aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--TODO3
-rw-r--r--g10/ChangeLog21
-rw-r--r--g10/card-util.c2
-rw-r--r--g10/keygen.c2
-rw-r--r--g10/mainproc.c19
-rw-r--r--g10/misc.c5
-rw-r--r--g10/parse-packet.c22
-rw-r--r--g10/pkclist.c8
-rw-r--r--g10/pubkey-enc.c2
-rw-r--r--g10/seskey.c5
-rw-r--r--scd/ChangeLog6
-rw-r--r--scd/app-openpgp.c2
12 files changed, 62 insertions, 35 deletions
diff --git a/TODO b/TODO
index 0650361c6..672fab9a7 100644
--- a/TODO
+++ b/TODO
@@ -103,6 +103,9 @@ might want to have an agent context for each service request
* sm/
** check that we issue NO_SECKEY xxx if a -u key was not found
+* jnlib/
+** provide jnlib_malloc and try to remove all jnlib_xmalloc.
+
* gpg/
** issue a NO_SECKEY xxxx if a -u key was not found.
** Replace DIGEST_ALGO_SHA224
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 4a838257e..2fba9c488 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,24 @@
+2006-06-30 Werner Koch <[email protected]>
+
+ * misc.c (checksum_mpi): No need for nbits as they are alredy
+ included in the buffer.
+
+2006-06-29 Werner Koch <[email protected]>
+
+ * parse-packet.c (parse_signature, parse_key): Need store the
+ length of opaque data as number of bits.
+ * card-util.c (card_store_subkey): Ditto.
+
+ * mainproc.c (print_pkenc_list, check_sig_and_print): Replaced
+ log_get_stream by calls to log_printf. This avoids the extra LFs
+ inserted by the logging function. They are a bit too smart
+ sometimes.
+ * pkclist.c (do_show_revocation_reason): Print final LF through
+ log_printf to avoid extra LFs.
+ * pubkey-enc.c (get_it): Ditto.
+
+ * seskey.c (encode_md_value): Fix call to gcry.
+
2006-06-27 Werner Koch <[email protected]>
Applied patches from 1.4.x (2006-05-22 to 2006-06-23) from David:
diff --git a/g10/card-util.c b/g10/card-util.c
index b5a036e54..b7da1ba98 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -1271,7 +1271,7 @@ card_store_subkey (KBNODE node, int use)
sk->skey[i] = NULL;
}
i = pubkey_get_npkey (sk->pubkey_algo);
- sk->skey[i] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
+ sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8);
sk->is_protected = 1;
sk->protect.s2k.mode = 1002;
s = info.serialno;
diff --git a/g10/keygen.c b/g10/keygen.c
index 7a6296974..ff4ce88b4 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3701,7 +3701,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
sk->skey[i] = NULL;
}
i = pubkey_get_npkey (sk->pubkey_algo);
- sk->skey[i] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
+ sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8);
sk->is_protected = 1;
sk->protect.s2k.mode = 1002;
s = get_parameter_value (para, pSERIALNO);
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 67ac784dc..ca5ea9ade 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -445,7 +445,7 @@ print_pkenc_list( struct kidlist_item *list, int failed )
nbits_from_pk( pk ), algstr, keystr_from_pk(pk),
strtimestamp(pk->timestamp) );
p=get_user_id_native(list->kid);
- fprintf(log_get_stream(),_(" \"%s\"\n"),p);
+ log_printf (_(" \"%s\"\n"),p);
xfree(p);
}
else
@@ -1527,7 +1527,7 @@ check_sig_and_print( CTX c, KBNODE node )
not going to even try to make two strings here :) */
log_info(_("Key available at: ") );
print_utf8_string( log_get_stream(), p, n );
- putc( '\n', log_get_stream() );
+ log_printf ("\n");
if(opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
&& opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
@@ -1667,9 +1667,9 @@ check_sig_and_print( CTX c, KBNODE node )
xfree(p);
if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
- fprintf(log_get_stream()," [%s]\n",trust_value_to_string(valid));
+ log_printf (" [%s]\n",trust_value_to_string(valid));
else
- fputs("\n", log_get_stream() );
+ log_printf ("\n");
count++;
}
if( !count ) { /* just in case that we have no valid textual
@@ -1712,11 +1712,8 @@ check_sig_and_print( CTX c, KBNODE node )
else
log_info(_("Good signature from \"%s\""),p);
if (opt.trust_model!=TM_ALWAYS && un)
- {
- putc(' ', log_get_stream() );
- fputs(_("[uncertain]"), log_get_stream() );
- }
- fputs("\n", log_get_stream() );
+ log_printf (" %s",_("[uncertain]") );
+ log_printf ("\n");
}
/* If we have a good signature and already printed
@@ -1760,10 +1757,10 @@ check_sig_and_print( CTX c, KBNODE node )
valid=trust_value_to_string(get_validity(pk,
un->pkt->
pkt.user_id));
- fprintf(log_get_stream()," [%s]\n",valid);
+ log_printf (" [%s]\n",valid);
}
else
- fputs("\n", log_get_stream() );
+ log_printf ("\n");
}
}
release_kbnode( keyblock );
diff --git a/g10/misc.c b/g10/misc.c
index de0a029a4..33b97792c 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -297,7 +297,6 @@ checksum_mpi (gcry_mpi_t a)
u16 csum;
byte *buffer;
unsigned int nbytes;
- unsigned int nbits;
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
BUG ();
@@ -308,9 +307,7 @@ checksum_mpi (gcry_mpi_t a)
gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
BUG ();
- nbits = gcry_mpi_get_nbits (a);
- csum = checksum_u16 (nbits);
- csum += checksum (buffer, nbytes);
+ csum = checksum (buffer, nbytes);
xfree (buffer);
return csum;
}
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index d792bfff9..d9a87f108 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1490,9 +1490,10 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
if( list_mode )
fprintf (listfp, "\tunknown algorithm %d\n", sig->pubkey_algo );
unknown_pubkey_warning( sig->pubkey_algo );
- /* we store the plain material in data[0], so that we are able
+ /* We store the plain material in data[0], so that we are able
* to write it back with build_packet() */
- sig->data[0]= mpi_set_opaque(NULL, read_rest(inp, pktlen, 0), pktlen );
+ sig->data[0]= gcry_mpi_set_opaque (NULL, read_rest(inp, pktlen, 0),
+ pktlen*8 );
pktlen = 0;
}
else {
@@ -1715,8 +1716,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
size_t snlen = 0;
if( !npkey ) {
- sk->skey[0] = mpi_set_opaque( NULL,
- read_rest(inp, pktlen, 0), pktlen );
+ sk->skey[0] = gcry_mpi_set_opaque (NULL, read_rest(inp, pktlen, 0),
+ pktlen*8 );
pktlen = 0;
goto leave;
}
@@ -1894,15 +1895,17 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
if( sk->protect.s2k.mode == 1001
|| sk->protect.s2k.mode == 1002 ) {
/* better set some dummy stuff here */
- sk->skey[npkey] = mpi_set_opaque(NULL, xstrdup("dummydata"), 10);
+ sk->skey[npkey] = gcry_mpi_set_opaque(NULL,
+ xstrdup("dummydata"), 10*8);
pktlen = 0;
}
else if( is_v4 && sk->is_protected ) {
/* ugly; the length is encrypted too, so we read all
* stuff up to the end of the packet into the first
* skey element */
- sk->skey[npkey] = mpi_set_opaque(NULL,
- read_rest(inp, pktlen, 0),pktlen);
+ sk->skey[npkey] = gcry_mpi_set_opaque (NULL,
+ read_rest(inp, pktlen, 0),
+ pktlen*8);
pktlen = 0;
if( list_mode ) {
fprintf (listfp, "\tencrypted stuff follows\n");
@@ -1942,8 +1945,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
PKT_public_key *pk = pkt->pkt.public_key;
if( !npkey ) {
- pk->pkey[0] = mpi_set_opaque( NULL,
- read_rest(inp, pktlen, 0), pktlen );
+ pk->pkey[0] = gcry_mpi_set_opaque ( NULL,
+ read_rest(inp, pktlen, 0),
+ pktlen*8 );
pktlen = 0;
goto leave;
}
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 4516f6769..d3cda144f 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -76,7 +76,7 @@ do_show_revocation_reason( PKT_signature *sig )
fputs( text, log_get_stream() );
else
fprintf( log_get_stream(), "code=%02x", *p );
- putc( '\n', log_get_stream() );
+ log_printf ("\n");
n--; p++;
pp = NULL;
do {
@@ -88,9 +88,9 @@ do_show_revocation_reason( PKT_signature *sig )
if( n ) {
pp = memchr( p, '\n', n );
nn = pp? pp - p : n;
- log_info( _("revocation comment: ") );
- print_string( log_get_stream(), p, nn, 0 );
- putc( '\n', log_get_stream() );
+ log_info ( _("revocation comment: ") );
+ print_string ( log_get_stream(), p, nn, 0 );
+ log_printf ("\n");
p += nn; n -= nn;
}
} while( pp );
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index dc0124bd4..47aadc9a7 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -308,7 +308,7 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
if ( pk && pk->is_revoked ) {
log_info( _("NOTE: key has been revoked") );
- putc( '\n', log_get_stream() );
+ log_printf ("\n");
show_revocation_reason( pk, 1 );
}
diff --git a/g10/seskey.c b/g10/seskey.c
index a31cbb15e..2ef00869f 100644
--- a/g10/seskey.c
+++ b/g10/seskey.c
@@ -220,8 +220,7 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
{
/* It's a DSA signature, so find out the size of q. */
- unsigned int qbytes = gcry_mpi_get_nbits (pk?pk->pkey[1]:sk->skey[1]);
- size_t n;
+ size_t qbytes = gcry_mpi_get_nbits (pk?pk->pkey[1]:sk->skey[1]);
/* Make sure it is a multiple of 8 bits. */
@@ -259,7 +258,7 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
}
if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG,
- gcry_md_read (md, hash_algo), n, &n))
+ gcry_md_read (md, hash_algo), qbytes, &qbytes))
BUG();
}
else
diff --git a/scd/ChangeLog b/scd/ChangeLog
index fd2ba5418..ba2ede72c 100644
--- a/scd/ChangeLog
+++ b/scd/ChangeLog
@@ -1,3 +1,9 @@
+2006-06-28 Werner Koch <[email protected]>
+
+ * app-openpgp.c (do_writekey): Fixed computation of memmove
+ length. This led to garbled keys if E was larger than one byte.
+ Thanks to Achim Pietig for hinting at the garbled E.
+
2006-06-09 Marcus Brinkmann <[email protected]>
* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 842881f3a..47ff8abc2 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1828,7 +1828,7 @@ do_writekey (app_t app, ctrl_t ctrl,
if (rsa_e_len < 4)
{
/* Right justify E. */
- memmove (tp+4-rsa_e_len, tp, 4-rsa_e_len);
+ memmove (tp+4-rsa_e_len, tp, rsa_e_len);
memset (tp, 0, 4-rsa_e_len);
}
tp += 4;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-05 05:44:58 +0000