[svn] gcry - r1185 - in trunk: . cipher doc src tests
svn author wk
cvs at cvs.gnupg.org
Tue Oct 17 19:44:53 CEST 2006
Author: wk
Date: 2006-10-17 19:44:49 +0200 (Tue, 17 Oct 2006)
New Revision: 1185
Modified:
trunk/AUTHORS
trunk/ChangeLog
trunk/NEWS
trunk/THANKS
trunk/TODO
trunk/acinclude.m4
trunk/cipher/ChangeLog
trunk/cipher/dsa.c
trunk/cipher/md.c
trunk/cipher/pubkey.c
trunk/doc/ChangeLog
trunk/doc/Makefile.am
trunk/doc/gcrypt.texi
trunk/src/ChangeLog
trunk/src/cipher.h
trunk/src/global.c
trunk/src/libgcrypt.m4
trunk/src/module.c
trunk/src/sexp.c
trunk/tests/ChangeLog
trunk/tests/keygen.c
trunk/tests/tsexp.c
Log:
Various minor changes.
Support for DSA2.
Modified: trunk/AUTHORS
===================================================================
--- trunk/AUTHORS 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/AUTHORS 2006-10-17 17:44:49 UTC (rev 1185)
@@ -74,9 +74,9 @@
added SHA-224, changed cipher/sha256.c, added HMAC tests.)
-Hye-Shik Chang <perky at FreeBSD.org>
-Wrote SEED cipher and put it into the Public domain. See mail to
-gcrypt-devel at gnupg.org on 2006-07-12 <20060712143738.GA54909 at FreeBSD.org>.
+LIBGCRYPT Hye-Shik Chang 2006-09-07
+Assigns Past and Future Changes
+perky at freebsd.org
(SEED cipher)
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/ChangeLog 2006-10-17 17:44:49 UTC (rev 1185)
@@ -20,6 +20,12 @@
(AC_CONFIG_FILES): Add src/gcrypt.h.
(AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.
+2006-10-02 Werner Koch <wk at g10code.com>
+
+ * acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Test on HOST and not
+ TARGET. Hardwire for mingw32. Allow setting via command line when
+ cross compiling.
+
2006-08-29 Werner Koch <wk at g10code.com>
* configure.ac (USE_SEED): New.
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/NEWS 2006-10-17 17:44:49 UTC (rev 1185)
@@ -16,6 +16,10 @@
* gcry_mpi_rshift does not anymore truncate the shift count.
+ * Reserved algorithm ranges for use by applications.
+
+ * Support for DSA2.
+
* Interface changes relative to the 1.2.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gcry_fast_random_poll NEW
Modified: trunk/THANKS
===================================================================
--- trunk/THANKS 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/THANKS 2006-10-17 17:44:49 UTC (rev 1185)
@@ -60,6 +60,7 @@
Katsuhiro Kondou kondou at nec.co.jp
Kazu Yamamoto kazu at iijlab.net
Lars Kellogg-Stedman lars at bu.edu
+Lee Fisher blibbet at gmail dot com
Marco d'Itri md at linux.it
Mark Adler madler at alumni.caltech.edu
Mark Elbrecht snowball3 at bigfoot.com
Modified: trunk/TODO
===================================================================
--- trunk/TODO 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/TODO 2006-10-17 17:44:49 UTC (rev 1185)
@@ -64,5 +64,6 @@
* gry_mpi_lshift is missing
+* Add OAEP
Modified: trunk/acinclude.m4
===================================================================
--- trunk/acinclude.m4 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/acinclude.m4 2006-10-17 17:44:49 UTC (rev 1185)
@@ -69,13 +69,18 @@
# Taken from GnuPG 1.2 and modified to use the libtool macros.
AC_DEFUN([GNUPG_SYS_SYMBOL_UNDERSCORE],
[tmp_do_check="no"
-case "${target}" in
+case "${host}" in
+ *-mingw32msvc*)
+ ac_cv_sys_symbol_underscore=yes
+ ;;
i386-emx-os2 | i[3456]86-pc-os2*emx | i386-pc-msdosdjgpp)
ac_cv_sys_symbol_underscore=yes
;;
*)
if test "$cross_compiling" = yes; then
- ac_cv_sys_symbol_underscore=yes
+ if test "x$ac_cv_sys_symbol_underscore" = x ; then
+ ac_cv_sys_symbol_underscore=yes
+ fi
else
tmp_do_check="yes"
fi
Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/ChangeLog 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,16 @@
+2006-10-17 Werner Koch <wk at g10code.com>
+
+ * dsa.c (_gcry_dsa_generate2): New.
+ (generate): New arg QBITS. Add sanity checks for reasonable qbits
+ and nbits.
+ * pubkey.c (gcry_pk_genkey): Parse an qbits element.
+ (pubkey_generate): New arg QBITS. Pass it to the DSA generation.
+
+2006-10-05 Werner Koch <wk at g10code.com>
+
+ * md.c (gcry_md_algo_info) <get_asnoid>: Check that the algo is
+ available.
+
2006-10-04 David Shaw <dshaw at jabberwocky.com> (wk)
* tiger.c (round): Rename to tiger_round as gcc 4 has a built-in
Modified: trunk/cipher/dsa.c
===================================================================
--- trunk/cipher/dsa.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/dsa.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,5 +1,6 @@
/* dsa.c - DSA signature scheme
- * Copyright (C) 1998, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2000, 2001, 2002, 2003,
+ * 2006 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -50,7 +51,9 @@
static gcry_mpi_t gen_k (gcry_mpi_t q);
static void test_keys (DSA_secret_key *sk, unsigned qbits);
static int check_secret_key (DSA_secret_key *sk);
-static gpg_err_code_t generate (DSA_secret_key *sk, unsigned nbits,
+static gpg_err_code_t generate (DSA_secret_key *sk,
+ unsigned int nbits,
+ unsigned int qbits,
gcry_mpi_t **ret_factors);
static void sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input,
DSA_secret_key *skey);
@@ -173,7 +176,8 @@
and an array with the n-1 factors of (p-1)
*/
static gpg_err_code_t
-generate( DSA_secret_key *sk, unsigned nbits, gcry_mpi_t **ret_factors )
+generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
+ gcry_mpi_t **ret_factors )
{
gcry_mpi_t p; /* the prime */
gcry_mpi_t q; /* the 160 bit prime factor */
@@ -181,22 +185,28 @@
gcry_mpi_t y; /* g^x mod p */
gcry_mpi_t x; /* the secret exponent */
gcry_mpi_t h, e; /* helper */
- unsigned qbits;
unsigned char *rndbuf;
- if ( nbits >= 512 && nbits <= 1024 )
+ if (qbits)
+ ; /* Caller supplied qbits. Use this value. */
+ else if ( nbits >= 512 && nbits <= 1024 )
qbits = 160;
else if ( nbits == 2048 )
qbits = 224;
else if ( nbits == 3072 )
qbits = 256;
-/* else if ( nbits == 7680 ) */
-/* qbits = 384; */
-/* else if ( nbits == 15360 ) */
-/* qbits = 512; */
+ else if ( nbits == 7680 )
+ qbits = 384;
+ else if ( nbits == 15360 )
+ qbits = 512;
else
return GPG_ERR_INV_VALUE;
+ if (qbits < 160 || qbits > 512 || (qbits%8) )
+ return GPG_ERR_INV_VALUE;
+ if (nbits < 2*qbits || nbits > 15360)
+ return GPG_ERR_INV_VALUE;
+
p = _gcry_generate_elg_prime( 1, nbits, qbits, NULL, ret_factors );
/* get q out of factors */
q = mpi_copy((*ret_factors)[0]);
@@ -382,13 +392,13 @@
*********************************************/
gcry_err_code_t
-_gcry_dsa_generate (int algo, unsigned nbits, unsigned long dummy,
+_gcry_dsa_generate (int algo, unsigned int nbits, unsigned long dummy,
gcry_mpi_t *skey, gcry_mpi_t **retfactors)
{
gpg_err_code_t err;
DSA_secret_key sk;
- err = generate (&sk, nbits, retfactors);
+ err = generate (&sk, nbits, 0, retfactors);
if (!err)
{
skey[0] = sk.p;
@@ -402,7 +412,34 @@
}
+/* We don't want to break our API. Thus we use a hack in pubkey.c to
+ link directly to this function. Note that we can't reuse the dummy
+ parameter because we can't be sure that applicaions accidently pass
+ a USE_E (that is for what dummy is used with RSA) to a DSA
+ generation. */
gcry_err_code_t
+_gcry_dsa_generate2 (int algo, unsigned int nbits, unsigned int qbits,
+ unsigned long dummy,
+ gcry_mpi_t *skey, gcry_mpi_t **retfactors)
+{
+ gpg_err_code_t err;
+ DSA_secret_key sk;
+
+ err = generate (&sk, nbits, qbits, retfactors);
+ if (!err)
+ {
+ skey[0] = sk.p;
+ skey[1] = sk.q;
+ skey[2] = sk.g;
+ skey[3] = sk.y;
+ skey[4] = sk.x;
+ }
+
+ return err;
+}
+
+
+gcry_err_code_t
_gcry_dsa_check_secret_key (int algo, gcry_mpi_t *skey)
{
gcry_err_code_t err = GPG_ERR_NO_ERROR;
Modified: trunk/cipher/md.c
===================================================================
--- trunk/cipher/md.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/md.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1101,27 +1101,31 @@
break;
case GCRYCTL_GET_ASNOID:
- {
- const char unsigned *asn;
- size_t asnlen;
-
- asn = md_asn_oid (algo, &asnlen, NULL);
- if (buffer && (*nbytes >= asnlen))
+ /* We need to check that the algo is available because
+ md_asn_oid would otherwise raise an assertion. */
+ err = check_digest_algo (algo);
+ if (!err)
+ {
+ const char unsigned *asn;
+ size_t asnlen;
+
+ asn = md_asn_oid (algo, &asnlen, NULL);
+ if (buffer && (*nbytes >= asnlen))
{
memcpy (buffer, asn, asnlen);
*nbytes = asnlen;
}
- else if ((! buffer) && nbytes)
- *nbytes = asnlen;
- else
- {
- if (buffer)
- err = GPG_ERR_TOO_SHORT;
- else
- err = GPG_ERR_INV_ARG;
- }
- break;
- }
+ else if ((! buffer) && nbytes)
+ *nbytes = asnlen;
+ else
+ {
+ if (buffer)
+ err = GPG_ERR_TOO_SHORT;
+ else
+ err = GPG_ERR_INV_ARG;
+ }
+ }
+ break;
default:
err = GPG_ERR_INV_OP;
Modified: trunk/cipher/pubkey.c
===================================================================
--- trunk/cipher/pubkey.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/pubkey.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -467,7 +467,8 @@
static gcry_err_code_t
-pubkey_generate (int algorithm, unsigned int nbits, unsigned long use_e,
+pubkey_generate (int algorithm, unsigned int nbits, unsigned int qbits,
+ unsigned long use_e,
gcry_mpi_t *skey, gcry_mpi_t **retfactors)
{
gcry_err_code_t err = GPG_ERR_PUBKEY_ALGO;
@@ -479,8 +480,13 @@
pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
if (pubkey)
{
- err = ((gcry_pk_spec_t *) pubkey->spec)->generate
- (algorithm, nbits, use_e, skey, retfactors);
+ /* Hack to pass QBITS to the DSA generation. */
+ if (qbits && pubkey->spec == &_gcry_pubkey_spec_dsa)
+ err = _gcry_dsa_generate2
+ (algorithm, nbits, qbits, 0, skey, retfactors);
+ else
+ err = ((gcry_pk_spec_t *) pubkey->spec)->generate
+ (algorithm, nbits, use_e, skey, retfactors);
_gcry_module_release (pubkey);
}
ath_mutex_unlock (&pubkeys_registered_lock);
@@ -1862,6 +1868,7 @@
gcry_mpi_t skey[10], *factors = NULL;
unsigned int nbits = 0;
unsigned long use_e = 0;
+ unsigned int qbits;
char *name_terminated;
REGISTER_DEFAULT_PUBKEYS;
@@ -1941,6 +1948,28 @@
else
use_e = 65537; /* Not given, use the value generated by old versions. */
+ /* Handle the optional qbits element. */
+ l2 = gcry_sexp_find_token (list, "qbits", 0);
+ if (l2)
+ {
+ char buf[50];
+
+ name = gcry_sexp_nth_data (l2, 1, &n);
+ if ((! name) || (n >= DIM (buf) - 1))
+ {
+ rc = GPG_ERR_INV_OBJ; /* No value or value too large. */
+ goto leave;
+ }
+ memcpy (buf, name, n);
+ buf[n] = 0;
+ qbits = (unsigned int)strtoul (buf, NULL, 0);
+ gcry_sexp_release (l2);
+ l2 = NULL;
+ }
+ else
+ qbits = 0;
+
+ /* Now parse the required nbits element. */
l2 = gcry_sexp_find_token (list, "nbits", 0);
gcry_sexp_release (list);
list = l2;
@@ -1970,7 +1999,7 @@
nbits = (unsigned int) strtoul (name_terminated, NULL, 0);
gcry_free (name_terminated);
- rc = pubkey_generate (module->mod_id, nbits, use_e, skey, &factors);
+ rc = pubkey_generate (module->mod_id, nbits, qbits, use_e, skey, &factors);
if (rc)
goto leave;
Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/ChangeLog 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,7 @@
+2006-09-19 Werner Koch <wk at g10code.com>
+
+ * Makefile.am (online): New target.
+
2006-08-29 Werner Koch <wk at g10code.com>
* gcrypt.texi (Available ciphers): Add missing ciphers.
Modified: trunk/doc/Makefile.am
===================================================================
--- trunk/doc/Makefile.am 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/Makefile.am 2006-10-17 17:44:49 UTC (rev 1185)
@@ -22,3 +22,12 @@
info_TEXINFOS = gcrypt.texi
gcrypt_TEXINFOS = lgpl.texi gpl.texi
+
+online: gcrypt.html gcrypt.pdf
+ set -e; \
+ echo "Uploading current manuals to www.gnupg.org ..."; \
+ user=werner ; \
+ (cd gcrypt.html && rsync -vr --exclude='.svn' . \
+ $${user}@cvs.gnupg.org:webspace/manuals/gcrypt/ ); \
+ rsync -v gcrypt.pdf $${user}@cvs.gnupg.org:webspace/manuals/
+
Modified: trunk/doc/gcrypt.texi
===================================================================
--- trunk/doc/gcrypt.texi 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/gcrypt.texi 2006-10-17 17:44:49 UTC (rev 1185)
@@ -2326,7 +2326,7 @@
influence the operation. These flags have to be listed in a
sub-S-expression named `flags'; the following flags are known:
- at table @var
+ at table @code
@item pkcs1
Use PKCS#1 block type 2 padding.
@item no-blinding
@@ -2694,7 +2694,8 @@
@table @code
@item nbits
This is always required to specify the length of the key. The argument
-is a string with a number in C-notation.
+is a string with a number in C-notation. The value should be a multiple
+of 8.
@item rsa-use-e
This is only used with RSA to give a hint for the public exponent. The
@@ -2715,7 +2716,27 @@
If this parameter is not used, @acronym{Libgcrypt} uses for historic reasons
65537.
+ at item qbits
+This is only meanigful for DSA keys. If it is given the DSA key is
+generated with a Q parameyer of this size. If it is not given or zero
+Q is deduced from NBITS in this way:
+ at table @samp
+ at item 512 <= N <= 1024
+Q = 160
+ at item N = 2048
+Q = 224
+ at item N = 3072
+Q = 256
+ at item N = 7680
+Q = 384
+w at item N = 15360
+Q = 512
@end table
+Note, that in this case only the values for N, as given in the table,
+are allowed. When specifying Q all values of N in the range 512 to
+15680 are valid as long as they are multiples of 8.
+
+ at end table
@c end table of parameters
@noindent
Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/ChangeLog 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,11 @@
+2006-10-05 Werner Koch <wk at g10code.com>
+
+ * module.c (_gcry_module_id_new): Don't assign modules in the range
+ the range of 1024..4096.
+ * gcrypt.h (GCRY_MD_USER, GCRY_MD_USER_LAST): New
+ (GCRY_PK_USER, GCRY_PK_USER_LAST): New.
+ (GCRY_CIPHER_USER, GCRY_CIPHER_USER_LAST): New.
+
2006-10-12 Marcus Brinkmann <marcus at g10code.de>
* gcrypt.h.in: Replace socklen_t with gcry_socklen_t.
@@ -12,8 +20,14 @@
* gcrypt.h.in: ... this file.
* Makefile.am (EXTRA_DIST): Add gcrypt.h.in.
+2006-09-04 Werner Koch <wk at g10code.com>
+
+ * gcrypt.h: Removed some trailing comma in enums.
+
2006-08-29 Werner Koch <wk at g10code.com>
+ * global.c (gcry_xrealloc): Pass secure flag to outofcore handler.
+
* gcrypt.h (GCRY_CIPHER_SEED): New.
2006-08-21 Werner Koch <wk at g10code.com>
Modified: trunk/src/cipher.h
===================================================================
--- trunk/src/cipher.h 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/cipher.h 2006-10-17 17:44:49 UTC (rev 1185)
@@ -35,6 +35,12 @@
/*-- dsa.c --*/
void _gcry_register_pk_dsa_progress (gcry_handler_progress_t cbc, void *cb_data);
+gcry_err_code_t _gcry_dsa_generate2 (int algo, unsigned int nbits,
+ unsigned int qbits,
+ unsigned long dummy,
+ gcry_mpi_t *skey,
+ gcry_mpi_t **retfactors);
+
/*-- elgamal.c --*/
void _gcry_register_pk_elg_progress (gcry_handler_progress_t cb, void *cb_data);
/*-- primegen.c --*/
Modified: trunk/src/global.c
===================================================================
--- trunk/src/global.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/global.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -644,7 +644,8 @@
while ( !(p = gcry_realloc( a, n )) ) {
if( !outofcore_handler
- || !outofcore_handler( outofcore_handler_value, n, 2 ) ) {
+ || !outofcore_handler( outofcore_handler_value, n,
+ gcry_is_secure(a)? 3:2 ) ) {
_gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
}
}
Modified: trunk/src/libgcrypt.m4
===================================================================
--- trunk/src/libgcrypt.m4 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/libgcrypt.m4 2006-10-17 17:44:49 UTC (rev 1185)
@@ -89,7 +89,7 @@
AC_MSG_RESULT(okay)
else
ok=no
- AC_MSG_RESULT([does not match (want=$req_libgcrypt_api got=$tmp)])
+ AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp])
fi
fi
fi
Modified: trunk/src/module.c
===================================================================
--- trunk/src/module.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/module.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -22,23 +22,36 @@
#include <errno.h>
#include "g10lib.h"
+/* Please match these numbers with the allocated algorithm
+ numbers. */
#define MODULE_ID_MIN 600
+#define MODULE_ID_LAST 65500
+#define MODULE_ID_USER 1024
+#define MODULE_ID_USER_LAST 4095
+#if MODULE_ID_MIN >= MODULE_ID_USER
+#error Need to implement a different search strategy
+#endif
+
/* Internal function. Generate a new, unique module ID for a module
that should be inserted into the module chain starting at
MODULES. */
static gcry_err_code_t
_gcry_module_id_new (gcry_module_t modules, unsigned int *id_new)
{
- /* FIXME, what should be the ID of the first module registered by
- the user? */
- unsigned int id_min = MODULE_ID_MIN, id_max = (unsigned int) -1, mod_id;
+ unsigned int mod_id;
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_module_t module;
/* Search for unused ID. */
- for (mod_id = id_min; mod_id < id_max; mod_id++)
+ for (mod_id = MODULE_ID_MIN; mod_id < MODULE_ID_LAST; mod_id++)
{
+ if (mod_id == MODULE_ID_USER)
+ {
+ mod_id = MODULE_ID_USER_LAST;
+ continue;
+ }
+
/* Search for a module with the current ID. */
for (module = modules; module; module = module->next)
if (mod_id == module->mod_id)
@@ -49,7 +62,7 @@
break;
}
- if (mod_id < id_max)
+ if (mod_id < MODULE_ID_LAST)
/* Done. */
*id_new = mod_id;
else
Modified: trunk/src/sexp.c
===================================================================
--- trunk/src/sexp.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/sexp.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -190,7 +190,7 @@
/* Create a new S-expression object by reading LENGTH bytes from
BUFFER, assuming it is canonilized encoded or autodetected encoding
when AUTODETECT is set to 1. With FREEFNC not NULL, ownership of
- the buffer is transferred to tyhe newle created object. FREEFNC
+ the buffer is transferred to the newly created object. FREEFNC
should be the freefnc used to release BUFFER; there is no guarantee
at which point this function is called; most likey you want to use
free() or gcry_free().
@@ -239,7 +239,7 @@
have changed the internal represenation of S-expression to
the canoncial format - which has the advantage of faster
parsing - we will use this function as a closure in our
- GCRYSEXP object and use the BUFFER directly */
+ GCRYSEXP object and use the BUFFER directly. */
freefnc (buffer);
}
return gcry_error (GPG_ERR_NO_ERROR);
Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/ChangeLog 2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,7 @@
+2006-10-17 Werner Koch <wk at g10code.com>
+
+ * keygen.c (check_rsa_keys): Also create an 1536 bit DSA key.
+
2006-08-03 Werner Koch <wk at g10code.com>
* t-mpi-bit.c: New.
Modified: trunk/tests/keygen.c
===================================================================
--- trunk/tests/keygen.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/keygen.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -123,12 +123,15 @@
gcry_sexp_t keyparm, key;
int rc;
+ /* Check that DSA generation works and that it can grok the qbits
+ argument. */
if (verbose)
- fprintf (stderr, "creating 2048 bit DSA key using old interface\n");
+ fprintf (stderr, "creating 1536 bit DSA key using old interface\n");
rc = gcry_sexp_new (&keyparm,
"(genkey\n"
" (dsa\n"
- " (nbits 4:2048)\n"
+ " (nbits 4:1536)\n"
+ " (qbits 3:224)\n"
" ))", 0, 1);
if (rc)
die ("error creating S-expression: %s\n", gpg_strerror (rc));
@@ -144,7 +147,6 @@
"=============================\n", buffer);
}
gcry_sexp_release (key);
- exit (0);
if (verbose)
fprintf (stderr, "creating 1024 bit RSA key using old interface\n");
Modified: trunk/tests/tsexp.c
===================================================================
--- trunk/tests/tsexp.c 2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/tsexp.c 2006-10-17 17:44:49 UTC (rev 1185)
@@ -304,6 +304,32 @@
return;
}
gcry_sexp_release (se1);
+
+ /* Again but with memory checking. */
+ p1 = gcry_xmalloc (n1+2);
+ *p1 = '\x55';
+ p1[n1+1] = '\xaa';
+ n = gcry_sexp_sprint (se, GCRYSEXP_FMT_CANON, p1+1, n1);
+ if (n1 != n+1) /* sprints adds an extra 0 but does not return it */
+ {
+ fail ("baf %d: length mismatch for canon\n", testno);
+ return;
+ }
+ if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+ fail ("baf %d: memory corrupted (1)\n", testno);
+ rc = gcry_sexp_create (&se1, p1+1, n, 0, NULL);
+ if (rc)
+ {
+ fail ("baf %d: gcry_sexp_create failed: %s\n",
+ testno, gpg_strerror (rc));
+ return;
+ }
+ if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+ fail ("baf %d: memory corrupted (2)\n", testno);
+ gcry_sexp_release (se1);
+ if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+ fail ("baf %d: memory corrupted (3)\n", testno);
+ gcry_free (p1);
/* FIXME: we need a lot more tests */
@@ -318,6 +344,18 @@
static struct { char *buf; int len; } tests[] = {
{ "(7:g34:fgh1::2:())", 0 },
{ "(7:g34:fgh1::2:())", 18 },
+ {
+"(protected-private-key \n"
+" (rsa \n"
+" (n #00BE8A536204687149A48FF9F1715FF3530AD9A836D62102BF4065E5CF5953236DB94F1DF2FF4D525CD4CE7966DDC3C839968E8BAC2948934DF047CC65287CD79F6C23C93E55D7F9231E3942BD496DE383469977635A51ADF4AF747DB958CA02E9940DFC1DC0FC7FC755E7EB6618FEE6DA54B8A06E0CBF9D9257443F9992261435#)\n"
+" (e #010001#)\n"
+" (protected openpgp-s2k3-sha1-aes-cbc \n"
+" (\n"
+" (sha1 #C2A5673BD3882405# \"96\")\n"
+" #8D08AAF6A9209ED69D71EB7E64D78715#)\n"
+" #F7B0B535F8F8E22F4F3DA031224070303F82F9207D42952F1ACF21A4AB1C50304EBB25527992C7B265A9E9FF702826FB88759BDD55E4759E9FCA6C879538C9D043A9C60A326CB6681090BAA731289BD880A7D5774D9999F026E5E7963BFC8C0BDC9F061393CB734B4F259725C0A0A0B15BA39C39146EF6A1B3DC4DF30A22EBE09FD05AE6CB0C8C6532951A925F354F4E26A51964F5BBA50081690C421C8385C4074E9BAB9297D081B857756607EAE652415275A741C89E815558A50AC638EDC5F5030210B4395E3E1A40FF38DCCCB333A19EA88EFE7E4D51B54128C6DF27395646836679AC21B1B25C1DA6F0A7CE9F9BE078EFC7934FA9AE202CBB0AA06C20DFAF9A66FAB7E9073FBE96B9A7F25C3BA45EC3EECA65796AEE313BA148DE5314F30345B452B50B17C4D841A7F27397126E8C10BD0CE3B50A82C0425AAEE7798031671407B681F52916256F78CAF92A477AC27BCBE26DAFD1BCE386A853E2A036F8314BB2E8E5BB1F196434232EFB0288331C2AB16DBC5457CC295EB966CAC5CE73D5DA5D566E469F0EFA82F9A12B8693E0#)\n"
+" )\n"
+" )\n", 0 },
{ NULL, 0 }
};
int idx;
@@ -390,9 +428,3 @@
return error_count? 1:0;
}
-
-
-
-
-
-
More information about the Gnupg-commits
mailing list