[svn] GnuPG - r4377 - in branches/STABLE-BRANCH-1-4: . checks cipher g10 include mpi tools
svn author wk
cvs at cvs.gnupg.org
Mon Dec 11 20:54:59 CET 2006
Author: wk
Date: 2006-12-11 20:54:53 +0100 (Mon, 11 Dec 2006)
New Revision: 4377
Modified:
branches/STABLE-BRANCH-1-4/ChangeLog
branches/STABLE-BRANCH-1-4/Makefile.am
branches/STABLE-BRANCH-1-4/checks/ChangeLog
branches/STABLE-BRANCH-1-4/checks/verify.test
branches/STABLE-BRANCH-1-4/cipher/ChangeLog
branches/STABLE-BRANCH-1-4/cipher/Makefile.am
branches/STABLE-BRANCH-1-4/cipher/dsa.c
branches/STABLE-BRANCH-1-4/cipher/elgamal.c
branches/STABLE-BRANCH-1-4/cipher/primegen.c
branches/STABLE-BRANCH-1-4/cipher/rsa.c
branches/STABLE-BRANCH-1-4/configure.ac
branches/STABLE-BRANCH-1-4/g10/ChangeLog
branches/STABLE-BRANCH-1-4/g10/Makefile.am
branches/STABLE-BRANCH-1-4/g10/gpg.c
branches/STABLE-BRANCH-1-4/g10/gpgv.c
branches/STABLE-BRANCH-1-4/g10/seskey.c
branches/STABLE-BRANCH-1-4/g10/sign.c
branches/STABLE-BRANCH-1-4/include/ChangeLog
branches/STABLE-BRANCH-1-4/include/mpi.h
branches/STABLE-BRANCH-1-4/mpi/ChangeLog
branches/STABLE-BRANCH-1-4/mpi/config.links
branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h
branches/STABLE-BRANCH-1-4/mpi/mpicoder.c
branches/STABLE-BRANCH-1-4/mpi/mpiutil.c
branches/STABLE-BRANCH-1-4/tools/ChangeLog
branches/STABLE-BRANCH-1-4/tools/Makefile.am
branches/STABLE-BRANCH-1-4/tools/bftest.c
branches/STABLE-BRANCH-1-4/tools/mpicalc.c
branches/STABLE-BRANCH-1-4/tools/shmtest.c
Log:
Removed the use of g10defs.h.
This required some code cleanups and the introduction of
a few accessor ducntions in mpi.
Modified: branches/STABLE-BRANCH-1-4/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,11 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * Makefile.am (DISTCLEANFILES): Removed g10defs.h.
+
+ * configure.ac (AC_CONFIG_COMMANDS): Removed creation of
+ g10defs.h.
+ (AH_BOTTOM): Moved stuff from g10defs.h to config.h.
+
2006-12-07 David Shaw <dshaw at jabberwocky.com>
* configure.ac: AM_CONDITIONAL must not be used inside an if/then.
Modified: branches/STABLE-BRANCH-1-4/Makefile.am
===================================================================
--- branches/STABLE-BRANCH-1-4/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377)
@@ -30,7 +30,7 @@
SUBDIRS = m4 intl zlib util mpi cipher tools g10 keyserver po doc ${checks}
EXTRA_DIST = scripts/config.rpath PROJECTS BUGS config.h.in autogen.sh
-DISTCLEANFILES = g10defs.h
+DISTCLEANFILES =
# Add all the files listed in "distfiles" files to the distribution,
# apply version numbers to some files and create a VERSION file which
Modified: branches/STABLE-BRANCH-1-4/checks/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/checks/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/checks/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,7 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * verify.test (msg_clsclss_asc): Work around a bug in OpenBSD.
+
2006-04-19 David Shaw <dshaw at jabberwocky.com>
* sigs.test, mds.test: Add tests for SHA-224, SHA-384, and
Modified: branches/STABLE-BRANCH-1-4/checks/verify.test
===================================================================
--- branches/STABLE-BRANCH-1-4/checks/verify.test 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/checks/verify.test 2006-12-11 19:54:53 UTC (rev 4377)
@@ -226,6 +226,9 @@
#
# Now run the tests.
#
+# Note that we need to use set +x/-x for the base case check
+# to work around a bug in OpenBSD's sh
+#
for i in $tests ; do
info "checking: $i"
eval "(IFS=; echo \"\$$i\")" >x
@@ -236,10 +239,14 @@
msg_*_asc_multisig)
$GPG --verify --allow-multisig-verification x \
|| error "verify of $i failed"
+ set +x
$GPG --verify x && error "verify of $i succeeded but should not"
+ set -x
;;
bad_*_asc)
+ set +x
$GPG --verify x && error "verify of $i succeeded but should not"
+ set -x
;;
*)
error "No handler for test case $i"
Modified: branches/STABLE-BRANCH-1-4/cipher/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,19 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+
+ * elgamal.c (test_keys): Use new mpi_nlimb_hint_from_nbits
+ function. This also rounds up the value.
+ (generate): Use new mpi_nlimb_hint_from_nbits function.
+ * rsa.c (test_keys): Ditto.
+ (generate): Ditto.
+ (rsa_verify): Ditto.
+ * primegen.c (generate_elg_prime): Ditto.
+ (gen_prime): Ditto.
+ * dsa.c (test_keys): Ditto. This also rounds up the value.
+
+ * Makefile.am (AM_CPPFLAGS): Use instead of INCLUDES. define
+ GNUPG_LIBDIR.
+
2006-11-03 Werner Koch <wk at g10code.com>
* random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not
Modified: branches/STABLE-BRANCH-1-4/cipher/Makefile.am
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377)
@@ -19,8 +19,13 @@
## Process this file with automake to produce Makefile.in
-INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+AM_CPPFLAGS = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+if ! HAVE_DOSISH_SYSTEM
+AM_CPPFLAGS += -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\""
+endif
+
+
noinst_LIBRARIES = libcipher.a
libcipher_a_SOURCES = cipher.c \
Modified: branches/STABLE-BRANCH-1-4/cipher/dsa.c
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/dsa.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/dsa.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -138,9 +138,9 @@
test_keys( DSA_secret_key *sk, unsigned qbits )
{
DSA_public_key pk;
- MPI test = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
- MPI out1_a = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
- MPI out1_b = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
+ MPI test = mpi_alloc ( mpi_nlimb_hint_from_nbits (qbits) );
+ MPI out1_a = mpi_alloc ( mpi_nlimb_hint_from_nbits (qbits) );
+ MPI out1_b = mpi_alloc( mpi_nlimb_hint_from_nbits (qbits) );
pk.p = sk->p;
pk.q = sk->q;
Modified: branches/STABLE-BRANCH-1-4/cipher/elgamal.c
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/elgamal.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/elgamal.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -118,13 +118,13 @@
}
static void
-test_keys( ELG_secret_key *sk, unsigned nbits )
+test_keys( ELG_secret_key *sk, unsigned int nbits )
{
ELG_public_key pk;
MPI test = mpi_alloc( 0 );
- MPI out1_a = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
- MPI out1_b = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
- MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
+ MPI out1_a = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ MPI out1_b = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ MPI out2 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
pk.p = sk->p;
pk.g = sk->g;
@@ -244,9 +244,9 @@
unsigned int xbits;
byte *rndbuf;
- p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- qbits = wiener_map( nbits );
+ p_min1 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ temp = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ qbits = wiener_map ( nbits );
if( qbits & 1 ) /* better have a even one */
qbits++;
g = mpi_alloc(1);
@@ -271,7 +271,7 @@
xbits = qbits * 3 / 2;
if( xbits >= nbits )
BUG();
- x = mpi_alloc_secure( xbits/BITS_PER_MPI_LIMB );
+ x = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (xbits) );
if( DBG_CIPHER )
log_debug("choosing a random x of size %u", xbits );
rndbuf = NULL;
@@ -296,7 +296,7 @@
} while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) );
xfree(rndbuf);
- y = mpi_alloc(nbits/BITS_PER_MPI_LIMB);
+ y = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
mpi_powm( y, g, x, p );
if( DBG_CIPHER ) {
Modified: branches/STABLE-BRANCH-1-4/cipher/primegen.c
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/primegen.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/primegen.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -132,7 +132,7 @@
if( DBG_CIPHER )
log_debug("gen prime: pbits=%u qbits=%u fbits=%u/%u n=%d\n",
pbits, req_qbits, qbits, fbits, n );
- prime = mpi_alloc( (pbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB );
+ prime = mpi_alloc ( mpi_nlimb_hint_from_nbits (pbits) );
q = gen_prime( qbits, 0, 0 );
q_factor = mode==1? gen_prime( req_qbits, 0, 0 ) : NULL;
@@ -318,8 +318,8 @@
no_of_small_prime_numbers++;
}
mods = xmalloc( no_of_small_prime_numbers * sizeof *mods );
- /* make nbits fit into MPI implementation */
- nlimbs = (nbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB;
+ /* Make nbits fit into MPI implementation. */
+ nlimbs = mpi_nlimb_hint_from_nbits (nbits);
val_2 = mpi_alloc_set_ui( 2 );
val_3 = mpi_alloc_set_ui( 3);
prime = secret? mpi_alloc_secure( nlimbs ): mpi_alloc( nlimbs );
Modified: branches/STABLE-BRANCH-1-4/cipher/rsa.c
===================================================================
--- branches/STABLE-BRANCH-1-4/cipher/rsa.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/cipher/rsa.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -62,9 +62,9 @@
test_keys( RSA_secret_key *sk, unsigned nbits )
{
RSA_public_key pk;
- MPI test = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- MPI out1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- MPI out2 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ MPI test = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ MPI out1 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
+ MPI out2 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
pk.n = sk->n;
pk.e = sk->e;
@@ -107,7 +107,7 @@
if ( (nbits&1) )
nbits++;
- n = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ n = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
p = q = NULL;
do {
@@ -127,9 +127,9 @@
/* calculate Euler totient: phi = (p-1)(q-1) */
t1 = mpi_alloc_secure( mpi_get_nlimbs(p) );
t2 = mpi_alloc_secure( mpi_get_nlimbs(p) );
- phi = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- g = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
- f = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ phi = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) );
+ g = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) );
+ f = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) );
mpi_sub_ui( t1, p, 1 );
mpi_sub_ui( t2, q, 1 );
mpi_mul( phi, t1, t2 );
@@ -147,16 +147,16 @@
This code used 41 until 2006-06-28 when it was changed to use
65537 as the new best practice. See FIPS-186-3.
*/
- e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ e = mpi_alloc ( mpi_nlimb_hint_from_nbits (32) );
mpi_set_ui( e, 65537);
while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */
mpi_add_ui( e, e, 2);
/* calculate the secret key d = e^1 mod phi */
- d = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ d = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
mpi_invm(d, e, f );
/* calculate the inverse of p and q (used for chinese remainder theorem)*/
- u = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+ u = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) );
mpi_invm(u, p, q );
if( DBG_CIPHER ) {
@@ -443,7 +443,7 @@
return G10ERR_PUBKEY_ALGO;
pk.n = pkey[0];
pk.e = pkey[1];
- result = mpi_alloc( (160+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB);
+ result = mpi_alloc ( mpi_nlimb_hint_from_nbits (160) );
public( result, data[0], &pk );
rc = mpi_cmp( result, hash )? G10ERR_BAD_SIGN:0;
mpi_free(result);
Modified: branches/STABLE-BRANCH-1-4/configure.ac
===================================================================
--- branches/STABLE-BRANCH-1-4/configure.ac 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/configure.ac 2006-12-11 19:54:53 UTC (rev 4377)
@@ -417,24 +417,65 @@
/* We didn't define endianness above, so get it from OS macros. This
is intended for making fat binary builds on OS X. */
#if !defined(BIG_ENDIAN_HOST) && !defined(LITTLE_ENDIAN_HOST)
-#if defined(__BIG_ENDIAN__)
-#define BIG_ENDIAN_HOST 1
-#elif defined(__LITTLE_ENDIAN__)
-#define LITTLE_ENDIAN_HOST 1
-#else
-#error "No endianness found"
+# if defined(__BIG_ENDIAN__)
+# define BIG_ENDIAN_HOST 1
+# elif defined(__LITTLE_ENDIAN__)
+# define LITTLE_ENDIAN_HOST 1
+# else
+# error "No endianness found"
+# endif
#endif
-#endif
#if !(defined(HAVE_FORK) && defined(HAVE_PIPE) && defined(HAVE_WAITPID))
-#define EXEC_TEMPFILE_ONLY
+# define EXEC_TEMPFILE_ONLY
#endif
+/* Please note that the string version must not contain more
+ than one character because the using code assumes strlen()==1 */
+#ifdef HAVE_DOSISH_SYSTEM
+# define DIRSEP_C '\\'
+# define EXTSEP_C '.'
+# define DIRSEP_S "\\"
+# define EXTSEP_S "."
+# define PATHSEP_C ';'
+# define PATHSEP_S ";"
+#else
+# define DIRSEP_C '/'
+# define EXTSEP_C '.'
+# define DIRSEP_S "/"
+# define EXTSEP_S "."
+# define PATHSEP_C ':'
+# define PATHSEP_S ":"
+#endif
+
+
+/* For some OSes we need to use fixed strings for certain directories. */
+#ifdef HAVE_DRIVE_LETTERS
+# define LOCALEDIR "c:\\\\lib\\\\gnupg\\\\locale"
+# define GNUPG_LIBDIR "c:\\\\lib\\\\gnupg"
+# define GNUPG_LIBEXECDIR "c:\\\\lib\\\\gnupg"
+# define GNUPG_DATADIR "c:\\\\lib\\\\gnupg"
+# define GNUPG_HOMEDIR "c:\\\\gnupg"
+#else
+# ifdef __VMS
+# define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg"
+# else
+# define GNUPG_HOMEDIR "~/.gnupg"
+# endif
+#endif
+
+
/* This is the major version number of GnuPG so that
source included files can test for this. */
#define GNUPG_MAJOR_VERSION 1
-#include "g10defs.h"
+/* This is the same as VERSION, but should be overridden if the
+ platform cannot handle things like dots'.' in filenames. Set
+ SAFE_VERSION_DOT and SAFE_VERSION_DASH to whatever SAFE_VERSION
+ uses for dots and dashes. */
+#define SAFE_VERSION VERSION
+#define SAFE_VERSION_DOT '.'
+#define SAFE_VERSION_DASH '-'
#endif /*GNUPG_CONFIG_H_INCLUDED*/
])
@@ -1333,71 +1374,6 @@
***]])
fi
-# Note the \\\\ for backslashes. Autoconf eats one layer, leaving \\
-
-AC_CONFIG_COMMANDS(g10defs.h,[[
-cat >g10defs.tmp <<G10EOF
-/* Generated automatically by configure */
-#ifdef HAVE_DRIVE_LETTERS
-#define G10_LOCALEDIR "c:\\\\lib\\\\gnupg\\\\locale"
-#define GNUPG_LIBDIR "c:\\\\lib\\\\gnupg"
-#define GNUPG_LIBEXECDIR "c:\\\\lib\\\\gnupg"
-#define GNUPG_DATADIR "c:\\\\lib\\\\gnupg"
-#define GNUPG_HOMEDIR "c:\\\\gnupg"
-#else
-#define G10_LOCALEDIR "${datadir}/locale"
-#define GNUPG_LIBDIR "${libdir}/gnupg"
-#ifdef __VMS
-#define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg"
-#else
-#define GNUPG_HOMEDIR "~/.gnupg"
-#endif
-#endif
-/* those are here to be redefined by handcrafted g10defs.h.
- Please note that the string version must not contain more
- than one character because the using code assumes strlen()==1 */
-#ifdef HAVE_DOSISH_SYSTEM
-#define DIRSEP_C '\\\\'
-#define EXTSEP_C '.'
-#define DIRSEP_S "\\\\"
-#define EXTSEP_S "."
-#define PATHSEP_C ';'
-#define PATHSEP_S ";"
-#else
-#define DIRSEP_C '/'
-#define EXTSEP_C '.'
-#define DIRSEP_S "/"
-#define EXTSEP_S "."
-#define PATHSEP_C ':'
-#define PATHSEP_S ":"
-#endif
-/* This is the same as VERSION, but should be overridden if the
- platform cannot handle things like dots'.' in filenames. Set
- SAFE_VERSION_DOT and SAFE_VERSION_DASH to whatever SAFE_VERSION
- uses for dots and dashes. */
-#define SAFE_VERSION VERSION
-#define SAFE_VERSION_DOT '.'
-#define SAFE_VERSION_DASH '-'
-G10EOF
-cat mpi/mpi-asm-defs.h >>g10defs.tmp
-if cmp -s g10defs.h g10defs.tmp 2>/dev/null; then
- echo "g10defs.h is unchanged"
- rm -f g10defs.tmp
-else
- rm -f g10defs.h
- mv g10defs.tmp g10defs.h
- echo "g10defs.h created"
-fi
-]],[[
-prefix=$prefix
-exec_prefix=$exec_prefix
-libdir=$libdir
-libexecdir=$libexecdir
-datadir=$datadir
-DATADIRNAME=$DATADIRNAME
-]])
-
-
AC_CONFIG_FILES([
Makefile
m4/Makefile
Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,13 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * seskey.c (encode_session_key, do_encode_md): Use new
+ mpi_nlimb_hint_from_nbytes function.
+ * sign.c (do_sign): Ditto.
+
+ * Makefile.am (AM_CPPFLAGS): Define GNUPG_LIBDIR.
+ * gpgv.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/.
+ * gpg.c (i18n_init): Ditto.
+
2006-12-07 Werner Koch <wk at g10code.com>
* Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR.
@@ -31,6 +41,11 @@
re-prompt for a passphrase to ensure the user has typed it
correctly. Defaults to 1.
+2006-12-02 Werner Koch <wk at g10code.com>
+
+ * encr-data.c: Allocate DFX context on the heap and not on the
+ stack. Changes at several places. Fixes CVE-2006-6235.
+
2006-11-27 Werner Koch <wk at g10code.com>
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
Modified: branches/STABLE-BRANCH-1-4/g10/Makefile.am
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377)
@@ -26,8 +26,10 @@
#OMIT_DEPENDENCIES = zlib.h zconf.h
if ! HAVE_DOSISH_SYSTEM
+AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\""
AM_CPPFLAGS += -DGNUPG_LIBEXECDIR="\"$(libexecdir)/@PACKAGE@\""
AM_CPPFLAGS += -DGNUPG_DATADIR="\"$(pkgdatadir)\""
+AM_CPPFLAGS += -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\""
endif
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -886,7 +886,7 @@
#else
#ifdef ENABLE_NLS
setlocale( LC_ALL, "" );
- bindtextdomain( PACKAGE, G10_LOCALEDIR );
+ bindtextdomain (PACKAGE, LOCALEDIR);
textdomain( PACKAGE );
#endif
#endif
Modified: branches/STABLE-BRANCH-1-4/g10/gpgv.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -122,7 +122,7 @@
#else
#ifdef ENABLE_NLS
setlocale( LC_ALL, "" );
- bindtextdomain( PACKAGE, G10_LOCALEDIR );
+ bindtextdomain (PACKAGE, LOCALEDIR);
textdomain( PACKAGE );
#endif
#endif
Modified: branches/STABLE-BRANCH-1-4/g10/seskey.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/seskey.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/seskey.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -138,7 +138,7 @@
frame[n++] = csum >>8;
frame[n++] = csum;
assert( n == nframe );
- a = mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+ a = mpi_alloc_secure ( mpi_nlimb_hint_from_nbytes (nframe) );
mpi_set_buffer( a, frame, nframe, 0 );
xfree(frame);
return a;
@@ -175,9 +175,9 @@
memcpy( frame+n, asn, asnlen ); n += asnlen;
memcpy( frame+n, md_read(md, algo), len ); n += len;
assert( n == nframe );
- a = md_is_secure(md)?
- mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB )
- : mpi_alloc( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+ a = (md_is_secure(md)
+ ? mpi_alloc_secure ( mpi_nlimb_hint_from_nbytes (nframe) )
+ : mpi_alloc ( mpi_nlimb_hint_from_nbytes (nframe )));
mpi_set_buffer( a, frame, nframe, 0 );
xfree(frame);
@@ -250,9 +250,9 @@
return NULL;
}
- frame = md_is_secure(md)? mpi_alloc_secure((qbytes+BYTES_PER_MPI_LIMB-1)
- / BYTES_PER_MPI_LIMB )
- : mpi_alloc((qbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
+ frame = (md_is_secure(md)
+ ? mpi_alloc_secure (mpi_nlimb_hint_from_nbytes (qbytes) )
+ : mpi_alloc ( mpi_nlimb_hint_from_nbytes (qbytes) ));
mpi_set_buffer( frame, md_read(md, hash_algo), qbytes, 0 );
}
Modified: branches/STABLE-BRANCH-1-4/g10/sign.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/sign.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/g10/sign.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -308,8 +308,7 @@
xfree (snbuf);
if (!rc)
{
- sig->data[0] = mpi_alloc ( (rbuflen+BYTES_PER_MPI_LIMB-1)
- / BYTES_PER_MPI_LIMB );
+ sig->data[0] = mpi_alloc ( mpi_nlimb_hint_from_nbytes (rbuflen) );
mpi_set_buffer (sig->data[0], rbuf, rbuflen, 0);
xfree (rbuf);
}
Modified: branches/STABLE-BRANCH-1-4/include/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/include/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/include/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,12 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * mpi.h (mpi_is_neg, mpi_get_nlimbs): Replaced macros by function
+ prototypes.
+ (struct gcry_mpi): Changed to a forward declaration.
+ (mpi_limb_t): Moved to ../mpi/mpi-internal.h.
+ (MPI_NULL): Removed.
+ (mpi_is_opaque, mpi_is_secure): Implement in terms of mpi_get_flags.
+
2006-12-04 Werner Koch <wk at g10code.com>
* iobuf.h (iobuf_t): New. That is the name we use in 2.0.
Modified: branches/STABLE-BRANCH-1-4/include/mpi.h
===================================================================
--- branches/STABLE-BRANCH-1-4/include/mpi.h 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/include/mpi.h 2006-12-11 19:54:53 UTC (rev 4377)
@@ -37,23 +37,6 @@
#include "types.h"
#include "memory.h"
-#if BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_INT
- typedef unsigned int mpi_limb_t;
- typedef signed int mpi_limb_signed_t;
-#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG
- typedef unsigned long int mpi_limb_t;
- typedef signed long int mpi_limb_signed_t;
-#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG_LONG
- typedef unsigned long long int mpi_limb_t;
- typedef signed long long int mpi_limb_signed_t;
-#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_SHORT
- typedef unsigned short int mpi_limb_t;
- typedef signed short int mpi_limb_signed_t;
-#else
-#error BYTES_PER_MPI_LIMB does not match any C type
-#endif
-#define BITS_PER_MPI_LIMB (8*BYTES_PER_MPI_LIMB)
-
#ifndef EXTERN_UNLESS_MAIN_MODULE
#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
#define EXTERN_UNLESS_MAIN_MODULE extern
@@ -66,24 +49,10 @@
EXTERN_UNLESS_MAIN_MODULE int mpi_debug_mode;
-struct gcry_mpi {
- int alloced; /* array size (# of allocated limbs) */
- int nlimbs; /* number of valid limbs */
- unsigned int nbits; /* the real number of valid bits (info only) */
- int sign; /* indicates a negative number */
- unsigned flags; /* bit 0: array must be allocated in secure memory space */
- /* bit 1: not used */
- /* bit 2: the limb is a pointer to some xmalloced data */
- mpi_limb_t *d; /* array with the limbs */
-};
-
+struct gcry_mpi;
typedef struct gcry_mpi *MPI;
-#define MPI_NULL NULL
-#define mpi_get_nlimbs(a) ((a)->nlimbs)
-#define mpi_is_neg(a) ((a)->sign)
-
/*-- mpiutil.c --*/
#ifdef M_DEBUG
@@ -107,10 +76,10 @@
void mpi_resize( MPI a, unsigned nlimbs );
MPI mpi_copy( MPI a );
#endif
-#define mpi_is_opaque(a) ((a) && ((a)->flags&4))
+#define mpi_is_opaque(a) ((a) && (mpi_get_flags (a)&4))
MPI mpi_set_opaque( MPI a, void *p, unsigned int len );
void *mpi_get_opaque( MPI a, unsigned int *len );
-#define mpi_is_secure(a) ((a) && ((a)->flags&1))
+#define mpi_is_secure(a) ((a) && (mpi_get_flags (a)&1))
void mpi_set_secure( MPI a );
void mpi_clear( MPI a );
void mpi_set( MPI w, MPI u);
@@ -118,6 +87,11 @@
MPI mpi_alloc_set_ui( unsigned long u);
void mpi_m_check( MPI a );
void mpi_swap( MPI a, MPI b);
+int mpi_get_nlimbs (MPI a);
+int mpi_is_neg (MPI a);
+unsigned int mpi_nlimb_hint_from_nbytes (unsigned int nbytes);
+unsigned int mpi_nlimb_hint_from_nbits (unsigned int nbits);
+unsigned int mpi_get_flags (MPI a);
/*-- mpicoder.c --*/
int mpi_write( IOBUF out, MPI a );
Modified: branches/STABLE-BRANCH-1-4/mpi/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/mpi/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/mpi/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,15 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * mpi-internal.h: Include mpi-asm-defs.h.
+ (mpi_limb_t): Moved definition from mpi.h to here.
+ (struct gcry_mpi): Moved from mpi.h to here.
+ * mpiutil.c (mpi_get_nlimbs, mpi_is_neg): New. To replace the
+ macros. This helps hiding details of the MPI implementation.
+ (mpi_nlimb_hint_from_nbytes, mpi_nlimb_hint_from_nbits): Ditto.
+ (mpi_get_flags): Ditto.
+ * mpicoder.c (mpi_read, mpi_read_from_buffer, mpi_print):
+ s/MPI_NULL/NULL/.
+
2005-09-01 David Shaw <dshaw at jabberwocky.com>
* mpicoder.c (mpi_read): Fix minor bug in reading a zero-length
Modified: branches/STABLE-BRANCH-1-4/mpi/config.links
===================================================================
--- branches/STABLE-BRANCH-1-4/mpi/config.links 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/mpi/config.links 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,4 +1,4 @@
-# config.links - helper for ../configure
+# config.links - helper for ../configure -*- sh -*-
# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
# 2004 Free Software Foundation, Inc.
#
Modified: branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h
===================================================================
--- branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h 2006-12-11 19:54:53 UTC (rev 4377)
@@ -32,7 +32,39 @@
#define G10_MPI_INTERNAL_H
#include "mpi.h"
+#include "mpi-asm-defs.h"
+#if BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_INT
+ typedef unsigned int mpi_limb_t;
+ typedef signed int mpi_limb_signed_t;
+#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG
+ typedef unsigned long int mpi_limb_t;
+ typedef signed long int mpi_limb_signed_t;
+#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG_LONG
+ typedef unsigned long long int mpi_limb_t;
+ typedef signed long long int mpi_limb_signed_t;
+#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_SHORT
+ typedef unsigned short int mpi_limb_t;
+ typedef signed short int mpi_limb_signed_t;
+#else
+#error BYTES_PER_MPI_LIMB does not match any C type
+#endif
+#define BITS_PER_MPI_LIMB (8*BYTES_PER_MPI_LIMB)
+
+
+struct gcry_mpi {
+ int alloced; /* array size (# of allocated limbs) */
+ int nlimbs; /* number of valid limbs */
+ unsigned int nbits; /* the real number of valid bits (info only) */
+ int sign; /* indicates a negative number */
+ unsigned flags; /* bit 0: array must be allocated in secure memory space */
+ /* bit 1: not used */
+ /* bit 2: the limb is a pointer to some xmalloced data */
+ mpi_limb_t *d; /* array with the limbs */
+};
+
+
+
/* If KARATSUBA_THRESHOLD is not already defined, define it to a
* value which is good on most machines. */
Modified: branches/STABLE-BRANCH-1-4/mpi/mpicoder.c
===================================================================
--- branches/STABLE-BRANCH-1-4/mpi/mpicoder.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/mpi/mpicoder.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -78,7 +78,7 @@
unsigned int nmax = *ret_nread;
unsigned nbits, nbytes, nlimbs, nread=0;
mpi_limb_t a;
- MPI val = MPI_NULL;
+ MPI val = NULL;
if (nread == nmax)
goto overflow;
@@ -148,7 +148,7 @@
int i, j;
unsigned nbits, nbytes, nlimbs, nread=0;
mpi_limb_t a;
- MPI val = MPI_NULL;
+ MPI val = NULL;
if( *ret_nread < 2 )
goto leave;
@@ -180,7 +180,7 @@
checksum didn't caught it. */
log_info ("mpi larger than buffer\n");
mpi_free (val);
- val = MPI_NULL;
+ val = NULL;
goto leave;
}
a <<= 8;
@@ -280,7 +280,7 @@
{
int i, n=0;
- if( a == MPI_NULL )
+ if( a == NULL )
return fprintf(fp, "[MPI_NULL]");
if( !mode ) {
unsigned int n1;
Modified: branches/STABLE-BRANCH-1-4/mpi/mpiutil.c
===================================================================
--- branches/STABLE-BRANCH-1-4/mpi/mpiutil.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/mpi/mpiutil.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -379,7 +379,7 @@
/****************
* This function allocates an MPI which is optimized to hold
- * a value as large as the one given in the arhgument and allocates it
+ * a value as large as the one given in the argument and allocates it
* with the same flags as A.
*/
MPI
@@ -468,3 +468,40 @@
tmp = *a; *a = *b; *b = tmp;
}
+
+
+int
+mpi_get_nlimbs (MPI a)
+{
+ return a->nlimbs;
+}
+
+
+int
+mpi_is_neg (MPI a)
+{
+ return a->sign;
+}
+
+
+/* Return the number of limbs to store an MPI which is specified by
+ the number of bytes to represent it. */
+unsigned int
+mpi_nlimb_hint_from_nbytes (unsigned int nbytes)
+{
+ return (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB;
+}
+
+/* Return the number of limbs to store an MPI which is specified by
+ the number of bytes to represent it. */
+unsigned int
+mpi_nlimb_hint_from_nbits (unsigned int nbits)
+{
+ return (nbits+BITS_PER_MPI_LIMB-1) / BITS_PER_MPI_LIMB;
+}
+
+unsigned int
+mpi_get_flags (MPI a)
+{
+ return a->flags;
+}
Modified: branches/STABLE-BRANCH-1-4/tools/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/tools/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/tools/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377)
@@ -1,3 +1,10 @@
+2006-12-11 Werner Koch <wk at g10code.com>
+
+ * Makefile.am (AM_CPPFLAGS): Use in place of INCLUDES. Define
+ LOCALEDIR.
+ * shmtest.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/.
+ * mpicalc.c (i18n_init): Ditto.
+
2006-04-20 David Shaw <dshaw at jabberwocky.com>
* make-dns-cert.c (main): Small exit code tweak from Peter
Modified: branches/STABLE-BRANCH-1-4/tools/Makefile.am
===================================================================
--- branches/STABLE-BRANCH-1-4/tools/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/tools/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377)
@@ -20,10 +20,17 @@
## Process this file with automake to produce Makefile.in
EXTRA_DIST = lspgpot ring-a-party mail-signed-keys convert-from-106
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
+
+AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/intl
+
+if ! HAVE_DOSISH_SYSTEM
+AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\""
+endif
+
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
other_libs = $(LIBICONV) $(LIBINTL) $(CAPLIBS)
+
bin_PROGRAMS = gpgsplit
noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest make-dns-cert
Modified: branches/STABLE-BRANCH-1-4/tools/bftest.c
===================================================================
--- branches/STABLE-BRANCH-1-4/tools/bftest.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/tools/bftest.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -50,7 +50,7 @@
{
#ifdef ENABLE_NLS
setlocale( LC_ALL, "" );
- bindtextdomain( PACKAGE, G10_LOCALEDIR );
+ bindtextdomain (PACKAGE, LOCALEDIR);
textdomain( PACKAGE );
#endif
}
Modified: branches/STABLE-BRANCH-1-4/tools/mpicalc.c
===================================================================
--- branches/STABLE-BRANCH-1-4/tools/mpicalc.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/tools/mpicalc.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -68,7 +68,7 @@
{
#ifdef ENABLE_NLS
setlocale( LC_ALL, "" );
- bindtextdomain( PACKAGE, G10_LOCALEDIR );
+ bindtextdomain (PACKAGE, LOCALEDIR);
textdomain( PACKAGE );
#endif
}
Modified: branches/STABLE-BRANCH-1-4/tools/shmtest.c
===================================================================
--- branches/STABLE-BRANCH-1-4/tools/shmtest.c 2006-12-08 11:30:13 UTC (rev 4376)
+++ branches/STABLE-BRANCH-1-4/tools/shmtest.c 2006-12-11 19:54:53 UTC (rev 4377)
@@ -57,7 +57,7 @@
{
#ifdef ENABLE_NLS
setlocale( LC_ALL, "" );
- bindtextdomain( PACKAGE, G10_LOCALEDIR );
+ bindtextdomain (PACKAGE, LOCALEDIR);
textdomain( PACKAGE );
#endif
}
More information about the Gnupg-commits
mailing list