[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-373-g65c6314
by Werner Koch
cvs at cvs.gnupg.org
Wed Apr 6 20:19:15 CEST 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 65c63144b66392f40b991684789b8b793248e3ba (commit)
from 6f386ceae86a058e26294f744750f1ed2a95e604 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 65c63144b66392f40b991684789b8b793248e3ba
Author: Werner Koch <wk at gnupg.org>
Date: Wed Apr 6 20:16:19 2016 +0200
Allow building with configure option --enable-hmac-binary-check.
* src/Makefile.am (mpicalc_LDADD): Add DL_LIBS.
* src/fips.c (check_binary_integrity): Allow use of hmac256 output.
* src/hmac256.c (main): Add option --stdkey
--
Note that when using that configure option "make check" won't work in
one go. Instead use
make
cd src/.libs
../hmac256 --stdkey '' libgcrypt.so.20 >.libgcrypt.so.20.hmac
cd ../..
make check
Reported-by: Burt Silverman
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/src/Makefile.am b/src/Makefile.am
index aee2828..3cc4a55 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -131,7 +131,7 @@ dumpsexp_LDADD = $(arch_gpg_error_libs)
mpicalc_SOURCES = mpicalc.c
mpicalc_CFLAGS = $(GPG_ERROR_CFLAGS)
-mpicalc_LDADD = libgcrypt.la $(GPG_ERROR_LIBS)
+mpicalc_LDADD = libgcrypt.la $(DL_LIBS) $(GPG_ERROR_LIBS)
hmac256_SOURCES = hmac256.c
hmac256_CFLAGS = -DSTANDALONE $(arch_gpg_error_cflags)
diff --git a/src/fips.c b/src/fips.c
index 3311ba2..af3fe2c 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -637,11 +637,15 @@ check_binary_integrity (void)
int n;
/* The HMAC files consists of lowercase hex digits
- only with an optional trailing linefeed. Fail if
- there is any garbage. */
+ with an optional trailing linefeed or optional
+ with two trailing spaces. The latter format
+ allows the use of the usual sha1sum format. Fail
+ if there is any garbage. */
err = gpg_error (GPG_ERR_SELFTEST_FAILED);
n = fread (buffer, 1, sizeof buffer, fp);
- if (n == 64 || (n == 65 && buffer[64] == '\n'))
+ if (n == 64
+ || (n == 65 && buffer[64] == '\n')
+ || (n == 66 && buffer[64] == ' ' && buffer[65] == ' '))
{
buffer[64] = 0;
for (n=0, s= buffer;
diff --git a/src/hmac256.c b/src/hmac256.c
index 6b62ed3..ca1eb75 100644
--- a/src/hmac256.c
+++ b/src/hmac256.c
@@ -646,6 +646,7 @@ main (int argc, char **argv)
size_t n, dlen, idx;
int use_stdin = 0;
int use_binary = 0;
+ int use_stdkey = 0;
assert (sizeof (u32) == 4);
#ifdef __WIN32
@@ -689,11 +690,16 @@ main (int argc, char **argv)
argc--; argv++;
use_binary = 1;
}
+ else if (!strcmp (*argv, "--stdkey"))
+ {
+ argc--; argv++;
+ use_stdkey = 1;
+ }
}
if (argc < 1)
{
- fprintf (stderr, "usage: %s [--binary] key [filename]\n", pgm);
+ fprintf (stderr, "usage: %s [--binary] [--stdkey] key [filename]\n", pgm);
exit (1);
}
@@ -702,7 +708,7 @@ main (int argc, char **argv)
setmode (fileno (stdout), O_BINARY);
#endif
- key = *argv;
+ key = use_stdkey? "What am I, a doctor or a moonshuttle conductor?" : *argv;
argc--, argv++;
keylen = strlen (key);
use_stdin = !argc;
-----------------------------------------------------------------------
Summary of changes:
src/Makefile.am | 2 +-
src/fips.c | 10 +++++++---
src/hmac256.c | 10 ++++++++--
3 files changed, 16 insertions(+), 6 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list