From cvs at cvs.gnupg.org Mon Nov 4 15:04:25 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Mon, 04 Nov 2013 15:04:25 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-350-gd469786 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via d4697862266f3c96b6946dc92139dd8f3e81e5f6 (commit) from d1cadd145199040299538891ab2ccd1208f7776e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d4697862266f3c96b6946dc92139dd8f3e81e5f6 Author: Jussi Kivilinna Date: Sun Nov 3 22:11:30 2013 +0200 Make jump labels local in Salsa20 assembly * cipher/salsa20-amd64.S: Rename '._labels' to '.L_labels'. * cipher/salsa20-armv7-neon.S: Ditto. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/salsa20-amd64.S b/cipher/salsa20-amd64.S index 691df58..e79da4e 100644 --- a/cipher/salsa20-amd64.S +++ b/cipher/salsa20-amd64.S @@ -42,8 +42,8 @@ _gcry_salsa20_amd64_keysetup: movl %eax,60(%rdi) movl %r10d,48(%rdi) cmp $256,%rdx - jb ._kbits128 -._kbits256: + jb .L_kbits128 +.L_kbits256: movl 16(%rsi),%edx movl 20(%rsi),%ecx movl 24(%rsi),%r8d @@ -60,8 +60,8 @@ _gcry_salsa20_amd64_keysetup: movl %edx,4(%rdi) movl %ecx,8(%rdi) movl %r8d,12(%rdi) - jmp ._keysetupdone -._kbits128: + jmp .L_keysetupdone +.L_kbits128: movl 0(%rsi),%edx movl 4(%rsi),%ecx movl 8(%rsi),%r8d @@ -78,7 +78,7 @@ _gcry_salsa20_amd64_keysetup: movl %edx,4(%rdi) movl %ecx,8(%rdi) movl %r8d,12(%rdi) -._keysetupdone: +.L_keysetupdone: ret .align 8 @@ -117,10 +117,10 @@ _gcry_salsa20_amd64_encrypt_blocks: mov %rdx,%rdi mov %rcx,%rdx cmp $0,%rdx - jbe ._done -._start: + jbe .L_done +.L_start: cmp $256,%rdx - jb ._bytes_are_64_128_or_192 + jb .L_bytes_are_64_128_or_192 movdqa 0(%r8),%xmm0 pshufd $0x55,%xmm0,%xmm1 pshufd $0xaa,%xmm0,%xmm2 @@ -153,7 +153,7 @@ _gcry_salsa20_amd64_encrypt_blocks: movdqa %xmm1,176(%rsp) movdqa %xmm2,192(%rsp) movdqa %xmm0,208(%rsp) -._bytesatleast256: +.L_bytesatleast256: movl 32(%r8),%ecx movl 52(%r8),%r9d movl %ecx,224(%rsp) @@ -192,7 +192,7 @@ _gcry_salsa20_amd64_encrypt_blocks: movdqa 96(%rsp),%xmm13 movdqa 176(%rsp),%xmm14 movdqa 224(%rsp),%xmm15 -._mainloop1: +.L_mainloop1: movdqa %xmm1,256(%rsp) movdqa %xmm2,272(%rsp) movdqa %xmm13,%xmm1 @@ -434,7 +434,7 @@ _gcry_salsa20_amd64_encrypt_blocks: movdqa 256(%rsp),%xmm12 movdqa 272(%rsp),%xmm0 sub $2,%rdx - ja ._mainloop1 + ja .L_mainloop1 paddd 48(%rsp),%xmm12 paddd 112(%rsp),%xmm7 paddd 160(%rsp),%xmm10 @@ -696,10 +696,10 @@ _gcry_salsa20_amd64_encrypt_blocks: add $256,%rsi add $256,%rdi cmp $256,%rdx - jae ._bytesatleast256 + jae .L_bytesatleast256 cmp $0,%rdx - jbe ._done -._bytes_are_64_128_or_192: + jbe .L_done +.L_bytes_are_64_128_or_192: movq %rdx,288(%rsp) movdqa 0(%r8),%xmm0 movdqa 16(%r8),%xmm1 @@ -707,7 +707,7 @@ _gcry_salsa20_amd64_encrypt_blocks: movdqa 48(%r8),%xmm3 movdqa %xmm1,%xmm4 mov %rbx,%rdx -._mainloop2: +.L_mainloop2: paddd %xmm0,%xmm4 movdqa %xmm0,%xmm5 movdqa %xmm4,%xmm6 @@ -834,7 +834,7 @@ _gcry_salsa20_amd64_encrypt_blocks: pxor %xmm5,%xmm0 pshufd $0x39,%xmm3,%xmm3 pxor %xmm6,%xmm0 - ja ._mainloop2 + ja .L_mainloop2 paddd 0(%r8),%xmm0 paddd 16(%r8),%xmm1 paddd 32(%r8),%xmm2 @@ -907,17 +907,17 @@ _gcry_salsa20_amd64_encrypt_blocks: movl %ecx,32(%r8) movl %eax,52(%r8) cmp $64,%rdx - ja ._bytes_are_128_or_192 -._done: + ja .L_bytes_are_128_or_192 +.L_done: add %r11,%rsp mov %r11,%rax pop %rbx ret -._bytes_are_128_or_192: +.L_bytes_are_128_or_192: sub $64,%rdx add $64,%rdi add $64,%rsi - jmp ._bytes_are_64_128_or_192 + jmp .L_bytes_are_64_128_or_192 .size _gcry_salsa20_amd64_encrypt_blocks,.-_gcry_salsa20_amd64_encrypt_blocks; #endif /*defined(USE_SALSA20)*/ diff --git a/cipher/salsa20-armv7-neon.S b/cipher/salsa20-armv7-neon.S index 7d31e9f..8a9d9c4 100644 --- a/cipher/salsa20-armv7-neon.S +++ b/cipher/salsa20-armv7-neon.S @@ -117,8 +117,8 @@ _gcry_arm_neon_salsa20_encrypt: strd r8,[sp,#88] nop cmp r0,#192 - blo ._mlenlowbelow192 -._mlenatleast192: + blo .L_mlenlowbelow192 +.L_mlenatleast192: ldrd r2,[sp,#48] vext.32 d7,d6,d6,#1 vmov q8,q1 @@ -157,7 +157,7 @@ _gcry_arm_neon_salsa20_encrypt: ldrd r2,[sp,#56] vst1.8 {d14-d15},[r6,: 128] ldrd r6,[sp,#40] -._mainloop2: +.L_mainloop2: str r12,[sp,#248] vadd.i32 q4,q10,q8 vadd.i32 q9,q13,q11 @@ -505,7 +505,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r9,r9,r14,ROR #14 veor q11,q9,q4 subs r12,r12,#4 - bhi ._mainloop2 + bhi .L_mainloop2 strd r8,[sp,#112] ldrd r8,[sp,#64] strd r2,[sp,#120] @@ -526,7 +526,7 @@ _gcry_arm_neon_salsa20_encrypt: add r6,r6,r10 add r7,r7,r11 cmp r12,#0 - beq ._nomessage1 + beq .L_nomessage1 ldr r8,[r12,#0] ldr r9,[r12,#4] ldr r10,[r12,#8] @@ -543,7 +543,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r5,r5,r9 eor r6,r6,r10 eor r7,r7,r11 -._nomessage1: +.L_nomessage1: ldr r14,[sp,#232] vadd.i32 q4,q8,q1 str r0,[r14,#0] @@ -592,7 +592,7 @@ _gcry_arm_neon_salsa20_encrypt: add r5,r11,r5 add r8,r14,#64 cmp r12,#0 - beq ._nomessage2 + beq .L_nomessage2 ldr r9,[r12,#32] ldr r10,[r12,#36] ldr r11,[r12,#40] @@ -618,7 +618,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r1,r1,r14 vld1.8 {d20-d21},[r12]! veor q9,q9,q10 -._nomessage2: +.L_nomessage2: vst1.8 {d8-d9},[r8]! vst1.8 {d10-d11},[r8]! vmov.i64 q4,#0xff @@ -654,7 +654,7 @@ _gcry_arm_neon_salsa20_encrypt: vadd.i64 q3,q3,q4 sub r0,r0,#192 cmp r12,#0 - beq ._nomessage21 + beq .L_nomessage21 vld1.8 {d16-d17},[r12]! veor q2,q2,q8 vld1.8 {d16-d17},[r12]! @@ -663,7 +663,7 @@ _gcry_arm_neon_salsa20_encrypt: veor q6,q6,q8 vld1.8 {d16-d17},[r12]! veor q7,q7,q8 -._nomessage21: +.L_nomessage21: vst1.8 {d4-d5},[r8]! vst1.8 {d10-d11},[r8]! vst1.8 {d12-d13},[r8]! @@ -673,15 +673,15 @@ _gcry_arm_neon_salsa20_encrypt: add r12,sp,#256 str r8,[sp,#232] cmp r0,#192 - bhs ._mlenatleast192 -._mlenlowbelow192: + bhs .L_mlenatleast192 +.L_mlenlowbelow192: cmp r0,#0 - beq ._done - b ._mlenatleast1 -._nextblock: + beq .L_done + b .L_mlenatleast1 +.L_nextblock: sub r0,r0,#64 -._mlenatleast1: -._handleblock: +.L_mlenatleast1: +.L_handleblock: str r0,[sp,#248] ldrd r2,[sp,#48] ldrd r6,[sp,#32] @@ -694,7 +694,7 @@ _gcry_arm_neon_salsa20_encrypt: ldrd r2,[sp,#56] ldrd r6,[sp,#40] ldr r12,[sp,#244] -._mainloop1: +.L_mainloop1: str r12,[sp,#252] add r12,r0,r2 add r14,r5,r1 @@ -778,7 +778,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r9,r9,r14,ROR #14 ldr r12,[sp,#252] subs r12,r12,#2 - bhi ._mainloop1 + bhi .L_mainloop1 strd r6,[sp,#128] strd r2,[sp,#120] strd r10,[sp,#112] @@ -799,7 +799,7 @@ _gcry_arm_neon_salsa20_encrypt: add r7,r7,r11 ldr r12,[sp,#236] cmp r12,#0 - beq ._nomessage10 + beq .L_nomessage10 ldr r8,[r12,#0] ldr r9,[r12,#4] ldr r10,[r12,#8] @@ -816,7 +816,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r5,r5,r9 eor r6,r6,r10 eor r7,r7,r11 -._nomessage10: +.L_nomessage10: ldr r14,[sp,#232] str r0,[r14,#0] str r1,[r14,#4] @@ -846,7 +846,7 @@ _gcry_arm_neon_salsa20_encrypt: add r0,r8,r0 add r1,r9,r1 cmp r12,#0 - beq ._nomessage11 + beq .L_nomessage11 ldr r4,[r12,#32] ldr r5,[r12,#36] ldr r8,[r12,#40] @@ -865,7 +865,7 @@ _gcry_arm_neon_salsa20_encrypt: eor r1,r1,r9 add r4,r12,#64 str r4,[sp,#236] -._nomessage11: +.L_nomessage11: str r6,[r14,#32] str r7,[r14,#36] str r10,[r14,#40] @@ -878,8 +878,8 @@ _gcry_arm_neon_salsa20_encrypt: str r0,[sp,#232] ldr r0,[sp,#248] cmp r0,#64 - bhi ._nextblock -._done: + bhi .L_nextblock +.L_done: ldr r2,[sp,#160] ldrd r4,[sp,#0] ldrd r6,[sp,#8] ----------------------------------------------------------------------- Summary of changes: cipher/salsa20-amd64.S | 40 +++++++++++++++++----------------- cipher/salsa20-armv7-neon.S | 50 +++++++++++++++++++++---------------------- 2 files changed, 45 insertions(+), 45 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Nov 5 16:34:57 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Tue, 05 Nov 2013 16:34:57 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-351-gd50a88d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via d50a88d1e29124d038196fec6082fd093e922604 (commit) from d4697862266f3c96b6946dc92139dd8f3e81e5f6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d50a88d1e29124d038196fec6082fd093e922604 Author: Jussi Kivilinna Date: Sun Oct 13 12:42:32 2013 +0300 Make test vectors 'static const' * cipher/arcfour.c (selftest): Change test vectors to 'static const'. * cipher/blowfish.c (selftest): Ditto. * cipher/camellia-glue.c (selftest): Ditto. * cipher/cast5.c (selftest): Ditto. * cipher/des.c (selftest): Ditto. * cipher/rijndael.c (selftest): Ditto. * tests/basic.c (cipher_cbc_mac_cipher, check_aes128_cbc_cts_cipher) (check_ctr_cipher, check_cfb_cipher, check_ofb_cipher) (check_ccm_cipher, check_stream_cipher) (check_stream_cipher_large_block, check_bulk_cipher_modes) (check_ciphers, check_digests, check_hmac, check_pubkey_sign) (check_pubkey_sign_ecdsa, check_pubkey_crypt, check_pubkey): Ditto. -- Some test vectors have been defined without 'static' and thus end up being initialized on runtime. Change these to 'static'. Also change test vectors const where possible. Signed-off-by: Jussi Kivilinna diff --git a/cipher/arcfour.c b/cipher/arcfour.c index e8a5484..89936f4 100644 --- a/cipher/arcfour.c +++ b/cipher/arcfour.c @@ -159,9 +159,9 @@ selftest(void) /* Test vector from Cryptlib labeled there: "from the State/Commerce Department". */ - static byte key_1[] = + static const byte key_1[] = { 0x61, 0x8A, 0x63, 0xD2, 0xFB }; - static byte plaintext_1[] = + static const byte plaintext_1[] = { 0xDC, 0xEE, 0x4C, 0xF9, 0x2C }; static const byte ciphertext_1[] = { 0xF1, 0x38, 0x29, 0xC9, 0xDE }; diff --git a/cipher/blowfish.c b/cipher/blowfish.c index 3b6bf6b..84fa9d3 100644 --- a/cipher/blowfish.c +++ b/cipher/blowfish.c @@ -822,9 +822,12 @@ selftest(void) BLOWFISH_context c; byte plain[] = "BLOWFISH"; byte buffer[8]; - byte plain3[] = { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 }; - byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 }; - byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 }; + static const byte plain3[] = + { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 }; + static const byte key3[] = + { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 }; + static const byte cipher3[] = + { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 }; const char *r; bf_setkey( (void *) &c, diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c index 8c217a7..42b62d2 100644 --- a/cipher/camellia-glue.c +++ b/cipher/camellia-glue.c @@ -582,38 +582,38 @@ selftest(void) const char *r; /* These test vectors are from RFC-3713 */ - const byte plaintext[]= + static const byte plaintext[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10 }; - const byte key_128[]= + static const byte key_128[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10 }; - const byte ciphertext_128[]= + static const byte ciphertext_128[]= { 0x67,0x67,0x31,0x38,0x54,0x96,0x69,0x73, 0x08,0x57,0x06,0x56,0x48,0xea,0xbe,0x43 }; - const byte key_192[]= + static const byte key_192[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98, 0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77 }; - const byte ciphertext_192[]= + static const byte ciphertext_192[]= { 0xb4,0x99,0x34,0x01,0xb3,0xe9,0x96,0xf8, 0x4e,0xe5,0xce,0xe7,0xd7,0x9b,0x09,0xb9 }; - const byte key_256[]= + static const byte key_256[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba, 0x98,0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55, 0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff }; - const byte ciphertext_256[]= + static const byte ciphertext_256[]= { 0x9a,0xcc,0x23,0x7d,0xff,0x16,0xd7,0x6c, 0x20,0xef,0x7c,0x91,0x9e,0x3a,0x75,0x09 diff --git a/cipher/cast5.c b/cipher/cast5.c index 0df7886..8d14183 100644 --- a/cipher/cast5.c +++ b/cipher/cast5.c @@ -796,10 +796,13 @@ static const char* selftest(void) { CAST5_context c; - byte key[16] = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, + static const byte key[16] = + { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A }; - byte plain[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; - byte cipher[8]= { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 }; + static const byte plain[8] = + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; + static const byte cipher[8] = + { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 }; byte buffer[8]; const char *r; diff --git a/cipher/des.c b/cipher/des.c index 3464d53..6611fd3 100644 --- a/cipher/des.c +++ b/cipher/des.c @@ -893,7 +893,8 @@ selftest (void) * thanks to Jeroen C. van Gelderen. */ { - struct { byte key[24]; byte plain[8]; byte cipher[8]; } testdata[] = { + static const struct { byte key[24]; byte plain[8]; byte cipher[8]; } + testdata[] = { { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 }, diff --git a/cipher/rijndael.c b/cipher/rijndael.c index e8733c9..b8cc18b 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -2308,7 +2308,7 @@ selftest (void) static const char * selftest_fips_128_38a (int requested_mode) { - struct tv + static const struct tv { int mode; const unsigned char key[16]; diff --git a/tests/basic.c b/tests/basic.c index 21af21d..99d63ae 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -139,7 +139,7 @@ progress_handler (void *cb_data, const char *what, int printchar, static void check_cbc_mac_cipher (void) { - struct tv + static const struct tv { int algo; char key[MAX_DATA_LEN]; @@ -264,10 +264,10 @@ check_cbc_mac_cipher (void) static void check_aes128_cbc_cts_cipher (void) { - char key[128 / 8] = "chicken teriyaki"; - unsigned char plaintext[] = + static const char key[128 / 8] = "chicken teriyaki"; + static const unsigned char plaintext[] = "I would like the General Gau's Chicken, please, and wonton soup."; - struct tv + static const struct tv { unsigned char out[MAX_DATA_LEN]; int inlen; @@ -378,7 +378,7 @@ check_aes128_cbc_cts_cipher (void) static void check_ctr_cipher (void) { - struct tv + static const struct tv { int algo; char key[MAX_DATA_LEN]; @@ -734,7 +734,7 @@ check_ctr_cipher (void) static void check_cfb_cipher (void) { - struct tv + static const struct tv { int algo; char key[MAX_DATA_LEN]; @@ -905,7 +905,7 @@ check_cfb_cipher (void) static void check_ofb_cipher (void) { - struct tv + static const struct tv { int algo; char key[MAX_DATA_LEN]; @@ -1911,7 +1911,7 @@ check_ccm_cipher (void) static void check_stream_cipher (void) { - struct tv + static const struct tv { const char *name; int algo; @@ -2252,7 +2252,7 @@ check_stream_cipher (void) static void check_stream_cipher_large_block (void) { - struct tv + static const struct tv { const char *name; int algo; @@ -2690,7 +2690,7 @@ check_stream_cipher_large_block (void) static void check_bulk_cipher_modes (void) { - struct + static const struct { int algo; int mode; @@ -3110,7 +3110,7 @@ check_one_cipher (int algo, int mode, int flags) static void check_ciphers (void) { - static int algos[] = { + static const int algos[] = { #if USE_BLOWFISH GCRY_CIPHER_BLOWFISH, #endif @@ -3154,7 +3154,7 @@ check_ciphers (void) #endif 0 }; - static int algos2[] = { + static const int algos2[] = { #if USE_ARCFOUR GCRY_CIPHER_ARCFOUR, #endif @@ -3364,7 +3364,7 @@ check_one_md_multi (int algo, const char *data, int len, const char *expect) static void check_digests (void) { - static struct algos + static const struct algos { int md; const char *data; @@ -3728,7 +3728,7 @@ check_one_hmac (int algo, const char *data, int datalen, static void check_hmac (void) { - static struct algos + static const struct algos { int md; const char *data; @@ -4070,7 +4070,7 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo) static const char baddata[] = "(data\n (flags pkcs1)\n" " (hash sha1 #11223344556677889900AABBCCDDEEFF10203041#))\n"; - static struct + static const struct { const char *data; int algo; @@ -4173,7 +4173,7 @@ check_pubkey_sign_ecdsa (int n, gcry_sexp_t skey, gcry_sexp_t pkey) gcry_sexp_t sig, badhash, hash; unsigned int nbits; int dataidx; - static struct + static const struct { unsigned int nbits; const char *data; @@ -4285,7 +4285,7 @@ check_pubkey_crypt (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo) gcry_sexp_t ciph = NULL; gcry_sexp_t data = NULL; int dataidx; - static struct + static const struct { int algo; /* If not 0 run test only if ALGO matches. */ const char *data; @@ -4599,7 +4599,7 @@ check_one_pubkey_new (int n) static void check_pubkey (void) { - test_spec_pubkey_t pubkeys[] = { + static const test_spec_pubkey_t pubkeys[] = { { GCRY_PK_RSA, FLAG_CRYPT | FLAG_SIGN, { ----------------------------------------------------------------------- Summary of changes: cipher/arcfour.c | 4 ++-- cipher/blowfish.c | 9 ++++++--- cipher/camellia-glue.c | 14 +++++++------- cipher/cast5.c | 9 ++++++--- cipher/des.c | 3 ++- cipher/rijndael.c | 2 +- tests/basic.c | 36 ++++++++++++++++++------------------ 7 files changed, 42 insertions(+), 35 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Nov 5 17:31:45 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 05 Nov 2013 17:31:45 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-353-gf09ffe8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via f09ffe8a4802af65a116e79eceeb1cb4ed4fa2f4 (commit) via 630aca794ddf057fb7265b7dc346374743036af4 (commit) from d50a88d1e29124d038196fec6082fd093e922604 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f09ffe8a4802af65a116e79eceeb1cb4ed4fa2f4 Author: Werner Koch Date: Tue Nov 5 17:25:02 2013 +0100 ecc: Fully implement Ed25519 compression in ECDSA mode. * src/ec-context.h (mpi_ec_ctx_s): Add field FLAGS. * mpi/ec.c (ec_p_init): Add arg FLAGS. Change all callers to pass it. * cipher/ecc-curves.c (point_from_keyparam): Add arg EC, parse as opaque mpi and use eddsa decoding depending on the flag. (_gcry_mpi_ec_new): Rearrange to parse Q and D after knowing the curve. Signed-off-by: Werner Koch diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index fb0db3b..1bd3679 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -545,28 +545,36 @@ mpi_from_keyparam (gcry_mpi_t *r_a, gcry_sexp_t keyparam, const char *name) /* Helper to extract a point from key parameters. If no parameter with NAME is found, the functions tries to find a non-encoded point by appending ".x", ".y" and ".z" to NAME. ".z" is in this case - optional and defaults to 1. */ + optional and defaults to 1. EC is the context which at this point + may not be fully initialized. */ static gpg_err_code_t point_from_keyparam (gcry_mpi_point_t *r_a, - gcry_sexp_t keyparam, const char *name) + gcry_sexp_t keyparam, const char *name, mpi_ec_t ec) { - gcry_err_code_t ec; - gcry_mpi_t a = NULL; + gcry_err_code_t rc; + gcry_sexp_t l1; gcry_mpi_point_t point; - ec = mpi_from_keyparam (&a, keyparam, name); - if (ec) - return ec; - - if (a) + l1 = gcry_sexp_find_token (keyparam, name, 0); + if (l1) { + gcry_mpi_t a; + + a = _gcry_sexp_nth_opaque_mpi (l1, 1); + gcry_sexp_release (l1); + if (!a) + return GPG_ERR_INV_OBJ; + point = gcry_mpi_point_new (0); - ec = _gcry_ecc_os2ec (point, a); + if (ec && ec->dialect == ECC_DIALECT_ED25519) + rc = _gcry_ecc_eddsa_decodepoint (a, ec, point, NULL, NULL); + else + rc = _gcry_ecc_os2ec (point, a); mpi_free (a); - if (ec) + if (rc) { gcry_mpi_point_release (point); - return ec; + return rc; } } else @@ -580,28 +588,28 @@ point_from_keyparam (gcry_mpi_point_t *r_a, if (!tmpname) return gpg_err_code_from_syserror (); strcpy (stpcpy (tmpname, name), ".x"); - ec = mpi_from_keyparam (&x, keyparam, tmpname); - if (ec) + rc = mpi_from_keyparam (&x, keyparam, tmpname); + if (rc) { gcry_free (tmpname); - return ec; + return rc; } strcpy (stpcpy (tmpname, name), ".y"); - ec = mpi_from_keyparam (&y, keyparam, tmpname); - if (ec) + rc = mpi_from_keyparam (&y, keyparam, tmpname); + if (rc) { mpi_free (x); gcry_free (tmpname); - return ec; + return rc; } strcpy (stpcpy (tmpname, name), ".z"); - ec = mpi_from_keyparam (&z, keyparam, tmpname); - if (ec) + rc = mpi_from_keyparam (&z, keyparam, tmpname); + if (rc) { mpi_free (y); mpi_free (x); gcry_free (tmpname); - return ec; + return rc; } if (!z) z = mpi_set_ui (NULL, 1); @@ -645,35 +653,43 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, gcry_mpi_t n = NULL; gcry_mpi_point_t Q = NULL; gcry_mpi_t d = NULL; + int flags = 0; gcry_sexp_t l1; *r_ctx = NULL; if (keyparam) { - errc = mpi_from_keyparam (&p, keyparam, "p"); - if (errc) - goto leave; - errc = mpi_from_keyparam (&a, keyparam, "a"); - if (errc) - goto leave; - errc = mpi_from_keyparam (&b, keyparam, "b"); - if (errc) - goto leave; - errc = point_from_keyparam (&G, keyparam, "g"); - if (errc) - goto leave; - errc = mpi_from_keyparam (&n, keyparam, "n"); - if (errc) - goto leave; - errc = point_from_keyparam (&Q, keyparam, "q"); - if (errc) - goto leave; - errc = mpi_from_keyparam (&d, keyparam, "d"); - if (errc) - goto leave; - } + /* Parse an optional flags list. */ + l1 = gcry_sexp_find_token (keyparam, "flags", 0); + if (l1) + { + errc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL); + gcry_sexp_release (l1); + l1 = NULL; + if (errc) + goto leave; + } + if (!(flags & PUBKEY_FLAG_NOPARAM)) + { + errc = mpi_from_keyparam (&p, keyparam, "p"); + if (errc) + goto leave; + errc = mpi_from_keyparam (&a, keyparam, "a"); + if (errc) + goto leave; + errc = mpi_from_keyparam (&b, keyparam, "b"); + if (errc) + goto leave; + errc = point_from_keyparam (&G, keyparam, "g", NULL); + if (errc) + goto leave; + errc = mpi_from_keyparam (&n, keyparam, "n"); + if (errc) + goto leave; + } + } /* Check whether a curve parameter is available and use that to fill in missing values. If no curve parameter is available try an @@ -751,7 +767,8 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, gcry_free (E); } - errc = _gcry_mpi_ec_p_new (&ctx, model, dialect, p, a, b); + + errc = _gcry_mpi_ec_p_new (&ctx, model, dialect, flags, p, a, b); if (!errc) { mpi_ec_t ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC); @@ -771,6 +788,22 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, ec->n = n; n = NULL; } + + /* Now that we now the curve name we can look for the public key + Q. point_from_keyparam needs to know the curve parameters so + that it is able to use the correct decompression. Parsing + the private key D could have been done earlier but it is less + surprising if we do it here as well. */ + if (keyparam) + { + errc = point_from_keyparam (&Q, keyparam, "q", ec); + if (errc) + goto leave; + errc = mpi_from_keyparam (&d, keyparam, "d"); + if (errc) + goto leave; + } + if (Q) { ec->Q = Q; @@ -783,9 +816,11 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, } *r_ctx = ctx; + ctx = NULL; } leave: + gcry_ctx_release (ctx); mpi_free (p); mpi_free (a); mpi_free (b); @@ -814,7 +849,10 @@ _gcry_ecc_get_param (const char *name, gcry_mpi_t *pkey) g_x = mpi_new (0); g_y = mpi_new (0); - ctx = _gcry_mpi_ec_p_internal_new (0, ECC_DIALECT_STANDARD, E.p, E.a, NULL); + ctx = _gcry_mpi_ec_p_internal_new (MPI_EC_WEIERSTRASS, + ECC_DIALECT_STANDARD, + 0, + E.p, E.a, NULL); if (_gcry_mpi_ec_get_affine (g_x, g_y, &E.G, ctx)) log_fatal ("ecc get param: Failed to get affine coordinates\n"); _gcry_mpi_ec_free (ctx); diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c index 70dfe38..7663623 100644 --- a/cipher/ecc-ecdsa.c +++ b/cipher/ecc-ecdsa.c @@ -78,7 +78,7 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey, x = mpi_alloc (0); point_init (&I); - ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, skey->E.p, skey->E.a, skey->E.b); /* Two loops to avoid R or S are zero. This is more of a joke than @@ -179,7 +179,7 @@ _gcry_ecc_ecdsa_verify (gcry_mpi_t input, ECC_public_key *pkey, point_init (&Q1); point_init (&Q2); - ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, 0, pkey->E.p, pkey->E.a, pkey->E.b); /* h = s^(-1) (mod n) */ diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index 22f2702..d83b7c6 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -441,7 +441,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, x = mpi_new (0); y = mpi_new (0); r = mpi_new (0); - ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, skey->E.p, skey->E.a, skey->E.b); b = (ctx->nbits+7)/8; if (b != 256/8) @@ -618,7 +618,7 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey, h = mpi_new (0); s = mpi_new (0); - ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, 0, pkey->E.p, pkey->E.a, pkey->E.b); b = ctx->nbits/8; if (b != 256/8) diff --git a/cipher/ecc-gost.c b/cipher/ecc-gost.c index a40459c..ce3e921 100644 --- a/cipher/ecc-gost.c +++ b/cipher/ecc-gost.c @@ -77,7 +77,7 @@ _gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey, x = mpi_alloc (0); point_init (&I); - ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0, skey->E.p, skey->E.a, skey->E.b); mpi_mod (e, input, skey->E.n); /* e = hash mod n */ @@ -164,7 +164,7 @@ _gcry_ecc_gost_verify (gcry_mpi_t input, ECC_public_key *pkey, point_init (&Q1); point_init (&Q2); - ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model, pkey->E.dialect, 0, pkey->E.p, pkey->E.a, pkey->E.b); mpi_mod (e, input, pkey->E.n); /* e = hash mod n */ diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c index fa0bded..6c75e75 100644 --- a/cipher/ecc-misc.c +++ b/cipher/ecc-misc.c @@ -26,6 +26,7 @@ #include "g10lib.h" #include "mpi.h" +#include "cipher.h" #include "context.h" #include "ec-context.h" #include "ecc-common.h" @@ -263,67 +264,62 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec) if (ec->model == MPI_EC_TWISTEDEDWARDS && !ec->b) return NULL; - switch (ec->dialect) + if (ec->dialect == ECC_DIALECT_ED25519 + && !(ec->flags & PUBKEY_FLAG_ECDSA)) { - case ECC_DIALECT_ED25519: - { - gcry_mpi_t a; - unsigned char *rawmpi = NULL; - unsigned int rawmpilen; - unsigned char *digest; - gcry_buffer_t hvec[2]; - int b = (ec->nbits+7)/8; - - gcry_assert (b >= 32); - digest = gcry_calloc_secure (2, b); - if (!digest) + gcry_mpi_t a; + unsigned char *rawmpi = NULL; + unsigned int rawmpilen; + unsigned char *digest; + gcry_buffer_t hvec[2]; + int b = (ec->nbits+7)/8; + + gcry_assert (b >= 32); + digest = gcry_calloc_secure (2, b); + if (!digest) + return NULL; + memset (hvec, 0, sizeof hvec); + + rawmpi = _gcry_mpi_get_buffer (ec->d, 0, &rawmpilen, NULL); + if (!rawmpi) + return NULL; + memset (digest, 0, b); + hvec[0].data = digest; + hvec[0].off = 0; + hvec[0].len = b > rawmpilen? b - rawmpilen : 0; + hvec[1].data = rawmpi; + hvec[1].off = 0; + hvec[1].len = rawmpilen; + /* FIXME: Put and take the hash algo from the context. */ + rc = _gcry_md_hash_buffers (GCRY_MD_SHA512, 0, digest, hvec, 2); + gcry_free (rawmpi); + if (rc) + { + gcry_free (digest); return NULL; - memset (hvec, 0, sizeof hvec); + } - rawmpi = _gcry_mpi_get_buffer (ec->d, 0, &rawmpilen, NULL); - if (!rawmpi) - return NULL; - memset (digest, 0, b); - hvec[0].data = digest; - hvec[0].off = 0; - hvec[0].len = b > rawmpilen? b - rawmpilen : 0; - hvec[1].data = rawmpi; - hvec[1].off = 0; - hvec[1].len = rawmpilen; - /* FIXME: Put and take the hash algo from the context. */ - rc = _gcry_md_hash_buffers (GCRY_MD_SHA512, 0, digest, hvec, 2); - gcry_free (rawmpi); - if (rc) - { - gcry_free (digest); - return NULL; - } - - /* Compute the A value. */ - reverse_buffer (digest, 32); /* Only the first half of the hash. */ - digest[0] = (digest[0] & 0x7f) | 0x40; - digest[31] &= 0xf8; - a = mpi_snew (0); - _gcry_mpi_set_buffer (a, digest, 32, 0); - gcry_free (digest); - - /* And finally the public key. */ - if (!Q) - Q = gcry_mpi_point_new (0); - if (Q) - _gcry_mpi_ec_mul_point (Q, a, ec->G, ec); - mpi_free (a); - } - break; - - default: - { - if (!Q) - Q = gcry_mpi_point_new (0); - if (Q) - _gcry_mpi_ec_mul_point (Q, ec->d, ec->G, ec); - } - break; + /* Compute the A value. */ + reverse_buffer (digest, 32); /* Only the first half of the hash. */ + digest[0] = (digest[0] & 0x7f) | 0x40; + digest[31] &= 0xf8; + a = mpi_snew (0); + _gcry_mpi_set_buffer (a, digest, 32, 0); + gcry_free (digest); + + /* And finally the public key. */ + if (!Q) + Q = gcry_mpi_point_new (0); + if (Q) + _gcry_mpi_ec_mul_point (Q, a, ec->G, ec); + mpi_free (a); + } + else + { + if (!Q) + Q = gcry_mpi_point_new (0); + if (Q) + _gcry_mpi_ec_mul_point (Q, ec->d, ec->G, ec); } return Q; diff --git a/cipher/ecc.c b/cipher/ecc.c index 752dfc1..8bc8ea6 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -312,7 +312,7 @@ check_secret_key (ECC_secret_key * sk) goto leave; } - ctx = _gcry_mpi_ec_p_internal_new (sk->E.model, sk->E.dialect, + ctx = _gcry_mpi_ec_p_internal_new (sk->E.model, sk->E.dialect, 0, sk->E.p, sk->E.a, sk->E.b); _gcry_mpi_ec_mul_point (&Q, sk->E.n, &sk->E.G, ctx); @@ -469,7 +469,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) else random_level = GCRY_VERY_STRONG_RANDOM; - ctx = _gcry_mpi_ec_p_internal_new (E.model, E.dialect, E.p, E.a, E.b); + ctx = _gcry_mpi_ec_p_internal_new (E.model, E.dialect, 0, E.p, E.a, E.b); x = mpi_new (0); y = mpi_new (0); @@ -984,7 +984,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) /* Fixme: Factor the curve context setup out of eddsa_verify and ecdsa_verify. So that we don't do it twice. */ - ec = _gcry_mpi_ec_p_internal_new (pk.E.model, pk.E.dialect, + ec = _gcry_mpi_ec_p_internal_new (pk.E.model, pk.E.dialect, 0, pk.E.p, pk.E.a, pk.E.b); rc = _gcry_ecc_eddsa_decodepoint (mpi_q, ec, &pk.Q, NULL, NULL); @@ -1169,7 +1169,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) } /* Compute the encrypted value. */ - ec = _gcry_mpi_ec_p_internal_new (pk.E.model, pk.E.dialect, + ec = _gcry_mpi_ec_p_internal_new (pk.E.model, pk.E.dialect, 0, pk.E.p, pk.E.a, pk.E.b); /* The following is false: assert( mpi_cmp_ui( R.x, 1 )==0 );, so */ @@ -1338,7 +1338,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) return rc; } - ec = _gcry_mpi_ec_p_internal_new (sk.E.model, sk.E.dialect, + ec = _gcry_mpi_ec_p_internal_new (sk.E.model, sk.E.dialect, 0, sk.E.p, sk.E.a, sk.E.b); /* R = dkG */ diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 76cf0bd..9c695e0 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2278,7 +2278,7 @@ For ECC key generation do not return the domain parameters but only the name of the curve. For ECC signing and verification ignore any provided domain parameters of the public or private key and use only the curve name. It is more secure to rely on the curve name and thus -use the curve parameters as known by Libgcrypt. This option shouild +use the curve parameters as known by Libgcrypt. This option should have been the default but for backward compatibility reasons this is not possible. It is best to always use this flag with ECC keys. diff --git a/mpi/ec.c b/mpi/ec.c index 39ab5eb..57396ce 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -350,6 +350,7 @@ ec_get_two_inv_p (mpi_ec_t ec) static void ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model, enum ecc_dialects dialect, + int flags, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { int i; @@ -367,6 +368,7 @@ ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model, ctx->model = model; ctx->dialect = dialect; + ctx->flags = flags; if (dialect == ECC_DIALECT_ED25519) ctx->nbits = 256; else @@ -454,12 +456,13 @@ ec_deinit (void *opaque) mpi_ec_t _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, enum ecc_dialects dialect, + int flags, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { mpi_ec_t ctx; ctx = gcry_xcalloc (1, sizeof *ctx); - ec_p_init (ctx, model, dialect, p, a, b); + ec_p_init (ctx, model, dialect, flags, p, a, b); return ctx; } @@ -476,6 +479,7 @@ gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, enum gcry_mpi_ec_models model, enum ecc_dialects dialect, + int flags, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b) { gcry_ctx_t ctx; @@ -489,7 +493,7 @@ _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, if (!ctx) return gpg_err_code_from_syserror (); ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC); - ec_p_init (ec, model, dialect, p, a, b); + ec_p_init (ec, model, dialect, flags, p, a, b); *r_ctx = ctx; return 0; diff --git a/src/ec-context.h b/src/ec-context.h index a118608..60ca759 100644 --- a/src/ec-context.h +++ b/src/ec-context.h @@ -27,6 +27,8 @@ struct mpi_ec_ctx_s enum ecc_dialects dialect; /* The ECC dialect used with the curve. */ + int flags; /* Public key flags (not always used). */ + unsigned int nbits; /* Number of bits. */ /* Domain parameters. Note that they may not all be set and if set diff --git a/src/mpi.h b/src/mpi.h index 15fb542..a5d805e 100644 --- a/src/mpi.h +++ b/src/mpi.h @@ -312,10 +312,12 @@ void _gcry_mpi_point_log (const char *name, mpi_point_t point, mpi_ec_t ctx); mpi_ec_t _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, enum ecc_dialects dialect, + int flags, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b); gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, enum gcry_mpi_ec_models model, enum ecc_dialects dialect, + int flags, gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b); void _gcry_mpi_ec_free (mpi_ec_t ctx); commit 630aca794ddf057fb7265b7dc346374743036af4 Author: Werner Koch Date: Mon Nov 4 16:47:13 2013 +0100 mpi: Add function gcry_mpi_set_opaque_copy. * src/gcrypt.h.in (gcry_mpi_set_opaque_copy): New. * src/visibility.c (gcry_mpi_set_opaque_copy): New. * src/visibility.h (gcry_mpi_set_opaque_copy): Mark visible. * src/libgcrypt.def, src/libgcrypt.vers: Add new API. * tests/mpitests.c (test_opaque): Add test. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index d60e067..8010c37 100644 --- a/NEWS +++ b/NEWS @@ -75,6 +75,7 @@ Noteworthy changes in version 1.6.0 (unreleased) gcry_mpi_neg NEW. gcry_mpi_abs NEW. gcry_mpi_snatch NEW. + gcry_mpi_set_opaque_copy NEW. gcry_mpi_point_t NEW. gcry_mpi_point_new NEW. gcry_mpi_point_release NEW. diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 4a202dd..76cf0bd 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -4467,6 +4467,13 @@ valid functions are gcry_mpi_get_opaque and gcry_mpi_release. Use gcry_mpi_scan to convert a string of arbitrary bytes into an MPI. @end deftypefun + at deftypefun gcry_mpi_t gcry_mpi_set_opaque_copy (@w{gcry_mpi_t @var{a}}, @w{const void *@var{p}}, @w{unsigned int @var{nbits}}) + +Same as @code{gcry_mpi_set_opaque} but ownership of @var{p} is not +taken instead a copy of @var{p} is used. + at end deftypefun + + @deftypefun {void *} gcry_mpi_get_opaque (@w{gcry_mpi_t @var{a}}, @w{unsigned int *@var{nbits}}) Return a pointer to an opaque value stored in @var{a} and return its diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 2742556..234e8a4 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -726,10 +726,18 @@ void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); /* Store NBITS of the value P points to in A and mark A as an opaque - value. WARNING: Never use an opaque MPI for anything thing else than + value. On success A received the the ownership of the value P. + WARNING: Never use an opaque MPI for anything thing else than gcry_mpi_release, gcry_mpi_get_opaque. */ gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits); +/* Store NBITS of the value P points to in A and mark A as an opaque + value. The function takes a copy of the provided value P. + WARNING: Never use an opaque MPI for anything thing else than + gcry_mpi_release, gcry_mpi_get_opaque. */ +gcry_mpi_t gcry_mpi_set_opaque_copy (gcry_mpi_t a, + const void *p, unsigned int nbits); + /* Return a pointer to an opaque value stored in A and return its size in NBITS. Note that the returned pointer is still owned by A and that the function should never be used for an non-opaque MPI. */ diff --git a/src/libgcrypt.def b/src/libgcrypt.def index 64ba370..e2aba2b 100644 --- a/src/libgcrypt.def +++ b/src/libgcrypt.def @@ -259,5 +259,7 @@ EXPORTS gcry_cipher_gettag @227 gcry_cipher_checktag @228 + gcry_mpi_set_opaque_copy @229 + ;; end of file with public symbols for Windows. diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers index 93eaa93..c3a09b8 100644 --- a/src/libgcrypt.vers +++ b/src/libgcrypt.vers @@ -88,7 +88,8 @@ GCRYPT_1.6 { gcry_mpi_mul_2exp; gcry_mpi_mul_ui; gcry_mpi_mulm; gcry_mpi_new; gcry_mpi_powm; gcry_mpi_print; gcry_mpi_randomize; gcry_mpi_release; gcry_mpi_rshift; gcry_mpi_scan; gcry_mpi_set; gcry_mpi_set_bit; - gcry_mpi_set_flag; gcry_mpi_set_highbit; gcry_mpi_set_opaque; + gcry_mpi_set_flag; gcry_mpi_set_highbit; + gcry_mpi_set_opaque; gcry_mpi_set_opaque_copy; gcry_mpi_set_ui; gcry_mpi_snew; gcry_mpi_sub; gcry_mpi_sub_ui; gcry_mpi_subm; gcry_mpi_swap; gcry_mpi_test_bit; gcry_mpi_lshift; gcry_mpi_snatch; diff --git a/src/visibility.c b/src/visibility.c index 1f7bb3a..852bdf9 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -629,6 +629,12 @@ gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits) return _gcry_mpi_set_opaque (a, p, nbits); } +gcry_mpi_t +gcry_mpi_set_opaque_copy (gcry_mpi_t a, const void *p, unsigned int nbits) +{ + return _gcry_mpi_set_opaque_copy (a, p, nbits); +} + void * gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits) { diff --git a/src/visibility.h b/src/visibility.h index b2fa4c0..438db5b 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -603,6 +603,7 @@ MARK_VISIBLE (gcry_mpi_set_bit) MARK_VISIBLE (gcry_mpi_set_flag) MARK_VISIBLE (gcry_mpi_set_highbit) MARK_VISIBLE (gcry_mpi_set_opaque) +MARK_VISIBLEX(gcry_mpi_set_opaque_copy) MARK_VISIBLE (gcry_mpi_set_ui) MARK_VISIBLE (gcry_mpi_snew) MARK_VISIBLE (gcry_mpi_sub) @@ -632,8 +633,8 @@ MARK_VISIBLEX(_gcry_mpi_get_const) between a public and an internal version is that the internal version use gpg_err_code_t and the public version gpg_error_t. */ -#define gcry_sexp_extract_param _gcry_USE_THE_UNDERSCORED_FUNCTION - +#define gcry_sexp_extract_param _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_opaque_copy _gcry_USE_THE_UNDERSCORED_FUNCTION #endif /*!_GCRY_INCLUDED_BY_VISIBILITY_C*/ diff --git a/tests/mpitests.c b/tests/mpitests.c index c5c60d7..1c4edb6 100644 --- a/tests/mpitests.c +++ b/tests/mpitests.c @@ -213,6 +213,24 @@ test_opaque (void) if (debug) gcry_log_debugmpi ("mpi", a); + p = gcry_xstrdup ("This is a test buffer"); + a = gcry_mpi_set_opaque_copy (NULL, p, 21*8+1); + gcry_free (p); + + if (!gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)) + die ("opaque flag not set\n"); + + p = gcry_mpi_get_opaque (a, &nbits); + if (!p) + die ("gcry_mpi_get_opaque returned NULL\n"); + if (nbits != 21*8+1) + die ("gcry_mpi_get_opaque returned a changed bit size\n"); + if (strcmp (p, "This is a test buffer")) + die ("gcry_mpi_get_opaque returned a changed buffer\n"); + + if (debug) + gcry_log_debugmpi ("mpi", a); + gcry_mpi_release (a); } ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + cipher/ecc-curves.c | 128 +++++++++++++++++++++++++++++++++------------------ cipher/ecc-ecdsa.c | 4 +- cipher/ecc-eddsa.c | 4 +- cipher/ecc-gost.c | 4 +- cipher/ecc-misc.c | 112 ++++++++++++++++++++++---------------------- cipher/ecc.c | 10 ++-- doc/gcrypt.texi | 9 +++- mpi/ec.c | 8 +++- src/ec-context.h | 2 + src/gcrypt.h.in | 10 +++- src/libgcrypt.def | 2 + src/libgcrypt.vers | 3 +- src/mpi.h | 2 + src/visibility.c | 6 +++ src/visibility.h | 5 +- tests/mpitests.c | 18 ++++++++ 17 files changed, 207 insertions(+), 121 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Nov 5 19:10:03 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 05 Nov 2013 19:10:03 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-354-gb9fd398 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via b9fd3988b54b50109f4e7179e7fe0739bb1d97c5 (commit) from f09ffe8a4802af65a116e79eceeb1cb4ed4fa2f4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b9fd3988b54b50109f4e7179e7fe0739bb1d97c5 Author: Werner Koch Date: Tue Nov 5 19:00:09 2013 +0100 ecc: Require "eddsa" flag for curve Ed25519. * src/cipher.h (PUBKEY_FLAG_ECDSA): Remove. * cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Remove "ecdsa". * cipher/ecc.c (ecc_generate, ecc_sign, ecc_verify): Require "eddsa" flag. * cipher/ecc-misc.c (_gcry_ecc_compute_public): Depend "eddsa" flag. * tests/benchmark.c, tests/keygen.c, tests/pubkey.c * tests/t-ed25519.c, tests/t-mpi-point.c: Adjust for changed flags. -- This changes make using ECDSA signatures the default for all curves. If another signing algorithm is to be used, the corresponding flag needs to be given. In particular the flags "eddsa" is now always required with curve Ed25519 to comply with the specs. This change makes the code better readable by not assuming a certain signature algorithm depending on the curve. Signed-off-by: Werner Koch diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c index 6c75e75..0eb3391 100644 --- a/cipher/ecc-misc.c +++ b/cipher/ecc-misc.c @@ -265,7 +265,7 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec) return NULL; if (ec->dialect == ECC_DIALECT_ED25519 - && !(ec->flags & PUBKEY_FLAG_ECDSA)) + && (ec->flags & PUBKEY_FLAG_EDDSA)) { gcry_mpi_t a; unsigned char *rawmpi = NULL; diff --git a/cipher/ecc.c b/cipher/ecc.c index 8bc8ea6..5578e05 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -404,7 +404,6 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) gcry_mpi_t public = NULL; gcry_mpi_t secret = NULL; int flags = 0; - int ed25519_with_ecdsa = 0; memset (&E, 0, sizeof E); memset (&sk, 0, sizeof sk); @@ -473,24 +472,10 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) x = mpi_new (0); y = mpi_new (0); - switch (E.dialect) - { - case ECC_DIALECT_STANDARD: - rc = nist_generate_key (&sk, &E, ctx, random_level, nbits); - break; - case ECC_DIALECT_ED25519: - if ((flags & PUBKEY_FLAG_ECDSA)) - { - ed25519_with_ecdsa = 1; - rc = nist_generate_key (&sk, &E, ctx, random_level, nbits); - } - else - rc = _gcry_ecc_eddsa_genkey (&sk, &E, ctx, random_level); - break; - default: - rc = GPG_ERR_INTERNAL; - break; - } + if ((flags & PUBKEY_FLAG_EDDSA)) + rc = _gcry_ecc_eddsa_genkey (&sk, &E, ctx, random_level); + else + rc = nist_generate_key (&sk, &E, ctx, random_level, nbits); if (rc) goto leave; @@ -524,15 +509,15 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } - if ((flags & PUBKEY_FLAG_NOPARAM) || ed25519_with_ecdsa) + if ((flags & PUBKEY_FLAG_NOPARAM) || (flags & PUBKEY_FLAG_EDDSA)) { rc = gcry_sexp_build (&curve_flags, NULL, - ((flags & PUBKEY_FLAG_NOPARAM) && ed25519_with_ecdsa)? - "(flags noparam ecdsa)" : + ((flags & PUBKEY_FLAG_NOPARAM) && (flags & PUBKEY_FLAG_EDDSA))? + "(flags noparam eddsa)" : ((flags & PUBKEY_FLAG_NOPARAM))? "(flags noparam)" : - "(flags ecdsa)"); + "(flags eddsa)"); if (rc) goto leave; } @@ -573,8 +558,8 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) log_printmpi ("ecgen result n", sk.E.n); log_printmpi ("ecgen result Q", public); log_printmpi ("ecgen result d", secret); - if (ed25519_with_ecdsa) - log_debug ("ecgen result using Ed25519/ECDSA\n"); + if ((flags & PUBKEY_FLAG_EDDSA)) + log_debug ("ecgen result using Ed25519+EdDSA\n"); } leave: @@ -773,8 +758,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) log_debug ("ecc_sign info: %s/%s%s\n", _gcry_ecc_model2str (sk.E.model), _gcry_ecc_dialect2str (sk.E.dialect), - (sk.E.dialect == ECC_DIALECT_ED25519 - && (ctx.flags & PUBKEY_FLAG_ECDSA))? "ECDSA":""); + (ctx.flags & PUBKEY_FLAG_EDDSA)? "+EdDSA":""); if (sk.E.name) log_debug ("ecc_sign name: %s\n", sk.E.name); log_printmpi ("ecc_sign p", sk.E.p); @@ -940,8 +924,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) log_debug ("ecc_verify info: %s/%s%s\n", _gcry_ecc_model2str (pk.E.model), _gcry_ecc_dialect2str (pk.E.dialect), - (pk.E.dialect == ECC_DIALECT_ED25519 - && !(sigflags & PUBKEY_FLAG_EDDSA))? "/ECDSA":""); + (sigflags & PUBKEY_FLAG_EDDSA)? "+EdDSA":""); if (pk.E.name) log_debug ("ecc_verify name: %s\n", pk.E.name); log_printmpi ("ecc_verify p", pk.E.p); diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 88d6bb6..a91e66f 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -107,10 +107,6 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, encoding = PUBKEY_ENC_RAW; flags |= PUBKEY_FLAG_EDDSA; } - else if (!memcmp (s, "ecdsa", 5)) - { - flags |= PUBKEY_FLAG_ECDSA; - } else if (!memcmp (s, "pkcs1", 5) && encoding == PUBKEY_ENC_UNKNOWN) { encoding = PUBKEY_ENC_PKCS1; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 9c695e0..03ace83 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2251,15 +2251,10 @@ Use RSA-OAEP padding for encryption. @cindex PSS Use RSA-PSS padding for signing. - at item ecdsa - at cindex ECDSA -Create an ECDSA public key instead of using the default key generation -of the specified curve. - @item eddsa @cindex EdDSA -Use the EdDSA scheme instead of the default signature algorithm of the -used curve. +Use the EdDSA scheme signing instead of the default ECDSA algorithm. +Note that the EdDSA uses a special form of the public key. @item rfc6979 @cindex RFC6979 @@ -2854,7 +2849,7 @@ is in general not recommended. @example (genkey (ecc - (flags noparam transient-key ecdsa))) + (flags noparam transient-key))) @end example @item transient-key @@ -2899,12 +2894,12 @@ elliptic curve key generation: (public-key (ecc (curve Ed25519) - (flags noparam) + (flags noparam eddsa) (q @var{q-value}))) (private-key (ecc (curve Ed25519) - (flags noparam) + (flags noparam eddsa) (q @var{q-value}) (d @var{d-value})))) @end example diff --git a/src/cipher.h b/src/cipher.h index 551dc66..5ac891e 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -35,11 +35,10 @@ #define PUBKEY_FLAG_USE_X931 (1 << 6) #define PUBKEY_FLAG_USE_FIPS186 (1 << 7) #define PUBKEY_FLAG_USE_FIPS186_2 (1 << 8) -#define PUBKEY_FLAG_ECDSA (1 << 9) -#define PUBKEY_FLAG_EDDSA (1 << 10) -#define PUBKEY_FLAG_GOST (1 << 11) -#define PUBKEY_FLAG_NOPARAM (1 << 12) -#define PUBKEY_FLAG_COMP (1 << 12) +#define PUBKEY_FLAG_NOPARAM (1 << 9) +#define PUBKEY_FLAG_COMP (1 << 10) +#define PUBKEY_FLAG_EDDSA (1 << 11) +#define PUBKEY_FLAG_GOST (1 << 12) enum pk_operation diff --git a/tests/benchmark.c b/tests/benchmark.c index 8326ab2..93874fa 100644 --- a/tests/benchmark.c +++ b/tests/benchmark.c @@ -997,7 +997,8 @@ ecc_bench (int iterations, int print_header) if (is_ed25519) err = gcry_sexp_build (&key_spec, NULL, - "(genkey (ecdsa (curve \"Ed25519\")))"); + "(genkey (ecdsa (curve \"Ed25519\")" + "(flags eddsa)))"); else if (is_gost) err = gcry_sexp_build (&key_spec, NULL, "(genkey (ecdsa (curve %s)))", diff --git a/tests/keygen.c b/tests/keygen.c index 18fe211..5879393 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -374,9 +374,14 @@ check_ecc_keys (void) { if (verbose) show ("creating ECC key using curve %s\n", curves[testno]); - rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve %s)(flags noparam)))", - curves[testno]); + if (!strcmp (curves[testno], "Ed25519")) + rc = gcry_sexp_build (&keyparm, NULL, + "(genkey(ecc(curve %s)(flags noparam eddsa)))", + curves[testno]); + else + rc = gcry_sexp_build (&keyparm, NULL, + "(genkey(ecc(curve %s)(flags noparam)))", + curves[testno]); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); @@ -398,8 +403,7 @@ check_ecc_keys (void) if (verbose) show ("creating ECC key using curve Ed25519 for ECDSA\n"); - rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve Ed25519)(flags ecdsa)))"); + rc = gcry_sexp_build (&keyparm, NULL, "(genkey(ecc(curve Ed25519)))"); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); @@ -414,7 +418,7 @@ check_ecc_keys (void) if (verbose) show ("creating ECC key using curve Ed25519 for ECDSA\n"); rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve Ed25519)(flags noparam ecdsa)))"); + "(genkey(ecc(curve Ed25519)(flags noparam)))"); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); diff --git a/tests/pubkey.c b/tests/pubkey.c index e41050c..4e12dfd 100644 --- a/tests/pubkey.c +++ b/tests/pubkey.c @@ -1057,7 +1057,7 @@ check_ed25519ecdsa_sample_key (void) " (q #047b57c2c1d3ded93332b52d588dd45863478b658387413a718779c0dd1a6d95#)" "))"; static const char hash_string[] = - "(data (flags ecdsa rfc6979)\n" + "(data (flags rfc6979)\n" " (hash sha256 #00112233445566778899AABBCCDDEEFF" /* */ "000102030405060708090A0B0C0D0E0F#))"; diff --git a/tests/t-ed25519.c b/tests/t-ed25519.c index be200fa..465a217 100644 --- a/tests/t-ed25519.c +++ b/tests/t-ed25519.c @@ -288,6 +288,7 @@ one_test (int testno, const char *sk, const char *pk, "(private-key" " (ecc" " (curve \"Ed25519\")" + " (flags eddsa)" " (q %b)" " (d %b)))", (int)buflen2, buffer2, @@ -297,6 +298,7 @@ one_test (int testno, const char *sk, const char *pk, "(private-key" " (ecc" " (curve \"Ed25519\")" + " (flags eddsa)" " (d %b)))", (int)buflen, buffer); if (err) @@ -310,6 +312,7 @@ one_test (int testno, const char *sk, const char *pk, "(public-key" " (ecc" " (curve \"Ed25519\")" + " (flags eddsa)" " (q %b)))", (int)buflen2, buffer2))) { fail ("error building s-exp for test %d, %s: %s", diff --git a/tests/t-mpi-point.c b/tests/t-mpi-point.c index a345cbc..ae52601 100644 --- a/tests/t-mpi-point.c +++ b/tests/t-mpi-point.c @@ -639,7 +639,7 @@ context_param (void) q = hex2mpi (sample_ed25519_q); gcry_sexp_release (keyparam); err = gcry_sexp_build (&keyparam, NULL, - "(public-key(ecc(curve %s)(q %m)))", + "(public-key(ecc(curve %s)(flags eddsa)(q %m)))", "Ed25519", q); if (err) die ("gcry_sexp_build failed: %s\n", gpg_strerror (err)); @@ -666,7 +666,7 @@ context_param (void) "Ed25519", ctx); get_and_cmp_mpi ("q at eddsa", sample_ed25519_q_eddsa, "Ed25519", ctx); - /* Set d tosee whether Q is correctly re-computed. */ + /* Set d to see whether Q is correctly re-computed. */ d = hex2mpi (sample_ed25519_d); err = gcry_mpi_ec_set_mpi ("d", d, ctx); if (err) ----------------------------------------------------------------------- Summary of changes: cipher/ecc-misc.c | 2 +- cipher/ecc.c | 41 ++++++++++++----------------------------- cipher/pubkey-util.c | 4 ---- doc/gcrypt.texi | 15 +++++---------- src/cipher.h | 9 ++++----- tests/benchmark.c | 3 ++- tests/keygen.c | 16 ++++++++++------ tests/pubkey.c | 2 +- tests/t-ed25519.c | 3 +++ tests/t-mpi-point.c | 4 ++-- 10 files changed, 40 insertions(+), 59 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 6 08:57:33 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 06 Nov 2013 08:57:33 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-355-g6d169b6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 6d169b654c7ff04c10f73afe80b2c70cefa410c1 (commit) from b9fd3988b54b50109f4e7179e7fe0739bb1d97c5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6d169b654c7ff04c10f73afe80b2c70cefa410c1 Author: Werner Koch Date: Wed Nov 6 08:56:02 2013 +0100 pubkey: Add forward compatibility feature. * cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Add "igninvflag". -- If future versions of Libgcrypt want to add optional flags to a pubkey s-expression, they may use the "igninvflag" flag to make the flag parser ignore flags it does not know about. Signed-off-by: Werner Koch diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index a91e66f..a591c0d 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -60,6 +60,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, int i; int encoding = PUBKEY_ENC_UNKNOWN; int flags = 0; + int igninvflag = 0; for (i=list?gcry_sexp_length (list)-1:0; i > 0; i--) { @@ -80,7 +81,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, encoding = PUBKEY_ENC_RAW; flags |= PUBKEY_FLAG_RAW_FLAG; /* Explicitly given. */ } - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; @@ -97,7 +98,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, encoding = PUBKEY_ENC_RAW; flags |= PUBKEY_FLAG_GOST; } - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; @@ -112,7 +113,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, encoding = PUBKEY_ENC_PKCS1; flags |= PUBKEY_FLAG_FIXEDLEN; } - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; @@ -121,23 +122,28 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, flags |= PUBKEY_FLAG_RFC6979; else if (!memcmp (s, "noparam", 7)) flags |= PUBKEY_FLAG_NOPARAM; - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; case 8: if (!memcmp (s, "use-x931", 8)) flags |= PUBKEY_FLAG_USE_X931; - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; + case 10: + if (!memcmp (s, "igninvflag", 10)) + igninvflag = 1; + break; + case 11: if (!memcmp (s, "no-blinding", 11)) flags |= PUBKEY_FLAG_NO_BLINDING; else if (!memcmp (s, "use-fips186", 11)) flags |= PUBKEY_FLAG_USE_FIPS186; - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; @@ -146,12 +152,13 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, flags |= PUBKEY_FLAG_USE_FIPS186_2; else if (!memcmp (s, "transient-key", 13)) flags |= PUBKEY_FLAG_TRANSIENT_KEY; - else + else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; default: - rc = GPG_ERR_INV_FLAG; + if (!igninvflag) + rc = GPG_ERR_INV_FLAG; break; } } ----------------------------------------------------------------------- Summary of changes: cipher/pubkey-util.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 6 13:15:55 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 06 Nov 2013 13:15:55 +0100 Subject: [git] gnupg-doc - branch, master, updated. a6c75a5026f29ae7908ea22a812b12169862c4af Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via a6c75a5026f29ae7908ea22a812b12169862c4af (commit) from 9fbaec2f4feb3ff746c7f9b981f0bab7a8048506 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a6c75a5026f29ae7908ea22a812b12169862c4af Author: Werner Koch Date: Wed Nov 6 13:14:23 2013 +0100 Finish migration to the the gnupg-doc repository. The website branch of the gnupg repository has been moved to its own repository so that it will be easier to maintain. This repository shall also be used to track other documentation pertaining to GnuPG. diff --git a/README b/README index 48213aa..2dcc906 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -README for the website branch. -*- org -*- +README for the gnupg-doc repository -*- org -*- This is a separated branch for the gnupg.org website. @@ -8,15 +8,17 @@ HTML files. ** Directory structure - - web/ :: Source files for the web. This also include imagages - etc. + - web/ :: Source files for the web. This also include images + etc. - web/share :: Logos, CSS, macros and elisp for building. - - tools/ :: Tools used to build the web site. - - stage/ :: staging directory for the site. + - misc :: Otehr websites etc. + - build-aux :: Build helpe rscripts + - tools/ :: Tools used to build the web site. + - stage/ :: staging directory for the site. ** Aliases -www.gnupg.org uses boa to serve the pages, here are the aliases we +www.gnupg.org uses Boa to serve the pages, here are the aliases we use: #+BEGIN_EXAMPLE diff --git a/autogen.sh b/autogen.sh new file mode 100755 index 0000000..8c8de99 --- /dev/null +++ b/autogen.sh @@ -0,0 +1,36 @@ +#! /bin/sh +# Run this to generate all the initial makefiles, etc. +# +# Copyright (C) 2003 g10 Code GmbH +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# +# Check the git setup. +# +if [ -d .git ]; then + if [ -f .git/hooks/pre-commit.sample -a ! -f .git/hooks/pre-commit ] ; then + cat <&2 +*** Activating trailing whitespace git pre-commit hook. *** + For more information see this thread: + http://mail.gnome.org/archives/desktop-devel-list/2009-May/msg00084html + To deactivate this pre-commit hook again move .git/hooks/pre-commit + and .git/hooks/pre-commit.sample out of the way. +EOF + cp -av .git/hooks/pre-commit.sample .git/hooks/pre-commit + chmod +x .git/hooks/pre-commit + fi + if [ -f build-aux/git-hooks/commit-msg -a ! -f .git/hooks/commit-msg ] ; then + cat <&2 +*** Activating commit log message check hook. *** +EOF + cp -av build-aux/git-hooks/commit-msg .git/hooks/commit-msg + chmod +x .git/hooks/commit-msg + fi +fi diff --git a/build-aux/git-hooks/commit-msg b/build-aux/git-hooks/commit-msg new file mode 100755 index 0000000..5a697c7 --- /dev/null +++ b/build-aux/git-hooks/commit-msg @@ -0,0 +1,127 @@ +eval '(exit $?0)' && eval 'exec perl -w "$0" ${1+"$@"}' + & eval 'exec perl -w "$0" $argv:q' + if 0; + +# An hook script to check the commit log message. +# Called by "git commit" with one argument, the name of the file +# that has the commit message. The hook should exit with non-zero +# status after issuing an appropriate message if it wants to stop the +# commit. The hook is allowed to edit the commit message file. +# +# To enable this hook, copy it to "~/.git/hooks/commit-msg". +# +# This script is based on the one from GNU coreutils. + +use strict; +use warnings; +(my $ME = $0) =~ s|.*/||; + +my $editor = $ENV{EDITOR} || 'vi'; +$ENV{PATH} = '/bin:/usr/bin'; + +# Rewrite the $LOG_FILE (old contents in @$LINE_REF) with an additional +# commented diagnostic "# $ERR" line at the top. +sub rewrite($$$) +{ + my ($log_file, $err, $line_ref) = @_; + local *LOG; + open LOG, '>', $log_file + or die "$ME: $log_file: failed to open for writing: $!"; + print LOG "# $err"; + print LOG @$line_ref; + close LOG + or die "$ME: $log_file: failed to rewrite: $!\n"; +} + +sub re_edit($) +{ + my ($log_file) = @_; + + warn "Interrupt (Ctrl-C) to abort...\n"; + + system 'sh', '-c', "$editor $log_file"; + ($? & 127) || ($? >> 8) + and die "$ME: $log_file: the editor ($editor) failed, aborting\n"; +} + +# Given a $LOG_FILE name and a \@LINE buffer, +# read the contents of the file into the buffer and analyze it. +# If the log message passes muster, return the empty string. +# If not, return a diagnostic. +sub check_msg($$) +{ + my ($log_file, $line_ref) = @_; + + local *LOG; + open LOG, '<', $log_file + or return "failed to open for reading: $!"; + @$line_ref = ; + close LOG; + + my @line = @$line_ref; + chomp @line; + + # Don't filter out blank or comment lines; git does that already, + # and if we were to ignore them here, it could lead to committing + # with lines that start with "#" in the log. + + # Filter out leading blank and comment lines. + # while (@line && $line[0] =~ /^(?:#.*|[ \t]*)$/) { shift @line; } + + # Filter out blank and comment lines at EOF. + # while (@line && $line[$#line] =~ /^(?:#.*|[ \t]*)$/) { pop @line; } + + @line == 0 + and return 'no log message'; + + # The first line should not be too short + 8 < length $line[0] || return 'summary line too short'; + + # The first line should not start with an asterisk or a hash sign. + # An asterisk might indicate that a change entry was started right + # at the first line. + $line[0] =~ /^[*#]/ && return "summary line starts with an * or #"; + + # Second line should be blank or not present. + 2 <= @line && length $line[1] + and return 'second line must be empty'; + + # Limit line length to allow for the ChangeLog's leading TAB. + foreach my $line (@line) + { + 72 < length $line && $line =~ /^[^#]/ + and return 'line longer than 72 characters'; + } + + return ''; +} + +{ + @ARGV == 1 + or die; + + my $log_file = $ARGV[0]; + + while (1) + { + my @line; + my $err = check_msg $log_file, \@line; + $err eq '' + and last; + $err = "$ME: $err\n"; + warn $err; + exit 1; + + # Insert the diagnostic as a comment on the first line of $log_file. + #rewrite $log_file, $err, \@line; + #re_edit $log_file; + # + ## Stop if our parent is killed. + #getppid() == 1 + # and last; + } +} + +# Local Variables: +# mode: perl +# End: diff --git a/web/share/setup.inc b/web/share/setup.inc index ab4fb72..19e3b79 100644 --- a/web/share/setup.inc +++ b/web/share/setup.inc @@ -3,4 +3,4 @@ # Include the version macros. # FIXME: Figure out a way to use SETUPFILE based on the directory of # the currently SETUPFILE loaded file. -#+SETUPFILE: "/home/wk/s/gnupg-web/web/swdb.mac" +#+SETUPFILE: "/home/wk/s/gnupg-doc/web/swdb.mac" ----------------------------------------------------------------------- Summary of changes: README | 14 +++-- autogen.sh | 36 ++++++++++++ build-aux/git-hooks/commit-msg | 127 ++++++++++++++++++++++++++++++++++++++++ web/share/setup.inc | 2 +- 4 files changed, 172 insertions(+), 7 deletions(-) create mode 100755 autogen.sh create mode 100755 build-aux/git-hooks/commit-msg hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 6 15:52:46 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Wed, 06 Nov 2013 15:52:46 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-356-g84bcb40 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 84bcb400e7db7268abfc29b5ab1513b0c063b293 (commit) from 6d169b654c7ff04c10f73afe80b2c70cefa410c1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 84bcb400e7db7268abfc29b5ab1513b0c063b293 Author: Jussi Kivilinna Date: Wed Nov 6 16:51:55 2013 +0200 Fix 'u32' build error with Camellia * cipher/camellia.c: Add include for and "types.h". (u32): Remove. (u8): Typedef as 'byte'. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia.c b/cipher/camellia.c index 9067246..e7085a7 100644 --- a/cipher/camellia.c +++ b/cipher/camellia.c @@ -22,15 +22,15 @@ * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html */ +#include #include #include +#include "types.h" #include "bufhelp.h" #include "camellia.h" -/* u32 must be 32bit word */ -typedef unsigned int u32; -typedef unsigned char u8; +typedef byte u8; /* key constants */ ----------------------------------------------------------------------- Summary of changes: cipher/camellia.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 6 18:22:37 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Wed, 06 Nov 2013 18:22:37 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-357-g2590a5d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 2590a5df6f5fc884614c8c379324027d2d61b9b5 (commit) from 84bcb400e7db7268abfc29b5ab1513b0c063b293 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2590a5df6f5fc884614c8c379324027d2d61b9b5 Author: Jussi Kivilinna Date: Wed Nov 6 19:05:09 2013 +0200 Fix __builtin_bswap32/64 checks * configure.ac (gcry_cv_have_builtin_bswap32) (gcry_cv_have_builtin_bswap64): Change compile checks to link checks. -- Patch changes compile checks to link checks for __builtin_bswap(32|64). Compiling obviously works with missing functions, linking not so much. Signed-off-by: Jussi Kivilinna diff --git a/configure.ac b/configure.ac index e3471d0..c4f8776 100644 --- a/configure.ac +++ b/configure.ac @@ -779,8 +779,8 @@ AC_SUBST(FALLBACK_SOCKLEN_T) AC_CACHE_CHECK(for __builtin_bswap32, [gcry_cv_have_builtin_bswap32], [gcry_cv_have_builtin_bswap32=no - AC_COMPILE_IFELSE([AC_LANG_SOURCE( - [[int foo(int x) { return __builtin_bswap32(x); }]])], + AC_LINK_IFELSE([AC_LANG_PROGRAM([], + [int x = 0; int y = __builtin_bswap32(x); return y;])], [gcry_cv_have_builtin_bswap32=yes])]) if test "$gcry_cv_have_builtin_bswap32" = "yes" ; then AC_DEFINE(HAVE_BUILTIN_BSWAP32,1, @@ -794,8 +794,8 @@ fi AC_CACHE_CHECK(for __builtin_bswap64, [gcry_cv_have_builtin_bswap64], [gcry_cv_have_builtin_bswap64=no - AC_COMPILE_IFELSE([AC_LANG_SOURCE( - [[int foo(int x) { return __builtin_bswap64(x); }]])], + AC_LINK_IFELSE([AC_LANG_PROGRAM([], + [long long x = 0; long long y = __builtin_bswap64(x); return y;])], [gcry_cv_have_builtin_bswap64=yes])]) if test "$gcry_cv_have_builtin_bswap64" = "yes" ; then AC_DEFINE(HAVE_BUILTIN_BSWAP64,1, ----------------------------------------------------------------------- Summary of changes: configure.ac | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 6 22:53:04 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 06 Nov 2013 22:53:04 +0100 Subject: [git] gnupg-doc - branch, master, updated. 3f8a20bb5d2cd0a379b90341cc04d66ae57cd99a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 3f8a20bb5d2cd0a379b90341cc04d66ae57cd99a (commit) via 5151d061a38fee18c0998cdf680793d2d3e594d7 (commit) from a6c75a5026f29ae7908ea22a812b12169862c4af (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3f8a20bb5d2cd0a379b90341cc04d66ae57cd99a Author: Werner Koch Date: Wed Nov 6 22:51:44 2013 +0100 Add the new FAQ. This has been taked from https://github.com/rjhansen/gpgfaq.git (commit 0d0185c20c0a39db8f30862865b44c6fd1904ba4), converted using the the script from the repo and manually reworked. diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org new file mode 100644 index 0000000..68b2fd4 --- /dev/null +++ b/web/faq/gnupg-faq.org @@ -0,0 +1,2129 @@ +# gpgfaq.org -*- coding: utf-8; -*- +#+TITLE: GnuPG Frequently Asked Questions +#+EMAIL: gnupg-doc at gnupg.org +#+AUTHOR: Robert J. Hansen et al. +#+LANGUAGE: en +#+LINK: gnupgweb http://www.gnupg.org/ +#+LINK: roundup https://bugs.g10code.com/gnupg/issue +#+OPTIONS: H:3 num:2 toc:nil \n:nil @:t ::t |:t ^:{} -:t f:t *:t TeX:t LaTeX:t skip:nil d:nil tags:not-in-toc +#+HTML_HEAD: +#+STARTUP: overview indent + +* Foreword + :PROPERTIES: + :CUSTOM_ID: foreword + :END: + +Welcome to the GnuPG Frequently Asked Questions (FAQ)! Before we +begin, there?s just a few things that need to be addressed. It?s +regrettable these things have to be included, but society has become +very litigious. + + +** Trademark notice + :PROPERTIES: + :CUSTOM_ID: trademarks + :END: + +- PGP is a trademark of Symantec Corporation. +- Windows is a trademark of the Microsoft Corporation. +- Macintosh, OS X and Mac OS X are all trademarks of the Apple + Corporation. +- Linux is a trademark of Linus Torvalds. +- Solaris is a trademark of Oracle Corporation. +- Some cryptographic algorithms mentioned in this FAQ may be + trademarked. + +The use of these, or any other, marks is solely for identification +purposes. + + +** Licensing + :PROPERTIES: + :CUSTOM_ID: documentation_license + :END: + +This document is ? 2012, Robert J. Hansen <[[mailto:rjh at sixdemonbag.org?subject=The%20GnuPG%20FAQ][rjh at sixdemonbag.org]]> and +A.M. Kuchling <[[mailto:amk at amk.ca?subject=The%20GnuPG%20FAQ][amk at amk.ca]]>. You are free to make use of this document +in accordance with the [[http://creativecommons.org/licenses/by-sa/3.0/][Creative Commons Attribution-ShareAlike 3.0 +license]], with the exception of Randall Munroe?s XKCD comic, which is +released under terms of the [[http://creativecommons.org/licenses/by-nc/2.5/][Creative Commons Attribution-NonCommercial +2.5]] license; alternately, you may make use of it under terms of the +GNU General Public License (version 3 or, at your discretion, any +later version), again excepting Mr. Munroe?s works. + +** Disclaimer of liability + :PROPERTIES: + :CUSTOM_ID: liability + :END: + +Although the contents of this document are believed to be correct, the +author(s) cannot promise it is error-free and cannot assume liability +for any errors. + +# We want the TOC to appear after the foreword. +#+TOC: headlines 2 + +* Welcome + :PROPERTIES: + :CUSTOM_ID: welcome + :END: + +Welcome to the *unofficial* GnuPG FAQ. + +*As of this writing, this FAQ is both inaccurate and incomplete. It is +a work in progress. Do not rely on the answers found herein.* + + +** What conventions are used in this FAQ? + :PROPERTIES: + :CUSTOM_ID: conventions + :END: + +As is par for the course with everything involving computers, there +are an awful lot of acronyms in this FAQ. For most of them, holding +the mouse pointer over the acronym will reveal a tooltip containing +the full expansion of the acronym. Hovering over the letters FAQ, for +instance, will reveal the words ?Frequently Asked Questions.? These +acronyms are presented in a small-caps font in order to make them +easier to recognize when reading. + + +** Who maintains this FAQ? + :PROPERTIES: + :CUSTOM_ID: maintainer + :END: + +[[mailto:rjh at sixdemonbag.org?subject%3DThe%20GnuPG%20FAQ][Robert J. Hansen]]. Please feel free to contact me should there be an +error in this FAQ, whether typographical, grammatical, or factual. + +When writing, the editorial ?we? refers to the general consensus of +the GnuPG community. This consensus is hammered out on the GnuPG-Users +mailing list. All members of the GnuPG community are invited to +participate. Individual people within the community may give their +own editorial comments: these will be set off by square brackets, +italicized, and initialed by their author. The different editors are: + +- wk: Werner Koch <[[mailto:wk at gnupg.org?subject%3DThe%20GnuPG%20FAQ][wk at gnupg.org]]> +- rjh: Robert J. Hansen <[[mailto:rjh at sixdemonbag.org?subject=The%20GnuPG%20FAQ][rjh at sixdemonbag.org]]> + +/[Do we have any other editors we need to add? ? rjh]/ + + +** Is this the official GnuPG FAQ? + :PROPERTIES: + :CUSTOM_ID: is_it_official + :END: + +Not yet. + + +** When was this FAQ last checked for accuracy? + :PROPERTIES: + :CUSTOM_ID: last_checked + :END: + +October 2012. + + +* General questions + :PROPERTIES: + :CUSTOM_ID: general + :END: + +Since no company controls GnuPG, there?s really no single vendor for +GnuPG. Instead, there?s a robust community surrounding GnuPG which +has produced versions of it for several different operating systems. +But first, let?s cover the basics. + + +** What?s GnuPG? + :PROPERTIES: + :CUSTOM_ID: whats_gnupg + :END: + +GnuPG is cryptographic software that helps people ensure the +confidentiality, integrity and assurance of their data. Let?s try +that again: GnuPG is? + +- /Cryptographic./ The word ?cryptography? is derived from two Greek + words, ??????? (pronounced ?kryptos,? meaning ?hidden?) and ????? + (pronounced ?graphein,? meaning ?writing?). Cryptography is the + mathematical study of codes and ciphers. +- /Software./ This one should already be obvious. +- /Confidentiality./ No one except authorized parties should be able + to read your data. +- /Integrity./ It shouldn?t be possible to tamper with a message + unnoticeably. +- /Assurance./ An assurance is not a guarantee. There are no + guarantees in life, and software is no different. An assurance just + means there is good reason to be confident of something ? here, it + means that when GnuPG is correctly used, people may be confident the + data is confidential and/or possesses integrity. + +GnuPG may be used by itself as a command-line application (i.e., to be +run at a Terminal prompt or a Windows command prompt), or integrated +into popular email clients. It?s also used by some instant messaging +clients, such as Psi. + + +** How do I pronounce GnuPG? + :PROPERTIES: + :CUSTOM_ID: pronunciation + :END: + +?guh-NEW-pee-gee.? + + +** Is it compatible with Symantec?s PGP? + :PROPERTIES: + :CUSTOM_ID: compatible + :END: + +Largely, yes. It can be made to interoperate with anything from PGP +5.0 and onwards, and has excellent interoperability with the most +recent releases. + + +** Which operating systems does it run on? + :PROPERTIES: + :CUSTOM_ID: oses + :END: + +Too many to list! It?s known to run on Microsoft Windows, Mac OS X, +the various free Unixes, AIX, Solaris, HPUX, OpenVMS, and more. People +are even working on porting it to smartphones such as Android. + + +** How much does it cost? + :PROPERTIES: + :CUSTOM_ID: free_as_in_beer + :END: + +There is no fixed price. Many sites on the internet offer legal +downloads of it for free. + + +** From where can I download it? + :PROPERTIES: + :CUSTOM_ID: get_gnupg + :END: + +Lots of different places, but no one site hosts binaries for all +operating systems. + + +*** ? for Microsoft Windows? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_win32 + :END: + +A convenient Windows installer is available from [[http://www.gpg4win.org][GPG4WIN]]. + + +*** ? for Mac OS X? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_osx + :END: + +The [[http://www.gpgtools.org][GPGtools project]] has everything needed to get started. + + +*** ? for Linux? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_linux + :END: + +The bad news is there is no single, consistent way to install GnuPG on +Linux systems. The good news is that it?s usually installed by +default, so nothing needs to be downloaded! + + +**** ? for Debian GNU/Linux? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_debian + :END: + +GnuPG is installed by default with Debian GNU/Linux. If for some +reason it is not, use the APT package manager to install the package +?gnupg2?. + + +**** ? for OpenSUSE? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_opensuse + :END: + +A recent version of GnuPG is part of the default OpenSUSE +installation. + + +**** ? for Fedora? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_fedora + :END: + +See the [[#get_gnupg_centos][instructions for CentOS]]. Typically, though, Fedora ships with +a much more recent version of GnuPG, and as such you shouldn?t need to +install anything. + + +**** ? for CentOS or RHEL? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_centos + :END: + +An older (but still secure!) version of GnuPG is part of every CentOS +installation. To get the latest version, use the YUM package manager +to install the package ?gnupg2?. + + +**** ? for Ubuntu? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_ubuntu + :END: + +See the instructions for [[#get_gnupg_debian][Debian GNU/Linux]]. + + +**** ? for Slackware? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_slack + :END: + +Install the =gnupg= package for GnuPG 1.4, or the =gnupg2= package for +GnuPG 2.0. + + +**** ? for Gentoo? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_gentoo + :END: + +To install GnuPG on Gentoo, run the following command as root: + +=emerge gnupg= + +The Gentoo documentation includes a [[http://www.gentoo.org/doc/en/gnupg-user.xml][GnuPG User Guide]]. + + +*** ? for FreeBSD? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_freebsd + :END: + +GnuPG is included in the ports collection. To install it, run the +following commands as root: + +#+begin_example +cd /usr/ports/security/gnupg +make install clean +#+end_example + +Alternatively, you can install GnuPG using a package manager: + +#+begin_example +sudo pkg_add -r gnupg +#+end_example + + +** Is there source code available for it? + :PROPERTIES: + :CUSTOM_ID: source_code + :END: + +Yes! The person, business or group that provided you with the GnuPG +binary is required to give you the source code upon your request. + + +** What?s Free Software, and why does it matter? + :PROPERTIES: + :CUSTOM_ID: gpl + :END: + +The word ?free? should evoke ideas of liberty, not price. An awful +lot of the software industry does not respect your freedoms: your +freedom to use the software for any purpose, your freedom to study and +learn from how it works, your freedom to share it with others who +might benefit from it, and more. Free Software is the antithesis of +this: Free Software is meant to respect your rights. You may use the +software for any purpose: you may inspect and modify the source code: +you may share the software and/or your modifications with others. + + +** How can I donate money to the GnuPG project? + :PROPERTIES: + :CUSTOM_ID: donate + :END: + +The best way is to visit the [[http://g10code.com/gnupg-donation.html][g10 Code donation page]]. + + +** How can I help with GnuPG development? + :PROPERTIES: + :CUSTOM_ID: develop + :END: + +Development discussion takes place on the gnupg-devel mailing list. +Go to the [[http://www.gnupg.org/documentation/mailing-lists.en.html][GnuPG mailing list page]] for links to subscribe and to the +list's archives. + +The [[https://bugs.gnupg.org/gnupg/][GnuPG project's bug tracker]] is also publicly available. + + + +* Where can I get more information? + :PROPERTIES: + :CUSTOM_ID: more_info + :END: + +The good news is the internet is a treasure trove of information. The +bad news is that the internet is a festering sewer of misinformation, +conspiracy theories, and half-informed speculations all masquerading +as informed commentary. + +The following mailing lists and web pages are generally known for +having a strong signal-to-noise ratio. Despite this, we strongly urge +skepticism. + + +** How can I spot the charlatans? + :PROPERTIES: + :CUSTOM_ID: fraudsters + :END: + +First, beware of all absolutes. Almost every question in either the +fields of computer security or cryptography can honestly be answered +with, ?it depends.? Real experts will avoid giving blanket yes-or-no +questions except to the simplest and most routine of questions. They +will instead hem and haw and explain the several different factors +that must be weighed. Hucksters will promise you absolute truth. + +Second, the experts really don?t care whether you take their advice. +Hucksters often want to be seen as authorities, and if you fail to +take their advice they may harangue you about how you?re taking +chances with your data, how you?re acting irresponsibly, and so on. + +Third, experts genuinely don?t want you to trust them. An expert will +instead point to the published literature (usually in a dead-tree +edition with the imprimatur of a reputable publishing house) and tell +you what the reference books say. They want you to trust the +reference books, not them. Hucksters will go on about their extensive +personal experience or refer to papers that have only ever been +self-published on websites. + +Fourth, experts try not to scare people. The world is a scary enough +place without it being made moreso. Hucksters will try to scare you, +in order to keep you listening to them and dependent on them for +information on how to be ?safe.? + +Fifth, experts will quickly admit when they are wrong and give credit +to the person bringing the error to their attention. Hucksters tend +to take challenges as personal affronts. + + +** What are some useful mailing lists? + :PROPERTIES: + :CUSTOM_ID: mailing_lists + :END: + +The good news is, there are many! + + +*** The GnuPG-Users mailing list + :PROPERTIES: + :CUSTOM_ID: gnupg-users_list + :END: + + +- Subscribing :: visit the [[http://lists.gnupg.org/mailman/listinfo/gnupg-users][GnuPG-Users webpage]] +- Unsubscribing :: see above +- List moderator :: <[[mailto:gnupg-users-owner at gnupg.org?subject%3DThe%20GnuPG-Users%20list][gnupg-users-owner at gnupg.org]]> +- Supports PGP/MIME? :: No +- Languages supported :: English + +GnuPG-Users is home to the largest community of GnuPG users on the +net. The list is very lightly moderated and somewhat freewheeling, but +overall it has an excellent signal-to-noise ratio. The level of +technical discussion is sometimes a little daunting for the newcomer, +but on the whole it?s a wonderful resource. + + + +*** The Enigmail mailing list + :PROPERTIES: + :CUSTOM_ID: enigmail_list + :END: + + +- Subscribing :: Visit the [[https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net][Enigmail mailing list page]] +- Unsubscribing :: See above +- List moderator(s) :: + - John Clizbe <[[mailto:john at enigmail.net?subject=The%20Enigmail%20list][john at enigmail.net]]> + - Olav Seyfarth <[[mailto:olav at enigmail.net?subject=The%20Enigmail%20list][olav at enigmail.net]]> + - Patrick Brunschwig <[[mailto:patrick at enigmail.net?subject=The%20Enigmail%20list][patrick at enigmail.net]]> + - Ludwig H?gelsch?fer <[[mailto:ludwig at enigmail.net?subject=The%20Enigmail%20list][ludwig at enigmail.net]]> + - Daniele Raffo <[[mailto:daniele at enigmail.net?subject=The%20Enigmail%20list][daniele at enigmail.net]]> + - Robert J. Hansen <[[mailto:rob at enigmail.net?subject=The%20Enigmail%20list][rob at enigmail.net]]> +- Supports PGP/MIME :: Yes +- Languages supported :: English, Deutsch, Schwyzerd?tsch, Espa?ol + +Enigmail integrates GnuPG with [[http://www.getthunderbird.com][Mozilla Thunderbird]] and/or [[http://www.seamonkey-project.org/][Mozilla +Seamonkey]]. It?s one of the most popular ways to use GnuPG, and the +mailing list provides a friendly place to learn how it works and get +started using it. + +The list is lightly moderated. + + +*** PGP-Basics + :PROPERTIES: + :CUSTOM_ID: pgp-basics_list + :END: + + +- Subscribing :: visit the [[http://tech.groups.yahoo.com/group/PGP-Basics][PGP-Basics webpage]] +- Unsubscribing :: see above +- List moderator :: Mike Daigle <[[mailto:mdaigle at gswot.org?subject=The%20PGP-Basics%20list][mdaigle at gswot.org]]> +- Supports PGP/MIME :: No +- Languages supported :: English + +PGP-Basics was established over a decade ago specifically to provide a +place where newcomers to GnuPG and PGP could learn about +communications security. The list is low-volume, lightly-moderated, +and remarkably friendly to new users. + + +*** PGPNET + :PROPERTIES: + :CUSTOM_ID: pgpnet_list + :END: + + +- Subscribing :: visit the [[http://tech.groups.yahoo.com/group/PGPNET][PGPNET page]] +- Unsubscribing :: see above +- List moderator(s) :: Unknown +- Supports PGP/MIME? :: No +- Languages supported :: Unknown + +PGPNET exists to provide people with the opportunity to practice +sending and receiving encrypted, signed, and encrypted-and-signed +traffic in a group environment. + + + +** What are some useful webpages? + :PROPERTIES: + :CUSTOM_ID: webpages + :END: + +As a general rule, the huckster quotient of webpages at-large is +fairly high. That said, there are some web resources we recommend. +They can be broken up into homepages for specific GnuPG-related +projects, and sites of general interest. + + +*** Where can I find the homepage for? + :PROPERTIES: + :CUSTOM_ID: homepages + :END: + +Many of the projects associated with GnuPG maintain their own +websites. If you have problems with an associated project, please +check their website first: they might be able to give you faster and +better help than the GnuPG community can. + + +**** ? GnuPG? + :PROPERTIES: + :CUSTOM_ID: gnupg_homepage + :END: + +GnuPG?s homepage can be found at [[http://www.gnupg.org][http://www.gnupg.org]]. + + +**** ? Enigmail? + :PROPERTIES: + :CUSTOM_ID: enigmail_homepage + :END: + +Enigmail, a plugin for Mozilla Thunderbird that adds strong GnuPG +support, can be found at [[http://enigmail.net][http://enigmail.net]]. + + +**** ? GPGTools? + :PROPERTIES: + :CUSTOM_ID: gpgtools_homepage + :END: + +Mac OS X users may wish to visit the GPGTools project at +[[http://www.gpgtools.org][http://www.gpgtools.org]]. + + +**** ? GPG4WIN? + :PROPERTIES: + :CUSTOM_ID: gpg4win_homepage + :END: + +GPG4WIN, the Windows port of GnuPG, maintains a homepage at +[[http://www.gpg4win.org][http://www.gpg4win.org]]. + + +*** Where can I find webpages covering? + :PROPERTIES: + :CUSTOM_ID: pages_about + :END: + +Although the GnuPG community generally finds these websites to be +useful, your mileage may significantly vary. There are wide +differences of opinion about some of them. They?re worth visiting and +worth reading, but make sure to read skeptically. + + +**** ? an easy introduction to cryptography? + :PROPERTIES: + :CUSTOM_ID: pages_about_introduction_to_crypto + :END: + +There is no such thing as an easy introduction to cryptography. +However, PGP Corporation has a well-regarded [[http://www.cs.unibo.it/babaoglu/courses/security/resources/documents/intro-to-crypto.pdf][/Introduction to +Cryptography/]]. + + +**** ? the deeper mathematics of cryptography? + :PROPERTIES: + :CUSTOM_ID: pages_about_cryptographic_mathematics + :END: + +The maintainer of this list also keeps a gentle(-ish) [[http://keyservers.org/~rjh/cryptofaq.xhtml][introduction to +the mathematics and computer science of cryptography]]. + + +**** ? best practices for using GnuPG? + :PROPERTIES: + :CUSTOM_ID: pages_about_best_practices + :END: + +At present, there are no reputable web pages detailing GnuPG best +practices. + + +**** ? the politics of cryptography? + :PROPERTIES: + :CUSTOM_ID: pages_about_politics + :END: + +The inclusion of a site on this list is not an endorsement of that +site?s political leanings. + +Probably the best-known organization is the [[http://www.eff.org][Electronic Frontier +Foundation]], which has been at the vanguard of electronic civil +liberties for over twenty years. + +The [[http://www.fsf.org][Free Software Foundation]] is also deeply involved in these matters, +although in a different way than the EFF. + + +* What email clients support GnuPG on? + :PROPERTIES: + :CUSTOM_ID: email_clients + :END: + +Many email clients offer strong GnuPG integration. + + +** ? Microsoft Windows? + :PROPERTIES: + :CUSTOM_ID: email_clients_win32 + :END: + + +- Thunderbird + - Plugin? :: Yes, via [[http://enigmail.net][Enigmail]] + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + With the Enigmail plugin, Thunderbird becomes one of the most + popular GnuPG-aware email clients. it?s under active development + and is compatible with the latest Thunderbird releases, with a + friendly and welcoming user community. + +- Kontact + - Plugin? :: No (natively supported) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + Kontact is KDE?s integrated personal information manager of KDE. It runs anywhere that KDE does, and even on some mobile devices as Kontact Touch. + + + +** ? Mac OS X? + :PROPERTIES: + :CUSTOM_ID: email_clients_osx + :END: + +- Thunderbird + - Plugin? :: Yes, via [[http://enigmail.net][Enigmail]] + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + With the Enigmail plugin, Thunderbird becomes one of the most + popular GnuPG-aware email clients. it?s under active development + and is compatible with the latest Thunderbird releases, with a + friendly and welcoming user community. + +- Gnus + - Plugin? :: Yes, via [[http://www.emacswiki.org/emacs/EasyPG][EasyPG]] + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + +- Mutt + - Plugin? :: No (natively supported) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + Make sure to put ~set crypt_use_gpgme~ in your =~/.muttrc= file. + +- Apple Mail + - Plugin? :: Yes, via [[http://www.gpgtools.org][GPGtools]] + - Supports GnuPG versions :: 2.0 + - Supports PGP/MIME :: No + - Actively developed :: Yes + PGP/MIME support in Apple Mail+GPGtools is not absent, just + temporarily broken. + + +** ? Linux or FreeBSD? + :PROPERTIES: + :CUSTOM_ID: email_clients_linux + :END: + +- Thunderbird + - Plugin? :: Yes, via [[http://enigmail.net][Enigmail]] + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + With the Enigmail plugin, Thunderbird becomes one of the most + popular GnuPG-aware email clients. it?s under active development + and is compatible with the latest Thunderbird releases, with a + friendly and welcoming user community. + +- Gnus + - Plugin? :: Yes, via [[http://www.emacswiki.org/emacs/EasyPG][EasyPG]] + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + +- Mutt + - Plugin? :: No (natively supported) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + Make sure to put ~set crypt_use_gpgme~ in your =~/.muttrc= file. + +- Kontact + - Plugin? :: No (natively supported) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + Kontact is KDE?s integrated personal information manager of KDE. It + runs anywhere that KDE does, and even on some mobile devices as + Kontact Touch. + +- Evolution + - Plugin? :: No (natively supported) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + + +* Is GnuPG available as a ?portable app?? + :PROPERTIES: + :CUSTOM_ID: portable_app + :END: + +For Windows users, check [[http://portableapps.com/apps/internet/thunderbird_portable][PortableApps.com]]. + + +* What do all these strange words mean? + :PROPERTIES: + :CUSTOM_ID: glossary + :END: + +Cryptography tends to use a whole lot of specialized language and +jargon. In this section some of it will be deciphered. + + +** What?s ?public-key cryptography?? + :PROPERTIES: + :CUSTOM_ID: define_asymc + :END: + + +In the 1970s new ideas came to the forefront of the cryptanalytic +world. One of the most important was the development of asymmetric +cryptography (also often called ?public-key cryptography?). + +Asymmetric cryptography is built around problems that are very hard in +one direction, and very easy in another. Consider the number 2,701. +If you were to be asked for its prime factors, you would find it a +daunting challenge. If you were to be given the numbers 37 and 73, +though, it wouldn?t take but a minute to discover the answer was +2,701. Multiplying two numbers to yield a third number is easy: +finding those two numbers, given the third, is hard. + +Asymmetric cryptography uses these asymmetric problems as the +building-blocks of cryptography. It?s easy to create an encrypted +message which neither you nor anyone else save the intended recipient +can decrypt. To continue the metaphor, you and everyone else get to +wrestle with the hard problem (?factor 2,701?). The intended +recipient knows a secret piece of information which makes the problem +easy (?factor 2,701, given that one of the factors is 73?). + +This manages to overcome the major flaw with symmetric cryptography. +Your public key can be shared with the entire world, even your +enemies, and your communications will still be secure. Compare this +to symmetric cryptography, where as soon as the key became public +knowledge the entire system was broken. + + + +** What?s ?symmetric cryptography?? + :PROPERTIES: + :CUSTOM_ID: define_symc + :END: + + +One of the earliest ciphers was the shift cipher, which was allegedly +used by Julius Caesar in his campaign against the Gauls. He took his +plaintext and shifted each letter three positions up in the alphabet, +wrapping around once he reached the end (so that ?Z? would become +?C?). His correspondents would reverse the process: by moving each +letter in the encrypted text down three letters the original message +would be recovered. Knowing how to encrypt the text also gave the +knowledge of how to decrypt the text: the process wasn?t identical +(one shifted up, the other shifted down), but knowing one process the +other one could trivially be discovered. + +This trait, that of encryption and decryption being two sides of the +same coin, is the defining trait of symmetric cryptography. +Modern-day symmetric ciphers are much more complex than Caesar?s +scheme, but they still work in fundamentally the same way. Knowledge +of how to encrypt reveals knowledge of how to decrypt, and vice-versa. +The symmetry between those two operations leads to the name ?symmetric +cryptography?. + +Symmetric cryptography is fast, well-studied, and safe. It has one +critical drawback, though: you have to have a secure communications +channel by which you can share the key with someone. If you already +have a secure communications channel, though, do you really need +cryptography? + + + +** What?s a ?key?? + :PROPERTIES: + :CUSTOM_ID: define_key + :END: + + +The word ?key? is unfortunately ambiguous. It can either refer to the +mathematical structures that allow encryption, decryption, signing and +verification to occur, or to the rather large blobs of data that +contain those mathematical structures as well as information about the +person associated with it, additional subkeys, and so forth. + +With respect to the large blobs of data, it is preferable to call them +?certificates?, so that the word ?key? may be unambiguously recognized +as meaning just the mathematical structures. Unfortunately, this is a +custom that seems to be honored mostly in the breach. + + + +** What?s a ?certificate?? + :PROPERTIES: + :CUSTOM_ID: define_certificate + :END: + + +A certificate is a large data structure that contains one or more +[[#define_keys][keys]], and optionally information that identifies the user, designated +revokers, who has vouched for this certificate, and so on. + + + +** What?s a ?keyserver?? + :PROPERTIES: + :CUSTOM_ID: define_keyserver + :END: + +A keyserver is a service that publishes public-key certificates and +makes them searchable. You can upload your certificate to a keyserver +so that other users can find it. There are distributed networks of +keyservers that share keys, so you only need to upload your key once +to that network. + +One widely-used keyserver network is [[http://www.sks-keyservers.net/][sks-keyservers.net]]. SKS stands +for ?Synchronising Key Server?. You can use this network by supplying +the =--keyserver pool.sks-keyservers.net= option. + + + +** What?s RSA? + :PROPERTIES: + :CUSTOM_ID: define_rsa + :END: + + +RSA is the world?s premier [[#define_asymc][asymmetric cryptographic algorithm]], and is +built on the difficulty of factoring extremely large composites. +GnuPG supports RSA with [[#define_key][key]] sizes of between 1024 and 4096 bits. + + + +** What?s DSA? + :PROPERTIES: + :CUSTOM_ID: define_dsa + :END: + + +The United States? National Institute for Standards and Technology +([[http://www.nist.gov][NIST]]) established the Digital Signature Algorithm (DSA) as a +government standard for digital signatures. Originally, it supported +key lengths between 512 and 1024 bits. Recently, NIST has declared +512-bit keys obsolete: now, DSA is available in 1024, 2048 and +3072-bit lengths. + +DSA belongs to the Elgamal family of algorithms, and is very +well-regarded. + + + +** What?s Elgamal? + :PROPERTIES: + :CUSTOM_ID: define_elgamal + :END: + + +Elgamal may refer to either a family of cryptographic algorithms built +around the difficulty of computing discrete logarithms in a finite +field, or one particular [[#define_asymc][asymmetric encryption algorithm]] based on that +problem. The former is normally referred to as ?the Elgamal family,? +and the latter is normally referred to as simply ?Elgamal.? + +GnuPG supports the Elgamal asymmetric encryption algorithm in [[#define_key][key]] +lengths ranging from 1024 to 4096 bits. + +There is also an Elgamal signature algorithm, which GnuPG no longer +supports. + + + +** What?s AES? + :PROPERTIES: + :CUSTOM_ID: define_aes + :END: + + +Leading up to the year 2000, it was obvious that the old Data +Encryption Standard (DES) was on its last legs and needed to be +replaced. 3DES was available as a stopgap measure, but there was a +lot of pressure to make a new encryption standard that made use of the +last few decades of cryptologic research. + +The United States National Institute of Standards and Technology +([[http://www.nist.gov][NIST]]) held an open competition to select the new encryption standard. +In the summer of 2000, a cipher named Rijndael (pronounced +?RAIN-doll?) was selected as the new Advanced Encryption Standard, or +AES. + +AES is a thoroughly modern cipher design and may be used with +confidence. + + + +** What are Twofish and Blowfish? + :PROPERTIES: + :CUSTOM_ID: define_fish + :END: + + +Blowfish and Twofish are well-regarded symmetric ciphers. Blowfish +should not be used to encrypt files larger than 4Gb in size, but +Twofish has no such restrictions. These algorithms are modern, and +may be used with confidence. + + + +** What?s 3DES? + :PROPERTIES: + :CUSTOM_ID: define_3des + :END: + + +In the 1970s, IBM developed a new symmetric cipher called the Data +Encryption Standard (DES). They overdesigned it horribly: even after +three decades, the only way to break DES is by brute force. +Unfortunately, standard DES has a small enough keyspace to be +susceptible to brute-forcing. + +A new variant of DES was needed. 3DES, which is made of three DES +algorithms running together with three independent keys, was the +result. 3DES is ungainly, ugly, slow, and has all the aesthetics of a +Soviet workers? housing bloc. It has also withstood three decades of +cryptanalysis and is still going strong. + +Due to its 1970s-era 64-bit block size, it should not be used to +encrypt more than about 4Gb of data. Beyond that, though, it is solid +as a rock, and very few GnuPG users will ever notice a problem with +it. Provided you?re not encrypting more than 4Gb of data you may use +3DES with confidence. + + + +** What?s Camellia? + :PROPERTIES: + :CUSTOM_ID: define_camellia + :END: + + +During roughly the same time period that [[http://www.nist.gov][NIST]] was running the Advanced +Encryption Standard trials, Japan?s [[http://www.cryptrec.jp/english/][CRYPTREC]] and the European Union's +[[http://www.cryptonessie.org/][NESSIE]] were running their own similar trials. Camellia is the cipher +that won the NESSIE and CRYPTREC trials, much in the same way that +Rijndael won the United States? AES trials. + +Camellia is a thoroughly modern cipher design and may be used with +confidence. + + + +** What are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 and SHA-3? + :PROPERTIES: + :CUSTOM_ID: define_sha + :END: + + +The Secure Hash Algorithms are cryptographic hash functions originally +devised by the United States? National Security Agency. The +algorithms have been made publicly available and have been subjected +to an astonishing amount of peer review. + +- *SHA* and/or *SHA-0*: the original Secure Hash Algorithm, generating + 160-bit outputs. Flaws were discovered in it almost immediately. + SHA-0 never gained much traction in the cryptologic community, and + it is not present in GnuPG. +- *SHA-1*: This is SHA-0 with the flaws fixed, and not much else in + the way of changes. It still generates 160-bit outputs. SHA-1 has + not aged well. Although it is still believed to be safe, it would + be advisable to use another, different hash function if possible. +- *SHA-224*: This is a massively-overhauled SHA-1 which generates + 224-bit outputs. It is believed to be safe, with no warnings about + its usage. +- *SHA-256*: This is a massively-overhauled SHA-1 which generates + 256-bit outputs. It is believed to be safe, with no warnings about + its usage. +- *SHA-384*: This is a massively-overhauled SHA-1 which generates + 384-bit outputs. It is believed to be safe, with no warnings about + its usage. +- *SHA-512*: This is a massively-overhauled SHA-1 which generates + 512-bit outputs. It is believed to be safe, with no warnings about + its usage. +- *SHA-3*: SHA-3 is a completely new hash algorithm that makes a clean + break with the previous SHAs. It is believed to be safe, with no + warnings about its usage. At present, GnuPG does not support SHA-3. + Support for SHA-3 is forthcoming: expect it soon. + + + +** What?s MD5? + :PROPERTIES: + :CUSTOM_ID: define_md5 + :END: + + +MD5 is a 128-bit cryptographic hash function invented by Ron Rivest +(the ?R? of ?RSA?) in the early 1990s. For many years it was one of +the standard algorithms of the field, but it has not aged well and is +widely considered to be completely obsolete. + +You don?t need to worry about MD5, though: although GnuPG can read +MD5-based signatures, it will only generate MD5-based signatures if +you jump through a lot of hoops. This is for your own safety, to +prevent people from accidentally generating MD5-based signatures. + + + +** What are CAST, CAST5, and CAST5-128? + :PROPERTIES: + :CUSTOM_ID: define_cast + :END: + + +Carlisle Adams and Stafford Tavares (the ?CA? and the ?ST? in ?CAST?) +developed the CAST algorithm in 1996. It was later approved for +Canadian government use. + +CAST has many names: CAST, CAST5, CAST5-128 and CAST-128 all refer to +the same algorithm. + +Internally, CAST is distinctly similar to Blowfish, another +well-respected algorithm. Like 3DES, its 64-bit block size means it +should not be used to encrypt files larger than 4Gb in size. With +that said, though, CAST is a modern cipher and may be used with +confidence. + + + +** What are ZLIB, ZIP and BZIP? + :PROPERTIES: + :CUSTOM_ID: define_compress + :END: + + +ZLIB, ZIP and BZIP refer to different kinds of compression algorithms. +GnuPG will use one of these three algorithms to compress your data +before encrypting it, unless GnuPG can see the data is already +compressed. + + + +** What?s a ?revocation certificate?? + :PROPERTIES: + :CUSTOM_ID: define_rev_cert + :END: + + +A revocation certificate is a [[#define_key][certificate]] that possesses the +information necessary to mark another certificate as unusable. This +is called ?revoking? the certificate. + +Recommended procedure is to generate a revocation certificate +immediately after generating a new GnuPG key. If the key is lost +(say, if you have no backups of the key and you lose the smart card or +laptop containing the key), you'll no longer be able to generate a +revocation certificate. Consult [[#generate_revocation_certificate][the FAQ instructions]] on how to do +this. + + + +** What?s a ?designated revoker?? + :PROPERTIES: + :CUSTOM_ID: define_desig_revkr + :END: + + +A designated revoker is a person, identified by a certificate, that +has the authority to revoke another certificate held by a different +person. For instance, if you were using GnuPG in a corporate +environment the IT staff might be listed as a designated revoker for +your certificate, so that when you left the company the IT staff could +revoke your certificate. + + + +** What does ?validity? mean? + :PROPERTIES: + :CUSTOM_ID: define_validity + :END: + + +Although a certificate makes certain assertions about identity, these +assertions cannot be blindly trusted. (Consider, for instance, +whether you should trust a certificate that claims to belong to +=obama at whitehouse.gov=.) + +If you trust the certificate?s assertions, you are said to have +?validated? the certificate. Validation can be done by fiat or as the +result of a process. For instance, you validate your own certificate +by fiat: ?this certificate says it belongs to me, and I trust it.? +Validating other certificates, though, should probably have a little +more rigor involved. How much rigor will depend entirely on your own +particular needs and the threats you face. + + + + +** What does ?trust? mean? + :PROPERTIES: + :CUSTOM_ID: define_trust + :END: + + +?Trust? refers to how thoroughly a certificate has been [[#define_validity][validated]]. +The terms are used somewhat interchangeably. + + + +** What does ?ownertrust? mean? + :PROPERTIES: + :CUSTOM_ID: define_ownertrust + :END: + + +If a certificate has been [[#define_validity][validated]], and if you trust the person +owning that certificate to do proper validation of certificates, you +can tell GnuPG ?I am willing to trust this person?s validations as if +they were my own.? + +/[For instance, I have fully validated John Hawley?s certificate. I +further believe, based on my knowing John, that he will be as careful +about validating a certificate as I would be. So if John validates +your certificate, then if I pull your certificate down from the +keyserver it will show up as a fully validated certificate. ? rjh]/ + + + +* How do I start using GnuPG? + :PROPERTIES: + :CUSTOM_ID: starting_out + :END: + +The very first thing is to join the [[#gnupg-users_list][GnuPG-Users mailing list]]. You?ll +find it to be a welcoming community that?s friendly to newcomers and +is eager to help out. + + + +** Does GnuPG need to be ?tuned? before use? + :PROPERTIES: + :CUSTOM_ID: tuning + :END: + +No. GnuPG has sensible defaults right out of the box. You don?t need +to tune GnuPG before you can use it. + + + +** How large should my key be? + :PROPERTIES: + :CUSTOM_ID: new_key_size + :END: + +The overwhelming majority of users will be well-served by generating +2048-bit RSA keys. This is the default behavior for GnuPG. + + +** What algorithm should I use? + :PROPERTIES: + :CUSTOM_ID: new_key_algo + :END: + +The overwhelming majority of users will be well-served by generating +2048-bit RSA keys. This is the default behavior for GnuPG. + + +** Why does it take so long to generate a certificate? + :PROPERTIES: + :CUSTOM_ID: new_key_generate_time + :END: + +The short answer is, ?your computer is doing a lot of work.? But +don?t worry: although generating new certificates can take a while, +actually using them once they?re made is quite fast. + + +** What should I do after making my certificate? + :PROPERTIES: + :CUSTOM_ID: new_key_after_generation + :END: + +Generate a revocation certificate, and store it in a safe place. +Alternately, you may wish to appoint [[#define_desig_revkr][a designated revoker]]. + + +*** How do I appoint a designated revoker? + :PROPERTIES: + :CUSTOM_ID: appoint_revoker + :END: + +A designated revoker is someone whom you trust to revoke your +certificates on your behalf. This person may revoke your certificates +without needing a revocation certificate. For instance, you may wish +to appoint your lawyer as your designated revoker so that, in the +event of your untimely death, your lawyer may revoke your +certificates. + +To add a revoker, use the following command line: + +=gpg --edit-key= /[your key ID here]/ =addrevoker= + +When prompted, enter the key ID of the person whom you wish to appoint +as a revoker. The revoker?s key must be fully validated. + + + +*** How do I generate a revocation certificate? + :PROPERTIES: + :CUSTOM_ID: generate_revocation_certificate + :END: + + +A [[#define_rev_cert][revocation certificate]] marks another certificate as unusable. + +To generate a revocation certificate for your key, do: + +=gpg --armor --output revoke.asc --gen-revoke= /[your key ID]/ + +Copy =revoke.asc= to a safe place. + + +*** How do I send my certificate to the keyserver network? + :PROPERTIES: + :CUSTOM_ID: send_to_keyservers + :END: + + +=gpg --keyserver pool.sks-keyservers.net --send-key= /[your certificate ID]/ + +You should only upload your own certificates to the keyservers, or +obtain the certificate holder's permission before doing so. In some +circles it's considered rude to upload someone else's certificate; not +everyone wants to publish their key publicly. + + + +** Where does GnuPG look for configuration options? + :PROPERTIES: + :CUSTOM_ID: location_gpg_conf_file + :END: + + +GnuPG looks at a file called =gpg.conf= to determine various runtime +parameters. On UNIX systems this file can be found in =~/.gnupg=. On +Windows systems it?s a bit more difficult to predict, but try: + +- Windows XP :: FIXME +- Windows Vista :: FIXME +- Windows 7 :: FIXME +- Windows 8 :: FIXME + + +** What options should I put in my configuration file? + :PROPERTIES: + :CUSTOM_ID: new_user_gpg_conf + :END: + +The good news is, you really shouldn?t need to. That said, the +following is Rob Hansen?s =gpg.conf= file. The italicized text +describes what each piece does: the monospaced text is the actual +content of the file. + +/Ensure that all parameters are set for strict OpenPGP conformance. +Later entries will override this, but setting ?openpgp? provides a +really good baseline to start from./ + +=openpgp= + +/Make GnuPG a little quieter: don?t warn about insecure memory, don?t +print a greeting message, don?t put comments in GnuPG?s output./ + +=no-greeting=\\ +=no-secmem-warning=\\ +=no-emit-version=\\ +=no-comments= + +/Since keyservers.org sits in my closet, I want GnuPG to always check it instead of going out on the network to ask another keyserver halfway around the globe. Most users don?t have a keyserver in their closet, and will want to substitute pool.sks-keyservers.net here./ + +=keyserver keyservers.org= + +/Whenever I sign a document, use certificate 0xD6B98E10/ + +=local-user 0xD6B98E10= + +/Whenever I encrypt a document, also include certificate 0xD6B98E10 as +a recipient. This allows me to decrypt the messages I send./ + +=encrypt-to 0xD6B98E10= + +/In email, a line beginning with the word ?From? can be misinterpreted +by the computer as the start of a new email message. Thus, whenever +GnuPG sees a line starting with ?From?, it will slightly mangle the +line to prevent this bug from occurring./ + +=escape-from-lines= + +/Use SHA256 instead of SHA-1 for certificate signatures./ + +=cert-digest-algo SHA256= + +/Prefer these digest algorithms, in this order/ + +=personal-digest-preferences SHA256 SHA512 SHA384 SHA224 RIPEMD160= + +/Prefer these ciphers, in this order/ + +=personal-cipher-preferences TWOFISH CAMELLIA256 AES 3DES= + + + +** Is there any particular keyserver I should use? + :PROPERTIES: + :CUSTOM_ID: new_user_default_keyserver + :END: + + +Many people have had excellent luck with =pool.sks-keyservers.net=. + + + +** What?s the difference between an ?option? and a ?command?? + :PROPERTIES: + :CUSTOM_ID: diff_option_commands + :END: + +Commands tell GnuPG what to do: options tell GnuPG how to do it. For +instance, =encrypt= is a command, and =armor= is an option that tells +GnuPG to ensure the output contains only printable characters. + + +** What are the most commonly used options? + :PROPERTIES: + :CUSTOM_ID: common_options + :END: + +Produce more output explaining what GnuPG is doing: + +=-v=, =--verbose= + +Some of the most commonly used options are: + +Make no changes; this is useful for testing a command line that will +modify keys or generate output: + +=-n=, =--dry-run= + +Send output to the named file: + +=-o= /FILE/, =--output= /FILE/ + +Create ASCII-armored output that can be safely e-mailed, instead of +binary output: + +=-a=, =--armor= + +When encrypting a message, you will usually supply at least one +recipient ID with the recipient option. This option can be supplied +multiple times to encrypt a message to multiple recipients: + +=-r= /KEYID/, =--recipient= /KEYID=/ /specify a recipient ID/ + + +** What are the most commonly used commands? + :PROPERTIES: + :CUSTOM_ID: common_commands + :END: + +GnuPG's primary functions are to encrypt and decrypt messages, and to +sign and verify them. It's possible to sign without encrypting or +encrypt without signing. + +Signing a file's content is done with the =-s= or =--sign= commands. +A variation is =-b= or =--detach-sign=, which produces a separate +signature without including the file's content; this is useful for +signing a software archive or other large file. The key to use for +the signature can be specified with the =local-user= setting in your +gpg.conf file, or with the =-u=, =--local-user= options. + +Encrypting a file's content is done with the =-e= or =--encrypt= +commands. Recipients are specified with the =-r= or =--recipient= +options. + +GnuPG's default action is to decrypt and verify its input file, +writing the contents to standard output or to the filename specified +by the =-o= or =--output= options. The =--verify= command will only +verify the signature without writing the file's contents anywhere. + +These commands are the most commonly used. GnuPG has many more +commands, largely for managing your keyring containing your private +keys and the certificates of others. + + +** How do I use another person?s certificate? + :PROPERTIES: + :CUSTOM_ID: using_certificates + :END: + +In order to send an encrypted message or verify a signature, you must +obtain the certificate for the sender/signer's public key. + +Occasionally you might obtain the certificate physically, by meeting +the certificate holder face-to-face and exchanging the certificate on +some storage medium such as a USB stick, memory card, or portable +disk. Or you might download a copy of the certificate from the +holder's web site. + +Once obtained in one of these ways, you can add the certificate to +your collection of public keys by doing: + +=gpg --import certificate.txt= + +More commonly, you'll download a correspondent's certificate from a +keyserver. + + + +*** How do I search the keyserver for someone?s certificate? + :PROPERTIES: + :CUSTOM_ID: searching_keyservers + :END: + + +There is also a network of public keyservers, accessible under the +collective hostname =pool.sks-keyservers.net=. GnuPG users can upload +their certificates to the keyservers, and other users can then search +for and download them. + +=gpg --keyserver pool.sks-keyservers.net --search= /[email address, name, key ID, etc.]/ + +GnuPG will list matching certificates and prompt you to select which +ones you wish to download and add to your keyring. + +People will obtain new signatures for their certificates from time to +time. =gpg --refresh-keys= will recheck all of the certificates on +your public key and download any new signatures for those keys. + + + +*** How do I retrieve a certificate if I already know its fingerprint? + :PROPERTIES: + :CUSTOM_ID: retrieving_by_fingerprint + :END: + + +=gpg --keyserver pool.sks-keyservers.net --recv-key= /[fingerprint]/ + + + +*** Why do I need to validate certificates? + :PROPERTIES: + :CUSTOM_ID: why_validate + :END: + + +If you were to receive a letter in the mail that claimed to be from +the President of the United States, would you believe it? Probably +not, because anyone can put together official-looking letterhead: +you?d insist on doing some kind of checking to make sure that no one +was fooling with you. + +The same applies to email. A certificate can claim to be from anyone. +You have to make sure that the certificate really belongs to whom it +claims it belongs to. That process of making sure is called +?validation?. + + + +*** How do I validate certificates? + :PROPERTIES: + :CUSTOM_ID: how_to_validate + :END: + + +*This advice is controversial.* + +It?s controversial for a simple reason: every Tom, Dick and Harry has +their own idea about the ?right way? to validate certificates. Some +of these people are well-informed and some of them are just plain +unhinged. In the end, you are responsible for making your own +decisions. That said, the following is generally agreed upon as being +a reasonable procedure: + +1. Meet the certificate holder face-to-face. +2. Ask to see two forms of government-issued identification. +3. Upon verifying the person really is who they claim to be, ask this + person to provide their certificate?s fingerprint, their email + address, and where you can obtain a copy of their certificate. + (Example: ?My fingerprint is =4541 BB01 8EA4 8F99 19CA 3701 2380 + 6BE5 D6B9 8E10=, and you can find it on + =pool.sks-keyservers.net=.?) +4. On your own computer, retrieve the person?s certificate from the + specified location. Check to make sure the email address they gave + you is one that?s also listed on the certificate. Check to make + sure the fingerprint of the certificate you?ve downloaded matches + the fingerprint the person gave you. +5. =gpg --edit-key= /[their certificate ID]/ =sign= +6. Once signed, =gpg --armor --output signed_cert.asc --export= + /[their certificate ID]/ +7. Send the file =signed_cert.asc= to the address they gave you + +By following this process you first ensure that you?re speaking to the +right person. By comparing the fingerprints of the certificate you +have against the fingerprint they specified, you?re ensuring that you +have the right certificate. Checking to make sure the email address +they gave you is also listed on the certificate is one more check to +make sure. Once that?s done, presto, Bob?s your uncle: there?s +nothing left to do except sign it and return the newly-signed +certificate to the other person. + + +** Why can?t I read emails I?ve sent, and how do I fix it? + :PROPERTIES: + :CUSTOM_ID: encrypt_to_self + :END: + + +You encrypted a message to Alice, which means that it requires Alice?s +private key to read it. Only Alice has her private key. That?s why +you can?t read encrypted traffic you generated: only Alice can read +it. + +To get around this, add yourself as a recipient (=--recipient = /[your +certificate ID]/). + + + +** How do I encrypt a file for multiple recipients? + :PROPERTIES: + :CUSTOM_ID: multiple_recipients + :END: + + +Use multiple =--recipient= options. Remember, options come before +commands! + + + + +** How do I sign a file with multiple certificates? + :PROPERTIES: + :CUSTOM_ID: multiple_signers + :END: + + +Use multiple =--local-user= options. Remember, options come before +commands! + + + +** How do I combine encryption with signing? + :PROPERTIES: + :CUSTOM_ID: encrypt_and_sign + :END: + + +=gpg --armor --recipient= /[first recipient?s key ID]/ =--local-user= /[your key ID]/ =--sign --encrypt= /[filename]/ + + + +** How do I force GnuPG to make printable-text output? + :PROPERTIES: + :CUSTOM_ID: ascii_armor + :END: + +Normally, computers use eight-bit binary code. This often presents +trouble for email, which often requires that only printable +(seven-bit) characters may be used. By using the =--armor= flag, +GnuPG will generate output containing only printable characters. + + +** How do I create an ?inline signature?? + :PROPERTIES: + :CUSTOM_ID: generate_inline_signature + :END: + +An inline signature wraps a textual header and footer around the text +to be signed, leaving the text readable without running GnuPG. This +doesn't conceal the text at all and therefore provides no secrecy, but +if someone edits the text GnuPG will report that the signature is bad. + +To generate an inline signature, run + +=gpg --armor --output signed_file.asc --local-user= /[your key ID]/ =--clearsign message_file.txt= + +To verify the resulting file, simply invoke GnuPG with the filename of +the signed file: + +=gpg signed_file.asc= + + + + +** How can I use GnuPG in an automated environment? + :PROPERTIES: + :CUSTOM_ID: automated_use + :END: + +You should use the =--batch= option. Don't bother to use a passphrase +because there's usually no way to store it more securely than on the +secret keyring itself. + +The suggested way to create keys for an automated environment is as +follows. First, on a secure machine: + +1. If you want to do automatic signing, create a signing subkey for + your key. Use the interactive key editing menu by issuing the + command: + + =gpg --edit-key= /keyID/ + + Enter "addkey" and select the DSA key type. + +2. Make sure that you use a passphrase; this is required by the + current implementation to let you export the secret key. + +3. Run: + + =gpg --export-secret-subkeys --no-comment= /newsubkeyID/ => secring.auto= + +4. Copy =secring.auto= and the public keyring to a test directory. + +5. Change to the test directory. + +6. Run the command: + +=gpg --homedir . --edit= /newsubkeyID/ + + Use the sub-command =passwd= to remove the passphrase from the + subkeys. You may also want to remove all unused subkeys by doing + =key N= and then =delkey= for each subkey. + +7. Copy =secring.auto= to the target box somehow. + + On the target machine, install =secring.auto= as the secret keyring + and begin writing scripts that invoke GnuPG. + + It's a good idea to install an intrusion detection system so that + you will get notice of a successful intrusion. If that happens, + you can revoke all the subkeys installed on that machine and + install new subkeys once the machine is secured again. + + +** I?m a programmer and I need a GnuPG library. Is there one? + :PROPERTIES: + :CUSTOM_ID: yes_gpgme + :END: + + +Check out [[http://www.gnupg.org/related_software/gpgme/][GPGME (GnuPG Made Easy)]]. + + + +** I?m a programmer and I need a way to call GnuPG internals directly. Is there a library for this? + :PROPERTIES: + :CUSTOM_ID: keep_dreaming + :END: + +No, nor will there be. + + +* What common problems come up? + :PROPERTIES: + :CUSTOM_ID: common_problems + :END: + + +** Why is GnuPG warning me this certificate might not belong to whom I think it does? + :PROPERTIES: + :CUSTOM_ID: you_need_to_validate + :END: + + +If you received an email claiming to be from a Nigerian oil tycoon, +would you believe it? Or would you insist on doing some kind of +verification first, in order to make sure that you?re not being +scammed or swindled? + +The same principle applies here. If you?re using a certificate that +claims to belong to Alice, but there?s no evidence it actually belongs +to Alice, GnuPG will warn you that you?re using an untrusted +certificate. + +You probably want to validate the certificate; see [[#how_to_validate][this FAQ's +instructions]]. + + + +** Why is GnuPG warning me about using insecure memory? + :PROPERTIES: + :CUSTOM_ID: insecure_memory + :END: + + +GnuPG tries to lock memory so that no other process can see it and so +that the memory will not be written to swap. If for some reason it?s +not able to do this (for instance, certain platforms don?t support +this kind of memory locking), GnuPG will warn you that it?s using +insecure memory. + +While it?s almost always better to use secure memory, it?s not +necessarily a bad thing to use insecure memory. If you own the +machine and you?re confident it?s not harboring malware, then this +warning can probably be ignored. + + + +** Why is GnuPG changing my message? + :PROPERTIES: + :CUSTOM_ID: escaped_dashes + :END: + +GnuPG uses special lines to denote the beginning of a message, the +beginning of a signature, and so forth. These lines start with +?=----- BEGIN=??. If your text contains a line beginning with a dash, +that line will be slightly mangled in order to prevent GnuPG from +misinterpreting your data as one of its special lines. + + +* What are some common best practices? + :PROPERTIES: + :CUSTOM_ID: best_practices + :END: + +It?s very hard to give advice on this subject, because everyone will +have their own opinion. That said, here are some good guidelines: + +- *Join the community.* Join [[gnupg-users_list][GnuPG-Users]] and get involved in the + discussions. The conversation is wide-ranging and you?ll encounter + a great variety of thoughts and opinions. Reading GnuPG-Users is + one of the best ways to educate yourself. +- *Practice.* If you don?t practice these skills before they become + necessary, you won?t be able to use these skills effectively. +- *Generate a revocation certificate and keep it safe.* +- *Use a strong passphrase.* +- *Keep your computer free of malware.* +- *Validate certificates correctly.* + + + +** How can I choose a strong passphrase? + :PROPERTIES: + :CUSTOM_ID: strong_passphrase + :END: + +If someone manages to obtain your secret key, the only thing +protecting the key will be your passphrase. A passphrase should be 1) +difficult to guess for someone who knows you, and 2) difficult to +brute-force by trying every possible combination of characters. + +To meet requirement 1), the passphrase shouldn't be based on +publicly-available information about you: your birthday, your spouse's +name, your school's motto, a line of text from a book, etc. To meet +requirement 2), the passphrase should be long: commercially available +hardware can try 2.8 billion passwords in a day, which is sufficient +to crack a 10-letter all-lowercase password. + +One simple approach that produces easy-to-remember passphrases is to +generate four to six random words, as illustrated by the XKCD cartoon +[[http://xkcd.com/936/][?Correct, horse! Battery staple!?]]. + + + +** How can I keep my revocation certificate safe? + :PROPERTIES: + :CUSTOM_ID: keep_rev_cert_safe + :END: + +Good places include safe deposit boxes, kept on file with your lawyer, +placed in a fireproof safe, and so forth. It should be treated as an +important document that needs to be kept safe. + + +** How can I keep my computer safe from malware? + :PROPERTIES: + :CUSTOM_ID: malware + :END: + + +Although there is no guaranteed way of keeping your system free of +malware, you can reduce your risk quite a lot by following some basic +rules. + +1. Keep your system up-to-date. Always apply the latest patches. +2. Stop using old versions of Internet Explorer. If possible, use + [[http://www.getfirefox.com][Mozilla Firefox]] or [[http://download-chromium.appspot.com/][Chromium]]. +3. Don?t open email attachments unless they are expected and come + from someone you know. +4. Don?t click on email links unless they are expected and come from + someone you know. +5. Be suspicious of requests for personal information, especially if + it?s more detail than is strictly necessary to solve a problem. + + +** Should I use encrypted disk software like TrueCrypt, BitLocker or FileVault? + :PROPERTIES: + :CUSTOM_ID: disk_encryption + :END: + +You can if you want, but it won?t make your private key any more +secure. Your private key is already encrypted: your passphrase is the +key used to decrypt your private key. + + + +* Advanced topics + :PROPERTIES: + :CUSTOM_ID: advanced_topics + :END: + + +These topics are ?advanced? in the sense that you really don?t need to +understand them in order to safely and correctly use GnuPG. That +said, if you have a more technical question about GnuPG, you may find +some of the answers in this section. + + + +** Why does GnuPG use RSA-2048 by default? + :PROPERTIES: + :CUSTOM_ID: default_rsa2048 + :END: + +The United States National Institute of Standards and Technology +([[http://www.nist.gov][NIST]]) believes that 2048-bit [[#define_asymc][asymmetric cryptography]] will be secure +until at least the year 2030. Larger keys are unlikely to extend this +duration very much. Further, large keys come with their own problems: +they cannot be moved to smartcards, mobile devices have trouble with +them, and so on. + +GnuPG uses RSA by default instead of DSA not because of any problems +with DSA, but just because RSA has a larger installed user base and is +better supported by other OpenPGP-compatible products. + + + +** Do other high-security applications use RSA-2048? + :PROPERTIES: + :CUSTOM_ID: rsa2048_in_the_real_world + :END: + + +2048-bit RSA is commonly used to secure SSL root signing certificates. +It?s also used to sign operating system patches, Authenticode +signatures, Java applets and more. RSA-2048 is believed to be safe +against attack until at least the year 2030, so use it with +confidence. + + + +** Why doesn?t GnuPG default to using RSA-4096? + :PROPERTIES: + :CUSTOM_ID: no_default_of_rsa4096 + :END: + + +Because it gives us almost nothing, while costing us quite a lot. + +Breaking an RSA-10 key requires you to try each prime number between +two and one hundred. There are twenty-five of these, meaning RSA-10 +is equivalent to about a 5-bit symmetric cipher. Breaking an RSA-20 +key requires you to try each prime number between two and one +thousand: there are 168 of them, meaning RSA-20 is equivalent to about +an 8-bit cipher. Doubling the keylength (from RSA-10 to RSA-20) +didn't give us the benefit that we naively expected. Each additional +bit gives correspondingly less in the way of additional security, and +we quickly reach a point of diminishing returns. + +That point of diminishing returns happens around RSA-2048. Once you +move past RSA-2048, you?re really not gaining very much. At the same +time, moving past RSA-2048 means you lose the ability to migrate your +certificate to a smartcard, or to effectively use it on some mobile +devices, or to interoperate with other OpenPGP applications that don?t +handle large keys gracefully. + +If you really want a 4096-bit RSA key there?s nothing stopping you: +but we sincerely believe the overwhelming majority of users will be +well-served with RSA-2048. + + + +** Why do people advise against using RSA-4096? + :PROPERTIES: + :CUSTOM_ID: please_use_ecc + :END: + + +Almost always when people use 4096-bit RSA they?re doing so because +they believe RSA-4096 to be much stronger than it is. The United +States? National Institute of Standards and Technology ([[http://www.nist.gov][NIST]]) states +that RSA-2048 gives roughly 112 bits of security and RSA-3072 gives +roughly 128. There is no formal recommendation on where RSA-4096 +lies, but the general consensus is that it would come in somewhere +around 140 bits ? 28 bits of improvement over RSA-2048. This is an +improvement so marginal that it?s really not worth mentioning. + +If you need more security than RSA-2048 offers, the way to go would be +to switch to elliptical curve cryptography ? not to continue using +RSA. + + + +** Why does GnuPG support RSA-4096 if it?s such a bad idea? + :PROPERTIES: + :CUSTOM_ID: not_a_bad_idea_just_unnecessary + :END: + + +RSA-4096 is not a bad idea: it?s just, generally speaking, +unnecessary. You gain very little in the way of additional resistance +to brute-forcing and cryptanalysis. + + + +** Can any of the ciphers in GnuPG be brute-forced? + :PROPERTIES: + :CUSTOM_ID: brute_force + :END: + + +No. + +The laws of physics require that a certain amount of heat be used in +computation. This is a consequence of the Second Law of +Thermodynamics, and may not be violated under our current +understanding of the laws of physics. + +Further, physics requires that a certain amount of time be used in +computation. This is a consequence of the Heisenberg Uncertainty +Principle, and may not be violated under our current understanding of +the laws of physics. + +Using these two principles (the [[http://en.wikipedia.org/wiki/Landauer_bound][Landauer bound]] and the +[[http://en.wikipedia.org/wiki/Margolus%E2%80%93Levitin_theorem][Margolus?Levitin limit]]), we can determine quite accurately how much +heat would be released by a computer that brute-forced a 128-bit +cipher. The results are profoundly silly: it?s enough to boil the +oceans and leave the planet as a charred, smoking ruin. + +This is not to say that GnuPG cannot be successfully attacked. It is +only to say that none of the ciphers in GnuPG are susceptible to +brute-forcing. + + + +** Has GnuPG ever been successfully attacked? + :PROPERTIES: + :CUSTOM_ID: successful_attacks + :END: + + +This depends entirely on what is meant by ?successful attack.? + +If you mean, ?has GnuPG traffic ever been successfully +cryptanalyzed??, the answer is a flat ?no?. We are unaware of any +credible reports of any of the ciphers used in GnuPG having ever been +successfully cryptanalyzed. + +If you mean, ?have people figured out ways to obtain the plaintext +anyway??, the answer is an emphatic ?yes.? In [[http://news.cnet.com/8301-10784_3-9741357-7.html][a 2007 Drug Enforcement +Administration case]], a keylogger was installed on a suspect's +computer. + +GnuPG protects your traffic against cryptanalysis, but it is not magic +fairy dust that can be sprinkled over your data to make it safe +against all threats. + + + +** Should I use PGP/MIME for my emails? + :PROPERTIES: + :CUSTOM_ID: use_pgpmime + :END: + +Probably not. + +# This is controversial. rjh: we should discuss on how we can extend +# this answer -wk + +PGP/MIME is the official, standardized way of using GnuPG with +electronic mail. PGP/MIME packages the data up as encrypted +attachments. This is the problem with it: attachments often get +mangled, stripped, or otherwise tampered with. For instance, sending +PGP/MIME traffic to the [[#pgp-basics_list][PGP-Basics mailing list]] will result in your +email being completely blank. PGP-Basics is set up to drop all +attachments from messages posted to the list, and that means your +PGP/MIME attachments get dropped. + +For many years GNU Mailman would repackage attachments in ways that +would break the PGP/MIME standard and result in unreadable traffic. +These GNU Mailman installations still exist in the wild. For a long +time both [[#gnupg-users_list][GnuPG-Users]] and [[#enigmail_list][Enigmail]] ran these buggy versions of GNU +Mailman. + +Since PGP/MIME can't reliably be sent to the three largest GnuPG +mailing lists, it?s hard to claim that PGP/MIME is ready for +widespread usage. For now, it?s best to use inline traffic unless you +can be certain that PGP/MIME messages will not be mangled in transit. + + + +** What are the best algorithms in GnuPG? + :PROPERTIES: + :CUSTOM_ID: no_best_algo + :END: + + +MD5 and SHA-1 should be avoided if possible. Beyond that, there is no +?best algorithm? or ?best algorithms? in GnuPG. It?s sort of like +asking whether Godzilla or King Kong is better at terrorizing urban +cities: there is no clear-cut winner. + +This is not to say you shouldn?t have preferences, though. It is only +to say that GnuPG?s algorithms are so well-designed for what they do +that there is no single ?best?. There?s just a lot of personal, +subjective choice. For instance: + +- /[I studied Twofish pretty intensively in graduate school, so I tend + to prefer it. ? rjh]/ + + + +** Why is my DSA key limited to 3072 bits? + :PROPERTIES: + :CUSTOM_ID: no_dsa4096 + :END: + + +The United States? National Institute of Standards and Technology +([[http://www.nist.gov][NIST]]) is responsible for the DSA specification. NIST has not +published a 4096-bit DSA variant, and thus GnuPG doesn?t offer it. + + + +** Why does my DSA-1024 key use a different digest algorithm than my DSA-2048 or DSA-3072 key? + :PROPERTIES: + :CUSTOM_ID: hash_widths_in_dsa + :END: + + +The DSA algorithm has gone through several revisions. + +GnuPG?s original implementation of DSA supported 1024-bit keys that +used either SHA-1 or RIPEMD-160 as hashes. + +When the United States? National Institute of Standards and Technology +([[http://www.nist.gov][NIST]]) revised the specification to support 2048- and 3072-bit keys, +they also required longer hashes be used. DSA-2048 required a 224-bit +hash (SHA-224, or a longer hash cut down to 224 bits), and DSA-3072 +required a 256-bit hash (SHA-256, or a longer hash cut down to 256 +bits). They also now allowed for stronger hashes to be used for +DSA-1024: if they were more than 160 bits, they would simply be cut +down. + +So, depending on how you have GnuPG configured, GnuPG might be forced +to use SHA-1 and/or RIPEMD-160 with DSA-1024; GnuPG might be able to +use any of the longer SHAs with DSA-1024; GnuPG might use SHA-224, +-256, -384 or -512 for DSA-2048; GnuPG might use SHA-256, SHA-384 or +SHA-512 for DSA-3072. + + +* COMMENT HTML style specifications + +#+begin_src emacs-lisp + (defun org-faq-make-target () + "Make hard target for current headline." + (interactive) + (if (not (org-on-heading-p)) + (error "Not on a headline")) + (let ((h (org-trim (org-get-heading 'no-tags)))) + (if (string-match "[ \t]*\\?\\'" h) + (setq h (replace-match "" t t h))) + (while (string-match "[ \t]+" h) + (setq h (replace-match "-" t t h))) + (setq h (downcase h)) + (org-entry-put nil "CUSTOM_ID" h))) +#+end_src + + +# Local Variables: +# End: commit 5151d061a38fee18c0998cdf680793d2d3e594d7 Author: Werner Koch Date: Wed Nov 6 20:00:36 2013 +0100 Adjust for org-mode 8.0 Org-mode 8 features a #+TOC: keyword which is useful to move the toc behind the foreword. There are also lots of other chnages and thus we better require it. diff --git a/.gitignore b/.gitignore index ef11cae..c938f5a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,6 @@ stage/ /web/sitemap.org .*.orgx /web/theindex.inc +/web/faq/gnupg-faq.pdf +/web/faq/gnupg-faq.tex +/web/faq/gnupg-faq.txt diff --git a/web/documentation/faqs.org b/web/documentation/faqs.org index 71f2e35..0f45e71 100644 --- a/web/documentation/faqs.org +++ b/web/documentation/faqs.org @@ -6,6 +6,6 @@ The GnuPG FAQ is available in 3 formats: - - [[http://www.gnupg.org/faq/GnuPG-FAQ.html][HTML]] + - [[../faq/gnupg-faq.html][HTML]] - [[ftp://ftp.gnupg.org/gcrypt/gnupg/GnuPG-FAQ.txt][Text]] - - [[http://git.gnupg.org/cgi-bin/gitweb.cgi?p%3Dgnupg.git%3Ba%3Dblob_plain%3Bf%3Ddoc/faq.org][Org-mode]] + - [[http://git.gnupg.org/cgi-bin/gitweb.cgi?p%3Dgnupg-doc.git%3Ba%3Dblob_plain%3Bf%3Dweb/faq/gnupg-faq.org][Org-mode]] diff --git a/web/index.org b/web/index.org index 7c064f5..7f24358 100644 --- a/web/index.org +++ b/web/index.org @@ -111,35 +111,5 @@ This is the publishing info used for the GnuPG pages (require 'gpgweb (concat gpgweb-root-dir "share/gpgweb.el")) (setq org-export-html-toplevel-hlevel 1) (setq org-export-html-coding-system 'utf-8) - - (aput 'org-publish-project-alist "gpgweb-org" - '(:base-directory "." - :base-extension "org" - :language "en" - :html-extension "html" - :recursive t - :publishing-directory "../stage" - :publishing-function gpgweb-org-to-html - :body-only t - :section-numbers nil - :tags nil - :table-of-contents nil - :makeindex t - :auto-sitemap t - :sitemap-title "GnuPG - Sitemap" - :style-include-default nil - :timestamp-file t - :style "")) - - (aput 'org-publish-project-alist "gpgweb-other" - '(:base-directory "." - :base-extension "jpg\\|png\\|css" - :recursive t - :publishing-directory "../stage" - :publishing-function org-publish-attachment - :completion-function gpgweb-upload)) - - (aput 'org-publish-project-alist "gpgweb" - '(:components ("gpgweb-org" "gpgweb-other")))) - + (gpgweb-setup-project)) #+end_src diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 62b4798..60c7f1d 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -2,7 +2,41 @@ (require 'org-exp) -(defun gpgweb-insert-header () +(defun gpgweb-setup-project () + (progn + (aput 'org-publish-project-alist "gpgweb-org" + '(:base-directory "~/s/gnupg-doc/web" + :base-extension "org" + :language "en" + :html-extension "html" + :recursive t + :publishing-directory "../stage" + :publishing-function gpgweb-org-to-html + :body-only t + :section-numbers nil + :tags nil + :with-toc nil + :makeindex t + :auto-sitemap t + :sitemap-title "GnuPG - Sitemap" + :style-include-default nil + :timestamp-file t + :html-head "" + :html-head-include-scripts nil)) + + (aput 'org-publish-project-alist "gpgweb-other" + '(:base-directory "." + :base-extension "jpg\\|png\\|css" + :recursive t + :publishing-directory "../stage" + :publishing-function org-publish-attachment + :completion-function gpgweb-upload)) + + (aput 'org-publish-project-alist "gpgweb" + '(:components ("gpgweb-org" "gpgweb-other"))))) + + +(defun gpgweb-insert-header (title) (goto-char (point-min)) (insert " This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 57b296ea3a5204cd3711b7bf57c8fb14d8542402 (commit) from f702d62d888b30e24c19f203566a1473098b2b31 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 57b296ea3a5204cd3711b7bf57c8fb14d8542402 Author: Jussi Kivilinna Date: Thu Nov 7 12:24:04 2013 +0200 Change 64-bit shift to 32-bit in AES AMD64 assembly * cipher/rijndael-amd64.S (do16bit_shr): Change 'shrq' to 'shrl'. -- 64-bit shift is not needed here as registers are used for 32-bit values. Signed-off-by: Jussi Kivilinna diff --git a/cipher/rijndael-amd64.S b/cipher/rijndael-amd64.S index d360ea8..3b96889 100644 --- a/cipher/rijndael-amd64.S +++ b/cipher/rijndael-amd64.S @@ -101,7 +101,7 @@ #define do16bit_shr(shf, op, source, tablemul, table1, dest1, table2, dest2, t0, t1) \ movzbl source ## bl, t0 ## d; \ movzbl source ## bh, t1 ## d; \ - shrq $(shf), source; \ + shrl $(shf), source ## d; \ op ## l table1(RTAB,t0,tablemul), dest1 ## d; \ op ## l table2(RTAB,t1,tablemul), dest2 ## d; ----------------------------------------------------------------------- Summary of changes: cipher/rijndael-amd64.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 7 11:34:42 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Thu, 07 Nov 2013 11:34:42 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-368-gbfe4f65 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via bfe4f6523b80bae0040328ef324b9000ee5b38a4 (commit) from 57b296ea3a5204cd3711b7bf57c8fb14d8542402 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bfe4f6523b80bae0040328ef324b9000ee5b38a4 Author: Jussi Kivilinna Date: Thu Nov 7 12:33:59 2013 +0200 Fix decryption function size in AES AMD64 assembly * cipher/rijndael-amd64.S (_gcry_aes_amd64_decrypt_block): Set '.size' for '_gcry_aes_amd64_decrypt_block', not '..._encrypt_block'. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/rijndael-amd64.S b/cipher/rijndael-amd64.S index 3b96889..35a9d26 100644 --- a/cipher/rijndael-amd64.S +++ b/cipher/rijndael-amd64.S @@ -355,7 +355,7 @@ _gcry_aes_amd64_decrypt_block: decround(9); jmp .Ldec_tail; -.size _gcry_aes_amd64_encrypt_block,.-_gcry_aes_amd64_encrypt_block; +.size _gcry_aes_amd64_decrypt_block,.-_gcry_aes_amd64_decrypt_block; .data .align 16 ----------------------------------------------------------------------- Summary of changes: cipher/rijndael-amd64.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 7 15:40:41 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 07 Nov 2013 15:40:41 +0100 Subject: [git] gnupg-doc - branch, master, updated. 4a02511aa4f85d12ca77964ee21edc83e8a41d39 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 4a02511aa4f85d12ca77964ee21edc83e8a41d39 (commit) from 3f8a20bb5d2cd0a379b90341cc04d66ae57cd99a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4a02511aa4f85d12ca77964ee21edc83e8a41d39 Author: Werner Koch Date: Thu Nov 7 12:32:36 2013 +0100 Add disable-copyright-footer flag. * web/share/gpgweb.el: Autoload cl-macs. (gpgweb-setup-project): Change sitemap format. (gpgweb-insert-footer): Implement disable-copyright-footer flag. * web/faq/gnupg-faq.org: Add disable-copyright-footer flag/ * web/aegypten/: Add disable-copyright-footer flag to all org files. * web/aegypten2/: Ditto. diff --git a/web/aegypten/development.org b/web/aegypten/development.org index b58be92..0857d51 100644 --- a/web/aegypten/development.org +++ b/web/aegypten/development.org @@ -849,3 +849,5 @@ X.509/PKIX certificate authority (uses OpenSSL) for Unix [[http://cryp.to/librfc822/][RFC822 Address Parser Library]] + +#+HTML: diff --git a/web/aegypten/glossary.org b/web/aegypten/glossary.org index 3eafc5a..934ad2d 100644 --- a/web/aegypten/glossary.org +++ b/web/aegypten/glossary.org @@ -53,3 +53,4 @@ words/acronyms not clear in their meaning. (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/aegypten/index.org b/web/aegypten/index.org index 21f6cb1..07709df 100644 --- a/web/aegypten/index.org +++ b/web/aegypten/index.org @@ -137,3 +137,4 @@ Detailed list of results: (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/aegypten/pr.org b/web/aegypten/pr.org index 25e4e1a..acead95 100644 --- a/web/aegypten/pr.org +++ b/web/aegypten/pr.org @@ -171,3 +171,5 @@ Digital: Paper: - c't 2001, Heft 22, page 49: Sichere E-Mail (german) + +#+HTML: diff --git a/web/aegypten/tech.org b/web/aegypten/tech.org index 3c6bd12..d3e2b7b 100644 --- a/web/aegypten/tech.org +++ b/web/aegypten/tech.org @@ -188,3 +188,4 @@ Smartcard. (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/aegypten/time.org b/web/aegypten/time.org index 985752d..f0b96f7 100644 --- a/web/aegypten/time.org +++ b/web/aegypten/time.org @@ -39,3 +39,4 @@ definitions ready to start implementation work (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/aegypten/who.org b/web/aegypten/who.org index 13ab467..348a833 100644 --- a/web/aegypten/who.org +++ b/web/aegypten/who.org @@ -54,3 +54,4 @@ (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/aegypten2/index.org b/web/aegypten2/index.org index 12c2e17..ccd128a 100644 --- a/web/aegypten2/index.org +++ b/web/aegypten2/index.org @@ -216,3 +216,4 @@ (C) Intevation, Verbatim copying and distribution of this entire page is permitted in any medium, provided this notice is preserved. +#+HTML: diff --git a/web/documentation/faqs.org b/web/documentation/faqs.org index 0f45e71..497eb26 100644 --- a/web/documentation/faqs.org +++ b/web/documentation/faqs.org @@ -9,3 +9,6 @@ - [[../faq/gnupg-faq.html][HTML]] - [[ftp://ftp.gnupg.org/gcrypt/gnupg/GnuPG-FAQ.txt][Text]] - [[http://git.gnupg.org/cgi-bin/gitweb.cgi?p%3Dgnupg-doc.git%3Ba%3Dblob_plain%3Bf%3Dweb/faq/gnupg-faq.org][Org-mode]] + + +# eof diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index 68b2fd4..c8f8937 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -51,6 +51,8 @@ released under terms of the [[http://creativecommons.org/licenses/by-nc/2.5/][Cr 2.5]] license; alternately, you may make use of it under terms of the GNU General Public License (version 3 or, at your discretion, any later version), again excepting Mr. Munroe?s works. +#+HTML: + ** Disclaimer of liability :PROPERTIES: diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 60c7f1d..64c22b6 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -1,6 +1,9 @@ ;;; gpgweb.el --- elisp helper code for the GnuPG web pages (require 'org-exp) +;; cl-macs is required by ox-html.el but for whatever reasons not +;; autoloaded. +(load-library "cl-macs") (defun gpgweb-setup-project () (progn @@ -19,6 +22,8 @@ :makeindex t :auto-sitemap t :sitemap-title "GnuPG - Sitemap" + :sitemap-sort-folders "last" + :sitemap-file-entry-format "%t @@html:@@(%d)@@html:@@" :style-include-default nil :timestamp-file t :html-head "" @@ -36,6 +41,8 @@ '(:components ("gpgweb-org" "gpgweb-other"))))) + + (defun gpgweb-insert-header (title) (goto-char (point-min)) (insert " @@ -108,8 +115,10 @@ ")) (defun gpgweb-insert-footer () - (goto-char (point-max)) - (insert "
+ (goto-char (point-min)) + (unless (search-forward "" nil t) + (goto-char (point-max)) + (insert " +
")) + (goto-char (point-max)) + (insert " @@ -137,7 +148,6 @@ (let ((fname (file-name-nondirectory htmlfile)) (title (org-publish-find-title orgfile)) (generated-at (org-today))) - (message "post processing %s (%s)" htmlfile orgfile) (gpgweb-insert-header title) (gpgweb-insert-footer) (when (string-match "\\.\\([a-z][a-z]\\.\\)?html$" fname) @@ -147,15 +157,21 @@ (replace-match (concat "href=\"" ) t nil)) (goto-char (point-min)) (while (search-forward "@MENU-ACTIVE@" nil t) - (replace-match "" t nil))) - (basic-save-buffer)) - (unless visitingp (kill-buffer work-buffer))))) + (replace-match "" t nil)) + (when (string-equal fname "sitemap") + (goto-char (point-min)) + (while (re-search-forward + "^.*
  • .*>\\(GnuPG - \\).* +;; Date: Wed Oct 2 18:26:27 2013 -0400 +;; +;; Fix escaping of links in html export. +;; +;; * lisp/ox-html.el (org-html-link): Unescape org-escaped links an +;; re-escape for html (browser). +;; +;; +;; diff --git a/lisp/ox-html.el b/lisp/ox-html.el +;; index 66862bc..0600204 100644 +;; --- a/lisp/ox-html.el +;; +++ b/lisp/ox-html.el +;; @@ -2624,7 +2624,9 @@ INFO is a plist holding contextual information. See +;; (path +;; (cond +;; ((member type '("http" "https" "ftp" "mailto")) +;; - (concat type ":" raw-path)) +;; + (org-link-escape +;; + (org-link-unescape +;; + (concat type ":" raw-path)) org-link-escape-chars-browser)) +;; ((string= type "file") +;; ;; Treat links to ".org" files as ".html", if needed. +;; (setq raw-path diff --git a/web/site_map.org b/web/site_map.org deleted file mode 100644 index f72596e..0000000 --- a/web/site_map.org +++ /dev/null @@ -1,4 +0,0 @@ - -* Site Map - -This site map is automagically generated at each site rebuild. ----------------------------------------------------------------------- Summary of changes: web/aegypten/development.org | 2 ++ web/aegypten/glossary.org | 1 + web/aegypten/index.org | 1 + web/aegypten/pr.org | 2 ++ web/aegypten/tech.org | 1 + web/aegypten/time.org | 1 + web/aegypten/who.org | 1 + web/aegypten2/index.org | 1 + web/documentation/faqs.org | 3 +++ web/faq/gnupg-faq.org | 2 ++ web/share/gpgweb.el | 56 ++++++++++++++++++++++++++++++++++++------ web/site_map.org | 4 --- 12 files changed, 64 insertions(+), 11 deletions(-) delete mode 100644 web/site_map.org hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 7 20:54:52 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 07 Nov 2013 20:54:52 +0100 Subject: [git] gnupg-doc - branch, master, updated. 07e10cc6b24f44d0c4f55c86a0e220f8b2e99214 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 07e10cc6b24f44d0c4f55c86a0e220f8b2e99214 (commit) from 4a02511aa4f85d12ca77964ee21edc83e8a41d39 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 07e10cc6b24f44d0c4f55c86a0e220f8b2e99214 Author: Werner Koch Date: Thu Nov 7 20:26:43 2013 +0100 Indicate the current selection in the navigation menu. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 64c22b6..67438e8 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -136,29 +136,35 @@ ")) - -;; Our publishing tweaks: -;; -;; - Substitute @FNAME@ by the actual file name. -;; - Substitute @MENU-ACTIVE@ by an empty string. +;;; Post-process the generated HTML file: +;;; +;;; - Insert header and footer +;;; - Insert "class=selected" into the active menu entry +;;; - Fixup sitemap. (defun gpgweb-postprocess-html (plist orgfile htmlfile) (let* ((visitingp (find-buffer-visiting htmlfile)) (work-buffer (or visitingp (find-file-noselect htmlfile)))) (prog1 (with-current-buffer work-buffer (let ((fname (file-name-nondirectory htmlfile)) + (fname-2 (replace-regexp-in-string + ".*/stage\\(/.*\\)$" "\\1" htmlfile t)) (title (org-publish-find-title orgfile)) - (generated-at (org-today))) + (generated-at (org-today)) + (tmppnt)) + ;; Insert the header and mark the active menu (gpgweb-insert-header title) - (gpgweb-insert-footer) - (when (string-match "\\.\\([a-z][a-z]\\.\\)?html$" fname) - (setq fname (substring fname 0 (match-beginning 0)))) - (goto-char (point-min)) - (while (search-forward "href=\"@FNAME@" nil t) - (replace-match (concat "href=\"" ) t nil)) + (setq tmppnt (point)) (goto-char (point-min)) - (while (search-forward "@MENU-ACTIVE@" nil t) - (replace-match "" t nil)) - (when (string-equal fname "sitemap") + (while (re-search-forward + (concat "href=\"" (regexp-quote fname-2) "\"") + tmppnt t) + (replace-match "\\& class=\"selected\"" t)) + + ; Insert the footer + (gpgweb-insert-footer) + + ; Fixup the sitemap + (when (string-equal fname "sitemap.html") (goto-char (point-min)) (while (re-search-forward "^.*
  • .*>\\(GnuPG - \\).* This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 6c4f98c634c734de5040615fa426a80011d44410 (commit) from 07e10cc6b24f44d0c4f55c86a0e220f8b2e99214 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6c4f98c634c734de5040615fa426a80011d44410 Author: Werner Koch Date: Thu Nov 7 22:09:33 2013 +0100 Enable Piwik tracking and add a privacy-policy page. Actually I don't like this tracking stuff. However, it is JS based and thus people who value their privacy won't enabled JS. Eventually the Net will by anonymous by default. diff --git a/web/download/release_notes.org b/web/download/release_notes.org index 4961290..cf94abd 100644 --- a/web/download/release_notes.org +++ b/web/download/release_notes.org @@ -5,7 +5,7 @@ * Release Notes - Please read the NEWS file for a more complete list. {{{gnupg_ver}} + Please read the NEWS file for a more complete list. {{{gnupg_ver}}} is the stable and modern version of GnuPG. (Version {{{gnupg1_ver}}} is from the old GnuPG-1 series, which is still maintained and useful on some platforms: It is smaller than versions from the GnuPG-2 diff --git a/web/index.org b/web/index.org index 7f24358..0af4d6b 100644 --- a/web/index.org +++ b/web/index.org @@ -5,6 +5,8 @@ * The GNU Privacy Guard #+index: GnuPG #+index: GPG +#+index: Gpg4win +#+index: GPGTools GnuPG is the [[http://www.gnu.org/][GNU project]]'s complete and free implementation of the OpenPGP standard as defined by [[http://www.ietf.org/rfc/rfc4880.txt][RFC4880]]. GnuPG allows to encrypt and diff --git a/web/privacy-policy.org b/web/privacy-policy.org new file mode 100644 index 0000000..6ba8b62 --- /dev/null +++ b/web/privacy-policy.org @@ -0,0 +1,25 @@ +#+TITLE: GnuPG - Privacy Policy +#+STARTUP: showall indent +#+SETUPFILE: "share/setup.inc" + +* Privacy Policy +#+index: privacy policy +#+index: analytics +#+index: Piwik + +** Analytics + +This website uses Piwik, a Free Software web analytics system, to +monitor traffic on our Web sites. Piwik records the general +geographical vicinity of visitors as well as their browser and +operating system, and records their navigation within the sites. This +helps us gauge the impact of our materials and improve our work. + +Our Piwik system preserves privacy by anonymizing visitors? IP +addresses. This means that we will not store any personally +identifiable information about you, even though your visit produces a +record that our site was visited by someone. + +Piwik also respects the ?[[http://donottrack.us/][Do Not Track]]? preference offered by some +browsers, so if you have this option set, Piwik will ignore your visit +entirely. Details of how Piwik protects privacy are on [[http://piwik.org/privacy/][their website]]. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 67438e8..cee7bd8 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -107,6 +107,7 @@
  • Thanks
  • Donations
    • +
  • Privacy Policy
  • Sitemap
    • @@ -132,6 +133,26 @@ (goto-char (point-max)) (insert " + ")) ----------------------------------------------------------------------- Summary of changes: web/download/release_notes.org | 2 +- web/index.org | 2 ++ web/privacy-policy.org | 25 +++++++++++++++++++++++++ web/share/gpgweb.el | 21 +++++++++++++++++++++ 4 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 web/privacy-policy.org hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 8 10:24:49 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 08 Nov 2013 10:24:49 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-370-g9f63c0f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 9f63c0f7a3b2c15c7e258cd17395cabd0a8f00cc (commit) via ed45fd2e60c88e2f005282e6eadd018b59dcf65b (commit) from bfe4f6523b80bae0040328ef324b9000ee5b38a4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9f63c0f7a3b2c15c7e258cd17395cabd0a8f00cc Author: Werner Koch Date: Fri Nov 8 10:07:40 2013 +0100 ecc: Implement the "nocomp" flag for key generation. * cipher/ecc.c (ecc_generate): Support the "nocomp" flag. * tests/keygen.c (check_ecc_keys): Add a test for it. Signed-off-by: Werner Koch diff --git a/cipher/ecc.c b/cipher/ecc.c index f2a0e82..d62f555 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -483,7 +483,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) if (_gcry_mpi_ec_get_affine (x, y, &sk.E.G, ctx)) log_fatal ("ecgen: Failed to get affine coordinates for %s\n", "G"); base = _gcry_ecc_ec2os (x, y, sk.E.p); - if (sk.E.dialect == ECC_DIALECT_ED25519) + if (sk.E.dialect == ECC_DIALECT_ED25519 && !(flags & PUBKEY_FLAG_NOCOMP)) { unsigned char *encpk; unsigned int encpklen; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index dd65f9a..1619f0d 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2232,11 +2232,15 @@ are known: @table @code @item comp + at itemx nocomp @cindex comp -If supported and not yet the default return ECC points in compact -(compressed) representation. The compact representation requires a -small overhead before a point can be used but halves the size of a to -be conveyed public key. + at cindex nocomp +If supported by the algorithm and curve the @code{comp} flag requests +that points are returned in compact (compressed) representation. The + at code{nocomp} flag requests that points are returned with full +coordinates. The default depends on the the algorithm and curve. +The compact representation requires a small overhead before a point +can be used but halves the size of a to be conveyed public key. @item pkcs1 @cindex PKCS1 diff --git a/tests/keygen.c b/tests/keygen.c index 4796b5c..48663d4 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -416,15 +416,16 @@ check_ecc_keys (void) show_sexp ("ECC key:\n", key); if (verbose) - show ("creating ECC key using curve Ed25519 for ECDSA\n"); + show ("creating ECC key using curve Ed25519 for ECDSA (nocomp)\n"); rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve Ed25519)(flags)))"); + "(genkey(ecc(curve Ed25519)(flags nocomp)))"); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); gcry_sexp_release (keyparm); if (rc) - die ("error generating ECC key using curve Ed25519 for ECDSA: %s\n", + die ("error generating ECC key using curve Ed25519 for ECDSA" + " (nocomp): %s\n", gpg_strerror (rc)); if (verbose > 1) commit ed45fd2e60c88e2f005282e6eadd018b59dcf65b Author: Werner Koch Date: Fri Nov 8 09:53:32 2013 +0100 ecc: Make "noparam" the default and replace by "param". * src/cipher.h (PUBKEY_FLAG_NOCOMP): New. (PUBKEY_FLAG_NOPARAM): Remove. (PUBKEY_FLAG_PARAM): New. * cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Support the new flags and ignore the obsolete "noparam" flag. * cipher/ecc-curves.c (_gcry_ecc_fill_in_curve): Return the curve name also for curves selected by NBITS. (_gcry_mpi_ec_new): Support the "param" flag. * cipher/ecc.c (ecc_generate, ecc_sign, ecc_verify): Ditto. * tests/keygen.c (check_ecc_keys): Remove the "noparam" flag. -- This is an API change but there are not many ECC users yet and adding the "param" flag for those who really need the parameters (e.g. if private keys have been stored without the curve name, it can easily be added. Note that no version of Libgcrypt with support for "noparam" has been released but for the sake of projects already working with the master version we don't bail out on "noparam". Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 8010c37..d63ca96 100644 --- a/NEWS +++ b/NEWS @@ -43,6 +43,9 @@ Noteworthy changes in version 1.6.0 (unreleased) * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now deprecated. Use GCRY_PK_ECC if you need an algorithm id. + * Changed gcry_pk_genkey for "ecc" to only include the curve name and + not the parameters. The flag "param" may be used to revert this. + * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_ac_* REMOVED. @@ -63,6 +66,7 @@ Noteworthy changes in version 1.6.0 (unreleased) GCRYCTL_SET_IV REMOVED. GCRYCTL_SET_CTR REMOVED. GCRYCTL_DISABLE_ALGO CHANGED: Not anymore thread-safe. + gcry_pk_genkey CHANGED: ECC curve params not returned. gcry_md_hash_buffers NEW. gcry_buffer_t NEW. GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW. diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 1bd3679..27d2d8e 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -380,7 +380,10 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, for (idx = 0; domain_parms[idx].desc; idx++) if (nbits == domain_parms[idx].nbits && domain_parms[idx].model == MPI_EC_WEIERSTRASS) - break; + { + resname = domain_parms[idx].desc; + break; + } } if (!domain_parms[idx].desc) return GPG_ERR_UNKNOWN_CURVE; @@ -671,7 +674,12 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, goto leave; } - if (!(flags & PUBKEY_FLAG_NOPARAM)) + /* Check whether a curve name was given. */ + l1 = gcry_sexp_find_token (keyparam, "curve", 5); + + /* If we don't have a curve name or if override parameters have + explicitly been requested, parse them. */ + if (!l1 || (flags & PUBKEY_FLAG_PARAM)) { errc = mpi_from_keyparam (&p, keyparam, "p"); if (errc) @@ -690,15 +698,13 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, goto leave; } } + else + l1 = NULL; /* No curvename. */ /* Check whether a curve parameter is available and use that to fill in missing values. If no curve parameter is available try an optional provided curvename. If only the curvename has been given use that one. */ - if (keyparam) - l1 = gcry_sexp_find_token (keyparam, "curve", 5); - else - l1 = NULL; if (l1 || curvename) { char *name; diff --git a/cipher/ecc.c b/cipher/ecc.c index 5578e05..f2a0e82 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -509,43 +509,43 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } - if ((flags & PUBKEY_FLAG_NOPARAM) || (flags & PUBKEY_FLAG_EDDSA)) + if ((flags & PUBKEY_FLAG_PARAM) || (flags & PUBKEY_FLAG_EDDSA)) { rc = gcry_sexp_build (&curve_flags, NULL, - ((flags & PUBKEY_FLAG_NOPARAM) && (flags & PUBKEY_FLAG_EDDSA))? - "(flags noparam eddsa)" : - ((flags & PUBKEY_FLAG_NOPARAM))? - "(flags noparam)" : + ((flags & PUBKEY_FLAG_PARAM) && (flags & PUBKEY_FLAG_EDDSA))? + "(flags param eddsa)" : + ((flags & PUBKEY_FLAG_PARAM))? + "(flags param)" : "(flags eddsa)"); if (rc) goto leave; } - if ((flags & PUBKEY_FLAG_NOPARAM) && E.name) + if ((flags & PUBKEY_FLAG_PARAM) && E.name) rc = gcry_sexp_build (r_skey, NULL, "(key-data" " (public-key" - " (ecc%S%S(q%m)))" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" " (private-key" - " (ecc%S%S(q%m)(d%m)))" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" " )", curve_info, curve_flags, - public, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, curve_info, curve_flags, - public, secret); + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); else rc = gcry_sexp_build (r_skey, NULL, "(key-data" " (public-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" + " (ecc%S%S(q%m)))" " (private-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" + " (ecc%S%S(q%m)(d%m)))" " )", curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, + public, curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); + public, secret); if (rc) goto leave; @@ -713,13 +713,13 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* * Extract the key. */ - if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) - rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d", - &mpi_q, &sk.d, NULL); - else + if ((ctx.flags & PUBKEY_FLAG_PARAM)) rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, &mpi_q, &sk.d, NULL); + else + rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d", + &mpi_q, &sk.d, NULL); if (rc) goto leave; if (mpi_g) @@ -878,13 +878,13 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) /* * Extract the key. */ - if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) - rc = _gcry_sexp_extract_param (s_keyparms, NULL, "/q", - &mpi_q, NULL); - else + if ((ctx.flags & PUBKEY_FLAG_PARAM)) rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q", &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, &mpi_q, NULL); + else + rc = _gcry_sexp_extract_param (s_keyparms, NULL, "/q", + &mpi_q, NULL); if (rc) goto leave; if (mpi_g) diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index a591c0d..3e0b5ef 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -113,6 +113,15 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, encoding = PUBKEY_ENC_PKCS1; flags |= PUBKEY_FLAG_FIXEDLEN; } + else if (!memcmp (s, "param", 5)) + flags |= PUBKEY_FLAG_PARAM; + else if (!igninvflag) + rc = GPG_ERR_INV_FLAG; + break; + + case 6: + if (!memcmp (s, "nocomp", 6)) + flags |= PUBKEY_FLAG_NOCOMP; else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; @@ -121,7 +130,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, if (!memcmp (s, "rfc6979", 7)) flags |= PUBKEY_FLAG_RFC6979; else if (!memcmp (s, "noparam", 7)) - flags |= PUBKEY_FLAG_NOPARAM; + ; /* Ignore - it is the default. */ else if (!igninvflag) rc = GPG_ERR_INV_FLAG; break; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 03ace83..dd65f9a 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2267,15 +2267,11 @@ order to prevent leaking of secret information. Blinding is only implemented by RSA, but it might be implemented by other algorithms in the future as well, when necessary. - at item noparam - at cindex noparam -For ECC key generation do not return the domain parameters but only -the name of the curve. For ECC signing and verification ignore any -provided domain parameters of the public or private key and use only -the curve name. It is more secure to rely on the curve name and thus -use the curve parameters as known by Libgcrypt. This option should -have been the default but for backward compatibility reasons this is -not possible. It is best to always use this flag with ECC keys. + at item param + at cindex param +For ECC key generation also return the domain parameters. For ECC +signing and verification override default parameters by provided +domain parameters of the public or private key. @item transient-key @cindex transient-key @@ -2849,7 +2845,7 @@ is in general not recommended. @example (genkey (ecc - (flags noparam transient-key))) + (flags transient-key))) @end example @item transient-key @@ -2894,12 +2890,12 @@ elliptic curve key generation: (public-key (ecc (curve Ed25519) - (flags noparam eddsa) + (flags eddsa) (q @var{q-value}))) (private-key (ecc (curve Ed25519) - (flags noparam eddsa) + (flags eddsa) (q @var{q-value}) (d @var{d-value})))) @end example diff --git a/src/cipher.h b/src/cipher.h index 5ac891e..d939ade 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -35,10 +35,11 @@ #define PUBKEY_FLAG_USE_X931 (1 << 6) #define PUBKEY_FLAG_USE_FIPS186 (1 << 7) #define PUBKEY_FLAG_USE_FIPS186_2 (1 << 8) -#define PUBKEY_FLAG_NOPARAM (1 << 9) +#define PUBKEY_FLAG_PARAM (1 << 9) #define PUBKEY_FLAG_COMP (1 << 10) -#define PUBKEY_FLAG_EDDSA (1 << 11) -#define PUBKEY_FLAG_GOST (1 << 12) +#define PUBKEY_FLAG_NOCOMP (1 << 11) +#define PUBKEY_FLAG_EDDSA (1 << 12) +#define PUBKEY_FLAG_GOST (1 << 13) enum pk_operation diff --git a/tests/keygen.c b/tests/keygen.c index 5879393..4796b5c 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -376,11 +376,11 @@ check_ecc_keys (void) show ("creating ECC key using curve %s\n", curves[testno]); if (!strcmp (curves[testno], "Ed25519")) rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve %s)(flags noparam eddsa)))", + "(genkey(ecc(curve %s)(flags eddsa)))", curves[testno]); else rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve %s)(flags noparam)))", + "(genkey(ecc(curve %s)(flags )))", curves[testno]); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); @@ -418,7 +418,7 @@ check_ecc_keys (void) if (verbose) show ("creating ECC key using curve Ed25519 for ECDSA\n"); rc = gcry_sexp_build (&keyparm, NULL, - "(genkey(ecc(curve Ed25519)(flags noparam)))"); + "(genkey(ecc(curve Ed25519)(flags)))"); if (rc) die ("error creating S-expression: %s\n", gpg_strerror (rc)); rc = gcry_pk_genkey (&key, keyparm); ----------------------------------------------------------------------- Summary of changes: NEWS | 4 ++++ cipher/ecc-curves.c | 18 ++++++++++++------ cipher/ecc.c | 46 +++++++++++++++++++++++----------------------- cipher/pubkey-util.c | 11 ++++++++++- doc/gcrypt.texi | 32 ++++++++++++++++---------------- src/cipher.h | 7 ++++--- tests/keygen.c | 11 ++++++----- 7 files changed, 75 insertions(+), 54 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 8 17:22:52 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 08 Nov 2013 17:22:52 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-371-ge241dde Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e241dde1420475459e32608137829e52748d0212 (commit) from 9f63c0f7a3b2c15c7e258cd17395cabd0a8f00cc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e241dde1420475459e32608137829e52748d0212 Author: Werner Koch Date: Fri Nov 8 17:21:02 2013 +0100 cipher: Avoid signed divisions in idea.c * cipher/idea.c (mul_inv): Use unsigned division. -- Reported-by: Vladimir '?-coder/phcoder' Serbinenko Hello, all. While compiling in an environment with only libgcc subset for ARM, I found out that idea.c uses signed divisions: Reading the code this seems to be unintended. Inlined patch replaces them with more appropriate unsigned division. Signed-off-by: Werner Koch diff --git a/cipher/idea.c b/cipher/idea.c index 7d91a9a..14234cf 100644 --- a/cipher/idea.c +++ b/cipher/idea.c @@ -72,8 +72,8 @@ mul_inv( u16 x ) if( x < 2 ) return x; - t1 = 0x10001L / x; - y = 0x10001L % x; + t1 = 0x10001UL / x; + y = 0x10001UL % x; if( y == 1 ) return (1-t1) & 0xffff; ----------------------------------------------------------------------- Summary of changes: cipher/idea.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 8 17:43:22 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 08 Nov 2013 17:43:22 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-372-g03aed1a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 03aed1acec611362285db5156a6b92c91604fba4 (commit) from e241dde1420475459e32608137829e52748d0212 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 03aed1acec611362285db5156a6b92c91604fba4 Author: Werner Koch Date: Fri Nov 8 17:41:42 2013 +0100 ecc: Improve gcry_pk_get_curve. * cipher/ecc-curves.c (_gcry_ecc_fill_in_curve): Factor some code out to .. (find_domain_parms_idx): new. (_gcry_ecc_get_curve): Find by curve name on error. -- This change allows the use of an input with just the curve name which can be used to test whether a given curve has been implemented. Is is required because due to the "param" flag change the caller usually does not have the key parameters available. Signed-off-by: Werner Koch diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 27d2d8e..12f539a 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -333,6 +333,36 @@ scanval (const char *string) } +/* Return the index of the domain_parms table for a curve with NAME. + Return -1 if not found. */ +static int +find_domain_parms_idx (const char *name) +{ + int idx, aliasno; + + /* First check our native curves. */ + for (idx = 0; domain_parms[idx].desc; idx++) + if (!strcmp (name, domain_parms[idx].desc)) + return idx; + + /* If not found consult the alias table. */ + if (!domain_parms[idx].desc) + { + for (aliasno = 0; curve_aliases[aliasno].name; aliasno++) + if (!strcmp (name, curve_aliases[aliasno].other)) + break; + if (curve_aliases[aliasno].name) + { + for (idx = 0; domain_parms[idx].desc; idx++) + if (!strcmp (curve_aliases[aliasno].name, domain_parms[idx].desc)) + return idx; + } + } + + return -1; +} + + /* Generate the crypto system setup. This function takes the NAME of a curve or the desired number of bits and stores at R_CURVE the parameters of the named curve or those of a suitable curve. If @@ -345,49 +375,25 @@ gpg_err_code_t _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, elliptic_curve_t *curve, unsigned int *r_nbits) { - int idx, aliasno; + int idx; const char *resname = NULL; /* Set to a found curve name. */ if (name) - { - /* First check our native curves. */ - for (idx = 0; domain_parms[idx].desc; idx++) - if (!strcmp (name, domain_parms[idx].desc)) - { - resname = domain_parms[idx].desc; - break; - } - /* If not found consult the alias table. */ - if (!domain_parms[idx].desc) - { - for (aliasno = 0; curve_aliases[aliasno].name; aliasno++) - if (!strcmp (name, curve_aliases[aliasno].other)) - break; - if (curve_aliases[aliasno].name) - { - for (idx = 0; domain_parms[idx].desc; idx++) - if (!strcmp (curve_aliases[aliasno].name, - domain_parms[idx].desc)) - { - resname = domain_parms[idx].desc; - break; - } - } - } - } + idx = find_domain_parms_idx (name); else { for (idx = 0; domain_parms[idx].desc; idx++) if (nbits == domain_parms[idx].nbits && domain_parms[idx].model == MPI_EC_WEIERSTRASS) - { - resname = domain_parms[idx].desc; - break; - } + break; + if (!domain_parms[idx].desc) + idx = -1; } - if (!domain_parms[idx].desc) + if (idx < 0) return GPG_ERR_UNKNOWN_CURVE; + resname = domain_parms[idx].desc; + /* In fips mode we only support NIST curves. Note that it is possible to bypass this check by specifying the curve parameters directly. */ @@ -440,6 +446,7 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, const char * _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) { + gpg_err_code_t rc; const char *result = NULL; elliptic_curve_t E; gcry_mpi_t mpi_g = NULL; @@ -467,10 +474,39 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) /* * Extract the curve parameters.. */ - if (_gcry_sexp_extract_param (keyparms, NULL, "-pabgn", - &E.p, &E.a, &E.b, &mpi_g, &E.n, - NULL)) + rc = gpg_err_code (_gcry_sexp_extract_param (keyparms, NULL, "-pabgn", + &E.p, &E.a, &E.b, &mpi_g, &E.n, + NULL)); + if (rc == GPG_ERR_NO_OBJ) + { + /* This might be the second use case of checking whether a + specific curve given by name is supported. */ + gcry_sexp_t l1; + char *name; + + l1 = gcry_sexp_find_token (keyparms, "curve", 5); + if (!l1) + goto leave; /* No curve name parameter. */ + + name = _gcry_sexp_nth_string (l1, 1); + gcry_sexp_release (l1); + if (!name) + goto leave; /* Name missing or out of core. */ + + idx = find_domain_parms_idx (name); + gcry_free (name); + if (idx >= 0) /* Curve found. */ + { + result = domain_parms[idx].desc; + if (r_nbits) + *r_nbits = domain_parms[idx].nbits; + } + return result; + } + + if (rc) goto leave; + if (mpi_g) { _gcry_mpi_point_init (&E.G); ----------------------------------------------------------------------- Summary of changes: cipher/ecc-curves.c | 106 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 71 insertions(+), 35 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sat Nov 9 20:05:08 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sat, 09 Nov 2013 20:05:08 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-373-g60ed0ab Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 60ed0abbbc7cb15812f1e713143c72555acea69e (commit) from 03aed1acec611362285db5156a6b92c91604fba4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 60ed0abbbc7cb15812f1e713143c72555acea69e Author: Jussi Kivilinna Date: Sat Nov 9 21:04:14 2013 +0200 Fix tail handling for AES-NI counter mode * cipher/rijndael.c (do_aesni_ctr): Fix outputting of updated counter-IV. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/rijndael.c b/cipher/rijndael.c index cbdbbd8..b5a3d10 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -1369,13 +1369,12 @@ do_aesni_ctr (const RIJNDAEL_context *ctx, #define aesenc_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdc, 0xc1\n\t" #define aesenclast_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdd, 0xc1\n\t" - asm volatile ("movdqa %%xmm5, %%xmm0\n\t" /* xmm0, xmm2 := CTR (xmm5) */ - "movdqa %%xmm0, %%xmm2\n\t" + asm volatile ("movdqa %%xmm5, %%xmm0\n\t" /* xmm0 := CTR (xmm5) */ "pcmpeqd %%xmm1, %%xmm1\n\t" "psrldq $8, %%xmm1\n\t" /* xmm1 = -1 */ - "pshufb %%xmm6, %%xmm2\n\t" - "psubq %%xmm1, %%xmm2\n\t" /* xmm2++ (big endian) */ + "pshufb %%xmm6, %%xmm5\n\t" + "psubq %%xmm1, %%xmm5\n\t" /* xmm5++ (big endian) */ /* detect if 64-bit carry handling is needed */ "cmpl $0xffffffff, 8(%[ctr])\n\t" @@ -1384,12 +1383,12 @@ do_aesni_ctr (const RIJNDAEL_context *ctx, "jne .Lno_carry%=\n\t" "pslldq $8, %%xmm1\n\t" /* move lower 64-bit to high */ - "psubq %%xmm1, %%xmm2\n\t" /* add carry to upper 64bits */ + "psubq %%xmm1, %%xmm5\n\t" /* add carry to upper 64bits */ ".Lno_carry%=:\n\t" - "pshufb %%xmm6, %%xmm2\n\t" - "movdqa %%xmm2, (%[ctr])\n\t" /* Update CTR (mem). */ + "pshufb %%xmm6, %%xmm5\n\t" + "movdqa %%xmm5, (%[ctr])\n\t" /* Update CTR (mem). */ "pxor (%[key]), %%xmm0\n\t" /* xmm1 ^= key[0] */ "movdqa 0x10(%[key]), %%xmm1\n\t" ----------------------------------------------------------------------- Summary of changes: cipher/rijndael.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sat Nov 9 21:20:45 2013 From: cvs at cvs.gnupg.org (by Sergey V) Date: Sat, 09 Nov 2013 21:20:45 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-374-g51501b6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 51501b638546665163bbb85a14308fdb99211a28 (commit) from 60ed0abbbc7cb15812f1e713143c72555acea69e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 51501b638546665163bbb85a14308fdb99211a28 Author: Sergey V Date: Sat Nov 9 20:10:10 2013 +0400 cipher/gost28147: optimization: use precomputed S-box tables * cipher/gost.h (GOST28147_context): Remove unneeded subst and subst_set members. * cipher/gost28147.c (max): Remove unneeded macro. (test_sbox): Replace with new precomputed tables. (gost_set_subst): Remove function. (gost_val): Use new S-box tables. (gost_encrypt_block, gost_decrypt_block): Tweak to use new ctx and S-box tables. -- Use generated 8->8 S-boxes with precomputed bitwise shifts and bitwise rotations. So in the round function gost_val() we no need to do this operations. Before this patch: GOST28147 | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 24.00 ns/B 39.74 MiB/s - c/B ECB dec | 26.41 ns/B 36.11 MiB/s - c/B CBC enc | 24.57 ns/B 38.81 MiB/s - c/B CBC dec | 26.58 ns/B 35.88 MiB/s - c/B CFB enc | 24.79 ns/B 38.46 MiB/s - c/B CFB dec | 24.72 ns/B 38.57 MiB/s - c/B OFB enc | 24.38 ns/B 39.12 MiB/s - c/B OFB dec | 24.35 ns/B 39.16 MiB/s - c/B CTR enc | 24.83 ns/B 38.41 MiB/s - c/B CTR dec | 25.27 ns/B 37.73 MiB/s - c/B After: GOST28147 | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 16.29 ns/B 58.55 MiB/s - c/B ECB dec | 16.30 ns/B 58.50 MiB/s - c/B CBC enc | 16.94 ns/B 56.29 MiB/s - c/B CBC dec | 16.81 ns/B 56.72 MiB/s - c/B CFB enc | 17.13 ns/B 55.66 MiB/s - c/B CFB dec | 16.84 ns/B 56.63 MiB/s - c/B OFB enc | 16.69 ns/B 57.13 MiB/s - c/B OFB dec | 16.71 ns/B 57.08 MiB/s - c/B CTR enc | 17.01 ns/B 56.06 MiB/s - c/B CTR dec | 17.05 ns/B 55.93 MiB/s - c/B Signed-off-by: Sergey V diff --git a/AUTHORS b/AUTHORS index 5cdf4a3..fcc992c 100644 --- a/AUTHORS +++ b/AUTHORS @@ -133,6 +133,9 @@ Jussi Kivilinna Rafa?l Carr? 2012-04-20:4F91988B.1080502 at videolan.org: +Sergey V. +2013-11-07:2066221.5IYa7Yq760 at darkstar: + Tom?? Mr?z 2012-04-16:1334571250.5056.52.camel at vespa.frost.loc: diff --git a/cipher/gost.h b/cipher/gost.h index 42021aa..d058eb2 100644 --- a/cipher/gost.h +++ b/cipher/gost.h @@ -21,9 +21,7 @@ #define _GCRY_GOST_H typedef struct { - u32 subst[4][256]; u32 key[8]; - int subst_set; } GOST28147_context; /* This is a simple interface that will be used by GOST R 34.11-94 */ diff --git a/cipher/gost28147.c b/cipher/gost28147.c index 2bda868..c094209 100644 --- a/cipher/gost28147.c +++ b/cipher/gost28147.c @@ -35,32 +35,273 @@ #include "cipher.h" -#define max(a, b) (((a) > (b)) ? (a) : (b)) - - /* This is an s-box from RFC4357, named GostR3411-94-TestParamSet * For now it is the only s-box supported, as libgcrypt lacks mechanism - * for passing parameters to cipher in a usefull way. */ -unsigned char test_sbox[16 * 8] = { - 0x4, 0xE, 0x5, 0x7, 0x6, 0x4, 0xD, 0x1, - 0xA, 0xB, 0x8, 0xD, 0xC, 0xB, 0xB, 0xF, - 0x9, 0x4, 0x1, 0xA, 0x7, 0xA, 0x4, 0xD, - 0x2, 0xC, 0xD, 0x1, 0x1, 0x0, 0x1, 0x0, - - 0xD, 0x6, 0xA, 0x0, 0x5, 0x7, 0x3, 0x5, - 0x8, 0xD, 0x3, 0x8, 0xF, 0x2, 0xF, 0x7, - 0x0, 0xF, 0x4, 0x9, 0xD, 0x1, 0x5, 0xA, - 0xE, 0xA, 0x2, 0xF, 0x8, 0xD, 0x9, 0x4, - - 0x6, 0x2, 0xE, 0xE, 0x4, 0x3, 0x0, 0x9, - 0xB, 0x3, 0xF, 0x4, 0xA, 0x6, 0xA, 0x2, - 0x1, 0x8, 0xC, 0x6, 0x9, 0x8, 0xE, 0x3, - 0xC, 0x1, 0x7, 0xC, 0xE, 0x5, 0x7, 0xE, - - 0x7, 0x0, 0x6, 0xB, 0x0, 0x9, 0x6, 0x6, - 0xF, 0x7, 0x0, 0x2, 0x3, 0xC, 0x8, 0xB, - 0x5, 0x5, 0x9, 0x5, 0xB, 0xF, 0x2, 0x8, - 0x3, 0x9, 0xB, 0x3, 0x2, 0xE, 0xC, 0xC, + * for passing parameters to cipher in a usefull way. + * S-boxes was modified from 4->4 to 8->8 bits unit with precalculated + * shift and rotation by optimisation reasons. + */ +static const u32 test_sbox[4][256] = { + /* 0 */ + { 0x00072000, 0x00075000, 0x00074800, 0x00071000, + 0x00076800, 0x00074000, 0x00070000, 0x00077000, + 0x00073000, 0x00075800, 0x00070800, 0x00076000, + 0x00073800, 0x00077800, 0x00072800, 0x00071800, + 0x0005a000, 0x0005d000, 0x0005c800, 0x00059000, + 0x0005e800, 0x0005c000, 0x00058000, 0x0005f000, + 0x0005b000, 0x0005d800, 0x00058800, 0x0005e000, + 0x0005b800, 0X0005F800, 0x0005a800, 0x00059800, + 0x00022000, 0x00025000, 0x00024800, 0x00021000, + 0x00026800, 0x00024000, 0x00020000, 0x00027000, + 0X00023000, 0x00025800, 0x00020800, 0x00026000, + 0x00023800, 0x00027800, 0x00022800, 0x00021800, + 0x00062000, 0x00065000, 0x00064800, 0x00061000, + 0x00066800, 0x00064000, 0x00060000, 0x00067000, + 0x00063000, 0x00065800, 0x00060800, 0x00066000, + 0x00063800, 0x00067800, 0x00062800, 0x00061800, + 0x00032000, 0x00035000, 0x00034800, 0x00031000, + 0x00036800, 0x00034000, 0x00030000, 0x00037000, + 0x00033000, 0x00035800, 0x00030800, 0x00036000, + 0x00033800, 0x00037800, 0x00032800, 0x00031800, + 0x0006a000, 0x0006d000, 0x0006c800, 0x00069000, + 0x0006e800, 0x0006c000, 0x00068000, 0x0006f000, + 0x0006b000, 0x0006d800, 0x00068800, 0x0006e000, + 0x0006b800, 0x0006f800, 0x0006a800, 0x00069800, + 0x0007a000, 0x0007d000, 0x0007c800, 0x00079000, + 0x0007e800, 0x0007c000, 0x00078000, 0x0007f000, + 0x0007b000, 0x0007d800, 0x00078800, 0x0007e000, + 0x0007b800, 0x0007f800, 0x0007a800, 0x00079800, + 0x00052000, 0x00055000, 0x00054800, 0x00051000, + 0x00056800, 0x00054000, 0x00050000, 0x00057000, + 0x00053000, 0x00055800, 0x00050800, 0x00056000, + 0x00053800, 0x00057800, 0x00052800, 0x00051800, + 0x00012000, 0x00015000, 0x00014800, 0x00011000, + 0x00016800, 0x00014000, 0x00010000, 0x00017000, + 0x00013000, 0x00015800, 0x00010800, 0x00016000, + 0x00013800, 0x00017800, 0x00012800, 0x00011800, + 0x0001a000, 0x0001d000, 0x0001c800, 0x00019000, + 0x0001e800, 0x0001c000, 0x00018000, 0x0001f000, + 0x0001b000, 0x0001d800, 0x00018800, 0x0001e000, + 0x0001b800, 0x0001f800, 0x0001a800, 0x00019800, + 0x00042000, 0x00045000, 0x00044800, 0x00041000, + 0x00046800, 0x00044000, 0x00040000, 0x00047000, + 0x00043000, 0x00045800, 0x00040800, 0x00046000, + 0x00043800, 0x00047800, 0x00042800, 0x00041800, + 0x0000a000, 0x0000d000, 0x0000c800, 0x00009000, + 0x0000e800, 0x0000c000, 0x00008000, 0x0000f000, + 0x0000b000, 0x0000d800, 0x00008800, 0x0000e000, + 0x0000b800, 0x0000f800, 0x0000a800, 0x00009800, + 0x00002000, 0x00005000, 0x00004800, 0x00001000, + 0x00006800, 0x00004000, 0x00000000, 0x00007000, + 0x00003000, 0x00005800, 0x00000800, 0x00006000, + 0x00003800, 0x00007800, 0x00002800, 0x00001800, + 0x0003a000, 0x0003d000, 0x0003c800, 0x00039000, + 0x0003e800, 0x0003c000, 0x00038000, 0x0003f000, + 0x0003b000, 0x0003d800, 0x00038800, 0x0003e000, + 0x0003b800, 0x0003f800, 0x0003a800, 0x00039800, + 0x0002a000, 0x0002d000, 0x0002c800, 0x00029000, + 0x0002e800, 0x0002c000, 0x00028000, 0x0002f000, + 0x0002b000, 0x0002d800, 0x00028800, 0x0002e000, + 0x0002b800, 0x0002f800, 0x0002a800, 0x00029800, + 0x0004a000, 0x0004d000, 0x0004c800, 0x00049000, + 0x0004e800, 0x0004c000, 0x00048000, 0x0004f000, + 0x0004b000, 0x0004d800, 0x00048800, 0x0004e000, + 0x0004b800, 0x0004f800, 0x0004a800, 0x00049800 }, + /* 1 */ + { 0x03a80000, 0x03c00000, 0x03880000, 0x03e80000, + 0x03d00000, 0x03980000, 0x03a00000, 0x03900000, + 0x03f00000, 0x03f80000, 0x03e00000, 0x03b80000, + 0x03b00000, 0x03800000, 0x03c80000, 0x03d80000, + 0x06a80000, 0x06c00000, 0x06880000, 0x06e80000, + 0x06d00000, 0x06980000, 0x06a00000, 0x06900000, + 0x06f00000, 0x06f80000, 0x06e00000, 0x06b80000, + 0x06b00000, 0x06800000, 0x06c80000, 0x06d80000, + 0x05280000, 0x05400000, 0x05080000, 0x05680000, + 0x05500000, 0x05180000, 0x05200000, 0x05100000, + 0x05700000, 0x05780000, 0x05600000, 0x05380000, + 0x05300000, 0x05000000, 0x05480000, 0x05580000, + 0x00a80000, 0x00c00000, 0x00880000, 0x00e80000, + 0x00d00000, 0x00980000, 0x00a00000, 0x00900000, + 0x00f00000, 0x00f80000, 0x00e00000, 0x00b80000, + 0x00b00000, 0x00800000, 0x00c80000, 0x00d80000, + 0x00280000, 0x00400000, 0x00080000, 0x00680000, + 0x00500000, 0x00180000, 0x00200000, 0x00100000, + 0x00700000, 0x00780000, 0x00600000, 0x00380000, + 0x00300000, 0x00000000, 0x00480000, 0x00580000, + 0x04280000, 0x04400000, 0x04080000, 0x04680000, + 0x04500000, 0x04180000, 0x04200000, 0x04100000, + 0x04700000, 0x04780000, 0x04600000, 0x04380000, + 0x04300000, 0x04000000, 0x04480000, 0x04580000, + 0x04a80000, 0x04c00000, 0x04880000, 0x04e80000, + 0x04d00000, 0x04980000, 0x04a00000, 0x04900000, + 0x04f00000, 0x04f80000, 0x04e00000, 0x04b80000, + 0x04b00000, 0x04800000, 0x04c80000, 0x04d80000, + 0x07a80000, 0x07c00000, 0x07880000, 0x07e80000, + 0x07d00000, 0x07980000, 0x07a00000, 0x07900000, + 0x07f00000, 0x07f80000, 0x07e00000, 0x07b80000, + 0x07b00000, 0x07800000, 0x07c80000, 0x07d80000, + 0x07280000, 0x07400000, 0x07080000, 0x07680000, + 0x07500000, 0x07180000, 0x07200000, 0x07100000, + 0x07700000, 0x07780000, 0x07600000, 0x07380000, + 0x07300000, 0x07000000, 0x07480000, 0x07580000, + 0x02280000, 0x02400000, 0x02080000, 0x02680000, + 0x02500000, 0x02180000, 0x02200000, 0x02100000, + 0x02700000, 0x02780000, 0x02600000, 0x02380000, + 0x02300000, 0x02000000, 0x02480000, 0x02580000, + 0x03280000, 0x03400000, 0x03080000, 0x03680000, + 0x03500000, 0x03180000, 0x03200000, 0x03100000, + 0x03700000, 0x03780000, 0x03600000, 0x03380000, + 0x03300000, 0x03000000, 0x03480000, 0x03580000, + 0x06280000, 0x06400000, 0x06080000, 0x06680000, + 0x06500000, 0x06180000, 0x06200000, 0x06100000, + 0x06700000, 0x06780000, 0x06600000, 0x06380000, + 0x06300000, 0x06000000, 0x06480000, 0x06580000, + 0x05a80000, 0x05c00000, 0x05880000, 0x05e80000, + 0x05d00000, 0x05980000, 0x05a00000, 0x05900000, + 0x05f00000, 0x05f80000, 0x05e00000, 0x05b80000, + 0x05b00000, 0x05800000, 0x05c80000, 0x05d80000, + 0x01280000, 0x01400000, 0x01080000, 0x01680000, + 0x01500000, 0x01180000, 0x01200000, 0x01100000, + 0x01700000, 0x01780000, 0x01600000, 0x01380000, + 0x01300000, 0x01000000, 0x01480000, 0x01580000, + 0x02a80000, 0x02c00000, 0x02880000, 0x02e80000, + 0x02d00000, 0x02980000, 0x02a00000, 0x02900000, + 0x02f00000, 0x02f80000, 0x02e00000, 0x02b80000, + 0x02b00000, 0x02800000, 0x02c80000, 0x02d80000, + 0x01a80000, 0x01c00000, 0x01880000, 0x01e80000, + 0x01d00000, 0x01980000, 0x01a00000, 0x01900000, + 0x01f00000, 0x01f80000, 0x01e00000, 0x01b80000, + 0x01b00000, 0x01800000, 0x01c80000, 0x01d80000 }, + /* 2 */ + { 0x30000002, 0x60000002, 0x38000002, 0x08000002, + 0x28000002, 0x78000002, 0x68000002, 0x40000002, + 0x20000002, 0x50000002, 0x48000002, 0x70000002, + 0x00000002, 0x18000002, 0x58000002, 0x10000002, + 0xb0000005, 0xe0000005, 0xb8000005, 0x88000005, + 0xa8000005, 0xf8000005, 0xe8000005, 0xc0000005, + 0xa0000005, 0xd0000005, 0xc8000005, 0xf0000005, + 0x80000005, 0x98000005, 0xd8000005, 0x90000005, + 0x30000005, 0x60000005, 0x38000005, 0x08000005, + 0x28000005, 0x78000005, 0x68000005, 0x40000005, + 0x20000005, 0x50000005, 0x48000005, 0x70000005, + 0x00000005, 0x18000005, 0x58000005, 0x10000005, + 0x30000000, 0x60000000, 0x38000000, 0x08000000, + 0x28000000, 0x78000000, 0x68000000, 0x40000000, + 0x20000000, 0x50000000, 0x48000000, 0x70000000, + 0x00000000, 0x18000000, 0x58000000, 0x10000000, + 0xb0000003, 0xe0000003, 0xb8000003, 0x88000003, + 0xa8000003, 0xf8000003, 0xe8000003, 0xc0000003, + 0xa0000003, 0xd0000003, 0xc8000003, 0xf0000003, + 0x80000003, 0x98000003, 0xd8000003, 0x90000003, + 0x30000001, 0x60000001, 0x38000001, 0x08000001, + 0x28000001, 0x78000001, 0x68000001, 0x40000001, + 0x20000001, 0x50000001, 0x48000001, 0x70000001, + 0x00000001, 0x18000001, 0x58000001, 0x10000001, + 0xb0000000, 0xe0000000, 0xb8000000, 0x88000000, + 0xa8000000, 0xf8000000, 0xe8000000, 0xc0000000, + 0xa0000000, 0xd0000000, 0xc8000000, 0xf0000000, + 0x80000000, 0x98000000, 0xd8000000, 0x90000000, + 0xb0000006, 0xe0000006, 0xb8000006, 0x88000006, + 0xa8000006, 0xf8000006, 0xe8000006, 0xc0000006, + 0xa0000006, 0xd0000006, 0xc8000006, 0xf0000006, + 0x80000006, 0x98000006, 0xd8000006, 0x90000006, + 0xb0000001, 0xe0000001, 0xb8000001, 0x88000001, + 0xa8000001, 0xf8000001, 0xe8000001, 0xc0000001, + 0xa0000001, 0xd0000001, 0xc8000001, 0xf0000001, + 0x80000001, 0x98000001, 0xd8000001, 0x90000001, + 0x30000003, 0x60000003, 0x38000003, 0x08000003, + 0x28000003, 0x78000003, 0x68000003, 0x40000003, + 0x20000003, 0x50000003, 0x48000003, 0x70000003, + 0x00000003, 0x18000003, 0x58000003, 0x10000003, + 0x30000004, 0x60000004, 0x38000004, 0x08000004, + 0x28000004, 0x78000004, 0x68000004, 0x40000004, + 0x20000004, 0x50000004, 0x48000004, 0x70000004, + 0x00000004, 0x18000004, 0x58000004, 0x10000004, + 0xb0000002, 0xe0000002, 0xb8000002, 0x88000002, + 0xa8000002, 0xf8000002, 0xe8000002, 0xc0000002, + 0xa0000002, 0xd0000002, 0xc8000002, 0xf0000002, + 0x80000002, 0x98000002, 0xd8000002, 0x90000002, + 0xb0000004, 0xe0000004, 0xb8000004, 0x88000004, + 0xa8000004, 0xf8000004, 0xe8000004, 0xc0000004, + 0xa0000004, 0xd0000004, 0xc8000004, 0xf0000004, + 0x80000004, 0x98000004, 0xd8000004, 0x90000004, + 0x30000006, 0x60000006, 0x38000006, 0x08000006, + 0x28000006, 0x78000006, 0x68000006, 0x40000006, + 0x20000006, 0x50000006, 0x48000006, 0x70000006, + 0x00000006, 0x18000006, 0x58000006, 0x10000006, + 0xb0000007, 0xe0000007, 0xb8000007, 0x88000007, + 0xa8000007, 0xf8000007, 0xe8000007, 0xc0000007, + 0xa0000007, 0xd0000007, 0xc8000007, 0xf0000007, + 0x80000007, 0x98000007, 0xd8000007, 0x90000007, + 0x30000007, 0x60000007, 0x38000007, 0x08000007, + 0x28000007, 0x78000007, 0x68000007, 0x40000007, + 0x20000007, 0x50000007, 0x48000007, 0x70000007, + 0x00000007, 0x18000007, 0x58000007, 0x10000007 }, + /* 3 */ + { 0x000000e8, 0x000000d8, 0x000000a0, 0x00000088, + 0x00000098, 0x000000f8, 0x000000a8, 0x000000c8, + 0x00000080, 0x000000d0, 0x000000f0, 0x000000b8, + 0x000000b0, 0x000000c0, 0x00000090, 0x000000e0, + 0x000007e8, 0x000007d8, 0x000007a0, 0x00000788, + 0x00000798, 0x000007f8, 0x000007a8, 0x000007c8, + 0x00000780, 0x000007d0, 0x000007f0, 0x000007b8, + 0x000007b0, 0x000007c0, 0x00000790, 0x000007e0, + 0x000006e8, 0x000006d8, 0x000006a0, 0x00000688, + 0x00000698, 0x000006f8, 0x000006a8, 0x000006c8, + 0x00000680, 0x000006d0, 0x000006f0, 0x000006b8, + 0x000006b0, 0x000006c0, 0x00000690, 0x000006e0, + 0x00000068, 0x00000058, 0x00000020, 0x00000008, + 0x00000018, 0x00000078, 0x00000028, 0x00000048, + 0x00000000, 0x00000050, 0x00000070, 0x00000038, + 0x00000030, 0x00000040, 0x00000010, 0x00000060, + 0x000002e8, 0x000002d8, 0x000002a0, 0x00000288, + 0x00000298, 0x000002f8, 0x000002a8, 0x000002c8, + 0x00000280, 0x000002d0, 0x000002f0, 0x000002b8, + 0x000002b0, 0x000002c0, 0x00000290, 0x000002e0, + 0x000003e8, 0x000003d8, 0x000003a0, 0x00000388, + 0x00000398, 0x000003f8, 0x000003a8, 0x000003c8, + 0x00000380, 0x000003d0, 0x000003f0, 0x000003b8, + 0x000003b0, 0x000003c0, 0x00000390, 0x000003e0, + 0x00000568, 0x00000558, 0x00000520, 0x00000508, + 0x00000518, 0x00000578, 0x00000528, 0x00000548, + 0x00000500, 0x00000550, 0x00000570, 0x00000538, + 0x00000530, 0x00000540, 0x00000510, 0x00000560, + 0x00000268, 0x00000258, 0x00000220, 0x00000208, + 0x00000218, 0x00000278, 0x00000228, 0x00000248, + 0x00000200, 0x00000250, 0x00000270, 0x00000238, + 0x00000230, 0x00000240, 0x00000210, 0x00000260, + 0x000004e8, 0x000004d8, 0x000004a0, 0x00000488, + 0x00000498, 0x000004f8, 0x000004a8, 0x000004c8, + 0x00000480, 0x000004d0, 0x000004f0, 0x000004b8, + 0x000004b0, 0x000004c0, 0x00000490, 0x000004e0, + 0x00000168, 0x00000158, 0x00000120, 0x00000108, + 0x00000118, 0x00000178, 0x00000128, 0x00000148, + 0x00000100, 0x00000150, 0x00000170, 0x00000138, + 0x00000130, 0x00000140, 0x00000110, 0x00000160, + 0x000001e8, 0x000001d8, 0x000001a0, 0x00000188, + 0x00000198, 0x000001f8, 0x000001a8, 0x000001c8, + 0x00000180, 0x000001d0, 0x000001f0, 0x000001b8, + 0x000001b0, 0x000001c0, 0x00000190, 0x000001e0, + 0x00000768, 0x00000758, 0x00000720, 0x00000708, + 0x00000718, 0x00000778, 0x00000728, 0x00000748, + 0x00000700, 0x00000750, 0x00000770, 0x00000738, + 0x00000730, 0x00000740, 0x00000710, 0x00000760, + 0x00000368, 0x00000358, 0x00000320, 0x00000308, + 0x00000318, 0x00000378, 0x00000328, 0x00000348, + 0x00000300, 0x00000350, 0x00000370, 0x00000338, + 0x00000330, 0x00000340, 0x00000310, 0x00000360, + 0x000005e8, 0x000005d8, 0x000005a0, 0x00000588, + 0x00000598, 0x000005f8, 0x000005a8, 0x000005c8, + 0x00000580, 0x000005d0, 0x000005f0, 0x000005b8, + 0x000005b0, 0x000005c0, 0x00000590, 0x000005e0, + 0x00000468, 0x00000458, 0x00000420, 0x00000408, + 0x00000418, 0x00000478, 0x00000428, 0x00000448, + 0x00000400, 0x00000450, 0x00000470, 0x00000438, + 0x00000430, 0x00000440, 0x00000410, 0x00000460, + 0x00000668, 0x00000658, 0x00000620, 0x00000608, + 0x00000618, 0x00000678, 0x00000628, 0x00000648, + 0x00000600, 0x00000650, 0x00000670, 0x00000638, + 0x00000630, 0x00000640, 0x00000610, 0x00000660 } }; #include "gost.h" @@ -84,30 +325,15 @@ gost_setkey (void *c, const byte *key, unsigned keylen) return GPG_ERR_NO_ERROR; } -static void -gost_set_subst (GOST28147_context *ctx, unsigned char *sbox) -{ - unsigned i, j; - for (i = 0; i < 4; i++) - { - for (j = 0; j < 256; j++) - { - ctx->subst[i][j] = sbox[ (j & 0xf) * 8 + 2 * i + 0] | - (sbox[ (j >> 4) * 8 + 2 * i + 1] << 4); - } - } - ctx->subst_set = 1; -} - static u32 gost_val (GOST28147_context *ctx, u32 cm1, int subkey) { cm1 += ctx->key[subkey]; - cm1 = (ctx->subst[0][ (cm1 >> 0) & 0xff] << 0) | - (ctx->subst[1][ (cm1 >> 8) & 0xff] << 8) | - (ctx->subst[2][ (cm1 >> 16) & 0xff] << 16) | - (ctx->subst[3][ (cm1 >> 24) & 0xff] << 24); - return (cm1 << 11) | (cm1 >> 21); + cm1 = test_sbox[0][ (cm1 >> 0) & 0xff] | + test_sbox[1][ (cm1 >> 8) & 0xff] | + test_sbox[2][ (cm1 >> 16) & 0xff] | + test_sbox[3][ (cm1 >> 24) & 0xff]; + return cm1; } static unsigned int @@ -116,9 +342,6 @@ gost_encrypt_block (void *c, byte *outbuf, const byte *inbuf) GOST28147_context *ctx = c; u32 n1, n2; - if (!ctx->subst_set) - gost_set_subst (ctx, test_sbox); - n1 = (inbuf[0] << 0) | (inbuf[1] << 8) | (inbuf[2] << 16) | @@ -159,9 +382,7 @@ gost_encrypt_block (void *c, byte *outbuf, const byte *inbuf) return /* burn_stack */ 4*sizeof(void*) /* func call */ + 3*sizeof(void*) /* stack */ + - max( 4*sizeof(void*) /* gost_val call */, - 3*sizeof(void*) /* gost_set_subst call */ + - 2*sizeof(void*) /* gost_set subst stack*/ ); + 4*sizeof(void*) /* gost_val call */; } unsigned int _gcry_gost_enc_one (GOST28147_context *c, const byte *key, @@ -177,9 +398,6 @@ gost_decrypt_block (void *c, byte *outbuf, const byte *inbuf) GOST28147_context *ctx = c; u32 n1, n2; - if (!ctx->subst_set) - gost_set_subst (ctx, test_sbox); - n1 = (inbuf[0] << 0) | (inbuf[1] << 8) | (inbuf[2] << 16) | @@ -220,9 +438,7 @@ gost_decrypt_block (void *c, byte *outbuf, const byte *inbuf) return /* burn_stack */ 4*sizeof(void*) /* func call */ + 3*sizeof(void*) /* stack */ + - max( 4*sizeof(void*) /* gost_val call */, - 3*sizeof(void*) /* gost_set_subst call */ + - 2*sizeof(void*) /* gost_set subst stack*/ ); + 4*sizeof(void*) /* gost_val call */; } gcry_cipher_spec_t _gcry_cipher_spec_gost28147 = ----------------------------------------------------------------------- Summary of changes: AUTHORS | 3 + cipher/gost.h | 2 - cipher/gost28147.c | 328 +++++++++++++++++++++++++++++++++++++++++++--------- 3 files changed, 275 insertions(+), 58 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sat Nov 9 21:45:39 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sat, 09 Nov 2013 21:45:39 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-375-gdf29831 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via df29831d008e32faf74091d080a415731418d158 (commit) from 51501b638546665163bbb85a14308fdb99211a28 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit df29831d008e32faf74091d080a415731418d158 Author: Jussi Kivilinna Date: Sat Nov 9 22:39:19 2013 +0200 Fix Serpent-AVX2 and Camellia-AVX2 counter modes * cipher/camellia-aesni-avx2-amd64.S (_gcry_camellia_aesni_avx2_ctr_enc): Byte-swap before checking for overflow handling. * cipher/camellia-glue.c (selftest_ctr_128, selftest_cfb_128) (selftest_cbc_128): Add 16 to nblocks. * cipher/cipher-selftest.c (_gcry_selftest_helper_ctr): Add test with non-overflowing IV and modify overflow IV to detect broken endianness handling. * cipher/serpent-avx2-amd64.S (_gcry_serpent_avx2_ctr_enc): Byte-swap before checking for overflow handling; Fix crazy-mixed-endian IV construction to big-endian. * cipher/serpent.c (selftest_ctr_128, selftest_cfb_128) (selftest_cbc_128): Add 8 to nblocks. -- The selftest for CTR was setting counter-IV to all '0xff' except last byte. This had the effect that even with broken endianness handling Serpent-AVX2 and Camellia-AVX2 passed the tests. Patch corrects the CTR selftest and fixes the broken implementations. Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-aesni-avx2-amd64.S b/cipher/camellia-aesni-avx2-amd64.S index f0a4fd8..78ef2d6 100644 --- a/cipher/camellia-aesni-avx2-amd64.S +++ b/cipher/camellia-aesni-avx2-amd64.S @@ -937,6 +937,9 @@ _gcry_camellia_aesni_avx2_ctr_enc: * %rcx: iv (big endian, 128bit) */ + movq 8(%rcx), %r11; + bswapq %r11; + vzeroupper; movq %rsp, %r10; @@ -958,7 +961,7 @@ _gcry_camellia_aesni_avx2_ctr_enc: vmovdqa %ymm13, 15 * 32(%rax); /* check need for handling 64-bit overflow and carry */ - cmpq $(0xffffffffffffffff - 32), (%rcx); + cmpq $(0xffffffffffffffff - 32), %r11; ja .Lload_ctr_carry; /* construct IVs */ diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c index 42b62d2..b7ae0fc 100644 --- a/cipher/camellia-glue.c +++ b/cipher/camellia-glue.c @@ -537,7 +537,7 @@ _gcry_camellia_cfb_dec(void *context, unsigned char *iv, static const char* selftest_ctr_128 (void) { - const int nblocks = 32+1; + const int nblocks = 32+16+1; const int blocksize = CAMELLIA_BLOCK_SIZE; const int context_size = sizeof(CAMELLIA_context); @@ -551,7 +551,7 @@ selftest_ctr_128 (void) static const char* selftest_cbc_128 (void) { - const int nblocks = 32+2; + const int nblocks = 32+16+2; const int blocksize = CAMELLIA_BLOCK_SIZE; const int context_size = sizeof(CAMELLIA_context); @@ -565,7 +565,7 @@ selftest_cbc_128 (void) static const char* selftest_cfb_128 (void) { - const int nblocks = 32+2; + const int nblocks = 32+16+2; const int blocksize = CAMELLIA_BLOCK_SIZE; const int context_size = sizeof(CAMELLIA_context); diff --git a/cipher/cipher-selftest.c b/cipher/cipher-selftest.c index 17742e3..8e58150 100644 --- a/cipher/cipher-selftest.c +++ b/cipher/cipher-selftest.c @@ -286,7 +286,8 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, const int context_size) { int i, j, offs, diff; - unsigned char *ctx, *plaintext, *plaintext2, *ciphertext, *iv, *iv2, *mem; + unsigned char *ctx, *plaintext, *plaintext2, *ciphertext, *ciphertext2, + *iv, *iv2, *mem; unsigned int ctx_aligned_size, memsize; static const unsigned char key[16] ATTR_ALIGNED_16 = { @@ -299,7 +300,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, ctx_aligned_size = context_size + 15; ctx_aligned_size -= ctx_aligned_size & 0xf; - memsize = ctx_aligned_size + (blocksize * 2) + (blocksize * nblocks * 3) + 16; + memsize = ctx_aligned_size + (blocksize * 2) + (blocksize * nblocks * 4) + 16; mem = gcry_calloc (1, memsize); if (!mem) @@ -312,6 +313,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, plaintext = iv2 + blocksize; plaintext2 = plaintext + nblocks * blocksize; ciphertext = plaintext2 + nblocks * blocksize; + ciphertext2 = ciphertext + nblocks * blocksize; /* Initialize ctx */ setkey_func (ctx, key, sizeof(key)); @@ -357,10 +359,64 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, return "selftest for CTR failed - see syslog for details"; } - /* Test parallelized code paths */ + /* Test bulk encryption with typical IV. */ + memset(iv, 0x57, blocksize-4); + iv[blocksize-1] = 1; + iv[blocksize-2] = 0; + iv[blocksize-3] = 0; + iv[blocksize-4] = 0; + memset(iv2, 0x57, blocksize-4); + iv2[blocksize-1] = 1; + iv2[blocksize-2] = 0; + iv2[blocksize-3] = 0; + iv2[blocksize-4] = 0; + + for (i = 0; i < blocksize * nblocks; i++) + plaintext2[i] = plaintext[i] = i; + + /* Create CTR ciphertext manually. */ + for (i = 0; i < blocksize * nblocks; i+=blocksize) + { + encrypt_one (ctx, &ciphertext[i], iv); + for (j = 0; j < blocksize; j++) + ciphertext[i+j] ^= plaintext[i+j]; + for (j = blocksize; j > 0; j--) + { + iv[j-1]++; + if (iv[j-1]) + break; + } + } + + bulk_ctr_enc (ctx, iv2, ciphertext2, plaintext2, nblocks); + + if (memcmp (ciphertext2, ciphertext, blocksize * nblocks)) + { + gcry_free (mem); +#ifdef HAVE_SYSLOG + syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " + "%s-CTR-%d test failed (plaintext mismatch, bulk)", cipher, + blocksize * 8); +#endif + return "selftest for CTR failed - see syslog for details"; + } + if (memcmp(iv2, iv, blocksize)) + { + gcry_free (mem); +#ifdef HAVE_SYSLOG + syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " + "%s-CTR-%d test failed (IV mismatch, bulk)", cipher, + blocksize * 8); +#endif + return "selftest for CTR failed - see syslog for details"; + } + + /* Test parallelized code paths (check counter overflow handling) */ for (diff = 0; diff < nblocks; diff++) { memset(iv, 0xff, blocksize); iv[blocksize-1] -= diff; + iv[0] = iv[1] = 0; + iv[2] = 0x07; for (i = 0; i < blocksize * nblocks; i++) plaintext[i] = i; @@ -382,6 +438,8 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, /* Decrypt using bulk CTR and compare result. */ memset(iv2, 0xff, blocksize); iv2[blocksize-1] -= diff; + iv2[0] = iv2[1] = 0; + iv2[2] = 0x07; bulk_ctr_enc (ctx, iv2, plaintext2, ciphertext, nblocks); @@ -389,7 +447,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, { gcry_free (mem); #ifdef HAVE_SYSLOG - syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " + fprintf(stderr, "Libgcrypt warning: " "%s-CTR-%d test failed (plaintext mismatch, diff: %d)", cipher, blocksize * 8, diff); #endif @@ -399,7 +457,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, { gcry_free (mem); #ifdef HAVE_SYSLOG - syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " + fprintf(stderr, "Libgcrypt warning: " "%s-CTR-%d test failed (IV mismatch, diff: %d)", cipher, blocksize * 8, diff); #endif diff --git a/cipher/serpent-avx2-amd64.S b/cipher/serpent-avx2-amd64.S index 532361d..3177574 100644 --- a/cipher/serpent-avx2-amd64.S +++ b/cipher/serpent-avx2-amd64.S @@ -598,6 +598,9 @@ _gcry_serpent_avx2_ctr_enc: * %rcx: iv (big endian, 128bit) */ + movq 8(%rcx), %rax; + bswapq %rax; + vzeroupper; vbroadcasti128 .Lbswap128_mask RIP, RTMP3; @@ -614,25 +617,25 @@ _gcry_serpent_avx2_ctr_enc: vpshufb RTMP3, RTMP0, RA0; /* +1 ; +0 */ /* check need for handling 64-bit overflow and carry */ - cmpq $(0xffffffffffffffff - 16), (%rcx); + cmpq $(0xffffffffffffffff - 16), %rax; ja .Lhandle_ctr_carry; /* construct IVs */ - vpsubq RTMP2, RTMP0, RA1; /* +3 ; +2 */ - vpshufb RTMP3, RA1, RA1; - vpsubq RTMP2, RA1, RA2; /* +5 ; +4 */ - vpshufb RTMP3, RA2, RA2; - vpsubq RTMP2, RA2, RA3; /* +7 ; +6 */ - vpshufb RTMP3, RA3, RA3; - vpsubq RTMP2, RA3, RB0; /* +9 ; +8 */ - vpshufb RTMP3, RB0, RB0; - vpsubq RTMP2, RB0, RB1; /* +11 ; +10 */ - vpshufb RTMP3, RB1, RB1; - vpsubq RTMP2, RB1, RB2; /* +13 ; +12 */ - vpshufb RTMP3, RB2, RB2; - vpsubq RTMP2, RB2, RB3; /* +15 ; +14 */ - vpshufb RTMP3, RB3, RB3; - vpsubq RTMP2, RB3, RTMP0; /* +16 */ + vpsubq RTMP2, RTMP0, RTMP0; /* +3 ; +2 */ + vpshufb RTMP3, RTMP0, RA1; + vpsubq RTMP2, RTMP0, RTMP0; /* +5 ; +4 */ + vpshufb RTMP3, RTMP0, RA2; + vpsubq RTMP2, RTMP0, RTMP0; /* +7 ; +6 */ + vpshufb RTMP3, RTMP0, RA3; + vpsubq RTMP2, RTMP0, RTMP0; /* +9 ; +8 */ + vpshufb RTMP3, RTMP0, RB0; + vpsubq RTMP2, RTMP0, RTMP0; /* +11 ; +10 */ + vpshufb RTMP3, RTMP0, RB1; + vpsubq RTMP2, RTMP0, RTMP0; /* +13 ; +12 */ + vpshufb RTMP3, RTMP0, RB2; + vpsubq RTMP2, RTMP0, RTMP0; /* +15 ; +14 */ + vpshufb RTMP3, RTMP0, RB3; + vpsubq RTMP2, RTMP0, RTMP0; /* +16 */ vpshufb RTMP3x, RTMP0x, RTMP0x; jmp .Lctr_carry_done; diff --git a/cipher/serpent.c b/cipher/serpent.c index 4a24ddd..915cc95 100644 --- a/cipher/serpent.c +++ b/cipher/serpent.c @@ -1158,7 +1158,7 @@ _gcry_serpent_cfb_dec(void *context, unsigned char *iv, static const char* selftest_ctr_128 (void) { - const int nblocks = 16+1; + const int nblocks = 16+8+1; const int blocksize = sizeof(serpent_block_t); const int context_size = sizeof(serpent_context_t); @@ -1173,7 +1173,7 @@ selftest_ctr_128 (void) static const char* selftest_cbc_128 (void) { - const int nblocks = 16+2; + const int nblocks = 16+8+2; const int blocksize = sizeof(serpent_block_t); const int context_size = sizeof(serpent_context_t); @@ -1188,7 +1188,7 @@ selftest_cbc_128 (void) static const char* selftest_cfb_128 (void) { - const int nblocks = 16+2; + const int nblocks = 16+8+2; const int blocksize = sizeof(serpent_block_t); const int context_size = sizeof(serpent_context_t); ----------------------------------------------------------------------- Summary of changes: cipher/camellia-aesni-avx2-amd64.S | 5 ++- cipher/camellia-glue.c | 6 ++-- cipher/cipher-selftest.c | 68 +++++++++++++++++++++++++++++++++--- cipher/serpent-avx2-amd64.S | 35 ++++++++++--------- cipher/serpent.c | 6 ++-- 5 files changed, 92 insertions(+), 28 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sun Nov 10 20:36:46 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sun, 10 Nov 2013 20:36:46 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-376-g7b26586 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 7b26586e35a6d407ca31b41528b0810b1408fd4b (commit) from df29831d008e32faf74091d080a415731418d158 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7b26586e35a6d407ca31b41528b0810b1408fd4b Author: Jussi Kivilinna Date: Sun Nov 10 21:32:29 2013 +0200 Fix error output in CTR selftest * cipher/cipher-selftest.c (_gcry_selftest_helper_ctr): Change fprintf(stderr,...) to syslog(); Correct error output for bulk IV check, plaintext mismatch => ciphertext mismatch. -- The 'fprintf's were debugging leftover that leaked into commit. Signed-off-by: Jussi Kivilinna diff --git a/cipher/cipher-selftest.c b/cipher/cipher-selftest.c index 8e58150..bc8cf98 100644 --- a/cipher/cipher-selftest.c +++ b/cipher/cipher-selftest.c @@ -395,7 +395,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, gcry_free (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " - "%s-CTR-%d test failed (plaintext mismatch, bulk)", cipher, + "%s-CTR-%d test failed (ciphertext mismatch, bulk)", cipher, blocksize * 8); #endif return "selftest for CTR failed - see syslog for details"; @@ -447,7 +447,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, { gcry_free (mem); #ifdef HAVE_SYSLOG - fprintf(stderr, "Libgcrypt warning: " + syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (plaintext mismatch, diff: %d)", cipher, blocksize * 8, diff); #endif @@ -457,7 +457,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, { gcry_free (mem); #ifdef HAVE_SYSLOG - fprintf(stderr, "Libgcrypt warning: " + syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (IV mismatch, diff: %d)", cipher, blocksize * 8, diff); #endif ----------------------------------------------------------------------- Summary of changes: cipher/cipher-selftest.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 11 08:46:40 2013 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Mon, 11 Nov 2013 08:46:40 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-9-g07d7015 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 07d7015e4dcb8a2439ed781928495632ec0b4fa3 (commit) from 04e5feea8b62e866520b2d24b6d2fa076bf2b286 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 07d7015e4dcb8a2439ed781928495632ec0b4fa3 Author: NIIBE Yutaka Date: Mon Nov 11 16:41:43 2013 +0900 scd: more pinpad fix. * scd/apdu.c (check_pcsc_pinpad): Set ->minlen and ->maxlen only when those are specified. (pcsc_pinpad_modify): Remove old check code. -- cherry picked from master. diff --git a/scd/apdu.c b/scd/apdu.c index dc186b5..49ece0b 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -2206,8 +2206,11 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo) { int r; - pininfo->minlen = reader_table[slot].pcsc.pinmin; - pininfo->maxlen = reader_table[slot].pcsc.pinmax; + if (reader_table[slot].pcsc.pinmin >= 0) + pininfo->minlen = reader_table[slot].pcsc.pinmin; + + if (reader_table[slot].pcsc.pinmax >= 0) + pininfo->maxlen = reader_table[slot].pcsc.pinmax; if ((command == ISO7816_VERIFY && reader_table[slot].pcsc.verify_ioctl != 0) || (command == ISO7816_CHANGE_REFERENCE_DATA @@ -2330,12 +2333,6 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1, if (!pininfo->maxlen) pininfo->maxlen = 15; - /* Note that the 25 is the maximum value the SPR532 allows. */ - if (pininfo->minlen < 1 || pininfo->minlen > 25 - || pininfo->maxlen < 1 || pininfo->maxlen > 25 - || pininfo->minlen > pininfo->maxlen) - return SW_HOST_INV_VALUE; - pin_modify = xtrymalloc (len); if (!pin_modify) return SW_HOST_OUT_OF_CORE; ----------------------------------------------------------------------- Summary of changes: scd/apdu.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 11 08:46:41 2013 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Mon, 11 Nov 2013 08:46:41 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-259-g037dea9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 037dea9dd5eac7a74df0e12cb437e71fb0732afa (commit) from 32989ad2b152d18198d718bc2c7232ce3e79c72f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 037dea9dd5eac7a74df0e12cb437e71fb0732afa Author: NIIBE Yutaka Date: Mon Nov 11 16:41:43 2013 +0900 scd: more pinpad fix. * scd/apdu.c (check_pcsc_pinpad): Set ->minlen and ->maxlen only when those are specified. (pcsc_pinpad_modify): Remove old check code. -- GnuPG-bug-id: 1549 diff --git a/scd/apdu.c b/scd/apdu.c index e0127d8..961c419 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -2177,8 +2177,11 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo) { int r; - pininfo->minlen = reader_table[slot].pcsc.pinmin; - pininfo->maxlen = reader_table[slot].pcsc.pinmax; + if (reader_table[slot].pcsc.pinmin >= 0) + pininfo->minlen = reader_table[slot].pcsc.pinmin; + + if (reader_table[slot].pcsc.pinmax >= 0) + pininfo->maxlen = reader_table[slot].pcsc.pinmax; if ((command == ISO7816_VERIFY && reader_table[slot].pcsc.verify_ioctl != 0) || (command == ISO7816_CHANGE_REFERENCE_DATA @@ -2303,12 +2306,6 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1, if (!pininfo->maxlen) pininfo->maxlen = 15; - /* Note that the 25 is the maximum value the SPR532 allows. */ - if (pininfo->minlen < 1 || pininfo->minlen > 25 - || pininfo->maxlen < 1 || pininfo->maxlen > 25 - || pininfo->minlen > pininfo->maxlen) - return SW_HOST_INV_VALUE; - pin_modify = xtrymalloc (len); if (!pin_modify) return SW_HOST_OUT_OF_CORE; ----------------------------------------------------------------------- Summary of changes: scd/apdu.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 11 19:50:14 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 11 Nov 2013 19:50:14 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-378-g4fb3c8e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 4fb3c8e5a7fc6a1568f54bcc0be17fecf75e0742 (commit) via 8b3eecee2d89179297e43de7d650f74759c61a58 (commit) from 7b26586e35a6d407ca31b41528b0810b1408fd4b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4fb3c8e5a7fc6a1568f54bcc0be17fecf75e0742 Author: Werner Koch Date: Mon Nov 11 19:14:40 2013 +0100 ecc: Change keygrip computation for Ed25519+EdDSA. * cipher/ecc.c (compute_keygrip): Rework. * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_ensure_compact): New. * cipher/ecc-curves.c (_gcry_ecc_update_curve_param): New. * tests/keygrip.c (key_grips): Add flag param and test cases for Ed25519. -- The keygrip for Ed25519+EdDSA has not yet been used - thus it is possible to change it. Using the compact representation saves us the recovering of x from the standard representation. Compacting is basically free. diff --git a/cipher/ecc-common.h b/cipher/ecc-common.h index 93fd449..0cecdc3 100644 --- a/cipher/ecc-common.h +++ b/cipher/ecc-common.h @@ -70,6 +70,12 @@ gpg_err_code_t _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, elliptic_curve_t *curve, unsigned int *r_nbits); +gpg_err_code_t _gcry_ecc_update_curve_param (const char *name, + enum gcry_mpi_ec_models *model, + enum ecc_dialects *dialect, + gcry_mpi_t *p, gcry_mpi_t *a, + gcry_mpi_t *b, gcry_mpi_t *g, + gcry_mpi_t *n); const char *_gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, @@ -103,6 +109,8 @@ gpg_err_code_t _gcry_ecc_eddsa_encodepoint (mpi_point_t point, mpi_ec_t ctx, gcry_mpi_t x, gcry_mpi_t y, unsigned char **r_buffer, unsigned int *r_buflen); +gpg_err_code_t _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, + unsigned int nbits); gpg_err_code_t _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, unsigned char **r_encpk, diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 98fbf0c..8c63f6c 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -441,6 +441,56 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, } +/* Give the name of the curve NAME, store the curve parameters into P, + A, B, G, and N if they pint to NULL value. Note that G is returned + in standard uncompressed format. Also update MODEL and DIALECT if + they are not NULL. */ +gpg_err_code_t +_gcry_ecc_update_curve_param (const char *name, + enum gcry_mpi_ec_models *model, + enum ecc_dialects *dialect, + gcry_mpi_t *p, gcry_mpi_t *a, gcry_mpi_t *b, + gcry_mpi_t *g, gcry_mpi_t *n) +{ + int idx; + + idx = find_domain_parms_idx (name); + if (idx < 0) + return GPG_ERR_UNKNOWN_CURVE; + + if (g) + { + char *buf; + size_t len; + + len = 4; + len += strlen (domain_parms[idx].g_x+2); + len += strlen (domain_parms[idx].g_y+2); + len++; + buf = gcry_malloc (len); + if (!buf) + return gpg_err_code_from_syserror (); + strcpy (stpcpy (stpcpy (buf, "0x04"), domain_parms[idx].g_x+2), + domain_parms[idx].g_y+2); + *g = scanval (buf); + gcry_free (buf); + } + if (model) + *model = domain_parms[idx].model; + if (dialect) + *dialect = domain_parms[idx].dialect; + if (p) + *p = scanval (domain_parms[idx].p); + if (a) + *a = scanval (domain_parms[idx].a); + if (b) + *b = scanval (domain_parms[idx].b); + if (n) + *n = scanval (domain_parms[idx].n); + return 0; +} + + /* Return the name matching the parameters in PKEY. This works only with curves described by the Weierstrass equation. */ const char * diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index d83b7c6..b9e866d 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -136,6 +136,54 @@ _gcry_ecc_eddsa_encodepoint (mpi_point_t point, mpi_ec_t ec, } +/* Make sure that the opaque MPI VALUE is in compact EdDSA format. + This function updates MPI if needed. */ +gpg_err_code_t +_gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, unsigned int nbits) +{ + gpg_err_code_t rc; + const unsigned char *buf; + unsigned int rawmpilen; + gcry_mpi_t x, y; + unsigned char *enc; + unsigned int enclen; + + if (!mpi_is_opaque (value)) + return GPG_ERR_INV_OBJ; + buf = gcry_mpi_get_opaque (value, &rawmpilen); + if (!buf) + return GPG_ERR_INV_OBJ; + rawmpilen = (rawmpilen + 7)/8; + + /* Check whether the public key has been given in standard + uncompressed format. In this case extract y and compress. */ + if (rawmpilen > 1 && buf[0] == 0x04 && (rawmpilen%2)) + { + rc = gcry_mpi_scan (&x, GCRYMPI_FMT_STD, + buf+1, (rawmpilen-1)/2, NULL); + if (rc) + return rc; + rc = gcry_mpi_scan (&y, GCRYMPI_FMT_STD, + buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL); + if (rc) + { + mpi_free (x); + return rc; + } + + rc = eddsa_encode_x_y (x, y, nbits/8, &enc, &enclen); + mpi_free (x); + mpi_free (y); + if (rc) + return rc; + + gcry_mpi_set_opaque (value, enc, 8*enclen); + } + + return 0; +} + + /* Recover X from Y and SIGN (which actually is a parity bit). */ gpg_err_code_t _gcry_ecc_eddsa_recover_x (gcry_mpi_t x, gcry_mpi_t y, int sign, mpi_ec_t ec) diff --git a/cipher/ecc.c b/cipher/ecc.c index d62f555..b9af185 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1428,65 +1428,87 @@ ecc_get_nbits (gcry_sexp_t parms) /* See rsa.c for a description of this function. */ static gpg_err_code_t -compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparam) +compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) { #define N_COMPONENTS 6 static const char names[N_COMPONENTS+1] = "pabgnq"; - gpg_err_code_t ec = 0; + gpg_err_code_t rc; gcry_sexp_t l1; gcry_mpi_t values[N_COMPONENTS]; int idx; + char *curvename = NULL; + int flags = 0; + enum gcry_mpi_ec_models model = 0; + enum ecc_dialects dialect = 0; - /* Clear the values for easier error cleanup. */ + /* Clear the values first. */ for (idx=0; idx < N_COMPONENTS; idx++) values[idx] = NULL; - /* Fill values with all provided parameters. */ - for (idx=0; idx < N_COMPONENTS; idx++) + + /* Look for flags. */ + l1 = gcry_sexp_find_token (keyparms, "flags", 0); + if (l1) { - l1 = gcry_sexp_find_token (keyparam, names+idx, 1); - if (l1) - { - values[idx] = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l1); - if (!values[idx]) - { - ec = GPG_ERR_INV_OBJ; - goto leave; - } - } + rc = _gcry_pk_util_parse_flaglist (l1, &flags, NULL); + if (rc) + goto leave; + } + + /* Extract the parameters. */ + if ((flags & PUBKEY_FLAG_PARAM)) + { + if ((flags & PUBKEY_FLAG_EDDSA)) + rc = _gcry_sexp_extract_param (keyparms, NULL, "p?a?b?g?n?/q", + &values[0], &values[1], &values[2], + &values[3], &values[4], &values[5], + NULL); + else + rc = _gcry_sexp_extract_param (keyparms, NULL, "p?a?b?g?n?q", + &values[0], &values[1], &values[2], + &values[3], &values[4], &values[5], + NULL); + } + else + { + if ((flags & PUBKEY_FLAG_EDDSA)) + rc = _gcry_sexp_extract_param (keyparms, NULL, "/q", + &values[5], NULL); + else + rc = _gcry_sexp_extract_param (keyparms, NULL, "q", + &values[5], NULL); } + if (rc) + goto leave; /* Check whether a curve parameter is available and use that to fill in missing values. */ - l1 = gcry_sexp_find_token (keyparam, "curve", 5); + gcry_sexp_release (l1); + l1 = gcry_sexp_find_token (keyparms, "curve", 5); if (l1) { - char *curve; - gcry_mpi_t tmpvalues[N_COMPONENTS]; - - for (idx = 0; idx < N_COMPONENTS; idx++) - tmpvalues[idx] = NULL; - - curve = _gcry_sexp_nth_string (l1, 1); - gcry_sexp_release (l1); - if (!curve) + curvename = gcry_sexp_nth_string (l1, 1); + if (curvename) { - ec = GPG_ERR_INV_OBJ; /* Name missing or out of core. */ - goto leave; + rc = _gcry_ecc_update_curve_param (curvename, + &model, &dialect, + &values[0], &values[1], &values[2], + &values[3], &values[4]); + if (rc) + return rc; } - ec = _gcry_ecc_get_param (curve, tmpvalues); - gcry_free (curve); - if (ec) - goto leave; + } - for (idx = 0; idx < N_COMPONENTS; idx++) - { - if (!values[idx]) - values[idx] = tmpvalues[idx]; - else - mpi_free (tmpvalues[idx]); - } + /* Guess required fields if a curve parameter has not been given. + FIXME: This is a crude hacks. We need to fix that. */ + if (!curvename) + { + model = ((flags & PUBKEY_FLAG_EDDSA) + ? MPI_EC_TWISTEDEDWARDS + : MPI_EC_WEIERSTRASS); + dialect = ((flags & PUBKEY_FLAG_EDDSA) + ? ECC_DIALECT_ED25519 + : ECC_DIALECT_STANDARD); } /* Check that all parameters are known and normalize all MPIs (that @@ -1495,37 +1517,70 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparam) for (idx = 0; idx < N_COMPONENTS; idx++) if (!values[idx]) { - ec = GPG_ERR_NO_OBJ; + rc = GPG_ERR_NO_OBJ; goto leave; } else _gcry_mpi_normalize (values[idx]); + /* Uncompress the public key with the exception of EdDSA where + compression is the default and we thus compute the keygrip using + the compressed version. Because we don't support any non-eddsa + compression, the only thing we need to do is to compress + EdDSA. */ + if ((flags & PUBKEY_FLAG_EDDSA)) + { + if (dialect == ECC_DIALECT_ED25519) + rc = _gcry_ecc_eddsa_ensure_compact (values[5], 256); + else + rc = GPG_ERR_NOT_IMPLEMENTED; + if (rc) + goto leave; + } + /* Hash them all. */ for (idx = 0; idx < N_COMPONENTS; idx++) { char buf[30]; - unsigned char *rawmpi; - unsigned int rawmpilen; - rawmpi = _gcry_mpi_get_buffer (values[idx], 0, &rawmpilen, NULL); - if (!rawmpi) + if (mpi_is_opaque (values[idx])) { - ec = gpg_err_code_from_syserror (); - goto leave; + const unsigned char *raw; + unsigned int n; + + raw = gcry_mpi_get_opaque (values[idx], &n); + n = (n + 7)/8; + snprintf (buf, sizeof buf, "(1:%c%u:", names[idx], n); + gcry_md_write (md, buf, strlen (buf)); + gcry_md_write (md, raw, n); + gcry_md_write (md, ")", 1); + } + else + { + unsigned char *rawmpi; + unsigned int rawmpilen; + + rawmpi = _gcry_mpi_get_buffer (values[idx], 0, &rawmpilen, NULL); + if (!rawmpi) + { + rc = gpg_err_code_from_syserror (); + goto leave; + } + snprintf (buf, sizeof buf, "(1:%c%u:", names[idx], rawmpilen); + gcry_md_write (md, buf, strlen (buf)); + gcry_md_write (md, rawmpi, rawmpilen); + gcry_md_write (md, ")", 1); + gcry_free (rawmpi); } - snprintf (buf, sizeof buf, "(1:%c%u:", names[idx], rawmpilen); - gcry_md_write (md, buf, strlen (buf)); - gcry_md_write (md, rawmpi, rawmpilen); - gcry_md_write (md, ")", 1); - gcry_free (rawmpi); } leave: + gcry_free (curvename); + gcry_sexp_release (l1); for (idx = 0; idx < N_COMPONENTS; idx++) _gcry_mpi_release (values[idx]); - return ec; + return rc; #undef N_COMPONENTS } diff --git a/tests/keygrip.c b/tests/keygrip.c index a89bba8..330935d 100644 --- a/tests/keygrip.c +++ b/tests/keygrip.c @@ -104,7 +104,7 @@ static struct { GCRY_PK_ECDSA, "(public-key" - " (ecdsa" + " (ecdsa(flags param)" " (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)" " (a #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC#)" " (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)" @@ -116,6 +116,18 @@ static struct { GCRY_PK_ECDSA, "(public-key" + " (ecdsa(flags param)" + " (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)" + " (curve \"NIST P-256\")" + " (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)" + " (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)" + " (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)" + " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", + "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" + }, + { + GCRY_PK_ECDSA, + "(public-key" " (ecdsa" " (p #00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF#)" " (curve \"NIST P-256\")" @@ -132,10 +144,52 @@ static struct " (curve secp256r1)" " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" + }, + { + GCRY_PK_ECC, + "(public-key" + " (ecc" + " (curve secp256r1)" + " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", + "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" + }, + { /* Ed25519 standard */ + GCRY_PK_ECC, + "(public-key" + " (ecc" + " (curve Ed25519)" + " (q #04" + " 1CC662926E7EFF4982B7FB8B928E61CD74CCDD85277CC57196C3AD20B611085F" + " 47BD24842905C049257673B3F5249524E0A41FAA17B25B818D0F97E625F1A1D0#)" + " ))", + "\x0C\xCA\xB2\xFD\x48\x9A\x33\x40\x2C\xE8" + "\xE0\x4A\x1F\xB2\x45\xEA\x80\x3D\x0A\xF1" + }, + { /* Ed25519+EdDSA */ + GCRY_PK_ECC, + "(public-key" + " (ecc" + " (curve Ed25519)(flags eddsa)" + " (q #773E72848C1FD5F9652B29E2E7AF79571A04990E96F2016BF4E0EC1890C2B7DB#)" + " ))", + "\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70" + "\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47" + }, + { /* Ed25519+EdDSA (same but uncompressed)*/ + GCRY_PK_ECC, + "(public-key" + " (ecc" + " (curve Ed25519)(flags eddsa)" + " (q #04" + " 629ad237d1ed04dcd4abe1711dd699a1cf51b1584c4de7a4ef8b8a640180b26f" + " 5bb7c29018ece0f46b01f2960e99041a5779afe7e2292b65f9d51f8c84723e77#)" + " ))", + "\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70" + "\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47" } - }; + static void check (void) { commit 8b3eecee2d89179297e43de7d650f74759c61a58 Author: Werner Koch Date: Mon Nov 11 11:07:56 2013 +0100 mpi: Add special format GCRYMPI_FMT_OPAQUE. * src/gcrypt.h.in (GCRYMPI_FMT_OPAQUE): New. (_gcry_sexp_nth_opaque_mpi): Remove. * src/sexp.c (gcry_sexp_nth_mpi): Add support for GCRYMPI_FMT_OPAQUE. (_gcry_sexp_vextract_param): Replace removed function by GCRYMPI_FMT_OPAQUE. -- Using a new formatting mode is easier than to add a dedicated extraction function for opaque MPIs. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index d63ca96..00435e2 100644 --- a/NEWS +++ b/NEWS @@ -106,6 +106,7 @@ Noteworthy changes in version 1.6.0 (unreleased) GCRYMPI_CONST_THREE NEW. GCRYMPI_CONST_FOUR NEW. GCRYMPI_CONST_EIGHT NEW. + GCRYMPI_FMT_OPAQUE NEW. GCRYPT_VERSION_NUMBER NEW. GCRY_KDF_SCRYPT NEW. gcry_pubkey_get_sexp NEW. diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 12f539a..98fbf0c 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -599,7 +599,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a, { gcry_mpi_t a; - a = _gcry_sexp_nth_opaque_mpi (l1, 1); + a = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_OPAQUE); gcry_sexp_release (l1); if (!a) return GPG_ERR_INV_OBJ; @@ -831,7 +831,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, n = NULL; } - /* Now that we now the curve name we can look for the public key + /* Now that we know the curve name we can look for the public key Q. point_from_keyparam needs to know the curve parameters so that it is able to use the correct decompression. Parsing the private key D could have been done earlier but it is less diff --git a/src/g10lib.h b/src/g10lib.h index 80c73ee..ae4502c 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -338,7 +338,6 @@ gcry_err_code_t _gcry_mpi_init (void); /*-- sexp.c --*/ gcry_err_code_t _gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff, const char *format, va_list arg_ptr); -gcry_mpi_t _gcry_sexp_nth_opaque_mpi (gcry_sexp_t list, int number); char *_gcry_sexp_nth_string (const gcry_sexp_t list, int number); gpg_err_code_t _gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, const char *list, va_list arg_ptr); diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 234e8a4..fffc15c 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -489,7 +489,8 @@ enum gcry_mpi_format GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */ GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */ GCRYMPI_FMT_HEX = 4, /* Hex format. */ - GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */ + GCRYMPI_FMT_USG = 5, /* Like STD but unsigned. */ + GCRYMPI_FMT_OPAQUE = 8 /* Opaque format (some functions only). */ }; /* Flags used for creating big integers. */ diff --git a/src/sexp.c b/src/sexp.c index 6e4ff27..238aef6 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -765,43 +765,37 @@ gcry_sexp_nth_string (const gcry_sexp_t list, int number) gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt) { - const char *s; size_t n; gcry_mpi_t a; - if ( !mpifmt ) - mpifmt = GCRYMPI_FMT_STD; - - s = sexp_nth_data (list, number, &n); - if (!s) - return NULL; - - if ( gcry_mpi_scan ( &a, mpifmt, s, n, NULL ) ) - return NULL; + if (mpifmt == GCRYMPI_FMT_OPAQUE) + { + char *p; - return a; -} + p = gcry_sexp_nth_buffer (list, number, &n); + if (!p) + return NULL; + a = gcry_is_secure (list)? _gcry_mpi_snew (0) : _gcry_mpi_new (0); + if (a) + gcry_mpi_set_opaque (a, p, n*8); + else + gcry_free (p); + } + else + { + const char *s; -/* - * Get data from the car and store return it as an opaque MPI. - */ -gcry_mpi_t -_gcry_sexp_nth_opaque_mpi (gcry_sexp_t list, int number) -{ - char *p; - size_t n; - gcry_mpi_t a; + if (!mpifmt) + mpifmt = GCRYMPI_FMT_STD; - p = gcry_sexp_nth_buffer (list, number, &n); - if (!p) - return NULL; + s = sexp_nth_data (list, number, &n); + if (!s) + return NULL; - a = gcry_is_secure (list)? _gcry_mpi_snew (0) : _gcry_mpi_new (0); - if (a) - gcry_mpi_set_opaque (a, p, n*8); - else - gcry_free (p); + if (gcry_mpi_scan (&a, mpifmt, s, n, NULL)) + return NULL; + } return a; } @@ -2293,7 +2287,7 @@ _gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, } } else if (mode == '/') - *array[idx] = _gcry_sexp_nth_opaque_mpi (l1, 1); + *array[idx] = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_OPAQUE); else if (mode == '-') *array[idx] = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_STD); else ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + cipher/ecc-common.h | 8 +++ cipher/ecc-curves.c | 54 ++++++++++++++++- cipher/ecc-eddsa.c | 48 ++++++++++++++++ cipher/ecc.c | 159 ++++++++++++++++++++++++++++++++++----------------- src/g10lib.h | 1 - src/gcrypt.h.in | 3 +- src/sexp.c | 54 ++++++++--------- tests/keygrip.c | 58 ++++++++++++++++++- 9 files changed, 298 insertions(+), 88 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 08:47:58 2013 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 13 Nov 2013 08:47:58 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-10-gf72d9a5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via f72d9a5cf69c3e719979547a5f7a37efe49bd642 (commit) from 07d7015e4dcb8a2439ed781928495632ec0b4fa3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f72d9a5cf69c3e719979547a5f7a37efe49bd642 Author: NIIBE Yutaka Date: Wed Nov 13 16:43:26 2013 +0900 scd: more pinpad input fix for PC/SC. * scd/apdu.c (check_pcsc_pinpad): Set default values here. (pcsc_pinpad_verify, pcsc_pinpad_modify): Remove setting default values, as it's too late. -- cherry picked from master. diff --git a/scd/apdu.c b/scd/apdu.c index 49ece0b..67671b2 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -2212,6 +2212,11 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo) if (reader_table[slot].pcsc.pinmax >= 0) pininfo->maxlen = reader_table[slot].pcsc.pinmax; + if (!pininfo->minlen) + pininfo->minlen = 1; + if (!pininfo->maxlen) + pininfo->maxlen = 15; + if ((command == ISO7816_VERIFY && reader_table[slot].pcsc.verify_ioctl != 0) || (command == ISO7816_CHANGE_REFERENCE_DATA && reader_table[slot].pcsc.modify_ioctl != 0)) @@ -2248,11 +2253,6 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1, if (pininfo->fixedlen < 0 || pininfo->fixedlen >= 16) return SW_NOT_SUPPORTED; - if (!pininfo->minlen) - pininfo->minlen = 1; - if (!pininfo->maxlen) - pininfo->maxlen = 15; - pin_verify = xtrymalloc (len); if (!pin_verify) return SW_HOST_OUT_OF_CORE; @@ -2328,11 +2328,6 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1, if (pininfo->fixedlen < 0 || pininfo->fixedlen >= 16) return SW_NOT_SUPPORTED; - if (!pininfo->minlen) - pininfo->minlen = 1; - if (!pininfo->maxlen) - pininfo->maxlen = 15; - pin_modify = xtrymalloc (len); if (!pin_modify) return SW_HOST_OUT_OF_CORE; ----------------------------------------------------------------------- Summary of changes: scd/apdu.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 08:48:00 2013 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 13 Nov 2013 08:48:00 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-260-gabd922e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via abd922e79b2ff63a5a763a30d4a06a91f93d0b12 (commit) from 037dea9dd5eac7a74df0e12cb437e71fb0732afa (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit abd922e79b2ff63a5a763a30d4a06a91f93d0b12 Author: NIIBE Yutaka Date: Wed Nov 13 16:43:26 2013 +0900 scd: more pinpad input fix for PC/SC. * scd/apdu.c (check_pcsc_pinpad): Set default values here. (pcsc_pinpad_verify, pcsc_pinpad_modify): Remove setting default values, as it's too late. -- GnuPG-bug-id: 1549 diff --git a/scd/apdu.c b/scd/apdu.c index 961c419..dd45e99 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -2183,6 +2183,11 @@ check_pcsc_pinpad (int slot, int command, pininfo_t *pininfo) if (reader_table[slot].pcsc.pinmax >= 0) pininfo->maxlen = reader_table[slot].pcsc.pinmax; + if (!pininfo->minlen) + pininfo->minlen = 1; + if (!pininfo->maxlen) + pininfo->maxlen = 15; + if ((command == ISO7816_VERIFY && reader_table[slot].pcsc.verify_ioctl != 0) || (command == ISO7816_CHANGE_REFERENCE_DATA && reader_table[slot].pcsc.modify_ioctl != 0)) @@ -2219,11 +2224,6 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1, if (pininfo->fixedlen < 0 || pininfo->fixedlen >= 16) return SW_NOT_SUPPORTED; - if (!pininfo->minlen) - pininfo->minlen = 1; - if (!pininfo->maxlen) - pininfo->maxlen = 15; - pin_verify = xtrymalloc (len); if (!pin_verify) return SW_HOST_OUT_OF_CORE; @@ -2301,11 +2301,6 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1, if (pininfo->fixedlen < 0 || pininfo->fixedlen >= 16) return SW_NOT_SUPPORTED; - if (!pininfo->minlen) - pininfo->minlen = 1; - if (!pininfo->maxlen) - pininfo->maxlen = 15; - pin_modify = xtrymalloc (len); if (!pin_modify) return SW_HOST_OUT_OF_CORE; ----------------------------------------------------------------------- Summary of changes: scd/apdu.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 09:49:04 2013 From: cvs at cvs.gnupg.org (by Christian Grothoff) Date: Wed, 13 Nov 2013 09:49:04 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-379-gc4f9af4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c4f9af49f228df59c218381a25fa3c0f93ccbeae (commit) from 4fb3c8e5a7fc6a1568f54bcc0be17fecf75e0742 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c4f9af49f228df59c218381a25fa3c0f93ccbeae Author: Christian Grothoff Date: Mon Nov 11 16:04:30 2013 +0100 ecc: Fix some memory leaks * cipher/ecc-curves.c (_gcry_mpi_ec_new): Free ec->b before assigning. * cipher/ecc.c (nist_generate_key): Release Q. * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Ditto. -- _gcry_mpi_ec_new: Fixing memory leak detected with valgrind; if 'b' is non-NULL, the code in ec_p_init (ec.c:379) already makes a copy of 'b', so before we clobber ctx->b here, we need to at least release the old value (however, it would of course be nicer to not first make a copy of b in the first place, but this is the most localized change to get rid of the memory leak). nist_generate_key: Fixing rather obvious local leak; Q is first initialized, then used, copied into the result but never released. diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 8c63f6c..5815e55 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -867,6 +867,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, if (b) { + mpi_free (ec->b); ec->b = b; b = NULL; } diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index b9e866d..92c0713 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -432,6 +432,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, point_set (&sk->Q, &Q); leave: + point_free (&Q); gcry_mpi_release (a); gcry_mpi_release (x); gcry_mpi_release (y); diff --git a/cipher/ecc.c b/cipher/ecc.c index b9af185..9135b68 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -217,6 +217,7 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, mpi_free (x); } + point_free (&Q); /* Now we can test our keys (this should never fail!). */ test_keys (sk, nbits - 64); ----------------------------------------------------------------------- Summary of changes: cipher/ecc-curves.c | 1 + cipher/ecc-eddsa.c | 1 + cipher/ecc.c | 1 + 3 files changed, 3 insertions(+) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 14:06:24 2013 From: cvs at cvs.gnupg.org (by Christian Grothoff) Date: Wed, 13 Nov 2013 14:06:24 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-380-g7d91e99 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 7d91e99bcd30a463dd4faed014b8521a663d8316 (commit) from c4f9af49f228df59c218381a25fa3c0f93ccbeae (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7d91e99bcd30a463dd4faed014b8521a663d8316 Author: Christian Grothoff Date: Mon Nov 11 16:04:30 2013 +0100 ecc: Fix key generation for a plain Ed25519 key. * cipher/ecc.c (nist_generate_key): Use custom code for ED25519. -- I wish there would a an RFC for Curve25519 - the description in the paper is easy to misunderstand for a non-mathematician. Source code and a paper are nice but a proper description (like those in the HAC) would be better. Problem spotted by Florian Dold. Signed-off-by: Werner Koch diff --git a/cipher/ecc.c b/cipher/ecc.c index 9135b68..72ca726 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -145,7 +145,21 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, point_init (&Q); /* Generate a secret. */ - sk->d = _gcry_dsa_gen_k (E->n, random_level); + if (ctx->dialect == ECC_DIALECT_ED25519) + { + char *rndbuf; + + sk->d = mpi_snew (256); + rndbuf = gcry_random_bytes_secure (32, random_level); + rndbuf[0] &= 0x7f; /* Clear bit 255. */ + rndbuf[0] |= 0x40; /* Set bit 254. */ + rndbuf[31] &= 0xf8; /* Clear bits 2..0 so that d mod 8 == 0 */ + _gcry_mpi_set_buffer (sk->d, rndbuf, 32, 0); + gcry_free (rndbuf); + } + else + sk->d = _gcry_dsa_gen_k (E->n, random_level); + /* Compute Q. */ _gcry_mpi_ec_mul_point (&Q, sk->d, &E->G, ctx); ----------------------------------------------------------------------- Summary of changes: cipher/ecc.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 15:10:38 2013 From: cvs at cvs.gnupg.org (by Christian Grothoff) Date: Wed, 13 Nov 2013 15:10:38 +0100 Subject: [git] gnupg-doc - branch, master, updated. 2a1e704a8adfb5a39ba6ed1621dba17033751a64 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 2a1e704a8adfb5a39ba6ed1621dba17033751a64 (commit) from 6c4f98c634c734de5040615fa426a80011d44410 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2a1e704a8adfb5a39ba6ed1621dba17033751a64 Author: Christian Grothoff Date: Mon Nov 11 16:04:30 2013 +0100 New website is now online. diff --git a/README b/README index 2dcc906..35b39b1 100644 --- a/README +++ b/README @@ -43,3 +43,13 @@ Redirect /why-not-idea.html http://www.gnupg.org/faq/why-not-idea.html Redirect /howtos/ch/ http://www.gnupg.org/howtos/zh/ #+END_EXAMPLE + +** Symlinks + +For compatibility with the old webseite it is best to run this script +in the htdocs directory: + +for d in $(find . -type d); \\ + do (cd $d && for f in $(ls *.html | grep -v '*.??.html'); \\ + do ln -s $f ${f%.html}.en.html; ln -s $f ${f%.html}.de.html ; \\ + done ); done diff --git a/web/documentation/faqs.org b/web/documentation/faqs.org index 497eb26..38a1c38 100644 --- a/web/documentation/faqs.org +++ b/web/documentation/faqs.org @@ -11,4 +11,6 @@ - [[http://git.gnupg.org/cgi-bin/gitweb.cgi?p%3Dgnupg-doc.git%3Ba%3Dblob_plain%3Bf%3Dweb/faq/gnupg-faq.org][Org-mode]] + (If you are looking for the old and outdated FAQ, please go to [[http://www-old.gnupg.org/faq/GnuPG-FAQ.html][here]].) + # eof diff --git a/web/index.org b/web/index.org index 0af4d6b..f7a64a7 100644 --- a/web/index.org +++ b/web/index.org @@ -46,6 +46,16 @@ GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3D point or paste the [[news.en.rss][RSS file]] into your aggregator. +** New website infrastructure (2013-11-12) + +After more than a decade we switched from the legacy WML based website +system to a new [[http://org-mode.org][org-mode]] based one. The old WML code was not anymore +maintainable and building the website took way to long. The new +system uses plain text files and will make it way easier to keep +information up to date. Unfortunately the translations are gone for +now --- most of them have not been updated for many years anyway. + + ** Security update for GnuPG (2013-10-05) :important: We are pleased to announce the availability of a new stable GnuPG diff --git a/web/misc/index.org b/web/misc/index.org index 43dc987..9084c3e 100644 --- a/web/misc/index.org +++ b/web/misc/index.org @@ -9,4 +9,5 @@ - [[file:links.org][Links]] - Cryptography is a wide-spread science and other people have something to tell about. - [[file:logo-contest.org][Logo Contest]] - GnuPG needs a new Logo. + - [[http://www-old.gnupg.org][The old GnuPG website]] - in case something is missing at the new one. - [[file:thanks.org][Thanks]] - We have to thank many people for making GnuPG possible. diff --git a/web/related_software/frontends.org b/web/related_software/frontends.org index 74165c7..b8f4f8b 100644 --- a/web/related_software/frontends.org +++ b/web/related_software/frontends.org @@ -1,6 +1,7 @@ #+TITLE: GnuPG - Frontends -#+STARTUP: showall +#+STARTUP: showall indent #+SETUPFILE: "../share/setup.inc" +#+OPTIONS: ^:{} * Frontends @@ -10,311 +11,77 @@ homogeneous categories. A frontend may belong to one or more categories at a time. A list is sorted in an alphabetical order. - - [[#gui][GUI frontends]] - - [[#mua][MUA frontends]] - - [[#chat][chat programs]] - - [[#net][network related]] - - [[#scr][frontends for scripting]] - - [[#nix][for *nix platform]] - - [[#win][for Windows platform]] - - [[#mac][for Mac platform]] + - [[GUI frontends]] + - [[MUA frontends]] + - [[Chat programs]] + - [[Network related]] + - [[Frontends for scripting]] If you feel wanting to improve these lists, please, fill in a [[#gpgweb][Problem Report]] form. -** GUI Frontends - - - [[http://code.google.com/p/cryptophane/][Cryptophane]] :: Cryptophane is an easy-to-use application for MS - Windows. It allows users to encrypt, sign, - decrypt, and perform key maintenance without - having to deal with GnuPG's command-line - interface. - - [[http://www.gajim.org/][Gajim]] :: The goal of Gajim is to provide a full featured and - easy to use Jabber client. Gajim works nicely with - GNOME, but does not require it to run. It is released - under the GNU General Public License. - - [[http://www.tech-faq.com/gnupg-shell.shtml][GnuPG Shell]] :: GnuPG Shell is a cross-platform graphical - frontend for GnuPG. - - [[file:gpa/index.org][GPA]] :: Aims to be the standard GnuPG graphical frontend. [[gpa/index.en.html][GPA]] is - hosted on this site. - - [[http://devel-home.kde.org/~kgpg/][KGpg]] :: Is a KDE frontend for GnuPG. - - [[http://seahorse.sf.net/][Seahorse]] :: Is a GNOME frontend for GnuPG. - - [[http://www.media-art-online.org/wija/][wija]] :: wija is a free and cross-platform Jabber/XMPP client - written in Java, with built-in GnuPG key rings - management GUI. Its extended protocols allow users to - encrypt chat and multi-user chat as well as - encrypting/signing messages and signing presence of the - user. It is multilingual and runs on GNU/Linux, Mac OS X - and Windows. - - [[http://freshmeat.net/projects/xap/][XAP]] :: Is the X application panel and filemanager. - - -** MUA Frontends - - - [[http://www.claws-mail.org/][Claws Mail]] :: Is a very nice GTK+ based MUA with full support - for GnuPG. The Windows version is part of [[http://www.gpg4win.org/][Gpg4win]] - . - - [[http://www.enigmail.net/][Enigmail]] :: Is a plug-in for Mozilla's mailer. - - [[http://www.adobner.de/eudoragpg/][EudoraGPG]] :: Is a plugin for the proprietary Eudora MUA. - - [[http://www.ximian.com/products/ximian_evolution][Evolution]] :: Is a catch all MUA application for the GNOME - desktop. - - [[http://www.beedub.com/exmh/][exmh]] :: Is a Tcl/Tk based MUA. - - [[http://business-php.com/opensource/ez-pine-gpg/][ez-pine-gpg]] :: Is a set of scripts that allows beginners and - experts to use gpg with Pine. There are plenty of - other applications that allow gpg to be used with - Pine: this one is intended to be the best, since - it merges intuitive use with powerful - features. The result is an application that's not - only fast and secure, but also perfect for - novices and power-users alike. - - [[http://www.gnu.org/software/anubis/][GNU Anubis]] :: Is an outgoing mail processor, and an SMTP tunnel - between the MUA and the MTA. It strongly uses the - GnuPG via the GPGME interface. With this GNU tool - you can encrypt or sign an outgoing mail - on-the-fly. - - [[http://www.collaboration-world.com/gnumail/][GNUmail.app]] :: Is a GNUStep MUA which now has support for GnuPG. - - [[http://linux.oregpreshaz.hu/script.html][gpg\_mail]] :: This script is able to encode/sign emails in an - automatic fashion. There is also a [[http://linux.choma.hu/gpg-script/][mirror site]] - available. - - [[http://wald.intevation.org/projects/gpgoe][GPGOE]] :: Is a plugin for the proprietary Outlook Express MUA. - - [[http://www.g10code.de/p-gpgol.html][GPGol]] :: A plug-in for Microsoft Outlook 2003. - - [[http://sites.inka.de/tesla/gpgrelay.html][GPGrelay]] :: Is a Windows program which can be used to use GnuPG - with all MUAs. - - [[http://kmail.kde.org/][KMail]] :: From the KDE desktop, it does also support GnuPG. - - [[http://www.snafu.priv.at/kuvert.html][kuvert]] :: This frontend is for GnuPG and old-style pgp2. It - works slightly similar to Raph Levien's premail: it - sits between MUA and MTA and decides based on the - keyring contents whether to sign, sign/encrypt or - leave an email as it is. kuvert is unix-only and - designed to work for outbound emails only. It's a - daemon tool and requires some form of passphrase - cache. kuvert has been around (under earlier names) - since about 1996. - - [[http://www.physto.se/~p99jlu/MagicPGP.html][MagicPGP]] :: Is yet another set of scripts to use GnuPG with - Pine. - - [[http://www.pobox.com/~lbudney/linux/software/mailcrypt.html][Mailcrypt]] :: For Emacs. You may need the latest [[http://www.lothar.com/tech/crypto/][patches]] until - there is a new release of Mailcrypt. - - [[http://www.mew.org/][Mew]] :: Has support for GnuPG. - - [[http://www.mutt.org/][Mutt]] :: Is an advanced MUA with complete MIME and GnuPG/PGP - support. It is also available an - [[ftp://ftp.guug.de/pub/mutt/][internationalized version]] . - - [[https://yourmom.dhs.org/pgp/][OpenPGP Webmail]] :: Is a web based mailer to send encrypted - messages. - - [[#fend_mua-PGG][PGG]] :: PGG is a complete PGP signing/encrypting solution - provided from scratch by the Gnus development team. It - deserves the same than [[#fend_mua-Mailcrypt][mailcrypt]] but it has also native - MIME support whereas mailcrypt does not. There is no PGG - homepage at the moment, sorry. - - [[http://pgpenvelope.sourceforge.net/][pgpenvelope]] :: Is a Pine and procmail filter which allows one to - process messages with GnuPG. - - [[http://www.netspace.net.au/~ggt/privtool.html][privtool]] :: Sorry, no description available. - - [[http://www.memecode.com/scribe.php][Scribe]] :: Scribe is a small and fast email client that lets you - send, receive and manage email without fuss. Scribe - comes with a [[http://www.memecode.com/scribe/gnupg.php][plugin]] that calls GnuPG. - - [[http://www.sys3175.co.uk/securemail.php][Securemail]] :: Is another webmail client. - - [[http://www.squirrelmail.org/plugin_view.php?id=153][Squirrelmail Plugin]] :: A gpg plugin for the popular [[http://www.squirrelmail.org/][Squirrelmail]] - web mail server. - - [[http://sylpheed.sraoss.jp/en/][Sylpheed]] :: Is a very nice GTK+ based MUA with full support for - GnuPG. - - [[http://www.lothlann.freeserve.co.uk/pjb/topal/][Topal]] :: Is another program to use GnuPG with Pine. - - [[http://xfmail.slappy.org/][XFmail]] :: Works with GnuPG. - +** GUI frontends + + - [[file:swlist.org::#cryptophane][Cryptophane]] + - [[file:swlist.org::#gnupg-shell][GnuPG Shell]] + - [[file:swlist.org::#gpa][GPA]] + - [[file:swlist.org::#kgpg][KGpg]] + - [[file:swlist.org::#seahorse][Seahorse]] + - [[file:swlist.org::#wija][wija]] + - [[file:swlist.org::#xap][XAP]] + +** MUA frontends + + - [[file:swlist.org::#claws][Claws Mail]] + - [[file:swlist.org::#enigmail][Enigmail]] + - [[file:swlist.org::#eudora-gpg][EudoraGPG]] + - [[file:swlist.org::#evolution][Evolution]] + - [[file:swlist.org::#exmh][exmh]] + - [[file:swlist.org::#ez-pine-gpg][ez-pine-gpg]] + - [[file:swlist.org::#anubis][GNU Anubis]] + - [[file:swlist.org::#gnumail][GNUmail.app]] + - [[file:swlist.org::#gpgmail][gpg_mail]] + - [[file:swlist.org::#gpgoe][GPGOE]] + - [[file:swlist.org::#gpgol][GpgOL]] + - [[file:swlist.org::#gpgrelay][GPGrelay]] + - [[file:swlist.org::#kmail][KMail]] + - [[file:swlist.org::#kuvert][kuvert]] + - [[file:swlist.org::#macgpg][MagicPGP]] + - [[file:swlist.org::#mailcrypt][Mailcrypt]] + - [[file:swlist.org::#mew][Mew]] + - [[file:swlist.org::#mutt][Mutt]] + - [[file:swlist.org::#openpgp-webmail][OpenPGP Webmail]] + - [[file:swlist.org::#pgg][PGG]] + - [[file:swlist.org::#pgpenvelope][pgpenvelope]] + - [[file:swlist.org::#scribe][Scribe]] + - [[file:swlist.org::#squirrelmail-plugin][Squirrelmail Plugin]] + - [[file:swlist.org::#sylpheed][Sylpheed]] + - [[file:swlist.org::#topal][Topal]] + - [[file:swlist.org::#xfmail][XFmail]] ** Chat programs - - [[http://gabber.sourceforge.net/][Gabber]] :: Gabber is a Free and Open Source GNOME client for an - instant messaging system called Jabber. Jabber is a - Free and Open Source distributed instant messaging - system. It does not rely on a single server, and the - protocol is well documented. Jabber allows - communication with many different instant messaging - systems, including ICQ and AIM. - - [[http://www.gajim.org/][Gajim]] :: The goal of Gajim is to provide a full featured and - easy to use Jabber client. Gajim works nicely with - GNOME, but does not require it to run. It is released - under the GNU General Public License. - - [[http://miranda-icq.sourceforge.net/][Miranda ICQ]] :: Has support for GnuPG. - - [[http://psi.affinix.com/][PSI]] :: Psi is a free and crossplatform client for connecting to - the Jabber network. It supports multiple accounts, group - chat, Unicode, and strong security (TLS and GnuPG). - - [[http://tkabber.jabber.ru/][Tkabber]] :: Tkabber is a free client for an instant messaging - system called Jabber. It is written in Tcl/Tk and - supports many features like support of unicode, ssl - support, http proxy, file transfers and support of - multi-user conference protocol. - - [[http://www.media-art-online.org/wija/][wija]] :: wija is a free and cross-platform Jabber/XMPP client - written in Java, with built-in GnuPG key rings - management GUI. Its extended protocols allow users to - encrypt chat and multi-user chat as well as - encrypting/signing messages and signing presence of the - user. It is multilingual and runs on GNU/Linux, Mac OS X - and Windows. + - [[file:swlist.org::#gabber][Gabber]] + - [[file:swlist.org::#gajim][Gajim]] + - [[file:swlist.org::#miranda-icq][Miranda ICQ]] + - [[file:swlist.org::#psi][PSI]] + - [[file:swlist.org::#tkabber][Tkabber]] + - [[file:swlist.org::#wija][wija]] -** Network Related +** Network related - - [[http://www.freenigma.org/][freenigma]] :: Is a server based solution for centralized and - transparent encryption and signatures. It comes - with a web admin interface and may either be used - as a drop in MTA replacement or as an additional - MTA. - - [[http://www.freenigma.com/][freenigma]] :: freenigma is an OpenPGP web service for easy key - management. It allows encryption without taking - care of keys. A documented API is available as well - as several tools to access this web service. - - [[http://eepatents.com/privaria/][Privaria]] :: Is a secure networking suite that uses GnuPG as part - of its authentication and encryption scheme. + - [[file:swlist.org::#freenigma][freenigma]] + - [[file:swlist.org::#freenigma-service][freenigma service]] + - [[file:swlist.org::#privaria][Privaria]] ** Frontends for scripting - - [[http://business-php.com/opensource/gpg_encrypt/][gpg\_encrypt()]] :: gpg\_encrypt() is a PHP function that will - allow you to easily use GnuPG to encrypt data to your public - PGP key and mail that encrypted data to yourself, where it can - be securely decrypted with your private key. This is designed - primarily for use with web-based forms but can be used to - encrypt any data. - - [[http://linux.oregpreshaz.hu/script.html][gpg\_mail]] :: This script is able to encode/sign emails in an - automatic fashion. There is also a [[http://linux.choma.hu/gpg-script/][mirror site]] - available. - - [[http://www.physto.se/~p99jlu/MagicPGP.html][MagicPGP]] :: Is yet another set of scripts to use GnuPG with - Pine. - - [[http://www.bell-labs.com/projects/nsbd/][NSBD]] :: The Not-So-Bad Distribution system. - - [[http://pgpenvelope.sourceforge.net/][pgpenvelope]] :: Is a Pine and procmail filter which allows one to - process messages with GnuPG. - - [[http://www.nessie.de/mroth/pgpgpg/][pgpgpg]] :: Is a comandline wrapper tool to allow the use of - scripts written for PGP with GnuPG. - - [[http://www.sanface.com/pgphtml.html][PGPHTML]] :: Is a perl script to sign HTML pages. - - [[http://py-gnupg.sourceforge.net/][Python GnuPGInterface]] :: Is what the name says. - - [[http://soupermail.sourceforge.net/][Soupermail]] :: Is a versatile HTML form handler. - - -** For Unix - - - [[http://www.claws-mail.org/][Claws Mail]] :: Is a very nice GTK+ based MUA with full support - for GnuPG. The Windows version is part of [[http://www.gpg4win.org/][Gpg4win]] - . - - [[http://www.enigmail.net/][Enigmail]] :: Is a plug-in for Mozilla's mailer. - - [[http://www.ximian.com/products/ximian_evolution][Evolution]] :: Is a catch all MUA application for the GNOME - desktop. - - [[http://www.beedub.com/exmh/][exmh]] :: Is a Tcl/Tk based MUA. - - [[http://business-php.com/opensource/ez-pine-gpg/][ez-pine-gpg]] :: ez-pine-gpg is a set of scripts that allows - beginners and experts to use gpg with Pine. There - are plenty of other applications that allow gpg - to be used with Pine: this one is intended to be - the best, since it merges intuitive use with - powerful features. The result is an application - that's not only fast and secure, but also perfect - for novices and power-users alike. - - [[http://gabber.sourceforge.net/][Gabber]] :: Gabber is a Free and Open Source GNOME client for an - instant messaging system called Jabber. Jabber is a - Free and Open Source distributed instant messaging - system. It does not rely on a single server, and the - protocol is well documented. Jabber allows - communication with many different instant messaging - systems, including ICQ and AIM. - - [[http://www.tech-faq.com/gnupg-shell.shtml][GnuPG Shell]] :: GnuPG Shell is a cross-platform graphical - frontend for GnuPG. - - [[gpa/index.en.html][GPA]] :: Aims to be the standard GnuPG graphical frontend. [[gpa/index.en.html][GPA]] is - hosted on this site. - - [[http://linux.oregpreshaz.hu/script.html][gpg\_mail]] :: This script is able to encode/sign emails in an - automatic fashion. There is also a [[http://linux.choma.hu/gpg-script/][mirror site]] - available. - - [[http://devel-home.kde.org/~kgpg/][KGpg]] :: Is a KDE frontend for GnuPG. - - [[http://kmail.kde.org/][KMail]] :: From the KDE desktop, it does also support GnuPG. - - [[http://www.snafu.priv.at/kuvert.html][kuvert]] :: This frontend is for GnuPG and old-style pgp2. It - works slightly similar to Raph Levien's premail: it - sits between MUA and MTA and decides based on the - keyring contents whether to sign, sign/encrypt or - leave an email as it is. kuvert is unix-only and - designed to work for outbound emails only. It's a - daemon tool and requires some form of passphrase - cache. kuvert has been around (under earlier names) - since about 1996. - - [[http://www.physto.se/~p99jlu/MagicPGP.html][MagicPGP]] :: Is yet another set of scripts to use GnuPG with - Pine. - - [[http://www.pobox.com/~lbudney/linux/software/mailcrypt.html][Mailcrypt]] :: For Emacs. You may need the latest [[http://www.lothar.com/tech/crypto/][patches]] until - there is a new release of Mailcrypt. - - [[http://www.mew.org/][Mew]] :: Has support for GnuPG. - - [[http://www.mutt.org/][Mutt]] :: Is an advanced MUA with complete MIME and GnuPG/PGP - support. It is also available - an [[ftp://ftp.guug.de/pub/mutt/][internationalized version]]. - - [[#fend_nix-PGG][PGG]] :: PGG is a complete PGP signing/encrypting solution - provided from scratch by the Gnus development team. It - deserves the same than [[#fend_mua-Mailcrypt][mailcrypt]] but it has also native - MIME support whereas mailcrypt does not. There is no PGG - homepage at the moment, sorry. - - [[http://pgpenvelope.sourceforge.net/][pgpenvelope]] :: Is a Pine and procmail filter which allows one to - process messages with GnuPG. - - [[http://www.nessie.de/mroth/pgpgpg/][pgpgpg]] :: Is a comandline wrapper tool to allow the use of - scripts written for PGP with GnuPG. - - [[http://psi.affinix.com/][PSI]] :: Psi is a free and crossplatform client for connecting to - the Jabber network. It supports multiple accounts, group - chat, Unicode, and strong security (TLS and GnuPG). - - [[http://www.memecode.com/scribe.php][Scribe]] :: Scribe is a small and fast email client that lets you - send, receive and manage email without fuss. Scribe - comes with a [[http://www.memecode.com/scribe/gnupg.php][plugin]] that calls GnuPG. - - [[http://seahorse.sf.net/][Seahorse]] :: Is a GNOME frontend for GnuPG. - - [[http://sylpheed.sraoss.jp/en/][Sylpheed]] :: Is a very nice GTK+ based MUA with full support for - GnuPG. - - [[http://tkabber.jabber.ru/][Tkabber]] :: Tkabber is a free client for an instant messaging - system called Jabber. It is written in Tcl/Tk and - supports many features like support of unicode, ssl - support, http proxy, file transfers and support of - multi-user conference protocol. - - [[http://www.lothlann.freeserve.co.uk/pjb/topal/][Topal]] :: Is another program to use GnuPG with Pine. - - [[http://www.media-art-online.org/wija/][wija]] :: wija is a free and cross-platform Jabber/XMPP client - written in Java, with built-in GnuPG key rings - management GUI. Its extended protocols allow users to - encrypt chat and multi-user chat as well as - encrypting/signing messages and signing presence of the - user. It is multilingual and runs on GNU/Linux, Mac OS X - and Windows. - - [[http://freshmeat.net/projects/xap/][XAP]] :: Is the X application panel and filemanager. - - -** For Windows - - - [[http://www.claws-mail.org/][Claws Mail]] :: Is a very nice GTK+ based MUA with full support - for GnuPG. The Windows version is part of [[http://www.gpg4win.org/][Gpg4win]]. - - [[http://code.google.com/p/cryptophane/][Cryptophane]] :: Cryptophane is an easy-to-use application for MS - Windows. It allows users to encrypt, sign, - decrypt, and perform key maintenance without - having to deal with GnuPG's command-line - interface. - - [[http://www.enigmail.net/][Enigmail]] :: Is a plug-in for Mozilla's mailer. - - [[http://www.adobner.de/eudoragpg/][EudoraGPG]] :: Is a plugin for the proprietary Eudora MUA. - - [[http://www.gpg4win.org/][Gpg4win]] :: Gpg4win is an installer package for Windows with - computer programs and handbooks for email and file - encryption. - - [[http://wald.intevation.org/projects/gpgoe][GPGOE]] :: Is a plugin for the proprietary Outlook Express MUA. - - [[http://www.g10code.de/p-gpgol.html][GPGol]] :: A plug-in for Microsoft Outlook 2003. - - [[http://sites.inka.de/tesla/gpgrelay.html][GPGrelay]] :: Is a Windows program which can be used to use GnuPG - with all MUAs. - - [[http://www.memecode.com/scribe.php][Scribe]] :: Scribe is a small and fast email client that lets you - send, receive and manage email without fuss. Scribe - comes with a [[http://www.memecode.com/scribe/gnupg.php][plugin]] that calls GnuPG. - - [[http://www.media-art-online.org/wija/][wija]] :: wija is a free and cross-platform Jabber/XMPP client - written in Java, with built-in GnuPG key rings - management GUI. Its extended protocols allow users to - encrypt chat and multi-user chat as well as - encrypting/signing messages and signing presence of the - user. It is multilingual and runs on GNU/Linux, Mac OS X - and Windows. - -** For Mac - - - [[http://www.enigmail.net/][Enigmail]] :: Is a plug-in for Mozilla's mailer. - - [[http://www.gpgtools.org/gpgmail.html][GPGMail]] :: Is a MUA for MAC OS X. - - [[http://gpgtools.org/][GPGTools]] :: GPGTools is an installer package for Mac OS X. It - integrates all required modules for easy use of - GnuPG on this OS. - - [[http://www.gpgtools.org/macgpg1.html][MacGPG]] :: The MacGPG project has information on using GnuPG on - OS-X. - - [[http://www.gpgtools.org/macgpg2.html][MacGPG2]] :: The MacGPG2 project has information on using GnuPG-2 - on OS-X. - - [[http://www.media-art-online.org/wija/][wija]] :: wija is a free and cross-platform Jabber/XMPP client - written in Java, with built-in GnuPG key rings - management GUI. Its extended protocols allow users to - encrypt chat and multi-user chat as well as - encrypting/signing messages and signing presence of the - user. It is multilingual and runs on GNU/Linux, Mac OS X - and Windows. + - [[file:swlist.org::#gpg-encrypt][gpg_encrypt()]] + - [[file:swlist.org::#gpg-mail-script][gpg_mail]] + - [[file:swlist.org::#macgpg][MagicPGP]] + - [[file:swlist.org::#nsbd][NSBD]] + - [[file:swlist.org::#pgpenvelope][pgpenvelope]] + - [[file:swlist.org::#pgpgpg][pgpgpg]] + - [[file:swlist.org::#pgphtml][PGPHTML]] + - [[file:swlist.org::#python-gnupginterface][Python GnuPGInterface]] + - [[file:swlist.org::#soupermail][Soupermail]] diff --git a/web/related_software/gpgme/index.org b/web/related_software/gpgme/index.org index 305dc50..425d943 100644 --- a/web/related_software/gpgme/index.org +++ b/web/related_software/gpgme/index.org @@ -23,4 +23,4 @@ should consider to use GPGME. It is even planned to create a set of standard widgets for common key selection tasks. - See [[file:~/s/gnupg-web/web/download/index.org::gpgme][download]] section to download the latest tarball. + See [[http://www.gnupg.org/download/index.org#gpgme][download]] section to download the latest tarball. diff --git a/web/related_software/index.org b/web/related_software/index.org index 9121de0..3fadc0d 100644 --- a/web/related_software/index.org +++ b/web/related_software/index.org @@ -28,3 +28,4 @@ - [[file:libraries.org][Libraries]] :: This page hosts projects which aim is to build an abstraction layer for who wants to painlessly add GnuPG capabilities to their software. + - [[file:swlist.org][All]] :: Direct access to all descriptions. diff --git a/web/related_software/libraries.org b/web/related_software/libraries.org index 25d7635..dd46884 100644 --- a/web/related_software/libraries.org +++ b/web/related_software/libraries.org @@ -1,6 +1,7 @@ #+TITLE: GnuPG - Libraries #+STARTUP: showall #+SETUPFILE: "../share/setup.inc" +#+OPTIONS: ^:{} * Libraries @@ -9,13 +10,9 @@ If you feel wanting to improve this list, please, fill in a [[#gpgweb][Problem Report]] form. - - [[http://www.lothar.com/tech/crypto/][EGD]] :: Unices without a /dev/random should [[file:~/s/gnupg-web/web/download/index.org::egd][download]] and install - this Entropy Gathering Daemon. - - [[http://github.com/smartrevolution/gnupg-for-java][gnupg-for-java]] :: This is a Java binding for GPGME library. - - [[http://www.gnu.org/software/gnutls/][GNUTLS]] :: A somewhat related project to GnuPG is GNUTLS which is - is a GPLed TLS/SSL implementation. - - [[file:gpgme/index.org][GPGME]] :: GnuPG Made Easy is a library designed to make access to - GnuPG easier for applications. + - [[file:swlist.org::#egd][EGD]] :: Entropy Gathering Daemon + - [[file:swlist.org::#gpgme][GPGME]] :: GnuPG Made Easy + - [[file:swlist.org::#gnupg-for-java][gnupg-for-java]] :: Java binding for GPGME - [[file:libassuan/index.org][libassuan]] :: Libassuan is the IPC library used by some GnuPG related software. - [[http://directory.fsf.org/wiki/Libgcrypt][libgcrypt]] :: Libgcrypt is a general purpose cryptographic @@ -29,3 +26,5 @@ error codes and descriptions. - [[file:libksba/index.org][libksba]] :: Libksba provides an easy API to create and parse X.509 and CMS related objects. + +# eof diff --git a/web/related_software/swlist.org b/web/related_software/swlist.org new file mode 100644 index 0000000..0675e7e --- /dev/null +++ b/web/related_software/swlist.org @@ -0,0 +1,499 @@ +#+TITLE: GnuPG - Software list +#+STARTUP: showall indent +#+SETUPFILE: "../share/setup.inc" +#+OPTIONS: ^:{} + +* Software list + +This is the complete list of software we know to work with GnuPG. The +header line indicates the supported operating systems and the type of +the software: + + - GUI :: A graphical user interface for GnuPG + - MUA :: A Mail User Agent (mail program) or a Plugin for MUA + - CHAT :: A chat client + - INST :: An installer package + - LIB :: Software to help writing programs with GnuPG support. + - SRV :: Software for use on servers. + - MISC :: Other types of software + +** [[http://www.claws-mail.org/][Claws Mail]] [Unix, Windows] MUA + :PROPERTIES: + :CUSTOM_ID: + :END: + +Is a very nice GTK+ based MUA with full support for GnuPG. The Windows +version is part of [[http://www.gpg4win.org/][Gpg4win]]. + +** [[http://code.google.com/p/cryptophane/][Cryptophane]] [Windows] GUI + :PROPERTIES: + :CUSTOM_ID: cryptophane + :END: + +Cryptophane is an easy-to-use application for MS Windows. It allows +users to encrypt, sign, decrypt, and perform key maintenance without +having to deal with GnuPG's command-line interface. + +** [[http://www.lothar.com/tech/crypto/][EGD]] [Unix] MISC + :PROPERTIES: + :CUSTOM_ID: egd + :END: + +Unices without a /dev/random should [[file:~/s/gnupg-web/web/download/index.org::egd][download]] and install +this Entropy Gathering Daemon. + +** [[http://enigform.mozdev.org][enigform]] [Unix,Windows,OSX] MISC + :PROPERTIES: + :CUSTOM_ID: enigform + :END: + +Mozilla Firefox extension for HTTP+OpenPGP support +(see [[#mod-auth-openpgp][mod_auth_openpgp]]). + + +** [[http://www.enigmail.net/][Enigmail]] [Unix, Windows, OSX] MUA + :PROPERTIES: + :CUSTOM_ID: enigmail + :END: + +Is a plug-in for Mozilla's Thunderbird mailer. + +** [[http://www.adobner.de/eudoragpg/][EudoraGPG]] [Windows] MUA + :PROPERTIES: + :CUSTOM_ID: eudoragpg + :END: + +Is a plugin for the proprietary Eudora MUA. + +** [[http://www.ximian.com/products/ximian_evolution][Evolution]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: evolution + :END: + +Is a catch all MUA application for the GNOME desktop. + +** [[http://www.beedub.com/exmh/][exmh]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: exmh + :END: + +Is a Tcl/Tk based MUA. + +** [[http://business-php.com/opensource/ez-pine-gpg/][ez-pine-gpg]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: ez-pine-gpg + :END: + +ez-pine-gpg is a set of scripts that allows beginners and experts to +use gpg with Pine. There are plenty of other applications that allow +gpg to be used with Pine: this one is intended to be the best, since +it merges intuitive use with powerful features. The result is an +application that's not only fast and secure, but also perfect for +novices and power-users alike. + +** [[http://www.freenigma.org/][freenigma]] [Unix] MUA,SRV + :PROPERTIES: + :CUSTOM_ID: freenigma + :END: + +Is a server based solution for centralized and transparent encryption +and signatures. It comes with a web admin interface and may either be +used as a drop in MTA replacement or as an additional MTA. + +** freenigma service [Any] SRV + :PROPERTIES: + :CUSTOM_ID: freenigma-service + :END: + +freenigma service was an OpenPGP web service for easy key +management. It allowed encryption without taking care of keys. A +documented API was available as well as several tools to access the +web service. The service has meanwhile been shutdown. + +** [[http://gabber.sourceforge.net/][Gabber]] [Unix] CHAT + :PROPERTIES: + :CUSTOM_ID: gabber + :END: + +Gabber is a Free and Open Source GNOME client for an instant messaging +system called Jabber (XMPP). Jabber is a Free and Open Source distributed +instant messaging system. It does not rely on a single server, and the +protocol is well documented. Jabber allows communication with many +different instant messaging systems, including ICQ and AIM. + +** [[http://www.gajim.org/][Gajim]] [Unix] CHAT + :PROPERTIES: + :CUSTOM_ID: gajim + :END: + +The goal of Gajim is to provide a full featured and easy to use Jabber +client. Gajim works nicely with GNOME, but does not require it to +run. It is released under the GNU General Public License. + +** [[http://www.gnu.org/software/anubis/][GNU Anubis]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: anubis + :END: + +Is an outgoing mail processor, and an SMTP tunnel between the MUA and +the MTA. It strongly uses the GnuPG via the GPGME interface. With this +GNU tool you can encrypt or sign an outgoing mail on-the-fly. + +** [[http://www.collaboration-world.com/gnumail/][GNUmail.app]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: gnumail + :END: + +Is a GNUStep MUA with support for GnuPG. + +** [[http://www.tech-faq.com/gnupg-shell.shtml][GnuPG Shell]] [Unix] GUI + :PROPERTIES: + :CUSTOM_ID: gnupg-shell + :END: + +GnuPG Shell is a cross-platform graphical frontend for GnuPG. + +** [[http://github.com/smartrevolution/gnupg-for-java][gnupg-for-java]] [Unix,Windows,OSX] LIB + :PROPERTIES: + :CUSTOM_ID: gnupg-for-java + :END: + +This is a Java binding for GPGME library. + +** [[gpa/index.en.html][GPA]] [Unix, Windows] GUI + :PROPERTIES: + :CUSTOM_ID: gpa + :END: + +Aims to be the standard GnuPG graphical frontend. [[gpa/index.en.html][GPA]] is hosted on +this site. The Windows version is part of [[http://www.gpg4win.org/][Gpg4win]]. + +** [[http://business-php.com/opensource/gpg_encrypt/][gpg_encrypt]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: gpg-encrypt + :END: + +gpg_encrypt() is a PHP function that will allow you to easily use +GnuPG to encrypt data to your public PGP key and mail that encrypted +data to yourself, where it can be securely decrypted with your private +key. This is designed primarily for use with web-based forms but can +be used to encrypt any data. + +** [[http://linux.oregpreshaz.hu/script.html][gpg_mail]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: gpg-mail-script + :END: + +This script is able to encode/sign emails in an automatic +fashion. There is also a [[http://linux.choma.hu/gpg-script/][mirror site]] available. + +** [[http://www.gpg4win.org/][Gpg4win]] [Windows] INST + :PROPERTIES: + :CUSTOM_ID: gpg4win + :END: + +Gpg4win is an installer package for Windows with computer programs and +handbooks for email and file encryption. + +** [[http://www.gpgtools.org/gpgmail.html][GPGMail]] [OSX] MUA + :PROPERTIES: + :CUSTOM_ID: gpgmail + :END: + +Is a mail program for MAC OS X. + +** [[file:gpgme/index.org][GPGME]] [Unix,Windows,OSX] LIB + :PROPERTIES: + :CUSTOM_ID: gpgme + :END: + +GnuPG Made Easy is the standard library for applications to access +most GnuPG functions. + +** [[http://wald.intevation.org/projects/gpgoe][GPGOE]] [Windows] MUA + :PROPERTIES: + :CUSTOM_ID: gpgoe + :END: + +Is a plugin for the Outlook Express MUA. + +** [[http://www.g10code.de/p-gpgol.html][GpgOL]] [Windows] MUA + :PROPERTIES: + :CUSTOM_ID: gpgol + :END: + +A plug-in for Microsoft Outlook 2003. It is part of [[http://www.gpg4win.org/][Gpg4win]]. + +** [[http://sites.inka.de/tesla/gpgrelay.html][GPGrelay]] [Windows] MUA + :PROPERTIES: + :CUSTOM_ID: gpgrelay + :END: + +Is a Windows program which can be used to use GnuPG with all MUAs. + +** [[http://gpgtools.org/][GPGTools]] [OSX] INST + :PROPERTIES: + :CUSTOM_ID: gpgtools + :END: + +GPGTools is an installer package for Mac OS X. It integrates all +required modules for easy use of GnuPG on this OS. + +** [[ftp://ftp.gnupg.org/gcrypt/contrib/keylookup-2.1.tar.gz][Keylookup]] [Unix] MISC + :PROPERTIES: + :CUSTOM_ID: keylookup + :END: + +Is a tool to fetch keys from keyservers. + +** [[http://devel-home.kde.org/~kgpg/][KGpg]] [Unix] GUI + :PROPERTIES: + :CUSTOM_ID: kgpg + :END: + +Is a KDE frontend for GnuPG. + +** [[http://kmail.kde.org/][KMail]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: kmail + :END: + +From the KDE desktop, it fully supports GnuPG. + +** [[http://www.snafu.priv.at/kuvert.html][kuvert]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: kuvert + :END: + +This frontend is for GnuPG and old-style pgp2. It works slightly +similar to Raph Levien's premail: it sits between MUA and MTA and +decides based on the keyring contents whether to sign, sign/encrypt or +leave an email as it is. kuvert is unix-only and designed to work for +outbound emails only. It's a daemon tool and requires some form of +passphrase cache. kuvert has been around (under earlier names) since +about 1996. + +** [[http://www.gpgtools.org/macgpg1.html][MacGPG]], [[http://www.gpgtools.org/macgpg2.html][MacGPG2]] [OSX] MISC + :PROPERTIES: + :CUSTOM_ID: macgpg + :END: + +The MacGPG project has information on using GnuPG on OS-X. + +** [[http://www.physto.se/~p99jlu/MagicPGP.html][MagicPGP]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: magicpgp + :END: + +Is yet another set of scripts to use GnuPG with Pine. + +** [[http://www.pobox.com/~lbudney/linux/software/mailcrypt.html][Mailcrypt]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: mailcrypt + :END: + +For Emacs. You may need the latest [[http://www.lothar.com/tech/crypto/][patches]] until there is a new +release of Mailcrypt. + +** [[http://www.mew.org/][Mew]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: mew + :END: + +A MUA with support for GnuPG. + +** [[http://miranda-icq.sourceforge.net/][Miranda ICQ]] [Unix] CHAT + :PROPERTIES: + :CUSTOM_ID: miranda-icq + :END: + +Has support for GnuPG. + +** [[http://freshmeat.net/projects/maopenpgp][mod_auth_openpgp]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: mod-auth-openpgp + :END: + +Apache module for HTTP+OpenPGP support +(see also [[#enigform][Enigform]]). + + +** [[http://www.mutt.org/][Mutt]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: mutt + :END: + +Is an advanced non-graphical MUA with complete MIME and GnuPG/PGP +support. + +** [[http://www.bell-labs.com/projects/nsbd/][NSBD]] [Unix] MISC + :PROPERTIES: + :CUSTOM_ID: nsbd + :END: + +The Not-So-Bad Distribution system. + +** [[https://yourmom.dhs.org/pgp/][OpenPGP Webmail]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: openpgp-webmail + :END: + +Is a web based mailer to send encrypted messages. + +** PGG [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: pgg + :END: + +PGG is a complete PGP signing/encrypting solution provided from +scratch by the Gnus development team. It deserves the same than +[[#fend_mua-Mailcrypt][mailcrypt]] but it has also native MIME support whereas mailcrypt does +not. There is no PGG homepage at the moment, sorry. + +** [[http://www.pgpdump.net/][PGPdump Web interface]] [All] MISC + :PROPERTIES: + :CUSTOM_ID: pgpdump-web + :END: + +Can be used to analyze OpenPGP data formats. + +** [[http://pgpenvelope.sourceforge.net/][pgpenvelope]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: pgpenvelope + :END: + +Is a Pine and procmail filter which allows one to process messages +with GnuPG. + +** [[http://www.nessie.de/mroth/pgpgpg/][pgpgpg]] [Unix] MISC + :PROPERTIES: + :CUSTOM_ID: gpggpg + :END: + +Is a comandline wrapper tool to allow the use of scripts written for +PGP with GnuPG. + +** [[http://www.sanface.com/pgphtml.html][PGPHTML]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: pgphtml + :END: + +Is a perl script to sign HTML pages. + +** [[file:pinentry/index.org][Pinentry]] [Unix,Windows,OSX] MISC + :PROPERTIES: + :CUSTOM_ID: pinentry + :END: + +Secure PinEntry Dialog. This is required by GnuPG-2 and part of all +installers. + +** [[http://py-gnupg.sourceforge.net/][Python GnuPGInterface]] [Unix] GUI + :PROPERTIES: + :CUSTOM_ID: python-gnupginterface + :END: + +Is what the name says. + +** [[http://eepatents.com/privaria/][Privaria]] [Unix] MISC + :PROPERTIES: + :CUSTOM_ID: privaria + :END: + +Is a secure networking suite that uses GnuPG as part of its +authentication and encryption scheme. + +** [[http://psi.affinix.com/][PSI]] [Unix, Windows] CHAT + :PROPERTIES: + :CUSTOM_ID: psi + :END: + +Psi is a free and crossplatform client for connecting to the Jabber +network. It supports multiple accounts, group chat, Unicode, and +strong security (TLS and GnuPG). + +** [[http://www.memecode.com/scribe.php][Scribe]] [Unix, Windows] MUA + :PROPERTIES: + :CUSTOM_ID: scribe + :END: + +Scribe is a small and fast email client that lets you send, receive +and manage email without fuss. Scribe comes with a [[http://www.memecode.com/scribe/gnupg.php][plugin]] that calls +GnuPG. + +** [[http://www.sys3175.co.uk/securemail.php][Securemail]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: securemail + :END: + +Is another webmail client. + +** [[http://seahorse.sf.net/][Seahorse]] [Unix] GUI + :PROPERTIES: + :CUSTOM_ID: seahorse + :END: + +Is a GNOME frontend for GnuPG. + +** [[http://soupermail.sourceforge.net/][Soupermail]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: soupermail + :END: + +Is a versatile HTML form handler. + +** [[http://www.squirrelmail.org/plugin_view.php?id=153][Squirrelmail Plugin]] [Unix] SRV + :PROPERTIES: + :CUSTOM_ID: squirrelmail-plugin + :END: + +A gpg plugin for the popular [[http://www.squirrelmail.org/][Squirrelmail]] web mail server. + +** [[http://sylpheed.sraoss.jp/en/][Sylpheed]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: sylpheed + :END: + +Is a very nice GTK+ based MUA with full support for GnuPG. + +** [[http://tkabber.jabber.ru/][Tkabber]] [Unix] CHAT + :PROPERTIES: + :CUSTOM_ID: tkabber + :END: + +Tkabber is a free client for an instant messaging system called +Jabber (aka XMPP). It is written in Tcl/Tk and supports many features like +support of unicode, ssl support, http proxy, file transfers and +support of multi-user conference protocol. + +** [[http://www.lothlann.freeserve.co.uk/pjb/topal/][Topal]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: topal + :END: + +Is another program to use GnuPG with Pine. + +** [[http://www.media-art-online.org/wija/][wija]] [Unix, Windows, OSX] CHAT + :PROPERTIES: + :CUSTOM_ID: wija + :END: + +wija is a free and cross-platform Jabber/XMPP client written in Java, +with built-in GnuPG key rings management GUI. Its extended protocols +allow users to encrypt chat and multi-user chat as well as +encrypting/signing messages and signing presence of the user. It is +multilingual and runs on GNU/Linux, Mac OS X and Windows. + +** [[http://freshmeat.net/projects/xap/][XAP]] [Unix] GUI + :PROPERTIES: + :CUSTOM_ID: xap + :END: + +Is the X application panel and filemanager. + +** [[http://xfmail.slappy.org/][XFmail]] [Unix] MUA + :PROPERTIES: + :CUSTOM_ID: xfmail + :END: + +Works with GnuPG. diff --git a/web/related_software/tools.org b/web/related_software/tools.org index 5f4b429..b5a73e2 100644 --- a/web/related_software/tools.org +++ b/web/related_software/tools.org @@ -1,6 +1,7 @@ #+TITLE: GnuPG - Tools #+STARTUP: showall #+SETUPFILE: "../share/setup.inc" +#+OPTIONS: ^:{} * Tools @@ -9,12 +10,10 @@ If you feel wanting to improve this list, please, fill in a [[#gpgweb][Problem Report]] form. - - [[http://enigform.mozdev.org][enigform]] :: Mozilla Firefox extension for HTTP+OpenPGP support - (see mod\_auth\_openpgp). - - [[ftp://ftp.gnupg.org/gcrypt/contrib/keylookup-2.1.tar.gz][Keylookup]] :: Is a tool to fetch keys from keyservers. - - [[http://macgpg.sourceforge.net/][MacGPG]] :: Project for Mac-related GnuPG tools. - - [[http://freshmeat.net/projects/maopenpgp][mod\_auth\_openpgp]] :: Apache module for HTTP+OpenPGP support - (see Enigform). - - [[http://www.pgpdump.net/][PGPdump Web interface]] :: Can be used to analyze OpenPGP data + - [[file:swlist.org::#enigform][enigform]] :: Mozilla Firefox extension for HTTP+OpenPGP support. + - [[file:swlist.org::#keylookup][Keylookup]] :: Is a tool to fetch keys from keyservers. + - [[file:swlist.org::#macgpg][MacGPG]] :: Mac-related GnuPG tools + - [[file:swlist.org::#mod-auth-openpgp][mod_auth_openpgp]] :: Apache module for HTTP+OpenPGP support + - [[file:swlist.org::#pgpdump-web][PGPdump Web interface]] :: Can be used to analyze OpenPGP data formats. - - [[file:pinentry/index.org][pinentry]] :: Secure PinEntry Dialog. + - [[file:swlist.org::#pinentry][Pinentry]] :: Secure PinEntry Dialog. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index cee7bd8..9a8a56c 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -99,6 +99,7 @@
  • Frontends
  • Tools
  • Libraries
    • +
  • All
  • Miscellaneous
    • +
  • Blog
  • Privacy Policy
  • Sitemap
    • @@ -124,7 +126,7 @@ >\"CC-BY-SA
    These web pages are - Copyright 1998--2013 The GnuPG Project? + Copyright 1998--2013 The GnuPG Project? and licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See @@ -142,7 +144,7 @@ var u=((\"https:\" == document.location.protocol) ? \"https\" : \"http\") + \"://alberti.gnupg.org/piwik/\"; _paq.push([\"setTrackerUrl\", u+\"piwik.php\"]); - _paq.push([\"setSiteId\", \"6\"]); + _paq.push([\"setSiteId\", \"1\"]); var d=document, g=d.createElement(\"script\"), s=d.getElementsByTagName(\"script\")[0]; @@ -209,7 +211,7 @@ (concat "cd " gpgweb-root-dir " && cd " stagedir "&& rsync -rlt --exclude \"*~\" ./ " "werner at trithemius.gnupg.org:" - "/var/www/www/w3.gnupg.org/htdocs/")))) + "/var/www/www/www.gnupg.org/htdocs/")))) (provide 'gpgweb) ----------------------------------------------------------------------- Summary of changes: README | 10 + web/documentation/faqs.org | 2 + web/index.org | 10 + web/misc/index.org | 1 + web/related_software/frontends.org | 361 +++++------------------- web/related_software/gpgme/index.org | 2 +- web/related_software/index.org | 1 + web/related_software/libraries.org | 13 +- web/related_software/swlist.org | 499 ++++++++++++++++++++++++++++++++++ web/related_software/tools.org | 15 +- web/share/gpgweb.el | 8 +- 11 files changed, 606 insertions(+), 316 deletions(-) create mode 100644 web/related_software/swlist.org hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 17:04:33 2013 From: cvs at cvs.gnupg.org (by Sam Tuke) Date: Wed, 13 Nov 2013 17:04:33 +0100 Subject: [git] gnupg-doc - branch, master, updated. af8bfb470ba3b60ef98c649e84aebe286d089a62 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via af8bfb470ba3b60ef98c649e84aebe286d089a62 (commit) from 2a1e704a8adfb5a39ba6ed1621dba17033751a64 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit af8bfb470ba3b60ef98c649e84aebe286d089a62 Author: Sam Tuke Date: Tue Nov 12 13:52:17 2013 +0100 Fixed typo diff --git a/README b/README index 35b39b1..9787a65 100644 --- a/README +++ b/README @@ -12,7 +12,7 @@ HTML files. etc. - web/share :: Logos, CSS, macros and elisp for building. - misc :: Otehr websites etc. - - build-aux :: Build helpe rscripts + - build-aux :: Build helper rscripts - tools/ :: Tools used to build the web site. - stage/ :: staging directory for the site. ----------------------------------------------------------------------- Summary of changes: README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 13 20:04:52 2013 From: cvs at cvs.gnupg.org (by Sam Tuke) Date: Wed, 13 Nov 2013 20:04:52 +0100 Subject: [git] gnupg-doc - branch, master, updated. 057a6770df9438e4738d194a0fb2ecd6b8e2f102 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 057a6770df9438e4738d194a0fb2ecd6b8e2f102 (commit) from af8bfb470ba3b60ef98c649e84aebe286d089a62 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 057a6770df9438e4738d194a0fb2ecd6b8e2f102 Author: Sam Tuke Date: Wed Nov 13 20:04:42 2013 +0100 Added news entries for blogs diff --git a/web/index.org b/web/index.org index f7a64a7..1915543 100644 --- a/web/index.org +++ b/web/index.org @@ -46,6 +46,12 @@ GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3D point or paste the [[news.en.rss][RSS file]] into your aggregator. +** Blog: Friends tell friends they love GnuPG (2013-11-13) + +Using GnuPG for email encryption takes two to tango. That's why +we're asking users to share their stories using #iloveGPG ... +[[http://blog.gnupg.org/][{more}]] + ** New website infrastructure (2013-11-12) After more than a decade we switched from the legacy WML based website @@ -55,6 +61,10 @@ system uses plain text files and will make it way easier to keep information up to date. Unfortunately the translations are gone for now --- most of them have not been updated for many years anyway. +** Blog: Securing the future of GPG (2013-11-05) + +We have a plan for securing the long term stability of GnuPG development by giving more to our users, and asking more from them in return ... +[[http://blog.gnupg.org/][{more}]] ** Security update for GnuPG (2013-10-05) :important: ----------------------------------------------------------------------- Summary of changes: web/index.org | 10 ++++++++++ 1 file changed, 10 insertions(+) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 14 23:51:21 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 14 Nov 2013 23:51:21 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-381-gc43a8c0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c43a8c0d81a711161f7a81b24ef7c33a1353eee0 (commit) from 7d91e99bcd30a463dd4faed014b8521a663d8316 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c43a8c0d81a711161f7a81b24ef7c33a1353eee0 Author: Werner Koch Date: Thu Nov 14 23:40:41 2013 +0100 md: Fix hashing for data >= 256 GB * cipher/hash-common.h (gcry_md_block_ctx): Add "nblocks_high". * cipher/hash-common.c (_gcry_md_block_write): Bump NBLOCKS_HIGH. * cipher/md4.c (md4_init, md4_final): Take care of NBLOCKS_HIGH. * cipher/md5.c (md5_init, md5_final): Ditto. * cipher/rmd160.c (_gcry_rmd160_init, rmd160_final): Ditto. * cipher/sha1.c (sha1_init, sha1_final): Ditto. * cipher/sha256.c (sha256_init, sha224_init, sha256_final): Ditto. * cipher/sha512.c (sha512_init, sha384_init, sha512_final): Ditto. * cipher/tiger.c (do_init, tiger_final): Ditto. * cipher/whirlpool.c (whirlpool_final): Ditto. * cipher/md.c (gcry_md_algo_info): Add GCRYCTL_SELFTEST. (_gcry_md_selftest): Return "not implemented" as required. * tests/hashtest.c: New. * tests/genhashdata.c: New. * tests/Makefile.am (TESTS): Add hashtest. (noinst_PROGRAMS): Add genhashdata -- Problem found by Denis Corbin and analyzed by Yuriy Kaminskiy. sha512 and whirlpool should not have this problem because they use 64 bit types for counting the blocks. However, a similar fix has been employed to allow for really huge sizes - despite that it will be very hard to test them. The test vectors have been produced by sha{1,224,256}sum and the genhashdata tool. A sequence of 'a' is used for them because a test using one million 'a' is commonly used for test vectors. More test vectors are required. Running the large tests needs to be done manual for now: ./hashtest --gigs 256 tests all algorithms, ./hashtest --gigs 256 sha1 sha224 sha256 only the given ones. A configure option to include these test in the standard regression suite will be useful. The tests will take looong. Signed-off-by: Werner Koch diff --git a/cipher/hash-common.c b/cipher/hash-common.c index e318e7e..ffbc39e 100644 --- a/cipher/hash-common.c +++ b/cipher/hash-common.c @@ -115,7 +115,8 @@ _gcry_md_block_write (void *context, const void *inbuf_arg, size_t inlen) _gcry_burn_stack (stack_burn); stack_burn = 0; hd->count = 0; - hd->nblocks++; + if (!++hd->nblocks) + hd->nblocks_high++; } if (!inbuf) return; @@ -133,7 +134,8 @@ _gcry_md_block_write (void *context, const void *inbuf_arg, size_t inlen) { stack_burn = hd->bwrite (hd, inbuf); hd->count = 0; - hd->nblocks++; + if (!++hd->nblocks) + hd->nblocks_high++; inlen -= hd->blocksize; inbuf += hd->blocksize; } diff --git a/cipher/hash-common.h b/cipher/hash-common.h index ce91da5..aa95365 100644 --- a/cipher/hash-common.h +++ b/cipher/hash-common.h @@ -45,6 +45,7 @@ typedef struct gcry_md_block_ctx { byte buf[MD_BLOCK_MAX_BLOCKSIZE]; MD_NBLOCKS_TYPE nblocks; + MD_NBLOCKS_TYPE nblocks_high; int count; size_t blocksize; _gcry_md_block_write_t bwrite; diff --git a/cipher/md.c b/cipher/md.c index 5c66397..3bfa3bd 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1028,6 +1028,8 @@ md_asn_oid (int algorithm, size_t *asnlen, size_t *mdlen) * GCRYCTL_GET_ASNOID: * Return the ASNOID of the algorithm in buffer. if buffer is NULL, only * the required length is returned. + * GCRYCTL_SELFTEST + * Helper for the regression tests - shall not be used by applications. * * Note: Because this function is in most cases used to return an * integer value, we can make it easier for the caller to just look at @@ -1076,6 +1078,12 @@ gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes) } break; + case GCRYCTL_SELFTEST: + /* Helper function for the regression tests. */ + err = gpg_err_code (_gcry_md_selftest (algo, nbytes? (int)*nbytes : 0, + NULL)); + break; + default: err = GPG_ERR_INV_OP; break; @@ -1227,7 +1235,7 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report) ec = spec->selftest (algo, extended, report); else { - ec = GPG_ERR_DIGEST_ALGO; + ec = spec->selftest? GPG_ERR_DIGEST_ALGO : GPG_ERR_NOT_IMPLEMENTED; if (report) report ("digest", algo, "module", (spec && !spec->flags.disabled)? diff --git a/cipher/md4.c b/cipher/md4.c index ab32b14..b9a1a95 100644 --- a/cipher/md4.c +++ b/cipher/md4.c @@ -79,6 +79,7 @@ md4_init( void *context ) ctx->D = 0x10325476; ctx->bctx.nblocks = 0; + ctx->bctx.nblocks_high = 0; ctx->bctx.count = 0; ctx->bctx.blocksize = 64; ctx->bctx.bwrite = transform; @@ -191,16 +192,21 @@ static void md4_final( void *context ) { MD4_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; byte *p; unsigned int burn; _gcry_md_block_write(hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if( (lsb += hd->bctx.count) < t ) diff --git a/cipher/md5.c b/cipher/md5.c index 1b6ad48..79b6e87 100644 --- a/cipher/md5.c +++ b/cipher/md5.c @@ -63,6 +63,7 @@ md5_init( void *context ) ctx->D = 0x10325476; ctx->bctx.nblocks = 0; + ctx->bctx.nblocks_high = 0; ctx->bctx.count = 0; ctx->bctx.blocksize = 64; ctx->bctx.bwrite = transform; @@ -215,16 +216,21 @@ static void md5_final( void *context) { MD5_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; byte *p; unsigned int burn; _gcry_md_block_write(hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if( (lsb += hd->bctx.count) < t ) diff --git a/cipher/rmd160.c b/cipher/rmd160.c index f7430ea..a6d9a80 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -155,6 +155,7 @@ _gcry_rmd160_init (void *context) hd->h4 = 0xC3D2E1F0; hd->bctx.nblocks = 0; + hd->bctx.nblocks_high = 0; hd->bctx.count = 0; hd->bctx.blocksize = 64; hd->bctx.bwrite = transform; @@ -414,16 +415,21 @@ static void rmd160_final( void *context ) { RMD160_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; byte *p; unsigned int burn; _gcry_md_block_write(hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if( (lsb += hd->bctx.count) < t ) diff --git a/cipher/sha1.c b/cipher/sha1.c index 95591eb..025b3ab 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -74,6 +74,7 @@ sha1_init (void *context) hd->h4 = 0xc3d2e1f0; hd->bctx.nblocks = 0; + hd->bctx.nblocks_high = 0; hd->bctx.count = 0; hd->bctx.blocksize = 64; hd->bctx.bwrite = transform; @@ -227,16 +228,21 @@ static void sha1_final(void *context) { SHA1_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; unsigned char *p; unsigned int burn; _gcry_md_block_write (hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if( (lsb += hd->bctx.count) < t ) diff --git a/cipher/sha256.c b/cipher/sha256.c index d3917e4..bd5a412 100644 --- a/cipher/sha256.c +++ b/cipher/sha256.c @@ -70,6 +70,7 @@ sha256_init (void *context) hd->h7 = 0x5be0cd19; hd->bctx.nblocks = 0; + hd->bctx.nblocks_high = 0; hd->bctx.count = 0; hd->bctx.blocksize = 64; hd->bctx.bwrite = transform; @@ -91,6 +92,7 @@ sha224_init (void *context) hd->h7 = 0xbefa4fa4; hd->bctx.nblocks = 0; + hd->bctx.nblocks_high = 0; hd->bctx.count = 0; hd->bctx.blocksize = 64; hd->bctx.bwrite = transform; @@ -261,16 +263,21 @@ static void sha256_final(void *context) { SHA256_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; byte *p; unsigned int burn; _gcry_md_block_write (hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if ((lsb += hd->bctx.count) < t) diff --git a/cipher/sha512.c b/cipher/sha512.c index 97fb203..14608dc 100644 --- a/cipher/sha512.c +++ b/cipher/sha512.c @@ -97,6 +97,7 @@ sha512_init (void *context) hd->h7 = U64_C(0x5be0cd19137e2179); ctx->bctx.nblocks = 0; + ctx->bctx.nblocks_high = 0; ctx->bctx.count = 0; ctx->bctx.blocksize = 128; ctx->bctx.bwrite = transform; @@ -122,6 +123,7 @@ sha384_init (void *context) hd->h7 = U64_C(0x47b5481dbefa4fa4); ctx->bctx.nblocks = 0; + ctx->bctx.nblocks_high = 0; ctx->bctx.count = 0; ctx->bctx.blocksize = 128; ctx->bctx.bwrite = transform; @@ -515,15 +517,20 @@ sha512_final (void *context) { SHA512_CONTEXT *hd = context; unsigned int stack_burn_depth; - u64 t, msb, lsb; + u64 t, th, msb, lsb; byte *p; _gcry_md_block_write (context, NULL, 0); /* flush */ ; t = hd->bctx.nblocks; + /* if (sizeof t == sizeof hd->bctx.nblocks) */ + th = hd->bctx.nblocks_high; + /* else */ + /* th = hd->bctx.nblocks >> 64; In case we ever use u128 */ + /* multiply by 128 to make a byte count */ lsb = t << 7; - msb = t >> 57; + msb = (th << 7) | (t >> 57); /* add the count */ t = lsb; if ((lsb += hd->bctx.count) < t) diff --git a/cipher/tiger.c b/cipher/tiger.c index a70a3f2..9b8d0ef 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -602,6 +602,7 @@ do_init (void *context, int variant) hd->c = 0xf096a5b4c3b2e187LL; hd->bctx.nblocks = 0; + hd->bctx.nblocks_high = 0; hd->bctx.count = 0; hd->bctx.blocksize = 64; hd->bctx.bwrite = transform; @@ -735,7 +736,7 @@ static void tiger_final( void *context ) { TIGER_CONTEXT *hd = context; - u32 t, msb, lsb; + u32 t, th, msb, lsb; byte *p; unsigned int burn; byte pad = hd->variant == 2? 0x80 : 0x01; @@ -743,9 +744,14 @@ tiger_final( void *context ) _gcry_md_block_write(hd, NULL, 0); /* flush */; t = hd->bctx.nblocks; + if (sizeof t == sizeof hd->bctx.nblocks) + th = hd->bctx.nblocks_high; + else + th = hd->bctx.nblocks >> 32; + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 26; + msb = (th << 6) | (t >> 26); /* add the count */ t = lsb; if( (lsb += hd->bctx.count) < t ) diff --git a/cipher/whirlpool.c b/cipher/whirlpool.c index 168c38f..e562781 100644 --- a/cipher/whirlpool.c +++ b/cipher/whirlpool.c @@ -1296,13 +1296,18 @@ whirlpool_final (void *ctx) { whirlpool_context_t *context = ctx; unsigned int i; - u64 t, lsb, msb; + u64 t, th, lsb, msb; unsigned char *length; t = context->bctx.nblocks; + /* if (sizeof t == sizeof context->bctx.nblocks) */ + th = context->bctx.nblocks_high; + /* else */ + /* th = context->bctx.nblocks >> 64; In case we ever use u128 */ + /* multiply by 64 to make a byte count */ lsb = t << 6; - msb = t >> 58; + msb = (th << 6) | (t >> 58); /* add the count */ t = lsb; if ((lsb += context->bctx.count) < t) diff --git a/tests/Makefile.am b/tests/Makefile.am index c9ba5f4..87283f9 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -20,7 +20,7 @@ TESTS = version mpitests tsexp t-convert \ t-mpi-bit t-mpi-point curves \ - prime basic keygen pubkey hmac t-kdf keygrip \ + prime basic keygen pubkey hmac hashtest t-kdf keygrip \ fips186-dsa aeswrap pkcs1v2 random dsa-rfc6979 t-ed25519 @@ -36,7 +36,7 @@ AM_CFLAGS = $(GPG_ERROR_CFLAGS) LDADD = ../src/libgcrypt.la $(DL_LIBS) ../compat/libcompat.la $(GPG_ERROR_LIBS) EXTRA_PROGRAMS = testapi pkbench -noinst_PROGRAMS = $(TESTS) fipsdrv rsacvt +noinst_PROGRAMS = $(TESTS) fipsdrv rsacvt genhashdata EXTRA_DIST = README rsa-16k.key cavs_tests.sh cavs_driver.pl \ pkcs1v2-oaep.h pkcs1v2-pss.h pkcs1v2-v15c.h pkcs1v2-v15s.h \ diff --git a/tests/genhashdata.c b/tests/genhashdata.c new file mode 100644 index 0000000..8777f9c --- /dev/null +++ b/tests/genhashdata.c @@ -0,0 +1,158 @@ +/* genhashdata.c - Create data for hash tests + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +/* Results: + +$ for i in -64 -1 0 1 64; do ./genhashdata --gigs 256 --bytes $i|sha1sum;done +92fc51850c7b750e6e774b75f294f6979d4059f0 - +4bddeeb4c08683f02d4944d93dbcb02ebab50134 - +71b923afde1c8c040884c723a2e3335b333e64c6 - +2d99f9b5b86e9c9c937104f4242bd6b8bc0927ef - +a60dabe8d749f798b7ec3a684cc3eab487451482 - + +$ for i in -64 -1 0 1 64; do ./genhashdata --gigs 256 --bytes $i|sha224sum;done +b5672b54d2480a5688a2dc727a1ad4db7a81ef31ce8999e0bbaeffdc - +814ea7159473e6ffc1c64b90026a542e13ac6980f7f3ca3c4582a9b8 - +9ec0e1829455db8650ec7a8b06912196f97a7358bc3a73c79911cd4e - +e578d5d523320876565bbbc892511a485427caee6dd754d57e3e58c2 - +ff0464df248cd298b63765bc4f87f21e25c93c657fdf3656d3c878e5 - + +$ for i in -64 -1 0 1 64; do ./genhashdata --gigs 256 --bytes $i|sha256sum;done +87a9828d3de78d55d252341db2a622908c4e0ceaee9961ecf9768700fc799ec8 - +823bf95f64ef04a4a77579c38760b1d401b56bf3a8e664bdf56ca15afb468a03 - +2d0723878cb2c3d5c59dfad910cdb857f4430a6ba2a7d687938d7a20e63dde47 - +5a2e21b1e79cd866acf53a2a18ca76bd4e02c4b01bf4627354171824c812d95f - +34444808af8e9d995e67f9e155ed94bf55f195a51dc1d8a989e6bcf95511c8a2 - + +*/ + +#include +#include +#include +#include +#include + +#define PGM "genhashdata" + +static void +die (const char *format, ...) +{ + va_list arg_ptr ; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + va_start (arg_ptr, format ) ; + vfprintf (stderr, format, arg_ptr ); + va_end(arg_ptr); + if (*format && format[strlen(format)-1] != '\n') + putc ('\n', stderr); + exit (1); +} + +int +main (int argc, char **argv) +{ + int last_argc = -1; + int gigs = 0; + int bytes = 0; + char pattern[1024]; + int i, g; + + if (argc) + { argc--; argv++; } + + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + { + fputs ("usage: " PGM " [options]\n" + "Options:\n" + " --gigs N Emit N GiB of test bytes\n" + " --bytes DIFF Stop DIFF bytes earlier or later\n", + stdout); + exit (0); + } + else if (!strcmp (*argv, "--gigs")) + { + argc--; argv++; + if (argc) + { + gigs = atoi (*argv); + argc--; argv++; + } + } + else if (!strcmp (*argv, "--bytes")) + { + argc--; argv++; + if (argc) + { + bytes = atoi (*argv); + argc--; argv++; + } + } + else if (!strncmp (*argv, "--", 2)) + die ("unknown option '%s'", *argv); + } + + if (gigs < 0 || gigs > 1024*1024) + die ("value for --gigs must be in the range 0 to %d", 1024*1024); + if (bytes < -1024 || bytes > 1024) + die ("value for --bytes must be in the range -1024 to 1024"); + if (sizeof pattern != 1024) + die ("internal error"); + + if (argc > 1) + die ("arguments are not expected"); + + memset (pattern, 'a', sizeof pattern); + + for (g=0; g < gigs; g++) + { + if (g + 1 == gigs && bytes < 0) + { + for (i = 0; i < 1024*1023; i++) + if (fwrite (pattern, sizeof pattern, 1, stdout) != 1) + die ("writing to stdout failed: %s", strerror (errno)); + for (i = 0; i < 1023; i++) + if (fwrite (pattern, sizeof pattern, 1, stdout) != 1) + die ("writing to stdout failed: %s", strerror (errno)); + if (fwrite (pattern, sizeof pattern + bytes, 1, stdout) != 1) + die ("writing to stdout failed: %s", strerror (errno)); + } + else + { + for (i = 0; i < 1024*1024; i++) + if (fwrite (pattern, sizeof pattern, 1, stdout) != 1) + die ("writing to stdout failed: %s", strerror (errno)); + } + } + if (bytes > 0) + if (fwrite (pattern, bytes, 1, stdout) != 1) + die ("writing to stdout failed: %s", strerror (errno)); + if (fflush (stdout)) + die ("writing to stdout failed: %s", strerror (errno)); + + return 0; +} diff --git a/tests/hashtest.c b/tests/hashtest.c new file mode 100644 index 0000000..15310d0 --- /dev/null +++ b/tests/hashtest.c @@ -0,0 +1,472 @@ +/* hashtest.c - Check the hash fucntions + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include +#include +#include + +#include "../src/gcrypt-int.h" + +#include "stopwatch.h" + +#define PGM "hashtest" + +#define my_isascii(c) (!((c) & 0x80)) +#define digitp(p) (*(p) >= '0' && *(p) <= '9') +#define hexdigitp(a) (digitp (a) \ + || (*(a) >= 'A' && *(a) <= 'F') \ + || (*(a) >= 'a' && *(a) <= 'f')) +#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ + *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) +#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) +#define xmalloc(a) gcry_xmalloc ((a)) +#define xcalloc(a,b) gcry_xcalloc ((a),(b)) +#define xstrdup(a) gcry_xstrdup ((a)) +#define xfree(a) gcry_free ((a)) +#define pass() do { ; } while (0) + +static int verbose; +static int debug; +static int error_count; +static int missing_test_vectors; + +static struct { + int algo; + int gigs; + int bytes; + const char *hex; +} testvectors[] = { + { GCRY_MD_SHA1, 256, -64, "92fc51850c7b750e6e774b75f294f6979d4059f0" }, + { GCRY_MD_SHA1, 256, -1, "4bddeeb4c08683f02d4944d93dbcb02ebab50134" }, + { GCRY_MD_SHA1, 256, -0, "71b923afde1c8c040884c723a2e3335b333e64c6" }, + { GCRY_MD_SHA1, 256, 1, "2d99f9b5b86e9c9c937104f4242bd6b8bc0927ef" }, + { GCRY_MD_SHA1, 256, 64, "a60dabe8d749f798b7ec3a684cc3eab487451482" }, + { GCRY_MD_SHA224, 256, -64, + "b5672b54d2480a5688a2dc727a1ad4db7a81ef31ce8999e0bbaeffdc" }, + { GCRY_MD_SHA224, 256, -1, + "814ea7159473e6ffc1c64b90026a542e13ac6980f7f3ca3c4582a9b8" }, + { GCRY_MD_SHA224, 256, 0, + "9ec0e1829455db8650ec7a8b06912196f97a7358bc3a73c79911cd4e" }, + { GCRY_MD_SHA224, 256, 1, + "e578d5d523320876565bbbc892511a485427caee6dd754d57e3e58c2" }, + { GCRY_MD_SHA224, 256, 64, + "ff0464df248cd298b63765bc4f87f21e25c93c657fdf3656d3c878e5" }, + { GCRY_MD_SHA256, 256, -64, + "87a9828d3de78d55d252341db2a622908c4e0ceaee9961ecf9768700fc799ec8" }, + { GCRY_MD_SHA256, 256, -1, + "823bf95f64ef04a4a77579c38760b1d401b56bf3a8e664bdf56ca15afb468a03" }, + { GCRY_MD_SHA256, 256, 0, + "2d0723878cb2c3d5c59dfad910cdb857f4430a6ba2a7d687938d7a20e63dde47" }, + { GCRY_MD_SHA256, 256, 1, + "5a2e21b1e79cd866acf53a2a18ca76bd4e02c4b01bf4627354171824c812d95f" }, + { GCRY_MD_SHA256, 256, 64, + "34444808af8e9d995e67f9e155ed94bf55f195a51dc1d8a989e6bcf95511c8a2" }, + { 0 } +}; + + + + + +static void +die (const char *format, ...) +{ + va_list arg_ptr ; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + va_start( arg_ptr, format ) ; + vfprintf (stderr, format, arg_ptr ); + va_end(arg_ptr); + if (*format && format[strlen(format)-1] != '\n') + putc ('\n', stderr); + exit (1); +} + +static void +fail (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + /* if (wherestr) */ + /* fprintf (stderr, "%s: ", wherestr); */ + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + if (*format && format[strlen(format)-1] != '\n') + putc ('\n', stderr); + error_count++; + if (error_count >= 50) + die ("stopped after 50 errors."); +} + +static void +show (const char *format, ...) +{ + va_list arg_ptr; + + fprintf (stderr, "%s: ", PGM); + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + if (*format && format[strlen(format)-1] != '\n') + putc ('\n', stderr); + va_end (arg_ptr); +} + + +static void +showhex (const void *buffer, size_t buflen, const char *format, ...) +{ + va_list arg_ptr; + const unsigned char *s; + + fprintf (stderr, "%s: ", PGM); + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + + for (s=buffer; buflen; buflen--, s++) + fprintf (stderr, "%02x", *s); + putc ('\n', stderr); +} + + +static void +show_note (const char *format, ...) +{ + va_list arg_ptr; + + if (!verbose && getenv ("srcdir")) + fputs (" ", stderr); /* To align above "PASS: ". */ + else + fprintf (stderr, "%s: ", PGM); + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + if (*format && format[strlen(format)-1] != '\n') + putc ('\n', stderr); + va_end (arg_ptr); +} + +/* Convert STRING consisting of hex characters into its binary + representation and return it as an allocated buffer. The valid + length of the buffer is returned at R_LENGTH. The string is + delimited by end of string. The function returns NULL on + error. */ +static void * +hex2buffer (const char *string, size_t *r_length) +{ + const char *s; + unsigned char *buffer; + size_t length; + + buffer = xmalloc (strlen(string)/2+1); + length = 0; + for (s=string; *s; s +=2 ) + { + if (!hexdigitp (s) || !hexdigitp (s+1)) + return NULL; /* Invalid hex digits. */ + ((unsigned char*)buffer)[length++] = xtoi_2 (s); + } + *r_length = length; + return buffer; +} + + +static void +run_selftest (int algo) +{ + gpg_error_t err; + size_t n; + + n = 1; + err = gcry_md_algo_info (algo, GCRYCTL_SELFTEST, NULL, &n); + if (err && gpg_err_code (err) != GPG_ERR_NOT_IMPLEMENTED) + fail ("extended selftest for %s (%d) failed: %s", + gcry_md_algo_name (algo), algo, gpg_strerror (err)); + else if (err && verbose) + show ("extended selftest for %s (%d) not implemented", + gcry_md_algo_name (algo), algo); + else if (verbose) + show ("extended selftest for %s (%d) passed", + gcry_md_algo_name (algo), algo); +} + +/* Compare DIGEST of length DIGESTLEN generated using ALGO and GIGS + plus BYTES with the test vector and print an error message if the + don't match. Return 0 on match. */ +static int +cmp_digest (const unsigned char *digest, size_t digestlen, + int algo, int gigs, int bytes) +{ + int idx; + unsigned char *tv_digest; + size_t tv_digestlen = 0; + + for (idx=0; testvectors[idx].algo; idx++) + { + if (testvectors[idx].algo == algo + && testvectors[idx].gigs == gigs + && testvectors[idx].bytes == bytes) + break; + } + if (!testvectors[idx].algo) + { + show ("%d GiB %+3d %-10s warning: %s", + gigs, bytes, gcry_md_algo_name (algo), "no test vector"); + missing_test_vectors++; + return 1; + } + + tv_digest = hex2buffer (testvectors[idx].hex, &tv_digestlen); + if (tv_digestlen != digestlen) /* Ooops. */ + { + fail ("%d GiB %+3d %-10s error: %s", + gigs, bytes, gcry_md_algo_name (algo), "digest length mismatch"); + xfree (tv_digest); + return 1; + } + if (memcmp (tv_digest, digest, tv_digestlen)) + { + fail ("%d GiB %+3d %-10s error: %s", + gigs, bytes, gcry_md_algo_name (algo), "mismatch"); + xfree (tv_digest); + return 1; + } + xfree (tv_digest); + + return 0; +} + + +static void +run_longtest (int algo, int gigs) +{ + gpg_error_t err; + gcry_md_hd_t hd; + gcry_md_hd_t hd_pre = NULL; + gcry_md_hd_t hd_pre2 = NULL; + gcry_md_hd_t hd_post = NULL; + gcry_md_hd_t hd_post2 = NULL; + char pattern[1024]; + int i, g; + const unsigned char *digest; + unsigned int digestlen; + + memset (pattern, 'a', sizeof pattern); + + err = gcry_md_open (&hd, algo, 0); + if (err) + { + fail ("gcry_md_open failed for %s (%d): %s", + gcry_md_algo_name (algo), algo, gpg_strerror (err)); + return; + } + + digestlen = gcry_md_get_algo_dlen (algo); + + + for (g=0; g < gigs; g++) + { + if (g == gigs - 1) + { + for (i = 0; i < 1024*1023; i++) + gcry_md_write (hd, pattern, sizeof pattern); + for (i = 0; i < 1023; i++) + gcry_md_write (hd, pattern, sizeof pattern); + err = gcry_md_copy (&hd_pre, hd); + if (!err) + err = gcry_md_copy (&hd_pre2, hd); + if (err) + die ("gcry_md_copy failed for %s (%d): %s", + gcry_md_algo_name (algo), algo, gpg_strerror (err)); + gcry_md_write (hd, pattern, sizeof pattern); + } + else + { + for (i = 0; i < 1024*1024; i++) + gcry_md_write (hd, pattern, sizeof pattern); + } + if (g && !(g % 16)) + show_note ("%d GiB so far hashed with %s", g, gcry_md_algo_name (algo)); + } + if (g >= 16) + show_note ("%d GiB hashed with %s", g, gcry_md_algo_name (algo)); + + err = gcry_md_copy (&hd_post, hd); + if (err) + die ("gcry_md_copy failed for %s (%d): %s", + gcry_md_algo_name (algo), algo, gpg_strerror (err)); + err = gcry_md_copy (&hd_post2, hd); + if (err) + die ("gcry_md_copy failed for %s (%d): %s", + gcry_md_algo_name (algo), algo, gpg_strerror (err)); + + gcry_md_write (hd_pre2, pattern, sizeof pattern - 64); + gcry_md_write (hd_pre, pattern, sizeof pattern - 1); + gcry_md_write (hd_post, pattern, 1); + gcry_md_write (hd_post2, pattern, 64); + + digest = gcry_md_read (hd_pre2, algo); + if (cmp_digest (digest, digestlen, algo, gigs, -64) || verbose) + showhex (digest, digestlen, "%d GiB %+3d %-10s ", + gigs, -64, gcry_md_algo_name (algo)); + digest = gcry_md_read (hd_pre, algo); + if (cmp_digest (digest, digestlen, algo, gigs, -1) || verbose) + showhex (digest, digestlen, "%d GiB %+3d %-10s ", + gigs, -1, gcry_md_algo_name (algo)); + digest = gcry_md_read (hd, algo); + if (cmp_digest (digest, digestlen, algo, gigs, 0) || verbose) + showhex (digest, digestlen, "%d GiB %+3d %-10s ", + gigs, 0, gcry_md_algo_name (algo)); + digest = gcry_md_read (hd_post, algo); + if (cmp_digest (digest, digestlen, algo, gigs, 1) || verbose) + showhex (digest, digestlen, "%d GiB %+3d %-10s ", + gigs, 1, gcry_md_algo_name (algo)); + digest = gcry_md_read (hd_post2, algo); + if (cmp_digest (digest, digestlen, algo, gigs, 64) || verbose) + showhex (digest, digestlen, "%d GiB %+3d %-10s ", + gigs, 64, gcry_md_algo_name (algo)); + + gcry_md_close (hd); + gcry_md_close (hd_pre); + gcry_md_close (hd_pre2); + gcry_md_close (hd_post); + gcry_md_close (hd_post2); +} + + +int +main (int argc, char **argv) +{ + int last_argc = -1; + int gigs = 0; + int algo = 0; + int idx; + + if (argc) + { argc--; argv++; } + + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + { + fputs ("usage: " PGM " [options] [algos]\n" + "Options:\n" + " --verbose print timings etc.\n" + " --debug flyswatter\n" + " --gigs N Run a test on N GiB\n", + stdout); + exit (0); + } + else if (!strcmp (*argv, "--verbose")) + { + verbose++; + argc--; argv++; + } + else if (!strcmp (*argv, "--debug")) + { + verbose += 2; + debug++; + argc--; argv++; + } + else if (!strcmp (*argv, "--gigs")) + { + argc--; argv++; + if (argc) + { + gigs = atoi (*argv); + argc--; argv++; + } + } + else if (!strncmp (*argv, "--", 2)) + die ("unknown option '%s'", *argv); + } + + if (gigs < 0 || gigs > 1024*1024) + die ("value for --gigs must be in the range 0 to %d", 1024*1024); + + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + if (!gcry_check_version (GCRYPT_VERSION)) + die ("version mismatch\n"); + if (debug) + gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + + /* A quick check that all given algorithms are valid. */ + for (idx=0; idx < argc; idx++) + { + algo = gcry_md_map_name (argv[idx]); + if (!algo) + fail ("invalid algorithm '%s'", argv[idx]); + } + if (error_count) + exit (1); + + /* Start checking. */ + start_timer (); + if (!argc) + { + for (algo=1; algo < 400; algo++) + if (!gcry_md_test_algo (algo)) + { + if (!gigs) + run_selftest (algo); + else + run_longtest (algo, gigs); + } + } + else + { + for (idx=0; idx < argc; idx++) + { + algo = gcry_md_map_name (argv[idx]); + if (!algo) + die ("invalid algorithm '%s'", argv[idx]); + + if (!gigs) + run_selftest (algo); + else + run_longtest (algo, gigs); + } + } + stop_timer (); + + if (missing_test_vectors) + fail ("Some test vectors are missing"); + + if (verbose) + show ("All tests completed in %s. Errors: %d\n", + elapsed_time (), error_count); + return !!error_count; +} ----------------------------------------------------------------------- Summary of changes: cipher/hash-common.c | 6 +- cipher/hash-common.h | 1 + cipher/md.c | 10 +- cipher/md4.c | 10 +- cipher/md5.c | 10 +- cipher/rmd160.c | 10 +- cipher/sha1.c | 10 +- cipher/sha256.c | 11 +- cipher/sha512.c | 11 +- cipher/tiger.c | 10 +- cipher/whirlpool.c | 9 +- tests/Makefile.am | 4 +- tests/genhashdata.c | 158 +++++++++++++++++ tests/hashtest.c | 472 ++++++++++++++++++++++++++++++++++++++++++++++++++ 14 files changed, 711 insertions(+), 21 deletions(-) create mode 100644 tests/genhashdata.c create mode 100644 tests/hashtest.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 15 09:14:39 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 15 Nov 2013 09:14:39 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-11-g571bcd4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 571bcd4662a351cfa55bbf1a79ed1bc26da5780f (commit) from f72d9a5cf69c3e719979547a5f7a37efe49bd642 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 571bcd4662a351cfa55bbf1a79ed1bc26da5780f Author: Werner Koch Date: Fri Nov 15 09:08:58 2013 +0100 common: Fix build problem with Sun Studio compiler. * common/estream.c (ESTREAM_MUTEX_UNLOCK): Use int dummy dummy functions. (ESTREAM_MUTEX_INITIALIZE): Ditto. -- GnuPG-bug-id: 1566 Signed-off-by: Werner Koch diff --git a/common/estream.c b/common/estream.c index 35b2af0..86d8e21 100644 --- a/common/estream.c +++ b/common/estream.c @@ -181,13 +181,13 @@ static int estream_pth_killed; (estream_pth_killed ? dummy_mutex_call_void ((mutex)) \ : (void)pth_mutex_acquire (&(mutex), 0, NULL)) # define ESTREAM_MUTEX_UNLOCK(mutex) \ - (estream_pth_killed ? dummy_mutex_call_void ((mutex)) \ + (estream_pth_killed ? dummy_mutex_call_int ((mutex)) \ : pth_mutex_release (&(mutex))) # define ESTREAM_MUTEX_TRYLOCK(mutex) \ (estream_pth_killed ? dummy_mutex_call_int ((mutex)) \ : ((pth_mutex_acquire (&(mutex), 1, NULL) == TRUE)? 0:-1)) # define ESTREAM_MUTEX_INITIALIZE(mutex) \ - (estream_pth_killed ? dummy_mutex_call_void ((mutex)) \ + (estream_pth_killed ? dummy_mutex_call_int ((mutex)) \ : pth_mutex_init (&(mutex))) #else /*!HAVE_PTH*/ ----------------------------------------------------------------------- Summary of changes: common/estream.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 15 15:56:11 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 15 Nov 2013 15:56:11 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-265-g5499942 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 5499942571a88a1223a7318992605c6d29858866 (commit) via a0102a548d0e2ed2fce74ba4a21adf26bc352641 (commit) via 402aa0f94854bb00475c934be5ca6043a4632126 (commit) via 9ae48b173c93f4747a9826beb1fbd023c4362c22 (commit) via b27161cd0c76ae6e2381f60c3a502cde3a2aaa21 (commit) from abd922e79b2ff63a5a763a30d4a06a91f93d0b12 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5499942571a88a1223a7318992605c6d29858866 Author: Werner Koch Date: Fri Nov 15 15:54:31 2013 +0100 kbx: Implement update operation for OpenPGP keyblocks. * kbx/keybox-update.c (keybox_update_keyblock): Implement. * kbx/keybox-search.c (get_blob_flags): Move to ... * kbx/keybox-defs.h (blob_get_type): here. * kbx/keybox-file.c (_keybox_read_blob2): Fix calling without R_BLOB. * g10/keydb.c (build_keyblock_image): Allow calling without R_SIGSTATUS. (keydb_update_keyblock): Implement for keybox. * kbx/keybox-dump.c (_keybox_dump_blob): Fix printing of the unhashed size. Print "does not expire" also on 64 bit platforms. Signed-off-by: Werner Koch diff --git a/g10/keydb.c b/g10/keydb.c index 79ab5af..9085012 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -1,6 +1,7 @@ /* keydb.c - key database dispatcher * Copyright (C) 2001, 2002, 2003, 2004, 2005, * 2008, 2009, 2011, 2013 Free Software Foundation, Inc. + * Coyrright (C) 2013 Werner Koch * * This file is part of GnuPG. * @@ -896,18 +897,24 @@ build_keyblock_image (kbnode_t keyblock, iobuf_t *r_iobuf, u32 **r_sigstatus) u32 *sigstatus; *r_iobuf = NULL; - *r_sigstatus = NULL; + if (r_sigstatus) + *r_sigstatus = NULL; /* Allocate a vector for the signature cache. This is an array of u32 values with the first value giving the number of elements to follow and each element descriping the cache status of the signature. */ - for (kbctx = NULL, n_sigs = 0; (node = walk_kbnode (keyblock, &kbctx, 0));) - if (node->pkt->pkttype == PKT_SIGNATURE) - n_sigs++; - sigstatus = xtrycalloc (1+n_sigs, sizeof *sigstatus); - if (!sigstatus) - return gpg_error_from_syserror (); + if (r_sigstatus) + { + for (kbctx=NULL, n_sigs=0; (node = walk_kbnode (keyblock, &kbctx, 0));) + if (node->pkt->pkttype == PKT_SIGNATURE) + n_sigs++; + sigstatus = xtrycalloc (1+n_sigs, sizeof *sigstatus); + if (!sigstatus) + return gpg_error_from_syserror (); + } + else + sigstatus = NULL; iobuf = iobuf_temp (); for (kbctx = NULL, n_sigs = 0; (node = walk_kbnode (keyblock, &kbctx, 0));) @@ -940,8 +947,8 @@ build_keyblock_image (kbnode_t keyblock, iobuf_t *r_iobuf, u32 **r_sigstatus) PKT_signature *sig = node->pkt->pkt.signature; n_sigs++; - /* Fixme: Detect tye "missing key" status. */ - if (sig->flags.checked) + /* Fixme: Detect the "missing key" status. */ + if (sig->flags.checked && sigstatus) { if (sig->flags.valid) { @@ -957,10 +964,12 @@ build_keyblock_image (kbnode_t keyblock, iobuf_t *r_iobuf, u32 **r_sigstatus) } } } - sigstatus[0] = n_sigs; + if (sigstatus) + sigstatus[0] = n_sigs; *r_iobuf = iobuf; - *r_sigstatus = sigstatus; + if (r_sigstatus) + *r_sigstatus = sigstatus; return 0; } @@ -971,7 +980,7 @@ build_keyblock_image (kbnode_t keyblock, iobuf_t *r_iobuf, u32 **r_sigstatus) gpg_error_t keydb_update_keyblock (KEYDB_HANDLE hd, kbnode_t kb) { - gpg_error_t rc; + gpg_error_t err; if (!hd) return gpg_error (GPG_ERR_INV_ARG); @@ -984,28 +993,36 @@ keydb_update_keyblock (KEYDB_HANDLE hd, kbnode_t kb) if (opt.dry_run) return 0; - rc = lock_all (hd); - if (rc) - return rc; + err = lock_all (hd); + if (err) + return err; switch (hd->active[hd->found].type) { case KEYDB_RESOURCE_TYPE_NONE: - rc = gpg_error (GPG_ERR_GENERAL); /* oops */ + err = gpg_error (GPG_ERR_GENERAL); /* oops */ break; case KEYDB_RESOURCE_TYPE_KEYRING: - rc = keyring_update_keyblock (hd->active[hd->found].u.kr, kb); + err = keyring_update_keyblock (hd->active[hd->found].u.kr, kb); + break; + case KEYDB_RESOURCE_TYPE_KEYBOX: + { + iobuf_t iobuf; + + err = build_keyblock_image (kb, &iobuf, NULL); + if (!err) + { + err = keybox_update_keyblock (hd->active[hd->found].u.kb, + iobuf_get_temp_buffer (iobuf), + iobuf_get_temp_length (iobuf)); + iobuf_close (iobuf); + } + } break; - /* case KEYDB_RESOURCE_TYPE_KEYRING: */ - /* rc = build_keyblock (kb, &image, &imagelen); */ - /* if (!rc) */ - /* rc = keybox_update_keyblock (hd->active[hd->found].u.kb, */ - /* image, imagelen); */ - /* break; */ } unlock_all (hd); - return rc; + return err; } @@ -1197,6 +1214,9 @@ keydb_rebuild_caches (int noisy) log_error (_("failed to rebuild keyring cache: %s\n"), g10_errstr (rc)); break; + case KEYDB_RESOURCE_TYPE_KEYBOX: + /* N/A. */ + break; } } } diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c index 6493527..a38f991 100644 --- a/kbx/keybox-blob.c +++ b/kbx/keybox-blob.c @@ -120,8 +120,9 @@ - bN Arbitrary space for example used to store data which is not part of the keyblock or certificate. For example the v3 key IDs go here. - - bN Space for the keyblock or certifciate. - - bN RFU + - bN Space for the keyblock or certificate. + - bN RFU. This is the remaining space after keyblock and before + the checksum. Is is not covered by the checksum. - b20 SHA-1 checksum (useful for KS syncronisation?) Note, that KBX versions before GnuPG 2.1 used an MD5 checksum. However it was only created but never checked. diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h index ad8e49d..f79c093 100644 --- a/kbx/keybox-defs.h +++ b/kbx/keybox-defs.h @@ -1,4 +1,4 @@ -/* keybox-defs.h - interal Keybox defintions +/* keybox-defs.h - internal Keybox definitions * Copyright (C) 2001, 2004 Free Software Foundation, Inc. * * This file is part of GnuPG. @@ -193,6 +193,20 @@ gpg_err_code_t _keybox_get_flag_location (const unsigned char *buffer, int what, size_t *flag_off, size_t *flag_size); +static inline int +blob_get_type (KEYBOXBLOB blob) +{ + const unsigned char *buffer; + size_t length; + + buffer = _keybox_get_blob_image (blob, &length); + if (length < 32) + return -1; /* blob too short */ + + return buffer[4]; +} + + /*-- keybox-dump.c --*/ int _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp); int _keybox_dump_file (const char *filename, int stats_only, FILE *outfp); diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c index 1af6a9c..af9052d 100644 --- a/kbx/keybox-dump.c +++ b/kbx/keybox-dump.c @@ -245,7 +245,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) || rawdata_len + 4 > length || rawdata_off+rawdata_len + 4 > length) fprintf (fp, "[Error: raw data larger than blob]\n"); - unhashed = get32 (buffer + rawdata_off + rawdata_len); + unhashed = length - rawdata_off - rawdata_len; fprintf (fp, "Unhashed: %lu\n", unhashed); nkeys = get16 (buffer + 16); @@ -378,7 +378,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) fputs ("[bad signature]", fp); else if (sflags < 0x10000000) fprintf (fp, "[bad flag %0lx]", sflags); - else if (sflags == 0xffffffff) + else if (sflags == (ulong)(-1)) fputs ("[good - does not expire]", fp ); else fprintf (fp, "[good - expires at %lu]", sflags); diff --git a/kbx/keybox-file.c b/kbx/keybox-file.c index 027bcf8..f720993 100644 --- a/kbx/keybox-file.c +++ b/kbx/keybox-file.c @@ -43,7 +43,7 @@ ftello (FILE *stream) /* Read a block at the current postion and return it in r_blob. - r_blob may be NULL to simply skip the current block */ + r_blob may be NULL to simply skip the current block. */ int _keybox_read_blob2 (KEYBOXBLOB *r_blob, FILE *fp, int *skipped_deleted) { @@ -55,7 +55,8 @@ _keybox_read_blob2 (KEYBOXBLOB *r_blob, FILE *fp, int *skipped_deleted) *skipped_deleted = 0; again: - *r_blob = NULL; + if (r_blob) + *r_blob = NULL; off = ftello (fp); if (off == (off_t)-1) return gpg_error_from_syserror (); diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c index 5e6432f..7980794 100644 --- a/kbx/keybox-search.c +++ b/kbx/keybox-search.c @@ -65,19 +65,6 @@ get16 (const byte *buffer) -static inline int -blob_get_type (KEYBOXBLOB blob) -{ - const unsigned char *buffer; - size_t length; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 32) - return -1; /* blob too short */ - - return buffer[4]; -} - static inline unsigned int blob_get_blob_flags (KEYBOXBLOB blob) { diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c index 1fdf435..6ade9e7 100644 --- a/kbx/keybox-update.c +++ b/kbx/keybox-update.c @@ -425,10 +425,47 @@ keybox_insert_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen, gpg_error_t keybox_update_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen) { - (void)hd; - (void)image; - (void)imagelen; - return gpg_error (GPG_ERR_NOT_IMPLEMENTED); + gpg_error_t err; + const char *fname; + off_t off; + KEYBOXBLOB blob; + size_t nparsed; + struct _keybox_openpgp_info info; + + if (!hd || !image || !imagelen) + return gpg_error (GPG_ERR_INV_VALUE); + if (!hd->found.blob) + return gpg_error (GPG_ERR_NOTHING_FOUND); + if (blob_get_type (hd->found.blob) != BLOBTYPE_PGP) + return gpg_error (GPG_ERR_WRONG_BLOB_TYPE); + fname = hd->kb->fname; + if (!fname) + return gpg_error (GPG_ERR_INV_HANDLE); + + off = _keybox_get_blob_fileoffset (hd->found.blob); + if (off == (off_t)-1) + return gpg_error (GPG_ERR_GENERAL); + + /* Close this the file so that we do no mess up the position for a + next search. */ + _keybox_close_file (hd); + + /* Build a new blob. */ + err = _keybox_parse_openpgp (image, imagelen, &nparsed, &info); + if (err) + return err; + assert (nparsed <= imagelen); + err = _keybox_create_openpgp_blob (&blob, &info, image, imagelen, + NULL, hd->ephemeral); + _keybox_destroy_openpgp_info (&info); + + /* Update the keyblock. */ + if (!err) + { + err = blob_filecopy (FILECOPY_UPDATE, fname, blob, hd->secret, off); + _keybox_release_blob (blob); + } + return err; } commit a0102a548d0e2ed2fce74ba4a21adf26bc352641 Author: Werner Koch Date: Fri Nov 15 09:23:40 2013 +0100 Fix minor compiler warnings. -- diff --git a/g10/build-packet.c b/g10/build-packet.c index 6681b34..b4514ae 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -331,7 +331,7 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk) for (i=0; i < npkey; i++ ) { if ((pk->pubkey_algo == PUBKEY_ALGO_ECDSA && (i == 0)) - || (pk->pubkey_algo == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2)) + || ((pk->pubkey_algo == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2))) err = gpg_mpi_write_nohdr (a, pk->pkey[i]); else err = gpg_mpi_write (a, pk->pkey[i]); diff --git a/g10/kbnode.c b/g10/kbnode.c index d490740..ad66f8a 100644 --- a/g10/kbnode.c +++ b/g10/kbnode.c @@ -26,6 +26,7 @@ #include "gpg.h" #include "util.h" +#include "../common/init.h" #include "packet.h" #include "keydb.h" diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 3b2698f..f4390c3 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1991,7 +1991,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, for (i = 0; i < npkey; i++) { if ((algorithm == PUBKEY_ALGO_ECDSA && (i == 0)) - || (algorithm == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2)) + || ((algorithm == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2))) { size_t n; err = read_size_body (inp, pktlen, &n, pk->pkey+i); diff --git a/tests/openpgp/ecc.test b/tests/openpgp/ecc.test index 6e3ae81..01e1e06 100755 --- a/tests/openpgp/ecc.test +++ b/tests/openpgp/ecc.test @@ -20,7 +20,7 @@ mainkeyids='BAA59D9C 45AF2FFE' -if have_pubkey_algo "ECDH"; then +if have_pubkey_algo "ECC"; then : else info "No ECC support due to an old Libgcrypt" diff --git a/tests/openpgp/import.test b/tests/openpgp/import.test index f9fe990..eb6860e 100755 --- a/tests/openpgp/import.test +++ b/tests/openpgp/import.test @@ -31,11 +31,3 @@ if $GPG --list-keys --with-colons $keyid \ else error "$goodkey: import failed (bug 1223)" fi - - - - - - - - commit 402aa0f94854bb00475c934be5ca6043a4632126 Author: Werner Koch Date: Fri Nov 15 08:59:45 2013 +0100 gpg: Rework ECC support and add experimental support for Ed25519. * agent/findkey.c (key_parms_from_sexp): Add algo name "ecc". (agent_is_dsa_key): Ditto. (agent_is_eddsa_key): New. Not finished, though. * agent/pksign.c (do_encode_eddsa): New. (agent_pksign_do): Use gcry_log_debug functions. * agent/protect.c (agent_protect): Parse a flags parameter. * g10/keygen.c (gpg_curve_to_oid): Move to ... * common/openpgp-oid.c (openpgp_curve_to_oid): here and rename. (oid_ed25519): New. (openpgp_oid_is_ed25519): New. (openpgp_oid_to_curve): New. * common/t-openpgp-oid.c (test_openpgp_oid_is_ed25519): New. * g10/build-packet.c (gpg_mpi_write): Write the length header also for opaque MPIs. (gpg_mpi_write_nohdr): New. (do_key): Use gpg_mpi_write_nohdr depending on algorithm. (do_pubkey_enc): Ditto. * g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Use gpg_mpi_write_nohdr. * g10/export.c (transfer_format_to_openpgp): * g10/keygen.c (ecckey_from_sexp): Return the error. (gen_ecc): Repalce arg NBITS by CURVE. (read_parameter_file): Add keywords "Key-Curve" and "Subkey-Curve". (ask_curve): New. (generate_keypair, generate_subkeypair): Use ask_curve. (do_generate_keypair): Also pass curve name. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Print curve name. * g10/parse-packet.c (mpi_read): Remove workaround for Libcgrypt < 1.5. (parse_key): Fix ECC case. Print the curve name. * g10/pkglue.c (mpi_from_sexp): Rename to get_mpi_from_sexp. (pk_verify, pk_check_secret_key): Add special case for Ed25519. * g10/seskey.c (encode_md_value): Ditto. * g10/sign.c (do_sign, hash_for, sign_file): Ditto. -- Be warned that this code is subject to further changes and that the format will very likely change before a release. There are also known bugs and missing code. Signed-off-by: Werner Koch diff --git a/agent/agent.h b/agent/agent.h index ae4e468..d409300 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -324,6 +324,7 @@ gpg_error_t agent_public_key_from_file (ctrl_t ctrl, const unsigned char *grip, gcry_sexp_t *result); int agent_is_dsa_key (gcry_sexp_t s_key); +int agent_is_eddsa_key (gcry_sexp_t s_key); int agent_key_available (const unsigned char *grip); gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip, int *r_keytype, diff --git a/agent/findkey.c b/agent/findkey.c index d11f088..aa2c6a2 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -729,6 +729,11 @@ key_parms_from_sexp (gcry_sexp_t s_key, gcry_sexp_t *r_list, algoname = "dsa"; elems = "pqgy"; } + else if (n==3 && !memcmp (name, "ecc", 3)) + { + algoname = "ecc"; + elems = "pabgnq"; + } else if (n==5 && !memcmp (name, "ecdsa", 5)) { algoname = "ecdsa"; @@ -788,6 +793,8 @@ agent_is_dsa_key (gcry_sexp_t s_key) if (!strcmp (algoname, "dsa")) return GCRY_PK_DSA; + else if (!strcmp (algoname, "ecc")) + return GCRY_PK_ECDSA; /* FIXME: Check for the EdDSA flag. */ else if (!strcmp (algoname, "ecdsa")) return GCRY_PK_ECDSA; else @@ -795,6 +802,28 @@ agent_is_dsa_key (gcry_sexp_t s_key) } +/* Return true if S_KEY is an EdDSA key as used with curve Ed25519. */ +int +agent_is_eddsa_key (gcry_sexp_t s_key) +{ + char algoname[6]; + + if (!s_key) + return 0; + + if (key_parms_from_sexp (s_key, NULL, algoname, sizeof algoname, NULL, 0)) + return 0; /* Error - assume it is not an DSA key. */ + + if (!strcmp (algoname, "dsa")) + return GCRY_PK_DSA; + else if (!strcmp (algoname, "ecc")) + return GCRY_PK_ECDSA; /* FIXME: Check for the EdDSA flag. */ + else if (!strcmp (algoname, "ecdsa")) + return GCRY_PK_ECDSA; + else + return 0; +} + /* Return the key for the keygrip GRIP. The result is stored at RESULT. This function extracts the key from the private key diff --git a/agent/pksign.c b/agent/pksign.c index 9c7341a..b2ee28f 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -131,6 +131,24 @@ rfc6979_hash_algo_string (size_t mdlen) } +/* Encode a message digest for use with the EdDSA algorithm + (i.e. curve Ed25519). */ +static gpg_error_t +do_encode_eddsa (const byte *md, size_t mdlen, gcry_sexp_t *r_hash) +{ + gpg_error_t err; + gcry_sexp_t hash; + + *r_hash = NULL; + err = gcry_sexp_build (&hash, NULL, + "(data(flags eddsa)(hash-algo sha512)(value %b))", + (int)mdlen, md); + if (!err) + *r_hash = hash; + return err; +} + + /* Encode a message digest for use with an DSA algorithm. */ static gpg_error_t do_encode_dsa (const byte *md, size_t mdlen, int dsaalgo, gcry_sexp_t pkey, @@ -400,7 +418,11 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, int dsaalgo; /* Put the hash into a sexp */ - if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1) + if (agent_is_eddsa_key (s_skey)) + rc = do_encode_eddsa (ctrl->digest.value, + ctrl->digest.valuelen, + &s_hash); + else if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1) rc = do_encode_raw_pkcs1 (ctrl->digest.value, ctrl->digest.valuelen, gcry_pk_get_nbits (s_skey), @@ -421,10 +443,8 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, if (DBG_CRYPTO) { - log_debug ("skey:\n"); - gcry_sexp_dump (s_skey); - log_debug ("hash:\n"); - gcry_sexp_dump (s_hash); + gcry_log_debugsxp ("skey", s_skey); + gcry_log_debugsxp ("hash", s_hash); } /* sign */ @@ -437,10 +457,7 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, } if (DBG_CRYPTO) - { - log_debug ("result:\n"); - gcry_sexp_dump (s_sig); - } + gcry_log_debugsxp ("rslt", s_sig); } leave: diff --git a/agent/protect.c b/agent/protect.c index b29f494..749867c 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -467,6 +467,7 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, int depth = 0; unsigned char *p; gcry_md_hd_t md; + int have_curve = 0; /* Create an S-expression with the protected-at timestamp. */ memcpy (timestamp_exp, "(12:protected-at15:", 19); @@ -499,6 +500,11 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, if (!protect_info[infidx].algo) return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); + /* The parser below is a complete mess: To make it robust for ECC + use we should reorder the s-expression to include only what we + really need and thus guarantee the right order for saving stuff. + This should be done before calling this function and maybe with + the help of the new gcry_sexp_extract_param. */ parmlist = protect_info[infidx].parmlist; prot_from_idx = protect_info[infidx].prot_from; prot_to_idx = protect_info[infidx].prot_to; @@ -522,10 +528,19 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, /* This is a private ECC key but the first parameter is the name of the curve. We change the parameter list here to the one we expect in this case. */ + have_curve = 1; parmlist = "?qd"; prot_from_idx = 2; prot_to_idx = 2; } + else if (n == 5 && !memcmp (s, "flags", 5) + && i == 1 && have_curve) + { + /* "curve" followed by "flags": Change again. */ + parmlist = "??qd"; + prot_from_idx = 3; + prot_to_idx = 3; + } else return gpg_error (GPG_ERR_INV_SEXP); } diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c index 19fadd3..a1ceba4 100644 --- a/common/openpgp-oid.c +++ b/common/openpgp-oid.c @@ -1,5 +1,6 @@ /* openpgp-oids.c - OID helper for OpenPGP * Copyright (C) 2011 Free Software Foundation, Inc. + * Copyright (C) 2013 Werner Koch * * This file is part of GnuPG. * @@ -36,6 +37,11 @@ #include "util.h" +/* The OID for Curve Ed25519 in OpenPGP format. */ +static const char oid_ed25519[] = + { 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01 }; + + /* Helper for openpgp_oid_from_str. */ static size_t make_flagged_int (unsigned long value, char *buf, size_t buflen) @@ -236,3 +242,88 @@ openpgp_oid_to_str (gcry_mpi_t a) xfree (string); return xtrystrdup ("1.3.6.1.4.1.11591.2.12242973"); } + + + +/* Return true if A represents the OID for Ed25519. */ +int +openpgp_oid_is_ed25519 (gcry_mpi_t a) +{ + const unsigned char *buf; + unsigned int nbits; + size_t n; + + if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)) + return 0; + + buf = gcry_mpi_get_opaque (a, &nbits); + n = (nbits+7)/8; + return (n == DIM (oid_ed25519) + && !memcmp (buf, oid_ed25519, DIM (oid_ed25519))); +} + + + +/* Map the Libgcrypt ECC curve NAME to an OID. If R_NBITS is not NULL + store the bit size of the curve there. Returns NULL for unknown + curve names. */ +const char * +openpgp_curve_to_oid (const char *name, unsigned int *r_nbits) +{ + unsigned int nbits = 0; + const char *oidstr; + + if (!name) + oidstr = NULL; + else if (!strcmp (name, "Ed25519")) + { + oidstr = "1.3.6.1.4.1.3029.1.5.1"; + nbits = 255; + } + else if (!strcmp (name, "nistp256")) + { + oidstr = "1.2.840.10045.3.1.7"; + nbits = 256; + } + else if (!strcmp (name, "nistp384")) + { + oidstr = "1.3.132.0.34"; + nbits = 384; + } + else if (!strcmp (name, "nistp521")) + { + oidstr = "1.3.132.0.35"; + nbits = 521; + } + else + oidstr = NULL; + + if (r_nbits) + *r_nbits = nbits; + return oidstr; +} + + +/* Map an OpenPGP OID to the Libgcrypt curve NAME. If R_NBITS is not + NULL store the bit size of the curve there. Returns "?" for + unknown curve names. */ +const char * +openpgp_oid_to_curve (const char *oid) +{ + const char *name; + + if (!oid) + name = ""; + else if (!strcmp (oid, "1.3.6.1.4.1.3029.1.5.1")) + name = "Ed25519"; + else if (!strcmp (oid, "1.2.840.10045.3.1.7")) + name = "NIST P-256"; + else if (!strcmp (oid, "1.3.132.0.34")) + name = "NIST P-384"; + else if (!strcmp (oid, "1.3.132.0.35")) + name = "NIST P-521"; + else /* FIXME: Lookup via Libgcrypt. */ + name = "?"; + + return name; +} diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c index 80e5763..d101b75 100644 --- a/common/t-openpgp-oid.c +++ b/common/t-openpgp-oid.c @@ -35,7 +35,7 @@ static void test_openpgp_oid_from_str (void) { - static char *sample_oids[] = + static char *sample_oids[] = { "0.0", "1.0", @@ -134,6 +134,41 @@ test_openpgp_oid_to_str (void) } +static void +test_openpgp_oid_is_ed25519 (void) +{ + static struct + { + int yes; + const char *oidstr; + } samples[] = { + { 0, "0.0" }, + { 0, "1.3.132.0.35" }, + { 0, "1.3.6.1.4.1.3029.1.5.0" }, + { 1, "1.3.6.1.4.1.3029.1.5.1" }, + { 0, "1.3.6.1.4.1.3029.1.5.2" }, + { 0, "1.3.6.1.4.1.3029.1.5.1.0" }, + { 0, "1.3.6.1.4.1.3029.1.5" }, + { 0, NULL }, + }; + gpg_error_t err; + gcry_mpi_t a; + int idx; + + for (idx=0; samples[idx].oidstr; idx++) + { + err = openpgp_oid_from_str (samples[idx].oidstr, &a); + if (err) + fail (idx, err); + + if (openpgp_oid_is_ed25519 (a) != samples[idx].yes) + fail (idx, 0); + + gcry_mpi_release (a); + } + +} + int main (int argc, char **argv) @@ -143,6 +178,7 @@ main (int argc, char **argv) test_openpgp_oid_from_str (); test_openpgp_oid_to_str (); + test_openpgp_oid_is_ed25519 (); return 0; } diff --git a/common/util.h b/common/util.h index 13b702c..f938888 100644 --- a/common/util.h +++ b/common/util.h @@ -215,6 +215,9 @@ size_t percent_unescape_inplace (char *string, int nulrepl); /*-- openpgp-oid.c --*/ gpg_error_t openpgp_oid_from_str (const char *string, gcry_mpi_t *r_mpi); char *openpgp_oid_to_str (gcry_mpi_t a); +int openpgp_oid_is_ed25519 (gcry_mpi_t a); +const char *openpgp_curve_to_oid (const char *name, unsigned int *r_nbits); +const char *openpgp_oid_to_curve (const char *oid); diff --git a/doc/DETAILS b/doc/DETAILS index 100755a..a52f51c 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -32,8 +32,8 @@ fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4: #+end_example The double =--with-fingerprint= prints the fingerprint for the subkeys -too. Old versions of gpg used a lighly different format and required -the use of the option =--fixed-list-mode= to conform to format +too. Old versions of gpg used a slighrly different format and required +the use of the option =--fixed-list-mode= to conform to the format described here. ** Description of the fields @@ -201,6 +201,11 @@ described here. For sig records, this is the used hash algorithm. For example: 2 = SHA-1, 8 = SHA-256. +*** Field 17 - Curve name + + For pub, sub, sec, and sbb records this field is used for the ECC + curve name. + ** Special fields *** PKD - Public key data diff --git a/g10/build-packet.c b/g10/build-packet.c index 159b783..6681b34 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -166,9 +166,14 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a) { unsigned int nbits; const void *p; + unsigned int lenhdr[2]; p = gcry_mpi_get_opaque (a, &nbits); - rc = iobuf_write (out, p, (nbits+7)/8); + lenhdr[0] = nbits >> 8; + lenhdr[1] = nbits; + rc = iobuf_write (out, lenhdr, 2); + if (!rc) + rc = iobuf_write (out, p, (nbits+7)/8); } else { @@ -191,6 +196,29 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a) } +/* + * Write an opaque MPI to the output stream without length info. + */ +gpg_error_t +gpg_mpi_write_nohdr (iobuf_t out, gcry_mpi_t a) +{ + int rc; + + if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)) + { + unsigned int nbits; + const void *p; + + p = gcry_mpi_get_opaque (a, &nbits); + rc = iobuf_write (out, p, (nbits+7)/8); + } + else + rc = gpg_error (GPG_ERR_BAD_MPI); + + return rc; +} + + /* Calculate the length of a packet described by PKT. */ u32 calc_packet_length( PACKET *pkt ) @@ -302,7 +330,11 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk) for (i=0; i < npkey; i++ ) { - err = gpg_mpi_write (a, pk->pkey[i]); + if ((pk->pubkey_algo == PUBKEY_ALGO_ECDSA && (i == 0)) + || (pk->pubkey_algo == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2)) + err = gpg_mpi_write_nohdr (a, pk->pkey[i]); + else + err = gpg_mpi_write (a, pk->pkey[i]); if (err) goto leave; } @@ -473,7 +505,12 @@ do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc ) write_fake_data( a, enc->data[0] ); for (i=0; i < n && !rc ; i++ ) - rc = gpg_mpi_write (a, enc->data[i]); + { + if (enc->pubkey_algo == PUBKEY_ALGO_ECDH && i == 1) + rc = gpg_mpi_write_nohdr (a, enc->data[i]); + else + rc = gpg_mpi_write (a, enc->data[i]); + } if (!rc) { diff --git a/g10/ecdh.c b/g10/ecdh.c index 8b1949c..752181e 100644 --- a/g10/ecdh.c +++ b/g10/ecdh.c @@ -197,11 +197,11 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, obuf = iobuf_temp(); /* variable-length field 1, curve name OID */ - err = gpg_mpi_write (obuf, pkey[0]); + err = gpg_mpi_write_nohdr (obuf, pkey[0]); /* fixed-length field 2 */ iobuf_put (obuf, PUBKEY_ALGO_ECDH); /* variable-length field 3, KDF params */ - err = (err ? err : gpg_mpi_write (obuf, pkey[2])); + err = (err ? err : gpg_mpi_write_nohdr (obuf, pkey[2])); /* fixed-length field 4 */ iobuf_write (obuf, "Anonymous Sender ", 20); /* fixed-length field 5, recipient fp */ diff --git a/g10/export.c b/g10/export.c index 7fbcb34..01bdd5e 100644 --- a/g10/export.c +++ b/g10/export.c @@ -583,7 +583,7 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk) goto leave; curvename = gcry_pk_get_curve (s_pubkey, 0, NULL); gcry_sexp_release (s_pubkey); - curveoidstr = gpg_curve_to_oid (curvename, NULL); + curveoidstr = openpgp_curve_to_oid (curvename, NULL); if (!curveoidstr) { log_error ("no OID known for curve '%s'\n", curvename); diff --git a/g10/keygen.c b/g10/keygen.c index 3b02f04..9c371bd 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -60,9 +60,11 @@ enum para_name { pKEYTYPE, pKEYLENGTH, + pKEYCURVE, pKEYUSAGE, pSUBKEYTYPE, pSUBKEYLENGTH, + pSUBKEYCURVE, pSUBKEYUSAGE, pAUTHKEYTYPE, pNAMEREAL, @@ -1071,40 +1073,6 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk, return err; } -/* Map the Libgcrypt ECC curve NAME to an OID. If R_NBITS is not NULL - store the bit size of the curve there. Returns NULL for unknown - curve names. */ -const char * -gpg_curve_to_oid (const char *name, unsigned int *r_nbits) -{ - unsigned int nbits = 0; - const char *oidstr; - - if (!name) - oidstr = NULL; - else if (!strcmp (name, "NIST P-256")) - { - oidstr = "1.2.840.10045.3.1.7"; - nbits = 256; - } - else if (!strcmp (name, "NIST P-384")) - { - oidstr = "1.3.132.0.34"; - nbits = 384; - } - else if (!strcmp (name, "NIST P-521")) - { - oidstr = "1.3.132.0.35"; - nbits = 521; - } - else - oidstr = NULL; - - if (r_nbits) - *r_nbits = nbits; - return oidstr; -} - static gpg_error_t ecckey_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, int algo) @@ -1142,7 +1110,7 @@ ecckey_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, int algo) goto leave; } gcry_sexp_release (l2); - oidstr = gpg_curve_to_oid (curve, &nbits); + oidstr = openpgp_curve_to_oid (curve, &nbits); if (!oidstr) { /* That can't happen because we used one of the curves @@ -1188,7 +1156,7 @@ ecckey_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, int algo) array[i] = NULL; } } - return 0; + return err; } @@ -1534,31 +1502,24 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, * Generate an ECC key */ static gpg_error_t -gen_ecc (int algo, unsigned int nbits, kbnode_t pub_root, +gen_ecc (int algo, const char *curve, kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey, int keygen_flags, char **cache_nonce_addr) { gpg_error_t err; - const char *curve; char *keyparms; assert (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH); - /* For now we may only use one of the 3 NIST curves. See also - gpg_curve_to_oid. */ - if (nbits <= 256) - curve = "NIST P-256"; - else if (nbits <= 384) - curve = "NIST P-384"; - else - curve = "NIST P-521"; + if (!curve || !*curve) + return gpg_error (GPG_ERR_UNKNOWN_CURVE); - keyparms = xtryasprintf ("(genkey(%s(curve %zu:%s)%s))", - algo == PUBKEY_ALGO_ECDSA ? "ecdsa" : "ecdh", + keyparms = xtryasprintf ("(genkey(ecc(curve %zu:%s)(flags nocomp%s%s)))", strlen (curve), curve, - ((keygen_flags & KEYGEN_FLAG_TRANSIENT_KEY) - && (keygen_flags & KEYGEN_FLAG_NO_PROTECTION))? - "(transient-key)" : "" ); + (((keygen_flags & KEYGEN_FLAG_TRANSIENT_KEY) + && (keygen_flags & KEYGEN_FLAG_NO_PROTECTION))? + " transient-key" : ""), + (!strcmp (curve, "Ed25519")? " eddsa":"")); if (!keyparms) err = gpg_error_from_syserror (); else @@ -2082,6 +2043,98 @@ ask_keysize (int algo, unsigned int primary_keysize) } +/* Ask for the key size. ALGO is the algorithm. If PRIMARY_KEYSIZE + is not 0, the function asks for the size of the encryption + subkey. */ +static char * +ask_curve (void) +{ + struct { + const char *name; + int available; + int expert_only; + const char *pretty_name; + } curves[] = { + { "Ed25519", 0, 0, "Curve 25519" }, + { "NIST P-256", 0, 1, }, + { "NIST P-384", 0, 0, }, + { "NIST P-521", 0, 1, }, + { "brainpoolP256r1", 0, 1, "Brainpool P-256" }, + { "brainpoolP384r1", 0, 1, "Brainpool P-384" }, + { "brainpoolP512r1", 0, 1, "Brainpool P-512" }, + }; + int idx; + char *answer; + char *result = NULL; + gcry_sexp_t keyparms; + + tty_printf (_("Please select which elliptic curve you want:\n")); + + keyparms = NULL; + for (idx=0; idx < DIM(curves); idx++) + { + int rc; + + curves[idx].available = 0; + if (!opt.expert && curves[idx].expert_only) + continue; + + gcry_sexp_release (keyparms); + rc = gcry_sexp_build (&keyparms, NULL, + "(public-key(ecc(curve %s)))", curves[idx].name); + if (rc) + continue; + if (!gcry_pk_get_curve (keyparms, 0, NULL)) + continue; + + curves[idx].available = 1; + tty_printf (_(" (%d) %s\n"), idx + 1, + curves[idx].pretty_name? + curves[idx].pretty_name:curves[idx].name); + } + gcry_sexp_release (keyparms); + + + for (;;) + { + answer = cpr_get ("keygen.curve", _("Your selection? ")); + cpr_kill_prompt (); + idx = *answer? atoi (answer) : 1; + if (*answer && !idx) + { + /* See whether the user entered the name of the curve. */ + for (idx=0; idx < DIM(curves); idx++) + { + if (!opt.expert && curves[idx].expert_only) + continue; + if (!stricmp (curves[idx].name, answer) + || (curves[idx].pretty_name + && !stricmp (curves[idx].pretty_name, answer))) + break; + } + if (idx == DIM(curves)) + idx = -1; + } + else + idx--; + xfree(answer); + answer = NULL; + if (idx < 0 || idx >= DIM (curves) || !curves[idx].available) + tty_printf (_("Invalid selection.\n")); + else + { + result = xstrdup (curves[idx].name); + break; + } + } + + if (!result) + result = xstrdup (curves[0].name); + + return result; +} + + /**************** * Parse an expire string and return its value in seconds. * Returns (u32)-1 on error. @@ -2539,7 +2592,7 @@ do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled) /* Basic key generation. Here we divert to the actual generation routines based on the requested algorithm. */ static int -do_create (int algo, unsigned int nbits, KBNODE pub_root, +do_create (int algo, unsigned int nbits, const char *curve, KBNODE pub_root, u32 timestamp, u32 expiredate, int is_subkey, int keygen_flags, char **cache_nonce_addr) { @@ -2561,7 +2614,7 @@ do_create (int algo, unsigned int nbits, KBNODE pub_root, err = gen_dsa (nbits, pub_root, timestamp, expiredate, is_subkey, keygen_flags, cache_nonce_addr); else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH) - err = gen_ecc (algo, nbits, pub_root, timestamp, expiredate, is_subkey, + err = gen_ecc (algo, curve, pub_root, timestamp, expiredate, is_subkey, keygen_flags, cache_nonce_addr); else if (algo == PUBKEY_ALGO_RSA) err = gen_rsa (algo, nbits, pub_root, timestamp, expiredate, is_subkey, @@ -2974,7 +3027,6 @@ proc_parameter_file( struct para_data_s *para, const char *fname, * but because we do this always, why not here. */ STRING2KEY *s2k; DEK *dek; - static int count; s2k = xmalloc ( sizeof *s2k ); s2k->mode = opt.s2k_mode; @@ -3058,9 +3110,11 @@ read_parameter_file( const char *fname ) } keywords[] = { { "Key-Type", pKEYTYPE}, { "Key-Length", pKEYLENGTH }, + { "Key-Curve", pKEYCURVE }, { "Key-Usage", pKEYUSAGE }, { "Subkey-Type", pSUBKEYTYPE }, { "Subkey-Length", pSUBKEYLENGTH }, + { "Subkey-Curve", pSUBKEYCURVE }, { "Subkey-Usage", pSUBKEYUSAGE }, { "Name-Real", pNAMEREAL }, { "Name-Email", pNAMEEMAIL }, @@ -3340,6 +3394,7 @@ generate_keypair (ctrl_t ctrl, const char *fname, const char *card_serialno, else { int subkey_algo; + char *curve = NULL; /* Fixme: To support creating a primary key by keygrip we better also define the keyword for the parameter file. Note that @@ -3355,12 +3410,24 @@ generate_keypair (ctrl_t ctrl, const char *fname, const char *card_serialno, sprintf( r->u.value, "%d", algo ); r->next = para; para = r; - nbits = ask_keysize (algo, 0); - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pKEYLENGTH; - sprintf( r->u.value, "%u", nbits); - r->next = para; - para = r; + if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH) + { + curve = ask_curve (); + r = xmalloc_clear (sizeof *r + strlen (curve)); + r->key = pKEYCURVE; + strcpy (r->u.value, curve); + r->next = para; + para = r; + } + else + { + nbits = ask_keysize (algo, 0); + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pKEYLENGTH; + sprintf( r->u.value, "%u", nbits); + r->next = para; + para = r; + } r = xmalloc_clear( sizeof *r + 20 ); r->key = pKEYUSAGE; strcpy( r->u.value, "sign" ); @@ -3400,12 +3467,27 @@ generate_keypair (ctrl_t ctrl, const char *fname, const char *card_serialno, nbits = 0; } - nbits = ask_keysize (both? subkey_algo : algo, nbits); - r = xmalloc_clear( sizeof *r + 20 ); - r->key = both? pSUBKEYLENGTH : pKEYLENGTH; - sprintf( r->u.value, "%u", nbits); - r->next = para; - para = r; + if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH) + { + if (!both) + curve = ask_curve (); + r = xmalloc_clear (sizeof *r + strlen (curve)); + r->key = both? pSUBKEYCURVE : pKEYCURVE; + strcpy (r->u.value, curve); + r->next = para; + para = r; + } + else + { + nbits = ask_keysize (both? subkey_algo : algo, nbits); + r = xmalloc_clear( sizeof *r + 20 ); + r->key = both? pSUBKEYLENGTH : pKEYLENGTH; + sprintf( r->u.value, "%u", nbits); + r->next = para; + para = r; + } + + xfree (curve); } expire = ask_expire_interval(0,NULL); @@ -3630,6 +3712,7 @@ do_generate_keypair (struct para_data_s *para, if (!card) err = do_create (get_parameter_algo( para, pKEYTYPE, NULL ), get_parameter_uint( para, pKEYLENGTH ), + get_parameter_value (para, pKEYCURVE), pub_root, timestamp, get_parameter_u32( para, pKEYEXPIRE ), 0, @@ -3681,6 +3764,7 @@ do_generate_keypair (struct para_data_s *para, { err = do_create (get_parameter_algo (para, pSUBKEYTYPE, NULL), get_parameter_uint (para, pSUBKEYLENGTH), + get_parameter_value (para, pSUBKEYCURVE), pub_root, timestamp, get_parameter_u32 (para, pSUBKEYEXPIRE), 1, @@ -3827,7 +3911,8 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) int algo; unsigned int use; u32 expire; - unsigned int nbits; + unsigned int nbits = 0; + char *curve = NULL; u32 cur_time; char *hexgrip = NULL; char *serialno = NULL; @@ -3881,7 +3966,14 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) hexgrip = NULL; algo = ask_algo (ctrl, 1, NULL, &use, &hexgrip); assert (algo); - nbits = hexgrip? 0 : ask_keysize (algo, 0); + + if (hexgrip) + nbits = 0; + else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH) + curve = ask_curve (); + else + nbits = ask_keysize (algo, 0); + expire = ask_expire_interval (0, NULL); if (!cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay", _("Really create? (y/N) "))) @@ -3894,7 +3986,8 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) err = do_create_from_keygrip (ctrl, algo, hexgrip, keyblock, cur_time, expire, 1); else - err = do_create (algo, nbits, keyblock, cur_time, expire, 1, 0, NULL); + err = do_create (algo, nbits, curve, + keyblock, cur_time, expire, 1, 0, NULL); if (err) goto leave; @@ -3911,6 +4004,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) write_status_text (STATUS_KEY_CREATED, "S"); leave: + xfree (curve); xfree (hexgrip); xfree (serialno); if (err) diff --git a/g10/keylist.c b/g10/keylist.c index d45aed6..356fac3 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -817,6 +817,17 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo), keystr_from_pk (pk), datestr_from_pk (pk)); + if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA + || pk->pubkey_algo == PUBKEY_ALGO_ECDH) + { + char *curve = openpgp_oid_to_str (pk->pkey[0]); + const char *name = openpgp_oid_to_curve (curve); + if (!*name || *name == '?') + name = curve; + es_fprintf (es_stdout, " %s", name); + xfree (curve); + } + if (pk->flags.revoked) { es_fprintf (es_stdout, " ["); @@ -940,6 +951,18 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) s2k_char, nbits_from_pk (pk2), pubkey_letter (pk2->pubkey_algo), keystr_from_pk (pk2), datestr_from_pk (pk2)); + + if (pk2->pubkey_algo == PUBKEY_ALGO_ECDSA + || pk2->pubkey_algo == PUBKEY_ALGO_ECDH) + { + char *curve = openpgp_oid_to_str (pk2->pkey[0]); + const char *name = openpgp_oid_to_curve (curve); + if (!*name || *name == '?') + name = curve; + es_fprintf (es_stdout, " %s", name); + xfree (curve); + } + if (pk2->flags.revoked) { es_fprintf (es_stdout, " ["); @@ -1172,16 +1195,28 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr) es_putc (':', es_stdout); es_putc (':', es_stdout); print_capabilities (pk, keyblock); + es_putc (':', es_stdout); /* End of field 13. */ + es_putc (':', es_stdout); /* End of field 14. */ if (secret) { - es_putc (':', es_stdout); /* End of field 13. */ - es_putc (':', es_stdout); /* End of field 14. */ if (stubkey) es_putc ('#', es_stdout); else if (serialno) - es_fputs(serialno, es_stdout); - es_putc (':', es_stdout); /* End of field 15. */ + es_fputs (serialno, es_stdout); + } + es_putc (':', es_stdout); /* End of field 15. */ + es_putc (':', es_stdout); /* End of field 16. */ + if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA + || pk->pubkey_algo == PUBKEY_ALGO_ECDH) + { + char *curve = openpgp_oid_to_str (pk->pkey[0]); + const char *name = openpgp_oid_to_curve (curve); + if (!*name || *name == '?') + name = curve; + es_fputs (name, es_stdout); + xfree (curve); } + es_putc (':', es_stdout); /* End of field 17. */ es_putc ('\n', es_stdout); print_revokers (pk); @@ -1285,16 +1320,28 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr) /* fixme: add LID and ownertrust here */ ); print_capabilities (pk2, NULL); + es_putc (':', es_stdout); /* End of field 13. */ + es_putc (':', es_stdout); /* End of field 14. */ if (secret) { - es_putc (':', es_stdout); /* End of field 13. */ - es_putc (':', es_stdout); /* End of field 14. */ if (stubkey) es_putc ('#', es_stdout); else if (serialno) es_fputs (serialno, es_stdout); - es_putc (':', es_stdout); /* End of field 15. */ } + es_putc (':', es_stdout); /* End of field 15. */ + es_putc (':', es_stdout); /* End of field 16. */ + if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA + || pk->pubkey_algo == PUBKEY_ALGO_ECDH) + { + char *curve = openpgp_oid_to_str (pk->pkey[0]); + const char *name = openpgp_oid_to_curve (curve); + if (!*name || *name == '?') + name = curve; + es_fputs (name, es_stdout); + xfree (curve); + } + es_putc (':', es_stdout); /* End of field 17. */ es_putc ('\n', es_stdout); if (fpr > 1) print_fingerprint (pk2, 0); diff --git a/g10/main.h b/g10/main.h index 15d3b76..fd4e5e9 100644 --- a/g10/main.h +++ b/g10/main.h @@ -230,7 +230,6 @@ void keyedit_passwd (ctrl_t ctrl, const char *username); void show_basic_key_info (KBNODE keyblock); /*-- keygen.c --*/ -const char *gpg_curve_to_oid (const char *name, unsigned int *r_nbits); u32 parse_expire_string(const char *string); u32 ask_expire_interval(int object,const char *def_expire); u32 ask_expiredate(void); diff --git a/g10/packet.h b/g10/packet.h index fa32ab1..b3956ef 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -445,6 +445,7 @@ PACKET *create_gpg_control ( ctrlpkttype_t type, /*-- build-packet.c --*/ int build_packet( iobuf_t inp, PACKET *pkt ); gpg_error_t gpg_mpi_write (iobuf_t out, gcry_mpi_t a); +gpg_error_t gpg_mpi_write_nohdr (iobuf_t out, gcry_mpi_t a); u32 calc_packet_length( PACKET *pkt ); void build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type, const byte *buffer, size_t buflen ); diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 9c04362..3b2698f 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -140,22 +140,13 @@ mpi_read (iobuf_t inp, unsigned int *ret_nread, int secure) nread++; } - if (nread >= 2 && !(buf[0] << 8 | buf[1])) - { - /* Libgcrypt < 1.5.0 accidently rejects zero-length (i.e. zero) - MPIs. We fix this here. */ - a = gcry_mpi_new (0); - } - else - { - if (gcry_mpi_scan (&a, GCRYMPI_FMT_PGP, buf, nread, &nread)) - a = NULL; - } + if (gcry_mpi_scan (&a, GCRYMPI_FMT_PGP, buf, nread, &nread)) + a = NULL; leave: gcry_free (buf); if (nread > *ret_nread) - log_bug ("mpi larger than packet"); + log_bug ("mpi larger than packet (%zu/%u)", nread, *ret_nread); else *ret_nread = nread; return a; @@ -1999,8 +1990,8 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, { for (i = 0; i < npkey; i++) { - if ((algorithm == PUBKEY_ALGO_ECDSA - || algorithm == PUBKEY_ALGO_ECDH) && (i==0 || i == 2)) + if ((algorithm == PUBKEY_ALGO_ECDSA && (i == 0)) + || (algorithm == PUBKEY_ALGO_ECDH) && (i == 0 || i == 2)) { size_t n; err = read_size_body (inp, pktlen, &n, pk->pkey+i); @@ -2020,6 +2011,14 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, { es_fprintf (listfp, "\tpkey[%d]: ", i); mpi_print (listfp, pk->pkey[i], mpi_print_mode); + if ((algorithm == PUBKEY_ALGO_ECDSA + || algorithm == PUBKEY_ALGO_ECDH) && i==0) + { + char *curve = openpgp_oid_to_str (pk->pkey[0]); + es_fprintf (listfp, " %s (%s)", + openpgp_oid_to_curve (curve), curve); + xfree (curve); + } es_putc ('\n', listfp); } } diff --git a/g10/pkglue.c b/g10/pkglue.c index 3a078bd..7e50a1c 100644 --- a/g10/pkglue.c +++ b/g10/pkglue.c @@ -33,14 +33,14 @@ /* FIXME: Better chnage the fucntion name because mpi_ is used by gcrypt macros. */ gcry_mpi_t -mpi_from_sexp (gcry_sexp_t sexp, const char * item) +get_mpi_from_sexp (gcry_sexp_t sexp, const char *item, int mpifmt) { gcry_sexp_t list; gcry_mpi_t data; list = gcry_sexp_find_token (sexp, item, 0); assert (list); - data = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + data = gcry_sexp_nth_mpi (list, 1, mpifmt); assert (data); gcry_sexp_release (list); return data; @@ -58,6 +58,7 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey) gcry_sexp_t s_sig, s_hash, s_pkey; int rc; const int pkalgo = map_pk_openpgp_to_gcry (algo); + int is_ed25519 = 0; /* Make a sexp from pkey. */ if (pkalgo == GCRY_PK_DSA) @@ -79,15 +80,24 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey) } else if (pkalgo == GCRY_PK_ECDSA) /* Same as GCRY_PK_ECDH */ { - char *curve = openpgp_oid_to_str (pkey[0]); - if (!curve) - rc = gpg_error_from_syserror (); + is_ed25519 = openpgp_oid_is_ed25519 (pkey[0]); + if (is_ed25519) + rc = gcry_sexp_build (&s_pkey, NULL, + "(public-key(ecc(curve Ed25519)" + "(flags eddsa)(q%m)))", + pkey[1]); else { - rc = gcry_sexp_build (&s_pkey, NULL, - "(public-key(ecdsa(curve %s)(q%m)))", - curve, pkey[1]); - xfree (curve); + char *curve = openpgp_oid_to_str (pkey[0]); + if (!curve) + rc = gpg_error_from_syserror (); + else + { + rc = gcry_sexp_build (&s_pkey, NULL, + "(public-key(ecdsa(curve %s)(q%m)))", + curve, pkey[1]); + xfree (curve); + } } } else @@ -97,8 +107,18 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey) BUG (); /* gcry_sexp_build should never fail. */ /* Put hash into a S-Exp s_hash. */ - if (gcry_sexp_build (&s_hash, NULL, "%m", hash)) - BUG (); /* gcry_sexp_build should never fail. */ + if (is_ed25519) + { + if (gcry_sexp_build (&s_hash, NULL, + "(data(flags eddsa)(hash-algo sha512)(value %m))", + hash)) + BUG (); /* gcry_sexp_build should never fail. */ + } + else + { + if (gcry_sexp_build (&s_hash, NULL, "%m", hash)) + BUG (); /* gcry_sexp_build should never fail. */ + } /* Put data into a S-Exp s_sig. */ s_sig = NULL; @@ -114,6 +134,9 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey) { if (!data[0] || !data[1]) rc = gpg_error (GPG_ERR_BAD_MPI); + else if (is_ed25519) + rc = gcry_sexp_build (&s_sig, NULL, + "(sig-val(eddsa(r%M)(s%M)))", data[0], data[1]); else rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(ecdsa(r%m)(s%m)))", data[0], data[1]); @@ -223,8 +246,8 @@ pk_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, size_t fpn; /* Get the shared point and the ephemeral public key. */ - shared = mpi_from_sexp (s_ciph, "s"); - public = mpi_from_sexp (s_ciph, "e"); + shared = get_mpi_from_sexp (s_ciph, "s", GCRYMPI_FMT_USG); + public = get_mpi_from_sexp (s_ciph, "e", GCRYMPI_FMT_USG); gcry_sexp_release (s_ciph); s_ciph = NULL; if (DBG_CIPHER) @@ -256,9 +279,9 @@ pk_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, else /* Elgamal or RSA case. */ { /* Fixme: Add better error handling or make gnupg use S-expressions directly. */ - resarr[0] = mpi_from_sexp (s_ciph, "a"); + resarr[0] = get_mpi_from_sexp (s_ciph, "a", GCRYMPI_FMT_USG); if (algo != GCRY_PK_RSA && algo != GCRY_PK_RSA_E) - resarr[1] = mpi_from_sexp (s_ciph, "b"); + resarr[1] = get_mpi_from_sexp (s_ciph, "b", GCRYMPI_FMT_USG); } gcry_sexp_release (s_ciph); @@ -296,15 +319,25 @@ pk_check_secret_key (int algo, gcry_mpi_t *skey) } else if (gcry_pkalgo == GCRY_PK_ECDSA || gcry_pkalgo == GCRY_PK_ECDH) { - char *curve = openpgp_oid_to_str (skey[0]); - if (!curve) - rc = gpg_error_from_syserror (); - else + if (openpgp_oid_is_ed25519 (skey[0])) { rc = gcry_sexp_build (&s_skey, NULL, - "(private-key(ecdsa(curve%s)(q%m)(d%m)))", - curve, skey[1], skey[2]); - xfree (curve); + "(private-key(ecc(curve Ed25519)" + "(flags eddsa)(q%m)(d%m)))", + skey[1], skey[2]); + } + else + { + char *curve = openpgp_oid_to_str (skey[0]); + if (!curve) + rc = gpg_error_from_syserror (); + else + { + rc = gcry_sexp_build (&s_skey, NULL, + "(private-key(ecdsa(curve%s)(q%m)(d%m)))", + curve, skey[1], skey[2]); + xfree (curve); + } } } else diff --git a/g10/pkglue.h b/g10/pkglue.h index e5165f7..48bfbb5 100644 --- a/g10/pkglue.h +++ b/g10/pkglue.h @@ -23,7 +23,7 @@ #include "packet.h" /* For PKT_public_key. */ /*-- pkglue.c --*/ -gcry_mpi_t mpi_from_sexp (gcry_sexp_t sexp, const char * item); +gcry_mpi_t get_mpi_from_sexp (gcry_sexp_t sexp, const char *item, int mpifmt); int pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey); diff --git a/g10/seskey.c b/g10/seskey.c index ac6e6d6..e7f4997 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -264,7 +264,12 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo) pkalgo = map_pk_openpgp_to_gcry (pk->pubkey_algo); - if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA) + if (pkalgo == GCRY_PK_ECDSA && openpgp_oid_is_ed25519 (pk->pkey[0])) + { + frame = gcry_mpi_set_opaque_copy (NULL, gcry_md_read (md, hash_algo), + 8*gcry_md_get_algo_dlen (hash_algo)); + } + else if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA) { /* It's a DSA signature, so find out the size of q. */ diff --git a/g10/sign.c b/g10/sign.c index 8944067..cfac5de 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -281,11 +281,16 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, ; else if (pksk->pubkey_algo == GCRY_PK_RSA || pksk->pubkey_algo == GCRY_PK_RSA_S) - sig->data[0] = mpi_from_sexp (s_sigval, "s"); + sig->data[0] = get_mpi_from_sexp (s_sigval, "s", GCRYMPI_FMT_USG); + else if (openpgp_oid_is_ed25519 (pksk->pkey[0])) + { + sig->data[0] = get_mpi_from_sexp (s_sigval, "r", GCRYMPI_FMT_OPAQUE); + sig->data[1] = get_mpi_from_sexp (s_sigval, "s", GCRYMPI_FMT_OPAQUE); + } else { - sig->data[0] = mpi_from_sexp (s_sigval, "r"); - sig->data[1] = mpi_from_sexp (s_sigval, "s"); + sig->data[0] = get_mpi_from_sexp (s_sigval, "r", GCRYMPI_FMT_USG); + sig->data[1] = get_mpi_from_sexp (s_sigval, "s", GCRYMPI_FMT_USG); } gcry_sexp_release (s_sigval); @@ -422,6 +427,10 @@ match_dsa_hash (unsigned int qbytes) usable for the pubkey algorithm. If --preferred-digest-prefs isn't set, then take the OpenPGP default (i.e. SHA-1). + Note that Ed25519+EdDSA takes an input of arbitrary length and thus + we don't enforce any particular algorithm like we do for standard + ECDSA. However, we use SHA256 as the default algorithm. + Possible improvement: Use the highest-ranked usable algorithm from the signing key prefs either before or after using the personal list? @@ -437,6 +446,14 @@ hash_for (PKT_public_key *pk) { return recipient_digest_algo; } + else if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA + && openpgp_oid_is_ed25519 (pk->pkey[0])) + { + if (opt.personal_digest_prefs) + return opt.personal_digest_prefs[0].value; + else + return DIGEST_ALGO_SHA256; + } else if (pk->pubkey_algo == PUBKEY_ALGO_DSA || pk->pubkey_algo == PUBKEY_ALGO_ECDSA) { @@ -927,7 +944,8 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { if (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_DSA - || sk_rover->pk->pubkey_algo == PUBKEY_ALGO_ECDSA) + || (sk_rover->pk->pubkey_algo == PUBKEY_ALGO_ECDSA + && !openpgp_oid_is_ed25519 (sk_rover->pk->pkey[1]))) { int temp_hashlen = (gcry_mpi_get_nbits (sk_rover->pk->pkey[1])); @@ -1492,8 +1510,13 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk, else if(pksk->pubkey_algo == PUBKEY_ALGO_DSA) digest_algo = match_dsa_hash (gcry_mpi_get_nbits (pksk->pkey[1])/8); else if(pksk->pubkey_algo == PUBKEY_ALGO_ECDSA ) - digest_algo = match_dsa_hash (ecdsa_qbits_from_Q - (gcry_mpi_get_nbits (pksk->pkey[1]))/8); + { + if (openpgp_oid_is_ed25519 (pksk->pkey[0])) + digest_algo = DIGEST_ALGO_SHA256; + else + digest_algo = match_dsa_hash + (ecdsa_qbits_from_Q (gcry_mpi_get_nbits (pksk->pkey[1]))/8); + } else digest_algo = DIGEST_ALGO_SHA1; } commit 9ae48b173c93f4747a9826beb1fbd023c4362c22 Author: Werner Koch Date: Fri Nov 15 08:36:39 2013 +0100 kbx: Fix possible segv in kbxdump. * kbx/keybox-dump.c (_keybox_dump_blob): Check length before get32. Signed-off-by: Werner Koch diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c index c397f9c..1af6a9c 100644 --- a/kbx/keybox-dump.c +++ b/kbx/keybox-dump.c @@ -402,7 +402,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) n = get32 (p ); p += 4; fprintf (fp, "Reserved-Space: %lu\n", n ); - if (unhashed >= 24) + if (n >= 4 && unhashed >= 24) { n = get32 ( buffer + length - unhashed); fprintf (fp, "Storage-Flags: %08lx\n", n ); commit b27161cd0c76ae6e2381f60c3a502cde3a2aaa21 Author: Werner Koch Date: Mon Nov 11 11:33:14 2013 +0100 Require Libgcrypt 1.6 * agent/pksign.c (do_encode_dsa): Remove Libgcrypt version check -- Now that we have decided on a release plan for Libgcrypt 1.6 and given all the improvements it makes more sense to make use of these improvements than to clutter the GnuPG code with workarounds for older Libgcrypt versions. diff --git a/agent/pksign.c b/agent/pksign.c index ad783ce..9c7341a 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -197,32 +197,11 @@ do_encode_dsa (const byte *md, size_t mdlen, int dsaalgo, gcry_sexp_t pkey, if (mdlen > qbits/8) mdlen = qbits/8; - /* Create the S-expression. If we are using Libgcrypt 1.6 we make - use of Deterministic DSA. Libgcrypt < 1.6 does not implement - RFC-6979 and also requires us to convert to an MPI because it - expects an unsigned integer. Using %b directly is not possible - because Libgcrypt assumes an MPI and uses GCRYMPI_FMT_STD for - parsing and thus possible yielding a negative value. */ -#if GCRYPT_VERSION_NUMBER >= 0x010600 /* Libgcrypt >= 1.6 */ - { - err = gcry_sexp_build (&hash, NULL, - "(data (flags rfc6979) (hash %s %b))", - rfc6979_hash_algo_string (mdlen), - (int)mdlen, md); - } -#else /* Libgcrypt < 1.6 */ - { - gcry_mpi_t mpi; - - err = gcry_mpi_scan (&mpi, GCRYMPI_FMT_USG, md, mdlen, NULL); - if (!err) - { - err = gcry_sexp_build (&hash, NULL, - "(data (flags raw) (value %m))", mpi); - gcry_mpi_release (mpi); - } - } -#endif /* Libgcrypt < 1.6 */ + /* Create the S-expression. */ + err = gcry_sexp_build (&hash, NULL, + "(data (flags rfc6979) (hash %s %b))", + rfc6979_hash_algo_string (mdlen), + (int)mdlen, md); if (!err) *r_hash = hash; return err; diff --git a/configure.ac b/configure.ac index 5a5e9f4..e20a70c 100644 --- a/configure.ac +++ b/configure.ac @@ -46,7 +46,7 @@ AC_INIT([gnupg],[mym4_full_version], [http://bugs.gnupg.org]) NEED_GPG_ERROR_VERSION=1.11 NEED_LIBGCRYPT_API=1 -NEED_LIBGCRYPT_VERSION=1.5.0 +NEED_LIBGCRYPT_VERSION=1.6.0 NEED_LIBASSUAN_API=2 NEED_LIBASSUAN_VERSION=2.1.0 ----------------------------------------------------------------------- Summary of changes: agent/agent.h | 1 + agent/findkey.c | 29 ++++++ agent/pksign.c | 66 ++++++------- agent/protect.c | 15 +++ common/openpgp-oid.c | 91 ++++++++++++++++++ common/t-openpgp-oid.c | 38 +++++++- common/util.h | 3 + configure.ac | 2 +- doc/DETAILS | 9 +- g10/build-packet.c | 43 ++++++++- g10/ecdh.c | 4 +- g10/export.c | 2 +- g10/kbnode.c | 1 + g10/keydb.c | 68 ++++++++----- g10/keygen.c | 232 +++++++++++++++++++++++++++++++-------------- g10/keylist.c | 61 ++++++++++-- g10/main.h | 1 - g10/packet.h | 1 + g10/parse-packet.c | 27 +++--- g10/pkglue.c | 77 ++++++++++----- g10/pkglue.h | 2 +- g10/seskey.c | 7 +- g10/sign.c | 35 +++++-- kbx/keybox-blob.c | 5 +- kbx/keybox-defs.h | 16 +++- kbx/keybox-dump.c | 6 +- kbx/keybox-file.c | 5 +- kbx/keybox-search.c | 13 --- kbx/keybox-update.c | 45 ++++++++- tests/openpgp/ecc.test | 2 +- tests/openpgp/import.test | 8 -- 31 files changed, 691 insertions(+), 224 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 15 16:02:05 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Fri, 15 Nov 2013 16:02:05 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-383-gef9f52c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via ef9f52cbb39e46918c96200b09c21e931eff174f (commit) via c8ad83fb605fdbf6dc0b0dbcc8aedfbd477640da (commit) from c43a8c0d81a711161f7a81b24ef7c33a1353eee0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ef9f52cbb39e46918c96200b09c21e931eff174f Author: Jussi Kivilinna Date: Fri Nov 15 16:23:00 2013 +0200 Camellia: Add AVX/AES-NI key setup * cipher/camellia-aesni-avx-amd64.S (key_bitlength, key_table): New order of fields in ctx. (camellia_f, vec_rol128, vec_ror128): New macros. (__camellia_avx_setup128, __camellia_avx_setup256) (_gcry_camellia_aesni_avx_keygen): New functions. * cipher/camellia-aesni-avx2-amd64.S (key_bitlength, key_table): New order of fields in ctx. * cipher/camellia-arm.S (CAMELLIA_TABLE_BYTE_LEN, key_length): Remove unused macros. * cipher/camellia-glue.c (CAMELLIA_context): Move keytable to head for better alignment; Make 'use_aesni_avx' and 'use_aesni_avx2' bitfield members. [USE_AESNI_AVX] (_gcry_camellia_aesni_avx_keygen): New prototype. (camellia_setkey) [USE_AESNI_AVX || USE_AESNI_AVX2]: Read hw features to variable 'hwf' and match features from it. (camellia_setkey) [USE_AESNI_AVX]: Use AES-NI/AVX key setup if available. -- Use AVX/AES-NI for key-setup for small speed-up. Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-aesni-avx-amd64.S b/cipher/camellia-aesni-avx-amd64.S index 9be5d14..b25a8c7 100644 --- a/cipher/camellia-aesni-avx-amd64.S +++ b/cipher/camellia-aesni-avx-amd64.S @@ -32,8 +32,8 @@ #define CAMELLIA_TABLE_BYTE_LEN 272 /* struct CAMELLIA_context: */ -#define key_bitlength 0 -#define key_table 4 +#define key_table 0 +#define key_bitlength CAMELLIA_TABLE_BYTE_LEN /* register macros */ #define CTX %rdi @@ -1194,5 +1194,983 @@ _gcry_camellia_aesni_avx_cfb_dec: ret; .size _gcry_camellia_aesni_avx_cfb_dec,.-_gcry_camellia_aesni_avx_cfb_dec; +/* + * IN: + * ab: 64-bit AB state + * cd: 64-bit CD state + */ +#define camellia_f(ab, x, t0, t1, t2, t3, t4, sbox2mask, sbox4mask, \ + _0f0f0f0fmask, pre_s1lo_mask, pre_s1hi_mask, key) \ + vmovq key, t0; \ + vpxor x, x, t3; \ + \ + vpxor ab, t0, x; \ + \ + /* \ + * S-function with AES subbytes \ + */ \ + \ + /* input rotation for sbox4 (<<< 1) */ \ + vpand x, sbox4mask, t0; \ + vpandn x, sbox4mask, x; \ + vpsllw $1, t0, t1; \ + vpsrlw $7, t0, t0; \ + vpor t0, t1, t0; \ + vpand sbox4mask, t0, t0; \ + vpor t0, x, x; \ + \ + vmovdqa .Lpost_tf_lo_s1 RIP, t0; \ + vmovdqa .Lpost_tf_hi_s1 RIP, t1; \ + vmovq .Lsbox3_output_mask RIP, t4; \ + \ + /* prefilter sboxes */ \ + filter_8bit(x, pre_s1lo_mask, pre_s1hi_mask, _0f0f0f0fmask, t2); \ + \ + /* AES subbytes + AES shift rows + AES inv shift rows */ \ + vaesenclast t3, x, x; \ + vpshufb .Linv_shift_row RIP, x, x; \ + \ + /* postfilter sboxes */ \ + filter_8bit(x, t0, t1, _0f0f0f0fmask, t2); \ + \ + /* output rotation for sbox2 (<<< 1) */ \ + /* output rotation for sbox3 (>>> 1) */ \ + vpor sbox2mask, t4, t2; \ + vpand x, sbox2mask, t0; \ + vpand x, t4, t1; \ + vpandn x, t2, x; \ + vpsllw $1, t0, t2; \ + vpsrlw $7, t0, t0; \ + vpor t0, t2, t0; \ + vpand sbox2mask, t0, t0; \ + vpsllw $7, t1, t2; \ + vpsrlw $1, t1, t1; \ + vpor t1, t2, t1; \ + vpand t4, t1, t1; \ + vpor x, t0, x; \ + vpor x, t1, x; \ + \ + vpshufb .Lsp11101110mask RIP, x, t4; \ + vpshufb .Lsp44044404mask RIP, x, t1; \ + vpshufb .Lsp30333033mask RIP, x, t2; \ + vpshufb .Lsp02220222mask RIP, x, t0; \ + vpxor t2, t1, t1; \ + \ + vpshufb .Lsp00444404mask RIP, x, t2; \ + vpxor t0, t1, t1; \ + vpshufb .Lsp03303033mask RIP, x, t0; \ + vpxor t2, t4, t4; \ + vpshufb .Lsp22000222mask RIP, x, t2; \ + vpxor t0, t1, t1; \ + vpxor t2, t4, t4; \ + vpshufb .Lsp10011110mask RIP, x, x; \ + vpxor t1, x, x; \ + vpxor t4, x, x; + +#define vec_rol128(in, out, nrol, t0) \ + vpshufd $0x4e, in, out; \ + vpsllq $(nrol), in, t0; \ + vpsrlq $(64-(nrol)), out, out; \ + vpaddd t0, out, out; + +#define vec_ror128(in, out, nror, t0) \ + vpshufd $0x4e, in, out; \ + vpsrlq $(nror), in, t0; \ + vpsllq $(64-(nror)), out, out; \ + vpaddd t0, out, out; + +.data + +.align 8 +.Lsbox2_output_mask: + .byte 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00; +.Lsbox3_output_mask: + .byte 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00; +.Lsbox4_input_mask: + .byte 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00; +.Lsp11101110mask: + .long 0x000000ff, 0x000000ff; +.Lsp44044404mask: + .long 0x0101ff01, 0x0101ff01; +.Lsp30333033mask: + .long 0x02ff0202, 0x02ff0202; +.Lsp02220222mask: + .long 0xff030303, 0xff030303; +.Lsp00444404mask: + .long 0xffff0404, 0x0404ff04; +.Lsp03303033mask: + .long 0xff0505ff, 0x05ff0505; +.Lsp22000222mask: + .long 0x0606ffff, 0xff060606; +.Lsp10011110mask: + .long 0x07ffff07, 0x070707ff; +.Lsigma1: + .long 0x3BCC908B, 0xA09E667F; +.Lsigma2: + .long 0x4CAA73B2, 0xB67AE858; +.Lsigma3: + .long 0xE94F82BE, 0xC6EF372F; +.Lsigma4: + .long 0xF1D36F1C, 0x54FF53A5; +.Lsigma5: + .long 0xDE682D1D, 0x10E527FA; +.Lsigma6: + .long 0xB3E6C1FD, 0xB05688C2; + +.text + +.align 8 +.type __camellia_avx_setup128, at function; +__camellia_avx_setup128: + /* input: + * %rdi: ctx, CTX; subkey storage at key_table(CTX) + * %xmm0: key + */ +#define cmll_sub(n, ctx) (key_table+((n)*8))(ctx) +#define KL128 %xmm0 +#define KA128 %xmm2 + + vpshufb .Lbswap128_mask RIP, KL128, KL128; + + vmovq .Lsbox2_output_mask RIP, %xmm11; + vmovq .Lsbox4_input_mask RIP, %xmm12; + vbroadcastss .L0f0f0f0f RIP, %xmm13; + vmovdqa .Lpre_tf_lo_s1 RIP, %xmm14; + vmovdqa .Lpre_tf_hi_s1 RIP, %xmm15; + + /* + * Generate KA + */ + vpsrldq $8, KL128, %xmm2; + vmovdqa KL128, %xmm3; + vpslldq $8, %xmm3, %xmm3; + vpsrldq $8, %xmm3, %xmm3; + + camellia_f(%xmm2, %xmm4, %xmm1, + %xmm5, %xmm6, %xmm7, %xmm8, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma1 RIP); + vpxor %xmm4, %xmm3, %xmm3; + camellia_f(%xmm3, %xmm2, %xmm1, + %xmm5, %xmm6, %xmm7, %xmm8, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma2 RIP); + camellia_f(%xmm2, %xmm3, %xmm1, + %xmm5, %xmm6, %xmm7, %xmm8, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma3 RIP); + vpxor %xmm4, %xmm3, %xmm3; + camellia_f(%xmm3, %xmm4, %xmm1, + %xmm5, %xmm6, %xmm7, %xmm8, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma4 RIP); + + vpslldq $8, %xmm3, %xmm3; + vpxor %xmm4, %xmm2, %xmm2; + vpsrldq $8, %xmm3, %xmm3; + vpslldq $8, %xmm2, KA128; + vpor %xmm3, KA128, KA128; + + /* + * Generate subkeys + */ + vmovdqu KA128, cmll_sub(24, CTX); + vec_rol128(KL128, %xmm3, 15, %xmm15); + vec_rol128(KA128, %xmm4, 15, %xmm15); + vec_rol128(KA128, %xmm5, 30, %xmm15); + vec_rol128(KL128, %xmm6, 45, %xmm15); + vec_rol128(KA128, %xmm7, 45, %xmm15); + vec_rol128(KL128, %xmm8, 60, %xmm15); + vec_rol128(KA128, %xmm9, 60, %xmm15); + vec_ror128(KL128, %xmm10, 128-77, %xmm15); + + /* absorb kw2 to other subkeys */ + vpslldq $8, KL128, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, KA128, KA128; + vpxor %xmm15, %xmm3, %xmm3; + vpxor %xmm15, %xmm4, %xmm4; + + /* subl(1) ^= subr(1) & ~subr(9); */ + vpandn %xmm15, %xmm5, %xmm13; + vpslldq $12, %xmm13, %xmm13; + vpsrldq $8, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm5, %xmm14; + vpslld $1, %xmm14, %xmm11; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm11, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm6, %xmm6; + vpxor %xmm15, %xmm8, %xmm8; + vpxor %xmm15, %xmm9, %xmm9; + + /* subl(1) ^= subr(1) & ~subr(17); */ + vpandn %xmm15, %xmm10, %xmm13; + vpslldq $12, %xmm13, %xmm13; + vpsrldq $8, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm10, %xmm14; + vpslld $1, %xmm14, %xmm11; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm11, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpshufd $0x1b, KL128, KL128; + vpshufd $0x1b, KA128, KA128; + vpshufd $0x1b, %xmm3, %xmm3; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm5, %xmm5; + vpshufd $0x1b, %xmm6, %xmm6; + vpshufd $0x1b, %xmm7, %xmm7; + vpshufd $0x1b, %xmm8, %xmm8; + vpshufd $0x1b, %xmm9, %xmm9; + vpshufd $0x1b, %xmm10, %xmm10; + + vmovdqu KL128, cmll_sub(0, CTX); + vpshufd $0x1b, KL128, KL128; + vmovdqu KA128, cmll_sub(2, CTX); + vmovdqu %xmm3, cmll_sub(4, CTX); + vmovdqu %xmm4, cmll_sub(6, CTX); + vmovdqu %xmm5, cmll_sub(8, CTX); + vmovdqu %xmm6, cmll_sub(10, CTX); + vpsrldq $8, %xmm8, %xmm8; + vmovq %xmm7, cmll_sub(12, CTX); + vmovq %xmm8, cmll_sub(13, CTX); + vmovdqu %xmm9, cmll_sub(14, CTX); + vmovdqu %xmm10, cmll_sub(16, CTX); + + vmovdqu cmll_sub(24, CTX), KA128; + + vec_ror128(KL128, %xmm3, 128 - 94, %xmm7); + vec_ror128(KA128, %xmm4, 128 - 94, %xmm7); + vec_ror128(KL128, %xmm5, 128 - 111, %xmm7); + vec_ror128(KA128, %xmm6, 128 - 111, %xmm7); + + vpxor %xmm15, %xmm3, %xmm3; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm5, %xmm5; + vpslldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm6, %xmm6; + + /* absorb kw4 to other subkeys */ + vpslldq $8, %xmm6, %xmm15; + vpxor %xmm15, %xmm5, %xmm5; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm3, %xmm3; + + /* subl(25) ^= subr(25) & ~subr(16); */ + vpshufd $0x1b, cmll_sub(16, CTX), %xmm10; + vpandn %xmm15, %xmm10, %xmm13; + vpslldq $4, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(25) & subl(16), subr(25) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm10, %xmm14; + vpslld $1, %xmm14, %xmm11; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm11, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpshufd $0x1b, %xmm3, %xmm3; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm5, %xmm5; + vpshufd $0x1b, %xmm6, %xmm6; + + vmovdqu %xmm3, cmll_sub(18, CTX); + vmovdqu %xmm4, cmll_sub(20, CTX); + vmovdqu %xmm5, cmll_sub(22, CTX); + vmovdqu %xmm6, cmll_sub(24, CTX); + + vpshufd $0x1b, cmll_sub(14, CTX), %xmm3; + vpshufd $0x1b, cmll_sub(12, CTX), %xmm4; + vpshufd $0x1b, cmll_sub(10, CTX), %xmm5; + vpshufd $0x1b, cmll_sub(8, CTX), %xmm6; + + vpxor %xmm15, %xmm3, %xmm3; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm5, %xmm5; + + /* subl(25) ^= subr(25) & ~subr(8); */ + vpandn %xmm15, %xmm6, %xmm13; + vpslldq $4, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(25) & subl(8), subr(25) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm6, %xmm14; + vpslld $1, %xmm14, %xmm11; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm11, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpshufd $0x1b, %xmm3, %xmm3; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm5, %xmm5; + + vmovdqu %xmm3, cmll_sub(14, CTX); + vmovdqu %xmm4, cmll_sub(12, CTX); + vmovdqu %xmm5, cmll_sub(10, CTX); + + vpshufd $0x1b, cmll_sub(6, CTX), %xmm6; + vpshufd $0x1b, cmll_sub(4, CTX), %xmm4; + vpshufd $0x1b, cmll_sub(2, CTX), %xmm2; + vpshufd $0x1b, cmll_sub(0, CTX), %xmm0; + + vpxor %xmm15, %xmm6, %xmm6; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm2, %xmm2; + vpxor %xmm15, %xmm0, %xmm0; + + vpshufd $0x1b, %xmm6, %xmm6; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm2, %xmm2; + vpshufd $0x1b, %xmm0, %xmm0; + + vpsrldq $8, %xmm2, %xmm3; + vpsrldq $8, %xmm4, %xmm5; + vpsrldq $8, %xmm6, %xmm7; + + /* + * key XOR is end of F-function. + */ + vpxor %xmm2, %xmm0, %xmm0; + vpxor %xmm4, %xmm2, %xmm2; + + vmovq %xmm0, cmll_sub(0, CTX); + vmovq %xmm3, cmll_sub(2, CTX); + vpxor %xmm5, %xmm3, %xmm3; + vpxor %xmm6, %xmm4, %xmm4; + vpxor %xmm7, %xmm5, %xmm5; + vmovq %xmm2, cmll_sub(3, CTX); + vmovq %xmm3, cmll_sub(4, CTX); + vmovq %xmm4, cmll_sub(5, CTX); + vmovq %xmm5, cmll_sub(6, CTX); + + vmovq cmll_sub(7, CTX), %xmm7; + vmovq cmll_sub(8, CTX), %xmm8; + vmovq cmll_sub(9, CTX), %xmm9; + vmovq cmll_sub(10, CTX), %xmm10; + /* tl = subl(10) ^ (subr(10) & ~subr(8)); */ + vpandn %xmm10, %xmm8, %xmm15; + vpsrldq $4, %xmm15, %xmm15; + vpxor %xmm15, %xmm10, %xmm0; + /* dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); */ + vpand %xmm8, %xmm0, %xmm15; + vpslld $1, %xmm15, %xmm14; + vpsrld $31, %xmm15, %xmm15; + vpaddd %xmm14, %xmm15, %xmm15; + vpslldq $12, %xmm15, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm0, %xmm0; + + vpxor %xmm0, %xmm6, %xmm6; + vmovq %xmm6, cmll_sub(7, CTX); + + vmovq cmll_sub(11, CTX), %xmm11; + vmovq cmll_sub(12, CTX), %xmm12; + vmovq cmll_sub(13, CTX), %xmm13; + vmovq cmll_sub(14, CTX), %xmm14; + vmovq cmll_sub(15, CTX), %xmm15; + /* tl = subl(7) ^ (subr(7) & ~subr(9)); */ + vpandn %xmm7, %xmm9, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm7, %xmm0; + /* dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); */ + vpand %xmm9, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vpxor %xmm11, %xmm0, %xmm0; + vpxor %xmm12, %xmm10, %xmm10; + vpxor %xmm13, %xmm11, %xmm11; + vpxor %xmm14, %xmm12, %xmm12; + vpxor %xmm15, %xmm13, %xmm13; + vmovq %xmm0, cmll_sub(10, CTX); + vmovq %xmm10, cmll_sub(11, CTX); + vmovq %xmm11, cmll_sub(12, CTX); + vmovq %xmm12, cmll_sub(13, CTX); + vmovq %xmm13, cmll_sub(14, CTX); + + vmovq cmll_sub(16, CTX), %xmm6; + vmovq cmll_sub(17, CTX), %xmm7; + vmovq cmll_sub(18, CTX), %xmm8; + vmovq cmll_sub(19, CTX), %xmm9; + vmovq cmll_sub(20, CTX), %xmm10; + /* tl = subl(18) ^ (subr(18) & ~subr(16)); */ + vpandn %xmm8, %xmm6, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm8, %xmm0; + /* dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); */ + vpand %xmm6, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vpxor %xmm14, %xmm0, %xmm0; + vmovq %xmm0, cmll_sub(15, CTX); + + /* tl = subl(15) ^ (subr(15) & ~subr(17)); */ + vpandn %xmm15, %xmm7, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm15, %xmm0; + /* dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); */ + vpand %xmm7, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vmovq cmll_sub(21, CTX), %xmm1; + vmovq cmll_sub(22, CTX), %xmm2; + vmovq cmll_sub(23, CTX), %xmm3; + vmovq cmll_sub(24, CTX), %xmm4; + + vpxor %xmm9, %xmm0, %xmm0; + vpxor %xmm10, %xmm8, %xmm8; + vpxor %xmm1, %xmm9, %xmm9; + vpxor %xmm2, %xmm10, %xmm10; + vpxor %xmm3, %xmm1, %xmm1; + vpxor %xmm4, %xmm3, %xmm3; + + vmovq %xmm0, cmll_sub(18, CTX); + vmovq %xmm8, cmll_sub(19, CTX); + vmovq %xmm9, cmll_sub(20, CTX); + vmovq %xmm10, cmll_sub(21, CTX); + vmovq %xmm1, cmll_sub(22, CTX); + vmovq %xmm2, cmll_sub(23, CTX); + vmovq %xmm3, cmll_sub(24, CTX); + + /* kw2 and kw4 are unused now. */ + movq $0, cmll_sub(1, CTX); + movq $0, cmll_sub(25, CTX); + + vzeroall; + + ret; +.size __camellia_avx_setup128,.-__camellia_avx_setup128; + +.align 8 +.type __camellia_avx_setup256, at function; + +__camellia_avx_setup256: + /* input: + * %rdi: ctx, CTX; subkey storage at key_table(CTX) + * %xmm0 & %xmm1: key + */ +#define KL128 %xmm0 +#define KR128 %xmm1 +#define KA128 %xmm2 +#define KB128 %xmm3 + + vpshufb .Lbswap128_mask RIP, KL128, KL128; + vpshufb .Lbswap128_mask RIP, KR128, KR128; + + vmovq .Lsbox2_output_mask RIP, %xmm11; + vmovq .Lsbox4_input_mask RIP, %xmm12; + vbroadcastss .L0f0f0f0f RIP, %xmm13; + vmovdqa .Lpre_tf_lo_s1 RIP, %xmm14; + vmovdqa .Lpre_tf_hi_s1 RIP, %xmm15; + + /* + * Generate KA + */ + vpxor KL128, KR128, %xmm3; + vpsrldq $8, KR128, %xmm6; + vpsrldq $8, %xmm3, %xmm2; + vpslldq $8, %xmm3, %xmm3; + vpsrldq $8, %xmm3, %xmm3; + + camellia_f(%xmm2, %xmm4, %xmm5, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma1 RIP); + vpxor %xmm4, %xmm3, %xmm3; + camellia_f(%xmm3, %xmm2, %xmm5, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma2 RIP); + vpxor %xmm6, %xmm2, %xmm2; + camellia_f(%xmm2, %xmm3, %xmm5, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma3 RIP); + vpxor %xmm4, %xmm3, %xmm3; + vpxor KR128, %xmm3, %xmm3; + camellia_f(%xmm3, %xmm4, %xmm5, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma4 RIP); + + vpslldq $8, %xmm3, %xmm3; + vpxor %xmm4, %xmm2, %xmm2; + vpsrldq $8, %xmm3, %xmm3; + vpslldq $8, %xmm2, KA128; + vpor %xmm3, KA128, KA128; + + /* + * Generate KB + */ + vpxor KA128, KR128, %xmm3; + vpsrldq $8, %xmm3, %xmm4; + vpslldq $8, %xmm3, %xmm3; + vpsrldq $8, %xmm3, %xmm3; + + camellia_f(%xmm4, %xmm5, %xmm6, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma5 RIP); + vpxor %xmm5, %xmm3, %xmm3; + + camellia_f(%xmm3, %xmm5, %xmm6, + %xmm7, %xmm8, %xmm9, %xmm10, + %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, .Lsigma6 RIP); + vpslldq $8, %xmm3, %xmm3; + vpxor %xmm5, %xmm4, %xmm4; + vpsrldq $8, %xmm3, %xmm3; + vpslldq $8, %xmm4, %xmm4; + vpor %xmm3, %xmm4, KB128; + + /* + * Generate subkeys + */ + vmovdqu KB128, cmll_sub(32, CTX); + vec_rol128(KR128, %xmm4, 15, %xmm15); + vec_rol128(KA128, %xmm5, 15, %xmm15); + vec_rol128(KR128, %xmm6, 30, %xmm15); + vec_rol128(KB128, %xmm7, 30, %xmm15); + vec_rol128(KL128, %xmm8, 45, %xmm15); + vec_rol128(KA128, %xmm9, 45, %xmm15); + vec_rol128(KL128, %xmm10, 60, %xmm15); + vec_rol128(KR128, %xmm11, 60, %xmm15); + vec_rol128(KB128, %xmm12, 60, %xmm15); + + /* absorb kw2 to other subkeys */ + vpslldq $8, KL128, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, KB128, KB128; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm5, %xmm5; + + /* subl(1) ^= subr(1) & ~subr(9); */ + vpandn %xmm15, %xmm6, %xmm13; + vpslldq $12, %xmm13, %xmm13; + vpsrldq $8, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm6, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm7, %xmm7; + vpxor %xmm15, %xmm8, %xmm8; + vpxor %xmm15, %xmm9, %xmm9; + + vpshufd $0x1b, KL128, KL128; + vpshufd $0x1b, KB128, KB128; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm5, %xmm5; + vpshufd $0x1b, %xmm6, %xmm6; + vpshufd $0x1b, %xmm7, %xmm7; + vpshufd $0x1b, %xmm8, %xmm8; + vpshufd $0x1b, %xmm9, %xmm9; + + vmovdqu KL128, cmll_sub(0, CTX); + vpshufd $0x1b, KL128, KL128; + vmovdqu KB128, cmll_sub(2, CTX); + vmovdqu %xmm4, cmll_sub(4, CTX); + vmovdqu %xmm5, cmll_sub(6, CTX); + vmovdqu %xmm6, cmll_sub(8, CTX); + vmovdqu %xmm7, cmll_sub(10, CTX); + vmovdqu %xmm8, cmll_sub(12, CTX); + vmovdqu %xmm9, cmll_sub(14, CTX); + + vmovdqu cmll_sub(32, CTX), KB128; + + /* subl(1) ^= subr(1) & ~subr(17); */ + vpandn %xmm15, %xmm10, %xmm13; + vpslldq $12, %xmm13, %xmm13; + vpsrldq $8, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm10, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm11, %xmm11; + vpxor %xmm15, %xmm12, %xmm12; + + vec_ror128(KL128, %xmm4, 128-77, %xmm14); + vec_ror128(KA128, %xmm5, 128-77, %xmm14); + vec_ror128(KR128, %xmm6, 128-94, %xmm14); + vec_ror128(KA128, %xmm7, 128-94, %xmm14); + vec_ror128(KL128, %xmm8, 128-111, %xmm14); + vec_ror128(KB128, %xmm9, 128-111, %xmm14); + + vpxor %xmm15, %xmm4, %xmm4; + + vpshufd $0x1b, %xmm10, %xmm10; + vpshufd $0x1b, %xmm11, %xmm11; + vpshufd $0x1b, %xmm12, %xmm12; + vpshufd $0x1b, %xmm4, %xmm4; + + vmovdqu %xmm10, cmll_sub(16, CTX); + vmovdqu %xmm11, cmll_sub(18, CTX); + vmovdqu %xmm12, cmll_sub(20, CTX); + vmovdqu %xmm4, cmll_sub(22, CTX); + + /* subl(1) ^= subr(1) & ~subr(25); */ + vpandn %xmm15, %xmm5, %xmm13; + vpslldq $12, %xmm13, %xmm13; + vpsrldq $8, %xmm13, %xmm13; + vpxor %xmm13, %xmm15, %xmm15; + /* dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm5, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm6, %xmm6; + vpxor %xmm15, %xmm7, %xmm7; + vpxor %xmm15, %xmm8, %xmm8; + vpslldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm9, %xmm9; + + /* absorb kw4 to other subkeys */ + vpslldq $8, %xmm9, %xmm15; + vpxor %xmm15, %xmm8, %xmm8; + vpxor %xmm15, %xmm7, %xmm7; + vpxor %xmm15, %xmm6, %xmm6; + + /* subl(33) ^= subr(33) & ~subr(24); */ + vpandn %xmm15, %xmm5, %xmm14; + vpslldq $4, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + /* dw = subl(33) & subl(24), subr(33) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm5, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpshufd $0x1b, %xmm5, %xmm5; + vpshufd $0x1b, %xmm6, %xmm6; + vpshufd $0x1b, %xmm7, %xmm7; + vpshufd $0x1b, %xmm8, %xmm8; + vpshufd $0x1b, %xmm9, %xmm9; + + vmovdqu %xmm5, cmll_sub(24, CTX); + vmovdqu %xmm6, cmll_sub(26, CTX); + vmovdqu %xmm7, cmll_sub(28, CTX); + vmovdqu %xmm8, cmll_sub(30, CTX); + vmovdqu %xmm9, cmll_sub(32, CTX); + + vpshufd $0x1b, cmll_sub(22, CTX), %xmm0; + vpshufd $0x1b, cmll_sub(20, CTX), %xmm1; + vpshufd $0x1b, cmll_sub(18, CTX), %xmm2; + vpshufd $0x1b, cmll_sub(16, CTX), %xmm3; + vpshufd $0x1b, cmll_sub(14, CTX), %xmm4; + vpshufd $0x1b, cmll_sub(12, CTX), %xmm5; + vpshufd $0x1b, cmll_sub(10, CTX), %xmm6; + vpshufd $0x1b, cmll_sub(8, CTX), %xmm7; + + vpxor %xmm15, %xmm0, %xmm0; + vpxor %xmm15, %xmm1, %xmm1; + vpxor %xmm15, %xmm2, %xmm2; + + /* subl(33) ^= subr(33) & ~subr(24); */ + vpandn %xmm15, %xmm3, %xmm14; + vpslldq $4, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + /* dw = subl(33) & subl(24), subr(33) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm3, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm5, %xmm5; + vpxor %xmm15, %xmm6, %xmm6; + + vpshufd $0x1b, %xmm0, %xmm0; + vpshufd $0x1b, %xmm1, %xmm1; + vpshufd $0x1b, %xmm2, %xmm2; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm5, %xmm5; + vpshufd $0x1b, %xmm6, %xmm6; + + vmovdqu %xmm0, cmll_sub(22, CTX); + vmovdqu %xmm1, cmll_sub(20, CTX); + vmovdqu %xmm2, cmll_sub(18, CTX); + vmovdqu %xmm4, cmll_sub(14, CTX); + vmovdqu %xmm5, cmll_sub(12, CTX); + vmovdqu %xmm6, cmll_sub(10, CTX); + + vpshufd $0x1b, cmll_sub(6, CTX), %xmm6; + vpshufd $0x1b, cmll_sub(4, CTX), %xmm4; + vpshufd $0x1b, cmll_sub(2, CTX), %xmm2; + vpshufd $0x1b, cmll_sub(0, CTX), %xmm0; + + /* subl(33) ^= subr(33) & ~subr(24); */ + vpandn %xmm15, %xmm7, %xmm14; + vpslldq $4, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + /* dw = subl(33) & subl(24), subr(33) ^= CAMELLIA_RL1(dw); */ + vpand %xmm15, %xmm7, %xmm14; + vpslld $1, %xmm14, %xmm13; + vpsrld $31, %xmm14, %xmm14; + vpaddd %xmm13, %xmm14, %xmm14; + vpsrldq $12, %xmm14, %xmm14; + vpslldq $8, %xmm14, %xmm14; + vpxor %xmm14, %xmm15, %xmm15; + + vpxor %xmm15, %xmm6, %xmm6; + vpxor %xmm15, %xmm4, %xmm4; + vpxor %xmm15, %xmm2, %xmm2; + vpxor %xmm15, %xmm0, %xmm0; + + vpshufd $0x1b, %xmm6, %xmm6; + vpshufd $0x1b, %xmm4, %xmm4; + vpshufd $0x1b, %xmm2, %xmm2; + vpshufd $0x1b, %xmm0, %xmm0; + + vpsrldq $8, %xmm2, %xmm3; + vpsrldq $8, %xmm4, %xmm5; + vpsrldq $8, %xmm6, %xmm7; + + /* + * key XOR is end of F-function. + */ + vpxor %xmm2, %xmm0, %xmm0; + vpxor %xmm4, %xmm2, %xmm2; + + vmovq %xmm0, cmll_sub(0, CTX); + vmovq %xmm3, cmll_sub(2, CTX); + vpxor %xmm5, %xmm3, %xmm3; + vpxor %xmm6, %xmm4, %xmm4; + vpxor %xmm7, %xmm5, %xmm5; + vmovq %xmm2, cmll_sub(3, CTX); + vmovq %xmm3, cmll_sub(4, CTX); + vmovq %xmm4, cmll_sub(5, CTX); + vmovq %xmm5, cmll_sub(6, CTX); + + vmovq cmll_sub(7, CTX), %xmm7; + vmovq cmll_sub(8, CTX), %xmm8; + vmovq cmll_sub(9, CTX), %xmm9; + vmovq cmll_sub(10, CTX), %xmm10; + /* tl = subl(10) ^ (subr(10) & ~subr(8)); */ + vpandn %xmm10, %xmm8, %xmm15; + vpsrldq $4, %xmm15, %xmm15; + vpxor %xmm15, %xmm10, %xmm0; + /* dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); */ + vpand %xmm8, %xmm0, %xmm15; + vpslld $1, %xmm15, %xmm14; + vpsrld $31, %xmm15, %xmm15; + vpaddd %xmm14, %xmm15, %xmm15; + vpslldq $12, %xmm15, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm0, %xmm0; + + vpxor %xmm0, %xmm6, %xmm6; + vmovq %xmm6, cmll_sub(7, CTX); + + vmovq cmll_sub(11, CTX), %xmm11; + vmovq cmll_sub(12, CTX), %xmm12; + vmovq cmll_sub(13, CTX), %xmm13; + vmovq cmll_sub(14, CTX), %xmm14; + vmovq cmll_sub(15, CTX), %xmm15; + /* tl = subl(7) ^ (subr(7) & ~subr(9)); */ + vpandn %xmm7, %xmm9, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm7, %xmm0; + /* dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); */ + vpand %xmm9, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vpxor %xmm11, %xmm0, %xmm0; + vpxor %xmm12, %xmm10, %xmm10; + vpxor %xmm13, %xmm11, %xmm11; + vpxor %xmm14, %xmm12, %xmm12; + vpxor %xmm15, %xmm13, %xmm13; + vmovq %xmm0, cmll_sub(10, CTX); + vmovq %xmm10, cmll_sub(11, CTX); + vmovq %xmm11, cmll_sub(12, CTX); + vmovq %xmm12, cmll_sub(13, CTX); + vmovq %xmm13, cmll_sub(14, CTX); + + vmovq cmll_sub(16, CTX), %xmm6; + vmovq cmll_sub(17, CTX), %xmm7; + vmovq cmll_sub(18, CTX), %xmm8; + vmovq cmll_sub(19, CTX), %xmm9; + vmovq cmll_sub(20, CTX), %xmm10; + /* tl = subl(18) ^ (subr(18) & ~subr(16)); */ + vpandn %xmm8, %xmm6, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm8, %xmm0; + /* dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); */ + vpand %xmm6, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vpxor %xmm14, %xmm0, %xmm0; + vmovq %xmm0, cmll_sub(15, CTX); + + /* tl = subl(15) ^ (subr(15) & ~subr(17)); */ + vpandn %xmm15, %xmm7, %xmm1; + vpsrldq $4, %xmm1, %xmm1; + vpxor %xmm1, %xmm15, %xmm0; + /* dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); */ + vpand %xmm7, %xmm0, %xmm1; + vpslld $1, %xmm1, %xmm2; + vpsrld $31, %xmm1, %xmm1; + vpaddd %xmm2, %xmm1, %xmm1; + vpslldq $12, %xmm1, %xmm1; + vpsrldq $8, %xmm1, %xmm1; + vpxor %xmm1, %xmm0, %xmm0; + + vmovq cmll_sub(21, CTX), %xmm1; + vmovq cmll_sub(22, CTX), %xmm2; + vmovq cmll_sub(23, CTX), %xmm3; + vmovq cmll_sub(24, CTX), %xmm4; + + vpxor %xmm9, %xmm0, %xmm0; + vpxor %xmm10, %xmm8, %xmm8; + vpxor %xmm1, %xmm9, %xmm9; + vpxor %xmm2, %xmm10, %xmm10; + vpxor %xmm3, %xmm1, %xmm1; + + vmovq %xmm0, cmll_sub(18, CTX); + vmovq %xmm8, cmll_sub(19, CTX); + vmovq %xmm9, cmll_sub(20, CTX); + vmovq %xmm10, cmll_sub(21, CTX); + vmovq %xmm1, cmll_sub(22, CTX); + + vmovq cmll_sub(25, CTX), %xmm5; + vmovq cmll_sub(26, CTX), %xmm6; + vmovq cmll_sub(27, CTX), %xmm7; + vmovq cmll_sub(28, CTX), %xmm8; + vmovq cmll_sub(29, CTX), %xmm9; + vmovq cmll_sub(30, CTX), %xmm10; + vmovq cmll_sub(31, CTX), %xmm11; + vmovq cmll_sub(32, CTX), %xmm12; + + /* tl = subl(26) ^ (subr(26) & ~subr(24)); */ + vpandn %xmm6, %xmm4, %xmm15; + vpsrldq $4, %xmm15, %xmm15; + vpxor %xmm15, %xmm6, %xmm0; + /* dw = tl & subl(26), tr = subr(24) ^ CAMELLIA_RL1(dw); */ + vpand %xmm4, %xmm0, %xmm15; + vpslld $1, %xmm15, %xmm14; + vpsrld $31, %xmm15, %xmm15; + vpaddd %xmm14, %xmm15, %xmm15; + vpslldq $12, %xmm15, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm0, %xmm0; + + vpxor %xmm0, %xmm2, %xmm2; + vmovq %xmm2, cmll_sub(23, CTX); + + /* tl = subl(23) ^ (subr(23) & ~subr(25)); */ + vpandn %xmm3, %xmm5, %xmm15; + vpsrldq $4, %xmm15, %xmm15; + vpxor %xmm15, %xmm3, %xmm0; + /* dw = tl & subl(26), tr = subr(24) ^ CAMELLIA_RL1(dw); */ + vpand %xmm5, %xmm0, %xmm15; + vpslld $1, %xmm15, %xmm14; + vpsrld $31, %xmm15, %xmm15; + vpaddd %xmm14, %xmm15, %xmm15; + vpslldq $12, %xmm15, %xmm15; + vpsrldq $8, %xmm15, %xmm15; + vpxor %xmm15, %xmm0, %xmm0; + + vpxor %xmm7, %xmm0, %xmm0; + vpxor %xmm8, %xmm6, %xmm6; + vpxor %xmm9, %xmm7, %xmm7; + vpxor %xmm10, %xmm8, %xmm8; + vpxor %xmm11, %xmm9, %xmm9; + vpxor %xmm12, %xmm11, %xmm11; + + vmovq %xmm0, cmll_sub(26, CTX); + vmovq %xmm6, cmll_sub(27, CTX); + vmovq %xmm7, cmll_sub(28, CTX); + vmovq %xmm8, cmll_sub(29, CTX); + vmovq %xmm9, cmll_sub(30, CTX); + vmovq %xmm10, cmll_sub(31, CTX); + vmovq %xmm11, cmll_sub(32, CTX); + + /* kw2 and kw4 are unused now. */ + movq $0, cmll_sub(1, CTX); + movq $0, cmll_sub(33, CTX); + + vzeroall; + + ret; +.size __camellia_avx_setup256,.-__camellia_avx_setup256; + +.align 8 +.globl _gcry_camellia_aesni_avx_keygen +.type _gcry_camellia_aesni_avx_keygen, at function; + +_gcry_camellia_aesni_avx_keygen: + /* input: + * %rdi: ctx, CTX + * %rsi: key + * %rdx: keylen + */ + + vzeroupper; + + vmovdqu (%rsi), %xmm0; + cmpl $24, %edx; + jb __camellia_avx_setup128; + je .Lprepare_key192; + + vmovdqu 16(%rsi), %xmm1; + jmp __camellia_avx_setup256; + +.Lprepare_key192: + vpcmpeqd %xmm2, %xmm2, %xmm2; + vmovq 16(%rsi), %xmm1; + + vpxor %xmm1, %xmm2, %xmm2; + vpslldq $8, %xmm2, %xmm2; + vpor %xmm2, %xmm1, %xmm1; + + jmp __camellia_avx_setup256; +.size _gcry_camellia_aesni_avx_keygen,.-_gcry_camellia_aesni_avx_keygen; + #endif /*defined(ENABLE_AESNI_SUPPORT) && defined(ENABLE_AVX_SUPPORT)*/ #endif /*__x86_64*/ diff --git a/cipher/camellia-aesni-avx2-amd64.S b/cipher/camellia-aesni-avx2-amd64.S index 78ef2d6..65c923e 100644 --- a/cipher/camellia-aesni-avx2-amd64.S +++ b/cipher/camellia-aesni-avx2-amd64.S @@ -32,8 +32,8 @@ #define CAMELLIA_TABLE_BYTE_LEN 272 /* struct CAMELLIA_context: */ -#define key_bitlength 0 -#define key_table 4 +#define key_table 0 +#define key_bitlength CAMELLIA_TABLE_BYTE_LEN /* register macros */ #define CTX %rdi diff --git a/cipher/camellia-arm.S b/cipher/camellia-arm.S index 302f436..c30d194 100644 --- a/cipher/camellia-arm.S +++ b/cipher/camellia-arm.S @@ -28,11 +28,8 @@ .syntax unified .arm -#define CAMELLIA_TABLE_BYTE_LEN 272 - /* struct camellia_ctx: */ #define key_table 0 -#define key_length CAMELLIA_TABLE_BYTE_LEN /* register macros */ #define CTX %r0 diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c index b7ae0fc..24936ce 100644 --- a/cipher/camellia-glue.c +++ b/cipher/camellia-glue.c @@ -90,13 +90,13 @@ typedef struct { - int keybitlength; KEY_TABLE_TYPE keytable; + int keybitlength; #ifdef USE_AESNI_AVX - int use_aesni_avx; /* AES-NI/AVX implementation shall be used. */ + unsigned int use_aesni_avx:1; /* AES-NI/AVX implementation shall be used. */ #endif /*USE_AESNI_AVX*/ #ifdef USE_AESNI_AVX2 - int use_aesni_avx2; /* AES-NI/AVX2 implementation shall be used. */ + unsigned int use_aesni_avx2:1;/* AES-NI/AVX2 implementation shall be used. */ #endif /*USE_AESNI_AVX2*/ } CAMELLIA_context; @@ -118,6 +118,10 @@ extern void _gcry_camellia_aesni_avx_cfb_dec(CAMELLIA_context *ctx, unsigned char *out, const unsigned char *in, unsigned char *iv); + +extern void _gcry_camellia_aesni_avx_keygen(CAMELLIA_context *ctx, + const unsigned char *key, + unsigned int keylen); #endif #ifdef USE_AESNI_AVX2 @@ -148,6 +152,9 @@ camellia_setkey(void *c, const byte *key, unsigned keylen) CAMELLIA_context *ctx=c; static int initialized=0; static const char *selftest_failed=NULL; +#if defined(USE_AESNI_AVX) || defined(USE_AESNI_AVX2) + unsigned int hwf = _gcry_get_hw_features (); +#endif if(keylen!=16 && keylen!=24 && keylen!=32) return GPG_ERR_INV_KEYLEN; @@ -163,39 +170,38 @@ camellia_setkey(void *c, const byte *key, unsigned keylen) if(selftest_failed) return GPG_ERR_SELFTEST_FAILED; +#ifdef USE_AESNI_AVX + ctx->use_aesni_avx = (hwf & HWF_INTEL_AESNI) && (hwf & HWF_INTEL_AVX); +#endif +#ifdef USE_AESNI_AVX2 + ctx->use_aesni_avx2 = (hwf & HWF_INTEL_AESNI) && (hwf & HWF_INTEL_AVX2); +#endif + ctx->keybitlength=keylen*8; - Camellia_Ekeygen(ctx->keybitlength,key,ctx->keytable); - _gcry_burn_stack - ((19+34+34)*sizeof(u32)+2*sizeof(void*) /* camellia_setup256 */ - +(4+32)*sizeof(u32)+2*sizeof(void*) /* camellia_setup192 */ - +0+sizeof(int)+2*sizeof(void*) /* Camellia_Ekeygen */ - +3*2*sizeof(void*) /* Function calls. */ - ); + if (0) + ; #ifdef USE_AESNI_AVX - ctx->use_aesni_avx = 0; - if ((_gcry_get_hw_features () & HWF_INTEL_AESNI) && - (_gcry_get_hw_features () & HWF_INTEL_AVX)) - { - ctx->use_aesni_avx = 1; - } + else if (ctx->use_aesni_avx) + _gcry_camellia_aesni_avx_keygen(ctx, key, keylen); + else #endif - -#ifdef USE_AESNI_AVX2 - ctx->use_aesni_avx2 = 0; - if ((_gcry_get_hw_features () & HWF_INTEL_AESNI) && - (_gcry_get_hw_features () & HWF_INTEL_AVX2)) { - ctx->use_aesni_avx2 = 1; + Camellia_Ekeygen(ctx->keybitlength,key,ctx->keytable); + _gcry_burn_stack + ((19+34+34)*sizeof(u32)+2*sizeof(void*) /* camellia_setup256 */ + +(4+32)*sizeof(u32)+2*sizeof(void*) /* camellia_setup192 */ + +0+sizeof(int)+2*sizeof(void*) /* Camellia_Ekeygen */ + +3*2*sizeof(void*) /* Function calls. */ + ); } -#endif return 0; } #ifdef USE_ARM_ASM -/* Assembly implementations of CAST5. */ +/* Assembly implementations of Camellia. */ extern void _gcry_camellia_arm_encrypt_block(const KEY_TABLE_TYPE keyTable, byte *outbuf, const byte *inbuf, const int keybits); commit c8ad83fb605fdbf6dc0b0dbcc8aedfbd477640da Author: Jussi Kivilinna Date: Fri Nov 15 16:23:00 2013 +0200 Avoid unneeded stack burning with AES-NI and reduce number of 'decryption_prepared' checks * cipher/rijndael.c (RIJNDAEL_context): Make 'decryption_prepared', 'use_padlock' and 'use_aesni' 1-bit members in bitfield. (do_setkey): Move 'hwfeatures' inside [USE_AESNI ||?USE_PADLOCK]. (do_aesni_enc_aligned): Rename to... (do_aesni_enc): ...this, as function does not require aligned input. (do_aesni_dec_aligned): Rename to... (do_aesni_dec): ...this, as function does not require aligned input. (do_aesni): Remove. (rijndael_encrypt): Call 'do_aesni_enc' instead of 'do_aesni'. (rijndael_decrypt): Call 'do_aesni_dec' instead of 'do_aesni'. (check_decryption_preparation): New. (do_decrypt): Remove 'decryption_prepared' check. (rijndael_decrypt): Ditto and call 'check_decryption_preparation'. (_gcry_aes_cbc_dec): Ditto. (_gcry_aes_cfb_enc): Add 'burn_depth' and burn stack only when needed. (_gcry_aes_cbc_enc): Ditto. (_gcry_aes_ctr_enc): Ditto. (_gcry_aes_cfb_dec): Ditto. (_gcry_aes_cbc_dec): Ditto and correct clearing of 'savebuf'. -- Patch is mostly about reducing overhead for short buffers. Results on Intel i5-4570: After: $ tests/benchmark --cipher-repetitions 1000 --cipher-with-keysetup cipher aes Running each test 1000 times. ECB/Stream CBC CFB OFB CTR CCM --------------- --------------- --------------- --------------- --------------- --------------- AES 480ms 540ms 1750ms 300ms 1630ms 300ms 1640ms 1640ms 350ms 350ms 2130ms 2140ms Before: $ tests/benchmark --cipher-repetitions 1000 --cipher-with-keysetup cipher aes Running each test 1000 times. ECB/Stream CBC CFB OFB CTR CCM --------------- --------------- --------------- --------------- --------------- --------------- AES 520ms 590ms 1760ms 310ms 1640ms 310ms 1610ms 1600ms 360ms 360ms 2150ms 2160ms Signed-off-by: Jussi Kivilinna diff --git a/cipher/rijndael.c b/cipher/rijndael.c index b5a3d10..47b2559 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -163,13 +163,13 @@ typedef struct PROPERLY_ALIGNED_TYPE dummy; byte keyschedule[MAXROUNDS+1][4][4]; } u2; - int rounds; /* Key-length-dependent number of rounds. */ - int decryption_prepared; /* The decryption key schedule is available. */ + int rounds; /* Key-length-dependent number of rounds. */ + unsigned int decryption_prepared:1; /* The decryption key schedule is available. */ #ifdef USE_PADLOCK - int use_padlock; /* Padlock shall be used. */ + unsigned int use_padlock:1; /* Padlock shall be used. */ #endif /*USE_PADLOCK*/ #ifdef USE_AESNI - int use_aesni; /* AES-NI shall be used. */ + unsigned int use_aesni:1; /* AES-NI shall be used. */ #endif /*USE_AESNI*/ } RIJNDAEL_context ATTR_ALIGNED_16; @@ -465,7 +465,9 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen) int rounds; int i,j, r, t, rconpointer = 0; int KC; +#if defined(USE_AESNI) || defined(USE_PADLOCK) unsigned int hwfeatures; +#endif /* The on-the-fly self tests are only run in non-fips mode. In fips mode explicit self-tests are required. Actually the on-the-fly @@ -959,9 +961,9 @@ do_padlock (const RIJNDAEL_context *ctx, int decrypt_flag, back. If we decide to implement some block modes with parallelized AES instructions, it might indeed be better to use plain asm ala mpi/. */ -static void -do_aesni_enc_aligned (const RIJNDAEL_context *ctx, - unsigned char *b, const unsigned char *a) +static inline void +do_aesni_enc (const RIJNDAEL_context *ctx, unsigned char *b, + const unsigned char *a) { #define aesenc_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdc, 0xc1\n\t" #define aesenclast_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdd, 0xc1\n\t" @@ -1019,9 +1021,9 @@ do_aesni_enc_aligned (const RIJNDAEL_context *ctx, } -static void -do_aesni_dec_aligned (const RIJNDAEL_context *ctx, - unsigned char *b, const unsigned char *a) +static inline void +do_aesni_dec (const RIJNDAEL_context *ctx, unsigned char *b, + const unsigned char *a) { #define aesdec_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xde, 0xc1\n\t" #define aesdeclast_xmm1_xmm0 ".byte 0x66, 0x0f, 0x38, 0xdf, 0xc1\n\t" @@ -1626,24 +1628,6 @@ do_aesni_ctr_4 (const RIJNDAEL_context *ctx, #undef aesenclast_xmm1_xmm4 } - -static void -do_aesni (RIJNDAEL_context *ctx, int decrypt_flag, - unsigned char *bx, const unsigned char *ax) -{ - - if (decrypt_flag) - { - if (!ctx->decryption_prepared ) - { - prepare_decryption ( ctx ); - ctx->decryption_prepared = 1; - } - do_aesni_dec_aligned (ctx, bx, ax); - } - else - do_aesni_enc_aligned (ctx, bx, ax); -} #endif /*USE_AESNI*/ @@ -1666,7 +1650,7 @@ rijndael_encrypt (void *context, byte *b, const byte *a) else if (ctx->use_aesni) { aesni_prepare (); - do_aesni (ctx, 0, b, a); + do_aesni_enc (ctx, b, a); aesni_cleanup (); burn_stack = 0; } @@ -1693,6 +1677,7 @@ _gcry_aes_cfb_enc (void *context, unsigned char *iv, RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; const unsigned char *inbuf = inbuf_arg; + unsigned int burn_depth = 48 + 2*sizeof(int); if (0) ; @@ -1722,6 +1707,8 @@ _gcry_aes_cfb_enc (void *context, unsigned char *iv, inbuf += BLOCKSIZE; } aesni_cleanup (); + + burn_depth = 0; /* No stack usage. */ } #endif /*USE_AESNI*/ else @@ -1737,7 +1724,8 @@ _gcry_aes_cfb_enc (void *context, unsigned char *iv, } } - _gcry_burn_stack (48 + 2*sizeof(int)); + if (burn_depth) + _gcry_burn_stack (burn_depth); } @@ -1754,9 +1742,13 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, unsigned char *outbuf = outbuf_arg; const unsigned char *inbuf = inbuf_arg; unsigned char *last_iv; + unsigned int burn_depth = 48 + 2*sizeof(int); +#ifdef USE_AESNI + int use_aesni = ctx->use_aesni; +#endif #ifdef USE_AESNI - if (ctx->use_aesni) + if (use_aesni) aesni_prepare (); #endif /*USE_AESNI*/ @@ -1767,7 +1759,7 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, if (0) ; #ifdef USE_AESNI - else if (ctx->use_aesni) + else if (use_aesni) { /* ~35% speed up on Sandy-Bridge when doing xoring and copying with SSE registers. */ @@ -1781,7 +1773,7 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, [outbuf] "m" (*outbuf) : "memory" ); - do_aesni (ctx, 0, outbuf, outbuf); + do_aesni_enc (ctx, outbuf, outbuf); } #endif /*USE_AESNI*/ else @@ -1809,7 +1801,7 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, if (0) ; #ifdef USE_AESNI - else if (ctx->use_aesni) + else if (use_aesni) asm volatile ("movdqu %[last], %%xmm0\n\t" "movdqu %%xmm0, %[iv]\n\t" : /* No output */ @@ -1822,11 +1814,15 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, } #ifdef USE_AESNI - if (ctx->use_aesni) - aesni_cleanup (); + if (use_aesni) + { + aesni_cleanup (); + burn_depth = 0; /* No stack usage. */ + } #endif /*USE_AESNI*/ - _gcry_burn_stack (48 + 2*sizeof(int)); + if (burn_depth) + _gcry_burn_stack (burn_depth); } @@ -1843,6 +1839,7 @@ _gcry_aes_ctr_enc (void *context, unsigned char *ctr, RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; const unsigned char *inbuf = inbuf_arg; + unsigned int burn_depth = 48 + 2*sizeof(int); int i; if (0) @@ -1876,6 +1873,8 @@ _gcry_aes_ctr_enc (void *context, unsigned char *ctr, } aesni_cleanup (); aesni_cleanup_2_6 (); + + burn_depth = 0; /* No stack usage. */ } #endif /*USE_AESNI*/ else @@ -1900,7 +1899,8 @@ _gcry_aes_ctr_enc (void *context, unsigned char *ctr, } } - _gcry_burn_stack (48 + 2*sizeof(int)); + if (burn_depth) + _gcry_burn_stack (burn_depth); } @@ -2007,12 +2007,6 @@ do_decrypt_aligned (RIJNDAEL_context *ctx, static void do_decrypt (RIJNDAEL_context *ctx, byte *bx, const byte *ax) { - if ( !ctx->decryption_prepared ) - { - prepare_decryption ( ctx ); - ctx->decryption_prepared = 1; - } - #if !defined(USE_AMD64_ASM) && !defined(USE_ARM_ASM) /* BX and AX are not necessary correctly aligned. Thus we might need to copy them here. We try to align to a 16 bytes. */ @@ -2041,6 +2035,21 @@ do_decrypt (RIJNDAEL_context *ctx, byte *bx, const byte *ax) } +static inline void +check_decryption_preparation (RIJNDAEL_context *ctx) +{ + if (0) + ; +#ifdef USE_PADLOCK + else if (ctx->use_padlock) + { /* Padlock does not need decryption subkeys. */ } +#endif /*USE_PADLOCK*/ + else if ( !ctx->decryption_prepared ) + { + prepare_decryption ( ctx ); + ctx->decryption_prepared = 1; + } +} static unsigned int @@ -2049,6 +2058,8 @@ rijndael_decrypt (void *context, byte *b, const byte *a) RIJNDAEL_context *ctx = context; unsigned int burn_stack; + check_decryption_preparation (ctx); + if (0) ; #ifdef USE_PADLOCK @@ -2062,7 +2073,7 @@ rijndael_decrypt (void *context, byte *b, const byte *a) else if (ctx->use_aesni) { aesni_prepare (); - do_aesni (ctx, 1, b, a); + do_aesni_dec (ctx, b, a); aesni_cleanup (); burn_stack = 0; } @@ -2089,6 +2100,7 @@ _gcry_aes_cfb_dec (void *context, unsigned char *iv, RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; const unsigned char *inbuf = inbuf_arg; + unsigned int burn_depth = 48 + 2*sizeof(int); if (0) ; @@ -2161,6 +2173,8 @@ _gcry_aes_cfb_dec (void *context, unsigned char *iv, } aesni_cleanup (); aesni_cleanup_2_6 (); + + burn_depth = 0; /* No stack usage. */ } #endif /*USE_AESNI*/ else @@ -2174,7 +2188,8 @@ _gcry_aes_cfb_dec (void *context, unsigned char *iv, } } - _gcry_burn_stack (48 + 2*sizeof(int)); + if (burn_depth) + _gcry_burn_stack (burn_depth); } @@ -2190,7 +2205,9 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; const unsigned char *inbuf = inbuf_arg; - unsigned char savebuf[BLOCKSIZE]; + unsigned int burn_depth = 48 + 2*sizeof(int) + 4*sizeof (char*); + + check_decryption_preparation (ctx); if (0) ; @@ -2199,12 +2216,6 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, { aesni_prepare (); - if (!ctx->decryption_prepared ) - { - prepare_decryption ( ctx ); - ctx->decryption_prepared = 1; - } - asm volatile ("movdqu %[iv], %%xmm5\n\t" /* use xmm5 as fast IV storage */ : /* No output */ @@ -2259,7 +2270,7 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, : "memory"); /* uses only xmm0 and xmm1 */ - do_aesni_dec_aligned (ctx, outbuf, inbuf); + do_aesni_dec (ctx, outbuf, inbuf); asm volatile ("movdqu %[outbuf], %%xmm0\n\t" @@ -2282,29 +2293,38 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, aesni_cleanup (); aesni_cleanup_2_6 (); + + burn_depth = 0; /* No stack usage. */ } #endif /*USE_AESNI*/ else - for ( ;nblocks; nblocks-- ) - { - /* INBUF is needed later and it may be identical to OUTBUF, so store - the intermediate result to SAVEBUF. */ + { + unsigned char savebuf[BLOCKSIZE]; - if (0) - ; + for ( ;nblocks; nblocks-- ) + { + /* INBUF is needed later and it may be identical to OUTBUF, so store + the intermediate result to SAVEBUF. */ + + if (0) + ; #ifdef USE_PADLOCK - else if (ctx->use_padlock) - do_padlock (ctx, 1, savebuf, inbuf); + else if (ctx->use_padlock) + do_padlock (ctx, 1, savebuf, inbuf); #endif /*USE_PADLOCK*/ - else - do_decrypt (ctx, savebuf, inbuf); + else + do_decrypt (ctx, savebuf, inbuf); - buf_xor_n_copy_2(outbuf, savebuf, iv, inbuf, BLOCKSIZE); - inbuf += BLOCKSIZE; - outbuf += BLOCKSIZE; - } + buf_xor_n_copy_2(outbuf, savebuf, iv, inbuf, BLOCKSIZE); + inbuf += BLOCKSIZE; + outbuf += BLOCKSIZE; + } + + wipememory(savebuf, sizeof(savebuf)); + } - _gcry_burn_stack (48 + 2*sizeof(int) + BLOCKSIZE + 4*sizeof (char*)); + if (burn_depth) + _gcry_burn_stack (burn_depth); } ----------------------------------------------------------------------- Summary of changes: cipher/camellia-aesni-avx-amd64.S | 982 +++++++++++++++++++++++++++++++++++- cipher/camellia-aesni-avx2-amd64.S | 4 +- cipher/camellia-arm.S | 3 - cipher/camellia-glue.c | 54 +- cipher/rijndael.c | 158 +++--- 5 files changed, 1101 insertions(+), 100 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sun Nov 17 15:18:19 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sun, 17 Nov 2013 15:18:19 +0100 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.12-4-gb70a430 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via b70a430d020e8541f66cca38c00355bab7bb1017 (commit) from 52e1f2e131b422fdb66abeaf4a8f084689b39bf7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b70a430d020e8541f66cca38c00355bab7bb1017 Author: Werner Koch Date: Sun Nov 17 15:16:59 2013 +0100 Add GPG_ERR_MAC_ALGO. diff --git a/NEWS b/NEWS index 86a2f5f..2600b4e 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,11 @@ Noteworthy changes in version 1.13 (unreleased) ----------------------------------------------- + * Interface changes relative to the 1.11 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GPG_ERR_MAC_ALGO NEW. + + Noteworthy changes in version 1.12 (2013-06-24) ----------------------------------------------- diff --git a/doc/errorref.txt b/doc/errorref.txt index 2986937..d8b95eb 100644 --- a/doc/errorref.txt +++ b/doc/errorref.txt @@ -345,7 +345,10 @@ GPG_ERR_INV_LENGTH Invalid length modes. - Bad length of input data; e.g. not a multiple of the block length. - - A length does not match the size of the digest algorithm. + - A length does not match the size of the digest + algorithm. + - Length of signature or public key is not as expected + (e.g. in EdDSA). [more to come] GNUPG: - Invalid hash length for a pubkey [more to come] @@ -511,5 +514,11 @@ GPG_ERR_BROKEN_SECKEY Broken secret key The secret key was mathematically not correctly generated. +GPG_ERR_MAC_ALGO + + GCRYPT: - MAC key algorithm is not defined or not available. + + +198 GPG_ERR_FULLY_CANCELED Operation fully cancelled 199 GPG_ERR_UNFINISHED Operation not yet finished 200 GPG_ERR_BUFFER_TOO_SHORT Buffer too short diff --git a/src/err-codes.h.in b/src/err-codes.h.in index 9c213de..4ecc24e 100644 --- a/src/err-codes.h.in +++ b/src/err-codes.h.in @@ -226,7 +226,7 @@ 194 GPG_ERR_CRYPT_CTX_CONFLICT Conflict in the crypto context 195 GPG_ERR_BROKEN_PUBKEY Broken public key 196 GPG_ERR_BROKEN_SECKEY Broken secret key -# 197 is free to be used. +197 GPG_ERR_MAC_ALGO Invalid MAC algorithm 198 GPG_ERR_FULLY_CANCELED Operation fully cancelled 199 GPG_ERR_UNFINISHED Operation not yet finished 200 GPG_ERR_BUFFER_TOO_SHORT Buffer too short ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ doc/errorref.txt | 11 ++++++++++- src/err-codes.h.in | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 18 14:14:32 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 18 Nov 2013 14:14:32 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-267-gcc9a0b6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cc9a0b69b698ba436eaf777e5020532845b56236 (commit) via 798daaa1ddf73f64cf840fbdc1f4c5b9c4b4ec13 (commit) from 5499942571a88a1223a7318992605c6d29858866 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cc9a0b69b698ba436eaf777e5020532845b56236 Author: Werner Koch Date: Mon Nov 18 14:09:47 2013 +0100 Make use of the *_NAME etc macros. Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt. diff --git a/agent/command.c b/agent/command.c index 938778a..4fa40d9 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2065,10 +2065,16 @@ cmd_import_key (assuan_context_t ctx, char *line) if (!agent_key_available (grip)) err = gpg_error (GPG_ERR_EEXIST); else - err = agent_ask_new_passphrase - (ctrl, _("Please enter the passphrase to protect the " - "imported object within the GnuPG system."), - &passphrase); + { + char *prompt = xtryasprintf + (_("Please enter the passphrase to protect the " + "imported object within the %s system."), GNUPG_NAME); + if (!prompt) + err = gpg_error_from_syserror (); + else + err = agent_ask_new_passphrase (ctrl, prompt, &passphrase); + xfree (prompt); + } if (err) goto leave; } diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index ff129f9..ed664ea 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -335,7 +335,7 @@ my_strusage (int level) switch (level) { - case 11: p = "gpg-agent (GnuPG)"; + case 11: p = "@GPG_AGENT@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -351,10 +351,10 @@ my_strusage (int level) break; case 1: - case 40: p = _("Usage: gpg-agent [options] (-h for help)"); + case 40: p = _("Usage: @GPG_AGENT@ [options] (-h for help)"); break; - case 41: p = _("Syntax: gpg-agent [options] [command [args]]\n" - "Secret key management for GnuPG\n"); + case 41: p = _("Syntax: @GPG_AGENT@ [options] [command [args]]\n" + "Secret key management for @GNUPG@\n"); break; default: p = NULL; @@ -608,7 +608,7 @@ main (int argc, char **argv ) /* Please note that we may running SUID(ROOT), so be very CAREFUL when adding any stuff between here and the call to INIT_SECMEM() somewhere after the option parsing */ - log_set_prefix ("gpg-agent", JNLIB_LOG_WITH_PREFIX|JNLIB_LOG_WITH_PID); + log_set_prefix (GPG_AGENT_NAME, JNLIB_LOG_WITH_PREFIX|JNLIB_LOG_WITH_PID); /* Make sure that our subsystems are ready. */ i18n_init (); @@ -1044,10 +1044,10 @@ main (int argc, char **argv ) /* Create the sockets. */ socket_name = create_socket_name - ("S.gpg-agent", "gpg-XXXXXX/S.gpg-agent"); + (GPG_AGENT_SOCK_NAME, "gpg-XXXXXX/"GPG_AGENT_SOCK_NAME); if (opt.ssh_support) socket_name_ssh = create_socket_name - ("S.gpg-agent.ssh", "gpg-XXXXXX/S.gpg-agent.ssh"); + (GPG_AGENT_SSH_SOCK_NAME, "gpg-XXXXXX/"GPG_AGENT_SSH_SOCK_NAME); fd = create_server_socket (socket_name, 0, &socket_nonce); if (opt.ssh_support) @@ -1064,7 +1064,8 @@ main (int argc, char **argv ) fflush (NULL); #ifdef HAVE_W32_SYSTEM pid = getpid (); - es_printf ("set GPG_AGENT_INFO=%s;%lu;1\n", socket_name, (ulong)pid); + es_printf ("set %s=%s;%lu;1\n", + GPG_AGENT_INFO_NAME, socket_name, (ulong)pid); #else /*!HAVE_W32_SYSTEM*/ pid = fork (); if (pid == (pid_t)-1) @@ -1095,8 +1096,8 @@ main (int argc, char **argv ) #endif /*HAVE_SIGPROCMASK*/ /* Create the info string: :: */ - if (asprintf (&infostr, "GPG_AGENT_INFO=%s:%lu:1", - socket_name, (ulong)pid ) < 0) + if (asprintf (&infostr, "%s=%s:%lu:1", + GPG_AGENT_INFO_NAME, socket_name, (ulong)pid ) < 0) { log_error ("out of core\n"); kill (pid, SIGTERM); @@ -1193,7 +1194,7 @@ main (int argc, char **argv ) } else { - es_printf ( "%s; export GPG_AGENT_INFO;\n", infostr); + es_printf ( "%s; export %s;\n", infostr, GPG_AGENT_INFO_NAME); if (opt.ssh_support) { es_printf ("%s; export SSH_AUTH_SOCK;\n", @@ -2190,7 +2191,7 @@ check_own_socket (void) if (check_own_socket_running || shutdown_pending) return; /* Still running or already shutting down. */ - sockname = make_filename (opt.homedir, "S.gpg-agent", NULL); + sockname = make_filename (opt.homedir, GPG_AGENT_SOCK_NAME, NULL); if (!sockname) return; /* Out of memory. */ @@ -2219,7 +2220,7 @@ check_for_running_agent (int silent, int mode) if (!mode) { - infostr = getenv ("GPG_AGENT_INFO"); + infostr = getenv (GPG_AGENT_INFO_NAME); if (!infostr || !*infostr) { if (!check_for_running_agent (silent, 1)) @@ -2236,7 +2237,8 @@ check_for_running_agent (int silent, int mode) if (!check_for_running_agent (silent, 1)) return 0; /* Okay, its running on the standard socket. */ if (!silent) - log_error (_("malformed GPG_AGENT_INFO environment variable\n")); + log_error (_("malformed %s environment variable\n"), + GPG_AGENT_INFO_NAME); return -1; } @@ -2258,7 +2260,7 @@ check_for_running_agent (int silent, int mode) } else /* MODE != 0 */ { - infostr = make_filename (opt.homedir, "S.gpg-agent", NULL); + infostr = make_filename (opt.homedir, GPG_AGENT_SOCK_NAME, NULL); pid = (pid_t)(-1); } diff --git a/agent/preset-passphrase.c b/agent/preset-passphrase.c index 3f79336..e0cb77e 100644 --- a/agent/preset-passphrase.c +++ b/agent/preset-passphrase.c @@ -87,7 +87,7 @@ my_strusage (int level) const char *p; switch (level) { - case 11: p = "gpg-preset-passphrase (GnuPG)"; + case 11: p = "gpg-preset-passphrase (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -245,7 +245,7 @@ main (int argc, char **argv) /* Tell simple-pwquery about the the standard socket name. */ { - char *tmp = make_filename (opt_homedir, "S.gpg-agent", NULL); + char *tmp = make_filename (opt_homedir, GPG_AGENT_SOCK_NAME, NULL); simple_pw_set_socket (tmp); xfree (tmp); } diff --git a/agent/protect-tool.c b/agent/protect-tool.c index faa0e24..5e540cf 100644 --- a/agent/protect-tool.c +++ b/agent/protect-tool.c @@ -142,7 +142,7 @@ my_strusage (int level) const char *p; switch (level) { - case 11: p = "gpg-protect-tool (GnuPG)"; + case 11: p = "gpg-protect-tool (" GNUPG_NAME ")"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; diff --git a/agent/w32main.c b/agent/w32main.c index 06ad726..5ccbb5e 100644 --- a/agent/w32main.c +++ b/agent/w32main.c @@ -233,7 +233,7 @@ handle_taskbar (void *ctx) nid.hWnd = glob_hwnd; nid.uID = 1; nid.hIcon = LoadIcon (glob_hinst, MAKEINTRESOURCE (1)); - mem2str (nid.szTip, "GnuPG Agent version "PACKAGE_VERSION, + mem2str (nid.szTip, GPG_AGENT_NAME " version "PACKAGE_VERSION, sizeof nid.szTip); Shell_NotifyIcon (NIM_ADD, &nid); DestroyIcon (nid.hIcon); diff --git a/common/asshelp.c b/common/asshelp.c index fe32854..cfbc3ac 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -265,9 +265,9 @@ lock_spawning (lock_spawn_t *lock, const char *homedir, const char *name, *lock = CreateMutexW (NULL, FALSE, - !strcmp (name, "agent")? L"GnuPG_spawn_agent_sentinel": - !strcmp (name, "dirmngr")? L"GnuPG_spawn_dirmngr_sentinel": - /* */ L"GnuPG_spawn_unknown_sentinel"); + !strcmp (name, "agent")? L"spawn_"GNUPG_NAME"_agent_sentinel": + !strcmp (name, "dirmngr")? L"spawn_"GNUPG_NAME"_dirmngr_sentinel": + /* */ L"spawn_"GNUPG_NAME"_unknown_sentinel"); if (!*lock) { log_error ("failed to create the spawn_%s mutex: %s\n", @@ -378,7 +378,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx, } restart: - infostr = force_pipe_server? NULL : getenv ("GPG_AGENT_INFO"); + infostr = force_pipe_server? NULL : getenv (GPG_AGENT_INFO_NAME); if (!infostr || !*infostr) { char *sockname; @@ -388,7 +388,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx, /* First check whether we can connect at the standard socket. */ - sockname = make_filename (homedir, "S.gpg-agent", NULL); + sockname = make_filename (homedir, GPG_AGENT_SOCK_NAME, NULL); err = assuan_socket_connect (ctx, sockname, 0, 0); if (err) @@ -517,7 +517,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx, infostr = xstrdup (infostr); if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) { - log_error (_("malformed GPG_AGENT_INFO environment variable\n")); + log_error (_("malformed %s environment variable\n"), + GPG_AGENT_INFO_NAME); xfree (infostr); force_pipe_server = 1; goto restart; diff --git a/common/audit.c b/common/audit.c index e4522dc..103120a 100644 --- a/common/audit.c +++ b/common/audit.c @@ -1187,7 +1187,7 @@ audit_print_result (audit_ctx_t ctx, estream_t out, int use_html) clear_helptags (ctx); if (use_html) - es_fputs ("
    \n", ctx->outstream); + es_fputs ("
    \n", ctx->outstream); if (!ctx->log || !ctx->logused) { diff --git a/common/gpgrlhelp.c b/common/gpgrlhelp.c index cc6e9a1..e2fdb9a 100644 --- a/common/gpgrlhelp.c +++ b/common/gpgrlhelp.c @@ -92,6 +92,6 @@ gnupg_rl_initialize (void) cleanup_after_signal, readline, add_history); - rl_readline_name = "GnuPG"; + rl_readline_name = GNUPG_NAME; #endif } diff --git a/common/homedir.c b/common/homedir.c index faf9787..682df9a 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -221,7 +221,8 @@ default_homedir (void) { char *tmp; - tmp = read_w32_registry_string (NULL, "Software\\GNU\\GnuPG", + tmp = read_w32_registry_string (NULL, + "Software\\GNU\\" GNUPG_NAME, "HomeDir"); if (tmp && !*tmp) { @@ -585,7 +586,7 @@ dirmngr_socket_name (void) s1 = s1buf; } # endif - s2 = DIRSEP_S "S.dirmngr"; + s2 = DIRSEP_S DIRMNGR_SOCK_NAME; name = xmalloc (strlen (s1) + strlen (s2) + 1); strcpy (stpcpy (name, s1), s2); for (p=name; *p; p++) @@ -594,7 +595,7 @@ dirmngr_socket_name (void) } return name; #else /*!HAVE_W32_SYSTEM*/ - return GNUPG_LOCALSTATEDIR "/run/" PACKAGE_NAME "/S.dirmngr"; + return GNUPG_LOCALSTATEDIR "/run/" PACKAGE_NAME "/"DIRMNGR_SOCK_NAME; #endif /*!HAVE_W32_SYSTEM*/ } @@ -639,7 +640,7 @@ gnupg_module_name (int which) #ifdef GNUPG_DEFAULT_DIRMNGR return GNUPG_DEFAULT_DIRMNGR; #else - X(bindir, "dirmngr"); + X(bindir, DIRMNGR_NAME); #endif case GNUPG_MODULE_NAME_PROTECT_TOOL: diff --git a/common/logging.c b/common/logging.c index f78df91..e94cdaf 100644 --- a/common/logging.c +++ b/common/logging.c @@ -460,7 +460,7 @@ set_file_fd (const char *name, int fd) { HANDLE hd; - ActivateDevice (L"Drivers\\GnuPG_Log", 0); + ActivateDevice (L"Drivers\\"GNUPG_NAME"_Log", 0); /* Ignore a filename and write the debug output to the GPG2: device. */ hd = CreateFile (L"GPG2:", GENERIC_WRITE, @@ -636,7 +636,7 @@ do_logv (int level, int ignore_arg_ptr, const char *fmt, va_list arg_ptr) tmp = (no_registry ? NULL - : read_w32_registry_string (NULL, "Software\\GNU\\GnuPG", + : read_w32_registry_string (NULL, "Software\\GNU\\"GNUPG_NAME, "DefaultLogFile")); log_set_file (tmp && *tmp? tmp : NULL); jnlib_free (tmp); diff --git a/common/simple-pwquery.c b/common/simple-pwquery.c index 08f59d2..7dcc057 100644 --- a/common/simple-pwquery.c +++ b/common/simple-pwquery.c @@ -329,7 +329,7 @@ agent_open (int *rfd) int nread; *rfd = -1; - infostr = getenv ( "GPG_AGENT_INFO" ); + infostr = getenv (GPG_AGENT_INFO_NAME); if ( !infostr || !*infostr ) infostr = default_gpg_agent_info; if ( !infostr || !*infostr ) @@ -349,7 +349,7 @@ agent_open (int *rfd) || (p-infostr)+1 >= sizeof client_addr.sun_path ) { #ifdef SPWQ_USE_LOGGING - log_error ( _("malformed GPG_AGENT_INFO environment variable\n")); + log_error (_("malformed %s environment variable\n"), GPG_AGENT_INFO_NAME); #endif return SPWQ_NO_AGENT; } diff --git a/dirmngr/dirmngr-client.c b/dirmngr/dirmngr-client.c index 21f7743..76f4710 100644 --- a/dirmngr/dirmngr-client.c +++ b/dirmngr/dirmngr-client.c @@ -140,7 +140,7 @@ my_strusage (int level) switch(level) { - case 11: p = "dirmngr-client (GnuPG)"; + case 11: p = "dirmngr-client (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -440,7 +440,7 @@ start_dirmngr (int only_daemon) assuan_context_t ctx; int try_default = 0; - infostr = opt.force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); + infostr = opt.force_pipe_server? NULL : getenv (DIRMNGR_INFO_NAME); if (only_daemon && (!infostr || !*infostr)) { infostr = xstrdup (dirmngr_socket_name ()); @@ -502,7 +502,8 @@ start_dirmngr (int only_daemon) { if ( !(p = strchr (infostr, ':')) || p == infostr) { - log_error (_("malformed DIRMNGR_INFO environment variable\n")); + log_error (_("malformed %s environment variable\n"), + DIRMNGR_INFO_NAME); xfree (infostr); if (only_daemon) return NULL; diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 58bf948..9f3e2ee 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -287,7 +287,7 @@ my_strusage( int level ) const char *p; switch ( level ) { - case 11: p = "dirmngr (GnuPG)"; + case 11: p = "@DIRMNGR@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -297,10 +297,10 @@ my_strusage( int level ) case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break; case 49: p = PACKAGE_BUGREPORT; break; case 1: - case 40: p = _("Usage: dirmngr [options] (-h for help)"); + case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)"); break; - case 41: p = _("Syntax: dirmngr [options] [command [args]]\n" - "LDAP and OCSP access for GnuPG\n"); + case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n" + "LDAP and OCSP access for @GNUPG@\n"); break; default: p = NULL; @@ -387,7 +387,7 @@ set_debug (void) static void wrong_args (const char *text) { - es_fputs (_("usage: dirmngr [options] "), es_stderr); + es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME); es_fputs (text, es_stderr); es_putc ('\n', es_stderr); dirmngr_exit (2); @@ -600,7 +600,7 @@ main (int argc, char **argv) #endif /*USE_W32_SERVICE*/ set_strusage (my_strusage); - log_set_prefix ("dirmngr", 1|4); + log_set_prefix (DIRMNGR_NAME, 1|4); /* Make sure that our subsystems are ready. */ i18n_init (); @@ -719,7 +719,7 @@ main (int argc, char **argv) } if (default_config) - configname = make_filename (opt.homedir, "dirmngr.conf", NULL ); + configname = make_filename (opt.homedir, DIRMNGR_NAME".conf", NULL ); argc = orig_argc; argv = orig_argv; @@ -857,12 +857,12 @@ main (int argc, char **argv) log_info (_("NOTE: '%s' is not considered an option\n"), argv[i]); } - if (!access ("/etc/dirmngr", F_OK) && !strncmp (opt.homedir, "/etc/", 5)) + if (!access ("/etc/"DIRMNGR_NAME, F_OK) && !strncmp (opt.homedir, "/etc/", 5)) log_info - ("NOTE: DirMngr is now a proper part of GnuPG. The configuration and" + ("NOTE: DirMngr is now a proper part of %s. The configuration and" " other directory names changed. Please check that no other version" " of dirmngr is still installed. To disable this warning, remove the" - " directory '/etc/dirmngr'.\n"); + " directory '/etc/dirmngr'.\n", GNUPG_NAME); if (gnupg_faked_time_p ()) { @@ -1017,7 +1017,8 @@ main (int argc, char **argv) start of the dirmngr. */ #ifdef HAVE_W32_SYSTEM pid = getpid (); - es_printf ("set DIRMNGR_INFO=%s;%lu;1\n", socket_name, (ulong) pid); + es_printf ("set %s=%s;%lu;1\n", + DIRMNGR_INFO_NAME, socket_name, (ulong) pid); #else pid = fork(); if (pid == (pid_t)-1) @@ -1037,8 +1038,8 @@ main (int argc, char **argv) close (fd); /* Create the info string: :: */ - if (asprintf (&infostr, "DIRMNGR_INFO=%s:%lu:1", - socket_name, (ulong)pid ) < 0) + if (asprintf (&infostr, "%s=%s:%lu:1", + DIRMNGR_INFO_NAME, socket_name, (ulong)pid ) < 0) { log_error (_("out of core\n")); kill (pid, SIGTERM); @@ -1053,7 +1054,7 @@ main (int argc, char **argv) } else { - es_printf ( "%s; export DIRMNGR_INFO;\n", infostr); + es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME); } free (infostr); exit (0); diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c index 1b513ea..4e706d5 100644 --- a/dirmngr/dirmngr_ldap.c +++ b/dirmngr/dirmngr_ldap.c @@ -191,7 +191,7 @@ my_strusage (int level) switch(level) { - case 11: p = "dirmngr_ldap (GnuPG)"; + case 11: p = "dirmngr_ldap (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; diff --git a/g10/armor.c b/g10/armor.c index 43ebb2e..9a43389 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -1079,7 +1079,7 @@ armor_filter( void *opaque, int control, iobuf_writestr(a,afx->eol); if( !opt.no_version ) { - iobuf_writestr(a, "Version: GnuPG v" VERSION " (" + iobuf_writestr(a, "Version: "GNUPG_NAME" v" VERSION " (" PRINTABLE_OS_NAME ")" ); iobuf_writestr(a,afx->eol); } diff --git a/g10/gpg.c b/g10/gpg.c index 599948f..8e0aed0 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -819,7 +819,7 @@ my_strusage( int level ) const char *p; switch( level ) { - case 11: p = "gpg (GnuPG)"; + case 11: p = "@GPG@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -845,10 +845,10 @@ my_strusage( int level ) case 1: case 40: p = - _("Usage: gpg [options] [files] (-h for help)"); + _("Usage: @GPG@ [options] [files] (-h for help)"); break; case 41: p = - _("Syntax: gpg [options] [files]\n" + _("Syntax: @GPG@ [options] [files]\n" "Sign, check, encrypt or decrypt\n" "Default operation depends on the input data\n"); break; @@ -1833,8 +1833,8 @@ char * get_default_configname (void) { char *configname = NULL; - char *name = xstrdup ("gpg" EXTSEP_S "conf-" SAFE_VERSION); - char *ver = &name[strlen ("gpg" EXTSEP_S "conf-")]; + char *name = xstrdup (GPG_NAME EXTSEP_S "conf-" SAFE_VERSION); + char *ver = &name[strlen (GPG_NAME EXTSEP_S "conf-")]; do { @@ -1860,7 +1860,7 @@ get_default_configname (void) xfree(name); if (! configname) - configname = make_filename (opt.homedir, "gpg" EXTSEP_S "conf", NULL); + configname = make_filename (opt.homedir, GPG_NAME EXTSEP_S "conf", NULL); if (! access (configname, R_OK)) { /* Print a warning when both config files are present. */ @@ -1942,12 +1942,12 @@ main (int argc, char **argv) /* Please note that we may running SUID(ROOT), so be very CAREFUL when adding any stuff between here and the call to secmem_init() somewhere after the option parsing. */ - gnupg_reopen_std ("gpg"); + gnupg_reopen_std (GPG_NAME); trap_unaligned (); gnupg_rl_initialize (); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); - log_set_prefix ("gpg", 1); + log_set_prefix (GPG_NAME, 1); /* Make sure that our subsystems are ready. */ i18n_init(); @@ -3418,7 +3418,7 @@ main (int argc, char **argv) || (cmd != aDeArmor && cmd != aEnArmor && cmd != aGPGConfTest) ) { if (!nrings || default_keyring) /* Add default ring. */ - keydb_add_resource ("pubring" EXTSEP_S "gpg", + keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG, KEYDB_RESOURCE_FLAG_DEFAULT); for (sl = nrings; sl; sl = sl->next ) keydb_add_resource (sl->d, sl->flags); diff --git a/g10/gpgv.c b/g10/gpgv.c index 5cb9c55..c11d9d3 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -108,7 +108,7 @@ my_strusage( int level ) switch (level) { - case 11: p = "gpgv (GnuPG)"; + case 11: p = "@GPG at v (GnuPG)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -198,7 +198,7 @@ main( int argc, char **argv ) /* Note: We open all keyrings in read-only mode. */ if (!nrings) /* No keyring given: use default one. */ - keydb_add_resource ("trustedkeys" EXTSEP_S "gpg", + keydb_add_resource ("trustedkeys" EXTSEP_S GPGEXT_GPG, KEYDB_RESOURCE_FLAG_READONLY); for (sl = nrings; sl; sl = sl->next) keydb_add_resource (sl->d, KEYDB_RESOURCE_FLAG_READONLY); diff --git a/g10/keygen.c b/g10/keygen.c index 9c371bd..4bb8bba 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -2088,7 +2088,7 @@ ask_curve (void) continue; curves[idx].available = 1; - tty_printf (_(" (%d) %s\n"), idx + 1, + tty_printf (" (%d) %s\n", idx + 1, curves[idx].pretty_name? curves[idx].pretty_name:curves[idx].name); } @@ -2337,9 +2337,9 @@ ask_user_id (int mode, KBNODE keyblock) { /* TRANSLATORS: This is the new string telling the user what gpg is now going to do (i.e. ask for the parts of the user - ID). Note that if you do not tyranslated this string, a + ID). Note that if you do not translate this string, a different string will be used used, which might still have - a correct transaltion. */ + a correct translation. */ const char *s1 = N_("\n" "GnuPG needs to construct a user ID to identify your key.\n" diff --git a/g10/keyring.c b/g10/keyring.c index ae02f9d..04f6eeb 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1171,7 +1171,7 @@ create_tmp_file (const char *template, * works. So we replace .gpg by .bak or .tmp */ if (strlen (template) > 4 - && !strcmp (template+strlen(template)-4, EXTSEP_S "gpg") ) + && !strcmp (template+strlen(template)-4, EXTSEP_S GPGEXT_GPG) ) { bakfname = xmalloc (strlen (template) + 1); strcpy (bakfname, template); diff --git a/g10/openfile.c b/g10/openfile.c index 704dcff..119c567 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -105,7 +105,7 @@ make_outfile_name( const char *iname ) return xstrdup("-"); n = strlen(iname); - if( n > 4 && ( !CMP_FILENAME(iname+n-4, EXTSEP_S "gpg") + if( n > 4 && ( !CMP_FILENAME(iname+n-4, EXTSEP_S GPGEXT_GPG) || !CMP_FILENAME(iname+n-4, EXTSEP_S "pgp") || !CMP_FILENAME(iname+n-4, EXTSEP_S "sig") || !CMP_FILENAME(iname+n-4, EXTSEP_S "asc") ) ) { @@ -255,7 +255,8 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a) { buf = xstrconcat (iname, (mode==1 ? EXTSEP_S "asc" : - mode==2 ? EXTSEP_S "sig" : EXTSEP_S "gpg"), + mode==2 ? EXTSEP_S "sig" : + /* */ EXTSEP_S GPGEXT_GPG), NULL); } name = buf; @@ -369,7 +370,7 @@ copy_options_file( const char *destdir ) xfree(fname); return; } - strcpy(stpcpy(fname, destdir), DIRSEP_S "gpg" EXTSEP_S "conf" ); + strcpy(stpcpy(fname, destdir), DIRSEP_S GPGEXT_GPG EXTSEP_S "conf" ); oldmask=umask(077); if ( is_secured_filename (fname) ) { diff --git a/g10/server.c b/g10/server.c index da9c28d..8bf7a08 100644 --- a/g10/server.c +++ b/g10/server.c @@ -709,7 +709,7 @@ gpg_server (ctrl_t ctrl) if (opt.verbose || opt.debug) { char *tmp = NULL; - const char *s1 = getenv ("GPG_AGENT_INFO"); + const char *s1 = getenv (GPG_AGENT_INFO_NAME); tmp = xtryasprintf ("Home: %s\n" "Config: %s\n" diff --git a/g10/sign.c b/g10/sign.c index cfac5de..e4d3290 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -1241,7 +1241,8 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) if( opt.not_dash_escaped ) iobuf_writestr( out, - "NotDashEscaped: You need GnuPG to verify this message" LF ); + "NotDashEscaped: You need "GPG_NAME + " to verify this message" LF ); iobuf_writestr(out, LF ); if ( gcry_md_open (&textmd, 0, 0) ) diff --git a/g10/tdbio.c b/g10/tdbio.c index 43e04b7..0a659b1 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -491,7 +491,7 @@ tdbio_set_dbname( const char *new_dbname, int create ) } if(new_dbname==NULL) - fname=make_filename(opt.homedir,"trustdb" EXTSEP_S "gpg", NULL); + fname=make_filename(opt.homedir,"trustdb" EXTSEP_S GPGEXT_GPG, NULL); else if (*new_dbname != DIRSEP_C ) { if (strchr(new_dbname, DIRSEP_C) ) @@ -1239,7 +1239,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) case 0: /* unused (free) record */ break; case RECTYPE_VER: /* version record */ - if( memcmp(buf+1, "gpg", 3 ) ) { + if( memcmp(buf+1, GPGEXT_GPG, 3 ) ) { log_error( _("%s: not a trustdb file\n"), db_name ); err = gpg_error (GPG_ERR_TRUSTDB); } @@ -1331,7 +1331,7 @@ tdbio_write_record( TRUSTREC *rec ) case RECTYPE_VER: /* version record */ if( recnum ) BUG(); - memcpy(p-1, "gpg", 3 ); p += 2; + memcpy(p-1, GPGEXT_GPG, 3 ); p += 2; *p++ = rec->r.ver.version; *p++ = rec->r.ver.marginals; *p++ = rec->r.ver.completes; diff --git a/g13/g13.c b/g13/g13.c index fca9e7a..8682114 100644 --- a/g13/g13.c +++ b/g13/g13.c @@ -212,17 +212,17 @@ my_strusage( int level ) switch (level) { - case 11: p = "g13 (GnuPG)"; + case 11: p = "@G13@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; case 19: p = _("Please report bugs to <" PACKAGE_BUGREPORT ">.\n"); break; case 1: - case 40: p = _("Usage: g13 [options] [files] (-h for help)"); + case 40: p = _("Usage: @G13@ [options] [files] (-h for help)"); break; case 41: - p = _("Syntax: g13 [options] [files]\n" + p = _("Syntax: @G13@ [options] [files]\n" "Create, mount or unmount an encrypted file system container\n"); break; @@ -238,7 +238,7 @@ my_strusage( int level ) static void wrong_args (const char *text) { - fputs (_("usage: g13 [options] "), stderr); + fprintf (stderr, _("usage: %s [options] "), G13_NAME); fputs (text, stderr); putc ('\n', stderr); g13_exit (2); @@ -344,11 +344,11 @@ main ( int argc, char **argv) /*mtrace();*/ - gnupg_reopen_std ("g13"); + gnupg_reopen_std (G13_NAME); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); - log_set_prefix ("g13", 1); + log_set_prefix (G13_NAME, 1); /* Make sure that our subsystems are ready. */ i18n_init (); @@ -430,7 +430,7 @@ main ( int argc, char **argv) /* Set the default option file */ if (default_config ) - configname = make_filename (opt.homedir, "g13.conf", NULL); + configname = make_filename (opt.homedir, G13_NAME".conf", NULL); argc = orig_argc; argv = orig_argv; @@ -577,7 +577,7 @@ main ( int argc, char **argv) configname = NULL; if (!opt.config_filename) - opt.config_filename = make_filename (opt.homedir, "g13.conf", NULL); + opt.config_filename = make_filename (opt.homedir, G13_NAME".conf", NULL); if (log_get_errorcount(0)) g13_exit(2); diff --git a/g13/server.c b/g13/server.c index 31c961d..573f670 100644 --- a/g13/server.c +++ b/g13/server.c @@ -612,7 +612,7 @@ g13_server (ctrl_t ctrl) if (opt.verbose || opt.debug) { char *tmp = NULL; - const char *s1 = getenv ("GPG_AGENT_INFO"); + const char *s1 = getenv (GPG_AGENT_INFO_NAME); tmp = xtryasprintf ("Home: %s\n" "Config: %s\n" diff --git a/kbx/kbxutil.c b/kbx/kbxutil.c index 8b2b900..b0225e9 100644 --- a/kbx/kbxutil.c +++ b/kbx/kbxutil.c @@ -106,7 +106,7 @@ my_strusage( int level ) { const char *p; switch( level ) { - case 11: p = "kbxutil (GnuPG)"; + case 11: p = "kbxutil (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; diff --git a/keyserver/curl-shim.h b/keyserver/curl-shim.h index e37d816..0a11e7c 100644 --- a/keyserver/curl-shim.h +++ b/keyserver/curl-shim.h @@ -82,7 +82,7 @@ typedef struct typedef struct { const char **protocols; -} curl_version_info_data; +} curl_version_info_data; #define CURL_ERROR_SIZE 256 #define CURL_GLOBAL_DEFAULT 0 @@ -96,7 +96,7 @@ CURLcode curl_easy_perform(CURL *curl); void curl_easy_cleanup(CURL *curl); char *curl_escape(char *str,int len); #define curl_free(x) free(x) -#define curl_version() "GnuPG curl-shim" +#define curl_version() GNUPG_NAME" curl-shim" curl_version_info_data *curl_version_info(int type); struct curl_slist diff --git a/keyserver/gpgkeys_curl.c b/keyserver/gpgkeys_curl.c index 7a4ec52..fc4c6f3 100644 --- a/keyserver/gpgkeys_curl.c +++ b/keyserver/gpgkeys_curl.c @@ -99,7 +99,7 @@ get_key(char *getkey) return curl_err_to_gpg_err(res); } -static void +static void show_help (FILE *fp) { fprintf (fp,"-h, --help\thelp\n"); @@ -124,7 +124,7 @@ main(int argc,char *argv[]) /* Kludge to implement standard GNU options. */ if (argc > 1 && !strcmp (argv[1], "--version")) { - printf ("gpgkeys_curl (GnuPG) %s\n", VERSION); + printf ("gpgkeys_curl (%s) %s\n", GNUPG_NAME, VERSION); printf ("Uses: %s\n", curl_version()); return 0; } diff --git a/keyserver/gpgkeys_finger.c b/keyserver/gpgkeys_finger.c index b3bbf34..673e956 100644 --- a/keyserver/gpgkeys_finger.c +++ b/keyserver/gpgkeys_finger.c @@ -337,7 +337,7 @@ main(int argc,char *argv[]) /* Kludge to implement standard GNU options. */ if (argc > 1 && !strcmp (argv[1], "--version")) { - fputs ("gpgkeys_finger (GnuPG) " VERSION"\n", stdout); + fputs ("gpgkeys_finger ("GNUPG_NAME") " VERSION"\n", stdout); return 0; } else if (argc > 1 && !strcmp (argv[1], "--help")) diff --git a/keyserver/gpgkeys_hkp.c b/keyserver/gpgkeys_hkp.c index d96199f..6ecc8bb 100644 --- a/keyserver/gpgkeys_hkp.c +++ b/keyserver/gpgkeys_hkp.c @@ -354,7 +354,7 @@ get_name(const char *getkey) ret=KEYSERVER_NO_MEMORY; goto fail; } - + fprintf(output,"NAME %s BEGIN\n",getkey); if(opt->verbose>2) @@ -546,7 +546,7 @@ srv_replace(const char *srvtag) } #endif -static void +static void show_help (FILE *fp) { fprintf (fp,"-h, --help\thelp\n"); @@ -570,7 +570,7 @@ main(int argc,char *argv[]) /* Kludge to implement standard GNU options. */ if (argc > 1 && !strcmp (argv[1], "--version")) { - printf ("gpgkeys_hkp (GnuPG) %s\n", VERSION); + printf ("gpgkeys_hkp (%s) %s\n", GNUPG_NAME, VERSION); printf ("Uses: %s\n", curl_version()); return 0; } @@ -743,7 +743,7 @@ main(int argc,char *argv[]) /* We're using libcurl, so fake SRV support via our wrapper. This isn't as good as true SRV support, as we do not try all possible targets at one particular level and work our way - down the list, but it's better than nothing. */ + down the list, but it's better than nothing. */ srv_replace(srvtag); #else /* We're using our internal curl shim, so we can use its (true) diff --git a/keyserver/gpgkeys_kdns.c b/keyserver/gpgkeys_kdns.c index 12161d1..14651f9 100644 --- a/keyserver/gpgkeys_kdns.c +++ b/keyserver/gpgkeys_kdns.c @@ -115,9 +115,9 @@ get_key (adns_state adns_ctx, char *address) ret = KEYSERVER_KEY_NOT_FOUND; goto leave; } - if (answer->status != adns_s_ok) + if (answer->status != adns_s_ok) { - fprintf (console, PGM": DNS query returned: %s (%s)\n", + fprintf (console, PGM": DNS query returned: %s (%s)\n", adns_strerror (answer->status), adns_errabbrev (answer->status)); ret = KEYSERVER_KEY_NOT_FOUND; @@ -141,7 +141,7 @@ get_key (adns_state adns_ctx, char *address) } if ( datalen < 5 ) { - fprintf (console, PGM": error: truncated CERT record\n"); + fprintf (console, PGM": error: truncated CERT record\n"); ret = KEYSERVER_KEY_NOT_FOUND; goto leave; } @@ -155,7 +155,7 @@ get_key (adns_state adns_ctx, char *address) if ( datalen < 11 ) { /* Gpg checks for a minium length of 11, thus we do the same. */ - fprintf (console, PGM": error: OpenPGP data to short\n"); + fprintf (console, PGM": error: OpenPGP data to short\n"); ret = KEYSERVER_KEY_NOT_FOUND; goto leave; } @@ -166,11 +166,11 @@ get_key (adns_state adns_ctx, char *address) break; default: - fprintf (console, PGM": CERT type %d ignored\n", (data[0] <<8|data[1])); + fprintf (console, PGM": CERT type %d ignored\n", (data[0] <<8|data[1])); ret = KEYSERVER_KEY_NOT_FOUND; goto leave; } - + ret = 0; /* All fine. */ leave: @@ -178,17 +178,17 @@ get_key (adns_state adns_ctx, char *address) fprintf (output, "\nNAME %s FAILED %d\n", address, ret); else fprintf (output, "\nNAME %s END\n", address); - adns_free (answer); + adns_free (answer); xfree (name); return ret; } /* Print some help. */ -static void +static void show_help (FILE *fp) { - fputs (PGM" (GnuPG) " VERSION"\n\n", fp); + fputs (PGM" ("GNUPG_NAME") " VERSION"\n\n", fp); fputs (" -h\thelp\n" " -V\tversion\n" " -o\toutput to this file\n" @@ -233,7 +233,7 @@ main (int argc, char *argv[]) /* Kludge to implement standard GNU options. */ if (argc > 1 && !strcmp (argv[1], "--version")) { - fputs (PGM" (GnuPG) " VERSION"\n", stdout); + fputs (PGM" ("GNUPG_NAME") " VERSION"\n", stdout); return 0; } else if (argc > 1 && !strcmp (argv[1], "--help")) @@ -283,7 +283,7 @@ main (int argc, char *argv[]) if (!output) output = stdout; - + opt = init_ks_options(); if(!opt) return KEYSERVER_NO_MEMORY; @@ -292,10 +292,10 @@ main (int argc, char *argv[]) while ( fgets(line,MAX_LINE,input) ) { int err; - + if(line[0]=='\n') break; - + err = parse_ks_options (line, opt); if (err > 0) { @@ -326,7 +326,7 @@ main (int argc, char *argv[]) if (p) { *p++ = 0; - do + do { pend = strchr (p, '&'); if (pend) @@ -371,7 +371,7 @@ main (int argc, char *argv[]) strerror (errno)); goto leave; } - + if (opt->action == KS_GETNAME) { while ( fgets (line,MAX_LINE,input) ) @@ -379,11 +379,11 @@ main (int argc, char *argv[]) if (line[0]=='\n' || !line[0] ) break; line[strlen(line)-1] = 0; /* Trim the trailing LF. */ - + akey = xtrymalloc (sizeof *akey); if (!akey) { - fprintf (console, + fprintf (console, PGM": out of memory while building key list\n"); ret = KEYSERVER_NO_MEMORY; goto leave; @@ -402,7 +402,7 @@ main (int argc, char *argv[]) "key retrieval by name\n"); goto leave; } - + /* Send the response */ fprintf (output, "VERSION %d\n", KEYSERVER_PROTO_VERSION); fprintf (output, "PROGRAM %s\n\n", VERSION); @@ -413,13 +413,13 @@ main (int argc, char *argv[]) fprintf (console, "User:\t\t%s\n", opt->opaque); fprintf (console, "Command:\tGET\n"); } - + for (akey = keylist; akey; akey = akey->next) { set_timeout (opt->timeout); if ( get_key (adns_ctx, akey->str) ) failed++; - } + } if (!failed) ret = KEYSERVER_OK; diff --git a/keyserver/gpgkeys_ldap.c b/keyserver/gpgkeys_ldap.c index 21ad8f7..f24a571 100644 --- a/keyserver/gpgkeys_ldap.c +++ b/keyserver/gpgkeys_ldap.c @@ -455,7 +455,7 @@ build_attrs(LDAPMod ***modlist,char *line) case 'R': revoked=1; break; - + case 'd': case 'D': disabled=1; @@ -1037,7 +1037,7 @@ get_key(char *getkey) else { /* short key id */ - + sprintf(search,"(pgpkeyid=%.8s)",getkey); } @@ -1767,12 +1767,12 @@ find_basekeyspacedn(void) } ldap_msgfree(si_res); - } + } return LDAP_SUCCESS; } -static void +static void show_help (FILE *fp) { fprintf (fp,"-h, --help\thelp\n"); @@ -1794,7 +1794,7 @@ main(int argc,char *argv[]) /* Kludge to implement standard GNU options. */ if (argc > 1 && !strcmp (argv[1], "--version")) { - fputs ("gpgkeys_ldap (GnuPG) " VERSION"\n", stdout); + fputs ("gpgkeys_ldap ("GNUPG_NAME") " VERSION"\n", stdout); return 0; } else if (argc > 1 && !strcmp (argv[1], "--help")) diff --git a/po/de.po b/po/de.po index 4a92b96..da0f13c 100644 --- a/po/de.po +++ b/po/de.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: gnupg-2.1.0\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2012-08-24 10:19+0200\n" +"PO-Revision-Date: 2013-11-18 14:05+0100\n" "Last-Translator: Werner Koch \n" "Language-Team: German \n" "Language: de\n" @@ -99,14 +99,12 @@ msgstr "Passphrase" msgid "ssh keys greater than %d bits are not supported\n" msgstr "SSH Schl?ssel von mehr als %d Bits werden nicht unterst?tzt\n" -#, fuzzy, c-format -#| msgid "can't create '%s': %s\n" -msgid "can't create `%s': %s\n" +#, c-format +msgid "can't create '%s': %s\n" msgstr "'%s' kann nicht erzeugt werden: %s\n" -#, fuzzy, c-format -#| msgid "can't open '%s': %s\n" -msgid "can't open `%s': %s\n" +#, c-format +msgid "can't open '%s': %s\n" msgstr "'%s' kann nicht ge?ffnet werden: %s\n" #, c-format @@ -191,8 +189,7 @@ msgstr "PUK" msgid "Reset Code" msgstr "R?ckstellcode" -#, fuzzy, c-format -#| msgid "%s%%0A%%0AUse the reader's keypad for input." +#, c-format msgid "%s%%0A%%0AUse the reader's pinpad for input." msgstr "%s%%0A%%0AZur Eingabe die Tastatur des Kartenlesers verwenden." @@ -377,15 +374,15 @@ msgstr "" "Berichte ?ber Programmfehler bitte in englisch an <@EMAIL@>.\n" "Sinn- oder Schreibfehler in den deutschen Texten bitte an .\n" -msgid "Usage: gpg-agent [options] (-h for help)" -msgstr "Aufruf: gpg-agent [Optionen] (-h f?r Hilfe)" +msgid "Usage: @GPG_AGENT@ [options] (-h for help)" +msgstr "Gebrauch: @GPG_AGENT@ [Optionen] [Kommando [Argumente]]" msgid "" -"Syntax: gpg-agent [options] [command [args]]\n" -"Secret key management for GnuPG\n" +"Syntax: @GPG_AGENT@ [options] [command [args]]\n" +"Secret key management for @GNUPG@\n" msgstr "" -"Syntax: gpg-agent [Optionen] [Befehl [Argumente]]\n" -"Verwaltung von geheimen Schl?sseln f?r GnuPG\n" +"Syntax: @GPG_AGENT@ [Optionen] [Befehl [Argumente]]\n" +"Verwaltung von geheimen Schl?sseln f?r @GNUPG@\n" #, c-format msgid "invalid debug-level '%s' given\n" @@ -491,8 +488,9 @@ msgstr "%s %s angehalten\n" msgid "no gpg-agent running in this session\n" msgstr "Der gpg-agent l?uft nicht f?r diese Session\n" -msgid "malformed GPG_AGENT_INFO environment variable\n" -msgstr "fehlerhaft aufgebaute GPG_AGENT_INFO - Umgebungsvariable\n" +#, c-format +msgid "malformed %s environment variable\n" +msgstr "Fehlerhafte %s Variable\n" #, c-format msgid "gpg-agent protocol version %d is not supported\n" @@ -970,10 +968,6 @@ msgstr "Dirmngr benutzbar" msgid "No help available for '%s'." msgstr "Keine Hilfe f?r '%s' vorhanden." -#, c-format -msgid "can't open '%s': %s\n" -msgstr "'%s' kann nicht ge?ffnet werden: %s\n" - msgid "ignoring garbage line" msgstr "Zeile mit nicht identifizierten Zeichen wird ignoriert" @@ -1064,10 +1058,6 @@ msgid "error writing to '%s': %s\n" msgstr "Fehler beim Schreiben von %s: %s\n" #, c-format -msgid "can't create '%s': %s\n" -msgstr "'%s' kann nicht erzeugt werden: %s\n" - -#, c-format msgid "removing stale lockfile (created by %d)\n" msgstr "eine ?briggebliebene Sperrdatei wird entfernt (erzeugt von %d)\n" @@ -1173,10 +1163,8 @@ msgstr "nicht als Klartext darstellbar" msgid "failed to proxy %s inquiry to client\n" msgstr "Die %s \"inquiry\" konnte nicht an den Client weitergeleitet werden\n" -#, fuzzy -#| msgid "Enter passphrase\n" msgid "Enter passphrase: " -msgstr "Geben Sie die Passphrase ein\n" +msgstr "Geben Sie die Passphrase ein: " #, c-format msgid "OpenPGP card not available: %s\n" @@ -1384,10 +1372,9 @@ msgstr "Ung?ltige Auswahl.\n" msgid "Please select where to store the key:\n" msgstr "W?hlen Sie den Speicherort f?r den Schl?ssel:\n" -#, fuzzy, c-format -#| msgid "read failed: %s\n" +#, c-format msgid "KEYTOCARD failed: %s\n" -msgstr "Lesen schlug fehl: %s\n" +msgstr "Das KEYTOCARD Kommando schlug fehl: %s\n" msgid "quit this menu" msgstr "Men? verlassen" @@ -1838,15 +1825,15 @@ msgstr "" " --list-keys [Namen] Schl?ssel anzeigen\n" " --fingerprint [Namen] \"Fingerabdr?cke\" anzeigen\n" -msgid "Usage: gpg [options] [files] (-h for help)" -msgstr "Aufruf: gpg [Optionen] [Dateien] (-h f?r Hilfe)" +msgid "Usage: @GPG@ [options] [files] (-h for help)" +msgstr "Aufruf: @GPG@ [Optionen] [Dateien] (-h f?r Hilfe)" msgid "" -"Syntax: gpg [options] [files]\n" +"Syntax: @GPG@ [options] [files]\n" "Sign, check, encrypt or decrypt\n" "Default operation depends on the input data\n" msgstr "" -"Aufruf: gpg [Optionen] [Dateien]\n" +"Aufruf: @GPG@ [Optionen] [Dateien]\n" "Signieren, pr?fen, verschl?sseln, entschl?sseln.\n" "Die voreingestellte Operation ist abh?ngig von den Eingabedaten\n" @@ -1995,10 +1982,9 @@ msgstr "Hinweis: %s ist nicht f?r den ?blichen Gebrauch gedacht!\n" msgid "'%s' is not a valid signature expiration\n" msgstr "`%s' ist kein g?ltiges Signaturablaufdatum\n" -#, fuzzy, c-format -#| msgid "Invalid subject name '%s'\n" +#, c-format msgid "invalid pinentry mode '%s'\n" -msgstr "Ung?ltiger Subjekt-Name `%s'\n" +msgstr "Ung?ltiger Subjekt-Name '%s'\n" #, c-format msgid "'%s' is not a valid character set\n" @@ -3678,6 +3664,9 @@ msgstr "Die verlangte Schl?ssell?nge betr?gt %u Bit\n" msgid "rounded to %u bits\n" msgstr "gerundet auf %u Bit\n" +msgid "Please select which elliptic curve you want:\n" +msgstr "Bitte w?hlen Sie, welche elliptische Kurve Sie m?chten:\n" + msgid "" "Please specify how long the key should be valid.\n" " 0 = key does not expire\n" @@ -5433,6 +5422,9 @@ msgstr "Die Antwort enth?lt das RSA-Modulus nicht\n" msgid "response does not contain the RSA public exponent\n" msgstr "Antwort enth?lt den ?ffentlichen RSA-Exponenten nicht\n" +msgid "response does not contain the EC public point\n" +msgstr "Der ?ffentlichen EC Punkt fehlt in der Antwort\n" + #, c-format msgid "using default PIN as %s\n" msgstr "Die Standard PIN wird f?r %s benutzt\n" @@ -5568,8 +5560,6 @@ msgstr "" msgid "can't access %s - invalid OpenPGP card?\n" msgstr "Kann auf %s nicht zugreifen - ung?ltige OpenPGP-Karte?\n" -#, fuzzy -#| msgid "||Please enter your PIN at the reader's keypad" msgid "||Please enter your PIN at the reader's pinpad" msgstr "||Bitte die PIN auf der Tastatur des Kartenlesers eingeben" @@ -5603,8 +5593,6 @@ msgstr "Den internen CCID Treiber nicht benutzen" msgid "|N|disconnect the card after N seconds of inactivity" msgstr "|N|Schalte die Karte nach N Sekunden Inaktivit?t ab" -#, fuzzy -#| msgid "do not use a reader's keypad" msgid "do not use a reader's pinpad" msgstr "Die Tastatur des Kartenlesers nicht benutzen" @@ -5612,17 +5600,17 @@ msgid "deny the use of admin card commands" msgstr "Verweigere die Benutzung von \"Admin\"-Befehlen" msgid "use variable length input for pinpad" -msgstr "" +msgstr "Variable L?ngeneingabe f?r die Kartenlesertastatur benutzen" -msgid "Usage: scdaemon [options] (-h for help)" -msgstr "Aufruf: scdaemon [Optionen] (-h f?r Hilfe)" +msgid "Usage: @SCDAEMON@ [options] (-h for help)" +msgstr "Gebrauch: @SCDAEMON@ [Optionen] (-h f?r Hilfe)" msgid "" "Syntax: scdaemon [options] [command [args]]\n" -"Smartcard daemon for GnuPG\n" +"Smartcard daemon for @GNUPG@\n" msgstr "" -"Syntax: scdaemon [Optionen] [Befehl [Argumente]]\n" -"Smartcard Daemon f?r GnuPG\n" +"Syntax: @SCDAEMON@ [Optionen] [Befehl [Argumente]]\n" +"Smartcard Daemon f?r @GNUPG@\n" msgid "please use the option '--daemon' to run the program in the background\n" msgstr "" @@ -6186,15 +6174,15 @@ msgstr "|NAME|Verschl?sselungsverfahren NAME benutzen" msgid "|NAME|use message digest algorithm NAME" msgstr "|NAME|Hashverfahren NAME benutzen" -msgid "Usage: gpgsm [options] [files] (-h for help)" -msgstr "Aufruf: gpgsm [Optionen] [Dateien] (-h f?r Hilfe)" +msgid "Usage: @GPGSM@ [options] [files] (-h for help)" +msgstr "Aufruf: @GPGSM@ [Optionen] [Dateien] (-h f?r Hilfe)" msgid "" -"Syntax: gpgsm [options] [files]\n" +"Syntax: @GPGSM@ [options] [files]\n" "Sign, check, encrypt or decrypt using the S/MIME protocol\n" "Default operation depends on the input data\n" msgstr "" -"Syntax: gpgsm [Optionen] [Dateien]\n" +"Syntax: @GPGSM@ [Optionen] [Dateien]\n" "Signieren, pr?fen, ver- und entschl?sseln mittels S/MIME Protokoll\n" msgid "usage: gpgsm [options] " @@ -7002,9 +6990,6 @@ msgstr "Offensichtlich ist kein Dirmngr vorhanden\n" msgid "no running dirmngr - starting one\n" msgstr "Dirmngr l?uft nicht - ein neuer wird gestartet\n" -msgid "malformed DIRMNGR_INFO environment variable\n" -msgstr "Fehlerhafte DIRMNGR_INFO Variable\n" - #, c-format msgid "dirmngr protocol version %d is not supported\n" msgstr "Dirmngr Protocol Version %d wird nicht unterst?tzt\n" @@ -7108,22 +7093,23 @@ msgstr "" "(Im \"info\"-Handbuch findet sich eine vollst?ndige Liste aller Kommandos " "und Optionen)\n" -msgid "Usage: dirmngr [options] (-h for help)" -msgstr "Gebrauch: dirmnr [Optionen] [Kommando [Argumente]]" +msgid "Usage: @DIRMNGR@ [options] (-h for help)" +msgstr "Gebrauch: @DIRMNGR@ [Optionen]" msgid "" -"Syntax: dirmngr [options] [command [args]]\n" -"LDAP and OCSP access for GnuPG\n" +"Syntax: @DIRMNGR@ [options] [command [args]]\n" +"LDAP and OCSP access for @GNUPG@\n" msgstr "" -"Syntax: dirmngr [Optionen] [Kommando [Argumente]]\n" -"LDAP und OCSP Zugriff f?r GnuPG\n" +"Syntax: @DIRMNGR@ [Optionen] [Kommando [Argumente]]\n" +"LDAP und OCSP Zugriff f?r @GNUPG@\n" #, c-format msgid "valid debug levels are: %s\n" msgstr "G?ltige Debugebenen sind: %s\n" -msgid "usage: dirmngr [options] " -msgstr "Gebrauch: dirmngr [Optionen] " +#, c-format +msgid "usage: %s [options] " +msgstr "Aufruf: %s [Optionen] " msgid "colons are not allowed in the socket name\n" msgstr "Doppelpunkte sind im Namen des Sockets nicht erlaubt\n" @@ -7619,14 +7605,14 @@ msgstr "|DATEI|Beim Starten Kommandos aus DATEI lesen" msgid "run /subst on startup" msgstr "Nach dem Starten \"/subst\" ausf?hren" -msgid "Usage: gpg-connect-agent [options] (-h for help)" -msgstr "Aufruf: gpg-connect-agent [Optionen] (-h f?r Hilfe)" +msgid "Usage: @GPG at -connect-agent [options] (-h for help)" +msgstr "Aufruf: @GPG at -connect-agent [Optionen] (-h f?r Hilfe)" msgid "" -"Syntax: gpg-connect-agent [options]\n" +"Syntax: @GPG at -connect-agent [options]\n" "Connect to a running agent and send commands\n" msgstr "" -"Syntax: gpg-connect-agent [Optionen]\n" +"Syntax: @GPG at -connect-agent [Optionen]\n" "Mit einem laufenden Agenten verbinden und Befehle senden\n" #, c-format @@ -7818,15 +7804,15 @@ msgstr "Als Ausgabedatei benutzen" msgid "activate changes at runtime, if possible" msgstr "Aktiviere ?nderungen zur Laufzeit; falls m?glich" -msgid "Usage: gpgconf [options] (-h for help)" -msgstr "Aufruf: gpgconf [Optionen] (-h f?r Hilfe)" +msgid "Usage: @GPGCONF@ [options] (-h for help)" +msgstr "Gebrauch: @GPGCONF@ [Optionen] (-h f?r Hilfe)" msgid "" -"Syntax: gpgconf [options]\n" -"Manage configuration options for tools of the GnuPG system\n" +"Syntax: @GPGCONF@ [options]\n" +"Manage configuration options for tools of the @GNUPG@ system\n" msgstr "" -"Syntax: gpgconf {Optionen]\n" -"Verwalte Konfigurationsoptionen f?r Programme des GnuPG Systems\n" +"Syntax: @GPGCONF@ {Optionen]\n" +"Verwalte Konfigurationsoptionen f?r Programme des @GNUPG@ Systems\n" msgid "usage: gpgconf [options] " msgstr "Aufruf: gpgconf [Optionen] " @@ -7984,6 +7970,40 @@ msgstr "" "Syntax: gpg-check-pattern [optionen] Musterdatei\n" "Die von stdin gelesene Passphrase gegen die Musterdatei pr?fen\n" +#~ msgid "Usage: scdaemon [options] (-h for help)" +#~ msgstr "Aufruf: scdaemon [Optionen] (-h f?r Hilfe)" + +#~ msgid "malformed GPG_AGENT_INFO environment variable\n" +#~ msgstr "fehlerhaft aufgebaute GPG_AGENT_INFO - Umgebungsvariable\n" + +#~ msgid " (%d) %s\n" +#~ msgstr " (%d) signieren\n" + +#~ msgid "Usage: gpgsm [options] [files] (-h for help)" +#~ msgstr "Aufruf: gpgsm [Optionen] [Dateien] (-h f?r Hilfe)" + +#~ msgid "Usage: dirmngr [options] (-h for help)" +#~ msgstr "Gebrauch: dirmnr [Optionen] [Kommando [Argumente]]" + +#~ msgid "usage: dirmngr [options] " +#~ msgstr "Gebrauch: dirmngr [Optionen] " + +#~ msgid "Usage: gpgconf [options] (-h for help)" +#~ msgstr "Aufruf: gpgconf [Optionen] (-h f?r Hilfe)" + +#~ msgid "Usage: gpg-agent [options] (-h for help)" +#~ msgstr "Aufruf: gpg-agent [Optionen] (-h f?r Hilfe)" + +#, fuzzy +#~| msgid "can't create '%s': %s\n" +#~ msgid "can't create `%s': %s\n" +#~ msgstr "'%s' kann nicht erzeugt werden: %s\n" + +#, fuzzy +#~| msgid "can't open '%s': %s\n" +#~ msgid "can't open `%s': %s\n" +#~ msgstr "'%s' kann nicht ge?ffnet werden: %s\n" + #~ msgid "too many entries in pk cache - disabled\n" #~ msgstr "zu viele Eintr?ge im pk-Cache - abgeschaltet\n" diff --git a/scd/apdu.c b/scd/apdu.c index dd45e99..ffc727c 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -1833,7 +1833,7 @@ pcsc_vendor_specific_init (int slot) reader_table[slot].is_spr532 = 1; reader_table[slot].pinpad_varlen_supported = 1; } - else if (vendor == 0x046a && product == 0x003e /* Cherry ST-2xxx */ + else if ((vendor == 0x046a && product == 0x003e) /* Cherry ST-2xxx */ || vendor == 0x0c4b /* Tested with Reiner cyberJack GO */ || vendor == 0x1a44 /* Tested with Vasco DIGIPASS 920 */ || vendor == 0x234b /* Tested with FSIJ Gnuk Token */ diff --git a/scd/pcsc-wrapper.c b/scd/pcsc-wrapper.c index 86e4afb..f39a5dd 100644 --- a/scd/pcsc-wrapper.c +++ b/scd/pcsc-wrapper.c @@ -53,7 +53,7 @@ /* Allow for a standalone build. */ #ifdef VERSION -#define MYVERSION_LINE PGM " (GnuPG) " VERSION +#define MYVERSION_LINE PGM " ("GNUPG_NAME") " VERSION #define BUGREPORT_LINE "\nReport bugs to .\n" #else #define MYVERSION_LINE PGM diff --git a/scd/scdaemon.c b/scd/scdaemon.c index 4f9b369..daa4eea 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -243,7 +243,7 @@ my_strusage (int level) switch (level) { - case 11: p = "scdaemon (GnuPG)"; + case 11: p = "@SCDAEMON@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -260,10 +260,10 @@ my_strusage (int level) p = ver_ksba; break; case 1: - case 40: p = _("Usage: scdaemon [options] (-h for help)"); + case 40: p = _("Usage: @SCDAEMON@ [options] (-h for help)"); break; case 41: p = _("Syntax: scdaemon [options] [command [args]]\n" - "Smartcard daemon for GnuPG\n"); + "Smartcard daemon for @GNUPG@\n"); break; default: p = NULL; diff --git a/sm/gpgsm.c b/sm/gpgsm.c index fa56a39..bf5b102 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -524,17 +524,17 @@ my_strusage( int level ) switch (level) { - case 11: p = "gpgsm (GnuPG)"; + case 11: p = "@GPGSM@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break; case 1: - case 40: p = _("Usage: gpgsm [options] [files] (-h for help)"); + case 40: p = _("Usage: @GPGSM@ [options] [files] (-h for help)"); break; case 41: - p = _("Syntax: gpgsm [options] [files]\n" + p = _("Syntax: @GPGSM@ [options] [files]\n" "Sign, check, encrypt or decrypt using the S/MIME protocol\n" "Default operation depends on the input data\n"); break; diff --git a/sm/server.c b/sm/server.c index 385eb53..74caf6c 100644 --- a/sm/server.c +++ b/sm/server.c @@ -1294,7 +1294,7 @@ gpgsm_server (certlist_t default_recplist) if (opt.verbose || opt.debug) { char *tmp = NULL; - const char *s1 = getenv ("GPG_AGENT_INFO"); + const char *s1 = getenv (GPG_AGENT_INFO_NAME); if (asprintf (&tmp, "Home: %s\n" diff --git a/tools/ccidmon.c b/tools/ccidmon.c index 884eab1..1137bab 100644 --- a/tools/ccidmon.c +++ b/tools/ccidmon.c @@ -810,7 +810,7 @@ main (int argc, char **argv) } else if (!strcmp (*argv, "--version")) { - fputs (PGM " (GnuPG) " PACKAGE_VERSION "\n", stdout); + fputs (PGM " ("GNUPG_NAME") " PACKAGE_VERSION "\n", stdout); exit (0); } else if (!strcmp (*argv, "--help")) diff --git a/tools/gpg-check-pattern.c b/tools/gpg-check-pattern.c index 12922c6..2db9ae5 100644 --- a/tools/gpg-check-pattern.c +++ b/tools/gpg-check-pattern.c @@ -135,7 +135,7 @@ my_strusage (int level) const char *p; switch (level) { - case 11: p = "gpg-check-pattern (GnuPG)"; + case 11: p = "gpg-check-pattern (@GnuPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c index c22e129..6288a97 100644 --- a/tools/gpg-connect-agent.c +++ b/tools/gpg-connect-agent.c @@ -182,17 +182,17 @@ my_strusage( int level ) switch (level) { - case 11: p = "gpg-connect-agent (GnuPG)"; + case 11: p = "@GPG at -connect-agent (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break; case 1: - case 40: p = _("Usage: gpg-connect-agent [options] (-h for help)"); + case 40: p = _("Usage: @GPG at -connect-agent [options] (-h for help)"); break; case 41: - p = _("Syntax: gpg-connect-agent [options]\n" + p = _("Syntax: @GPG at -connect-agent [options]\n" "Connect to a running agent and send commands\n"); break; case 31: p = "\nHome: "; break; diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index ffe7eab..024417e 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -58,7 +58,7 @@ #if defined(HAVE_W32_SYSTEM) && !defined(HAVE_W32CE_SYSTEM) #define GPGNAME "gpg2" #else -#define GPGNAME "gpg" +#define GPGNAME GPG_NAME #endif @@ -180,15 +180,15 @@ static struct } gc_backend[GC_BACKEND_NR] = { { NULL }, /* GC_BACKEND_ANY dummy entry. */ - { "GnuPG", GPGNAME, GNUPG_MODULE_NAME_GPG, + { GNUPG_NAME, GPGNAME, GNUPG_MODULE_NAME_GPG, NULL, "gpgconf-gpg.conf" }, - { "GPGSM", "gpgsm", GNUPG_MODULE_NAME_GPGSM, + { "GPGSM", GPGSM_NAME, GNUPG_MODULE_NAME_GPGSM, NULL, "gpgconf-gpgsm.conf" }, - { "GPG Agent", "gpg-agent", GNUPG_MODULE_NAME_AGENT, + { "GPG Agent", GPG_AGENT_NAME, GNUPG_MODULE_NAME_AGENT, gpg_agent_runtime_change, "gpgconf-gpg-agent.conf" }, - { "SCDaemon", "scdaemon", GNUPG_MODULE_NAME_SCDAEMON, + { "SCDaemon", SCDAEMON_NAME, GNUPG_MODULE_NAME_SCDAEMON, scdaemon_runtime_change, "gpgconf-scdaemon.conf" }, - { "DirMngr", "dirmngr", GNUPG_MODULE_NAME_DIRMNGR, + { "DirMngr", DIRMNGR_NAME, GNUPG_MODULE_NAME_DIRMNGR, NULL, "gpgconf-dirmngr.conf" }, { "DirMngr LDAP Server List", NULL, 0, NULL, "ldapserverlist-file", "LDAP Server" }, @@ -1215,8 +1215,8 @@ my_dgettext (const char *domain, const char *msgid) switched_codeset = 1; bind_textdomain_codeset (PACKAGE_GT, "utf-8"); - bindtextdomain ("dirmngr", LOCALEDIR); - bind_textdomain_codeset ("dirmngr", "utf-8"); + bindtextdomain (DIRMNGR_NAME, LOCALEDIR); + bind_textdomain_codeset (DIRMNGR_NAME, "utf-8"); } diff --git a/tools/gpgconf.c b/tools/gpgconf.c index c586bb3..a9bf491 100644 --- a/tools/gpgconf.c +++ b/tools/gpgconf.c @@ -98,18 +98,18 @@ my_strusage( int level ) switch (level) { - case 11: p = "gpgconf (GnuPG)"; + case 11: p = "@GPGCONF@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break; case 1: - case 40: p = _("Usage: gpgconf [options] (-h for help)"); + case 40: p = _("Usage: @GPGCONF@ [options] (-h for help)"); break; case 41: - p = _("Syntax: gpgconf [options]\n" - "Manage configuration options for tools of the GnuPG system\n"); + p = _("Syntax: @GPGCONF@ [options]\n" + "Manage configuration options for tools of the @GNUPG@ system\n"); break; default: p = NULL; break; @@ -350,10 +350,11 @@ main (int argc, char **argv) es_fprintf (outfp, "dirmngr-socket:%s\n", gc_percent_escape (dirmngr_socket_name ())); { - char *infostr = getenv ("GPG_AGENT_INFO"); + char *infostr = getenv (GPG_AGENT_INFO_NAME); if (!infostr || !*infostr) - infostr = make_filename (default_homedir (), "S.gpg-agent", NULL); + infostr = make_filename (default_homedir (), + GPG_AGENT_SOCK_NAME, NULL); else { char *tmp; diff --git a/tools/gpgsplit.c b/tools/gpgsplit.c index 1c1cee4..928e283 100644 --- a/tools/gpgsplit.c +++ b/tools/gpgsplit.c @@ -54,9 +54,9 @@ static void split_packets (const char *fname); enum cmd_and_opt_values { aNull = 0, oVerbose = 'v', - oPrefix = 'p', - oUncompress = 500, - oSecretToPublic, + oPrefix = 'p', + oUncompress = 500, + oSecretToPublic, oNoSplit, aTest @@ -81,7 +81,7 @@ my_strusage (int level) const char *p; switch (level) { - case 11: p = "gpgsplit (GnuPG)"; + case 11: p = "gpgsplit (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -95,7 +95,7 @@ my_strusage (int level) "Syntax: gpgsplit [options] [files]\n" "Split an OpenPGP message into packets\n"; break; - + default: p = NULL; } return p; @@ -114,7 +114,7 @@ main (int argc, char **argv) #endif log_set_prefix ("gpgsplit", JNLIB_LOG_WITH_PREFIX); set_strusage (my_strusage); - + pargs.argc = &argc; pargs.argv = &argv; pargs.flags= 1; /* do not remove the args */ @@ -130,7 +130,7 @@ main (int argc, char **argv) default : pargs.err = 2; break; } } - + if (log_get_errorcount(0)) g10_exit (2); @@ -138,12 +138,12 @@ main (int argc, char **argv) split_packets (NULL); else { - for ( ;argc; argc--, argv++) + for ( ;argc; argc--, argv++) split_packets (*argv); } - + g10_exit (0); - return 0; + return 0; } @@ -168,7 +168,7 @@ pkttype_to_string (int pkttype) case PKT_SECRET_KEY : s = "secret_key"; break; case PKT_PUBLIC_KEY : s = "public_key"; break; case PKT_SECRET_SUBKEY : s = "secret_subkey"; break; - case PKT_COMPRESSED : + case PKT_COMPRESSED : s = opt_uncompress? "uncompressed":"compressed"; break; case PKT_ENCRYPTED : s = "encrypted"; break; @@ -191,17 +191,17 @@ pkttype_to_string (int pkttype) /* * Create a new filename and a return a pointer to a statically - * allocated buffer + * allocated buffer */ static char * create_filename (int pkttype) { static unsigned int partno = 0; static char *name; - - if (!name) + + if (!name) name = xmalloc (strlen (opt_prefix) + 100 ); - + assert (pkttype < 1000 && pkttype >= 0 ); partno++; sprintf (name, "%s%06u-%03d" EXTSEP_S "%.40s", @@ -227,7 +227,7 @@ static int read_u32 (FILE *fp, unsigned long *rn) { size_t tmp; - + if (read_u16 (fp, &tmp)) return -1; *rn = tmp << 16; @@ -239,9 +239,9 @@ read_u32 (FILE *fp, unsigned long *rn) static int write_old_header (FILE *fp, int pkttype, unsigned int len) -{ +{ int ctb = (0x80 | ((pkttype & 15)<<2)); - + if (len < 256) ; else if (len < 65536) @@ -271,7 +271,7 @@ write_old_header (FILE *fp, int pkttype, unsigned int len) static int write_new_header (FILE *fp, int pkttype, unsigned int len) -{ +{ if ( putc ((0xc0 | (pkttype & 0x3f)), fp) == EOF ) return -1; @@ -313,9 +313,9 @@ public_key_length (const unsigned char *buf, size_t buflen) int nmpis; /* byte version number (3 or 4) - u32 creation time + u32 creation time [u16 valid days (version 3 only)] - byte algorithm + byte algorithm n MPIs (n and e) */ if (!buflen) return 0; @@ -368,7 +368,7 @@ handle_zlib(int algo,FILE *fpin,FILE *fpout) unsigned int inbufsize, outbufsize; int c,zinit_done, zrc, nread, count; size_t n; - + memset (&zs, 0, sizeof zs); inbufsize = 2048; inbuf = xmalloc (inbufsize); @@ -376,7 +376,7 @@ handle_zlib(int algo,FILE *fpin,FILE *fpout) outbuf = xmalloc (outbufsize); zs.avail_in = 0; zinit_done = 0; - + do { if (zs.avail_in < inbufsize) @@ -387,11 +387,11 @@ handle_zlib(int algo,FILE *fpin,FILE *fpout) count = inbufsize - n; for (nread=0; nread < count && (c=getc (fpin)) != EOF; - nread++) + nread++) inbuf[n+nread] = c; - + n += nread; - if (nread < count && algo == 1) + if (nread < count && algo == 1) { inbuf[n] = 0xFF; /* chew dummy byte */ n++; @@ -400,12 +400,12 @@ handle_zlib(int algo,FILE *fpin,FILE *fpout) } zs.next_out = (Bytef *) outbuf; zs.avail_out = outbufsize; - - if (!zinit_done) + + if (!zinit_done) { zrc = (algo == 1? inflateInit2 ( &zs, -13) : inflateInit ( &zs )); - if (zrc != Z_OK) + if (zrc != Z_OK) { log_fatal ("zlib problem: %s\n", zs.msg? zs.msg : zrc == Z_MEM_ERROR ? "out of core" : @@ -431,17 +431,17 @@ handle_zlib(int algo,FILE *fpin,FILE *fpout) else log_fatal ("zlib inflate problem: rc=%d\n", zrc ); } - for (n=0; n < outbufsize - zs.avail_out; n++) + for (n=0; n < outbufsize - zs.avail_out; n++) { if (putc (outbuf[n], fpout) == EOF ) return 1; } } - } + } while (zrc != Z_STREAM_END && zrc != Z_BUF_ERROR); { int i; - + fputs ("Left over bytes:", stderr); for (i=0; i < zs.avail_in; i++) fprintf (stderr, " %02X", zs.next_in[i]); @@ -462,7 +462,7 @@ handle_bzip2(int algo,FILE *fpin,FILE *fpout) unsigned int inbufsize, outbufsize; int c,zinit_done, zrc, nread, count; size_t n; - + memset (&bzs, 0, sizeof bzs); inbufsize = 2048; inbuf = xmalloc (inbufsize); @@ -470,7 +470,7 @@ handle_bzip2(int algo,FILE *fpin,FILE *fpout) outbuf = xmalloc (outbufsize); bzs.avail_in = 0; zinit_done = 0; - + do { if (bzs.avail_in < inbufsize) @@ -481,11 +481,11 @@ handle_bzip2(int algo,FILE *fpin,FILE *fpout) count = inbufsize - n; for (nread=0; nread < count && (c=getc (fpin)) != EOF; - nread++) + nread++) inbuf[n+nread] = c; - + n += nread; - if (nread < count && algo == 1) + if (nread < count && algo == 1) { inbuf[n] = 0xFF; /* chew dummy byte */ n++; @@ -494,11 +494,11 @@ handle_bzip2(int algo,FILE *fpin,FILE *fpout) } bzs.next_out = outbuf; bzs.avail_out = outbufsize; - - if (!zinit_done) + + if (!zinit_done) { zrc = BZ2_bzDecompressInit(&bzs,0,0); - if (zrc != BZ_OK) + if (zrc != BZ_OK) log_fatal ("bz2lib problem: %d\n",zrc); zinit_done = 1; } @@ -509,13 +509,13 @@ handle_bzip2(int algo,FILE *fpin,FILE *fpout) ; /* eof */ else if (zrc != BZ_OK && zrc != BZ_PARAM_ERROR) log_fatal ("bz2lib inflate problem: %d\n", zrc ); - for (n=0; n < outbufsize - bzs.avail_out; n++) + for (n=0; n < outbufsize - bzs.avail_out; n++) { if (putc (outbuf[n], fpout) == EOF ) return 1; } } - } + } while (zrc != BZ_STREAM_END && zrc != BZ_PARAM_ERROR); BZ2_bzDecompressEnd(&bzs); @@ -532,7 +532,7 @@ write_part (FILE *fpin, unsigned long pktlen, int c, first; unsigned char *p; const char *outname = create_filename (pkttype); - + #if defined(__riscos__) && defined(USE_ZLIBRISCOS) static int initialized = 0; @@ -546,7 +546,7 @@ write_part (FILE *fpin, unsigned long pktlen, if (opt_verbose) log_info ("writing '%s'\n", outname); fpout = fopen (outname, "wb"); - if (!fpout) + if (!fpout) { log_error ("error creating '%s': %s\n", outname, strerror(errno)); /* stop right now, otherwise we would mess up the sequence @@ -563,10 +563,10 @@ write_part (FILE *fpin, unsigned long pktlen, pkttype = pkttype == PKT_SECRET_KEY? PKT_PUBLIC_KEY:PKT_PUBLIC_SUBKEY; - for (i=0; i < pktlen; i++) + for (i=0; i < pktlen; i++) { c = getc (fpin); - if (c == EOF) + if (c == EOF) goto read_error; blob[i] = c; } @@ -577,17 +577,17 @@ write_part (FILE *fpin, unsigned long pktlen, g10_exit (1); } if ( (hdr[0] & 0x40) ) - { + { if (write_new_header (fpout, pkttype, len)) goto write_error; } else - { + { if (write_old_header (fpout, pkttype, len)) goto write_error; } - for (i=0; i < len; i++) + for (i=0; i < len; i++) { if ( putc (blob[i], fpout) == EOF ) goto write_error; @@ -605,12 +605,12 @@ write_part (FILE *fpin, unsigned long pktlen, goto write_error; } } - + first = 1; while (partial) { size_t partlen; - + if (partial == 1) { /* openpgp */ if (first ) @@ -619,11 +619,11 @@ write_part (FILE *fpin, unsigned long pktlen, assert( c >= 224 && c < 255 ); first = 0; } - else if ((c = getc (fpin)) == EOF ) + else if ((c = getc (fpin)) == EOF ) goto read_error; else hdr[hdrlen++] = c; - + if (c < 192) { pktlen = c; @@ -632,7 +632,7 @@ write_part (FILE *fpin, unsigned long pktlen, else if (c < 224 ) { pktlen = (c - 192) * 256; - if ((c = getc (fpin)) == EOF) + if ((c = getc (fpin)) == EOF) goto read_error; hdr[hdrlen++] = c; pktlen += c + 192; @@ -656,9 +656,9 @@ write_part (FILE *fpin, unsigned long pktlen, goto write_error; } partlen = 1 << (c & 0x1f); - for (; partlen; partlen--) + for (; partlen; partlen--) { - if ((c = getc (fpin)) == EOF) + if ((c = getc (fpin)) == EOF) goto read_error; if ( putc (c, fpout) == EOF ) goto write_error; @@ -672,17 +672,17 @@ write_part (FILE *fpin, unsigned long pktlen, goto read_error; hdr[hdrlen++] = partlen >> 8; hdr[hdrlen++] = partlen; - for (p=hdr; hdrlen; p++, hdrlen--) + for (p=hdr; hdrlen; p++, hdrlen--) { if ( putc (*p, fpout) == EOF ) goto write_error; } if (!partlen) partial = 0; /* end of packet */ - for (; partlen; partlen--) + for (; partlen; partlen--) { c = getc (fpin); - if (c == EOF) + if (c == EOF) goto read_error; if ( putc (c, fpout) == EOF ) goto write_error; @@ -693,7 +693,7 @@ write_part (FILE *fpin, unsigned long pktlen, pktlen = 0; partial = 0; hdrlen = 0; - if (opt_uncompress) + if (opt_uncompress) { if ((c = getc (fpin)) == EOF) goto read_error; @@ -718,7 +718,7 @@ write_part (FILE *fpin, unsigned long pktlen, } else { - while ( (c=getc (fpin)) != EOF ) + while ( (c=getc (fpin)) != EOF ) { if ( putc (c, fpout) == EOF ) goto write_error; @@ -729,33 +729,33 @@ write_part (FILE *fpin, unsigned long pktlen, } } - for (p=hdr; hdrlen; p++, hdrlen--) + for (p=hdr; hdrlen; p++, hdrlen--) { if ( putc (*p, fpout) == EOF ) goto write_error; } - + /* standard packet or last segment of partial length encoded packet */ - for (; pktlen; pktlen--) + for (; pktlen; pktlen--) { c = getc (fpin); - if (c == EOF) + if (c == EOF) goto read_error; if ( putc (c, fpout) == EOF ) goto write_error; } - + ready: if ( !opt_no_split && fclose (fpout) ) log_error ("error closing '%s': %s\n", outname, strerror (errno)); return 0; - - write_error: + + write_error: log_error ("error writing '%s': %s\n", outname, strerror (errno)); if (!opt_no_split) fclose (fpout); return 2; - + read_error: if (!opt_no_split) { @@ -776,12 +776,12 @@ do_split (FILE *fp) int partial = 0; unsigned char header[20]; int header_idx = 0; - + ctb = getc (fp); if (ctb == EOF) return 3; /* ready */ header[header_idx++] = ctb; - + if (!(ctb & 0x80)) { log_error("invalid CTB %02x\n", ctb ); @@ -799,19 +799,19 @@ do_split (FILE *fp) else if ( c < 224 ) { pktlen = (c - 192) * 256; - if( (c = getc (fp)) == EOF ) + if( (c = getc (fp)) == EOF ) return -1; header[header_idx++] = c; pktlen += c + 192; } - else if ( c == 255 ) + else if ( c == 255 ) { if (read_u32 (fp, &pktlen)) return -1; header[header_idx++] = pktlen >> 24; header[header_idx++] = pktlen >> 16; header[header_idx++] = pktlen >> 8; - header[header_idx++] = pktlen; + header[header_idx++] = pktlen; } else { /* partial body length */ @@ -822,7 +822,7 @@ do_split (FILE *fp) else { int lenbytes; - + pkttype = (ctb>>2)&0xf; lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); if (!lenbytes ) @@ -835,13 +835,13 @@ do_split (FILE *fp) } else { - for ( ; lenbytes; lenbytes-- ) + for ( ; lenbytes; lenbytes-- ) { pktlen <<= 8; - if( (c = getc (fp)) == EOF ) + if( (c = getc (fp)) == EOF ) return -1; header[header_idx++] = c; - + pktlen |= c; } } @@ -856,18 +856,18 @@ split_packets (const char *fname) { FILE *fp; int rc; - + if (!fname || !strcmp (fname, "-")) { fp = stdin; fname = "-"; } - else if ( !(fp = fopen (fname,"rb")) ) + else if ( !(fp = fopen (fname,"rb")) ) { log_error ("can't open '%s': %s\n", fname, strerror (errno)); return; } - + while ( !(rc = do_split (fp)) ) ; if ( rc > 0 ) @@ -876,7 +876,7 @@ split_packets (const char *fname) log_error ("error reading '%s': %s\n", fname, strerror (errno)); else log_error ("premature EOF while reading '%s'\n", fname ); - + if ( fp != stdin ) fclose (fp); } diff --git a/tools/gpgtar-extract.c b/tools/gpgtar-extract.c index d0e4620..1ea3597 100644 --- a/tools/gpgtar-extract.c +++ b/tools/gpgtar-extract.c @@ -51,7 +51,7 @@ extract_regular (estream_t stream, const char *dirname, } else err = 0; - + outfp = es_fopen (fname, "wb"); if (!outfp) { @@ -98,7 +98,7 @@ extract_directory (const char *dirname, tar_header_t hdr) gpg_error_t err; char *fname; size_t prefixlen; - + prefixlen = strlen (dirname) + 1; fname = strconcat (dirname, "/", hdr->name, NULL); if (!fname) @@ -124,7 +124,7 @@ extract_directory (const char *dirname, tar_header_t hdr) original error code in case of a failure. */ char *p; int rc = 0; - + for (p = fname+prefixlen; (p = strchr (p, '/')); p++) { *p = 0; @@ -166,8 +166,8 @@ extract (estream_t stream, const char *dirname, tar_header_t hdr) #endif /*HAVE_DOSISH_SYSTEM*/ if (!n - || strstr (hdr->name, "//") - || strstr (hdr->name, "/../") + || strstr (hdr->name, "//") + || strstr (hdr->name, "/../") || !strncmp (hdr->name, "../", 3) || (n >= 3 && !strcmp (hdr->name+n-3, "/.." ))) { @@ -208,7 +208,7 @@ create_directory (const char *dirprefix) /* Remove common suffixes. */ n = strlen (dirprefix); - if (n > 4 && (!compare_filenames (dirprefix + n - 4, EXTSEP_S "gpg") + if (n > 4 && (!compare_filenames (dirprefix + n - 4, EXTSEP_S GPGEXT_GPG) || !compare_filenames (dirprefix + n - 4, EXTSEP_S "pgp") || !compare_filenames (dirprefix + n - 4, EXTSEP_S "asc") || !compare_filenames (dirprefix + n - 4, EXTSEP_S "pem") @@ -283,7 +283,7 @@ gpgtar_extract (const char *filename) } } else - stream = es_stdin; + stream = es_stdin; if (stream == es_stdin) es_set_binary (es_stdin); @@ -323,7 +323,7 @@ gpgtar_extract (const char *filename) header = gpgtar_read_header (stream); if (!header) goto leave; - + if (extract (stream, dirname, header)) goto leave; xfree (header); diff --git a/tools/gpgtar.c b/tools/gpgtar.c index 3c31054..e484986 100644 --- a/tools/gpgtar.c +++ b/tools/gpgtar.c @@ -115,7 +115,7 @@ my_strusage( int level ) switch (level) { - case 11: p = "gpgtar (GnuPG)"; + case 11: p = "@GPGTAR@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; diff --git a/tools/symcryptrun.c b/tools/symcryptrun.c index 4074c6e..eff14c9 100644 --- a/tools/symcryptrun.c +++ b/tools/symcryptrun.c @@ -200,7 +200,7 @@ my_strusage (int level) switch (level) { - case 11: p = "symcryptrun (GnuPG)"; + case 11: p = "symcryptrun (@GNUPG@)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -1010,7 +1010,7 @@ main (int argc, char **argv) /* Tell simple-pwquery about the the standard socket name. */ { - char *tmp = make_filename (opt.homedir, "S.gpg-agent", NULL); + char *tmp = make_filename (opt.homedir, GPG_AGENT_SOCK_NAME, NULL); simple_pw_set_socket (tmp); xfree (tmp); } diff --git a/tools/watchgnupg.c b/tools/watchgnupg.c index 060aa04..4f4d54d 100644 --- a/tools/watchgnupg.c +++ b/tools/watchgnupg.c @@ -39,7 +39,7 @@ /* Allow for a standalone build on most systems. */ #ifdef VERSION -#define MYVERSION_LINE PGM " (GnuPG) " VERSION +#define MYVERSION_LINE PGM " ("GNUPG_NAME") " VERSION #define BUGREPORT_LINE "\nReport bugs to .\n" #else #define MYVERSION_LINE PGM " (standalone build) " __DATE__ commit 798daaa1ddf73f64cf840fbdc1f4c5b9c4b4ec13 Author: Werner Koch Date: Mon Nov 18 13:46:52 2013 +0100 Add strusage macro replacement feature. * common/argparse.c (writechar): New. (writestrings): Add macro replacement feature. (show_help): Remove specialized @EMAIL@ replacement. * configure.ac (GNUPG_NAME, GPG_NAME, GPGSM_NAME): Define. (GPG_AGENT_NAME, DIRMNGR_NAME, G13_NAME, GPGCONF_NAME): Define. (GPGTAR_NAME, GPG_AGENT_INFO_NAME, GPG_AGENT_SOCK_NAME): Define. (GPG_AGENT_SSH_SOCK_NAME, DIRMNGR_INFO_NAME): Define. (DIRMNGR_SOCK_NAME): Define. Signed-off-by: Werner Koch diff --git a/common/argparse.c b/common/argparse.c index 6a90920..c9930ea 100644 --- a/common/argparse.c +++ b/common/argparse.c @@ -185,6 +185,19 @@ argparse_register_outfnc (int (*fnc)(int, const char *)) } +static void +writechar (int is_error, int c) +{ + char tmp[2]; + + tmp[0] = c; + tmp[1] = 0; + if (custom_outfnc) + custom_outfnc (is_error? 2:1, tmp); + else + fputs (tmp, is_error? stderr : stdout); +} + /* Write STRING and all following const char * arguments either to stdout or, if IS_ERROR is set, to stderr. The list of strings must be terminated by a NULL. */ @@ -201,11 +214,64 @@ writestrings (int is_error, const char *string, ...) va_start (arg_ptr, string); do { - if (custom_outfnc) - custom_outfnc (is_error? 2:1, s); + const char *s2, *s3; + + /* Check whether to substitute a macro. */ + if (s && (s2 = strchr (s, '@')) && s2[1] >= 'A' && s2[1] <= 'Z' + && (s3 = (strchr (s2+1, '@')))) + { + /* Might be. */ + static struct { + const char *name; + const char *value; + } macros[] = { +# ifdef PACKAGE_BUGREPORT + { "EMAIL", PACKAGE_BUGREPORT }, +# else + { "EMAIL", "bug at example.org" }, +# endif + { "GNUPG", GNUPG_NAME }, + { "GPG", GPG_NAME }, + { "GPGSM", GPGSM_NAME }, + { "GPG_AGENT", GPG_AGENT_NAME }, + { "SCDAEMON", SCDAEMON_NAME }, + { "DIRMNGR", DIRMNGR_NAME }, + { "G13", G13_NAME }, + { "GPGCONF", GPGCONF_NAME }, + { "GPGTAR", GPGTAR_NAME } + }; + int idx; + + s2++; + for (idx=0; idx < DIM (macros); idx++) + if (strlen (macros[idx].name) == (s3 - s2) + && !memcmp (macros[idx].name, s2, (s3 - s2))) + break; + s2--; + if (idx < DIM (macros)) /* Found. Print and substitute. */ + { + for (; s < s2; s++, count++) + writechar (is_error, *s); + count += writestrings (is_error, macros[idx].value, NULL); + s3++; + } + else /* Not found. Print macro as is. */ + { + for (; s < s3; s++, count++) + writechar (is_error, *s); + } + /* Now recurse so that remaining macros are also + substituted. */ + count += writestrings (is_error, s3, NULL); + } else - fputs (s, is_error? stderr : stdout); - count += strlen (s); + { + if (custom_outfnc) + custom_outfnc (is_error? 2:1, s); + else + fputs (s, is_error? stderr : stdout); + count += strlen (s); + } } while ((s = va_arg (arg_ptr, const char *))); va_end (arg_ptr); @@ -1222,35 +1288,8 @@ show_help (ARGPARSE_OPTS *opts, unsigned int flags) } if ( (s=strusage(19)) ) { - /* bug reports to ... */ - char *s2; - writestrings (0, "\n", NULL); - s2 = strstr (s, "@EMAIL@"); - if (s2) - { - if (s2-s) - { - const char *s3; - - for (s3=s; s3 < s2; s3++) - { - tmp[0] = *s3; - tmp[1] = 0; - writestrings (0, tmp, NULL); - } - } -#ifdef PACKAGE_BUGREPORT - writestrings (0, PACKAGE_BUGREPORT, NULL); -#else - writestrings (0, "bug at example.org", NULL); -#endif - s2 += 7; - if (*s2) - writestrings (0, s2, NULL); - } - else - writestrings (0, s, NULL); + writestrings (0, s, NULL); } flushstrings (0); exit(0); diff --git a/configure.ac b/configure.ac index e20a70c..fa841c4 100644 --- a/configure.ac +++ b/configure.ac @@ -1574,6 +1574,32 @@ if test "$build_g13" = yes ; then fi +# +# Define Name strings +# +AC_DEFINE_UNQUOTED(GNUPG_NAME, "GnuPG", [The name of the project]) +AC_DEFINE_UNQUOTED(GPG_NAME, "gpg", [The name of the OpenPGP tool]) +AC_DEFINE_UNQUOTED(GPGSM_NAME, "gpgsm", [The name of the S/MIME tool]) +AC_DEFINE_UNQUOTED(GPG_AGENT_NAME, "gpg-agent", [The name of the agent]) +AC_DEFINE_UNQUOTED(SCDAEMON_NAME, "scdaemon", [The name of the scdaemon]) +AC_DEFINE_UNQUOTED(DIRMNGR_NAME, "dirmngr", [The name of the dirmngr]) +AC_DEFINE_UNQUOTED(G13_NAME, "g13", [The name of the g13 tool]) +AC_DEFINE_UNQUOTED(GPGCONF_NAME, "gpgconf", [The name of the gpgconf tool]) +AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool]) + +AC_DEFINE_UNQUOTED(GPG_AGENT_INFO_NAME, "GPG_AGENT_INFO", + [The name of the agent info envvar]) +AC_DEFINE_UNQUOTED(GPG_AGENT_SOCK_NAME, "S.gpg-agent", + [The name of the agent socket]) +AC_DEFINE_UNQUOTED(GPG_AGENT_SSH_SOCK_NAME, "S.gpg-agent.ssh", + [The name of the agent socket for ssh]) +AC_DEFINE_UNQUOTED(DIRMNGR_INFO_NAME, "DIRMNGR_INFO", + [The name of the dirmngr info envvar]) +AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr", + [The name of the dirmngr socket]) + +AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix]) + # # Provide information about the build. ----------------------------------------------------------------------- Summary of changes: agent/command.c | 14 ++-- agent/gpg-agent.c | 32 +++++---- agent/preset-passphrase.c | 4 +- agent/protect-tool.c | 2 +- agent/w32main.c | 2 +- common/argparse.c | 103 ++++++++++++++++++--------- common/asshelp.c | 13 ++-- common/audit.c | 2 +- common/gpgrlhelp.c | 2 +- common/homedir.c | 9 +-- common/logging.c | 4 +- common/simple-pwquery.c | 4 +- configure.ac | 26 +++++++ dirmngr/dirmngr-client.c | 7 +- dirmngr/dirmngr.c | 29 ++++---- dirmngr/dirmngr_ldap.c | 2 +- g10/armor.c | 2 +- g10/gpg.c | 18 ++--- g10/gpgv.c | 4 +- g10/keygen.c | 6 +- g10/keyring.c | 2 +- g10/openfile.c | 7 +- g10/server.c | 2 +- g10/sign.c | 3 +- g10/tdbio.c | 6 +- g13/g13.c | 16 ++--- g13/server.c | 2 +- kbx/kbxutil.c | 2 +- keyserver/curl-shim.h | 4 +- keyserver/gpgkeys_curl.c | 4 +- keyserver/gpgkeys_finger.c | 2 +- keyserver/gpgkeys_hkp.c | 8 +-- keyserver/gpgkeys_kdns.c | 40 +++++------ keyserver/gpgkeys_ldap.c | 10 +-- po/de.po | 166 +++++++++++++++++++++++++------------------- scd/apdu.c | 2 +- scd/pcsc-wrapper.c | 2 +- scd/scdaemon.c | 6 +- sm/gpgsm.c | 6 +- sm/server.c | 2 +- tools/ccidmon.c | 2 +- tools/gpg-check-pattern.c | 2 +- tools/gpg-connect-agent.c | 6 +- tools/gpgconf-comp.c | 16 ++--- tools/gpgconf.c | 13 ++-- tools/gpgsplit.c | 164 +++++++++++++++++++++---------------------- tools/gpgtar-extract.c | 16 ++--- tools/gpgtar.c | 2 +- tools/symcryptrun.c | 4 +- tools/watchgnupg.c | 2 +- 50 files changed, 452 insertions(+), 352 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 18 14:40:14 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Mon, 18 Nov 2013 14:40:14 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-384-gb787657 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via b787657a9d2c1d8e19f9fcb0b21e31cb062630cf (commit) from ef9f52cbb39e46918c96200b09c21e931eff174f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b787657a9d2c1d8e19f9fcb0b21e31cb062630cf Author: Jussi Kivilinna Date: Fri Nov 15 16:23:00 2013 +0200 cipher: use size_t for internal buffer lengths * cipher/arcfour.c (do_encrypt_stream, encrypt_stream): Use 'size_t' for buffer lengths. * cipher/blowfish.c (_gcry_blowfish_ctr_enc, _gcry_blowfish_cbc_dec) (_gcry_blowfish_cfb_dec): Ditto. * cipher/camellia-glue.c (_gcry_camellia_ctr_enc) (_gcry_camellia_cbc_dec, _gcry_blowfish_cfb_dec): Ditto. * cipher/cast5.c (_gcry_cast5_ctr_enc, _gcry_cast5_cbc_dec) (_gcry_cast5_cfb_dec): Ditto. * cipher/cipher-aeswrap.c (_gcry_cipher_aeswrap_encrypt) (_gcry_cipher_aeswrap_decrypt): Ditto. * cipher/cipher-cbc.c (_gcry_cipher_cbc_encrypt) (_gcry_cipher_cbc_decrypt): Ditto. * cipher/cipher-ccm.c (_gcry_cipher_ccm_encrypt) (_gcry_cipher_ccm_decrypt): Ditto. * cipher/cipher-cfb.c (_gcry_cipher_cfb_encrypt) (_gcry_cipher_cfb_decrypt): Ditto. * cipher/cipher-ctr.c (_gcry_cipher_ctr_encrypt): Ditto. * cipher/cipher-internal.h (gcry_cipher_handle->bulk) (_gcry_cipher_cbc_encrypt, _gcry_cipher_cbc_decrypt) (_gcry_cipher_cfb_encrypt, _gcry_cipher_cfb_decrypt) (_gcry_cipher_ofb_encrypt, _gcry_cipher_ctr_encrypt) (_gcry_cipher_aeswrap_encrypt, _gcry_cipher_aeswrap_decrypt) (_gcry_cipher_ccm_encrypt, _gcry_cipher_ccm_decrypt): Ditto. * cipher/cipher-ofb.c (_gcry_cipher_cbc_encrypt): Ditto. * cipher/cipher-selftest.h (gcry_cipher_bulk_cbc_dec_t) (gcry_cipher_bulk_cfb_dec_t, gcry_cipher_bulk_ctr_enc_t): Ditto. * cipher/cipher.c (cipher_setkey, cipher_setiv, do_ecb_crypt) (do_ecb_encrypt, do_ecb_decrypt, cipher_encrypt) (cipher_decrypt): Ditto. * cipher/rijndael.c (_gcry_aes_ctr_enc, _gcry_aes_cbc_dec) (_gcry_aes_cfb_dec, _gcry_aes_cbc_enc, _gcry_aes_cfb_enc): Ditto. * cipher/salsa20.c (salsa20_setiv, salsa20_do_encrypt_stream) (salsa20_encrypt_stream, salsa20r12_encrypt_stream): Ditto. * cipher/serpent.c (_gcry_serpent_ctr_enc, _gcry_serpent_cbc_dec) (_gcry_serpent_cfb_dec): Ditto. * cipher/twofish.c (_gcry_twofish_ctr_enc, _gcry_twofish_cbc_dec) (_gcry_twofish_cfb_dec): Ditto. * src/cipher-proto.h (gcry_cipher_stencrypt_t) (gcry_cipher_stdecrypt_t, cipher_setiv_fuct_t): Ditto. * src/cipher.h (_gcry_aes_cfb_enc, _gcry_aes_cfb_dec) (_gcry_aes_cbc_enc, _gcry_aes_cbc_dec, _gcry_aes_ctr_enc) (_gcry_blowfish_cfb_dec, _gcry_blowfish_cbc_dec) (_gcry_blowfish_ctr_enc, _gcry_cast5_cfb_dec, _gcry_cast5_cbc_dec) (_gcry_cast5_ctr_enc, _gcry_camellia_cfb_dec, _gcry_camellia_cbc_dec) (_gcry_camellia_ctr_enc, _gcry_serpent_cfb_dec, _gcry_serpent_cbc_dec) (_gcry_serpent_ctr_enc, _gcry_twofish_cfb_dec, _gcry_twofish_cbc_dec) (_gcry_twofish_ctr_enc): Ditto. -- On 64-bit platforms, cipher module internally converts 64-bit size_t values to 32-bit unsigned integers. Signed-off-by: Jussi Kivilinna diff --git a/cipher/arcfour.c b/cipher/arcfour.c index 64f7204..d692c84 100644 --- a/cipher/arcfour.c +++ b/cipher/arcfour.c @@ -40,7 +40,7 @@ typedef struct { static void do_encrypt_stream( ARCFOUR_context *ctx, - byte *outbuf, const byte *inbuf, unsigned int length ) + byte *outbuf, const byte *inbuf, size_t length ) { #ifndef __i386__ register unsigned int i = ctx->idx_i; @@ -89,7 +89,7 @@ do_encrypt_stream( ARCFOUR_context *ctx, static void encrypt_stream (void *context, - byte *outbuf, const byte *inbuf, unsigned int length) + byte *outbuf, const byte *inbuf, size_t length) { ARCFOUR_context *ctx = (ARCFOUR_context *) context; do_encrypt_stream (ctx, outbuf, inbuf, length ); diff --git a/cipher/blowfish.c b/cipher/blowfish.c index 4665a1d..ae470d8 100644 --- a/cipher/blowfish.c +++ b/cipher/blowfish.c @@ -588,7 +588,7 @@ decrypt_block (void *context, byte *outbuf, const byte *inbuf) of size BLOWFISH_BLOCKSIZE. */ void _gcry_blowfish_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { BLOWFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -658,7 +658,7 @@ _gcry_blowfish_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_blowfish_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { BLOWFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -719,7 +719,7 @@ _gcry_blowfish_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_blowfish_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { BLOWFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c index 24936ce..575bb04 100644 --- a/cipher/camellia-glue.c +++ b/cipher/camellia-glue.c @@ -290,7 +290,7 @@ camellia_decrypt(void *c, byte *outbuf, const byte *inbuf) void _gcry_camellia_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { CAMELLIA_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -382,7 +382,7 @@ _gcry_camellia_ctr_enc(void *context, unsigned char *ctr, void _gcry_camellia_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { CAMELLIA_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -465,7 +465,7 @@ _gcry_camellia_cbc_dec(void *context, unsigned char *iv, void _gcry_camellia_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { CAMELLIA_context *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/cipher/cast5.c b/cipher/cast5.c index 09c9691..115e1e6 100644 --- a/cipher/cast5.c +++ b/cipher/cast5.c @@ -564,7 +564,7 @@ decrypt_block (void *context, byte *outbuf, const byte *inbuf) of size CAST5_BLOCKSIZE. */ void _gcry_cast5_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { CAST5_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -635,7 +635,7 @@ _gcry_cast5_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_cast5_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { CAST5_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -695,7 +695,7 @@ _gcry_cast5_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_cast5_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { CAST5_context *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/cipher/cipher-aeswrap.c b/cipher/cipher-aeswrap.c index 03b0ea7..50ac107 100644 --- a/cipher/cipher-aeswrap.c +++ b/cipher/cipher-aeswrap.c @@ -35,11 +35,11 @@ blocksize 128. */ gcry_err_code_t _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c, - byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen ) + byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen ) { int j, x; - unsigned int n, i; + size_t n, i; unsigned char *r, *a, *b; unsigned char t[8]; unsigned int burn, nburn; @@ -117,11 +117,11 @@ _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c, blocksize 128. */ gcry_err_code_t _gcry_cipher_aeswrap_decrypt (gcry_cipher_hd_t c, - byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen) + byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen) { int j, x; - unsigned int n, i; + size_t n, i; unsigned char *r, *a, *b; unsigned char t[8]; unsigned int burn, nburn; diff --git a/cipher/cipher-cbc.c b/cipher/cipher-cbc.c index 4ad2ebd..4b929da 100644 --- a/cipher/cipher-cbc.c +++ b/cipher/cipher-cbc.c @@ -34,15 +34,15 @@ gcry_err_code_t _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { - unsigned int n; + size_t n; unsigned char *ivp; int i; size_t blocksize = c->spec->blocksize; gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; - unsigned nblocks = inbuflen / blocksize; + size_t nblocks = inbuflen / blocksize; unsigned int burn, nburn; if (outbuflen < ((c->flags & GCRY_CIPHER_CBC_MAC)? blocksize : inbuflen)) @@ -92,7 +92,7 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c, { /* We have to be careful here, since outbuf might be equal to inbuf. */ - int restbytes; + size_t restbytes; unsigned char b; if ((inbuflen % blocksize) == 0) @@ -124,14 +124,14 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c, gcry_err_code_t _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { - unsigned int n; + size_t n; int i; size_t blocksize = c->spec->blocksize; gcry_cipher_decrypt_t dec_fn = c->spec->decrypt; - unsigned int nblocks = inbuflen / blocksize; + size_t nblocks = inbuflen / blocksize; unsigned int burn, nburn; if (outbuflen < inbuflen) @@ -175,7 +175,7 @@ _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c, if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) { - int restbytes; + size_t restbytes; if ((inbuflen % blocksize) == 0) restbytes = blocksize; diff --git a/cipher/cipher-ccm.c b/cipher/cipher-ccm.c index ebcbf1e..2a1fc74 100644 --- a/cipher/cipher-ccm.c +++ b/cipher/cipher-ccm.c @@ -318,8 +318,8 @@ _gcry_cipher_ccm_check_tag (gcry_cipher_hd_t c, const unsigned char *intag, gcry_err_code_t _gcry_cipher_ccm_encrypt (gcry_cipher_hd_t c, unsigned char *outbuf, - unsigned int outbuflen, const unsigned char *inbuf, - unsigned int inbuflen) + size_t outbuflen, const unsigned char *inbuf, + size_t inbuflen) { unsigned int burn; @@ -342,8 +342,8 @@ _gcry_cipher_ccm_encrypt (gcry_cipher_hd_t c, unsigned char *outbuf, gcry_err_code_t _gcry_cipher_ccm_decrypt (gcry_cipher_hd_t c, unsigned char *outbuf, - unsigned int outbuflen, const unsigned char *inbuf, - unsigned int inbuflen) + size_t outbuflen, const unsigned char *inbuf, + size_t inbuflen) { gcry_err_code_t err; unsigned int burn; diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c index 610d006..8539f54 100644 --- a/cipher/cipher-cfb.c +++ b/cipher/cipher-cfb.c @@ -33,8 +33,8 @@ gcry_err_code_t _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { unsigned char *ivp; gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; @@ -73,7 +73,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c, also allows to use a bulk encryption function if available. */ if (inbuflen >= blocksize_x_2 && c->bulk.cfb_enc) { - unsigned int nblocks = inbuflen / blocksize; + size_t nblocks = inbuflen / blocksize; c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); outbuf += nblocks * blocksize; inbuf += nblocks * blocksize; @@ -130,8 +130,8 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c, gcry_err_code_t _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { unsigned char *ivp; gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; @@ -170,7 +170,7 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c, also allows to use a bulk encryption function if available. */ if (inbuflen >= blocksize_x_2 && c->bulk.cfb_dec) { - unsigned int nblocks = inbuflen / blocksize; + size_t nblocks = inbuflen / blocksize; c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); outbuf += nblocks * blocksize; inbuf += nblocks * blocksize; diff --git a/cipher/cipher-ctr.c b/cipher/cipher-ctr.c index 37a6a79..1e7133c 100644 --- a/cipher/cipher-ctr.c +++ b/cipher/cipher-ctr.c @@ -33,14 +33,14 @@ gcry_err_code_t _gcry_cipher_ctr_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { - unsigned int n; + size_t n; int i; gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; unsigned int blocksize = c->spec->blocksize; - unsigned int nblocks; + size_t nblocks; unsigned int burn, nburn; if (outbuflen < inbuflen) diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h index f528c84..db06823 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -74,19 +74,19 @@ struct gcry_cipher_handle struct { void (*cfb_enc)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void (*cfb_dec)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void (*cbc_enc)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks, int cbc_mac); + size_t nblocks, int cbc_mac); void (*cbc_dec)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void (*ctr_enc)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); } bulk; @@ -150,57 +150,57 @@ struct gcry_cipher_handle /*-- cipher-cbc.c --*/ gcry_err_code_t _gcry_cipher_cbc_encrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); gcry_err_code_t _gcry_cipher_cbc_decrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); /*-- cipher-cfb.c --*/ gcry_err_code_t _gcry_cipher_cfb_encrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); gcry_err_code_t _gcry_cipher_cfb_decrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); /*-- cipher-ofb.c --*/ gcry_err_code_t _gcry_cipher_ofb_encrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); /*-- cipher-ctr.c --*/ gcry_err_code_t _gcry_cipher_ctr_encrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); /*-- cipher-aeswrap.c --*/ gcry_err_code_t _gcry_cipher_aeswrap_encrypt /* */ (gcry_cipher_hd_t c, - byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen); + byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen); gcry_err_code_t _gcry_cipher_aeswrap_decrypt /* */ (gcry_cipher_hd_t c, - byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen); + byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen); /*-- cipher-ccm.c --*/ gcry_err_code_t _gcry_cipher_ccm_encrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); gcry_err_code_t _gcry_cipher_ccm_decrypt /* */ (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen); + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); gcry_err_code_t _gcry_cipher_ccm_set_nonce /* */ (gcry_cipher_hd_t c, const unsigned char *nonce, size_t noncelen); diff --git a/cipher/cipher-ofb.c b/cipher/cipher-ofb.c index c6d84dd..3842774 100644 --- a/cipher/cipher-ofb.c +++ b/cipher/cipher-ofb.c @@ -33,8 +33,8 @@ gcry_err_code_t _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { unsigned char *ivp; gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; diff --git a/cipher/cipher-selftest.h b/cipher/cipher-selftest.h index 41d77af..3a0fe98 100644 --- a/cipher/cipher-selftest.h +++ b/cipher/cipher-selftest.h @@ -28,17 +28,17 @@ typedef void (*gcry_cipher_bulk_cbc_dec_t)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); typedef void (*gcry_cipher_bulk_cfb_dec_t)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); typedef void (*gcry_cipher_bulk_ctr_enc_t)(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /* Helper function for bulk CBC decryption selftest */ const char * diff --git a/cipher/cipher.c b/cipher/cipher.c index 705696c..80aa7a7 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -555,7 +555,7 @@ gcry_cipher_close (gcry_cipher_hd_t h) /* Set the key to be used for the encryption context C to KEY with length KEYLEN. The length should match the required length. */ static gcry_error_t -cipher_setkey (gcry_cipher_hd_t c, byte *key, unsigned int keylen) +cipher_setkey (gcry_cipher_hd_t c, byte *key, size_t keylen) { gcry_err_code_t ret; @@ -578,7 +578,7 @@ cipher_setkey (gcry_cipher_hd_t c, byte *key, unsigned int keylen) /* Set the IV to be used for the encryption context C to IV with length IVLEN. The length should match the required length. */ static void -cipher_setiv (gcry_cipher_hd_t c, const byte *iv, unsigned ivlen) +cipher_setiv (gcry_cipher_hd_t c, const byte *iv, size_t ivlen) { /* If the cipher has its own IV handler, we use only this one. This is currently used for stream ciphers requiring a nonce. */ @@ -594,7 +594,7 @@ cipher_setiv (gcry_cipher_hd_t c, const byte *iv, unsigned ivlen) if (ivlen != c->spec->blocksize) { log_info ("WARNING: cipher_setiv: ivlen=%u blklen=%u\n", - ivlen, (unsigned int)c->spec->blocksize); + (unsigned int)ivlen, (unsigned int)c->spec->blocksize); fips_signal_error ("IV length does not match blocklength"); } if (ivlen > c->spec->blocksize) @@ -628,12 +628,12 @@ cipher_reset (gcry_cipher_hd_t c) static gcry_err_code_t do_ecb_crypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen, + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen, gcry_cipher_encrypt_t crypt_fn) { unsigned int blocksize = c->spec->blocksize; - unsigned int n, nblocks; + size_t n, nblocks; unsigned int burn, nburn; if (outbuflen < inbuflen) @@ -660,16 +660,16 @@ do_ecb_crypt (gcry_cipher_hd_t c, static gcry_err_code_t do_ecb_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { return do_ecb_crypt (c, outbuf, outbuflen, inbuf, inbuflen, c->spec->encrypt); } static gcry_err_code_t do_ecb_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) { return do_ecb_crypt (c, outbuf, outbuflen, inbuf, inbuflen, c->spec->decrypt); } @@ -681,8 +681,8 @@ do_ecb_decrypt (gcry_cipher_hd_t c, * Depending on the mode some constraints apply to INBUFLEN. */ static gcry_err_code_t -cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen) +cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen) { gcry_err_code_t rc; @@ -781,8 +781,8 @@ gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize, * Depending on the mode some some contraints apply to INBUFLEN. */ static gcry_err_code_t -cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen) +cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen) { gcry_err_code_t rc; diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 47b2559..257a162 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -1672,7 +1672,7 @@ rijndael_encrypt (void *context, byte *b, const byte *a) void _gcry_aes_cfb_enc (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -1736,7 +1736,7 @@ _gcry_aes_cfb_enc (void *context, unsigned char *iv, void _gcry_aes_cbc_enc (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks, int cbc_mac) + size_t nblocks, int cbc_mac) { RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -1834,7 +1834,7 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, void _gcry_aes_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -2095,7 +2095,7 @@ rijndael_decrypt (void *context, byte *b, const byte *a) void _gcry_aes_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -2200,7 +2200,7 @@ _gcry_aes_cfb_dec (void *context, unsigned char *iv, void _gcry_aes_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { RIJNDAEL_context *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/cipher/salsa20.c b/cipher/salsa20.c index f708b18..72b28b0 100644 --- a/cipher/salsa20.c +++ b/cipher/salsa20.c @@ -112,7 +112,7 @@ typedef struct SALSA20_context_s #define LE_READ_UINT32(p) buf_get_le32(p) -static void salsa20_setiv (void *context, const byte *iv, unsigned int ivlen); +static void salsa20_setiv (void *context, const byte *iv, size_t ivlen); static const char *selftest (void); @@ -360,13 +360,13 @@ salsa20_setkey (void *context, const byte *key, unsigned int keylen) static void -salsa20_setiv (void *context, const byte *iv, unsigned int ivlen) +salsa20_setiv (void *context, const byte *iv, size_t ivlen) { SALSA20_context_t *ctx = (SALSA20_context_t *)context; byte tmp[SALSA20_IV_SIZE]; if (iv && ivlen != SALSA20_IV_SIZE) - log_info ("WARNING: salsa20_setiv: bad ivlen=%u\n", ivlen); + log_info ("WARNING: salsa20_setiv: bad ivlen=%u\n", (u32)ivlen); if (!iv || ivlen != SALSA20_IV_SIZE) memset (tmp, 0, sizeof(tmp)); @@ -387,14 +387,14 @@ salsa20_setiv (void *context, const byte *iv, unsigned int ivlen) static void salsa20_do_encrypt_stream (SALSA20_context_t *ctx, byte *outbuf, const byte *inbuf, - unsigned int length, unsigned rounds) + size_t length, unsigned rounds) { unsigned int nburn, burn = 0; if (ctx->unused) { unsigned char *p = (void*)ctx->pad; - unsigned int n; + size_t n; gcry_assert (ctx->unused < SALSA20_BLOCK_SIZE); @@ -414,7 +414,7 @@ salsa20_do_encrypt_stream (SALSA20_context_t *ctx, #ifdef USE_AMD64 if (length >= SALSA20_BLOCK_SIZE) { - unsigned int nblocks = length / SALSA20_BLOCK_SIZE; + size_t nblocks = length / SALSA20_BLOCK_SIZE; burn = _gcry_salsa20_amd64_encrypt_blocks(ctx->input, inbuf, outbuf, nblocks, rounds); length -= SALSA20_BLOCK_SIZE * nblocks; @@ -461,7 +461,7 @@ salsa20_do_encrypt_stream (SALSA20_context_t *ctx, static void salsa20_encrypt_stream (void *context, - byte *outbuf, const byte *inbuf, unsigned int length) + byte *outbuf, const byte *inbuf, size_t length) { SALSA20_context_t *ctx = (SALSA20_context_t *)context; @@ -472,7 +472,7 @@ salsa20_encrypt_stream (void *context, static void salsa20r12_encrypt_stream (void *context, - byte *outbuf, const byte *inbuf, unsigned int length) + byte *outbuf, const byte *inbuf, size_t length) { SALSA20_context_t *ctx = (SALSA20_context_t *)context; diff --git a/cipher/serpent.c b/cipher/serpent.c index 915cc95..8e647d4 100644 --- a/cipher/serpent.c +++ b/cipher/serpent.c @@ -827,7 +827,7 @@ serpent_decrypt (void *ctx, byte *buffer_out, const byte *buffer_in) void _gcry_serpent_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { serpent_context_t *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -944,8 +944,8 @@ _gcry_serpent_ctr_enc(void *context, unsigned char *ctr, intended for the bulk encryption feature of cipher.c. */ void _gcry_serpent_cbc_dec(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks) { serpent_context_t *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -1053,7 +1053,7 @@ _gcry_serpent_cbc_dec(void *context, unsigned char *iv, void _gcry_serpent_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks) + size_t nblocks) { serpent_context_t *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/cipher/twofish.c b/cipher/twofish.c index 04081db..ecd76e3 100644 --- a/cipher/twofish.c +++ b/cipher/twofish.c @@ -966,7 +966,7 @@ twofish_decrypt (void *context, byte *out, const byte *in) of size TWOFISH_BLOCKSIZE. */ void _gcry_twofish_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { TWOFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -1025,7 +1025,7 @@ _gcry_twofish_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_twofish_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { TWOFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; @@ -1075,7 +1075,7 @@ _gcry_twofish_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, intended for the bulk encryption feature of cipher.c. */ void _gcry_twofish_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, - const void *inbuf_arg, unsigned int nblocks) + const void *inbuf_arg, size_t nblocks) { TWOFISH_context *ctx = context; unsigned char *outbuf = outbuf_arg; diff --git a/src/cipher-proto.h b/src/cipher-proto.h index c7ce906..c82012c 100644 --- a/src/cipher-proto.h +++ b/src/cipher-proto.h @@ -153,21 +153,20 @@ typedef unsigned int (*gcry_cipher_decrypt_t) (void *c, typedef void (*gcry_cipher_stencrypt_t) (void *c, unsigned char *outbuf, const unsigned char *inbuf, - unsigned int n); + size_t n); /* Type for the cipher_stdecrypt function. */ typedef void (*gcry_cipher_stdecrypt_t) (void *c, unsigned char *outbuf, const unsigned char *inbuf, - unsigned int n); + size_t n); /* The type used to convey additional information to a cipher. */ typedef gpg_err_code_t (*cipher_set_extra_info_t) (void *c, int what, const void *buffer, size_t buflen); /* The type used to set an IV directly in the algorithm module. */ -typedef void (*cipher_setiv_func_t)(void *c, - const byte *iv, unsigned int ivlen); +typedef void (*cipher_setiv_func_t)(void *c, const byte *iv, size_t ivlen); /* A structure to map OIDs to encryption modes. */ typedef struct gcry_cipher_oid_spec diff --git a/src/cipher.h b/src/cipher.h index d939ade..38d2a97 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -97,78 +97,78 @@ void _gcry_sha1_hash_buffers (void *outbuf, /*-- rijndael.c --*/ void _gcry_aes_cfb_enc (void *context, unsigned char *iv, void *outbuf, const void *inbuf, - unsigned int nblocks); + size_t nblocks); void _gcry_aes_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_aes_cbc_enc (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks, int cbc_mac); + size_t nblocks, int cbc_mac); void _gcry_aes_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_aes_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- blowfish.c --*/ void _gcry_blowfish_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_blowfish_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_blowfish_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- cast5.c --*/ void _gcry_cast5_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_cast5_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_cast5_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- camellia-glue.c --*/ void _gcry_camellia_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_camellia_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_camellia_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- serpent.c --*/ void _gcry_serpent_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_serpent_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_serpent_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- twofish.c --*/ void _gcry_twofish_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_twofish_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); void _gcry_twofish_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); /*-- dsa.c --*/ void _gcry_register_pk_dsa_progress (gcry_handler_progress_t cbc, void *cb_data); ----------------------------------------------------------------------- Summary of changes: cipher/arcfour.c | 4 ++-- cipher/blowfish.c | 6 +++--- cipher/camellia-glue.c | 6 +++--- cipher/cast5.c | 6 +++--- cipher/cipher-aeswrap.c | 12 +++++------ cipher/cipher-cbc.c | 20 +++++++++---------- cipher/cipher-ccm.c | 8 ++++---- cipher/cipher-cfb.c | 12 +++++------ cipher/cipher-ctr.c | 8 ++++---- cipher/cipher-internal.h | 50 +++++++++++++++++++++++----------------------- cipher/cipher-ofb.c | 4 ++-- cipher/cipher-selftest.h | 6 +++--- cipher/cipher.c | 28 +++++++++++++------------- cipher/rijndael.c | 10 +++++----- cipher/salsa20.c | 16 +++++++-------- cipher/serpent.c | 8 ++++---- cipher/twofish.c | 6 +++--- src/cipher-proto.h | 7 +++---- src/cipher.h | 40 ++++++++++++++++++------------------- 19 files changed, 128 insertions(+), 129 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Mon Nov 18 17:59:13 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 18 Nov 2013 17:59:13 +0100 Subject: [git] gnupg-doc - branch, master, updated. 4689e9180c4474e11c152da49c90ce81601ae158 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 4689e9180c4474e11c152da49c90ce81601ae158 (commit) from 057a6770df9438e4738d194a0fb2ecd6b8e2f102 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4689e9180c4474e11c152da49c90ce81601ae158 Author: Werner Koch Date: Mon Nov 18 17:57:20 2013 +0100 Remove freenigma* from the related software list. Despite the original plan to make the Freenigma source code available, the project was instead shutdown in favor of freenigma-service. For the latter the client code is available but the servers are meanwhile shutdown. Thus there is not much point to list it either. diff --git a/web/related_software/frontends.org b/web/related_software/frontends.org index b8f4f8b..e0b0b55 100644 --- a/web/related_software/frontends.org +++ b/web/related_software/frontends.org @@ -70,8 +70,6 @@ ** Network related - - [[file:swlist.org::#freenigma][freenigma]] - - [[file:swlist.org::#freenigma-service][freenigma service]] - [[file:swlist.org::#privaria][Privaria]] ** Frontends for scripting diff --git a/web/related_software/swlist.org b/web/related_software/swlist.org index 0675e7e..d1c949a 100644 --- a/web/related_software/swlist.org +++ b/web/related_software/swlist.org @@ -91,24 +91,6 @@ it merges intuitive use with powerful features. The result is an application that's not only fast and secure, but also perfect for novices and power-users alike. -** [[http://www.freenigma.org/][freenigma]] [Unix] MUA,SRV - :PROPERTIES: - :CUSTOM_ID: freenigma - :END: - -Is a server based solution for centralized and transparent encryption -and signatures. It comes with a web admin interface and may either be -used as a drop in MTA replacement or as an additional MTA. - -** freenigma service [Any] SRV - :PROPERTIES: - :CUSTOM_ID: freenigma-service - :END: - -freenigma service was an OpenPGP web service for easy key -management. It allowed encryption without taking care of keys. A -documented API was available as well as several tools to access the -web service. The service has meanwhile been shutdown. ** [[http://gabber.sourceforge.net/][Gabber]] [Unix] CHAT :PROPERTIES: ----------------------------------------------------------------------- Summary of changes: web/related_software/frontends.org | 2 -- web/related_software/swlist.org | 18 ------------------ 2 files changed, 20 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Nov 19 22:25:56 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Tue, 19 Nov 2013 22:25:56 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-389-g9816ae9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 9816ae9d9931b75e4fdc9a5be10e6af447132313 (commit) via 77922a82c3f2e30eca04511fa5a355208349c657 (commit) from b49cd64aaaff2e5488a84665362ef7150683226c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9816ae9d9931b75e4fdc9a5be10e6af447132313 Author: Jussi Kivilinna Date: Mon Nov 18 20:27:35 2013 +0200 Camellia: fix compiler warning * cipher/camellia-glue.c (camellia_setkey): Use braces around empty if statement. -- Patch silences following warning: camellia-glue.c: In function 'camellia_setkey': camellia-glue.c:183:5: warning: suggest braces around empty body in an 'if' statement [-Wempty-body] Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c index 575bb04..f18d135 100644 --- a/cipher/camellia-glue.c +++ b/cipher/camellia-glue.c @@ -180,7 +180,7 @@ camellia_setkey(void *c, const byte *key, unsigned keylen) ctx->keybitlength=keylen*8; if (0) - ; + { } #ifdef USE_AESNI_AVX else if (ctx->use_aesni_avx) _gcry_camellia_aesni_avx_keygen(ctx, key, keylen); commit 77922a82c3f2e30eca04511fa5a355208349c657 Author: Jussi Kivilinna Date: Tue Nov 19 15:48:32 2013 +0200 Tweak Camellia-AVX key-setup for small speed-up * cipher/camellia-aesni-avx-amd64.S (camellia_f): Merge S-function output rotation with P-function. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-aesni-avx-amd64.S b/cipher/camellia-aesni-avx-amd64.S index b25a8c7..ffb1aed 100644 --- a/cipher/camellia-aesni-avx-amd64.S +++ b/cipher/camellia-aesni-avx-amd64.S @@ -1213,7 +1213,7 @@ _gcry_camellia_aesni_avx_cfb_dec: /* input rotation for sbox4 (<<< 1) */ \ vpand x, sbox4mask, t0; \ vpandn x, sbox4mask, x; \ - vpsllw $1, t0, t1; \ + vpaddw t0, t0, t1; \ vpsrlw $7, t0, t0; \ vpor t0, t1, t0; \ vpand sbox4mask, t0, t0; \ @@ -1238,34 +1238,22 @@ _gcry_camellia_aesni_avx_cfb_dec: vpor sbox2mask, t4, t2; \ vpand x, sbox2mask, t0; \ vpand x, t4, t1; \ - vpandn x, t2, x; \ - vpsllw $1, t0, t2; \ + vpaddb x, x, t2; \ + vpshufb .Lsp1110111044044404mask RIP, x, t4; \ + vpshufb .Lsp0044440410011110mask RIP, x, x; \ vpsrlw $7, t0, t0; \ - vpor t0, t2, t0; \ - vpand sbox2mask, t0, t0; \ - vpsllw $7, t1, t2; \ + vpsllw $7, t1, t3; \ vpsrlw $1, t1, t1; \ - vpor t1, t2, t1; \ - vpand t4, t1, t1; \ - vpor x, t0, x; \ - vpor x, t1, x; \ - \ - vpshufb .Lsp11101110mask RIP, x, t4; \ - vpshufb .Lsp44044404mask RIP, x, t1; \ - vpshufb .Lsp30333033mask RIP, x, t2; \ - vpshufb .Lsp02220222mask RIP, x, t0; \ - vpxor t2, t1, t1; \ - \ - vpshufb .Lsp00444404mask RIP, x, t2; \ - vpxor t0, t1, t1; \ - vpshufb .Lsp03303033mask RIP, x, t0; \ - vpxor t2, t4, t4; \ - vpshufb .Lsp22000222mask RIP, x, t2; \ - vpxor t0, t1, t1; \ - vpxor t2, t4, t4; \ - vpshufb .Lsp10011110mask RIP, x, x; \ - vpxor t1, x, x; \ - vpxor t4, x, x; + vpor t0, t2, t0; \ + vpshufb .Lsp0222022222000222mask RIP, t0, t0; \ + vpor t1, t3, t1; \ + vpshufb .Lsp3033303303303033mask RIP, t1, t1; \ + \ + vpxor x, t4, t4; \ + vpxor t1, t0, t0; \ + vpxor t4, t0, t0; \ + vpsrldq $8, t0, x; \ + vpxor t0, x, x; #define vec_rol128(in, out, nrol, t0) \ vpshufd $0x4e, in, out; \ @@ -1281,29 +1269,25 @@ _gcry_camellia_aesni_avx_cfb_dec: .data -.align 8 +.align 16 +.Lsp1110111044044404mask: + .long 0x000000ff, 0x000000ff; + .long 0x0101ff01, 0x0101ff01; +.Lsp0044440410011110mask: + .long 0xffff0404, 0x0404ff04; + .long 0x07ffff07, 0x070707ff; +.Lsp0222022222000222mask: + .long 0xff030303, 0xff030303; + .long 0x0606ffff, 0xff060606; +.Lsp3033303303303033mask: + .long 0x02ff0202, 0x02ff0202; + .long 0xff0505ff, 0x05ff0505; .Lsbox2_output_mask: .byte 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00; .Lsbox3_output_mask: .byte 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00; .Lsbox4_input_mask: .byte 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00; -.Lsp11101110mask: - .long 0x000000ff, 0x000000ff; -.Lsp44044404mask: - .long 0x0101ff01, 0x0101ff01; -.Lsp30333033mask: - .long 0x02ff0202, 0x02ff0202; -.Lsp02220222mask: - .long 0xff030303, 0xff030303; -.Lsp00444404mask: - .long 0xffff0404, 0x0404ff04; -.Lsp03303033mask: - .long 0xff0505ff, 0x05ff0505; -.Lsp22000222mask: - .long 0x0606ffff, 0xff060606; -.Lsp10011110mask: - .long 0x07ffff07, 0x070707ff; .Lsigma1: .long 0x3BCC908B, 0xA09E667F; .Lsigma2: ----------------------------------------------------------------------- Summary of changes: cipher/camellia-aesni-avx-amd64.S | 72 +++++++++++++++---------------------- cipher/camellia-glue.c | 2 +- 2 files changed, 29 insertions(+), 45 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 21 17:48:58 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Nov 2013 17:48:58 +0100 Subject: [git] gnupg-doc - branch, master, updated. 5b9a0bf2b773aebdc43048c4bba7d9be6fce2e51 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 5b9a0bf2b773aebdc43048c4bba7d9be6fce2e51 (commit) from 33fa7092bbda13284f0396fc809270262fb26d7f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5b9a0bf2b773aebdc43048c4bba7d9be6fce2e51 Author: Werner Koch Date: Thu Nov 21 17:47:34 2013 +0100 Disable link to the RSS feed It is ucrrently not working - needs to be fixed. GnuPG-bug-id: 1570 diff --git a/web/index.org b/web/index.org index 1915543..7c4ac7e 100644 --- a/web/index.org +++ b/web/index.org @@ -41,9 +41,9 @@ Project [[http://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME functi The following frames report the latest news from GnuPG. A list with all [[news.org][news of previous years]] is also available. -For those of you who like reading world?s news with an RSS reader, -GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttp://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just -point or paste the [[news.en.rss][RSS file]] into your aggregator. +# For those of you who like reading world?s news with an RSS reader, +# GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttp://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just +# point or paste the [[news.en.rss][RSS file]] into your aggregator. ** Blog: Friends tell friends they love GnuPG (2013-11-13) ----------------------------------------------------------------------- Summary of changes: web/index.org | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Nov 21 20:17:45 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Nov 2013 20:17:45 +0100 Subject: [git] gnupg-doc - branch, master, updated. 3603120c54d52a7d5192b0c95f5d2bfe535d4a13 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 3603120c54d52a7d5192b0c95f5d2bfe535d4a13 (commit) from 5b9a0bf2b773aebdc43048c4bba7d9be6fce2e51 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3603120c54d52a7d5192b0c95f5d2bfe535d4a13 Author: Werner Koch Date: Thu Nov 21 20:16:12 2013 +0100 Fix links on the front page. diff --git a/web/index.org b/web/index.org index 7c4ac7e..66423e7 100644 --- a/web/index.org +++ b/web/index.org @@ -14,7 +14,7 @@ sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as /GPG/, is a command line tool with features for easy integration with other applications. A wealth of -[[related_software/frontends.html][frontend applications]] and [[related_software/libraries.html][libraries]] are available. Version 2 of GnuPG +[[file:related_software/frontends.html][frontend applications]] and [[file:related_software/libraries.html][libraries]] are available. Version 2 of GnuPG also provides support for S/MIME. GnuPG is [[http://www.gnu.org/philosophy/free-sw.html][Free Software]] (meaning that it respects your freedom). It can @@ -39,7 +39,7 @@ Project [[http://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME functi #+index: News The following frames report the latest news from GnuPG. A list with -all [[news.org][news of previous years]] is also available. +all [[file:news.org][news of previous years]] is also available. # For those of you who like reading world?s news with an RSS reader, # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttp://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just ----------------------------------------------------------------------- Summary of changes: web/index.org | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 22 10:33:17 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 22 Nov 2013 10:33:17 +0100 Subject: [git] gnupg-doc - branch, master, updated. bfb83263ceadce7eaf18dc2d2fdcfd48f2fb6c4f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via bfb83263ceadce7eaf18dc2d2fdcfd48f2fb6c4f (commit) via f63d8666ca4d5a685f7efbb042e76c6cb06bd90e (commit) via c54adcb07c68adecac306f4aba1e56ee78c93cca (commit) from 3603120c54d52a7d5192b0c95f5d2bfe535d4a13 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bfb83263ceadce7eaf18dc2d2fdcfd48f2fb6c4f Author: Werner Koch Date: Thu Nov 21 20:20:02 2013 +0100 Add dissenting opinion on the use of PGP/MIME. diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index 6a5aaa3..63e92f9 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -2047,10 +2047,9 @@ against all threats. :CUSTOM_ID: use_pgpmime :END: -Probably not. +This is controversial, thus there are two commonly given answers. -# This is controversial. rjh: we should discuss on how we can extend -# this answer -wk +*** 1. Probably not. PGP/MIME is the official, standardized way of using GnuPG with electronic mail. PGP/MIME packages the data up as encrypted @@ -2072,6 +2071,32 @@ mailing lists, it?s hard to claim that PGP/MIME is ready for widespread usage. For now, it?s best to use inline traffic unless you can be certain that PGP/MIME messages will not be mangled in transit. +*** 2. Yes, it is the safer solution. + +The problems with the mailing list software are annoying but harmless. + +In most other cases PGP/MIME works very well and avoids a lot of +semantic problems when sending signed mails. For example it is much +easier for mail readers to indicate what parts of the mail are covered +by the signature. Many mail readers have bugs pertaining to inline +signatures which can be used to trick the user into assuming that some +parts of a mail are covered by the signatures while in reality they +are not. + +For encrypted and signed mails there are no problems with signature +verification because almost all software uses the combined +signature+encryption approach of PGP/MIME and thus GnuPG takes care of +it in exactly the same way as it does with inline traffic. + +Non-ASCII character encoding is problematic with inline data. +Although OpenPGP provides a way to specify the encoding, that feature +is not widely supported. In good Unix tradition GnuPG does not try to +interpret the data it signs or encrypts but relies on the peers to +agree on a common encoding. PGP/MIME provides a well established and +matured way of doing exactly that. + +Some plugins for Outlook do not support PGP/MIME but after all the +OpenPGP support in Outlook is anyway quite limited. ** What are the best algorithms in GnuPG? commit f63d8666ca4d5a685f7efbb042e76c6cb06bd90e Author: Werner Koch Date: Thu Nov 21 20:19:06 2013 +0100 Declare the FAQ official. Also include pointers to Claws-Mail and VMS diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index 4c34c81..6a5aaa3 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -72,10 +72,10 @@ for any errors. :CUSTOM_ID: welcome :END: -Welcome to the *unofficial* GnuPG FAQ. - -*As of this writing, this FAQ is both inaccurate and incomplete. It is -a work in progress. Do not rely on the answers found herein.* +Welcome to the official GnuPG FAQ. This FAQ has been written from +scratch and makes the old FAQ obsolete. Nevertheless this text is +still incomplete but we believe it to be more accurate than the long +outdated former FAQ. ** What conventions are used in this FAQ? @@ -118,7 +118,7 @@ italicized, and initialed by their author. The different editors are: :CUSTOM_ID: is_it_official :END: -Not yet. +Yes. ** When was this FAQ last checked for accuracy? @@ -184,7 +184,7 @@ clients, such as Psi. :END: Largely, yes. It can be made to interoperate with anything from PGP -5.0 and onwards, and has excellent interoperability with the most +2.6 and onwards, and has excellent interoperability with the most recent releases. @@ -329,6 +329,13 @@ Alternatively, you can install GnuPG using a package manager: sudo pkg_add -r gnupg #+end_example +*** ? for VMS? + :PROPERTIES: + :CUSTOM_ID: get_gnupg_vms + :END: + +A port to *VMS* is maintained by Steven M. Schweda at [[http://www.antinode.info/dec/sw/gnupg.html][antinode.info]]. + ** Is there source code available for it? :PROPERTIES: @@ -658,7 +665,12 @@ Many email clients offer strong GnuPG integration. - Actively developed :: Yes Kontact is KDE?s integrated personal information manager of KDE. It runs anywhere that KDE does, and even on some mobile devices as Kontact Touch. - +- Claws-Mail + - Plugin? :: Yes (internal plugin) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes + Claws-Mail for Windows is included in the [[http://www.gpg4win.org][Gpg4win]] installer. ** ? Mac OS X? :PROPERTIES: @@ -680,13 +692,16 @@ Many email clients offer strong GnuPG integration. - Supports GnuPG versions :: 1.4, 2.0 - Supports PGP/MIME :: Yes - Actively developed :: Yes + EasyPG is part of Emacs 23, proper. Thus there is no more need + to install the plugin. See the Gnus manual for configuration hints. - Mutt - Plugin? :: No (natively supported) - Supports GnuPG versions :: 1.4, 2.0 - Supports PGP/MIME :: Yes - Actively developed :: Yes - Make sure to put ~set crypt_use_gpgme~ in your =~/.muttrc= file. + For best experience make sure to put ~set crypt_use_gpgme~ in your + =~/.muttrc= file. - Apple Mail - Plugin? :: Yes, via [[http://www.gpgtools.org][GPGtools]] @@ -717,13 +732,16 @@ Many email clients offer strong GnuPG integration. - Supports GnuPG versions :: 1.4, 2.0 - Supports PGP/MIME :: Yes - Actively developed :: Yes + EasyPG is part of Emacs 23, proper. Thus there is no more need + to install the plugin. See the Gnus manual for configuration hints. - Mutt - Plugin? :: No (natively supported) - Supports GnuPG versions :: 1.4, 2.0 - Supports PGP/MIME :: Yes - Actively developed :: Yes - Make sure to put ~set crypt_use_gpgme~ in your =~/.muttrc= file. + For best experience make sure to put ~set crypt_use_gpgme~ in your + =~/.muttrc= file. - Kontact - Plugin? :: No (natively supported) @@ -740,13 +758,19 @@ Many email clients offer strong GnuPG integration. - Supports PGP/MIME :: Yes - Actively developed :: Yes +- Claws-Mail + - Plugin? :: Yes (internal plugin) + - Supports GnuPG versions :: 1.4, 2.0 + - Supports PGP/MIME :: Yes + - Actively developed :: Yes * Is GnuPG available as a ?portable app?? :PROPERTIES: :CUSTOM_ID: portable_app :END: -For Windows users, check [[http://portableapps.com/apps/internet/thunderbird_portable][PortableApps.com]]. +For Windows users, check [[http://portableapps.com/apps/internet/thunderbird_portable][PortableApps.com]]. To build you own portable +application you may use the /mkportable/ tool which comes with [[http://www.gpg4win.org][Gpg4win]]. * What do all these strange words mean? commit c54adcb07c68adecac306f4aba1e56ee78c93cca Author: Werner Koch Date: Thu Nov 21 20:17:26 2013 +0100 Add UNIX trademark and reorder list. diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index c8f8937..4c34c81 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -25,12 +25,13 @@ very litigious. :CUSTOM_ID: trademarks :END: -- PGP is a trademark of Symantec Corporation. -- Windows is a trademark of the Microsoft Corporation. +- Linux is a trademark of Linus Torvalds. - Macintosh, OS X and Mac OS X are all trademarks of the Apple Corporation. -- Linux is a trademark of Linus Torvalds. +- PGP is a trademark of Symantec Corporation. - Solaris is a trademark of Oracle Corporation. +- UNIX is a trademark of The Open Group. +- Windows is a trademark of the Microsoft Corporation. - Some cryptographic algorithms mentioned in this FAQ may be trademarked. ----------------------------------------------------------------------- Summary of changes: web/faq/gnupg-faq.org | 82 +++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 66 insertions(+), 16 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Sat Nov 23 11:51:58 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sat, 23 Nov 2013 11:51:58 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-403-ga34448c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via a34448c929b13bfb7b66d69169c89e7319a18b31 (commit) from dbfa651618693da7ea73b4d2d00d4efd411bfb46 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a34448c929b13bfb7b66d69169c89e7319a18b31 Author: Jussi Kivilinna Date: Thu Nov 21 21:34:21 2013 +0200 Add GMAC to MAC API * cipher/Makefile.am: Add 'mac-gmac.c'. * cipher/mac-gmac.c: New. * cipher/mac-internal.h (gcry_mac_handle): Add 'u.gcm'. (_gcry_mac_type_spec_gmac_aes, _gcry_mac_type_spec_gmac_twofish) (_gcry_mac_type_spec_gmac_serpent, _gcry_mac_type_spec_gmac_seed) (_gcry_mac_type_spec_gmac_camellia): New externs. * cipher/mac.c (mac_list): Add GMAC specifications. * doc/gcrypt.texi: Add mention of GMAC. * src/gcrypt.h.in (gcry_mac_algos): Add GCM algorithms. * tests/basic.c (check_one_mac): Add support for MAC IVs. (check_mac): Add support for MAC IVs and add GMAC test vectors. * tests/bench-slope.c (mac_bench): Iterate algorithm numbers to 499. * tests/benchmark.c (mac_bench): Iterate algorithm numbers to 499. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/Makefile.am b/cipher/Makefile.am index e29b28d..ff9deca 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -45,7 +45,7 @@ cipher-selftest.c cipher-selftest.h \ pubkey.c pubkey-internal.h pubkey-util.c \ md.c \ mac.c mac-internal.h \ -mac-hmac.c mac-cmac.c \ +mac-hmac.c mac-cmac.c mac-gmac.c \ kdf.c kdf-internal.h \ hmac-tests.c \ bithelp.h \ diff --git a/cipher/mac-gmac.c b/cipher/mac-gmac.c new file mode 100644 index 0000000..e040bfe --- /dev/null +++ b/cipher/mac-gmac.c @@ -0,0 +1,185 @@ +/* mac-gmac.c - GMAC glue for MAC API + * Copyright ? 2013 Jussi Kivilinna + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "g10lib.h" +#include "cipher.h" +#include "./mac-internal.h" + + +static int +map_mac_algo_to_cipher (int mac_algo) +{ + switch (mac_algo) + { + default: + return GCRY_CIPHER_NONE; + case GCRY_MAC_GMAC_AES: + return GCRY_CIPHER_AES; + case GCRY_MAC_GMAC_CAMELLIA: + return GCRY_CIPHER_CAMELLIA128; + case GCRY_MAC_GMAC_TWOFISH: + return GCRY_CIPHER_TWOFISH; + case GCRY_MAC_GMAC_SERPENT: + return GCRY_CIPHER_SERPENT128; + case GCRY_MAC_GMAC_SEED: + return GCRY_CIPHER_SEED; + } +} + + +static gcry_err_code_t +gmac_open (gcry_mac_hd_t h) +{ + gcry_err_code_t err; + gcry_cipher_hd_t hd; + int secure = (h->magic == CTX_MAGIC_SECURE); + int cipher_algo; + unsigned int flags; + + cipher_algo = map_mac_algo_to_cipher (h->spec->algo); + flags = (secure ? GCRY_CIPHER_SECURE : 0); + + err = _gcry_cipher_open_internal (&hd, cipher_algo, GCRY_CIPHER_MODE_GCM, + flags); + if (err) + return err; + + h->u.gmac.cipher_algo = cipher_algo; + h->u.gmac.ctx = hd; + return 0; +} + + +static void +gmac_close (gcry_mac_hd_t h) +{ + _gcry_cipher_close (h->u.gmac.ctx); + h->u.gmac.ctx = NULL; +} + + +static gcry_err_code_t +gmac_setkey (gcry_mac_hd_t h, const unsigned char *key, size_t keylen) +{ + return _gcry_cipher_setkey (h->u.gmac.ctx, key, keylen); +} + + +static gcry_err_code_t +gmac_setiv (gcry_mac_hd_t h, const unsigned char *iv, size_t ivlen) +{ + return _gcry_cipher_setiv (h->u.gmac.ctx, iv, ivlen); +} + + +static gcry_err_code_t +gmac_reset (gcry_mac_hd_t h) +{ + return gcry_cipher_reset (h->u.gmac.ctx); +} + + +static gcry_err_code_t +gmac_write (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen) +{ + return _gcry_cipher_authenticate (h->u.gmac.ctx, buf, buflen); +} + + +static gcry_err_code_t +gmac_read (gcry_mac_hd_t h, unsigned char *outbuf, size_t * outlen) +{ + if (*outlen > GCRY_GCM_BLOCK_LEN) + *outlen = GCRY_GCM_BLOCK_LEN; + return _gcry_cipher_gettag (h->u.gmac.ctx, outbuf, *outlen); +} + + +static gcry_err_code_t +gmac_verify (gcry_mac_hd_t h, const unsigned char *buf, size_t buflen) +{ + return _gcry_cipher_checktag (h->u.gmac.ctx, buf, buflen); +} + + +static unsigned int +gmac_get_maclen (int algo) +{ + (void)algo; + return GCRY_GCM_BLOCK_LEN; +} + + +static unsigned int +gmac_get_keylen (int algo) +{ + return _gcry_cipher_get_algo_keylen (map_mac_algo_to_cipher (algo)); +} + + +static gcry_mac_spec_ops_t gmac_ops = { + gmac_open, + gmac_close, + gmac_setkey, + gmac_setiv, + gmac_reset, + gmac_write, + gmac_read, + gmac_verify, + gmac_get_maclen, + gmac_get_keylen +}; + + +#if USE_AES +gcry_mac_spec_t _gcry_mac_type_spec_gmac_aes = { + GCRY_MAC_GMAC_AES, {0, 1}, "GMAC_AES", + &gmac_ops +}; +#endif +#if USE_TWOFISH +gcry_mac_spec_t _gcry_mac_type_spec_gmac_twofish = { + GCRY_MAC_GMAC_TWOFISH, {0, 0}, "GMAC_TWOFISH", + &gmac_ops +}; +#endif +#if USE_SERPENT +gcry_mac_spec_t _gcry_mac_type_spec_gmac_serpent = { + GCRY_MAC_GMAC_SERPENT, {0, 0}, "GMAC_SERPENT", + &gmac_ops +}; +#endif +#if USE_SEED +gcry_mac_spec_t _gcry_mac_type_spec_gmac_seed = { + GCRY_MAC_GMAC_SEED, {0, 0}, "GMAC_SEED", + &gmac_ops +}; +#endif +#if USE_CAMELLIA +gcry_mac_spec_t _gcry_mac_type_spec_gmac_camellia = { + GCRY_MAC_GMAC_CAMELLIA, {0, 0}, "GMAC_CAMELLIA", + &gmac_ops +}; +#endif diff --git a/cipher/mac-internal.h b/cipher/mac-internal.h index 146b218..2a5e7c6 100644 --- a/cipher/mac-internal.h +++ b/cipher/mac-internal.h @@ -103,6 +103,10 @@ struct gcry_mac_handle int cipher_algo; unsigned int blklen; } cmac; + struct { + gcry_cipher_hd_t ctx; + int cipher_algo; + } gmac; } u; }; @@ -180,3 +184,22 @@ extern gcry_mac_spec_t _gcry_mac_type_spec_cmac_idea; #if USE_GOST28147 extern gcry_mac_spec_t _gcry_mac_type_spec_cmac_gost28147; #endif + +/* + * The GMAC algorithm specifications (mac-gmac.c). + */ +#if USE_AES +extern gcry_mac_spec_t _gcry_mac_type_spec_gmac_aes; +#endif +#if USE_TWOFISH +extern gcry_mac_spec_t _gcry_mac_type_spec_gmac_twofish; +#endif +#if USE_SERPENT +extern gcry_mac_spec_t _gcry_mac_type_spec_gmac_serpent; +#endif +#if USE_SEED +extern gcry_mac_spec_t _gcry_mac_type_spec_gmac_seed; +#endif +#if USE_CAMELLIA +extern gcry_mac_spec_t _gcry_mac_type_spec_gmac_camellia; +#endif diff --git a/cipher/mac.c b/cipher/mac.c index 8d1dec0..5ac8729 100644 --- a/cipher/mac.c +++ b/cipher/mac.c @@ -74,21 +74,26 @@ static gcry_mac_spec_t *mac_list[] = { #endif #if USE_AES &_gcry_mac_type_spec_cmac_aes, + &_gcry_mac_type_spec_gmac_aes, #endif #if USE_TWOFISH &_gcry_mac_type_spec_cmac_twofish, + &_gcry_mac_type_spec_gmac_twofish, #endif #if USE_SERPENT &_gcry_mac_type_spec_cmac_serpent, + &_gcry_mac_type_spec_gmac_serpent, #endif #if USE_RFC2268 &_gcry_mac_type_spec_cmac_rfc2268, #endif #if USE_SEED &_gcry_mac_type_spec_cmac_seed, + &_gcry_mac_type_spec_gmac_seed, #endif #if USE_CAMELLIA &_gcry_mac_type_spec_cmac_camellia, + &_gcry_mac_type_spec_gmac_camellia, #endif #ifdef USE_IDEA &_gcry_mac_type_spec_cmac_idea, diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 1f6ceec..4870a1c 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -3529,6 +3529,26 @@ block cipher algorithm. This is CMAC message authentication algorithm based on the GOST 28147-89 block cipher algorithm. + at item GCRY_MAC_GMAC_AES +This is GMAC (GCM mode based MAC) message authentication algorithm based on +the AES block cipher algorithm. + + at item GCRY_MAC_GMAC_CAMELLIA +This is GMAC message authentication algorithm based on the Camellia +block cipher algorithm. + + at item GCRY_MAC_GMAC_TWOFISH +This is GMAC message authentication algorithm based on the Twofish +block cipher algorithm. + + at item GCRY_MAC_GMAC_SERPENT +This is GMAC message authentication algorithm based on the Serpent +block cipher algorithm. + + at item GCRY_MAC_GMAC_SEED +This is GMAC message authentication algorithm based on the SEED +block cipher algorithm. + @end table @c end table of MAC algorithms @@ -3574,13 +3594,13 @@ underlying block cipher. @end deftypefun - at c Some MAC algorithms need initialization vector to be set, which can be - at c performed with function: - at c @c - at c @deftypefun gcry_error_t gcry_mac_setiv (gcry_mac_hd_t @var{h}, const void *@var{iv}, size_t @var{ivlen}) - at c @c - at c Set the IV to the value of @var{iv} of length @var{ivlen} bytes. - at c @end deftypefun +GMAC algorithms need initialization vector to be set, which can be +performed with function: + + at deftypefun gcry_error_t gcry_mac_setiv (gcry_mac_hd_t @var{h}, const void *@var{iv}, size_t @var{ivlen}) + +Set the IV to the value of @var{iv} of length @var{ivlen} bytes. + at end deftypefun After you are done with the MAC calculation, you should release the resources diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 24f7af6..625fa9f 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1325,7 +1325,13 @@ enum gcry_mac_algos GCRY_MAC_CMAC_SEED = 208, GCRY_MAC_CMAC_RFC2268 = 209, GCRY_MAC_CMAC_IDEA = 210, - GCRY_MAC_CMAC_GOST28147 = 211 + GCRY_MAC_CMAC_GOST28147 = 211, + + GCRY_MAC_GMAC_AES = 401, + GCRY_MAC_GMAC_CAMELLIA = 402, + GCRY_MAC_GMAC_TWOFISH = 403, + GCRY_MAC_GMAC_SERPENT = 404, + GCRY_MAC_GMAC_SEED = 405 }; /* Flags used with the open function. */ diff --git a/tests/basic.c b/tests/basic.c index a205f48..789297f 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -4450,8 +4450,8 @@ check_hmac (void) static void check_one_mac (int algo, const char *data, int datalen, - const char *key, int keylen, const char *expect, - int test_buffering) + const char *key, int keylen, const char *iv, int ivlen, + const char *expect, int test_buffering) { gcry_mac_hd_t hd; unsigned char *p; @@ -4487,6 +4487,16 @@ check_one_mac (int algo, const char *data, int datalen, if (err) goto out; + if (ivlen && iv) + { + err = gcry_mac_setiv (hd, iv, ivlen); + if (err) + fail("algo %d, mac gcry_mac_ivkey failed: %s\n", algo, + gpg_strerror (err)); + if (err) + goto out; + } + if (test_buffering) { for (i = 0; i < datalen; i++) @@ -4550,6 +4560,7 @@ check_mac (void) const char *data; const char *key; const char *expect; + const char *iv; } algos[] = { { GCRY_MAC_HMAC_MD5, "what do ya want for nothing?", "Jefe", @@ -4964,6 +4975,42 @@ check_mac (void) "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", "\xc2\x69\x9a\x6e\xba\x55\xce\x9d\x93\x9a\x8a\x4e\x19\x46\x6e\xe9" }, + /* http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip */ + { GCRY_MAC_GMAC_AES, + "", + "\x11\x75\x4c\xd7\x2a\xec\x30\x9b\xf5\x2f\x76\x87\x21\x2e\x89\x57", + "\x25\x03\x27\xc6\x74\xaa\xf4\x77\xae\xf2\x67\x57\x48\xcf\x69\x71", + "\x3c\x81\x9d\x9a\x9b\xed\x08\x76\x15\x03\x0b\x65" }, + { GCRY_MAC_GMAC_AES, + "\x2b\x63\x26\x64\x29\x67\x4a\xb5\xe2\xea\xff\x63\x9c\x23\x14\x66" + "\x2f\x92\x57\x4b\x29\x8f\x57\x7a\xcf\x7d\x6f\x99\x1a\x87\x92\x1f" + "\xc2\x32\xea\xfc\xc7\xb1\x46\x48\x96\x63\x2d\x6c\x8a\xbe\x88\xc2" + "\xcc\xa4\x04\xdb\xf8\x7c\x20\x6a\x19\xd3\x73\xed\x99\x50\x17\x34" + "\x69\x13\x4d\x7c\x14\xc2\x84\x7d\xf2\x4a\x88\xc1\xc5\x3b\x4d\xe4" + "\x9d\xb3\x66\x39\x2b\x6d\xc6\x51\x27\x6e", + "\x0f\x3b\x17\xde\xae\x62\x13\x64\x55\x4a\xe5\x39\xdb\x09\xde\x11", + "\xff\xb0\xbb\x6d\xfc\x23\x58\x75\x4f\x17\x78\x48\x5b\x59\x65\x7f", + "\xa7\xf6\x07\x4c\xda\x56\x1c\xd2\xaa\x15\xba\x8c\x2f\xa6\x39\x42" + "\x59\x3e\x7c\xcf\x45\xc2\x9a\x57\xda\xd8\xa6\xe2\xea\x63\x54\xce" + "\x8a\xde\x39\xdd\xde\x4a\xc4\x5b\xbd\xc6\x63\xf0\xa5\x37\xc9\x48" + "\x18\x23\x5a\x73\xd8\xa0\x8b\xd8\x98\xab\xd0\x99\xe1\x5c\x08\x8c" + "\x6e\x21\x17\x5a\xf4\xe9\xa4\x99\x70\x12\x82\xed\x32\x81\x50\xa6" + "\xd9\x90\xe8\xec\x87\x85\xce\x26\x1b\xe1\xb8\x3f\xd8\x59\x1e\x57" + "\x76\x5f\x3d\xc1\x11\x3f\xd0\x2a\x40\xf5\x01\x6a\xd0\xd0\xed\xc4" + "\x92\x9a\x02\xe0\x17\xb2\xc5\xf4\x18\xd2\x96\xab\xd6\xc2\xea\x2e" }, + { GCRY_MAC_GMAC_AES, + "\x61\x14\x60\x11\x90\xf6\xef\x5e\x59\x23\x5d\xc0\x42\x8c\x09\xe3" + "\x27\x0b\x19\xea", + "\x15\xa4\x14\x46\x6a\x7f\x90\xea\x32\xbf\xd7\xf6\xe5\x8b\xfa\x06" + "\xe9\x07\xfc\x41\x66\x89\xd9\x60\x39\x45\xd7\x94\x54\xd4\x23\x17", + "\x19\x6e\x0e\x01\x0f\x08\x56\xf9\x82\xb4\x08\x92\x41\xd6\x24\x84", + "\xab" }, + { GCRY_MAC_GMAC_AES, + "\x8b\x5c\x12\x4b\xef\x6e\x2f\x0f\xe4\xd8\xc9\x5c\xd5\xfa\x4c\xf1", + "\x41\xc5\xda\x86\x67\xef\x72\x52\x20\xff\xe3\x9a\xe0\xac\x59\x0a" + "\xc9\xfc\xa7\x29\xab\x60\xad\xa0", + "\x20\x4b\xdb\x1b\xd6\x21\x54\xbf\x08\x92\x2a\xaa\x54\xee\xd7\x05", + "\x05\xad\x13\xa5\xe2\xc2\xab\x66\x7e\x1a\x6f\xbc" }, { 0 }, }; int i; @@ -4989,10 +5036,12 @@ check_mac (void) strlen(algos[i].key), strlen(algos[i].data)); check_one_mac (algos[i].algo, algos[i].data, strlen (algos[i].data), - algos[i].key, strlen(algos[i].key), + algos[i].key, strlen(algos[i].key), algos[i].iv, + algos[i].iv ? strlen(algos[i].iv) : 0, algos[i].expect, 0); check_one_mac (algos[i].algo, algos[i].data, strlen (algos[i].data), - algos[i].key, strlen(algos[i].key), + algos[i].key, strlen(algos[i].key), algos[i].iv, + algos[i].iv ? strlen(algos[i].iv) : 0, algos[i].expect, 1); } diff --git a/tests/bench-slope.c b/tests/bench-slope.c index d29a4ad..fd9f64b 100644 --- a/tests/bench-slope.c +++ b/tests/bench-slope.c @@ -1289,7 +1289,7 @@ mac_bench (char **argv, int argc) } else { - for (i = 1; i < 400; i++) + for (i = 1; i < 500; i++) if (!gcry_mac_test_algo (i)) _mac_bench (i); } diff --git a/tests/benchmark.c b/tests/benchmark.c index 3058bd5..8bb8584 100644 --- a/tests/benchmark.c +++ b/tests/benchmark.c @@ -457,7 +457,7 @@ mac_bench ( const char *algoname ) if (!algoname) { - for (i=1; i < 400; i++) + for (i=1; i < 500; i++) if (in_fips_mode && i == GCRY_MAC_HMAC_MD5) ; /* Don't use MD5 in fips mode. */ else if ( !gcry_mac_test_algo (i) ) ----------------------------------------------------------------------- Summary of changes: cipher/Makefile.am | 2 +- cipher/mac-gmac.c | 185 +++++++++++++++++++++++++++++++++++++++++++++++++ cipher/mac-internal.h | 23 ++++++ cipher/mac.c | 5 ++ doc/gcrypt.texi | 34 +++++++-- src/gcrypt.h.in | 8 ++- tests/basic.c | 57 +++++++++++++-- tests/bench-slope.c | 2 +- tests/benchmark.c | 2 +- 9 files changed, 303 insertions(+), 15 deletions(-) create mode 100644 cipher/mac-gmac.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Nov 26 11:25:45 2013 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Tue, 26 Nov 2013 11:25:45 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-404-g3ef21e7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 3ef21e7e1b8003db9792155044db95f9d9ced184 (commit) from a34448c929b13bfb7b66d69169c89e7319a18b31 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3ef21e7e1b8003db9792155044db95f9d9ced184 Author: Jussi Kivilinna Date: Sun Nov 24 17:54:15 2013 +0200 Camellia: Tweaks for AES-NI implementations * cipher/camellia-aesni-avx-amd64.S: Align stack to 16 bytes; tweak key-setup for small speed up. * cipher/camellia-aesni-avx2-amd64.S: Use vmovdqu even with aligned stack; reorder vinsert128 instructions; use rbp for stack frame. -- Use of 'vmovdqa' with ymm registers produces quite interesting scattering in measurement timings. By using 'vmovdqu' instead, repeated measuments produce more stable results. Signed-off-by: Jussi Kivilinna diff --git a/cipher/camellia-aesni-avx-amd64.S b/cipher/camellia-aesni-avx-amd64.S index ffb1aed..38ec7a3 100644 --- a/cipher/camellia-aesni-avx-amd64.S +++ b/cipher/camellia-aesni-avx-amd64.S @@ -958,9 +958,13 @@ _gcry_camellia_aesni_avx_ctr_enc: * %rcx: iv (big endian, 128bit) */ + pushq %rbp; + movq %rsp, %rbp; + vzeroupper; subq $(16 * 16), %rsp; + andq $~31, %rsp; movq %rsp, %rax; vmovdqa .Lbswap128_mask RIP, %xmm14; @@ -1033,8 +1037,6 @@ _gcry_camellia_aesni_avx_ctr_enc: call __camellia_enc_blk16; - addq $(16 * 16), %rsp; - vpxor 0 * 16(%rdx), %xmm7, %xmm7; vpxor 1 * 16(%rdx), %xmm6, %xmm6; vpxor 2 * 16(%rdx), %xmm5, %xmm5; @@ -1058,6 +1060,7 @@ _gcry_camellia_aesni_avx_ctr_enc: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx_ctr_enc,.-_gcry_camellia_aesni_avx_ctr_enc; @@ -1073,6 +1076,9 @@ _gcry_camellia_aesni_avx_cbc_dec: * %rcx: iv */ + pushq %rbp; + movq %rsp, %rbp; + vzeroupper; movq %rcx, %r9; @@ -1087,12 +1093,11 @@ _gcry_camellia_aesni_avx_cbc_dec: %xmm15, %rdx, (key_table)(CTX, %r8, 8)); subq $(16 * 16), %rsp; + andq $~31, %rsp; movq %rsp, %rax; call __camellia_dec_blk16; - addq $(16 * 16), %rsp; - /* XOR output with IV */ vpxor (%r9), %xmm7, %xmm7; vpxor (0 * 16)(%rdx), %xmm6, %xmm6; @@ -1112,6 +1117,7 @@ _gcry_camellia_aesni_avx_cbc_dec: vpxor (14 * 16)(%rdx), %xmm8, %xmm8; movq (15 * 16 + 0)(%rdx), %r10; movq (15 * 16 + 8)(%rdx), %r11; + write_output(%xmm7, %xmm6, %xmm5, %xmm4, %xmm3, %xmm2, %xmm1, %xmm0, %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); @@ -1122,6 +1128,7 @@ _gcry_camellia_aesni_avx_cbc_dec: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx_cbc_dec,.-_gcry_camellia_aesni_avx_cbc_dec; @@ -1137,9 +1144,13 @@ _gcry_camellia_aesni_avx_cfb_dec: * %rcx: iv */ + pushq %rbp; + movq %rsp, %rbp; + vzeroupper; subq $(16 * 16), %rsp; + andq $~31, %rsp; movq %rsp, %rax; /* inpack16_pre: */ @@ -1166,8 +1177,6 @@ _gcry_camellia_aesni_avx_cfb_dec: call __camellia_enc_blk16; - addq $(16 * 16), %rsp; - vpxor 0 * 16(%rdx), %xmm7, %xmm7; vpxor 1 * 16(%rdx), %xmm6, %xmm6; vpxor 2 * 16(%rdx), %xmm5, %xmm5; @@ -1191,6 +1200,7 @@ _gcry_camellia_aesni_avx_cfb_dec: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx_cfb_dec,.-_gcry_camellia_aesni_avx_cfb_dec; @@ -1199,7 +1209,7 @@ _gcry_camellia_aesni_avx_cfb_dec: * ab: 64-bit AB state * cd: 64-bit CD state */ -#define camellia_f(ab, x, t0, t1, t2, t3, t4, sbox2mask, sbox4mask, \ +#define camellia_f(ab, x, t0, t1, t2, t3, t4, inv_shift_row, sbox4mask, \ _0f0f0f0fmask, pre_s1lo_mask, pre_s1hi_mask, key) \ vmovq key, t0; \ vpxor x, x, t3; \ @@ -1221,37 +1231,33 @@ _gcry_camellia_aesni_avx_cfb_dec: \ vmovdqa .Lpost_tf_lo_s1 RIP, t0; \ vmovdqa .Lpost_tf_hi_s1 RIP, t1; \ - vmovq .Lsbox3_output_mask RIP, t4; \ \ /* prefilter sboxes */ \ filter_8bit(x, pre_s1lo_mask, pre_s1hi_mask, _0f0f0f0fmask, t2); \ \ /* AES subbytes + AES shift rows + AES inv shift rows */ \ vaesenclast t3, x, x; \ - vpshufb .Linv_shift_row RIP, x, x; \ \ /* postfilter sboxes */ \ filter_8bit(x, t0, t1, _0f0f0f0fmask, t2); \ \ /* output rotation for sbox2 (<<< 1) */ \ /* output rotation for sbox3 (>>> 1) */ \ - vpor sbox2mask, t4, t2; \ - vpand x, sbox2mask, t0; \ - vpand x, t4, t1; \ - vpaddb x, x, t2; \ - vpshufb .Lsp1110111044044404mask RIP, x, t4; \ - vpshufb .Lsp0044440410011110mask RIP, x, x; \ - vpsrlw $7, t0, t0; \ + vpshufb inv_shift_row, x, t1; \ + vpshufb .Lsp0044440444044404mask RIP, x, t4; \ + vpshufb .Lsp1110111010011110mask RIP, x, x; \ + vpaddb t1, t1, t2; \ + vpsrlw $7, t1, t0; \ vpsllw $7, t1, t3; \ - vpsrlw $1, t1, t1; \ vpor t0, t2, t0; \ + vpsrlw $1, t1, t1; \ vpshufb .Lsp0222022222000222mask RIP, t0, t0; \ vpor t1, t3, t1; \ - vpshufb .Lsp3033303303303033mask RIP, t1, t1; \ \ vpxor x, t4, t4; \ - vpxor t1, t0, t0; \ + vpshufb .Lsp3033303303303033mask RIP, t1, t1; \ vpxor t4, t0, t0; \ + vpxor t1, t0, t0; \ vpsrldq $8, t0, x; \ vpxor t0, x, x; @@ -1270,22 +1276,21 @@ _gcry_camellia_aesni_avx_cfb_dec: .data .align 16 -.Lsp1110111044044404mask: - .long 0x000000ff, 0x000000ff; - .long 0x0101ff01, 0x0101ff01; -.Lsp0044440410011110mask: +.Linv_shift_row_and_unpcklbw: + .byte 0x00, 0xff, 0x0d, 0xff, 0x0a, 0xff, 0x07, 0xff + .byte 0x04, 0xff, 0x01, 0xff, 0x0e, 0xff, 0x0b, 0xff +.Lsp0044440444044404mask: .long 0xffff0404, 0x0404ff04; - .long 0x07ffff07, 0x070707ff; + .long 0x0d0dff0d, 0x0d0dff0d; +.Lsp1110111010011110mask: + .long 0x000000ff, 0x000000ff; + .long 0x0bffff0b, 0x0b0b0bff; .Lsp0222022222000222mask: - .long 0xff030303, 0xff030303; - .long 0x0606ffff, 0xff060606; + .long 0xff060606, 0xff060606; + .long 0x0c0cffff, 0xff0c0c0c; .Lsp3033303303303033mask: - .long 0x02ff0202, 0x02ff0202; - .long 0xff0505ff, 0x05ff0505; -.Lsbox2_output_mask: - .byte 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00; -.Lsbox3_output_mask: - .byte 0x00, 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00; + .long 0x04ff0404, 0x04ff0404; + .long 0xff0a0aff, 0x0aff0a0a; .Lsbox4_input_mask: .byte 0x00, 0xff, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00; .Lsigma1: @@ -1316,7 +1321,7 @@ __camellia_avx_setup128: vpshufb .Lbswap128_mask RIP, KL128, KL128; - vmovq .Lsbox2_output_mask RIP, %xmm11; + vmovdqa .Linv_shift_row_and_unpcklbw RIP, %xmm11; vmovq .Lsbox4_input_mask RIP, %xmm12; vbroadcastss .L0f0f0f0f RIP, %xmm13; vmovdqa .Lpre_tf_lo_s1 RIP, %xmm14; @@ -1663,7 +1668,7 @@ __camellia_avx_setup256: vpshufb .Lbswap128_mask RIP, KL128, KL128; vpshufb .Lbswap128_mask RIP, KR128, KR128; - vmovq .Lsbox2_output_mask RIP, %xmm11; + vmovdqa .Linv_shift_row_and_unpcklbw RIP, %xmm11; vmovq .Lsbox4_input_mask RIP, %xmm12; vbroadcastss .L0f0f0f0f RIP, %xmm13; vmovdqa .Lpre_tf_lo_s1 RIP, %xmm14; diff --git a/cipher/camellia-aesni-avx2-amd64.S b/cipher/camellia-aesni-avx2-amd64.S index 65c923e..1a89ff4 100644 --- a/cipher/camellia-aesni-avx2-amd64.S +++ b/cipher/camellia-aesni-avx2-amd64.S @@ -124,15 +124,15 @@ vextracti128 $1, x5, t5##_x; \ vaesenclast t4##_x, x0##_x, x0##_x; \ vaesenclast t4##_x, t0##_x, t0##_x; \ - vinserti128 $1, t0##_x, x0, x0; \ vaesenclast t4##_x, x7##_x, x7##_x; \ vaesenclast t4##_x, t1##_x, t1##_x; \ - vinserti128 $1, t1##_x, x7, x7; \ vaesenclast t4##_x, x3##_x, x3##_x; \ vaesenclast t4##_x, t3##_x, t3##_x; \ - vinserti128 $1, t3##_x, x3, x3; \ vaesenclast t4##_x, x6##_x, x6##_x; \ vaesenclast t4##_x, t2##_x, t2##_x; \ + vinserti128 $1, t0##_x, x0, x0; \ + vinserti128 $1, t1##_x, x7, x7; \ + vinserti128 $1, t3##_x, x3, x3; \ vinserti128 $1, t2##_x, x6, x6; \ vextracti128 $1, x1, t3##_x; \ vextracti128 $1, x4, t2##_x; \ @@ -140,15 +140,15 @@ vbroadcasti128 .Lpost_tf_hi_s1 RIP, t1; \ vaesenclast t4##_x, x2##_x, x2##_x; \ vaesenclast t4##_x, t6##_x, t6##_x; \ - vinserti128 $1, t6##_x, x2, x2; \ vaesenclast t4##_x, x5##_x, x5##_x; \ vaesenclast t4##_x, t5##_x, t5##_x; \ - vinserti128 $1, t5##_x, x5, x5; \ vaesenclast t4##_x, x1##_x, x1##_x; \ vaesenclast t4##_x, t3##_x, t3##_x; \ - vinserti128 $1, t3##_x, x1, x1; \ vaesenclast t4##_x, x4##_x, x4##_x; \ vaesenclast t4##_x, t2##_x, t2##_x; \ + vinserti128 $1, t6##_x, x2, x2; \ + vinserti128 $1, t5##_x, x5, x5; \ + vinserti128 $1, t3##_x, x1, x1; \ vinserti128 $1, t2##_x, x4, x4; \ \ /* postfilter sboxes 1 and 4 */ \ @@ -249,14 +249,14 @@ roundsm32(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, y4, y5, \ y6, y7, mem_cd, (key_table + (i) * 8)(CTX)); \ \ - vmovdqa x0, 4 * 32(mem_cd); \ - vmovdqa x1, 5 * 32(mem_cd); \ - vmovdqa x2, 6 * 32(mem_cd); \ - vmovdqa x3, 7 * 32(mem_cd); \ - vmovdqa x4, 0 * 32(mem_cd); \ - vmovdqa x5, 1 * 32(mem_cd); \ - vmovdqa x6, 2 * 32(mem_cd); \ - vmovdqa x7, 3 * 32(mem_cd); \ + vmovdqu x0, 4 * 32(mem_cd); \ + vmovdqu x1, 5 * 32(mem_cd); \ + vmovdqu x2, 6 * 32(mem_cd); \ + vmovdqu x3, 7 * 32(mem_cd); \ + vmovdqu x4, 0 * 32(mem_cd); \ + vmovdqu x5, 1 * 32(mem_cd); \ + vmovdqu x6, 2 * 32(mem_cd); \ + vmovdqu x7, 3 * 32(mem_cd); \ \ roundsm32(x4, x5, x6, x7, x0, x1, x2, x3, y0, y1, y2, y3, y4, y5, \ y6, y7, mem_ab, (key_table + ((i) + (dir)) * 8)(CTX)); \ @@ -267,14 +267,14 @@ #define store_ab_state(x0, x1, x2, x3, x4, x5, x6, x7, mem_ab) \ /* Store new AB state */ \ - vmovdqa x4, 4 * 32(mem_ab); \ - vmovdqa x5, 5 * 32(mem_ab); \ - vmovdqa x6, 6 * 32(mem_ab); \ - vmovdqa x7, 7 * 32(mem_ab); \ - vmovdqa x0, 0 * 32(mem_ab); \ - vmovdqa x1, 1 * 32(mem_ab); \ - vmovdqa x2, 2 * 32(mem_ab); \ - vmovdqa x3, 3 * 32(mem_ab); + vmovdqu x4, 4 * 32(mem_ab); \ + vmovdqu x5, 5 * 32(mem_ab); \ + vmovdqu x6, 6 * 32(mem_ab); \ + vmovdqu x7, 7 * 32(mem_ab); \ + vmovdqu x0, 0 * 32(mem_ab); \ + vmovdqu x1, 1 * 32(mem_ab); \ + vmovdqu x2, 2 * 32(mem_ab); \ + vmovdqu x3, 3 * 32(mem_ab); #define enc_rounds32(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, y4, y5, \ y6, y7, mem_ab, mem_cd, i) \ @@ -356,13 +356,13 @@ \ vpxor l4, t0, l4; \ vpbroadcastd krr, t0; /* only lowest 32-bit used */ \ - vmovdqa l4, 4 * 32(l); \ + vmovdqu l4, 4 * 32(l); \ vpxor l5, t1, l5; \ - vmovdqa l5, 5 * 32(l); \ + vmovdqu l5, 5 * 32(l); \ vpxor l6, t2, l6; \ - vmovdqa l6, 6 * 32(l); \ + vmovdqu l6, 6 * 32(l); \ vpxor l7, t3, l7; \ - vmovdqa l7, 7 * 32(l); \ + vmovdqu l7, 7 * 32(l); \ \ /* \ * t2 = krr; \ @@ -387,11 +387,11 @@ vpxor 1 * 32(r), t1, t1; \ vpxor 2 * 32(r), t2, t2; \ vpxor 3 * 32(r), t3, t3; \ - vmovdqa t0, 0 * 32(r); \ + vmovdqu t0, 0 * 32(r); \ vpbroadcastd krl, t0; /* only lowest 32-bit used */ \ - vmovdqa t1, 1 * 32(r); \ - vmovdqa t2, 2 * 32(r); \ - vmovdqa t3, 3 * 32(r); \ + vmovdqu t1, 1 * 32(r); \ + vmovdqu t2, 2 * 32(r); \ + vmovdqu t3, 3 * 32(r); \ \ /* \ * t2 = krl; \ @@ -417,11 +417,11 @@ vpxor 5 * 32(r), t1, t1; \ vpxor 6 * 32(r), t2, t2; \ vpxor 7 * 32(r), t3, t3; \ - vmovdqa t0, 4 * 32(r); \ + vmovdqu t0, 4 * 32(r); \ vpbroadcastd klr, t0; /* only lowest 32-bit used */ \ - vmovdqa t1, 5 * 32(r); \ - vmovdqa t2, 6 * 32(r); \ - vmovdqa t3, 7 * 32(r); \ + vmovdqu t1, 5 * 32(r); \ + vmovdqu t2, 6 * 32(r); \ + vmovdqu t3, 7 * 32(r); \ \ /* \ * t0 = klr; \ @@ -443,13 +443,13 @@ vpor l7, t3, t3; \ \ vpxor l0, t0, l0; \ - vmovdqa l0, 0 * 32(l); \ + vmovdqu l0, 0 * 32(l); \ vpxor l1, t1, l1; \ - vmovdqa l1, 1 * 32(l); \ + vmovdqu l1, 1 * 32(l); \ vpxor l2, t2, l2; \ - vmovdqa l2, 2 * 32(l); \ + vmovdqu l2, 2 * 32(l); \ vpxor l3, t3, l3; \ - vmovdqa l3, 3 * 32(l); + vmovdqu l3, 3 * 32(l); #define transpose_4x4(x0, x1, x2, x3, t1, t2) \ vpunpckhdq x1, x0, t2; \ @@ -466,20 +466,20 @@ #define byteslice_16x16b_fast(a0, b0, c0, d0, a1, b1, c1, d1, a2, b2, c2, d2, \ a3, b3, c3, d3, st0, st1) \ - vmovdqa d2, st0; \ - vmovdqa d3, st1; \ + vmovdqu d2, st0; \ + vmovdqu d3, st1; \ transpose_4x4(a0, a1, a2, a3, d2, d3); \ transpose_4x4(b0, b1, b2, b3, d2, d3); \ - vmovdqa st0, d2; \ - vmovdqa st1, d3; \ + vmovdqu st0, d2; \ + vmovdqu st1, d3; \ \ - vmovdqa a0, st0; \ - vmovdqa a1, st1; \ + vmovdqu a0, st0; \ + vmovdqu a1, st1; \ transpose_4x4(c0, c1, c2, c3, a0, a1); \ transpose_4x4(d0, d1, d2, d3, a0, a1); \ \ vbroadcasti128 .Lshufb_16x16b RIP, a0; \ - vmovdqa st1, a1; \ + vmovdqu st1, a1; \ vpshufb a0, a2, a2; \ vpshufb a0, a3, a3; \ vpshufb a0, b0, b0; \ @@ -495,22 +495,22 @@ vpshufb a0, d1, d1; \ vpshufb a0, d2, d2; \ vpshufb a0, d3, d3; \ - vmovdqa d3, st1; \ - vmovdqa st0, d3; \ + vmovdqu d3, st1; \ + vmovdqu st0, d3; \ vpshufb a0, d3, a0; \ - vmovdqa d2, st0; \ + vmovdqu d2, st0; \ \ transpose_4x4(a0, b0, c0, d0, d2, d3); \ transpose_4x4(a1, b1, c1, d1, d2, d3); \ - vmovdqa st0, d2; \ - vmovdqa st1, d3; \ + vmovdqu st0, d2; \ + vmovdqu st1, d3; \ \ - vmovdqa b0, st0; \ - vmovdqa b1, st1; \ + vmovdqu b0, st0; \ + vmovdqu b1, st1; \ transpose_4x4(a2, b2, c2, d2, b0, b1); \ transpose_4x4(a3, b3, c3, d3, b0, b1); \ - vmovdqa st0, b0; \ - vmovdqa st1, b1; \ + vmovdqu st0, b0; \ + vmovdqu st1, b1; \ /* does not adjust output bytes inside vectors */ /* load blocks to registers and apply pre-whitening */ @@ -542,22 +542,22 @@ byteslice_16x16b_fast(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, \ y4, y5, y6, y7, (mem_ab), (mem_cd)); \ \ - vmovdqa x0, 0 * 32(mem_ab); \ - vmovdqa x1, 1 * 32(mem_ab); \ - vmovdqa x2, 2 * 32(mem_ab); \ - vmovdqa x3, 3 * 32(mem_ab); \ - vmovdqa x4, 4 * 32(mem_ab); \ - vmovdqa x5, 5 * 32(mem_ab); \ - vmovdqa x6, 6 * 32(mem_ab); \ - vmovdqa x7, 7 * 32(mem_ab); \ - vmovdqa y0, 0 * 32(mem_cd); \ - vmovdqa y1, 1 * 32(mem_cd); \ - vmovdqa y2, 2 * 32(mem_cd); \ - vmovdqa y3, 3 * 32(mem_cd); \ - vmovdqa y4, 4 * 32(mem_cd); \ - vmovdqa y5, 5 * 32(mem_cd); \ - vmovdqa y6, 6 * 32(mem_cd); \ - vmovdqa y7, 7 * 32(mem_cd); + vmovdqu x0, 0 * 32(mem_ab); \ + vmovdqu x1, 1 * 32(mem_ab); \ + vmovdqu x2, 2 * 32(mem_ab); \ + vmovdqu x3, 3 * 32(mem_ab); \ + vmovdqu x4, 4 * 32(mem_ab); \ + vmovdqu x5, 5 * 32(mem_ab); \ + vmovdqu x6, 6 * 32(mem_ab); \ + vmovdqu x7, 7 * 32(mem_ab); \ + vmovdqu y0, 0 * 32(mem_cd); \ + vmovdqu y1, 1 * 32(mem_cd); \ + vmovdqu y2, 2 * 32(mem_cd); \ + vmovdqu y3, 3 * 32(mem_cd); \ + vmovdqu y4, 4 * 32(mem_cd); \ + vmovdqu y5, 5 * 32(mem_cd); \ + vmovdqu y6, 6 * 32(mem_cd); \ + vmovdqu y7, 7 * 32(mem_cd); /* de-byteslice, apply post-whitening and store blocks */ #define outunpack32(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, y4, \ @@ -565,7 +565,7 @@ byteslice_16x16b_fast(y0, y4, x0, x4, y1, y5, x1, x5, y2, y6, x2, x6, \ y3, y7, x3, x7, stack_tmp0, stack_tmp1); \ \ - vmovdqa x0, stack_tmp0; \ + vmovdqu x0, stack_tmp0; \ \ vpbroadcastq key, x0; \ vpshufb .Lpack_bswap RIP, x0, x0; \ @@ -800,14 +800,14 @@ __camellia_enc_blk32: .Lenc_done: /* load CD for output */ - vmovdqa 0 * 32(%rcx), %ymm8; - vmovdqa 1 * 32(%rcx), %ymm9; - vmovdqa 2 * 32(%rcx), %ymm10; - vmovdqa 3 * 32(%rcx), %ymm11; - vmovdqa 4 * 32(%rcx), %ymm12; - vmovdqa 5 * 32(%rcx), %ymm13; - vmovdqa 6 * 32(%rcx), %ymm14; - vmovdqa 7 * 32(%rcx), %ymm15; + vmovdqu 0 * 32(%rcx), %ymm8; + vmovdqu 1 * 32(%rcx), %ymm9; + vmovdqu 2 * 32(%rcx), %ymm10; + vmovdqu 3 * 32(%rcx), %ymm11; + vmovdqu 4 * 32(%rcx), %ymm12; + vmovdqu 5 * 32(%rcx), %ymm13; + vmovdqu 6 * 32(%rcx), %ymm14; + vmovdqu 7 * 32(%rcx), %ymm15; outunpack32(%ymm0, %ymm1, %ymm2, %ymm3, %ymm4, %ymm5, %ymm6, %ymm7, %ymm8, %ymm9, %ymm10, %ymm11, %ymm12, %ymm13, %ymm14, @@ -887,14 +887,14 @@ __camellia_dec_blk32: %ymm15, %rax, %rcx, 0); /* load CD for output */ - vmovdqa 0 * 32(%rcx), %ymm8; - vmovdqa 1 * 32(%rcx), %ymm9; - vmovdqa 2 * 32(%rcx), %ymm10; - vmovdqa 3 * 32(%rcx), %ymm11; - vmovdqa 4 * 32(%rcx), %ymm12; - vmovdqa 5 * 32(%rcx), %ymm13; - vmovdqa 6 * 32(%rcx), %ymm14; - vmovdqa 7 * 32(%rcx), %ymm15; + vmovdqu 0 * 32(%rcx), %ymm8; + vmovdqu 1 * 32(%rcx), %ymm9; + vmovdqu 2 * 32(%rcx), %ymm10; + vmovdqu 3 * 32(%rcx), %ymm11; + vmovdqu 4 * 32(%rcx), %ymm12; + vmovdqu 5 * 32(%rcx), %ymm13; + vmovdqu 6 * 32(%rcx), %ymm14; + vmovdqu 7 * 32(%rcx), %ymm15; outunpack32(%ymm0, %ymm1, %ymm2, %ymm3, %ymm4, %ymm5, %ymm6, %ymm7, %ymm8, %ymm9, %ymm10, %ymm11, %ymm12, %ymm13, %ymm14, @@ -937,14 +937,16 @@ _gcry_camellia_aesni_avx2_ctr_enc: * %rcx: iv (big endian, 128bit) */ + pushq %rbp; + movq %rsp, %rbp; + movq 8(%rcx), %r11; bswapq %r11; vzeroupper; - movq %rsp, %r10; subq $(16 * 32), %rsp; - andq $~31, %rsp; + andq $~63, %rsp; movq %rsp, %rax; vpcmpeqd %ymm15, %ymm15, %ymm15; @@ -958,7 +960,7 @@ _gcry_camellia_aesni_avx2_ctr_enc: vbroadcasti128 .Lbswap128_mask RIP, %ymm14; vinserti128 $1, %xmm0, %ymm1, %ymm0; vpshufb %ymm14, %ymm0, %ymm13; - vmovdqa %ymm13, 15 * 32(%rax); + vmovdqu %ymm13, 15 * 32(%rax); /* check need for handling 64-bit overflow and carry */ cmpq $(0xffffffffffffffff - 32), %r11; @@ -968,10 +970,10 @@ _gcry_camellia_aesni_avx2_ctr_enc: vpaddq %ymm15, %ymm15, %ymm15; /* ab: -2:0 ; cd: -2:0 */ vpsubq %ymm15, %ymm0, %ymm0; vpshufb %ymm14, %ymm0, %ymm13; - vmovdqa %ymm13, 14 * 32(%rax); + vmovdqu %ymm13, 14 * 32(%rax); vpsubq %ymm15, %ymm0, %ymm0; vpshufb %ymm14, %ymm0, %ymm13; - vmovdqa %ymm13, 13 * 32(%rax); + vmovdqu %ymm13, 13 * 32(%rax); vpsubq %ymm15, %ymm0, %ymm0; vpshufb %ymm14, %ymm0, %ymm12; vpsubq %ymm15, %ymm0, %ymm0; @@ -1010,11 +1012,11 @@ _gcry_camellia_aesni_avx2_ctr_enc: inc_le128(%ymm0, %ymm15, %ymm13); /* ab: le1 ; cd: le2 */ inc_le128(%ymm0, %ymm15, %ymm13); /* ab: le2 ; cd: le3 */ vpshufb %ymm14, %ymm0, %ymm13; - vmovdqa %ymm13, 14 * 32(%rax); + vmovdqu %ymm13, 14 * 32(%rax); inc_le128(%ymm0, %ymm15, %ymm13); inc_le128(%ymm0, %ymm15, %ymm13); vpshufb %ymm14, %ymm0, %ymm13; - vmovdqa %ymm13, 13 * 32(%rax); + vmovdqu %ymm13, 13 * 32(%rax); inc_le128(%ymm0, %ymm15, %ymm13); inc_le128(%ymm0, %ymm15, %ymm13); vpshufb %ymm14, %ymm0, %ymm12; @@ -1083,8 +1085,6 @@ _gcry_camellia_aesni_avx2_ctr_enc: call __camellia_enc_blk32; - movq %r10, %rsp; - vpxor 0 * 32(%rdx), %ymm7, %ymm7; vpxor 1 * 32(%rdx), %ymm6, %ymm6; vpxor 2 * 32(%rdx), %ymm5, %ymm5; @@ -1109,6 +1109,7 @@ _gcry_camellia_aesni_avx2_ctr_enc: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx2_ctr_enc,.-_gcry_camellia_aesni_avx2_ctr_enc; @@ -1124,6 +1125,9 @@ _gcry_camellia_aesni_avx2_cbc_dec: * %rcx: iv */ + pushq %rbp; + movq %rsp, %rbp; + vzeroupper; movq %rcx, %r9; @@ -1133,9 +1137,8 @@ _gcry_camellia_aesni_avx2_cbc_dec: movl $24, %eax; cmovel %eax, %r8d; /* max */ - movq %rsp, %r10; subq $(16 * 32), %rsp; - andq $~31, %rsp; + andq $~63, %rsp; movq %rsp, %rax; inpack32_pre(%ymm0, %ymm1, %ymm2, %ymm3, %ymm4, %ymm5, %ymm6, %ymm7, @@ -1145,11 +1148,11 @@ _gcry_camellia_aesni_avx2_cbc_dec: call __camellia_dec_blk32; /* XOR output with IV */ - vmovdqa %ymm8, (%rax); + vmovdqu %ymm8, (%rax); vmovdqu (%r9), %xmm8; vinserti128 $1, (%rdx), %ymm8, %ymm8; vpxor %ymm8, %ymm7, %ymm7; - vmovdqa (%rax), %ymm8; + vmovdqu (%rax), %ymm8; vpxor (0 * 32 + 16)(%rdx), %ymm6, %ymm6; vpxor (1 * 32 + 16)(%rdx), %ymm5, %ymm5; vpxor (2 * 32 + 16)(%rdx), %ymm4, %ymm4; @@ -1168,8 +1171,6 @@ _gcry_camellia_aesni_avx2_cbc_dec: movq (15 * 32 + 16 + 0)(%rdx), %rax; movq (15 * 32 + 16 + 8)(%rdx), %rcx; - movq %r10, %rsp; - write_output(%ymm7, %ymm6, %ymm5, %ymm4, %ymm3, %ymm2, %ymm1, %ymm0, %ymm15, %ymm14, %ymm13, %ymm12, %ymm11, %ymm10, %ymm9, %ymm8, %rsi); @@ -1180,6 +1181,7 @@ _gcry_camellia_aesni_avx2_cbc_dec: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx2_cbc_dec,.-_gcry_camellia_aesni_avx2_cbc_dec; @@ -1195,11 +1197,13 @@ _gcry_camellia_aesni_avx2_cfb_dec: * %rcx: iv */ + pushq %rbp; + movq %rsp, %rbp; + vzeroupper; - movq %rsp, %r10; subq $(16 * 32), %rsp; - andq $~31, %rsp; + andq $~63, %rsp; movq %rsp, %rax; /* inpack16_pre: */ @@ -1228,8 +1232,6 @@ _gcry_camellia_aesni_avx2_cfb_dec: call __camellia_enc_blk32; - movq %r10, %rsp; - vpxor 0 * 32(%rdx), %ymm7, %ymm7; vpxor 1 * 32(%rdx), %ymm6, %ymm6; vpxor 2 * 32(%rdx), %ymm5, %ymm5; @@ -1253,6 +1255,7 @@ _gcry_camellia_aesni_avx2_cfb_dec: vzeroall; + leave; ret; .size _gcry_camellia_aesni_avx2_cfb_dec,.-_gcry_camellia_aesni_avx2_cfb_dec; ----------------------------------------------------------------------- Summary of changes: cipher/camellia-aesni-avx-amd64.S | 73 ++++++------ cipher/camellia-aesni-avx2-amd64.S | 215 ++++++++++++++++++------------------ 2 files changed, 148 insertions(+), 140 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 27 09:22:12 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 27 Nov 2013 09:22:12 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-268-ge951782 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e951782e937ce290be0d89d83e84b3daea997587 (commit) from cc9a0b69b698ba436eaf777e5020532845b56236 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e951782e937ce290be0d89d83e84b3daea997587 Author: Werner Koch Date: Wed Nov 27 09:20:02 2013 +0100 gpg: Change armor Version header to emit only the major version. * g10/options.h (opt): Rename field no_version to emit_version. * g10/gpg.c (main): Init opt.emit_vesion to 1. Change --emit-version to bump up opt.emit_version. * g10/armor.c (armor_filter): Implement different --emit-version values. -- GnuPG-bug-id: 1572 Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index ab1c597..7eb1fe9 100644 --- a/NEWS +++ b/NEWS @@ -26,6 +26,9 @@ Noteworthy changes in version 2.1.0-betaN (unreleased) * Fixed bug with deeply nested compressed packets. + * Only the major version number is by default included in the armored + output. + Noteworthy changes in version 2.1.0beta3 (2011-12-20) ----------------------------------------------------- diff --git a/doc/gpg.texi b/doc/gpg.texi index c588d7a..26179bd 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -2408,8 +2408,12 @@ protected by the signature. @item --emit-version @itemx --no-emit-version @opindex emit-version -Force inclusion of the version string in ASCII armored output. - at option{--no-emit-version} disables this option. +Force inclusion of the version string in ASCII armored output. If +given once only the name of the program and the major number is +emitted (default), given twice the minor is also emitted, given triple +the micro is added, and given quad an operating system identification +is also emitted. @option{--no-emit-version} disables the version +line. @item --sig-notation @code{name=value} @itemx --cert-notation @code{name=value} diff --git a/g10/armor.c b/g10/armor.c index 9a43389..efdc92e 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -1077,10 +1077,24 @@ armor_filter( void *opaque, int control, iobuf_writestr(a, head_strings[afx->what] ); iobuf_writestr(a, "-----" ); iobuf_writestr(a,afx->eol); - if( !opt.no_version ) + if (opt.emit_version) { - iobuf_writestr(a, "Version: "GNUPG_NAME" v" VERSION " (" - PRINTABLE_OS_NAME ")" ); + iobuf_writestr (a, "Version: "GNUPG_NAME" v"); + for (s=VERSION; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 1 && *s) + { + iobuf_writebyte (a, *s++); + for (; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 2) + { + for (; *s && *s != '-' && !spacep (s); s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 3) + iobuf_writestr (a, " (" PRINTABLE_OS_NAME ")"); + } + } iobuf_writestr(a,afx->eol); } diff --git a/g10/gpg.c b/g10/gpg.c index 8e0aed0..085f2e0 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2013,6 +2013,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; set_homedir (default_homedir ()); opt.passphrase_repeat = 1; + opt.emit_version = 1; /* Limit to the major number. */ /* Check whether we have a config file on the command line. */ orig_argc = argc; @@ -2318,8 +2319,8 @@ main (int argc, char **argv) case oQuickRandom: gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); break; - case oEmitVersion: opt.no_version=0; break; - case oNoEmitVersion: opt.no_version=1; break; + case oEmitVersion: opt.emit_version++; break; + case oNoEmitVersion: opt.emit_version=0; break; case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break; case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break; case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break; diff --git a/g10/options.h b/g10/options.h index d44d7a1..f9878bd 100644 --- a/g10/options.h +++ b/g10/options.h @@ -91,7 +91,11 @@ struct int def_cert_level; int min_cert_level; int ask_cert_level; - int no_version; + int emit_version; /* 0 = none, + 1 = major only, + 2 = major and minor, + 3 = full version, + 4 = full version plus OS string. */ int marginals_needed; int completes_needed; int max_cert_depth; ----------------------------------------------------------------------- Summary of changes: NEWS | 3 +++ doc/gpg.texi | 8 ++++++-- g10/armor.c | 20 +++++++++++++++++--- g10/gpg.c | 5 +++-- g10/options.h | 6 +++++- 5 files changed, 34 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 27 09:36:04 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 27 Nov 2013 09:36:04 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-13-g6658531 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 66585314e37ffb4d29d62bd51953a679d1b89ce3 (commit) via fd5f45249602863a4c54cd724fa6ed57e0a239c2 (commit) from 571bcd4662a351cfa55bbf1a79ed1bc26da5780f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 66585314e37ffb4d29d62bd51953a679d1b89ce3 Author: Werner Koch Date: Wed Nov 27 09:33:50 2013 +0100 scd: Fix two compiler warnings. * scd/apdu.c (pcsc_vendor_specific_init): Add suggested parens. * scd/ccid-driver.c (ccid_get_atr): Cast DEBUGOUT_1 arg to int. diff --git a/scd/apdu.c b/scd/apdu.c index 67671b2..9028120 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -1850,7 +1850,7 @@ pcsc_vendor_specific_init (int slot) reader_table[slot].is_spr532 = 1; reader_table[slot].pinpad_varlen_supported = 1; } - else if (vendor == 0x046a && product == 0x003e /* Cherry ST-2xxx */ + else if ((vendor == 0x046a && product == 0x003e) /* Cherry ST-2xxx */ || vendor == 0x0c4b /* Tested with Reiner cyberJack GO */ || vendor == 0x1a44 /* Tested with Vasco DIGIPASS 920 */ || vendor == 0x234b /* Tested with FSIJ Gnuk Token */ diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c index b812cb0..962128d 100644 --- a/scd/ccid-driver.c +++ b/scd/ccid-driver.c @@ -57,7 +57,7 @@ /* CCID (ChipCardInterfaceDevices) is a specification for accessing - smartcard via a reader connected to the USB. + smartcard via a reader connected to the USB. This is a limited driver allowing to use some CCID drivers directly without any other specila drivers. This is a fallback driver to be @@ -237,20 +237,20 @@ enum { }; static struct -{ +{ char *name; /* Device name. */ int type; } transports[] = { - { "/dev/cmx0", TRANSPORT_CM4040 }, - { "/dev/cmx1", TRANSPORT_CM4040 }, + { "/dev/cmx0", TRANSPORT_CM4040 }, + { "/dev/cmx1", TRANSPORT_CM4040 }, { NULL }, }; /* Store information on the driver's state. A pointer to such a structure is used as handle for most functions. */ -struct ccid_driver_s +struct ccid_driver_s { usb_dev_handle *idev; char *rid; @@ -291,7 +291,7 @@ struct ccid_driver_s static int initialized_usb; /* Tracks whether USB has been initialized. */ -static int debug_level; /* Flag to control the debug output. +static int debug_level; /* Flag to control the debug output. 0 = No debugging 1 = USB I/O info 2 = Level 1 + T=1 protocol tracing @@ -313,19 +313,19 @@ static int send_escape_cmd (ccid_driver_t handle, const unsigned char *data, /* Convert a little endian stored 4 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); } /* Convert a little endian stored 2 byte value into an unsigned integer. */ -static unsigned int +static unsigned int convert_le_u16 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8); + return buf[0] | (buf[1] << 8); } static void @@ -346,7 +346,7 @@ my_sleep (int seconds) may give up its timeslot. */ if (!seconds) { -# ifdef HAVE_W32_SYSTEM +# ifdef HAVE_W32_SYSTEM Sleep (0); # else sleep (0); @@ -354,7 +354,7 @@ my_sleep (int seconds) } pth_sleep (seconds); #else -# ifdef HAVE_W32_SYSTEM +# ifdef HAVE_W32_SYSTEM Sleep (seconds*1000); # else sleep (seconds); @@ -395,7 +395,7 @@ print_command_failed (const unsigned char *msg) switch (ec) { case 0x00: t = "Command not supported"; break; - + case 0xE0: t = "Slot busy"; break; case 0xEF: t = "PIN cancelled"; break; case 0xF0: t = "PIN timeout"; break; @@ -446,7 +446,7 @@ print_pr_data (const unsigned char *data, size_t datalen, size_t off) DEBUGOUT_LF (); } - + static void print_p2r_header (const char *name, const unsigned char *msg, size_t msglen) { @@ -670,7 +670,7 @@ print_r2p_slotstatus (const unsigned char *msg, size_t msglen) msg[9] == 3? " (stopped)":""); print_pr_data (msg, msglen, 10); } - + static void print_r2p_parameters (const unsigned char *msg, size_t msglen) @@ -797,7 +797,7 @@ parse_ccid_descriptor (ccid_driver_t handle, DEBUGOUT_1 (" bLength %5u\n", buf[0]); DEBUGOUT_1 (" bDescriptorType %5u\n", buf[1]); DEBUGOUT_2 (" bcdCCID %2x.%02x", buf[3], buf[2]); - if (buf[3] != 1 || buf[2] != 0) + if (buf[3] != 1 || buf[2] != 0) DEBUGOUT_CONT(" (Warning: Only accurate for version 1.0)"); DEBUGOUT_LF (); @@ -829,7 +829,7 @@ parse_ccid_descriptor (ccid_driver_t handle, us = convert_le_u32(buf+23); DEBUGOUT_1 (" dwMaxDataRate %7u bps\n", us); DEBUGOUT_1 (" bNumDataRatesSupp. %5u\n", buf[27]); - + us = convert_le_u32(buf+28); DEBUGOUT_1 (" dwMaxIFSD %5u\n", us); handle->max_ifsd = us; @@ -904,7 +904,7 @@ parse_ccid_descriptor (ccid_driver_t handle, { DEBUGOUT (" TPDU level exchange\n"); have_tpdu = 1; - } + } else if ((us & 0x00020000)) { DEBUGOUT (" Short APDU level exchange\n"); @@ -938,7 +938,7 @@ parse_ccid_descriptor (ccid_driver_t handle, DEBUGOUT_CONT ("none\n"); else DEBUGOUT_CONT_2 ("%u cols %u lines\n", buf[50], buf[51]); - + DEBUGOUT_1 (" bPINSupport %5u ", buf[52]); if ((buf[52] & 1)) { @@ -951,7 +951,7 @@ parse_ccid_descriptor (ccid_driver_t handle, handle->has_pinpad |= 2; } DEBUGOUT_LF (); - + DEBUGOUT_1 (" bMaxCCIDBusySlots %5u\n", buf[53]); if (buf[0] > 54) { @@ -975,15 +975,15 @@ parse_ccid_descriptor (ccid_driver_t handle, lower than that: 64 - 10 CCID header - 4 T1frame - 2 reserved = 48 Product Ids: - 0xe001 - SCR 331 - 0x5111 - SCR 331-DI - 0x5115 - SCR 335 - 0xe003 - SPR 532 - The + 0xe001 - SCR 331 + 0x5111 - SCR 331-DI + 0x5115 - SCR 335 + 0xe003 - SPR 532 + The 0x5117 - SCR 3320 USB ID-000 reader seems to be very slow but enabling this workaround boosts the - performance to a a more or less acceptable level (tested by David). - + performance to a a more or less acceptable level (tested by David). + */ if (handle->id_vendor == VENDOR_SCM && handle->max_ifsd > 48 @@ -1025,7 +1025,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, If we do don't find it we try to use English. Note that this is all in a 2 bute Unicode encoding using little endian. */ rc = usb_control_msg (idev, USB_ENDPOINT_IN, USB_REQ_GET_DESCRIPTOR, - (USB_DT_STRING << 8), 0, + (USB_DT_STRING << 8), 0, (char*)buf, sizeof buf, 1000 /* ms timeout */); if (rc < 4) langid = 0x0409; /* English. */ @@ -1047,7 +1047,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, n++; /* High byte set. */ else if (*s <= 0x20 || *s >= 0x7f || *s == '%' || *s == ':') n += 3 ; - else + else n++; } @@ -1066,7 +1066,7 @@ get_escaped_usb_string (usb_dev_handle *idev, int idx, sprintf (result+n, "%%%02X", *s); n += 3; } - else + else result[n++] = *s; } strcpy (result+n, suffix); @@ -1148,7 +1148,7 @@ scan_or_find_usb_device (int scan_mode, int ifc_no; int set_no; struct usb_config_descriptor *config; - struct usb_interface *interface; + struct usb_interface *interface; struct usb_interface_descriptor *ifcdesc; char *rid; usb_dev_handle *idev; @@ -1166,7 +1166,7 @@ scan_or_find_usb_device (int scan_mode, interface = config->interface + ifc_no; if (!interface) continue; - + for (set_no=0; set_no < interface->num_altsetting; set_no++) { ifcdesc = (interface->altsetting + set_no); @@ -1193,7 +1193,7 @@ scan_or_find_usb_device (int scan_mode, strerror (errno)); continue; /* with next setting. */ } - + rid = make_reader_id (idev, dev->descriptor.idVendor, dev->descriptor.idProduct, @@ -1203,7 +1203,7 @@ scan_or_find_usb_device (int scan_mode, if (scan_mode) { char *p; - + /* We are collecting infos about all available CCID readers. Store them and continue. */ @@ -1225,7 +1225,7 @@ scan_or_find_usb_device (int scan_mode, } else /* Out of memory. */ free (rid); - + rid = NULL; ++*count; } @@ -1269,7 +1269,7 @@ scan_or_find_usb_device (int scan_mode, } else free (rid); - + *r_idev = idev; return 1; /* Found requested device. */ } @@ -1283,7 +1283,7 @@ scan_or_find_usb_device (int scan_mode, } free (rid); } - + usb_close (idev); idev = NULL; return 0; @@ -1296,7 +1296,7 @@ scan_or_find_usb_device (int scan_mode, } /* Combination function to either scan all CCID devices or to find and - open one specific device. + open one specific device. The function returns 0 if a reader has been found or when a scan returned without error. @@ -1355,7 +1355,7 @@ scan_or_find_devices (int readerno, const char *readerid, if (r_rid) *r_rid = NULL; if (r_dev) - *r_dev = NULL; + *r_dev = NULL; if (ifcdesc_extra) *ifcdesc_extra = NULL; if (ifcdesc_extra_len) @@ -1368,7 +1368,7 @@ scan_or_find_devices (int readerno, const char *readerid, *r_fd = -1; /* See whether we want scan or find mode. */ - if (scan_mode) + if (scan_mode) { assert (r_rid); } @@ -1382,7 +1382,7 @@ scan_or_find_devices (int readerno, const char *readerid, busses = usb_busses; #endif - for (bus = busses; bus; bus = bus->next) + for (bus = busses; bus; bus = bus->next) { for (dev = bus->devices; dev; dev = dev->next) { @@ -1404,7 +1404,7 @@ scan_or_find_devices (int readerno, const char *readerid, return -1; /* error */ } *r_idev = idev; - return 0; + return 0; } } } @@ -1560,7 +1560,7 @@ ccid_vendor_specific_init (ccid_driver_t handle) /* Open the reader with the internal number READERNO and return a pointer to be used as handle in HANDLE. Returns 0 on success. */ -int +int ccid_open_reader (ccid_driver_t *handle, const char *readerid) { int rc = 0; @@ -1656,7 +1656,7 @@ ccid_open_reader (ccid_driver_t *handle, const char *readerid) rc = CCID_DRIVER_ERR_NO_READER; goto leave; } - + rc = usb_claim_interface (idev, ifc_no); if (rc) { @@ -1692,7 +1692,7 @@ do_close_reader (ccid_driver_t handle) unsigned char msg[100]; size_t msglen; unsigned char seqno; - + if (!handle->powered_off) { msg[0] = PC_to_RDR_IccPowerOff; @@ -1703,7 +1703,7 @@ do_close_reader (ccid_driver_t handle) msg[9] = 0; /* RFU */ set_msg_len (msg, 0); msglen = 10; - + rc = bulk_out (handle, msg, msglen, 0); if (!rc) bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_SlotStatus, @@ -1727,12 +1727,12 @@ do_close_reader (ccid_driver_t handle) /* Reset a reader on HANDLE. This is useful in case a reader has been plugged of and inserted at a different port. By resetting the handle, the same reader will be get used. Note, that on error the - handle won't get released. + handle won't get released. This does not return an ATR, so ccid_get_atr should be called right after this one. */ -int +int ccid_shutdown_reader (ccid_driver_t handle) { int rc = 0; @@ -1770,7 +1770,7 @@ ccid_shutdown_reader (ccid_driver_t handle) rc = CCID_DRIVER_ERR_NO_READER; goto leave; } - + rc = usb_claim_interface (idev, ifc_no); if (rc) { @@ -1797,8 +1797,8 @@ ccid_shutdown_reader (ccid_driver_t handle) } -int -ccid_set_progress_cb (ccid_driver_t handle, +int +ccid_set_progress_cb (ccid_driver_t handle, void (*cb)(void *, const char *, int, int, int), void *cb_arg) { @@ -1812,7 +1812,7 @@ ccid_set_progress_cb (ccid_driver_t handle, /* Close the reader HANDLE. */ -int +int ccid_close_reader (ccid_driver_t handle) { if (!handle || (!handle->idev && handle->dev_fd == -1)) @@ -1840,7 +1840,7 @@ writen (int fd, const void *buf, size_t nbytes) { size_t nleft = nbytes; int nwritten; - + while (nleft > 0) { nwritten = write (fd, buf, nleft); @@ -1854,7 +1854,7 @@ writen (int fd, const void *buf, size_t nbytes) nleft -= nwritten; buf = (const char*)buf + nwritten; } - + return 0; } @@ -1923,10 +1923,10 @@ bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen, break; } } - + if (handle->idev) { - rc = usb_bulk_write (handle->idev, + rc = usb_bulk_write (handle->idev, handle->ep_bulk_out, (char*)msg, msglen, 5000 /* ms timeout */); @@ -1963,7 +1963,7 @@ bulk_out (ccid_driver_t handle, unsigned char *msg, size_t msglen, return 0; DEBUGOUT_2 ("writen to %d failed: %s\n", handle->dev_fd, strerror (errno)); - + } return CCID_DRIVER_ERR_CARD_IO_ERROR; } @@ -1991,7 +1991,7 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, retry: if (handle->idev) { - rc = usb_bulk_read (handle->idev, + rc = usb_bulk_read (handle->idev, handle->ep_bulk_in, (char*)buffer, length, timeout); @@ -2033,12 +2033,12 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, abort_cmd (handle, seqno); return CCID_DRIVER_ERR_INV_VALUE; } - if (buffer[5] != 0) + if (buffer[5] != 0) { DEBUGOUT_1 ("unexpected bulk-in slot (%d)\n", buffer[5]); return CCID_DRIVER_ERR_INV_VALUE; } - if (buffer[6] != seqno) + if (buffer[6] != seqno) { DEBUGOUT_2 ("bulk-in seqno does not match (%d/%d)\n", seqno, buffer[6]); @@ -2051,7 +2051,7 @@ bulk_in (ccid_driver_t handle, unsigned char *buffer, size_t length, for the Cherry keyboard which sends a time extension request for each key hit. */ if ( !(buffer[7] & 0x03) && (buffer[7] & 0xC0) == 0x80) - { + { /* Card present and active, time extension requested. */ DEBUGOUT_2 ("time extension requested (%02X,%02X)\n", buffer[7], buffer[8]); @@ -2121,13 +2121,13 @@ abort_cmd (ccid_driver_t handle, int seqno) /* I don't know how to send an abort to non-USB devices. */ rc = CCID_DRIVER_ERR_NOT_SUPPORTED; } - + seqno &= 0xff; DEBUGOUT_1 ("sending abort sequence for seqno %d\n", seqno); /* Send the abort command to the control pipe. Note that we don't need to keep track of sent abort commands because there should never be another thread using the same slot concurrently. */ - rc = usb_control_msg (handle->idev, + rc = usb_control_msg (handle->idev, 0x21,/* bmRequestType: host-to-device, class specific, to interface. */ 1, /* ABORT */ @@ -2147,7 +2147,7 @@ abort_cmd (ccid_driver_t handle, int seqno) seqno--; /* Adjust for next increment. */ do { - seqno++; + seqno++; msg[0] = PC_to_RDR_Abort; msg[5] = 0; /* slot */ msg[6] = seqno; @@ -2157,24 +2157,24 @@ abort_cmd (ccid_driver_t handle, int seqno) msglen = 10; set_msg_len (msg, 0); - rc = usb_bulk_write (handle->idev, + rc = usb_bulk_write (handle->idev, handle->ep_bulk_out, (char*)msg, msglen, 5000 /* ms timeout */); if (rc == msglen) rc = 0; else if (rc == -1) - DEBUGOUT_1 ("usb_bulk_write error in abort_cmd: %s\n", + DEBUGOUT_1 ("usb_bulk_write error in abort_cmd: %s\n", strerror (errno)); else DEBUGOUT_1 ("usb_bulk_write failed in abort_cmd: %d\n", rc); if (rc) return rc; - - rc = usb_bulk_read (handle->idev, + + rc = usb_bulk_read (handle->idev, handle->ep_bulk_in, - (char*)msg, sizeof msg, + (char*)msg, sizeof msg, 5000 /*ms timeout*/); if (rc < 0) { @@ -2190,7 +2190,7 @@ abort_cmd (ccid_driver_t handle, int seqno) (unsigned int)msglen); return CCID_DRIVER_ERR_INV_VALUE; } - if (msg[5] != 0) + if (msg[5] != 0) { DEBUGOUT_1 ("unexpected bulk-in slot (%d) in abort_cmd\n", msg[5]); return CCID_DRIVER_ERR_INV_VALUE; @@ -2215,7 +2215,7 @@ abort_cmd (ccid_driver_t handle, int seqno) operation will get returned in RESULT and its length in RESULTLEN. If the response is larger than RESULTMAX, an error is returned and the required buffer length returned in RESULTLEN. */ -static int +static int send_escape_cmd (ccid_driver_t handle, const unsigned char *data, size_t datalen, unsigned char *result, size_t resultmax, size_t *resultlen) @@ -2267,7 +2267,7 @@ send_escape_cmd (ccid_driver_t handle, default: break; } - + return rc; } @@ -2293,14 +2293,14 @@ ccid_poll (ccid_driver_t handle) if (handle->idev) { - rc = usb_bulk_read (handle->idev, + rc = usb_bulk_read (handle->idev, handle->ep_intr, (char*)msg, sizeof msg, 0 /* ms timeout */ ); if (rc < 0 && errno == ETIMEDOUT) return 0; } - else + else return 0; if (rc < 0) @@ -2324,12 +2324,12 @@ ccid_poll (ccid_driver_t handle) for (i=1; i < msglen; i++) for (j=0; j < 4; j++) DEBUGOUT_CONT_3 (" %d:%c%c", - (i-1)*4+j, + (i-1)*4+j, (msg[i] & (1<<(j*2)))? 'p':'-', (msg[i] & (2<<(j*2)))? '*':' '); DEBUGOUT_LF (); } - else if (msg[0] == RDR_to_PC_HardwareError) + else if (msg[0] == RDR_to_PC_HardwareError) { DEBUGOUT ("hardware error occured\n"); } @@ -2344,7 +2344,7 @@ ccid_poll (ccid_driver_t handle) /* Note that this function won't return the error codes NO_CARD or CARD_INACTIVE */ -int +int ccid_slot_status (ccid_driver_t handle, int *statusbits) { int rc; @@ -2539,7 +2539,7 @@ update_param_by_atr (unsigned char *param, unsigned char *atr, size_t atrlen) /* Return the ATR of the card. This is not a cached value and thus an actual reset is done. */ -int +int ccid_get_atr (ccid_driver_t handle, unsigned char *atr, size_t maxatrlen, size_t *atrlen) { @@ -2608,7 +2608,7 @@ ccid_get_atr (ccid_driver_t handle, handle->powered_off = 0; - + if (atr) { size_t n = msglen - 10; @@ -2676,7 +2676,7 @@ ccid_get_atr (ccid_driver_t handle, if (msglen != 10 + 4) { - DEBUGOUT_1 ("Setting PPS failed: %d\n", msglen); + DEBUGOUT_1 ("Setting PPS failed: %d\n", (int)msglen); return CCID_DRIVER_ERR_CARD_IO_ERROR; } @@ -2730,7 +2730,7 @@ ccid_get_atr (ccid_driver_t handle, tpdu[0] = handle->nonnull_nad? ((1 << 4) | 0): 0; tpdu[1] = (0xc0 | 0 | 1); /* S-block request: change IFSD */ tpdu[2] = 1; - tpdu[3] = handle->max_ifsd? handle->max_ifsd : 32; + tpdu[3] = handle->max_ifsd? handle->max_ifsd : 32; tpdulen = 4; edc = compute_edc (tpdu, tpdulen, use_crc); if (use_crc) @@ -2740,7 +2740,7 @@ ccid_get_atr (ccid_driver_t handle, msg[0] = PC_to_RDR_XfrBlock; msg[5] = 0; /* slot */ msg[6] = seqno = handle->seqno++; - msg[7] = 0; + msg[7] = 0; msg[8] = 0; /* RFU */ msg[9] = 0; /* RFU */ set_msg_len (msg, tpdulen); @@ -2763,12 +2763,12 @@ ccid_get_atr (ccid_driver_t handle, RDR_to_PC_DataBlock, seqno, 5000, 0); if (rc) return rc; - + tpdu = msg + 10; tpdulen = msglen - 10; - - if (tpdulen < 4) - return CCID_DRIVER_ERR_ABORTED; + + if (tpdulen < 4) + return CCID_DRIVER_ERR_ABORTED; if (debug_level > 1) DEBUGOUT_4 ("T=1: got %c-block seq=%d err=%d%s\n", @@ -2793,7 +2793,7 @@ ccid_get_atr (ccid_driver_t handle, -static unsigned int +static unsigned int compute_edc (const unsigned char *data, size_t datalen, int use_crc) { if (use_crc) @@ -2803,7 +2803,7 @@ compute_edc (const unsigned char *data, size_t datalen, int use_crc) else { unsigned char crc = 0; - + for (; datalen; datalen--) crc ^= *data++; return crc; @@ -2848,7 +2848,7 @@ ccid_transceive_apdu_level (ccid_driver_t handle, extended APDU exchange level is not fully supported yet. */ if (apdulen > sizeof (send_buffer) - 10) return CCID_DRIVER_ERR_INV_VALUE; /* Invalid length. */ - + msg[0] = PC_to_RDR_XfrBlock; msg[5] = 0; /* slot */ msg[6] = seqno = handle->seqno++; @@ -2924,11 +2924,11 @@ ccid_transceive_apdu_level (ccid_driver_t handle, (unsigned int)apdulen, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, apdu, apdulen); + + memcpy (resp, apdu, apdulen); *nresp = apdulen; } - + return 0; } @@ -2939,15 +2939,15 @@ ccid_transceive_apdu_level (ccid_driver_t handle, Block Structure: Prologue Field: - 1 byte Node Address (NAD) + 1 byte Node Address (NAD) 1 byte Protocol Control Byte (PCB) - 1 byte Length (LEN) + 1 byte Length (LEN) Information Field: 0-254 byte APDU or Control Information (INF) Epilogue Field: 1 byte Error Detection Code (EDC) - NAD: + NAD: bit 7 unused bit 4..6 Destination Node Address (DAD) bit 3 unused @@ -2962,7 +2962,7 @@ ccid_transceive_apdu_level (ccid_driver_t handle, Information Block (I-Block): bit 7 0 bit 6 Sequence number (yep, that is modulo 2) - bit 5 Chaining flag + bit 5 Chaining flag bit 4..0 reserved Received-Ready Block (R-Block): bit 7 1 @@ -3065,7 +3065,7 @@ ccid_transceive (ccid_driver_t handle, if (apdulen > handle->ifsc ) { apdulen = handle->ifsc; - apdu_buf += handle->ifsc; + apdu_buf += handle->ifsc; apdu_buflen -= handle->ifsc; tpdu[1] |= (1 << 5); /* Set more bit. */ } @@ -3112,14 +3112,14 @@ ccid_transceive (ccid_driver_t handle, : !!(msg[pcboff] & 0x40)), (!(msg[pcboff] & 0x80) && (msg[pcboff] & 0x20)? " [more]":"")); - + rc = bulk_out (handle, msg, msglen, 0); if (rc) return rc; msg = recv_buffer; rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen, - via_escape? RDR_to_PC_Escape : RDR_to_PC_DataBlock, + via_escape? RDR_to_PC_Escape : RDR_to_PC_DataBlock, seqno, 5000, 0); if (rc) return rc; @@ -3127,11 +3127,11 @@ ccid_transceive (ccid_driver_t handle, tpdu = msg + hdrlen; tpdulen = msglen - hdrlen; resyncing = 0; - - if (tpdulen < 4) + + if (tpdulen < 4) { usb_clear_halt (handle->idev, handle->ep_bulk_in); - return CCID_DRIVER_ERR_ABORTED; + return CCID_DRIVER_ERR_ABORTED; } if (debug_level > 1) @@ -3183,16 +3183,16 @@ ccid_transceive (ccid_driver_t handle, (unsigned int)n, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, p, n); + + memcpy (resp, p, n); resp += n; *nresp += n; maxresplen -= n; } - + if (!(tpdu[1] & 0x20)) return 0; /* No chaining requested - ready. */ - + msg = send_buffer; tpdu = msg + hdrlen; tpdu[0] = nad_byte; @@ -3206,8 +3206,8 @@ ccid_transceive (ccid_driver_t handle, } else if ((tpdu[1] & 0xc0) == 0x80) { /* This is a R-block. */ - if ( (tpdu[1] & 0x0f)) - { + if ( (tpdu[1] & 0x0f)) + { retries++; if (via_escape && retries == 1 && (msg[pcboff] & 0x0f)) { @@ -3257,7 +3257,7 @@ ccid_transceive (ccid_driver_t handle, return CCID_DRIVER_ERR_CARD_IO_ERROR; } } - else + else { /* This is a S-block. */ retries = 0; DEBUGOUT_2 ("T=1: S-block %s received cmd=%d\n", @@ -3321,7 +3321,7 @@ ccid_transceive (ccid_driver_t handle, /* Send the CCID Secure command to the reader. APDU_BUF should contain the APDU template. PIN_MODE defines how the pin gets formatted: - + 1 := The PIN is ASCII encoded and of variable length. The length of the PIN entered will be put into Lc by the reader. The APDU should me made up of 4 bytes without Lc. @@ -3532,13 +3532,13 @@ ccid_transceive_secure (ccid_driver_t handle, rc = bulk_out (handle, msg, msglen, 0); if (rc) return rc; - + msg = recv_buffer; rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen, RDR_to_PC_DataBlock, seqno, 30000, 0); if (rc) return rc; - + tpdu = msg + 10; tpdulen = msglen - 10; @@ -3553,17 +3553,17 @@ ccid_transceive_secure (ccid_driver_t handle, (unsigned int)tpdulen, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, tpdu, tpdulen); + + memcpy (resp, tpdu, tpdulen); *nresp = tpdulen; } return 0; } - - if (tpdulen < 4) + + if (tpdulen < 4) { usb_clear_halt (handle->idev, handle->ep_bulk_in); - return CCID_DRIVER_ERR_ABORTED; + return CCID_DRIVER_ERR_ABORTED; } if (debug_level > 1) DEBUGOUT_4 ("T=1: got %c-block seq=%d err=%d%s\n", @@ -3598,22 +3598,22 @@ ccid_transceive_secure (ccid_driver_t handle, (unsigned int)n, (unsigned int)maxresplen); return CCID_DRIVER_ERR_INV_VALUE; } - - memcpy (resp, p, n); + + memcpy (resp, p, n); resp += n; *nresp += n; maxresplen -= n; } - + if (!(tpdu[1] & 0x20)) return 0; /* No chaining requested - ready. */ - + DEBUGOUT ("chaining requested but not supported for Secure operation\n"); return CCID_DRIVER_ERR_CARD_IO_ERROR; } else if ((tpdu[1] & 0xc0) == 0x80) { /* This is a R-block. */ - if ( (tpdu[1] & 0x0f)) + if ( (tpdu[1] & 0x0f)) { /* Error: repeat last block */ DEBUGOUT ("No retries supported for Secure operation\n"); return CCID_DRIVER_ERR_CARD_IO_ERROR; @@ -3629,13 +3629,13 @@ ccid_transceive_secure (ccid_driver_t handle, return CCID_DRIVER_ERR_CARD_IO_ERROR; } } - else + else { /* This is a S-block. */ DEBUGOUT_2 ("T=1: S-block %s received cmd=%d for Secure operation\n", (tpdu[1] & 0x20)? "response": "request", (tpdu[1] & 0x1f)); return CCID_DRIVER_ERR_CARD_IO_ERROR; - } + } return 0; } @@ -3791,7 +3791,7 @@ main (int argc, char **argv) result, sizeof result, &resultlen); print_result (rc, result, resultlen); } - + if (!no_poll) ccid_poll (ccid); @@ -3812,7 +3812,7 @@ main (int argc, char **argv) { static unsigned char apdu[] = { 0, 0x20, 0, 0x81 }; - + if (ccid_transceive_secure (ccid, apdu, sizeof apdu, 1, 0, 0, 0, @@ -3821,7 +3821,7 @@ main (int argc, char **argv) else { fputs ("verifying CHV1 using the PINPad ....\n", stderr); - + rc = ccid_transceive_secure (ccid, apdu, sizeof apdu, 1, 0, 0, 0, @@ -3830,7 +3830,7 @@ main (int argc, char **argv) did_verify = 1; } } - + if (verify_123456 && !did_verify) { fputs ("verifying that CHV1 is 123456....\n", stderr); commit fd5f45249602863a4c54cd724fa6ed57e0a239c2 Author: Werner Koch Date: Wed Nov 27 09:20:02 2013 +0100 gpg: Change armor Version header to emit only the major version. * g10/options.h (opt): Rename field no_version to emit_version. * g10/gpg.c (main): Init opt.emit_vesion to 1. Change --emit-version to bump up opt.emit_version. * g10/armor.c (armor_filter): Implement different --emit-version values. -- GnuPG-bug-id: 1572 Signed-off-by: Werner Koch (cherry picked from commit e951782e937ce290be0d89d83e84b3daea997587) Resolved conflicts: NEWS g10/armor.c g10/gpg.c diff --git a/NEWS b/NEWS index 1c1d832..1388c5e 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,9 @@ Noteworthy changes in version 2.0.23 (unreleased) * Do not create a trustdb file if --trust-model=always is used. + * Only the major version number is by default included in the armored + output. + Noteworthy changes in version 2.0.22 (2013-10-04) ------------------------------------------------- diff --git a/doc/gpg.texi b/doc/gpg.texi index c588d7a..26179bd 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -2408,8 +2408,12 @@ protected by the signature. @item --emit-version @itemx --no-emit-version @opindex emit-version -Force inclusion of the version string in ASCII armored output. - at option{--no-emit-version} disables this option. +Force inclusion of the version string in ASCII armored output. If +given once only the name of the program and the major number is +emitted (default), given twice the minor is also emitted, given triple +the micro is added, and given quad an operating system identification +is also emitted. @option{--no-emit-version} disables the version +line. @item --sig-notation @code{name=value} @itemx --cert-notation @code{name=value} diff --git a/g10/armor.c b/g10/armor.c index 652ef3a..2065335 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -147,7 +147,7 @@ release_armor_context (armor_filter_context_t *afx) int push_armor_filter (armor_filter_context_t *afx, iobuf_t iobuf) { - int rc; + int rc; afx->refcount++; rc = iobuf_push_filter (iobuf, armor_filter, afx); @@ -981,7 +981,7 @@ armor_filter( void *opaque, int control, /* We need some space for the faked packet. The minmum * required size is the PARTIAL_CHUNK size plus a byte for the * length itself */ - if( size < PARTIAL_CHUNK+1 ) + if( size < PARTIAL_CHUNK+1 ) BUG(); /* supplied buffer too short */ if( afx->faked ) @@ -1000,7 +1000,7 @@ armor_filter( void *opaque, int control, unsigned int hashes = afx->hashes; const byte *sesmark; size_t sesmarklen; - + sesmark = get_session_marker( &sesmarklen ); if ( sesmarklen > 20 ) BUG(); @@ -1022,7 +1022,7 @@ armor_filter( void *opaque, int control, buf[n++] = 0xff; /* new format, type 63, 1 length byte */ n++; /* see below */ memcpy(buf+n, sesmark, sesmarklen ); n+= sesmarklen; - buf[n++] = CTRLPKT_CLEARSIGN_START; + buf[n++] = CTRLPKT_CLEARSIGN_START; buf[n++] = afx->not_dash_escaped? 0:1; /* sigclass */ if( hashes & 1 ) buf[n++] = DIGEST_ALGO_RMD160; @@ -1076,10 +1076,24 @@ armor_filter( void *opaque, int control, iobuf_writestr(a, head_strings[afx->what] ); iobuf_writestr(a, "-----" ); iobuf_writestr(a,afx->eol); - if( !opt.no_version ) + if (opt.emit_version) { - iobuf_writestr(a, "Version: GnuPG v" VERSION " (" - PRINTABLE_OS_NAME ")" ); + iobuf_writestr (a, "Version: GnuPG v"); + for (s=VERSION; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 1 && *s) + { + iobuf_writebyte (a, *s++); + for (; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 2) + { + for (; *s && *s != '-' && !spacep (s); s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 3) + iobuf_writestr (a, " (" PRINTABLE_OS_NAME ")"); + } + } iobuf_writestr(a,afx->eol); } @@ -1283,7 +1297,7 @@ make_radix64_string( const byte *data, size_t len ) /*********************************************** * For the pipemode command we can't use the armor filter for various - * reasons, so we use this new unarmor_pump stuff to remove the armor + * reasons, so we use this new unarmor_pump stuff to remove the armor */ enum unarmor_state_e { @@ -1291,7 +1305,7 @@ enum unarmor_state_e { STA_bypass, STA_wait_newline, STA_wait_dash, - STA_first_dash, + STA_first_dash, STA_compare_header, STA_found_header_wait_newline, STA_skip_header_lines, @@ -1330,12 +1344,12 @@ unarmor_pump_release (UnarmorPump x) xfree (x); } -/* +/* * Get the next character from the ascii armor taken from the IOBUF * created earlier by unarmor_pump_new(). * Return: c = Character * 256 = ignore this value - * -1 = End of current armor + * -1 = End of current armor * -2 = Premature EOF (not used) * -3 = Invalid armor */ @@ -1346,9 +1360,9 @@ unarmor_pump (UnarmorPump x, int c) switch (x->state) { case STA_init: - { + { byte tmp[1]; - tmp[0] = c; + tmp[0] = c; if ( is_armored (tmp) ) x->state = c == '-'? STA_first_dash : STA_wait_newline; else { @@ -1371,10 +1385,10 @@ unarmor_pump (UnarmorPump x, int c) x->state = STA_compare_header; case STA_compare_header: if ( "-----BEGIN PGP SIGNATURE-----"[++x->pos] == c ) { - if ( x->pos == 28 ) + if ( x->pos == 28 ) x->state = STA_found_header_wait_newline; } - else + else x->state = c == '\n'? STA_wait_dash : STA_wait_newline; break; case STA_found_header_wait_newline: @@ -1421,7 +1435,7 @@ unarmor_pump (UnarmorPump x, int c) break; } } - + switch(x->pos) { case 0: x->val = c << 2; @@ -1462,7 +1476,7 @@ unarmor_pump (UnarmorPump x, int c) x->state = STA_ready; /* not sure whether this is correct */ break; } - + switch(x->pos) { case 0: x->val = c << 2; diff --git a/g10/gpg.c b/g10/gpg.c index 3415042..35b62c1 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2000,6 +2000,8 @@ main (int argc, char **argv) opt.def_cert_expire="0"; set_homedir ( default_homedir () ); opt.passphrase_repeat=1; + opt.emit_version = 1; /* Limit to the major number. */ + /* Check whether we have a config file on the command line. */ orig_argc = argc; @@ -2300,8 +2302,8 @@ main (int argc, char **argv) case oQuickRandom: gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); break; - case oEmitVersion: opt.no_version=0; break; - case oNoEmitVersion: opt.no_version=1; break; + case oEmitVersion: opt.emit_version++; break; + case oNoEmitVersion: opt.emit_version=0; break; case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break; case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break; case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break; diff --git a/g10/options.h b/g10/options.h index f2866f1..3c5b2c5 100644 --- a/g10/options.h +++ b/g10/options.h @@ -80,7 +80,11 @@ struct int def_cert_level; int min_cert_level; int ask_cert_level; - int no_version; + int emit_version; /* 0 = none, + 1 = major only, + 2 = major and minor, + 3 = full version, + 4 = full version plus OS string. */ int marginals_needed; int completes_needed; int max_cert_depth; ----------------------------------------------------------------------- Summary of changes: NEWS | 3 + doc/gpg.texi | 8 +- g10/armor.c | 48 ++++++---- g10/gpg.c | 6 +- g10/options.h | 6 +- scd/apdu.c | 2 +- scd/ccid-driver.c | 256 ++++++++++++++++++++++++++--------------------------- 7 files changed, 178 insertions(+), 151 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 27 11:03:54 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 27 Nov 2013 11:03:54 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.15-6-gb135372 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-1-4 has been updated via b135372176b29ca985afa18398a455fd4e2a2063 (commit) from cad8216f9a0b33c9dc84ecc4f385b00045e7b496 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b135372176b29ca985afa18398a455fd4e2a2063 Author: Werner Koch Date: Wed Nov 27 09:20:02 2013 +0100 gpg: Change armor Version header to emit only the major version. * g10/options.h (opt): Rename field no_version to emit_version. * g10/gpg.c (main): Init opt.emit_vesion to 1. Change --emit-version to bump up opt.emit_version. * g10/armor.c (armor_filter): Implement different --emit-version values. -- GnuPG-bug-id: 1572 Signed-off-by: Werner Koch (cherry picked from commit e951782e937ce290be0d89d83e84b3daea997587) Resolved conflicts: NEWS g10/armor.c g10/gpg.c diff --git a/NEWS b/NEWS index ad3471e..6122540 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,9 @@ Noteworthy changes in version 1.4.16 (unreleased) * Do not create a trustdb file if --trust-model=always is used. + * Only the major version number is by default included in the armored + output. + Noteworthy changes in version 1.4.15 (2013-10-04) ------------------------------------------------- diff --git a/doc/gpg.texi b/doc/gpg.texi index c588d7a..26179bd 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -2408,8 +2408,12 @@ protected by the signature. @item --emit-version @itemx --no-emit-version @opindex emit-version -Force inclusion of the version string in ASCII armored output. - at option{--no-emit-version} disables this option. +Force inclusion of the version string in ASCII armored output. If +given once only the name of the program and the major number is +emitted (default), given twice the minor is also emitted, given triple +the micro is added, and given quad an operating system identification +is also emitted. @option{--no-emit-version} disables the version +line. @item --sig-notation @code{name=value} @itemx --cert-notation @code{name=value} diff --git a/g10/armor.c b/g10/armor.c index 0fbb997..c50525c 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -148,11 +148,11 @@ release_armor_context (armor_filter_context_t *afx) int push_armor_filter (armor_filter_context_t *afx, iobuf_t iobuf) { - int rc; + int rc; if (!afx->refcount) return iobuf_push_filter (iobuf, armor_filter, afx); - + afx->refcount++; rc = iobuf_push_filter (iobuf, armor_filter, afx); if (rc) @@ -801,7 +801,7 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn, goto again; } } - + if (!n) onlypad = 1; @@ -985,7 +985,7 @@ armor_filter( void *opaque, int control, /* We need some space for the faked packet. The minmum * required size is the PARTIAL_CHUNK size plus a byte for the * length itself */ - if( size < PARTIAL_CHUNK+1 ) + if( size < PARTIAL_CHUNK+1 ) BUG(); /* supplied buffer too short */ if( afx->faked ) @@ -1004,7 +1004,7 @@ armor_filter( void *opaque, int control, unsigned int hashes = afx->hashes; const byte *sesmark; size_t sesmarklen; - + sesmark = get_session_marker( &sesmarklen ); if ( sesmarklen > 20 ) BUG(); @@ -1026,7 +1026,7 @@ armor_filter( void *opaque, int control, buf[n++] = 0xff; /* new format, type 63, 1 length byte */ n++; /* see below */ memcpy(buf+n, sesmark, sesmarklen ); n+= sesmarklen; - buf[n++] = CTRLPKT_CLEARSIGN_START; + buf[n++] = CTRLPKT_CLEARSIGN_START; buf[n++] = afx->not_dash_escaped? 0:1; /* sigclass */ if( hashes & 1 ) buf[n++] = DIGEST_ALGO_RMD160; @@ -1080,10 +1080,25 @@ armor_filter( void *opaque, int control, iobuf_writestr(a, head_strings[afx->what] ); iobuf_writestr(a, "-----" ); iobuf_writestr(a,afx->eol); - if( !opt.no_version ) + if (opt.emit_version) { - iobuf_writestr(a, "Version: GnuPG v" VERSION " (" - PRINTABLE_OS_NAME ")" ); + iobuf_writestr (a, "Version: GnuPG v"); + for (s=VERSION; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 1 && *s) + { + iobuf_writebyte (a, *s++); + for (; *s && *s != '.'; s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 2) + { + for (; *s && *s != '-' && !spacep (s); s++) + iobuf_writebyte (a, *s); + if (opt.emit_version > 3) + iobuf_writestr (a, " (" PRINTABLE_OS_NAME ")"); + } + } + iobuf_writestr(a,afx->eol); } @@ -1287,7 +1302,7 @@ make_radix64_string( const byte *data, size_t len ) /*********************************************** * For the pipemode command we can't use the armor filter for various - * reasons, so we use this new unarmor_pump stuff to remove the armor + * reasons, so we use this new unarmor_pump stuff to remove the armor */ enum unarmor_state_e { @@ -1295,7 +1310,7 @@ enum unarmor_state_e { STA_bypass, STA_wait_newline, STA_wait_dash, - STA_first_dash, + STA_first_dash, STA_compare_header, STA_found_header_wait_newline, STA_skip_header_lines, @@ -1334,12 +1349,12 @@ unarmor_pump_release (UnarmorPump x) xfree (x); } -/* +/* * Get the next character from the ascii armor taken from the IOBUF * created earlier by unarmor_pump_new(). * Return: c = Character * 256 = ignore this value - * -1 = End of current armor + * -1 = End of current armor * -2 = Premature EOF (not used) * -3 = Invalid armor */ @@ -1350,9 +1365,9 @@ unarmor_pump (UnarmorPump x, int c) switch (x->state) { case STA_init: - { + { byte tmp[1]; - tmp[0] = c; + tmp[0] = c; if ( is_armored (tmp) ) x->state = c == '-'? STA_first_dash : STA_wait_newline; else { @@ -1375,10 +1390,10 @@ unarmor_pump (UnarmorPump x, int c) x->state = STA_compare_header; case STA_compare_header: if ( "-----BEGIN PGP SIGNATURE-----"[++x->pos] == c ) { - if ( x->pos == 28 ) + if ( x->pos == 28 ) x->state = STA_found_header_wait_newline; } - else + else x->state = c == '\n'? STA_wait_dash : STA_wait_newline; break; case STA_found_header_wait_newline: @@ -1425,7 +1440,7 @@ unarmor_pump (UnarmorPump x, int c) break; } } - + switch(x->pos) { case 0: x->val = c << 2; @@ -1466,7 +1481,7 @@ unarmor_pump (UnarmorPump x, int c) x->state = STA_ready; /* not sure whether this is correct */ break; } - + switch(x->pos) { case 0: x->val = c << 2; diff --git a/g10/gpg.c b/g10/gpg.c index ca120ab..c58ee41 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1908,6 +1908,7 @@ main (int argc, char **argv ) opt.def_cert_expire="0"; set_homedir ( default_homedir () ); opt.passwd_repeat=1; + opt.emit_version = 1; /* Limit to the major number. */ #ifdef ENABLE_CARD_SUPPORT #if defined(_WIN32) || defined(__CYGWIN__) @@ -2245,8 +2246,8 @@ main (int argc, char **argv ) case oNoVerbose: g10_opt_verbose = 0; opt.verbose = 0; opt.list_sigs=0; break; case oQuickRandom: quick_random_gen(1); break; - case oEmitVersion: opt.no_version=0; break; - case oNoEmitVersion: opt.no_version=1; break; + case oEmitVersion: opt.emit_version++; break; + case oNoEmitVersion: opt.emit_version=0; break; case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break; case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break; case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break; diff --git a/g10/options.h b/g10/options.h index de4a2e2..d6326d8 100644 --- a/g10/options.h +++ b/g10/options.h @@ -79,7 +79,11 @@ struct int def_cert_level; int min_cert_level; int ask_cert_level; - int no_version; + int emit_version; /* 0 = none, + 1 = major only, + 2 = major and minor, + 3 = full version, + 4 = full version plus OS string. */ int marginals_needed; int completes_needed; int max_cert_depth; ----------------------------------------------------------------------- Summary of changes: NEWS | 3 +++ doc/gpg.texi | 8 ++++++-- g10/armor.c | 53 ++++++++++++++++++++++++++++++++++------------------- g10/gpg.c | 5 +++-- g10/options.h | 6 +++++- 5 files changed, 51 insertions(+), 24 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Nov 27 18:43:55 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 27 Nov 2013 18:43:55 +0100 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-14-gd04399a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via d04399a6a8b36a7fea92c304aa7309956a2e352b (commit) from 66585314e37ffb4d29d62bd51953a679d1b89ce3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d04399a6a8b36a7fea92c304aa7309956a2e352b Author: Werner Koch Date: Wed Nov 27 18:38:20 2013 +0100 Silence annoying ABI change warning. * configure.ac [GCC]: Pass -Wno-psabi for gcc >= 4.6. Avoid some gcc option tests for gcc >= 4.6 Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index f5d9c18..ec7fae7 100644 --- a/configure.ac +++ b/configure.ac @@ -1290,22 +1290,36 @@ AC_SUBST(W32SOCKLIBS) # AC_MSG_NOTICE([checking for cc features]) if test "$GCC" = yes; then + # Check whether gcc does not emit a diagnositc for unknow -Wno-* + # options. This is the case for gcc >= 4.6 + AC_MSG_CHECKING([if gcc ignores unknown -Wno-* options]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ +#if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 6 ) +#kickerror +#endif]],[])],[_gcc_silent_wno=yes],[_gcc_silent_wno=no]) + AC_MSG_RESULT($_gcc_silent_wno) + # Note that it is okay to use CFLAGS here because this are just # warning options and the user should have a chance of overriding # them. if test "$USE_MAINTAINER_MODE" = "yes"; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" CFLAGS="$CFLAGS -Wformat -Wno-format-y2k -Wformat-security" - AC_MSG_CHECKING([if gcc supports -Wno-missing-field-initializers]) - _gcc_cflags_save=$CFLAGS - CFLAGS="-Wno-missing-field-initializers" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], - [_gcc_wopt=yes],[_gcc_wopt=no]) - AC_MSG_RESULT($_gcc_wopt) - CFLAGS=$_gcc_cflags_save; + if test x"$_gcc_silent_wno" = xyes ; then + _gcc_wopt=yes + else + AC_MSG_CHECKING([if gcc supports -Wno-missing-field-initializers]) + _gcc_cflags_save=$CFLAGS + CFLAGS="-Wno-missing-field-initializers" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], + [_gcc_wopt=yes],[_gcc_wopt=no]) + AC_MSG_RESULT($_gcc_wopt) + CFLAGS=$_gcc_cflags_save; + fi if test x"$_gcc_wopt" = xyes ; then CFLAGS="$CFLAGS -W -Wno-sign-compare -Wno-missing-field-initializers" fi + AC_MSG_CHECKING([if gcc supports -Wdeclaration-after-statement]) _gcc_cflags_save=$CFLAGS CFLAGS="-Wdeclaration-after-statement" @@ -1320,12 +1334,17 @@ if test "$GCC" = yes; then CFLAGS="$CFLAGS -Wall" fi - AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign]) - _gcc_cflags_save=$CFLAGS - CFLAGS="-Wno-pointer-sign" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],[_gcc_psign=yes],[_gcc_psign=no]) - AC_MSG_RESULT($_gcc_psign) - CFLAGS=$_gcc_cflags_save; + if test x"$_gcc_silent_wno" = xyes ; then + _gcc_psign=yes + else + AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign]) + _gcc_cflags_save=$CFLAGS + CFLAGS="-Wno-pointer-sign" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], + [_gcc_psign=yes],[_gcc_psign=no]) + AC_MSG_RESULT($_gcc_psign) + CFLAGS=$_gcc_cflags_save; + fi if test x"$_gcc_psign" = xyes ; then CFLAGS="$CFLAGS -Wno-pointer-sign" fi @@ -1339,6 +1358,14 @@ if test "$GCC" = yes; then if test x"$_gcc_psign" = xyes ; then CFLAGS="$CFLAGS -Wpointer-arith" fi + + # The undocumented option -Wno-psabi suppresses the annoying + # "the ABI of passing union with long double has changed in GCC 4.4" + # which is emitted in estream-printf.c but entirely irrelvant + # because that union is local to the file. + if test x"$_gcc_silent_wno" = xyes ; then + CFLAGS="$CFLAGS -Wno-psabi" + fi fi ----------------------------------------------------------------------- Summary of changes: configure.ac | 53 ++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 40 insertions(+), 13 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 29 12:07:36 2013 From: cvs at cvs.gnupg.org (by Vladimir 'φ-coder/phcoder' Serbinenko) Date: Fri, 29 Nov 2013 12:07:36 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-406-g3b1cc9e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 3b1cc9e6c357574f54160298d731c18f3d717b6c (commit) via 1ecbd0bca31d462719a2a6590c1d03244e76ef89 (commit) from 3ef21e7e1b8003db9792155044db95f9d9ced184 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3b1cc9e6c357574f54160298d731c18f3d717b6c Author: Vladimir '?-coder/phcoder' Serbinenko Date: Fri Nov 29 08:56:43 2013 +0100 Fix armv3 compile error * mpi/longlong.h [__arm__ && __ARM_ARCH < 4] (umul_ppmm): Use __AND_CLOBBER_CC instead of __CLOBBER_CC. -- ARMv3 code uses __CLOBBER_CC at the end of clobber list while it should have been __AND_CLOBBER_CC. [jk: add changelog, rebase on libgcrypt repository] Signed-off-by: Jussi Kivilinna diff --git a/mpi/longlong.h b/mpi/longlong.h index 90b0fd5..146830b 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h @@ -247,7 +247,7 @@ extern UDItype __udiv_qrnnd (); "=r" ((xl)) \ : "r" ((USItype)(a)), \ "r" ((USItype)(b)) \ - : "r0", "r1", "r2" __CLOBBER_CC) + : "r0", "r1", "r2" __AND_CLOBBER_CC) #else /* __ARM_ARCH >= 4 */ #define umul_ppmm(xh, xl, a, b) \ __asm__ ("@ Inlined umul_ppmm\n" \ commit 1ecbd0bca31d462719a2a6590c1d03244e76ef89 Author: Vladimir '?-coder/phcoder' Serbinenko Date: Fri Nov 22 05:24:44 2013 +0100 longlong.h on mips with clang * mpi/longlong.h [__mips__]: Use C-language version with clang. -- clang doesn't recognise =l / =h assembly operand specifiers but apparently handles C version well. [jk: add changelog, rebase on libgcrypt repository, reformat changed line so it does not go over 80 characters] Signed-off-by: Jussi Kivilinna diff --git a/mpi/longlong.h b/mpi/longlong.h index 8c8260e..90b0fd5 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h @@ -749,7 +749,8 @@ extern USItype __udiv_qrnnd (); ************** MIPS ***************** ***************************************/ #if defined (__mips__) && W_TYPE_SIZE == 32 -#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +#if defined (__clang__) || (__GNUC__ >= 5) || (__GNUC__ == 4 && \ + __GNUC_MINOR__ >= 4) #define umul_ppmm(w1, w0, u, v) \ do { \ UDItype _r; \ ----------------------------------------------------------------------- Summary of changes: mpi/longlong.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Nov 29 13:40:18 2013 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 29 Nov 2013 13:40:18 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-269-g2c9613f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 2c9613f3260de96a4af0392adb50d7f9e06cdd70 (commit) from e951782e937ce290be0d89d83e84b3daea997587 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2c9613f3260de96a4af0392adb50d7f9e06cdd70 Author: Werner Koch Date: Fri Nov 29 13:37:40 2013 +0100 Add rendered versions of the gnupg logo to artwork. -- diff --git a/artwork/gnupg-lock-20x25tr.png b/artwork/gnupg-lock-20x25tr.png new file mode 100644 index 0000000..a3a0658 Binary files /dev/null and b/artwork/gnupg-lock-20x25tr.png differ diff --git a/artwork/gnupg-lock-80x100tr.png b/artwork/gnupg-lock-80x100tr.png new file mode 100644 index 0000000..ee06ed9 Binary files /dev/null and b/artwork/gnupg-lock-80x100tr.png differ diff --git a/artwork/gnupg-logo-320x100tr.png b/artwork/gnupg-logo-320x100tr.png new file mode 100644 index 0000000..e0b03f1 Binary files /dev/null and b/artwork/gnupg-logo-320x100tr.png differ diff --git a/artwork/gnupg-logo-80x25tr.png b/artwork/gnupg-logo-80x25tr.png new file mode 100644 index 0000000..c6df8a4 Binary files /dev/null and b/artwork/gnupg-logo-80x25tr.png differ ----------------------------------------------------------------------- Summary of changes: artwork/gnupg-lock-20x25tr.png | Bin 0 -> 805 bytes artwork/gnupg-lock-80x100tr.png | Bin 0 -> 3677 bytes artwork/gnupg-logo-320x100tr.png | Bin 0 -> 9533 bytes artwork/gnupg-logo-80x25tr.png | Bin 0 -> 1917 bytes 4 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 artwork/gnupg-lock-20x25tr.png create mode 100644 artwork/gnupg-lock-80x100tr.png create mode 100644 artwork/gnupg-logo-320x100tr.png create mode 100644 artwork/gnupg-logo-80x25tr.png hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org