_RESULT($with_mailprog)
GPGKEYS_MAILTO="gpgkeys_mailto"
fi
fi
AC_SUBST(GPGKEYS_MAILTO)
AC_SUBST(GPGKEYS_HKP)
case "${target}" in
*-*-mingw32*)
PRINTABLE_OS_NAME="MingW32"
;;
*-*-cygwin*)
PRINTABLE_OS_NAME="Cygwin32"
;;
i?86-emx-os2 | i?86-*-os2*emx )
PRINTABLE_OS_NAME="OS/2"
;;
i?86-*-msdosdjgpp*)
PRINTABLE_OS_NAME="MSDOS/DJGPP"
try_dynload=no
;;
*-linux*)
PRINTABLE_OS_NAME="GNU/Linux"
;;
dnl let that after linux to avoid gnu-linux problems
*-gnu*)
PRINTABLE_OS_NAME="GNU/Hurd"
;;
*)
PRINTABLE_OS_NAME=`uname -s || echo "Unknown"`
;;
esac
AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME",
[A human readable text with the name of the OS])
#
-# 1. Set flags to be used for the extension modules
-# 2. Set names of random devices
+# 1. Set names of random devices
#
NAME_OF_DEV_RANDOM="/dev/random"
NAME_OF_DEV_URANDOM="/dev/urandom"
case "${target}" in
*-openbsd* | *-netbsd*)
NAME_OF_DEV_RANDOM="/dev/srandom"
NAME_OF_DEV_URANDOM="/dev/urandom"
- DYNLINK_MOD_CFLAGS="-shared -rdynamic $CFLAGS_PIC -Wl,-Bshareable -Wl,-x"
- ;;
-
- hpux*)
- # if using the vendor (ANSI) compiler, arrange to have `-b' passed
- # to the linker. If using gcc, it supports `-shared' to do the same.
- if test -n "$GCC" ; then
- DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
- else
- DYNLINK_MOD_CFLAGS='-Wl,-b'
- fi
- ;;
-
- *-irix6.5*)
- # Irix 6.5 (and probably a lot earlier, but I only still have
- # access to 6.5.x) doesn't require any additional flags, as `-KPIC'
- # is the default. Also, `-shared' works with the vendor compiler
- DYNLINK_MOD_CFLAGS="-shared"
- ;;
-
- alpha*-dec-osf*)
- # osf (i.e. OSF/1, Digital UNIX, or Tru64 UNIX, pick any one...)
- # on alpha doesn't require any PIC flags, everything is PIC.
- # This may not be the case for osf ports to other machines, so
- # hence the more specific match for target.
- #
- # Also, `-shared' works with the vendor compiler or gcc.
- # -expect_unresolved turns off warnings about unresolved symbols.
- DYNLINK_MOD_CFLAGS='-shared -Wl,-expect_unresolved,\*'
- ;;
-
- *-solaris*)
- # -shared is a gcc-ism. Find pic flags from GNUPG_CHECK_PIC.
- if test -n "$GCC" ; then
- DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
- else
- DYNLINK_MOD_CFLAGS="-G $CFLAGS_PIC"
- fi
- ;;
-
- *-irix* | *-dec-osf* )
- DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
- ;;
-
- *)
- # -shared is a gcc-ism. Find pic flags from GNUPG_CHECK_PIC.
- if test -n "$GCC" ; then
- DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
- else
- DYNLINK_MOD_CFLAGS="$CFLAGS_PIC"
- fi
;;
esac
AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, "$NAME_OF_DEV_RANDOM",
[defined to the name of the strong random device])
AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, "$NAME_OF_DEV_URANDOM",
[defined to the name of the weaker random device])
AC_SUBST(MPI_OPT_FLAGS)
dnl Checks for libraries.
if test "$try_gettext" = yes; then
-AM_GNU_GETTEXT
+ AM_GNU_GETTEXT
else
-USE_NLS=no
-USE_INCLUDED_LIBINTL=no
-BUILD_INCLUDED_LIBINTL=no
-AC_SUBST(USE_NLS)
-AC_SUBST(USE_INCLUDED_LIBINTL)
-AC_SUBST(BUILD_INCLUDED_LIBINTL)
+ USE_NLS=no
+ USE_INCLUDED_LIBINTL=no
+ BUILD_INCLUDED_LIBINTL=no
+ AC_SUBST(USE_NLS)
+ AC_SUBST(USE_INCLUDED_LIBINTL)
+ AC_SUBST(BUILD_INCLUDED_LIBINTL)
fi
if test "$try_dynload" = yes ; then
AC_CHECK_LIB(dl,dlopen)
if test "$ac_cv_lib_dl_dlopen" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING,1,
[define to enable the use of extensions])
AC_DEFINE(HAVE_DL_DLOPEN,1,
[Defined when the dlopen function family is available])
- DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
- use_gnupg_extensions=yes
else
AC_CHECK_FUNCS(dlopen)
if test "$ac_cv_func_dlopen" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DL_DLOPEN)
- DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
- use_gnupg_extensions=yes
- else
- AC_CHECK_LIB(dld,shl_load)
- if test "$ac_cv_lib_dld_shl_load" = "yes"; then
- AC_DEFINE(USE_DYNAMIC_LINKING)
- AC_DEFINE(HAVE_DL_SHL_LOAD,1,
- [Defined if the shl_load function family is available])
- DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
- use_gnupg_extensions=yes
-dnl -----------------
-dnl DLD is not ready for use. So I better disable this test
-dnl
-dnl AC_CHECK_LIB(dld,dld_link)
-dnl if test "$ac_cv_lib_dld_dld_link" = "yes"; then
-dnl AC_DEFINE(USE_DYNAMIC_LINKING)
-dnl AC_DEFINE(HAVE_DLD_DLD_LINK)
-dnl DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
-dnl use_gnupg_extensions=yes
-dnl ---------------
- fi
fi
fi
else
AC_MSG_CHECKING(for dynamic loading)
DYNLINK_LDFLAGS=
DYNLINK_MOD_CFLAGS=
- use_gnupg_extensions=no
AC_MSG_RESULT(has been disabled)
fi
-AM_CONDITIONAL(ENABLE_GNUPG_EXTENSIONS, test "$use_gnupg_extensions" = yes )
-AC_SUBST(DYNLINK_LDFLAGS)
-AC_SUBST(DYNLINK_MOD_CFLAGS)
-
-
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS(unistd.h langinfo.h termio.h locale.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_INLINE
AC_TYPE_SIZE_T
AC_TYPE_SIGNAL
AC_DECL_SYS_SIGLIST
GNUPG_CHECK_ENDIAN
GNUPG_CHECK_TYPEDEF(byte, HAVE_BYTE_TYPEDEF)
GNUPG_CHECK_TYPEDEF(ushort, HAVE_USHORT_TYPEDEF)
GNUPG_CHECK_TYPEDEF(ulong, HAVE_ULONG_TYPEDEF)
GNUPG_CHECK_TYPEDEF(u16, HAVE_U16_TYPEDEF)
GNUPG_CHECK_TYPEDEF(u32, HAVE_U32_TYPEDEF)
AC_CHECK_SIZEOF(unsigned short, 2)
AC_CHECK_SIZEOF(unsigned int, 4)
AC_CHECK_SIZEOF(unsigned long, 4)
AC_CHECK_SIZEOF(unsigned long long, 0)
if test "$ac_cv_sizeof_unsigned_short" = "0" \
|| test "$ac_cv_sizeof_unsigned_int" = "0" \
|| test "$ac_cv_sizeof_unsigned_long" = "0"; then
AC_MSG_WARN([Hmmm, something is wrong with the sizes - using defaults]);
fi
dnl Checks for library functions.
AC_FUNC_FSEEKO
AC_FUNC_VPRINTF
AC_FUNC_FORK
AC_CHECK_FUNCS(strerror stpcpy strsep strlwr tcgetattr strtoul mmap)
AC_CHECK_FUNCS(strcasecmp strncasecmp)
AC_CHECK_FUNCS(memmove gettimeofday getrusage setrlimit clock_gettime)
AC_CHECK_FUNCS(atexit raise getpagesize strftime nl_langinfo setlocale)
AC_CHECK_FUNCS(waitpid wait4 sigaction sigprocmask rand pipe stat)
AC_REPLACE_FUNCS(mkdtemp)
#
# check for gethrtime and run a testprogram to see whether
# it is broken. It has been reported that some Solaris and HP UX systems
# raise an SIGILL
#
AC_CACHE_CHECK([for gethrtime],
[gnupg_cv_func_gethrtime],
[AC_TRY_LINK([#include <sys/times.h>],[
hrtime_t tv;
tv = gethrtime();
],
[gnupg_cv_func_gethrtime=yes],
[gnupg_cv_func_gethrtime=no])
])
if test $gnupg_cv_func_gethrtime = yes; then
AC_DEFINE([HAVE_GETHRTIME], 1,
[Define if you have the `gethrtime(2)' function.])
AC_CACHE_CHECK([whether gethrtime is broken],
[gnupg_cv_func_broken_gethrtime],
[AC_TRY_RUN([
#include <sys/times.h>
int main () {
hrtime_t tv;
tv = gethrtime();
}
],
[gnupg_cv_func_broken_gethrtime=no],
[gnupg_cv_func_broken_gethrtime=yes],
[gnupg_cv_func_broken_gethrtime=assume-no])
])
if test $gnupg_cv_func_broken_gethrtime = yes; then
AC_DEFINE([HAVE_BROKEN_GETHRTIME], 1,
[Define if `gethrtime(2)' does not work correctly i.e. issues a SIGILL.])
fi
fi
GNUPG_CHECK_MLOCK
GNUPG_FUNC_MKDIR_TAKES_ONE_ARG
dnl
dnl Check whether we can use Linux capabilities as requested
dnl
if test "$use_capabilities" = "yes" ; then
use_capabilities=no
AC_CHECK_HEADERS(sys/capability.h)
if test "$ac_cv_header_sys_capability_h" = "yes" ; then
AC_CHECK_LIB(cap, cap_init, ac_need_libcap=1)
if test "$ac_cv_lib_cap_cap_init" = "yes"; then
AC_DEFINE(USE_CAPABILITIES,1,
[define if capabilities should be used])
LIBS="$LIBS -lcap"
use_capabilities=yes
fi
fi
if test "$use_capabilities" = "no" ; then
AC_MSG_WARN([[
***
*** The use of capabilities on this system is not possible.
*** You need a recent Linux kernel and some patches:
*** fcaps-2.2.9-990610.patch (kernel patch for 2.2.9)
*** fcap-module-990613.tar.gz (kernel module)
*** libcap-1.92.tar.gz (user mode library and utilities)
*** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN
*** set (filesystems menu). Be warned: This code is *really* ALPHA.
***]])
fi
fi
GNUPG_CHECK_IPC
if test "$ac_cv_header_sys_shm_h" = "yes"; then
AC_DEFINE(USE_SHM_COPROCESSING,1,
[define if the shared memory interface should be made available])
fi
dnl
dnl check whether we have a random device
dnl
if test "$try_dev_random" = yes ; then
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
[if test -r "$NAME_OF_DEV_RANDOM" && test -r "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
if test "$ac_cv_have_dev_random" = yes; then
AC_DEFINE(HAVE_DEV_RANDOM,1,
[defined if the system supports a random device] )
fi
else
AC_MSG_CHECKING(for random device)
ac_cv_have_dev_random=no
AC_MSG_RESULT(has been disabled)
fi
dnl
-dnl Figure out the default linkage mode for random modules
+dnl Figure out the default random module.
dnl
-print_egd_notice=no
+static_random_module=""
if test "$use_static_rnd" = default; then
if test "$ac_cv_have_dev_random" = yes; then
static_random_module="rndlinux"
else
case "${target}" in
*-*-mingw32*|*-*-cygwin*)
static_random_module="rndw32"
- AC_DEFINE(USE_STATIC_RNDW32,1,
- [At some point in the code we need to know that
- we use the Windows random module.])
;;
i?86-emx-os2|i?86-*-os2*emx)
static_random_module="rndos2"
;;
m68k-atari-mint)
static_random_module="rndatari"
;;
i?86-*-msdosdjgpp*)
:
;;
*)
static_random_module="rndunix"
- print_egd_notice=yes
;;
esac
fi
-else
- if test "$use_static_rnd" = none; then
- :
- else
- static_random_module="rnd$use_static_rnd"
- if test "$use_static_rnd" = "unix"; then
- print_egd_notice=yes
- fi
- fi
fi
-
-
-if test "$print_egd_notice" = "yes"; then
- AC_MSG_WARN([[
+case "$static_random_module" in
+ rndlinux)
+ AC_DEFINE(USE_RNDLINUX,1,
+ [Defined if the /dev/random based RNG shoudl be used.])
+ ;;
+ rndunix)
+ AC_DEFINE(USE_RNDUNIX,1,
+ [Defined if the default Unix RNG should be used.])
+ AC_MSG_WARN([[
***
*** The performance of the UNIX random gatherer module is not very good
*** and it does not keep the entropy pool over multiple invocations of
*** GnuPG. The suggested way to overcome this problem is to use the
***
*** Entropy Gathering Daemon (EGD)
***
*** which provides a entropy source for the whole system. It is written
*** in Perl and available at the GnuPG FTP servers. For more information
*** consult the GnuPG webpages:
***
*** http://www.gnupg.org/download.html#egd
***
-*** You may want to run ./configure with --enable-static-rnd=none to be
-*** able to load the EGD client code dynamically; this way you can choose
-*** between RNDUNIX and RNDEGD without recompilation.
+*** You may want to run ./configure with --enable-static-rnd=egd to use it.
***]])
-fi
-
-dnl
-dnl Parse the modules list and build the list
-dnl of static and dynamically linked modules
-dnl
-dnl (We always need a static rmd160)
-static_modules="$static_modules rmd160 $static_random_module"
-STATIC_CIPHER_NAMES=""
-STATIC_CIPHER_OBJS=""
-DYNAMIC_CIPHER_MODS=""
-show_dynlink=""
-for name in $MODULES_IN_CIPHER; do
- x="yes"
- for i in $disallowed_modules; do
- if test "$name" = "$i" ; then x="no" ; fi
- done;
- if test $x = yes; then
- x="no"
- for i in $static_modules; do
- if test "$name" = "$i" ; then
- x="yes"
- fi
- done;
- if test $x = yes; then
- STATIC_CIPHER_NAMES="$STATIC_CIPHER_NAMES $name"
- STATIC_CIPHER_OBJS="$STATIC_CIPHER_OBJS $name.o"
- else
- DYNAMIC_CIPHER_MODS="$DYNAMIC_CIPHER_MODS $name"
- show_dynlink="$show_dynlink $name"
- fi
- fi
-done
-AC_SUBST(STATIC_CIPHER_OBJS)
-AC_SUBST(STATIC_CIPHER_NAMES)
-AC_SUBST(DYNAMIC_CIPHER_MODS)
-
-dnl
-dnl And build the constructor file
-dnl
-
-test -d cipher || mkdir cipher
-cat <<G10EOF >cipher/construct.c
-/* automatically generated by configure - do not edit */
-
-G10EOF
-show_statlink=""
-for name in $STATIC_CIPHER_NAMES; do
- echo "void ${name}_constructor(void);" >>cipher/construct.c
- show_statlink="$show_statlink $name"
-done
-
-cat <<G10EOF >>cipher/construct.c
-
-void
-cipher_modules_constructor(void)
-{
- static int done = 0;
- if( done )
- return;
- done = 1;
-
-G10EOF
-for name in $STATIC_CIPHER_NAMES; do
- echo " ${name}_constructor();" >>cipher/construct.c
-done
-echo '}' >>cipher/construct.c
-
-
-
+ ;;
+ rndegd)
+ AC_DEFINE(USE_RNDEGD,1,
+ [Defined if the EGD based RNG shoudl be used.])
+ ;;
+ rndw32)
+ AC_DEFINE(USE_RNDW32,1,
+ [Defined if the Windows specific RNG should be used.])
+ ;;
+ *)
+ AC_MSG_ERROR(no random module available)
+ ;;
+esac
-dnl
-dnl Figure how to link the cipher modules
-dnl
-AC_SUBST(STATIC_CIPHER_OBJS)
-AC_SUBST(DYNAMIC_CIPHER_MODS)
+# We don't need idea but some people claim that they need it for
+# research etc., so we allow to place an idea source code into the
+# cipher directory and statically link it if available, otherwise we
+# link to a stub. We don't use AC_CHECK_FILE to avoid caching.
+AC_MSG_CHECKING(for extra cipher modules)
+tmp=""
+if test -f $srcdir/cipher/idea.c; then
+ IDEA_O=idea.o
+ tmp=idea
+else
+ IDEA_O=idea-stub.o
+fi
+AC_SUBST(IDEA_O)
+AC_MSG_RESULT($tmp)
dnl setup assembler stuff
AC_MSG_CHECKING(for mpi assembler functions)
if test -f $srcdir/mpi/config.links ; then
. $srcdir/mpi/config.links
AC_CONFIG_LINKS("$mpi_ln_list")
ac_cv_mpi_extra_asm_modules="$mpi_extra_modules"
ac_cv_mpi_sflags="$mpi_sflags"
ac_cv_mpi_config_done="yes"
AC_MSG_RESULT(done)
else
AC_MSG_RESULT(failed)
AC_MSG_ERROR([mpi/config.links missing!])
fi
MPI_EXTRA_ASM_OBJS=""
show_extraasm=""
if test "$ac_cv_mpi_extra_asm_modules" != ""; then
for i in $ac_cv_mpi_extra_asm_modules; do
show_extraasm="$show_extraasm $i"
MPI_EXTRA_ASM_OBJS="$MPI_EXTRA_ASM_OBJS $i.o"
done
fi
AC_SUBST(MPI_EXTRA_ASM_OBJS)
MPI_SFLAGS="$ac_cv_mpi_sflags"
AC_SUBST(MPI_SFLAGS)
dnl Do we have zlib? Must do it here because Solaris failed
dnl when compiling a conftest (due to the "-lz" from LIBS).
use_local_zlib=yes
if test "$g10_force_zlib" = "yes"; then
:
else
_cppflags="${CPPFLAGS}"
_ldflags="${LDFLAGS}"
AC_ARG_WITH(zlib,
[ --with-zlib=DIR use libz in DIR],[
if test -d "$withval"; then
CPPFLAGS="${CPPFLAGS} -I$withval/include"
LDFLAGS="${LDFLAGS} -L$withval/lib"
fi
])
AC_CHECK_HEADER(zlib.h,
AC_CHECK_LIB(z, deflateInit2_,
use_local_zlib=no
LIBS="$LIBS -lz",
CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}),
CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags})
fi
if test "$use_local_zlib" = yes ; then
AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, true)
AC_CONFIG_LINKS(zlib.h:zlib/zlib.h zconf.h:zlib/zconf.h )
ZLIBS="../zlib/libzlib.a"
else
AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, false)
ZLIBS=
fi
AC_SUBST(ZLIBS)
# Allow users to append something to the version string without
# flagging it as development version. The user version parts is
# considered everything after a dash.
if test "$development_version" != yes; then
changequote(,)dnl
tmp_pat='[a-zA-Z]'
changequote([,])dnl
if echo "$VERSION" | sed 's/-.*//' | grep "$tmp_pat" >/dev/null ; then
development_version=yes
fi
fi
if test "$development_version" = yes; then
AC_DEFINE(IS_DEVELOPMENT_VERSION,1,
[Defined if this is not a regular release])
fi
AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes)
GNUPG_CHECK_GNUMAKE
# add some extra libs here so that previous tests don't fail for
# mysterious reasons - the final link step should bail out.
case "${target}" in
*-*-mingw32*)
LIBS="$LIBS -lwsock32"
;;
*)
;;
esac
if test "$GCC" = yes; then
if test "$USE_MAINTAINER_MODE" = "yes"; then
CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes"
else
CFLAGS="$CFLAGS -Wall"
fi
fi
AC_SUBST(NETLIBS)
# Note the \\\\ for backslashes. Autoconf eats one layer, leaving \\
AC_SUBST(GNUPG_LIBEXECDIR,"${libexecdir}/gnupg")
AC_CONFIG_COMMANDS(g10defs.h,[[
cat >g10defs.tmp <<G10EOF
/* Generated automatically by configure */
#ifdef HAVE_DRIVE_LETTERS
#define G10_LOCALEDIR "c:\\\\lib\\\\gnupg\\\\locale"
#define GNUPG_LIBDIR "c:\\\\lib\\\\gnupg"
#define GNUPG_LIBEXECDIR "c:\\\\lib\\\\gnupg"
#define GNUPG_DATADIR "c:\\\\lib\\\\gnupg"
#define GNUPG_HOMEDIR "c:\\\\gnupg"
#else
#define G10_LOCALEDIR "${datadir}/locale"
#define GNUPG_LIBDIR "${libdir}/gnupg"
#define GNUPG_LIBEXECDIR "${libexecdir}/gnupg"
#define GNUPG_DATADIR "${datadir}/gnupg"
#ifdef __VMS
#define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg"
#else
#define GNUPG_HOMEDIR "~/.gnupg"
#endif
#endif
/* those are here to be redefined by handcrafted g10defs.h.
Please note that the string version must not contain more
than one character because the using code assumes strlen()==1 */
#ifdef HAVE_DOSISH_SYSTEM
#define DIRSEP_C '\\\\'
#define EXTSEP_C '.'
#define DIRSEP_S "\\\\"
#define EXTSEP_S "."
#else
#define DIRSEP_C '/'
#define EXTSEP_C '.'
#define DIRSEP_S "/"
#define EXTSEP_S "."
#endif
G10EOF
cat mpi/mpi-asm-defs.h >>g10defs.tmp
if cmp -s g10defs.h g10defs.tmp 2>/dev/null; then
echo "g10defs.h is unchanged"
rm -f g10defs.tmp
else
rm -f g10defs.h
mv g10defs.tmp g10defs.h
echo "g10defs.h created"
fi
]],[[
prefix=$prefix
exec_prefix=$exec_prefix
libdir=$libdir
libexecdir=$libexecdir
datadir=$datadir
DATADIRNAME=$DATADIRNAME
]])
AC_CONFIG_FILES([
Makefile
intl/Makefile
po/Makefile.in
util/Makefile
mpi/Makefile
cipher/Makefile
g10/Makefile
keyserver/Makefile
keyserver/gpgkeys_mailto
keyserver/gpgkeys_test
doc/Makefile
tools/Makefile
zlib/Makefile
checks/Makefile
])
AC_OUTPUT
# Give some feedback
echo
echo " Configured for: $PRINTABLE_OS_NAME ($target)"
-if test -n "$show_dynlink"; then
- echo " Dynamically linked modules:$show_dynlink"
-fi
-if test -n "$show_statlink"; then
- echo " Statically linked modules:$show_statlink"
-fi
if test -n "$show_extraasm"; then
echo " Extra cpu specific functions:$show_extraasm"
fi
echo
-
diff --git a/doc/gpg.sgml b/doc/gpg.sgml
index 8899121f7..98610b699 100644
--- a/doc/gpg.sgml
+++ b/doc/gpg.sgml
@@ -1,2416 +1,2417 @@
<!-- gpg.sgml - the man page for GnuPG
Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
This file is part of GnuPG.
GnuPG is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
GnuPG is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-->
<!-- This file should be processed by docbook-to-man to
create a manual page. This program has currently the bug
not to remove leading white space. So this source file does
not look very pretty
FIXME: generated a file with entity (e.g. pathnames) from the
configure scripts and include it here
-->
<!DOCTYPE refentry PUBLIC "-//Davenport//DTD DocBook V3.0//EN" [
<!entity ParmDir "<parameter>directory</parameter>">
<!entity ParmFile "<parameter>file</parameter>">
<!entity OptParmFile "<optional>&ParmFile;</optional>">
<!entity ParmFiles "<parameter>files</parameter>">
<!entity OptParmFiles "<optional>&ParmFiles;</optional>">
<!entity ParmNames "<parameter>names</parameter>">
<!entity OptParmNames "<optional>&ParmNames;</optional>">
<!entity ParmName "<parameter>name</parameter>">
<!entity OptParmName "<optional>&ParmName;</optional>">
<!entity ParmKeyIDs "<parameter>key IDs</parameter>">
<!entity ParmN "<parameter>n</parameter>">
<!entity ParmFlags "<parameter>flags</parameter>">
<!entity ParmString "<parameter>string</parameter>">
<!entity ParmValue "<parameter>value</parameter>">
<!entity ParmNameValue "<parameter>name=value</parameter>">
<!entity ParmNameValues "<parameter>name=value1 <optional>value2 value3 ...</optional></parameter>">
]>
<refentry id="gpg">
<refmeta>
<refentrytitle>gpg</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="gnu">GNU Tools</refmiscinfo>
</refmeta>
<refnamediv>
<refname/gpg/
<refpurpose>encryption and signing tool</>
</refnamediv>
<refsynopsisdiv>
<synopsis>
<command>gpg</>
<optional>--homedir <parameter/name/</optional>
<optional>--options <parameter/file/</optional>
<optional><parameter/options/</optional>
<parameter>command</>
<optional><parameter/args/</optional>
</synopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<command/gpg/ is the main program for the GnuPG system.
</para>
<para>
This man page only lists the commands and options available.
For more verbose documentation get the GNU Privacy Handbook (GPH) or
one of the other documents at http://www.gnupg.org/docs.html .
</para>
<para>
Please remember that option parsing stops as soon as a non option is
encountered, you can explicitly stop option parsing by using the
special option "--".
</para>
</refsect1>
<refsect1>
<title>COMMANDS</title>
<para>
<command/gpg/ recognizes these commands:
</para>
<variablelist>
<varlistentry>
<term>-s, --sign</term>
<listitem><para>
Make a signature. This command may be combined
with --encrypt.
</para></listitem></varlistentry>
<varlistentry>
<term>--clearsign</term>
<listitem><para>
Make a clear text signature.
</para></listitem></varlistentry>
<varlistentry>
<term>-b, --detach-sign</term>
<listitem><para>
Make a detached signature.
</para></listitem></varlistentry>
<varlistentry>
<term>-e, --encrypt</term>
<listitem><para>
Encrypt data. This option may be combined with --sign.
</para></listitem></varlistentry>
<varlistentry>
<term>-c, --symmetric</term>
<listitem><para>
Encrypt with symmetric cipher only.
This command asks for a passphrase.
</para></listitem></varlistentry>
<varlistentry>
<term>--store</term>
<listitem><para>
Store only (make a simple RFC1991 packet).
</para></listitem></varlistentry>
<varlistentry>
<term>--decrypt &OptParmFile;</term>
<listitem><para>
Decrypt &ParmFile; (or stdin if no file is specified) and
write it to stdout (or the file specified with
--output). If the decrypted file is signed, the
signature is also verified. This command differs
from the default operation, as it never writes to the
filename which is included in the file and it
rejects files which don't begin with an encrypted
message.
</para></listitem></varlistentry>
<varlistentry>
<term>--verify <optional><optional><parameter/sigfile/</optional>
<optional><parameter/signed-files/</optional></optional></term>
<listitem><para>
Assume that <parameter/sigfile/ is a signature and verify it
without generating any output. With no arguments,
the signature packet is read from stdin. If
only a sigfile is given, it may be a complete
signature or a detached signature, in which case
the signed stuff is expected in a file without the
".sig" or ".asc" extension.
With more than
1 argument, the first should be a detached signature
and the remaining files are the signed stuff. To read the signed
stuff from stdin, use <literal>-</literal> as the second filename.
For security reasons a detached signature cannot read the signed
material from stdin without denoting it in the above way.
</para></listitem></varlistentry>
<varlistentry>
<term>--verify-files <optional><parameter/files/</optional></term>
<listitem><para>
This is a special version of the --verify command which does not work with
detached signatures. The command expects the files to be verified either
on the command line or reads the filenames from stdin; each name must be on
separate line. The command is intended for quick checking of many files.
</para></listitem></varlistentry>
<varlistentry>
<term>--encrypt-files <optional><parameter/files/</optional></term>
<listitem><para>
This is a special version of the --encrypt command. The command expects
the files to be encrypted either on the command line or reads the filenames
from stdin; each name must be on separate line. The command is intended
for a quick encryption of multiple files.
</para></listitem></varlistentry>
<varlistentry>
<term>--decrypt-files <optional><parameter/files/</optional></term>
<listitem><para>
The same as --encrypt-files with the difference that files will be
decrypted. The syntax or the filenames is the same.
</para></listitem></varlistentry>
<!--
B<-k> [I<username>] [I<keyring>]
Kludge to be somewhat compatible with PGP.
Without arguments, all public keyrings are listed.
With one argument, only I<keyring> is listed.
Special combinations are also allowed, but they may
give strange results when combined with more options.
B<-kv> Same as B<-k>
B<-kvv> List the signatures with every key.
B<-kvvv> Additionally check all signatures.
B<-kvc> List fingerprints
B<-kvvc> List fingerprints and signatures
B<This command may be removed in the future!>
-->
<varlistentry>
<term>--list-keys &OptParmNames;</term>
<term>--list-public-keys &OptParmNames;</term>
<listitem><para>
List all keys from the public keyrings, or just the
ones given on the command line.
</para></listitem></varlistentry>
<varlistentry>
<term>--list-secret-keys &OptParmNames;</term>
<listitem><para>
List all keys from the secret keyrings, or just the
ones given on the command line.
</para></listitem></varlistentry>
<varlistentry>
<term>--list-sigs &OptParmNames;</term>
<listitem><para>
Same as --list-keys, but the signatures are listed too.
</para></listitem></varlistentry>
<varlistentry>
<term>--check-sigs &OptParmNames;</term>
<listitem><para>
Same as --list-sigs, but the signatures are verified.
</para></listitem></varlistentry>
<varlistentry>
<term>--fingerprint &OptParmNames;</term>
<listitem><para>
List all keys with their fingerprints. This is the
same output as --list-keys but with the additional output
of a line with the fingerprint. May also be combined
with --list-sigs or --check-sigs.
If this command is given twice, the fingerprints of all
secondary keys are listed too.
</para></listitem></varlistentry>
<varlistentry>
<term>--list-packets</term>
<listitem><para>
List only the sequence of packets. This is mainly
useful for debugging.
</para></listitem></varlistentry>
<varlistentry>
<term>--gen-key</term>
<listitem><para>
Generate a new key pair. This command is normally only used
interactively.
</para>
<para>
There is an experimental feature which allows you to create keys
in batch mode. See the file <filename>doc/DETAILS</filename>
in the source distribution on how to use this.
</para></listitem></varlistentry>
<varlistentry>
<term>--edit-key &ParmName;</term>
<listitem><para>
Present a menu which enables you to do all key
related tasks:</para>
<variablelist>
<varlistentry>
<term>sign</term>
<listitem><para>
Make a signature on key of user &ParmName;
If the key is not yet signed by the default
user (or the users given with -u), the
program displays the information of the key
again, together with its fingerprint and
asks whether it should be signed. This
question is repeated for all users specified
with -u.</para></listitem></varlistentry>
<varlistentry>
<term>lsign</term>
<listitem><para>
Same as --sign but the signature is marked as
non-exportable and will therefore never be used
by others. This may be used to make keys valid
only in the local environment.</para></listitem></varlistentry>
<varlistentry>
<term>nrsign</term>
<listitem><para>
Same as --sign but the signature is marked as non-revocable and can
therefore never be revoked.</para></listitem></varlistentry>
<varlistentry>
<term>nrlsign</term>
<listitem><para>
Combines the functionality of nrsign and lsign to make a signature
that is both non-revocable and
non-exportable.</para></listitem></varlistentry>
<varlistentry>
<term>revsig</term>
<listitem><para>
Revoke a signature. GnuPG asks for every
signature which has been done by one of
the secret keys, whether a revocation
certificate should be generated.</para></listitem></varlistentry>
<varlistentry>
<term>trust</term>
<listitem><para>
Change the owner trust value. This updates the
trust-db immediately and no save is required.</para></listitem></varlistentry>
<varlistentry>
<term>disable</term>
<term>enable</term>
<listitem><para>
Disable or enable an entire key. A disabled key can normally not be used
for encryption.</para></listitem></varlistentry>
<varlistentry>
<term>adduid</term>
<listitem><para>
Create an alternate user id.</para></listitem></varlistentry>
<varlistentry>
<term>addphoto</term>
<listitem><para>
Create a photographic user id.</para></listitem></varlistentry>
<varlistentry>
<term>deluid</term>
<listitem><para>
Delete a user id.</para></listitem></varlistentry>
<varlistentry>
<term>addkey</term>
<listitem><para>
Add a subkey to this key.</para></listitem></varlistentry>
<varlistentry>
<term>delkey</term>
<listitem><para>
Remove a subkey.</para></listitem></varlistentry>
<varlistentry>
<term>addrevoker</term>
<listitem><para>
Add a designated revoker. This takes one optional argument:
"sensitive". If a designated revoker is marked as sensitive, it will
not be exported by default (see
export-options).</para></listitem></varlistentry>
<varlistentry>
<term>revkey</term>
<listitem><para>
Revoke a subkey.</para></listitem></varlistentry>
<varlistentry>
<term>expire</term>
<listitem><para>
Change the key expiration time. If a key is
selected, the time of this key will be changed.
With no selection the key expiration of the
primary key is changed.</para></listitem></varlistentry>
<varlistentry>
<term>passwd</term>
<listitem><para>
Change the passphrase of the secret key.</para></listitem></varlistentry>
<varlistentry>
<term>primary</term>
<listitem><para>
Flag the current user id as the primary one, removes the primary user
id flag from all other user ids and sets the timestamp of all affected
self-signatures one second ahead. Note that setting a photo user ID
as primary makes it primary over other photo user IDs, and setting a
regular user ID as primary makes it primary over other regular user
IDs.
</para></listitem></varlistentry>
<varlistentry>
<term>uid &ParmN;</term>
<listitem><para>
Toggle selection of user id with index &ParmN;.
Use 0 to deselect all.</para></listitem></varlistentry>
<varlistentry>
<term>key &ParmN;</term>
<listitem><para>
Toggle selection of subkey with index &ParmN;.
Use 0 to deselect all.</para></listitem></varlistentry>
<varlistentry>
<term>check</term>
<listitem><para>
Check all selected user ids.</para></listitem></varlistentry>
<varlistentry>
<term>showphoto</term>
<listitem><para>
Display the selected photographic user
id.</para></listitem></varlistentry>
<varlistentry>
<term>pref</term>
<listitem><para>
List preferences from the selected user ID. This shows the actual
preferences, without including any implied preferences.
</para></listitem></varlistentry>
<varlistentry>
<term>showpref</term>
<listitem><para>
More verbose preferences listing for the selected user ID. This shows
the preferences in effect by including the implied preferences of
3DES (cipher), SHA-1 (digest), and Uncompressed (compression) if they
are not already included in the preference list.
</para></listitem></varlistentry>
<varlistentry>
<term>setpref &ParmString;</term>
<listitem><para>
Set the list of user ID preferences to &ParmString;, this should be a
string similar to the one printed by "pref". Using an empty string
will set the default preference string, using "none" will set the
preferences to nil. Use "gpg -v --version" to get a list of available
algorithms. This command just initializes an internal list and does
not change anything unless another command (such as "updpref") which
changes the self-signatures is used.
</para></listitem></varlistentry>
<varlistentry>
<term>updpref</term>
<listitem><para>
Change the preferences of all user IDs (or just of the selected ones
to the current list of preferences. The timestamp of all affected
self-signatures will be advanced by one second. Note that while you
can change the preferences on an attribute user ID (aka "photo ID"),
GnuPG does not select keys via attribute user IDs so these preferences
will not be used by GnuPG.
</para></listitem></varlistentry>
<varlistentry>
<term>toggle</term>
<listitem><para>
Toggle between public and secret key listing.</para></listitem></varlistentry>
<varlistentry>
<term>save</term>
<listitem><para>
Save all changes to the key rings and quit.</para></listitem></varlistentry>
<varlistentry>
<term>quit</term>
<listitem><para>
Quit the program without updating the
key rings.</para></listitem></varlistentry>
</variablelist>
<para>
The listing shows you the key with its secondary
keys and all user ids. Selected keys or user ids
are indicated by an asterisk. The trust value is
displayed with the primary key: the first is the
assigned owner trust and the second is the calculated
trust value. Letters are used for the values:</para>
<variablelist>
<varlistentry><term>-</term><listitem><para>No ownertrust assigned / not yet calculated.</para></listitem></varlistentry>
<varlistentry><term>e</term><listitem><para>Trust
calculation has failed; probably due to an expired key.</para></listitem></varlistentry>
<varlistentry><term>q</term><listitem><para>Not enough information for calculation.</para></listitem></varlistentry>
<varlistentry><term>n</term><listitem><para>Never trust this key.</para></listitem></varlistentry>
<varlistentry><term>m</term><listitem><para>Marginally trusted.</para></listitem></varlistentry>
<varlistentry><term>f</term><listitem><para>Fully trusted.</para></listitem></varlistentry>
<varlistentry><term>u</term><listitem><para>Ultimately trusted.</para></listitem></varlistentry>
</variablelist>
</listitem></varlistentry>
<varlistentry>
<term>--sign-key &ParmName;</term>
<listitem><para>
Signs a public key with your secret key. This is a shortcut version of
the subcommand "sign" from --edit.
</para></listitem></varlistentry>
<varlistentry>
<term>--lsign-key &ParmName;</term>
<listitem><para>
Signs a public key with your secret key but marks it as
non-exportable. This is a shortcut version of the subcommand "lsign"
from --edit.
</para></listitem></varlistentry>
<varlistentry>
<term>--nrsign-key &ParmName;</term>
<listitem><para>
Signs a public key with your secret key but marks it as non-revocable.
This is a shortcut version of the subcommand "nrsign" from --edit.
</para></listitem></varlistentry>
<varlistentry>
<term>--delete-key &ParmName;</term>
<listitem><para>
Remove key from the public keyring. In batch mode either --yes is
required or the key must be specified by fingerprint. This is a
safeguard against accidental deletion of multiple keys.
</para></listitem></varlistentry>
<varlistentry>
<term>--delete-secret-key &ParmName;</term>
<listitem><para>
Remove key from the secret and public keyring. In batch mode the key
must be specified by fingerprint.
</para></listitem></varlistentry>
<varlistentry>
<term>--delete-secret-and-public-key &ParmName;</term>
<listitem><para>
Same as --delete-key, but if a secret key exists, it will be removed
first. In batch mode the key must be specified by fingerprint.
</para></listitem></varlistentry>
<varlistentry>
<term>--gen-revoke</term>
<listitem><para>
Generate a revocation certificate for the complete key. To revoke
a subkey or a signature, use the --edit command.
</para></listitem></varlistentry>
<varlistentry>
<term>--desig-revoke</term>
<listitem><para>
Generate a designated revocation certificate for a key. This allows a
user (with the permission of the keyholder) to revoke someone elses
key.
</para></listitem></varlistentry>
<varlistentry>
<term>--export &OptParmNames;</term>
<listitem><para>
Either export all keys from all keyrings (default
keyrings and those registered via option --keyring),
or if at least one name is given, those of the given
name. The new keyring is written to stdout or to
the file given with option "output". Use together
with --armor to mail those keys.
</para></listitem></varlistentry>
<varlistentry>
<term>--send-keys &OptParmNames;</term>
<listitem><para>
Same as --export but sends the keys to a keyserver.
Option --keyserver must be used to give the name
of this keyserver. Don't send your complete keyring
to a keyserver - select only those keys which are new
or changed by you.
</para></listitem></varlistentry>
<varlistentry>
<term>--export-all &OptParmNames;</term>
<listitem><para>
Same as --export, but also exports keys which
are not compatible with OpenPGP.
</para></listitem></varlistentry>
<varlistentry>
<term>--export-secret-keys &OptParmNames;</term>
<term>--export-secret-subkeys &OptParmNames;</term>
<listitem><para>
Same as --export, but exports the secret keys instead.
This is normally not very useful and a security risk.
The second form of the command has the special property to
render the secret part of the primary key useless; this is
a GNU extension to OpenPGP and other implementations can
not be expected to successfully import such a key.
See the option --simple-sk-checksum if you want to import such an
exported key with an older OpenPGP implementation.
</para></listitem></varlistentry>
<varlistentry>
<term>--import &OptParmFiles;</term>
<term>--fast-import &OptParmFiles;</term>
<listitem><para>
Import/merge keys. This adds the given keys to the
keyring. The fast version is currently just a synonym.
</para>
<para>
There are a few other options which control how this command works.
Most notable here is the --merge-only option which does not insert new keys
but does only the merging of new signatures, user-IDs and subkeys.
</para></listitem></varlistentry>
<varlistentry>
<term>--recv-keys &ParmKeyIDs;</term>
<listitem><para>
Import the keys with the given key IDs from a keyserver. Option
--keyserver must be used to give the name of this keyserver.
</para></listitem></varlistentry>
<varlistentry>
<term>--search-keys &OptParmNames;</term>
<listitem><para>
Search the keyserver for the given names. Multiple names given here
will be joined together to create the search string for the keyserver.
Option --keyserver must be used to give the name of this keyserver.
</para></listitem></varlistentry>
<varlistentry>
<term>--update-trustdb</term>
<listitem><para>
Do trust DB maintenance. This command goes over all keys and builds
the Web-of-Trust. This is an interactive command because it may has to
ask for the "ownertrust" values of keys. The user has to give an
estimation in how far she trusts the owner of the displayed key to
correctly certify (sign) other keys. It does only ask for that value
if it has not yet been assigned to a key. Using the edit menu, that
value can be changed at any time later.
</para></listitem></varlistentry>
<varlistentry>
<term>--check-trustdb</term>
<listitem><para>
Do trust DB maintenance without user interaction. Form time to time
the trust database must be updated so that expired keys and resulting
changes in the Web-of-Trust can be tracked. GnuPG tries to figure
when this is required and then does it implicitly; this command can be
used to force such a check. The processing is identically to that of
--update-trustdb but it skips keys with a not yet defined "ownertrust".
</para>
<para>
For use with cron jobs, this command can be used together with --batch
in which case the check is only done when it is due. To force a run
even in batch mode add the option --yes.
</para></listitem></varlistentry>
<varlistentry>
<term>--export-ownertrust &OptParmFile;</term>
<listitem><para>
Store the ownertrust values into
&ParmFile; (or stdin if not given). This is useful for backup
purposes as these values are the only ones which can't be re-created
from a corrupted trust DB.
</para></listitem></varlistentry>
<varlistentry>
<term>--import-ownertrust &OptParmFiles;</term>
<listitem><para>
Update the trustdb with the ownertrust values stored
in &ParmFiles; (or stdin if not given); existing
values will be overwritten.
</para></listitem></varlistentry>
<varlistentry>
<term>--print-md <parameter>algo</parameter> &OptParmFiles;</term>
<term>--print-mds &OptParmFiles;</term>
<listitem><para>
Print message digest of algorithm ALGO for all given files or stdin.
With the second form (or a deprecated "*" as algo) digests for all
available algorithms are printed.
</para></listitem></varlistentry>
<varlistentry>
<term>--gen-random <parameter>0|1|2</parameter>
<optional><parameter>count</parameter></optional></term>
<listitem><para>
Emit COUNT random bytes of the given quality level. If count is not given
or zero, an endless sequence of random bytes will be emitted.
PLEASE, don't use this command unless you know what you are doing; it may
remove precious entropy from the system!
</para></listitem></varlistentry>
<varlistentry>
<term>--gen-prime <parameter>mode</parameter>
<parameter>bits</parameter>
<optional><parameter>qbits</parameter></optional></term>
<listitem><para>
Use the source, Luke :-). The output format is still subject to change.
</para></listitem></varlistentry>
<varlistentry>
<term>--version</term>
<listitem><para>
Print version information along with a list
of supported algorithms.
</para></listitem></varlistentry>
<varlistentry>
<term>--warranty</term>
<listitem><para>
Print warranty information.
</para></listitem></varlistentry>
<varlistentry>
<term>-h, --help</term>
<listitem><para>
Print usage information. This is a really long list even though it doesn't list
all options.
</para></listitem></varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<para>
Long options can be put in an options file (default "~/.gnupg/options").
Do not write the 2 dashes, but simply the name of the option and any
required arguments. Lines with a hash as the first non-white-space
character are ignored. Commands may be put in this file too, but that
does not make sense.
</para>
<para>
<command/gpg/ recognizes these options:
</para>
<variablelist>
<varlistentry>
<term>-a, --armor</term>
<listitem><para>
Create ASCII armored output.
</para></listitem></varlistentry>
<varlistentry>
<term>-o, --output &ParmFile;</term>
<listitem><para>
Write output to &ParmFile;.
</para></listitem></varlistentry>
<varlistentry>
<term>-u, --local-user &ParmName;</term>
<listitem><para>
Use &ParmName as the user ID to sign.
This option is silently ignored for the list commands,
so that it can be used in an options file.
</para></listitem></varlistentry>
<varlistentry>
<term>--default-key &ParmName;</term>
<listitem><para>
Use &ParmName; as default user ID for signatures. If this
is not used the default user ID is the first user ID
found in the secret keyring.
</para></listitem></varlistentry>
<varlistentry>
<term>-r, --recipient &ParmName;</term>
<term></term>
<listitem><para>
Encrypt for user id &ParmName;. If this option is not
specified, GnuPG asks for the user-id unless --default-recipient is given
</para></listitem></varlistentry>
<varlistentry>
<term>--default-recipient &ParmName;</term>
<listitem><para>
Use &ParmName; as default recipient if option --recipient is not used and
don't ask if this is a valid one. &ParmName; must be non-empty.
</para></listitem></varlistentry>
<varlistentry>
<term>--default-recipient-self</term>
<listitem><para>
Use the default key as default recipient if option --recipient is not used and
don't ask if this is a valid one. The default key is the first one from the
secret keyring or the one set with --default-key.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-default-recipient</term>
<listitem><para>
Reset --default-recipient and --default-recipient-self.
</para></listitem></varlistentry>
<varlistentry>
<term>--encrypt-to &ParmName;</term>
<listitem><para>
Same as --recipient but this one is intended for use
in the options file and may be used with
your own user-id as an "encrypt-to-self". These keys
are only used when there are other recipients given
either by use of --recipient or by the asked user id.
No trust checking is performed for these user ids and
even disabled keys can be used.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-encrypt-to</term>
<listitem><para>
Disable the use of all --encrypt-to keys.
</para></listitem></varlistentry>
<varlistentry>
<term>-v, --verbose</term>
<listitem><para>
Give more information during processing. If used
twice, the input data is listed in detail.
</para></listitem></varlistentry>
<varlistentry>
<term>-q, --quiet</term>
<listitem><para>
Try to be as quiet as possible.
</para></listitem></varlistentry>
<varlistentry>
<term>-z &ParmN;, --compress &ParmN;</term>
<listitem><para>
Set compression level to &ParmN;. A value of 0 for &ParmN;
disables compression. Default is to use the default
compression level of zlib (normally 6).
</para></listitem></varlistentry>
<varlistentry>
<term>-t, --textmode</term>
<listitem><para>
Use canonical text mode. If -t (but not
--textmode) is used together with armoring
and signing, this enables clearsigned messages.
This kludge is needed for PGP compatibility;
normally you would use --sign or --clearsign
to selected the type of the signature.
</para></listitem></varlistentry>
<varlistentry>
<term>-n, --dry-run</term>
<listitem><para>
Don't make any changes (this is not completely implemented).
</para></listitem></varlistentry>
<varlistentry>
<term>-i, --interactive</term>
<listitem><para>
Prompt before overwriting any files.
</para></listitem></varlistentry>
<varlistentry>
<term>--batch</term>
<listitem><para>
Use batch mode. Never ask, do not allow interactive
commands.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-tty</term>
<listitem><para>
Make sure that the TTY (terminal) is never used for any output.
This option is needed in some cases because GnuPG sometimes prints
warnings to the TTY if --batch is used.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-batch</term>
<listitem><para>
Disable batch mode. This may be of use if --batch
is enabled from an options file.
</para></listitem></varlistentry>
<varlistentry>
<term>--yes</term>
<listitem><para>
Assume "yes" on most questions.
</para></listitem></varlistentry>
<varlistentry>
<term>--no</term>
<listitem><para>
Assume "no" on most questions.
</para></listitem></varlistentry>
<varlistentry>
<term>--default-cert-check-level &ParmN;</term>
<listitem><para>
The default to use for the check level when signing a key.
</para><para>
0 means you make no particular claim as to how carefully you verified
the key.
</para><para>
1 means you believe the key is owned by the person who claims to own
it but you could not, or did not verify the key at all. This is
useful for a "persona" verification, where you sign the key of a
pseudonymous user.
</para><para>
2 means you did casual verification of the key. For example, this
could mean that you verified that the key fingerprint and checked the
user ID on the key against a photo ID.
</para><para>
3 means you did extensive verification of the key. For example, this
could mean that you verified the key fingerprint with the owner of the
key in person, and that you checked, by means of a hard to forge
document with a photo ID (such as a passport) that the name of the key
owner matches the name in the user ID on the key, and finally that you
verified (by exchange of email) that the email address on the key
belongs to the key owner.
</para><para>
Note that the examples given above for levels 2 and 3 are just that:
examples. In the end, it is up to you to decide just what "casual"
and "extensive" mean to you.
</para><para>
This option defaults to 0.
</para></listitem></varlistentry>
<varlistentry>
<term>--trusted-key <parameter>long key ID</parameter></term>
<listitem><para>
Assume that the specified key (which must be given
as a full 8 byte key ID) is as trustworthy as one of
your own secret keys. This option is useful if you
don't want to keep your secret keys (or one of them)
online but still want to be able to check the validity of a given
recipient's or signator's key.
</para></listitem></varlistentry>
<varlistentry>
<term>--always-trust</term>
<listitem><para>
Skip key validation and assume that used keys are always fully trusted.
You won't use this unless you have installed some external validation
scheme. This option also suppresses the "[uncertain]" tag printed
with signature checks when there is no evidence that the user ID
is bound to the key.
</para></listitem></varlistentry>
<varlistentry>
<term>--keyserver &ParmName;</term>
<listitem><para>
Use &ParmName as your keyserver. This is the server that --recv-keys,
--send-keys, and --search-keys will communicate with to receive keys
from, send keys to, and search for keys on. The format of the
&ParmName is a URI: `scheme:[//]keyservername[:port]' The scheme is
the type of keyserver: "hkp" for the Horowitz (or compatible)
keyservers, "ldap" for the NAI LDAP keyserver, or "mailto" for the
Horowitz email keyserver. Note that your particular installation of
GnuPG may have other keyserver types available as well.
</para><para>
Most keyservers synchronize with each other, so there is generally no
need to send keys to more than one server. Using the command "host -l
pgp.net | grep wwwkeys" gives you a list of HKP keyservers. When
using one of the wwwkeys servers, due to load balancing using
round-robin DNS you may notice that you get a different key server
each time.
</para></listitem></varlistentry>
<varlistentry>
<term>--keyserver-options <parameter>parameters</parameter></term>
<listitem><para>
This is a space or comma delimited string that gives options for the
keyserver. Options can be prepended with a `no-' to give the opposite
meaning. Valid import-options or export-options may be used here as
well to apply to importing (--recv-key) or exporting (--send-key) a
key from a keyserver. While not all options are available for all
keyserver types, some common options are:
<variablelist>
<varlistentry>
<term>include-revoked</term>
<listitem><para>
When receiving or searching for a key, include keys that are marked on
the keyserver as revoked. Note that this option is always set when
using the NAI HKP keyserver, as this keyserver does not differentiate
between revoked and unrevoked keys.
</para></listitem></varlistentry>
<varlistentry>
<term>include-disabled</term>
<listitem><para>
When receiving or searching for a key, include keys that are marked on
the keyserver as disabled. Note that this option is not used with HKP
keyservers, as they do not support disabling keys.
</para></listitem></varlistentry>
<varlistentry>
<term>use-temp-files</term>
<listitem><para>
On most Unix-like platforms, GnuPG communicates with the keyserver
helper program via pipes, which is the most efficient method. This
option forces GnuPG to use temporary files to communicate. On some
platforms (such as Win32 and RISC OS), this option is always enabled.
</para></listitem></varlistentry>
<varlistentry>
<term>keep-temp-files</term>
<listitem><para>
If using `use-temp-files', do not delete the temp files after using
them. This option is useful to learn the keyserver communication
protocol by reading the temporary files.
</para></listitem></varlistentry>
<varlistentry>
<term>verbose</term>
<listitem><para>
Tell the keyserver helper program to be more verbose. This option can
be repeated multiple times to increase the verbosity level.
</para></listitem></varlistentry>
<varlistentry>
<term>honor-http-proxy</term>
<listitem><para>
For keyserver schemes that use HTTP (such as HKP), try to access the
keyserver over the proxy set with the environment variable
"http_proxy".
</para></listitem></varlistentry>
<varlistentry>
<term>auto-key-retrieve</term>
<listitem><para>
This option enables the automatic retrieving of keys from a keyserver
when verifying signatures made by keys that are not on the local
keyring.
</para></listitem></varlistentry>
</variablelist>
</para></listitem></varlistentry>
<varlistentry>
<term>--import-options <parameter>parameters</parameter></term>
<listitem><para>
This is a space or comma delimited string that gives options for
importing keys. Options can be prepended with a `no-' to give the
opposite meaning. The options are:
<variablelist>
<varlistentry>
<term>allow-local-sigs</term>
<listitem><para>
Allow importing key signatures marked as "local". This is not
generally useful unless a shared keyring scheme is being used.
Defaults to no.
</para></listitem></varlistentry>
<varlistentry>
<term>repair-hkp-subkey-bug</term>
<listitem><para>
During import, attempt to repair the HKP keyserver mangling multiple
subkeys bug. Note that this cannot completely repair the damaged key
as some crucial data is removed by the keyserver, but it does at least
give you back one subkey. Defaults to no for regular --import and to
yes for keyserver --recv-keys.
</para></listitem></varlistentry>
</variablelist>
</para></listitem></varlistentry>
<varlistentry>
<term>--export-options <parameter>parameters</parameter></term>
<listitem><para>
This is a space or comma delimited string that gives options for
exporting keys. Options can be prepended with a `no-' to give the
opposite meaning. The options are:
<variablelist>
<varlistentry>
<term>include-non-rfc</term>
<listitem><para>
Include non-RFC compliant keys in the export. Defaults to yes.
</para></listitem></varlistentry>
<varlistentry>
<term>include-local-sigs</term>
<listitem><para>
Allow exporting key signatures marked as "local". This is not
generally useful unless a shared keyring scheme is being used.
Defaults to no.
</para></listitem></varlistentry>
<varlistentry>
<term>include-attributes</term>
<listitem><para>
Include attribute user IDs (photo IDs) while exporting. This is
useful to export keys if they are going to be used by an OpenPGP
program that does not accept attribute user IDs. Defaults to yes.
</para></listitem></varlistentry>
<varlistentry>
<term>include-sensitive-revkeys</term>
<listitem><para>
Include designated revoker information that was marked as
"sensitive". Defaults to no.
</para></listitem></varlistentry>
</variablelist>
</para></listitem></varlistentry>
<varlistentry>
<term>--show-photos</term>
<listitem><para>
Causes --list-keys, --list-sigs, --list-public-keys,
--list-secret-keys, and verifying a signature to also display the
photo ID attached to the key, if any.
See also --photo-viewer.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-show-photos</term>
<listitem><para>
Resets the --show-photos flag.
</para></listitem></varlistentry>
<varlistentry>
<term>--photo-viewer &ParmString;</term>
<listitem><para>
This is the command line that should be run to view a photo ID. "%i"
will be expanded to a filename containing the photo. "%I" does the
same, except the file will not be deleted once the viewer exits.
Other flags are "%k" for the key ID, "%K" for the long key ID, "%f"
for the key fingerprint, "%t" for the extension of the image type
(e.g. "jpg"), "%T" for the MIME type of the image (e.g. "image/jpeg"),
and "%%" for an actual percent sign. If neither %i or %I are present,
then the photo will be supplied to the viewer on standard input.
</para><para>
The default viewer is "xloadimage -fork -quiet -title 'KeyID 0x%k'
stdin"
</para></listitem></varlistentry>
<varlistentry>
<term>--exec-path &ParmString;</term>
<listitem><para>
Sets a list of directories to search for photo viewers and keyserver
helpers. If not provided, keyserver helpers use the compiled-in
default directory, and photo viewers use the $PATH environment
variable.
</para></listitem></varlistentry>
<varlistentry>
<term>--show-keyring</term>
<listitem><para>
Causes --list-keys, --list-public-keys, and --list-secret-keys to
display the name of the keyring a given key resides on. This is only
useful when you're listing a specific key or set of keys. It has no
effect when listing all keys.
</para></listitem></varlistentry>
<varlistentry>
<term>--keyring &ParmFile;</term>
<listitem><para>
Add &ParmFile to the list of keyrings.
If &ParmFile begins with a tilde and a slash, these
are replaced by the HOME directory. If the filename
does not contain a slash, it is assumed to be in the
home-directory ("~/.gnupg" if --homedir is not used).
The filename may be prefixed with a scheme:</para>
<para>"gnupg-ring:" is the default one.</para>
<para>It might make sense to use it together with --no-default-keyring.
</para></listitem></varlistentry>
<varlistentry>
<term>--secret-keyring &ParmFile;</term>
<listitem><para>
Same as --keyring but for the secret keyrings.
</para></listitem></varlistentry>
<varlistentry>
<term>--homedir &ParmDir;</term>
<listitem><para>
Set the name of the home directory to &ParmDir; If this
option is not used it defaults to "~/.gnupg". It does
not make sense to use this in a options file. This
also overrides the environment variable "GNUPGHOME".
</para></listitem></varlistentry>
<varlistentry>
<term>--charset &ParmName;</term>
<listitem><para>
Set the name of the native character set. This is used
to convert some strings to proper UTF-8 encoding.
Valid values for &ParmName; are:</para>
<variablelist>
<varlistentry>
<term>iso-8859-1</term><listitem><para>This is the default Latin 1 set.</para></listitem>
</varlistentry>
<varlistentry>
<term>iso-8859-2</term><listitem><para>The Latin 2 set.</para></listitem>
</varlistentry>
<varlistentry>
<term>koi8-r</term><listitem><para>The usual Russian set (rfc1489).</para></listitem>
</varlistentry>
<varlistentry>
<term>utf-8</term><listitem><para>Bypass all translations and assume
that the OS uses native UTF-8 encoding.</para></listitem>
</varlistentry>
</variablelist>
</listitem></varlistentry>
<varlistentry>
<term>--utf8-strings</term>
<term>--no-utf8-strings</term>
<listitem><para>
Assume that the arguments are already given as UTF8 strings. The default
(--no-utf8-strings)
is to assume that arguments are encoded in the character set as specified
by --charset. These options affect all following arguments. Both options may
be used multiple times.
</para></listitem></varlistentry>
<varlistentry>
<term>--options &ParmFile;</term>
<listitem><para>
Read options from &ParmFile; and do not try to read
them from the default options file in the homedir
(see --homedir). This option is ignored if used
in an options file.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-options</term>
<listitem><para>
Shortcut for "--options /dev/null". This option is
detected before an attempt to open an option file.
Using this option will also prevent the creation of a
"~./gnupg" homedir.
</para></listitem></varlistentry>
<varlistentry>
<term>--load-extension &ParmName;</term>
<listitem><para>
Load an extension module. If &ParmName; does not
contain a slash it is searched in "/usr/local/lib/gnupg"
-See the manual for more information about extensions.
+Extension are in gernal not useful anymore; the use of this
+option is deprecated.
</para></listitem></varlistentry>
<varlistentry>
<term>--debug &ParmFlags;</term>
<listitem><para>
Set debugging flags. All flags are or-ed and &ParmFlags; may
be given in C syntax (e.g. 0x0042).
</para></listitem></varlistentry>
<varlistentry>
<term>--debug-all</term>
<listitem><para>
Set all useful debugging flags.
</para></listitem></varlistentry>
<varlistentry>
<term>--status-fd &ParmN;</term>
<listitem><para>
Write special status strings to the file descriptor &ParmN;.
See the file DETAILS in the documentation for a listing of them.
</para></listitem></varlistentry>
<varlistentry>
<term>--logger-fd &ParmN;</term>
<listitem><para>
Write log output to file descriptor &ParmN; and not to stderr.
</para></listitem></varlistentry>
<varlistentry>
<term>--attribute-fd &ParmN;</term>
<listitem><para>
Write attribute subpackets to the file descriptor &ParmN;. This is
most useful for use with --status-fd, since the status messages are
needed to separate out the various subpackets from the stream
delivered to the file descriptor.
</para></listitem></varlistentry>
<varlistentry>
<term>--sk-comments</term>
<listitem><para>
Include secret key comment packets when exporting secret keys. This
is a GnuPG extension to the OpenPGP standard, and is off by default.
Please note that this has nothing to do with the comments in clear
text signatures or armor headers.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-sk-comments</term>
<listitem><para>
Resets the --sk-comments option.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-comment</term>
<listitem><para>
See --sk-comments. This option is deprecated and may be removed soon.
</para></listitem></varlistentry>
<varlistentry>
<term>--comment &ParmString;</term>
<listitem><para>
Use &ParmString; as comment string in clear text signatures.
The default is not do write a comment string.
</para></listitem></varlistentry>
<varlistentry>
<term>--default-comment</term>
<listitem><para>
Force to write the standard comment string in clear
text signatures. Use this to overwrite a --comment
from a config file. This option is now obsolete because there is no
default comment string anymore.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-version</term>
<listitem><para>
Omit the version string in clear text signatures.
</para></listitem></varlistentry>
<varlistentry>
<term>--emit-version</term>
<listitem><para>
Force to write the version string in clear text
signatures. Use this to overwrite a previous
--no-version from a config file.
</para></listitem></varlistentry>
<varlistentry>
<term>-N, --notation-data &ParmNameValue;</term>
<listitem><para>
Put the name value pair into the signature as notation data.
&ParmName; must consist only of alphanumeric characters, digits
or the underscore; the first character must not be a digit.
&ParmValue; may be any printable string; it will be encoded in UTF8,
so you should check that your --charset is set correctly.
If you prefix &ParmName; with an exclamation mark, the notation
data will be flagged as critical (rfc2440:5.2.3.15).
</para></listitem></varlistentry>
<varlistentry>
<term>--show-notation</term>
<listitem><para>
Show key signature notations in the --list-sigs or --check-sigs
listings.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-show-notation</term>
<listitem><para>
Do not show key signature notations in the --list-sigs or --check-sigs
listings.
</para></listitem></varlistentry>
<varlistentry>
<term>--set-policy-url &ParmString;</term>
<listitem><para>
Use &ParmString; as Policy URL for signatures (rfc2440:5.2.3.19).
If you prefix it with an exclamation mark, the policy URL
packet will be flagged as critical.
</para></listitem></varlistentry>
<varlistentry>
<term>--show-policy-url</term>
<listitem><para>
Show any policy URLs set in the --list-sigs or --check-sigs listings.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-show-policy-url</term>
<listitem><para>
Do not show any policy URLs set in the --list-sigs or --check-sigs
listings.
</para></listitem></varlistentry>
<varlistentry>
<term>--set-filename &ParmString;</term>
<listitem><para>
Use &ParmString; as the name of file which is stored in
messages.
</para></listitem></varlistentry>
<varlistentry>
<term>--for-your-eyes-only</term>
<listitem><para>
Set the `for your eyes only' flag in the message. This causes GnuPG
to refuse to save the file unless the --output option is given, and
PGP to use the "secure viewer" with a Tempest-resistant font to
display the message. This option overrides --set-filename.
</para></listitem></varlistentry
<varlistentry>
<term>--no-for-your-eyes-only</term>
<listitem><para>
Resets the --for-your-eyes-only flag.
</para></listitem></varlistentry
<varlistentry>
<term>--use-embedded-filename</term>
<listitem><para>
Try to create a file with a name as embedded in the data.
This can be a dangerous option as it allows to overwrite files.
</para></listitem></varlistentry>
<varlistentry>
<term>--completes-needed &ParmN;</term>
<listitem><para>
Number of completely trusted users to introduce a new
key signer (defaults to 1).
</para></listitem></varlistentry>
<varlistentry>
<term>--marginals-needed &ParmN;</term>
<listitem><para>
Number of marginally trusted users to introduce a new
key signer (defaults to 3)
</para></listitem></varlistentry>
<varlistentry>
<term>--max-cert-depth &ParmN;</term>
<listitem><para>
Maximum depth of a certification chain (default is 5).
</para></listitem></varlistentry>
<varlistentry>
<term>--cipher-algo &ParmName;</term>
<listitem><para>
Use &ParmName; as cipher algorithm. Running the program
with the command --version yields a list of supported
algorithms. If this is not used the cipher algorithm is
selected from the preferences stored with the key.
</para></listitem></varlistentry>
<varlistentry>
<term>--digest-algo &ParmName;</term>
<listitem><para>
Use &ParmName; as the message digest algorithm. Running the program
with the command --version yields a list of supported algorithms.
</para></listitem></varlistentry>
<varlistentry>
<term>--cert-digest-algo &ParmName;</term>
<listitem><para>
Use &ParmName; as the message digest algorithm used when signing a
key. Running the program with the command --version yields a list of
supported algorithms. Be aware that if you choose an algorithm that
GnuPG supports but other OpenPGP implementations do not, then some
users will not be able to use the key signatures you make, or quite
possibly your entire key.
</para></listitem></varlistentry>
<varlistentry>
<term>--s2k-cipher-algo &ParmName;</term>
<listitem><para>
Use &ParmName; as the cipher algorithm used to protect secret keys.
The default cipher is CAST5. This cipher is also used for
conventional encryption if --cipher-algo is not given.
</para></listitem></varlistentry>
<varlistentry>
<term>--s2k-digest-algo &ParmName;</term>
<listitem><para>
Use &ParmName; as the digest algorithm used to mangle the
passphrases. The default algorithm is RIPE-MD-160.
This digest algorithm is also used for conventional
encryption if --digest-algo is not given.
</para></listitem></varlistentry>
<varlistentry>
<term>--s2k-mode &ParmN;</term>
<listitem><para>
Selects how passphrases are mangled. If &ParmN; is 0
a plain passphrase (which is not recommended) will be used,
a 1 (default) adds a salt to the passphrase and
a 3 iterates the whole process a couple of times.
Unless --rfc1991 is used, this mode is also used
for conventional encryption.
</para></listitem></varlistentry>
<varlistentry>
<term>--simple-sk-checksum</term>
<listitem><para>
Secret keys are integrity protected by using a SHA-1 checksum. This
method will be part of an enhanced OpenPGP specification but GnuPG
already uses it as a countermeasure against certain attacks. Old
applications don't understand this new format, so this option may be
used to switch back to the old behaviour. Using this this option
bears a security risk. Note that using this option only takes effect
when the secret key is encrypted - the simplest way to make this
happen is to change the passphrase on the key (even changing it to the
same value is acceptable).
</para></listitem></varlistentry>
<varlistentry>
<term>--compress-algo &ParmN;</term>
<listitem><para>
Use compression algorithm &ParmN;. Default is 2 which is RFC1950
compression. You may use 1 to use the old zlib version (RFC1951) which
is used by PGP. 0 disables compression. The default algorithm may give
better results because the window size is not limited to 8K. If this
is not used the OpenPGP behavior is used, i.e. the compression
algorithm is selected from the preferences; note, that this can't be
done if you do not encrypt the data.
</para></listitem></varlistentry>
<varlistentry>
<term>--disable-cipher-algo &ParmName;</term>
<listitem><para>
Never allow the use of &ParmName; as cipher algorithm.
The given name will not be checked so that a later loaded algorithm
will still get disabled.
</para></listitem></varlistentry>
<varlistentry>
<term>--disable-pubkey-algo &ParmName;</term>
<listitem><para>
Never allow the use of &ParmName; as public key algorithm.
The given name will not be checked so that a later loaded algorithm
will still get disabled.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-sig-cache</term>
<listitem><para>
Do not cache the verification status of key signatures.
Caching gives a much better performance in key listings. However, if
you suspect that your public keyring is not save against write
modifications, you can use this option to disable the caching. It
probably does not make sense to disable it because all kind of damage
can be done if someone else has write access to your public keyring.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-sig-create-check</term>
<listitem><para>
GnuPG normally verifies each signature right after creation to protect
against bugs and hardware malfunctions which could leak out bits from
the secret key. This extra verification needs some time (about 115%
for DSA keys), and so this option can be used to disable it.
However, due to the fact that the signature creation needs manual
interaction, this performance penalty does not matter in most settings.
</para></listitem></varlistentry>
<varlistentry>
<term>--auto-check-trustdb</term>
<listitem><para>
If GnuPG feels that its information about the Web-of-Trust has to be
updated, it automatically runs the --check-trustdb command
internally. This may be a time consuming process.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-auto-check-trustdb</term>
<listitem><para>
Resets the --auto-check-trustdb option.
</para></listitem></varlistentry>
<varlistentry>
<term>--throw-keyid</term>
<listitem><para>
Do not put the keyid into encrypted packets. This option
hides the receiver of the message and is a countermeasure
against traffic analysis. It may slow down the decryption
process because all available secret keys are tried.
</para></listitem></varlistentry>
<varlistentry>
<term>--not-dash-escaped</term>
<listitem><para>
This option changes the behavior of cleartext signatures
so that they can be used for patch files. You should not
send such an armored file via email because all spaces
and line endings are hashed too. You can not use this
option for data which has 5 dashes at the beginning of a
line, patch files don't have this. A special armor header
line tells GnuPG about this cleartext signature option.
</para></listitem></varlistentry>
<varlistentry>
<term>--escape-from-lines</term>
<listitem><para>
Because some mailers change lines starting with "From "
to "&#60;From " it is good to handle such lines in a special
way when creating cleartext signatures. All other PGP
versions do it this way too. This option is not enabled
by default because it would violate rfc2440.
</para></listitem></varlistentry>
<varlistentry>
<term>--passphrase-fd &ParmN;</term>
<listitem><para>
Read the passphrase from file descriptor &ParmN;. If you use
0 for &ParmN;, the passphrase will be read from stdin. This
can only be used if only one passphrase is supplied.
<!--fixme: make this print strong-->
Don't use this option if you can avoid it.
</para></listitem></varlistentry>
<varlistentry>
<term>--command-fd &ParmN;</term>
<listitem><para>
This is a replacement for the deprecated shared-memory IPC mode.
If this option is enabled, user input on questions is not expected
from the TTY but from the given file descriptor. It should be used
together with --status-fd. See the file doc/DETAILS in the source
distribution for details on how to use it.
</para></listitem></varlistentry>
<varlistentry>
<term>--use-agent</term>
<listitem><para>
Try to use the GnuPG-Agent. Please note that this agent is still under
development. With this option, GnuPG first tries to connect to the
agent before it asks for a passphrase.
</para></listitem></varlistentry>
<varlistentry>
<term>--gpg-agent-info</term>
<listitem><para>
Override the value of the environment variable
<literal>GPG_AGENT_INFO</>. This is only used when --use-agent has been given
</para></listitem></varlistentry>
<varlistentry>
<term>--rfc1991</term>
<listitem><para>
Try to be more RFC1991 (PGP 2.x) compliant.
</para></listitem></varlistentry>
<varlistentry>
<term>--pgp2</term>
<listitem><para>
Set up all options to be as PGP 2.x compliant as possible, and warn if
an action is taken (e.g. encrypting to a non-RSA key) that will create
a message that PGP 2.x will not be able to handle. Note that `PGP
2.x' here means `MIT PGP 2.6.2'. There are other versions of PGP 2.x
available, but the MIT release is a good common baseline.
</para><para>
This option implies `--rfc1991 --no-openpgp --disable-mdc
--no-force-v4-certs --no-comment --escape-from-lines --force-v3-sigs
--no-ask-sig-expire --no-ask-cert-expire --cipher-algo IDEA
--digest-algo MD5 --compress-algo 1'
</para></listitem></varlistentry>
<varlistentry>
<term>--no-pgp2</term>
<listitem><para>
Resets the --pgp2 option.
</para></listitem></varlistentry>
<varlistentry>
<term>--pgp6</term>
<listitem><para>
Set up all options to be as PGP 6 compliant as possible. This
restricts you to the ciphers IDEA (if the IDEA plugin is installed),
3DES, and CAST5, the hashes MD5, SHA1 and RIPEMD160, and the
compression algorithms none and ZIP. This also disables making
signatures with signing subkeys as PGP 6 does not understand
signatures made by signing subkeys.
</para><para>
This option implies `--disable-mdc --no-comment --escape-from-lines
--force-v3-sigs --no-ask-sig-expire --compress-algo 1'
</para></listitem></varlistentry>
<varlistentry>
<term>--no-pgp6</term>
<listitem><para>
Resets the --pgp6 option.
</para></listitem></varlistentry>
<varlistentry>
<term>--pgp7</term>
<listitem><para>
Set up all options to be as PGP 7 compliant as possible. This is
identical to --pgp6 except that MDCs are not disabled, and the list of
allowable ciphers is expanded to add AES128, AES192, AES256, and
TWOFISH.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-pgp7</term>
<listitem><para>
Resets the --pgp7 option.
</para></listitem></varlistentry>
<varlistentry>
<term>--openpgp</term>
<listitem><para>
Reset all packet, cipher and digest options to OpenPGP behavior. Use
this option to reset all previous options like --rfc1991,
--force-v3-sigs, --s2k-*, --cipher-algo, --digest-algo and
--compress-algo to OpenPGP compliant values. All PGP workarounds are
also disabled.
</para></listitem></varlistentry>
<varlistentry>
<term>--force-v3-sigs</term>
<listitem><para>
OpenPGP states that an implementation should generate v4 signatures
but PGP versions 5 and higher only recognize v4 signatures on key
material. This option forces v3 signatures for signatures on data.
Note that this option overrides --ask-sig-expire, as v3 signatures
cannot have expiration dates.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-force-v3-sigs</term>
<listitem><para>
Reset the --force-v3-sigs option.
</para></listitem></varlistentry>
<varlistentry>
<term>--force-v4-certs</term>
<listitem><para>
Always use v4 key signatures even on v3 keys. This option also
changes the default hash algorithm for v3 RSA keys from MD5 to SHA-1.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-force-v4-certs</term>
<listitem><para>
Reset the --force-v4-certs option.
</para></listitem></varlistentry>
<varlistentry>
<term>--force-mdc</term>
<listitem><para>
Force the use of encryption with appended manipulation code. This is
always used with the newer ciphers (those with a blocksize greater
than 64 bit).
</para></listitem></varlistentry>
<varlistentry>
<term>--allow-non-selfsigned-uid</term>
<listitem><para>
Allow the import and use of keys with user IDs which are not
self-signed. This is not recommended, as a non self-signed user ID is
trivial to forge.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-allow-non-selfsigned-uid</term>
<listitem><para>
Reset the --allow-non-selfsigned-uid option.
</para></listitem></varlistentry>
<varlistentry>
<term>--allow-freeform-uid</term>
<listitem><para>
Disable all checks on the form of the user ID while generating a new
one. This option should only be used in very special environments as
it does not ensure the de-facto standard format of user IDs.
</para></listitem></varlistentry>
<varlistentry>
<term>--ignore-time-conflict</term>
<listitem><para>
GnuPG normally checks that the timestamps associated with keys and
signatures have plausible values. However, sometimes a signature seems to
be older than the key due to clock problems. This option makes these
checks just a warning.
</para></listitem></varlistentry>
<varlistentry>
<term>--ignore-valid-from</term>
<listitem><para>
GnuPG normally does not select and use subkeys created in the future. This
option allows the use of such keys and thus exhibits the pre-1.0.7
behaviour. You should not use this option unless you there is some
clock problem.
</para></listitem></varlistentry>
<varlistentry>
<term>--ignore-crc-error</term>
<listitem><para>
The ASCII armor used by OpenPG is protected by a CRC checksum against
transmission errors. Sometimes it happens that the CRC gets mangled
somewhere on the transmission channel
but the actual content (which is anyway protected by
the OpenPGP protocol) is still okay. This option will let gpg ignore
CRC errors.
</para></listitem></varlistentry>
<varlistentry>
<term>--lock-once</term>
<listitem><para>
Lock the databases the first time a lock is requested
and do not release the lock until the process
terminates.
</para></listitem></varlistentry>
<varlistentry>
<term>--lock-multiple</term>
<listitem><para>
Release the locks every time a lock is no longer
needed. Use this to override a previous --lock-once
from a config file.
</para></listitem></varlistentry>
<varlistentry>
<term>--lock-never</term>
<listitem><para>
Disable locking entirely. This option should be used only in very
special environments, where it can be assured that only one process
is accessing those files. A bootable floppy with a stand-alone
encryption system will probably use this. Improper usage of this
option may lead to data and key corruption.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-random-seed-file</term>
<listitem><para>
GnuPG uses a file to store its internal random pool over invocations.
This makes random generation faster; however sometimes write operations
are not desired. This option can be used to achieve that with the cost of
slower random generation.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-verbose</term>
<listitem><para>
Reset verbose level to 0.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-greeting</term>
<listitem><para>
Suppress the initial copyright message but do not
enter batch mode.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-secmem-warning</term>
<listitem><para>
Suppress the warning about "using insecure memory".
</para></listitem></varlistentry>
<varlistentry>
<term>--no-permission-warning</term>
<listitem><para>
Suppress the warning about unsafe file permissions.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-mdc-warning</term>
<listitem><para>
Suppress the warning about missing MDC integrity protection.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-armor</term>
<listitem><para>
Assume the input data is not in ASCII armored format.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-default-keyring</term>
<listitem><para>
Do not add the default keyrings to the list of
keyrings.
</para></listitem></varlistentry>
<varlistentry>
<term>--skip-verify</term>
<listitem><para>
Skip the signature verification step. This may be
used to make the decryption faster if the signature
verification is not needed.
</para></listitem></varlistentry>
<varlistentry>
<term>--with-colons</term>
<listitem><para>
Print key listings delimited by colons. Note, that the output will be
encoded in UTF-8 regardless of any --charset setting.
</para></listitem></varlistentry>
<varlistentry>
<term>--with-key-data</term>
<listitem><para>
Print key listings delimited by colons (like --with-colons) and print the public key data.
</para></listitem></varlistentry>
<varlistentry>
<term>--with-fingerprint</term>
<listitem><para>
Same as the command --fingerprint but changes only the format of the output
and may be used together with another command.
</para></listitem></varlistentry>
<varlistentry>
<term>--fast-list-mode</term>
<listitem><para>
Changes the output of the list commands to work faster; this is achieved
by leaving some parts empty. Some applications don't need the user ID and
the trust information given in the listings. By using this options they
can get a faster listing. The exact behaviour of this option may change
in future versions.
</para></listitem></varlistentry>
<varlistentry>
<term>--fixed-list-mode</term>
<listitem><para>
Do not merge user ID and primary key in --with-colon listing mode and
print all timestamps as seconds since 1970-01-01.
</para></listitem></varlistentry>
<varlistentry>
<term>--list-only</term>
<listitem><para>
Changes the behaviour of some commands. This is like --dry-run but
different in some cases. The semantic of this command may be extended in
the future. Currently it only skips the actual decryption pass and
therefore enables a fast listing of the encryption keys.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-literal</term>
<listitem><para>
This is not for normal use. Use the source to see for what it might be useful.
</para></listitem></varlistentry>
<varlistentry>
<term>--set-filesize</term>
<listitem><para>
This is not for normal use. Use the source to see for what it might be useful.
</para></listitem></varlistentry>
<varlistentry>
<term>--emulate-md-encode-bug</term>
<listitem><para>
GnuPG versions prior to 1.0.2 had a bug in the way a signature was encoded.
This options enables a workaround by checking faulty signatures again with
the encoding used in old versions. This may only happen for ElGamal signatures
which are not widely used.
</para></listitem></varlistentry>
<varlistentry>
<term>--show-session-key</term>
<listitem><para>
Display the session key used for one message. See --override-session-key
for the counterpart of this option.
</para>
<para>
We think that Key-Escrow is a Bad Thing; however the user should
have the freedom to decide whether to go to prison or to reveal the content of
one specific message without compromising all messages ever encrypted for one
secret key. DON'T USE IT UNLESS YOU ARE REALLY FORCED TO DO SO.
</para></listitem></varlistentry>
<varlistentry>
<term>--override-session-key &ParmString; </term>
<listitem><para>
Don't use the public key but the session key &ParmString;. The format of this
string is the same as the one printed by --show-session-key. This option
is normally not used but comes handy in case someone forces you to reveal the
content of an encrypted message; using this option you can do this without
handing out the secret key.
</para></listitem></varlistentry>
<varlistentry>
<term>--ask-sig-expire</term>
<listitem><para>
When making a data signature, prompt for an expiration time. If this
option is not specified, the expiration time is "never".
</para></listitem></varlistentry
<varlistentry>
<term>--no-ask-sig-expire</term>
<listitem><para>
Resets the --ask-sig-expire option.
</para></listitem></varlistentry
<varlistentry>
<term>--ask-cert-expire</term>
<listitem><para>
When making a key signature, prompt for an expiration time. If this
option is not specified, the expiration time is "never".
</para></listitem></varlistentry
<varlistentry>
<term>--no-ask-cert-expire</term>
<listitem><para>
Resets the --ask-cert-expire option.
</para></listitem></varlistentry
<varlistentry>
<term>--expert</term>
<listitem><para>
Allow the user to do certain nonsensical or "silly" things like
signing an expired or revoked key, or certain potentially incompatible
things like generating deprecated key types. This also disables
certain warning messages about potentially incompatible actions. As
the name implies, this option is for experts only. If you don't fully
understand the implications of what it allows you to do, leave this
off.
</para></listitem></varlistentry
<varlistentry>
<term>--no-expert</term>
<listitem><para>
Resets the --expert option.
</para></listitem></varlistentry
<varlistentry>
<term>--merge-only</term>
<listitem><para>
Don't insert new keys into the keyrings while doing an import.
</para></listitem></varlistentry>
<varlistentry>
<term>--allow-secret-key-import</term>
<listitem><para>
This is an obsolete option and is not used anywhere.
</para></listitem></varlistentry>
<varlistentry>
<term>--try-all-secrets</term>
<listitem><para>
Don't look at the key ID as stored in the message but try all secret keys in
turn to find the right decryption key. This option forces the behaviour as
used by anonymous recipients (created by using --throw-keyid) and might come
handy in case where an encrypted message contains a bogus key ID.
</para></listitem></varlistentry>
<varlistentry>
<term>--enable-special-filenames</term>
<listitem><para>
This options enables a mode in which filenames of the form
<filename>-&#38;n</>, where n is a non-negative decimal number,
refer to the file descriptor n and not to a file with that name.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-expensive-trust-checks</term>
<listitem><para>
Experimental use only.
</para></listitem></varlistentry>
<varlistentry>
<term>--group &ParmNameValues;</term>
<listitem><para>
Sets up a named group, which is similar to aliases in email programs.
Any time the group name is a receipient (-r or --recipient), it will
be expanded to the values specified.
The values are &ParmKeyIDs; or fingerprints, but any key description
is accepted. Note that a value with spaces in it will be treated as
two different values. Note also there is only one level of expansion
- you cannot make an group that points to another group.
</para></listitem></varlistentry>
<varlistentry>
<term>--preserve-permissions</term>
<listitem><para>
Don't change the permissions of a secret keyring back to user
read/write only. Use this option only if you really know what you are doing.
</para></listitem></varlistentry>
<varlistentry>
<term>--personal-cipher-preferences &ParmString;</term>
<listitem><para>
Set the list of personal cipher preferences to &ParmString;, this list
should be a string similar to the one printed by the command "pref" in
the edit menu. This allows the user to factor in their own preferred
algorithms when algorithms are chosen via recipient key preferences.
</para></listitem></varlistentry>
<varlistentry>
<term>--personal-digest-preferences &ParmString;</term>
<listitem><para>
Set the list of personal digest preferences to &ParmString;, this list
should be a string similar to the one printed by the command "pref" in
the edit menu. This allows the user to factor in their own preferred
algorithms when algorithms are chosen via recipient key preferences.
</para></listitem></varlistentry>
<varlistentry>
<term>--personal-compress-preferences &ParmString;</term>
<listitem><para>
Set the list of personal compression preferences to &ParmString;, this
list should be a string similar to the one printed by the command
"pref" in the edit menu. This allows the user to factor in their own
preferred algorithms when algorithms are chosen via recipient key
preferences.
</para></listitem></varlistentry>
<varlistentry>
<term>--default-preference-list &ParmString;</term>
<listitem><para>
Set the list of default preferences to &ParmString;, this list should
be a string similar to the one printed by the command "pref" in the
edit menu. This affects both key generation and "updpref" in the edit
menu.
</para></listitem></varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>How to specify a user ID</title>
<para>
There are different ways on how to specify a user ID to GnuPG;
here are some examples:
</para>
<variablelist>
<varlistentry>
<term></term>
<listitem><para></para></listitem>
</varlistentry>
<varlistentry>
<term>234567C4</term>
<term>0F34E556E</term>
<term>01347A56A</term>
<term>0xAB123456</term>
<listitem><para>
Here the key ID is given in the usual short form.
</para></listitem>
</varlistentry>
<varlistentry>
<term>234AABBCC34567C4</term>
<term>0F323456784E56EAB</term>
<term>01AB3FED1347A5612</term>
<term>0x234AABBCC34567C4</term>
<listitem><para>
Here the key ID is given in the long form as used by OpenPGP
(you can get the long key ID using the option --with-colons).
</para></listitem>
</varlistentry>
<varlistentry>
<term>1234343434343434C434343434343434</term>
<term>123434343434343C3434343434343734349A3434</term>
<term>0E12343434343434343434EAB3484343434343434</term>
<term>0xE12343434343434343434EAB3484343434343434</term>
<listitem><para>
The best way to specify a key ID is by using the fingerprint of
the key. This avoids any ambiguities in case that there are duplicated
key IDs (which are really rare for the long key IDs).
</para></listitem>
</varlistentry>
<varlistentry>
<term>=Heinrich Heine &#60;heinrichh@uni-duesseldorf.de&#62;</term>
<listitem><para>
Using an exact to match string. The equal sign indicates this.
</para></listitem>
</varlistentry>
<varlistentry>
<term>&#60;heinrichh@uni-duesseldorf.de&#62;</term>
<listitem><para>
Using the email address part which must match exactly. The left angle bracket
indicates this email address mode.
</para></listitem>
</varlistentry>
<varlistentry>
<term>+Heinrich Heine duesseldorf</term>
<listitem><para>
All words must match exactly (not case sensitive) but can appear in
any order in the user ID. Words are any sequences of letters,
digits, the underscore and all characters with bit 7 set.
</para></listitem>
</varlistentry>
<varlistentry>
<term>Heine</term>
<term>*Heine</term>
<listitem><para>
By case insensitive substring matching. This is the default mode but
applications may want to explicitly indicate this by putting the asterisk
in front.
</para></listitem>
</varlistentry>
</variablelist>
<para>
Note that you can append an exclamation mark to key IDs or
fingerprints. This flag tells GnuPG to use exactly the given primary
or secondary key and not to try to figure out which secondary or
primary key to use.
</para>
</refsect1>
<refsect1>
<title>RETURN VALUE</title>
<para>
The program returns 0 if everything was fine, 1 if at least
a signature was bad, and other error codes for fatal errors.
</para>
</refsect1>
<refsect1>
<title>EXAMPLES</title>
<variablelist>
<varlistentry>
<term>gpg -se -r <parameter/Bob/ &ParmFile;</term>
<listitem><para>sign and encrypt for user Bob</para></listitem>
</varlistentry>
<varlistentry>
<term>gpg --clearsign &ParmFile;</term>
<listitem><para>make a clear text signature</para></listitem>
</varlistentry>
<varlistentry>
<term>gpg -sb &ParmFile;</term>
<listitem><para>make a detached signature</para></listitem>
</varlistentry>
<varlistentry>
<term>gpg --list-keys <parameter/user_ID/</term>
<listitem><para>show keys</para></listitem>
</varlistentry>
<varlistentry>
<term>gpg --fingerprint <parameter/user_ID/</term>
<listitem><para>show fingerprint</para></listitem>
</varlistentry>
<varlistentry>
<term>gpg --verify <parameter/pgpfile/</term>
<term>gpg --verify <parameter/sigfile/ &OptParmFiles;</term>
<listitem><para>
Verify the signature of the file but do not output the data. The second form
is used for detached signatures, where <parameter/sigfile/ is the detached
signature (either ASCII armored of binary) and &OptParmFiles are the signed
data; if this is not given the name of the file holding the signed data is
constructed by cutting off the extension (".asc" or ".sig") of
<parameter/sigfile/ or by asking the user for the filename.
</para></listitem></varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>ENVIRONMENT</title>
<variablelist>
<varlistentry>
<term>HOME</term>
<listitem><para>Used to locate the default home directory.</para></listitem>
</varlistentry>
<varlistentry>
<term>GNUPGHOME</term>
<listitem><para>If set directory used instead of "~/.gnupg".</para></listitem>
</varlistentry>
<varlistentry>
<term>GPG_AGENT_INFO</term>
<listitem><para>Used to locate the gpg-agent; only honored when
--use-agent is set. The value consists of 3 colon delimited fields:
The first is the path to the Unix Domain Socket, the second the PID of
the gpg-agent and the protocol version which should be set to 1. When
starting the gpg-agent as described in its documentation, this
variable is set to the correct value. The option --gpg-agent-info can
be used to overide it.</para></listitem>
</varlistentry>
<varlistentry>
<term>http_proxy</term>
<listitem><para>Only honored when the option --honor-http-proxy is set.</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FILES</title>
<variablelist>
<varlistentry>
<term>~/.gnupg/secring.gpg</term>
<listitem><para>The secret keyring</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/secring.gpg.lock</term>
<listitem><para>and the lock file</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/pubring.gpg</term>
<listitem><para>The public keyring</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/pubring.gpg.lock</term>
<listitem><para>and the lock file</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/trustdb.gpg</term>
<listitem><para>The trust database</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/trustdb.gpg.lock</term>
<listitem><para>and the lock file</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/random_seed</term>
<listitem><para>used to preserve the internal random pool</para></listitem>
</varlistentry>
<varlistentry>
<term>~/.gnupg/options</term>
<listitem><para>May contain options</para></listitem>
</varlistentry>
<varlistentry>
<term>/usr[/local]/share/gnupg/options.skel</term>
<listitem><para>Skeleton options file</para></listitem>
</varlistentry>
<varlistentry>
<term>/usr[/local]/lib/gnupg/</term>
<listitem><para>Default location for extensions</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<!-- SEE ALSO not yet needed-->
<refsect1>
<title>WARNINGS</title>
<para>
Use a *good* password for your user account and a *good* passphrase
to protect your secret key. This passphrase is the weakest part of the
whole system. Programs to do dictionary attacks on your secret keyring
are very easy to write and so you should protect your "~/.gnupg/"
directory very well.
</para>
<para>
Keep in mind that, if this program is used over a network (telnet), it
is *very* easy to spy out your passphrase!
</para>
<para>
If you are going to verify detached signatures, make sure that the
program knows about it; either be giving both filenames on the
commandline or using <literal>-</literal> to specify stdin.
</para>
</refsect1>
<refsect1>
<title>BUGS</title>
<para>
On many systems this program should be installed as setuid(root). This
is necessary to lock memory pages. Locking memory pages prevents the
operating system from writing memory pages to disk. If you get no
warning message about insecure memory your operating system supports
locking without being root. The program drops root privileges as soon
as locked memory is allocated.
</para>
</refsect1>
</refentry>
diff --git a/g10/ChangeLog b/g10/ChangeLog
index ec4731877..52357d6c3 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,6501 +1,6505 @@
+2002-08-02 Werner Koch <wk@gnupg.org>
+
+ * Makefile.am (LDFLAGS): Removed DYNLINK_LDFLAGS.
+
2002-07-30 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), mainproc.c (proc_encrypted): Return a
decryption failed error if a MDC does not verify. Warn if a MDC
is not present (can disable via --no-mdc-warning).
* exec.c (exec_write), g10.c (main), keyserver.c
(keyserver_spawn): Use new DISABLE_KEYSERVER_PATH rather than
FIXED_EXEC_PATH.
2002-07-28 David Shaw <dshaw@jabberwocky.com>
* sig-check.c (do_check): Properly validate v4 sigs with no hashed
section at all.
2002-07-25 Werner Koch <wk@gnupg.org>
* delkey.c (do_delete_key): Always allow to delete a key in batch mode
when specified by fingerprint. Suggested by Enzo Michelangeli.
2002-07-25 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (menu_revsig): Change "revsig" to honor selected uids
so the user can revoke sigs from particular uids only.
* keylist.c (list_keyblock_print): Don't display expired uids in
--list-keys unless -v and not --list-sigs (just like revoked
uids).
* exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c:
"Warning" -> "WARNING"
>>>>>>> 1.214
2002-07-24 David Shaw <dshaw@jabberwocky.com>
* main.h, import.c (parse_import_options, fix_hkp_corruption,
import_one, delete_inv_parts), g10.c (main): New import-option
"repair-hkp-subkey-bug", which repairs as much as possible the HKP
mangling multiple subkeys bug. It is on by default for keyserver
receives, and off by default for regular --import.
* main.h, import.c (import, import_one, delete_inv_parts), hkp.c
(hkp_ask_import), keyserver.c (keyserver_spawn): Use keyserver
import options when doing keyserver receives.
* options.h, exec.h, exec.c (set_exec_path, exec_write), g10.c
(main), keyserver.c (keyserver_spawn): If the user does not use
"exec-path", completely replace $PATH with GNUPG_LIBEXECDIR before
calling the keyserver helper. If the user does use "exec-path",
append GNUPG_LIBEXECDIR after the specified path.
2002-07-23 David Shaw <dshaw@jabberwocky.com>
* import.c (parse_import_options), export.c
(parse_export_options): Fix offset problem with reversed ("no-")
meanings.
* import.c (delete_inv_parts): Discard subkey signatures (0x18 and
0x28) if found in the userid section of the key.
* sig-check.c (signature_check2): Signatures made by invalid
subkeys (bad/missing binding sig) are also invalid.
* keylist.c (print_fingerprint): Show the primary as well as the
secondary key fingerprint in modes 1 & 2.
2002-07-22 David Shaw <dshaw@jabberwocky.com>
* options.h, main.h, g10.c (main), import.c
(parse_import_options, delete_inv_parts), keyserver.c
(parse_keyserver_options): add new --import-options option. The
only current flag is "allow-local-sigs".
* g10.c (main): Don't disable MDC in pgp7 mode.
* options.h, g10.c (main), keyserver.c (parse_keyserver_options):
Remove old keyserver-option include-attributes now that there is
an export-option for the same thing.
* options.h, main.h, export.c (parse_export_options,
do_export_stream), g10.c (main): add new --export-options option.
Current flags are "include-non-rfc", "include-local-sigs",
"include-attributes", and "include-sensitive-revkeys".
* options.h, hkp.c (hkp_export), keyserver.c
(parse_keyserver_options, keyserver_spawn): try passing unknown
keyserver options to export options, and if successful, use them
when doing a keyserver --send-key.
* build-packet.c (build_sig_subpkt): We do not generate
SIGSUBPKT_PRIV_VERIFY_CACHE anymore.
* revoke.c (gen_desig_revoke): Lots more comments about including
sensitive revkeys along with the revocation sig itself.
* keyserver.c (parse_keyserver_options): Simpler implementation
that can skip one pass over the options.
2002-07-18 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying
"sensitive" as an argument to an addrevoker command. This sets
the 0x40 sensitive revoker flag.
* revoke.c (gen_desig_revoke): When generating a designated
revocation, include the direct key sig that contains the
designated revoker subpacket. This allows sensitive designated
revocation subpackets to be exported. Also indicate which
revokers are sensitive in the first place.
2002-07-17 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in
a designated revoker means "sensitive", not "local". It's
exportable under the right circumstances.
* main.h, options.h, export.c (do_export_stream), g10.c (main),
hkp.c (hkp_export), keyserver.c (keyserver_spawn: Add a flag to
skip attribute packets and their signatures while exporting. This
is to accomodate keyservers (pksd again) that choke on attributes.
Use keyserver-option "include-attributes" to control it. This
defaults to ON (i.e. don't skip).
2002-07-09 David Shaw <dshaw@jabberwocky.com>
* options.h, keyserver.c (parse_keyserver_uri, keyserver_spawn,
keyserver_work), hkp.c (hkp_ask_import, hkp_export, hkp_search):
Use a much more strict reading of RFC-2396 for the keyserver URIs.
Specifically, don't try and be smart about checking the value of
":port" so long as it is all digits, and properly handle opaque
data (those scheme specific parts that do not start with "//").
2002-07-04 David Shaw <dshaw@jabberwocky.com>
* photoid.c (get_default_photo_command, show_photos): Honor
FIXED_PHOTO_VIEWER and DISABLE_PHOTO_VIEWER.
* mainproc.c (check_sig_and_print): Use --show-photos to show
photos when verifying a sig made by a key with a photo.
* keyserver.c (parse_keyserver_uri): Properly parse a URI with no
:port section and an empty file path, but with a terminating '/'.
(keyserver_work): Honor DISABLE_KEYSERVER_HELPERS.
* hkp.c (hkp_ask_import): Display keyserver URI as a URI, but only
if verbose.
* exec.c, g10.c: USE_EXEC_PATH -> FIXED_EXEC_PATH
2002-07-03 David Shaw <dshaw@jabberwocky.com>
* exec.h, exec.c (set_exec_path, exec_write), g10.c (main): If
USE_EXEC_PATH is defined at compile time, use it to lock the
exec-path and not allow the user to change it.
2002-07-02 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), keyserver.c (keyserver_refresh):
Maintain and use the original keyserver URI for cosmetics rather
than trying to recreate it when needed.
* mainproc.c (check_sig_and_print): Properly disregard expired
uids. Make sure that the first uid listed is a real uid and not
an attribute (attributes should only be listed in the "aka"
section). When there are no valid textual userids, try for an
invalid textual userid before using any attribute uid.
2002-07-01 David Shaw <dshaw@jabberwocky.com>
* options.skel: Fix a few typos, clarify "group", and remove
sample photo viewers for Win32 since they are the defaults now.
* parse-packet.c (make_attribute_uidname), keylist.c
(dump_attribs): Fix two typecast warnings.
* packet.h, build-packet.c (build_attribute_subpkt), exec.c
(expand_args), mkdtemp.c (mkdtemp), photoid.c
(parse_image_header): Fix some signedness compiler warnings.
2002-07-01 Werner Koch <wk@gnupg.org>
* photoid.c (get_default_photo_command): Also use __MINGW32__
instead of HAVE_DOSISH_SYSTEM.
* encode.c (encode_symmetric): Do not use the new encryption code.
2002-06-30 Werner Koch <wk@gnupg.org>
* photoid.c: Use __MINGW32__ to include windows because
HAVE_DOSISH_SYSTEM is also set for OS/2 and plain DOS. Provide
constant missing in older mingw installations.
2002-06-21 Stefan Bellon <sbellon@sbellon.de>
* g10.c [__riscos__]: Moved RISC OS specific stuff to util/riscos.c
and include/util.h.
* gpgv.c [__riscos__]: Likewise.
2002-06-20 David Shaw <dshaw@jabberwocky.com>
* keydb.h, pkclist.c (select_algo_from_prefs): Allow passing a
suggested algorithm which will be used if available.
* encode.c (encode_crypt, encrypt_filter), sign.c (sign_file): Use
new select_algo_from_prefs feature to check if forcing an
algorithm would violate the recipient preferences.
* photoid.c (get_default_photo_command, show_photos): Use
different default viewers on different platforms. Currently we
have Win 9x, Win NT (2k, xp), Mac OSX, RISC OS, and "everybody
else". These are #ifdefs as much as possible to avoid clutter.
* g10.c (strusage, build_list), keyedit.c (show_prefs), main.h,
misc.c (compress_algo_to_string, check_compress_algo), pkclist.c
(algo_available), keygen.c (keygen_set_std_prefs): New
algo_to_string and check functions for compress algorithms.
2002-06-20 Werner Koch <wk@gnupg.org>
* misc.c (setsysinfo): Removed a #warning for Alpha's uniligedn
trap disabling - it is quite possible that this is a debug relict.
2002-06-20 Stefan Bellon <sbellon@sbellon.de>
* g10.c [__riscos__]: Added image file system feature.
* gpgv.c [__riscos__]: Added image file system feature.
* photoid.c (show_photos) [__riscos__]: Set RISC OS filetype of
photo id according to MIME type.
2002-06-19 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Don't leak memory when failing out of a
bad HKP keyserver.
* g10.c (add_notation_data): Relax slightly the rules as to what
can go into a notation name - 2440 allows "@", for example.
2002-06-17 David Shaw <dshaw@jabberwocky.com>
* import.c (clean_subkeys, import_one): Only allow at most 1
binding sig and at most 1 revocation sig on a subkey, as per
2440:11.1.
* hkp.c (parse_hkp_index, hkp_search): Error if the keyserver
returns an unparseable HKP response.
2002-06-15 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (show_key_with_all_names), keylist.c
(list_keyblock_print): Show "[expired]" before expired uids.
* keyedit.c (show_key_with_all_names_colon), mainproc.c
(list_node), keylist.c (list_keyblock_colon): Show flag 'e' for
expired user ids. Use "uat" for user attribute packets instead of
"uid". Also use '<count> <length>' rather than the fake user id
string on attributes.
* keygen.c (keygen_add_revkey): Remove unused code.
* misc.c (check_permissions): Check directory permissions
properly - they are not special files.
* pkclist.c (expand_id, expand_group, build_pk_list): When
expanding groups before building a pk list, inherit flags from the
original pre-expanded string.
* pubkey-enc.c (is_algo_in_prefs): Don't use prefs from expired
uids.
2002-06-14 David Shaw <dshaw@jabberwocky.com>
* free-packet.c (copy_signature): Properly copy a signature that
carries a revocation key on it.
* pkclist.c (expand_id, expand_group, build_pk_list): Groups now
work properly when used in the "Enter the user ID" prompt.
2002-06-14 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (show_key_with_all_names): Display warning if a user
tries to show prefs on a v3 key with a v3 selfsig.
* kbnode.c (dump_kbnode): Show if a uid is expired.
* import.c (merge_blocks, import_revoke_cert): Show user ID
receiving a revocation certificate.
* free-packet.c (cmp_user_ids): Properly compare attribute ids.
* pkclist.c (expand_groups): Maintain the strlist flags while
expanding. Members of an expansion inherit their flags from the
expansion key.
* options.h, cipher.c (write_header), g10.c (main), keygen.c
(keygen_set_std_prefs): remove the personal_mdc flag. It no
longer serves a purpose now that the personal preference lists are
split into cipher/digest/zip.
2002-06-14 Timo Schulz <ts@winpt.org>
* skclist.c (is_insecure): Implemented.
2002-06-12 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_spawn): Properly handle PROGRAM responses
when they have a CRLF ending. Noted by Keith Ray.
* keyserver.c (keyserver_spawn): Handle CRLF endings from
keyserver helpers. Also don't leak the last line worth of memory
from the keyserver response.
* main.h, misc.c (deprecated_warning): New function to warn about
deprecated options and commands.
* g10.c (main), keyserver-internal.h, keyserver.c
(parse_keyserver_uri): Use new deprecated function to warn about
honor-http-proxy, auto-key-retrieve, and x-broken-hkp.
2002-06-11 David Shaw <dshaw@jabberwocky.com>
* Makefile.am: link gpg with NETLIBS for the built-in HKP access.
2002-06-10 David Shaw <dshaw@jabberwocky.com>
* options.h, keyserver.c (keyserver_opts), g10.c (main): New
keyserver option "include-subkeys". This feature already existed,
but now can be turned off. It defaults to on.
* options.h, keyserver.c (parse_keyserver_options,
keyserver_spawn): There are now enough options to justify making a
structure for the keyserver options rather than a page of
if-then-else-if-then-etc.
* getkey.c (merge_keys_and_selfsig, merge_selfsigs_main): Fix bug
in calculating key expiration dates.
2002-06-09 David Shaw <dshaw@jabberwocky.com>
* keydb.h, getkey.c (get_user_id_native), import.c (import_one):
Display user ID while importing a key. Note this applies to both
--import and keyserver --recv-keys.
* exec.c (exec_finish): Log unnatural exit (core dump, killed
manually, etc) for fork/exec/pipe child processes.
2002-06-08 Timo Schulz <ts@winpt.org>
* encode.c (encode_symmetric): Disable the compat flag
when the expert mode is enabled.
2002-06-07 David Shaw <dshaw@jabberwocky.com>
* options.skel, options.h, main.h, keydb.h, pkclist.c
(build_pk_list, expand_groups), g10.c (main, add_group): Add new
"group" command to allow one name to expand into multiple keys.
For simplicity, and to avoid potential loops, we only expand once
- you can't make an alias that points to an alias.
* main.h, g10.c (main), keygen.c (build_personal_digest_list):
Simplify the default digest list - there is really no need for the
other hashes since they will never be used after SHA-1 in the
list.
* options.skel, options.h, g10.c (main), hkp.c (hkp_ask_import,
hkp_export, hkp_search), keyserver.c (parse_keyserver_options,
parse_keyserver_uri, keyserver_work, keyserver_refresh): Make the
"x-broken-hkp" keyserver scheme into keyserver-option
"broken-http-proxy". Move honor_http_proxy into
keyserver_options. Canonicalize the three variations of "hkp",
"x-hkp", and "x-broken-hkp" into "hkp".
2002-06-07 Stefan Bellon <sbellon@sbellon.de>
* g10.c [__riscos__]: Added --attribute-file to do the same as
--attribute-fd, but with a filename not a fd as argument.
Added magic symbol for RISC OS to use different memory management.
* gpgv.c [__riscos__]: Added magic symbol for RISC OS to use
different memory management.
2002-06-06 David Shaw <dshaw@jabberwocky.com>
* main.h, g10.c (main), keygen.c (build_personal_digest_list): Put
in a default digest preference list consisting of SHA-1, followed
by every other installed digest except MD5. Note this is the same
as having no digest preference at all except for SHA-1 being
favored.
* options.h, g10.c (main), keygen.c (keygen_set_std_prefs),
pkclist.c (select_algo_from_prefs): Split
--personal-preference-list into three:
--personal-{cipher|digest|compress}-preferences. This allows a
user to set one without affecting another (i.e. setting only a
digest pref doesn't imply an empty cipher pref).
* exec.c (exec_read): This is a safer way of guessing the return
value of system(). Noted by Stefan Bellon.
2002-06-05 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Be more robust with keyservers
returning very unparseable responses.
* exec.c (exec_read): Catch and display an error when the remote
process exits unnaturally (i.e. segfault) so the user knows what
happened. Also fix exec_write stub which has a different number
of arguments now.
2002-06-05 Timo Schulz <ts@winpt.org>
* encode.c (encode_simple): Ignore the new mode for RFC1991.
* mainproc.c (symkey_decrypt_sesskey): Better check for weird
keysizes.
2002-06-05 Timo Schulz <ts@winpt.org>
* encode.c (encode_sesskey): New.
(encode_simple): Use it here. But by default we use the compat
mode which supress to generate encrypted session keys.
2002-06-05 Timo Schulz <ts@winpt.org>
* mainproc.c (symkey_decrypt_sesskey): New.
(proc_symkey_enc): Support for encrypted session keys.
2002-06-04 David Shaw <dshaw@jabberwocky.com>
* sign.c (hash_for, sign_file): When encrypting and signing at the
same time, consult the various hash prefs to pick a hash algorithm
to use. Pass in a 160-bit hint if any of the signing keys are
DSA.
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
Pass a "hints" opaque pointer in to let the caller give hints as
to what algorithms would be acceptable. The only current hint is
for PREFTYPE_HASH to require a 160-bit hash for DSA. Change all
callers in encode.c (encode_crypt, encrypt_filter) and sign.c
(sign_file). If we settle on MD5 as the best algorithm based
solely on recepient keys and SHA1 is also a possibility, use SHA1
unless the user intentionally chose MD5. This is as per 2440:13.
* exec.c (make_tempdir): Fix duplicated filename problem.
2002-06-03 David Shaw <dshaw@jabberwocky.com>
* packet.h, parse-packet.c (enum_sig_subpkt): Report back from
enum_sig_subpkt when a subpacket is critical and change all
callers in keylist.c (show_policy_url, show_notation), mainproc.c
(print_notation_data), and pkclist.c (do_show_revocation_reason).
* keylist.c (show_policy_url, show_notation): Display if the
policy or notation is critical.
2002-06-03 David Shaw <dshaw@jabberwocky.com>
* main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
list_keyblock_print, list_keyblock_colon), status.h, status.c
(get_status_string): New --attribute-fd feature to dump the
contents of attribute subpackets for frontends. If --status-fd is
also used, then a new status tag ATTRIBUTE is provided for each
subpacket.
* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track
of the expiration time of a user ID, and while we're at it, use
the expired flag from the selfsig rather than reparsing the
SIG_EXPIRE subpacket.
* photoid.c (generate_photo_id): When adding a new photo ID,
showing the photo for confirmation is not safe when noninteractive
since the "user" may not be able to dismiss a viewer window.
Noted by Timo Schulz.
2002-06-03 David Shaw <dshaw@jabberwocky.com>
* options.skel: Sample photo viewers for Win32.
* misc.c (pct_expando): Use the seckey for %k/%K if the pubkey is
not available.
* photoid.h, photoid.c (show_photos): Include the seckey in case a
user tries to view a photo on a secret key, and change all callers
in keyedit.c (menu_showphoto), keylist.c (list_keyblock_print),
and photoid.c (generate_photo_id).
2002-06-02 David Shaw <dshaw@jabberwocky.com>
* photoid.c (show_photos): Work properly when not called with a
public key.
2002-05-31 David Shaw <dshaw@jabberwocky.com>
* sign.c (mk_notation_and_policy): Free unneeded buffer.
* hkp.c (parse_hkp_index): Properly handle the '&' character
(i.e. "&amp;") in HKP responses.
* getkey.c (merge_selfsigs_main): Fix reversed expiration time
check with self-sigs.
* keyedit.c (sign_uids): When making a new self-sig on a v3 key,
make a v3 self-sig unless it is currently a v3 self-sig being
promoted to v4.
2002-05-31 Timo Schulz <ts@winpt.org>
* pkclist.c (do_show_revocation_reason): Don't use capital
letters for non-interactive output.
(show_revocation_reason): Now it is global.
* pubkey-enc.c (get_it): Show if the key has been revoked.
2002-05-30 David Shaw <dshaw@jabberwocky.com>
* sign.c (write_signature_packets, sign_file, clearsign_file,
sign_symencrypt_file): Make a v4 signature if a policy URL or
notation is set, unless v3 sigs are forced via rfc1991 or
force-v3-sigs. Also remove some doubled code and clarify an error
message (we don't sign in PGP2 mode - just detach-sign).
* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any
size" section.
2002-05-29 David Shaw <dshaw@jabberwocky.com>
* keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and
"no-mdc" in the prefs string to allow switching on and off the MDC
feature. This is needed to properly export a key from GnuPG for
use on PGP which does not support MDC - without this, MDC-capable
implementations will still try and generate MDCs which will break
PGP.
* keygen.c (keygen_get_std_prefs): Show "[mdc]" in prefs string if
it is enabled.
* options.h, g10.c (main), cipher.c (write_header), keygen.c
(keygen_set_std_prefs): For consistency, allow the user to specify
mdc/no-mdc in the --personal-preference-list. If disabled, it
acts just like --disable-mdc.
2002-05-29 David Shaw <dshaw@jabberwocky.com>
* options.h, exec.c: Add some debugging info, using the 1024 debug
flag.
* exec.c (win_system): New system()-like function for win32 that
does not return until the child process terminates. Of course,
this doesn't help if the process itself exits before it is
finished.
2002-05-29 Werner Koch <wk@gnupg.org>
* encode.c (encode_simple): Intialize PKT when --no-literal is used.
* keyedit.c (show_key_with_all_names_colon): Renamed the record
for revocation keys to "rvk".
2002-05-27 Werner Koch <wk@gnupg.org>
* keyedit.c (show_key_with_all_names_colon): New.
(show_key_with_all_names): Divert to new function when required.
Sanitize printing of revoker name.
2002-05-27 David Shaw <dshaw@jabberwocky.com>
* build-packet.c (build_sig_subpkt): Handle setting sig flags for
certain subpacket types (notation, policy url, exportable,
revocable). keyedit.c (sign_mk_attrib): Flags no longer need to
be set here.
* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check
buffer lengths before building a sig subpacket.
2002-05-26 David Shaw <dshaw@jabberwocky.com>
* sign.c (mk_notation_and_policy): Include secret key to enable %s
expandos, and pass notations through pct_expando as well.
* main.h, misc.c (pct_expando): Add %s and %S expandos for
signer's keyid.
2002-05-25 David Shaw <dshaw@jabberwocky.com>
* g10.c (strusage, build_list): Add compress algorithms to
--version list. Show algorithm numbers when --verbose --version
is done.
2002-05-22 David Shaw <dshaw@jabberwocky.com>
* options.h, main.h, keygen.c (keygen_set_set_prefs,
keygen_get_std_prefs, keygen_upd_std_prefs), keyedit.c
(keyedit_menu), g10.c (main), pkclist.c (select_algo_from_prefs):
Add --personal-preference-list which allows the user to factor in
their own preferred algorithms when the preference lists are
consulted. Obviously, this does not let the user violate a
recepient's preferences (and the RFC) - this only influences the
ranking of the agreed-on (and available) algorithms from the
recepients. Suggested by David Hollenberg.
* options.h, keygen.c (keygen_set_std_prefs), g10.c (main): Rename
--preference-list to --default-preference-list (as that is what it
really is), and make it a true default in that if the user selects
"default" they get this list and not the compiled-in list.
2002-05-22 Werner Koch <wk@gnupg.org>
* g10.c (main): Add missing LF in a info printout and made it
translatable. Noted by Michael Tokarev.
2002-05-21 Werner Koch <wk@gnupg.org>
* g10.c (main): Removed the undef of USE_SHM_COPROCESSING which
was erroneously introduced on 2002-01-09.
* signal.c (got_fatal_signal): Don't write the Nul to stderr.
Reported by David Hollenberg.
2002-05-18 David Shaw <dshaw@jabberwocky.com>
* main.h, g10.c (main), revoke.c (gen_desig_revoke): Generate a
designated revocation via --desig-revoke
* keyedit.c (keyedit_menu, menu_addrevoker): New "addrevoker"
command to add a designated revoker to a key.
2002-05-17 David Shaw <dshaw@jabberwocky.com>
* gpgv.c: Add stub for get_ownertrust().
* g10.c (main): --allow-freeform-uid should be implied by
OpenPGP. Add --no-allow-freeform-uid.
* keyedit.c (sign_uids): Issue a warning when signing a
non-selfsigned uid.
* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
allow-non-selfsigned-uid is not set, still try and make the key
valid by checking all uids for a signature from an ultimately
trusted key.
2002-05-16 David Shaw <dshaw@jabberwocky.com>
* main.h, keygen.c (keygen_add_revkey): Add revocation key
subpackets to a signature (callable by
make_keysig_packet). (write_direct_sig): Write a 1F direct key
signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation
key. (get_parameter_revkey, do_generate_keypair): Call above
functions when prompted from a batch key generation file.
* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.
* keydb.h, getkey.c (get_seckey_byfprint): Same as
get_pubkey_byfprint, except for secret keys. We only know the
fingerprint of a revocation key, so this is needed to retrieve the
secret key needed to issue a revokation.
* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split
revkey parsing off into a new function that can be used to reparse
after manipulating the revkey list.
* sign.c (make_keysig_packet): Ability to make 1F direct key
signatures.
2002-05-15 David Shaw <dshaw@jabberwocky.com>
* options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl
as a sample LDAP server instead.
* getkey.c (merge_selfsigs_main): Properly handle multiple
revocation keys in a single packet. Properly handle revocation
keys that are in out-of-order packets. Remove duplicates in
revocation key list.
2002-05-14 Timo Schulz <ts@winpt.org>
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
2002-05-14 Stefan Bellon <sbellon@sbellon.de>
* exec.c (make_tempdir): Make use of EXTSEP_S instead of hardcoded
dot as extension separator.
2002-05-13 David Shaw <dshaw@jabberwocky.com>
* photoid.c (show_photos): Use the long keyid as the filename for
the photo. Use the short keyid as the filename on 8.3 systems.
* exec.h, exec.c (make_tempdir, exec_write, exec_finish): Allow
caller to specify filename. This should make things easier on
windows and macs where the file extension is required, but a whole
filename is even better.
* keyedit.c (show_key_with_all_names, show_prefs): Show proper
prefs for a v4 key uid with no selfsig at all.
* misc.c (check_permissions): Don't check permissions on
non-normal files (pipes, character devices, etc.)
2002-05-11 Werner Koch <wk@gnupg.org>
* mainproc.c (proc_symkey_enc): Avoid segv in case the parser
encountered an invalid packet.
* keyserver.c (keyserver_export): Get confirmation before sending
all keys.
2002-05-10 Stefan Bellon <sbellon@sbellon.de>
* g10.c, hkp.c, keyedit.c, keyserver.c: Replaced all occurrances
of strcasecmp with ascii_strcasecmp and all occurrances of
strncasecmp with ascii_memcasecmp.
2002-05-10 David Shaw <dshaw@jabberwocky.com>
* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show
assumed prefs for hash and compression as well as the cipher pref.
Show assumed prefs if there are no prefs at all on a v4
self-signed key.
* options.h, g10.c (main), sign.c (make_keysig_packet): New
--cert-digest-algo function to override the default key signing
hash algorithm.
2002-05-09 David Shaw <dshaw@jabberwocky.com>
* getkey.c (merge_selfsigs_main): Make sure the revocation key
list starts clean as this function may be called more than once
(e.g. from functions in --edit).
* g10.c, encode.c (encode_crypt), sign.c (sign_file,
sign_symencrypt_file): Make --compress-algo work like the
documentation says. It should be like --cipher-algo and
--digest-algo in that it can override the preferences calculation
and impose the setting the user wants. No --compress-algo setting
allows the usual preferences calculation to take place.
* main.h, compress.c (compress_filter): use new
DEFAULT_COMPRESS_ALGO define, and add a sanity check for compress
algo value.
2002-05-08 David Shaw <dshaw@jabberwocky.com>
* pkclist.c (select_algo_from_prefs): There is an assumed
compression preference for uncompressed data.
2002-05-07 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
(algo_available): --pgp7, identical to --pgp6 except that it
permits a few algorithms that PGP 7 added: AES128, AES192, AES256,
and TWOFISH. Any more of these --pgpX flags, and it'll be time to
start looking at a generic --emulate-pgp X option.
* export.c (do_export_stream): Warn the user when exporting a
secret key if it or any of its secret subkeys are protected with
SHA1 while simple_sk_checksum is set.
* parse-packet.c (parse_key): Show when the SHA1 protection is
used in --list-packets.
* options.h, build-packet.c (do_comment), g10.c (main): Rename
--no-comment as --sk-comments/--no-sk-comments (--no-comment still
works) and make the default be --no-sk-comments.
2002-05-07 Werner Koch <wk@gnupg.org>
* keygen.c (get_parameter_algo): Never allow generation of the
deprecated RSA-E or RSA-S flavors of PGP RSA.
(ask_algo): Allow generation of RSA sign and encrypt in expert
mode. Don't allow ElGamal S+E unless in expert mode.
* helptext.c: Added entry keygen.algo.rsa_se.
2002-05-07 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (sign_uids): If --expert is set, allow re-signing a
uid to promote a v3 self-sig to a v4 one. This essentially
deletes the old v3 self-sig and replaces it with a v4 one.
* packet.h, parse-packet.c (parse_key), getkey.c
(merge_keys_and_selfsig, merge_selfsigs_main): a v3 key with a v4
self-sig must never let the v4 self-sig express a key expiration
time that extends beyond the original v3 expiration time.
2002-05-06 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (sign_uids): When making a self-signature via "sign"
don't ask about sig level or expiration, and include the usual
preferences and such for v4 self-sigs. (menu_set_preferences):
Convert uids from UTF8 to native before printing.
* keyedit.c (sign_uids): Convert uids from UTF8 to native before
printing. (menu_set_primary_uid): Show error if the user tries to
make a uid with a v3 self-sig primary.
2002-05-05 David Shaw <dshaw@jabberwocky.com>
* import.c (import_one): When merging with a key we already have,
don't let a key conflict (same keyid but different key) stop the
import: just skip the bad key and continue.
* exec.c (make_tempdir): Under Win32, don't try environment
variables for temp directories - GetTempDir tries environment
variables internally, and it's better not to second-guess it in
case MS adds some sort of temp dir handling to Windows at some
point.
2002-05-05 Timo Schulz <ts@winpt.org>
* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
in the list only mode.
2002-05-05 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_refresh): --refresh-keys implies
--merge-only so as not to import keys with keyids that match the
ones being refreshed. Noted by Florian Weimer.
2002-05-04 Stefan Bellon <sbellon@sbellon.de>
* free-packet.c (copy_public_key): Don't call m_alloc(0), therefore
added consistency check for revkey and numrefkeys.
* getkey.c (check_revocation_keys): Added consistency check for
revkey and numrefkeys.
* keyedit.c (show_key_with_all_names): Likewise.
2002-05-03 David Shaw <dshaw@jabberwocky.com>
* photoid.c: Provide default image viewer for Win32.
* misc.c (pct_expando): %t means extension, not name ("jpg", not
"jpeg").
* keyserver.c (keyserver_spawn), photoid.c (show_photos), exec.h,
exec.c: Allow the caller to determine the temp file extension when
starting an exec_write and change all callers.
* keyedit.c (sign_uids): Nonrevocable key signatures cause an
automatic promotion to v4.
* exec.c: Provide stubs for exec_ functions when NO_EXEC is
defined.
2002-05-02 David Shaw <dshaw@jabberwocky.com>
* photoid.h, photoid.c (parse_image_header, image_type_to_string):
Useful functions to return data about an image.
* packet.h, parse-packet.c (make_attribute_uidname,
parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
(show_photos): Handle multiple images in a single attribute
packet.
* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy),
photoid.c (show_photos): Simpler expando code that does not
require using compile-time string sizes. Call
image_type_to_string to get image strings (i.e. "jpg",
"image/jpeg"). Change all callers.
* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print):
Allow viewing multiple images within a single attribute packet.
* gpgv.c: Various stubs for link happiness.
2002-05-02 David Shaw <dshaw@jabberwocky.com>
* build-packet.c (build_sig_subpkt), keyedit.c (sign_uids),
options.h, sign.c (mk_notation_and_policy), g10.c (main,
add_notation_data, add_policy_url (new), check_policy_url
(removed)): Allow multiple policy URLs on a given signature.
Split "--notation-data" into "--cert-notation" and
"--sig-notation" so the user can set different policies for key
and data signing. For backwards compatibility, "--notation-data"
sets both, as before.
2002-05-02 Werner Koch <wk@gnupg.org>
* options.skel: Removed the comment on trusted-keys because this
option is now deprecated.
2002-05-01 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (menu_adduid): 2440bis04 says that multiple attribute
packets on a given key are legal.
* keyserver.c (keyserver_refresh): the fake v3 keyid hack applies
to "mailto" URLs as well since they are also served by pksd.
2002-04-29 Werner Koch <wk@gnupg.org>
Added a copyright year for files changed this year.
2002-04-25 Werner Koch <wk@gnupg.org>
* g10.c, options.h: New options --display, --ttyname, --ttytype,
--lc-ctype, --lc-messages to be used with future versions of the
gpg-agent.
* passphrase.c (agent_send_option,agent_send_all_options): New.
(agent_open): Send options to the agent.
* trustdb.c (update_ownertrust, clear_ownertrust): Do an explicit
do_sync because revalidation_mark does it only if when the
timestamp actually changes.
2002-04-23 David Shaw <dshaw@jabberwocky.com>
* main.h, keygen.c (do_generate_keypair), keylist.c
(print_signature_stats, list_all, list_one, list_keyblock,
list_keyblock_print, list_keyblock_colon): After generating a new
key, show the key information (name, keyid, fingerprint, etc.)
Also do not print uncheckable signatures (missing key..) in
--check-sigs. Print statistics (N missing keys, etc.) after
--check-sigs.
* keyedit.c (sign_uids): When signing a key with an expiration
date on it, the "Do you want your signature to expire at the same
time?" question should default to YES.
2002-04-22 David Shaw <dshaw@jabberwocky.com>
* parse-packet.c (parse_plaintext), packet.h, plaintext.c
(handle_plaintext): Fix bug in handling literal packets with
zero-length data (no data was being confused with partial body
length).
* misc.c (pct_expando), options.skel: %t means extension ("jpg").
%T means MIME type ("image/jpeg").
* import.c (import_one): Only trigger trust update if the keyring
is actually changed.
* export.c (do_export_stream): Missing a m_free.
2002-04-22 Stefan Bellon <sbellon@sbellon.de>
* keyid.c (expirestr_from_sk, expirestr_from_sig): Added _() to
string constant.
* exec.c (make_tempdir) [__riscos__]: Better placement of
temporary file.
2002-04-20 David Shaw <dshaw@jabberwocky.com>
* keygen.c (generate_subkeypair): 2440bis04 adds that creating
subkeys on v3 keys is a MUST NOT.
* getkey.c (finish_lookup): The --pgp6 "use the primary key"
behavior should only apply while data signing and not encryption.
Noted by Roger Sondermann.
2002-04-19 Werner Koch <wk@gnupg.org>
* keygen.c (keygen_set_std_prefs): Put back 3DES because the RFC
says it is good form to do so.
2002-04-19 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (menu_deluid): Only cause a trust update if we delete
a non-revoked user id.
* hkp.c (hkp_ask_import), keyserver.c (parse_keyserver_options,
keyserver_spawn), options.h: Remove fast-import keyserver option
(no longer meaningful).
* g10.c (main), keyedit.c (sign_uids), options.h: Change
--default-check-level to --default-cert-check-level as it makes
clear what it operates on.
* g10.c (main): --pgp6 also implies --no-ask-sig-expire.
* delkey.c (do_delete_key): Comment.
* keyedit.c (sign_uids, keyedit_menu, menu_deluid, menu_delsig,
menu_expire, menu_revsig, menu_revkey): Only force a trustdb check
if we did something that changes it.
* g10.c: add "--auto-check-trustdb" to override a
"--no-auto-check-trustdb"
2002-04-19 Werner Koch <wk@gnupg.org>
* tdbio.c (tdbio_write_nextcheck): Return a status whether the
stamp was actually changed.
* trustdb.c (revalidation_mark): Sync the changes. Removed the
sync operation done by its callers.
(get_validity): Add logic for maintaining a pending_check flag.
(clear_ownertrust): New.
* keyedit.c (sign_uids): Don't call revalidation_mark depending on
primary_pk.
(keyedit_menu): Call revalidation_mark after "trust".
(show_key_with_all_names): Print a warning on the wrong listed key
validity.
* delkey.c (do_delete_key): Clear the owenertrust information when
deleting a public key.
2002-04-18 Werner Koch <wk@gnupg.org>
* seskey.c (encode_md_value): Print an error message if a wrong
digest algorithm is used with DSA. Changed all callers to cope
with a NULL return. Problem noted by Imad R. Faiad.
2002-04-18 David Shaw <dshaw@jabberwocky.com>
* trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire. In short, the only thing that can
override an unexpired nonrevocable signature is another unexpired
nonrevocable signature.
* getkey.c (finish_lookup): Always use primary signing key for
signatures when --pgp6 is on since pgp6 and 7 do not understand
signatures made by signing subkeys.
2002-04-18 Werner Koch <wk@gnupg.org>
* trustdb.c (validate_keys): Never schedule a nextcheck into the
past.
(validate_key_list): New arg curtime use it to set next_expire.
(validate_one_keyblock): Take the current time from the caller.
(clear_validity, reset_unconnected_keys): New.
(validate_keys): Reset all unconnected keys.
* getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.
(lookup): Advance the searchmode after a search FIRST.
* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.
* g10.c, options.skel: New option --no-escape-from. Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-16 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse_key): Support a SHA1 checksum as per
draft-rfc2440-bis04.
* packet.h (PKT_secret_key): Add field sha1chk.
* seckey-cert.c (do_check): Check the SHA1 checksum
(protect_secret_key): And create it.
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
* g10.c, options.h: New option --simple-sk-checksum.
2002-04-13 David Shaw <dshaw@jabberwocky.com>
* parse-packet.c (parse_signature): Minor fix - signatures should
expire at their expiration time and not one second later.
* keygen.c (proc_parameter_file): Allow specifying preferences
string (i.e. "s5 s2 z1 z2", etc) in a batchmode key generation
file.
* keyedit.c (keyedit_menu): Print standard error message when
signing a revoked key (no new translation).
* getkey.c (merge_selfsigs): Get the default set of key prefs from
the real (not attribute) primary uid.
2002-04-12 David Shaw <dshaw@jabberwocky.com>
* pkclist.c (build_pk_list): Fix bug that allowed a key to be
selected twice in batch mode if one instance was the default
recipient and the other was an encrypt-to. Noted by Stefan
Bellon.
* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp
sig subpackets.
* keyedit.c (keyedit_menu): Use new function real_uids_left to
prevent deleting the last real (i.e. non-attribute) uid. Again,
according to the attribute draft. (menu_showphoto): Make another
string translatable.
2002-04-11 David Shaw <dshaw@jabberwocky.com>
* build-packet.c (build_sig_subpkt): Delete subpackets from both
hashed and unhashed area on update. (find_subpkt): No longer
needed.
* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key
with a v4 signature. As usual, --expert overrides. Try to tweak
some strings to a closer match so they can all be translated in
one place. Use different helptext keys to allow different help
text for different questions.
* keygen.c (keygen_upd_std_prefs): Remove preferences from both
hashed and unhashed areas if they are not going to be used.
2002-04-10 David Shaw <dshaw@jabberwocky.com>
* misc.c (pct_expando), options.skel: Use %t to indicate type of a
photo ID (in this version, it's always "jpeg"). Also tweak string
expansion loop to minimize reallocs.
* mainproc.c (do_check_sig): Variable type fix.
* keyedit.c (menu_set_primary_uid): Differentiate between true
user IDs and attribute user IDs when making one of them primary.
That is, if we are making a user ID primary, we alter user IDs.
If we are making an attribute packet primary, we alter attribute
packets. This matches the language in the latest attribute packet
draft.
* keyedit.c (sign_uids): No need for the empty string hack.
* getkey.c (fixup_uidnode): Only accept preferences from the
hashed segment of the self-sig.
2002-04-10 Werner Koch <wk@gnupg.org>
* tdbio.c (migrate_from_v2): Fixed the offset to read the old
ownertrust value and only add entries to the table if we really
have a value.
2002-04-08 David Shaw <dshaw@jabberwocky.com>
* status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG,
and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to
SIGEXPIRED.
* sig-check.c (do_check): Start transition from SIGEXPIRED to
KEYEXPIRED, since the actual event is signature verification by an
expired key and not an expired signature. (do_signature_check,
packet.h): Rename as signature_check2, make public, and change all
callers.
* mainproc.c (check_sig_and_print, do_check_sig): Use status
EXPSIG for an expired, but good, signature. Add the expiration
time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for
a good signature from an expired key.
* g10.c (main): remove checks for no arguments now that argparse
does it.
2002-04-06 Werner Koch <wk@gnupg.org>
* keyring.c (keyring_get_keyblock): Disable the keylist mode here.
* encode.c (encode_simple, encode_crypt): Only test on compressed
files if a compress level was not explicity set.
* keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish
from the list of default preferences, swapped the preferences of
RMD160 and SHA1. Don't include a preference to 3DES unless the
IDEA kludge gets used.
* free-packet.c (free_packet): call free_encrypted also for
PKT_ENCRYPTED_MDC.
* compress.c (release_context): New.
(handle_compressed): Allocate the context and setup a closure to
release the context. This is required because there is no
guarabntee that the filter gets popped from the chain at the end
of the function. Problem noted by Timo and probably also the
cause for a couple of other reports.
(compress_filter): Use the release function if set.
* tdbio.c [__CYGWIN32__]: Don't rename ftruncate. Noted by
Disastry.
* parse-packet.c (parse_signature): Put parens around a bit test.
* exec.c (make_tempdir): Double backslash for TMP directory
creation under Windows. Better strlen the DIRSEP_S constants for
allocation measurements.
* decrypt.c (decrypt_messages): Release the passphrase aquired
by get_last_passphrase.
2002-04-02 Werner Koch <wk@gnupg.org>
* Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they
are no longer of any use.
2002-04-03 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (parse_keyserver_options): fix auto-key-retrieve to
actually work as a keyserver-option (noted by Roger Sondermann).
* keylist.c (reorder_keyblock): do not reorder the primary
attribute packet - the first user ID must be a genuine one.
2002-03-31 David Shaw <dshaw@jabberwocky.com>
* keylist.c (list_keyblock_colon): Fix ownertrust display with
--with-colons.
* keygen.c (generate_user_id), photoid.c (generate_photo_id):
Properly initialize the user ID refcount. A few more "y/n" ->
"y/N" in photoid.c.
* keyedit.c (ask_revoke_sig): Warn the user if they are about to
revoke an expired sig (not a problem, but they should know). Also
tweak a few prompts to change "y/n" to "y/N", which is how most
other prompts are written.
* keyserver.c (keyserver_search_prompt): Control-d escapes the
keyserver search prompt.
* pkclist.c (show_revocation_reason & callers): If a subkey is
considered revoked solely because the parent key is revoked, print
the revocation reason from the parent key.
* trustdb.c (get_validity): Allow revocation/expiration to apply
to a uid/key with no entry in the trustdb.
2002-03-29 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (printunquoted): unquote backslashes from keyserver
searches
* hkp.c (write_quoted): quote backslashes from keyserver searches
2002-03-26 Werner Koch <wk@gnupg.org>
* keygen.c (ask_keysize): Removed the warning for key sizes > 1536.
2002-03-25 Werner Koch <wk@gnupg.org>
* keyedit.c (sign_uids): Use 2 strings and not a %s so that
translations can be done the right way.
* helptext.c: Fixed small typo.
2002-03-23 David Shaw <dshaw@jabberwocky.com>
* import.c (append_uid, merge_sigs): it is okay to import
completely non-signed uids now (with --allow-non-selfsigned-uid).
* getkey.c (get_primary_uid, merge_selfsigs_main): do not choose
an attribute packet (i.e. photo) as primary uid. This prevents
oddities like "Good signature from [image of size 2671]". This is
still not perfect (one can still select an attribute packet as
primary in --edit), but is closer to the way the draft is going.
* g10.c (build_list): algorithms should include 110.
* g10.c (main): --pgp2 implies --no-ask-sig-expire and
--no-ask-cert-expire as those would cause a v4 sig/cert.
* armor.c (is_armor_header): be more lenient in what constitutes a
valid armor header (i.e. -----BEGIN blah blah-----) as some
Windows programs seem to add spaces at the end. --openpgp makes
it strict again.
2002-03-18 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_search_prompt): Properly handle a "no
keys found" case from the internal HKP code (external HKP is ok).
Also, make a COUNT -1 (i.e. streamed) keyserver response a little
more efficient.
* g10.c (main): Add --no-allow-non-selfsigned-uid
2002-03-17 David Shaw <dshaw@jabberwocky.com>
* g10.c (main): --openpgp implies --allow-non-selfsigned-uid.
* getkey.c (merge_selfsigs_main): If none of the uids are primary
(because none are valid) then pick the first to be primary (but
still invalid). This is for cosmetics in case some display needs
to print a user ID from a non-selfsigned key. Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust. The key is *not* automatically trusted via
--allow-non-selfsigned-uid.
* mainproc.c (check_sig_and_print): Make sure non-selfsigned uids
print [uncertain] on verification even though one is primary now.
* getkey.c (merge_selfsigs): If the main key is not valid, then
neither are the subkeys.
* import.c (import_one): Allow --allow-non-selfsigned-uid to work
on completely unsigned keys. Print the uids in UTF8. Remove
mark_non_selfsigned_uids_valid().
* keyedit.c (show_key_with_all_names): Show revocation key as
UTF8.
* sign.c (clearsign_file): Allow --not-dash-escaped to work with
v3 keys.
2002-03-14 Werner Koch <wk@gnupg.org>
* main.h: Changed the default algorithms to CAST5 and SHA1.
2002-03-13 David Shaw <dshaw@jabberwocky.com>
* import.c (chk_self_sigs): Show which user ID a bad self-sig
(invald sig or unsupported public key algorithm) resides on.
* import.c (chk_self_sigs): any valid self-sig should mark a user
ID or subkey as valid - otherwise, an attacker could DoS the user
by inventing a bogus invalid self-signature.
2002-03-07 David Shaw <dshaw@jabberwocky.com>
* g10.c (main): make a few more strings translatable.
* options.h, options.skel, g10.c (main), gpgv.c, mainproc.c
(check_sig_and_print), keyserver.c (parse_keyserver_options):
--auto-key-retrieve should really be a keyserver-option variable.
* import.c (revocation_present): new function to print a warning
if a key is imported that has been revoked by designated revoker,
but the designated revoker is not present to verify the
revocation. If keyserver-options auto-key-retrieve is set, try
and fetch the designated revoker from the keyserver.
* import.c (import_one): call revocation_present after importing a
new key. Note that this applies to --import, --recv-keys, and
--search-keys.
* keyserver-internal.h, keyserver.c (keyserver_import_fprint):
import via fingerprint (for revocation keys).
* keyserver.c (keyserver_import_keyid): much simpler
implementation now that we're using KEYDB_SEARCH_DESC internally.
2002-03-04 David Shaw <dshaw@jabberwocky.com>
* revoke.c (gen_revoke): do not prompt for revocation reason for
v3 revocations (unless force-v4-certs is on) since they wouldn't
be used anyway.
* keyedit.c (menu_revsig): show the status of the sigs
(exportable? revocable?) to the user before prompting for which
sig to revoke. Also, make sure that local signatures get local
revocations.
* keyedit.c (ask_revoke_sig): remind the user which sigs are
local.
* g10.c (main): Add "exec-path" variable to override PATH for
execing programs.
* export.c (do_export_stream): properly check return code from
classify_user_id to catch unclassifiable keys.
2002-03-03 David Shaw <dshaw@jabberwocky.com>
* parse-packet.c (parse_signature): variable type tweak for RISC
OS (from Stefan)
2002-02-28 David Shaw <dshaw@jabberwocky.com>
* getkey.c (check_revocation_keys): New function to check a
revocation against a list of potential revocation keys. Note the
loop-breaking code here. This is to prevent blowing up if A is
B's revocation key, while B is also A's. Note also that this is
written so that a revoked revoker can still issue revocations:
i.e. If A revokes B, but A is revoked, B is still revoked. I'm
not completely convinced this is the proper behavior, but it
matches how PGP does it. It does at least have the advantage of
much simpler code - my first version of this had lots of loop
maintaining code so you could chain revokers many levels deep and
if D was revoked, C was not, which meant that B was, and so on.
It was sort of scary, actually.
* getkey.c (merge_selfsigs_main): Add any revocation keys onto the
pk. This is particularly interesting since we normally only get
data from the most recent 1F signature, but you need multiple 1F
sigs to properly handle revocation keys (PGP does it this way, and
a revocation key could be marked "sensitive" and hence in a
different signature). Also, if a pk has a revocation key set,
check for revocation sigs that were not made by us - if made by a
valid revocation key, mark the pk revoked.
* packet.h, getkey.c (cache_public_key): do not cache key if
"dont_cache" is set. This allows the revocation key code to look
up a key and return information that may be inaccurate to prevent
loops without caching the fake data.
* packet.h, sig-check.c (do_signature_check): Record if a
signature was made by a revoked pk.
* packet.h, parse-packet.c (parse_one_sig_subpkt,
can_handle_critical, parse_signature): Get revocation key
information out of direct sigs.
* keylist.c (list_keyblock_print): don't assume that the presence
of a 0x20 signature means the key is revoked. With revocation
keys, this may not be true if the revocation key is not around to
verify it or if verification failed. Also, 0x1F should get listed
as "sig", and not "unexpected signature class".
* keyedit.c (show_key_with_all_names): Add a flag for printing
revoker information and change all callers.
* import.c (merge_blocks): merge in any new direct key (0x1F)
sigs.
* import.c (import_revoke_cert): don't keep processing after a
revocation is rejected.
* import.c (delete_inv_parts): Allow importing a revocation
signature even if it was not issued by the key. This allows a
revocation key to issue it. Of course, the sig still needs to be
checked before we trust it.
* free-packet.c (copy_public_key): Include a new copy of the
revocation keys when duping a pk.
* free-packet.c (free_seckey_enc, release_public_key_parts): Free
any revocation keys that are attached to a sig or pk.
* export.c (do_export_stream): Do not export signatures with
"sensitive" revocation keys in them.
2002-02-27 David Shaw <dshaw@jabberwocky.com>
* export.c (do_export_stream): Do not include v3 keys in a
--export-secret-subkeys export.
* getkey.c (merge_selfsigs_main): If a key isn't valid (say,
because of no self-signature), allow --always-trust to force it
valid so it can be trusted.
2002-02-25 David Shaw <dshaw@jabberwocky.com>
* hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key
lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows
the helper program to search the keyserver by fingerprint if
desired (and the keyserver supports it). Note that automatic
fingerprint promotion during refresh only applies to v4 keys as a
v4 fingerprint can be easily changed into a long or short key id,
and a v3 cannot.
* pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of
hextobyte() from pubkey-enc.c and getkey.c and make them into one
copy in misc.c.
2002-02-22 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_search_prompt): Detect a "no keys found"
case even if the helper program does not explicitly say how many
keys were found.
* hkp.c (parse_hkp_index): Bug fix - don't report non-revoked keys
as revoked in HKP key searches.
2002-02-19 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse_trust): Made parsing more robust.
2002-02-19 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Catch corruption in HKP index lines
(can be caused by broken or malicious keyservers).
* keyserver.c (keyserver_work): Add KEYSERVER_NOT_SUPPORTED for
unsupported actions (say, a keyserver that has no way to search,
or a readonly keyserver that has no way to add). Also add a
USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
2002-02-14 Werner Koch <wk@gnupg.org>
* g10.c: New option --no-use-agent.
* pkclist.c (check_signatures_trust): Always print the warning for
unknown and undefined trust. Removed the did_add cruft. Reported
by Janusz A. Urbanowicz.
2002-02-11 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Bug fix - properly handle user IDs with
colons (":") in them while HKP searching.
2002-02-09 David Shaw <dshaw@jabberwocky.com>
* misc.c (pct_expando): More comments.
* keydb.h, sign.c (mk_notation_and_policy): Clarify what is a sig
and what is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40,
and everything else is a cert.
* g10.c (main), keyedit.c (keyedit_menu): Add a "nrlsign" for
nonrevocable and local key signatures.
* g10.c (main): Add a --no-force-mdc to undo --force-mdc.
* options.h, g10.c (main), cipher.c (write_header): Add a knob to
--disable-mdc/--no-disable-mdc. Off by default, of course, but is
used in --pgp2 and --pgp6 modes.
* pkclist.c (build_pk_list): Allow specifying multiple users in
the "Enter the user ID" loop. Enter a blank line to stop. Show
each key+id as it is added.
* keylist.c (show_policy_url), mainproc.c (print_notation_data):
It is not illegal (though possibly silly) to have multiple policy
URLs in a given signature, so print all that are present.
* hkp.c (hkp_search): More efficient implementation of URL-ifying
code.
2002-02-04 David Shaw <dshaw@jabberwocky.com>
* main.h, misc.c (pct_expando): New function to generalize
%-expando processing in any arbitrary string.
* photoid.c (show_photo): Call the new pct_expando function rather
than expand strings internally.
* sign.c (mk_notation_and_policy): Show policy URLs and notations
when making a signature if show-policy/show-notation is on.
%-expand policy URLs during generation. This lets the user have
policy URLs of the form "http://notary.jabberwocky.com/keysign/%K"
which will generate a per-signature policy URL.
* main.h, keylist.c (show_policy_url, show_notation): Add amount
to indent so the same function can be used in key listings as well
as during sig generation. Change all callers.
2002-02-04 David Shaw <dshaw@jabberwocky.com>
* keyserver.c, options.h (parse_keyserver_options, keyidlist):
Workaround for the pksd and OKS keyserver bug that calculates v4
RSA keyids as if they were v3. The workaround/hack is to fetch
both the v4 (e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This
only happens for key refresh while using the HKP scheme and the
refresh-add-fake-v3-keyids keyserver option must be set. This
should stay off by default.
2002-02-03 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_spawn): Bug fix - do not append keys to
each other when --sending more than one.
2002-02-02 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), keyedit.c (sign_uids), sign.c
(mk_notation_and_policy): Split "--set-policy-url" into
"--cert-policy-url" and "--sig-policy-url" so the user can set
different policies for key and data signing. For backwards
compatibility, "--set-policy-url" sets both, as before.
2002-01-30 Werner Koch <wk@gnupg.org>
* g10.c (main): --gen-random --armor does now output a base64
encoded string.
2002-01-28 David Shaw <dshaw@jabberwocky.com>
* g10.c (main), options.h, pkclist.c (algo_available): --pgp6
flag. This is not nearly as involved as --pgp2. In short, it
turns off force_mdc, turns on no_comment, escape_from, and
force_v3_sigs, and sets compression to 1. It also restricts the
user to IDEA (if present), 3DES, CAST5, MD5, SHA1, and RIPEMD160.
See the comments above algo_available() for lots of discussion on
why you would want to do this.
2002-01-27 David Shaw <dshaw@jabberwocky.com>
* keygen.c (keygen_set_std_prefs): Comment
* keyedit.c (sign_uids): Bug fix - when signing with multiple
secret keys at the same time, make sure each key gets the sigclass
prompt.
* exec.c (exec_finish): Close the iobuf and FILE before trying to
waitpid, so the remote process will get a SIGPIPE and exit. This
is only a factor when using a pipe to communicate.
* exec.c (exec_write): Disable cache-on-close of the fd iobuf (is
this right? Why is a fd iobuf cached at all?)
2002-01-26 Werner Koch <wk@gnupg.org>
* g10.c, options.h: New option --gpg-agent-info
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
2002-01-24 David Shaw <dshaw@jabberwocky.com>
* pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences
against keys with v4 self sigs - there is really little point in
warning for every single non-IDEA message encrypted to an old key.
* pkclist.c (select_algo_from_prefs): Only put in the fake IDEA
preference if --pgp2 is on.
* mainproc.c (check_sig_and_print): Print "Expired" for expired
but good signatures (this still prints "BAD" for expired but bad
signatures).
2002-01-23 David Shaw <dshaw@jabberwocky.com>
* keygen.c (ask_keysize): Cosmetic: don't present a RSA signing
key as a "keypair" which can be 768 bits long (as RSA minimum is
1024).
* pubkey-enc.c (is_algo_in_prefs): Allow IDEA as a fake preference
for v3 keys with v3 selfsigs.
2002-01-22 David Shaw <dshaw@jabberwocky.com>
* packet.h, getkey.c (merge_selfsigs_main), pkclist.c
(select_algo_from_prefs): Implement the fake IDEA preference as
per RFC2440:12.1. This doesn't mean that IDEA will be used (the
plugin may not be present), but it does mean that a v3 key with a
v3 selfsig has an implicit IDEA preference instead of 3DES. v3
keys with v4 selfsigs use preferences as normal.
* encode.c (encode_crypt): if select_algo_from_prefs fails, this
means that we could not find a cipher that both keys like. Since
all v4 keys have an implicit 3DES preference, this means there is
a v3 key with a v3 selfsig in the list. Use 3DES in this case as
it is the safest option (we know the v4 key can handle it, and
we'll just hope the v3 key is being used in an implementation that
can handle it). If --pgp2 is on, warn the user what we're doing
since it'll probably break PGP2 compatibility.
* g10.c (main): Do not force using IDEA for encrypted files in
--pgp2 mode - let the fake IDEA preference choose this for us for
better compatibility when encrypting to multiple keys, only some
of which are v3.
* keygen.c (keygen_set_std_prefs): Put 3DES on the end of the
default cipher pref list (RFC2440: "...it is good form to place it
there explicitly."). If the user has the IDEA plugin installed,
put a preference for IDEA *after* 3DES to effectively disable its
use for everything except encrypting along with v3 keys.
* encode.c, g10.c, sign.c: Change the PGP2 warning line from
"... will not be usable ..." to "... may not be usable ..." as the
user could be using one of the enhanced PGP2 variations.
* helptext.c: Revise the sign_uid.class help text as suggested by
Stefan.
2002-01-20 Werner Koch <wk@gnupg.org>
* passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
used with the agent. Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
2002-01-19 Werner Koch <wk@gnupg.org>
* passphrase.c (agent_open): Add support for the new Assuan based
gpg-agent. New arg to return the used protocol version.
(agent_get_passphrase): Implemented new protocol here.
(passphrase_clear_cache): Ditto.
(readline): New.
2002-01-15 Timo Schulz <ts@winpt.org>
* encode.c (encode_crypt_files): Fail if --output is used.
* g10.c: New command --decrypt-files.
* decrypt.c (decrypt_messages): New.
2002-01-09 David Shaw <dshaw@jabberwocky.com>
* g10.c, misc.c, gpgv.c: move idea_cipher_warn to misc.c so gpgv.c
doesn't need a stub for it any longer.
* g10.c (get_temp_dir), main.h: no longer used (it's in exec.c now)
* g10.c (main), delkey.c (delete_keys), main.h : Allow
--delete-key (now --delete-keys, though --delete-key still works,
of course) to delete multiple keys in one go. This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as
well.
2002-01-09 Timo Schulz <ts@winpt.org>
* encode.c (encode_crypt_files): Now it behaves like verify_files.
* g10.c (main): We don't need to check argc for encode_crypt_files
any longer.
2002-01-09 Timo Schulz <ts@winpt.org>
* exec.c: Include windows.h for dosish systems.
2002-01-08 Timo Schulz <ts@winpt.org>
* g10.c (main): New description for --encrypt-files.
2002-01-08 Werner Koch <wk@gnupg.org>
* g10.c (main): Must register the secring for encryption because
it is needed to figure out the default recipient. Reported by
Roger Sondermann.
2002-01-05 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (menu_adduid): Require --expert before adding a photo
ID to a v3 key, and before adding a second photo ID to any key.
* keyedit.c (keyedit_menu): Don't allow adding photo IDs in
rfc1991 or pgp2 mode.
* getkey.c (merge_selfsigs_subkey): Permit v3 subkeys. Believe it
or not, this is allowed by rfc 2440, and both PGP 6 and PGP 7 work
fine with them.
* g10.c, options.h, keyedit.c, sign.c: Move the "ask for
expiration" switch off of --expert, which was getting quite
overloaded, and onto ask-sig-expire and ask-cert-expire. Both
default to off.
* g10.c (main): Change the default compression algo to 1, to be
more OpenPGP compliant (PGP also uses this, so it'll help with
interoperability problems as well).
* encode.c (encode_crypt): Handle compression algo 2, since the
default is now 1.
* build-packet.c (build_attribute_subpkt): Fix off-by-one error.
2002-01-05 Werner Koch <wk@gnupg.org>
* g10.c (main): Do not register the secret keyrings for certain
commands.
* keydb.c (keydb_add_resource): Use access to test for keyring
existence. This avoids cached opened files which are bad under
RISC OS.
2002-01-04 David Shaw <dshaw@jabberwocky.com>
* sign.c (sign_file, sign_symencrypt_file): always use one-pass
packets unless rfc1991 is enabled. This allows a signature made
with a v3 key to work in PGP 6 and 7. Signatures made with v4
keys are unchanged.
* g10.c (main): Disallow non-detached signatures in PGP2 mode.
Move the "you must use files and not pipes" PGP2 warning up so all
the PGP2 stuff is together.
* encode.c (encode_simple): Use the actual filesize instead of
partial length packets in the internal literal packet from a
symmetric message. This breaks PGP5(?), but fixes PGP2, 6, and 7.
It's a decent tradeoff. Note there was only an issue with
old-style RFC1991 symmetric messages. 2440-style messages in 6
and 7 work with or without partial length packets.
2002-01-03 David Shaw <dshaw@jabberwocky.com>
* g10.c (main): Removed --no-default-check-level option, as it is
not consistent with other "default" options. Plus, it is the same
as saying --default-check-level 0.
* exec.c (exec_read): Disallow caching tempfile from child
process, as this keeps the file handle open and can cause unlink
problems on some platforms.
* keyserver.c (keyserver_search_prompt): Minor tweak - don't
bother to transform keyids into textual form if they're just going
to be transformed back to numbers.
2002-01-03 Timo Schulz <ts@winpt.org>
* g10.c: New command --encrypt-files.
* verify.c (print_file_status): Removed the static because
encode_crypt_files also uses this function.
* main.h (print_files_status): New.
(encode_crypt_files): New.
* encode.c (encode_crypt_files): New.
2002-01-02 Stefan Bellon <sbellon@sbellon.de>
* keyserver.c: Moved util.h include down in order to avoid
redefinition problems on RISC OS.
* keyring.c (keyring_lock): Only lock keyrings that are writable.
* keyring.c (keyring_update_keyblock): Close unused iobuf.
* hkp.c (parse_hkp_index, hkp_search) [__riscos__]: Changed
unsigned char* to char* because of compiler issues.
* exec.c (exec_finish) [__riscos__]: Invalidate close cache so
that file can be unlinked.
2001-12-28 David Shaw <dshaw@jabberwocky.com>
* g10.c (main): Use a different strlist to check extensions since
they need to be handled seperately now.
* misc.c,main.h (check_permissions): Properly handle permission
and ownership checks on files in the lib directory
(e.g. /usr/local/lib/gnupg), which are owned by root and are
world-readable, and change all callers to specify extension or
per-user file.
* photoid.c (show_photo), keyserver.c (keyserver_spawn): Bug fix -
don't call exec_finish if exec_write fails.
* keyserver.c (keyserver_spawn): Look for OPTIONS from the
keyserver helper - specifically, a "OUTOFBAND" option for the
email keyserver.
* mainproc.c (list_node), keylist.c (list_keyblock_colon),
import.c (delete_inv_parts), export.c (do_export_stream): Use
signature flags for exportability check rather than re-parsing the
subpacket.
* keyid.c, keydb.h (get_lsign_letter): No longer needed.
2001-12-27 David Shaw <dshaw@jabberwocky.com>
* exec.c (exec_finish): Show errors when temp files cannot be
deleted for whatever reason.
* exec.c (exec_read): Don't rely on WEXITSTATUS being present.
* exec.c (make_tempdir): Add temp file creator for win32. Don't
create an incoming temp file if the exec is write-only.
* keyserver.c (keyserver_spawn): Clean up error handling, for when
the spawn fails.
* photoid.c (show_photo): Clean up error handling.
* misc.c (check_permissions): Neaten.
2001-12-25 David Shaw <dshaw@jabberwocky.com>
* mkdtemp.c (mkdtemp): Add copyleft info and tweak the 'X' counter
to be a bit simpler.
* keyserver.c, photoid.c: Remove unused headers left over from
when the exec functions lived there.
2001-12-23 Timo Schulz <ts@winpt.org>
* misc.c (check_permissions): Do not use it for W32 systems.
* tdbio.c (migrate_from_v2): Define ftruncate as chsize() for W32.
* mkdtemp.c: W32 support.
* photoid.c: Ditto.
* exec.c: Ditto.
2001-12-22 David Shaw <dshaw@jabberwocky.com>
* exec.c (make_tempdir): avoid compiler warning with const
* mkdtemp.c (mkdtemp): catch the empty ("") string case in case
someone repurposes mkdtemp at some point.
* photoid.c (generate_photo_id, show_photo): some type changes
from Stefan Bellon.
* exec.c (make_tempdir): handle Win32 systems, suggested by Timo
Schulz.
2001-12-22 Werner Koch <wk@gnupg.org>
* encode.c (encode_simple, encode_crypt): i18n 2 strings.
2001-12-22 Timo Schulz <ts@winpt.org>
* encode.c (encode_simple, encode_crypt): Use is_file_compressed
to avoid to compress compressed files.
2001-12-22 Werner Koch <wk@gnupg.org>
* keyserver.c (keyserver_spawn): Removed some variables
declaration due to shadowing warnings.
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
compiler warnig due to index(3).
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
* keylist.c (list_one): Made resname const.
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
not used.
* options.skel: Changed one example photo viewer to qiv.
2001-12-21 David Shaw <dshaw@jabberwocky.com>
* Makefile.am: add exec.c, exec.h, photoid.c, and photoid.h
* build-packet.c (build_attribute_subpkt): new function to build
the raw attribute subpacket. Note that attribute subpackets have
the same format as signature subpackets.
* exec.c: new file with generic exec-a-program functionality.
Used by both photo IDs and keyserver helpers. This is pretty much
the same code that used to be keyserver specific, with some
changes to be usable generically.
* free-packet.c (free_attributes (new)): function to free an
attribute packet.
* gpgv.c: added stub show_photo
* keyedit.c (keyedit_menu, menu_adduid, menu_showphoto): can add a
photo (calls generate_photo_id), or display a photo (calls
show_photo) from the --edit menu. New commands are "addphoto",
and "delphoto" (same as "deluid").
* keylist.c (list_keyblock_print): show photos during key list if
--show-photos enabled.
* keyserver.c (keyserver_spawn): use the generic exec_xxx
functions to call keyserver helper.
* g10.c, options.h: three new options - --{no-}show-photos, and
--photo-viewer to give the command line to display a picture.
* options.skel: instructions for the photo viewer
* parse-packet.c (parse_user_id, setup_user_id (new)): common code
for both user IDs and attribute IDs moved to setup_user_id.
* parse-packet.c (make_attribute_uidname (new)): constructs a fake
"name" for attribute packets (e.g. "[image of size ...]")
* parse-packet.c (parse_attribute (replaces parse_photo_id),
parse_attribute_subpkts): Builds an array of individual
attributes. Currently only handles attribute image / type jpeg
subpackets.
* sign.c (hash_uid): Fix bug in signing attribute (formerly
photo_id) packets.
* packet.h, and callers: globally change "photo_id" to "attribute"
and add structures for attributes. The packet format is generic
attributes, even though the only attribute type thus far defined
is jpeg.
2001-12-21 David Shaw <dshaw@jabberwocky.com>
* parse-packet.c (can_handle_critical): Can handle critical
revocation subpackets now.
* trustdb.c (mark_usable_uid_certs): Disregard revocations for
nonrevocable sigs. Note that this allows a newer revocable
signature to override an older nonrevocable signature.
* sign.c (make_keysig_packet): add a duration field and change all
callers. This makes make_keysig_packet closer to
write_signature_packets and removes some duplicated expiration
code.
* keyedit.c (keyedit_menu, menu_revsig, sign_uids,
sign_mk_attrib): Add nrsign command, don't allow revoking a
nonrevocable signature,
* g10.c (main): Add --nrsign option to nonrevocably sign a key
from the command line.
* build-packet.c (build_sig_subpkt_from_sig): Comment to explain
the use of CRITICAL.
2001-12-21 Werner Koch <wk@gnupg.org>
* g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here. By David Champion.
2001-12-20 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_spawn): Use mkdtemp() to make temp
directory.
* mkdtemp.c: replacement function for those platforms that don't
have mkdtemp (make a temp directory securely).
2001-12-19 David Shaw <dshaw@jabberwocky.com>
* misc.c (check_permissions): New function to stat() and ensure
the permissions of GNUPGHOME and the files have safe permissions.
* keydb.c (keydb_add_resource): Check keyring permissions.
* tdbio.c (tdbio_set_dbname): Check permissions of trustdb.gpg
* keyserver.c (keyserver_spawn): Disable keyserver schemes that
involve running external programs if the options file has unsafe
permissions or ownership.
* g10.c, options.h: New option --no-permission-warning to disable
the permission warning message(s). This also permits use of the
keyserver if it had been disabled (see above). Also check the
permissions/ownership of random_seed.
* keyserver.c (keyserver_spawn): The new glibc prints a warning
when using mktemp() (the code was already secure, but the warning
was bound to cause confusion). Use a different implementation
based on get_random_bits() instead. Also try a few times to get
the temp dir before giving up.
2001-12-19 Werner Koch <wk@gnupg.org>
* g10.c, passphrase.c [CYGWIN32]: Allow this as an alias for MINGW32.
2001-12-18 David Shaw <dshaw@jabberwocky.com>
* g10.c (idea_cipher_warn): Add a flag to show the warning always
or once per session and change all callers (show always except for
the secret key protection and unknown cipher from an encrypted
message errors). Also make the strings translatable.
* pubkey-enc.c (get_it): Add the IDEA cipher warning if the user
tries to decrypt an IDEA encrypted message without the IDEA
plugin.
* keyserver.c (parse_keyserver_uri): More strict checking of the
keyserver URI. Specifically, fail if the ":port" section is
anything except a number between 1 and 65535.
2001-12-17 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (print_keyinfo): No need to check for
control/illegal characters, as utf8_to_native does this for us.
* mainproc.c (proc_encrypted): Use generic IDEA warning.
* gpgv.c: add stub for idea_cipher_warn
* g10.c, hkp.c, keyserver.c: Fix capitalization and plural issues.
* encode.c (encode_crypt), sign.c (sign_file, clearsign_file):
disable pgp2 mode after the message is no longer pgp2 compatible.
* g10.c (main): Tweak the PGP2.x IDEA warning to use the generic
warning, and not merely fail if the IDEA plugin isn't there.
* g10.c (main, idea_cipher_warn), keygen.c (set_one_pref),
seckey-cert.c (do_check): Add a generic IDEA warning for when the
IDEA plugin is not present. This pops up when the user uses
"--cipher-algo idea", when setpref is used to set a "S1"
preference, and when a secret key protected with IDEA is used.
2001-12-15 Werner Koch <wk@gnupg.org>
* keyserver.c (keyserver_spawn): Assert that we have dropped privs.
2001-12-13 Werner Koch <wk@gnupg.org>
* pubkey-enc.c (get_session_key): Check that the public key
algorithm is indeed usable for en/decryption. This avoid a
strange error message from pubkey_decrypt if for some reasons a
bad algorithm indentifier is passed.
2001-12-12 David Shaw <dshaw@jabberwocky.com>
* Fixed some types for portability. Noted by Stefan Bellon.
2001-12-11 Werner Koch <wk@gnupg.org>
* hkp.c (hkp_export): Do not print possible control characters
from a keyserver response.
(parse_hkp_index): Made uid an unsigned char* because it is passed to
isspace().
(hkp_search): Ditto for the char* vars.
* g10.c (main): Print the IDEA warning also for -c and -se.
* g10.c (get_temp_dir): Assert that we have dropped privs
* encode.c (encode_crypt): Include the first key into the --pgp2
check.
2001-12-07 David Shaw <dshaw@jabberwocky.com>
* g10.c, options.h: New option --pgp2. This is identical to
"--rfc1991 --cipher-algo idea --compress-algo 1 --digest-algo md5
--force_v3_sigs" with the addition of an warning to advise the
user not to use a pipe (which would break pgp2 compatibility).
* encode.c (encode_crypt): warn if the user tries to encrypt to
any key that is not RSA and <= 2048 bits when the --pgp2 option is
used.
* sign.c (sign_file, clearsign_file): When using --pgp2, make a v3
sig, and warn if the signature is made with a non-v3 key.
2001-12-05 David Shaw <dshaw@jabberwocky.com>
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt
for sig expiration if --expert is set and --force-v3-sigs is not
set (v3 sigs cannot expire).
* mainproc.c (check_sig_and_print): After checking a sig, print
expiration status. This causes a error return if the sig is
expired.
* build-packet.c (build_sig_subpkt_from_sig): Include a critical
sig expiration subpacket if the sig is to expire.
* keyedit.c (sign_uids): Do not sign an expired key unless
--expert is set, in which case prompt. Also, offer to expire a
signature when the key the user is signing expires.
* keygen.c (ask_expire_interval): Add a value to determine whether
to prompt for a key or sig expiration and change all callers.
* keyid.c: New functions: expirestr_from_sig and
colon_expirestr_from_sig.
* keylist.c (list_keyblock_colon): Show sig expiration date in the
--with-colons listing.
* sign.c (make_keysig_packet, write_signature_packets): Pass in an
optional timestamp for the signature packet, and change all
callers.
* keyedit.c (sign_mk_attrib): Include a critical expiration
subpacket in the signature if an expiration date is given.
2001-12-04 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (sign_uids): If the user tries to sign a
locally-signed key, allow the cert to be promoted to a full
exportable signature. This essentially deletes the old
non-exportable sig, and replaces it with a new exportable one.
2001-12-04 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Do not allow signing a revoked key
unless --expert is set, and ask even then.
* keyedit.c (sign_uids): Do not allow signing a revoked UID unless
--expert is set, and ask even then.
* g10.c, options.h : New option --expert
2001-11-16 David Shaw <dshaw@jabberwocky.com>
* Allow the user to select no compression via "--compress-algo 0"
on the command line.
* keyedit.c (show_prefs): Show compression preferences in the
long-form "showpref" style.
* keygen.c (set_one_pref): Permit setting a no-compression ("Z0")
preference.
* getkey.c (fixup_uidnode): Fix compression preference corruption
bug.
2001-12-02 David Shaw <dshaw@jabberwocky.com>
* g10.c: Add advisory --for-your-eyes-only option as per section
5.9 of 2440.
2001-12-05 David Shaw <dshaw@jabberwocky.com>
* Force a V4 sig if the user has a notation or policy URL set.
2001-12-04 David Shaw <dshaw@jabberwocky.com>
* g10.c: Add options --keyserver-options, --temp-directory, and
auto-key-retrieve (the opposite of no-auto-key-retrieve).
* hkp.c (hkp_search): New function to handle searching a HKP
keyserver for a key
* hkp.c (hkp_ask_import, hkp_export): Pretty large changes to make
them communicate via the generic functions in keyserver.c
* keyserver.c: new file with generic keyserver routines for
getting keys from a keyserver, sending keys to a keyserver, and
searching for keys on a keyserver. Calls the internal HKP stuff
in hkp.c for HKP keyserver functions. Other calls are handled by
an external program which is spawned and written to and read from
via pipes. Platforms that don't have pipes use temp files.
2001-11-20 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c: New options show-notation, no-show-notation,
default-check-level, no-default-check-level, show-policy-url,
no-show-policy-url.
* packet.h, sign.c (make_keysig_packet), parse-packet.c
(parse_signature), free-packet.c (free_seckey_enc): Fill in
structures for notation, policy, sig class, exportability, etc.
* keyedit.c, keylist.c (print_and_check_one_sig,
list_keyblock_print): Show flags in signature display for cert
details (class, local, notation, policy, revocable). If selected,
show the notation and policy url.
* keyedit.c (sign_uids): Prompt for and use different key sig
classes.
* helptext.c (helptexts): Add help text to explain different
key signature classes
2001-11-26 David Shaw <dshaw@jabberwocky.com>
* trustdb.c (mark_usable_uid_certs): Fix segfault from bad
initialization and fix reversed key signature expiration check.
2001-11-09 Werner Koch <wk@gnupg.org>
* export.c (do_export_stream): Put all given names into a search
description and change the loop so that all matching names are
returned.
2001-11-08 Werner Koch <wk@gnupg.org>
* pubkey-enc.c (get_it): To reduce the number of questions on the
MLs print the the name of cipher algorithm 1 with the error message.
* mainproc.c: Changed the way old rfc1991 encryption cipher is
selected. Based on a patch by W Lewis.
* pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non
working "show info" is now assigned to "i"
* trustdb.c (ask_ownertrust, validate_keys): Implement a real quit
here. Both are by David Shaw.
* trustdb.c (validate_keys): Make sure next_exipire is initialized.
* sign.c (make_keysig_packet): Use SHA-1 with v4 RSA keys.
* g10.c, options.h : New option --[no-]froce-v4-certs.
* sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with
a v3 key. Use that new option. By David Shaw
* revoke.c (ask_revocation_reason): Allow to select "no reason".
By David Shaw.
* keyid.c (fingerprint_from_sk): Calculation of an v3 fpr was
plain wrong - nearly the same code in fingerprint_from_pk is correct.
* build-packet.c (do_secret_key): Added a few comments to the code.
2001-11-07 Werner Koch <wk@gnupg.org>
* g10.c (main): Print a warning when -r is used w/o encryption.
Suggested by Pascal Scheffers.
2001-10-23 Werner Koch <wk@gnupg.org>
* keyedit.c (keyedit_menu): Changed helptext for showpref
command. Suggested by Reinhard Wobst.
* keyring.c (keyring_search): When marking the offtbl ready, take
into account that we may have more than one keyring.
2001-10-22 Werner Koch <wk@gnupg.org>
* Makefile.am: Do not use OMIT_DEPENDENCIES
* build-packet.c (build_sig_subpkt): Default is now to put all
types of subpackets into the hashed area and only list those which
should go into the unhashed area.
2001-10-18 Werner Koch <wk@gnupg.org>
* keydb.c (keydb_add_resource): Rearranged the way we keep track
of the resource. There will now be an entry for each keyring here
and not in keyring.c itself. Store a token to allow creation of a
keyring handle. Changed all functions to utilize this new design.
(keydb_locate_writable): Make a real implementation.
* keyring.c (next_kr): Removed and changed all callers to set the
resource directly from the one given with the handle.
(keyring_is_writable): New.
(keyring_rebuild_cache): Add an arg to pass the token from keydb.
2001-10-17 Werner Koch <wk@gnupg.org>
* keyring.c (keyring_search): Enabled word search mode but print a
warning that it is buggy.
2001-10-11 Werner Koch <wk@gnupg.org>
* hkp.c (hkp_ask_import): No more need to set the port number for
the x-hkp scheme.
(hkp_export): Ditto.
2001-10-06 Stefan Bellon <sbellon@sbellon.de>
* passphrase.c [__riscos__]: Disabled agent specific stuff.
* g10.c: New option --no-force-v3-sigs.
2001-10-04 Werner Koch <wk@gnupg.org>
* export.c (do_export_stream): Do not push the compress filter
here because the context would run out of scope due to the
iobuf_close done by the caller.
(do_export): Do it here instead.
2001-09-28 Werner Koch <wk@gnupg.org>
* keyedit.c (sign_uids): Always use the primary key to sign keys.
* getkey.c (finish_lookup): Hack to return only the primary key if
a certification key has been requested.
* trustdb.c (cmp_kid_for_make_key_array): Renamed to
(validate_one_keyblock): this and changed arg for direct calling.
(make_key_array): Renamed to
(validate_one_keyblock): this and changed args for direct calling.
(mark_usable_uid_certs, validate_one_keyblock)
(validate_key_list): Add next_expire arg to keep track of
expiration times.
(validate_keys): Ditto for UTKs and write the stamp.
* tdbio.c (migrate_from_v2): Check return code of tbdio_sync.
* tdbdump.c (import_ownertrust): Do a tdbio_sync().
* keyring.c: Made the offtbl an global object.
2001-09-27 Werner Koch <wk@gnupg.org>
* pkclist.c (do_edit_ownertrust): Allow settin of ultimate trust.
* trustdb.c (mark_keyblock_seen): New.
(make_key_array): Use it to mark the subkeys too.
(validate_keys): Store validity for ultimatly trusted keys.
2001-09-26 Werner Koch <wk@gnupg.org>
* pkclist.c (check_signatures_trust, do_we_trust): Removed the
invocation of add_ownertrust. Minor changes to the wording.
(add_ownertrust, add_ownertrust_cb): Removed.
* trustdb.c (get_validity): Allow to lookup the validity using a
subkey.
* trustdb.c (new_key_hash_table): Increased the table size to 1024
and changed the masks accordingly.
(validate): Changed stats printing.
(mark_usable_uid_certs): New.
(cmp_kid_for_make_key_array): Does now check the signatures and
figures out a usable one.
2001-09-25 Werner Koch <wk@gnupg.org>
* keyring.c (new_offset_item,release_offset_items)
(new_offset_hash_table, lookup_offset_hash_table)
(update_offset_hash_table, update_offset_hash_table_from_kb): New.
(keyring_search): Use a offset table to optimize search for
unknown keys.
(keyring_update_keyblock, keyring_insert_keyblock): Insert new
offsets.
* getkey.c (MAX_UNK_CACHE_ENTRIES): Removed the unknown keys
caching code.
* g10.c, options.h, import.c: Removed the entire
allow-secret-key-import stuff because the validity is now
controlled by other means.
* g10.c: New command --rebuild-keydb-caches.
* keydb.c (keydb_rebuild_caches): New.
* keyring.c (do_copy): Moved some code to
(create_tmp_file, rename_tmp_file, write_keyblock): new functions.
(keyring_rebuild_cache): New.
* packet.h (PKT_ring_trust): Add sigcache field.
* parse-packet.c (parse_trust): Parse sigcache.
* keyring.c (do_copy): Always insert a sigcache packet.
(keyring_get_keyblock): Copy the sigcache packet to the signature.
* sig-check.c (cache_sig_result): Renamed from
cache_selfsig_result. Changed implementation to use the flag bits
and changed all callers.
(mdc_kludge_check): Removed this unused code.
(do_check): Do not set the sig flags here.
* import.c (read_block): Make sure that ring_trust packets are
never imported.
* export.c (do_export_stream): and never export them.
* trustdb.c (make_key_array): Skip revoked and expired keys.
2001-09-24 Werner Koch <wk@gnupg.org>
* g10.c, options.h: New option --no-auto-check-trustdb.
* keygen.c (do_generate_keypair): Set newly created keys to
ultimately trusted.
* tdbio.h, tdbio.c: Removed all support for records DIR, KEY, UID,
PREF, SIG, SDIR and CACH. Changed migration function to work
direct on the file.
(tdbio_read_nextcheck): New.
(tdbio_write_nextcheck): New.
2001-09-21 Werner Koch <wk@gnupg.org>
Revamped the entire key validation system.
* trustdb.c: Complete rewrite. No more validation on demand,
removed some functions, adjusted to all callers to use the new
and much simpler interface. Does not use the LID anymore.
* tdbio.c, tdbio.h: Add new record types trust and valid. Wrote a
migration function to convert to the new trustdb layout.
* getkey.c (classify_user_id2): Do not allow the use of the "#"
prefix.
* keydb.h: Removed the TDBIDX mode add a skipfnc to the
descriptor.
* keyring.c (keyring_search): Implemented skipfnc.
* passphrase.c (agent_open): Add missing bracket. Include windows.h.
2001-09-19 Werner Koch <wk@gnupg.org>
* keylist.c (print_fingerprint): Renamed from fingerprint, made
global available. Added new arg to control the print style.
* mainproc.c (print_fingerprint): Removed.
* pkclist.c (print_fpr, fpr_info): Removed and changed callers to
use print_fingerprint.
* keyedit.c (show_fingerprint): Ditto.
* passphrase.c (writen, readn)
(agent_open, agent_close)
(agent_get_passphrase)
(passphrase_clear_cache): Support for W32. Contributed by Timo.
* import.c (import_one): Release keydb handles at 2 more places.
* keyring.c (keyring_release): Close the iobuf.
(keyring_get_keyblock): Init ret_kb to NULL and store error contidion.
* import.c (import_new_stats_handle): New.
(import_release_stats_handle): New.
(import_print_stats): Renamed from static fnc print_stats.
(import_keys, import_keys_stream): Add an optional status handle
arg and changed all callers.
* hkp.c (hkp_ask_import): Add an stats_handle arg and changed all
callers.
* mainproc.c (print_pkenc_list): Use print_utf8_string2().
2001-09-18 Werner Koch <wk@gnupg.org>
* g10.c: New command --refresh-keys.
* hkp.c (hkp_refresh_keys): New. Contributed by Timo Schulz.
* parse-packet.c (parse): Stop on impossible packet lengths.
2001-09-17 Werner Koch <wk@gnupg.org>
* mainproc.c (print_notation_data): Wrap notation data status lines
after 50 chars.
* mainproc.c (proc_pubkey_enc): Make option try-all-secrets work.
By disastry@saiknes.lv.
2001-09-14 Werner Koch <wk@gnupg.org>
* parse-packet.c (dump_sig_subpkt): List key server preferences
and show the revocable flag correctly. Contributed by David Shaw.
2001-09-09 Werner Koch <wk@gnupg.org>
* keyedit.c (keyedit_menu): No need to define another p.
* keylist.c (print_capabilities): s/used/use/ so that it
does not shadow a global.
* sign.c (sign_file): Renamed arg encrypt to encryptflag
* keygen.c: Replaced all "usage" by "use".
* misc.c (openpgp_pk_algo_usage): Ditto.
* pubkey-enc.c (get_it): Renamed arg k to enc so that the later
defined k does not shadow it.
* parse-packet.c (parse_gpg_control): No need to define another i.
* getkey.c (get_pubkey_byfprint): Must use the enum values and not
the fprint_len.
* keyring.c (keyring_search): Removed a non-sense break. Both
bugs pointed out by Stefan.
2001-09-07 Werner Koch <wk@gnupg.org>
* status.c, status.h: Added NO_RECP and ALREADY_SIGNED.
* pkclist.c (build_pk_list): Issue NO_RECP.
* keyedit.c (sign_uids): Added experimental ALREADY_SIGNED
* hkp.c (hkp_import): Use log_error. Bug reported by Neal H
Walfield.
* getkey.c (classify_user_id2): Change args to take the desc union
direct. It was a stupid idea to pass the individual fields of an
union to this function. Changed all callers.
(classify_user_id): Ditto and allow to pass NULL as the description.
2001-09-06 Werner Koch <wk@gnupg.org>
* getkey.c (fixup_uidnode): Features flag is now a bit vector.
* keygen.c (add_feature_mdc): Ditto.
Revamped the entire key I/O code to be prepared for other ways of
key storages and to get rid of the existing shit. GDBM support has
gone.
* keydb.c: New
* keyring.c, keyring.h: New.
* ringedit.c: Removed. Moved some stuff to keyring.c
* getkey.c: Changed everything related to the key retrieving
functions which are now using the keydb_ functions.
(prepare_search, word_match_chars, word_match)
(prepare_word_match, compare_name): Moved to keyring.c
(get_pubkey_byname): Removed ctx arg and add ret_kdbhd
arg. Changed all callers.
(key_byname): Use get_pubkey_end to release the context and take
new ret_kbdhd arg. Changed all callers.
(classify_user_id2): Fill the 16 byte fingerprint up with 4 null
bytes not with zero bytes of value 4, tsss.
* import.c (import_one): Updated to use the new keydb interface.
(import_secret_one): Ditto.
(import_revoke_cert): Ditto.
* delkey.c (do_delete_key): Ditto.
* keyedit.c (keyedit_menu): Ditto.
(get_keyblock_byname): Removed.
* revoke.c (gen_revoke): Ditto.
* export.c (do_export_stream): Ditto.
* trustdb.c (update_trustdb): Ditto.
* g10.c, gpgv.c (main): Renamed add_keyblock_resource to
keydb_add_resource.
* Makefile.am: Added and removed files.
* keydb.h: Moved KBNODE typedef and MAX_FINGERPRINT_LEN to
* global.h: this new header.
2001-09-03 Werner Koch <wk@gnupg.org>
* passphrase.c (agent_get_passphrase): Changed nread to size_t.
(passphrase_clear_cache): Ditto.
* keyid.c (mk_datestr): Avoid trigraphs.
(fingerprint_from_pk): Cache the keyid in the pk.
* options.h: Add opt.with_fingerprint so that we know whether the
corresponding options was used.
* g10.c (main): Set it here.
* pkclist.c (check_signatures_trust): Always print fingerprint
when this option is used. Mixed a minor memory leak.
* status.c, status.h: New status INV_RECP.
* pkclist.c (build_pk_list): Issue this status.
2001-08-31 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse_key,parse_pubkeyenc)
(parse_signature): Return error on reading bad MPIs.
* mainproc.c (check_sig_and_print): Always print the user ID even
if it is not bound by a signature. Use the primary UID in the
status messages and encode them in UTF-8
* status.c (write_status_text_and_buffer): New.
2001-08-30 Werner Koch <wk@gnupg.org>
* packet.h (sigsubpkttype_t): Add SIGSUBPKT_FEATURES.
(PKT_public_key, PKT_user_id): Add a flag for it.
* parse-packet.c, build-packet.c: Add support for them.
* getkey.c (fixup_uidnode, merge_selfsigs): Set the MDC flags.
* keygen.c (add_feature_mdc): New.
(keygen_upd_std_prefs): Always set the MDC feature.
* keyedit.c (show_prefs): List the MDC flag
* pkclist.c (select_mdc_from_pklist): New.
* encode.c (encode_crypt, encrypt_filter): Test whether MDC
should be used.
* cipher.c (write_header): Set MDC use depending on the above test.
Print more status info.
* delkey.c (do_delete_key): Kludge to delete a secret key with no
public key available.
* ringedit.c (find_secret_keyblock_direct): New.
* getkey.c (seckey_available): Simplified.
* ringedit.c (cmp_seckey): Now compares the secret key against the
public key while ignoring all secret parts.
(keyring_search): Use a public key packet as arg. Allow to search
for subnkeys
(search): Likewise. Changed all callers.
(find_secret_keyblock_bypk): New.
(find_secret_keyblock_byname): First locate the pubkey and then
find the correponding secret key.
* parse-packet.c (parse): Renamed pkttype arg to onlykeypkts and
changed code accordingly. Changed all callers.
(search_packet): Removed pkttype arg.
* keyedit.c (keyedit_menu): First locate the public key and then
try to locate a secret key.
* ringedit.c (locate_keyblock_by_fpr): Removed.
(locate_keyblock_by_keyid): Removed.
(find_keyblock_bysk): Removed.
* sig-check.c (check_key_signature2): Print the keyid along with
the wrong sig class errors.
2001-08-24 Werner Koch <wk@gnupg.org>
* sign.c (sign_file): Stripped the disabled comment packet code.
(sign_file, sign_symencrypt_file): Moved common code to ..
(write_onepass_sig_packets): .. this new function.
(sign_file, clearsign_file, sign_symencrypt_file): Moved common
code to
(write_signature_packets): this new function.
(write_signature_packets, make_keysig_packet)
(update_keysig_packet): Moved common code to
(hash_uid, hash_sigclass_to_magic): these new functions
(sign_file, sign_symencrypt_file): Moved common code to
(write_plaintext_packet): this new function.
2001-08-21 Stefan Bellon <sbellon@sbellon.de>
* trustdb.c (query_trust_info): Changed trustlevel to signed int.
* g10.c [__riscos__]: Fixed handling of --use-agent --lock-multiple.
2001-08-20 Werner Koch <wk@gnupg.org>
* encr-data.c (decrypt_data): Keep track on whether we already
printed information about the used algorithm.
* mainproc.c (proc_encrypted): Removed the non-working IDEA hack
and print a message about the assumed algorithm.
* passphrase.c (passphrase_to_dek): Use the same algorithm as above.
(proc_symkey_enc): Print the algorithm, so that the user knows it
before entering the passphrase.
(proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out.
* encode.c (encode_crypt, encrypt_filter): Ditto.
* g10.c: Allow for --sign --symmetric.
* sign.c (sign_and_symencrypt): New.
Applied patches from Stefan Bellon <sbellon@sbellon.de> to support
RISC OS. Nearly all of these patches are identified by the
__riscos__ macro.
* compress.c: Added a couple of casts.
* g10.c [__riscos__]: Some patches and new options foo-file similar
to all foo-fd options.
* gpgv.c, openfile.c, ringedit.c, tdbio.c: Minor fixes. Mainly
replaced hardcoded path separators with EXTSEP_S like macros.
* passprase.c [__riscos__]: Disabled agent stuff
* trustdb.c (check_trust): Changed r_trustlevel to signed int to
avoid mismatch problems in pkclist.c
* pkclist.c (add_ownertrust): Ditto.
* plaintext.c (handle_plaintext) [__riscos__]: Print a note when
file can't be created.
* options.h [__riscos__]: Use an extern unless included from the
main module.
* signal.c (got_fatal_signal) [__riscos__]: Close all files.
2001-08-14 Werner Koch <wk@gnupg.org>
* keygen.c (ask_algo): New arg r_usage. Allow for RSA keys.
(gen_rsa): Enabled the code.
(do_create): Enabled RSA branch.
(parse_parameter_usage): New.
(proc_parameter_file): Handle usage parameter.
(read_parameter_file): Ditto.
(generate_keypair): Ditto.
(generate_subkeypair): Ditto.
(do_generate_keypair): Ditto.
(do_add_key_flags): New.
(keygen_add_std_prefs): Use the new function.
(keygen_add_key_flags_and_expire): New.
(write_selfsig, write_keybinding): Handle new usage arg.
* build-packet.c (build_sig_subpkt): Make sure that key flags go
into the hashed area.
* keygen.c (write_uid): Initialize the reference cunter.
* keyedit.c (keyedit_menu): No more need to update the trustdb for
preferences. Added calls to merge keblock.
* kbnode.c (dump_kbnode): Print some more flags.
2001-08-10 Werner Koch <wk@gnupg.org>
Revamped the preference handling.
* packet.h (prefitem_t, preftype_t): New.
(PKT_public_key): Added a uid field.
(PKT_user_id): Added field to store preferences and a reference
counter.
* parse-packet.c (parse_user_id,parse_photo_id): Initialize them
* free-packet.c (free_user_id): Free them.
(copy_user_id): Removed.
(scopy_user_id): New.
(cmp_user_ids): Optimized for identical pointers.
(release_public_key_parts): Release the uid.
(copy_public_key_with_new_namehash): Removed.
(copy_prefs): New.
* keyedit.c (menu_adduid): Use the new shallow copy user id.
(show_prefs): Adjusted implementation.
(keyedit_menu): No more need to update the trustdb after changing
preferences.
* getkey.c (fixup_uidnode): Store preferences.
(find_by_name): Return a user id packet and remove namehash stuff.
(lookup): Removed the unused namehash stuff.
(finish_lookup): Added foundu arg.
(pk_from_block): Removed the namehash arg and changed all callers.
(merge_selfsigs): Copy prefs to all keys.
* trustdb.c (get_pref_data): Removed.
(is_algo_in_prefs): Removed.
(make_pref_record): Deleted and removed all class.
* pkclist.c (select_algo_from_prefs): Adjusted for the new
preference implementation.
* pubkey-enc.c (is_algo_in_prefs): New.
(get_it): Use that new function.
2001-08-09 Werner Koch <wk@gnupg.org>
* build-packet.c (build_sig_subpkt): Fixed calculation of
newarea->size.
* g10.c (main): New option "--preference-list"
* keyedit.c (keyedit_menu): New commands "setpref" and "updpref".
(menu_set_preferences): New.
* keygen.c (keygen_set_std_prefs): New.
(set_one_pref): New.
(check_zip_algo): New.
(keygen_get_std_prefs): New.
(keygen_upd_std_prefs): New
(keygen_add_std_prefs): Move the pref setting code into the above fnc.
* build-packet.c (build_sig_subpkt): Updated the list of allowed
to update subpackets.
2001-08-08 Werner Koch <wk@gnupg.org>
* packet.h (subpktarea_t): New.
(PKT_signature): Use that type for hashed_data and unhashed_data and
removed the _data prefix from those fields. Changed all users.
* parse-packet.c (parse_signature): Changed allocation for that.
(parse_sig_subpkt): Changed declaration
(enum_sig_subpkt): Ditto and changed implementation accordingly.
* free-packet.c (cp_subpktarea): Renamed from cp_data_block and
adjusted implementation. Changed caller.
* sig-check.c (mdc_kludge_check): Adjusted the hashing.
(do_check): Ditto.
* sign.c (sign_file, clearsign_file, make_keysig_packet,
update_keysig_packet): Ditto.
* build-packet.c (build_sig_subpkt): Partial rewrite.
(find_subpkt): Adjusted and made static.
(delete_sig_subpkt): Adjusted.
(do_signature): Ditto.
* keygen.c (ask_keysize): Do not print the notes about suggested
key sizes if just a DSA key is generated.
* trustdb.c (add_ultimate_key): s/log_error/log_info/ for
duplicated inserted trusted keys.
2001-08-07 Werner Koch <wk@gnupg.org>
* sign.c (sleep): Redefine for W32.
* g10.c, options.h: Set new flag opt.no_homedir_creation when
--no-options is given.
* openfile.c (try_make_homedir): Don't create the homedir in that case.
2001-08-03 Werner Koch <wk@gnupg.org>
* armor.c (armor_filter): Removed the default comment string
because it could get us in trouble due to translations using non
ascii characters.
2001-08-01 Werner Koch <wk@gnupg.org>
* keylist.c (list_keyblock_print): Do not list revoked UIDs unless
in verbose mode and we do no signature listing.
* getkey.c (finish_lookup): Skip subkeys which are not yet valid.
* g10.c, options.h: New option --ignore-valid-from.
* sign.c (make_keysig_packet): Added new sigversion argument to
allow the caller to force generation of required signature
version. Changed all callers. Suggested by Thomas Roessler.
* keyedit.c (sign_uids): Force v4 signature generation for local
sigs. Removed the check for local signature and pre-v4 keys.
2001-07-27 Werner Koch <wk@gnupg.org>
* keyedit.c (sign_uids): Check that we are not trying to to a
lsign with a pre-v4 key. Bug noticed by Thomas Roessler.
2001-07-26 Werner Koch <wk@gnupg.org>
* parse-packet.c (parse_photo_id): Reset all variables.
* getkey.c (merge_selfsigs_main): Removed checks on PHOTO_ID
because this is handled identically to a user ID.
2001-07-06 Werner Koch <wk@gnupg.org>
* cipher.c (write_header): Don't use MDC with --rfc1991. Suggested
by disastry@saiknes.lv.
2001-07-05 Werner Koch <wk@gnupg.org>
* g10.c, options.h: New option --preserve-permissions.
* ringedit.c (add_keyblock_resource): Use it here
(keyring_copy): and here.
* trustdb.c (verify_own_keys): Be more silent on --quiet.
Suggested by Thomas Roessler.
* sig-check.c (check_key_signature2): Ditto.
* mainproc.c (proc_encrypted, proc_tree): Ditto
* getkey.c (lookup): Ditto.
2001-07-04 Werner Koch <wk@gnupg.org>
* ringedit.c (add_keyblock_resource): Restore filename in case of error.
2001-06-25 Werner Koch <wk@gnupg.org>
* kbnode.c (dump_kbnode): Print the signature timestamp.
* keyedit.c (keyedit_menu): New menu point "primary".
(change_primary_uid_cb): New.
(menu_set_primary_uid): New.
* sign.c (update_keysig_packet): New.
* build-packet.c (build_sig_subpkt): Put the primary UID flag into
the hashed area. Allow update of some more packets.
2001-06-15 Werner Koch <wk@gnupg.org>
* getkey.c (merge_selfsigs): Exit gracefully when a secret key is
encountered. May happen if a secret key is in public keyring.
Reported by Francesco Potorti.
2001-06-12 Werner Koch <wk@gnupg.org>
* getkey.c (compare_name): Use ascii_memistr(), ascii_memcasecmp()
* keyedit.c (keyedit_menu): Use ascii_strcasecmp().
* armor.c (radix64_read): Use ascii_toupper().
* ringedit.c (do_bm_search): Ditto.
* keygen.c (read_parameter_file): Ditto.
* openfile.c (CMP_FILENAME): Ditto.
* g10.c (i18n_init): We can now use just LC_ALL.
2001-05-29 Werner Koch <wk@gnupg.org>
* keygen.c (generate_subkeypair): Print a warning if a subkey is
created on a v3 key. Suggested by Brian M. Carlson.
2001-05-27 Werner Koch <wk@gnupg.org>
* keyid.c (get_lsign_letter): New.
* keylist.c (list_keyblock_colon): Use it here.
* mainproc.c (list_node): and here.
* getkey.c, packet.h, free-packet.c: Removed that useless key
created field; I dunno why I introducded this at all - the
creation time is always bound to the key packet and subject to
fingerprint calculation etc.
* getkey.c (fixup_uidnode): Add keycreated arg and use this
instead of the signature timestamp to calculate the
help_key_expire. Bug reported by David R. Bergstein.
(merge_selfsigs_main): Correct key expiration time calculation.
(merge_selfsigs_subkey): Ditto.
2001-05-25 Werner Koch <wk@gnupg.org>
* revoke.c (gen_revoke): Add a cast to a tty_printf arg.
* delkey.c (do_delete_key): Ditto.
* keyedit.c (print_and_check_one_sig): Ditto.
(ask_revoke_sig): Ditto.
(menu_revsig): Ditto.
(check_all_keysigs): Removed unused arg.
2001-05-23 Werner Koch <wk@gnupg.org>
* g10.c (opts): Typo fix by Robert C. Ames.
2001-05-06 Werner Koch <wk@gnupg.org>
* revoke.c: Small typo fix
2001-05-04 Werner Koch <wk@gnupg.org>
* passphrase.c (passphrase_clear_cache): Shortcut if agent usage
is not enabled.
2001-05-01 Werner Koch <wk@gnupg.org>
* passphrase.c (writen): Replaced ssize_t by int. Thanks to
to Robert Joop for reporting that SunOS 4.1.4 does not have it.
2001-04-28 Werner Koch <wk@gnupg.org>
* getkey.c (merge_public_with_secret): pkttype was not set to subkey.
2001-04-27 Werner Koch <wk@gnupg.org>
* skclist.c (build_sk_list): Changed one log_debug to log_info.
2001-04-25 Werner Koch <wk@gnupg.org>
* keyedit.c (show_prefs): Add a verbose mode.
(show_key_with_all_names): Pass verbose flag for special value of
with_pref.
(keyedit_menu): New command "showpref"
(show_key_with_all_names): Mark revoked uids and the primary key.
2001-04-24 Werner Koch <wk@gnupg.org>
* getkey.c (get_primary_uid): Return a different string in case of
error and made it translatable.
* build-packet.c (do_secret_key): Ugly, we wrote a zero
instead of the computed ndays. Thanks to M Taylor for complaining
about a secret key import problem.
2001-04-23 Werner Koch <wk@gnupg.org>
* hkp.c (hkp_ask_import): Allow to specify a port number for the
keyserver. Add a kudge to set the no_shutdown flag.
(hkp_export): Ditto.
* options.skel: Document the changes
2001-04-20 Werner Koch <wk@gnupg.org>
* options.skel: Add some more comments.
2001-04-19 Werner Koch <wk@gnupg.org>
* keyid.c (mk_datestr): New. Handles negative times. We must do
this because Windoze segvs on negative times passed to gmtime().
Changed all datestr_from function to use this one.
* keyid.c, keyid.h (colon_strtime): New. To implement the
fixed-list-mode.
(colon_datestr_from_pk): New.
(colon_datestr_from_sk): New.
(colon_datestr_from_sig): New.
* keylist.c (list_keyblock_colon): Use these functions here.
* mainproc.c (list_node): Ditto.
2001-04-18 Werner Koch <wk@gnupg.org>
* openfile.c (open_sigfile): Fixed the handling of ".sign".
* mainproc.c (proc_tree): Use iobuf_get_real_fname.
Both are by Vincent Broman.
2001-04-14 Werner Koch <wk@gnupg.org>
* getkey.c (fixup_uidnode): Removed check for !sig which is
pointless here. Thanks to Jan Niehusmann.
2001-04-10 Werner Koch <wk@gnupg.org>
* sig-check.c (check_key_signature2): Use log_info instead of
log_error so that messed up keys do not let gpg return an error.
Suggested by Christian Kurz.
* getkey.c (merge_selfsigs_main): Do a fixup_uidnode only if we
have both, uid and sig. Thanks to M Taylor.
2001-04-05 Werner Koch <wk@gnupg.org>
* armor.c (unarmor_pump_new,unarmor_pump_release): New.
(unarmor_pump): New.
* pipemode.c (pipemode_filter): Use the unarmor_pump to handle
armored or non-armored detached signatures. We can't use the
regular armor_filter becuase this does only chack for armored
signatures the very first time. In pipemode we may have a mix of
armored and binary detached signatures.
* mainproc.c (proc_tree): Do not print the "old style" notice when
this is a pipemode processes detached signature.
(proc_plaintext): Special handling of pipemode detached sigs.
* packet.h (CTRLPKT_PLAINTEXT_MARK): New.
* parse-packet.c (create_gpg_control): New.
* kbnode.c (dump_kbnode): Support it here.
* mainproc.c (check_sig_and_print): Fixed the check for bad
sequences of multiple signatures.
(proc_plaintext): Add the marker packet.
(proc_tree): We can now check multiple detached signatures.
2001-04-02 Werner Koch <wk@gnupg.org>
The length of encrypted packets for blocksizes != 8 was not
correct encoded. I think this is a minor problem, because we
usually use partial length packets. Kudos to Kahil D. Jallad for
pointing this out.
* packet.h: Add extralen to PKT_encrypted.
* cipher.c (write_header): Set extralen.
* build-packet.c (do_encrypted): Use extralen instead of const 10.
(do_encrypted_mdc): Ditto.
* parse-packet.c (parse_encrypted): Set extralen to 0 because we
don't know it here.
2001-03-30 Werner Koch <wk@gnupg.org>
* getkey.c (premerge_public_with_secret): Changed wording an add
the keyID to the info message.
2001-03-29 Werner Koch <wk@gnupg.org>
* getkey.c (premerge_public_with_secret): Use log_info instead of
log_error when no secret key was found for a public one.
Fix the usage if the secret parts of a key are not available.
* openfile.c (ask_outfile_name): Trim spaces.
(open_outfile): Allow to enter an alternate filename. Thanks to
Stefan Bellon.
* plaintext.c (handle_plaintext): Ditto.
2001-03-28 Werner Koch <wk@gnupg.org>
* mainproc.c (do_check_sig): Allow direct key and subkey
revocation signature.
* sig-check.c (check_key_signature2): Check direct key signatures.
Print the signature class along with an error.
2001-03-27 Werner Koch <wk@gnupg.org>
* packet.h: Add a missing typedef to an enum. Thanks to Stefan Bellon.
* g10.c: New option --no-sig-create-check.
* sign.c (do_sign): Implement it here.
* g10.c: New option --no-sig-cache.
* sig-check.c (check_key_signature2): Implement it here.
(cache_selfsig_result): and here.
* keylist.c (list_keyblock): Removed debugging stuff.
* getkey.c (cache_public_key): Made global.
* keygen.c (write_selfsig, write_keybinding): Cache the new key.
* getkey.c (key_byname): Add new arg secmode and changed all
callers to request explicitly the mode. Deriving this information
from the other supplied parameters does not work if neither pk nor
sk are supplied.
2001-03-25 Werner Koch <wk@gnupg.org>
* packet.h (ctrlpkttype_t): New.
* mainproc.c (add_gpg_control,proc_plaintext,proc_tree): Use the
new enum values.
* pipemode.c (make_control): Ditto.
* armor.c (armor_filter): Ditto.
2001-03-24 Werner Koch <wk@gnupg.org>
* sign.c (do_sign): Verify the signature right after creation.
2001-03-23 Werner Koch <wk@gnupg.org>
* status.c, status.h (STATUS_UNEXPECTED): New.
* mainproc.c (do_proc_packets): And emit it here.
2001-03-21 Werner Koch <wk@gnupg.org>
* status.c: Add sys/types.h so that it runs on Ultrix. Reported
by Georg Schwarz.x
* build-packet.c (build_sig_subpkt): Fixed generaton of packet
length header in case where 2 bytes headers are needed. Thanks to
Piotr Krukowiecki.
2001-03-19 Werner Koch <wk@gnupg.org>
* g10.c (main): the default keyring is no always used unless
--no-default-keyring is given.
* ringedit.c (add_keyblock_resource): invalidate cache after file
creation.
2001-03-15 Werner Koch <wk@gnupg.org>
* keygen.c (ask_algo): Changed the warning of the ElGamal S+E Algo.
* keylist.c (print_capabilities): New.
(list_keyblock_colon): and use it here.
2001-03-13 Werner Koch <wk@gnupg.org>
* main.c, options.h: New option --fixed_list_mode.
* keylist.c (list_keyblock_colon): use it here.
* getkey.c (merge_keys_and_selfsig): Divert merging of public keys
to the function used in key selection..
* keylist.c (is_uid_valid): Removed.
(list_keyblock): Splitted into ..
(list_keyblock_print, list_keyblock_colon): .. these.
functions. Changed them to use the flags set in the key lookup code.
(reorder_keyblock): New, so that primary user IDs are listed first.
* ringedit.c (keyring_copy): flush the new iobuf chaces before
rename or remove operations. This is mainly needed for W32.
* hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we
have now W32 socket support in ../util/http.c
* skclist.c (key_present_in_sk_list): New.
(is_duplicated_entry): New.
(build_sk_list): Check for duplicates and do that before unlocking.
2001-03-12 Werner Koch <wk@gnupg.org>
* armor.c (parse_header_line): Removed double empty line check.
(parse_header_line): Replaced trim_trailing_ws with a counting
function so that we can adjust for the next read.
* options.skel: Fixed 3 typos. By Thomas Klausner. Replaced the
keyserver example by a better working server.
* parse-packet.c (parse_symkeyenc): Return Invalid_Packet on error.
(parse_pubkeyenc): Ditto.
(parse_onepass_sig): Ditto.
(parse_plaintext): Ditto.
(parse_encrypted): Ditto.
(parse_signature): Return error at other places too.
(parse_key): Ditto.
* g10.c (main): Set opt.list_packets to another value when invoked
with the --list-packets command.
* mainproc.c (do_proc_packets): Don's stop processing when running
under --list-packets command.
* signal.c (do_sigaction): Removed.
(init_one_signal): New to replace the above. Needed to support
systems without sigactions. Suggested by Dave Dykstra.
(got_fatal_signal,init_signals): Use the above here.
(do_block): Use sigset() if sigprocmask() is not available.
* armor.c (parse_hash_header): Test on TIGER192, which is the
correct value as per rfc2440. By Edwin Woudt.
2001-03-08 Werner Koch <wk@gnupg.org>
* misc.c: Include time.h. By James Troup.
* getkey.c: Re-enabled the unknown user Id and PK caches and
increased their sizes.
* getkey.c (merge_selfsigs_main): Set expire date and continue
processing even if we found a revoked key.
(merge_selfsigs_subkeys): Ditto.
* packet.h: Add an is_revoked flag to the user_id packet.
* getkey.c (fixup_uidnode): Set that flag here.
(merge_selfsigs_main): Fix so that the latest signature is used to
find the self-signature for an UID.
* parse-packet.c (parse_user_id): Zero out all fields.
* mainproc.c (check_sig_and_print): Print the primary user ID
according the the node flag and then all other non-revoked user IDs.
(is_uid_revoked): Removed; it is now handled by the key selection code.
Changed the year list of all copyright notices.
2001-03-07 Werner Koch <wk@gnupg.org>
* getkey.c (finish_lookup): Print an info message only in verbose mode.
2001-03-05 Werner Koch <wk@gnupg.org>
* packet.h: Replaced sigsubpkt_t value 101 by PRIV_VERIFY_CACHE.
We have never used the old value, so we can do this without any harm.
* parse-packet.c (dump_sig_subpkt): Ditto.
(parse_one_sig_subpkt): Parse that new sub packet.
* build-packet.c (build_sig_subpkt): Removed the old one from the
hashed area.
(delete_sig_subpkt): New.
(build_sig_subpkt): Allow an update of that new subpkt.
* sig-check.c (check_key_signature2): Add verification caching
(cache_selfsig_result): New.
* export.c (do_export_stream): Delete that sig subpkt before exporting.
* import.c (remove_bad_stuff): New.
(import): Apply that function to all imported data
2001-03-03 Werner Koch <wk@gnupg.org>
* getkey.c: Introduced a new lookup context flag "exact" and used
it in all place where we once used primary.
(classify_user_id2): Replaced the old function and add an extra
argument to return whether an exact keyID has been requested.
(key_byname): Removed the unused ctx.primary flag
(get_seckey_byname2): Ditto.
(finish_lookup): Changed debugging output.
2001-03-02 Werner Koch <wk@gnupg.org>
* keylist.c (list_one): Remove the merge key calls.
2001-03-01 Werner Koch <wk@gnupg.org>
* getkey.c (finish_lookup): Don't use it if we no specific usage
has been requested.
(merge_selfsigs_main): fix UID only if we have an signature.
(lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found
a key but the requested usage does not allow this key.
* import.c (import_one): Take UNU_PUBKEY into account.
* mainproc.c (list_node): Ditto.
* keylist.c (list_keyblock): Ditto.
* keyedit.c (print_and_check_one_sig): Ditto.
2001-02-09 Werner Koch <wk@gnupg.org>
* delkey.c (delete_key): Removed that silly assert which rendered
the whole new stuff meaningless.
2001-02-08 Werner Koch <wk@gnupg.org>
* getkey.c (key_byname): It can happen that we have both, sk and pk
NULL, fix for that.
* parse-packet.c (parse_one_sig_subpkt): Add support for
primary_uid and key_flags.
(can_handle_critical): Ditto
* parse-packet.c (parse_encrypted): Fixed listing of pktlen for
MDC packets.
* getkey.c: Backported the version of this file from gpg 1.1. this
involved some changes in other files too.
* parse-packet.c (parse_key): Clear req_usage.
* skclist.c (build_sk_list): Use req_usage to pass the usage
information to the lookup function.
* pkclist.c (build_pk_list): Ditto.
* free-packet.c (copy_public_parts_to_secret_key): New.
* keydb.h: Add IS_* macros to check the sig_class.
* misc.c (openpgp_cipher_test_algo): New.
(openpgp_pk_test_algo): New.
(openpgp_pk_algo_usage): New.
(openpgp_md_test_algo): New.
* packet.h: Add a few fields to PKT_{public,secret}_key and
PKT_user_id.
* seckey-cert.c (do_check): Use the new main_keyid field.
2001-02-04 Werner Koch <wk@gnupg.org>
* encr-data.c (decrypt_data): Catch error when we had problems to
parse the encrypted packet. By Timo.
2001-01-29 Werner Koch <wk@gnupg.org>
* g10.c (main): --batch does now set nogreeting.
* delkey.c (do_delete_key): Fixed delete-both functionality.
2001-01-22 Werner Koch <wk@gnupg.org>
* g10.c: New command --delete-secret-and-public-key.
* delkey.c (delete_key): Add new arg allow_both.
(do_delete_key): Move most stuff from above to this new function.
2001-01-12 Werner Koch <wk@gnupg.org>
* passphrase.c (passphrase_to_dek): Use MD5 when IDEA is installed
and we have no S2K.
* mainproc.c (proc_encrypted): Likewise
2001-01-11 Werner Koch <wk@gnupg.org>
* sig-check.c (do_check): Print the signature key expire message
only in verbose mode and added the keyID.
2001-01-09 Werner Koch <wk@gnupg.org>
* status.c, status.h: New status USERID_HINT.
(write_status_text): Replace LF and CR int text by C-escape sequence.
* passphrase.c (passphrase_to_dek): Fixed the NEED_PASSPHRASE
output. It does now always print 2 keyIDs. Emit the new
USERID_HINT.
2001-01-08 Werner Koch <wk@gnupg.org>
* g10.c, options.h: New option --no-expensive-trust-checks.
* keylist.c (list_keyblock): Act on this option.
2001-01-04 Werner Koch <wk@gnupg.org>
* g10.c (main): Set homedir only in the pre-parsing phase and
replace backslashes in the W32 version.
2001-01-03 Werner Koch <wk@gnupg.org>
* status.c, status.h : New status KEY_CREATED
* keygen.c (do_generate_keypair,generate_subkeypair): Emit it.
2000-12-28 Werner Koch <wk@gnupg.org>
* signal.c (got_fatal_signal): Remove lockfiles here because the
atexit stuff does not work due to the use of raise. Suggested by
Peter Fales.
* gpgv.c (remove_lockfiles): New stub.
2000-12-19 Werner Koch <wk@gnupg.org>
* status.c, status.h (cpr_get_no_help): New.
* keyedit.c (keyedit_menu): Use it here because we have our own
help list here.
2000-12-18 Werner Koch <wk@gnupg.org>
* mainproc.c (print_failed_pkenc): Don't print the sometimes
confusing message about unavailabe secret key. Renamed ...
(print_pkenc_list): ... to this and introduced failed arg.
(proc_encrypted): Print the failed encryption keys and then
the one to be used.
(proc_pubkey_enc): Store also the key we are going to use.
* mainproc.c (check_sig_and_print): Don't list revoked user IDs.
(is_uid_revoked): New.
2000-12-08 Werner Koch <wk@gnupg.org>
* pipemode.c: Made the command work. Currently only for
non-armored detached signatures.
* mainproc.c (release_list): Reset the new pipemode vars.
(add_gpg_control): Handle the control packets for pipemode
* status.c, status.h: New stati {BEGIN,END}_STREAM.
2000-12-07 Werner Koch <wk@gnupg.org>
* g10.c: New option --allow-secret-key-import.
* import.c (import_keys,import_keys_stream): Honor this option.
(import): New arg allow_secret and pass that arg down to ...
(import_secret_one): to this and print a warning if secret key
importing is not allowed.
2000-12-05 Werner Koch <wk@gnupg.org>
* cipher.c (cipher_filter): Moved the end_encryption status ...
* encode.c (encode_simple,encode_crypt): to here
* sign.c (sign_file): and here.
* status.c (mywrite): Removed.
(get_status_string): Removed the LFs from the strings.
(set_status_fd,is_status_enabed,write_status_text,
write_status_buffer): Replaced all mywrite by stdio calls and use
fdopen to create a strem. This is needed to make things smoother
in the W32 version.
2000-12-04 Werner Koch <wk@gnupg.org>
* import.c (merge_blocks): Increment n_sigs for revocations.
2000-11-30 Werner Koch <wk@gnupg.org>
* g10.c (main): Use iobuf_translate_file_handle for all options
with filehandles as arguments. This is function does some magic
for the W32 API.
* verify.c (verify_signatures): Add a comment rant about the
detached signature problem.
* mainproc.c (proc_tree): Issue an error if a detached signature
is assumed but a standard one was found.
* plaintext.c (hash_datafiles): Don't fall back to read signature
from stdin.
* openfile.c (open_sigfile): Print verbose message only if the
file could be accessed.
2000-11-24 Werner Koch <wk@gnupg.org>
* passphrase.c [HAVE_DOSISH_SYSTEM]: Disabled all the agent stuff.
2000-11-16 Werner Koch <wk@gnupg.org>
* g10.c: New option --use-agent
* passphrase.c (agent_open,agent_close): New.
(agent_get_passphrase,agent_clear_passphrase): New.
(passphrase_clear_cache): New.
(passphrase_to_dek): Use the agent here.
* seckey-cert.c (do_check): Clear cached passphrases.
2000-11-15 Werner Koch <wk@gnupg.org>
* status.c (write_status_text): Moved the big switch to ...
(get_status_string): ... new function.
(write_status_buffer): New.
* status.c (mywrite): New and replaced all write() by this.
* status.c, status.h: Add 3 status lcodes for notaions and policy.
* mainproc.c (print_notation_data): Do status output of notations.
2000-11-13 Werner Koch <wk@gnupg.org>
* sign.c (clearsign_file): Use LF macro to print linefeed.
2000-11-11 Paul Eggert <eggert@twinsun.com>
Clean up the places in the code that incorrectly use "long" or
"unsigned long" for file offsets. The correct type to use is
"off_t". The difference is important on large-file hosts,
where "off_t" is longer than "long".
* keydb.h (struct keyblock_pos_struct.offset):
Use off_t, not ulong, for file offsets.
* packet.h (dbg_search_packet, dbg_copy_some_packets,
search_packet, copy_some_packets): Likewise.
* parse-packet.c (parse, dbg_search_packet, search_packet,
dbg_copy_some_packets, copy_some_packets): Likewise.
* ringedit.c (keyring_search): Likewise.
* parse-packet.c (parse): Do not use %lu to report file
offsets in error diagnostics; it's not portable.
* ringedit.c (keyring_search): Likewise.
2000-11-09 Werner Koch <wk@gnupg.org>
* g10.c (main): New option --enable-special-filenames.
2000-11-07 Werner Koch <wk@gnupg.org>
* g10.c (main): New command --pipemode.
* pipemode.c: New.
2000-10-23 Werner Koch <wk@gnupg.org>
* armor.c (armor_filter): Changed output of hdrlines, so that a CR
is emitted for DOS systems.
* keygen.c (read_parameter_file): Add a cast for isspace().
* status.c (myread): Use SIGINT instead of SIGHUP for DOS.
2000-10-19 Werner Koch <wk@gnupg.org>
* g10.c: New option --ignore-crc-error
* armor.c (invalid_crc): New.
(radix64_read): Act on new option.
* openfile.c (try_make_homedir): Klaus Singvogel fixed a stupid
error introduced on Sep 6th.
2000-10-18 Werner Koch <wk@gnupg.org>
* misc.c (print_cipher_algo_note): Don't print the note for AES.
Changed wording.
2000-10-16 Werner Koch <wk@gnupg.org>
* mainproc.c (do_proc_packets): Hack to fix the problem that
signatures are not detected when there is a MDC packet but no
compression packet.
* g10.c (print_hashline): New.
(print_mds): Use above func with --with-colons.
* mainproc.c (check_sig_and_print): Detect multiple signatures
and don't verify them.
2000-10-14 Werner Koch <wk@gnupg.org>
* mainproc.c (add_onepass_sig): There is an easier solution to the
error fixed yesterday; just check that we only have onepass
packets. However, the other solution provides an cleaner
interface and opens the path to get access to other information
from the armore headers.
(release_list): Reset some more variables.
2000-10-13 Werner Koch <wk@gnupg.org>
* mainproc.c (add_gpg_control): New.
(do_proc_packets): use it.
(proc_plaintext): Changed logic to detect clearsigns.
(proc_tree): Check the cleartext sig with some new code.
* packet.h: New packet PKT_GPG_CONTROL.
* parse-packet.c (parse_gpg_control): New.
* misc.c (get_session_marker): New.
* armor.c (armor_filter): Replaced the faked 1-pass packet by the
new control packet.
* keyedit.c (keyedit_menu): Allow batchmode with a command_fd.
* status.c (my_read): New.
(do_get_from_fd): use it.
2000-10-12 Werner Koch <wk@gnupg.org>
* keygen.c (keygen_add_std_prefs): Add Rijndael to the prefs.
2000-10-07 Werner Koch <wk@gnupg.org>
* gpgv.c: Add more stubs for ununsed code to make the binary smaller.
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
* sign.c (hash_for): New arg to take packet version in account, changed
call callers.
* gpgv.c: New.
* Makefile.am: Rearranged source files so that gpgv can be build with
at least files as possible.
Mon Sep 18 12:13:52 CEST 2000 Werner Koch <wk@openit.de>
* hkp.c (not_implemented): Print a notice for W32
Fri Sep 15 18:40:36 CEST 2000 Werner Koch <wk@openit.de>
* keygen.c (keygen_add_std_prefs): Changed order of preferences to
twofish, cast5, blowfish.
* pkclist.c (algo_available): Removed hack to disable Twofish.
Thu Sep 14 17:45:11 CEST 2000 Werner Koch <wk@openit.de>
* parse-packet.c (dump_sig_subpkt): Dump key flags. Print special
warning in case of faked ARRs.
* getkey.c (finsih_lookup): Hack so that for v4 RSA keys the subkey
is used for encryption.
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
* g10.c (main): Default S2K algorithms are now SHA1 and CAST5 - this
should solve a lot of compatibility problems with other OpenPGP
apps because those algorithms are SHOULD and not optional. The old
way to force it was by using the --openpgp option whith the drawback
that this would disable a couple of workarounds for PGP.
* g10.c (main): Don't set --quite along with --no-tty. By Frank Tobin.
* misc.c (disable_core_dump): Don't display a warning here but a return
a status value and ...
* g10.c (main): ...print warnining here. Suggested by Sam Roberts.
Wed Sep 13 18:12:34 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (keyedit_menu): Allow to use "debug" on the secret key.
* ringedit.c (cmp_seckey): Fix for v4 RSA keys.
* seckey-cert.c (do_check): Workaround for PGP 7 bug.
Wed Sep 6 17:55:47 CEST 2000 Werner Koch <wk@openit.de>
* misc.c (print_pubkey_algo_note): Do not print the RSA notice.
* sig-check.c (do_signature_check): Do not emit the RSA status message.
* pubkey-enc.c (get_session_key): Ditto.
* encode.c (encode_simple, encode_crypt): Fix for large files.
* sign.c (sign_file): Ditto.
Wed Sep 6 14:59:09 CEST 2000 Werner Koch <wk@openit.de>
* passphrase.c (hash_passphrase): Removed funny assert. Reported by
David Mathog.
* openfile.c (try_make_homedir): Changes for non-Posix systems.
* g10.c (main): Take the default homedir from macro.
* g10.c: The --trusted-key option is back.
* trustdb.c (verify_own_key): Handle this option.
(add_ultimate_key): Moved stuff from verify_own_key to this new func.
(register_trusted_key): New.
Fri Aug 25 16:05:38 CEST 2000 Werner Koch <wk@openit.de>
* parse-packet.c (dump_sig_subpkt): Print info about the ARR.
* openfile.c (overwrite_filep): Always return okay if the file is
called /dev/null.
(make_outfile_name): Add ".sign" to the list of know extensions.
(open_sigfile): Ditto.
Wed Aug 23 19:52:51 CEST 2000 Werner Koch <wk@openit.de>
* g10.c: New option --allow-freeform-uid. By Jeroen C. van Gelderen.
* keygen.c (ask_user_id): Implemented here.
Fri Aug 4 14:23:05 CEST 2000 Werner Koch <wk@openit.de>
* status.c (do_get_from_fd): Ooops, we used fd instead of opt.command_fd.
Thanks to Michael Tokarev.
Tue Aug 1 20:06:23 CEST 2000 Werner Koch <wk@openit.de>
* g10.c: New opttion --try-all-secrets on suggestion from Matthias Urlichs.
* pubkey-enc.c (get_session_key): Quite easy to implement here.
Thu Jul 27 17:33:04 CEST 2000 Werner Koch <wk@openit.de>
* g10.c: New option --merge-only. Suggested by Brendan O'Dea.
* import.c (import_one): Implemented it here
(import_secret_one): Ditto.
(print_stats): and give some stats.
Thu Jul 27 12:01:00 CEST 2000 Werner Koch <wk@openit.de>
* g10.c: New options --show-session-key and --override-session-key
* pubkey-enc.c (hextobyte): New.
(get_override_session_key): New.
* mainproc.c (proc_pubkey_enc): Add session-key stuff.
* status.h, status.c (STATUS_SESSION_KEY): New.
Thu Jul 27 10:02:38 CEST 2000 Werner Koch <wk@openit.de>
* g10.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes
(print_mds): Likewise for stdin.
* plaintext.c (handle_plaintext): Likewise for stdout.
Mon Jul 24 10:30:17 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (menu_expire): expire date for primary key can be set again.
Wed Jul 19 11:26:43 CEST 2000 Werner Koch <wk@openit.de>
* keylist.c (is_uid_valid): New.
(list_keyblock): Print validity information for all user IDs. Note, this
has to be done at other places too; for now we have only minimal support.
Wed Jul 12 13:32:06 CEST 2000 Werner Koch <wk@openit.de>
* helptext.c, pkclist.c: s/superseeded/superseded/
Mon Jul 10 16:08:57 CEST 2000 Werner Koch <wk@openit.de>
* parse-packet.c (enum_sig_subpkt): Fixed testing on crtitical bit in case
of a NULL buffer. Reported by Peter Marschall.
Wed Jul 5 13:28:45 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c, keyid.c: Add some _()
* argparse.c: Changed the flag to suppress --version handling to also
suppress --help.
Wed Jun 28 11:54:44 CEST 2000 Werner Koch <wk@openit.de>
* armor.c (armor_filter): Set sigclass to 0 in case of non-dash-escaped
clearsig. This makes this mode work again.
* mainproc.c (proc_tree): Fixed handling of one-pass-sig packets in textmode.
Disabled the ugly workaround for PGP 5 - let's see whether thi breaks less
cases. Found by Ted Cabeen.
* options.h (DBG_HASHING): New. All commented md_start_debug are now
controlled by this debug option.
* sign.c (print_status_sig_created): New and called from 2 places.
* keygen.c (gen_rsa): New, but commented.
(ask_algo): Commented support for RSA.
* seckey-cert.c (protect_secret_key): Started to fix the code for v4 RSA
keys - it is not solved yet. However, we have time until, Sep 20th ;)
Wed Jun 14 12:27:09 CEST 2000 Werner Koch <wk@openit.de>
* status.c (init_shm_coprocessing): Changed the sequence of the get,attach
to cope with the changes in newer Linux kernels. This bug has been found
by <dmitri@advantrix.com> who also proposed this solution. Hopefully
this does not break gpg on to many systems.
* cipher.c (write_header): Protect the IV with the MDC too.
* encr-data.c (decrypt_data): Likewise.
Fri Jun 9 10:09:52 CEST 2000 Werner Koch <wk@openit.de>
* g10.c: New options --no-auto-key-retrieve
* options.h (auto_key_retrieve): New.
* mainproc.c (check_sig_and_print): Implemented that.
Wed Jun 7 19:19:09 CEST 2000 Werner Koch <wk@openit.de>
* sig-check.c (do_check): Use EMULATE_MDENCODE also on v4 packets.
Wed Jun 7 17:25:38 CEST 2000 Werner Koch <wk@openit.de>
* cipher.c (write_header): Use plain CFB mode for MDC encrypted packets.
* encr-data.c (decrypt_data): Ditto.
Mon Jun 5 23:41:54 CEST 2000 Werner Koch <wk@openit.de>
* seskey.c (do_encode_md, encode_md_value): Add new arg v3compathack to work
around a bug in old versions.
* sig-check.c (do_check): use the aboved workaround when enabled.
* g10.c: New option --emulate-md-decode-bug
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
* build-packet.c (do_mdc): New.
(do_encrypted_mdc): Changed for the new proposal.
* parse-packet.c (parse_mdc): New.
(parse_encrypted): Fixed for the new proposal.
* packet.h (PKT_MDC): New.
* cipher.c (cipher_filter): Build the MDC packet here.
* g10.c (main): Enable --force-mdc.
* encr-data.c (mdc_decode_filter): Fixed for new MDC method
* options.h(rfc2440): New.
* g10.c (main): Changed the selected values for --openpgp to not include
optional algorithms.
Thu May 18 11:38:54 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (keyedit_menu): Add a keyword arg to the prompt.
* status.c, status.h: Added 3 new status tokens.
* status.c (do_get_from_fd): New.
(cpr_enabled,cpr_get,cpr_get_hidden,cpr_kill_prompt,
cpr_get_answer_is_yes,cpr_get_answer_yes_no_quit): Modified to work
with the new function.
* g10.c: Add new option --command-fd.
* status.c (progress_cb): New.
(set_status_fd): Register progress functions
Fri May 12 14:01:20 CEST 2000 Werner Koch <wk@openit.de>
* delkey.c (delete_key): Add 2 new status messages
* status.c, status.h (STATUS_DELETE_PROBLEM): New.
Fixed years of copyright in all source files.
Mon May 1 17:08:14 CEST 2000 Werner Koch <wk@openit.de>
* trustdb.c (propagate_validity): Fixed the bug that only one uid
gets fully trusted even when all are signed by an ultimate key.
Mon May 1 15:38:04 CEST 2000 Werner Koch <wk@openit.de>
* getkey.c (key_byname): Always returned a defined context. Fixed
a segv for invalid user id specifications. Reported by Walter Koch.
* getkey.c (get_user_id): I18ned "no user id" string. By Walter.
* pkclist.c (do_show_revocation_reason): Typo fixes.
* helptext.c: Ditto.
* armor.c (armor_filter): Fixed some CRLF issues. By Mike McEwan.
Fri Apr 14 19:37:08 CEST 2000 Werner Koch <wk@openit.de>
* pkclist.c (do_show_revocation_reason): New.
(show_revocation_reason): New and called at various places.
* g10.c (main): Fixed small typo.
* pkclist.c (do_we_trust): Act on always_trust but not for revoked
keys. Suggested by Chip Salzenberg.
* g10.c: New option --lock-never.
* ringedit.c (get_writable_keyblock_file): New.
* keygen.c (do_generate_keypair): Use this instead of the hardwired one.
* keygen.c (ask_user_id): Check that the email address is in the
correct field. Suggested by Christian Kurz.
Mon Apr 10 13:34:19 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (show_key_with_all_names): s/sbb/ssb/
Tue Mar 28 14:26:58 CEST 2000 Werner Koch <wk@openit.de>
* trustdb.c (verify_own_keys): Do not print warning about unprotected
key when in quiet mode.
Wed Mar 22 13:50:24 CET 2000 Werner Koch <wk@openit.de>
* mainproc.c (print_userid): Do UTF8 conversion before printing.
* import.c (import_one): Ditto.
(import_secret_one): Ditto.
(delete_inv_parts): Ditto.
Thu Mar 16 16:20:23 CET 2000 Werner Koch <wk@openit.de>
* keylist.c (print_key_data): Handle a NULL pk gracefully.
* getkey.c (merge_one_pk_and_selfsig): Fixed silly code for
getting the primary keys keyID but kept using the one from the
subkey.
* pubkey-enc.c (get_it): Print a note for expired subkeys.
* getkey.c (has_expired): New.
(subkeys_expiretime): New.
(finish_lookup): Check for expired subkeys needed for encryption.
(merge_keys_and_selfsig): Fixed expiration date merging for subkeys.
* keylist.c (list_keyblock): Print expiration time for "sub".
(list_one): Add missing merging for public keys.
* mainproc.c (list_node): Ditto.
2000-03-14 13:49:38 Werner Koch (wk@habibti.openit.de)
* keygen.c (keyedit_menu): Do not allow to use certain commands
while the secret key is selected.
2000-03-09 12:53:09 Werner Koch (wk@habibti.openit.de)
* keygen.c (ask_expire_interval): Movede parsig to ...
(parse_expire_string): ... this new function. And some new control
commands.
(proc_parameter_file): Add expire date parsing.
(do_generate_keypair): Allow the use of specified output files.
2000-03-08 10:38:38 Werner Koch (wk@habibti.openit.de)
* keygen.c (ask_algo): Removed is_v4 return value and the commented
code to create Elg keys in a v3 packet. Removed the rounding
of key sizes here.
(do_create): Likewise removed arg v4_packet.
(gen_elg): Likewise removed arg version. Now rounding keysizes here.
(gen_dsa): Rounding keysize now here.
(release_parameter_list): New
(get_parameter*): New.
(proc_parameter_file): New.
(read_parameter_file): New.
(generate_keypair): Splitted. Now uses read_parameter_file when in
batch mode. Additional argument to specify a parameter file.
(do_generate_keypair): Main bulk of above fucntion and uses the
parameter list.
(do_create): Don't print long notice in batch mode.
* g10.c (main): Allow batched key generation.
Thu Mar 2 15:37:46 CET 2000 Werner Koch <wk@gnupg.de>
* pubkey-enc.c (get_it): Print a note about unknown cipher algos.
* g10.c (opts): Add a note to the help listing about the man page
and removed some options from the help listing.
* keyedit.c (print_and_check_one_sig): Use a new function to truncate
the output of the user ID. Suggested by Jan-Benedict Glaw.
Wed Feb 23 10:07:57 CET 2000 Werner Koch <wk@gnupg.de>
* helptext.c: typo fix.
Thu Feb 17 13:39:32 CET 2000 Werner Koch <wk@gnupg.de>
* revoke.c: Removed a bunch of commented code.
* packet.h (SIGSUBPKT_REVOC_REASON): New.
* build-packet.c (build_sig_subpkt): Support new sub packet.
* parse-packet.c (parse_one_sig_subpkt): Ditto.
(dump_sig_subpkt): Ditto.
* revoke.c (ask_revocation_reason): New.
(release_revocation_reason_info): New.
(revocation_reason_build_cb): New.
(gen_revoke): Ask for reason.
* main.h (struct revocation_reason_info): Add declaration.
* keyedit.c (menu_revsig): Add support for revocation reason.
(menu_revkey): Ditto.
(sign_uid_mk_attrib): Renamed to ...
(sign_mk_attrib): ... this, made static and add support for reasons.
Tue Feb 15 08:48:13 CET 2000 Werner Koch <wk@gnupg.de>
* build-packet.c (build_packet): Fixed fixing of old comment packets.
* import.c (import_keys): Fixed importing from stdin when called with
nnames set to zero as it normally happens.
Mon Feb 14 14:30:20 CET 2000 Werner Koch <wk@gnupg.de>
* sig-check.c (check_key_signature2): Add new arg r_expired.
(do_signature_check): New arg to pass it down to ...
(do_check): New arg r-expire which is set when the signature
has expired.
* trustdb.c (check_sig_record): Set SIGF_EXPIRED flag and set
the expiretime to zero so that thi signature will not be checked
anymore.
Fri Feb 11 17:44:40 CET 2000 Werner Koch <wk@gnupg.de>
* g10.c (g10_exit): Update the random seed_file.
(main): Set the random seed file. New option --no-random-seed-file.
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
* keyedit.c (menu_expire): Fixed segv due to unitialized sub_pk.
By Rémi.
Thu Feb 10 11:39:41 CET 2000 Werner Koch <wk@gnupg.de>
* keylist.c (list_keyblock): Don't print warnings in the middle of
regulat output lines. By Rémi.
* sig-check.c: Include options.h
Wed Feb 9 15:33:44 CET 2000 Werner Koch <wk@gnupg.de>
* gpg.c: New option --ignore-time-conflict
* sig-check.c (do_check): Implemented this option.
* trustdb.c (check_trust): Ditto.
* sign.c (do_sign): Ditto.
* keygen.c (generate_subkeypair): Ditto.
* encode.c (encode_simple): use iobuf_cancel after open failure.
Reported by Huy Le.
Fri Jan 14 18:32:01 CET 2000 Werner Koch <wk@gnupg.de>
* packet.h (STRING2KEY): Changed mode from byte to int.
* parse-packet.c (parse_key): Add the special GNU protection stuff
* build-packet.c (so_secret_key): Ditto.
* seckey-cert.c (do_check): Ditto.
* keyedit.c (change_passphrase): Ditto.
* export.c (export_secsubkeys): New.
(do_export_stream): Hack to export the primary key using mode 1001.
* g10.c: New command --export-secret-subkeys
Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de>
* armor.c (is_armored): Check for 1-pass-sig packets. Reported by
David Hallinan <hallinan@rtd.com>.
(armor_filter): Replaced one LF by the LF macro. Reported by
Wolfgang Redtenbacher.
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
* g10.c (main): Reset new global flag opt.pgp2_workarounds
when --openpgp is used.
* mainproc.c (proc_plaintext): Do the PGP2,5 workarounds only
when the global flag is set.
(proc_tree): Ditto.
* textfilter.c (copy_clearsig_text): Ditto.
* armor.c (armor_filter): Ditto.
* g10.c: New option --list-only
* mainproc.c (proc_tree): Don't do it if opt.list_only is active.
(proc_pubkey_enc): Implement option.
* status.h, status.c ({BEGIN,END}_{EN,DE}CRYPTION): New.
* cipher.c (cipher_filter): New status outputs.
* mainproc.c (proc_encrypted): New status outputs.
Fri Dec 31 14:08:15 CET 1999 Werner Koch <wk@gnupg.de>
* armor.c (armor_filter): Made the "Comment:" header translatable.
* hkp.c (hkp_import): Make sure that the program does not return
success when there is a connection problem. Reported by Phillip Jones.
Sun Dec 19 15:22:26 CET 1999 Werner Koch <wk@gnupg.de>
* armor.c (LF): Use this new macro at all places where a line LF
is needed. This way DOSish textfiles should be created when the
input data is also in dos mode.
* sign.c (LF): Ditto.
* textfilter.c (LF): Ditto.
(copy_clearsig_text): Disabled the forcing of CR,LF sequences
for DOS systems.
* plaintext.c (handle_plaintext): Fixes for line endings on DOS.
and react on a LF in cleartext.
* armor.c (fake_packet): Restore the original line ending after
removing trailing spaces.
* signal.c (got_fatal_signal): DOS fix.
Thu Dec 16 10:07:58 CET 1999 Werner Koch <wk@gnupg.de>
* mainproc.c (print_failed_pkenc): Fix for unknown algorithm.
Found by fygrave@epr0.org.
Thu Dec 9 10:31:05 CET 1999 Werner Koch <wk@gnupg.de>
* hkp.c: i18n the strings.
Sat Dec 4 15:32:20 CET 1999 Werner Koch <wk@gnupg.de>
* trustdb.c (verify_key): Shortcut for ultimately trusted keys.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* pkclist.c (build_pk_list): Validate the trust using the namehash
if this one has been set by the key lookup.
* g10.c: Add --delete-secret-key to the help page.
* openfile.c (copy_options_file): Made static.
(try_make_homedir): New.
* ringedit.c (add_keyblock_resource): Use the try_make_hoemdir logic.
* tdbio.c (tdbio_set_dbname): Likewise.
* keygen.c (generate_user_id): Use m_alloc_clear() here. We should
better use an allocation function specific to the user_id packet.
* keygen.c (keygen_add_std_prefs): Changed symmetric preferences
to include Blowfish again. This is due to it's better speed compared
to CAST5.
* g10.c (strusage): Print the home directory.
* armor.c (armor_filter): Take action on the cancel control msg.
* filter.h (armor_filter_context_t): Add cancel flag.
Mon Nov 29 21:52:11 CET 1999 Werner Koch <wk@gnupg.de>
* g10.c: New option --fast-list-mode ..
* keylist.c (list_keyblock): .. and implemented.
* mainproc.c (list_node): Ditto.
* import.c (mark_non_selfsigned_uids_valid): Fixed the case that there
is a uid without any packet following.
Mon Nov 22 11:14:53 CET 1999 Werner Koch <wk@gnupg.de>
* mainproc.c (proc_plaintext): Never enable the hash processing
when skip_verify is active.
* armor.c (parse_header_line): Stop parsing on a WS line too.
Suggested by Aric Cyr.
* tdbdump.c (HEXTOBIN): Changed the name of the argument, so that
traditional cpp don't mess up the macros. Suggested by Jos Backus.
* mainproc.c (list_node): Print the PK algo in the --with-colon mode.
* keylist.c (list_keyblock): Ditto.
* signal.c (got_fatal_signal): Found the reason why exit(8) did not
work - it is better to set the disposition back to default before
raising the signal. Print the notice on stderr always.
Fri Nov 12 20:33:19 CET 1999 Werner Koch <wk@gnupg.de>
* g10.c (make_username): Swapped the logic.
* keylist.c (public_key_list): Now takes a STRLIST as arg and moved
the creation ot this list to the caller, so that he can copy with
UTF-conversion of user IDs. Changed all callers.
(secret_key_list): Likewise.
* getkey.c (get_user_id_string_native): New and ...
* encode.c (write_pubkey_enc_from_list): ... use it here.
* pubring.asc: Updated.
* packet.h (PKT_PHOTO_ID): New.
* parse-packet.c (parse_photo_id): New.
* build-packet.c (do_user_id: Handle photo IDs.
(build_packet): Change CTB for photo IDs
* free-packet.c (free_user_id): Release memory used for photo IDs
* sig-check.c (hash_uid_node): Handle photo IDs too.
* trustdb.c (print_uid_from_keyblock): Hash photo ID.
(make_uid_records): Ditto.
* getkey.c (find_by_name): Ditto.
* keyedit.c (show_prefs): Ditto.
* keylist.c (list_keyblock): Ditto.
Thu Oct 28 16:08:20 CEST 1999 Werner Koch <wk@gnupg.de>
* keygen.c (ask_expire_interval): Print a warning for systems
with a signed 32 time_t if the exiration time is beyoind 2038.
Fri Oct 8 20:40:50 CEST 1999 Werner Koch <wk@gnupg.de>
* ringedit.c (enum_keyblocks): The last fix way really stupid;
reverted and set rt to Unknown.
Fri Oct 8 20:32:01 CEST 1999 Werner Koch <wk@gnupg.de>
* ringedit.c (enum_keyblocks): Zero the entire kbpos out on open.
* g10.c (oEntropyDLL): Removed option.
(main): Made the warning on development versions more verbose.
* g10.c (oHonorHttpProxy): New option.
* hkp.c (hkp_ask_import,hkp_export): Implement this option.
* options.skel: Enable this option for new installations
Mon Oct 4 21:23:04 CEST 1999 Werner Koch <wk@gnupg.de>
* import.c (import_keys): Changed calling interface, adjusted caller.
(import): Moved printing of stats out ...
(print_stats): New. ... to here.
(import_keys_stream): Call stats print here.
(import_keys): Print stats as totals for all files.
* tdbio.h (DIRF_NEWKEYS): New
* tdbio.c (tdbio_dump_record): Print the new flag.
* trustdb.c (check_trust_record): New arg sigs_only. Adapted all
callers.
(do_update_trust_record): Removed recheck arg and add a new sigs_only
do we can later improve on the performance. Changed all callers too.
(check_trustdb): Evalutate the new flag and add a status output.
Do a check when the dir record has not been checked.
(build_cert_tree): Evaluate the new flag.
(check_trust): Ditto. Do a trust_record check, when the dir record
is not marked as checked.
(mark_fresh_keys): New.
(clear_lid_table): New.
(sync_trustdb): New.
* import.c (import_keys): Call sync_trustdb() after processing.
(import_keys_stream): Ditto.
* tdbdump.c (import_ownertrust): Ditto.
* import.c (import_revoke_cert): Notify the trust DB.
(do_update_trust_record): Use |= to set the REVOKED bit and not &=;
shame on me for this bad copy+paste introduced bug.
(do_we_trust): Add trustmask to allow revoked key override to work.
Chnaged are to allow return of a mofified trustlevel. Adapted the
one caller.
* g10.c: New options --emulate-3des-s2k-bug
* passphrase.c (hash_passphrase): Implemented above.
* mainproc.c (proc_tree): Check for standalone signatures.
(do_check_sig): Print a notice for a standalone revocation
(check_sig_and_print): Do not print an error for unchecked standalone
revocations.
Tue Sep 28 20:54:37 CEST 1999 Werner Koch <wk@gnupg.de>
* encode.c (encode_simple): Use new CTB when we don't have the
length of the file. This is somewhat strange as the comment above
indicates that this part is actually fixed for PGP 5 - maybe I simply
lost the source line, tsss.
* armor.c (armor_filter): Set a flag if no OpenPGP data has been found.
* verify.c (verify_signatures): Add an error helptext.
Thu Sep 23 19:24:30 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* openfile.c (open_outfile): Fixed the 8dot3 handling.
* passphrase.c (passphrase_to_dek): Print uid using utf8 func.
* delkey.c (delete_key): Ditto.
* pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto
(do_we_trust_pre): Ditto.
* trustdb.c (print_user_id,check_uidsigs): Ditto.
* revoke.c (gen_revoke,ask_revoke_sig): Ditto.
Thu Sep 23 09:52:58 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* verify.c (print_file_status): New.
(verify_one_file): Moved status print to th new fnc. Add error status.
* status.c, status.h (STATUS_FILE_ERROR): New
Wed Sep 22 10:14:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* openfile.c (make_outfile_name): Use case-insenstive compare for
DOS systems. Add ".pgp" to the list of know extensions.
(open_outfile): For DOS systems try to replace the suffiy instead of
appending it.
* status.c, status.h: Add STATUS_FILE_{START,DONE}.
* verify.c (verify_one_file): Emit these new stati.
* sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:"
line. Those headers are now only _not_ printed when there are
only old-style keys _and_ all hashs are MD5.
Mon Sep 20 12:24:41 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* verify.c (verify_files, ferify_one_file): New.
* g10.c: New command --verify-files
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: Add UK spelling as alias for armor options ;-)
* import.c (append_uid): Fixed a SEGV when there is no selfsig and
no subkey.
(merge_sigs): Ditto. Removed the assertion.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: New option --entropy-dll-name
Mon Sep 13 10:51:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* signal.c (got_fatal_signal): Print message using write(2) and
only for development versions.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* tdbio.c (tdbio_set_dbname): Use mkdir macro
* ringedit.c (add_keyblock_resource): Ditto.
Fri Sep 3 10:04:45 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (build_pk_list): Skip keys set with --encrypt-to also
when asking for a key.
* plaintext.c (handle_plaintext): Make sure that we don't read a
second EOF in the read loop for partial length packets.
* mainproc.c (check_sig_and_print): print user ID as utf-8.
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* import.c (merge_blocks): First add new subkeys, then merge subkey
certificates.
(merge_sigs): Don't merge subkey signatures here.
Wed Sep 1 15:30:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keygen.c (ask_expire_interval): Fixed bug related to cpr_xx (tnx
Francis J. Lacoste).
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* plaintext.c (do_hash): Hash CR,LF for a single CR.
(ask_for_detached_datafile): Changed arguments to be closer to
those of hash_datafiles and cleanup the code a bit.
* mainproc.c (proc_tree): Workaround for pgp5 textmode detached
signatures. Changed behavior of asking for data file to be the same
as with provided data files.
* keylist.c (list_keyblock): Use UTF8 print functions.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* import.c (chk_self_sigs): some s/log_error/log_info/ so that gpg
does not return an error if a key has some invalid packets.
* helptext.c: Fixed some typos and changed the way the
translation works. The english text is now the keyword for gettext
and not anymore the keyword supplied to the function. Done after
some discussion with Walter who thinks this is much easier for the
translators.
* misc.c (disable_core_dumps): Don't do it for DOSish systems.
* signal.c (signal_name): Bounds check on signum.
Wed Aug 4 10:34:18 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pubring.asc: Updated.
* pkclist.c (do_we_trust_pre,check_signatures_trust): Do not print
the warning about --always_trust when --quiet is used.
* pkclist.c (fpr_info): New and called at several places.
* parse-packet.c (dump_sig_subpkt): List revocation key contents.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (build_pk_list): Fixed typo in format string.
* trustdb.c (create_shadow_dir): Don't translate the error string.
* g10.c (main): Fixed spelling of user-id.
* getkey.c (find_by_name_pk,find_by_name_sk,
find_by_keyid,find_by_keyid_sk): Ditto and translate it.
* import.c (mark_non_selfsigned_uids_valid,delete_inv_parts): Ditto.
Mon Jul 26 01:01:39 CEST 1999 Michael Roth <mroth@nessie.de>
* g10.c, options.h: New options --no-literal and --set-filesize
* encode.c (encode_simple, encode_crypt): Support for the options
--no-literal and --set-filesize.
* sign.c (sign_file): ditto.
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* ringedit.c (enum_keyblocks): Removed annoying error message in cases
when we have no keyring at all to enum.
* getkey.c (classify_user_id): Rewrote to relax the recognition of
keyIDs and fingerprints (Michael).
* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
(print_failed_pkenc): Print status NO_SECKEY.
* import.c (mark_non_selfsigned_uids_valid): New.
* g10.c: New option --allow-non-selfsigned-uid.
* pkclist.c (print_fpr): New.
(do_we_trust_pre): Print the fpr before asking whether to use the key
anyway.
(do_edit_ownertrust): Likewise.
Thu Jul 22 20:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* ringedit.c (enum_keyblocks): Removed annoying error message in cases
when we have no keyring at all to enum.
* getkey.c (classify_user_id): Rewrote to relax the recognition of
keyIDs and fingerprints (Michael).
* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
(print_failed_pkenc): Print status NO_SECKEY.
* import.c (mark_non_selfsigned_uids_valid): New.
* g10.c: New option --allow-non-selfsigned-uid.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: New options --disable-{cipher,pubkey}-algo.
Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* status.h (STATUS_IMPORTED): New.
* import.c (import): Print some status information (Holger Schurig).
* g10.c (main): Make --no-greeting work again. Add a warning when
--force-mds is used.
Tue Jul 13 17:39:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (do_edit_ownertrust): Changed the way help works.
(build_pk_list): Implemented default recipient stuff.
* g10.c: New options --default-recipient[-self]
(main): Suppress greeting in most cases, entering a passphrase or
a missing value is not considered to be interactive use.
Merged --print-md and --print-mds; the latter is now obsolete.
Changed the way --gen-random works and documented it.
Changed the way --gen-prime works and add a man entry.
* g10.c (MAINTAINER_OPTIONS): Removed.
Mon Jul 12 18:45:57 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keyedit.c (keyedit_menu): Add arg sign_mode and changed callers
* g10.c (main): New command --lsign-key.
Mon Jul 12 14:55:34 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (kidlist_item): New.
(release_list): Release failed pk-enc-list.
(print_failed_pkenc): New
(proc_encrypted): Print info about failed PK enc.
* openfile.c (make_outfile_name): s/error/info/
* passphrase.c (passphrase_to_dek): Return an empty passphrase when
in batch mode and don't make the warning message fatal
* seckey-cert.c (check_secret_key): Try only once when in batch mode.
* g10.c (make_username): New.
Thu Jul 8 16:21:27 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* packet.h (PKT_ring_trust): New
* parse-packet.c (parse_trust): Store trust value
* build-packet (build_packet): Ignore ring trust packets.
* mainproc.c (add_ring_trust): New.
(list_node): Print "rtv" records.
* g10.c: New option --with-fingerprint.
* trustdb.c (verify_own_keys): Don't insert if we are dry running
(check_trust): Ditto.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* keygen.c (ask_expire_interval): Hack to allow for an expire date.
* trustdb.c (do_update_trust_record,update_trust_record): Splitted.
(check_trust_record): New.
(check_trust,build_cert_tree): Check the dir record as needed.
(upd_pref_record): Removed.
(make_pref_record): New.
(propagate_validity): Stop as soon as we have enough validity.
* tbdio.c (MAX_CACHE_ENTRIES_HARD): Increased the limit.
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (g10_exit): Dump random stats.
* sig-check.c (check_key_signature,check_key_signature2): Enhanced
version and wrapper for old function.
(do_signature_check,signature_check): Ditto.
Thu Jul 1 12:47:31 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keyedit.c (show_key_with_all_names): Print a notice for disabled keys.
(enable_disable_keys): Add functionality
* pkclist.c (edit_ownertrust): preserve disabled state.
(build_pk_list): Skip disabled keys.
* trustdb.c (upd_one_ownertrust): Ditto.
(build_cert_tree): Mask the ownertrust.
(trust_letter): Mask the value.
(do_check): Take disabled flag into account.
* passphrase.c (passphrase_to_dek): Add a pubkey_algo arg and changed
all callers.
* g10.c (utf8_strings): 2 new options.
* trustdb.c (insert_trust_record_by_pk): New, replaces the next one.
(insert_trust_record): Now takes a keyblock as arg. Changed all
callers to use the appropritae function.
* openfile.c (ask_outfile_name): New.
* plaintext.c (handle_plaintext): Ask for filename if there is
no valid syntax. Don't use fname varbatim but filter it.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.h (TRUST_FLAG_DISABLED): New.
* status.c (USE_CAPABILITIES): Capabilities support (Remi).
* tdbio.c : Added new fields to the DIR record.
(tdbio_write_record): Fixed the update of the hash tables.
(tdbio_delete_record): Drop the record from the hash tables.
(drop_from_hashtbl): New.
* status.c (cpr_get): Special online help mode.
* helptext.c ("keyedit.cmd"): Removed.
* keyedit.c (keyedit_menu): Use only help system.
(enable_disable_key): New bit doies not yet work.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* dearmor.c (enarmor_file): Fixed comment string.
* tdbdump.c (export_ownertrust): Text fix.
* tbio.c (tdbio_invalid): Ditto.
* parse-packet.c (parse_key): Made temp buffer larger.
* Makefile.am (install-data-local): Add missing backslashes
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): Made iterated+salted the default S2K method.
* Makefile.am (install-data-local): Use DESTDIR.
* passphrase.c (passphrase_to_dek): Emit missing-passphrase while in
batchmode.
* parse-packet.c (parse_pubkeyenc): Fixed a SEGV.
Mon Jun 14 21:18:54 CEST 1999 Michael Roth <mroth@nessie.de>
* g10.c: New options --openpgp, --no-tty, --emit-version,
--default-comment and --lock-multiple
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* free-packet.c (free_encrypted): Fixed EOF case (Remi).
(free_plaintext): Ditto.
* helptext.c (keyedit.delsig.unknown): New (Remi).
* keyedit.c (print_and_check_one_sig): Add arg print_without_key and
changed all callers to make use of it (Remi):
Tue Jun 8 13:36:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keylist.c (print_key_data): New and called elsewhere.
* g10.c: New option --with-key-data
Wed Jun 2 14:17:19 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (proc_tree): Yet another bad hack to cope with
broken pgp2 created detached messages in textmode.
Tue Jun 1 16:01:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* openfile.c (make_outfile_name): New.
* plaintext.c (handle_plaintext): Outputfile is now the inputfile
without the suffix.
* g10.c: New option --use-embedded-filename
Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): Fix for SHM init (Michael).
* compress.c, encr-data.c, mdfilter.c,
plaintext.c, free-packet.c: Speed patches (Rémi).
Thu May 27 09:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* status.c (cpr_get_answer_yes_no_quit): New.
* keyedit.c (menu_delsig): New.
(check_all_keysigs): Splitted.
(print_and_check_one_sig): New.
Wed May 26 14:36:29 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* build-packet.c (build_sig_subpkt): Support large packets.
* parse-packet.c (enum_sig_subpkt): Replaces parse_sig_subpkt.
* mainproc.c (print_notation_data): Print all notation packets.
* g10.c (add_notation_data): Add a way to specify the critical flag.
(main): Add option --set-policy-url.
(check_policy_url): Basic checks.
* sign.c (mk_notation_and_policy): Replaces mk_notation.
* parse-packet.c (can_handle_critical): Moved decision whether we can
handle critical subpacket to an extra function.
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* sign.c (sign_file): Always use compression algo 1 for signed
onyl file becuase we can´ be sure the the verifier supports other
algorithms.
* build-packet.c (build_sig_subpkt): Support for notation data.
* sign.c (sign_file,clearsign_file,make_keysig_packet): Ditto.
(mk_notation): New.
* g10.c (add_notation_data): New and add option -N
* mainproc.c (print_notation_data): New.
(check_sig_and_print): Print any notation data of the signed text.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (check_signatures_trust): Print a warning and return
immediateley if opt.always_trust is true.
* g10.c (main): Corrected handling of no-default-keyring
* pkclist.c (algo_available): Disable Twofish until we have settled
how to do the MDC.
* hkp.c: Disable everything for mingw32
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (check_sig_and_print): Add sig creation time to the
VALIDSIG status output. Add more info to the ERRSIG output.
* sig-check.c (signature_check): Add sig time after epoch to SIG_ID.
* import.c (import_one): Merge duplicate user IDs.
(collapse_uids): New.
* kbnode.c (move_kbnode): New.
(remove_kbnode): New.
* keyedit.c (keyedit_menu): Call collapse_uids.
* g10.c: new option --logger-fd.
* import.c: s/log_*_f/log_*/
Thu May 20 14:04:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (pull_in_libs): do the volatile only for gcc
* sig-check (signature_check): Emit SIG_iD only for classes 0 and 1.
* armor.c (armor_filter): Add detection of PGP2 created clearsigs.
(fake_packet): A tab is not a WS for pgp2 - handle this.
* textfilter.c (len_without_trailing_chars): New.
(copy_clearsig_text): Add pgp2mode arg.
* sign.c (clearsign_file): pass old_style to the above fnc.
Wed May 19 16:04:30 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: New option --interactive.
* mainproc.c (proc_plaintext): Add workaround for pgp2 bug
(do_check_sig): Ditto.
(proc_tree): Ditto.
* plaintext.c (do_hash): Ditto.
(hash_datafiles): Ditto, add an arg, changed all callers.
* mdfilter.c (md_filter): Add support for the alternate hash context.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* parse-packet.c (parse_encrypted): Support for PKT_ENCRYPTED_MDC.
* build-packet.c (do_encrypted_mdc): Ditto.
* cipher.c (write_header): Add mdc hashing.
(cipher_filter): write out the hash.
* mainproc.c (do_proc_packets): Add PKT_ENCRYPTED_MDC.
* encr-data.c (decrypt_data): Add mdc hashing.
(mdc_decode_filter): New.
* parse-packet.c (parse_sig_subpkt): Fixed stupid bug for subpkt
length calculation
(parse_signature): Fixed even more stupid bug.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* build-packet.c (do_signature): Removed MDC hack.
* encode.c (encode_crypt_mdc): Removed.
* mainproc.c (do_check_sig): Removed MDC hack.
(check_sig_and_print): Ditto.
* parse-packet.c (parse_signature): Ditto.
* sig-check.c (mdc_kludge_check): Ditto.
* free-packte.c (copy_signature, free_seckey_enc): Ditto.
* parse-packet.c (parse_signature,parse_key): Store data of
unknown algorithms with mpi_set_opaque inseatd of the old
faked data stuff.
(read_rest): Removed.
(read_rest2): Renamed to read_rest
* build-packet.c (write_fake_data): Use mpi_get_opaque.
* free-packet.c (cp_fake_data): Removed and cahnged all callers
to use mpi_copy.
(free_pubkey_enc,free_seckey_enc,release_public_key_parts,
release_secret_key_parts): Use mpi_free for opaque data.
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.c (check_trust): Check for revoked subkeys.
* pkclist.c (do_we_trust): Handled revoked subkeys.
(do_we_trust_pre): Ditto.
(check_signatures_trust): Ditto.
* build-packet.c (hash_public_key): Fix for ancient g10 keys.
* mainproc.c (do_proc_packets): Return EOF if no data has been read.
* g10.c (main): Catch errors for default operation.
Thu Apr 29 12:29:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* sign.c (sign_file): Fixed hashing in case of no subpackets.
(clearsign_file): Ditto.
(make_keysig_packet): Ditto.
Wed Apr 28 13:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keyedit.c (keyedit_menu): Add new command revkey.
* (menu_revkey): New.
Mon Apr 26 17:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* parse-packet.c (parse_signature): Add the MDC hack.
* build-packet.c (do_signature): Ditto.
* free-packet.c (free_seckey_enc,copy_signature,cmp_signatures): Ditto.
* mainproc.c (do_check_sig): Ditto.
* sig-check.c (mdc_kludge_check): New.
* encode.c (encrypt_mdc_file): New.
* keyedit.c (check_all_keysigs): List revocations.
* (menu_revsig): New.
* sign (make_keysig_packet): Support for class 0x30.
Sun Apr 18 20:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (select_algo_from_prefs): Fixed the case that one key
has no preferences (Remi Guyomarch).
keylist.c (list_keyblock): ulti_hack to propagate trust to all uids.
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* seckey-cert.c (do_check): Use real IV instead of a 0 one, so that
it works even if the length of the IV doesn't match the blocksize.
Removed the save_iv stuff.
(protect_secret_key): Likewise. Create the IV here.
* packet.h (PKT_secret_key): Increased size of IV field and add a
ivlen field.
* parse-packet.c (parse_key): Use the len protect.ivlen.
* build-packet.c (do_secret_key). Ditto.
* getkey.c (key_byname): Close keyblocks.
* Makefile.am (gpgm): Removed this
* g10.c: Merged gpg and gpgm
* import.c (import): Utilize option quiet.
* tdbio.c (tdbio_set_dbname): Ditto.
* ringedit.c (add_keyblock_resource,keyring_copy): Ditto.
* keyedit.c (sign_uids): Add some batch support.
* g10.c (main): add call to tty_batchmode.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* status.c (write_status_text): Some more status codes.
* passphrase_to_dek (passphrase_to_dek): add a status code.
* seckey_cert.c (check_secret_key): Likewise.
* encr-data.c (decrypt_data): Reverse the last changes
* cipher.c (write_header): Ditto.
* parse-packet.c (parse_key): Dropped kludge for ancient blowfish mode.
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (proc_encrypted): Add a new status output
* passphrase.c (passphrase_to_dek): Ditto.
* status.h status.c: Add new status tokens.
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* encr-data.c (decrypt_data): Fixes for 128 bit blocksize
* cipher.c (write_header): Ditto.
* seckey-cert.c (do_check): Ditto.
(protect_secret_key). Ditto.
* misc.c (print_cipher_algo_note): Twofish is now a standard algo.
* keygen.c (do_create): Fixed spelling (Gaël Quéri)
(ask_keysize): Only allow keysizes up to 4096
* ringedit.c (add_keyblock_resource): chmod newly created secrings.
* import.c (delete_inv_parts): Fixed accidently deleted subkeys.
Tue Apr 6 19:58:12 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* armor.c: Removed duped include (John Bley)
* mainproc.c: Ditto.
* build-packet.c (hash_public_key): Fixed hashing of the header.
* import.c (delete_inv_parts): Allow import of own non-exportable sigs.
Sat Mar 20 13:59:47 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (fake_packet): Fix for not not-dash-escaped
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): Added command --recv-keys
* hkp.c (hkp_import): New.
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.c (check_trust): add new arg add_fnc and changed all callers.
(do_check): Ditto.
(verify_key): Ditto.
(propagate_validity): Use the new add_fnc arg.
(print_user_id): Add the FILE arg.
(propagate_ownertrust): New.
* pkclist.c (add_ownertrust_cb): New and changed the add_ownertrust
logic.
* getkey.c (get_keyblock_bylid): New.
* trustdb.c (print_uid_from_keyblock): New.
(dump_tn_tree_with_colons): New.
(list_trust_path): Add colon print mode.
* trustdb.c (insert_trust_record): Always use the primary key.
* encode.c (encode_simple): Added text_mode filter (Rémi Guyomarch)
(encode_crypt): Ditto.
* mainproc.c (proc_pubkey_enc): Added status ENC_TO.
* armor.c (armor_filter): Added status NODATA.
* passphrase.c (passphrase_to_dek): Always print NEED_PASSPHRASE
* seckey_cert.c (check_secret_key): Added BAD_PASS status.
* g10.c (main): Set g10_opt_homedir.
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* keygen.c (do_create): Changed wording of the note (Hugh Daniel)
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* tdbdump.c: New
* trustdb.c (walk_sigrecs,do_list_sigs,list_sigs,
list_records,list_trustdb,export_ownertrust,import_ownertrust): Moved
to tdbdump.c
(init_trustdb): renamed to setup_trustdb. Changed all callers.
(do_init_trustdb): renamed to init_trustdb().
* trustdb.c (die_invalid_db): replaced by tdbio_invalid.
* tdbio.c (tdbio_invalid): New.
* import.c (delete_inv_parts): Skip non exportable signatures.
* keyedit.c (sign_uid_mk_attrib): New.
(sign_uids): Add the local argument.
(keyedit_menu): New "lsign" command.
* trustdb.c (register_trusted_key): Removed this and all related stuff.
* g10.c (oTrustedKey): Removed option.
* tdbio.h (dir.valcheck): New trustdb field.
* tdbio.c: Add support for this field
(tdbio_read_modify_stamp): New.
(tdbio_write_modify_stamp): New.
* trustdb.c (do_check): Check against this field. Removed cache update.
(verify_key): Add cache update.
(upd_uid_record): Some functional changes.
(upd_cert_record): Ditto
Wed Mar 10 11:26:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* keylist.c (list_keyblock): Fixed segv in uid. Print 'u' as
validity of sks.
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* getkey.c (classify_user_id): Add new mode 12 (#<lid>).
* seckey-cert.c (check_secret_key): replaced error by info.
* trustdb.c (query_trust_info): Add another arg, changed all callers.
(check_trust): Ditto.
(do_check): Ditto.
(verify_key): Handle namehash.
* keylist.c (list_keyblock): print trust info for user ids.
* sig-check.c (signature_check): Add sig-created to status output.
Tue Mar 2 16:44:57 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* textfilter.c (copy_clearsig_text): New.
(clearsign): Removed.
* sign.c (clearsign_file): does not use textfiler anymore.
* keygen.c (ask_user_id): print a note about the used charset.
Tue Mar 2 10:38:42 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* sig-check.c (signature_check): sig-id now works for all algos.
* armor.c (armor_filter): Fixed armor bypassing.
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* keygen.c (ask_user_id): Don't change the case of email addresses.
(has_invalid_email_chars): Adjusted.
* keylist.c (list_one): Really list serect keys (Remi Guyomarch)
* keyedit.c (menu_select_uid): Add some braces to make egcs happy.
(menu_select_key): Ditto.
* mainproc.c (do_proc_packets): List sym-enc packets (Remi Guyomarch)
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (build_pk_list): Return error if there are no recipients.
* sig-check.c (signature_check): New signature id feature.
* armor.c (make_radic64_string): New.
* mainproc.c (proc_pubkey_enc): early check for seckey availability.
* pkclist.c (do_we_trust_pre): print user id before asking.
* ringedit.c (add_keyblock_resource,get_keyblock_handle): Cleaner
handling of default resource.
Thu Feb 25 18:47:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (algo_available): New.
(select_algo_from_prefs): Check whether algo is available.
* ringedit.c (keyring_copy): Take care of opt.dry_run.
(do_gdbm_store): Ditto.
* openfile.c (open_outfile). Ditto.
(copy_options_file): Ditto.
* trustdb.c (update_trustdb): Ditto.
(clear_trust_checked_flag): Ditto.
(update_trust_record): Ditto.
(insert_trust_record): Ditto.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* keylist.c (secret_key_list): Now really list the secret key.
* trustdb.c (do_init_trustdb): New. Init is now deferred.
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY.
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (select_algo_from_prefs): retrieve LID if not there.
* armor.c (fake_packet): Replaced ugly lineending handling.
* g10.c (oNoEncryptTo): New.
* pkclist.c (build_pk_list): Implemented this option.
* g10.c (main): Greeting is now printed to stderr and not to tty.
Use add_to_strlist() instead of direct coding.
* import.c (import): Use iobuf_push_filter2.
* mainproc.c (check_sig_and_print): Print all user ids
for good signatures.
* getkey.c (get_pubkeyblock): New.
* import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys.
(delete_inv_parts): Delete special marked packets.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): New option --encrypt-to
* pkclist.c (build_pk_list): Implemented encrypt-to.
* parse-packet.c (parse_user_id): Removed the hack to work with
utf-8 strings.
* g10.c (main): Install lockfile cleanup handler.
* tdbio.c (cleanup): Removed: this is now handled by dotlock.
Sat Feb 13 14:13:04 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* tdbio.c (tdbio_set_dbname): Init lockhandle for a new trustdb
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): check for development version now in configure
* tdbio.c (tdbio_write_record): Add uid.validity
(tdbio_read_record) : Ditto.
(tdbio_dump_record) : Ditto.
* keygen.c (keygen_add_std_prefs): Replaced Blowfish by Twofish,
removed MD5 and Tiger.
* pubkey-enc.c (get_it): Suppress warning about missing Blowfish
in preferences in certain cases.
* ringedit.c (lock_rentry,unlock_rentry): New.
* getkey.c (key_byname): Pass ret_kb down to lookup_xx.
* armor.c (armor_filter): No output of of empty comment lines.
Add option --no-version to suppress the output of the version string.
* getkey.c: Release the getkey context for auto context variables.
Sun Jan 24 18:16:26 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* getkey.c: Changed the internal design to allow simultaneous
lookup of multible user ids
(get_pubkey_bynames): New.
(get_seckey_bynames): New.
(get_seckey_next): New.
(get_seckey_end): New.
* keylist.c (list_one): Use the new functions.
* keylist.c (list_keyblock): add a newline for normal listings.
* g10.c (--recipient): New option name to replace --remote-user
Wed Jan 20 18:59:49 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* textfilter.c: Mostly rewritten
* plaintext.c (handle_plaintext): Use now text_filter semantics.
Tue Jan 19 19:34:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* export.c (export_pubkeys_stream): New.
(do_export_stream): New.
* g10.c (aSendKeys): New command.
* hkp.c (hkp_export): New.
* compress.c (do_uncompress): Hack for algo 1 and 1.1.3
Sun Jan 17 11:04:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* textfilter.c (text_filter): Now uses iobuf_read_line().
(read_line): Removed.
* armor.c (trim_trailing_spaces): Removed and replaced
by trim_trailing_ws from libutil
Sat Jan 16 12:03:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* hkp.c (hkp_ask_import): Use only the short keyid
Sat Jan 16 09:27:30 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* import.c (import_key_stream): New
(import): New, moved most of import_keys here.
* g10.c: New option --keyserver
* mainproc.c (check_sig_and_print): Hook to import a pubkey.
* pref.c pref.h : Removed
* hkp.c hkp.h: New
Wed Jan 13 14:10:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (radix64_read): Print an error if a bad armor was detected.
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (radix64_read): Now handles malformed armors produced
by some buggy MUAs.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* ringedit.c (find_keyblock_bysk): New.
* skc_list.c (is_insecure): New.
(build_sk_list): usage check for insecure keys.
* import.c (chk_self_sigs): Add handling for subkeys.
(delete_inv_parts): Skip unsigned subkeys
* sig-check.c (do_check): Print info if the signature is older
than the key.
* keygen.c (generate_subkeypair): Fail on time warp.
* sign.c (do_sign): Ditto.
Sun Jan 10 15:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (fake_packet): Fixed not-dash-escaped bug.
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* sig-check.c (do_check): Output time diff on error
* status.c (STATUS_VALIDSIG): New.
(is_status_enabled): New.
* mainproc.c (check_sig_and_print): Issue that status message.
* plaintext.c (special_md_putc): Removed
* armor.c (armor_filter): print error for truncated lines.
* free-packet.c (free_encrypted): Revomed call to set_block_mode.
(free_plaintext): Ditto.
Thu Jan 7 18:00:58 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (add_ownertrust): Fixed return value.
* encr-data.c (decrypt_data): Disabled iobuf_set_limit and
iobuf_pop_filter stuff.
* compress.c (handle_compressed): Disabled iobuf_pop_filter.
* packet.h (PKT_secret_key): Add is_primary flag.
* parse-packet.c (parse_key): Set this flag.
* passphrase.c (passphrase_to_dek): Kludge to print the primary
keyid - changed the API: keyid must now hold 2 keyids.
* getkey.c (get_primary_seckey): New.
* seckey-cert.c (do_check): pass primary keyid to passphrase query
* tbdio.c (open_db): removed the atexit
(tdbio_set_dbname): and moved it to here.
* armor.c: Rewrote large parts.
Tue Dec 29 19:55:38 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* revoke.c (gen_revoke): Removed compression.
* pkclist.c (do_we_trust_pre): special check for revoked keys
* trustdb.c (update_trust_record): Fixed revoke flag.
Tue Dec 29 14:41:47 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (disable_core_dumps): Check for EINVAL (Atari)
* getkey (merge_one_pk_and_selfsig): Fixed search of expiredate.
(merge_keys_and_selfsig): Ditto.
* free-packet.c (cmp_public_keys): cmp expire only for v3 packets
(cmp_secret_keys): Ditto.
(cmp_public_secret_key): Ditto.
Wed Dec 23 17:12:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (find_header): Reset not_dashed at every header
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (add_ownertrust): Refresh validity values.
* trustdb.c (enum_cert_paths_print): New arg refresh.
* ringedit.c: Fixed problems fix keyrings
* parse-packet.c (dbg_parse_packet): New debug functions.
* getkey.c (getkey_disable_caches): New.
* import.c (import_keys): Disable caches.
Thu Dec 17 18:31:15 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (trap_unaligned): Only for glibc 1
* sign.c (write_dash_escaped): Now escapes "From " lines
* g10.c: New option --escape-from-lines
* trustdb.c (sort_tsl_list): New
(list_trust_path): Now prints sorted list.
(enum_cert_paths): Likewise.
(enum_cert_paths_print): New.
(print_paths): New printing format.
* pkclist.c (add_ownertrust): New arg quit.
(edit_ownertrust): New quit selection and does not query
the recipients ownertrust anymore.
(add_ownertrust): Print the ceritficate path.
Mon Dec 14 21:18:49 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* parse-packet.c (parse_signature): Now checks for critical bit
(parse_sig_subpkt): Splitted.
(parse_one_sig_subpkt): New.
* sig-check.c (do_check): handle critical bit.
Sun Dec 13 14:10:56 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* pcklist.c (select_algo_from_prefs): Preferences should
now work (lost the != ? )
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* ringedit.c (gdbm_store): Fix for inserts
* g10.c (main): New option --export-all
* export.c (export_pubkeys): New arg.
(do_export): Now may skip old keys.
* status.c: Minor patches for Sun's cc
* keygen.c (ask_algo): Disabled v3 ElGamal choice, rearranged
the numbers. Add a warning question when a sign+encrypt key
is selected.
* g10.c (do_not_use_RSA): Removed.
* misc.c (print_pubkey_algo_note): New as replacement for the
do_not_use_RSA() and chnaged all callers.
(print_cipher_algo_note): New.
(print_hash_algo_note): New.
* cipher.c (write_header): Add a call to print_cipher_algo_note.
* seckey-cert.c (protect_secret_key): Ditto
* sign.c (do_sign): Add a call to print_digest_algo_note.
* getkey.c (get_long_user_id_string): New.
* mainproc.c (check_sig_and_print): Changed the format of the
status output.
* encrypt.c (write_pubkey_enc_from_list): print used symmetric cipher.
* pkclist.c (do_we_trust): Changed a message.
Wed Dec 9 13:41:06 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (trap_unaligned) [ALPHA]: Only if UAC_SIGBUS is defined.
* sign.c (write_dash_escaped): Add the forgotten patch by Brian Moore.
* compress.c (do_uncompress): Fixed the inflating bug.
Tue Dec 8 13:15:16 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.c (upd_uid_record): Now uses the newest self-signature
(insert_trust_record): Now calls update with recheck set to true.
(register_trusted_key): New.
(verify_own_keys): Enhanced by list of trusted keys.
* g10.c (main): Print a warning when a devel version is used.
(main): New option --trusted-key
* import.c (merge_blocks): Fixed merging of new user ids and
added merging of subkeys.
(append_uid): Ditto.
(merge_keysig): New.
(append_key): New.
* getkey.c (merge_one_pk_and_selfsig): Get the expiration time
from the newest self-signature.
(merge_keys_and_selfsig): Ditto.
* free-packet.c (cmp_secret_key): New.
Fri Nov 27 21:37:41 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: New option --lock-once
* tdbio.c (open_db): Add an atexit
(cleanup): New.
(tdbio_sync): Add locking.
(tdbio_end_transaction): Ditto.
(put_record_into_cache): Ditto.
* ringedit.c (keyring_copy): Ditto.
(cleanup): New.
(add_keyblock_resource): Add an atexit.
Fri Nov 27 15:30:24 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* armor.c (find_header): Another fix for clearsigs.
Fri Nov 27 12:39:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* status.c (display_help): Removed.
* helptext.c: New and removed the N_() from all cpr_gets.
Fri Nov 20 16:54:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New option --not-dash-escaped
* sign.c (write_dashed_escaped): Ditto.
* armor.c (find_header): Support for NotDashEscaped header.
* getkey.c: print "disabled cache.." only if verbose is used.
Thu Nov 19 07:17:31 1998 Werner Koch <werner.koch@guug.de>
* parse-packet.c (dump_sig_subpkt): Fixed expire listing
* getkey.c (merge_keys_and_selfsig): Fixed expire calculation.
(merge_one_pk_and_selfsig): Ditto.
* keyedit.c (menu_expire). Ditto.
* keygen.c (keygen_add_key_expire): Ditto.
(ask_expire_interval): New and changed all local function to use
this instead.
(keygen_add_key_expire): Opaque should now be a public key;
changed all callers.
* parse.packet.c (parse): use skip_rest to skip packets.
* keyedit.c (keyedit_menu): New arg for cmdline cmds.
Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (check_trustdb): Now rechecks all gived userids.
(collect_paths): Some fixes.
(upd_pref_records): Skips empty items, evaluate all items.
* parse-packet.c (dump_sig_subpkt): Better listing of prefs.
(skip_packet): Now knows about marker packet
* g10.c: removed cmd "--edit-sig".
* pubring.asc: Updated.
Sat Nov 14 14:01:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Changed syntax of --list-trust-path
* trustdb.c (list_trust_path): Replaced max_depth by
opt.max_cert_depth
Fri Nov 13 07:39:58 1998 Werner Koch <werner.koch@guug.de>
* trustdb.c (collect_paths): Removed a warning message.
(enum_trust_web): Removed.
(enum_cert_paths): New.
* pkclist.c (add_ownertrust): Changed to use enum_cert_paths.
(edit_ownertrust): Now list ceritficates on request.
(show_paths): New.
Wed Nov 11 18:05:44 1998 Werner Koch <werner.koch@guug.de>
* g10.c (main): New option --max-cert-depth
* tdbio.h: add new fields to ver and dir record.
* tdbio.c: read/write/dump of these fields.
(tdbio_db_matches_options): New.
* trustdb.c: replaced MAC_CERT_DEPTH by opt.max_cert_depth.
(do_check): cache validity and changed other functions
to reset the cached value.
* keylist.c (list_one): Now lists the ownertrust.
* mainproc.c (list_node): Ditto.
Tue Nov 10 10:08:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (g10_exit): Now looks at the new g10_errors_seen.
* mainproc.c (check_sig_and_print): Sets g10_errors_seen.
* *.c : i18n many more strings.
* ringedit.c (locate_keyblock_by_keyid): Add HAVE_LIBGDBM
(locate_keyblock_by_fpr): Ditto.
* g10.c (main): removed unsused "int errors".
(main): Add new option --charset.
* g10.c (main): special message for the unix newbie.
Mon Nov 9 07:17:42 1998 Werner Koch <werner.koch@guug.de>
* getkey.c (finish_lookup): Kludge to prefere algo 16.
* trustdb.c (new_lid_table): Clear cached item.
* status.c (cpr_get_utf8): New.
* pkclist.c (build_pk_list): Uses this.
Sun Nov 8 17:20:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c (check_sig_and_print): Why did I use strlen()-1
in the printf? - This truncated the TZ.
Sat Nov 7 15:57:28 1998 me,,, (wk@tobold)
* getkey.c (lookup): Changes to support a read_next.
(get_pubkey): Fixed a memory leak.
* keylist.c (list_one): Now lists all matching user IDs.
Tue Nov 3 16:19:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (ask_user_id): Now converted to UTF-8
* g10.c (main): Kludge for pgp clearsigs and textmode.
Fri Oct 30 16:40:39 1998 me,,, (wk@tobold)
* signal.c (block_all_signals): New.
(unblock_all_signals): New
* tdbio.c (tdbio_end_transaction): Now blocks all signals.
* trustdb.c (new_lid_table): Changed the representation of the
former local_lid_info stuff.
* trustdb.c (update_trust_record): Reorganized the whole thing.
* sig-check.c (check_key_signature): Now handles class 0x28
Wed Oct 28 18:56:33 1998 me,,, (wk@tobold)
* export.c (do_export): Takes care of the exportable sig flag.
Tue Oct 27 14:53:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (update_trust_record): New "fast" parameter.
Sun Oct 25 19:32:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* openfile.c (copy_options_File): New.
* ringedit.c (add_keyblock_resource): Creates options file
* tdbio.c (tdbio_set_dbname): Ditto.
Sat Oct 24 14:10:53 1998 brian moore <bem@cmc.net>
* mainproc.c (proc_pubkey_enc): Don't release the DEK
(do_proc_packets): Ditto.
Fri Oct 23 06:49:38 1998 me,,, (wk@tobold)
* keyedit.c (keyedit_menu): Comments are now allowed
* trustdb.c: Rewrote large parts.
Thu Oct 22 15:56:45 1998 Michael Roth (mroth@nessie.de)
* encode.c: (encode_simple): Only the plain filename without
a given directory is stored in generated packets.
(encode_crypt): Ditto.
* sign.c: (sign_file) Ditto.
Thu Oct 22 10:53:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (update_trust_record): Add new optional arg.
* import.c (import_keys): Add statistics output
* trustdb.c (update_trustdb): Ditto.
(insert_trustdb): Ditto.
* tdbio.c (tdbio_begin_transaction): New.
(tdbio_end_transaction): New.
(tdbio_cancel_transaction): New.
* g10.c (main): New option --quit.
* trustdb.c (check_hint_sig): No tests for user-id w/o sig.
This caused an assert while checking the sigs.
* trustdb.c (upd_sig_record): Splitted into several functions.
* import.c (import_keys): New arg "fast".
* g10.c (main): New command --fast-import.
Wed Oct 21 18:19:36 1998 Michael Roth <mroth@nessie.de>
* ringedit.c (add_keyblock_resource): Directory is now created.
* tdbio.c (tdbio_set_dbname): New info message.
Wed Oct 21 11:52:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (update_trustdb): released keyblock in loop.
* keylist.c (list_block): New.
(list_all): Changed to use list_block.
* trustdb.c: Completed support for GDBM
* sign.c (only_old_style): Changed the way force_v3 is handled
(sign_file): Ditto.
(clearsign_file): Ditto.
* keygen.c (has_invalid_email_chars): Splitted into mailbox and
host part.
* keylist.c (list_one): Add a merge_keys_and_selfsig.
* mainproc.c (proc_tree): Ditto.
Sun Oct 18 11:49:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* sign.c (only_old_style): Add option force_v3_sigs
(sign_file): Fixed a bug in sig->version
(clearsign_file): Ditto.
* parse-packet.c (dump_sig_subpkt): New
* keyedit.c (menu_expire): New.
* free-packet.c (cmp_signatures): New
Sat Oct 17 10:22:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c: changed output line length from 72 to 64.
* keyedit.c (fix_keyblock): New.
Fri Oct 16 10:24:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c: Rewrote most.
* tdbio.c: Add cache and generalized hash tables.
* options.h (ENABLE_COMMENT_PACKETS): New but undef'ed.
* encode.c, sign.c, keygen.c: Disabled comment packets.
* export.c (do_export): Comment packets are never exported,
except for those in the secret keyring.
* g10.c (main): Removed option do-no-export-rsa; should be
be replaced by a secpial tool.
* export.c (do_export): Removed the code for the above option.
* armor.c (find_header): Support for new only_keyblocks.
* import.c (import_keys): Only looks for keyblock armors.
* packet.h: replaced valid_days by expiredate and changed all users.
* build-packet.c (do_public_key): calculates valid-days
(do_secret_key): Ditto.
* parse-packet.c (parse_key): expiredate is calucated from the
valid_period in v3 packets.
* keyid.c (do_fingerprint_md): calculates valid_dates.
* keygen.c (add_key_expire): fixed key expiration time for v4 packets.
* armor.c (find_header): A LF in the first 28 bytes
was skipped for non-armored data.
Thu Oct 8 11:35:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (is_armored): Add test on old comment packets.
* tdbio.c (tdbio_search_dir_bypk): fixed memory leak.
* getkey.c: Changed the caching algorithms.
Wed Oct 7 19:33:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* kbnodes.c (unused_nodes): New.
Wed Oct 7 11:15:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* keyedit.c (sign_uids): Fixed a problem with SK which could caused
a save of an unprotected key.
(menu_adduid): Ditto.
* keyedit.c (keyedit_menu): Prefs are now correctly listed for
new user ids.
* trustdb.c (update_trust_record): New.
(insert_trust_record): Now makes use of update_trust_record.
Tue Oct 6 16:18:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (read_record): replaces most of the tdbio_read_records.
(write_record): Ditto.
Sat Oct 3 11:01:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (ask_alogo): enable ElGamal enc-only only for addmode.
Wed Sep 30 10:15:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* import.c (import_one): Fixed update of wrong keyblock.
Tue Sep 29 08:32:08 1998 me,,, (wk@tobold)
* mainproc.c (proc_plaintext): Display note for special filename.
* plaintext.c (handle_plaintext): Suppress output of special file.
Mon Sep 28 12:57:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (verify_own_keys): Add warning if a key is not protected.
* passphrase (hash_passphrase): Fixed iterated+salted mode and
setup for keysizes > hashsize.
* g10.c (main): New options: --s2k-{cipher,digest,mode}.
Fri Sep 25 09:34:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c: Chnaged some help texts.
Tue Sep 22 19:34:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* passphrase.c (read_passphrase_from_fd): fixed bug for long
passphrases.
Mon Sep 21 11:28:05 1998 Werner Koch (wk@(none))
* getkey.c (lookup): Add code to use the sub key if the primary one
does not match the usage.
* armor.c (armor_filter): New error message: no valid data found.
(radix64_read): Changes to support multiple messages.
(i18n.h): New.
* mainproc.c (add_onepass_sig): bug fix.
Mon Sep 21 08:03:16 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkclist.c (do_we_trust): Add keyid to most messages.
* passphrase.c (read_passphrase_from_fd): New.
(have_static_passphrase): New
(get_passphrase_fd): Removed.
(set_passphrase_fd): Removed.
* g10.c (main): passphrase is now read here.
* keyedit.c (keyedit_menu): "help" texts should now translate fine.
Mon Sep 21 06:40:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* encode.c (encode_simple): Now disables compression
when --rfc1991 is used.
(encode_crypt): Ditto.
Fri Sep 18 16:50:32 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (merge_key_and_selfsig): New.
Fri Sep 18 10:20:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkclist.c (select_algo_from_prefs): Removed 3DES kludge.
* seskey.c (make_session_key): Fixed SERIOUS bug introduced
by adding the weak key detection code.
* sign.c (sign_file): Changed aremor header in certain cases.
Tue Sep 15 17:52:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c (check_sig_and_print): Replaced ascime by asctimestamp.
Mon Sep 14 11:40:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* seskey.c (make_session_key): Now detects weak keys.
* trustdb (clear_trust_checked_flag): New.
* plaintext.c (handle_plaintext): Does no anymore suppress CR from
cleartext signed messages.
Sun Sep 13 12:54:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (insert_trust_record): Fixed a stupid bug in the free
liunked list loops.
Sat Sep 12 15:49:16 1998 Werner Koch (wk@isil.d.shuttle.de)
* status.c (remove_shmid): New.
(init_shm_comprocess): Now sets permission to the real uid.
Wed Sep 9 11:15:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h (PKT_pubkey_enc): New flah throw_keyid, and add logic to
implement it.
* g10.c (main): New Option --throw-keyid
* getkey.c (enum_secret_keys): Add new ar and changed all callers.
Tue Sep 8 20:04:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* delkey.c (delete_key): Moved from keyedit.c.
Mon Sep 7 16:37:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (calc_length_header): New arg new_ctb to correctly
calculate the length of new style packets.
* armor.c (is_armored): Checks for symkey_enc packets.
* pkclist.c (select_algo_from_prefs): 3DEs substitute is now CAST5.
Tue Aug 11 17:54:50 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (do_secret_key): Fixed handling of old keys.
* getkey.c (compare_name): Fixed exact and email matching
* openfile.c (open_outfile): Changed arguments and all callers.
Tue Aug 11 09:14:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* encode.c (encode_simple): Applied option set-filename and comment.
(encode_crypt): Ditto.
* sign.c (sign_file): Ditto.
* armor.c (armor_filter): Applied option comment.
* encode.c (encode_crypt): Moved init_packet to the begin.
(encode_simple): add an init_packet().
* comment (write_comment): Now enforces a hash sign as the 1st byte.
* import.c (import_one): Add explanation for "no user ids".
* compress.c (do_uncompress): Applied Brian Warner's patch to support
zlib 1.1.3 etc.
* trustdb.c (check_trust): Fixed a problem after inserting new keys.
* getkey (lookup): do not return the primary key if usage is given
(lookup_sk): Ditto and take usage into account.
* status.c (cpr_get_answer_is_yes): add display_help.
Mon Aug 10 10:11:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (lookup_sk): Now always returns the primary if arg
primary is true.
(lookup): Likewise.
(get_pubkey_byname): Now returns the primary key
(get_seckey_byname): Ditto.
Mon Aug 10 08:34:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* keyid.c (pubkey_letter): ELG_E is now a small g.
Sat Aug 8 17:26:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* openfile (overwrite_filep): Changed semantics and all callers.
Sat Aug 8 12:17:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* status.c (display_help): New.
Thu Aug 6 16:30:41 1998 Werner Koch,mobil,,, (wk@tobold)
* seskey.c (encode_session_key): Now uses get_random_bits().
Thu Aug 6 07:34:56 1998 Werner Koch,mobil,,, (wk@tobold)
* ringedit.c (keyring_copy): No more backupfiles for
secret keyrings and add additional warning in case of
a failed secret keyring operation.
Wed Aug 5 11:54:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (check_opts): Moved to main. Changed def_cipher_algo
semantics and chnaged all users.
* pubkey-enc.c (get_sssion_key): New informational output
about preferences.
* parse-packet.c (parse_symkeyenc): Fixed salted+iterated S2K
(parse_key): Ditto.
* build-packet.c (do_secret_key): Ditto.
(do_symkey_enc): Ditto.
Tue Aug 4 08:59:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (enum_secret_keys): Now returns only primary keys.
* getkey (lookup): Now sets the new namehash field.
* parse-packet.c (parse_sig_subpkt2): New.
* sign.c (sign_file): one-pass sigs are now emiited reverse.
Preference data is considered when selecting the compress algo.
Wed Jul 29 12:53:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* free-packet.c (copy_signature): New.
* keygen.c (generate_subkeypair): rewritten
* g10.c (aKeyadd): Removed option --add-key
Mon Jul 27 10:37:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* seckey-cert.c (do_check): Additional check on cipher blocksize.
(protect_secret_key): Ditto.
* encr-data.c: Support for other blocksizes.
* cipher.c (write_header): Ditto.
Fri Jul 24 16:47:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* kbnode.c (insert_kbnode): Changed semantics and all callers.
* keyedit.c : More or less a complete rewrite
Wed Jul 22 17:10:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (write_sign_packet_header): New.
Tue Jul 21 14:37:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* import.c (import_one): Now creates a trustdb record.
* g10.c (main): New command --check-trustdb
Mon Jul 20 11:15:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* genkey.c (generate_keypair): Default key is now DSA with
encryption only ElGamal subkey.
Thu Jul 16 10:58:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* keyid.c (keyid_from_fingerprint): New.
* getkey.c (get_pubkey_byfprint): New.
Tue Jul 14 18:09:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* keyid.c (fingerprint_from_pk): Add argument and changed all callers.
(fingerprint_from_sk): Ditto.
Tue Jul 14 10:10:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (handle_plaintext): Now returns create error if
the file could not be created or the user responded not to overwrite
the file.
* mainproc.c (proc_plaintext): Tries again if the file could not
be created to check the signature without output.
* misc.c (disable_core_dumps): New.
* g10.c (main): disable coredumps for gpg
* g10.c (MAINTAINER_OPTIONS): New to disable some options
Mon Jul 13 16:47:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (hash_datafiles): New arg for better support of
detached sigs. Changed all callers.
* mainproc.c (proc_signature_packets): Ditto.
* g10.c (main): New option "compress-sigs"
* sig.c (sign_file): detached signatures are not anymore compressed
unless the option --compress-sigs is used.
Thu Jul 9 19:54:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c: Fixes to allow zero length cleartext signatures
Thu Jul 9 14:52:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (build_list): Now drops setuid.
(main): Changed the way keyrings and algorithms are registered .
Wed Jul 8 14:17:30 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h (PKT_public_key): Add field keyid.
* parse-packet.c (parse_key): Reset the above field.
* keyid.c (keyid_from_pk): Use above field as cache.
* tdbio.c, tdbio.h: New
* trustdb.c: Moved some functions to tdbio.c.
(print_keyid): New.
* pkclist.c (check_signatures_trust): New.
Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (special_md_putc): New.
(handle_plaintext): add clearsig argument
* mainproc.c (proc_plaintext): detection of clearsig
* sign.c (write_dased_escaped): Changed clearsig format
Tue Jul 7 18:56:19 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Now makes sure that there is only one
empty line for clearsigs, as this is what OP now says.
Mon Jul 6 13:09:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New option default-secret-key
* getkey.c (get_seckey_byname): support for this option.
Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (add_keyring): Keyrings are now added to end of the
list of keyrings. The first added keyringwill be created.
(add_secret_keyring): Likewise.
* ringedit.c (add_keyblock_resource): Files are created here.
* g10.c (aNOP): Removed
* getkey.c (lookup): Add checking of usage for name lookups
* packet.h (pubkey_usage): Add a field which may be used to store
usage capabilities.
* pkclist.c (build_pk_list): getkey now called with usage arg.
* skclist.c (build_sk_list): Ditto.
* sign.c (clearsign_file): Fixed "Hash:" headers
Sat Jul 4 13:33:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (list_ownertrust): New.
* g10.c (aListOwnerTrust): New.
* g10.c (def_pubkey_algo): Removed.
* trustdb.c (verify_private_data): Removed and also the call to it.
(sign_private_data): Removed.
Fri Jul 3 13:26:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aEditKey): was aEditSig. Changed usage msg.
* keyedit.c: Done some i18n stuff.
* g10.c (do_not_use_RSA): New.
* sign.c (do_sign): Add call to above function.
* encode.c (write_pubkey_enc_from_list): Ditto.
Thu Jul 2 21:01:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c: Now is able sto store data of unknown
algorithms.
* free-packet.c: Support for this.
* build-packet.c: Can write data of packet with unknown algos.
Thu Jul 2 11:46:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (parse): fixed 4 byte length header
Wed Jul 1 12:36:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h (new_ctb): New field for some packets
* build-packet.c (build_packet): Support for new_ctb
* parse-packet.c (parse): Ditto.
Mon Jun 29 12:54:45 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h: changed all "_cert" to "_key", "subcert" to "subkey".
* free-packet.c (free_packet): Removed memory leak for subkeys.
Sun Jun 28 18:32:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* import.c (import_keys): Renamed from import_pubkeys.
(import_secret_one): New.
* g10.c (aExportSecret): New.
* export.c (export_seckeys): New.
* parse-packet.c (parse_certificate): Cleaned up.
(parse_packet): Trust packets are now considered as unknown.
(parse_pubkey_warning): New.
Fri Jun 26 10:37:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (has_invalid_email_chars): New.
Wed Jun 24 16:40:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (armor_filter): Now creates valid onepass_sig packets
with all detected hash algorithms.
* mainproc.c (proc_plaintext): Now uses the hash algos as specified
in the onepass_sig packets (if there are any)
Mon Jun 22 11:54:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (handle_plaintext): add arg to disable outout
* mainproc.c (proc_plaintext): disable output when in sigs_only mode.
Thu Jun 18 13:17:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c: Removed all rsa packet stuff, chnaged defaults
for key generation.
Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (checksum_u16): Fixed a stupid bug which caused a
wrong checksum calculation for the secret key protection and
add a backward compatibility option.
* g10.c (main): Add option --emulate-checksum-bug.
Thu Jun 11 13:26:44 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h: Major changes to the structure of public key material
which is now stored in an array and not anaymore in a union of
algorithm specific structures. These is needed to make the system
more extendable and makes a lot of stuff much simpler. Changed
all over the system.
* dsa.c, rsa.c, elg.c: Removed.
Wed Jun 10 07:22:02 1998 Werner Koch,mobil,,, (wk@tobold)
* g10.c ("load-extension"): New option.
Mon Jun 8 22:23:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* seckey-cert.c (do_check): Removed cipher constants
(protect_secret_key): Ditto.
Fri May 29 10:00:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (query_trust_info): New.
* keylist.c (list_one): Add output of trust info
* mainproc (list_node): ditto.
* g10.c (main): full trustdb init if -with-colons and any of the
key list modes.
Thu May 28 10:34:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* status.c (STATUS_RSA_OR_IDEA): New.
* sig-check.c (check_signature): Output special status message.
* pubkey-enc.c (get_session_key): Ditto.
* mainproc.c (check_sig_and_print): Changed format of output.
* passpharse.c (passphrase_to_dek): Likewise.
Wed May 27 13:46:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aListSecretKeys): New option --list-secret-keys
* keylist.c (std_key_list): Renamed to public_key_list.
(secret_key_list): New
(list_one, list_all): Add support for secret keys.
* getkey.c (get_secret_keyring): New.
* mainproc.c (list_node): Add option --with-colons for secret keys
* sig-check.c (check_key_signature): detection of selfsigs
* mainproc.c (list_node): fixed listing.
* g10.c (aListSecretKeys): New option --always-trust
* pkclist.c (do_we_trust): Override per option added
* status.c (write_status_text): Add a prefix to every output line.
Wed May 27 07:49:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10 (--compress-keys): New.
* options.h (compress_keys): New.
* export.c (export_pubkeys): Only compresses with the new option.
Tue May 26 11:24:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* passphrase.c (get_last_passphrase): New
(set_next_passphrase): New.
(passphrase_to_dek): add support for the above functions.
* keyedit.c (make_keysig_packet): Add sigclass 0x18,
changed all callers due to a new argument.
* keygen.c (write_keybinding): New
(generate_subkeypair): Add functionality
(ask_algo, ask_keysize, ask_valid_days): Broke out of generate_keypair
(ask_user_id, ask_passphrase): Ditto.
Thu May 21 11:26:13 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c,gpgd.c (main): Does now return an int, so that egcs does
not complain.
* armor.c (fake_packet): Removed erro message and add a noticed
that this part should be fixed.
* sign.c (sign_file): Compression now comes in front of encryption.
* encode.c (encode_simple): Ditto.
(encode_crypt): Ditto.
Tue May 19 16:18:19 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (fake_packet): Changed assertion to log_error
Sat May 16 16:02:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (build_packet): Add SUBKEY packets.
Fri May 15 17:57:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* sign.c (hash_for): New and used in all places here.
* main.h (DEFAULT_): new macros.
* g10.c (opt.def_digest_algo): Now set to 0
* compress.c (init_compress): Add support for algo 1
* options.h (def_compress_algo): New
* g10.c (main): New option --compress-algo
Fri May 15 13:23:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (print_mds): New feature to print only one hash,
chnaged formatting.
Thu May 14 15:36:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (trap_unaligned) [__alpha__]: New
* g10.c (trap_unaligned): Add call to this to track down SIGBUS
on Alphas (to avoid the slow emulation code).
Wed May 13 11:48:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (do_signature): Support for v4 pakets.
* keyedit.c (make_keysig_packet): Ditto.
* build-packet.c (build_sig_subpkt_from_sig): New.
(build_sig_subpkt): New.
* elg.c (g10_elg_sign): removed keyid_from_skc.
* dsa.c (g10_dsa_sign): Ditto.
* rsa.c (g10_rsa_sign): Ditto.
* keyedit.c (make_keysig_packet): Add call to keyid_from_skc
* sign.c (clearsign_file): Support for v4 signatures.
(sign_file): Ditto.
Wed May 6 09:31:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (do_parse): add support for 5 byte length leader.
(parse_subpkt): Ditto.
* build-packet.c (write_new_header): Ditto.
* packet.h (SIGSUBPKT_): New constants.
* parse-packet.c (parse_sig_subpkt): Changed name, made global,
and arg to return packet length, chnaged all callers
Tue May 5 22:11:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (gen_dsa): New.
* build_packet.c (do_secret_cert): Support for DSA
Mon May 4 19:01:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* compress.c: doubled buffer sizes
* parse-packet.c (do_plaintext): now uses iobuf_read/write.
Mon May 4 09:35:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* seskey.c (encode_md_value): Add optional argument hash_algo,
changed all callers.
* passphrase.c (make_dek_from_passphrase): Removed
* (get_passhrase_hash): Changed name to passphrase_to_dek, add arg,
changed all callers.
* all: Introduced the new ELG identifier and added support for the
encryption only one (which is okay to use by GNUPG for signatures).
Sun May 3 17:50:26 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h (PKT_OLD_COMMENT): New name for type 16.
* parse-packet.c (parse_comment): Now uses type 61
Fri May 1 12:44:39 1998 Werner Koch,mobil,,, (wk@tobold)
* packet.h (count): Chnaged s2k count from byte to u32.
* seckey-cert.c (do_check): Changed s2k algo 3 to 4, changed
reading of count.
* build-packet.c (do_secret_cert): ditto.
* parse-packet.c (parse_certificate): ditto.
* parse-packet.c (parse_symkeyenc): New.
* build-packet.c (do_symkey_enc): New.
Thu Apr 30 16:33:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* sign.c (clearsign_file): Fixed "Hash: " armor line.
Tue Apr 28 14:27:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (parse_subpkt): Some new types.
Mon Apr 27 12:53:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Add option --skip-verify.
* mainproc.c (check_sig_and_print): Ditto.
* g10.c (print_mds): Add output for Tiger.
* sign.c (sign_file): Now uses partial length headers if used
in canonical textmode (kludge to fix a bug).
* parse-packet.c (parse_certificate): Changed BLOWFISH id.
* pubkey-enc.c (get_session_key): Ditto.
* seskey.c (make_session_key): Ditto.
* seckey-cert.c (protect_secret_key,do_check): Add BLOWFISH160.
Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold)
* sig-check.c (check_key_signature): Add sig-class 0x14..0x17
* keyedit.c (sign-key): Some changes to start with support of
the above new sig-classes.
Wed Apr 22 09:01:57 1998 Werner Koch,mobil,,, (wk@tobold)
* getkey.c (compare_name): add email matching
Tue Apr 21 16:17:12 1998 Werner Koch,mobil,,, (wk@tobold)
* armor.c (armor_filter): fixed missing last LF before CSUM.
Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* seckey-cert.c (do_check): New; combines all the check functions
into one.
* sign.c: removed all key management functions
* keyedit.c: New.
Thu Apr 9 09:49:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* import.c (chk_self_sigs): Changed an error message.
Wed Apr 8 16:19:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* packet.h: packet structs now uses structs from the pubkey,
removed all copy operations from packet to pubkey structs.
Wed Apr 8 13:40:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (verify_own_certs): Fixed "public key not found".
* getkey.c (key_byname): New, combines public and secret key search.
* pkclist.c (build_pkc_list): Add new arg usage, changed all callers.
* skclist.c (build_skc_list): Likewise.
* ringedit.c (find_keyblock, keyring_search2): Removed.
Wed Apr 8 09:47:21 1998 Werner Koch (wk@isil.d.shuttle.de)
* sig-check.c (do_check): Applied small fix from Ulf Möller.
Tue Apr 7 19:28:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c, encr-data.c, seckey-cert.c: Now uses cipher_xxxx
functions instead of blowfish_xxx or cast_xxx
Tue Apr 7 11:04:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10maint.o): Changed the way it is created.
Mon Apr 6 11:17:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c: New.
* keygen.c (checksum,checksum_u16,checksum_mpi): Moved to misc.c
* seckey-cert.c: Kludge for wrong ELG checksum implementation.
Sat Apr 4 20:07:01 1998 Werner Koch (wk@isil.d.shuttle.de)
* cipher.c (cipher_filter): Support for CAST5
* encr-data.c (decode_filter): Ditto.
(decrypt_data): Ditto.
* seskey.c (make_session_key): Ditto.
* seckey-cert.c (check_elg, check_dsa): Ditto,
(protect_secret_key): Ditto.
* pubkey-enc.c (get_session_key): Ditto.
* passphrase.c (hash_passphrase): Ditto.
Thu Apr 2 20:22:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* gpgd.c: New
Thu Apr 2 10:38:16 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (generate_keypair): Add valid_days stuff.
* trustdb.c (check_trust): Add check for valid_days.
Wed Apr 1 16:15:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (generate_keypair): Addional question whether the
selected large keysize is really needed.
Wed Apr 1 15:56:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* seckey-cert.c (protect_secret_key): merged protect_xxx to here.
Wed Apr 1 10:34:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10maint.c): Changed creation rule, so that it works
on FreeBSD (missing CFLAGS).
* parse-packet.c (parse_subkey): Removed.
Thu Mar 19 15:22:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* ringedit.c (keyring_enum): Fixed problem with reading too
many packets. Add support to read secret keyrings.
* getkey.c (scan_keyring): Removed
(lookup): New to replace scan_keyring.
(scan_secret_keyring): Removed.
(lookup_skc): New.
Wed Mar 18 11:47:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* ringedit.c (enum_keyblocks): New read mode 11.
* keyid.c (elg_fingerprint_md): New and changed all other functions
to call this if the packet version is 4 or above.
Tue Mar 17 20:46:16 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (parse_certificate): Add listing support for subkeys.
Tue Mar 17 20:32:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (is_armored): Allow marker packet.
Thu Mar 12 13:36:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (check_trust): Checks timestamp of pubkey.
* sig-check. (do_check): Compares timestamps.
Tue Mar 10 17:01:56 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Add call to init_signals.
* signal.c: New.
Mon Mar 9 12:43:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* dsa.c: New
* packet.h, free-packet.c, parse-packet.c : Add support for DSA
* sig-check.c, getkey.c, keyid.c, ringedit.c: Ditto.
* seckey-cert.c: Ditto.
* packet.h : Moved .digest_algo of signature packets to outer
structure. Changed all references
Sun Mar 8 13:06:42 1998 Werner Koch (wk@isil.d.shuttle.de)
* openfile.c : Support for stdout filename "-".
* mainproc.c (check_sig_and_print): Enhanced status output:
* status.c (write_status_text): New.
Fri Mar 6 16:10:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* kbnode.c (clone_kbnode): Fixed private_flag.
* mainproc.c (list_node): Output of string "Revoked" as user-id.
Fri Mar 6 14:26:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Add userids to "-kv" and cleaned up this stuff.
Fri Mar 6 12:45:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Changed semantics of the list-... commands
and added a new one. Removed option "-d"
* decrypt.c: New.
* trustdb.c (init_trustdb): Autocreate directory only if it ends
in "/.gnupg".
Thu Mar 5 12:12:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c (do_proc_packets): New. Common part of proc_packet.
(proc_signature_packets): special version to handle signature data.
* verify.c: New.
* g10.c (aVerify): New.
* plaintext.c (hash_datafiles): New.
* compress.c (handle_compressed): Add callback arg, changed caller.
Thu Mar 5 10:20:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c: Is nom the common source for gpg and gpgm
* g10maint.c: Removed
* Makefile.am: Add rule to build g10maint.c
Thu Mar 5 08:43:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Changed the way clear text sigs are faked.
Wed Mar 4 19:47:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10maint.c (aMuttKeyList): New
* keylist.c: New.
Wed Mar 4 17:20:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (get_pubkey_byname): Kludge to allow 0x prefix.
Tue Mar 3 13:46:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10maint.c (main): New option --gen-random.
Tue Mar 3 09:50:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aDeleteSecretKey): New.
(aEditSig): Add option "--edit-key" as synonym for "--edit-sig".
(aDeleteSecretKey): New.
* getkey.c (seckey_available): New.
* sign.c (delete_key): Enhanced to delete secret keys, changed all
callers.
Mon Mar 2 21:23:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkc_list.c (build_pkc_list): Add interactive input of user ID.
Mon Mar 2 20:54:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkclist.c (do_we_trust_pre): New.
(add_ownertrust): Add message.
* trustdb.c (enum_trust_web): Quick fix.
Mon Mar 2 13:50:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New action aDeleteKey
* sign.c (delete_key): New.
Sun Mar 1 16:38:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (do_check): No returns TRUST_UNDEFINED instead of
eof error.
Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Removed trailing CR on headers.
Fri Feb 27 18:02:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* ringedit.c (keyring_search) [MINGW32]: Open and close file here
because rename does not work on open files. Chnaged callers.
Fri Feb 27 16:43:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* sig-check.c (do_check): Add an md_enable.
* mainproc.c (do_check_sig): Use md_open in case of detached sig
(proc_tree): Take detached sigs into account.
Fri Feb 27 15:22:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Make use of GNUPGHOME envvar.
* g10main.c (main): Ditto.
Wed Feb 25 11:40:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (ask_for_detached_datafile): add opt.verbose to
info output.
* openfile.c (open_sigfile): Try also name ending in ".asc"
Wed Feb 25 08:41:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c (generate_keypair): Fixed memory overflow.
Tue Feb 24 15:51:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (parse_certificate): Support for S2K.
* build-packet.c (do_secret_cert): Ditto.
* keygen.c (gen_elg): Ditto.
* seckey-cert.c (check_elg): Ditto
(protect_elg): Ditto.
* sign.c (chnage_passphrase): Ditto.
* passphrase.c (get_passphrase_hash): Support for a salt and
changed all callers.
(make_dek_from_passphrase): Ditto.
Tue Feb 24 12:30:56 1998 Werner Koch (wk@isil.d.shuttle.de)
* build-packet.c (hash_public_cert): Disabled debug output.
Fri Feb 20 17:22:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (init_trustdb) [MINGW32]: Removed 2nd mkdir arg.
(keyring_copy) [MINGW32]: Add a remove prior to the renames.
Wed Feb 18 18:39:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (OMIT_DEPENDENCIES): New.
* rsa.c: Replaced log_bug by BUG.
Wed Feb 18 13:35:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c (do_check_sig): Now uses hash_public_cert.
* parse-packet.c (parse_certificate): Removed hashing.
* packet.h (public_cert): Removed hash variable.
* free-packet.c (copy_public_cert, free_public_cert): Likewise.
* sig-check.c (check_key_signatures): Changed semantics.
Wed Feb 18 12:11:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (do_check): Add handling for revocation certificates.
(build_sigrecs): Ditto.
(check_sigs): Ditto.
Wed Feb 18 09:31:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (armor_filter): Add afx->hdrlines.
* revoke.c (gen_revoke): Add comment line.
* dearmor.c (enarmor_file): Ditto.
* sig-check.c (check_key_signature): Add handling for class 0x20.
* mainproc.c : Ditto.
Tue Feb 17 21:24:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c : Add header lines "...ARMORED FILE .."
* dearmor.c (enarmor_file): New.
* g10maint.c (main): New option "--enarmor"
Tue Feb 17 19:03:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c : Changed a lot, because the packets are now stored
a simple linlked list and not anymore in a complicatd tree structure.
Tue Feb 17 10:14:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* free_packet.c (cmp_public_certs): New.
(cmp_user_ids): New.
* kbnode.c (clone_kbnode): New.
(release_kbnode): Add clone support.
* ringedit.c (find_keyblock_bypkc): New.
* sign.c (remove_keysigs): Self signatures are now skipped,
changed arguments and all callers.
* import.c : Add functionality.
Tue Feb 17 09:31:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* options.h (homedir): New option.
* g10.c, g10maint.c, getkey.c, keygen.c, trustdb.c (opt.homedir): New.
* trustdb.c (init_trustdb): mkdir for hoem directory
(sign_private_data): Renamed "sig" to "g10.sig"
Mon Feb 16 20:02:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* kbnode.c (commit_kbnode): New.
(delete_kbnode): removed unused first arg. Changed all Callers.
* ringedit.c (keyblock_resource_name): New.
(get_keyblock_handle): NULL for filename returns default resource.
Mon Feb 16 19:38:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* sig-check.s (check_key_signature): Now uses the supplied
public key to check the signature and not any more the one
from the getkey.c
(do_check): New.
(check_signature): Most work moved to do_check.
Mon Feb 16 14:48:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Fixed another bug.
Mon Feb 16 12:18:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (scan_keyring): Add handling of compressed keyrings.
Mon Feb 16 10:44:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c, g10maint.c (strusage): Rewrote.
(build_list): New
Mon Feb 16 08:58:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (use_armor): New.
Sat Feb 14 14:30:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* mainproc.c (proc_tree): Sigclass fix.
Sat Feb 14 14:16:33 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (armor_filter): Changed version and comment string.
* encode.c, sign.c, keygen.c: Changed all comment packet strings.
Sat Feb 14 12:39:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (aGenRevoke): New command.
* revoke.c: New.
* sign.c (make_keysig_packet): Add support for sigclass 0x20.
Fri Feb 13 20:18:14 1998 Werner Koch (wk@isil.d.shuttle.de)
* ringedit.c (enum_keyblocks, keyring_enum): New.
Fri Feb 13 19:33:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* export.c: Add functionality.
* keygen.c (generate_keypair): Moved the leading comment behind the
key packet.
* kbnode.c (walk_kbnode): Fixed.
* g10.c (main): listing armored keys now work.
Fri Feb 13 16:17:43 1998 Werner Koch (wk@isil.d.shuttle.de)
* parse-packet.c (parse_publickey, parse_signature): Fixed calls
to mpi_read used for ELG b.
Fri Feb 13 15:13:23 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): changed formatting of help output.
Thu Feb 12 22:24:42 1998 Werner Koch (wk@frodo)
* pubkey-enc.c (get_session_key): rewritten
Copyright 1998,1999,2000,2001,2002 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/g10/Makefile.am b/g10/Makefile.am
index f59cd8b2d..13ac50b6d 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -1,125 +1,125 @@
# Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
#
# This file is part of GnuPG.
#
# GnuPG is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
## Process this file with automake to produce Makefile.in
INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
EXTRA_DIST = options.skel
# it seems that we can't use this with automake 1.5
#OMIT_DEPENDENCIES = zlib.h zconf.h
-LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
+LDFLAGS = @LDFLAGS@
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
#noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgv
common_source = \
global.h \
build-packet.c \
compress.c \
filter.h \
free-packet.c \
getkey.c \
keydb.c keydb.h \
keyring.c keyring.h \
seskey.c \
kbnode.c \
main.h \
mainproc.c \
armor.c \
mdfilter.c \
textfilter.c \
misc.c \
options.h \
openfile.c \
keyid.c \
packet.h \
parse-packet.c \
comment.c \
status.c \
status.h \
plaintext.c \
sig-check.c \
keylist.c \
signal.c
gpg_SOURCES = g10.c \
$(common_source) \
pkclist.c \
skclist.c \
pubkey-enc.c \
passphrase.c \
seckey-cert.c \
encr-data.c \
cipher.c \
encode.c \
sign.c \
verify.c \
revoke.c \
decrypt.c \
keyedit.c \
dearmor.c \
import.c \
export.c \
hkp.h \
hkp.c \
trustdb.c \
trustdb.h \
tdbdump.c \
tdbio.c \
tdbio.h \
delkey.c \
keygen.c \
pipemode.c \
helptext.c \
keyserver.c \
keyserver-internal.h \
photoid.c photoid.h \
exec.c exec.h
gpgv_SOURCES = gpgv.c \
$(common_source) \
verify.c
#gpgd_SOURCES = gpgd.c \
# ks-proto.h \
# ks-proto.c \
# ks-db.c \
# ks-db.h \
# $(common_source)
LDADD = $(needed_libs) @ZLIBS@ @INTLLIBS@
# gpg gets LIBOBJS to add in mkdtemp if the platform doesn't have it
gpg_LDADD = @LIBOBJS@ $(LDADD) @NETLIBS@
$(PROGRAMS): $(needed_libs)
install-data-local:
$(mkinstalldirs) $(DESTDIR)$(pkgdatadir)
$(INSTALL_DATA) $(srcdir)/options.skel \
$(DESTDIR)$(pkgdatadir)/options.skel
@set -e;\
if test -f $(DESTDIR)$(bindir)/gpgm ; then \
echo "removing obsolete gpgm binary" ; \
rm $(DESTDIR)$(bindir)/gpgm ; \
fi
diff --git a/include/cipher.h b/include/cipher.h
index 634569199..7ad3772ba 100644
--- a/include/cipher.h
+++ b/include/cipher.h
@@ -1,194 +1,194 @@
/* cipher.h
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_CIPHER_H
#define G10_CIPHER_H
#define DBG_CIPHER g10c_debug_mode
#include "mpi.h"
#include "../cipher/random.h"
#define CIPHER_ALGO_NONE 0
#define CIPHER_ALGO_IDEA 1
#define CIPHER_ALGO_3DES 2
#define CIPHER_ALGO_CAST5 3
#define CIPHER_ALGO_BLOWFISH 4 /* blowfish 128 bit key */
#define CIPHER_ALGO_SAFER_SK128 5
#define CIPHER_ALGO_DES_SK 6
#define CIPHER_ALGO_RIJNDAEL 7
#define CIPHER_ALGO_RIJNDAEL192 8
#define CIPHER_ALGO_RIJNDAEL256 9
#define CIPHER_ALGO_TWOFISH 10 /* twofish 256 bit */
#define CIPHER_ALGO_SKIPJACK 101 /* experimental: skipjack */
#define CIPHER_ALGO_TWOFISH_OLD 102 /* experimental: twofish 128 bit */
#define CIPHER_ALGO_DUMMY 110 /* no encryption at all */
#define PUBKEY_ALGO_RSA 1
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */
#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not for v3)*/
#define PUBKEY_ALGO_DSA 17
#define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */
#define PUBKEY_USAGE_SIG 1 /* key is good for signatures */
#define PUBKEY_USAGE_ENC 2 /* key is good for encryption */
#define PUBKEY_USAGE_CERT 4 /* key is also good to certify other keys*/
#define DIGEST_ALGO_MD5 1
#define DIGEST_ALGO_SHA1 2
#define DIGEST_ALGO_RMD160 3
#define DIGEST_ALGO_TIGER 6
#define is_RSA(a) ((a)==PUBKEY_ALGO_RSA || (a)==PUBKEY_ALGO_RSA_E \
|| (a)==PUBKEY_ALGO_RSA_S )
#define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL || (a)==PUBKEY_ALGO_ELGAMAL_E)
typedef struct {
int algo;
int keylen;
int algo_info_printed;
int use_mdc;
byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK;
struct cipher_handle_s;
typedef struct cipher_handle_s *CIPHER_HANDLE;
#define CIPHER_MODE_ECB 1
#define CIPHER_MODE_CFB 2
#define CIPHER_MODE_PHILS_CFB 3
#define CIPHER_MODE_AUTO_CFB 4
#define CIPHER_MODE_DUMMY 5 /* used with algo DUMMY for no encryption */
#define CIPHER_MODE_CBC 6
struct md_digest_list_s;
struct gcry_md_context {
int secure;
FILE *debug;
int finalized;
struct md_digest_list_s *list;
int bufcount;
int bufsize;
byte buffer[1];
};
typedef struct gcry_md_context *MD_HANDLE;
#ifndef EXTERN_UNLESS_MAIN_MODULE
#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
#define EXTERN_UNLESS_MAIN_MODULE extern
#else
#define EXTERN_UNLESS_MAIN_MODULE
#endif
#endif
EXTERN_UNLESS_MAIN_MODULE int g10c_debug_mode;
EXTERN_UNLESS_MAIN_MODULE int g10_opt_verbose;
EXTERN_UNLESS_MAIN_MODULE const char *g10_opt_homedir;
/*-- dynload.c --*/
void register_cipher_extension( const char *mainpgm, const char *fname );
/*-- md.c --*/
int string_to_digest_algo( const char *string );
const char * digest_algo_to_string( int algo );
int check_digest_algo( int algo );
MD_HANDLE md_open( int algo, int secure );
void md_enable( MD_HANDLE hd, int algo );
MD_HANDLE md_copy( MD_HANDLE a );
void md_reset( MD_HANDLE a );
void md_close(MD_HANDLE a);
void md_write( MD_HANDLE a, const byte *inbuf, size_t inlen);
void md_final(MD_HANDLE a);
byte *md_read( MD_HANDLE a, int algo );
int md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen );
int md_get_algo( MD_HANDLE a );
int md_digest_length( int algo );
const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
void md_start_debug( MD_HANDLE a, const char *suffix );
void md_stop_debug( MD_HANDLE a );
#define md_is_secure(a) ((a)->secure)
#define md_putc(h,c) \
do { \
if( (h)->bufcount == (h)->bufsize ) \
md_write( (h), NULL, 0 ); \
(h)->buffer[(h)->bufcount++] = (c) & 0xff; \
} while(0)
-/*-- rmd160.c --*/
-void rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length );
+
+void rmd160_hash_buffer (char *outbuf, const char *buffer, size_t length);
/*-- cipher.c --*/
int string_to_cipher_algo( const char *string );
const char * cipher_algo_to_string( int algo );
void disable_cipher_algo( int algo );
int check_cipher_algo( int algo );
unsigned cipher_get_keylen( int algo );
unsigned cipher_get_blocksize( int algo );
CIPHER_HANDLE cipher_open( int algo, int mode, int secure );
void cipher_close( CIPHER_HANDLE c );
int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen );
void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen );
void cipher_encrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_decrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_sync( CIPHER_HANDLE c );
/*-- pubkey.c --*/
#define PUBKEY_MAX_NPKEY 4
#define PUBKEY_MAX_NSKEY 6
#define PUBKEY_MAX_NSIG 2
#define PUBKEY_MAX_NENC 2
int string_to_pubkey_algo( const char *string );
const char * pubkey_algo_to_string( int algo );
void disable_pubkey_algo( int algo );
int check_pubkey_algo( int algo );
int check_pubkey_algo2( int algo, unsigned use );
int pubkey_get_npkey( int algo );
int pubkey_get_nskey( int algo );
int pubkey_get_nsig( int algo );
int pubkey_get_nenc( int algo );
unsigned pubkey_nbits( int algo, MPI *pkey );
int pubkey_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
int pubkey_check_secret_key( int algo, MPI *skey );
int pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey );
int pubkey_decrypt( int algo, MPI *result, MPI *data, MPI *skey );
int pubkey_sign( int algo, MPI *resarr, MPI hash, MPI *skey );
int pubkey_verify( int algo, MPI hash, MPI *data, MPI *pkey,
int (*cmp)(void *, MPI), void *opaque );
/*-- smallprime.c --*/
extern ushort small_prime_numbers[];
/*-- primegen.c --*/
void register_primegen_progress ( void (*cb)( void *, int), void *cb_data );
MPI generate_secret_prime( unsigned nbits );
MPI generate_public_prime( unsigned nbits );
MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
MPI g, MPI **factors );
/*-- elsewhere --*/
void register_pk_dsa_progress ( void (*cb)( void *, int), void *cb_data );
void register_pk_elg_progress ( void (*cb)( void *, int), void *cb_data );
#endif /*G10_CIPHER_H*/

File Metadata

Mime Type
text/x-diff
Expires
Fri, Mar 13, 10:19 PM (1 d, 4 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
04/66/315019ec124ad971eb94d9e1bfa0

Event Timeline