diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 19 | ||||
| -rw-r--r-- | g10/Makefile.in | 20 | ||||
| -rw-r--r-- | g10/armor.c | 9 | ||||
| -rw-r--r-- | g10/build-packet.c | 2 | ||||
| -rw-r--r-- | g10/g10.c | 24 | ||||
| -rw-r--r-- | g10/mainproc.c | 5 | ||||
| -rw-r--r-- | g10/options.h | 2 | ||||
| -rw-r--r-- | g10/parse-packet.c | 10 | ||||
| -rw-r--r-- | g10/pkclist.c | 2 | ||||
| -rw-r--r-- | g10/pubkey-enc.c | 10 | ||||
| -rw-r--r-- | g10/seckey-cert.c | 2 | ||||
| -rw-r--r-- | g10/seskey.c | 17 | ||||
| -rw-r--r-- | g10/sign.c | 8 |
13 files changed, 93 insertions, 37 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index e95394f96..a5a012c80 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,22 @@ +Tue Apr 28 14:27:42 1998 Werner Koch ([email protected]) + + * parse-packet.c (parse_subpkt): Some new types. + +Mon Apr 27 12:53:59 1998 Werner Koch ([email protected]) + + * g10.c (main): Add option --skip-verify. + * mainproc.c (check_sig_and_print): Ditto. + + * g10.c (print_mds): Add output for Tiger. + + * sign.c (sign_file): Now uses partial length headers if used + in canonical textmode (kludge to fix a bug). + + * parse-packet.c (parse_certificate): Changed BLOWFISH id. + * pubkey-enc.c (get_session_key): Ditto. + * seskey.c (make_session_key): Ditto. + * seckey-cert.c (protect_secret_key,do_check): Add BLOWFISH160. + Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold) * sig-check.c (check_key_signature): Add sig-class 0x14..0x17 diff --git a/g10/Makefile.in b/g10/Makefile.in index 8574f6c07..d954b680c 100644 --- a/g10/Makefile.in +++ b/g10/Makefile.in @@ -61,16 +61,36 @@ host_alias = @host_alias@ host_triplet = @host@ target_alias = @target_alias@ target_triplet = @target@ +CATALOGS = @CATALOGS@ +CATOBJEXT = @CATOBJEXT@ CC = @CC@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CPP = @CPP@ +DATADIRNAME = @DATADIRNAME@ G10_LOCALEDIR = @G10_LOCALEDIR@ +GENCAT = @GENCAT@ +GMOFILES = @GMOFILES@ +GMSGFMT = @GMSGFMT@ +GT_NO = @GT_NO@ +GT_YES = @GT_YES@ +INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@ +INSTOBJEXT = @INSTOBJEXT@ +INTLDEPS = @INTLDEPS@ +INTLLIBS = @INTLLIBS@ +INTLOBJS = @INTLOBJS@ +MKINSTALLDIRS = @MKINSTALLDIRS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ +MSGFMT = @MSGFMT@ PACKAGE = @PACKAGE@ +POFILES = @POFILES@ +POSUB = @POSUB@ RANLIB = @RANLIB@ +USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@ +USE_NLS = @USE_NLS@ VERSION = @VERSION@ ZLIBS = @ZLIBS@ +l = @l@ INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl EXTRA_DIST = OPTIONS pubring.asc diff --git a/g10/armor.c b/g10/armor.c index 7617415cb..462dc17b3 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -976,7 +976,7 @@ armor_filter( void *opaque, int control, iobuf_put(a, c); c = bintoasc[radbuf[2]&077]; iobuf_put(a, c); - if( ++idx2 > (72/4) ) { + if( ++idx2 >= (72/4) ) { iobuf_put(a, '\n'); idx2=0; } @@ -1015,10 +1015,13 @@ armor_filter( void *opaque, int control, iobuf_put(a, c); iobuf_put(a, '='); } - ++idx2; + if( ++idx2 >= (72/4) ) { + iobuf_put(a, '\n'); + idx2=0; + } } /* may need a linefeed */ - if( idx2 <= (72/4) ) + if( idx2 ) iobuf_put(a, '\n'); /* write the CRC */ iobuf_put(a, '='); diff --git a/g10/build-packet.c b/g10/build-packet.c index 583752eb3..8d897ca88 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -289,8 +289,6 @@ do_secret_cert( IOBUF out, int ctb, PKT_secret_cert *skc ) mpi_write(a, skc->d.rsa.n ); mpi_write(a, skc->d.rsa.e ); if( skc->is_protected ) { - assert( skc->protect.algo == CIPHER_ALGO_BLOWFISH - || skc->protect.algo == CIPHER_ALGO_CAST ); iobuf_put(a, skc->protect.algo ); iobuf_write(a, skc->protect.iv, 8 ); } @@ -160,7 +160,7 @@ static ARGPARSE_OPTS opts[] = { { 551, "list-key", 0, "\r" }, /* alias */ { 552, "list-sig", 0, "\r" }, /* alias */ { 508, "check-sig",0, "\r" }, /* alias */ - + { 553, "skip-verify",0, "\r" }, {0} }; @@ -258,11 +258,11 @@ build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) ) size_t n=strlen(text)+2; char *list, *p; - for(i=1; i < 100; i++ ) + for(i=1; i < 110; i++ ) if( !chkf(i) && (s=mapf(i)) ) n += strlen(s) + 2; list = m_alloc( 21 + n ); *list = 0; - for(p=NULL, i=1; i < 100; i++ ) { + for(p=NULL, i=1; i < 110; i++ ) { if( !chkf(i) && (s=mapf(i)) ) { if( !p ) p = stpcpy( list, text ); @@ -573,6 +573,7 @@ main( int argc, char **argv ) case 549: opt.with_colons=':'; break; case 551: set_cmd( &cmd, aListKeys); break; case 552: set_cmd( &cmd, aListSigs); break; + case 553: opt.skip_verify=1; break; default : errors++; pargs.err = configfp? 1:2; break; } } @@ -994,6 +995,13 @@ print_hex( byte *p, size_t n ) printf(" %02X%02X", *p, p[1] ); } } + else if( n == 24 ) { + for(i=0; i < n ; i += 4, p += 4 ) { + if( i == 12 ) + putchar(' '); + printf(" %02X%02X%02X%02X", *p, p[1], p[2], p[3] ); + } + } else { for(i=0; i < n ; i++, p++ ) { if( i && !(i%8) ) @@ -1023,8 +1031,11 @@ print_mds( const char *fname ) } md = md_open( DIGEST_ALGO_MD5, 0 ); - md_enable( md, DIGEST_ALGO_RMD160 ); md_enable( md, DIGEST_ALGO_SHA1 ); + md_enable( md, DIGEST_ALGO_RMD160 ); + #ifdef WITH_TIGER_HASH + md_enable( md, DIGEST_ALGO_TIGER ); + #endif while( (n=fread( buf, 1, DIM(buf), fp )) ) md_write( md, buf, n ); @@ -1033,8 +1044,11 @@ print_mds( const char *fname ) else { md_final(md); printf( "%s: MD5 =", fname ); print_hex(md_read(md, DIGEST_ALGO_MD5), 16 ); - printf("\n%s: RMD160 =", fname ); print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 ); printf("\n%s: SHA1 =", fname ); print_hex(md_read(md, DIGEST_ALGO_SHA1), 20 ); + printf("\n%s: RMD160 =", fname ); print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 ); + #ifdef WITH_TIGER_HASH + printf("\n%s: TIGER =", fname ); print_hex(md_read(md, DIGEST_ALGO_TIGER), 24 ); + #endif putchar('\n'); } diff --git a/g10/mainproc.c b/g10/mainproc.c index d8da7a41b..22af3561d 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -696,6 +696,11 @@ check_sig_and_print( CTX c, KBNODE node ) PKT_signature *sig = node->pkt->pkt.signature; int rc; + if( opt.skip_verify ) { + log_info("signature verification suppressed\n"); + return 0; + } + rc = do_check_sig(c, node ); if( !rc || rc == G10ERR_BAD_SIGN ) { char *p, *buf; diff --git a/g10/options.h b/g10/options.h index 0f2a2789f..19c065733 100644 --- a/g10/options.h +++ b/g10/options.h @@ -43,7 +43,7 @@ struct { int marginals_needed; int completes_needed; const char *homedir; - int reserved13; + int skip_verify; int reserved14; int reserved15; } opt; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index fb2d74c3a..eb56b09ae 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -490,7 +490,7 @@ parse_subpkt( const byte *buffer, int reqtype ) critical = 0; if( reqtype < 0 ) { /* list packets */ printf("\t%ssubpacket %d of length %u (%s)\n", - reqtype == -1 ? "hashed ":"", type, n, + reqtype == -1 ? "hashed ":"", type, (unsigned)n, type == 2 ? "signature creation time" : type == 3 ? "signature expiration time" : type == 4 ? "exportable" @@ -507,6 +507,10 @@ parse_subpkt( const byte *buffer, int reqtype ) : type ==22 ? "preferred compression algorithms" : type ==23 ? "key server preferences" : type ==24 ? "preferred key server" + : type ==25 ? "primary user id" + : type ==26 ? "policy URL" + : type ==27 ? "key flags" + : type ==28 ? "signer's user id" : "?"); } else if( type == reqtype ) @@ -904,7 +908,7 @@ parse_certificate( IOBUF inp, int pkttype, unsigned long pktlen, cert->protect.s2k = 0; /* We need this kludge to cope with old GNUPG versions */ cert->protect.hash = - cert->protect.algo == CIPHER_ALGO_BLOWFISH? + cert->protect.algo == CIPHER_ALGO_BLOWFISH160? DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5; } if( pktlen < 8 ) { @@ -1106,7 +1110,7 @@ parse_certificate( IOBUF inp, int pkttype, unsigned long pktlen, printf(" %02x", temp[i] ); putchar('\n'); } - if( cert->protect.algo == CIPHER_ALGO_BLOWFISH ) + if( cert->protect.algo == CIPHER_ALGO_BLOWFISH160 ) memcpy(cert->protect.iv, temp, 8 ); } else diff --git a/g10/pkclist.c b/g10/pkclist.c index 3e6e78d59..fa8351bf5 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -172,7 +172,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel ) char *answer; int yes; - log_info("key has beed revoked!\n"); + log_info("key has been revoked!\n"); if( opt.batch ) return 0; diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 0525f336f..b0d82bf68 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -115,21 +115,15 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek ) case CIPHER_ALGO_IDEA: rc = G10ERR_NI_CIPHER; goto leave; - case CIPHER_ALGO_BLOWFISH: + case CIPHER_ALGO_BLOWFISH160: if( dek->keylen != 20 ) { rc = G10ERR_WRONG_SECKEY; goto leave; } break; - case CIPHER_ALGO_BLOWFISH128: + case CIPHER_ALGO_BLOWFISH: case CIPHER_ALGO_CAST: if( dek->keylen != 16 ) { rc = G10ERR_WRONG_SECKEY; goto leave; } break; - #if 0 - case CIPHER_ALGO_CAST: - if( dek->keylen < 5 || dek->keylen > 16 ) - { rc = G10ERR_WRONG_SECKEY; goto leave; } - break; - #endif default: dek->algo = 0; rc = G10ERR_CIPHER_ALGO; diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index 7dc84140b..d95d12380 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -50,6 +50,7 @@ do_check( PKT_secret_cert *cert ) switch( cert->protect.algo ) { case CIPHER_ALGO_NONE: BUG(); break; + case CIPHER_ALGO_BLOWFISH160: case CIPHER_ALGO_BLOWFISH: case CIPHER_ALGO_CAST: keyid_from_skc( cert, keyid ); @@ -290,6 +291,7 @@ protect_secret_key( PKT_secret_cert *cert, DEK *dek ) switch( cert->protect.algo ) { case CIPHER_ALGO_NONE: BUG(); break; + case CIPHER_ALGO_BLOWFISH160: case CIPHER_ALGO_BLOWFISH: case CIPHER_ALGO_CAST: cipher_hd = cipher_open( cert->protect.algo, diff --git a/g10/seskey.c b/g10/seskey.c index 0dcec8d9d..500dc8457 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -35,19 +35,8 @@ void make_session_key( DEK *dek ) { - switch( dek->algo ) { - case CIPHER_ALGO_BLOWFISH: - dek->keylen = 20; - randomize_buffer( dek->key, dek->keylen, 1 ); - break; - case CIPHER_ALGO_BLOWFISH128: - case CIPHER_ALGO_CAST: - dek->keylen = 16; - randomize_buffer( dek->key, dek->keylen, 1 ); - break; - - default: log_bug("invalid algo %d in make_session_key()\n", dek->algo); - } + dek->keylen = cipher_get_keylen( dek->algo ) / 8; + randomize_buffer( dek->key, dek->keylen, 1 ); } @@ -84,7 +73,7 @@ encode_session_key( DEK *dek, unsigned nbits ) * RND are non-zero random bytes. * A is the cipher algorithm * DEK is the encryption key (session key) length k depends on the - * cipher algorithm (20 is used with blowfish). + * cipher algorithm (20 is used with blowfish160). * CSUM is the 16 bit checksum over the DEK */ csum = 0; diff --git a/g10/sign.c b/g10/sign.c index 8867916c7..d804f576b 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -231,6 +231,14 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr, memcpy(pt->name, fname, pt->namelen ); if( !(filesize = iobuf_get_filelength(inp)) ) log_info("warning: '%s' is an empty file\n", fname ); + + /* because the text_filter modifies the length of the + * data, it is not possible to know the used length + * without a double read of the file - to avoid that + * we simple use partial length packets. + */ + if( opt.textmode && !outfile ) + filesize = 0; } else { /* no filename */ pt = m_alloc( sizeof *pt - 1 ); |