[svn] GnuPG - r4899 - in trunk: . g10
svn author wk
cvs at cvs.gnupg.org
Thu Dec 11 18:44:52 CET 2008
Author: wk
Date: 2008-12-11 18:44:52 +0100 (Thu, 11 Dec 2008)
New Revision: 4899
Added:
trunk/g10/t-rmd160.c
Modified:
trunk/NEWS
trunk/g10/ChangeLog
trunk/g10/Makefile.am
trunk/g10/gpg.c
trunk/g10/keygen.c
trunk/g10/keyid.c
trunk/g10/main.h
trunk/g10/sig-check.c
trunk/g10/trustdb.h
Log:
Make gpg not depend on the RIPE-MD160 implementaion in Libgcrypt.
Fix SIG_ID computation.
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/ChangeLog 2008-12-11 17:44:52 UTC (rev 4899)
@@ -1,3 +1,23 @@
+2008-12-11 Werner Koch <wk at g10code.com>
+
+ * sig-check.c (signature_check2): Change algorithm used to compute
+ the SIG_ID.
+ (check_revocation_keys): Close message digest.
+
+ * rmd160.c, rmd160.h: New. Based on code from GnuPG-1.4.
+ * t-rmd160.c: New.
+ * Makefile.am: Add support to run tests.
+ * keyid.c (namehash_from_uid): Use rmd160_hash_buffer.
+
+2008-12-10 Werner Koch <wk at g10code.com>
+
+ * trustdb.h (NAMEHASH_HASH): Remove unsued constant.
+
+ * gpg.c (print_mds): Print RMD160 only is enabled.
+
+ * keygen.c (keygen_set_std_prefs): Include RMD160 only if
+ available.
+
2008-12-09 Werner Koch <wk at g10code.com>
* gpg.c (main) [IS_DEVELOPMENT_VERSION]: Fix strusage use.
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/NEWS 2008-12-11 17:44:52 UTC (rev 4899)
@@ -19,6 +19,8 @@
* [gpg] New control statement %ask-passphrase for the unattended key
generation.
+ * [gpg] The algorithm to compute the SIG_ID status has been changed.
+
* [gpgsm] Now uses AES by default.
* [gpgsm] Made --output option work with --export-secret-key-p12.
Modified: trunk/g10/Makefile.am
===================================================================
--- trunk/g10/Makefile.am 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/Makefile.am 2008-12-11 17:44:52 UTC (rev 4899)
@@ -30,6 +30,8 @@
needed_libs = $(libcommon) ../jnlib/libjnlib.a ../gl/libgnu.a
bin_PROGRAMS = gpg2 gpgv2
+noinst_PROGRAMS = $(module_tests)
+TESTS = $(module_tests)
if ENABLE_BZIP2_SUPPORT
bzip2_source = compress-bz2.c
@@ -57,6 +59,7 @@
textfilter.c \
progress.c \
misc.c \
+ rmd160.c \
options.h \
openfile.c \
keyid.c \
@@ -121,6 +124,12 @@
gpgv2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \
$(LIBICONV)
+t_common_ldadd =
+module_tests = t-rmd160
+t_rmd160_SOURCES = t-rmd160.c rmd160.c
+t_rmd160_LDADD = $(t_common_ldadd)
+
+
$(PROGRAMS): $(needed_libs) ../common/libgpgrl.a
install-data-local:
Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/gpg.c 2008-12-11 17:44:52 UTC (rev 4899)
@@ -4187,7 +4187,8 @@
else {
print_hashline( md, GCRY_MD_MD5, fname );
print_hashline( md, GCRY_MD_SHA1, fname );
- print_hashline( md, GCRY_MD_RMD160, fname );
+ if (!gcry_md_test_algo (GCRY_MD_RMD160))
+ print_hashline( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hashline (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256))
@@ -4204,7 +4205,8 @@
else {
print_hex( md, GCRY_MD_MD5, fname );
print_hex( md, GCRY_MD_SHA1, fname );
- print_hex( md, GCRY_MD_RMD160, fname );
+ if (!gcry_md_test_algo (GCRY_MD_RMD160))
+ print_hex( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hex (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256))
Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/keygen.c 2008-12-11 17:44:52 UTC (rev 4899)
@@ -352,7 +352,8 @@
strcat(dummy_string,"H8 ");
/* RIPEMD160 */
- strcat(dummy_string,"H3 ");
+ if (!openpgp_md_test_algo(DIGEST_ALGO_RMD160))
+ strcat(dummy_string,"H3 ");
/* ZLIB */
strcat(dummy_string,"Z2 ");
Modified: trunk/g10/keyid.c
===================================================================
--- trunk/g10/keyid.c 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/keyid.c 2008-12-11 17:44:52 UTC (rev 4899)
@@ -33,6 +33,7 @@
#include "options.h"
#include "keydb.h"
#include "i18n.h"
+#include "rmd160.h"
int
pubkey_letter( int algo )
@@ -448,16 +449,14 @@
byte *
namehash_from_uid(PKT_user_id *uid)
{
- if(uid->namehash==NULL)
+ if (!uid->namehash)
{
- uid->namehash = xmalloc(20);
-
+ uid->namehash = xmalloc (20);
+
if(uid->attrib_data)
- gcry_md_hash_buffer (GCRY_MD_RMD160, uid->namehash,
- uid->attrib_data, uid->attrib_len);
+ rmd160_hash_buffer (uid->namehash, uid->attrib_data, uid->attrib_len);
else
- gcry_md_hash_buffer (GCRY_MD_RMD160, uid->namehash,
- uid->name, uid->len);
+ rmd160_hash_buffer (uid->namehash, uid->name, uid->len);
}
return uid->namehash;
Modified: trunk/g10/main.h
===================================================================
--- trunk/g10/main.h 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/main.h 2008-12-11 17:44:52 UTC (rev 4899)
@@ -328,7 +328,6 @@
void block_all_signals(void);
void unblock_all_signals(void);
-
/*-- server.c --*/
int gpg_server (ctrl_t);
Modified: trunk/g10/sig-check.c
===================================================================
--- trunk/g10/sig-check.c 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/sig-check.c 2008-12-11 17:44:52 UTC (rev 4899)
@@ -130,41 +130,63 @@
* and the timestamp, but the drawback of this is, that it is
* not possible to sign more than one identical document within
* one second. Some remote batch processing applications might
- * like this feature here */
- gcry_md_hd_t md;
-
+ * like this feature here.
+ *
+ * Note that before 2.0.10, we used RIPE-MD160 for the hash
+ * and accidently didn't include the timestamp and algorithm
+ * information in the hash. Given that this feature is not
+ * commonly used and that a replay attacks detection should
+ * not solely be based on this feature (because it does not
+ * work with RSA), we take the freedom and switch to SHA-1
+ * with 2.0.10 to take advantage of hardware supported SHA-1
+ * implementations. We also include the missing information
+ * in the hash. Note also the SIG_ID as computed by gpg 1.x
+ * and gpg 2.x didn't matched either because 2.x used to print
+ * MPIs not in PGP format. */
u32 a = sig->timestamp;
- int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
- byte *p, *buffer;
+ int nsig = pubkey_get_nsig( sig->pubkey_algo );
+ unsigned char *p, *buffer;
+ size_t n, nbytes;
+ int i;
+ char hashbuf[20];
- if (gcry_md_open (&md, GCRY_MD_RMD160, 0))
- BUG ();
+ nbytes = 6;
+ for (i=0; i < nsig; i++ )
+ {
+ if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i]))
+ BUG();
+ nbytes += n;
+ }
- /* FIXME: Why the hell are we updating DIGEST here??? */
- gcry_md_putc( digest, sig->pubkey_algo );
- gcry_md_putc( digest, sig->digest_algo );
- gcry_md_putc( digest, (a >> 24) & 0xff );
- gcry_md_putc( digest, (a >> 16) & 0xff );
- gcry_md_putc( digest, (a >> 8) & 0xff );
- gcry_md_putc( digest, a & 0xff );
- for(i=0; i < nsig; i++ ) {
- size_t n;
- unsigned char *tmp;
+ /* Make buffer large enough to be later used as output buffer. */
+ if (nbytes < 100)
+ nbytes = 100;
+ nbytes += 10; /* Safety margin. */
- if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &tmp, &n, sig->data[i]))
+ /* Fill and hash buffer. */
+ buffer = p = xmalloc (nbytes);
+ *p++ = sig->pubkey_algo;
+ *p++ = sig->digest_algo;
+ *p++ = (a >> 24) & 0xff;
+ *p++ = (a >> 16) & 0xff;
+ *p++ = (a >> 8) & 0xff;
+ *p++ = a & 0xff;
+ nbytes -= 6;
+ for (i=0; i < nsig; i++ )
+ {
+ if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i]))
BUG();
- gcry_md_write (md, tmp, n);
- xfree (tmp);
- }
- gcry_md_final (md);
- p = make_radix64_string ( gcry_md_read( md, 0 ), 20 );
- buffer = xmalloc( strlen(p) + 60 );
- sprintf( buffer, "%s %s %lu",
- p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
- write_status_text( STATUS_SIG_ID, buffer );
- xfree(buffer);
- xfree(p);
- gcry_md_close(md);
+ p += n;
+ nbytes -= n;
+ }
+ gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer);
+
+ p = make_radix64_string (hashbuf, 20);
+ sprintf (buffer, "%s %s %lu",
+ p, strtimestamp (sig->timestamp), (ulong)sig->timestamp);
+ xfree (p);
+ write_status_text (STATUS_SIG_ID, buffer);
+ xfree (buffer);
}
return rc;
@@ -420,6 +442,7 @@
hash_public_key(md,pk);
rc=signature_check(sig,md);
cache_sig_result(sig,rc);
+ gcry_md_close (md);
break;
}
}
Added: trunk/g10/t-rmd160.c
===================================================================
--- trunk/g10/t-rmd160.c (rev 0)
+++ trunk/g10/t-rmd160.c 2008-12-11 17:44:52 UTC (rev 4899)
@@ -0,0 +1,92 @@
+/* t-rmd160.c - Module test for rmd160.c
+ * Copyright (C) 2008 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "rmd160.h"
+
+#define pass() do { ; } while(0)
+#define fail(a) do { fprintf (stderr, "%s:%d: test %d failed\n",\
+ __FILE__,__LINE__, (a)); \
+ exit (1); \
+ } while(0)
+
+static void
+run_test (void)
+{
+ static struct
+ {
+ const char *data;
+ const char *expect;
+ } testtbl[] =
+ {
+ { "",
+ "\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28"
+ "\x08\x97\x7e\xe8\xf5\x48\xb2\x25\x8d\x31" },
+ { "a",
+ "\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae"
+ "\x34\x7b\xe6\xf4\xdc\x83\x5a\x46\x7f\xfe" },
+ { "abc",
+ "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
+ "\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc" },
+ { "message digest",
+ "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8"
+ "\x81\xb1\x23\xa8\x5f\xfa\x21\x59\x5f\x36" },
+ { "abcdefghijklmnopqrstuvwxyz",
+ "\xf7\x1c\x27\x10\x9c\x69\x2c\x1b\x56\xbb"
+ "\xdc\xeb\x5b\x9d\x28\x65\xb3\x70\x8d\xbc" },
+ { "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz"
+ "0123456789",
+ "\xb0\xe2\x0b\x6e\x31\x16\x64\x02\x86\xed"
+ "\x3a\x87\xa5\x71\x30\x79\xb2\x1f\x51\x89" },
+ { "1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890",
+ "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb"
+ "\xd3\x32\x3c\xab\x82\xbf\x63\x32\x6b\xfb" },
+
+ { NULL, NULL }
+ };
+ int idx;
+ char digest[20];
+
+ for (idx=0; testtbl[idx].data; idx++)
+ {
+ rmd160_hash_buffer (digest,
+ testtbl[idx].data, strlen(testtbl[idx].data));
+ if (memcmp (digest, testtbl[idx].expect, 20))
+ fail (idx);
+ }
+}
+
+
+int
+main (int argc, char **argv)
+{
+ (void)argc;
+ (void)argv;
+
+ run_test ();
+
+ return 0;
+}
+
Modified: trunk/g10/trustdb.h
===================================================================
--- trunk/g10/trustdb.h 2008-12-11 17:00:52 UTC (rev 4898)
+++ trunk/g10/trustdb.h 2008-12-11 17:44:52 UTC (rev 4899)
@@ -36,7 +36,6 @@
#define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */
#define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */
-#define NAMEHASH_HASH DIGEST_ALGO_RMD160
#define NAMEHASH_LEN 20
/*-- trustdb.c --*/
More information about the Gnupg-commits
mailing list