diff options
| -rw-r--r-- | NEWS | 81 | ||||
| -rwxr-xr-x | checks/defs.inc | 2 | ||||
| -rw-r--r-- | cipher/pubkey.c | 24 | ||||
| -rw-r--r-- | g10/ChangeLog | 8 | ||||
| -rw-r--r-- | g10/gpg.c | 9 | ||||
| -rw-r--r-- | g10/keygen.c | 7 | ||||
| -rw-r--r-- | g10/plaintext.c | 7 | ||||
| -rw-r--r-- | g10/sig-check.c | 2 | ||||
| -rw-r--r-- | mpi/ChangeLog | 4 | ||||
| -rw-r--r-- | mpi/mpicoder.c | 20 | ||||
| -rw-r--r-- | util/ChangeLog | 7 | ||||
| -rw-r--r-- | util/iobuf.c | 16 |
12 files changed, 163 insertions, 24 deletions
@@ -1,6 +1,87 @@ +Noteworthy changes in the current CVS HEAD +------------------------------------------ * Removed option --emulate-checksum-bug + * Fixed expiration handling of encryption keys. + + * Add an experimental feature to do unattended key generation. + + * The user is now asked for the reason of revocation as required + by the new OpenPGP draft. + + * There is a ~/.gnupg/random_seed file now which saves the + state of the internal RNG and increases system performance + somewhat. This way the full entropy source is only used in + cases were it is really required. + Use the option --no-random-seed-file to disable this feature. + + * New options --ignore-time-conflict and --lock-never. + + * Some fixes for the W32 version. + + * The entropy.dll is not anymore used by the W32 version but replaced + by code derived from Cryptlib. + + * Encryption is now much faster: About 2 times for 1k bit keys + and 8 times for 4k keys. + + * New encryption keys are generated in a way which allows a much + faster decryption. + + * New command --export-secret-subkeys which outputs the + the _primary_ key with it's secret parts deleted. This is + useful for automated decryption/signature creation as it + allows to keep the real secret primary key offline and + thereby protecting the key certificates and allowing to + create revocations for the subkeys. See the FAQ for a + procedure to install such secret keys. + + * Keygeneration now writes to the first writeable keyring or + as default to the one in the homedirectory. Prior versions + ignored all --keyring options. + + * New option --command-fd to take user input from a file descriptor; + to be used with --status-fd by software which uses GnuPG as a backend. + + * There is a new status PROGRESS which is used to show progress during + key generation. + + * Support for the new MDC encryption packets. To create them either + --force-mdc must be use or cipher algorithm with a blocksize other + than 64 bits is to be used. --openpgp currently disables MDC packets + entirely. This option should not yet be used. + + * New option --no-auto-key-retrieve to disable retrieving of + a missing public key from a keyerver, when a keyerver has been set. + + * New command --verify-files. New option --fast-list-mode. + + * $http_proxy is now used when --honor-http-proxy is set. + + * Fixed some minor bugs and the problem with conventional encrypted + packets which did use the gpg v3 partial length headers. + + * Some more translations. + + * Fixed a bug with symmetric-only encryption using the non-default 3DES. + The option --emulate-3des-s2k-bug may be used to decrypt documents + which have been encrypted this way; this should be done immediately + as this workaround will be remove in 1.1 + + * Can now handle (but not display) PGP's photo IDs. I don't know the + format of that packet but after stripping a few bytes from the start + it looks like a JPEG (at least my test data). Handling of this + package is required because otherwise it would mix up the + self signatures and you can't import those keys. + + * Passing non-ascii user IDs on the commandline should now work in all + cases. + + * New keys are now generated with an additional preference to Blowfish. + + * Removed the GNU Privacy Handbook from the distribution because it + is now in the package GPH. Noteworthy changes in version 1.1.0 (1999-10-26) diff --git a/checks/defs.inc b/checks/defs.inc index d5fdc8af7..c975025da 100755 --- a/checks/defs.inc +++ b/checks/defs.inc @@ -29,6 +29,7 @@ exp_files="" LANG= LANGUAGE= LC_ALL= +LC_MESSAGES= #-------------------------------- #------ utility functions ------- @@ -105,5 +106,6 @@ no-greeting no-secmem-warning load-extension ../cipher/tiger batch +emulate-md-encode-bug EOF diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 7ef6f18b7..15487ad67 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -701,16 +701,9 @@ sexp_to_key( GCRY_SEXP sexp, int want_private, MPI **retarray, int *retalgo) :"public-key", 0 ); if( !list ) return GCRYERR_INV_OBJ; /* Does not contain a public- or private-key object */ - l2 = gcry_sexp_cdr( list ); - gcry_sexp_release ( list ); - list = l2; - if( !list ) - return GCRYERR_NO_OBJ; /* no cdr for the key object */ - l2 = gcry_sexp_car( list ); + l2 = gcry_sexp_cadr( list ); gcry_sexp_release ( list ); list = l2; - if( !list ) - return GCRYERR_NO_OBJ; /* no car for the key object */ name = gcry_sexp_car_data( list, &n ); if( !name ) { gcry_sexp_release ( list ); @@ -873,7 +866,7 @@ sexp_to_enc( GCRY_SEXP sexp, MPI **retarray, int *retalgo) list = gcry_sexp_find_token( sexp, "enc-val" , 0 ); if( !list ) return GCRYERR_INV_OBJ; /* Does not contain a encrypted value object */ - l2 = gcry_sexp_cdr( list ); + l2 = gcry_sexp_cadr( list ); gcry_sexp_release ( list ); list = l2; if( !list ) { @@ -1332,7 +1325,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) list = gcry_sexp_find_token( s_parms, "genkey", 0 ); if( !list ) return GCRYERR_INV_OBJ; /* Does not contain genkey data */ - l2 = gcry_sexp_cdr( list ); + l2 = gcry_sexp_cadr( list ); gcry_sexp_release ( list ); list = l2; if( !list ) @@ -1402,7 +1395,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) /* build the string */ nelem = 0; string = p = g10_xmalloc ( needed ); - p = stpcpy ( p, "(key-data(" ); + p = stpcpy ( p, "(key-data" ); p = stpcpy ( p, "(public-key(" ); p = stpcpy ( p, algo_name ); @@ -1412,7 +1405,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) p = stpcpy ( p, "%m)" ); mpis[nelem++] = skey[i]; } - strcpy ( p, "))" ); + p = stpcpy ( p, "))" ); p = stpcpy ( p, "(private-key(" ); p = stpcpy ( p, algo_name ); @@ -1422,14 +1415,14 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) p = stpcpy ( p, "%m)" ); mpis[nelem++] = skey[i]; } - strcpy ( p, "))" ); + p = stpcpy ( p, "))" ); p = stpcpy ( p, "(misc-key-info(pm1-factors" ); for(i=0; factors[i]; i++ ) { p = stpcpy ( p, "%m" ); mpis[nelem++] = factors[i]; } - strcpy ( p, "))" ); + strcpy ( p, ")))" ); while ( nelem < DIM(mpis) ) mpis[nelem++] = NULL; @@ -1439,6 +1432,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) * we have. which normally should be no problem as only those * with a corresponding %m are used */ + log_debug ("retstr=`%s'\n", string); if ( gcry_sexp_build ( r_key, NULL, string, mpis[0], mpis[1], mpis[2], mpis[3], mpis[4], mpis[5], mpis[6], mpis[7], mpis[8], mpis[9], mpis[10], mpis[11], @@ -1447,7 +1441,7 @@ gcry_pk_genkey( GCRY_SEXP *r_key, GCRY_SEXP s_parms ) mpis[24], mpis[25], mpis[26], mpis[27], mpis[28], mpis[29] ) ) BUG (); - assert ( DIM(mpis) == 29 ); + assert ( DIM(mpis) == 30 ); g10_free ( string ); } release_mpi_array ( skey ); diff --git a/g10/ChangeLog b/g10/ChangeLog index 893fed136..16abe9421 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,11 @@ +Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de> + + * sig-check.c (pk_verify): Fixed the S-Exp withe the pkey. + + * gpg.c (main): Use setmode(O_BINARY) for MSDOS while generating random bytes + (print_mds): Likewise for stdin. + * plaintext.c (handle_plaintext): Likewise for stdout. + Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de> * keyedit.c (menu_expire): expire date for primary key can be set again. @@ -25,6 +25,9 @@ #include <string.h> #include <ctype.h> #include <unistd.h> +#ifdef HAVE_DOSISH_SYSTEM + #include <fcntl.h> /* for setmode() */ +#endif #include <gcrypt.h> @@ -1449,6 +1452,9 @@ main( int argc, char **argv ) size_t n = !endless && count < 100? count : 100; p = gcry_random_bytes( n, level ); + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(stdout), O_BINARY ); + #endif fwrite( p, n, 1, stdout ); gcry_free(p); if( !endless ) @@ -1676,6 +1682,9 @@ print_mds( const char *fname, int algo, const char *key ) if( !fname ) { fp = stdin; + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(fp) , O_BINARY ); + #endif pname = gcry_xstrdup("[stdin]: "); } else { diff --git a/g10/keygen.c b/g10/keygen.c index 3b3d95e3b..3e22d05d0 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -254,7 +254,7 @@ key_from_sexp( GCRY_MPI *array, list = gcry_sexp_find_token( sexp, topname, 0 ); if( !list ) return GCRYERR_INV_OBJ; - l2 = gcry_sexp_cdr( list ); + l2 = gcry_sexp_cadr( list ); gcry_sexp_release ( list ); list = l2; if( !list ) @@ -311,6 +311,7 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp ) if( !list ) return GCRYERR_NO_OBJ; + #if 0 /* count factors */ ctx = NULL; for( n=0; (l2 = gcry_sexp_enum( list, &ctx, 0 )); n++ ) @@ -337,6 +338,10 @@ factors_from_sexp( MPI **retarray, GCRY_SEXP sexp ) } } } + #else + array = gcry_xcalloc( 1, sizeof *array ); + #warning dummy code here + #endif gcry_sexp_release ( list ); *retarray = array; diff --git a/g10/plaintext.c b/g10/plaintext.c index e3c7a865c..555dd1636 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -24,6 +24,10 @@ #include <string.h> #include <errno.h> #include <assert.h> +#ifdef HAVE_DOSISH_SYSTEM + #include <fcntl.h> /* for setmode() */ +#endif + #include "util.h" #include <gcrypt.h> #include "options.h" @@ -81,6 +85,9 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, else if( !*fname || (*fname=='-' && !fname[1])) { /* no filename or "-" given; write to stdout */ fp = stdout; + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(fp) , O_BINARY ); + #endif } else if( !overwrite_filep( fname ) ) { rc = GPGERR_CREATE_FILE; diff --git a/g10/sig-check.c b/g10/sig-check.c index ba392414a..85c8bfbc1 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -67,7 +67,7 @@ pk_verify( int algo, MPI hash, MPI *data, MPI *pkey, } else if( algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E ) { rc = gcry_sexp_build ( &s_pkey, NULL, - "(public-key(dsa(p%m)(g%m)(y%m)))", + "(public-key(elg(p%m)(g%m)(y%m)))", pkey[0], pkey[1], pkey[2] ); } else if( algo == GCRY_PK_RSA ) { diff --git a/mpi/ChangeLog b/mpi/ChangeLog index 6bdeaf254..97ae3cd22 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,7 @@ +Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de> + + * mpicoder.c (gcry_mpi_scan): Normalize the returned MPI. + Tue Jul 25 17:44:15 CEST 2000 Werner Koch <wk@openit.de> * config.links: Support for powerpc--netbsd by Gabriel Rosenkoetter. diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index bd79aca5d..9c68d7c9b 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -355,8 +355,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, else mpi_set_buffer( a, s, len, 0 ); } - if( ret_mpi ) + if( ret_mpi ) { + mpi_normalize ( a ); *ret_mpi = a; + } else mpi_free(a); return 0; @@ -365,8 +367,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, a = mpi_alloc( (len+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); if( len ) /* not zero */ mpi_set_buffer( a, buffer, len, 0 ); - if( ret_mpi ) + if( ret_mpi ) { + mpi_normalize ( a ); *ret_mpi = a; + } else mpi_free(a); return 0; @@ -375,8 +379,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, a = mpi_read_from_buffer( (char*)buffer, &len, 0 ); if( nbytes ) *nbytes = len; - if( ret_mpi ) + if( ret_mpi ) { + mpi_normalize ( a ); *ret_mpi = a; + } else mpi_free(a); return a? 0 : GCRYERR_INV_OBJ; @@ -405,8 +411,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, } if( nbytes ) *nbytes = n+4; - if( ret_mpi ) + if( ret_mpi ) { + mpi_normalize ( a ); *ret_mpi = a; + } else mpi_free(a); return 0; @@ -417,8 +425,10 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, a = mpi_alloc(0); if( mpi_fromstr( a, buffer ) ) return GCRYERR_INV_OBJ; - if( ret_mpi ) + if( ret_mpi ) { + mpi_normalize ( a ); *ret_mpi = a; + } else mpi_free(a); return 0; diff --git a/util/ChangeLog b/util/ChangeLog index d1eba0291..68964a664 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,10 @@ +Fri Jul 28 18:19:11 CEST 2000 Werner Koch <wk@openit.de> + + * iobuf.c: Use setmode() at several places to set stdin and stdout + to binary mode for MSDOS based systems + + * iobuf.c (underflow): Initialize dummy_len to keep memory checker happy. + Fri Jul 14 19:38:23 CEST 2000 Werner Koch <wk@> * iobuf.c (iobuf_cancel): Broadcast the new Cancel message to all diff --git a/util/iobuf.c b/util/iobuf.c index ce63b55b8..f7035ae4c 100644 --- a/util/iobuf.c +++ b/util/iobuf.c @@ -28,6 +28,9 @@ #include <sys/stat.h> #include <unistd.h> #include <gcrypt.h> +#ifdef HAVE_DOSISH_SYSTEM + #include <fcntl.h> /* for setmode() */ +#endif #include "memory.h" #include "util.h" @@ -580,7 +583,10 @@ iobuf_open( const char *fname ) int print_only = 0; if( !fname || (*fname=='-' && !fname[1]) ) { - fp = stdin; /* fixme: set binary mode for msdoze */ + fp = stdin; + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(fp) , O_BINARY ); + #endif fname = "[stdin]"; print_only = 1; } @@ -647,6 +653,9 @@ iobuf_create( const char *fname ) if( !fname || (*fname=='-' && !fname[1]) ) { fp = stdout; + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(fp) , O_BINARY ); + #endif fname = "[stdout]"; print_only = 1; } @@ -742,7 +751,10 @@ iobuf_fopen( const char *fname, const char *mode ) int print_only = 0; if( !fname || (*fname=='-' && !fname[1]) ) { - fp = stdin; /* fixme: set binary mode for msdoze */ + fp = stdin; + #ifdef HAVE_DOSISH_SYSTEM + setmode ( fileno(fp) , O_BINARY ); + #endif fname = "[stdin]"; print_only = 1; } |