diff options
| author | Werner Koch <[email protected]> | 1999-11-19 16:11:37 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 1999-11-19 16:11:37 +0000 |
| commit | 2694bceb45f71b7808aec66f30d8ee720a92eb67 (patch) | |
| tree | 358ee56c220c853334ec604d653c3483be72ff2f /cipher | |
| parent | See ChangeLog: Mon Nov 15 21:36:02 CET 1999 Werner Koch (diff) | |
| download | gnupg-2694bceb45f71b7808aec66f30d8ee720a92eb67.tar.gz gnupg-2694bceb45f71b7808aec66f30d8ee720a92eb67.zip | |
See ChangeLog: Fri Nov 19 17:15:20 CET 1999 Werner Koch
Diffstat (limited to 'cipher')
| -rw-r--r-- | cipher/ChangeLog | 21 | ||||
| -rw-r--r-- | cipher/cipher.c | 8 | ||||
| -rw-r--r-- | cipher/dsa.c | 6 | ||||
| -rw-r--r-- | cipher/dynload.c | 37 | ||||
| -rw-r--r-- | cipher/elgamal.c | 8 | ||||
| -rw-r--r-- | cipher/md.c | 1 | ||||
| -rw-r--r-- | cipher/md5.c | 2 | ||||
| -rw-r--r-- | cipher/primegen.c | 13 | ||||
| -rw-r--r-- | cipher/pubkey.c | 1 | ||||
| -rw-r--r-- | cipher/random.c | 11 | ||||
| -rw-r--r-- | cipher/rmd160.c | 2 | ||||
| -rw-r--r-- | cipher/rndegd.c | 41 | ||||
| -rw-r--r-- | cipher/rndlinux.c | 15 | ||||
| -rw-r--r-- | cipher/rndunix.c | 2 | ||||
| -rw-r--r-- | cipher/rndw32.c | 1 | ||||
| -rw-r--r-- | cipher/sha1.c | 2 | ||||
| -rw-r--r-- | cipher/smallprime.c | 1 | ||||
| -rw-r--r-- | cipher/tiger.c | 2 | ||||
| -rw-r--r-- | cipher/twofish.c | 1 |
19 files changed, 103 insertions, 72 deletions
diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 8231cbedb..bfe180d9f 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,24 @@ +Fri Nov 19 17:15:20 CET 1999 Werner Koch <[email protected]> + + * dynload.c (cmp_filenames): New to replaced compare_filename() in + module. + (register_cipher_extension): Removed the tilde expansion stuff. + * rndeg.c (my_make_filename): New. + + * : Replaced header util.h by g10lib.h + + * random.c (gather_faked): Replaced make_timestamp by time(2). + Disabled wrning printed with tty_printf. + * rndlinux.c (gather_random): Always use fprintf instead of tty_xxx; + this should be replaced by a callback function. + + * primegen.c (gen_prime): Use gcry_mpi_randomize. + (is_prime): Ditto. + * elgamal.c (test_keys): Ditto. + * dsa.c (test_keys): Ditto. + + * cipher.c (gcry_cipher_close): Die on invalid handle. + Mon Nov 15 21:36:02 CET 1999 Werner Koch <[email protected]> * elgamal.c (gen_k): Use the new random API. diff --git a/cipher/cipher.c b/cipher/cipher.c index 0a1ad604f..1a7a65845 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "des.h" #include "blowfish.h" @@ -418,10 +417,9 @@ gcry_cipher_close( GCRY_CIPHER_HD h ) { if( !h ) return; - if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) { - fatal_invalid_arg("gcry_cipher_close: already closed/invalid handle"); - return; - } + if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) + g10_fatal_error(GCRYERR_INTERNAL, + "gcry_cipher_close: already closed/invalid handle"); h->magic = 0; g10_free(h); } diff --git a/cipher/dsa.c b/cipher/dsa.c index 91c797c40..903625c11 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -24,7 +24,6 @@ #include <string.h> #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "dsa.h" @@ -130,10 +129,7 @@ test_keys( DSA_secret_key *sk, unsigned qbits ) pk.q = sk->q; pk.g = sk->g; pk.y = sk->y; - { char *p = gcry_random_bytes( (qbits+7)/8, GCRY_WEAK_RANDOM ); - mpi_set_buffer( test, p, (qbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( test, qbits, GCRY_WEAK_RANDOM ); sign( out1_a, out1_b, test, sk ); if( !verify( out1_a, out1_b, test, &pk ) ) diff --git a/cipher/dynload.c b/cipher/dynload.c index 962b398a4..262325c71 100644 --- a/cipher/dynload.c +++ b/cipher/dynload.c @@ -32,7 +32,6 @@ #include <errno.h> #endif #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "dynload.h" @@ -102,6 +101,20 @@ static int dld_available; #endif +static int +cmp_filenames( const char *a, const char *b ) +{ + /* ? check whether this is an absolute filename and + * resolve symlinks? + */ + #ifdef HAVE_DRIVE_LETTERS + return stricmp(a,b); + #else + return strcmp(a,b); + #endif +} + + /**************** * Register an extension module. The last registered module will * be loaded first. A name may have a list of classes @@ -125,21 +138,9 @@ register_cipher_extension( const char *mainpgm, const char *fname ) if( !mainpgm_path && mainpgm && *mainpgm ) mainpgm_path = m_strdup(mainpgm); #endif - if( *fname != '/' ) { /* do tilde expansion etc */ - char *tmp; - - if( strchr(fname, '/') ) - tmp = make_filename(fname, NULL); - else - tmp = make_filename(GNUPG_LIBDIR, fname, NULL); - el = g10_xcalloc( 1, sizeof *el + strlen(tmp) ); - strcpy(el->name, tmp ); - g10_free(tmp); - } - else { - el = g10_xcalloc( 1, sizeof *el + strlen(fname) ); - strcpy(el->name, fname ); - } + el = g10_xcalloc( 1, sizeof *el + strlen(fname) ); + strcpy(el->name, fname ); + /* check whether we have a class hint */ if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) { *p = *pe = 0; @@ -151,7 +152,7 @@ register_cipher_extension( const char *mainpgm, const char *fname ) /* check that it is not already registered */ intex = NULL; for(r = extensions; r; r = r->next ) { - if( !compare_filenames(r->name, el->name) ) { + if( !cmp_filenames(r->name, el->name) ) { log_info("extension `%s' already registered\n", el->name ); g10_free(el); return; @@ -187,7 +188,7 @@ register_internal_cipher_extension( /* check that it is not already registered */ for(r = extensions; r; r = r->next ) { - if( !compare_filenames(r->name, el->name) ) { + if( !cmp_filenames(r->name, el->name) ) { log_info("extension `%s' already registered\n", el->name ); g10_free(el); return; diff --git a/cipher/elgamal.c b/cipher/elgamal.c index d57906457..f88aa91d3 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -27,7 +27,6 @@ #include <stdlib.h> #include <string.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "elgamal.h" @@ -77,12 +76,7 @@ test_keys( ELG_secret_key *sk, unsigned nbits ) pk.g = sk->g; pk.y = sk->y; - /*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/ - { char *p = gcry_random_bytes( (nbits+7)/8, GCRY_WEAK_RANDOM ); - mpi_set_buffer( test, p, (nbits+7)/8, 0 ); - g10_free(p); - } - + gcry_mpi_randomize( test, nbits, GCRY_WEAK_RANDOM ); encrypt( out1_a, out1_b, test, &pk ); decrypt( out2, out1_a, out1_b, sk ); diff --git a/cipher/md.c b/cipher/md.c index 480954a67..bc9c6e867 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "dynload.h" #include "rmd.h" diff --git a/cipher/md5.c b/cipher/md5.c index bb930d042..161d44300 100644 --- a/cipher/md5.c +++ b/cipher/md5.c @@ -33,7 +33,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "dynload.h" diff --git a/cipher/primegen.c b/cipher/primegen.c index 5dc1e1a41..cb7327a4a 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -29,7 +29,6 @@ #include <string.h> #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" @@ -307,10 +306,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel ) int dotcount=0; /* generate a random number */ - { char *p = get_random_bits( nbits, randomlevel, secret ); - mpi_set_buffer( prime, p, (nbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( prime, nbits, randomlevel ); /* set high order bit to 1, set low order bit to 1 */ mpi_set_highbit( prime, nbits-1 ); @@ -434,11 +430,8 @@ is_prime( MPI n, int steps, int *count ) mpi_set_ui( x, 2 ); } else { - /*mpi_set_bytes( x, nbits-1, get_random_byte, 0 );*/ - { char *p = get_random_bits( nbits, 0, 0 ); - mpi_set_buffer( x, p, (nbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM ); + /* make sure that the number is smaller than the prime * and keep the randomness of the high bit */ if( mpi_test_bit( x, nbits-2 ) ) { diff --git a/cipher/pubkey.c b/cipher/pubkey.c index b77ebffaa..49f4773e2 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "elgamal.h" diff --git a/cipher/random.c b/cipher/random.c index d80b870b4..78c9ecdaa 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -46,7 +46,6 @@ #include <sys/resource.h> #endif #include "g10lib.h" -#include "util.h" #include "rmd.h" #include "ttyio.h" #include "random.h" @@ -463,14 +462,20 @@ gather_faked( void (*add)(const void*, size_t, int), int requester, if( !initialized ) { log_info(_("WARNING: using insecure random number generator!!\n")); + /* we can't use tty_printf here - do we need this function at + all - does it really make sense or canit be viewed as a potential + security problem ? wk 17.11.99 */ + #warning Extended warning disabled + #if 0 tty_printf(_("The random number generator is only a kludge to let\n" "it run - it is in no way a strong RNG!\n\n" "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n")); + #endif initialized=1; #ifdef HAVE_RAND - srand(make_timestamp()*getpid()); + srand( time(NULL) * getpid()); #else - srandom(make_timestamp()*getpid()); + srandom( time(NULL) * getpid()); #endif } diff --git a/cipher/rmd160.c b/cipher/rmd160.c index ecd65b35d..7b230087f 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -23,7 +23,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "rmd.h" #include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */ diff --git a/cipher/rndegd.c b/cipher/rndegd.c index d6a6a3943..36c8b4e3d 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -32,7 +32,6 @@ #include <sys/un.h> #include "types.h" #include "g10lib.h" -#include "util.h" #include "ttyio.h" #include "dynload.h" #include "cipher.h" @@ -41,6 +40,44 @@ #define offsetof(type, member) ((size_t) &((type *)0)->member) #endif + +/* FIXME: this is duplicated code from util/fileutil + * I don't think that this code should go into libgcrypt anyway. + */ +char * +my_make_filename( const char *first_part, ... ) +{ + va_list arg_ptr ; + size_t n; + const char *s; + char *name, *home, *p; + + va_start( arg_ptr, first_part ) ; + n = strlen(first_part)+1; + while( (s=va_arg(arg_ptr, const char *)) ) + n += strlen(s) + 1; + va_end(arg_ptr); + + home = NULL; + if( *first_part == '~' && first_part[1] == '/' + && (home = getenv("HOME")) && *home ) + n += strlen(home); + + name = m_alloc(n); + p = home ? stpcpy(stpcpy(name,home), first_part+1) + : stpcpy(name, first_part); + va_start( arg_ptr, first_part ) ; + while( (s=va_arg(arg_ptr, const char *)) ) + p = stpcpy(stpcpy(p,"/"), s); + va_end(arg_ptr); + + return name; +} + + + + + static int do_write( int fd, void *buf, size_t nbytes ) { @@ -104,7 +141,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester, } } if( fd == -1 ) { - char *name = make_filename( g10_opt_homedir, "entropy", NULL ); + char *name = my_make_filename( g10_opt_homedir, "entropy", NULL ); struct sockaddr_un addr; int addr_len; diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c index 63befd251..d25abcd31 100644 --- a/cipher/rndlinux.c +++ b/cipher/rndlinux.c @@ -41,8 +41,7 @@ #endif #endif #include "types.h" -#include "g10lib.h" /* need this for i18n */ -#include "util.h" +#include "g10lib.h" #include "ttyio.h" #include "dynload.h" @@ -121,12 +120,9 @@ gather_random( void (*add)(const void*, size_t, int), int requester, tv.tv_sec = 3; tv.tv_usec = 0; if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { + #warning FIXME: Replace fprintf by a callback if( !warn ) - #ifdef IS_MODULE fprintf(stderr, - #else - tty_printf( - #endif _("\n" "Not enough random bytes available. Please do some other work to give\n" "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length ); @@ -134,12 +130,7 @@ _("\n" continue; } else if( rc == -1 ) { - #ifdef IS_MODULE - fprintf(stderr, - #else - tty_printf( - #endif - "select() error: %s\n", strerror(errno)); + fprintf(stderr, "select() error: %s\n", strerror(errno)); continue; } diff --git a/cipher/rndunix.c b/cipher/rndunix.c index 849f1e007..4ab9f65f6 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -97,7 +97,7 @@ #ifndef IS_MODULE #include "dynload.h" #endif -#include "util.h" +#include "g10lib.h" #ifndef EAGAIN #define EAGAIN EWOULDBLOCK diff --git a/cipher/rndw32.c b/cipher/rndw32.c index d7801e391..c1045851f 100644 --- a/cipher/rndw32.c +++ b/cipher/rndw32.c @@ -29,7 +29,6 @@ #include "types.h" #include "g10lib.h" -#include "util.h" #include "dynload.h" diff --git a/cipher/sha1.c b/cipher/sha1.c index 40ad62f1f..f231e37b0 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -36,7 +36,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "dynload.h" #include "bithelp.h" diff --git a/cipher/smallprime.c b/cipher/smallprime.c index 8187aa768..d50e31740 100644 --- a/cipher/smallprime.c +++ b/cipher/smallprime.c @@ -21,7 +21,6 @@ #include <config.h> #include <stdio.h> #include <stdlib.h> -#include "util.h" #include "types.h" /* Note: 2 is not included because it can be tested more easily diff --git a/cipher/tiger.c b/cipher/tiger.c index 0765f0bbd..0e42160a5 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -23,7 +23,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" diff --git a/cipher/twofish.c b/cipher/twofish.c index 42eed8bf2..1eea4b8e4 100644 --- a/cipher/twofish.c +++ b/cipher/twofish.c @@ -28,7 +28,6 @@ #include "types.h" /* for byte and u32 typedefs */ #include "g10lib.h" -#include "util.h" #include "dynload.h" |