New gpgsm server option no-encrypt-to.

Add caching for symkey encryption. Minor cleanups.
author: Werner Koch <wk@gnupg.org> 2009-05-18 19:38:34 +0200
committer: Werner Koch <wk@gnupg.org> 2009-05-18 19:38:34 +0200
commit: 387a51f9515fdfa26b5fa8bb22366844a315fd9c (patch)
tree: 026a801ad349e59e2e64c495a7478533cf627ecb
parent: Changed default algo and size. (diff)
download: gnupg2-387a51f9515fdfa26b5fa8bb22366844a315fd9c.tar.xz
gnupg2-387a51f9515fdfa26b5fa8bb22366844a315fd9c.zip
12 files changed, 70 insertions, 30 deletions
diff --git a/AUTHORS b/AUTHORS
index 6fb1fa8fd..54d6eb03e 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -20,6 +20,7 @@ Per Tunedal    <per@clipanish.com> Translations [sv]
 Daniel Nylander <po@danielnylander.se> Translations [sv]
 
 Daiki Ueno <ueno@unixuser.org>  Assigns Past and Future Changes.
+    (changed:passphrase.c and related code)
 
 David Shaw <dshaw@jabberwocky.com> Assigns past and future changes.
     (all in keyserver/,
diff --git a/Makefile.am b/Makefile.am
index ecc325797..ae98909e0 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -54,6 +54,11 @@ scd = scd
 else
 scd =
 endif
+#if BUILD_G13
+#g13 = g13
+#else
+#g13 =
+#endif
 if BUILD_TOOLS
 tools = tools
 else
@@ -72,7 +77,7 @@ tests = tests
 endif
 
 SUBDIRS = m4 gl include jnlib common ${kbx} \
- ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${tools} po ${doc} ${tests}
+ ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${g13} ${tools} po ${doc} ${tests}
 
 dist_doc_DATA = README
 
diff --git a/TODO b/TODO
index 45e221bda..e590db886 100644
--- a/TODO
+++ b/TODO
@@ -20,7 +20,6 @@
 ** replace leading zero in integer hack by a cleaner solution
 
 * sm/gpgsm.c
-** mark all unimplemented commands and options.
 ** Implement --default-key
 ** support the anyPolicy semantic
 ** Should we prefer nonRepudiation certs over plain signing certs?
diff --git a/configure.ac b/configure.ac
index 31a3516e9..2b769c2fc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1453,6 +1453,7 @@ g10/Makefile
 sm/Makefile
 agent/Makefile
 scd/Makefile
+g13/Makefile
 keyserver/Makefile
 keyserver/gpg2keys_mailto
 keyserver/gpg2keys_test
diff --git a/g10/ChangeLog b/g10/ChangeLog
index ef6817037..c3f62394a 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,15 @@
+2009-05-18  Daiki Ueno  <ueno@unixuser.org>  (wk)
+
+	* encode.c (encode_simple): Tell passphrase_to_dek to cache
+	the passphrase.
+	(setup_symkey): Ditto.
+	* mainproc.c (proc_symkey_enc): Tell passphrase_to_dek to cache
+	the passphrase.
+	(proc_encrypted): Ditto.
+	* passphrase.c (hash_passphrase): Remove arg CREATE.
+	(passphrase_to_dek): New mode 3 and 4 for caching passphrase for
+	symmetric encryption.
+
 2009-05-17  Werner Koch  <wk@g10code.com>
 
 	* keygen.c (ask_algo): Add arg R_SUBKEY_ALGO.  Change return value
diff --git a/g10/encode.c b/g10/encode.c
index 10c638f89..0c7dc4e22 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -216,7 +216,7 @@ encode_simple( const char *filename, int mode, int use_seskey )
 	s2k->mode = RFC1991? 0:opt.s2k_mode;
 	s2k->hash_algo=S2K_DIGEST_ALGO;
 	cfx.dek = passphrase_to_dek( NULL, 0,
-				     default_cipher_algo(), s2k, 2,
+				     default_cipher_algo(), s2k, 4,
                                      NULL, &canceled);
 	if( !cfx.dek || !cfx.dek->keylen ) {
 	    rc = gpg_error (canceled? GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE);
@@ -397,7 +397,7 @@ setup_symkey(STRING2KEY **symkey_s2k,DEK **symkey_dek)
   (*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO;
 
   *symkey_dek=passphrase_to_dek(NULL,0,opt.s2k_cipher_algo,
-				*symkey_s2k,2,NULL, &canceled);
+				*symkey_s2k, 4, NULL, &canceled);
   if(!*symkey_dek || !(*symkey_dek)->keylen)
     {
       xfree(*symkey_dek);
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 84a9de5f1..beab791b9 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -311,7 +311,7 @@ proc_symkey_enc( CTX c, PACKET *pkt )
 	  }
 	else
 	  {
-	    c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 0,
+	    c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 3,
                                         NULL, NULL);
 	    if(c->dek)
 	      {
@@ -548,7 +548,7 @@ proc_encrypted( CTX c, PACKET *pkt )
 		log_info (_("assuming %s encrypted data\n"), "IDEA");
 	      }
 
-	    c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL );
+	    c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 3, NULL, NULL );
 	    if (c->dek)
 	      c->dek->algo_info_printed = 1;
 	  }
diff --git a/g10/passphrase.c b/g10/passphrase.c
index f5d301398..84eedc211 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -50,11 +50,10 @@ static char *next_pw = NULL;
 static char *last_pw = NULL;
 
 
-/* Hash a passphrase using the supplied s2k. If create is true, create
-   a new salt or what else must be filled into the s2k for a new key.
-   always needs: dek->algo, s2k->mode, s2k->hash_algo.  */
+/* Hash a passphrase using the supplied s2k. 
+   Always needs: dek->algo, s2k->mode, s2k->hash_algo.  */
 static void
-hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k, int create )
+hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k)
 {
   gcry_md_hd_t md;
   int pass, i;
@@ -82,13 +81,6 @@ hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k, int create )
           int len2 = pwlen + 8;
           ulong count = len2;
           
-          if ( create && !pass )
-            {
-              gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
-              if ( s2k->mode == 3 )
-                s2k->count = opt.s2k_count;
-	    }
-
           if ( s2k->mode == 3 )
             {
               count = S2K_DECODE_COUNT(s2k->count);
@@ -441,7 +433,9 @@ passphrase_clear_cache ( u32 *keyid, const char *cacheid, int algo )
 
    MODE 0:  Allow cached passphrase
         1:  Ignore cached passphrase 
-        2:  Ditto, but change the text to "repeat entry"
+        2:  Ditto, but create a new key
+        3:  Allow cached passphrase; use the S2K salt as the cache ID
+        4:  Ditto, but create a new key
 */
 DEK *
 passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
@@ -461,6 +455,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
   
   if ( !s2k )
     {
+      assert (mode != 3 && mode != 4);
       /* This is used for the old rfc1991 mode 
        * Note: This must match the code in encode.c with opt.rfc1991 set */
       s2k = &help_s2k;
@@ -468,6 +463,15 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
       s2k->hash_algo = S2K_DIGEST_ALGO;
     }
 
+  /* Create a new salt or what else to be filled into the s2k for a
+     new key.  */
+  if ((mode == 2 || mode == 4) && (s2k->mode == 1 || s2k->mode == 3))
+    {
+      gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
+      if ( s2k->mode == 3 )
+        s2k->count = opt.s2k_count;
+    }
+
   /* If we do not have a passphrase available in NEXT_PW and status
      information are request, we print them now. */
   if ( !next_pw && is_status_enabled() ) 
@@ -565,10 +569,21 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
     }
   else 
     {
+      char *cacheid = NULL;
+      char buf[1+16+1];
+
+      if ((mode == 3 || mode == 4) && (s2k->mode == 1 || s2k->mode == 3))
+	{
+	  memset (buf, 0, sizeof buf);
+	  *buf = 'S';
+	  bin2hex (s2k->salt, 8, buf + 1);
+          cacheid = buf;
+	}
+
       /* Divert to the gpg-agent. */
-      pw = passphrase_get ( keyid, mode == 2, NULL,
-                            mode == 2? opt.passwd_repeat: 0,
-                            tryagain_text, custdesc, custprompt, canceled);
+      pw = passphrase_get (keyid, mode == 2, cacheid,
+                           (mode == 2 || mode == 4)? opt.passwd_repeat : 0,
+                           tryagain_text, custdesc, custprompt, canceled);
       if (*canceled)
         {
           xfree (pw);
@@ -585,10 +600,10 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
      get_last_passphrase(). */
   dek = xmalloc_secure_clear ( sizeof *dek );
   dek->algo = cipher_algo;
-  if ( !*pw && mode == 2 )
+  if ( !*pw && (mode == 2 || mode == 4))
     dek->keylen = 0;
   else
-    hash_passphrase( dek, pw, s2k, mode==2 );
+    hash_passphrase (dek, pw, s2k);
   xfree(last_pw);
   last_pw = pw;
   return dek;
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 8d574a6e0..9248043f5 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -19,6 +19,7 @@ common/miscellaneous.c
 common/asshelp.c
 common/audit.c
 common/helpfile.c
+common/gettime.c
 
 g10/armor.c
 g10/build-packet.c
diff --git a/sm/ChangeLog b/sm/ChangeLog
index 6936128de..150d680a3 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,10 @@
+2009-05-18  Werner Koch  <wk@g10code.com>
+
+	* server.c (option_handler): New option "no-encrypt-to".
+	(cmd_encrypt): Make use of it.
+
+	* gpgsm.c: Remove not implemented --verify-files.
+
 2009-04-02  Werner Koch  <wk@g10code.com>
 
 	* keylist.c (list_cert_std): Print card serial number.
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 8a2a1c0b9..cb9aaab44 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -66,7 +66,6 @@ enum cmd_and_opt_values {
   aDeleteKey,
   aImport,
   aVerify,
-  aVerifyFiles,
   aListExternalKeys,
   aListChain,
   aSendKeys,
@@ -191,7 +190,6 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")),
   ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")),
   ARGPARSE_c (aVerify, "verify",  N_("verify a signature")),
-  ARGPARSE_c (aVerifyFiles, "verify-files", "@"),
   ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
   ARGPARSE_c (aListExternalKeys, "list-external-keys", 
               N_("list external keys")),
@@ -1711,10 +1709,6 @@ main ( int argc, char **argv)
       }
       break;
 
-    case aVerifyFiles:
-      log_error (_("this command has not yet been implemented\n"));
-      break;
-
     case aDecrypt:
       {
         FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
diff --git a/sm/server.c b/sm/server.c
index 6b9eeb82d..dfd4f690f 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -51,6 +51,7 @@ struct server_local_s {
   certlist_t default_recplist; /* As set by main() - don't release. */
   int allow_pinentry_notify;   /* Set if pinentry notifications should
                                   be passed back to the client. */
+  int no_encrypt_to;           /* Local version of option.  */
 };
 
 
@@ -301,6 +302,10 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
       int i = *value? atoi (value) : 0;
       ctrl->with_ephemeral_keys = i;
     }
+  else if (!strcmp (key, "no-encrypt-to"))
+    {
+      ctrl->server_local->no_encrypt_to = 1;
+    }
   else
     return gpg_error (GPG_ERR_UNKNOWN_OPTION);
 
@@ -486,7 +491,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
   /* Now add all encrypt-to marked recipients from the default
      list. */
   rc = 0;
-  if (!opt.no_encrypt_to)
+  if (!opt.no_encrypt_to && !ctrl->server_local->no_encrypt_to)
     {
       for (cl=ctrl->server_local->default_recplist; !rc && cl; cl = cl->next)
         if (cl->is_encrypt_to)
author	Werner Koch <wk@gnupg.org>	2009-05-18 19:38:34 +0200
committer	Werner Koch <wk@gnupg.org>	2009-05-18 19:38:34 +0200
commit	387a51f9515fdfa26b5fa8bb22366844a315fd9c (patch)
tree	026a801ad349e59e2e64c495a7478533cf627ecb
parent	Changed default algo and size. (diff)
download	gnupg2-387a51f9515fdfa26b5fa8bb22366844a315fd9c.tar.xz gnupg2-387a51f9515fdfa26b5fa8bb22366844a315fd9c.zip