[svn] GnuPG - r5036 - in trunk: . g10
svn author dshaw
cvs at cvs.gnupg.org
Fri Jun 5 16:11:04 CEST 2009
Author: dshaw
Date: 2009-06-05 16:11:03 +0200 (Fri, 05 Jun 2009)
New Revision: 5036
Modified:
trunk/ChangeLog
trunk/configure.ac
trunk/g10/ChangeLog
trunk/g10/cipher.c
trunk/g10/encode.c
trunk/g10/encr-data.c
trunk/g10/gpg.c
trunk/g10/main.h
trunk/g10/mainproc.c
trunk/g10/misc.c
trunk/g10/passphrase.c
trunk/g10/pubkey-enc.c
trunk/g10/seckey-cert.c
trunk/g10/seskey.c
Log:
Add full Camellia support.
* configure.ac: Remove Camellia restriction.
* gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
restriction.
* misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_*
functions, but pass the algorithm number through
map_cipher_openpgp_to_gcry. This is needed in case the gcry algorithm
number doesn't match the OpenPGP number (c.f. Camellia).
* encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c,
passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/ChangeLog 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,3 +1,7 @@
+2009-06-05 David Shaw <dshaw at jabberwocky.com>
+
+ * configure.ac: Remove Camellia restriction.
+
2009-04-01 Werner Koch <wk at g10code.com>
* configure.ac: Test for fsync.
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/ChangeLog 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,3 +1,19 @@
+2009-06-05 David Shaw <dshaw at jabberwocky.com>
+
+ * gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
+ restriction.
+
+ * misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
+ openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
+ openpgp_cipher_get_algo_blklen to wrap around the corresponding
+ gcry_* functions, but pass the algorithm number through
+ map_cipher_openpgp_to_gcry. This is needed in case the gcry
+ algorithm number doesn't match the OpenPGP number (c.f. Camellia).
+
+ * encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c,
+ seskey.c, passphrase.c, seckey-cert.c: Use new openpgp_cipher_*
+ macros here.
+
2009-06-02 Werner Koch <wk at g10code.com>
* card-util.c (get_manufacturer): Add new manufacturer.
Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/configure.ac 2009-06-05 14:11:03 UTC (rev 5036)
@@ -74,7 +74,6 @@
use_bzip2=yes
use_exec=yes
disable_keyserver_path=no
-use_camellia=no
GNUPG_BUILD_PROGRAM(gpg, yes)
@@ -174,22 +173,6 @@
use_bzip2=$enableval)
AC_MSG_RESULT($use_bzip2)
-# Check whether testing support for Camellia has been requested
-AC_MSG_CHECKING([whether to enable the CAMELLIA cipher for gpg])
-AC_ARG_ENABLE(camellia,
- AC_HELP_STRING([--enable-camellia],[enable the CAMELLIA cipher for gpg]),
- use_camellia=$enableval)
-AC_MSG_RESULT($use_camellia)
-if test x"$use_camellia" = xyes ; then
- AC_DEFINE(USE_CAMELLIA,1,[Define to include the CAMELLIA cipher into gpg])
- AC_MSG_WARN([[
-***
-*** The Camellia cipher for gpg is for testing only and
-*** is NOT for production use!
-***]])
-fi
-
-
# Configure option to allow or disallow execution of external
# programs, like a photo viewer.
AC_MSG_CHECKING([whether to enable external program execution])
@@ -1489,10 +1472,3 @@
gpg-check-pattern will not be build.
"
fi
-if test x"$use_camellia" = xyes ; then
- echo
- echo "WARNING: The Camellia cipher for gpg is for testing only"
- echo " and is NOT for production use!"
- echo
-fi
-
Modified: trunk/g10/cipher.c
===================================================================
--- trunk/g10/cipher.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/cipher.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* cipher.c - En-/De-ciphering filter
* Copyright (C) 1998, 1999, 2000, 2001, 2003,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -49,7 +49,7 @@
unsigned int blocksize;
unsigned int nprefix;
- blocksize = gcry_cipher_get_algo_blklen (cfx->dek->algo);
+ blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo);
if ( blocksize < 8 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize );
@@ -81,12 +81,12 @@
temp[nprefix] = temp[nprefix-2];
temp[nprefix+1] = temp[nprefix-1];
print_cipher_algo_note( cfx->dek->algo );
- err = gcry_cipher_open (&cfx->cipher_hd,
- cfx->dek->algo,
- GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
- 0 : GCRY_CIPHER_ENABLE_SYNC)));
+ err = openpgp_cipher_open (&cfx->cipher_hd,
+ cfx->dek->algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
+ 0 : GCRY_CIPHER_ENABLE_SYNC)));
if (err) {
/* We should never get an error here cause we already checked,
* that the algorithm is available. */
Modified: trunk/g10/encode.c
===================================================================
--- trunk/g10/encode.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/encode.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* encode.c - encode data
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -86,7 +86,7 @@
/* We only pass already checked values to the following fucntion,
thus we consider any failure as fatal. */
- if (gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
+ if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
BUG ();
if (gcry_cipher_setkey (hd, dek->key, dek->keylen))
BUG ();
@@ -142,7 +142,7 @@
/* Last try. Use MDC for the modern ciphers. */
- if (gcry_cipher_get_algo_blklen (algo) != 8)
+ if (openpgp_cipher_get_algo_blklen (algo) != 8)
return 1;
if (opt.verbose)
@@ -237,7 +237,7 @@
{
DEK *dek = NULL;
- seskeylen = gcry_cipher_get_algo_keylen (default_cipher_algo ());
+ seskeylen = openpgp_cipher_get_algo_keylen (default_cipher_algo ());
encode_seskey( cfx.dek, &dek, enckey );
xfree( cfx.dek ); cfx.dek = dek;
}
@@ -411,7 +411,7 @@
static int
write_symkey_enc(STRING2KEY *symkey_s2k,DEK *symkey_dek,DEK *dek,IOBUF out)
{
- int rc, seskeylen = gcry_cipher_get_algo_keylen (dek->algo);
+ int rc, seskeylen = openpgp_cipher_get_algo_keylen (dek->algo);
PKT_symkey_enc *enc;
byte enckey[33];
Modified: trunk/g10/encr-data.c
===================================================================
--- trunk/g10/encr-data.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/encr-data.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* encr-data.c - process an encrypted data packet
* Copyright (C) 1998, 1999, 2000, 2001, 2005,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -98,7 +98,7 @@
rc = openpgp_cipher_test_algo (dek->algo);
if (rc)
goto leave;
- blocksize = gcry_cipher_get_algo_blklen (dek->algo);
+ blocksize = openpgp_cipher_get_algo_blklen (dek->algo);
if ( !blocksize || blocksize > 16 )
log_fatal ("unsupported blocksize %u\n", blocksize );
nprefix = blocksize;
@@ -113,11 +113,11 @@
gcry_md_start_debug (dfx->mdc_hash, "checkmdc");
}
- rc = gcry_cipher_open (&dfx->cipher_hd, dek->algo,
- GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | ((ed->mdc_method || dek->algo >= 100)?
- 0 : GCRY_CIPHER_ENABLE_SYNC)));
+ rc = openpgp_cipher_open (&dfx->cipher_hd, dek->algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | ((ed->mdc_method || dek->algo >= 100)?
+ 0 : GCRY_CIPHER_ENABLE_SYNC)));
if (rc)
{
/* We should never get an error here cause we already checked
Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/gpg.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* gpg.c - The GnuPG utility (main for gpg)
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- * 2006, 2007, 2008 Free Software Foundation, Inc.
+ * 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -2963,15 +2963,6 @@
log_set_prefix (NULL, 1|2|4);
}
-#ifdef USE_CAMELLIA
- /* We better also print a runtime warning if people build it with
- support for Camellia (which is not yet defined by OpenPGP). */
- log_info ("WARNING: This version has been built with support for the "
- "Camellia cipher.\n");
- log_info (" It is for testing only and is NOT for production "
- "use!\n");
-#endif
-
/* Older Libgcrypts fail with an assertion during DSA key
generation. Better disable DSA2 entirely. */
if (opt.flags.dsa2 && !gcry_check_version ("1.4.0") )
@@ -4323,4 +4314,3 @@
if(critical)
sl->flags |= 1;
}
-
Modified: trunk/g10/main.h
===================================================================
--- trunk/g10/main.h 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/main.h 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* main.h
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- * 2008 Free Software Foundation, Inc.
+ * 2008, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -82,6 +82,10 @@
u16 checksum_mpi( gcry_mpi_t a );
u32 buffer_to_u32( const byte *buffer );
const byte *get_session_marker( size_t *rlen );
+int map_cipher_openpgp_to_gcry (int algo);
+#define openpgp_cipher_open(_a,_b,_c,_d) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
+#define openpgp_cipher_get_algo_keylen(_a) gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a)))
+#define openpgp_cipher_get_algo_blklen(_a) gcry_cipher_get_algo_blklen(map_cipher_openpgp_to_gcry((_a)))
int openpgp_cipher_blocklen (int algo);
int openpgp_cipher_test_algo( int algo );
const char *openpgp_cipher_algo_name (int algo);
Modified: trunk/g10/mainproc.c
===================================================================
--- trunk/g10/mainproc.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/mainproc.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- * 2008 Free Software Foundation, Inc.
+ * 2008, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -233,7 +233,7 @@
return G10ERR_BAD_KEY;
}
- if (gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
+ if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
BUG ();
if (gcry_cipher_setkey ( hd, dek->key, dek->keylen ))
BUG ();
Modified: trunk/g10/misc.c
===================================================================
--- trunk/g10/misc.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/misc.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* misc.c - miscellaneous functions
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- * 2008 Free Software Foundation, Inc.
+ * 2008, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -340,7 +340,7 @@
/* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
this for algorithms we implemented in Libgcrypt after they become
part of OpenPGP. */
-static int
+int
map_cipher_openpgp_to_gcry (int algo)
{
switch (algo)
@@ -400,15 +400,6 @@
if ( algo < 0 || algo > 110 || algo == 5 || algo == 6 )
return gpg_error (GPG_ERR_CIPHER_ALGO);
- /* Camellia is not yet defined for OpenPGP thus only allow it if
- requested. */
-#ifndef USE_CAMELLIA
- if (algo == CIPHER_ALGO_CAMELLIA128
- || algo == CIPHER_ALGO_CAMELLIA192
- || algo == CIPHER_ALGO_CAMELLIA256)
- return gpg_error (GPG_ERR_CIPHER_ALGO);
-#endif
-
return gcry_cipher_test_algo (map_cipher_openpgp_to_gcry (algo));
}
Modified: trunk/g10/passphrase.c
===================================================================
--- trunk/g10/passphrase.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/passphrase.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* passphrase.c - Get a passphrase
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- * 2005, 2006, 2007 Free Software Foundation, Inc.
+ * 2005, 2006, 2007, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -61,7 +61,7 @@
int pwlen = strlen(pw);
assert ( s2k->hash_algo );
- dek->keylen = gcry_cipher_get_algo_keylen (dek->algo);
+ dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo);
if ( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) )
BUG();
Modified: trunk/g10/pubkey-enc.c
===================================================================
--- trunk/g10/pubkey-enc.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/pubkey-enc.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* pubkey-enc.c - public key encoded packet handling
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -251,7 +251,7 @@
dek->algo = 0;
goto leave;
}
- if ( dek->keylen != gcry_cipher_get_algo_keylen (dek->algo) ) {
+ if ( dek->keylen != openpgp_cipher_get_algo_keylen (dek->algo) ) {
rc = GPG_ERR_WRONG_SECKEY;
goto leave;
}
Modified: trunk/g10/seckey-cert.c
===================================================================
--- trunk/g10/seckey-cert.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/seckey-cert.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* seckey-cert.c - secret key certificate packet handling
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -86,11 +86,11 @@
return G10ERR_GENERAL;
- err = gcry_cipher_open (&cipher_hd, sk->protect.algo,
- GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | (sk->protect.algo >= 100 ?
- 0 : GCRY_CIPHER_ENABLE_SYNC)));
+ err = openpgp_cipher_open (&cipher_hd, sk->protect.algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | (sk->protect.algo >= 100 ?
+ 0 : GCRY_CIPHER_ENABLE_SYNC)));
if (err)
log_fatal ("cipher open failed: %s\n", gpg_strerror (err) );
@@ -351,16 +351,16 @@
else {
print_cipher_algo_note( sk->protect.algo );
- if ( gcry_cipher_open (&cipher_hd, sk->protect.algo,
- GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | (sk->protect.algo >= 100 ?
- 0 : GCRY_CIPHER_ENABLE_SYNC))) )
+ if ( openpgp_cipher_open (&cipher_hd, sk->protect.algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | (sk->protect.algo >= 100 ?
+ 0 : GCRY_CIPHER_ENABLE_SYNC))) )
BUG();
if ( gcry_cipher_setkey ( cipher_hd, dek->key, dek->keylen ) )
log_info(_("WARNING: Weak key detected"
" - please change passphrase again.\n"));
- sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo);
+ sk->protect.ivlen = openpgp_cipher_get_algo_blklen (sk->protect.algo);
assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
BUG(); /* yes, we are very careful */
@@ -471,4 +471,3 @@
}
return rc;
}
-
Modified: trunk/g10/seskey.c
===================================================================
--- trunk/g10/seskey.c 2009-06-05 13:54:08 UTC (rev 5035)
+++ trunk/g10/seskey.c 2009-06-05 14:11:03 UTC (rev 5036)
@@ -1,6 +1,6 @@
/* seskey.c - make sesssion keys etc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- * 2006 Free Software Foundation, Inc.
+ * 2006, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -40,12 +40,12 @@
gcry_cipher_hd_t chd;
int i, rc;
- dek->keylen = gcry_cipher_get_algo_keylen (dek->algo);
+ dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo);
- if (gcry_cipher_open (&chd, dek->algo, GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | (dek->algo >= 100 ?
- 0 : GCRY_CIPHER_ENABLE_SYNC))) )
+ if (openpgp_cipher_open (&chd, dek->algo, GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | (dek->algo >= 100 ?
+ 0 : GCRY_CIPHER_ENABLE_SYNC))) )
BUG();
gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM );
for (i=0; i < 16; i++ )
More information about the Gnupg-commits
mailing list