diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 13 | ||||
| -rw-r--r-- | g10/encode.c | 9 | ||||
| -rw-r--r-- | g10/encr-data.c | 3 | ||||
| -rw-r--r-- | g10/g10.c | 17 | ||||
| -rw-r--r-- | g10/main.h | 1 | ||||
| -rw-r--r-- | g10/mainproc.c | 35 | ||||
| -rw-r--r-- | g10/passphrase.c | 14 | ||||
| -rw-r--r-- | g10/sign.c | 322 |
8 files changed, 389 insertions, 25 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 7d583db9d..0ffbf1f0c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,18 @@ 2001-08-20 Werner Koch <[email protected]> + * encr-data.c (decrypt_data): Keep track on whether we already + printed information about the used algorithm. + * mainproc.c (proc_encrypted): Removed the non-working IDEA hack + and print a message about the assumed algorithm. + * passphrase.c (passphrase_to_dek): Use the same algorithm as above. + (proc_symkey_enc): Print the algorithm, so that the user knows it + before entering the passphrase. + (proc_pubkey_enc, proc_pubkey_enc): Zero the DEK out. + * encode.c (encode_crypt, encrypt_filter): Ditto. + + * g10.c: Allow for --sign --symmetric. + * sign.c (sign_and_symencrypt): New. + Applied patches from Stefan Bellon <[email protected]> to support the RISCOS. Nearly all of these patches are identified by the __riscos__ macro. diff --git a/g10/encode.c b/g10/encode.c index 5726be5a4..8cc44c152 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -291,7 +291,7 @@ encode_crypt( const char *filename, STRLIST remusr ) } #endif /* create a session key */ - cfx.dek = m_alloc_secure( sizeof *cfx.dek ); + cfx.dek = m_alloc_secure_clear (sizeof *cfx.dek); if( !opt.def_cipher_algo ) { /* try to get it from the prefs */ cfx.dek->algo = select_algo_from_prefs( pk_list, PREFTYPE_SYM ); if( cfx.dek->algo == -1 ) @@ -415,13 +415,16 @@ encrypt_filter( void *opaque, int control, } else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */ if( !efx->header_okay ) { - efx->cfx.dek = m_alloc_secure( sizeof *efx->cfx.dek ); + efx->cfx.dek = m_alloc_secure_clear( sizeof *efx->cfx.dek ); if( !opt.def_cipher_algo ) { /* try to get it from the prefs */ efx->cfx.dek->algo = select_algo_from_prefs( efx->pk_list, PREFTYPE_SYM ); - if( efx->cfx.dek->algo == -1 ) + if( efx->cfx.dek->algo == -1 ) { + /* because 3DES is implicitly in the prefs, this can only + * happen if we do not have any public keys in the list */ efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; + } } else efx->cfx.dek->algo = opt.def_cipher_algo; diff --git a/g10/encr-data.c b/g10/encr-data.c index ee8c188fc..e2752bf36 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -60,12 +60,13 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) unsigned nprefix; memset( &dfx, 0, sizeof dfx ); - if( opt.verbose ) { + if( opt.verbose && !dek->algo_info_printed ) { const char *s = cipher_algo_to_string( dek->algo ); if( s ) log_info(_("%s encrypted data\n"), s ); else log_info(_("encrypted with unknown algorithm %d\n"), dek->algo ); + dek->algo_info_printed = 1; } if( (rc=check_cipher_algo(dek->algo)) ) goto leave; @@ -73,6 +73,7 @@ enum cmd_and_opt_values { aNull = 0, aStore, aKeygen, aSignEncr, + aSignSym, aSignKey, aLSignKey, aListPackets, @@ -607,6 +608,10 @@ set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd ) cmd = aSignEncr; else if( cmd == aEncr && new_cmd == aSign ) cmd = aSignEncr; + else if( cmd == aSign && new_cmd == aSym ) + cmd = aSignSym; + else if( cmd == aSym && new_cmd == aSign ) + cmd = aSignSym; else if( cmd == aKMode && new_cmd == aSym ) cmd = aKModeC; else if( ( cmd == aSign && new_cmd == aClearsign ) @@ -1316,11 +1321,21 @@ main( int argc, char **argv ) free_strlist(sl); break; + case aSignSym: /* sign and conventionally encrypt the given file */ + if (argc > 1) + wrong_args(_("--sign --symmetric [filename]")); + rc = sign_symencrypt_file (fname, locusr); + if (rc) + log_error("%s: sign+symmetric failed: %s\n", + print_fname_stdin(fname), g10_errstr(rc) ); + break; + case aClearsign: /* make a clearsig */ if( argc > 1 ) wrong_args(_("--clearsign [filename]")); if( (rc = clearsign_file(fname, locusr, NULL)) ) - log_error("%s: clearsign failed: %s\n", print_fname_stdin(fname), g10_errstr(rc) ); + log_error("%s: clearsign failed: %s\n", + print_fname_stdin(fname), g10_errstr(rc) ); break; case aVerify: diff --git a/g10/main.h b/g10/main.h index 353d5bd94..43dd72ee3 100644 --- a/g10/main.h +++ b/g10/main.h @@ -82,6 +82,7 @@ int complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md ); int sign_file( STRLIST filenames, int detached, STRLIST locusr, int do_encrypt, STRLIST remusr, const char *outfile ); int clearsign_file( const char *fname, STRLIST locusr, const char *outfile ); +int sign_symencrypt_file (const char *fname, STRLIST locusr); /*-- sig-check.c --*/ int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig ); diff --git a/g10/mainproc.c b/g10/mainproc.c index af50f6a58..02a423804 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -247,8 +247,19 @@ proc_symkey_enc( CTX c, PACKET *pkt ) if (enc->seskeylen) log_error ("symkey_enc packet with session keys are not supported!\n"); else { + int algo = enc->cipher_algo; + const char *s; + + s = cipher_algo_to_string (algo); + if( s ) + log_info(_("%s encrypted data\n"), s ); + else + log_info(_("encrypted with unknown algorithm %d\n"), algo ); + c->last_was_session_key = 2; - c->dek = passphrase_to_dek( NULL, 0, enc->cipher_algo, &enc->s2k, 0 ); + c->dek = passphrase_to_dek( NULL, 0, algo, &enc->s2k, 0 ); + if (c->dek) + c->dek->algo_info_printed = 1; } free_packet(pkt); } @@ -276,10 +287,10 @@ proc_pubkey_enc( CTX c, PACKET *pkt ) } if( !opt.list_only && opt.override_session_key ) { - /* It does not make nuch sense to store the session key in + /* It does not make much sense to store the session key in * secure memory because it has already been passed on the * command line and the GCHQ knows about it */ - c->dek = m_alloc( sizeof *c->dek ); + c->dek = m_alloc_clear( sizeof *c->dek ); result = get_override_session_key ( c->dek, opt.override_session_key ); if ( result ) { m_free(c->dek); c->dek = NULL; @@ -293,7 +304,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt ) if( opt.list_only ) result = -1; else { - c->dek = m_alloc_secure( sizeof *c->dek ); + c->dek = m_alloc_secure_clear( sizeof *c->dek ); if( (result = get_session_key( enc, c->dek )) ) { /* error: delete the DEK */ m_free(c->dek); c->dek = NULL; @@ -409,14 +420,14 @@ proc_encrypted( CTX c, PACKET *pkt ) if( opt.list_only ) result = -1; else if( !c->dek && !c->last_was_session_key ) { - int def_algo; - /* assume this is old conventional encrypted data - * We use IDEA here if it is installed */ - def_algo = check_cipher_algo (CIPHER_ALGO_IDEA)? - DEFAULT_CIPHER_ALGO : CIPHER_ALGO_IDEA; - c->dek = passphrase_to_dek( NULL, 0, - opt.def_cipher_algo ? opt.def_cipher_algo - : DEFAULT_CIPHER_ALGO, NULL, 0 ); + int algo = opt.def_cipher_algo ? opt.def_cipher_algo + : opt.s2k_cipher_algo; + /* assume this is old style conventional encrypted data */ + log_info(_("assuming %s encrypted data\n"), + cipher_algo_to_string (algo) ); + c->dek = passphrase_to_dek( NULL, 0, algo, NULL, 0); + if (c->dek) + c->dek->algo_info_printed = 1; } else if( !c->dek ) result = G10ERR_NO_SECKEY; diff --git a/g10/passphrase.c b/g10/passphrase.c index c626e9adc..c6c7cb27d 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -513,16 +513,14 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo, STRING2KEY help_s2k; if( !s2k ) { - int def_algo; + /* This is used for the old rfc1991 mode + * Note: This must match the code in encode.c with opt.rfc1991 set */ + int algo = opt.def_digest_algo ? opt.def_digest_algo + : opt.s2k_digest_algo; s2k = &help_s2k; s2k->mode = 0; - /* If we have IDEA installed we use MD5 otherwise the default - * hash algorithm. This can always be overriden from the - * commandline */ - def_algo = check_cipher_algo (CIPHER_ALGO_IDEA)? - DEFAULT_DIGEST_ALGO : DIGEST_ALGO_MD5; - s2k->hash_algo = opt.def_digest_algo? opt.def_digest_algo : def_algo; + s2k->hash_algo = algo; } if( !next_pw && is_status_enabled() ) { @@ -632,7 +630,7 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo, if( !pw || !*pw ) write_status( STATUS_MISSING_PASSPHRASE ); - dek = m_alloc_secure( sizeof *dek ); + dek = m_alloc_secure_clear ( sizeof *dek ); dek->algo = cipher_algo; if( !*pw && mode == 2 ) dek->keylen = 0; diff --git a/g10/sign.c b/g10/sign.c index bd3faf2b5..913d82be7 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -797,6 +797,328 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile ) return rc; } +/* + * Sign and conventionally encrypt the given file. + * FIXME: Far too much code is duplicated - revamp the whole file. + */ +int +sign_symencrypt_file (const char *fname, STRLIST locusr) +{ + armor_filter_context_t afx; + compress_filter_context_t zfx; + md_filter_context_t mfx; + text_filter_context_t tfx; + cipher_filter_context_t cfx; + IOBUF inp = NULL, out = NULL; + PACKET pkt; + PKT_plaintext *pt = NULL; + STRING2KEY *s2k = NULL; + u32 filesize; + int rc = 0; + SK_LIST sk_list = NULL; + SK_LIST sk_rover = NULL; + int old_style = opt.rfc1991; + int compr_algo = -1; /* unknown */ + int algo; + + memset( &afx, 0, sizeof afx); + memset( &zfx, 0, sizeof zfx); + memset( &mfx, 0, sizeof mfx); + memset( &tfx, 0, sizeof tfx); + memset( &cfx, 0, sizeof cfx); + init_packet( &pkt ); + + rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG); + if (rc) + goto leave; + if( !old_style ) + old_style = only_old_style( sk_list ); + + /* prepare iobufs */ + inp = iobuf_open(fname); + if( !inp ) { + log_error("can't open %s: %s\n", fname? fname: "[stdin]", + strerror(errno) ); + rc = G10ERR_OPEN_FILE; + goto leave; + } + + /* prepare key */ + s2k = m_alloc_clear( sizeof *s2k ); + s2k->mode = opt.rfc1991? 0:opt.s2k_mode; + s2k->hash_algo = opt.def_digest_algo ? opt.def_digest_algo + : opt.s2k_digest_algo; + + algo = opt.def_cipher_algo ? opt.def_cipher_algo : opt.s2k_cipher_algo; + if (!opt.quiet || !opt.batch) + log_info (_("%s encryption will be used\n"), + cipher_algo_to_string(algo) ); + cfx.dek = passphrase_to_dek( NULL, 0, algo, s2k, 2 ); + + if (!cfx.dek || !cfx.dek->keylen) { + rc = G10ERR_PASSPHRASE; + log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) ); + goto leave; + } + + /* now create the outfile */ + rc = open_outfile (fname, opt.armor? 1:0, &out); + if (rc) + goto leave; + + /* prepare to calculate the MD over the input */ + if (opt.textmode) + iobuf_push_filter (inp, text_filter, &tfx); + mfx.md = md_open(0, 0); + + for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) { + PKT_secret_key *sk = sk_rover->sk; + md_enable (mfx.md, hash_for (sk->pubkey_algo, sk->version )); + } + + iobuf_push_filter (inp, md_filter, &mfx); + + /* Push armor output filter */ + if (opt.armor) + iobuf_push_filter (out, armor_filter, &afx); + + /* Write the symmetric key packet */ + /*(current filters: armor)*/ + if (!opt.rfc1991) { + PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc ); + enc->version = 4; + enc->cipher_algo = cfx.dek->algo; + enc->s2k = *s2k; + pkt.pkttype = PKT_SYMKEY_ENC; + pkt.pkt.symkey_enc = enc; + if( (rc = build_packet( out, &pkt )) ) + log_error("build symkey packet failed: %s\n", g10_errstr(rc) ); + m_free(enc); + } + + /* Push the encryption filter */ + iobuf_push_filter( out, cipher_filter, &cfx ); + + /* Push the Zip filter */ + if (opt.compress) { + if (!compr_algo) + ; /* don't use compression */ + else { + if( old_style || compr_algo == 1 ) + zfx.algo = 1; /* use the non optional algorithm */ + iobuf_push_filter( out, compress_filter, &zfx ); + } + } + + /* Write the one-pass signature packets */ + /*(current filters: zip - encrypt - armor)*/ + if (!old_style) { + int skcount=0; + /* loop over the secret certificates and build headers + * The specs now say that the data should be bracket by + * the onepass-sig and signature-packet; so we must build it + * here in reverse order */ + for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) + skcount++; + for( ; skcount; skcount-- ) { + PKT_secret_key *sk; + PKT_onepass_sig *ops; + int i = 0; + + for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) + if( ++i == skcount ) + break; + + sk = sk_rover->sk; + ops = m_alloc_clear( sizeof *ops ); + ops->sig_class = opt.textmode? 0x01 : 0x00; + ops->digest_algo = hash_for(sk->pubkey_algo, sk->version); + ops->pubkey_algo = sk->pubkey_algo; + keyid_from_sk( sk, ops->keyid ); + ops->last = skcount == 1; + + init_packet(&pkt); + pkt.pkttype = PKT_ONEPASS_SIG; + pkt.pkt.onepass_sig = ops; + rc = build_packet( out, &pkt ); + free_packet( &pkt ); + if( rc ) { + log_error("build onepass_sig packet failed: %s\n", + g10_errstr(rc)); + goto leave; + } + } + } + + /* Pipe data through all filters; i.e. write the signed stuff */ + /*(current filters: zip - encrypt - armor)*/ + if (!opt.no_literal) { + if (fname || opt.set_filename) { + char *s = make_basename (opt.set_filename? opt.set_filename + : fname ); + pt = m_alloc (sizeof *pt + strlen(s) - 1 ); + pt->namelen = strlen (s); + memcpy (pt->name, s, pt->namelen ); + m_free (s); + } + else { /* no filename */ + pt = m_alloc( sizeof *pt - 1 ); + pt->namelen = 0; + } + } + + /* try to calculate the length of the data */ + if (fname) { + if( !(filesize = iobuf_get_filelength(inp)) ) + log_info(_("WARNING: `%s' is an empty file\n"), fname ); + /* we can't yet encode the length of very large files, + * so we switch to partial length encoding in this case */ + if (filesize >= IOBUF_FILELENGTH_LIMIT) + filesize = 0; + + /* because the text_filter modifies the length of the + * data, it is not possible to know the used length + * without a double read of the file - to avoid that + * we simple use partial length packets. + */ + if (opt.textmode) + filesize = 0; + } + else { + filesize = opt.set_filesize? opt.set_filesize : 0; /* stdin */ + } + + if (!opt.no_literal) { + pt->timestamp = make_timestamp(); + pt->mode = opt.textmode? 't':'b'; + pt->len = filesize; + pt->new_ctb = !pt->len && !opt.rfc1991; + pt->buf = inp; /* take data from this iobuf */ + pkt.pkttype = PKT_PLAINTEXT; + pkt.pkt.plaintext = pt; + /* build packet automagically write all the data */ + if( (rc = build_packet( out, &pkt )) ) + log_error("build_packet(PLAINTEXT) failed: %s\n", g10_errstr(rc) ); + pt->buf = NULL; + } + else { + byte copy_buffer[4096]; + int bytes_copied; + while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) + if (iobuf_write(out, copy_buffer, bytes_copied) == -1) { + rc = G10ERR_WRITE_FILE; + log_error("copying input to output failed: %s\n", g10_errstr(rc)); + break; + } + memset(copy_buffer, 0, 4096); /* burn buffer */ + } + + /* catch errors from above */ + if (rc) + goto leave; + + /* Write the signature by looping over the secret certificates */ + /*(current filters: zip - encrypt - armor)*/ + for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { + PKT_secret_key *sk; + PKT_signature *sig; + MD_HANDLE md; + + sk = sk_rover->sk; + + /* build the signature packet */ + /* fixme: this code is partly duplicated in make_keysig_packet */ + sig = m_alloc_clear( sizeof *sig ); + sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version; + keyid_from_sk( sk, sig->keyid ); + sig->digest_algo = hash_for(sk->pubkey_algo, sk->version); + sig->pubkey_algo = sk->pubkey_algo; + sig->timestamp = make_timestamp(); + sig->sig_class = opt.textmode? 0x01 : 0x00; + + md = md_copy( mfx.md ); + + if( sig->version >= 4 ) { + build_sig_subpkt_from_sig( sig ); + md_putc( md, sig->version ); + } + + mk_notation_and_policy( sig ); + + md_putc( md, sig->sig_class ); + if( sig->version < 4 ) { + u32 a = sig->timestamp; + md_putc( md, (a >> 24) & 0xff ); + md_putc( md, (a >> 16) & 0xff ); + md_putc( md, (a >> 8) & 0xff ); + md_putc( md, a & 0xff ); + } + else { + byte buf[6]; + size_t n; + + md_putc( md, sig->pubkey_algo ); + md_putc( md, sig->digest_algo ); + if( sig->hashed ) { + n = sig->hashed->len; + md_putc (md, (n >> 8) ); + md_putc (md, n ); + md_write (md, sig->hashed->data, n ); + n += 6; + } + else { + md_putc( md, 0 ); /* always hash the length of the subpacket*/ + md_putc( md, 0 ); + n = 6; + } + /* add some magic */ + buf[0] = sig->version; + buf[1] = 0xff; + buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */ + buf[3] = n >> 16; + buf[4] = n >> 8; + buf[5] = n; + md_write( md, buf, 6 ); + + } + md_final( md ); + + rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo, sk->version) ); + md_close( md ); + + if( !rc ) { /* and write it */ + init_packet(&pkt); + pkt.pkttype = PKT_SIGNATURE; + pkt.pkt.signature = sig; + rc = build_packet( out, &pkt ); + if( !rc && is_status_enabled() ) { + print_status_sig_created ( sk, sig, 'S'); + } + free_packet( &pkt ); + if( rc ) + log_error("build signature packet failed: %s\n", g10_errstr(rc) ); + } + if( rc ) + goto leave; + + } + + + leave: + if( rc ) + iobuf_cancel(out); + else { + iobuf_close(out); + write_status( STATUS_END_ENCRYPTION ); + } + iobuf_close(inp); + release_sk_list( sk_list ); + md_close( mfx.md ); + m_free(cfx.dek); + m_free(s2k); + return rc; +} + /**************** * Create a signature packet for the given public key certificate and |