summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2000-07-28 18:19:07 +0200
committerWerner Koch <wk@gnupg.org>2000-07-28 18:19:07 +0200
commitd81c3f733ba813dae4fc6bed6073551449dcc65c (patch)
treedc0bc70f697b7b4623d359b172cae2b035347aa3
parentSee ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch (diff)
downloadgnupg2-d81c3f733ba813dae4fc6bed6073551449dcc65c.tar.xz
gnupg2-d81c3f733ba813dae4fc6bed6073551449dcc65c.zip
See ChangeLog: Fri Jul 28 18:19:11 CEST 2000 Werner Koch
-rw-r--r--NEWS81
-rwxr-xr-xchecks/defs.inc2
-rw-r--r--cipher/pubkey.c24
-rw-r--r--g10/ChangeLog8
-rw-r--r--g10/gpg.c9
-rw-r--r--g10/keygen.c7
-rw-r--r--g10/plaintext.c7
-rw-r--r--g10/sig-check.c2
-rw-r--r--mpi/ChangeLog4
-rw-r--r--mpi/mpicoder.c20
-rw-r--r--util/ChangeLog7
-rw-r--r--util/iobuf.c16
12 files changed, 163 insertions, 24 deletions
diff --git a/NEWS b/NEWS
index 141c49670..df5e12d8a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,87 @@
+Noteworthy changes in the current CVS HEAD
+------------------------------------------
* Removed option --emulate-checksum-bug
+ * Fixed expiration handling of encryption keys.
+
+ * Add an experimental feature to do unattended key generation.
+
+ * The user is now asked for the reason of revocation as required
+ by the new OpenPGP draft.
+
+ * There is a ~/.gnupg/random_seed file now which saves the
+ state of the internal RNG and increases system performance
+ somewhat. This way the full entropy source is only used in
+ cases were it is really required.
+ Use the option --no-random-seed-file to disable this feature.
+
+ * New options --ignore-time-conflict and --lock-never.
+
+ * Some fixes for the W32 version.
+
+ * The entropy.dll is not anymore used by the W32 version but replaced
+ by code derived from Cryptlib.
+
+ * Encryption is now much faster: About 2 times for 1k bit keys
+ and 8 times for 4k keys.
+
+ * New encryption keys are generated in a way which allows a much
+ faster decryption.
+
+ * New command --export-secret-subkeys which outputs the
+ the _primary_ key with it's secret parts deleted. This is
+ useful for automated decryption/signature creation as it
+ allows to keep the real secret primary key offline and
+ thereby protecting the key certificates and allowing to
+ create revocations for the subkeys. See the FAQ for a
+ procedure to install such secret keys.
+
+ * Keygeneration now writes to the first writeable keyring or
+ as default to the one in the homedirectory. Prior versions
+ ignored all --keyring options.
+
+ * New option --command-fd to take user input from a file descriptor;
+ to be used with --status-fd by software which uses GnuPG as a backend.
+
+ * There is a new status PROGRESS which is used to show progress during
+ key generation.
+
+ * Support for the new MDC encryption packets. To create them either
+ --force-mdc must be use or cipher algorithm with a blocksize other
+ than 64 bits is to be used. --openpgp currently disables MDC packets
+ entirely. This option should not yet be used.
+
+ * New option --no-auto-key-retrieve to disable retrieving of
+ a missing public key from a keyerver, when a keyerver has been set.
+
+ * New command --verify-files. New option --fast-list-mode.
+
+ * $http_proxy is now used when --honor-http-proxy is set.
+
+ * Fixed some minor bugs and the problem with conventional encrypted
+ packets which did use the gpg v3 partial length headers.
+
+ * Some more translations.
+
+ * Fixed a bug with symmetric-only encryption using the non-default 3DES.
+ The option --emulate-3des-s2k-bug may be used to decrypt documents
+ which have been encrypted this way; this should be done immediately
+ as this workaround will be remove in 1.1
+
+ * Can now handle (but not display) PGP's photo IDs. I don't know the
+ format of that packet but after stripping a few bytes from the start
+ it looks like a JPEG (at least my test data). Handling of this
+ package is required because otherwise it would mix up the
+ self signatures and you can't import those keys.
+
+ * Passing non-ascii user IDs on the commandline should now work in all
+ cases.
+
+ * New keys are now generated with an additional preference to Blowfish.
+
+ * Removed the GNU Privacy Handbook from the distribution because it
+ is now in the package GPH.
Noteworthy changes in version 1.1.0 (1999-10-26)
diff --git a/checks/defs.inc b/checks/defs.inc
index d5fdc8af7..c975025da 100755
--- a/checks/defs.inc
+++ b/checks/defs.inc
@@ -29,6 +29,7 @@ exp_files=""
LANG=
LANGUAGE=
LC_ALL=
+LC_MESSAGES=
#--------------------------------
#------ utility functions -------
@@ -105,5 +106,6 @@ no-greeting
no-secmem-warning
load-extension ../cipher/tiger
batch
+emulate-md-encode-bug
EOF
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 7ef6f18b7..15487ad67 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -701,16 +701,9 @@ sexp_to_key( GCRY_SEXP sexp, int want_private, MPI **retarray, int *retalgo)
:"public-key", 0 );
if( !list )
return GCRYERR_INV_OBJ; /* Does not contain a public- or private-key object */
- l2 = gcry_sexp_cdr( list );
- gcry_sexp_release ( list );
- list = l2;
- if( !list )
- return GCRYERR_NO_OBJ; /* no cdr for the key object */
- l2 = gcry_sexp_car( list );
+ l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
- if( !list )
- return GCRYERR_NO_OBJ; /* no car for the key object */
name = gcry_sexp_car_data( list, &n );
if( !name ) {
gcry_sexp_release ( list );
@@ -873,7 +866,7 @@ sexp_to_enc( GCRY_SEXP sexp, MPI **retarray, int *retalgo)
list = gcry_sexp_find_token( sexp, "enc-val" , 0 );
if( !list )
return GCRYERR_INV_OBJ; /* Does not contain a encrypted value object */
- l2 = gcry_sexp_cdr( list );
+ l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
if( !list ) {
@@ -1332,7 +1325,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
list = gcry_sexp_find_token( s_parms, "genkey", 0 );
if( !list )
return GCRYERR_INV_OBJ; /* Does not contain genkey data */
- l2 = gcry_sexp_cdr( list );
+ l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
if( !list )
@@ -1402,7 +1395,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
/* build the string */
nelem = 0;
string = p = g10_xmalloc ( needed );
- p = stpcpy ( p, "(key-data(" );
+ p = stpcpy ( p, "(key-data" );
p = stpcpy ( p, "(public-key(" );
p = stpcpy ( p, algo_name );
@@ -1412,7 +1405,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
p = stpcpy ( p, "%m)" );
mpis[nelem++] = skey[i];
}
- strcpy ( p, "))" );
+ p = stpcpy ( p, "))" );
p = stpcpy ( p, "(private-key(" );
p = stpcpy ( p, algo_name );
@@ -1422,14 +1415,14 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
p = stpcpy ( p, "%m)" );
mpis[nelem++] = skey[i];
}
- strcpy ( p, "))" );
+ p = stpcpy ( p, "))" );
p = stpcpy ( p, "(misc-key-info(pm1-factors" );
for(i=0; factors[i]; i++ ) {
p = stpcpy ( p, "%m" );
mpis[nelem++] = factors[i];
}
- strcpy ( p, "))" );
+ strcpy ( p, ")))" );
while ( nelem < DIM(mpis) )
mpis[nelem++] = NULL;
@@ -1439,6 +1432,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
* we have. which normally should be no problem as only those
* with a corresponding %m are used
*/
+ log_debug ("retstr=`%s'\n", string);
if ( gcry_sexp_build ( r_key, NULL, string,
mpis[0], mpis[1], mpis[2], mpis[3], mpis[4], mpis[5],
mpis[6], mpis[7], mpis[8], mpis[9], mpis[10], mpis[11],
@@ -1447,7 +1441,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms )
mpis[24], mpis[25], mpis[26], mpis[27], mpis[28], mpis[29]
) )
BUG ();
- assert ( DIM(mpis) == 29 );
+ assert ( DIM(mpis) == 30 );
g10_free ( string );
}
release_mpi_array ( skey );
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 893fed136..16abe9421 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,11 @@
+Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de>
+
+ * sig-check.c (pk_verify): Fixed the S-Exp withe the pkey.
+
+ * gpg.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes
+ (print_mds): Likewise for stdin.
+ * plaintext.c (handle_plaintext): Likewise for stdout.
+
Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (menu_expire): expire date for primary key can be set again.
diff --git a/g10/gpg.c b/g10/gpg.c
index fb1be046f..11ceb810d 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -25,6 +25,9 @@
#include <string.h>
#include <ctype.h>
#include <unistd.h>
+#ifdef HAVE_DOSISH_SYSTEM
+ #include <fcntl.h> /* for setmode() */
+#endif
#include <gcrypt.h>
@@ -1449,6 +1452,9 @@ main( int argc, char **argv )
size_t n = !endless && count < 100? count : 100;
p = gcry_random_bytes( n, level );
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(stdout), O_BINARY );
+ #endif
fwrite( p, n, 1, stdout );
gcry_free(p);
if( !endless )
@@ -1676,6 +1682,9 @@ print_mds( const char *fname, int algo, const char *key )
if( !fname ) {
fp = stdin;
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(fp) , O_BINARY );
+ #endif
pname = gcry_xstrdup("[stdin]: ");
}
else {
diff --git a/g10/keygen.c b/g10/keygen.c
index 3b3d95e3b..3e22d05d0 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -254,7 +254,7 @@ key_from_sexp( GCRY_MPI *array,
list = gcry_sexp_find_token( sexp, topname, 0 );
if( !list )
return GCRYERR_INV_OBJ;
- l2 = gcry_sexp_cdr( list );
+ l2 = gcry_sexp_cadr( list );
gcry_sexp_release ( list );
list = l2;
if( !list )
@@ -311,6 +311,7 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp )
if( !list )
return GCRYERR_NO_OBJ;
+ #if 0
/* count factors */
ctx = NULL;
for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ )
@@ -337,6 +338,10 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp )
}
}
}
+ #else
+ array = gcry_xcalloc( 1, sizeof *array );
+ #warning dummy code here
+ #endif
gcry_sexp_release ( list );
*retarray = array;
diff --git a/g10/plaintext.c b/g10/plaintext.c
index e3c7a865c..555dd1636 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -24,6 +24,10 @@
#include <string.h>
#include <errno.h>
#include <assert.h>
+#ifdef HAVE_DOSISH_SYSTEM
+ #include <fcntl.h> /* for setmode() */
+#endif
+
#include "util.h"
#include <gcrypt.h>
#include "options.h"
@@ -81,6 +85,9 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
else if( !*fname || (*fname=='-' && !fname[1])) {
/* no filename or "-" given; write to stdout */
fp = stdout;
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(fp) , O_BINARY );
+ #endif
}
else if( !overwrite_filep( fname ) ) {
rc = GPGERR_CREATE_FILE;
diff --git a/g10/sig-check.c b/g10/sig-check.c
index ba392414a..85c8bfbc1 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -67,7 +67,7 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey,
}
else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) {
rc = gcry_sexp_build ( &s_pkey, NULL,
- "(public-key(dsa(p%m)(g%m)(y%m)))",
+ "(public-key(elg(p%m)(g%m)(y%m)))",
pkey[0], pkey[1], pkey[2] );
}
else if( algo == GCRY_PK_RSA ) {
diff --git a/mpi/ChangeLog b/mpi/ChangeLog
index 6bdeaf254..97ae3cd22 100644
--- a/mpi/ChangeLog
+++ b/mpi/ChangeLog
@@ -1,3 +1,7 @@
+Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de>
+
+ * mpicoder.c (gcry_mpi_scan): Normalize the returned MPI.
+
Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de>
* config.links: Support for powerpc--netbsd by Gabriel Rosenkoetter.
diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c
index bd79aca5d..9c68d7c9b 100644
--- a/mpi/mpicoder.c
+++ b/mpi/mpicoder.c
@@ -355,8 +355,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
else
mpi_set_buffer( a, s, len, 0 );
}
- if( ret_mpi )
+ if( ret_mpi ) {
+ mpi_normalize ( a );
*ret_mpi = a;
+ }
else
mpi_free(a);
return 0;
@@ -365,8 +367,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
a = mpi_alloc( (len+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
if( len ) /* not zero */
mpi_set_buffer( a, buffer, len, 0 );
- if( ret_mpi )
+ if( ret_mpi ) {
+ mpi_normalize ( a );
*ret_mpi = a;
+ }
else
mpi_free(a);
return 0;
@@ -375,8 +379,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
a = mpi_read_from_buffer( (char*)buffer, &len, 0 );
if( nbytes )
*nbytes = len;
- if( ret_mpi )
+ if( ret_mpi ) {
+ mpi_normalize ( a );
*ret_mpi = a;
+ }
else
mpi_free(a);
return a? 0 : GCRYERR_INV_OBJ;
@@ -405,8 +411,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
}
if( nbytes )
*nbytes = n+4;
- if( ret_mpi )
+ if( ret_mpi ) {
+ mpi_normalize ( a );
*ret_mpi = a;
+ }
else
mpi_free(a);
return 0;
@@ -417,8 +425,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format,
a = mpi_alloc(0);
if( mpi_fromstr( a, buffer ) )
return GCRYERR_INV_OBJ;
- if( ret_mpi )
+ if( ret_mpi ) {
+ mpi_normalize ( a );
*ret_mpi = a;
+ }
else
mpi_free(a);
return 0;
diff --git a/util/ChangeLog b/util/ChangeLog
index d1eba0291..68964a664 100644
--- a/util/ChangeLog
+++ b/util/ChangeLog
@@ -1,3 +1,10 @@
+Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de>
+
+ * iobuf.c: Use setmode() at several places to set stdin and stdout
+ to binary mode for MSDOS based systems
+
+ * iobuf.c (underflow): Initialize dummy_len to keep memory checker happy.
+
Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@>
* iobuf.c (iobuf_cancel): Broadcast the new Cancel message to all
diff --git a/util/iobuf.c b/util/iobuf.c
index ce63b55b8..f7035ae4c 100644
--- a/util/iobuf.c
+++ b/util/iobuf.c
@@ -28,6 +28,9 @@
#include <sys/stat.h>
#include <unistd.h>
#include <gcrypt.h>
+#ifdef HAVE_DOSISH_SYSTEM
+ #include <fcntl.h> /* for setmode() */
+#endif
#include "memory.h"
#include "util.h"
@@ -580,7 +583,10 @@ iobuf_open( const char *fname )
int print_only = 0;
if( !fname || (*fname=='-' && !fname[1]) ) {
- fp = stdin; /* fixme: set binary mode for msdoze */
+ fp = stdin;
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(fp) , O_BINARY );
+ #endif
fname = "[stdin]";
print_only = 1;
}
@@ -647,6 +653,9 @@ iobuf_create( const char *fname )
if( !fname || (*fname=='-' && !fname[1]) ) {
fp = stdout;
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(fp) , O_BINARY );
+ #endif
fname = "[stdout]";
print_only = 1;
}
@@ -742,7 +751,10 @@ iobuf_fopen( const char *fname, const char *mode )
int print_only = 0;
if( !fname || (*fname=='-' && !fname[1]) ) {
- fp = stdin; /* fixme: set binary mode for msdoze */
+ fp = stdin;
+ #ifdef HAVE_DOSISH_SYSTEM
+ setmode ( fileno(fp) , O_BINARY );
+ #endif
fname = "[stdin]";
print_only = 1;
}