Editorial changes and allow building with old libgcrypts.

Changed order of some conditional to make to put the special case into the true branch. Indentation changes. Minor other changes to make the ECC code more similar to the rest of our code. It builds but many sefltests still fail. Need to fix that before using it with an ECDH enabled libgcrypt. [/] 2011-01-21 Werner Koch <wk@g10code.com> * configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP. (HAVE_GCRY_PK_ECDH): Add new test. [agent/] 2011-01-21 Werner Koch <wk@g10code.com> * cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New. [include/] 2011-01-21 Werner Koch <wk@g10code.com> * cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros because we now require libgcrypt 1.4.6. (GCRY_PK_ECDH): Add replacement.
author: Werner Koch <wk@gnupg.org> 2011-01-21 12:00:57 +0100
committer: Werner Koch <wk@gnupg.org> 2011-01-21 12:00:57 +0100
commit: 90b0ff23b7e51332592668e4034967c1aac1c593 (patch)
tree: a3ef4cbd4c679a954a2cceba218b54cc2e2e9be5 /agent
parent: Add ignore file (diff)
download: gnupg2-90b0ff23b7e51332592668e4034967c1aac1c593.tar.xz
gnupg2-90b0ff23b7e51332592668e4034967c1aac1c593.zip
4 files changed, 31 insertions, 43 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog
index ce1fdccd8..699282754 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,7 @@
+2011-01-21  Werner Koch  <wk@g10code.com>
+
+	* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.
+
 2010-12-02  Werner Koch  <wk@g10code.com>
 
 	* gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL) [W32CE]: Set to 60
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index 73c31f786..02c2bc841 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -28,6 +28,13 @@
 #include "i18n.h"
 #include "cvt-openpgp.h"
 
+/* Macros for compatibility with older libgcrypt versions. */
+#ifndef HAVE_GCRY_PK_ECDSA
+# define GCRY_PK_ECDH  302
+#endif
+
+
+
 
 /* Helper to pass data via the callback to do_unprotect. */
 struct try_do_unprotect_arg_s 
@@ -100,8 +107,8 @@ get_keygrip (int pubkey_algo, gcry_mpi_t *pkey, unsigned char *grip)
 
 
 /* Convert a secret key given as algorithm id and an array of key
-   parameters into our s-expression based format. 
-   pubkey_algo is a libgcrypt ID
+   parameters into our s-expression based format.  Note that
+   PUBKEY_ALGO is a standard id and not an OpenPGP id.
  */
 static gpg_error_t
 convert_secret_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey)
@@ -111,7 +118,8 @@ convert_secret_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey)
 
   *r_key = NULL;
 
-  pubkey_algo = map_pk_openpgp_to_gcry( pubkey_algo );
+  /* FIXME: This is not consistent with the above comment.  */
+  pubkey_algo = map_pk_openpgp_to_gcry (pubkey_algo);
 
   switch (pubkey_algo)
     {
@@ -224,9 +232,9 @@ do_unprotect (const char *passphrase,
 
   *r_key = NULL;
 
- /* Unfortunately, the OpenPGP PK algorithm numbers need to be re-mapped for Libgcrypt
-  */
-  pubkey_algo = map_pk_openpgp_to_gcry( pubkey_algo );
+ /* Unfortunately, the OpenPGP PK algorithm numbers need to be
+    re-mapped for Libgcrypt.    */
+  pubkey_algo = map_pk_openpgp_to_gcry (pubkey_algo);
 
   /* Count the actual number of MPIs is in the array and set the
      remainder to NULL for easier processing later on.  */
@@ -655,7 +663,7 @@ convert_from_openpgp (ctrl_t ctrl, gcry_sexp_t s_pgp,
   string = gcry_sexp_nth_string (list, 1);
   if (!string)
     goto bad_seckey;
-  pubkey_algo = gcry_pk_map_name (string);	/* ligcrypt IDs */
+  pubkey_algo = gcry_pk_map_name (string);
   xfree (string);
 
   if (gcry_pk_algo_info (pubkey_algo, GCRYCTL_GET_ALGO_NPKEY, NULL, &npkey)
@@ -1022,7 +1030,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
     }
   
   algo = gcry_pk_map_name (name);
-  log_debug ( "convert to openpgp begin for algo=%s\n", name );
   xfree (name);
 
   switch (algo)
@@ -1052,7 +1059,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
   err = apply_protection (array, npkey, nskey, passphrase,
                           GCRY_CIPHER_AES, protect_iv, sizeof protect_iv,
                           3, GCRY_MD_SHA1, salt, s2k_count);
-  ///log_debug ( "convert to openpgp: after applying protection, err = %d\n", err );
   /* Turn it into the transfer key S-expression.  Note that we always
      return a protected key.  */
   if (!err)
@@ -1082,8 +1088,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
       put_membuf_str (&mbuf, ")\n");
       put_membuf (&mbuf, "", 1);
 
-      ///log_debug ( "convert to openpgp: calling gcry_sexp_build\n" );
-
       tmpkey = NULL;
       {
         char *format = get_membuf (&mbuf, NULL);
@@ -1093,7 +1097,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
           err = gcry_sexp_build_array (&tmpkey, NULL, format, format_args);
         xfree (format);
       }
-      ///log_debug ( "convert to openpgp: calling gcry_sexp_build before err=%d\n", err );
       if (!err)
         err = gcry_sexp_build (&tmpsexp, NULL,
                                "(openpgp-private-key\n"
@@ -1106,7 +1109,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
                                (int)sizeof protect_iv, protect_iv,
                                (int)sizeof salt, salt,
                                countbuf);
-      ///log_debug ( "convert to openpgp: after gcry_sexp_build, err = %d\n", err );
       gcry_sexp_release (tmpkey);
       if (!err)
         err = make_canon_sexp_pad (tmpsexp, 0, r_transferkey, r_transferkeylen);
@@ -1116,8 +1118,5 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
   for (i=0; i < DIM (array); i++)
     gcry_mpi_release (array[i]);
 
-  log_debug ( "convert to openpgp end with err=%d\n", err );
-  
   return err;
 }
-
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index d85283a5e..db9039278 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -2304,6 +2304,8 @@ check_for_running_agent (int silent, int mode)
 }
 
 /* TODO: it is also in misc, which is not linked with the agent */
+/* FIXME: The agent should not know about openpgp internals - weel
+   except for some stuff in cvt-openpgp.  */
 int
 map_pk_openpgp_to_gcry (int algo)
 {
diff --git a/agent/protect.c b/agent/protect.c
index d14665363..d0a5fe9e3 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -43,7 +43,7 @@
 
 
 /* A table containing the information needed to create a protected
-   private key */
+   private key.  */
 static struct {
   const char *algo;
   const char *parmlist;
@@ -428,9 +428,6 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
   unsigned char *p;
   gcry_md_hd_t md;
 
-  if (opt.debug & DBG_CRYPTO_VALUE)
-   log_info ("Protecting key=%s, passphrase=%s\n", plainkey, passphrase);
-
   /* Create an S-expression with the protected-at timestamp.  */
   memcpy (timestamp_exp, "(12:protected-at15:", 19);
   gnupg_get_isotime (timestamp_exp+19);
@@ -459,55 +456,41 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
   for (infidx=0; protect_info[infidx].algo
               && !smatch (&s, n, protect_info[infidx].algo); infidx++)
     ;
-  if (!protect_info[infidx].algo)  {
-    log_info ("Unsupported alg %d for protection\n", protect_info[infidx].algo);
+  if (!protect_info[infidx].algo)
     return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); 
-  }
 
   prot_begin = prot_end = NULL;
   for (i=0; (c=protect_info[infidx].parmlist[i]); i++)
     {
       if (i == protect_info[infidx].prot_from)
         prot_begin = s;
-      if (*s != '(')  {
-        log_info ("Unbalanced bracket in S-expression #1\n");
+      if (*s != '(')
         return gpg_error (GPG_ERR_INV_SEXP);
-      }
       depth++;
       s++;
       n = snext (&s);
-      if (!n)  {
-        log_info ("Cannot get the length of S-expression field\n");
+      if (!n)
         return gpg_error (GPG_ERR_INV_SEXP); 
-      }
-      if (n != 1 || c != *s)  {
-        log_info ("Invalid length in S-expression field\n");
+      if (n != 1 || c != *s)
         return gpg_error (GPG_ERR_INV_SEXP); 
-     } 
-     s += n;
+      s += n;
       n = snext (&s);
-      if (!n)  {
-        log_info ("Invalid fieled in S-expression field\n");
+      if (!n)
         return gpg_error (GPG_ERR_INV_SEXP); 
-      }
       s +=n; /* skip value */
-      if (*s != ')')  {
-        log_info ("Unbalanced bracket in S-expression #2\n");
+      if (*s != ')')
         return gpg_error (GPG_ERR_INV_SEXP); 
-      }
       depth--;
       if (i == protect_info[infidx].prot_to)
         prot_end = s;
       s++;
     }
-  if (*s != ')' || !prot_begin || !prot_end )  {
-    log_info ("Unbalanced bracket in S-expression #3\n");
+  if (*s != ')' || !prot_begin || !prot_end )
     return gpg_error (GPG_ERR_INV_SEXP); 
-  }
   depth--;
   hash_end = s;
   s++;
-  /* skip to the end of the S-exp */
+  /* Skip to the end of the S-expression.  */
   assert (depth == 1);
   rc = sskip (&s, &depth);
   if (rc)
author	Werner Koch <wk@gnupg.org>	2011-01-21 12:00:57 +0100
committer	Werner Koch <wk@gnupg.org>	2011-01-21 12:00:57 +0100
commit	90b0ff23b7e51332592668e4034967c1aac1c593 (patch)
tree	a3ef4cbd4c679a954a2cceba218b54cc2e2e9be5 /agent
parent	Add ignore file (diff)
download	gnupg2-90b0ff23b7e51332592668e4034967c1aac1c593.tar.xz gnupg2-90b0ff23b7e51332592668e4034967c1aac1c593.zip