From cvs at cvs.gnupg.org Tue Aug 5 11:57:59 2014 From: cvs at cvs.gnupg.org (by Kristian Fiskerstrand) Date: Tue, 05 Aug 2014 11:57:59 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-99-ga17c298 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via a17c29844b63e9e869f7855d901bc9d859234ead (commit) from 4556f9b19c024f16bdf542da7173395c0741b91d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a17c29844b63e9e869f7855d901bc9d859234ead Author: Kristian Fiskerstrand Date: Tue Jul 29 19:34:31 2014 +0200 Fix building for the x32 target without asm modules. * mpi/generic/mpi-asm-defs.h: Use a fixed value for the x32 ABI. -- See commit fd6721c235a5bdcb332c8eb708fbd4f96e52e824 for details. diff --git a/mpi/generic/mpi-asm-defs.h b/mpi/generic/mpi-asm-defs.h index 13424e2..e607806 100644 --- a/mpi/generic/mpi-asm-defs.h +++ b/mpi/generic/mpi-asm-defs.h @@ -1,10 +1,8 @@ -/* This file defines some basic constants for the MPI machinery. We - * need to define the types on a per-CPU basis, so it is done with - * this file here. */ +/* This file defines some basic constants for the MPI machinery. + * AMD64 compiled for the x32 ABI is special and thus we can't use the + * standard values for this ABI. */ +#if __GNUC__ >= 3 && defined(__x86_64__) && defined(__ILP32__) +#define BYTES_PER_MPI_LIMB 8 +#else #define BYTES_PER_MPI_LIMB (SIZEOF_UNSIGNED_LONG) - - - - - - +#endif ----------------------------------------------------------------------- Summary of changes: mpi/generic/mpi-asm-defs.h | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 5 12:03:03 2014 From: cvs at cvs.gnupg.org (by Kristian Fiskerstrand) Date: Tue, 05 Aug 2014 12:03:03 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-13-ga015063 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via a015063c118d4367b4b1cb4770361c519a17e9de (commit) from c76acdc1eeea65b5a04c3e044344abb7f7abf8df (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a015063c118d4367b4b1cb4770361c519a17e9de Author: Kristian Fiskerstrand Date: Tue Jul 29 19:34:31 2014 +0200 Fix building for the x32 target without asm modules. * mpi/generic/mpi-asm-defs.h: Use a fixed value for the x32 ABI. -- See commit fd6721c235a5bdcb332c8eb708fbd4f96e52e824 for details. diff --git a/mpi/generic/mpi-asm-defs.h b/mpi/generic/mpi-asm-defs.h index 13424e2..e607806 100644 --- a/mpi/generic/mpi-asm-defs.h +++ b/mpi/generic/mpi-asm-defs.h @@ -1,10 +1,8 @@ -/* This file defines some basic constants for the MPI machinery. We - * need to define the types on a per-CPU basis, so it is done with - * this file here. */ +/* This file defines some basic constants for the MPI machinery. + * AMD64 compiled for the x32 ABI is special and thus we can't use the + * standard values for this ABI. */ +#if __GNUC__ >= 3 && defined(__x86_64__) && defined(__ILP32__) +#define BYTES_PER_MPI_LIMB 8 +#else #define BYTES_PER_MPI_LIMB (SIZEOF_UNSIGNED_LONG) - - - - - - +#endif ----------------------------------------------------------------------- Summary of changes: mpi/generic/mpi-asm-defs.h | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 5 12:28:54 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 05 Aug 2014 12:28:54 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-102-g4ce77b0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 4ce77b0a810d3c889c07dfb385127d90fa1ae36a (commit) via d2d28298ccc0d0f3c0b03fd323deb1e8808ef74f (commit) via 71939faa7c54e7b4b28d115e748a85f134876a02 (commit) from a17c29844b63e9e869f7855d901bc9d859234ead (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4ce77b0a810d3c889c07dfb385127d90fa1ae36a Author: Werner Koch Date: Tue Aug 5 12:26:36 2014 +0200 mpi: Fix regression for powerpc-apple-darwin detection. * mpi/config.links: Add separate entry for powerpc-apple-darwin. -- GnuPG-bug-id: 1616 diff --git a/mpi/config.links b/mpi/config.links index 4f35ea2..f44299d 100644 --- a/mpi/config.links +++ b/mpi/config.links @@ -44,7 +44,6 @@ echo '/* created by config.links - do not edit */' >./mpi/asm-syntax.h echo "/* Host: ${host} */" >>./mpi/asm-syntax.h case "${host}" in - powerpc-apple-darwin* | \ i[34567]86*-*-openbsd[12]* | \ i[34567]86*-*-openbsd3.[0123]*) echo '/* No working assembler modules available */' >>./mpi/asm-syntax.h @@ -284,6 +283,12 @@ case "${host}" in mpi_cpu_arch="m68k" ;; + powerpc-apple-darwin*) + echo '/* No working assembler modules available */' >>./mpi/asm-syntax.h + path="" + mpi_cpu_arch="ppc" + ;; + powerpc*-*-netbsd* | powerpc*-*-openbsd*) echo '/* configured {Open,Net}BSD on powerpc */' >>./mpi/asm-syntax.h echo '#define ELF_SYNTAX' >>./mpi/asm-syntax.h commit d2d28298ccc0d0f3c0b03fd323deb1e8808ef74f Author: Werner Koch Date: Tue Aug 5 12:15:26 2014 +0200 Fix bug inhibiting the use of the sentinel attribute. * src/gcrypt.h.in: Fix typo in macro. -- Reported-by: Rafa?l Carr? diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index a5f8350..9d64b22 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -102,7 +102,7 @@ extern "C" { #define _GCRY_GCC_ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a))) -#if _GCRT_GCC_VERSION >= 40000 +#if _GCRY_GCC_VERSION >= 40000 #define _GCRY_GCC_ATTR_SENTINEL(a) __attribute__ ((sentinel(a))) #endif commit 71939faa7c54e7b4b28d115e748a85f134876a02 Author: Werner Koch Date: Tue Aug 5 12:12:52 2014 +0200 mpi: Use BSD syntax for x86_64-apple-darwin * mpi/config.links: Add case for x86_64-apple-darwin. -- Suggested by gniibe on 2014-04-24. diff --git a/mpi/config.links b/mpi/config.links index 0217d35..4f35ea2 100644 --- a/mpi/config.links +++ b/mpi/config.links @@ -127,6 +127,12 @@ case "${host}" in path="i586 i386" mpi_cpu_arch="x86" ;; + x86_64-apple-darwin*) + echo '#define BSD_SYNTAX' >>./mpi/asm-syntax.h + cat $srcdir/mpi/i386/syntax.h >>./mpi/asm-syntax.h + path="amd64" + mpi_cpu_arch="x86" + ;; x86_64-*-*) echo '#define ELF_SYNTAX' >>./mpi/asm-syntax.h cat $srcdir/mpi/i386/syntax.h >>./mpi/asm-syntax.h ----------------------------------------------------------------------- Summary of changes: mpi/config.links | 13 ++++++++++++- src/gcrypt.h.in | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 5 12:29:24 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 05 Aug 2014 12:29:24 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-16-g2285a1e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via 2285a1e3666488c5bba2c5fa3e51541541b2d23e (commit) via d844616213bd064edd99bac180d8104b52b0a933 (commit) via f0f57bdd9be2473311542ffb91a843240cee0c35 (commit) from a015063c118d4367b4b1cb4770361c519a17e9de (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2285a1e3666488c5bba2c5fa3e51541541b2d23e Author: Werner Koch Date: Tue Aug 5 12:26:36 2014 +0200 mpi: Fix regression for powerpc-apple-darwin detection. * mpi/config.links: Add separate entry for powerpc-apple-darwin. -- GnuPG-bug-id: 1616 diff --git a/mpi/config.links b/mpi/config.links index 4f35ea2..f44299d 100644 --- a/mpi/config.links +++ b/mpi/config.links @@ -44,7 +44,6 @@ echo '/* created by config.links - do not edit */' >./mpi/asm-syntax.h echo "/* Host: ${host} */" >>./mpi/asm-syntax.h case "${host}" in - powerpc-apple-darwin* | \ i[34567]86*-*-openbsd[12]* | \ i[34567]86*-*-openbsd3.[0123]*) echo '/* No working assembler modules available */' >>./mpi/asm-syntax.h @@ -284,6 +283,12 @@ case "${host}" in mpi_cpu_arch="m68k" ;; + powerpc-apple-darwin*) + echo '/* No working assembler modules available */' >>./mpi/asm-syntax.h + path="" + mpi_cpu_arch="ppc" + ;; + powerpc*-*-netbsd* | powerpc*-*-openbsd*) echo '/* configured {Open,Net}BSD on powerpc */' >>./mpi/asm-syntax.h echo '#define ELF_SYNTAX' >>./mpi/asm-syntax.h commit d844616213bd064edd99bac180d8104b52b0a933 Author: Werner Koch Date: Tue Aug 5 12:15:26 2014 +0200 Fix bug inhibiting the use of the sentinel attribute. * src/gcrypt.h.in: Fix typo in macro. -- Reported-by: Rafa?l Carr? diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index dbf48e3..81c2128 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -102,7 +102,7 @@ extern "C" { #define _GCRY_GCC_ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a))) -#if _GCRT_GCC_VERSION >= 40000 +#if _GCRY_GCC_VERSION >= 40000 #define _GCRY_GCC_ATTR_SENTINEL(a) __attribute__ ((sentinel(a))) #endif commit f0f57bdd9be2473311542ffb91a843240cee0c35 Author: Werner Koch Date: Tue Aug 5 12:12:52 2014 +0200 mpi: Use BSD syntax for x86_64-apple-darwin * mpi/config.links: Add case for x86_64-apple-darwin. -- Suggested by gniibe on 2014-04-24. diff --git a/mpi/config.links b/mpi/config.links index 0217d35..4f35ea2 100644 --- a/mpi/config.links +++ b/mpi/config.links @@ -127,6 +127,12 @@ case "${host}" in path="i586 i386" mpi_cpu_arch="x86" ;; + x86_64-apple-darwin*) + echo '#define BSD_SYNTAX' >>./mpi/asm-syntax.h + cat $srcdir/mpi/i386/syntax.h >>./mpi/asm-syntax.h + path="amd64" + mpi_cpu_arch="x86" + ;; x86_64-*-*) echo '#define ELF_SYNTAX' >>./mpi/asm-syntax.h cat $srcdir/mpi/i386/syntax.h >>./mpi/asm-syntax.h ----------------------------------------------------------------------- Summary of changes: mpi/config.links | 13 ++++++++++++- src/gcrypt.h.in | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 5 19:36:50 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 05 Aug 2014 19:36:50 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-7-g3325403 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 3325403c0dd2949bf52efa1b9a5b5cf3191110f9 (commit) from 8338a4ba93367974758dc5e195f67e9d171d4086 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3325403c0dd2949bf52efa1b9a5b5cf3191110f9 Author: Werner Koch Date: Tue Aug 5 19:32:51 2014 +0200 Use 16 byte alignment for hppa-unknown-linux-gnu. * configure.ac (HAVE_GCC_ATTRIBUTE_ALIGNED): New. * src/gen-posix-lock-obj.c (USE_16BYTE_ALIGNMENT): Set for HPPA-Linux. (main): Enforce alignment if needed. * src/syscfg/lock-obj-pub.hppa-unknown-linux-gnu.h: Use 16 byte alignment. -- Debian-bug-id: 757060 diff --git a/configure.ac b/configure.ac index 653d7ed..e1f167f 100644 --- a/configure.ac +++ b/configure.ac @@ -167,6 +167,20 @@ AC_CHECK_FUNCS([flockfile]) # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST +# +# Check whether the compiler supports the GCC style aligned attribute +# +AC_CACHE_CHECK([whether the GCC style aligned attribute is supported], + [gcry_cv_gcc_attribute_aligned], + [gcry_cv_gcc_attribute_aligned=no + AC_COMPILE_IFELSE([AC_LANG_SOURCE( + [[struct { int a; } foo __attribute__ ((aligned (16)));]])], + [gcry_cv_gcc_attribute_aligned=yes])]) +if test "$gcry_cv_gcc_attribute_aligned" = "yes" ; then + AC_DEFINE(HAVE_GCC_ATTRIBUTE_ALIGNED,1, + [Defined if a GCC style "__attribute__ ((aligned (n))" is supported]) +fi + # Check for thread library. # @@ -278,5 +292,12 @@ echo " Revision: mym4_revision (mym4_revision_dec) Platform: $host - " +if test "$gcry_cv_gcc_attribute_aligned" != "yes" ; then +cat < This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 7b7e08e6f3561724006b63679c2500a62fc73837 (commit) from 3325403c0dd2949bf52efa1b9a5b5cf3191110f9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7b7e08e6f3561724006b63679c2500a62fc73837 Author: NIIBE Yutaka Date: Wed Aug 6 18:24:31 2014 +0900 Update ja.po diff --git a/po/ja.po b/po/ja.po index 3c534d1..74b8f22 100644 --- a/po/ja.po +++ b/po/ja.po @@ -1,15 +1,16 @@ # Japanese messages for GnuPG libgpg-error -# Copyright (C) 2010, 2012 Free Software Foundation, Inc. +# Copyright (C) 2010, 2012, 2014 Free Software Foundation, Inc. # This file is distributed under the same license as the libgpg-error package. # Yasuaki Taniguchi , 2010. # Takeshi Hamasaki , 2012. +# NIIBE Yutaka , 2014. msgid "" msgstr "" "Project-Id-Version: libgpg-error 1.7\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2013-02-23 20:09+0100\n" -"Last-Translator: Takeshi Hamasaki \n" -"Language-Team: Japanese \n" +"PO-Revision-Date: 2014-07-04 16:22+0900\n" +"Last-Translator: NIIBE Yutaka \n" +"Language-Team: none\n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -32,7 +33,7 @@ msgid "GPG Agent" msgstr "GPG Agent" msgid "Pinentry" -msgstr "PIN ??" +msgstr "Pinentry" msgid "SCD" msgstr "SCD" @@ -59,13 +60,13 @@ msgid "Kleopatra" msgstr "Kleopatra" msgid "G13" -msgstr "" +msgstr "G13" msgid "Assuan" msgstr "Assuan" msgid "Any source" -msgstr "??????" +msgstr "????????" msgid "User defined source 1" msgstr "???????? 1" @@ -80,7 +81,7 @@ msgid "User defined source 4" msgstr "???????? 4" msgid "Unknown source" -msgstr "????????" +msgstr "??????" msgid "Success" msgstr "????" @@ -92,13 +93,13 @@ msgid "Unknown packet" msgstr "?????????" msgid "Unknown version in packet" -msgstr "????????????????" +msgstr "????????????????" msgid "Invalid public key algorithm" msgstr "??????????????" msgid "Invalid digest algorithm" -msgstr "?????????????" +msgstr "??????????????????" msgid "Bad public key" msgstr "????????" @@ -128,7 +129,7 @@ msgid "Invalid packet" msgstr "?????????" msgid "Invalid armor" -msgstr "???????????" +msgstr "?????????????" msgid "No user ID" msgstr "??? ID ??????" @@ -146,7 +147,7 @@ msgid "Unknown compression algorithm" msgstr "?????????????" msgid "Number is not prime" -msgstr "????????????" +msgstr "???????????" msgid "Invalid encoding method" msgstr "??????????" @@ -170,25 +171,25 @@ msgid "Value not found" msgstr "?????????" msgid "Syntax error" -msgstr "?????" +msgstr "???????" msgid "Bad MPI value" -msgstr "??? MPI ??" +msgstr "??? MPI ????" msgid "Invalid passphrase" -msgstr "?????????" +msgstr "???????????" msgid "Invalid signature class" -msgstr "????????" +msgstr "??????????" msgid "Resources exhausted" msgstr "???????????" msgid "Invalid keyring" -msgstr "???????" +msgstr "?????????" msgid "Trust DB error" -msgstr "?? DB ???" +msgstr "?? DB ?????" msgid "Bad certificate" msgstr "????????" @@ -200,7 +201,7 @@ msgid "Unexpected error" msgstr "??????????" msgid "Time conflict" -msgstr "???????" +msgstr "????????" msgid "Keyserver error" msgstr "??????????" @@ -208,9 +209,8 @@ msgstr "??????????" msgid "Wrong public key algorithm" msgstr "??????????????" -#, fuzzy msgid "Tribute to D. A." -msgstr " ???" +msgstr "????????????" msgid "Weak encryption key" msgstr "???????" @@ -222,7 +222,7 @@ msgid "Invalid argument" msgstr "???????" msgid "Syntax error in URI" -msgstr "URI ????????" +msgstr "URI????????" msgid "Invalid URI" msgstr "??? URI ??" @@ -234,7 +234,7 @@ msgid "Unknown host" msgstr "????????" msgid "Selftest failed" -msgstr "???????????" +msgstr "?????????????" msgid "Data not encrypted" msgstr "???????????????" @@ -255,13 +255,13 @@ msgid "Bad certificate chain" msgstr "??????????" msgid "Missing certificate" -msgstr "?????????" +msgstr "???????????" msgid "No data" msgstr "?????????" msgid "Bug" -msgstr "??" +msgstr "????" msgid "Not supported" msgstr "???????????" @@ -270,16 +270,16 @@ msgid "Invalid operation code" msgstr "??????????" msgid "Timeout" -msgstr "??????" +msgstr "????????" msgid "Internal error" -msgstr "?????" +msgstr "???????" msgid "EOF (gcrypt)" -msgstr "EOF (gcrypt)" +msgstr "EOF (gcrypt)??" msgid "Invalid object" -msgstr "?????????" +msgstr "???????????" msgid "Provided object is too short" msgstr "??????????????????" @@ -288,14 +288,13 @@ msgid "Provided object is too large" msgstr "??????????????????" msgid "Missing item in object" -msgstr "????????????????" +msgstr "??????????????????" msgid "Not implemented" msgstr "?????????" -#, fuzzy msgid "Conflicting use" -msgstr "??????? #~ ???" +msgstr "????????" msgid "Invalid cipher mode" msgstr "??????????" @@ -310,16 +309,14 @@ msgid "Result truncated" msgstr "????????????" msgid "Incomplete line" -msgstr "????????" +msgstr "???????" msgid "Invalid response" msgstr "???????" msgid "No agent running" -msgstr "????????????????" +msgstr "??????????????" -#, fuzzy -#| msgid "agent error" msgid "Agent error" msgstr "???????????" @@ -342,10 +339,10 @@ msgid "Unsupported algorithm" msgstr "??????????????????" msgid "No pinentry" -msgstr "PIN ????????" +msgstr "Pinentry??????" msgid "pinentry error" -msgstr "PIN ?????" +msgstr "Pinentry???" msgid "Bad PIN" msgstr "??? PIN ??" @@ -362,16 +359,14 @@ msgstr "??????????" msgid "Wrong card" msgstr "????????" -#, fuzzy msgid "No dirmngr" -msgstr "- < ???????? >" +msgstr "dirmngr??????" -#, fuzzy msgid "dirmngr error" -msgstr "%s ????????????" +msgstr "dirmngr ????" msgid "Certificate revoked" -msgstr "???????????" +msgstr "???????????" msgid "No CRL known" msgstr "??? CRL ??????" @@ -428,7 +423,7 @@ msgid "Card not present" msgstr "????????????" msgid "No PKCS15 application" -msgstr "PKCS15 ???????????????" +msgstr "PKCS15 ??????????????" msgid "Not confirmed" msgstr "?????????" @@ -476,7 +471,7 @@ msgid "Missing value" msgstr "???????" msgid "Hardware problem" -msgstr "??????????" +msgstr "???????????" msgid "PIN blocked" msgstr "PIN ??????????" @@ -542,7 +537,7 @@ msgid "Invalid crypto engine" msgstr "???????????" msgid "Public key not trusted" -msgstr "????????????" +msgstr "?????????????" msgid "Decryption failed" msgstr "?????????" @@ -562,9 +557,8 @@ msgstr "???????" msgid "Duplicated value" msgstr "???????" -#, fuzzy msgid "Missing action" -msgstr "?????" +msgstr "?????????????" msgid "ASN.1 module not found" msgstr "ASN.1 ????????????????" @@ -597,7 +591,7 @@ msgid "Protocol violation" msgstr "???????" msgid "Invalid MAC" -msgstr "??? MAC ????" +msgstr "??? MAC??" msgid "Invalid request" msgstr "????????" @@ -605,115 +599,92 @@ msgstr "????????" msgid "Unknown extension" msgstr "??????" -#, fuzzy msgid "Unknown critical extension" -msgstr "?????????(&E)" +msgstr "????????????" msgid "Locked" msgstr "?????????" msgid "Unknown option" -msgstr "????????" +msgstr "??????????" msgid "Unknown command" -msgstr "???????" +msgstr "?????????" -#, fuzzy msgid "Not operational" -msgstr "?????" +msgstr "???????" msgid "No passphrase given" msgstr "????????????????" msgid "No PIN given" -msgstr "??????????????" +msgstr "PIN??????????" -#, fuzzy msgid "Not enabled" -msgstr "??????????" +msgstr "?????????" -#, fuzzy msgid "No crypto engine" -msgstr "???????????" +msgstr "????????????" -#, fuzzy msgid "Missing key" -msgstr "???????" +msgstr "???????" -#, fuzzy msgid "Too many objects" -msgstr "CMS ?????????????" +msgstr "????????????" msgid "Limit reached" -msgstr "" +msgstr "????????" -#, fuzzy msgid "Not initialized" -msgstr "??????????????" +msgstr "??????????" -#, fuzzy msgid "Missing issuer certificate" -msgstr "?????????" +msgstr "????????????" msgid "No keyserver available" -msgstr "" +msgstr "?????????????????" -#, fuzzy msgid "Invalid elliptic curve" -msgstr "???????" +msgstr "?????????" -#, fuzzy msgid "Unknown elliptic curve" -msgstr "????????" +msgstr "?????????" -#, fuzzy msgid "Duplicated key" -msgstr "???????" +msgstr "???????" -#, fuzzy msgid "Ambiguous result" -msgstr "???????" +msgstr "???????" -#, fuzzy msgid "No crypto context" -msgstr "???????????" +msgstr "????????????" -#, fuzzy msgid "Wrong crypto context" -msgstr "???????????" +msgstr "?????????????" -#, fuzzy -#| msgid "Invalid crypto engine" msgid "Bad crypto context" -msgstr "???????????" +msgstr "???????????????" msgid "Conflict in the crypto context" -msgstr "" +msgstr "????????????????" -#, fuzzy -#| msgid "No public key" msgid "Broken public key" -msgstr "?????????" +msgstr "??????????" -#, fuzzy -#| msgid "No secret key" msgid "Broken secret key" -msgstr "?????????" +msgstr "??????????" -#, fuzzy -#| msgid "Invalid digest algorithm" msgid "Invalid MAC algorithm" -msgstr "?????????????" +msgstr "???MAC????????" -#, fuzzy msgid "Operation fully cancelled" -msgstr "?????????????" +msgstr "????????????????" msgid "Operation not yet finished" msgstr "?????????????" msgid "Buffer too short" -msgstr "????????????" +msgstr "??????????" msgid "Invalid length specifier in S-expression" msgstr "S?????????????" @@ -722,65 +693,55 @@ msgid "String too long in S-expression" msgstr "S?????????????" msgid "Unmatched parentheses in S-expression" -msgstr "S???????????????????" +msgstr "S???????????" -#, fuzzy msgid "S-expression not canonical" -msgstr "\"%expression:1\" ????????????????" +msgstr "??????S????????" -#, fuzzy msgid "Bad character in S-expression" -msgstr "????????????" +msgstr "S???????????????" -#, fuzzy msgid "Bad quotation in S-expression" -msgstr "????????????" +msgstr "S???????????????" -#, fuzzy msgid "Zero prefix in S-expression" -msgstr "????????????" +msgstr "S??????????????" msgid "Nested display hints in S-expression" -msgstr "" +msgstr "S??????????????????" -#, fuzzy msgid "Unmatched display hints" -msgstr "??????????????" +msgstr "????????????" -#, fuzzy msgid "Unexpected reserved punctuation in S-expression" -msgstr "?????????: ????????? `%s' ??" +msgstr "S????????????????????" msgid "Bad hexadecimal character in S-expression" -msgstr "" +msgstr "S??????16???????????" msgid "Odd hexadecimal numbers in S-expression" -msgstr "" +msgstr "S??????16???????????" -#, fuzzy msgid "Bad octal character in S-expression" -msgstr "????????????" +msgstr "S??????8???????????" msgid "Not possible with a card based key" -msgstr "" +msgstr "????????????" -#, fuzzy -#| msgid "Invalid object" msgid "Invalid lock object" -msgstr "?????????" +msgstr "?????????????" msgid "General IPC error" msgstr "????IPC?????" -#, fuzzy msgid "IPC accept call failed" -msgstr "dia_plugin_init() ????????????" +msgstr "IPC accept ???????" msgid "IPC connect call failed" -msgstr "IPC?????????????" +msgstr "IPC connect ???????????" msgid "Invalid IPC response" -msgstr "??? IPC ??" +msgstr "??? IPC ????" msgid "Invalid value passed to IPC" msgstr "?????IPC???????" @@ -794,12 +755,11 @@ msgstr "IPC????????????" msgid "Nested IPC commands" msgstr "IPC???????????????" -#, fuzzy msgid "No data callback in IPC" -msgstr "?????? '%s' (%p) ???????????? (%p) ??????" +msgstr "IPC ?????????????????" msgid "No inquire callback in IPC" -msgstr "" +msgstr "IPC??????????????????" msgid "Not an IPC server" msgstr "IPC ??????????" @@ -808,7 +768,7 @@ msgid "Not an IPC client" msgstr "IPC ?????????????" msgid "Problem starting IPC server" -msgstr "IPC?????????????????" +msgstr "IPC????????????????" msgid "IPC read error" msgstr "IPC ???????" @@ -817,7 +777,7 @@ msgid "IPC write error" msgstr "IPC ???????" msgid "Too much data for IPC layer" -msgstr "IPC ????????????????" +msgstr "IPC ?????????????" msgid "Unexpected IPC command" msgstr "????? IPC ??????" @@ -898,7 +858,7 @@ msgid "Unknown system error" msgstr "??????????" msgid "End of file" -msgstr "?????? (EOF)" +msgstr "??????" msgid "Unknown error code" msgstr "?????????" ----------------------------------------------------------------------- Summary of changes: po/ja.po | 220 +++++++++++++++++++++++++------------------------------------- 1 file changed, 90 insertions(+), 130 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 6 15:07:33 2014 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 06 Aug 2014 15:07:33 +0200 Subject: [git] Pinentry - branch, master, updated. pinentry-0.8.3-12-gf4d14ff Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via f4d14ffcf2e04b1938c00a0ef1504e0e932631fd (commit) via 47476d2f288a22c29567ae2c179ce0472db4257e (commit) from 41d046022e912c76cb424c906064745e732f01f3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f4d14ffcf2e04b1938c00a0ef1504e0e932631fd Author: Andre Heinecke Date: Wed Aug 6 15:05:25 2014 +0200 Add fallbacks for SetForegroundWindow If that foreground window fails pinentry-qt now tries to attach to the current foreground process and then tries to set the foreground window again. If that fails it also calls ShowWindow as a last resort. * qt4/pinentrydialog.cpp (raiseWindow): Add fallbacks in case SetForegroundWindow fails. diff --git a/NEWS b/NEWS index 2741f5c..5bd874f 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,9 @@ Noteworthy changes in version 0.8.4 (unreleased) * Qt4: Raise confirm message windows into foreground + * Qt4 (Windows): Improve the way pinentry-qt raises itself in + the foreground. + Noteworthy changes in version 0.8.3 (2013-04-26) ------------------------------------------------ diff --git a/qt4/pinentrydialog.cpp b/qt4/pinentrydialog.cpp index b16a74f..3a6dacc 100644 --- a/qt4/pinentrydialog.cpp +++ b/qt4/pinentrydialog.cpp @@ -45,31 +45,50 @@ versions. This is the reason why gpg-agent employs its AllowSetForegroundWindow callback machinery to ask the supposed to be be calling process to allow a pinentry to go into the - foreground. */ -// #ifdef Q_WS_WIN -// void SetForegroundWindowEx( HWND hWnd ) -// { -// //Attach foreground window thread to our thread -// const DWORD ForeGroundID = GetWindowThreadProcessId(::GetForegroundWindow(),NULL); -// const DWORD CurrentID = GetCurrentThreadId(); - -// AttachThreadInput ( ForeGroundID, CurrentID, TRUE ); -// //Do our stuff here -// HWND hLastActivePopupWnd = GetLastActivePopup( hWnd ); -// SetForegroundWindow( hLastActivePopupWnd ); - -// //Detach the attached thread -// AttachThreadInput ( ForeGroundID, CurrentID, FALSE ); -// }// End SetForegroundWindowEx -// #endif + foreground. -void raiseWindow( QWidget* w ) -{ + [ah] This is a Hack to workaround the fact that Foregrounding + a Window is so restricted that it AllowSetForegroundWindow + does not always work (e.g. when the ForegroundWindow timeout + has not expired. + */ #ifdef Q_WS_WIN - SetForegroundWindow( w->winId() ); +WINBOOL SetForegroundWindowEx( HWND hWnd ) +{ + //Attach foreground window thread to our thread + const DWORD ForeGroundID = GetWindowThreadProcessId(::GetForegroundWindow(),NULL); + const DWORD CurrentID = GetCurrentThreadId(); + WINBOOL retval; + + AttachThreadInput ( ForeGroundID, CurrentID, TRUE ); + //Do our stuff here + HWND hLastActivePopupWnd = GetLastActivePopup( hWnd ); + retval = SetForegroundWindow( hLastActivePopupWnd ); + + //Detach the attached thread + AttachThreadInput ( ForeGroundID, CurrentID, FALSE ); + return retval; +}// End SetForegroundWindowEx #endif + +void raiseWindow( QWidget* w ) +{ + /* Maybe Qt will become agressive enough one day that + * this is enough on windows too*/ w->raise(); w->activateWindow(); +#ifdef Q_WS_WIN + /* In the meantime we do our own attention grabbing */ + if (!SetForegroundWindow (w->winId()) && + !SetForegroundWindowEx (w->winId())) { + OutputDebugString("SetForegroundWindow (ex) failed"); + /* Yet another fallback which will not work on some + * versions and is not recommended by msdn */ + if (!ShowWindow (w->winId(), SW_SHOWNORMAL)) { + OutputDebugString ("ShowWindow failed."); + } + } +#endif } QPixmap icon( QStyle::StandardPixmap which ) commit 47476d2f288a22c29567ae2c179ce0472db4257e Author: Andre Heinecke Date: Wed Aug 6 15:01:54 2014 +0200 Use raiseWindow also for confirm dialogs This should fix the case that the dialog opened in the foreground but a warning / confirm dialog opened in the background. * qt4/pinentryconfirm.cpp, qt4/pinentryconfirm.h (showEvent): New overwrite base class method to call raiseWindow. * NEWS: Mention this. diff --git a/NEWS b/NEWS index fbc3708..2741f5c 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,7 @@ Noteworthy changes in version 0.8.4 (unreleased) * Qt4: Improved accessiblity + * Qt4: Raise confirm message windows into foreground Noteworthy changes in version 0.8.3 (2013-04-26) ------------------------------------------------ diff --git a/qt4/pinentryconfirm.cpp b/qt4/pinentryconfirm.cpp index f7a1d63..dfbd19f 100644 --- a/qt4/pinentryconfirm.cpp +++ b/qt4/pinentryconfirm.cpp @@ -18,6 +18,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #include "pinentryconfirm.h" +#include "pinentrydialog.h" #include PinentryConfirm::PinentryConfirm(Icon icon, int timeout, const QString &title, @@ -31,6 +32,13 @@ PinentryConfirm::PinentryConfirm(Icon icon, int timeout, const QString &title, } setAccessibleDescription (desc); setAccessibleName (title); + raiseWindow (this); +} + +void PinentryConfirm::showEvent( QShowEvent* event ) +{ + QDialog::showEvent( event ); + raiseWindow( this ); } void PinentryConfirm::slotTimeout() diff --git a/qt4/pinentryconfirm.h b/qt4/pinentryconfirm.h index 3113750..44fb3ae 100644 --- a/qt4/pinentryconfirm.h +++ b/qt4/pinentryconfirm.h @@ -36,6 +36,9 @@ class PinentryConfirm : public QMessageBox private: QTimer *_timer; + + protected: + /* reimp */ void showEvent( QShowEvent* event ); }; #endif ----------------------------------------------------------------------- Summary of changes: NEWS | 4 ++++ qt4/pinentryconfirm.cpp | 8 +++++++ qt4/pinentryconfirm.h | 3 +++ qt4/pinentrydialog.cpp | 59 +++++++++++++++++++++++++++++++---------------- 4 files changed, 54 insertions(+), 20 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 6 16:24:07 2014 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 06 Aug 2014 16:24:07 +0200 Subject: [git] Pinentry - branch, master, updated. pinentry-0.8.3-13-g52cf95c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via 52cf95c4fd97dc38856e72aa3e42a135d010df06 (commit) from f4d14ffcf2e04b1938c00a0ef1504e0e932631fd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 52cf95c4fd97dc38856e72aa3e42a135d010df06 Author: Andre Heinecke Date: Wed Aug 6 16:09:55 2014 +0200 Check for MOC also if pinentry-qt is disabled * configure.ac: Call QT_PATH_MOC if pinentry_qt4 is not no. -- Previously the MOC lookup from m4/qt.m4 would only be called if pinentry-qt was at least maybe. The MOC variable defined by this macro is also used in pinentry-qt4 though. diff --git a/configure.ac b/configure.ac index b4133b0..595c2aa 100644 --- a/configure.ac +++ b/configure.ac @@ -427,6 +427,7 @@ fi) fi if test "$pinentry_qt4" != "no"; then +QT_PATH_MOC PKG_CHECK_MODULES(QT4_GUI, QtGui,, if test "$pinentry_qt4" = "yes"; then AC_MSG_ERROR([[ ----------------------------------------------------------------------- Summary of changes: configure.ac | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 6 17:12:06 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 06 Aug 2014 17:12:06 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.25-6-g088f82c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 088f82c0b5e39687f70e44d3ab719854e808eeb6 (commit) via 25d5480e98068f6dd15c70c9e58236c77037535d (commit) from 4500d3cb6dd3525a835c251e6104f500050cf075 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 088f82c0b5e39687f70e44d3ab719854e808eeb6 Author: Werner Koch Date: Wed Aug 6 17:11:21 2014 +0200 gpg: Fix regression due to the keyserver import filter. * g10/keyserver.c (keyserver_retrieval_filter): Change args. Rewrite to take subpakets in account. * g10/import.c (import_one, import_secret_one): Pass keyblock to filter. -- GnuPG-bug-id: 1680 diff --git a/g10/import.c b/g10/import.c index fbe6b37..1bf4090 100644 --- a/g10/import.c +++ b/g10/import.c @@ -799,7 +799,7 @@ import_one( const char *fname, KBNODE keyblock, struct stats_s *stats, return 0; } - if (filter && filter (pk, NULL, filter_arg)) + if (filter && filter (keyblock, filter_arg)) { log_error (_("key %s: %s\n"), keystr_from_pk(pk), _("rejected by import filter")); @@ -1201,7 +1201,7 @@ import_secret_one (const char *fname, KBNODE keyblock, keyid_from_sk( sk, keyid ); uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); - if (filter && filter (NULL, sk, filter_arg)) { + if (filter && filter (keyblock, filter_arg)) { log_error (_("secret key %s: %s\n"), keystr_from_sk(sk), _("rejected by import filter")); return 0; diff --git a/g10/keyserver.c b/g10/keyserver.c index aa41536..af00401 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -994,52 +994,68 @@ struct ks_retrieval_filter_arg_s returns 0 if the key shall be imported. Note that this kind of filter is not related to the iobuf filters. */ static int -keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, - void *opaque) +keyserver_retrieval_filter (kbnode_t keyblock, void *opaque) { struct ks_retrieval_filter_arg_s *arg = opaque; KEYDB_SEARCH_DESC *desc = arg->desc; int ndesc = arg->ndesc; + kbnode_t node; + PKT_public_key *pk; int n; u32 keyid[2]; byte fpr[MAX_FINGERPRINT_LEN]; size_t fpr_len = 0; - /* Secret keys are not expected from a keyserver. Do not import. */ - if (sk) - return G10ERR_GENERAL; + /* Secret keys are not expected from a keyserver. We do not + care about secret subkeys because the import code takes care + of skipping them. Not allowing an import of a public key + with a secret subkey would make it too easy to inhibit the + downloading of a public key. Recall that keyservers do only + limited checks. */ + node = find_kbnode (keyblock, PKT_SECRET_KEY); + if (node) + return G10ERR_GENERAL; /* Do not import. */ if (!ndesc) return 0; /* Okay if no description given. */ - fingerprint_from_pk (pk, fpr, &fpr_len); - keyid_from_pk (pk, keyid); - - /* Compare requested and returned fingerprints if available. */ - for (n = 0; n < ndesc; n++) + /* Loop over all key packets. */ + for (node = keyblock; node; node = node->next) { - if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20) - { - if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20)) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16) - { - if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16)) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID) - { - if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1]) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID) + if (node->pkt->pkttype != PKT_PUBLIC_KEY + && node->pkt->pkttype != PKT_PUBLIC_SUBKEY) + continue; + + pk = node->pkt->pkt.public_key; + fingerprint_from_pk (pk, fpr, &fpr_len); + keyid_from_pk (pk, keyid); + + /* Compare requested and returned fingerprints if available. */ + for (n = 0; n < ndesc; n++) { - if (keyid[1] == desc[n].u.kid[1]) - return 0; + if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20) + { + if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20)) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16) + { + if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16)) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID) + { + if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1]) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID) + { + if (keyid[1] == desc[n].u.kid[1]) + return 0; + } + else /* No keyid or fingerprint - can't check. */ + return 0; /* allow import. */ } - else - return 0; } return G10ERR_GENERAL; diff --git a/g10/main.h b/g10/main.h index 6a0de00..9904820 100644 --- a/g10/main.h +++ b/g10/main.h @@ -261,8 +261,7 @@ gcry_mpi_t encode_md_value( PKT_public_key *pk, PKT_secret_key *sk, /*-- import.c --*/ -typedef int (*import_filter_t)(PKT_public_key *pk, PKT_secret_key *sk, - void *arg); +typedef int (*import_filter_t)(kbnode_t keyblock, void *arg); int parse_import_options(char *str,unsigned int *options,int noisy); void import_keys( char **fnames, int nnames, commit 25d5480e98068f6dd15c70c9e58236c77037535d Author: Werner Koch Date: Wed Aug 6 17:09:15 2014 +0200 gpg: Add kbnode_t for easier backporting. * g10/gpg.h (kbnode_t): New. diff --git a/g10/gpg.h b/g10/gpg.h index 7049656..9cd84bb 100644 --- a/g10/gpg.h +++ b/g10/gpg.h @@ -50,6 +50,7 @@ struct server_local_s; /* Object used to describe a keyblok node. */ typedef struct kbnode_struct *KBNODE; +typedef struct kbnode_struct *kbnode_t; /* Object used for looking ob keys. */ typedef struct keydb_search_desc KEYDB_SEARCH_DESC; ----------------------------------------------------------------------- Summary of changes: g10/gpg.h | 1 + g10/import.c | 4 +-- g10/keyserver.c | 76 +++++++++++++++++++++++++++++++++---------------------- g10/main.h | 3 +-- 4 files changed, 50 insertions(+), 34 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 6 18:51:26 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 06 Aug 2014 18:51:26 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.18-3-gd585527 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-1-4 has been updated via d58552760b26d840824658814d59c8b1a25a4219 (commit) via dcf58b3471b1c9ba87a826aa132033e506664808 (commit) from c05918c1b92bbf4f8cce0f18508014bfcf6332d8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d58552760b26d840824658814d59c8b1a25a4219 Author: Werner Koch Date: Wed Aug 6 17:11:21 2014 +0200 gpg: Fix regression due to the keyserver import filter. * g10/keyserver.c (keyserver_retrieval_filter): Change args. Rewrite to take subpakets in account. * g10/import.c (import_one, import_secret_one): Pass keyblock to filter. -- GnuPG-bug-id: 1680 Resolved conflicts: g10/main.h - s/import_filter/import_filter_t/g diff --git a/g10/import.c b/g10/import.c index e40141e..2baa298 100644 --- a/g10/import.c +++ b/g10/import.c @@ -60,16 +60,16 @@ struct stats_s { static int import( IOBUF inp, const char* fname,struct stats_s *stats, unsigned char **fpr,size_t *fpr_len,unsigned int options, - import_filter filter, void *filter_arg ); + import_filter_t filter, void *filter_arg ); static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ); static void revocation_present(KBNODE keyblock); static int import_one(const char *fname, KBNODE keyblock,struct stats_s *stats, unsigned char **fpr,size_t *fpr_len, unsigned int options,int from_sk, - import_filter filter, void *filter_arg); + import_filter_t filter, void *filter_arg); static int import_secret_one( const char *fname, KBNODE keyblock, struct stats_s *stats, unsigned int options, - import_filter filter, void *filter_arg); + import_filter_t filter, void *filter_arg); static int import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats); static int chk_self_sigs( const char *fname, KBNODE keyblock, @@ -167,7 +167,7 @@ static int import_keys_internal( IOBUF inp, char **fnames, int nnames, void *stats_handle, unsigned char **fpr, size_t *fpr_len, unsigned int options, - import_filter filter, void *filter_arg) + import_filter_t filter, void *filter_arg) { int i, rc = 0; struct stats_s *stats = stats_handle; @@ -236,7 +236,7 @@ import_keys( char **fnames, int nnames, int import_keys_stream( IOBUF inp, void *stats_handle, unsigned char **fpr, size_t *fpr_len,unsigned int options, - import_filter filter, void *filter_arg ) + import_filter_t filter, void *filter_arg ) { return import_keys_internal (inp, NULL, 0, stats_handle, fpr, fpr_len, options, filter, filter_arg); @@ -245,7 +245,7 @@ import_keys_stream( IOBUF inp, void *stats_handle, static int import( IOBUF inp, const char* fname,struct stats_s *stats, unsigned char **fpr,size_t *fpr_len,unsigned int options, - import_filter filter, void *filter_arg) + import_filter_t filter, void *filter_arg) { PACKET *pending_pkt = NULL; KBNODE keyblock = NULL; @@ -750,7 +750,7 @@ check_prefs(KBNODE keyblock) static int import_one( const char *fname, KBNODE keyblock, struct stats_s *stats, unsigned char **fpr,size_t *fpr_len,unsigned int options, - int from_sk, import_filter filter, void *filter_arg) + int from_sk, import_filter_t filter, void *filter_arg) { PKT_public_key *pk; PKT_public_key *pk_orig; @@ -790,7 +790,7 @@ import_one( const char *fname, KBNODE keyblock, struct stats_s *stats, return 0; } - if (filter && filter (pk, NULL, filter_arg)) + if (filter && filter (keyblock, filter_arg)) { log_error (_("key %s: %s\n"), keystr_from_pk(pk), _("rejected by import filter")); @@ -1166,7 +1166,7 @@ sec_to_pub_keyblock(KBNODE sec_keyblock) static int import_secret_one( const char *fname, KBNODE keyblock, struct stats_s *stats, unsigned int options, - import_filter filter, void *filter_arg) + import_filter_t filter, void *filter_arg) { PKT_secret_key *sk; KBNODE node, uidnode; @@ -1182,7 +1182,7 @@ import_secret_one( const char *fname, KBNODE keyblock, keyid_from_sk( sk, keyid ); uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); - if (filter && filter (NULL, sk, filter_arg)) { + if (filter && filter (keyblock, filter_arg)) { log_error (_("secret key %s: %s\n"), keystr_from_sk(sk), _("rejected by import filter")); return 0; diff --git a/g10/keyserver.c b/g10/keyserver.c index af174fb..810713c 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -972,52 +972,68 @@ struct ks_retrieval_filter_arg_s returns 0 if the key shall be imported. Note that this kind of filter is not related to the iobuf filters. */ static int -keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, - void *opaque) +keyserver_retrieval_filter (kbnode_t keyblock, void *opaque) { struct ks_retrieval_filter_arg_s *arg = opaque; KEYDB_SEARCH_DESC *desc = arg->desc; int ndesc = arg->ndesc; + kbnode_t node; + PKT_public_key *pk; int n; u32 keyid[2]; byte fpr[MAX_FINGERPRINT_LEN]; size_t fpr_len = 0; - /* Secret keys are not expected from a keyserver. Do not import. */ - if (sk) - return G10ERR_GENERAL; + /* Secret keys are not expected from a keyserver. We do not + care about secret subkeys because the import code takes care + of skipping them. Not allowing an import of a public key + with a secret subkey would make it too easy to inhibit the + downloading of a public key. Recall that keyservers do only + limited checks. */ + node = find_kbnode (keyblock, PKT_SECRET_KEY); + if (node) + return G10ERR_GENERAL; /* Do not import. */ if (!ndesc) return 0; /* Okay if no description given. */ - fingerprint_from_pk (pk, fpr, &fpr_len); - keyid_from_pk (pk, keyid); - - /* Compare requested and returned fingerprints if available. */ - for (n = 0; n < ndesc; n++) + /* Loop over all key packets. */ + for (node = keyblock; node; node = node->next) { - if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20) - { - if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20)) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16) - { - if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16)) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID) - { - if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1]) - return 0; - } - else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID) + if (node->pkt->pkttype != PKT_PUBLIC_KEY + && node->pkt->pkttype != PKT_PUBLIC_SUBKEY) + continue; + + pk = node->pkt->pkt.public_key; + fingerprint_from_pk (pk, fpr, &fpr_len); + keyid_from_pk (pk, keyid); + + /* Compare requested and returned fingerprints if available. */ + for (n = 0; n < ndesc; n++) { - if (keyid[1] == desc[n].u.kid[1]) - return 0; + if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20) + { + if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20)) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16) + { + if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16)) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID) + { + if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1]) + return 0; + } + else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID) + { + if (keyid[1] == desc[n].u.kid[1]) + return 0; + } + else /* No keyid or fingerprint - can't check. */ + return 0; /* allow import. */ } - else - return 0; } return G10ERR_GENERAL; diff --git a/g10/main.h b/g10/main.h index e4c4385..af35c77 100644 --- a/g10/main.h +++ b/g10/main.h @@ -208,14 +208,14 @@ MPI encode_md_value( PKT_public_key *pk, PKT_secret_key *sk, /*-- import.c --*/ -typedef int (*import_filter)(PKT_public_key *pk, PKT_secret_key *sk, void *arg); +typedef int (*import_filter_t)(kbnode_t keyblock, void *arg); int parse_import_options(char *str,unsigned int *options,int noisy); void import_keys( char **fnames, int nnames, void *stats_hd, unsigned int options ); int import_keys_stream (IOBUF inp,void *stats_hd,unsigned char **fpr, size_t *fpr_len,unsigned int options, - import_filter filter, void *filter_arg); + import_filter_t filter, void *filter_arg); void *import_new_stats_handle (void); void import_release_stats_handle (void *p); void import_print_stats (void *hd); commit dcf58b3471b1c9ba87a826aa132033e506664808 Author: Werner Koch Date: Wed Aug 6 17:09:15 2014 +0200 Add kbnode_t for easier backporting. * g10/global.h (kbnode_t): New. diff --git a/g10/global.h b/g10/global.h index 643c4fc..5ecfb83 100644 --- a/g10/global.h +++ b/g10/global.h @@ -23,6 +23,7 @@ #define MAX_FINGERPRINT_LEN 20 typedef struct kbnode_struct *KBNODE; +typedef struct kbnode_struct *kbnode_t; typedef struct keydb_search_desc KEYDB_SEARCH_DESC; #endif /*GPG_GLOBAL_H*/ ----------------------------------------------------------------------- Summary of changes: g10/global.h | 1 + g10/import.c | 20 +++++++-------- g10/keyserver.c | 76 +++++++++++++++++++++++++++++++++---------------------- g10/main.h | 4 +-- 4 files changed, 59 insertions(+), 42 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 7 20:36:30 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 07 Aug 2014 20:36:30 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-5-BRANCH, updated. libgcrypt-1.5.3-11-gf393433 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-5-BRANCH has been updated via f393433a53fde259fbd1d81f2bd1ec19d6463982 (commit) via 7235b8d910dfb8fcd19b49c404c62e634c5311c9 (commit) via e2ba3187fc02f0ba0443f0ffc2d13e1fc1aee6c7 (commit) via 62e8e1283268f1d3b6d0cfb2fc4e7835bbcdaab6 (commit) via 6c3598f1f6a6f2548b60a31ce3c0dd9885558a4f (commit) from 2c05a943c5183ca7bfc76115abde29c634198bac (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f393433a53fde259fbd1d81f2bd1ec19d6463982 Author: Werner Koch Date: Thu Aug 7 20:33:53 2014 +0200 Post release updates. -- diff --git a/NEWS b/NEWS index adfcecf..dcdd2b9 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.5.5 (unreleased) [C19/A8/R_] +------------------------------------------------ + + Noteworthy changes in version 1.5.4 (2014-08-07) [C19/A8/R3] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index c8b17ea..8f54c28 100644 --- a/configure.ac +++ b/configure.ac @@ -30,7 +30,7 @@ min_automake_version="1.11" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [5]) -m4_define(mym4_version_micro, [4]) +m4_define(mym4_version_micro, [5]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit 7235b8d910dfb8fcd19b49c404c62e634c5311c9 Author: Werner Koch Date: Thu Aug 7 20:10:39 2014 +0200 Release 1.5.4. * configure.ac: Set LT version to C19/A8/R3. diff --git a/NEWS b/NEWS index 88c7aea..adfcecf 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,19 @@ -Noteworthy changes in version 1.5.4 (unreleased) +Noteworthy changes in version 1.5.4 (2014-08-07) [C19/A8/R3] ------------------------------------------------ -Noteworthy changes in version 1.5.3 (2013-07-25) + * Declare 2016-12-31 as end-of-life for 1.5. + + Backported from 1.6: + + * Improved performance of RSA, DSA, and Elgamal by using a new + exponentiation algorithm. + + * Fixed a subtle bug in mpi_set_bit which could set spurious bits. + + * Fixed a bug in an internal division function. + + +Noteworthy changes in version 1.5.3 (2013-07-25) [C19/A8/R2] ------------------------------------------------ * Mitigate the Yarom/Falkner flush+reload side-channel attack on diff --git a/configure.ac b/configure.ac index 00da265..c8b17ea 100644 --- a/configure.ac +++ b/configure.ac @@ -59,7 +59,7 @@ AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # LIBGCRYPT_LT_CURRENT=19 LIBGCRYPT_LT_AGE=8 -LIBGCRYPT_LT_REVISION=2 +LIBGCRYPT_LT_REVISION=3 # If the API is changed in an incompatible way: increment the next counter. commit e2ba3187fc02f0ba0443f0ffc2d13e1fc1aee6c7 Author: NIIBE Yutaka Date: Wed Dec 4 10:03:57 2013 +0900 mpi: fix gcry_mpi_powm for negative base. * mpi/mpi-pow.c (gcry_mpi_powm) [USE_ALGORITHM_SIMPLE_EXPONENTIATION]: Fix for the case where BASE is negative. * tests/mpitests.c (test_powm): Add a test case of (-17)^6 mod 19. -- Signed-off-by: NIIBE Yutaka (cherry picked from commit c56080c26186d25dec05f01831494c77d8d07e13) Resolved conflicts: tests/mpitests.c - Use replacements for gcry_mpi_new and gcry_mpi_is_neg. diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 469c382..4bf0233 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -177,7 +177,7 @@ gcry_mpi_powm (gcry_mpi_t res, } MPN_COPY ( rp, bp, bsize ); rsize = bsize; - rsign = bsign; + rsign = 0; /* Main processing. */ { @@ -192,7 +192,7 @@ gcry_mpi_powm (gcry_mpi_t res, xp = xp_marker = mpi_alloc_limb_space( 2 * (msize + 1), msec ); memset( &karactx, 0, sizeof karactx ); - negative_result = (ep[0] & 1) && base->sign; + negative_result = (ep[0] & 1) && bsign; i = esize - 1; e = ep[i]; diff --git a/tests/mpitests.c b/tests/mpitests.c index cf82842..64ab7a3 100644 --- a/tests/mpitests.c +++ b/tests/mpitests.c @@ -181,6 +181,7 @@ test_powm (void) int b_int = 17; int e_int = 3; int m_int = 19; + gcry_mpi_t mpi_0 = gcry_mpi_set_ui (NULL, 0); gcry_mpi_t base = gcry_mpi_set_ui (NULL, b_int); gcry_mpi_t exp = gcry_mpi_set_ui (NULL, e_int); gcry_mpi_t mod = gcry_mpi_set_ui (NULL, m_int); @@ -269,10 +270,31 @@ test_powm (void) if (gcry_mpi_cmp (res, base)) die ("test_powm failed at %d\n", __LINE__); - /* Fixme: We should add the rest of the cases of course. */ - + /* Check for a case: base is negative and expo is even. */ + gcry_mpi_set_ui (base, b_int); + gcry_mpi_sub (base, mpi_0, base); + gcry_mpi_set_ui (exp, e_int * 2); + gcry_mpi_set_ui(mod, m_int); + gcry_mpi_powm (res, base, exp, mod); + /* Result should be positive and it's 7 = (-17)^6 mod 19. */ + if (gcry_mpi_cmp_ui (res, 0) < 0 || gcry_mpi_cmp_ui (res, 7)) + { + if (verbose) + { + fprintf (stderr, "is_neg: %d\n", (gcry_mpi_cmp_ui (res, 0) < 0)); + fprintf (stderr, "mpi: "); + gcry_mpi_dump (res); + putc ('\n', stderr); + } + die ("test_powm failed for negative base at %d\n", __LINE__); + } + gcry_mpi_release (base); + gcry_mpi_release (exp); + gcry_mpi_release (mod); + gcry_mpi_release (res); + /* Fixme: We should add the rest of the cases of course. */ return 1; } commit 62e8e1283268f1d3b6d0cfb2fc4e7835bbcdaab6 Author: NIIBE Yutaka Date: Wed Oct 2 09:27:09 2013 +0900 mpi: mpi-pow improvement. * mpi/mpi-pow.c (gcry_mpi_powm): New implementation of left-to-right k-ary exponentiation. -- Signed-off-by: NIIBE Yutaka For the Yarom/Falkner flush+reload cache side-channel attack, we changed the code so that it always calls the multiplication routine (even if we can skip it to get result). This results some performance regression. This change is for recovering performance with efficient algorithm. (cherry picked from commit 45aa6131e93fac89d46733b3436d960f35fb99b2) diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 85d6fd8..469c382 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -34,6 +34,14 @@ #include "longlong.h" +/* + * When you need old implementation, please add compilation option + * -DUSE_ALGORITHM_SIMPLE_EXPONENTIATION + * or expose this line: +#define USE_ALGORITHM_SIMPLE_EXPONENTIATION 1 + */ + +#if defined(USE_ALGORITHM_SIMPLE_EXPONENTIATION) /**************** * RES = BASE ^ EXPO mod MOD */ @@ -336,3 +344,449 @@ gcry_mpi_powm (gcry_mpi_t res, if (tspace) _gcry_mpi_free_limb_space( tspace, 0 ); } +#else +/** + * Internal function to compute + * + * X = R * S mod M + * + * and set the size of X at the pointer XSIZE_P. + * Use karatsuba structure at KARACTX_P. + * + * Condition: + * RSIZE >= SSIZE + * Enough space for X is allocated beforehand. + * + * For generic cases, we can/should use gcry_mpi_mulm. + * This function is use for specific internal case. + */ +static void +mul_mod (mpi_ptr_t xp, mpi_size_t *xsize_p, + mpi_ptr_t rp, mpi_size_t rsize, + mpi_ptr_t sp, mpi_size_t ssize, + mpi_ptr_t mp, mpi_size_t msize, + struct karatsuba_ctx *karactx_p) +{ + if( ssize < KARATSUBA_THRESHOLD ) + _gcry_mpih_mul ( xp, rp, rsize, sp, ssize ); + else + _gcry_mpih_mul_karatsuba_case (xp, rp, rsize, sp, ssize, karactx_p); + + if (rsize + ssize > msize) + { + _gcry_mpih_divrem (xp + msize, 0, xp, rsize + ssize, mp, msize); + *xsize_p = msize; + } + else + *xsize_p = rsize + ssize; +} + +#define SIZE_B_2I3 ((1 << (5 - 1)) - 1) + +/**************** + * RES = BASE ^ EXPO mod MOD + * + * To mitigate the Yarom/Falkner flush+reload cache side-channel + * attack on the RSA secret exponent, we don't use the square + * routine but multiplication. + * + * Reference: + * Handbook of Applied Cryptography + * Algorithm 14.83: Modified left-to-right k-ary exponentiation + */ +void +gcry_mpi_powm (gcry_mpi_t res, + gcry_mpi_t base, gcry_mpi_t expo, gcry_mpi_t mod) +{ + /* Pointer to the limbs of the arguments, their size and signs. */ + mpi_ptr_t rp, ep, mp, bp; + mpi_size_t esize, msize, bsize, rsize; + int msign, bsign, rsign; + /* Flags telling the secure allocation status of the arguments. */ + int esec, msec, bsec; + /* Size of the result including space for temporary values. */ + mpi_size_t size; + /* Helper. */ + int mod_shift_cnt; + int negative_result; + mpi_ptr_t mp_marker = NULL; + mpi_ptr_t bp_marker = NULL; + mpi_ptr_t ep_marker = NULL; + mpi_ptr_t xp_marker = NULL; + unsigned int mp_nlimbs = 0; + unsigned int bp_nlimbs = 0; + unsigned int ep_nlimbs = 0; + unsigned int xp_nlimbs = 0; + mpi_ptr_t b_2i3[SIZE_B_2I3]; /* Pre-computed array: BASE^3, ^5, ^7, ... */ + mpi_size_t b_2i3size[SIZE_B_2I3]; + mpi_size_t W; + mpi_ptr_t base_u; + mpi_size_t base_u_size; + + esize = expo->nlimbs; + msize = mod->nlimbs; + size = 2 * msize; + msign = mod->sign; + + if (esize * BITS_PER_MPI_LIMB > 512) + W = 5; + else if (esize * BITS_PER_MPI_LIMB > 256) + W = 4; + else if (esize * BITS_PER_MPI_LIMB > 128) + W = 3; + else if (esize * BITS_PER_MPI_LIMB > 64) + W = 2; + else + W = 1; + + esec = mpi_is_secure(expo); + msec = mpi_is_secure(mod); + bsec = mpi_is_secure(base); + + rp = res->d; + ep = expo->d; + + if (!msize) + _gcry_divide_by_zero(); + + if (!esize) + { + /* Exponent is zero, result is 1 mod MOD, i.e., 1 or 0 depending + on if MOD equals 1. */ + res->nlimbs = (msize == 1 && mod->d[0] == 1) ? 0 : 1; + if (res->nlimbs) + { + RESIZE_IF_NEEDED (res, 1); + rp = res->d; + rp[0] = 1; + } + res->sign = 0; + goto leave; + } + + /* Normalize MOD (i.e. make its most significant bit set) as + required by mpn_divrem. This will make the intermediate values + in the calculation slightly larger, but the correct result is + obtained after a final reduction using the original MOD value. */ + mp_nlimbs = msec? msize:0; + mp = mp_marker = mpi_alloc_limb_space(msize, msec); + count_leading_zeros (mod_shift_cnt, mod->d[msize-1]); + if (mod_shift_cnt) + _gcry_mpih_lshift (mp, mod->d, msize, mod_shift_cnt); + else + MPN_COPY( mp, mod->d, msize ); + + bsize = base->nlimbs; + bsign = base->sign; + if (bsize > msize) + { + /* The base is larger than the module. Reduce it. + + Allocate (BSIZE + 1) with space for remainder and quotient. + (The quotient is (bsize - msize + 1) limbs.) */ + bp_nlimbs = bsec ? (bsize + 1):0; + bp = bp_marker = mpi_alloc_limb_space( bsize + 1, bsec ); + MPN_COPY ( bp, base->d, bsize ); + /* We don't care about the quotient, store it above the + * remainder, at BP + MSIZE. */ + _gcry_mpih_divrem( bp + msize, 0, bp, bsize, mp, msize ); + bsize = msize; + /* Canonicalize the base, since we are going to multiply with it + quite a few times. */ + MPN_NORMALIZE( bp, bsize ); + } + else + bp = base->d; + + if (!bsize) + { + res->nlimbs = 0; + res->sign = 0; + goto leave; + } + + + /* Make BASE, EXPO and MOD not overlap with RES. */ + if ( rp == bp ) + { + /* RES and BASE are identical. Allocate temp. space for BASE. */ + gcry_assert (!bp_marker); + bp_nlimbs = bsec? bsize:0; + bp = bp_marker = mpi_alloc_limb_space( bsize, bsec ); + MPN_COPY(bp, rp, bsize); + } + if ( rp == ep ) + { + /* RES and EXPO are identical. Allocate temp. space for EXPO. */ + ep_nlimbs = esec? esize:0; + ep = ep_marker = mpi_alloc_limb_space( esize, esec ); + MPN_COPY(ep, rp, esize); + } + if ( rp == mp ) + { + /* RES and MOD are identical. Allocate temporary space for MOD.*/ + gcry_assert (!mp_marker); + mp_nlimbs = msec?msize:0; + mp = mp_marker = mpi_alloc_limb_space( msize, msec ); + MPN_COPY(mp, rp, msize); + } + + /* Copy base to the result. */ + if (res->alloced < size) + { + mpi_resize (res, size); + rp = res->d; + } + + /* Main processing. */ + { + mpi_size_t i, j; + mpi_ptr_t xp; + mpi_size_t xsize; + int c; + mpi_limb_t e; + mpi_limb_t carry_limb; + struct karatsuba_ctx karactx; + mpi_ptr_t tp; + + xp_nlimbs = msec? (2 * (msize + 1)):0; + xp = xp_marker = mpi_alloc_limb_space( 2 * (msize + 1), msec ); + + memset( &karactx, 0, sizeof karactx ); + negative_result = (ep[0] & 1) && bsign; + + /* Precompute B_2I3[], BASE^(2 * i + 3), BASE^3, ^5, ^7, ... */ + if (W > 1) /* X := BASE^2 */ + mul_mod (xp, &xsize, bp, bsize, bp, bsize, mp, msize, &karactx); + for (i = 0; i < (1 << (W - 1)) - 1; i++) + { /* B_2I3[i] = BASE^(2 * i + 3) */ + if (i == 0) + { + base_u = bp; + base_u_size = bsize; + } + else + { + base_u = b_2i3[i-1]; + base_u_size = b_2i3size[i-1]; + } + + if (xsize >= base_u_size) + mul_mod (rp, &rsize, xp, xsize, base_u, base_u_size, + mp, msize, &karactx); + else + mul_mod (rp, &rsize, base_u, base_u_size, xp, xsize, + mp, msize, &karactx); + b_2i3[i] = mpi_alloc_limb_space (rsize, esec); + b_2i3size[i] = rsize; + MPN_COPY (b_2i3[i], rp, rsize); + } + + i = esize - 1; + + /* Main loop. + + Make the result be pointed to alternately by XP and RP. This + helps us avoid block copying, which would otherwise be + necessary with the overlap restrictions of + _gcry_mpih_divmod. With 50% probability the result after this + loop will be in the area originally pointed by RP (==RES->d), + and with 50% probability in the area originally pointed to by XP. */ + rsign = 0; + if (W == 1) + { + rsize = bsize; + } + else + { + rsize = msize; + MPN_ZERO (rp, rsize); + } + MPN_COPY ( rp, bp, bsize ); + + e = ep[i]; + count_leading_zeros (c, e); + e = (e << c) << 1; + c = BITS_PER_MPI_LIMB - 1 - c; + + j = 0; + + for (;;) + if (e == 0) + { + j += c; + i--; + if ( i < 0 ) + { + c = 0; + break; + } + + e = ep[i]; + c = BITS_PER_MPI_LIMB; + } + else + { + int c0; + mpi_limb_t e0; + + count_leading_zeros (c0, e); + e = (e << c0); + c -= c0; + j += c0; + + if (c >= W) + { + e0 = (e >> (BITS_PER_MPI_LIMB - W)); + e = (e << W); + c -= W; + } + else + { + i--; + if ( i < 0 ) + { + e = (e >> (BITS_PER_MPI_LIMB - c)); + break; + } + + c0 = c; + e0 = (e >> (BITS_PER_MPI_LIMB - W)) + | (ep[i] >> (BITS_PER_MPI_LIMB - W + c0)); + e = (ep[i] << (W - c0)); + c = BITS_PER_MPI_LIMB - W + c0; + } + + count_trailing_zeros (c0, e0); + e0 = (e0 >> c0) >> 1; + + for (j += W - c0; j; j--) + { + mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + } + + if (e0 == 0) + { + base_u = bp; + base_u_size = bsize; + } + else + { + base_u = b_2i3[e0 - 1]; + base_u_size = b_2i3size[e0 -1]; + } + + mul_mod (xp, &xsize, rp, rsize, base_u, base_u_size, + mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + + j = c0; + } + + if (c != 0) + { + j += c; + count_trailing_zeros (c, e); + e = (e >> c); + j -= c; + } + + while (j--) + { + mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + } + + if (e != 0) + { + if ((e>>1) == 0) + { + base_u = bp; + base_u_size = bsize; + } + else + { + base_u = b_2i3[(e>>1) - 1]; + base_u_size = b_2i3size[(e>>1) -1]; + } + + mul_mod (xp, &xsize, rp, rsize, base_u, base_u_size, + mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + + for (; c; c--) + { + mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + } + } + + /* We shifted MOD, the modulo reduction argument, left + MOD_SHIFT_CNT steps. Adjust the result by reducing it with the + original MOD. + + Also make sure the result is put in RES->d (where it already + might be, see above). */ + if ( mod_shift_cnt ) + { + carry_limb = _gcry_mpih_lshift( res->d, rp, rsize, mod_shift_cnt); + rp = res->d; + if ( carry_limb ) + { + rp[rsize] = carry_limb; + rsize++; + } + } + else if (res->d != rp) + { + MPN_COPY (res->d, rp, rsize); + rp = res->d; + } + + if ( rsize >= msize ) + { + _gcry_mpih_divrem(rp + msize, 0, rp, rsize, mp, msize); + rsize = msize; + } + + /* Remove any leading zero words from the result. */ + if ( mod_shift_cnt ) + _gcry_mpih_rshift( rp, rp, rsize, mod_shift_cnt); + MPN_NORMALIZE (rp, rsize); + + _gcry_mpih_release_karatsuba_ctx (&karactx ); + for (i = 0; i < (1 << (W - 1)) - 1; i++) + _gcry_mpi_free_limb_space( b_2i3[i], esec ? b_2i3size[i] : 0 ); + } + + /* Fixup for negative results. */ + if ( negative_result && rsize ) + { + if ( mod_shift_cnt ) + _gcry_mpih_rshift( mp, mp, msize, mod_shift_cnt); + _gcry_mpih_sub( rp, mp, msize, rp, rsize); + rsize = msize; + rsign = msign; + MPN_NORMALIZE(rp, rsize); + } + gcry_assert (res->d == rp); + res->nlimbs = rsize; + res->sign = rsign; + + leave: + if (mp_marker) + _gcry_mpi_free_limb_space( mp_marker, mp_nlimbs ); + if (bp_marker) + _gcry_mpi_free_limb_space( bp_marker, bp_nlimbs ); + if (ep_marker) + _gcry_mpi_free_limb_space( ep_marker, ep_nlimbs ); + if (xp_marker) + _gcry_mpi_free_limb_space( xp_marker, xp_nlimbs ); +} +#endif commit 6c3598f1f6a6f2548b60a31ce3c0dd9885558a4f Author: Xi Wang Date: Tue Aug 14 18:54:40 2012 -0400 Replace deliberate division by zero with _gcry_divide_by_zero. * mpi/mpi-pow.c: Replace 1 / msize. * mpi/mpih-div.c: Replace 1 / dsize. * src/misc.c: Add _gcry_divide_by_zero. -- 1) Division by zero doesn't "provoke a signal" on architectures like PowerPC. 2) C compilers like clang will optimize away these divisions, even though the code tries "to make the compiler not remove" them. This patch redirects these cases to _gcry_divide_by_zero. (cherry picked from commit 2c54c4da19d3a79e9f749740828026dd41f0521a) diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index a63fc6d..85d6fd8 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -77,7 +77,7 @@ gcry_mpi_powm (gcry_mpi_t res, ep = expo->d; if (!msize) - msize = 1 / msize; /* Provoke a signal. */ + _gcry_divide_by_zero(); if (!esize) { diff --git a/mpi/mpih-div.c b/mpi/mpih-div.c index 224b810..b33dcbf 100644 --- a/mpi/mpih-div.c +++ b/mpi/mpih-div.c @@ -212,9 +212,8 @@ _gcry_mpih_divrem( mpi_ptr_t qp, mpi_size_t qextra_limbs, switch(dsize) { case 0: - /* We are asked to divide by zero, so go ahead and do it! (To make - the compiler not remove this statement, return the value.) */ - return 1 / dsize; + _gcry_divide_by_zero(); + break; case 1: { diff --git a/src/g10lib.h b/src/g10lib.h index 30706a2..9e017b1 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -101,6 +101,8 @@ void _gcry_bug (const char *file, int line); void _gcry_assert_failed (const char *expr, const char *file, int line); #endif +void _gcry_divide_by_zero (void) JNLIB_GCC_A_NR; + const char *_gcry_gettext (const char *key) GCC_ATTR_FORMAT_ARG(1); void _gcry_fatal_error(int rc, const char *text ) JNLIB_GCC_A_NR; void _gcry_log( int level, const char *fmt, ... ) JNLIB_GCC_A_PRINTF(2,3); diff --git a/src/misc.c b/src/misc.c index 17bd546..ed72ed6 100644 --- a/src/misc.c +++ b/src/misc.c @@ -19,6 +19,7 @@ */ #include +#include #include #include #include @@ -296,3 +297,10 @@ _gcry_burn_stack (int bytes) if (bytes > 0) _gcry_burn_stack (bytes); } + +void +_gcry_divide_by_zero (void) +{ + gpg_err_set_errno (EDOM); + _gcry_fatal_error (gpg_err_code_from_errno (errno), "divide by zero"); +} ----------------------------------------------------------------------- Summary of changes: NEWS | 20 ++- configure.ac | 4 +- mpi/mpi-pow.c | 460 +++++++++++++++++++++++++++++++++++++++++++++++++++++- mpi/mpih-div.c | 5 +- src/g10lib.h | 2 + src/misc.c | 8 + tests/mpitests.c | 26 ++- 7 files changed, 513 insertions(+), 12 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Aug 8 02:44:21 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 08 Aug 2014 02:44:21 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-103-g9933b9e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 9933b9e5e1a3f5b1019c75f93bd265d4a1ecc270 (commit) from 4ce77b0a810d3c889c07dfb385127d90fa1ae36a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9933b9e5e1a3f5b1019c75f93bd265d4a1ecc270 Author: NIIBE Yutaka Date: Fri Aug 8 09:35:31 2014 +0900 ecc: Add cofactor to domain parameters. * src/ec-context.h (mpi_ec_ctx_s): Add cofactor 'h'. * cipher/ecc-common.h (elliptic_curve_t): Add cofactor 'h'. (_gcry_ecc_update_curve_param): New API adding cofactor. * cipher/ecc-curves.c (ecc_domain_parms_t): Add cofactor 'h'. (ecc_domain_parms_t domain_parms): Add cofactors. (_gcry_ecc_fill_in_curve, _gcry_ecc_update_curve_param) (_gcry_ecc_get_curve, _gcry_mpi_ec_new, _gcry_ecc_get_param_sexp) (_gcry_ecc_get_mpi): Handle cofactor. * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Likewise. * cipher/ecc-misc.c (_gcry_ecc_curve_free) (_gcry_ecc_curve_copy): Likewise. * cipher/ecc.c (nist_generate_key, ecc_generate) (ecc_check_secret_key, ecc_sign, ecc_verify, ecc_encrypt_raw) (ecc_decrypt_raw, _gcry_pk_ecc_get_sexp, _gcry_pubkey_spec_ecc): Likewise. (compute_keygrip): Handle cofactor, but skip it for its computation. * mpi/ec.c (ec_deinit): Likewise. * tests/t-mpi-point.c (context_param): Likewise. (test_curve): Add cofactors. * tests/curves.c (sample_key_1, sample_key_2): Add cofactors. * tests/keygrip.c (key_grips): Add cofactors. -- We keep compatibility of compute_keygrip in cipher/ecc.c. diff --git a/cipher/ecc-common.h b/cipher/ecc-common.h index f066b4b..83bf20d 100644 --- a/cipher/ecc-common.h +++ b/cipher/ecc-common.h @@ -32,6 +32,7 @@ typedef struct or d as used by Twisted Edwards curves. */ mpi_point_struct G; /* Base point (generator). */ gcry_mpi_t n; /* Order of G. */ + gcry_mpi_t h; /* Cofactor. */ const char *name; /* Name of the curve or NULL. */ } elliptic_curve_t; @@ -75,7 +76,7 @@ gpg_err_code_t _gcry_ecc_update_curve_param (const char *name, enum ecc_dialects *dialect, gcry_mpi_t *p, gcry_mpi_t *a, gcry_mpi_t *b, gcry_mpi_t *g, - gcry_mpi_t *n); + gcry_mpi_t *n, gcry_mpi_t *h); const char *_gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index cd85361..fd47c1d 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -110,6 +110,7 @@ typedef struct Curves b is used for d. */ const char *n; /* The order of the base point. */ const char *g_x, *g_y; /* Base point. */ + const char *h; /* Cofactor. */ } ecc_domain_parms_t; @@ -125,7 +126,8 @@ static const ecc_domain_parms_t domain_parms[] = "-0x2DFC9311D490018C7338BF8688861767FF8FF5B2BEBE27548A14B235ECA6874A", "0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED", "0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A", - "0x6666666666666666666666666666666666666666666666666666666666666658" + "0x6666666666666666666666666666666666666666666666666666666666666658", + "0x08" }, #if 0 /* No real specs yet found. */ { @@ -140,7 +142,8 @@ static const ecc_domain_parms_t domain_parms[] = "706022B36F1C0338AD63CF181B0E71A5E106AF79", "0x1A334905141443300218C0631C326E5FCD46369F44C03EC7F57FF35498A4AB4D" "6D6BA111301A73FAA8537C64C4FD3812F3CBC595", - "0x22" + "0x22", + "0x08" }, #endif /*0*/ { @@ -152,7 +155,8 @@ static const ecc_domain_parms_t domain_parms[] = "0xffffffffffffffffffffffff99def836146bc9b1b4d22831", "0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", - "0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811" + "0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811", + "0x01" }, { "NIST P-224", 224, 1, @@ -163,7 +167,8 @@ static const ecc_domain_parms_t domain_parms[] = "0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d" , "0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", - "0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" + "0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34", + "0x01" }, { "NIST P-256", 256, 1, @@ -174,7 +179,8 @@ static const ecc_domain_parms_t domain_parms[] = "0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", "0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", - "0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" + "0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", + "0x01" }, { "NIST P-384", 384, 1, @@ -191,7 +197,8 @@ static const ecc_domain_parms_t domain_parms[] = "0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a38" "5502f25dbf55296c3a545e3872760ab7", "0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0" - "0a60b1ce1d7e819d7a431d7c90ea0e5f" + "0a60b1ce1d7e819d7a431d7c90ea0e5f", + "0x01" }, { "NIST P-521", 521, 1, @@ -208,7 +215,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d" "3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", "0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e" - "662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650" + "662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", + "0x01" }, { "brainpoolP160r1", 160, 0, @@ -218,7 +226,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x1e589a8595423412134faa2dbdec95c8d8675e58", "0xe95e4a5f737059dc60df5991d45029409e60fc09", "0xbed5af16ea3f6a4f62938c4631eb5af7bdbcdbc3", - "0x1667cb477a1a8ec338f94741669c976316da6321" + "0x1667cb477a1a8ec338f94741669c976316da6321", + "0x01" }, { "brainpoolP192r1", 192, 0, @@ -228,7 +237,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x469a28ef7c28cca3dc721d044f4496bcca7ef4146fbf25c9", "0xc302f41d932a36cda7a3462f9e9e916b5be8f1029ac4acc1", "0xc0a0647eaab6a48753b033c56cb0f0900a2f5c4853375fd6", - "0x14b690866abd5bb88b5f4828c1490002e6773fa2fa299b8f" + "0x14b690866abd5bb88b5f4828c1490002e6773fa2fa299b8f", + "0x01" }, { "brainpoolP224r1", 224, 0, @@ -238,7 +248,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x2580f63ccfe44138870713b1a92369e33e2135d266dbb372386c400b", "0xd7c134aa264366862a18302575d0fb98d116bc4b6ddebca3a5a7939f", "0x0d9029ad2c7e5cf4340823b2a87dc68c9e4ce3174c1e6efdee12c07d", - "0x58aa56f772c0726f24c6b89e4ecdac24354b9e99caa3f6d3761402cd" + "0x58aa56f772c0726f24c6b89e4ecdac24354b9e99caa3f6d3761402cd", + "0x01" }, { "brainpoolP256r1", 256, 0, @@ -248,7 +259,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6", "0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7", "0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262", - "0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997" + "0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997", + "0x01" }, { "brainpoolP320r1", 320, 0, @@ -264,7 +276,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x43bd7e9afb53d8b85289bcc48ee5bfe6f20137d10a087eb6e7871e2a10a599c7" "10af8d0d39e20611", "0x14fdd05545ec1cc8ab4093247f77275e0743ffed117182eaa9c77877aaac6ac7" - "d35245d1692e8ee1" + "d35245d1692e8ee1", + "0x01" }, { "brainpoolP384r1", 384, 0, @@ -280,7 +293,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8" "e826e03436d646aaef87b2e247d4af1e", "0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff9912928" - "0e4646217791811142820341263c5315" + "0e4646217791811142820341263c5315", + "0x01" }, { "brainpoolP512r1", 512, 0, @@ -296,7 +310,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098e" "ff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822", "0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111" - "b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892" + "b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892", + "0x01" }, { "GOST2001-test", 256, 0, @@ -308,6 +323,7 @@ static const ecc_domain_parms_t domain_parms[] = "0x0000000000000000000000000000000000000000000000000000000000000002", "0x08e2a8a0e65147d4bd6316030e16d19c85c97f0a9ca267122b96abbcea7e8fc8", + "0x01" }, { "GOST2001-CryptoPro-A", 256, 0, @@ -317,7 +333,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x00000000000000000000000000000000000000000000000000000000000000a6", "0xffffffffffffffffffffffffffffffff6c611070995ad10045841b09b761b893", "0x0000000000000000000000000000000000000000000000000000000000000001", - "0x8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b122acc99c9e9f1e14" + "0x8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b122acc99c9e9f1e14", + "0x01" }, { "GOST2001-CryptoPro-B", 256, 0, @@ -327,7 +344,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x3e1af419a269a5f866a7d3c25c3df80ae979259373ff2b182f49d4ce7e1bbc8b", "0x800000000000000000000000000000015f700cfff1a624e5e497161bcc8a198f", "0x0000000000000000000000000000000000000000000000000000000000000001", - "0x3fa8124359f96680b83d1c3eb2c070e5c545c9858d03ecfb744bf8d717717efc" + "0x3fa8124359f96680b83d1c3eb2c070e5c545c9858d03ecfb744bf8d717717efc", + "0x01" }, { "GOST2001-CryptoPro-C", 256, 0, @@ -337,7 +355,8 @@ static const ecc_domain_parms_t domain_parms[] = "0x000000000000000000000000000000000000000000000000000000000000805a", "0x9b9f605f5a858107ab1ec85e6b41c8aa582ca3511eddfb74f02f3a6598980bb9", "0x0000000000000000000000000000000000000000000000000000000000000000", - "0x41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8f366e550dfdb3bb67" + "0x41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8f366e550dfdb3bb67", + "0x01" }, { "GOST2012-test", 511, 0, @@ -354,6 +373,7 @@ static const ecc_domain_parms_t domain_parms[] = "fd60611262cd838dc6b60aa7eee804e28bc849977fac33b4b530f1b120248a9a", "0x2bb312a43bd2ce6e0d020613c857acddcfbf061e91e5f2c3f32447c259f39b2" "c83ab156d77f1496bf7eb3351e1ee4e43dc1a18b91b24640b6dbb92cb1add371e", + "0x01" }, { "GOST2012-tc26-A", 512, 0, @@ -370,6 +390,7 @@ static const ecc_domain_parms_t domain_parms[] = "0000000000000000000000000000000000000000000000000000000000000003", "0x7503cfe87a836ae3a61b8816e25450e6ce5e1c93acf1abc1778064fdcbefa921" "df1626be4fd036e93d75e6a50e3a41e98028fe5fc235f5b889a589cb5215f2a4", + "0x01" }, { "GOST2012-tc26-B", 512, 0, @@ -386,6 +407,7 @@ static const ecc_domain_parms_t domain_parms[] = "0000000000000000000000000000000000000000000000000000000000000002", "0x1a8f7eda389b094c2c071e3647a8940f3c123b697578c213be6dd9e6c8ec7335" "dcb228fd1edf4a39152cbcaaf8c0398828041055f94ceeec7e21340780fe41bd", + "0x01" }, { @@ -396,10 +418,11 @@ static const ecc_domain_parms_t domain_parms[] = "0x0000000000000000000000000000000000000000000000000000000000000007", "0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", "0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", - "0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8" + "0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", + "0x01" }, - { NULL, 0, 0, 0, 0, NULL, NULL, NULL, NULL } + { NULL, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL } }; @@ -530,6 +553,8 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, curve->b = scanval (domain_parms[idx].b); if (!curve->n) curve->n = scanval (domain_parms[idx].n); + if (!curve->h) + curve->h = scanval (domain_parms[idx].h); if (!curve->G.x) curve->G.x = scanval (domain_parms[idx].g_x); if (!curve->G.y) @@ -545,7 +570,7 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name, /* Give the name of the curve NAME, store the curve parameters into P, - A, B, G, and N if they point to NULL value. Note that G is returned + A, B, G, N, and H if they point to NULL value. Note that G is returned in standard uncompressed format. Also update MODEL and DIALECT if they are not NULL. */ gpg_err_code_t @@ -553,7 +578,7 @@ _gcry_ecc_update_curve_param (const char *name, enum gcry_mpi_ec_models *model, enum ecc_dialects *dialect, gcry_mpi_t *p, gcry_mpi_t *a, gcry_mpi_t *b, - gcry_mpi_t *g, gcry_mpi_t *n) + gcry_mpi_t *g, gcry_mpi_t *n, gcry_mpi_t *h) { int idx; @@ -603,6 +628,11 @@ _gcry_ecc_update_curve_param (const char *name, _gcry_mpi_release (*n); *n = scanval (domain_parms[idx].n); } + if (h) + { + _gcry_mpi_release (*h); + *h = scanval (domain_parms[idx].h); + } return 0; } @@ -640,8 +670,8 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) /* * Extract the curve parameters.. */ - rc = gpg_err_code (sexp_extract_param (keyparms, NULL, "-pabgn", - &E.p, &E.a, &E.b, &mpi_g, &E.n, + rc = gpg_err_code (sexp_extract_param (keyparms, NULL, "-pabgnh", + &E.p, &E.a, &E.b, &mpi_g, &E.n, &E.h, NULL)); if (rc == GPG_ERR_NO_OBJ) { @@ -699,17 +729,22 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) if (!mpi_cmp (tmp, E.n)) { mpi_free (tmp); - tmp = scanval (domain_parms[idx].g_x); - if (!mpi_cmp (tmp, E.G.x)) + tmp = scanval (domain_parms[idx].h); + if (!mpi_cmp (tmp, E.h)) { mpi_free (tmp); - tmp = scanval (domain_parms[idx].g_y); - if (!mpi_cmp (tmp, E.G.y)) + tmp = scanval (domain_parms[idx].g_x); + if (!mpi_cmp (tmp, E.G.x)) { - result = domain_parms[idx].desc; - if (r_nbits) - *r_nbits = domain_parms[idx].nbits; - goto leave; + mpi_free (tmp); + tmp = scanval (domain_parms[idx].g_y); + if (!mpi_cmp (tmp, E.G.y)) + { + result = domain_parms[idx].desc; + if (r_nbits) + *r_nbits = domain_parms[idx].nbits; + goto leave; + } } } } @@ -726,6 +761,7 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) _gcry_mpi_release (mpi_g); _gcry_mpi_point_free_parts (&E.G); _gcry_mpi_release (E.n); + _gcry_mpi_release (E.h); return result; } @@ -857,6 +893,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, gcry_mpi_t b = NULL; gcry_mpi_point_t G = NULL; gcry_mpi_t n = NULL; + gcry_mpi_t h = NULL; gcry_mpi_point_t Q = NULL; gcry_mpi_t d = NULL; int flags = 0; @@ -899,6 +936,9 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, errc = mpi_from_keyparam (&n, keyparam, "n"); if (errc) goto leave; + errc = mpi_from_keyparam (&h, keyparam, "h"); + if (errc) + goto leave; } } else @@ -972,6 +1012,11 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, n = E->n; E->n = NULL; } + if (!h) + { + h = E->h; + E->h = NULL; + } _gcry_ecc_curve_free (E); xfree (E); } @@ -998,6 +1043,11 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, ec->n = n; n = NULL; } + if (h) + { + ec->h = h; + h = NULL; + } /* Now that we know the curve name we can look for the public key Q. point_from_keyparam needs to know the curve parameters so @@ -1036,6 +1086,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, mpi_free (b); _gcry_mpi_point_release (G); mpi_free (n); + mpi_free (h); _gcry_mpi_point_release (Q); mpi_free (d); return errc; @@ -1050,7 +1101,7 @@ _gcry_ecc_get_param_sexp (const char *name) elliptic_curve_t E; mpi_ec_t ctx; gcry_mpi_t g_x, g_y; - gcry_mpi_t pkey[6]; + gcry_mpi_t pkey[7]; gcry_sexp_t result; int i; @@ -1074,14 +1125,15 @@ _gcry_ecc_get_param_sexp (const char *name) pkey[2] = E.b; pkey[3] = _gcry_ecc_ec2os (g_x, g_y, E.p); pkey[4] = E.n; - pkey[5] = NULL; + pkey[5] = E.h; + pkey[6] = NULL; mpi_free (g_x); mpi_free (g_y); if (sexp_build (&result, NULL, - "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)))", - pkey[0], pkey[1], pkey[2], pkey[3], pkey[4])) + "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(h%m)))", + pkey[0], pkey[1], pkey[2], pkey[3], pkey[4], pkey[5])) result = NULL; for (i=0; pkey[i]; i++) @@ -1108,6 +1160,8 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy) return mpi_is_const (ec->b) && !copy? ec->b : mpi_copy (ec->b); if (!strcmp (name, "n") && ec->n) return mpi_is_const (ec->n) && !copy? ec->n : mpi_copy (ec->n); + if (!strcmp (name, "h") && ec->h) + return mpi_is_const (ec->h) && !copy? ec->h : mpi_copy (ec->h); if (!strcmp (name, "d") && ec->d) return mpi_is_const (ec->d) && !copy? ec->d : mpi_copy (ec->d); @@ -1206,6 +1260,11 @@ _gcry_ecc_set_mpi (const char *name, gcry_mpi_t newvalue, mpi_ec_t ec) mpi_free (ec->n); ec->n = mpi_copy (newvalue); } + else if (!strcmp (name, "h")) + { + mpi_free (ec->h); + ec->h = mpi_copy (newvalue); + } else if (*name == 'q' && (!name[1] || name[1] == '@')) { if (newvalue) diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index 65024a3..a12ebab 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -525,6 +525,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, point_init (&sk->E.G); point_set (&sk->E.G, &E->G); sk->E.n = mpi_copy (E->n); + sk->E.h = mpi_copy (E->h); point_init (&sk->Q); point_set (&sk->Q, &Q); diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c index 3f284fe..88266b5 100644 --- a/cipher/ecc-misc.c +++ b/cipher/ecc-misc.c @@ -43,6 +43,7 @@ _gcry_ecc_curve_free (elliptic_curve_t *E) mpi_free (E->b); E->b = NULL; _gcry_mpi_point_free_parts (&E->G); mpi_free (E->n); E->n = NULL; + mpi_free (E->h); E->h = NULL; } @@ -63,6 +64,7 @@ _gcry_ecc_curve_copy (elliptic_curve_t E) _gcry_mpi_point_init (&R.G); point_set (&R.G, &E.G); R.n = mpi_copy (E.n); + R.h = mpi_copy (E.h); return R; } diff --git a/cipher/ecc.c b/cipher/ecc.c index a27d2c6..8bdbd56 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -142,6 +142,7 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, point_init (&sk->E.G); point_set (&sk->E.G, &E->G); sk->E.n = mpi_copy (E->n); + sk->E.h = mpi_copy (E->h); point_init (&sk->Q); /* We want the Q=(x,y) be a "compliant key" in terms of the @@ -456,6 +457,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) log_printmpi ("ecgen curve a", E.a); log_printmpi ("ecgen curve b", E.b); log_printmpi ("ecgen curve n", E.n); + log_printmpi ("ecgen curve h", E.h); log_printpnt ("ecgen curve G", &E.G, NULL); } @@ -524,14 +526,14 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) rc = sexp_build (r_skey, NULL, "(key-data" " (public-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(h%m)(q%m)))" " (private-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(h%m)(q%m)(d%m)))" " )", curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, sk.E.h, public, curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, sk.E.h, public, secret); else rc = sexp_build (r_skey, NULL, "(key-data" @@ -554,6 +556,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) log_printmpi ("ecgen result b", sk.E.b); log_printmpi ("ecgen result G", base); log_printmpi ("ecgen result n", sk.E.n); + log_printmpi ("ecgen result h", sk.E.h); log_printmpi ("ecgen result Q", public); log_printmpi ("ecgen result d", secret); if ((flags & PUBKEY_FLAG_EDDSA)) @@ -604,9 +607,9 @@ ecc_check_secret_key (gcry_sexp_t keyparms) /* Extract the parameters. */ if ((flags & PUBKEY_FLAG_PARAM)) - rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", + rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?h?/q?+d", &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, - &mpi_q, &sk.d, NULL); + &sk.E.h, &mpi_q, &sk.d, NULL); else rc = sexp_extract_param (keyparms, NULL, "/q?+d", &mpi_q, &sk.d, NULL); @@ -624,7 +627,7 @@ ecc_check_secret_key (gcry_sexp_t keyparms) rc = _gcry_ecc_update_curve_param (curvename, &sk.E.model, &sk.E.dialect, &sk.E.p, &sk.E.a, &sk.E.b, - &mpi_g, &sk.E.n); + &mpi_g, &sk.E.n, &sk.E.h); if (rc) return rc; } @@ -660,11 +663,12 @@ ecc_check_secret_key (gcry_sexp_t keyparms) log_printmpi ("ecc_testkey b", sk.E.b); log_printpnt ("ecc_testkey g", &sk.E.G, NULL); log_printmpi ("ecc_testkey n", sk.E.n); + log_printmpi ("ecc_testkey h", sk.E.h); log_printmpi ("ecc_testkey q", mpi_q); if (!fips_mode ()) log_printmpi ("ecc_testkey d", sk.d); } - if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.d) + if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.E.h || !sk.d) { rc = GPG_ERR_NO_OBJ; goto leave; @@ -701,6 +705,7 @@ ecc_check_secret_key (gcry_sexp_t keyparms) _gcry_mpi_release (mpi_g); point_free (&sk.E.G); _gcry_mpi_release (sk.E.n); + _gcry_mpi_release (sk.E.h); _gcry_mpi_release (mpi_q); point_free (&sk.Q); _gcry_mpi_release (sk.d); @@ -741,9 +746,9 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) * Extract the key. */ if ((ctx.flags & PUBKEY_FLAG_PARAM)) - rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", + rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?h?/q?+d", &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, - &mpi_q, &sk.d, NULL); + &sk.E.h, &mpi_q, &sk.d, NULL); else rc = sexp_extract_param (keyparms, NULL, "/q?+d", &mpi_q, &sk.d, NULL); @@ -793,11 +798,12 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) log_printmpi ("ecc_sign b", sk.E.b); log_printpnt ("ecc_sign g", &sk.E.G, NULL); log_printmpi ("ecc_sign n", sk.E.n); + log_printmpi ("ecc_sign h", sk.E.h); log_printmpi ("ecc_sign q", mpi_q); if (!fips_mode ()) log_printmpi ("ecc_sign d", sk.d); } - if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.d) + if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.E.h || !sk.d) { rc = GPG_ERR_NO_OBJ; goto leave; @@ -838,6 +844,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (mpi_g); point_free (&sk.E.G); _gcry_mpi_release (sk.E.n); + _gcry_mpi_release (sk.E.h); _gcry_mpi_release (mpi_q); point_free (&sk.Q); _gcry_mpi_release (sk.d); @@ -905,9 +912,9 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) * Extract the key. */ if ((ctx.flags & PUBKEY_FLAG_PARAM)) - rc = sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q", + rc = sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?h?/q", &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, - &mpi_q, NULL); + &pk.E.n, &mpi_q, NULL); else rc = sexp_extract_param (s_keyparms, NULL, "/q", &mpi_q, NULL); @@ -958,9 +965,10 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) log_printmpi ("ecc_verify b", pk.E.b); log_printpnt ("ecc_verify g", &pk.E.G, NULL); log_printmpi ("ecc_verify n", pk.E.n); + log_printmpi ("ecc_verify h", pk.E.h); log_printmpi ("ecc_verify q", mpi_q); } - if (!pk.E.p || !pk.E.a || !pk.E.b || !pk.E.G.x || !pk.E.n || !mpi_q) + if (!pk.E.p || !pk.E.a || !pk.E.b || !pk.E.G.x || !pk.E.n || !pk.E.h || !mpi_q) { rc = GPG_ERR_NO_OBJ; goto leave; @@ -1036,6 +1044,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) _gcry_mpi_release (mpi_g); point_free (&pk.E.G); _gcry_mpi_release (pk.E.n); + _gcry_mpi_release (pk.E.h); _gcry_mpi_release (mpi_q); point_free (&pk.Q); _gcry_mpi_release (data); @@ -1115,8 +1124,8 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* * Extract the key. */ - rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+q", - &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, + rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?h?+q", + &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, &pk.E.h, &mpi_q, NULL); if (rc) goto leave; @@ -1159,9 +1168,10 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) log_printmpi ("ecc_encrypt b", pk.E.b); log_printpnt ("ecc_encrypt g", &pk.E.G, NULL); log_printmpi ("ecc_encrypt n", pk.E.n); + log_printmpi ("ecc_encrypt h", pk.E.h); log_printmpi ("ecc_encrypt q", mpi_q); } - if (!pk.E.p || !pk.E.a || !pk.E.b || !pk.E.G.x || !pk.E.n || !mpi_q) + if (!pk.E.p || !pk.E.a || !pk.E.b || !pk.E.G.x || !pk.E.n || !pk.E.h || !mpi_q) { rc = GPG_ERR_NO_OBJ; goto leave; @@ -1219,6 +1229,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (mpi_g); point_free (&pk.E.G); _gcry_mpi_release (pk.E.n); + _gcry_mpi_release (pk.E.h); _gcry_mpi_release (mpi_q); point_free (&pk.Q); _gcry_mpi_release (data); @@ -1282,9 +1293,9 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* * Extract the key. */ - rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?+d", + rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?h?+d", &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, - &sk.d, NULL); + &sk.E.h, &sk.d, NULL); if (rc) goto leave; if (mpi_g) @@ -1325,10 +1336,11 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) log_printmpi ("ecc_decrypt b", sk.E.b); log_printpnt ("ecc_decrypt g", &sk.E.G, NULL); log_printmpi ("ecc_decrypt n", sk.E.n); + log_printmpi ("ecc_decrypt h", sk.E.h); if (!fips_mode ()) log_printmpi ("ecc_decrypt d", sk.d); } - if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.d) + if (!sk.E.p || !sk.E.a || !sk.E.b || !sk.E.G.x || !sk.E.n || !sk.E.h || !sk.d) { rc = GPG_ERR_NO_OBJ; goto leave; @@ -1385,6 +1397,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (mpi_g); point_free (&sk.E.G); _gcry_mpi_release (sk.E.n); + _gcry_mpi_release (sk.E.h); _gcry_mpi_release (sk.d); _gcry_mpi_release (data_e); xfree (curvename); @@ -1454,8 +1467,8 @@ ecc_get_nbits (gcry_sexp_t parms) static gpg_err_code_t compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) { -#define N_COMPONENTS 6 - static const char names[N_COMPONENTS+1] = "pabgnq"; +#define N_COMPONENTS 7 + static const char names[N_COMPONENTS] = "pabgnhq"; gpg_err_code_t rc; gcry_sexp_t l1; gcry_mpi_t values[N_COMPONENTS]; @@ -1483,24 +1496,24 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) if ((flags & PUBKEY_FLAG_PARAM)) { if ((flags & PUBKEY_FLAG_EDDSA)) - rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?/q", + rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?h?/q", &values[0], &values[1], &values[2], &values[3], &values[4], &values[5], - NULL); + &values[6], NULL); else - rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?q", + rc = sexp_extract_param (keyparms, NULL, "p?a?b?g?n?h?q", &values[0], &values[1], &values[2], &values[3], &values[4], &values[5], - NULL); + &values[6], NULL); } else { if ((flags & PUBKEY_FLAG_EDDSA)) rc = sexp_extract_param (keyparms, NULL, "/q", - &values[5], NULL); + &values[6], NULL); else rc = sexp_extract_param (keyparms, NULL, "q", - &values[5], NULL); + &values[6], NULL); } if (rc) goto leave; @@ -1517,7 +1530,7 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) rc = _gcry_ecc_update_curve_param (curvename, &model, &dialect, &values[0], &values[1], &values[2], - &values[3], &values[4]); + &values[3], &values[4], &values[5]); if (rc) goto leave; } @@ -1555,7 +1568,7 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) if ((flags & PUBKEY_FLAG_EDDSA)) { if (dialect == ECC_DIALECT_ED25519) - rc = _gcry_ecc_eddsa_ensure_compact (values[5], 256); + rc = _gcry_ecc_eddsa_ensure_compact (values[6], 256); else rc = GPG_ERR_NOT_IMPLEMENTED; if (rc) @@ -1567,6 +1580,9 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) { char buf[30]; + if (idx == 5) + continue; /* Skip cofactor. */ + if (mpi_is_opaque (values[idx])) { const unsigned char *raw; @@ -1624,7 +1640,7 @@ _gcry_pk_ecc_get_sexp (gcry_sexp_t *r_sexp, int mode, mpi_ec_t ec) gcry_mpi_t mpi_G = NULL; gcry_mpi_t mpi_Q = NULL; - if (!ec->p || !ec->a || !ec->b || !ec->G || !ec->n) + if (!ec->p || !ec->a || !ec->b || !ec->G || !ec->n || !ec->h) return GPG_ERR_BAD_CRYPT_CTX; if (mode == GCRY_PK_GET_SECKEY && !ec->d) @@ -1676,15 +1692,15 @@ _gcry_pk_ecc_get_sexp (gcry_sexp_t *r_sexp, int mode, mpi_ec_t ec) { /* Let's return a private key. */ rc = sexp_build (r_sexp, NULL, - "(private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))", - ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q, ec->d); + "(private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(h%m)(q%m)(d%m)))", + ec->p, ec->a, ec->b, mpi_G, ec->n, ec->h, mpi_Q, ec->d); } else if (ec->Q) { /* Let's return a public key. */ rc = sexp_build (r_sexp, NULL, - "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))", - ec->p, ec->a, ec->b, mpi_G, ec->n, mpi_Q); + "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(h%m)(q%m)))", + ec->p, ec->a, ec->b, mpi_G, ec->n, ec->h, mpi_Q); } else rc = GPG_ERR_BAD_CRYPT_CTX; @@ -1744,7 +1760,7 @@ gcry_pk_spec_t _gcry_pubkey_spec_ecc = GCRY_PK_ECC, { 0, 0 }, (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR), "ECC", ecc_names, - "pabgnq", "pabgnqd", "sw", "rs", "pabgnq", + "pabgnhq", "pabgnhqd", "sw", "rs", "pabgnhq", ecc_generate, ecc_check_secret_key, ecc_encrypt_raw, diff --git a/mpi/ec.c b/mpi/ec.c index 4f35de0..737f12c 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -429,6 +429,7 @@ ec_deinit (void *opaque) mpi_free (ctx->b); _gcry_mpi_point_release (ctx->G); mpi_free (ctx->n); + mpi_free (ctx->h); /* The key. */ _gcry_mpi_point_release (ctx->Q); diff --git a/src/ec-context.h b/src/ec-context.h index 60ca759..c8f2ad0 100644 --- a/src/ec-context.h +++ b/src/ec-context.h @@ -38,6 +38,7 @@ struct mpi_ec_ctx_s gcry_mpi_t b; /* Second coefficient of the Weierstrass equation. */ gcry_mpi_point_t G; /* Base point (generator). */ gcry_mpi_t n; /* Order of G. */ + gcry_mpi_t h; /* Cofactor. */ /* The actual key. May not be set. */ gcry_mpi_point_t Q; /* Public key. */ diff --git a/tests/curves.c b/tests/curves.c index 0581452..178a192 100644 --- a/tests/curves.c +++ b/tests/curves.c @@ -41,6 +41,7 @@ static char const sample_key_1[] = " (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296" "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)\n" " (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)\n" +" (h #000000000000000000000000000000000000000000000000000000000000000001#)\n" " (q #0442B927242237639A36CE9221B340DB1A9AB76DF2FE3E171277F6A4023DED146EE" "86525E38CCECFF3FB8D152CC6334F70D23A525175C1BCBDDE6E023B2228770E#)\n" " ))"; @@ -57,6 +58,7 @@ static char const sample_key_2[] = " (g #04bed5af16ea3f6a4f62938c4631eb5af7bdbcdbc3" "1667cb477a1a8ec338f94741669c976316da6321#)\n" " (n #00e95e4a5f737059dc60df5991d45029409e60fc09#)\n" +" (h #000000000000000000000000000000000000000000000000000000000000000001#)\n" " (q #041111111111111111111111111111111111111111" "2222222222222222222222222222222222222222#)\n" " ))"; diff --git a/tests/keygrip.c b/tests/keygrip.c index 72960ea..3ef1de1 100644 --- a/tests/keygrip.c +++ b/tests/keygrip.c @@ -110,6 +110,7 @@ static struct " (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)" " (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)" " (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)" + " (h #000000000000000000000000000000000000000000000000000000000000000001#)" " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" }, @@ -122,6 +123,7 @@ static struct " (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)" " (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)" " (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)" + " (h #000000000000000000000000000000000000000000000000000000000000000001#)" " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" }, @@ -134,6 +136,7 @@ static struct " (b #5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B#)" " (g #046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5#)" " (n #00FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551#)" + " (h #000000000000000000000000000000000000000000000000000000000000000001#)" " (q #04C8A4CEC2E9A9BC8E173531A67B0840DF345C32E261ADD780E6D83D56EFADFD5DE872F8B854819B59543CE0B7F822330464FBC4E6324DADDCD9D059554F63B344#)))", "\xE6\xDF\x94\x2D\xBD\x8C\x77\x05\xA3\xDD\x41\x6E\xFC\x04\x01\xDB\x31\x0E\x99\xB6" }, diff --git a/tests/t-mpi-point.c b/tests/t-mpi-point.c index 88bb5bd..d72cd27 100644 --- a/tests/t-mpi-point.c +++ b/tests/t-mpi-point.c @@ -57,6 +57,7 @@ static struct const char *a, *b; /* The coefficients. */ const char *n; /* The order of the base point. */ const char *g_x, *g_y; /* Base point. */ + const char *h; /* Cofactor. */ } test_curve[] = { { @@ -67,7 +68,8 @@ static struct "0xffffffffffffffffffffffff99def836146bc9b1b4d22831", "0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", - "0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811" + "0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811", + "0x01" }, { "NIST P-224", @@ -77,7 +79,8 @@ static struct "0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d" , "0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", - "0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" + "0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34", + "0x01" }, { "NIST P-256", @@ -87,7 +90,8 @@ static struct "0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", "0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", - "0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" + "0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", + "0x01" }, { "NIST P-384", @@ -103,7 +107,8 @@ static struct "0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a38" "5502f25dbf55296c3a545e3872760ab7", "0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0" - "0a60b1ce1d7e819d7a431d7c90ea0e5f" + "0a60b1ce1d7e819d7a431d7c90ea0e5f", + "0x01" }, { "NIST P-521", @@ -119,7 +124,8 @@ static struct "0xc6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3d" "baa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", "0x11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e6" - "62c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650" + "62c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", + "0x01" }, { "Ed25519", @@ -128,9 +134,10 @@ static struct "-0x2DFC9311D490018C7338BF8688861767FF8FF5B2BEBE27548A14B235ECA6874A", "0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED", "0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A", - "0x6666666666666666666666666666666666666666666666666666666666666658" + "0x6666666666666666666666666666666666666666666666666666666666666658", + "0x08" }, - { NULL, NULL, NULL, NULL, NULL } + { NULL, NULL, NULL, NULL, NULL, NULL } }; /* A sample public key for NIST P-256. */ @@ -556,6 +563,8 @@ context_param (void) if (get_and_cmp_point ("g", test_curve[idx].g_x, test_curve[idx].g_y, test_curve[idx].desc, ctx)) continue; + if (get_and_cmp_mpi ("h", test_curve[idx].h, test_curve[idx].desc, ctx)) + continue; } ----------------------------------------------------------------------- Summary of changes: cipher/ecc-common.h | 3 +- cipher/ecc-curves.c | 129 +++++++++++++++++++++++++++++++++++++-------------- cipher/ecc-eddsa.c | 1 + cipher/ecc-misc.c | 2 + cipher/ecc.c | 88 +++++++++++++++++++++-------------- mpi/ec.c | 1 + src/ec-context.h | 1 + tests/curves.c | 2 + tests/keygrip.c | 3 ++ tests/t-mpi-point.c | 23 ++++++--- 10 files changed, 174 insertions(+), 79 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Aug 8 03:00:55 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 08 Aug 2014 03:00:55 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta751-17-g2d9f76e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 2d9f76e07082fc231303ac2c6ae1aea3c98fa2e4 (commit) from 2e936915cf2f830e60d974d607b08822645f5753 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2d9f76e07082fc231303ac2c6ae1aea3c98fa2e4 Author: NIIBE Yutaka Date: Fri Aug 8 10:00:46 2014 +0900 po: Update Japanese translation. diff --git a/po/ja.po b/po/ja.po index 00949d9..3551b3e 100644 --- a/po/ja.po +++ b/po/ja.po @@ -9,9 +9,9 @@ msgid "" msgstr "" "Project-Id-Version: gnupg 2.1\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2013-02-12 13:30+0900\n" +"PO-Revision-Date: 2014-08-07 10:06+0900\n" "Last-Translator: NIIBE Yutaka \n" -"Language-Team: Japanese \n" +"Language-Team: none\n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -336,19 +336,17 @@ msgstr "|N|N???????PIN??????" msgid "do not use the PIN cache when signing" msgstr "??????PIN????????" -#, fuzzy -#| msgid "allow clients to mark keys as \"trusted\"" msgid "disallow clients to mark keys as \"trusted\"" -msgstr "?????????\"trusted\"?????????????" +msgstr "?????????\"trusted\"??????????????" msgid "allow presetting passphrase" msgstr "???????????????" msgid "enable ssh support" -msgstr "" +msgstr "ssh??????????" msgid "enable putty support" -msgstr "" +msgstr "putty??????????" msgid "|FILE|write environment settings also to FILE" msgstr "|FILE|FILE?????????????" @@ -359,21 +357,15 @@ msgstr "|FILE|FILE?????????????" msgid "Please report bugs to <@EMAIL@>.\n" msgstr "??? <@EMAIL@> ??????????\n" -#, fuzzy -#| msgid "Usage: dirmngr [options] (-h for help)" msgid "Usage: @GPG_AGENT@ [options] (-h for help)" -msgstr "???: dirmngr [?????] (???? -h)" +msgstr "???: @GPG_AGENT@ [?????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: gpg-agent [options] [command [args]]\n" -#| "Secret key management for GnuPG\n" msgid "" "Syntax: @GPG_AGENT@ [options] [command [args]]\n" "Secret key management for @GNUPG@\n" msgstr "" -"??: gpg-agent [?????] [???? [??]]\n" -"GnuPG???????\n" +"??: @GPG_AGENT@ [?????] [???? [??]]\n" +"@GnuPG@???????\n" #, c-format msgid "invalid debug-level '%s' given\n" @@ -479,10 +471,8 @@ msgstr "%s %s ??????\n" msgid "no gpg-agent running in this session\n" msgstr "????????gpg-agent??????????\n" -#, fuzzy, c-format -#| msgid "malformed DIRMNGR_INFO environment variable\n" msgid "malformed %s environment variable\n" -msgstr "DIRMNGR_INFO?????????????\n" +msgstr "????%s?????????\n" #, c-format msgid "gpg-agent protocol version %d is not supported\n" @@ -619,7 +609,7 @@ msgid "" "Please verify that the certificate identified as:%%0A \"%s\"%%0Ahas the " "fingerprint:%%0A %s" msgstr "" -"????????????:%%0A \"%s\"%%0A?????????????????:" +"????????????:%%0A \"%s\"%%0A????????????????:" "%%0A %s" #. TRANSLATORS: "Correct" is the label of a button and intended @@ -649,15 +639,15 @@ msgstr "???????????" msgid "I'll change it later" msgstr "??????" -#, fuzzy -#| msgid "enable key" msgid "Delete key" -msgstr "???????" +msgstr "??????" msgid "" "Warning: This key is also listed for use with SSH!\n" "Deleting the key might remove your ability to access remote machines." msgstr "" +"??: ????SSH??????????????!\n" +"????????????????????????????????????" msgid "DSA requires the hash length to be a multiple of 8 bits\n" msgstr "DSA?8???????????????????\n" @@ -1248,10 +1238,10 @@ msgid "Error: invalid response.\n" msgstr "???: ??????\n" msgid "CA fingerprint: " -msgstr "CA???????????: " +msgstr "CA??????????: " msgid "Error: invalid formatted fingerprint.\n" -msgstr "???: ?????????????????\n" +msgstr "???: ????????????????\n" #, c-format msgid "key operation not possible: %s\n" @@ -1338,15 +1328,11 @@ msgstr " (3) ???\n" msgid "Invalid selection.\n" msgstr "????????\n" -#, fuzzy -#| msgid "Please select the reason for the revocation:\n" msgid "Please select where to store the key:\n" -msgstr "??????????????:\n" +msgstr "?????????????????:\n" -#, fuzzy, c-format -#| msgid "read failed: %s\n" msgid "KEYTOCARD failed: %s\n" -msgstr "read ???????: %s\n" +msgstr "KEYTOCARD???????: %s\n" msgid "quit this menu" msgstr "?????????" @@ -1379,7 +1365,7 @@ msgid "change card holder's sex" msgstr "????????????" msgid "change a CA fingerprint" -msgstr "CA?????????????" +msgstr "CA????????????" msgid "toggle the signature force PIN flag" msgstr "????PIN??????" @@ -1427,7 +1413,7 @@ msgid "error reading keyblock: %s\n" msgstr "?????????????: %s\n" msgid "(unless you specify the key by fingerprint)\n" -msgstr "(????????????????????)\n" +msgstr "(???????????????????)\n" msgid "can't do this in batch mode without \"--yes\"\n" msgstr "\"--yes\"?????????????????\n" @@ -1438,18 +1424,14 @@ msgstr "????????????????? (y/N) " msgid "This is a secret key! - really delete? (y/N) " msgstr "????????! ?????????? (y/N) " -#, fuzzy, c-format -#| msgid "deleting certificate \"%s\" failed: %s\n" msgid "deleting secret %s failed: %s\n" -msgstr "???'%s'??????????: %s\n" +msgstr "??%s??????????: %s\n" msgid "key" -msgstr "" +msgstr "?" -#, fuzzy -#| msgid "Pubkey: " msgid "subkey" -msgstr "???: " +msgstr "???: " #, c-format msgid "deleting keyblock failed: %s\n" @@ -1625,7 +1607,7 @@ msgid "error retrieving '%s' via %s: %s\n" msgstr "'%s'? %s ???????????: %s\n" msgid "No fingerprint" -msgstr "????????????????" +msgstr "???????????????" #, c-format msgid "Invalid key %s made valid by --allow-non-selfsigned-uid\n" @@ -1670,7 +1652,7 @@ msgid "list and check key signatures" msgstr "?????????" msgid "list keys and fingerprints" -msgstr "???????????????" +msgstr "??????????????" msgid "list secret keys" msgstr "??????" @@ -1687,21 +1669,17 @@ msgstr "????????????" msgid "remove keys from the secret keyring" msgstr "????????????" -#, fuzzy -#| msgid "sign a key" msgid "quickly sign a key" -msgstr "????" +msgstr "????????" -#, fuzzy -#| msgid "sign a key locally" msgid "quickly sign a key locally" -msgstr "????????" +msgstr "?????????????" msgid "sign a key" msgstr "????" msgid "sign a key locally" -msgstr "????????" +msgstr "?????????" msgid "sign or edit a key" msgstr "????????" @@ -1796,25 +1774,18 @@ msgstr "" " --clearsign [????] ?????????????\n" " --detach-sign [????] ???????\n" " --list-keys [??] ????\n" -" --fingerprint [??] ?????????????\n" +" --fingerprint [??] ????????????\n" -#, fuzzy -#| msgid "Usage: gpg [options] [files] (-h for help)" msgid "Usage: @GPG@ [options] [files] (-h for help)" -msgstr "???: gpg [?????] [????] (???? -h)" +msgstr "???: @GPG@ [?????] [????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: gpg [options] [files]\n" -#| "Sign, check, encrypt or decrypt\n" -#| "Default operation depends on the input data\n" msgid "" "Syntax: @GPG@ [options] [files]\n" "Sign, check, encrypt or decrypt\n" "Default operation depends on the input data\n" msgstr "" -"??: gpg [?????] [????]\n" -"????????????\n" +"??: @GPG@ [?????] [????]\n" +"??????????????\n" "??????????????????\n" msgid "" @@ -1836,10 +1807,8 @@ msgstr "????: " msgid "Compression: " msgstr "??: " -#, fuzzy, c-format -#| msgid "usage: gpgsm [options] " msgid "usage: %s [options] %s\n" -msgstr "???: gpgsm [?????] " +msgstr "???: %s [?????] %s\n" msgid "conflicting commands\n" msgstr "????????\n" @@ -2682,7 +2651,7 @@ msgid "" "etc.)\n" msgstr "" "????????????????????????????????????\n" -"(??????????????????????????????????????" +"(?????????????????????????????????????" "???)\n" #, c-format @@ -2877,7 +2846,7 @@ msgid "save and quit" msgstr "??????" msgid "show key fingerprint" -msgstr "???????????????" +msgstr "??????????????" msgid "list key and user IDs" msgstr "?????ID???" @@ -3104,25 +3073,17 @@ msgstr "?????????: %s\n" msgid "Key not changed so no update needed.\n" msgstr "????????????????\n" -#, fuzzy, c-format -#| msgid "invalid fingerprint" msgid "\"%s\" is not a fingerprint\n" -msgstr "?????????????" +msgstr "\"%s\"?????????????????\n" -#, fuzzy, c-format -#| msgid "failed to get the fingerprint\n" msgid "\"%s\" is not the primary fingerprint\n" -msgstr "????????????????????\n" +msgstr "\"%s\" ???????????????????????\n" -#, fuzzy -#| msgid "No such user ID.\n" msgid "No matching user IDs." -msgstr "?????ID???????\n" +msgstr "????????ID???????\n" -#, fuzzy -#| msgid "Nothing to sign with key %s\n" msgid "Nothing to sign.\n" -msgstr "?%s??????????????\n" +msgstr "?????????????\n" msgid "Digest: " msgstr "??????: " @@ -3372,7 +3333,7 @@ msgid "Are you sure you still want to revoke it? (y/N) " msgstr "???????????????? (y/N) " msgid "Create a revocation certificate for this signature? (y/N) " -msgstr "?????????????????????? (y/N) " +msgstr "????????????????????? (y/N) " msgid "Not signed by you.\n" msgstr "?????????????????\n" @@ -3540,29 +3501,21 @@ msgstr " (%d) DSA (???????????)\n" msgid " (%d) RSA (set your own capabilities)\n" msgstr " (%d) RSA (???????????)\n" -#, fuzzy, c-format -#| msgid " (%d) RSA\n" msgid " (%d) ECC\n" -msgstr " (%d) RSA\n" +msgstr " (%d) ECC\n" -#, fuzzy, c-format -#| msgid " (%d) ECDSA (sign only)\n" msgid " (%d) ECC (sign only)\n" -msgstr " (%d) ECDSA (????)\n" +msgstr " (%d) ECC (????)\n" -#, fuzzy, c-format -#| msgid " (%d) ECDSA (set your own capabilities)\n" msgid " (%d) ECC (set your own capabilities)\n" -msgstr " (%d) ECDSA (???????????)\n" +msgstr " (%d) ECC (???????????)\n" -#, fuzzy, c-format -#| msgid " (%d) ECDH (encrypt only)\n" msgid " (%d) ECC (encrypt only)\n" -msgstr " (%d) ECDH (?????)\n" +msgstr " (%d) ECC (?????)\n" #, c-format msgid " (%d) Existing key\n" -msgstr " (%d) ????\n" +msgstr " (%d) ????\n" msgid "Enter the keygrip: " msgstr "keygrip???: " @@ -3593,10 +3546,8 @@ msgstr "????????%u???\n" msgid "rounded to %u bits\n" msgstr "%u??????????\n" -#, fuzzy -#| msgid "Please select what kind of key you want:\n" msgid "Please select which elliptic curve you want:\n" -msgstr "?????????????????:\n" +msgstr "?????????????????:\n" msgid "" "Please specify how long the key should be valid.\n" @@ -3886,21 +3837,21 @@ msgid "Keyring" msgstr "????" msgid "Primary key fingerprint:" -msgstr "?????????????:" +msgstr "????????????:" msgid " Subkey fingerprint:" -msgstr "?????????????:" +msgstr "????????????:" #. TRANSLATORS: this should fit into 24 bytes to that the #. * fingerprint data is properly aligned with the user ID msgid " Primary key fingerprint:" -msgstr "????????????:" +msgstr "???????????:" msgid " Subkey fingerprint:" -msgstr "????????????:" +msgstr "???????????:" msgid " Key fingerprint =" -msgstr " ?????????? =" +msgstr " ????????? =" msgid " Card serial no. =" msgstr " ?????????? =" @@ -4146,10 +4097,8 @@ msgstr "??????? %s\n" msgid "Signature expires %s\n" msgstr "?????%s??????????\n" -#, fuzzy, c-format -#| msgid "%s signature, digest algorithm %s\n" msgid "%s signature, digest algorithm %s%s%s\n" -msgstr "%s???????????????? %s\n" +msgstr "%s???????????????? %s%s%s\n" msgid "binary" msgstr "????" @@ -4160,10 +4109,8 @@ msgstr "???????" msgid "unknown" msgstr "???" -#, fuzzy -#| msgid "algorithm: %s" msgid ", key algorithm " -msgstr "??????: %s" +msgstr "???????? " #, c-format msgid "Can't check signature: %s\n" @@ -4345,54 +4292,28 @@ msgstr "%u???%s?, ID %s?????%s" msgid " (subkey on main key ID %s)" msgstr " (??ID %s ???)" -#, fuzzy -#| msgid "" -#| "Please enter the passphrase to unlock the secret key for the OpenPGP " -#| "certificate:" msgid "Please enter the passphrase to unlock the OpenPGP secret key:" msgstr "" -"OpenPGP??????????????????????????????????:" +"OpenPGP???????????????????????????????:" -#, fuzzy -#| msgid "" -#| "Please enter the passphrase to import the secret key for the OpenPGP " -#| "certificate:" msgid "Please enter the passphrase to import the OpenPGP secret key:" msgstr "" -"OpenPGP?????????????????????????????????:" +"OpenPGP??????????????????????????????:" -#, fuzzy -#| msgid "" -#| "Please enter the passphrase to import the secret key for the OpenPGP " -#| "certificate:" msgid "Please enter the passphrase to export the OpenPGP secret subkey:" msgstr "" -"OpenPGP?????????????????????????????????:" +"OpenPGP?????????????????????????????????:" -#, fuzzy -#| msgid "" -#| "Please enter the passphrase to import the secret key for the OpenPGP " -#| "certificate:" msgid "Please enter the passphrase to export the OpenPGP secret key:" msgstr "" -"OpenPGP?????????????????????????????????:" +"OpenPGP???????????????????????????????:" -#, fuzzy -#| msgid "Do you really want to delete the selected keys? (y/N) " msgid "Do you really want to permanently delete the OpenPGP secret subkey key:" -msgstr "???????????????? (y/N) " +msgstr "????OpenPGP????????????????? (y/N) " -#, fuzzy -#| msgid "Do you really want to delete the selected keys? (y/N) " msgid "Do you really want to permanently delete the OpenPGP secret key:" -msgstr "???????????????? (y/N) " +msgstr "????OpenPGP????????????????? (y/N) " -#, fuzzy, c-format -#| msgid "" -#| "%s\n" -#| "\"%.*s\"\n" -#| "%u-bit %s key, ID %s,\n" -#| "created %s%s.\n" msgid "" "%s\n" "\"%.*s\"\n" @@ -4404,6 +4325,7 @@ msgstr "" "\"%.*s\"\n" "%u???%s?, ID %s,\n" "???? %s%s.\n" +"%s" msgid "" "\n" @@ -4724,7 +4646,7 @@ msgid "(This is a sensitive revocation key)\n" msgstr "(??????????????)\n" msgid "Create a designated revocation certificate for this key? (y/N) " -msgstr "??????????????????????? (y/N) " +msgstr "?????????????????????? (y/N) " msgid "ASCII armored output forced.\n" msgstr "ASCII???????????\n" @@ -4740,10 +4662,8 @@ msgstr "?????????\n" msgid "no revocation keys found for \"%s\"\n" msgstr "\"%s\"?????????????\n" -#, fuzzy -#| msgid "Create a revocation certificate for this key? (y/N) " msgid "This is a revocation certificate for the OpenPGP key:" -msgstr "????????????????????? (y/N) " +msgstr "?????????????OpenPGP?????????:" msgid "" "Use it to revoke this key in case of a compromise or loss of\n" @@ -4751,19 +4671,24 @@ msgid "" "it is better to generate a new revocation certificate and give\n" "a reason for the revocation." msgstr "" +"???????????????????????????????????\n" +"???????????????????????????????????\n" +"??????????????????" msgid "" "To avoid an accidental use of this file, a colon has been inserted\n" "before the 5 dashes below. Remove this colon with a text editor\n" "before making use of this revocation certificate." msgstr "" +"????????????????????????????5????????????????\n" +"??????????????????????????????????????" #, c-format msgid "secret key \"%s\" not found: %s\n" msgstr "???\"%s\"????????: %s\n" msgid "Create a revocation certificate for this key? (y/N) " -msgstr "????????????????????? (y/N) " +msgstr "???????????????????? (y/N) " msgid "" "Revocation certificate created.\n" @@ -4865,10 +4790,8 @@ msgstr "*??*: ???%s?%s??????????\n" msgid "NOTE: signature key %s has been revoked\n" msgstr "*??*: ? %s ???????\n" -#, fuzzy, c-format -#| msgid "%s signature, digest algorithm %s\n" msgid "Note: signatures using the %s algorithm are rejected\n" -msgstr "%s???????????????? %s\n" +msgstr "??: ?????? %s ??????????????\n" #, c-format msgid "assuming bad signature from key %s due to an unknown critical bit\n" @@ -4963,7 +4886,7 @@ msgid "colon missing" msgstr "?????????" msgid "invalid fingerprint" -msgstr "?????????????" +msgstr "????????????" msgid "ownertrust value missing" msgstr "????????????" @@ -5285,10 +5208,8 @@ msgstr "???RSA??(modulus)?????????\n" msgid "response does not contain the RSA public exponent\n" msgstr "???RSA?????????????\n" -#, fuzzy -#| msgid "response does not contain the RSA public exponent\n" msgid "response does not contain the EC public point\n" -msgstr "???RSA?????????????\n" +msgstr "????????????????????\n" #, c-format msgid "using default PIN as %s\n" @@ -5366,7 +5287,7 @@ msgid "error reading application data\n" msgstr "????????????????????\n" msgid "error reading fingerprint DO\n" -msgstr "?????????????????????????????\n" +msgstr "????????????????????????????\n" msgid "key already exists\n" msgstr "????????\n" @@ -5405,7 +5326,7 @@ msgid "invalid structure of OpenPGP card (DO 0x93)\n" msgstr "OpenPGP????????? (?????????? 0x93)\n" msgid "fingerprint on card does not match requested one\n" -msgstr "?????????????????????????????\n" +msgstr "????????????????????????????\n" #, c-format msgid "card does not support digest algorithm %s\n" @@ -5465,21 +5386,15 @@ msgstr "????????????????" msgid "use variable length input for pinpad" msgstr "??????????????" -#, fuzzy -#| msgid "Usage: dirmngr [options] (-h for help)" msgid "Usage: @SCDAEMON@ [options] (-h for help)" -msgstr "???: dirmngr [?????] (???? -h)" +msgstr "???: @SCDAEMON@ [?????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: scdaemon [options] [command [args]]\n" -#| "Smartcard daemon for GnuPG\n" msgid "" "Syntax: scdaemon [options] [command [args]]\n" "Smartcard daemon for @GNUPG@\n" msgstr "" "??: scdaemon [?????] [???? [??]]\n" -"GnuPG?Smartcard????\n" +"@GNUPG@?Smartcard????\n" msgid "please use the option '--daemon' to run the program in the background\n" msgstr "" @@ -5614,7 +5529,7 @@ msgstr " ( ??????" #, c-format msgid "fingerprint=%s\n" -msgstr "??????????=%s\n" +msgstr "?????????=%s\n" msgid "root certificate has now been marked as trusted\n" msgstr "??????????????????????\n" @@ -6029,22 +5944,15 @@ msgstr "|NAME|?????????NAME???" msgid "|NAME|use message digest algorithm NAME" msgstr "|NAME|??????????????NAME???" -#, fuzzy -#| msgid "Usage: gpg [options] [files] (-h for help)" msgid "Usage: @GPGSM@ [options] [files] (-h for help)" -msgstr "???: gpg [?????] [????] (???? -h)" +msgstr "???: @GPGSM@ [?????] [????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: gpgsm [options] [files]\n" -#| "Sign, check, encrypt or decrypt using the S/MIME protocol\n" -#| "Default operation depends on the input data\n" msgid "" "Syntax: @GPGSM@ [options] [files]\n" "Sign, check, encrypt or decrypt using the S/MIME protocol\n" "Default operation depends on the input data\n" msgstr "" -"??: gpgsm [?????] [????]\n" +"??: @GPGSM@ [?????] [????]\n" "S/MIME???????????????????????????\n" "?????????????????????\n" @@ -6108,7 +6016,7 @@ msgid "you may want to start the gpg-agent first\n" msgstr "?? gpg-agent ??????????\n" msgid "failed to get the fingerprint\n" -msgstr "????????????????????\n" +msgstr "???????????????????\n" #, c-format msgid "problem looking for existing certificate: %s\n" @@ -6138,7 +6046,7 @@ msgstr "GPG_TTY ?????????? - ?????????? #, c-format msgid "invalid formatted fingerprint in '%s', line %d\n" -msgstr "'%s'(? %d) ????????????????\n" +msgstr "'%s'(? %d) ???????????????\n" #, c-format msgid "invalid country code in '%s', line %d\n" @@ -6257,7 +6165,7 @@ msgstr "???'%s'????????\n" #, c-format msgid " SHA1 fingerprint = %s\n" -msgstr " SHA1?????????? = %s\n" +msgstr " SHA1????????? = %s\n" msgid " issuer =" msgstr " ??? =" @@ -6289,7 +6197,7 @@ msgstr "?????????????: %s\n" #, c-format msgid "invalid SHA1 fingerprint string '%s'\n" -msgstr "???SHA1?????????????'%s'\n" +msgstr "???SHA1????????????'%s'\n" #, c-format msgid "error fetching certificate by S/N: %s\n" @@ -6908,7 +6816,7 @@ msgid "|N|do not return more than N items in one query" msgstr "|N|???????N??????????????" msgid "|FILE|use the CA certificates in FILE for HKP over TLS" -msgstr "" +msgstr "|FILE|FILE???CA????TLS??HKP???" msgid "" "@\n" @@ -6918,30 +6826,22 @@ msgstr "" "@\n" "(?????????????????\"info\" ????????????)\n" -#, fuzzy -#| msgid "Usage: dirmngr [options] (-h for help)" msgid "Usage: @DIRMNGR@ [options] (-h for help)" -msgstr "???: dirmngr [?????] (???? -h)" +msgstr "???: @DIRMNGR@ [?????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: dirmngr [options] [command [args]]\n" -#| "LDAP and OCSP access for GnuPG\n" msgid "" "Syntax: @DIRMNGR@ [options] [command [args]]\n" "LDAP and OCSP access for @GNUPG@\n" msgstr "" -"??: dirmngr [?????] [???? [??]]\n" -"GnuPG?LDAP?OCSP????\n" +"??: @DIRMNGR@ [?????] [???? [??]]\n" +"@GnuPG@?LDAP?OCSP????\n" #, c-format msgid "valid debug levels are: %s\n" msgstr "???debug????: %s\n" -#, fuzzy, c-format -#| msgid "usage: gpgsm [options] " msgid "usage: %s [options] " -msgstr "???: gpgsm [?????] " +msgstr "???: %s [?????] " msgid "colons are not allowed in the socket name\n" msgstr "????????????????\n" @@ -6960,7 +6860,7 @@ msgstr "%s:%u: ??????? - ?????????\n" #, c-format msgid "%s:%u: invalid fingerprint detected\n" -msgstr "%s:%u: ?????????????????????\n" +msgstr "%s:%u: ????????????????????\n" #, c-format msgid "%s:%u: read error: %s\n" @@ -7413,10 +7313,8 @@ msgstr "16???????????????????" msgid "decode received data lines" msgstr "???????????????" -#, fuzzy -#| msgid "can't connect to the dirmngr: %s\n" msgid "connect to the dirmngr" -msgstr "dirmngr????????: %s\n" +msgstr "dirmngr???" msgid "|NAME|connect to Assuan socket NAME" msgstr "|NAME|Assuan??????NAME?????" @@ -7436,20 +7334,14 @@ msgstr "|FILE|????FILE???????????" msgid "run /subst on startup" msgstr "???? /subst ?????" -#, fuzzy -#| msgid "Usage: gpg-connect-agent [options] (-h for help)" msgid "Usage: @GPG at -connect-agent [options] (-h for help)" -msgstr "???: gpg-connect-agent [?????] (???? -h)" +msgstr "???: @GPG at -connect-agent [?????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: gpg-connect-agent [options]\n" -#| "Connect to a running agent and send commands\n" msgid "" "Syntax: @GPG at -connect-agent [options]\n" "Connect to a running agent and send commands\n" msgstr "" -"??: gpg-connect-agent [?????]\n" +"??: @GPG at -connect-agent [?????]\n" "????agent????????????\n" #, c-format @@ -7594,10 +7486,8 @@ msgstr "????????????" msgid "PIN and Passphrase Entry" msgstr "PIN??????????" -#, fuzzy -#| msgid "Component not found" msgid "Component not suitable for launching" -msgstr "???????????????" +msgstr "????????????????????????" #, c-format msgid "External verification of component %s failed" @@ -7624,10 +7514,8 @@ msgstr "|COMPONENT|????????????" msgid "apply global default values" msgstr "?????????????????" -#, fuzzy -#| msgid "get the configuration directories for gpgconf" msgid "get the configuration directories for @GPGCONF@" -msgstr "gpgconf??????????????????????????" +msgstr "@GPGCONF@??????????????????????????" msgid "list global configuration file" msgstr "???????????????????????????" @@ -7638,10 +7526,8 @@ msgstr "???????????????????????? msgid "reload all or a given component" msgstr "???????????????????????????" -#, fuzzy -#| msgid "kill a given component" msgid "launch a given component" -msgstr "?????????????kill??" +msgstr "?????????????????" msgid "kill a given component" msgstr "?????????????kill??" @@ -7652,21 +7538,15 @@ msgstr "???????????" msgid "activate changes at runtime, if possible" msgstr "??????????????????" -#, fuzzy -#| msgid "Usage: dirmngr [options] (-h for help)" msgid "Usage: @GPGCONF@ [options] (-h for help)" -msgstr "???: dirmngr [?????] (???? -h)" +msgstr "???: @GPGCONF@ [?????] (???? -h)" -#, fuzzy -#| msgid "" -#| "Syntax: gpgconf [options]\n" -#| "Manage configuration options for tools of the GnuPG system\n" msgid "" "Syntax: @GPGCONF@ [options]\n" "Manage configuration options for tools of the @GNUPG@ system\n" msgstr "" -"??: gpgconf [?????]\n" -"GnuPG????????????????????????????????\n" +"??: @GPGCONF@ [?????]\n" +"@GNUPG@????????????????????????????????\n" msgid "Need one component argument" msgstr "????????????????" @@ -7821,48 +7701,6 @@ msgstr "" "??: gpg-check-pattern [?????] ????????\n" "????????????????????????????\n" -#~ msgid "usage: gpg [options] " -#~ msgstr "???: gpg [?????] " - -#~ msgid "usage: gpgsm [options] " -#~ msgstr "???: gpgsm [?????] " - -#~ msgid "can't create `%s': %s\n" -#~ msgstr "'%s'????????: %s\n" - -#~ msgid "can't open `%s': %s\n" -#~ msgstr "'%s'??????: %s\n" - -#~ msgid "enable ssh-agent emulation" -#~ msgstr "ssh-agent??????????????" - -#~ msgid "Usage: gpg-agent [options] (-h for help)" -#~ msgstr "???: gpg-agent [?????] (???? -h)" - -#~ msgid "malformed GPG_AGENT_INFO environment variable\n" -#~ msgstr "GPG_AGENT_INFO???????????\n" - -#~ msgid "error creating socket: %s\n" -#~ msgstr "?????????: %s\n" - -#~ msgid "host not found" -#~ msgstr "???????????" - -#~ msgid "error loading '%s': %s\n" -#~ msgstr "'%s'???????: %s\n" - -#~ msgid "deleting secret key not implemented\n" -#~ msgstr "????????????????\n" - -#~ msgid "too many entries in pk cache - disabled\n" -#~ msgstr "pk????????????????? - ????\n" - -#~ msgid " (%d) ECDSA and ECDH\n" -#~ msgstr " (%d) ECDSA ? ECDH\n" - -#~ msgid "10 translator see trustdb.c:uid_trust_string_fixed" -#~ msgstr "10" - #~ msgid "[ revoked]" #~ msgstr "[ ?? ]" @@ -7898,18 +7736,3 @@ msgstr "" #~ msgid "ultimate" #~ msgstr "??" - -#~ msgid "Usage: scdaemon [options] (-h for help)" -#~ msgstr "???: scdaemon [?????] (???? -h)" - -#~ msgid "Usage: gpgsm [options] [files] (-h for help)" -#~ msgstr "???: gpgsm [?????] [????] (???? -h)" - -#~ msgid "usage: dirmngr [options] " -#~ msgstr "???: dirmngr [?????] " - -#~ msgid "Usage: gpgconf [options] (-h for help)" -#~ msgstr "???: gpgconf [?????] (???? -h)" - -#~ msgid "usage: gpgconf [options] " -#~ msgstr "???: gpgconf [?????] " ----------------------------------------------------------------------- Summary of changes: po/ja.po | 369 ++++++++++++++++---------------------------------------------- 1 file changed, 96 insertions(+), 273 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Aug 8 03:08:16 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 08 Aug 2014 03:08:16 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.25-7-gf7eb5be Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via f7eb5be511c48f57ba5d510377f894b78f790f23 (commit) from 088f82c0b5e39687f70e44d3ab719854e808eeb6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f7eb5be511c48f57ba5d510377f894b78f790f23 Author: NIIBE Yutaka Date: Fri Aug 8 10:08:01 2014 +0900 po: Update Japanese translation. diff --git a/po/ja.po b/po/ja.po index 24123fd..14af09c 100644 --- a/po/ja.po +++ b/po/ja.po @@ -7,9 +7,9 @@ # msgid "" msgstr "" -"Project-Id-Version: GNU gnupg 2.0.22\n" +"Project-Id-Version: GNU gnupg 2.0.25\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2013-10-23 14:40+0900\n" +"PO-Revision-Date: 2014-08-08 10:06+0900\n" "Last-Translator: NIIBE Yutaka \n" "Language-Team: Japanese \n" "Language: ja\n" @@ -2234,13 +2234,12 @@ msgstr "???????????????: gpg --edit-key %s updpref msgid "key %s: no user ID\n" msgstr "?%s: ???ID??????\n" -#, fuzzy, c-format -#| msgid "skipped \"%s\": %s\n" +#, c-format msgid "key %s: %s\n" -msgstr "\"%s\"?????????: %s\n" +msgstr "?%s: %s\n" msgid "rejected by import filter" -msgstr "" +msgstr "????????????????????" #, c-format msgid "key %s: PKS subkey corruption repaired\n" @@ -2337,10 +2336,9 @@ msgstr "?%s: \"%s\" %d?????ID?????????\n" msgid "key %s: \"%s\" not changed\n" msgstr "?%s:\"%s\"????\n" -#, fuzzy, c-format -#| msgid "secret key \"%s\" not found: %s\n" +#, c-format msgid "secret key %s: %s\n" -msgstr "???\"%s\"????????: %s\n" +msgstr "??? %s: %s\n" msgid "importing secret keys not allowed\n" msgstr "??????????????\n" @@ -4726,10 +4724,9 @@ msgstr "*??*: ???%s?%s??????????\n" msgid "NOTE: signature key %s has been revoked\n" msgstr "*??*: ? %s ???????\n" -#, fuzzy, c-format -#| msgid "%s signature, digest algorithm %s\n" +#, c-format msgid "Note: signatures using the %s algorithm are rejected\n" -msgstr "%s???????????????? %s\n" +msgstr "??: %s ????????????????????\n" #, c-format msgid "assuming bad signature from key %s due to an unknown critical bit\n" ----------------------------------------------------------------------- Summary of changes: po/ja.po | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Sat Aug 9 15:00:33 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sat, 09 Aug 2014 15:00:33 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-104-ge6d3548 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e6d354865bf8f3d4c1bb5e8157a76fdd442cff41 (commit) from 9933b9e5e1a3f5b1019c75f93bd265d4a1ecc270 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e6d354865bf8f3d4c1bb5e8157a76fdd442cff41 Author: Werner Koch Date: Sat Aug 9 14:36:59 2014 +0200 tests: Add a benchmark for Elgamal. * tests/benchmark.c (sample_public_elg_key_1024): New. (sample_private_elg_key_1024): New. (sample_public_elg_key_2048, sample_private_elg_key_2048): New. (sample_public_elg_key_3072, sample_private_elg_key_3072): New. (elg_bench): New. (main): Add elg_bench. Add commands "elg" and "public". diff --git a/tests/benchmark.c b/tests/benchmark.c index 042e721..2621551 100644 --- a/tests/benchmark.c +++ b/tests/benchmark.c @@ -250,6 +250,142 @@ static const char sample_public_dsa_key_3072[] = "))\n"; +static const char sample_public_elg_key_1024[] = +"(public-key" +" (elg" +" (p #00F7CC7C08AF096B620C545C9353B1140D698FF8BE2D97A3515C17C7F8DABCDB8FB6" + "64A46416C90C530C18DF5ABB6C1DDE3AE2FA9DDC9CE40DF644CDE2E759F6DE43F31A" + "EEEBC136A460B3E4B0A8F99326A335145B19F4C81B13804894B7D2A30F78A8A7D7F4" + "52B83836FDB0DE90BE327FB5E5318757BEF5FE0FC3A5461CBEA0D3#)" +" (g #06#)" +" (y #36B38FB63E3340A0DD8A0468E9FAA512A32DA010BF7110201D0A3DF1B8FEA0E16F3C" + "80374584E554804B96EAA8C270FE531F75D0DBD81BA65640EDB1F76D46C27D2925B7" + "3EC3B295CDAEEF242904A84D74FB2879425F82D4C5B59BB49A992F85D574168DED85" + "D227600BBEF7AF0B8F0DEB785528370E4C4B3E4D65C536122A5A#)" +" ))"; +static const char sample_private_elg_key_1024[] = +"(private-key" +" (elg" +" (p #00F7CC7C08AF096B620C545C9353B1140D698FF8BE2D97A3515C17C7F8DABCDB8FB6" + "64A46416C90C530C18DF5ABB6C1DDE3AE2FA9DDC9CE40DF644CDE2E759F6DE43F31A" + "EEEBC136A460B3E4B0A8F99326A335145B19F4C81B13804894B7D2A30F78A8A7D7F4" + "52B83836FDB0DE90BE327FB5E5318757BEF5FE0FC3A5461CBEA0D3#)" +" (g #06#)" +" (y #36B38FB63E3340A0DD8A0468E9FAA512A32DA010BF7110201D0A3DF1B8FEA0E16F3C" + "80374584E554804B96EAA8C270FE531F75D0DBD81BA65640EDB1F76D46C27D2925B7" + "3EC3B295CDAEEF242904A84D74FB2879425F82D4C5B59BB49A992F85D574168DED85" + "D227600BBEF7AF0B8F0DEB785528370E4C4B3E4D65C536122A5A#)" +" (x #03656C6186FCD27D4A4B1F5010DC0D2AE7833B501E423FCD51DE5EB6D80DACFE#)" +" ))"; + + +static const char sample_public_elg_key_2048[] = +"(public-key" +" (elg" +" (p #00BE5A2BB4E562D7B644E3D01321CB818DBA27295C339FC2C47EAE9823225EE1E7B6" + "38C5DE300E931080E09CC89A18C9D180C16559FEF0D89D6A09534BB86489CCCEE30D" + "C18E007A8726BB99F2B2D90D2694597757B120CD2435C0098AD1B74C20004C25BA97" + "73EAA4FBEC594EE17F8B25867EEB0F9F857C751116ADED68ADA2A1E9F9F4F40D18F0" + "EC1221CA6A746FC5F4CDA2B8B5D0AB83834564ACF6FDBB1AB01D4BFBD1E2C0108FF5" + "5FB3190C6D6DA4D95EA683EFA44935CFBC0BF5C6118ACC3768AEA9A98D06024841B8" + "D07C234289D22A5E3948F199C397AA991C59A55BEA0C01E91902E039116946FEA135" + "768011AF6B622C5AF366EF0196FC4EAEAA8127#)" +" (g #07#)" +" (y #5AFF87BC23D8B97AA62897A5C1CDFFA86C59F39EDBD6012B6F333CE23D872009B8C8" + "D1E220E18CFCADFE0AA16346BA2EA132472FFEC746D11C6E758896052313BB501210" + "2389C683A25A3464E9B35A192BAE0A3BB99C973126F7560D968C4A754901DC967354" + "D61A90ACD56D90DCC4337AFB71FAE3FD18C60EB0D6DD173877DF5DB5199C4931FE4E" + "5046F814422580E1162798406FC6554781142DBB7922D4B5B37A111F23761636090F" + "6212681E133365191CF15753AE737F17943ED4B7506DE0A85C3B6D63227F9D65ADF8" + "2C3DF0676C8F43B5B1C07D9AD4E6D0C812401D7DA7B9484DBA8CD3B73B19A95EB237" + "D493E092AEA2371AA904009C8960B0969D12#)" +" ))"; +static const char sample_private_elg_key_2048[] = +"(private-key" +" (elg" +" (p #00BE5A2BB4E562D7B644E3D01321CB818DBA27295C339FC2C47EAE9823225EE1E7B6" + "38C5DE300E931080E09CC89A18C9D180C16559FEF0D89D6A09534BB86489CCCEE30D" + "C18E007A8726BB99F2B2D90D2694597757B120CD2435C0098AD1B74C20004C25BA97" + "73EAA4FBEC594EE17F8B25867EEB0F9F857C751116ADED68ADA2A1E9F9F4F40D18F0" + "EC1221CA6A746FC5F4CDA2B8B5D0AB83834564ACF6FDBB1AB01D4BFBD1E2C0108FF5" + "5FB3190C6D6DA4D95EA683EFA44935CFBC0BF5C6118ACC3768AEA9A98D06024841B8" + "D07C234289D22A5E3948F199C397AA991C59A55BEA0C01E91902E039116946FEA135" + "768011AF6B622C5AF366EF0196FC4EAEAA8127#)" +" (g #07#)" +" (y #5AFF87BC23D8B97AA62897A5C1CDFFA86C59F39EDBD6012B6F333CE23D872009B8C8" + "D1E220E18CFCADFE0AA16346BA2EA132472FFEC746D11C6E758896052313BB501210" + "2389C683A25A3464E9B35A192BAE0A3BB99C973126F7560D968C4A754901DC967354" + "D61A90ACD56D90DCC4337AFB71FAE3FD18C60EB0D6DD173877DF5DB5199C4931FE4E" + "5046F814422580E1162798406FC6554781142DBB7922D4B5B37A111F23761636090F" + "6212681E133365191CF15753AE737F17943ED4B7506DE0A85C3B6D63227F9D65ADF8" + "2C3DF0676C8F43B5B1C07D9AD4E6D0C812401D7DA7B9484DBA8CD3B73B19A95EB237" + "D493E092AEA2371AA904009C8960B0969D12#)" +" (x #0628C3903972C55BDC1BC4223075616D3F3BA57D55532DDB40CB14CF72070E0D28BF" + "D0402B9088D25ED8FC#)" +" ))"; + +static const char sample_public_elg_key_3072[] = +"(public-key" +" (elg" +" (p #008EAA3497AFE3706E1A57FFA52E68C64C500731B58EBAFEB51C4A20AB15BA57FA72" + "BA1510A4703D5AA6F05DB67E4A776F92AD08800577DC686D00B793167A5D79C997E0" + "5B9A9E5974B4B68B4D71ED8EC37F2F45235D901997D72915643F058E712AA18275A2" + "C6F9F7C2B9B7CD1E814D215F12A840800B546AEF2A2E6C077CDD1A322738FFD36DB2" + "FA5420B5848EED870BC1A6CF55040AE8D2A5945F11AE2BCBE107B41A59EFDBD3B05C" + "F4C876C02C9AEAE22CD4C86806A415302936E4C1E5AA59DBBCCD2F83C20941A29888" + "A70ADB94D3B8A6489C46BF2C5219CD9FD2341EA21D4E68A4ECC468FD09D215FE96D4" + "7AEA12FD22B2456D2CC13672FC7E9772A365C68668157C51E46966B6A1831C429BA0" + "D513519713C49C13C5FC7C14BE0A117627B204C4478D0A93C6B57929E448C9B65BF2" + "390E04BC5940320C0262FC1A221E7C796493432239A6F12BC62C5CF32E8ADBC1730C" + "84C6E6E6BD95AF62835941F3F344AF46BFE5A8F629D5FA699FE37EF8B8C6A2484E42" + "D226206FDF7D1FB93A5457#)" +" (g #0B#)" +" (y #18E734FF645AE169079AEAFC78772371089AD3088627ECF77034AFBDF33ADF594AAF" + "3288F6979E0DB59CE3D2F0FEE031DFF187F1E4549D3C79668794CB19C14481ECDE2D" + "D50861AB674F87A011D50D35F28E424D0D2353850899C2CDD0CC8FDBFC5A0CA395F0" + "E605D46CBDD140DBEF426EBD638C9ADD83C195C45CE84ED2D2B21B87800C783A4F79" + "12226FEFBDA01C66B254534A51765AF09687275AA80C5DFBA143A6262E47C547D7E2" + "289413F8C5C56AED3FA7E5DF5526958E2294FE318AF590C0E720029C202563E6E686" + "9EC810F39A859262FB6047C1D418CAA9047A00BDB127B44B69CF6BC8E6B3709B4C23" + "79783C5F8457EFE23EDA6FF00D1DDCC29268FC4A6C18577BE2B7004089CBB824027A" + "A53C86B51DB054CC83B4F50C8923E2E9431F0A77D741237226CC68591083A2E40171" + "5C7B74100BB74003E2264F8B44A0B0BC5404C44218ABE65C04AA573877506CE4F48C" + "9E3F8AD1CD8DD9F285DD015C2FC5DEBCFA5779AD87F0BBC62E9EC6246021AB450DB9" + "4DDDEFAFD2C7C66E235D#)" +" ))"; +static const char sample_private_elg_key_3072[] = +"(private-key" +" (elg" +" (p #008EAA3497AFE3706E1A57FFA52E68C64C500731B58EBAFEB51C4A20AB15BA57FA72" + "BA1510A4703D5AA6F05DB67E4A776F92AD08800577DC686D00B793167A5D79C997E0" + "5B9A9E5974B4B68B4D71ED8EC37F2F45235D901997D72915643F058E712AA18275A2" + "C6F9F7C2B9B7CD1E814D215F12A840800B546AEF2A2E6C077CDD1A322738FFD36DB2" + "FA5420B5848EED870BC1A6CF55040AE8D2A5945F11AE2BCBE107B41A59EFDBD3B05C" + "F4C876C02C9AEAE22CD4C86806A415302936E4C1E5AA59DBBCCD2F83C20941A29888" + "A70ADB94D3B8A6489C46BF2C5219CD9FD2341EA21D4E68A4ECC468FD09D215FE96D4" + "7AEA12FD22B2456D2CC13672FC7E9772A365C68668157C51E46966B6A1831C429BA0" + "D513519713C49C13C5FC7C14BE0A117627B204C4478D0A93C6B57929E448C9B65BF2" + "390E04BC5940320C0262FC1A221E7C796493432239A6F12BC62C5CF32E8ADBC1730C" + "84C6E6E6BD95AF62835941F3F344AF46BFE5A8F629D5FA699FE37EF8B8C6A2484E42" + "D226206FDF7D1FB93A5457#)" +" (g #0B#)" +" (y #18E734FF645AE169079AEAFC78772371089AD3088627ECF77034AFBDF33ADF594AAF" + "3288F6979E0DB59CE3D2F0FEE031DFF187F1E4549D3C79668794CB19C14481ECDE2D" + "D50861AB674F87A011D50D35F28E424D0D2353850899C2CDD0CC8FDBFC5A0CA395F0" + "E605D46CBDD140DBEF426EBD638C9ADD83C195C45CE84ED2D2B21B87800C783A4F79" + "12226FEFBDA01C66B254534A51765AF09687275AA80C5DFBA143A6262E47C547D7E2" + "289413F8C5C56AED3FA7E5DF5526958E2294FE318AF590C0E720029C202563E6E686" + "9EC810F39A859262FB6047C1D418CAA9047A00BDB127B44B69CF6BC8E6B3709B4C23" + "79783C5F8457EFE23EDA6FF00D1DDCC29268FC4A6C18577BE2B7004089CBB824027A" + "A53C86B51DB054CC83B4F50C8923E2E9431F0A77D741237226CC68591083A2E40171" + "5C7B74100BB74003E2264F8B44A0B0BC5404C44218ABE65C04AA573877506CE4F48C" + "9E3F8AD1CD8DD9F285DD015C2FC5DEBCFA5779AD87F0BBC62E9EC6246021AB450DB9" + "4DDDEFAFD2C7C66E235D#)" +" (x #03A73F0389E470AAC831B039F8AA0C4EBD3A47DD083E32EEA08E4911236CD597C272" + "9823D47A51C8535DA52FE6DAB3E8D1C20D#)" +" ))"; + + #define DIM(v) (sizeof(v)/sizeof((v)[0])) #define DIMof(type,member) DIM(((type *)0)->member) #define BUG() do {fprintf ( stderr, "Ooops at %s:%d\n", __FILE__ , __LINE__ );\ @@ -877,7 +1013,7 @@ rsa_bench (int iterations, int print_header, int no_blinding) int testno; if (print_header) - printf ("Algorithm generate %4d*sign %4d*verify\n" + printf ("Algorithm generate %4d*priv %4d*public\n" "------------------------------------------------\n", iterations, iterations ); for (testno=0; testno < DIM (p_sizes); testno++) @@ -989,6 +1125,115 @@ rsa_bench (int iterations, int print_header, int no_blinding) } +static void +elg_bench (int iterations, int print_header) +{ + gpg_error_t err; + gcry_sexp_t pub_key[3], sec_key[3]; + int p_sizes[3] = { 1024, 2048, 3072 }; + gcry_sexp_t data = NULL; + gcry_sexp_t enc = NULL; + gcry_sexp_t plain = NULL; + int i, j; + + err = gcry_sexp_sscan (pub_key+0, NULL, sample_public_elg_key_1024, + strlen (sample_public_elg_key_1024)); + if (!err) + err = gcry_sexp_sscan (sec_key+0, NULL, sample_private_elg_key_1024, + strlen (sample_private_elg_key_1024)); + if (!err) + err = gcry_sexp_sscan (pub_key+1, NULL, sample_public_elg_key_2048, + strlen (sample_public_elg_key_2048)); + if (!err) + err = gcry_sexp_sscan (sec_key+1, NULL, sample_private_elg_key_2048, + strlen (sample_private_elg_key_2048)); + if (!err) + err = gcry_sexp_sscan (pub_key+2, NULL, sample_public_elg_key_3072, + strlen (sample_public_elg_key_3072)); + if (!err) + err = gcry_sexp_sscan (sec_key+2, NULL, sample_private_elg_key_3072, + strlen (sample_private_elg_key_3072)); + if (err) + { + fprintf (stderr, PGM ": converting sample keys failed: %s\n", + gcry_strerror (err)); + exit (1); + } + + if (print_header) + printf ("Algorithm generate %4d*priv %4d*public\n" + "------------------------------------------------\n", + iterations, iterations ); + for (i=0; i < DIM (p_sizes); i++) + { + char timerbuf1[100]; + + { + gcry_mpi_t x = gcry_mpi_new (p_sizes[i]); + gcry_mpi_randomize (x, p_sizes[i] - 16, GCRY_WEAK_RANDOM); + err = gcry_sexp_build (&data, NULL, "(data (flags raw) (value %m))", x); + gcry_mpi_release (x); + } + if (err) + { + fprintf (stderr, PGM ": converting data failed: %s\n", + gcry_strerror (err)); + exit (1); + } + + printf ("ELG %d bit -", p_sizes[i]); + fflush (stdout); + + start_timer (); + for (j=0; j < iterations; j++) + { + gcry_sexp_release (enc); + err = gcry_pk_encrypt (&enc, data, pub_key[i]); + if (err) + { + putchar ('\n'); + fprintf (stderr, PGM ": encrypt failed: %s\n", + gpg_strerror (err)); + exit (1); + } + } + stop_timer (); + snprintf (timerbuf1, sizeof timerbuf1, " %s", elapsed_time ()); + fflush (stdout); + + start_timer (); + for (j=0; j < iterations; j++) + { + gcry_sexp_release (plain); + err = gcry_pk_decrypt (&plain, enc, sec_key[i]); + if (err) + { + putchar ('\n'); + fprintf (stderr, PGM ": decrypt failed: %s\n", + gpg_strerror (err)); + exit (1); + } + } + stop_timer (); + + printf (" %s %s\n", elapsed_time (), timerbuf1); + fflush (stdout); + + gcry_sexp_release (plain); + plain = NULL; + gcry_sexp_release (enc); + enc = NULL; + gcry_sexp_release (data); + data = NULL; + } + + for (i=0; i < DIM (p_sizes); i++) + { + gcry_sexp_release (sec_key[i]); + gcry_sexp_release (pub_key[i]); + } +} + static void dsa_bench (int iterations, int print_header) @@ -1026,7 +1271,7 @@ dsa_bench (int iterations, int print_header) } if (print_header) - printf ("Algorithm generate %4d*sign %4d*verify\n" + printf ("Algorithm generate %4d*priv %4d*public\n" "------------------------------------------------\n", iterations, iterations ); for (i=0; i < DIM (q_sizes); i++) @@ -1104,7 +1349,7 @@ ecc_bench (int iterations, int print_header) int testno; if (print_header) - printf ("Algorithm generate %4d*sign %4d*verify\n" + printf ("Algorithm generate %4d*priv %4d*public\n" "------------------------------------------------\n", iterations, iterations ); for (testno=0; testno < DIM (p_sizes); testno++) @@ -1511,6 +1756,7 @@ main( int argc, char **argv ) cipher_bench (NULL); putchar ('\n'); rsa_bench (pk_count, 1, no_blinding); + elg_bench (pk_count, 0); dsa_bench (pk_count, 0); ecc_bench (pk_count, 0); putchar ('\n'); @@ -1559,11 +1805,24 @@ main( int argc, char **argv ) { mpi_bench (); } + else if ( !strcmp (*argv, "pubkey")) + { + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + rsa_bench (pk_count, 1, no_blinding); + elg_bench (pk_count, 0); + dsa_bench (pk_count, 0); + ecc_bench (pk_count, 0); + } else if ( !strcmp (*argv, "rsa")) { gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); rsa_bench (pk_count, 1, no_blinding); } + else if ( !strcmp (*argv, "elg")) + { + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + elg_bench (pk_count, 1); + } else if ( !strcmp (*argv, "dsa")) { gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); ----------------------------------------------------------------------- Summary of changes: tests/benchmark.c | 265 ++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 262 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sun Aug 10 09:08:35 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sun, 10 Aug 2014 09:08:35 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-9-gab5eff4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via ab5eff46116a9a246ffb2c083bec637d0321d0cb (commit) from 7b7e08e6f3561724006b63679c2500a62fc73837 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ab5eff46116a9a246ffb2c083bec637d0321d0cb Author: Werner Koch Date: Sun Aug 10 09:07:03 2014 +0200 tests: Fix compiler warning. * tests/t-lock.c: Include header vor getpid. (revision_thread): Init "i" to avoid compiler warning. -- GnuPG-bug-id: 1681 Note that the non-initialization of I did not harm. diff --git a/tests/t-lock.c b/tests/t-lock.c index 190d63e..5a21666 100644 --- a/tests/t-lock.c +++ b/tests/t-lock.c @@ -25,6 +25,8 @@ #include #include #include +#include +#include #ifdef _WIN32 # include #else @@ -132,7 +134,7 @@ static THREAD_RET_TYPE revision_thread (void *arg) { gpg_err_code_t rc; - int i; + int i = 0; (void)arg; ----------------------------------------------------------------------- Summary of changes: tests/t-lock.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Mon Aug 11 17:23:22 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 11 Aug 2014 17:23:22 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta751-18-ge30e538 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e30e5381bd3048febecf37dc3c273962453152dd (commit) from 2d9f76e07082fc231303ac2c6ae1aea3c98fa2e4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e30e5381bd3048febecf37dc3c273962453152dd Author: Werner Koch Date: Mon Aug 11 17:21:07 2014 +0200 common: Fix typo in header inclusion protection macro. -- GnuPG-bug-id: 1669 diff --git a/common/mischelp.h b/common/mischelp.h index 884e861..33739e8 100644 --- a/common/mischelp.h +++ b/common/mischelp.h @@ -30,7 +30,7 @@ */ #ifndef LIBJNLIB_MISCHELP_H -#define LIBJNLIB_MISCHHELP_H +#define LIBJNLIB_MISCHELP_H /* Because we can't use the internal jnlib_free macro in inline ----------------------------------------------------------------------- Summary of changes: common/mischelp.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Aug 11 17:26:16 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 11 Aug 2014 17:26:16 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.25-8-g5860cc7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 5860cc79389ac36501f92d1c781bd8aaf560a158 (commit) from f7eb5be511c48f57ba5d510377f894b78f790f23 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5860cc79389ac36501f92d1c781bd8aaf560a158 Author: Werner Koch Date: Mon Aug 11 17:21:07 2014 +0200 jnlib: Fix typo in header inclusion protection macro. -- GnuPG-bug-id: 1669 diff --git a/jnlib/mischelp.h b/jnlib/mischelp.h index e478354..dc17384 100644 --- a/jnlib/mischelp.h +++ b/jnlib/mischelp.h @@ -19,7 +19,7 @@ */ #ifndef LIBJNLIB_MISCHELP_H -#define LIBJNLIB_MISCHHELP_H +#define LIBJNLIB_MISCHELP_H /* Check whether the files NAME1 and NAME2 are identical. This is for ----------------------------------------------------------------------- Summary of changes: jnlib/mischelp.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 03:11:55 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 12 Aug 2014 03:11:55 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-105-g34bb55e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 34bb55ee36df3aca3ebca88f8b61c786cd0c0701 (commit) from e6d354865bf8f3d4c1bb5e8157a76fdd442cff41 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 34bb55ee36df3aca3ebca88f8b61c786cd0c0701 Author: NIIBE Yutaka Date: Tue Aug 12 10:03:39 2014 +0900 ecc: Support Montgomery curve for gcry_mpi_ec_mul_point. * mpi/ec.c (_gcry_mpi_ec_get_affine): Support Montgomery curve. (montgomery_ladder): New. (_gcry_mpi_ec_mul_point): Implemention using montgomery_ladder. (_gcry_mpi_ec_curve_point): Check x-coordinate is valid. -- Given Montgomery curve: b * y^2 == x^3 + a * x^2 + x CTX->A has (a-2)/4 and CTX->B has b^-1 Note that _gcry_mpi_ec_add_points is not supported for this curve. diff --git a/mpi/ec.c b/mpi/ec.c index 737f12c..a55291a 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -601,10 +601,17 @@ _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t point, case MPI_EC_MONTGOMERY: { - log_fatal ("%s: %s not yet supported\n", - "_gcry_mpi_ec_get_affine", "Montgomery"); + if (x) + mpi_set (x, point->x); + + if (y) + { + log_fatal ("%s: Getting Y-coordinate on %s is not supported\n", + "_gcry_mpi_ec_get_affine", "Montgomery"); + return -1; + } } - return -1; + return 0; case MPI_EC_EDWARDS: { @@ -1074,6 +1081,35 @@ add_points_edwards (mpi_point_t result, } +/* Compute a step of Montgomery Ladder (only use X and Z in the point). + Inputs: P1, P2, and x-coordinate of DIF = P1 - P1. + Outputs: PRD = 2 * P1 and SUM = P1 + P2. */ +static void +montgomery_ladder (mpi_point_t prd, mpi_point_t sum, + mpi_point_t p1, mpi_point_t p2, gcry_mpi_t dif_x, + mpi_ec_t ctx) +{ + ec_addm (sum->x, p2->x, p2->z, ctx); + ec_subm (p2->z, p2->x, p2->z, ctx); + ec_addm (prd->x, p1->x, p1->z, ctx); + ec_subm (p1->z, p1->x, p1->z, ctx); + ec_mulm (p2->x, p1->z, sum->x, ctx); + ec_mulm (p2->z, prd->x, p2->z, ctx); + ec_pow2 (p1->x, prd->x, ctx); + ec_pow2 (p1->z, p1->z, ctx); + ec_addm (sum->x, p2->x, p2->z, ctx); + ec_subm (p2->z, p2->x, p2->z, ctx); + ec_mulm (prd->x, p1->x, p1->z, ctx); + ec_subm (p1->z, p1->x, p1->z, ctx); + ec_pow2 (sum->x, sum->x, ctx); + ec_pow2 (sum->z, p2->z, ctx); + ec_mulm (prd->z, p1->z, ctx->a, ctx); /* CTX->A: (a-2)/4 */ + ec_mulm (sum->z, sum->z, dif_x, ctx); + ec_addm (prd->z, p1->x, prd->z, ctx); + ec_mulm (prd->z, prd->z, p1->z, ctx); +} + + /* RESULT = P1 + P2 */ void _gcry_mpi_ec_add_points (mpi_point_t result, @@ -1145,6 +1181,72 @@ _gcry_mpi_ec_mul_point (mpi_point_t result, } return; } + else if (ctx->model == MPI_EC_MONTGOMERY) + { + unsigned int nbits; + int j; + mpi_point_struct p1_, p2_; + unsigned long sw; + + /* Compute scalar point multiplication with Montgomery Ladder. + Note that we don't use Y-coordinate in the points at all. + RESULT->Y will be filled by zero. */ + + nbits = mpi_get_nbits (scalar); + point_init (&p1); + point_init (&p2); + point_init (&p1_); + point_init (&p2_); + mpi_set_ui (p1.x, 1); + mpi_free (p2.x); + p2.x = mpi_copy (point->x); + mpi_set_ui (p2.z, 1); + + for (j=nbits-1; j >= 0; j--) + { + sw = mpi_test_bit (scalar, j); + mpi_swap_cond (p1.x, p2.x, sw); + mpi_swap_cond (p1.z, p2.z, sw); + montgomery_ladder (&p1_, &p2_, &p1, &p2, point->x, ctx); + mpi_swap_cond (p1_.x, p2_.x, sw); + mpi_swap_cond (p1_.z, p2_.z, sw); + + if (--j < 0) + break; + + sw = mpi_test_bit (scalar, j); + mpi_swap_cond (p1_.x, p2_.x, sw); + mpi_swap_cond (p1_.z, p2_.z, sw); + montgomery_ladder (&p1, &p2, &p1_, &p2_, point->x, ctx); + mpi_swap_cond (p1.x, p2.x, sw); + mpi_swap_cond (p1.z, p2.z, sw); + } + + z1 = mpi_new (0); + mpi_clear (result->y); + sw = (nbits & 1); + mpi_swap_cond (p1.x, p1_.x, sw); + mpi_swap_cond (p1.z, p1_.z, sw); + + if (p1.z->nlimbs == 0) + { + mpi_set_ui (result->x, 1); + mpi_set_ui (result->z, 0); + } + else + { + ec_invm (z1, p1.z, ctx); + ec_mulm (result->x, p1.x, z1, ctx); + mpi_set_ui (result->z, 1); + } + + mpi_free (z1); + point_free (&p1); + point_free (&p2); + point_free (&p1_); + point_free (&p2_); + return; + } x1 = mpi_alloc_like (ctx->p); y1 = mpi_alloc_like (ctx->p); @@ -1243,15 +1345,15 @@ _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx) y = mpi_new (0); w = mpi_new (0); - if (_gcry_mpi_ec_get_affine (x, y, point, ctx)) - return 0; - switch (ctx->model) { case MPI_EC_WEIERSTRASS: { gcry_mpi_t xxx = mpi_new (0); + if (_gcry_mpi_ec_get_affine (x, y, point, ctx)) + return 0; + /* y^2 == x^3 + a?x + b */ ec_pow2 (y, y, ctx); @@ -1267,11 +1369,40 @@ _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx) } break; case MPI_EC_MONTGOMERY: - log_fatal ("%s: %s not yet supported\n", - "_gcry_mpi_ec_curve_point", "Montgomery"); + { +#define xx y + /* With Montgomery curve, only X-coordinate is valid. */ + if (_gcry_mpi_ec_get_affine (x, NULL, point, ctx)) + return 0; + + /* The equation is: b * y^2 == x^3 + a ? x^2 + x */ + /* We check if right hand is quadratic residue or not by + Euler's criterion. */ + /* CTX->A has (a-2)/4 and CTX->B has b^-1 */ + ec_mulm (w, ctx->a, mpi_const (MPI_C_FOUR), ctx); + ec_addm (w, w, mpi_const (MPI_C_TWO), ctx); + ec_mulm (w, w, x, ctx); + ec_pow2 (xx, x, ctx); + ec_addm (w, w, xx, ctx); + ec_addm (w, w, mpi_const (MPI_C_ONE), ctx); + ec_mulm (w, w, x, ctx); + ec_mulm (w, w, ctx->b, ctx); +#undef xx + /* Compute Euler's criterion: w^(p-1)/2 */ +#define p_minus1 y + ec_subm (p_minus1, ctx->p, mpi_const (MPI_C_ONE), ctx); + mpi_rshift (p_minus1, p_minus1, 1); + ec_powm (w, w, p_minus1, ctx); + + res = mpi_cmp_ui (w, 1); +#undef p_minus1 + } break; case MPI_EC_EDWARDS: { + if (_gcry_mpi_ec_get_affine (x, y, point, ctx)) + return 0; + /* a ? x^2 + y^2 - 1 - b ? x^2 ? y^2 == 0 */ ec_pow2 (x, x, ctx); ec_pow2 (y, y, ctx); ----------------------------------------------------------------------- Summary of changes: mpi/ec.c | 147 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 139 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 10:41:02 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 10:41:02 +0200 Subject: [git] Pinentry - branch, master, updated. pinentry-0.8.3-15-g8885916 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via 888591602fc359e2c1baaa49d92825e050426956 (commit) via 12369b15c65fa64eef9dbc5e475b407e338641c7 (commit) from 52cf95c4fd97dc38856e72aa3e42a135d010df06 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 888591602fc359e2c1baaa49d92825e050426956 Author: Werner Koch Date: Tue Aug 12 10:32:56 2014 +0200 common: Fix compiler warning. * pinentry/pinentry.c (pinentry_utf8_to_local): Use cast for iconv arg. (pinentry_local_to_utf8): Ditto. -- There are a couple of other warnings. They still need to be fixed. diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index 19bea31..4f7958a 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -1,20 +1,20 @@ /* pinentry.c - The PIN entry support library Copyright (C) 2002, 2003, 2007, 2008, 2010 g10 Code GmbH - + This file is part of PINENTRY. - + PINENTRY is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + PINENTRY is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, see . + along with this program; if not, see . */ #ifdef HAVE_CONFIG_H @@ -53,7 +53,7 @@ #endif /* Keep the name of our program here. */ -static char this_pgmname[50]; +static char this_pgmname[50]; struct pinentry pinentry = @@ -146,7 +146,8 @@ pinentry_utf8_to_local (char *lc_ctype, char *text) free (output_buf); return NULL; } - processed = iconv (cd, &input, &input_len, &output, &output_len); + processed = iconv (cd, (ICONV_CONST char **)&input, &input_len, + &output, &output_len); iconv_close (cd); if (processed == (size_t) -1 || input_len) { @@ -212,7 +213,8 @@ pinentry_local_to_utf8 (char *lc_ctype, char *text, int secure) free (output_buf); return NULL; } - processed = iconv (cd, &input, &input_len, &output, &output_len); + processed = iconv (cd, (ICONV_CONST char **)&input, &input_len, + &output, &output_len); iconv_close (cd); if (processed == (size_t) -1 || input_len) { @@ -240,7 +242,7 @@ copy_and_escape (char *buffer, const void *text, size_t textlen) int i; const unsigned char *s = (unsigned char *)text; char *p = buffer; - + for (i=0; i < textlen; i++) { if (s[i] < ' ' || s[i] == '+') @@ -300,7 +302,7 @@ pinentry_inq_quality (pinentry_t pin, const char *passphrase, size_t length) for (;;) { - do + do { rc = assuan_read_line (ctx, &line, &linelen); if (rc) @@ -308,7 +310,7 @@ pinentry_inq_quality (pinentry_t pin, const char *passphrase, size_t length) fprintf (stderr, "ASSUAN READ LINE failed: rc=%d\n", rc); return 0; } - } + } while (*line == '#' || !linelen); if (line[0] == 'E' && line[1] == 'N' && line[2] == 'D' && (!line[3] || line[3] == ' ')) @@ -403,7 +405,7 @@ pinentry_have_display (int argc, char **argv) -static void +static void usage (void) { fprintf (stdout, "Usage: %s [OPTION]...\n" @@ -502,7 +504,7 @@ pinentry_parse_opts (int argc, char *argv[]) { "version", no_argument, &opt_version, 1 }, { "timeout", required_argument, 0, 'o' }, { NULL, 0, NULL, 0 }}; - + while ((opt = getopt_long (argc, argv, "degh", opts, NULL)) != -1) { switch (opt) @@ -536,7 +538,7 @@ pinentry_parse_opts (int argc, char *argv[]) #endif exit (EXIT_FAILURE); } - break; + break; case 'T': pinentry.ttyname = strdup (optarg); if (!pinentry.ttyname) @@ -598,9 +600,9 @@ pinentry_parse_opts (int argc, char *argv[]) break; } } - if (opt_version) + if (opt_version) return 1; - if (opt_help) + if (opt_help) { usage (); exit (EXIT_SUCCESS); @@ -710,7 +712,7 @@ strcpy_escaped (char *d, const char *s) while (*s) { if (*s == '%' && s[1] && s[2]) - { + { s++; *d++ = xtoi_2 ( s); s += 2; @@ -718,7 +720,7 @@ strcpy_escaped (char *d, const char *s) else *d++ = *s++; } - *d = 0; + *d = 0; } @@ -838,10 +840,10 @@ cmd_settitle (ASSUAN_CONTEXT ctx, char *line) { char *newt; newt = malloc (strlen (line) + 1); - + if (!newt) return ASSUAN_Out_Of_Core; - + strcpy_escaped (newt, line); if (pinentry.title) free (pinentry.title); @@ -879,7 +881,7 @@ cmd_setqualitybar_tt (ASSUAN_CONTEXT ctx, char *line) newval = malloc (strlen (line) + 1); if (!newval) return ASSUAN_Out_Of_Core; - + strcpy_escaped (newval, line); } else @@ -980,7 +982,7 @@ cmd_confirm (ASSUAN_CONTEXT ctx, char *line) return result ? 0 : (pinentry.locale_err? ASSUAN_Locale_Problem - : (pinentry.one_button + : (pinentry.one_button ? 0 : (pinentry.canceled ? ASSUAN_Canceled @@ -1007,7 +1009,7 @@ cmd_message (ASSUAN_CONTEXT ctx, char *line) if (pinentry.close_button) assuan_write_status (ctx, "BUTTON_INFO", "close"); - return result ? 0 + return result ? 0 : (pinentry.locale_err? ASSUAN_Locale_Problem : 0); } @@ -1080,7 +1082,7 @@ register_commands (ASSUAN_CONTEXT ctx) table[i].name, table[i].handler); if (rc) return rc; - } + } return 0; } @@ -1122,7 +1124,7 @@ pinentry_loop2 (int infd, int outfd) #if 0 assuan_set_log_stream (ctx, stderr); #endif - + for (;;) { rc = assuan_accept (ctx); @@ -1134,7 +1136,7 @@ pinentry_loop2 (int infd, int outfd) this_pgmname, assuan_strerror (rc)); break; } - + rc = assuan_process (ctx); if (rc) { commit 12369b15c65fa64eef9dbc5e475b407e338641c7 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 New pinentry-tty version for dumb terminals. * Makefile.am: Add pinentry-tty. * NEWS: Add news about pinentry-tty. * README: Update. * configure.ac: Add support for this pinentry. * tty/Makefile.am: New. * tty/pinentry-tty.c: New. -- (Minor changes and re-indention by wk) diff --git a/.gitignore b/.gitignore index 575e011..9395e3c 100644 --- a/.gitignore +++ b/.gitignore @@ -34,6 +34,8 @@ secmem/Makefile.in secmem/Makefile w32/Makefile.in w32/Makefile +tty/Makefile.in +tty/Makefile /qt4/pinentryconfirm.moc /qt4/pinentrydialog.moc diff --git a/Makefile.am b/Makefile.am index f4fa814..a3fa819 100644 --- a/Makefile.am +++ b/Makefile.am @@ -35,6 +35,12 @@ else pinentry_curses = endif +if BUILD_PINENTRY_TTY +pinentry_tty = tty +else +pinentry_tty = +endif + if BUILD_PINENTRY_GTK pinentry_gtk = gtk else @@ -65,7 +71,7 @@ else pinentry_w32 = endif -SUBDIRS = assuan secmem pinentry ${pinentry_curses} \ +SUBDIRS = assuan secmem pinentry ${pinentry_curses} ${pinentry_tty} \ ${pinentry_gtk} ${pinentry_gtk_2} ${pinentry_qt} ${pinentry_qt4} \ ${pinentry_w32} doc diff --git a/NEWS b/NEWS index 5bd874f..0375501 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ Noteworthy changes in version 0.8.4 (unreleased) ------------------------------------------------ + * New pinentry-tty version for dumb terminals. + * Qt4: New option to enable pasting the passphrase from clipboard * Qt4: Improved accessiblity diff --git a/README b/README index 087208a..6bb0d85 100644 --- a/README +++ b/README @@ -17,6 +17,7 @@ GTK+ V2.0 --enable-pinentry-gtk2 Gimp Toolkit Library, Version 2.0 eg. libgtk-x11-2.0 and libglib-2.0 Qt --enable-pinentry-qt Qt, eg. libqt or libqt-mt Qt4 --enable-pinentry-qt4 Qt4 +TTY --enable-pinentry-tty Simple TTY version, no dependencies The GTK+ and Qt pinentries can fall back to the curses mode. The option to enable this is --enable-fallback-curses, but this is also diff --git a/configure.ac b/configure.ac index 595c2aa..94af6e1 100644 --- a/configure.ac +++ b/configure.ac @@ -236,6 +236,20 @@ fi dnl +dnl Check for tty pinentry program. +dnl +AC_ARG_ENABLE(pinentry-tty, + AC_HELP_STRING([--enable-pinentry-tty], [build tty pinentry]), + pinentry_tty=$enableval, pinentry_tty=maybe) +AM_CONDITIONAL(BUILD_PINENTRY_TTY, test "$pinentry_tty" = "yes") + +if test "$pinentry_tty" = "yes"; then + AC_DEFINE(PINENTRY_TTY, 1, + [The TTY version of Pinentry is to be build]) +fi + + +dnl dnl Check for GTK+ pinentry program. dnl AC_ARG_ENABLE(pinentry-gtk, @@ -494,10 +508,14 @@ else if test "$pinentry_curses" = "yes"; then PINENTRY_DEFAULT=pinentry-curses else - if test "$pinentry_w32" = "yes"; then - PINENTRY_DEFAULT=pinentry-w32 + if test "$pinentry_tty" = "yes"; then + PINENTRY_DEFAULT=pinentry-tty else - AC_MSG_ERROR([[No pinentry enabled.]]) + if test "$pinentry_w32" = "yes"; then + PINENTRY_DEFAULT=pinentry-w32 + else + AC_MSG_ERROR([[No pinentry enabled.]]) + fi fi fi fi @@ -512,6 +530,7 @@ assuan/Makefile secmem/Makefile pinentry/Makefile curses/Makefile +tty/Makefile gtk/Makefile gtk+-2/Makefile qt/Makefile @@ -531,6 +550,7 @@ AC_MSG_NOTICE([ Platform: $host Curses Pinentry ..: $pinentry_curses + TTY Pinentry .....: $pinentry_tty GTK+ Pinentry ....: $pinentry_gtk GTK+-2 Pinentry ..: $pinentry_gtk_2 Qt Pinentry ......: $pinentry_qt diff --git a/tty/Makefile.am b/tty/Makefile.am new file mode 100644 index 0000000..d872fcc --- /dev/null +++ b/tty/Makefile.am @@ -0,0 +1,28 @@ +# Makefile.am - PIN entry curses frontend. +# Copyright (C) 2002 g10 Code GmbH +# +# This file is part of PINENTRY. +# +# PINENTRY is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# PINENTRY is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . + +## Process this file with automake to produce Makefile.in + +bin_PROGRAMS = pinentry-tty + +AM_CPPFLAGS = -I$(top_srcdir)/pinentry +LDADD = ../pinentry/libpinentry.a \ + ../assuan/libassuan.a ../secmem/libsecmem.a \ + $(LIBCAP) $(LIBICONV) + +pinentry_tty_SOURCES = pinentry-tty.c diff --git a/tty/pinentry-tty.c b/tty/pinentry-tty.c new file mode 100644 index 0000000..2c40d42 --- /dev/null +++ b/tty/pinentry-tty.c @@ -0,0 +1,202 @@ +/* pinentry-curses.c - A secure curses dialog for PIN entry, library version + Copyright (C) 2014 Serge Voilokov + + This file is part of PINENTRY. + + PINENTRY is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + PINENTRY is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, see . + */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_UTIME_H +#include +#endif /*HAVE_UTIME_H*/ +#include +#include + +#include "pinentry.h" + +#ifndef HAVE_DOSISH_SYSTEM +static int timed_out; +#endif + +static struct termios n_term; +static struct termios o_term; + +static int +cbreak (int fd) +{ + if ((tcgetattr(fd, &o_term)) == -1) + return -1; + n_term = o_term; + n_term.c_lflag = n_term.c_lflag & ~(ECHO|ICANON); + n_term.c_cc[VMIN] = 1; + n_term.c_cc[VTIME]= 0; + if ((tcsetattr(fd, TCSAFLUSH, &n_term)) == -1) + return -1; + return 1; +} + +static int +read_password (pinentry_t pinentry, const char *tty_name, const char *tty_type) +{ + FILE *ttyfi = stdin; + FILE *ttyfo = stdout; + int count; + + if (tty_name) + { + ttyfi = fopen (tty_name, "r"); + if (!ttyfi) + return -1; + + ttyfo = fopen (tty_name, "w"); + if (!ttyfo) + { + int err = errno; + fclose (ttyfi); + errno = err; + return -1; + } + } + + if (cbreak (fileno (ttyfi)) == -1) + { + int err = errno; + if (tty_name) + { + fclose (ttyfi); + fclose (ttyfo); + } + fprintf (stderr, "cbreak failure, exiting\n"); + errno = err; + return -1; + } + + fprintf (ttyfo, "%s\n%s:\n", + pinentry->description? pinentry->description:"", + pinentry->prompt? pinentry->prompt:"PIN? "); + fflush (ttyfo); + + memset (pinentry->pin, 0, pinentry->pin_len); + + count = 0; + while (count+1 < pinentry->pin_len) + { + char c = fgetc (ttyfi); + if (c == '\n') + break; + + fflush (ttyfo); + pinentry->pin[count++] = c; + } + + tcsetattr (fileno(ttyfi), TCSANOW, &o_term); + if (tty_name) + { + fclose (ttyfi); + fclose (ttyfo); + } + return strlen (pinentry->pin); +} + + +/* If a touch has been registered, touch that file. */ +static void +do_touch_file(pinentry_t pinentry) +{ +#ifdef HAVE_UTIME_H + struct stat st; + time_t tim; + + if (!pinentry->touch_file || !*pinentry->touch_file) + return; + + if (stat(pinentry->touch_file, &st)) + return; /* Oops. */ + + /* Make sure that we actually update the mtime. */ + while ((tim = time(NULL)) == st.st_mtime) + sleep(1); + + /* Update but ignore errors as we can't do anything in that case. + Printing error messages may even clubber the display further. */ + utime (pinentry->touch_file, NULL); +#endif /*HAVE_UTIME_H*/ +} + +#ifndef HAVE_DOSISH_SYSTEM +static void +catchsig(int sig) +{ + if (sig == SIGALRM) + timed_out = 1; +} +#endif + +int +tty_cmd_handler(pinentry_t pinentry) +{ + int rc; + +#ifndef HAVE_DOSISH_SYSTEM + timed_out = 0; + + if (pinentry->timeout) + { + struct sigaction sa; + + memset(&sa, 0, sizeof(sa)); + sa.sa_handler = catchsig; + sigaction(SIGALRM, &sa, NULL); + alarm(pinentry->timeout); + } +#endif + + rc = read_password (pinentry, pinentry->ttyname, pinentry->ttytype); + do_touch_file (pinentry); + return rc; +} + + +pinentry_cmd_handler_t pinentry_cmd_handler = tty_cmd_handler; + + +int +main (int argc, char *argv[]) +{ + pinentry_init ("pinentry-tty"); + + /* Consumes all arguments. */ + if (pinentry_parse_opts(argc, argv)) + { + printf ("pinentry-tty (pinentry) " VERSION "\n"); + exit(EXIT_SUCCESS); + } + + if (pinentry_loop ()) + return 1; + + return 0; +} ----------------------------------------------------------------------- Summary of changes: .gitignore | 2 + Makefile.am | 8 +- NEWS | 2 + README | 1 + configure.ac | 26 +++++- pinentry/pinentry.c | 54 +++++++------ {doc => tty}/Makefile.am | 15 ++-- tty/pinentry-tty.c | 202 ++++++++++++++++++++++++++++++++++++++++++++++ 8 files changed, 273 insertions(+), 37 deletions(-) copy {doc => tty}/Makefile.am (67%) create mode 100644 tty/pinentry-tty.c hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 11:33:27 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 11:33:27 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta751-19-g1bde869 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 1bde869d114bcf08e6972a2f93c2664684ab8721 (commit) from e30e5381bd3048febecf37dc3c273962453152dd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1bde869d114bcf08e6972a2f93c2664684ab8721 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 speedo: Comment typo fix -- diff --git a/build-aux/speedo/w32/g4wihelp.c b/build-aux/speedo/w32/g4wihelp.c index 9d0379e..d2c93e7 100644 --- a/build-aux/speedo/w32/g4wihelp.c +++ b/build-aux/speedo/w32/g4wihelp.c @@ -968,9 +968,9 @@ read_w32_registry_string (HKEY root, const char *dir, const char *name) #define ENV_HK HKEY_CURRENT_USER #define ENV_REG "Environment" #endif -/* Due to a bug in Windows7 (kb 2685893) we better but a lower limit +/* Due to a bug in Windows7 (kb 2685893) we better put a lower limit than 8191 on the maximum length of the PATH variable. Note, that - depending on the used toolchain we used to have a 259 byte limit in + depending on the used toolchain we used to had a 259 byte limit in the past. */ #define PATH_LENGTH_LIMIT 2047 ----------------------------------------------------------------------- Summary of changes: build-aux/speedo/w32/g4wihelp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 11:54:35 2014 From: cvs at cvs.gnupg.org (by Joe Hansen) Date: Tue, 12 Aug 2014 11:54:35 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-10-g1be556e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 1be556e5bb1fb7262a1b5630ac939cfcaadc7100 (commit) from ab5eff46116a9a246ffb2c083bec637d0321d0cb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1be556e5bb1fb7262a1b5630ac939cfcaadc7100 Author: Joe Hansen Date: Thu Aug 7 18:19:46 2014 -0400 Update Danish translation * po/da.po: Update. -- Debian-bug-id: 754128 diff --git a/po/da.po b/po/da.po index e5b4dce..24f8a2f 100644 --- a/po/da.po +++ b/po/da.po @@ -1,7 +1,7 @@ # Danish translation libgpg-error. -# Copyright (C) 2012 g10 Code GmbH og nedenst?ende overs?ttere. +# Copyright (C) 2014 g10 Code GmbH og nedenst?ende overs?ttere. # This file is distributed under the same license as the libgpg-error package. -# Joe Hansen , 2012. +# Joe Hansen , 2012, 2014. # # invalid -> ugyldig # bad -> ?delagt @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: libgpg-error 1.10\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2013-02-23 20:08+0100\n" +"PO-Revision-Date: 2014-07-07 20:08+0100\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" "Language: da\n" @@ -320,10 +320,8 @@ msgstr "Ugyldigt svar" msgid "No agent running" msgstr "Ingen agent k?rer" -#, fuzzy -#| msgid "agent error" msgid "Agent error" -msgstr "agentfejl" +msgstr "Agentfejl" msgid "Invalid data" msgstr "Ugyldige data" @@ -655,48 +653,32 @@ msgstr "Ugyldig elliptisk kurve" msgid "Unknown elliptic curve" msgstr "Ukendt elliptisk kurve" -#, fuzzy -#| msgid "Duplicated value" msgid "Duplicated key" -msgstr "Duplikeret v?rdi" +msgstr "Duplikeret n?gle" -#, fuzzy -#| msgid "Ambiguous name" msgid "Ambiguous result" -msgstr "Tvetydigt navn" +msgstr "Tvetydigt resultat" -#, fuzzy -#| msgid "No crypto engine" msgid "No crypto context" -msgstr "Ingen cryptomotor" +msgstr "Ingen cryptokontekst" -#, fuzzy -#| msgid "No crypto engine" msgid "Wrong crypto context" -msgstr "Ingen cryptomotor" +msgstr "Forkert cryptokontekst" -#, fuzzy -#| msgid "Invalid crypto engine" msgid "Bad crypto context" -msgstr "Ugyldig cryptomotor" +msgstr "Ugyldig cryptokontekst" msgid "Conflict in the crypto context" -msgstr "" +msgstr "Konflikt i cryptokonteksten" -#, fuzzy -#| msgid "No public key" msgid "Broken public key" -msgstr "Ingen offentlig n?gle" +msgstr "?delagt offentlig n?gle" -#, fuzzy -#| msgid "No secret key" msgid "Broken secret key" -msgstr "Ingen hemmelig n?gle" +msgstr "?delagt hemmelig n?gle" -#, fuzzy -#| msgid "Invalid digest algorithm" msgid "Invalid MAC algorithm" -msgstr "Ugyldig sammendragsalgoritme" +msgstr "Ugyldig MAC-algoritme" msgid "Operation fully cancelled" msgstr "Handling fuldt afbrudt" @@ -747,12 +729,10 @@ msgid "Bad octal character in S-expression" msgstr "?delagt oktalt tegn i S-udtryk" msgid "Not possible with a card based key" -msgstr "" +msgstr "Ikke muligt med en kortbaseret n?gle" -#, fuzzy -#| msgid "Invalid object" msgid "Invalid lock object" -msgstr "Ugyldigt objekt" +msgstr "Ugyldigt l?seobjekt" msgid "General IPC error" msgstr "Generel IPC-fejl" ----------------------------------------------------------------------- Summary of changes: po/da.po | 50 +++++++++++++++----------------------------------- 1 file changed, 15 insertions(+), 35 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 16:28:15 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 16:28:15 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta751-21-gcb12702 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cb127024b9ca893f83bc26ebaa8769bf09c2fcff (commit) via a57c33c855c6757c8770529ee71f0f90744cd7a6 (commit) from 1bde869d114bcf08e6972a2f93c2664684ab8721 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cb127024b9ca893f83bc26ebaa8769bf09c2fcff Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 po: Remove extra LF from ja.po -- diff --git a/po/ja.po b/po/ja.po index 3551b3e..69f152e 100644 --- a/po/ja.po +++ b/po/ja.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: gnupg 2.1\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2014-08-07 10:06+0900\n" +"PO-Revision-Date: 2014-08-12 16:21+0200\n" "Last-Translator: NIIBE Yutaka \n" "Language-Team: none\n" "Language: ja\n" @@ -3080,7 +3080,7 @@ msgid "\"%s\" is not the primary fingerprint\n" msgstr "\"%s\" ???????????????????????\n" msgid "No matching user IDs." -msgstr "????????ID???????\n" +msgstr "????????ID???????" msgid "Nothing to sign.\n" msgstr "?????????????\n" commit a57c33c855c6757c8770529ee71f0f90744cd7a6 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpg: Make --with-colons work again for --search-keys. * g10/keyserver.c (search_line_handler): Replace log_debug by es_printf. diff --git a/g10/keyserver.c b/g10/keyserver.c index ac70da9..4249caf 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -836,7 +836,7 @@ show_prompt (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, int numdesc, KS_SEARCH command. If SPECIAL is 0, LINE is the actual data line received with all escaping removed and guaranteed to be exactly one line with stripped LF; an EOF is indicated by LINE passed as NULL. - If special is 1, the line conatins the source of the information + If special is 1, the line contains the source of the information (usually an URL). LINE may be modified after return. */ static gpg_error_t search_line_handler (void *opaque, int special, char *line) @@ -865,7 +865,7 @@ search_line_handler (void *opaque, int special, char *line) /* Print the received line. */ if (opt.with_colons && line) { - log_debug ("%s\n",line); + es_printf ("%s\n", line); } /* Look for an info: line. The only current info: values defined ----------------------------------------------------------------------- Summary of changes: g10/keyserver.c | 4 ++-- po/ja.po | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 16:54:42 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 16:54:42 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-11-gf32a1f7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via f32a1f784823790c0eb10070cd664b87f0a4dcf3 (commit) from 1be556e5bb1fb7262a1b5630ac939cfcaadc7100 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f32a1f784823790c0eb10070cd664b87f0a4dcf3 Author: Werner Koch Date: Tue Aug 12 16:53:21 2014 +0200 doc: Explain two error codes. -- diff --git a/doc/errorref.txt b/doc/errorref.txt index d3a65a1..8a96673 100644 --- a/doc/errorref.txt +++ b/doc/errorref.txt @@ -240,7 +240,14 @@ GPG_ERR_MISSING_CERT Missing certificate 76 GPG_ERR_INV_RESPONSE Invalid response 77 GPG_ERR_NO_AGENT No agent running 78 GPG_ERR_AGENT agent error -79 GPG_ERR_INV_DATA Invalid data + +GPG_ERR_INV_DATA Invalid data + + GNUPG: - Used in app-openpgp.c for a badly formatted request. + GCRYPT: - No passphrase given for gcry_kdf_derive. + - An opaque MPI is given to a public key function but not + expected. + 80 GPG_ERR_ASSUAN_SERVER_FAULT Unspecific Assuan server fault 81 GPG_ERR_ASSUAN General Assuan error 82 GPG_ERR_INV_SESSION_KEY Invalid session key @@ -331,6 +338,8 @@ GPG_ERR_MISSING_VALUE Missing value GNUPG: - Not enough parameters for a secret key send to gpg-agent. + GCRYPT: - A required parameter has not been given. + 129 GPG_ERR_HARDWARE Hardware problem 130 GPG_ERR_PIN_BLOCKED PIN blocked ----------------------------------------------------------------------- Summary of changes: doc/errorref.txt | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 17:43:37 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 17:43:37 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.5.1-2-ge5ab116 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via e5ab11607281b9838da2728268a8f9f0daa2b04d (commit) from bfe18a0651177025ff0a6b978a641bdd1472a0b1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e5ab11607281b9838da2728268a8f9f0daa2b04d Author: Werner Koch Date: Tue Aug 12 17:42:08 2014 +0200 gpgme-tool: Fix segv for external key listing. * src/gpgme-tool.c (result_xml_escape): Allow for DATA being NULL. diff --git a/src/gpgme-tool.c b/src/gpgme-tool.c index f02fffa..e1fd983 100644 --- a/src/gpgme-tool.c +++ b/src/gpgme-tool.c @@ -831,14 +831,17 @@ result_xml_escape (const char *data, char **buf) membuf_t mb; init_membuf (&mb, 128); - data_len = strlen (data); - for (i = 0; i < data_len; i++) + if (data) { - r = result_xml_escape_replacement (data[i]); - if (r) - put_membuf (&mb, r, strlen (r)); - else - put_membuf (&mb, data+i, 1); + data_len = strlen (data); + for (i = 0; i < data_len; i++) + { + r = result_xml_escape_replacement (data[i]); + if (r) + put_membuf (&mb, r, strlen (r)); + else + put_membuf (&mb, data+i, 1); + } } put_membuf (&mb, "", 1); *buf = get_membuf (&mb, NULL); ----------------------------------------------------------------------- Summary of changes: src/gpgme-tool.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 17:53:03 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 17:53:03 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.5.1-3-g488e44c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 488e44cdb531035fa8813b95b212f9728abc7e62 (commit) from e5ab11607281b9838da2728268a8f9f0daa2b04d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 488e44cdb531035fa8813b95b212f9728abc7e62 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpgme-tool: Install gpgme-tool. * src/Makefile.am (bin_PROGRAMS): New. Add gpgme-tools. (noinst_PROGRAMS): Remove. diff --git a/NEWS b/NEWS index 0ea405b..af12743 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ Noteworthy changes in version 1.5.2 (unreleased) [C__/A__/R_] ------------------------------------------------------------- + * gpgme-tool is now installed. + Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0] ------------------------------------------------------------- diff --git a/src/Makefile.am b/src/Makefile.am index 82f5327..b7ddbc1 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -18,7 +18,7 @@ ## Process this file with automake to produce Makefile.in -# Note: moc_kdpipeiodevice should actually be a dependcy below. +# Note: moc_kdpipeiodevice should actually be a dependecy below. EXTRA_DIST = gpgme-config.in gpgme.m4 libgpgme.vers ChangeLog-2011 \ gpgme.h.in versioninfo.rc.in gpgme.def moc_kdpipeiodevice.cpp @@ -27,6 +27,8 @@ m4datadir = $(datadir)/aclocal m4data_DATA = gpgme.m4 nodist_include_HEADERS = gpgme.h +bin_PROGRAMS = gpgme-tool + if HAVE_PTHREAD ltlib_gpgme_pthread = libgpgme-pthread.la else @@ -126,6 +128,9 @@ endif AM_CPPFLAGS = @GPG_ERROR_CFLAGS@ @QT4_CORE_CFLAGS@ AM_CFLAGS = @LIBASSUAN_CFLAGS@ @GLIB_CFLAGS@ @QT4_CORE_CFLAGS@ +gpgme_tool_LDADD = libgpgme.la @LIBASSUAN_LIBS@ + + if HAVE_W32_SYSTEM # Windows provides us with an endless stream of Tough Love. To spawn # processes with a controlled set of inherited handles, we need a @@ -201,9 +206,6 @@ libgpgme_qt_la_LIBADD = $(gpgme_res) @LIBASSUAN_LIBS@ @LTLIBOBJS@ \ @GPG_ERROR_LIBS@ @QT4_CORE_LIBS@ endif -noinst_PROGRAMS = gpgme-tool -gpgme_tool_LDADD = libgpgme.la @LIBASSUAN_LIBS@ - install-data-local: install-def-file uninstall-local: uninstall-def-file ----------------------------------------------------------------------- Summary of changes: NEWS | 2 ++ src/Makefile.am | 10 ++++++---- 2 files changed, 8 insertions(+), 4 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 18:50:47 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 18:50:47 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.5.1-5-g4160ef9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 4160ef90a1b1b778c735f31f98a6966ba3b3ea90 (commit) via 3450bff52baef2c14118958cf79ead46940d58f0 (commit) from 488e44cdb531035fa8813b95b212f9728abc7e62 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4160ef90a1b1b778c735f31f98a6966ba3b3ea90 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpgme-tool: Print fingerprint and keyid with keyservers. * src/gpgme-tool.c (cmd_keylist): Print keyid. Print FPR only if available. diff --git a/src/gpgme-tool.c b/src/gpgme-tool.c index e1fd983..d42179b 100644 --- a/src/gpgme-tool.c +++ b/src/gpgme-tool.c @@ -3305,7 +3305,9 @@ cmd_keylist (assuan_context_t ctx, char *line) while (subkey) { result_xml_tag_start (&state, "subkey", NULL); /* FIXME: more data */ - result_add_fpr (&state, "fpr", subkey->fpr); + result_add_keyid (&state, "keyid", subkey->keyid); + if (subkey->fpr) + result_add_fpr (&state, "fpr", subkey->fpr); result_add_value (&state, "secret", subkey->secret); result_add_value (&state, "is_cardkey", subkey->is_cardkey); if (subkey->card_number) commit 3450bff52baef2c14118958cf79ead46940d58f0 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Handle modern keyserver output which may emit the fingerprint. * src/engine-gpg.c (read_colon_line): Split preprocessed lines. (gpg_keylist_preprocess): Limit keyid field and print fingerprint. diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 4df0f3e..8e18253 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1242,10 +1242,26 @@ read_colon_line (engine_gpg_t gpg) } assert (gpg->colon.fnc); - gpg->colon.fnc (gpg->colon.fnc_value, line ? line : buffer); - if (line) - free (line); - } + if (line) + { + char *linep = line; + char *endp; + + do + { + endp = strchr (linep, '\n'); + if (endp) + *endp++ = 0; + gpg->colon.fnc (gpg->colon.fnc_value, linep); + linep = endp; + } + while (linep && *linep); + + free (line); + } + else + gpg->colon.fnc (gpg->colon.fnc_value, buffer); + } /* To reuse the buffer for the next line we have to shift the remaining data to the buffer start and @@ -2071,6 +2087,7 @@ gpg_keylist_preprocess (char *line, char **r_line) #define NR_FIELDS 16 char *field[NR_FIELDS]; int fields = 0; + size_t n; *r_line = NULL; @@ -2106,16 +2123,34 @@ gpg_keylist_preprocess (char *line, char **r_line) pub:::::: as defined in 5.2. Machine Readable Indexes of the OpenPGP - HTTP Keyserver Protocol (draft). + HTTP Keyserver Protocol (draft). Modern versions of the SKS + keyserver return the fingerprint instead of the keyid. We + detect this here and use the v4 fingerprint format to convert + it to a key id. We want: pub:o::::::::::::: */ - if (asprintf (r_line, "pub:o%s:%s:%s:%s:%s:%s::::::::", - field[6], field[3], field[2], field[1], - field[4], field[5]) < 0) - return gpg_error_from_syserror (); + n = strlen (field[1]); + if (n > 16) + { + if (asprintf (r_line, + "pub:o%s:%s:%s:%s:%s:%s::::::::\n" + "fpr:::::::::%s:", + field[6], field[3], field[2], field[1] + n - 16, + field[4], field[5], field[1]) < 0) + return gpg_error_from_syserror (); + } + else + { + if (asprintf (r_line, + "pub:o%s:%s:%s:%s:%s:%s::::::::", + field[6], field[3], field[2], field[1], + field[4], field[5]) < 0) + return gpg_error_from_syserror (); + } + return 0; case RT_UID: ----------------------------------------------------------------------- Summary of changes: src/engine-gpg.c | 53 ++++++++++++++++++++++++++++++++++++++++++++--------- src/gpgme-tool.c | 4 +++- 2 files changed, 47 insertions(+), 10 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 12 20:41:50 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 12 Aug 2014 20:41:50 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.25-13-gee30bb9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via ee30bb945f316f2e3bba64fc1f006d7ce19cd1b7 (commit) via 5b2dcdd513ff503bb0bffbe7b9aa6d81d48dfaeb (commit) via 9f3619cb5d633baa1a8dbd7f1ca4789d091d31bb (commit) via b972ec396689013b884ea80f90d7505682d2fbb8 (commit) via 90397c9343411bc52ed55d9710de875db70fac64 (commit) from 5860cc79389ac36501f92d1c781bd8aaf560a158 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ee30bb945f316f2e3bba64fc1f006d7ce19cd1b7 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Post release updates. -- diff --git a/NEWS b/NEWS index 70c2773..88c667b 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 2.0.27 (unreleased) +------------------------------------------------- + + Noteworthy changes in version 2.0.26 (2014-08-12) ------------------------------------------------- diff --git a/configure.ac b/configure.ac index 417cf25..c5f9bb6 100644 --- a/configure.ac +++ b/configure.ac @@ -26,7 +26,7 @@ min_automake_version="1.10" # (git tag -s gnupg-2.n.m) and run "./autogen.sh --force". Please # bump the version number immediately *after* the release and do # another commit and push so that the git magic is able to work. -m4_define([mym4_version], [2.0.26]) +m4_define([mym4_version], [2.0.27]) # Below is m4 magic to extract and compute the git revision number, # the decimalized short revision number, a beta version string and a commit 5b2dcdd513ff503bb0bffbe7b9aa6d81d48dfaeb Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Release 2.0.26 diff --git a/NEWS b/NEWS index f523056..70c2773 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,17 @@ -Noteworthy changes in version 2.0.26 (unreleased) +Noteworthy changes in version 2.0.26 (2014-08-12) ------------------------------------------------- + * gpg: Fix a regression in 2.0.24 if a subkey id is given + to --recv-keys et al. + + * gpg: Cap attribute packets at 16MB. + + * gpgsm: Auto-create the ".gnupg" home directory in the same + way gpg does. + + * scdaemon: Allow for certificates > 1024 when using PC/SC. + + Noteworthy changes in version 2.0.25 (2014-06-30) ------------------------------------------------- diff --git a/sm/keydb.c b/sm/keydb.c index 23eca35..4fc5e8c 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -34,6 +34,11 @@ #include "keydb.h" #include "i18n.h" +#ifdef MKDIR_TAKES_ONE_ARG +#undef mkdir +#define mkdir(a,b) mkdir(a) +#endif + static int active_handles; typedef enum { @@ -245,7 +250,6 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) const char *resname = url; char *filename = NULL; int rc = 0; - FILE *fp; KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE; if (auto_created) commit 9f3619cb5d633baa1a8dbd7f1ca4789d091d31bb Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 po: Auto-update due to removed string. -- diff --git a/po/be.po b/po/be.po index 2a110d4..35a0326 100644 --- a/po/be.po +++ b/po/be.po @@ -6119,9 +6119,6 @@ msgstr "???????????????? ?????????? ?? ?????????????? ??????????????" msgid "error creating keybox `%s': %s\n" msgstr "?????????????? ???????????????????? \"%s\": %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "%s: ?????????? ????????????????\n" diff --git a/po/ca.po b/po/ca.po index 73306c7..0c56144 100644 --- a/po/ca.po +++ b/po/ca.po @@ -6660,9 +6660,6 @@ msgstr "error en la lectura de ??%s??: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "error en crear l'anell ??%s??: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "s'ha creat l'anell ??%s??\n" diff --git a/po/cs.po b/po/cs.po index 5e06ac7..7607d51 100644 --- a/po/cs.po +++ b/po/cs.po @@ -6205,9 +6205,6 @@ msgstr "chyba p??i ??ten?? vstupu: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "chyba p??i vytv????en?? schr??nky na kl????e (keybox) ???%s???: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "mo??n?? byste cht??l(a) nejprve spustit gpg-agenta\n" - #, c-format msgid "keybox `%s' created\n" msgstr "schr??nka na kl????e (keybox) ???%s??? vytvo??ena\n" @@ -6689,6 +6686,9 @@ msgstr "" "Syntaxe: gpg-check-pattern [VOLBY] SOUBOR_SE_VZOREM\n" "Prov?????? heslo zadan?? na vstupu proti souboru se vzory\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "mo??n?? byste cht??l(a) nejprve spustit gpg-agenta\n" + #~ msgid "enable ssh-agent emulation" #~ msgstr "zapnout emulaci ssh-agenta" diff --git a/po/da.po b/po/da.po index cb70c36..75e840a 100644 --- a/po/da.po +++ b/po/da.po @@ -6206,9 +6206,6 @@ msgstr "fejl ved l??sning af inddata: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "fejl ved oprettelse af n??gleboks ??%s??: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "du kan eventuelt starte gpg-agenten f??rst\n" - #, c-format msgid "keybox `%s' created\n" msgstr "n??gleboks ??%s?? oprettet\n" @@ -6691,6 +6688,9 @@ msgstr "" "Syntaks: gpg-check-pattern [tilvalg] m??nsterfil\n" "Kontroller en adgangsfrase angivet p?? stdin mod m??nsterfilen\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "du kan eventuelt starte gpg-agenten f??rst\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "fejl ved l??sning af ??%s??: %s\n" diff --git a/po/de.po b/po/de.po index 12abe70..4516768 100644 --- a/po/de.po +++ b/po/de.po @@ -6332,9 +6332,6 @@ msgstr "Fehler beim Lesen der Eingabe: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "Die \"Keybox\" `%s' konnte nicht erstellt werden: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "Sie sollten zuerst den gpg-agent starten\n" - #, c-format msgid "keybox `%s' created\n" msgstr "Die \"Keybox\" `%s' wurde erstellt\n" @@ -6823,6 +6820,9 @@ msgstr "" "Syntax: gpg-check-pattern [optionen] Musterdatei\n" "Die von stdin gelesene Passphrase gegen die Musterdatei pr??fen\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "Sie sollten zuerst den gpg-agent starten\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "Fehler beim Laden von `%s': %s\n" diff --git a/po/el.po b/po/el.po index 54ccde4..2fcce66 100644 --- a/po/el.po +++ b/po/el.po @@ -6495,9 +6495,6 @@ msgstr " msgid "error creating keybox `%s': %s\n" msgstr "???????? ??????????? ??? ??????????? `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "?????????? `%s' ?????????????\n" diff --git a/po/eo.po b/po/eo.po index 639c60a..4c510c6 100644 --- a/po/eo.po +++ b/po/eo.po @@ -6460,9 +6460,6 @@ msgstr "eraro dum legado de '%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "eraro dum kreado de ?losilaro '%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "?losilaro '%s' kreita\n" diff --git a/po/es.po b/po/es.po index e45399a..210beca 100644 --- a/po/es.po +++ b/po/es.po @@ -6259,9 +6259,6 @@ msgstr "error leyendo entrada: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "error creando caja de claves `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "puede que quiera ejecutar gpg-agent antes\n" - #, c-format msgid "keybox `%s' created\n" msgstr "caja de claves `%s' creada\n" @@ -6746,6 +6743,9 @@ msgstr "" "Compara frase contrase?a dada en entrada est?ndar con un fichero de " "patrones\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "puede que quiera ejecutar gpg-agent antes\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "error cargando `%s': %s\n" diff --git a/po/et.po b/po/et.po index 2cb42a1..055ce4d 100644 --- a/po/et.po +++ b/po/et.po @@ -6413,9 +6413,6 @@ msgstr "viga `%s' lugemisel: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "viga v?tmehoidla `%s' loomisel: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "v?tmehoidla `%s' on loodud\n" diff --git a/po/fi.po b/po/fi.po index 39d22a7..9da8b7d 100644 --- a/po/fi.po +++ b/po/fi.po @@ -6478,9 +6478,6 @@ msgstr "virhe luettaessa tiedostoa \"%s\": %s\n" msgid "error creating keybox `%s': %s\n" msgstr "virhe luotaessa avainrengasta \"%s\": %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "avainrengas \"%s\" luotu\n" diff --git a/po/fr.po b/po/fr.po index 303d677..171e300 100644 --- a/po/fr.po +++ b/po/fr.po @@ -6385,9 +6385,6 @@ msgstr "erreur de lecture de l'entr??e??: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "erreur de cr??ation du trousseau local ????%s??????: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "vous pourriez d'abord d??marrer l'agent GPG\n" - #, c-format msgid "keybox `%s' created\n" msgstr "le trousseau local ????%s???? a ??t?? cr????\n" @@ -6875,6 +6872,9 @@ msgstr "" "V??rifier une phrase de passe donn??e sur l'entr??e standard par rapport ?? " "ficmotif\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "vous pourriez d'abord d??marrer l'agent GPG\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "erreur de chargement de ????%s??????: %s\n" diff --git a/po/gl.po b/po/gl.po index d6c493b..626abba 100644 --- a/po/gl.po +++ b/po/gl.po @@ -6495,9 +6495,6 @@ msgstr "erro lendo `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "erro ao crea-lo chaveiro `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "chaveiro `%s' creado\n" diff --git a/po/hu.po b/po/hu.po index af03be2..f4d82ba 100644 --- a/po/hu.po +++ b/po/hu.po @@ -6446,9 +6446,6 @@ msgstr "Hiba \"%s\" olvas msgid "error creating keybox `%s': %s\n" msgstr "Hiba a(z) \"%s\" kulcskarika l?trehoz?sakor: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "\"%s\" kulcskarik?t l?trehoztam.\n" diff --git a/po/id.po b/po/id.po index b499b8c..7f00362 100644 --- a/po/id.po +++ b/po/id.po @@ -6443,9 +6443,6 @@ msgstr "kesalahan membaca `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "kesalahan menulis keyring `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "%s: keyring tercipta\n" diff --git a/po/it.po b/po/it.po index a89e1c3..ed6afb5 100644 --- a/po/it.po +++ b/po/it.po @@ -6485,9 +6485,6 @@ msgstr "errore leggendo `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "errore creando il portachiavi `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "portachiavi `%s' creato\n" diff --git a/po/ja.po b/po/ja.po index 14af09c..16bb5da 100644 --- a/po/ja.po +++ b/po/ja.po @@ -6088,9 +6088,6 @@ msgstr "???????????????????????????: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "keybox???%s?????????????????????: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "?????? gpg-agent ??????????????????????????????\n" - #, c-format msgid "keybox `%s' created\n" msgstr "keybox???%s???????????????????????????\n" @@ -6574,5 +6571,8 @@ msgstr "" "??????: gpg-check-pattern [???????????????] ????????????????????????\n" "????????????????????????????????????????????????????????????????????????????????????\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "?????? gpg-agent ??????????????????????????????\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "???%s????????????????????????: %s\n" diff --git a/po/nb.po b/po/nb.po index 56814fa..2504a4f 100644 --- a/po/nb.po +++ b/po/nb.po @@ -6197,9 +6197,6 @@ msgstr "feil ved lesing av msgid "error creating keybox `%s': %s\n" msgstr "feil ved opprettelse av n?kkelknippet ?%s?: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "n?kkelknippet ?%s? ble opprettet\n" diff --git a/po/pl.po b/po/pl.po index 0cd137d..43629bc 100644 --- a/po/pl.po +++ b/po/pl.po @@ -6239,9 +6239,6 @@ msgstr "b msgid "error creating keybox `%s': %s\n" msgstr "b??d tworzenia keyboksa ,,%s'': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "mo?na najpierw uruchomi? najpierw gpg-agenta\n" - #, c-format msgid "keybox `%s' created\n" msgstr "keybox ,,%s'' utworzony\n" @@ -6726,6 +6723,9 @@ msgstr "" "Sk?adnia: gpg-check-pattern [opcje] plik-wzorc?w\n" "Sprawdzanie has?a ze standardowego wej?cia wzgl?dem pliku wzorc?w\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "mo?na najpierw uruchomi? najpierw gpg-agenta\n" + #~ msgid "enable ssh-agent emulation" #~ msgstr "w??czenie emulacji ssh-agenta" diff --git a/po/pt.po b/po/pt.po index 875f9f0..73a911c 100644 --- a/po/pt.po +++ b/po/pt.po @@ -6453,9 +6453,6 @@ msgstr "erro na leitura de `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "erro ao criar porta-chaves `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "porta-chaves `%s' criado\n" diff --git a/po/pt_BR.po b/po/pt_BR.po index 27812d9..1276d5d 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -6468,9 +6468,6 @@ msgstr "erro na leitura de `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "erro na escrita do chaveiro `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "%s: chaveiro criado\n" diff --git a/po/ro.po b/po/ro.po index 92353e4..9414bf9 100644 --- a/po/ro.po +++ b/po/ro.po @@ -6355,9 +6355,6 @@ msgstr "eroare la citire `%s': %s\n" msgid "error creating keybox `%s': %s\n" msgstr "eroare la crearea inelului de chei `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "inelul de chei `%s' creat\n" diff --git a/po/ru.po b/po/ru.po index 6ccd36e..8aa7e06 100644 --- a/po/ru.po +++ b/po/ru.po @@ -6203,9 +6203,6 @@ msgstr "???????????? ???????????? ??????????: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "???????????? ???????????????? keybox `%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "???????????????? ?????????????? ?????????????????? gpg-agent ????????????\n" - #, c-format msgid "keybox `%s' created\n" msgstr "???????????? keybox `%s'\n" @@ -6678,6 +6675,9 @@ msgid "" "Check a passphrase given on stdin against the patternfile\n" msgstr "" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "???????????????? ?????????????? ?????????????????? gpg-agent ????????????\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "???????????? ???????????????? `%s': %s\n" diff --git a/po/sk.po b/po/sk.po index e813126..d32c1dc 100644 --- a/po/sk.po +++ b/po/sk.po @@ -6465,9 +6465,6 @@ msgstr "chyba pri msgid "error creating keybox `%s': %s\n" msgstr "chyba pri vytv?ran? s?boru k???ov (keyring)`%s': %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "s?bor k???ov (keyring) `%s' vytvoren?\n" diff --git a/po/sv.po b/po/sv.po index b896570..58782f0 100644 --- a/po/sv.po +++ b/po/sv.po @@ -6363,9 +6363,6 @@ msgstr "fel vid l??sning av indata: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "fel n??r nyckelsk??pet \"%s\" skapades: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "du kanske vill starta gpg-agent f??rst\n" - #, c-format msgid "keybox `%s' created\n" msgstr "nyckelsk??pet \"%s\" skapat\n" @@ -6850,6 +6847,9 @@ msgstr "" "Syntax: gpg-check-pattern [flaggor] m??nsterfil\n" "Kontrollera en l??senfras angiven p?? standard in mot m??nsterfilen\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "du kanske vill starta gpg-agent f??rst\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "fel vid inl??sning av \"%s\": %s\n" diff --git a/po/tr.po b/po/tr.po index f6bfb37..e5df7d3 100644 --- a/po/tr.po +++ b/po/tr.po @@ -6291,9 +6291,6 @@ msgstr "girdi okunurken hata: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "anahtar bloku `%s' olu??turulurken hata: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "gpg-agent'?? ??nce ba??latmak isteyebilirsiniz\n" - #, c-format msgid "keybox `%s' created\n" msgstr "`%s' anahtar blo??u olu??turuldu\n" @@ -6778,6 +6775,9 @@ msgstr "" "Standart girdiden verilen anahtar parolas??n?? ??r??nt?? dosyas??yla " "kar????la??t??r??r\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "gpg-agent'?? ??nce ba??latmak isteyebilirsiniz\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "`%s' y??klenirken hata: %s\n" diff --git a/po/uk.po b/po/uk.po index bd50c6d..e741119 100644 --- a/po/uk.po +++ b/po/uk.po @@ -6300,9 +6300,6 @@ msgstr "?????????????? ?????? ?????? ???????????? ?????????????? ?????????????? msgid "error creating keybox `%s': %s\n" msgstr "?????????????? ?????? ?????? ???????????? ?????????????????? ?????????????? ???????????? ??%s??: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "?????? ?????????? ???????????????? ?????????????????? gpg-agent\n" - #, c-format msgid "keybox `%s' created\n" msgstr "???????????????? ?????????????? ???????????? ??%s??\n" @@ -6790,6 +6787,9 @@ msgstr "" "??????????????????: gpg-check-pattern [??????????????????] ????????_????????????????\n" "???????????????????? ????????????, ???????????????? ?? stdin, ???? ?????????????????? ??????????_????????????????\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "?????? ?????????? ???????????????? ?????????????????? gpg-agent\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "?????????????? ?????? ?????? ???????????? ???????????????????????? ??%s??: %s\n" diff --git a/po/zh_CN.po b/po/zh_CN.po index 4615cf4..3e01465 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -6183,9 +6183,6 @@ msgstr "?????????%s???????????????%s\n" msgid "error creating keybox `%s': %s\n" msgstr "??????????????????%s?????????????????????%s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "" - #, fuzzy, c-format msgid "keybox `%s' created\n" msgstr "????????????%s????????????\n" diff --git a/po/zh_TW.po b/po/zh_TW.po index e1f58b3..abcf54e 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -6044,9 +6044,6 @@ msgstr "?????????????????????: %s\n" msgid "error creating keybox `%s': %s\n" msgstr "????????????????????? `%s' ?????????: %s\n" -msgid "you may want to start the gpg-agent first\n" -msgstr "???????????????????????? gpg-agent\n" - #, c-format msgid "keybox `%s' created\n" msgstr "`%s' ??????????????????\n" @@ -6523,6 +6520,9 @@ msgstr "" "??????: gpg-check-pattern [??????] ????????????\n" "??????????????????????????????????????????????????????\n" +#~ msgid "you may want to start the gpg-agent first\n" +#~ msgstr "???????????????????????? gpg-agent\n" + #~ msgid "error loading `%s': %s\n" #~ msgstr "?????? `%s' ?????????: %s\n" commit b972ec396689013b884ea80f90d7505682d2fbb8 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 sm: Create homedir and lock empty keybox creation. * sm/gpgsm.h (opt): Add field "no_homedir_creation". * sm/gpgsm.c (main): Set it if --no-options is used. * sm/keydb.c: Include fcntl.h. (try_make_homedir): New. Similar to the one from g10/openfile.c (maybe_create_keybox): New. Similar to the one from g10/keydb.c. (keydb_add_resource): Replace some code by maybe_create_keybox. diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 2470df0..97ec4bb 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -951,7 +951,10 @@ main ( int argc, char **argv) default_config = 0; } else if (pargs.r_opt == oNoOptions) - default_config = 0; /* --no-options */ + { + default_config = 0; /* --no-options */ + opt.no_homedir_creation = 1; + } else if (pargs.r_opt == oHomedir) opt.homedir = pargs.r.ret_str; else if (pargs.r_opt == aCallProtectTool) @@ -1246,7 +1249,7 @@ main ( int argc, char **argv) goto next_pass; } break; - case oNoOptions: break; /* no-options */ + case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */ case oHomedir: opt.homedir = pargs.r.ret_str; break; case oAgentProgram: opt.agent_program = pargs.r.ret_str; break; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 1904bd4..25a2e5b 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -50,7 +50,7 @@ struct keyserver_spec /* A large struct named "opt" to keep global flags. */ -struct +struct { unsigned int debug; /* debug flags (DBG_foo_VALUE) */ int verbose; /* verbosity level */ @@ -59,10 +59,11 @@ struct int answer_yes; /* assume yes on most questions */ int answer_no; /* assume no on most questions */ int dry_run; /* don't change any persistent data */ + int no_homedir_creation; const char *homedir; /* Configuration directory name */ const char *config_filename; /* Name of the used config file. */ - const char *agent_program; + const char *agent_program; session_env_t session_env; char *lc_ctype; diff --git a/sm/keydb.c b/sm/keydb.c index 5547405..23eca35 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -1,5 +1,6 @@ /* keydb.c - key database dispatcher * Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc. + * Copyright (C) 2014 g10 Code GmbH * * This file is part of GnuPG. * @@ -25,6 +26,7 @@ #include #include #include +#include #include #include "gpgsm.h" @@ -68,11 +70,173 @@ static int lock_all (KEYDB_HANDLE hd); static void unlock_all (KEYDB_HANDLE hd); +static void +try_make_homedir (const char *fname) +{ + const char *defhome = standard_homedir (); + + /* Create the directory only if the supplied directory name is the + same as the default one. This way we avoid to create arbitrary + directories when a non-default home directory is used. To cope + with HOME, we do compare only the suffix if we see that the + default homedir does start with a tilde. */ + if ( opt.dry_run || opt.no_homedir_creation ) + return; + + if ( +#ifdef HAVE_W32_SYSTEM + ( !compare_filenames (fname, defhome) ) +#else + ( *defhome == '~' + && (strlen(fname) >= strlen (defhome+1) + && !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) )) + || (*defhome != '~' && !compare_filenames( fname, defhome ) ) +#endif + ) + { + if ( mkdir (fname, S_IRUSR|S_IWUSR|S_IXUSR) ) + log_info (_("can't create directory `%s': %s\n"), + fname, strerror(errno) ); + else if (!opt.quiet ) + log_info (_("directory `%s' created\n"), fname); + } +} + + +/* Handle the creation of a keybox if it does not yet exist. Take + into acount that other processes might have the keybox already + locked. This lock check does not work if the directory itself is + not yet available. If R_CREATED is not NULL it will be set to true + if the function created a new keybox. */ +static int +maybe_create_keybox (char *filename, int force, int *r_created) +{ + DOTLOCK lockhd = NULL; + FILE *fp; + int rc; + mode_t oldmask; + char *last_slash_in_filename; + int save_slash; + + if (r_created) + *r_created = 0; + + /* A quick test whether the filename already exists. */ + if (!access (filename, F_OK)) + return 0; + + /* If we don't want to create a new file at all, there is no need to + go any further - bail out right here. */ + if (!force) + return gpg_error (GPG_ERR_ENOENT); + + /* First of all we try to create the home directory. Note, that we + don't do any locking here because any sane application of gpg + would create the home directory by itself and not rely on gpg's + tricky auto-creation which is anyway only done for some home + directory name patterns. */ + last_slash_in_filename = strrchr (filename, DIRSEP_C); +#if HAVE_W32_SYSTEM + { + /* Windows may either have a slash or a backslash. Take care of it. */ + char *p = strrchr (filename, '/'); + if (!last_slash_in_filename || p > last_slash_in_filename) + last_slash_in_filename = p; + } +#endif /*HAVE_W32_SYSTEM*/ + if (!last_slash_in_filename) + return gpg_error (GPG_ERR_ENOENT); /* No slash at all - should + not happen though. */ + save_slash = *last_slash_in_filename; + *last_slash_in_filename = 0; + if (access(filename, F_OK)) + { + static int tried; + + if (!tried) + { + tried = 1; + try_make_homedir (filename); + } + if (access (filename, F_OK)) + { + rc = gpg_error_from_syserror (); + *last_slash_in_filename = save_slash; + goto leave; + } + } + *last_slash_in_filename = save_slash; + + /* To avoid races with other instances of gpg trying to create or + update the keybox (it is removed during an update for a short + time), we do the next stuff in a locked state. */ + lockhd = create_dotlock (filename); + if (!lockhd) + { + /* A reason for this to fail is that the directory is not + writable. However, this whole locking stuff does not make + sense if this is the case. An empty non-writable directory + with no keyring is not really useful at all. */ + if (opt.verbose) + log_info ("can't allocate lock for `%s'\n", filename ); + + if (!force) + return gpg_error (GPG_ERR_ENOENT); + else + return gpg_error (GPG_ERR_GENERAL); + } + + if ( make_dotlock (lockhd, -1) ) + { + /* This is something bad. Probably a stale lockfile. */ + log_info ("can't lock `%s'\n", filename); + rc = gpg_error (GPG_ERR_GENERAL); + goto leave; + } + + /* Now the real test while we are locked. */ + if (!access(filename, F_OK)) + { + rc = 0; /* Okay, we may access the file now. */ + goto leave; + } + + /* The file does not yet exist, create it now. */ + oldmask = umask (077); + fp = fopen (filename, "w"); + if (!fp) + { + rc = gpg_error_from_syserror (); + umask (oldmask); + log_error (_("error creating keybox `%s': %s\n"), + filename, gpg_strerror (rc)); + goto leave; + } + umask (oldmask); + + if (!opt.quiet) + log_info (_("keybox `%s' created\n"), filename); + if (r_created) + *r_created = 1; + + fclose (fp); + rc = 0; + + leave: + if (lockhd) + { + release_dotlock (lockhd); + destroy_dotlock (lockhd); + } + return rc; +} + + /* * Register a resource (which currently may only be a keybox file). * The first keybox which is added by this function is created if it * does not exist. If AUTO_CREATED is not NULL it will be set to true - * if the function has created a a new keybox. + * if the function has created a new keybox. */ int keydb_add_resource (const char *url, int force, int secret, int *auto_created) @@ -137,11 +301,11 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) else rt = KEYDB_RESOURCE_TYPE_KEYBOX; } - else /* maybe empty: assume ring */ + else /* maybe empty: assume keybox */ rt = KEYDB_RESOURCE_TYPE_KEYBOX; fclose (fp2); } - else /* no file yet: create ring */ + else /* no file yet: create keybox */ rt = KEYDB_RESOURCE_TYPE_KEYBOX; } @@ -153,91 +317,46 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) goto leave; case KEYDB_RESOURCE_TYPE_KEYBOX: - fp = fopen (filename, "rb"); - if (!fp && !force) - { - rc = gpg_error (gpg_err_code_from_errno (errno)); - goto leave; - } - - if (!fp) - { /* no file */ -#if 0 /* no autocreate of the homedirectory yet */ + rc = maybe_create_keybox (filename, force, auto_created); + if (rc) + goto leave; + /* Now register the file */ + { + void *token = keybox_register_file (filename, secret); + if (!token) + ; /* already registered - ignore it */ + else if (used_resources >= MAX_KEYDB_RESOURCES) + rc = gpg_error (GPG_ERR_RESOURCE_LIMIT); + else { - char *last_slash_in_filename; - - last_slash_in_filename = strrchr (filename, DIRSEP_C); - *last_slash_in_filename = 0; - if (access (filename, F_OK)) - { /* on the first time we try to create the default - homedir and in this case the process will be - terminated, so that on the next invocation can - read the options file in on startup */ - try_make_homedir (filename); - rc = gpg_error (GPG_ERR_FILE_OPEN_ERROR); - *last_slash_in_filename = DIRSEP_C; - goto leave; + all_resources[used_resources].type = rt; + all_resources[used_resources].u.kr = NULL; /* Not used here */ + all_resources[used_resources].token = token; + all_resources[used_resources].secret = secret; + + all_resources[used_resources].lockhandle + = create_dotlock (filename); + if (!all_resources[used_resources].lockhandle) + log_fatal ( _("can't create lock for `%s'\n"), filename); + + /* Do a compress run if needed and the file is not locked. */ + if (!make_dotlock (all_resources[used_resources].lockhandle, 0)) + { + KEYBOX_HANDLE kbxhd = keybox_new (token, secret); + + if (kbxhd) + { + keybox_compress (kbxhd); + keybox_release (kbxhd); + } + release_dotlock (all_resources[used_resources].lockhandle); } - *last_slash_in_filename = DIRSEP_C; - } -#endif - fp = fopen (filename, "w"); - if (!fp) - { - rc = gpg_error (gpg_err_code_from_errno (errno)); - log_error (_("error creating keybox `%s': %s\n"), - filename, strerror(errno)); - if (errno == ENOENT) - log_info (_("you may want to start the gpg-agent first\n")); - goto leave; - } - - if (!opt.quiet) - log_info (_("keybox `%s' created\n"), filename); - if (auto_created) - *auto_created = 1; - } - fclose (fp); - fp = NULL; - /* now register the file */ - { - - void *token = keybox_register_file (filename, secret); - if (!token) - ; /* already registered - ignore it */ - else if (used_resources >= MAX_KEYDB_RESOURCES) - rc = gpg_error (GPG_ERR_RESOURCE_LIMIT); - else - { - all_resources[used_resources].type = rt; - all_resources[used_resources].u.kr = NULL; /* Not used here */ - all_resources[used_resources].token = token; - all_resources[used_resources].secret = secret; - - all_resources[used_resources].lockhandle - = create_dotlock (filename); - if (!all_resources[used_resources].lockhandle) - log_fatal ( _("can't create lock for `%s'\n"), filename); - - /* Do a compress run if needed and the file is not locked. */ - if (!make_dotlock (all_resources[used_resources].lockhandle, 0)) - { - KEYBOX_HANDLE kbxhd = keybox_new (token, secret); - - if (kbxhd) - { - keybox_compress (kbxhd); - keybox_release (kbxhd); - } - release_dotlock (all_resources[used_resources].lockhandle); - } - - used_resources++; - } - } + used_resources++; + } + } + break; - break; default: log_error ("resource type of `%s' not supported\n", url); rc = gpg_error (GPG_ERR_NOT_SUPPORTED); commit 90397c9343411bc52ed55d9710de875db70fac64 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Remove trailing white space from two files. -- diff --git a/g10/openfile.c b/g10/openfile.c index 55dd42c..db5cdc2 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -144,7 +144,7 @@ ask_outfile_name( const char *name, size_t namelen ) if ( opt.batch ) return NULL; - + defname = name && namelen? make_printable_string (name, namelen, 0) : NULL; s = _("Enter new filename"); @@ -159,9 +159,9 @@ ask_outfile_name( const char *name, size_t namelen ) cpr_kill_prompt (); tty_disable_completion (); xfree (prompt); - if ( !*fname ) + if ( !*fname ) { - xfree (fname); + xfree (fname); fname = defname; defname = NULL; } @@ -197,7 +197,7 @@ open_outfile( const char *iname, int mode, IOBUF *a ) else { char *buf = NULL; const char *name; - + if ( opt.dry_run ) { #ifdef HAVE_W32_SYSTEM @@ -222,7 +222,7 @@ open_outfile( const char *iname, int mode, IOBUF *a ) char *dot; const char *newsfx = mode==1 ? ".asc" : mode==2 ? ".sig" : ".gpg"; - + buf = xmalloc(strlen(iname)+4+1); strcpy(buf,iname); dot = strchr(buf, '.' ); @@ -259,7 +259,7 @@ open_outfile( const char *iname, int mode, IOBUF *a ) xfree (buf); name = buf = tmp; } - + if( !rc ) { if (is_secured_filename (name) ) @@ -385,7 +385,7 @@ copy_options_file( const char *destdir ) ; else if (c == '#') esc = 2; - else + else any_option = 1; } } @@ -431,6 +431,6 @@ try_make_homedir (const char *fname) else if (!opt.quiet ) log_info ( _("directory `%s' created\n"), fname ); copy_options_file( fname ); - + } } diff --git a/sm/gpgsm.h b/sm/gpgsm.h index c4a261b..1904bd4 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -75,7 +75,7 @@ struct char *outfile; /* name of output file */ int with_key_data;/* include raw key in the column delimted output */ - + int fingerprint; /* list fingerprints in all key listings */ int with_md5_fingerprint; /* Also print an MD5 fingerprint for @@ -170,11 +170,11 @@ struct server_control_s int no_server; /* We are not running under server control */ int status_fd; /* Only for non-server mode */ struct server_local_s *server_local; - + audit_ctx_t audit; /* NULL or a context for the audit subsystem. */ int agent_seen; /* Flag indicating that the gpg-agent has been accessed. */ - + int with_colons; /* Use column delimited output format */ int with_chain; /* Include the certifying certs in a listing */ int with_validation;/* Validate each key while listing. */ @@ -203,7 +203,7 @@ typedef struct base64_context_s *Base64Context; /* An object to keep a list of certificates. */ -struct certlist_s +struct certlist_s { struct certlist_s *next; ksba_cert_t cert; @@ -386,7 +386,7 @@ int gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc, unsigned char *digest, size_t digestlen, int digestalgo, unsigned char **r_buf, size_t *r_buflen); int gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, - ksba_const_sexp_t ciphertext, + ksba_const_sexp_t ciphertext, char **r_buf, size_t *r_buflen); int gpgsm_agent_genkey (ctrl_t ctrl, ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey); ----------------------------------------------------------------------- Summary of changes: NEWS | 17 +++- configure.ac | 2 +- g10/openfile.c | 16 ++-- po/be.po | 3 - po/ca.po | 3 - po/cs.po | 6 +- po/da.po | 6 +- po/de.po | 6 +- po/el.po | 3 - po/eo.po | 3 - po/es.po | 6 +- po/et.po | 3 - po/fi.po | 3 - po/fr.po | 6 +- po/gl.po | 3 - po/hu.po | 3 - po/id.po | 3 - po/it.po | 3 - po/ja.po | 6 +- po/nb.po | 3 - po/pl.po | 6 +- po/pt.po | 3 - po/pt_BR.po | 3 - po/ro.po | 3 - po/ru.po | 6 +- po/sk.po | 3 - po/sv.po | 6 +- po/tr.po | 6 +- po/uk.po | 6 +- po/zh_CN.po | 3 - po/zh_TW.po | 6 +- sm/gpgsm.c | 7 +- sm/gpgsm.h | 15 +-- sm/keydb.c | 293 ++++++++++++++++++++++++++++++++++++++++---------------- 34 files changed, 282 insertions(+), 188 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 13 17:20:43 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 13 Aug 2014 17:20:43 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-1.2.0-6-g230930b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 230930b568bb016ed13f0daa70b69922c3f4214a (commit) via 2d31fa45c317cf9e349a023839177d463c69e17b (commit) from aeec79a154f4fcc5348c0dafe1742278fb2e4a62 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 230930b568bb016ed13f0daa70b69922c3f4214a Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Post release updates -- diff --git a/NEWS b/NEWS index 734caea..9dc73d3 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes for version 1.2.2 (unreleased) +================================================= + + Noteworthy changes for version 1.2.1 (2014-08-13) ================================================= diff --git a/configure.ac b/configure.ac index 3297975..b8b16b6 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ min_automake_version="1.9.4" # (git tag -s gpgol-k.n.m) and run "./autogen.sh --force". Please # bump the version number immediately *after* the release and do # another commit and push so that the git magic is able to work. -m4_define([mym4_version], [1.2.1]) +m4_define([mym4_version], [1.2.2]) # Below is m4 magic to extract and compute the git revision number, # the decimalized short revision number, a beta version string and a commit 2d31fa45c317cf9e349a023839177d463c69e17b Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 Release 1.2.1 diff --git a/.gitignore b/.gitignore index 975a886..1115134 100644 --- a/.gitignore +++ b/.gitignore @@ -10,7 +10,6 @@ /doc/Makefile /doc/Makefile.in /doc/gpgol.info -/doc/mdate-sh /doc/stamp-vti /doc/version.texi /forms/Makefile diff --git a/NEWS b/NEWS index 1ac9208..734caea 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,9 @@ -Noteworthy changes for version 1.2.1 (unreleased) +Noteworthy changes for version 1.2.1 (2014-08-13) ================================================= - * Fixed recipient / sender lookup problems when using exchange or - active directory. + * Fixed recipient/sender lookup problems when using Exchange or + Active Directory. + Noteworthy changes for version 1.2.0 (2013-08-19) ================================================= diff --git a/doc/mdate-sh b/doc/mdate-sh new file mode 100755 index 0000000..60dc485 --- /dev/null +++ b/doc/mdate-sh @@ -0,0 +1,225 @@ +#!/bin/sh +# Get modification time of a file or directory and pretty-print it. + +scriptversion=2010-08-21.06; # UTC + +# Copyright (C) 1995, 1996, 1997, 2003, 2004, 2005, 2007, 2009, 2010 +# Free Software Foundation, Inc. +# written by Ulrich Drepper , June 1995 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +fi + +case $1 in + '') + echo "$0: No file. Try \`$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: mdate-sh [--help] [--version] FILE + +Pretty-print the modification day of FILE, in the format: +1 January 1970 + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "mdate-sh $scriptversion" + exit $? + ;; +esac + +error () +{ + echo "$0: $1" >&2 + exit 1 +} + + +# Prevent date giving response in another language. +LANG=C +export LANG +LC_ALL=C +export LC_ALL +LC_TIME=C +export LC_TIME + +# GNU ls changes its time format in response to the TIME_STYLE +# variable. Since we cannot assume `unset' works, revert this +# variable to its documented default. +if test "${TIME_STYLE+set}" = set; then + TIME_STYLE=posix-long-iso + export TIME_STYLE +fi + +save_arg1=$1 + +# Find out how to get the extended ls output of a file or directory. +if ls -L /dev/null 1>/dev/null 2>&1; then + ls_command='ls -L -l -d' +else + ls_command='ls -l -d' +fi +# Avoid user/group names that might have spaces, when possible. +if ls -n /dev/null 1>/dev/null 2>&1; then + ls_command="$ls_command -n" +fi + +# A `ls -l' line looks as follows on OS/2. +# drwxrwx--- 0 Aug 11 2001 foo +# This differs from Unix, which adds ownership information. +# drwxrwx--- 2 root root 4096 Aug 11 2001 foo +# +# To find the date, we split the line on spaces and iterate on words +# until we find a month. This cannot work with files whose owner is a +# user named `Jan', or `Feb', etc. However, it's unlikely that `/' +# will be owned by a user whose name is a month. So we first look at +# the extended ls output of the root directory to decide how many +# words should be skipped to get the date. + +# On HPUX /bin/sh, "set" interprets "-rw-r--r--" as options, so the "x" below. +set x`$ls_command /` + +# Find which argument is the month. +month= +command= +until test $month +do + test $# -gt 0 || error "failed parsing \`$ls_command /' output" + shift + # Add another shift to the command. + command="$command shift;" + case $1 in + Jan) month=January; nummonth=1;; + Feb) month=February; nummonth=2;; + Mar) month=March; nummonth=3;; + Apr) month=April; nummonth=4;; + May) month=May; nummonth=5;; + Jun) month=June; nummonth=6;; + Jul) month=July; nummonth=7;; + Aug) month=August; nummonth=8;; + Sep) month=September; nummonth=9;; + Oct) month=October; nummonth=10;; + Nov) month=November; nummonth=11;; + Dec) month=December; nummonth=12;; + esac +done + +test -n "$month" || error "failed parsing \`$ls_command /' output" + +# Get the extended ls output of the file or directory. +set dummy x`eval "$ls_command \"\\\$save_arg1\""` + +# Remove all preceding arguments +eval $command + +# Because of the dummy argument above, month is in $2. +# +# On a POSIX system, we should have +# +# $# = 5 +# $1 = file size +# $2 = month +# $3 = day +# $4 = year or time +# $5 = filename +# +# On Darwin 7.7.0 and 7.6.0, we have +# +# $# = 4 +# $1 = day +# $2 = month +# $3 = year or time +# $4 = filename + +# Get the month. +case $2 in + Jan) month=January; nummonth=1;; + Feb) month=February; nummonth=2;; + Mar) month=March; nummonth=3;; + Apr) month=April; nummonth=4;; + May) month=May; nummonth=5;; + Jun) month=June; nummonth=6;; + Jul) month=July; nummonth=7;; + Aug) month=August; nummonth=8;; + Sep) month=September; nummonth=9;; + Oct) month=October; nummonth=10;; + Nov) month=November; nummonth=11;; + Dec) month=December; nummonth=12;; +esac + +case $3 in + ???*) day=$1;; + *) day=$3; shift;; +esac + +# Here we have to deal with the problem that the ls output gives either +# the time of day or the year. +case $3 in + *:*) set `date`; eval year=\$$# + case $2 in + Jan) nummonthtod=1;; + Feb) nummonthtod=2;; + Mar) nummonthtod=3;; + Apr) nummonthtod=4;; + May) nummonthtod=5;; + Jun) nummonthtod=6;; + Jul) nummonthtod=7;; + Aug) nummonthtod=8;; + Sep) nummonthtod=9;; + Oct) nummonthtod=10;; + Nov) nummonthtod=11;; + Dec) nummonthtod=12;; + esac + # For the first six month of the year the time notation can also + # be used for files modified in the last year. + if (expr $nummonth \> $nummonthtod) > /dev/null; + then + year=`expr $year - 1` + fi;; + *) year=$3;; +esac + +# The result. +echo $day $month $year + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: ----------------------------------------------------------------------- Summary of changes: .gitignore | 1 - NEWS | 11 ++- configure.ac | 2 +- doc/mdate-sh | 225 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 234 insertions(+), 5 deletions(-) create mode 100755 doc/mdate-sh hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 14 11:30:57 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 14 Aug 2014 11:30:57 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta751-26-gae29b52 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via ae29b52119aa419989b773b2d6abb6e287dfc81b (commit) via 2b8d8369d59249b89526c18c5ac276e6445dc35e (commit) via 49c9a958e0b786850309bca555d4465c97d337e1 (commit) via 71b55e91f02cdb65a8884892f71c4c7bf8a75247 (commit) via 7d0492075ea638607309b3ea6a792b0e95ea7d98 (commit) from cb127024b9ca893f83bc26ebaa8769bf09c2fcff (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ae29b52119aa419989b773b2d6abb6e287dfc81b Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpg: Disable an MD5 workaround for pgp2 by default. * g10/sig-check.c (do_check): Move some code to ... * g10/misc.c (print_md5_rejected_note): new function. * g10/mainproc.c (proc_tree, proc_plaintext): Enable MD5 workaround only if option --allow-weak-digest-algos is used. diff --git a/g10/main.h b/g10/main.h index 4ec4bbf..8fe03ac 100644 --- a/g10/main.h +++ b/g10/main.h @@ -74,6 +74,7 @@ extern int g10_errors_seen; void print_pubkey_algo_note (pubkey_algo_t algo); void print_cipher_algo_note (cipher_algo_t algo); void print_digest_algo_note (digest_algo_t algo); +void print_md5_rejected_note (void); /*-- armor.c --*/ char *make_radix64_string( const byte *data, size_t len ); diff --git a/g10/mainproc.c b/g10/mainproc.c index 51392e3..7c699b3 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -694,7 +694,8 @@ proc_plaintext( CTX c, PACKET *pkt ) gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } - if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) { + if (opt.pgp2_workarounds && only_md5 && !opt.skip_verify + && opt.flags.allow_weak_digest_algos) { /* This is a kludge to work around a bug in pgp2. It does only * catch those mails which are armored. To catch the non-armored * pgp mails we could see whether there is the signature packet @@ -2132,7 +2133,8 @@ proc_tree( CTX c, KBNODE node ) if( !opt.pgp2_workarounds ) ; else if( sig->digest_algo == DIGEST_ALGO_MD5 - && is_RSA( sig->pubkey_algo ) ) { + && is_RSA( sig->pubkey_algo) + && opt.flags.allow_weak_digest_algos) { /* enable a workaround for a pgp2 bug */ if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0)) BUG (); @@ -2145,16 +2147,17 @@ proc_tree( CTX c, KBNODE node ) if (gcry_md_open (&c->mfx.md2, sig->digest_algo, 0 )) BUG (); } -#if 0 /* workaround disabled */ - /* Here we have another hack to work around a pgp 2 bug - * It works by not using the textmode for detached signatures; - * this will let the first signature check (on md) fail - * but the second one (on md2) which adds an extra CR should - * then produce the "correct" hash. This is very, very ugly - * hack but it may help in some cases (and break others) - */ - /* c->mfx.md2? 0 :(sig->sig_class == 0x01) */ -#endif + + /* Here we used to have another hack to work around a pgp + * 2 bug: It worked by not using the textmode for detached + * signatures; this would let the first signature check + * (on md) fail but the second one (on md2), which adds an + * extra CR would then have produced the "correct" hash. + * This is very, very ugly hack but it may haved help in + * some cases (and break others). + * c->mfx.md2? 0 :(sig->sig_class == 0x01) + */ + if ( DBG_HASHING ) { gcry_md_debug( c->mfx.md, "verify" ); if ( c->mfx.md2 ) diff --git a/g10/misc.c b/g10/misc.c index 0ad4602..54c2f89 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -342,6 +342,21 @@ print_digest_algo_note (digest_algo_t algo) } +void +print_md5_rejected_note (void) +{ + static int shown; + + if (!shown) + { + log_info + (_("Note: signatures using the %s algorithm are rejected\n"), + "MD5"); + shown = 1; + } +} + + /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do this for algorithms we implemented in Libgcrypt after they become part of OpenPGP. */ diff --git a/g10/sig-check.c b/g10/sig-check.c index 0cbb7f2..ad2ab5c 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -269,16 +269,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest, if (sig->digest_algo == GCRY_MD_MD5 && !opt.flags.allow_weak_digest_algos) { - static int shown; - - if (!shown) - { - log_info - (_("Note: signatures using the %s algorithm are rejected\n"), - "MD5"); - shown = 1; - } - + print_md5_rejected_note (); return GPG_ERR_DIGEST_ALGO; } commit 2b8d8369d59249b89526c18c5ac276e6445dc35e Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpg: Remove options --pgp2 and --rfc1991. * g10/gpg.c (oRFC1991, oPGP2): Remove (opts): Remove --pgp2 and --rfc1991. * g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users. (RFC2440, PGP2): Remove. Remove all code only enabled by these conditions. * tests/openpgp/clearsig.test: Remove --rfc1991 test. -- The use of PGP 2.c is considered insecure for quite some time now (e.g. due to the use of MD5). Thus we remove all support for _creating_ PGP 2 compatible messages. diff --git a/NEWS b/NEWS index 2fcbaeb..d78c6d7 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ Noteworthy changes in version 2.1.0-betaxxx (unreleased) -------------------------------------------------------- + * gpg: Removed the option --pgp2 and --rfc1991 and the ability to + create PGP-2 compatible messages. + Noteworthy changes in version 2.1.0-beta751 (2014-07-03) -------------------------------------------------------- diff --git a/doc/gpg.texi b/doc/gpg.texi index d0da837..36aa18e 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1476,7 +1476,7 @@ Set what trust model GnuPG should follow. The models are: @item classic @opindex trust-mode:classic - This is the standard Web of Trust as used in PGP 2.x and earlier. + This is the standard Web of Trust as introduced by PGP 2. @item direct @opindex trust-mode:direct @@ -2342,9 +2342,11 @@ behavior. Note that this is currently the same thing as Reset all packet, cipher and digest options to strict RFC-2440 behavior. + at ifclear gpgtowone @item --rfc1991 @opindex rfc1991 -Try to be more RFC-1991 (PGP 2.x) compliant. +Try to be more RFC-1991 (PGP 2.x) compliant. This option is +deprecated will be removed in GnuPG 2.1. @item --pgp2 @opindex pgp2 @@ -2367,6 +2369,12 @@ This option implies @end ifclear It also disables @option{--textmode} when encrypting. +This option is deprecated will be removed in GnuPG 2.1. The reason +for dropping PGP-2 support is that the PGP 2 format is not anymore +considered safe (for example due to the use of the broken MD5 algorithm). +Note that the decryption of PGP-2 created messages will continue to work. + at end ifclear + @item --pgp6 @opindex pgp6 Set up all options to be as PGP 6 compliant as possible. This diff --git a/g10/cipher.c b/g10/cipher.c index 10f0ebb..b72b144 100644 --- a/g10/cipher.c +++ b/g10/cipher.c @@ -56,7 +56,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a ) memset( &ed, 0, sizeof ed ); ed.len = cfx->datalen; ed.extralen = blocksize+2; - ed.new_ctb = !ed.len && !RFC1991; + ed.new_ctb = !ed.len; if( cfx->dek->use_mdc ) { ed.mdc_method = DIGEST_ALGO_SHA1; gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0); diff --git a/g10/encrypt.c b/g10/encrypt.c index 5b10b73..d1ce933 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -104,8 +104,8 @@ encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey) static int use_mdc(PK_LIST pk_list,int algo) { - /* RFC-1991 and 2440 don't have MDC */ - if(RFC1991 || RFC2440) + /* RFC-2440 don't has MDC */ + if (RFC2440) return 0; /* --force-mdc overrides --disable-mdc */ @@ -174,7 +174,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) compress_filter_context_t zfx; text_filter_context_t tfx; progress_filter_context_t *pfx; - int do_compress = !RFC1991 && default_compress_algo(); + int do_compress = !!default_compress_algo(); pfx = new_progress_context (); memset( &cfx, 0, sizeof cfx); @@ -206,19 +206,13 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if (opt.textmode) iobuf_push_filter( inp, text_filter, &tfx ); - /* Due the the fact that we use don't use an IV to encrypt the - session key we can't use the new mode with RFC1991 because it has - no S2K salt. RFC1991 always uses simple S2K. */ - if ( RFC1991 && use_seskey ) - use_seskey = 0; - cfx.dek = NULL; if ( mode ) { int canceled; s2k = xmalloc_clear( sizeof *s2k ); - s2k->mode = RFC1991? 0:opt.s2k_mode; + s2k->mode = opt.s2k_mode; s2k->hash_algo = S2K_DIGEST_ALGO; cfx.dek = passphrase_to_dek (NULL, 0, default_cipher_algo(), s2k, 4, @@ -279,7 +273,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) push_armor_filter (afx, out); } - if ( s2k && !RFC1991 ) + if ( s2k ) { PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc + seskeylen + 1 ); enc->version = 4; @@ -335,7 +329,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) pt->timestamp = make_timestamp(); pt->mode = opt.textmode? 't' : 'b'; pt->len = filesize; - pt->new_ctb = !pt->len && !RFC1991; + pt->new_ctb = !pt->len; pt->buf = inp; pkt.pkttype = PKT_PLAINTEXT; pkt.pkt.plaintext = pt; @@ -478,13 +472,13 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, compress_filter_context_t zfx; text_filter_context_t tfx; progress_filter_context_t *pfx; - PK_LIST pk_list, work_list; + PK_LIST pk_list; int do_compress; if (filefd != -1 && filename) return gpg_error (GPG_ERR_INV_ARG); - do_compress = opt.compress_algo && !RFC1991; + do_compress = !!opt.compress_algo; pfx = new_progress_context (); memset( &cfx, 0, sizeof cfx); @@ -510,19 +504,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, } } - if(PGP2) - { - for (work_list=pk_list; work_list; work_list=work_list->next) - if (!(is_RSA (work_list->pk->pubkey_algo) - && nbits_from_pk (work_list->pk) <= 2048)) - { - log_info(_("you can only encrypt to RSA keys of 2048 bits or " - "less in --pgp2 mode\n")); - compliance_failure(); - break; - } - } - /* Prepare iobufs. */ #ifdef HAVE_W32_SYSTEM if (filefd == -1) @@ -592,13 +573,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, if (cfx.dek->algo == -1) { cfx.dek->algo = CIPHER_ALGO_3DES; - - if (PGP2) - { - log_info(_("unable to use the IDEA cipher for all of the keys " - "you are encrypting to.\n")); - compliance_failure(); - } } /* In case 3DES has been selected, print a warning if any key @@ -687,7 +661,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, pt->timestamp = make_timestamp(); pt->mode = opt.textmode ? 't' : 'b'; pt->len = filesize; - pt->new_ctb = !pt->len && !RFC1991; + pt->new_ctb = !pt->len; pt->buf = inp; pkt.pkttype = PKT_PLAINTEXT; pkt.pkt.plaintext = pt; @@ -895,7 +869,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out) keyid_from_pk( pk, enc->keyid ); enc->throw_keyid = (opt.throw_keyid || (pk_list->flags&1)); - if (opt.throw_keyid && (PGP2 || PGP6 || PGP7 || PGP8)) + if (opt.throw_keyid && (PGP6 || PGP7 || PGP8)) { log_info(_("you may not use %s while in %s mode\n"), "--throw-keyid",compliance_option_string()); diff --git a/g10/gpg.c b/g10/gpg.c index f5b2231..7ba193b 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -205,11 +205,9 @@ enum cmd_and_opt_values oMaxCertDepth, oLoadExtension, oGnuPG, - oRFC1991, oRFC2440, oRFC4880, oOpenPGP, - oPGP2, oPGP6, oPGP7, oPGP8, @@ -573,11 +571,9 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oGnuPG, "no-pgp6", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp7", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"), - ARGPARSE_s_n (oRFC1991, "rfc1991", "@"), ARGPARSE_s_n (oRFC2440, "rfc2440", "@"), ARGPARSE_s_n (oRFC4880, "rfc4880", "@"), ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")), - ARGPARSE_s_n (oPGP2, "pgp2", "@"), ARGPARSE_s_n (oPGP6, "pgp6", "@"), ARGPARSE_s_n (oPGP7, "pgp7", "@"), ARGPARSE_s_n (oPGP8, "pgp8", "@"), @@ -2484,11 +2480,6 @@ main (int argc, char **argv) /* Dummy so that gpg 1.4 conf files can work. Should eventually be removed. */ break; - case oRFC1991: - opt.compliance = CO_RFC1991; - opt.force_v4_certs = 0; - opt.escape_from = 1; - break; case oOpenPGP: case oRFC4880: /* This is effectively the same as RFC2440, but with @@ -2530,7 +2521,6 @@ main (int argc, char **argv) opt.s2k_digest_algo = DIGEST_ALGO_SHA1; opt.s2k_cipher_algo = CIPHER_ALGO_3DES; break; - case oPGP2: opt.compliance = CO_PGP2; break; case oPGP6: opt.compliance = CO_PGP6; break; case oPGP7: opt.compliance = CO_PGP7; break; case oPGP8: opt.compliance = CO_PGP8; break; @@ -3238,78 +3228,7 @@ main (int argc, char **argv) log_clock ("start"); /* Do these after the switch(), so they can override settings. */ - if(PGP2) - { - int unusable=0; - - if(cmd==aSign && !detached_sig) - { - log_info(_("you can only make detached or clear signatures " - "while in --pgp2 mode\n")); - unusable=1; - } - else if(cmd==aSignEncr || cmd==aSignSym) - { - log_info(_("you can't sign and encrypt at the " - "same time while in --pgp2 mode\n")); - unusable=1; - } - else if(argc==0 && (cmd==aSign || cmd==aEncr || cmd==aSym)) - { - log_info(_("you must use files (and not a pipe) when " - "working with --pgp2 enabled.\n")); - unusable=1; - } - else if(cmd==aEncr || cmd==aSym) - { - /* Everything else should work without IDEA (except using - a secret key encrypted with IDEA and setting an IDEA - preference, but those have their own error - messages). */ - - if (openpgp_cipher_test_algo(CIPHER_ALGO_IDEA)) - { - log_info(_("encrypting a message in --pgp2 mode requires " - "the IDEA cipher\n")); - unusable=1; - } - else if(cmd==aSym) - { - /* This only sets IDEA for symmetric encryption - since it is set via select_algo_from_prefs for - pk encryption. */ - xfree(def_cipher_string); - def_cipher_string = xstrdup("idea"); - } - - /* PGP2 can't handle the output from the textmode - filter, so we disable it for anything that could - create a literal packet (only encryption and - symmetric encryption, since we disable signing - above). */ - if(!unusable) - opt.textmode=0; - } - - if(unusable) - compliance_failure(); - else - { - opt.force_v4_certs = 0; - opt.escape_from = 1; - opt.force_v3_sigs = 1; - opt.pgp2_workarounds = 1; - opt.ask_sig_expire = 0; - opt.ask_cert_expire = 0; - opt.flags.allow_weak_digest_algos = 1; - xfree(def_digest_string); - def_digest_string = xstrdup("md5"); - xfree(s2k_digest_string); - s2k_digest_string = xstrdup("md5"); - opt.compress_algo = COMPRESS_ALGO_ZIP; - } - } - else if(PGP6) + if(PGP6) { opt.disable_mdc=1; opt.escape_from=1; @@ -3675,7 +3594,7 @@ main (int argc, char **argv) else if(opt.s2k_mode==0) log_error(_("you cannot use --symmetric --encrypt" " with --s2k-mode 0\n")); - else if(PGP2 || PGP6 || PGP7 || RFC1991) + else if(PGP6 || PGP7) log_error(_("you cannot use --symmetric --encrypt" " while in %s mode\n"),compliance_option_string()); else @@ -3726,7 +3645,7 @@ main (int argc, char **argv) else if(opt.s2k_mode==0) log_error(_("you cannot use --symmetric --sign --encrypt" " with --s2k-mode 0\n")); - else if(PGP2 || PGP6 || PGP7 || RFC1991) + else if(PGP6 || PGP7) log_error(_("you cannot use --symmetric --sign --encrypt" " while in %s mode\n"),compliance_option_string()); else diff --git a/g10/keyedit.c b/g10/keyedit.c index 77bd37f..1d80625 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -518,19 +518,6 @@ sign_uids (estream_t fp, KBNODE node, uidnode; PKT_public_key *primary_pk = NULL; int select_all = !count_selected_uids (keyblock) || interactive; - int all_v3 = 1; - - /* Are there any non-v3 sigs on this key already? */ - if (PGP2) - { - for (node = keyblock; node; node = node->next) - if (node->pkt->pkttype == PKT_SIGNATURE && - node->pkt->pkt.signature->version > 3) - { - all_v3 = 0; - break; - } - } /* Build a list of all signators. * @@ -894,29 +881,6 @@ sign_uids (estream_t fp, if (duration) force_v4 = 1; - /* Is --pgp2 on, it's a v3 key, all the sigs on the key are - currently v3 and we're about to sign it with a v4 sig? If - so, danger! */ - if (PGP2 && all_v3 && - (pk->version > 3 || force_v4) && primary_pk->version <= 3) - { - tty_fprintf (fp, _("You may not make an OpenPGP signature on a " - "PGP 2.x key while in --pgp2 mode.\n")); - tty_fprintf (fp, _("This would make the key unusable in PGP 2.x.\n")); - - if (opt.expert && !quick) - { - if (!cpr_get_answer_is_yes ("sign_uid.v4_on_v3_okay", - _("Are you sure you still " - "want to sign it? (y/N) "))) - continue; - - all_v3 = 0; - } - else - continue; - } - if (selfsig) ; else @@ -1773,7 +1737,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdADDPHOTO: - if (RFC2440 || RFC1991 || PGP2) + if (RFC2440) { tty_printf (_("This command is not allowed while in %s mode.\n"), compliance_option_string ()); diff --git a/g10/keygen.c b/g10/keygen.c index af5d34d..ed11a2f 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -341,16 +341,6 @@ keygen_set_std_prefs (const char *string,int personal) if ( !openpgp_cipher_test_algo (CIPHER_ALGO_CAST5) ) strcat(dummy_string,"S3 "); strcat(dummy_string,"S2 "); /* 3DES */ - /* If we have it, IDEA goes *after* 3DES so it won't be - used unless we're encrypting along with a V3 key. - Ideally, we would only put the S1 preference in if the - key was RSA and <=2048 bits, as that is what won't - break PGP2, but that is difficult with the current - code, and not really worth checking as a non-RSA <=2048 - bit key wouldn't be usable by PGP2 anyway. -dms */ - if (PGP2 && !openpgp_cipher_test_algo (CIPHER_ALGO_IDEA) ) - strcat(dummy_string,"S1 "); - /* The default hash algo order is: SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. diff --git a/g10/misc.c b/g10/misc.c index 0125da4..0ad4602 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -1191,8 +1191,6 @@ compliance_option_string(void) case CO_GNUPG: return "--gnupg"; case CO_RFC4880: return "--openpgp"; case CO_RFC2440: return "--rfc2440"; - case CO_RFC1991: return "--rfc1991"; - case CO_PGP2: return "--pgp2"; case CO_PGP6: return "--pgp6"; case CO_PGP7: return "--pgp7"; case CO_PGP8: return "--pgp8"; @@ -1220,14 +1218,6 @@ compliance_failure(void) ver="OpenPGP (older)"; break; - case CO_RFC1991: - ver="old PGP"; - break; - - case CO_PGP2: - ver="PGP 2.x"; - break; - case CO_PGP6: ver="PGP 6.x"; break; diff --git a/g10/options.h b/g10/options.h index e407aa4..7efb3d6 100644 --- a/g10/options.h +++ b/g10/options.h @@ -121,7 +121,7 @@ struct int force_ownertrust; enum { - CO_GNUPG, CO_RFC4880, CO_RFC2440, CO_RFC1991, CO_PGP2, + CO_GNUPG, CO_RFC4880, CO_RFC2440, CO_PGP6, CO_PGP7, CO_PGP8 } compliance; enum @@ -307,14 +307,12 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; /* Compatibility flags. */ #define GNUPG (opt.compliance==CO_GNUPG) -#define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2) #define RFC2440 (opt.compliance==CO_RFC2440) #define RFC4880 (opt.compliance==CO_RFC4880) -#define PGP2 (opt.compliance==CO_PGP2) #define PGP6 (opt.compliance==CO_PGP6) #define PGP7 (opt.compliance==CO_PGP7) #define PGP8 (opt.compliance==CO_PGP8) -#define PGPX (PGP2 || PGP6 || PGP7 || PGP8) +#define PGPX (PGP6 || PGP7 || PGP8) /* Various option flags. Note that there should be no common string names between the IMPORT_ and EXPORT_ flags as they can be mixed in diff --git a/g10/pkclist.c b/g10/pkclist.c index e783ae4..1032b01 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -928,7 +928,7 @@ build_pk_list (ctrl_t ctrl, /* Hidden recipients are not allowed while in PGP mode, issue a warning and switch into GnuPG mode. */ - if ((rov->flags&2) && (PGP2 || PGP6 || PGP7 || PGP8)) + if ((rov->flags&2) && (PGP6 || PGP7 || PGP8)) { log_info(_("you may not use %s while in %s mode\n"), "--hidden-recipient", @@ -978,7 +978,7 @@ build_pk_list (ctrl_t ctrl, /* Hidden encrypt-to recipients are not allowed while in PGP mode, issue a warning and switch into GnuPG mode. */ - if ((r->flags&1) && (PGP2 || PGP6 || PGP7 || PGP8)) + if ((r->flags&1) && (PGP6 || PGP7 || PGP8)) { log_info(_("you may not use %s while in %s mode\n"), "--hidden-encrypt-to", @@ -1344,10 +1344,7 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, dropped from 4880 but is still relevant to GPG's 1991 support. All this doesn't mean IDEA is actually available, of course. */ - if(PGP2 && pkr->pk->version<4 && pkr->pk->selfsigversion<4) - implicit=CIPHER_ALGO_IDEA; - else - implicit=CIPHER_ALGO_3DES; + implicit=CIPHER_ALGO_3DES; break; @@ -1359,12 +1356,7 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, mode, and that's the only time PREFTYPE_HASH is used anyway. -dms */ - /* MD5 is there for v3 keys with v3 selfsigs when --pgp2 is - on. */ - if(PGP2 && pkr->pk->version<4 && pkr->pk->selfsigversion<4) - implicit=DIGEST_ALGO_MD5; - else - implicit=DIGEST_ALGO_SHA1; + implicit=DIGEST_ALGO_SHA1; break; diff --git a/g10/revoke.c b/g10/revoke.c index bf5e33b..67f62e5 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -473,7 +473,7 @@ create_revocation (const char *filename, goto leave; } - if (keyblock && (PGP2 || PGP6 || PGP7 || PGP8)) + if (keyblock && (PGP6 || PGP7 || PGP8)) { /* Use a minimal pk for PGPx mode, since PGP can't import bare revocation certificates. */ diff --git a/g10/server.c b/g10/server.c index e87c871..b019d1a 100644 --- a/g10/server.c +++ b/g10/server.c @@ -320,10 +320,6 @@ cmd_encrypt (assuan_context_t ctx, char *line) goto leave; } - /* Fixme: Check that we are using real files and not pipes if in - PGP-2 mode. Do all the other checks we do in gpg.c for aEncr. - Maybe we should drop the PGP2 compatibility. */ - /* FIXME: GPGSM does this here: Add all encrypt-to marked recipients from the default list. */ diff --git a/g10/sign.c b/g10/sign.c index 9aa4da4..c8139d7 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -509,11 +509,6 @@ hash_for (PKT_public_key *pk) return DIGEST_ALGO_SHA1; } - else if (PGP2 && pk->pubkey_algo == PUBKEY_ALGO_RSA && pk->version < 4 ) - { - /* Old-style PGP only understands MD5 */ - return DIGEST_ALGO_MD5; - } else if (opt.personal_digest_prefs) { /* It's not DSA, so we can use whatever the first hash algorithm @@ -659,7 +654,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode) pt->timestamp = make_timestamp (); pt->mode = ptmode; pt->len = filesize; - pt->new_ctb = !pt->len && !RFC1991; + pt->new_ctb = !pt->len; pt->buf = inp; init_packet(&pkt); pkt.pkttype = PKT_PLAINTEXT; @@ -710,7 +705,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, /* Build the signature packet. */ sig = xmalloc_clear (sizeof *sig); - if (opt.force_v3_sigs || RFC1991) + if (opt.force_v3_sigs) sig->version = 3; else if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) @@ -819,7 +814,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) goto leave; - if(!opt.force_v3_sigs && !RFC1991) + if(!opt.force_v3_sigs) { if(opt.ask_sig_expire && !opt.batch) duration=ask_expire_interval(1,opt.def_sig_expire); @@ -832,13 +827,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, if( (rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_SIG )) ) goto leave; - if(PGP2 && !only_old_style(sk_list)) - { - log_info(_("you can only detach-sign with PGP 2.x style keys " - "while in --pgp2 mode\n")); - compliance_failure(); - } - if (encryptflag && (rc=build_pk_list (ctrl, remusr, &pk_list, PUBKEY_USAGE_ENC))) goto leave; @@ -986,7 +974,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, if( !multifile ) iobuf_push_filter( inp, md_filter, &mfx ); - if( detached && !encryptflag && !RFC1991 ) + if( detached && !encryptflag) afx->what = 2; if( opt.armor && !outfile ) @@ -1029,7 +1017,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, } /* Write the one-pass signature packets if needed */ - if (!detached && !RFC1991) { + if (!detached) { rc = write_onepass_sig_packets (sk_list, out, opt.textmode && !outfile ? 0x01:0x00); if (rc) @@ -1135,7 +1123,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) int rc = 0; SK_LIST sk_list = NULL; SK_LIST sk_rover = NULL; - int old_style = RFC1991; + int old_style = 0; int only_md5 = 0; u32 duration=0; @@ -1143,7 +1131,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) afx = new_armor_context (); init_packet( &pkt ); - if(!opt.force_v3_sigs && !RFC1991) + if(!opt.force_v3_sigs) { if(opt.ask_sig_expire && !opt.batch) duration=ask_expire_interval(1,opt.def_sig_expire); @@ -1156,16 +1144,9 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) if( (rc=build_sk_list( locusr, &sk_list, PUBKEY_USAGE_SIG )) ) goto leave; - if( !old_style && !duration ) + if(!duration ) old_style = only_old_style( sk_list ); - if(PGP2 && !only_old_style(sk_list)) - { - log_info(_("you can only clearsign with PGP 2.x style keys " - "while in --pgp2 mode\n")); - compliance_failure(); - } - /* prepare iobufs */ inp = iobuf_open(fname); if (inp && is_secured_file (iobuf_get_fd (inp))) @@ -1311,7 +1292,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) memset( &cfx, 0, sizeof cfx); init_packet( &pkt ); - if(!opt.force_v3_sigs && !RFC1991) + if(!opt.force_v3_sigs) { if(opt.ask_sig_expire && !opt.batch) duration=ask_expire_interval(1,opt.def_sig_expire); @@ -1343,7 +1324,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) /* prepare key */ s2k = xmalloc_clear( sizeof *s2k ); - s2k->mode = RFC1991? 0:opt.s2k_mode; + s2k->mode = opt.s2k_mode; s2k->hash_algo = S2K_DIGEST_ALGO; algo = default_cipher_algo(); @@ -1389,7 +1370,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) /* Write the symmetric key packet */ /*(current filters: armor)*/ - if (!RFC1991) { + { PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc ); enc->version = 4; enc->cipher_algo = cfx.dek->algo; @@ -1410,12 +1391,10 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) /* Write the one-pass signature packets */ /*(current filters: zip - encrypt - armor)*/ - if (!RFC1991) { - rc = write_onepass_sig_packets (sk_list, out, - opt.textmode? 0x01:0x00); - if (rc) - goto leave; - } + rc = write_onepass_sig_packets (sk_list, out, + opt.textmode? 0x01:0x00); + if (rc) + goto leave; write_status_begin_signing (mfx.md); diff --git a/tests/openpgp/clearsig.test b/tests/openpgp/clearsig.test index 74631e1..bf67916 100755 --- a/tests/openpgp/clearsig.test +++ b/tests/openpgp/clearsig.test @@ -24,17 +24,6 @@ done # ====================================== -# and once more to check rfc1991 -# ====================================== - -if have_pubkey_algo "RSA"; then - for i in $plain_files plain-large ; do - $GPG -u $usrname3 --rfc1991 --digest-algo md5 --clearsign -o x --yes $i - $GPG --verify x - done -fi - -# ====================================== # and one with long lines # ====================================== cat >y <y <sigs_only ) { -+ if( c->sigs_only ) ++ if( c->sigs_only ) rc = hash_datafiles( c->mfx.md, NULL, c->signed_data, c->sigfilename, n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 ); commit 49c9a958e0b786850309bca555d4465c97d337e1 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 build: Fix autogen.sh base version hack. * autogen.sh : Fix. diff --git a/autogen.sh b/autogen.sh index a6b5909..cafecc9 100755 --- a/autogen.sh +++ b/autogen.sh @@ -216,9 +216,10 @@ if [ "$myhost" = "find-version" ]; then beta=no if [ -d .git ]; then ingit=yes - tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null \ - | awk -F- '$3!=0 && $3 !~ /^beta/ {print"-beta"$3}' ) - if [ -z "$tmp" ]; then + tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) + if [ -n "$tmp" ]; then + tmp=$(echo "$tmp"|awk -F- '$3!=0 && $3 !~ /^beta/ {print"-beta"$3}') + else tmp=$(git describe --match "${matchstr2}" --long 2>/dev/null \ | awk -F- '$4!=0{print"-beta"$4}') fi commit 71b55e91f02cdb65a8884892f71c4c7bf8a75247 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpg: Remove --compress-keys and --compress-sigs feature. * g10/gpg.c (oCompressKeys, oCompressSigs): Remove. (opts): Turn --compress-keys and --compress-signs in NOPs. * g10/options.h (opt): Remove fields compress_keys and compress_sigs. * g10/export.c (do_export): Remove compress_keys feature. * g10/sign.c (sign_file): Remove compress_sigs feature. -- These features are disabled in GnuPG since the very early days and they fulfill no real purpose. For now we keep the command line options as dummys. diff --git a/g10/export.c b/g10/export.c index 0aa44f3..6a921c1 100644 --- a/g10/export.c +++ b/g10/export.c @@ -213,8 +213,6 @@ do_export (ctrl_t ctrl, strlist_t users, int secret, unsigned int options ) afx->what = secret? 5 : 1; push_armor_filter (afx, out); } - if ( opt.compress_keys ) - push_compress_filter (out,&zfx,default_compress_algo()); } rc = do_export_stream (ctrl, out, users, secret, NULL, options, &any ); diff --git a/g10/gpg.c b/g10/gpg.c index 666e970..f5b2231 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -251,8 +251,6 @@ enum cmd_and_opt_values oSkipVerify, oSkipHiddenRecipients, oNoSkipHiddenRecipients, - oCompressKeys, - oCompressSigs, oAlwaysTrust, oTrustModel, oForceOwnertrust, @@ -563,9 +561,6 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"), ARGPARSE_s_s (oAttributeFile, "attribute-file", "@"), - ARGPARSE_s_n (oNoop, "sk-comments", "@"), - ARGPARSE_s_n (oNoop, "no-sk-comments", "@"), - ARGPARSE_s_i (oCompletesNeeded, "completes-needed", "@"), ARGPARSE_s_i (oMarginalsNeeded, "marginals-needed", "@"), ARGPARSE_s_i (oMaxCertDepth, "max-cert-depth", "@" ), @@ -672,8 +667,6 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), - ARGPARSE_s_n (oCompressKeys, "compress-keys", "@"), - ARGPARSE_s_n (oCompressSigs, "compress-sigs", "@"), ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */ ARGPARSE_s_n (oAlwaysTrust, "always-trust", "@"), ARGPARSE_s_s (oTrustModel, "trust-model", "@"), @@ -799,6 +792,12 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), + /* Dummy options. */ + ARGPARSE_s_n (oNoop, "sk-comments", "@"), + ARGPARSE_s_n (oNoop, "no-sk-comments", "@"), + ARGPARSE_s_n (oNoop, "compress-keys", "@"), + ARGPARSE_s_n (oNoop, "compress-sigs", "@"), + ARGPARSE_end () }; @@ -2459,7 +2458,6 @@ main (int argc, char **argv) case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break; case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break; - case oCompressKeys: opt.compress_keys = 1; break; case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break; #ifndef NO_TRUST_MODELS @@ -2505,8 +2503,6 @@ main (int argc, char **argv) opt.pgp2_workarounds = 0; opt.escape_from = 1; opt.force_v3_sigs = 0; - opt.compress_keys = 0; /* not mandated, but we do it */ - opt.compress_sigs = 0; /* ditto. */ opt.not_dash_escaped = 0; opt.def_cipher_algo = 0; opt.def_digest_algo = 0; @@ -2525,8 +2521,6 @@ main (int argc, char **argv) opt.pgp2_workarounds = 0; opt.escape_from = 0; opt.force_v3_sigs = 0; - opt.compress_keys = 0; /* not mandated, but we do it */ - opt.compress_sigs = 0; /* ditto. */ opt.not_dash_escaped = 0; opt.def_cipher_algo = 0; opt.def_digest_algo = 0; @@ -2541,7 +2535,6 @@ main (int argc, char **argv) case oPGP7: opt.compliance = CO_PGP7; break; case oPGP8: opt.compliance = CO_PGP8; break; case oGnuPG: opt.compliance = CO_GNUPG; break; - case oCompressSigs: opt.compress_sigs = 1; break; case oRFC2440Text: opt.rfc2440_text=1; break; case oNoRFC2440Text: opt.rfc2440_text=0; break; case oSetFilename: diff --git a/g10/options.h b/g10/options.h index 266b3e9..e407aa4 100644 --- a/g10/options.h +++ b/g10/options.h @@ -111,8 +111,7 @@ struct int skip_verify; int skip_hidden_recipients; - int compress_keys; - int compress_sigs; + /* TM_CLASSIC must be zero to accomodate trustdbs generated before we started storing the trust model inside the trustdb. */ enum diff --git a/g10/sign.c b/g10/sign.c index 907d8c5..9aa4da4 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -998,7 +998,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, iobuf_push_filter( out, encrypt_filter, &efx ); } - if( opt.compress_algo && !outfile && ( !detached || opt.compress_sigs) ) + if (opt.compress_algo && !outfile && !detached) { int compr_algo=opt.compress_algo; commit 7d0492075ea638607309b3ea6a792b0e95ea7d98 Author: Werner Koch Date: Tue Aug 12 10:36:30 2014 +0200 gpg: Add list-option "show-usage". * g10/gpg.c (parse_list_options): Add "show-usage". * g10/options.h (LIST_SHOW_USAGE): New. * g10/keyid.c (usagestr_from_pk): Add arg FILL. Change caller. * g10/keylist.c (list_keyblock_print): Print usage info. diff --git a/doc/gpg.texi b/doc/gpg.texi index e0b0039..d0da837 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1096,6 +1096,13 @@ give the opposite meaning. The options are: see @option{--attribute-fd} for the appropriate way to get photo data for scripts and other frontends. + @item show-usage + @opindex list-options:show-usage + Show usage information for keys and subkeys in the standard key + listing. This is a list of letters indicating the allowed usage for a + key (@code{E}=encryption, @code{S}=signing, @code{C}=certification, + @code{A}=authentication). Defaults to no. + @item show-policy-urls @opindex list-options:show-policy-urls Show policy URLs in the @option{--list-sigs} or @option{--check-sigs} diff --git a/g10/gpg.c b/g10/gpg.c index 1f840c6..666e970 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1793,6 +1793,8 @@ parse_list_options(char *str) { {"show-photos",LIST_SHOW_PHOTOS,NULL, N_("display photo IDs during key listings")}, + {"show-usage",LIST_SHOW_USAGE,NULL, + N_("show key usage information during key listings")}, {"show-policy-urls",LIST_SHOW_POLICY_URLS,NULL, N_("show policy URLs during signature listings")}, {"show-notations",LIST_SHOW_NOTATIONS,NULL, diff --git a/g10/keydb.h b/g10/keydb.h index 0cf6ca1..23d0bcc 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -282,7 +282,7 @@ const char *datestr_from_sig( PKT_signature *sig ); const char *expirestr_from_pk( PKT_public_key *pk ); const char *expirestr_from_sig( PKT_signature *sig ); const char *revokestr_from_pk( PKT_public_key *pk ); -const char *usagestr_from_pk( PKT_public_key *pk ); +const char *usagestr_from_pk (PKT_public_key *pk, int fill); const char *colon_strtime (u32 t); const char *colon_datestr_from_pk (PKT_public_key *pk); const char *colon_datestr_from_sig (PKT_signature *sig); diff --git a/g10/keyedit.c b/g10/keyedit.c index c5f02f7..77bd37f 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -2991,7 +2991,7 @@ show_key_with_all_names (estream_t fp, else tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk)); tty_fprintf (fp, " "); - tty_fprintf (fp, _("usage: %s"), usagestr_from_pk (pk)); + tty_fprintf (fp, _("usage: %s"), usagestr_from_pk (pk, 1)); tty_fprintf (fp, "\n"); if (pk->seckey_info diff --git a/g10/keyid.c b/g10/keyid.c index 6ce6f32..94900bd 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -629,7 +629,7 @@ revokestr_from_pk( PKT_public_key *pk ) const char * -usagestr_from_pk( PKT_public_key *pk ) +usagestr_from_pk (PKT_public_key *pk, int fill) { static char buffer[10]; int i = 0; @@ -647,7 +647,7 @@ usagestr_from_pk( PKT_public_key *pk ) if ( (use & PUBKEY_USAGE_AUTH) ) buffer[i++] = 'A'; - while (i < 4) + while (fill && i < 4) buffer[i++] = ' '; buffer[i] = 0; diff --git a/g10/keylist.c b/g10/keylist.c index 7d9fe23..3649475 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -834,6 +834,10 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), keystr_from_pk (pk), datestr_from_pk (pk)); + if ((opt.list_options & LIST_SHOW_USAGE)) + { + es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk, 0)); + } if (pk->flags.revoked) { es_fprintf (es_stdout, " ["); @@ -973,6 +977,10 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) xfree (curve); } + if ((opt.list_options & LIST_SHOW_USAGE)) + { + es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk2, 0)); + } if (pk2->flags.revoked) { es_fprintf (es_stdout, " ["); diff --git a/g10/options.h b/g10/options.h index 0a604f9..266b3e9 100644 --- a/g10/options.h +++ b/g10/options.h @@ -349,6 +349,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define LIST_SHOW_KEYRING (1<<8) #define LIST_SHOW_SIG_EXPIRE (1<<9) #define LIST_SHOW_SIG_SUBPACKETS (1<<10) +#define LIST_SHOW_USAGE (1<<11) #define VERIFY_SHOW_PHOTOS (1<<0) #define VERIFY_SHOW_POLICY_URLS (1<<1) ----------------------------------------------------------------------- Summary of changes: NEWS | 3 ++ autogen.sh | 7 +-- doc/gpg.texi | 19 +++++++- g10/cipher.c | 2 +- g10/encrypt.c | 46 ++++-------------- g10/export.c | 2 - g10/gpg.c | 108 +++++-------------------------------------- g10/keydb.h | 2 +- g10/keyedit.c | 40 +--------------- g10/keygen.c | 10 ---- g10/keyid.c | 4 +- g10/keylist.c | 8 ++++ g10/main.h | 1 + g10/mainproc.c | 27 ++++++----- g10/misc.c | 25 ++++++---- g10/options.h | 10 ++-- g10/pkclist.c | 16 ++----- g10/revoke.c | 2 +- g10/server.c | 4 -- g10/sig-check.c | 11 +---- g10/sign.c | 53 +++++++-------------- tests/openpgp/clearsig.test | 13 +----- 22 files changed, 117 insertions(+), 296 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Sun Aug 17 13:57:41 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sun, 17 Aug 2014 13:57:41 +0200 Subject: [git] Assuan - branch, master, updated. libassuan-2.1.1-12-g416d045 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPC library used by GnuPG". The branch, master has been updated via 416d045b196464c408bed587d1ecf5496924bddf (commit) via a5d7f4999f4aa844d9446bd4524cb6a47219826c (commit) via 49a930a613b280fdd55e6d558a2ae414bdbbf66e (commit) via 5865eeeb809a9bf6ab66fa40cb4bb7259e43e1c8 (commit) via b6da2da96780ec270439eba5569a618cabe4da02 (commit) from 134c045c7d1f93ce61f62193d33af8a6e8825543 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 416d045b196464c408bed587d1ecf5496924bddf Author: Werner Koch Date: Sun Aug 17 13:57:47 2014 +0200 Post release updates -- diff --git a/NEWS b/NEWS index 39c9384..0b3bdcf 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 2.1.3 (unreleased) [C4/A4/R_] +------------------------------------------------ + + Noteworthy changes in version 2.1.2 (2014-08-17) [C4/A4/R2] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index cb21af1..baa01dc 100644 --- a/configure.ac +++ b/configure.ac @@ -31,7 +31,7 @@ min_automake_version="1.10" m4_define([mym4_package],[libassuan]) m4_define([mym4_major], [2]) m4_define([mym4_minor], [1]) -m4_define([mym4_micro], [2]) +m4_define([mym4_micro], [3]) # To start a new development series, i.e a new major or minor number # you need to mark an arbitrary commit before the first beta release commit a5d7f4999f4aa844d9446bd4524cb6a47219826c Author: Werner Koch Date: Sun Aug 17 13:49:23 2014 +0200 Release 2.1.2. * configure.ac: Set LT version to C4/A4/R2. diff --git a/NEWS b/NEWS index 842383d..39c9384 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,12 @@ -Noteworthy changes in version 2.1.2 (unreleased) +Noteworthy changes in version 2.1.2 (2014-08-17) [C4/A4/R2] ------------------------------------------------ + * Fixed portability bugs for Solaris and AIX. -Noteworthy changes in version 2.1.1 (2013-06-24) + * Added support for ppc64le. + + +Noteworthy changes in version 2.1.1 (2013-06-24) [C4/A4/R1] ------------------------------------------------ * Limited support for 64 bit Windows. This is sufficient for use by diff --git a/configure.ac b/configure.ac index a69c2db..cb21af1 100644 --- a/configure.ac +++ b/configure.ac @@ -60,7 +60,7 @@ AC_INIT([mym4_package],[mym4_version], [http://bugs.gnupg.org]) # LIBASSUAN_LT_CURRENT=4 LIBASSUAN_LT_AGE=4 -LIBASSUAN_LT_REVISION=1 +LIBASSUAN_LT_REVISION=2 # If the API is changed in an incompatible way: increment the next counter. LIBASSUAN_CONFIG_API_VERSION=2 diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in index ed638be..5c0960c 100644 --- a/src/versioninfo.rc.in +++ b/src/versioninfo.rc.in @@ -39,7 +39,7 @@ BEGIN VALUE "FileDescription", "Assuan - GnuPG IPC\0" VALUE "FileVersion", "@LIBASSUAN_LT_CURRENT at .@LIBASSUAN_LT_AGE at .@LIBASSUAN_LT_REVISION at .@BUILD_REVISION@\0" VALUE "InternalName", "libassuan\0" - VALUE "LegalCopyright", "Copyright ? 2003-2013 g10 Code GmbH\0" + VALUE "LegalCopyright", "Copyright ? 2001-2014 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libassuan.dll\0" VALUE "PrivateBuild", "\0" commit 49a930a613b280fdd55e6d558a2ae414bdbbf66e Author: Werner Koch Date: Sun Aug 17 13:08:26 2014 +0200 Update build system * autogen.sh: Add --find-version stuff. Taken from GnuPG. * configure.ac: Change accordingly diff --git a/autogen.sh b/autogen.sh index 471193c..90e7d7f 100755 --- a/autogen.sh +++ b/autogen.sh @@ -15,7 +15,7 @@ # configure it for the respective package. It is maintained as part of # GnuPG and source copied by other packages. # -# Version: 2014-01-10 +# Version: 2014-06-06 configure_ac="configure.ac" @@ -41,7 +41,7 @@ fatal () { info () { if [ -z "${SILENT}" ]; then - echo "autogen.sh:" "$*" + echo "autogen.sh:" "$*" >&2 fi } @@ -70,8 +70,11 @@ MSGMERGE=${GETTEXT_PREFIX}${MSGMERGE:-msgmerge}${GETTEXT_SUFFIX} DIE=no FORCE= SILENT= +PRINT_HOST=no +PRINT_BUILD=no tmp=$(dirname "$0") tsdir=$(cd "${tmp}"; pwd) +version_parts=3 if [ -n "${AUTOGEN_SH_SILENT}" ]; then SILENT=" --silent" @@ -88,6 +91,14 @@ if test x"$1" = x"--force"; then FORCE=" --force" shift fi +if test x"$1" = x"--print-host"; then + PRINT_HOST=yes + shift +fi +if test x"$1" = x"--print-build"; then + PRINT_BUILD=yes + shift +fi # Reject unsafe characters in $HOME, $tsdir and cwd. We consider spaces @@ -133,6 +144,11 @@ amd64_toolprefixes= myhost="" myhostsub="" case "$1" in + --find-version) + myhost="find-version" + SILENT=" --silent" + shift + ;; --build-w32) myhost="w32" shift @@ -172,16 +188,74 @@ if [ -f "$HOME/.gnupg-autogen.rc" ]; then . "$HOME/.gnupg-autogen.rc" fi + +# **** FIND VERSION **** +# This is a helper for the configure.ac M4 magic +# Called +# ./autogen.sh --find-version PACKAGE MAJOR MINOR [MICRO] +# returns a complete version string with automatic beta numbering. +if [ "$myhost" = "find-version" ]; then + package="$1" + major="$2" + minor="$3" + micro="$4" + + case "$version_parts" in + 2) + matchstr1="$package-$major.[0-9]*" + matchstr2="$package-$major-base" + vers="$major.$minor" + ;; + *) + matchstr1="$package-$major.$minor.[0-9]*" + matchstr2="$package-$major.$minor-base" + vers="$major.$minor.$micro" + ;; + esac + + beta=no + if [ -d .git ]; then + ingit=yes + tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) + if [ -n "$tmp" ]; then + tmp=$(echo "$tmp"|awk -F- '$3!=0 && $3 !~ /^beta/ {print"-beta"$3}') + else + tmp=$(git describe --match "${matchstr2}" --long 2>/dev/null \ + | awk -F- '$4!=0{print"-beta"$4}') + fi + [ -n "$tmp" ] && beta=yes + rev=$(git rev-parse --short HEAD | tr -d '\n\r') + rvd=$((0x$(echo ${rev} | head -c 4))) + else + ingit=no + beta=yes + tmp="-unknown" + rev="0000000" + rvd="0" + fi + + echo "$package-$vers$tmp:$beta:$ingit:$vers$tmp:$vers:$tmp:$rev:$rvd:" + exit 0 +fi +# **** end FIND VERSION **** + + +if [ ! -f "$tsdir/build-aux/config.guess" ]; then + fatal "$tsdir/build-aux/config.guess not found" + exit 1 +fi +build=`$tsdir/build-aux/config.guess` +if [ $PRINT_BUILD = yes ]; then + echo "$build" + exit 0 +fi + + + # ****************** # W32 build script # ****************** if [ "$myhost" = "w32" ]; then - if [ ! -f "$tsdir/build-aux/config.guess" ]; then - fatal "$tsdir/build-aux/config.guess not found" - exit 1 - fi - build=`$tsdir/build-aux/config.guess` - case $myhostsub in ce) w32root="$w32ce_root" @@ -222,6 +296,10 @@ if [ "$myhost" = "w32" ]; then fi die_p fi + if [ $PRINT_HOST = yes ]; then + echo "$host" + exit 0 + fi if [ -f "$tsdir/config.log" ]; then if ! head $tsdir/config.log | grep "$host" >/dev/null; then @@ -242,13 +320,6 @@ fi # ***** AMD64 cross build script ******* # Used to cross-compile for AMD64 (for testing) if [ "$myhost" = "amd64" ]; then - shift - if [ ! -f $tsdir/build-aux/config.guess ]; then - echo "$tsdir/build-aux/config.guess not found" >&2 - exit 1 - fi - build=`$tsdir/build-aux/config.guess` - [ -z "$amd64root" ] && amd64root="$HOME/amd64root" info "Using $amd64root as standard install directory" replace_sysroot @@ -269,6 +340,10 @@ if [ "$myhost" = "amd64" ]; then echo "Stop." >&2 exit 1 fi + if [ $PRINT_HOST = yes ]; then + echo "$host" + exit 0 + fi if [ -f "$tsdir/config.log" ]; then if ! head $tsdir/config.log | grep "$host" >/dev/null; then diff --git a/configure.ac b/configure.ac index 2e3b197..a69c2db 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,7 @@ # configure.ac - for libassuan # Copyright (C) 2001, 2002, 2003, 2006, 2007, 2009, # 2011, 2012, 2013 Free Software Foundation, Inc. +# Copyright (C) 2013, 2014 g10 Code GmbH # # This file is part of Assuan. # @@ -27,27 +28,29 @@ min_automake_version="1.10" # bump the version number immediately after the release and do another # commit and push so that the git magic is able to work. See below # for the LT versions. -m4_define(mym4_version_major, [2]) -m4_define(mym4_version_minor, [1]) -m4_define(mym4_version_micro, [2]) - -# Below is m4 magic to extract and compute the revision number, the -# decimalized short revision number, a beta version string, and a flag -# indicating a development version (mym4_isgit). Note that the m4 -# processing is done by autoconf and not during the configure run. -m4_define(mym4_version, - [mym4_version_major.mym4_version_minor.mym4_version_micro]) -m4_define([mym4_revision], - m4_esyscmd([git rev-parse --short HEAD | tr -d '\n\r'])) -m4_define([mym4_revision_dec], - m4_esyscmd_s([echo $((0x$(echo ]mym4_revision[|head -c 4)))])) -m4_define([mym4_betastring], - m4_esyscmd_s([git describe --match 'libassuan-[0-9].*[0-9]' --long|\ - awk -F- '$3!=0{print"-beta"$3}'])) -m4_define([mym4_isgit],m4_if(mym4_betastring,[],[no],[yes])) -m4_define([mym4_full_version],[mym4_version[]mym4_betastring]) - -AC_INIT([libassuan],[mym4_full_version],[http://bugs.gnupg.org]) +m4_define([mym4_package],[libassuan]) +m4_define([mym4_major], [2]) +m4_define([mym4_minor], [1]) +m4_define([mym4_micro], [2]) + +# To start a new development series, i.e a new major or minor number +# you need to mark an arbitrary commit before the first beta release +# with an annotated tag. For example a 2.1 branch starts off with +# the tag "foo-2.1-base". This is used as the base for counting +# beta numbers before the first release of a series. + +# Below is m4 magic to extract and compute the git revision number, +# the decimalized short revision number, a beta version string and a +# flag indicating a development version (mym4_isbeta). Note that the +# m4 processing is done by autoconf and not during the configure run. +m4_define([mym4_verslist], m4_split(m4_esyscmd([./autogen.sh --find-version] \ + mym4_package mym4_major mym4_minor mym4_micro),[:])) +m4_define([mym4_isbeta], m4_argn(2, mym4_verslist)) +m4_define([mym4_version], m4_argn(4, mym4_verslist)) +m4_define([mym4_revision], m4_argn(7, mym4_verslist)) +m4_define([mym4_revision_dec], m4_argn(8, mym4_verslist)) + +AC_INIT([mym4_package],[mym4_version], [http://bugs.gnupg.org]) # LT Version numbers, remember to change them just *before* a release. # (Code changed: REVISION++) @@ -88,8 +91,8 @@ AC_SUBST(VERSION) AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package]) AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package]) AC_DEFINE_UNQUOTED(PACKAGE_BUGREPORT, "$PACKAGE_BUGREPORT",[Bug report address]) -VERSION_NUMBER=m4_esyscmd(printf "0x%02x%02x%02x" mym4_version_major \ - mym4_version_minor mym4_version_micro) +VERSION_NUMBER=m4_esyscmd(printf "0x%02x%02x%02x" mym4_major \ + mym4_minor mym4_micro) AC_SUBST(VERSION_NUMBER) commit 5865eeeb809a9bf6ab66fa40cb4bb7259e43e1c8 Author: Werner Koch Date: Sun Aug 17 13:05:02 2014 +0200 Update copyright info -- diff --git a/AUTHORS b/AUTHORS index 7d2e7c3..2219f35 100644 --- a/AUTHORS +++ b/AUTHORS @@ -5,6 +5,14 @@ Security related bug reports: security at gnupg.org License (library): LGPLv2.1+ License (manual): GPLv3+ +Libassuan is free software. See below for details. License copyright +years may be listed using range notation, e.g., 2000-2013, indicating +that every year in the range, inclusive, is a copyrightable year that +would otherwise be listed individually. + + +Authors with a FSF copyright assignment +======================================= Werner Koch - Initial code. @@ -22,15 +30,39 @@ Ben Kibbey Assigns Past and Future Changes For GnuPG. - Fixes and new features -DCO: +Authors with a DCO +================== + +Notes: +====== Libassuan was orginally part of NewPG, a temporary fork of GnuPG, and later split of into a separate library. - Copyright 2003, 2007, 2008, 2011, 2013 Free Software Foundation, Inc. +Copyright +========= + +The Libassuan code distributed under the GNU Lesser General Public +License, version 2.1 or later. The manual is distributed under the +GNU General Public License, Version 3 or later. + +List of Copyright holders +========================= + + Copyright (C) 1992-2013 Free Software Foundation, Inc. + Copyright (C) 1994 X Consortium + Copyright (C) 2000 Werner Koch (dd9jn) + Copyright (C) 2001-2014 g10 Code GmbH + Copyright (C) 2004 Simon Josefsson + + +========== + + Copyright 2003-2013 Free Software Foundation, Inc. + Copyright (C) 2013-2014 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff --git a/README b/README index 089b84b..defb427 100644 --- a/README +++ b/README @@ -1,34 +1,52 @@ Libassuan =========== -This is the IPC library used by GnuPG 2, GPGME and a few other -packages. + Copyright (C) 2001-2013 Free Software Foundation, Inc. + Copyright (C) 2001-2014 g10 Code GmbH -See COPYING.LIB on how to share, modify and distribute the software -itself (LGPLv2.1+) and COPYING for the documentation (GPLv3+). -Please send bug report to the gnupg-devel mailing list or enter them -into the gnupg bug tracker at http://bugs.gnupg.org using the -category "libassuan". + This is a general purpose IPC library which is for example used + GnuPG, GPGME and some other software. -The primary FTP site is ftp://ftp.gnupg.org/gcrypt/libassuan. + See COPYING.LIB on how to share, modify and distribute the + software itself (LGPLv2.1+) and COPYING for the documentation + (GPLv3+). + Please send bug report to the gnupg-devel mailing list or enter + them into the gnupg bug tracker at http://bugs.gnupg.org using the + category "libassuan". + The primary FTP site is ftp://ftp.gnupg.org/gcrypt/libassuan. -Notes for Windows CE: ----------------------- -Libassuan supports WindowsCE (tested with WindowsMobile 6.5). To -install it, copy libassuan-0.dll into a location where DLL are found -and install the included gpgcedev driver: First copy "gpgcedev.dll" -into the root directory, second run the included program gpgcemgr on -the device: "gpgcemgr --register". This creates the necessary -registry keys. In case the copy step fails, the driver may still be -in use: Close all applications using that driver, run "gpgcemgr ---deactivate" to deactivate the running driver and try again. + Notes for Windows CE: + ---------------------- -Registry keys created by "gpgcemgr --register" are: + Libassuan supports WindowsCE (tested with WindowsMobile 6.5). To + install it, copy libassuan-0.dll into a location where DLL are found + and install the included gpgcedev driver: First copy "gpgcedev.dll" + into the root directory, second run the included program gpgcemgr on + the device: "gpgcemgr --register". This creates the necessary + registry keys. In case the copy step fails, the driver may still be + in use: Close all applications using that driver, run "gpgcemgr + --deactivate" to deactivate the running driver and try again. - Drivers\\GnuPG_Device\dll -> "gpgcedev.dll" - Drivers\\GnuPG_Device\prefix -> "GPG" - Drivers\\GnuPG_Device\Index -> 1 (dword) + Registry keys created by "gpgcemgr --register" are: + + Drivers\\GnuPG_Device\dll -> "gpgcedev.dll" + Drivers\\GnuPG_Device\prefix -> "GPG" + Drivers\\GnuPG_Device\Index -> 1 (dword) + + + Contact + ------- + + See the file AUTHORS. + + Commercial grade support for Libassuan and GnuPG is available; for + a listing of offers see https://www.gnupg.org/service.html . + Maintaining and improving this software is costly. Since 2001, + g10 Code GmbH, a German company owned and headed by GnuPG's + principal author Werner Koch, is bearing the majority of these + costs. To help them carry on this work, they need your support. + See https://gnupg.org/donate/ . diff --git a/src/assuan.h.in b/src/assuan.h.in index 089415c..d074a9f 100644 --- a/src/assuan.h.in +++ b/src/assuan.h.in @@ -1,6 +1,6 @@ /* assuan.h - Definitions for the Assuan IPC library -*- c -*- - Copyright (C) 2001, 2002, 2003, 2005, 2007, 2008, 2009, 2010, - 2011, 2013 Free Software Foundation, Inc. + Copyright (C) 2001-2013 Free Software Foundation, Inc. + Copyright (C) 2001-2014 g10 Code GmbH This file is part of Assuan. diff --git a/src/sysutils.c b/src/sysutils.c index 6951ceb..0eb5d1c 100644 --- a/src/sysutils.c +++ b/src/sysutils.c @@ -45,8 +45,8 @@ _assuan_sysutils_blurb (void) static const char blurb[] = "\n\n" "This is Libassuan " PACKAGE_VERSION " - The GnuPG IPC Library\n" - "Copyright 2000, 2002, 2003, 2004, 2007, 2008, 2009,\n" - " 2010, 2011, 2013 Free Software Foundation, Inc.\n" + "Copyright 2001-2013 Free Software Foundation, Inc.\n" + "Copyright 2001-2014 g10 Code GmbH\n" "\n" "(" BUILD_REVISION " " BUILD_TIMESTAMP ")\n" "\n\n"; commit b6da2da96780ec270439eba5569a618cabe4da02 Author: Werner Koch Date: Thu Aug 14 17:15:04 2014 +0200 Fix possible segv in a call to _assuan_debug. * src/context.c (assuan_set_error): Do not pass NULL for %s in the trace function. -- This likely fixes GnuPG-bug-id: 1659 diff --git a/src/context.c b/src/context.c index b4d4d49..62b7f57 100644 --- a/src/context.c +++ b/src/context.c @@ -190,7 +190,7 @@ assuan_set_error (assuan_context_t ctx, gpg_error_t err, const char *text) { TRACE4 (ctx, ASSUAN_LOG_CTX, "assuan_set_error", ctx, "err=%i (%s,%s),text=%s", err, gpg_strsource (err), - gpg_strerror (err), text); + gpg_strerror (err), text?text:"(none)"); ctx->err_no = err; ctx->err_str = text; ----------------------------------------------------------------------- Summary of changes: AUTHORS | 36 ++++++++++++++++- NEWS | 12 +++++- README | 62 ++++++++++++++++++----------- autogen.sh | 105 ++++++++++++++++++++++++++++++++++++++++++------- configure.ac | 51 +++++++++++++----------- src/assuan.h.in | 4 +- src/context.c | 2 +- src/sysutils.c | 4 +- src/versioninfo.rc.in | 2 +- 9 files changed, 207 insertions(+), 71 deletions(-) hooks/post-receive -- IPC library used by GnuPG http://git.gnupg.org From cvs at cvs.gnupg.org Sun Aug 17 15:25:12 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sun, 17 Aug 2014 15:25:12 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-2-gaf11965 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via af1196512f505e8a3a338f9b72394fa3585a5234 (commit) from 01dd1601a4bd1e55beaf1a13cfbfc2ac9c21eb68 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit af1196512f505e8a3a338f9b72394fa3585a5234 Author: Werner Koch Date: Sun Aug 17 15:24:48 2014 +0200 estream: Change license from GPL to LPGL. * common/estream-printf.c, common/estream-printf.h: Change license. * common/estream.c, common/estream.h: Ditto. -- g10 Code is the sole copyright holder of Libestream and thus as CEO I have the rights to to change the license. This copy here in GnuPG is currently the most current one thus the change is recorded in this repository. This change is also deemed valid for all older versions. Signed-off-by: Werner Koch diff --git a/common/estream-printf.c b/common/estream-printf.c index c03f70e..83336c8 100644 --- a/common/estream-printf.c +++ b/common/estream-printf.c @@ -4,17 +4,17 @@ * This file is part of Libestream. * * Libestream is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2 of the License, - * or (at your option) any later version. + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. * * Libestream is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with Libestream; if not, see . + * You should have received a copy of the GNU Lesser General Public + * License along with Libestream; if not, see . * * ALTERNATIVELY, Libestream may be distributed under the terms of the * following license, in which case the provisions of this license are diff --git a/common/estream-printf.h b/common/estream-printf.h index 3c2253d..ca8ad8a 100644 --- a/common/estream-printf.h +++ b/common/estream-printf.h @@ -4,17 +4,17 @@ * This file is part of Libestream. * * Libestream is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2 of the License, - * or (at your option) any later version. + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. * * Libestream is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with Libestream; if not, see . + * You should have received a copy of the GNU Lesser General Public + * License along with Libestream; if not, see . * * ALTERNATIVELY, Libestream may be distributed under the terms of the * following license, in which case the provisions of this license are diff --git a/common/estream.c b/common/estream.c index 3f924ab..d211154 100644 --- a/common/estream.c +++ b/common/estream.c @@ -5,17 +5,17 @@ * This file is part of Libestream. * * Libestream is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2 of the License, - * or (at your option) any later version. + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. * * Libestream is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with Libestream; if not, see . + * You should have received a copy of the GNU Lesser General Public + * License along with Libestream; if not, see . * * ALTERNATIVELY, Libestream may be distributed under the terms of the * following license, in which case the provisions of this license are diff --git a/common/estream.h b/common/estream.h index e3e9fc8..9b56cf1 100644 --- a/common/estream.h +++ b/common/estream.h @@ -4,17 +4,17 @@ * This file is part of Libestream. * * Libestream is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2 of the License, - * or (at your option) any later version. + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. * * Libestream is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. + * Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with Libestream; if not, see . + * You should have received a copy of the GNU Lesser General Public + * License along with Libestream; if not, see . * * ALTERNATIVELY, Libestream may be distributed under the terms of the * following license, in which case the provisions of this license are ----------------------------------------------------------------------- Summary of changes: common/estream-printf.c | 12 ++++++------ common/estream-printf.h | 12 ++++++------ common/estream.c | 12 ++++++------ common/estream.h | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Aug 18 08:46:21 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 18 Aug 2014 08:46:21 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-5-BRANCH, updated. libgcrypt-1.5.4-2-g5958574 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-5-BRANCH has been updated via 5958574a8285e9d759d7d95418cacd3d352f77a2 (commit) from f393433a53fde259fbd1d81f2bd1ec19d6463982 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5958574a8285e9d759d7d95418cacd3d352f77a2 Author: Werner Koch Date: Mon Aug 18 08:46:23 2014 +0200 Add CVE id to 1.5.4 NEWS. -- Note that the 1.6 branch and later versions were not vulnerable because they already used the sliding window method. diff --git a/NEWS b/NEWS index dcdd2b9..56d7237 100644 --- a/NEWS +++ b/NEWS @@ -10,7 +10,7 @@ Noteworthy changes in version 1.5.4 (2014-08-07) [C19/A8/R3] Backported from 1.6: * Improved performance of RSA, DSA, and Elgamal by using a new - exponentiation algorithm. + exponentiation algorithm. [CVE-2014-5270] * Fixed a subtle bug in mpi_set_bit which could set spurious bits. ----------------------------------------------------------------------- Summary of changes: NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Mon Aug 18 13:00:02 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 18 Aug 2014 13:00:02 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-7-g3259862 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 3259862cb4a7202e858f7bfd7a4b1796b38efff7 (commit) via e4aa006e4807285ffdd881e4e05af3bc47c5c964 (commit) via 57df1121c18b004dd763b35eabf7b51fc9e8ec38 (commit) via 425d0750168f6b66a5d78a857cf21375a8f129eb (commit) via 7e51ef0f77962f5fb215da53817caf28899ca190 (commit) from af1196512f505e8a3a338f9b72394fa3585a5234 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3259862cb4a7202e858f7bfd7a4b1796b38efff7 Author: Werner Koch Date: Mon Aug 18 12:55:54 2014 +0200 tests: Re-enable OpenPGP ecc test. -- diff --git a/tests/openpgp/ecc.test b/tests/openpgp/ecc.test index cb04467..58fd251 100755 --- a/tests/openpgp/ecc.test +++ b/tests/openpgp/ecc.test @@ -20,7 +20,7 @@ mainkeyids='BAA59D9C 45AF2FFE' -if have_pubkey_algo "ECC"; then +if have_pubkey_algo "ECDH"; then : else info "No ECC support due to an old Libgcrypt" commit e4aa006e4807285ffdd881e4e05af3bc47c5c964 Author: Werner Koch Date: Mon Aug 18 12:55:29 2014 +0200 kbx: Make user id and signature data optional for OpenPGP. * kbx/keybox-blob.c (_keybox_create_openpgp_blob): Remove restriction. -- Although self-signature and key binding signatures are required by OpenPGP, we should not enforce that in the storage backend. diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c index ebbcdf8..f7abb6c 100644 --- a/kbx/keybox-blob.c +++ b/kbx/keybox-blob.c @@ -702,9 +702,6 @@ _keybox_create_openpgp_blob (KEYBOXBLOB *r_blob, *r_blob = NULL; - if (!info->nuids || !info->nsigs) - return gpg_error (GPG_ERR_BAD_PUBKEY); - /* If we have a signature status vector, check that the number of elements matches the actual number of signatures. */ if (sigstatus && sigstatus[0] != info->nsigs) @@ -721,19 +718,27 @@ _keybox_create_openpgp_blob (KEYBOXBLOB *r_blob, err = gpg_error_from_syserror (); goto leave; } + blob->nuids = info->nuids; - blob->uids = xtrycalloc (blob->nuids, sizeof *blob->uids ); - if (!blob->uids) + if (blob->nuids) { - err = gpg_error_from_syserror (); - goto leave; + blob->uids = xtrycalloc (blob->nuids, sizeof *blob->uids ); + if (!blob->uids) + { + err = gpg_error_from_syserror (); + goto leave; + } } + blob->nsigs = info->nsigs; - blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); - if (!blob->sigs) + if (blob->nsigs) { - err = gpg_error_from_syserror (); - goto leave; + blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); + if (!blob->sigs) + { + err = gpg_error_from_syserror (); + goto leave; + } } err = pgp_create_key_part (blob, info); commit 57df1121c18b004dd763b35eabf7b51fc9e8ec38 Author: Werner Koch Date: Mon Aug 18 11:45:00 2014 +0200 gpg: Change default cipher for --symmetric from CAST5 to AES-128. * g10/main.h (DEFAULT_CIPHER_ALGO): Chhange to AES or CAST5 or 3DES depending on configure option. * g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO. diff --git a/doc/gpg.texi b/doc/gpg.texi index 36aa18e..7ac1613 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1,4 +1,4 @@ - at c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, + @c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, @c 2008, 2009, 2010 Free Software Foundation, Inc. @c This is part of the GnuPG manual. @c For copying conditions, see the file gnupg.texi. @@ -14,6 +14,19 @@ @cindex command options @cindex options, GPG command + at c Begin algorithm defaults + + at ifclear gpgtwoone + at set DEFSYMENCALGO CAST5 + at end ifclear + + at ifset gpgtwoone + at set DEFSYMENCALGO AES128 + at end ifset + + at c End algorithm defaults + + @c Begin GnuPG 1.x specific stuff @ifset gpgone @macro gpgname @@ -217,7 +230,7 @@ decrypted via a secret key or a passphrase). @itemx -c @opindex symmetric Encrypt with a symmetric cipher using a passphrase. The default -symmetric cipher used is CAST5, but may be chosen with the +symmetric cipher used is @value{DEFSYMENCALGO}, but may be chosen with the @option{--cipher-algo} option. This option may be combined with @option{--sign} (for a signed and symmetrically encrypted message), @option{--encrypt} (for a message that may be decrypted via a secret key @@ -2272,7 +2285,7 @@ to consider (e.g. @option{--symmetric}). @item --s2k-cipher-algo @code{name} @opindex s2k-cipher-algo Use @code{name} as the cipher algorithm used to protect secret keys. -The default cipher is CAST5. This cipher is also used for +The default cipher is @value{DEFSYMENCALGO}. This cipher is also used for conventional encryption if @option{--personal-cipher-preferences} and @option{--cipher-algo} is not given. diff --git a/g10/gpg.c b/g10/gpg.c index 7ba193b..ce1a87f 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2072,7 +2072,7 @@ main (int argc, char **argv) opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_count = 0; /* Auto-calibrate when needed. */ - opt.s2k_cipher_algo = CIPHER_ALGO_CAST5; + opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO; opt.completes_needed = 1; opt.marginals_needed = 3; opt.max_cert_depth = 5; diff --git a/g10/main.h b/g10/main.h index b2efaae..4eb1b5f 100644 --- a/g10/main.h +++ b/g10/main.h @@ -26,11 +26,18 @@ #include "util.h" /* It could be argued that the default cipher should be 3DES rather - than CAST5, and the default compression should be 0 + than AES128, and the default compression should be 0 (i.e. uncompressed) rather than 1 (zip). However, the real world issues of speed and size come into play here. */ -#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5 +#if GPG_USE_AES128 +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_AES +#elif GPG_USE_CAST5 +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5 +#else +# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_3DES +#endif + #define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1 #define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1 #ifdef HAVE_ZIP commit 425d0750168f6b66a5d78a857cf21375a8f129eb Author: Werner Koch Date: Mon Aug 18 11:42:10 2014 +0200 yat2m: Support @set and @value. * doc/yat2m.c (variablelist): New. (set_variable): New. (macro_set_p): Also check the variables. (proc_texi_cmd): Support the @value command. (parse_file): Support the @set command. (top_parse_file): Release variablelist. diff --git a/doc/yat2m.c b/doc/yat2m.c index cd3bb90..f780952 100644 --- a/doc/yat2m.c +++ b/doc/yat2m.c @@ -140,6 +140,9 @@ typedef struct macro_s *macro_t; /* List of all defined macros. */ static macro_t macrolist; +/* List of variables set by @set. */ +static macro_t variablelist; + /* List of global macro names. The value part is not used. */ static macro_t predefinedmacrolist; @@ -379,8 +382,44 @@ set_macro (const char *macroname, char *macrovalue) } -/* Return true if the macro NAME is set, i.e. not the empty string and - not evaluating to 0. */ +/* Create or update a variable with name and value given in NAMEANDVALUE. */ +static void +set_variable (char *nameandvalue) +{ + macro_t m; + const char *value; + char *p; + + for (p = nameandvalue; *p && *p != ' ' && *p != '\t'; p++) + ; + if (!*p) + value = ""; + else + { + *p++ = 0; + while (*p == ' ' || *p == '\t') + p++; + value = p; + } + + for (m=variablelist; m; m = m->next) + if (!strcmp (m->name, nameandvalue)) + break; + if (m) + free (m->value); + else + { + m = xcalloc (1, sizeof *m + strlen (nameandvalue)); + strcpy (m->name, nameandvalue); + m->next = variablelist; + variablelist = m; + } + m->value = xstrdup (value); +} + + +/* Return true if the macro or variable NAME is set, i.e. not the + empty string and not evaluating to 0. */ static int macro_set_p (const char *name) { @@ -389,6 +428,10 @@ macro_set_p (const char *name) for (m = macrolist; m ; m = m->next) if (!strcmp (m->name, name)) break; + if (!m) + for (m = variablelist; m ; m = m->next) + if (!strcmp (m->name, name)) + break; if (!m || !m->value || !*m->value) return 0; if ((*m->value & 0x80) || !isdigit (*m->value)) @@ -672,6 +715,7 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { "/", 0 }, { "end", 4 }, { "quotation",1, ".RS\n\\fB" }, + { "value", 8 }, { NULL } }; size_t n; @@ -747,11 +791,46 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, case 7: ignore_args = 1; break; + case 8: + ignore_args = 1; + if (*rest != '{') + { + err ("opening brace for command '%s' missing", command); + return len; + } + else + { + /* Find closing brace. */ + for (s=rest+1, n=1; *s && n < len; s++, n++) + if (*s == '}') + break; + if (*s != '}') + { + err ("closing brace for command '%s' not found", command); + return len; + } + else + { + size_t len = s - (rest + 1); + macro_t m; + + for (m = variablelist; m; m = m->next) + if (strlen (m->name) == len + &&!strncmp (m->name, rest+1, len)) + break; + if (m) + fputs (m->value, fp); + else + inf ("texinfo variable '%.*s' is not set", + (int)len, rest+1); + } + } + break; default: break; } } - else + else /* macro */ { macro_t m; @@ -1221,6 +1300,10 @@ parse_file (const char *fname, FILE *fp, char **section_name, int in_pause) macrovalue = xmalloc ((macrovaluesize = 1024)); macrovalueused = 0; } + else if (n == 4 && !memcmp (line, "@set", 4)) + { + set_variable (p); + } else if (n == 8 && !memcmp (line, "@manpage", 8)) { free (*section_name); @@ -1331,6 +1414,13 @@ top_parse_file (const char *fname, FILE *fp) free (macrolist); macrolist = next; } + while (variablelist) + { + macro_t next = variablelist->next; + free (variablelist->value); + free (variablelist); + variablelist = next; + } for (m=predefinedmacrolist; m; m = m->next) set_macro (m->name, xstrdup ("1")); cond_is_active = 1; commit 7e51ef0f77962f5fb215da53817caf28899ca190 Author: Werner Koch Date: Mon Aug 18 11:39:57 2014 +0200 yat2m: Support the $* command for man page rendering. diff --git a/doc/yat2m.c b/doc/yat2m.c index 2ac4390..cd3bb90 100644 --- a/doc/yat2m.c +++ b/doc/yat2m.c @@ -87,6 +87,10 @@ detects the number of white spaces in front of an @item and remove this number of spaces from all following lines until a new @item is found or there are less spaces than for the last @item. + + Note that @* does only work correctly if used at the end of an + input line. + */ #include @@ -664,6 +668,8 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { "table", 3 }, { "itemize", 3 }, { "bullet", 0, "* " }, + { "*", 0, "\n.br"}, + { "/", 0 }, { "end", 4 }, { "quotation",1, ".RS\n\\fB" }, { NULL } ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 19 +++++++-- doc/yat2m.c | 102 ++++++++++++++++++++++++++++++++++++++++++++++-- g10/gpg.c | 2 +- g10/main.h | 11 +++++- kbx/keybox-blob.c | 27 +++++++------ tests/openpgp/ecc.test | 2 +- 6 files changed, 142 insertions(+), 21 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Aug 18 16:39:18 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 18 Aug 2014 16:39:18 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-9-ge5da80b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e5da80bc1888bf8801e69c9ff99f7f47550f7a09 (commit) via 3981ff15f3c0829ba22cd37794353502d996683c (commit) from 3259862cb4a7202e858f7bfd7a4b1796b38efff7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e5da80bc1888bf8801e69c9ff99f7f47550f7a09 Author: Werner Koch Date: Mon Aug 18 16:38:13 2014 +0200 gpg: Install the current release signing pubkey. * g10/distsigkey.gpg: New. -- This might be useful to help installing updates. diff --git a/g10/Makefile.am b/g10/Makefile.am index 0ae4ef7..6fa7a5c 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -18,7 +18,7 @@ ## Process this file with automake to produce Makefile.in -EXTRA_DIST = options.skel ChangeLog-2011 gpg-w32info.rc +EXTRA_DIST = options.skel distsigkey.gpg ChangeLog-2011 gpg-w32info.rc AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common \ -I$(top_srcdir)/include -I$(top_srcdir)/intl @@ -161,9 +161,12 @@ install-data-local: $(mkinstalldirs) $(DESTDIR)$(pkgdatadir) $(INSTALL_DATA) $(srcdir)/options.skel \ $(DESTDIR)$(pkgdatadir)/gpg-conf.skel + $(INSTALL_DATA) $(srcdir)/distsigkey.gpg \ + $(DESTDIR)$(pkgdatadir)/distsigkey.gpg uninstall-local: - at rm $(DESTDIR)$(pkgdatadir)/gpg-conf.skel + - at rm $(DESTDIR)$(pkgdatadir)/distsigkey.gpg # There has never been a gpg for WindowsCE, thus we don't need a gpg2 here diff --git a/g10/distsigkey.gpg b/g10/distsigkey.gpg new file mode 100644 index 0000000..ccef8db Binary files /dev/null and b/g10/distsigkey.gpg differ commit 3981ff15f3c0829ba22cd37794353502d996683c Author: Werner Koch Date: Mon Aug 18 15:42:54 2014 +0200 agent: Return NO_SECKEY instead of ENONET for PKSIGN and others. * agent/pksign.c (agent_pksign_do): Replace ENONET by NO_SECKEY. * agent/findkey.c (agent_key_from_file): No diagnostic for NO_SECKEY. * agent/pkdecrypt.c (agent_pkdecrypt): Replace checking for ENOENT. diff --git a/agent/findkey.c b/agent/findkey.c index 8725afb..5ff263e 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -605,7 +605,11 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce, rc = read_key_file (grip, &s_skey); if (rc) - return rc; + { + if (gpg_err_code (rc) == GPG_ERR_ENOENT) + rc = gpg_error (GPG_ERR_NO_SECKEY); + return rc; + } /* For use with the protection functions we also need the key as an canonical encoded S-expression in a buffer. Create this buffer diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c index 14aa78f..945de3c 100644 --- a/agent/pkdecrypt.c +++ b/agent/pkdecrypt.c @@ -72,9 +72,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text, CACHE_MODE_NORMAL, NULL, &s_skey, NULL); if (rc) { - if (gpg_err_code (rc) == GPG_ERR_ENOENT) - rc = gpg_error (GPG_ERR_NO_SECKEY); - else + if (gpg_err_code (rc) != GPG_ERR_NO_SECKEY) log_error ("failed to read the secret key\n"); goto leave; } diff --git a/agent/pksign.c b/agent/pksign.c index 713c8ba..9147b50 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -312,7 +312,8 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, &s_skey, NULL); if (rc) { - log_error ("failed to read the secret key\n"); + if (gpg_err_code (rc) != GPG_ERR_NO_SECKEY) + log_error ("failed to read the secret key\n"); goto leave; } diff --git a/g10/call-agent.c b/g10/call-agent.c index cf1b96a..58f4a92 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -210,8 +210,8 @@ check_hijacking (assuan_context_t ctx) init_membuf (&mb, 64); - /* AGENT_ID is a command implemented by gnome-keyring-daemon. IT - does not reatun any data but an OK line with a remark. */ + /* AGENT_ID is a command implemented by gnome-keyring-daemon. It + does not return any data but an OK line with a remark. */ if (assuan_transact (ctx, "AGENT_ID", membuf_data_cb, &mb, NULL, NULL, NULL, NULL)) { ----------------------------------------------------------------------- Summary of changes: agent/findkey.c | 6 +++++- agent/pkdecrypt.c | 4 +--- agent/pksign.c | 3 ++- g10/Makefile.am | 5 ++++- g10/call-agent.c | 4 ++-- g10/distsigkey.gpg | Bin 0 -> 863 bytes 6 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 g10/distsigkey.gpg hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 19 12:50:11 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 19 Aug 2014 12:50:11 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-11-g31649e7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 31649e72fd106a990614ce3cf720640a841ba722 (commit) via 4fc1c712e986f280057b1bce7ca4696ba6d95dfc (commit) from e5da80bc1888bf8801e69c9ff99f7f47550f7a09 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 31649e72fd106a990614ce3cf720640a841ba722 Author: Werner Koch Date: Tue Aug 19 12:49:45 2014 +0200 speedo: Get version numbers from online database. * build-aux/getswdb.sh: New. * build-aux/speedo.mk: Get release version numbers from swdb.lst. -- This should make maintaining GnuPG installations easier. Running make -f /foo/gnupg/build-aux/speedo.mk TARGETOS=native WHAT=release downloads all GnuPG related packages and builds them. The gnupg directory may be a GIT checkout but in that case please run ./autogen.sh on it first. Note that currently swdb.lst is always downloaded from gnupg.org and thus monitoring the network or the gnupg machine reveal information on who is currently building GnuPG. If there is an easy way to detect that TOR is enabled this can be changed to directly download from the GnuPG hidden service. diff --git a/.gitignore b/.gitignore index 5a51f9f..a525f14 100644 --- a/.gitignore +++ b/.gitignore @@ -158,3 +158,5 @@ tools/gpgtar private-keys-v1.d/ x.parm /VERSION +/swdb.lst +/swdb.lst.sig diff --git a/build-aux/getswdb.sh b/build-aux/getswdb.sh new file mode 100755 index 0000000..aa889ee --- /dev/null +++ b/build-aux/getswdb.sh @@ -0,0 +1,121 @@ +#!/bin/sh +# Get the online version of the GnuPG software version database +# Copyright (C) 2014 Werner Koch +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# The URL of the file to retrieve. +urlbase="https://www.gnupg.org/" + +WGET=wget +GPGV=gpgv + +srcdir=$(dirname "$0") +distsigkey="$srcdir/../g10/distsigkey.gpg" + +# Convert a 3 part version number it a numeric value. +cvtver () { + awk 'NR==1 {split($NF,A,".");X=1000000*A[1]+1000*A[2]+A[3];print X;exit 0}' +} + +# Prints usage information. +usage() +{ + cat <&2 + ;; + esac + shift +done + +# Get GnuPG version from VERSIOn file. For a GIT checkout this means +# that ./autogen.sh must have been run first. For a regular tarball +# VERSION is always available. +if [ ! -f "$srcdir/../VERSION" ]; then + echo "VERSION file missing - run autogen.sh first." >&2 + exit 1 +fi +version=$(cat "$srcdir/../VERSION") +version_num=$(echo "$version" | cvtver) + +# +# Download the list and verify. +# +if [ $skip_download = yes ]; then + if [ ! -f swdb.lst ]; then + echo "swdb.lst is missing." >&2 + exit 1 + fi + if [ ! -f swdb.lst.sig ]; then + echo "swdb.lst.sig is missing." >&2 + exit 1 + fi +else + if ! $WGET -q -O swdb.lst "$urlbase/swdb.lst" ; then + echo "download of swdb.lst failed." >&2 + exit 1 + fi + if ! $WGET -q -O swdb.lst.sig "$urlbase/swdb.lst.sig" ; then + echo "download of swdb.lst.sig failed." >&2 + exit 1 + fi +fi +if ! $GPGV --keyring "$distsigkey" swdb.lst.sig swdb.lst; then + echo "list of software versions is not valid!" >&2 + exit 1 +fi + +# +# Check that the online version of GnuPG is not less than this version +# to help detect rollback attacks. +# +gnupg_ver=$(awk '$1=="gnupg21_ver" {print $2;exit}' swdb.lst) +if [ -z "$gnupg_ver" ]; then + echo "GnuPG 2.1 version missing in swdb.lst!" >&2 + exit 1 +fi +gnupg_ver_num=$(echo "$gnupg_ver" | cvtver) +if [ $(( $gnupg_ver_num >= $version_num )) = 0 ]; then + echo "GnuPG version in swdb.lst is less than this version!" >&2 + echo " This version: $version" >&2 + echo " SWDB version: $gnupg_ver" >&2 + exit 1 +fi diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk index 4f0751f..69af39c 100644 --- a/build-aux/speedo.mk +++ b/build-aux/speedo.mk @@ -64,6 +64,21 @@ MAKE_J=3 # Name to use for the w32 installer and sources INST_NAME=gnupg-w32 + +# Directory names. +# They must be absolute, as we switch directories pretty often. +root := $(shell pwd)/PLAY +sdir := $(root)/src +bdir := $(root)/build +bdir6:= $(root)/build-w64 +idir := $(root)/inst +idir6:= $(root)/inst-w64 +stampdir := $(root)/stamps +topsrc := $(shell cd $(dir $(SPEEDO_MK)).. && pwd) +auxsrc := $(topsrc)/build-aux/speedo +patdir := $(topsrc)/build-aux/speedo/patches +w32src := $(topsrc)/build-aux/speedo/w32 + # =====BEGIN LIST OF PACKAGES===== # The packages that should be built. The order is also the build order. # Fixme: Do we need to build pkg-config for cross-building? @@ -118,17 +133,34 @@ speedo_gnupg_style = \ speedo_make_only_style = \ zlib +# Get the content of the software DB. +SWDB := $(shell $(topsrc)/build-aux/getswdb.sh && echo okay) +ifeq ($(strip $(SWDB)),) +$(error Error getting GnuPG software version database) +endif + # Version numbers of the released packages -# Fixme: Take the version numbers from gnupg-doc/web/swdb.mac -libgpg_error_ver = 1.13 -npth_ver = 0.91 -libgcrypt_ver = 1.6.1 -libassuan_ver = 2.1.1 -libksba_ver = 1.3.0 -gpgme_ver = 1.5.0 -pinentry_ver = 0.8.4 -gpa_ver = 0.9.5 -gpgex_ver = 1.0.0 +gnupg_ver = $(shell cat $(topsrc)/VERSION) +libgpg_error_ver = $(shell awk '$$1=="libgpg_error_ver" {print $$2}' swdb.lst) +npth_ver = $(shell awk '$$1=="npth_ver" {print $$2}' swdb.lst) +libgcrypt_ver = $(shell awk '$$1=="libgcrypt_ver" {print $$2}' swdb.lst) +libassuan_ver = $(shell awk '$$1=="libassuan_ver" {print $$2}' swdb.lst) +libksba_ver = $(shell awk '$$1=="libksba_ver" {print $$2}' swdb.lst) +gpgme_ver = $(shell awk '$$1=="gpgme_ver" {print $$2}' swdb.lst) +pinentry_ver = $(shell awk '$$1=="pinentry_ver" {print $$2}' swdb.lst) +gpa_ver = $(shell awk '$$1=="gpa_ver" {print $$2}' swdb.lst) +gpgex_ver = $(shell awk '$$1=="gpgex_ver" {print $$2}' swdb.lst) + +$(info Information from the version database) +$(info GnuPG ..........: $(gnupg_ver)) +$(info Libgpg-error ...: $(libgpg_error_ver)) +$(info Npth ...........: $(npth_ver)) +$(info Libgcrypt ......: $(libgcrypt_ver)) +$(info Libassuan ......: $(libassuan_ver)) +$(info GPGME ..........: $(gpgme_ver)) +$(info Pinentry .......: $(pinentry_ver)) +$(info GPA ............: $(gpa_ver)) +$(info GpgEX.... ......: $(gpgex_ver)) # Version number for external packages @@ -397,19 +429,6 @@ MKDIR=mkdir MAKENSIS=makensis BUILD_ISODATE=$(shell date -u +%Y-%m-%d) -# These paths must be absolute, as we switch directories pretty often. -root := $(shell pwd)/PLAY -sdir := $(root)/src -bdir := $(root)/build -bdir6:= $(root)/build-w64 -idir := $(root)/inst -idir6:= $(root)/inst-w64 -stampdir := $(root)/stamps -topsrc := $(shell cd $(dir $(SPEEDO_MK)).. && pwd) -auxsrc := $(topsrc)/build-aux/speedo -patdir := $(topsrc)/build-aux/speedo/patches -w32src := $(topsrc)/build-aux/speedo/w32 - # The next two macros will work only after gnupg has been build. INST_VERSION=$(shell head -1 $(idir)/INST_VERSION) INST_PROD_VERSION=$(shell head -1 $(idir)/INST_PROD_VERSION) commit 4fc1c712e986f280057b1bce7ca4696ba6d95dfc Author: Werner Koch Date: Tue Aug 19 11:12:26 2014 +0200 build: Create VERSION file via autoconf. * Makefile.am (dist-hook): Remove creation of VERSION. (EXTRA_DIST): Add VERSION. * configure.ac: Let autoconf create VERSION. diff --git a/.gitignore b/.gitignore index 5fc934a..5a51f9f 100644 --- a/.gitignore +++ b/.gitignore @@ -157,3 +157,4 @@ tools/watchgnupg tools/gpgtar private-keys-v1.d/ x.parm +/VERSION diff --git a/Makefile.am b/Makefile.am index 2d07ad2..89e2077 100644 --- a/Makefile.am +++ b/Makefile.am @@ -25,7 +25,7 @@ GITLOG_TO_CHANGELOG=gitlog-to-changelog EXTRA_DIST = build-aux/config.rpath build-aux/potomo autogen.sh autogen.rc ChangeLog-2011 po/ChangeLog-2011 build-aux/ChangeLog-2011 \ - build-aux/gitlog-to-changelog \ + VERSION build-aux/gitlog-to-changelog \ build-aux/git-log-fix build-aux/git-log-footer \ build-aux/speedo.mk README.GIT @@ -93,7 +93,6 @@ dist_doc_DATA = README dist-hook: gen-ChangeLog - echo "$(VERSION)" > $(distdir)/VERSION if HAVE_W32_SYSTEM install-data-hook: diff --git a/configure.ac b/configure.ac index 02e02bb..ec259c3 100644 --- a/configure.ac +++ b/configure.ac @@ -47,7 +47,7 @@ m4_define([mym4_isbeta], m4_argn(2, mym4_verslist)) m4_define([mym4_version], m4_argn(4, mym4_verslist)) m4_define([mym4_revision], m4_argn(7, mym4_verslist)) m4_define([mym4_revision_dec], m4_argn(8, mym4_verslist)) - +m4_esyscmd([echo ]mym4_version[>VERSION]) AC_INIT([mym4_package],[mym4_version], [http://bugs.gnupg.org]) NEED_GPG_ERROR_VERSION=1.13 ----------------------------------------------------------------------- Summary of changes: .gitignore | 3 ++ Makefile.am | 3 +- build-aux/getswdb.sh | 121 ++++++++++++++++++++++++++++++++++++++++++++++++++ build-aux/speedo.mk | 65 +++++++++++++++++---------- configure.ac | 2 +- 5 files changed, 168 insertions(+), 26 deletions(-) create mode 100755 build-aux/getswdb.sh hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 19 12:52:12 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 19 Aug 2014 12:52:12 +0200 Subject: [git] gnupg-doc - branch, master, updated. 1d63effe8d30c76530cf7f6d3ba44ae76eab2371 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 1d63effe8d30c76530cf7f6d3ba44ae76eab2371 (commit) via 53b2cf09c0309c5cfc8cdbb2eaa62da18a6ac1f7 (commit) from 64dac94489afa59e44763dfd7c2f49ed40312615 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1d63effe8d30c76530cf7f6d3ba44ae76eab2371 Author: Werner Koch Date: Tue Aug 19 12:52:18 2014 +0200 swdb: Update and add Makefile for signing. diff --git a/web/Makefile b/web/Makefile new file mode 100644 index 0000000..d65dc10 --- /dev/null +++ b/web/Makefile @@ -0,0 +1,8 @@ + +all: swdb.lst.sig + +swdb.lst: swdb.mac + awk '/^#\+macro:/ {print $$2, $$3}' swdb.mac >swdb.lst + +swdb.lst.sig: swdb.lst + gpg -sbu 0x249B39D24F25E3B6 swdb.lst diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 15d4342..b5f3ae3 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -31,7 +31,7 @@ (aput 'org-publish-project-alist "gpgweb-other" '(:base-directory "." - :base-extension "jpg\\|png\\|css\\|txt\\|rss" + :base-extension "jpg\\|png\\|css\\|txt\\|rss\\|lst\\|sig" :recursive t :publishing-directory "../stage" :publishing-function org-publish-attachment @@ -205,8 +205,7 @@ "werner at trithemius.gnupg.org:" "/var/www/www/www.gnupg.org/htdocs/ ;" " ssh werner at trithemius.gnupg.org" - " touch /var/www/www/www.gnupg.org/htdocs/donate/donors.dat")))) - + " touch /var/www/www/www.gnupg.org/htdocs/donate/donors.dat")) (provide 'gpgweb) diff --git a/web/swdb.mac b/web/swdb.mac index 17192c1..0e78807 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -1,4 +1,5 @@ # Version information +# Please run make in this directory after changing this file. # # Primary FTP server base directory @@ -13,6 +14,12 @@ #+macro: gnupg_size 4203k #+macro: gnupg_sha1 3ff5b38152c919724fd09cf2f17df704272ba192 +# +# GnuPG-2.1 +# +#+macro: gnupg21_ver 2.1.0 +#+macro: gnupg21_branch master + # # GnuPG-1 @@ -77,7 +84,7 @@ # DirMngr # #+macro: dirmngr_ver 1.1.0 -#+macro: dirmngr_size 543k" +#+macro: dirmngr_size 543k #+macro: dirmngr_sha1 a7a7d1432db9edad2783ea1bce761a8106464165 @@ -97,5 +104,18 @@ #+macro: libassuan_sha1 7aed69734ba64b63004107cada671b5861d332a4 +# +# nPth +# +#+macro: npth_ver 0.91 + + +# +# GpgEX +# +#+macro: gpgex_ver 1.0.1 + + + # --- end of swdb.mac --- commit 53b2cf09c0309c5cfc8cdbb2eaa62da18a6ac1f7 Author: Werner Koch Date: Sun Aug 17 14:00:34 2014 +0200 FAQ and swdb update. diff --git a/web/donate/index.org b/web/donate/index.org index 23e65f7..e1fa444 100644 --- a/web/donate/index.org +++ b/web/donate/index.org @@ -7,7 +7,9 @@ Maintaining and improving GnuPG is costly. For more than a decade, [[https://g10code.com][g10^code]] GmbH, a company owned and headed by GnuPG's principal author Werner Koch, is bearing the majority of these costs. To help - them carry on this work, they need your support. + them carry on this work, they need your support. Note that despite + GnuPG carries an [[https://www.fsf.org][FSF]] copyright notice, they never funded the + development or hosting costs. If you are using [[http://gnupg.org][GnuPG]], [[http://directory.fsf.org/project/libgcrypt/][Libgcrypt]], [[http://gnupg.org/related_software/gpgme/][GPGME]], or [[https://www.gpg4win.org][Gpg4win]] and would like to help with development and maintenance please consider to make a @@ -75,8 +77,9 @@ - If you want to be listed on the sponsors page, please enter - your name as it shall appear there. + If you want to be listed on the + list of donors, + please enter your name as it shall appear there. diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index 81ba8fa..e442dcd 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -1893,22 +1893,51 @@ some of the answers in this section. -** Why does GnuPG use RSA-2048 by default? +** Why does GnuPG default to 2048 bit RSA-2048? :PROPERTIES: :CUSTOM_ID: default_rsa2048 :END: -The United States National Institute of Standards and Technology -([[http://www.nist.gov][NIST]]) believes that 2048-bit [[#define_asymc][asymmetric cryptography]] will be secure -until at least the year 2030. Larger keys are unlikely to extend this -duration very much. Further, large keys come with their own problems: -they cannot be moved to smartcards, mobile devices have trouble with -them, and so on. +At the time the decision was made, 2048-bit RSA was thought to provide +reasonable security for the next decade or more while still being +compatible with the overwhelming majority of the OpenPGP ecosystem. + +*** Is that still the case? +Largely, yes. According to NIST Special Publication 800-57, published +in July 2012, 2048-bit RSA is believed safe until 2030. At present, +no reputable cryptographer or research group has cast doubt on the +safety of RSA-2048. That said, many are suggesting shifting to larger +keys, and GnuPG will be making such a shift in the near future. + +*** What do other groups have to say about 2048-bit RSA? +In 2014, the German Bundesnetzagentur fuer Elektrizitaet, Gas, +Telekommunikation, Post und Eisenbahnen recommended using RSA-2048 for +long-term security in electronic signatures. + +In 2012, ECRYPT-II published their ?Yearly Report on Algorithms and +Keysizes? wherein they expressed their belief RSA-1776 will suffice +until at least 2020, and RSA-2432 until 2030. + +In 2010, France?s Agence Nationale de la Securite des Systems +d?Information stated they had confidence in RSA-2048 until at +least 2020. + +*** Is there a general recommendation that 3072-bit keys be used for new applications? +No, although some respected people and groups within the cryptographic +community have made such recommendations. Some even recommend +4096-bit keys. -GnuPG uses RSA by default instead of DSA not because of any problems -with DSA, but just because RSA has a larger installed user base and is -better supported by other OpenPGP-compatible products. +*** Will GnuPG ever support RSA-3072 or RSA-4096 by default? +Probably not. The future is elliptical-curve cryptography, which will +bring a level of safety comparable to RSA-16384. Every minute we +spend arguing about whether we should change the defaults to RSA-3072 +or more is one minute the shift to ECC is delayed. Frankly, we think +ECC is a really good idea and we'd like to see it deployed as soon as +humanly possible. +*** I think I need larger key sizes. +By all means, feel free to generate certificates with larger keys. +GnuPG supports up to 4096-bit keys. ** Do other high-security applications use RSA-2048? @@ -1916,7 +1945,6 @@ better supported by other OpenPGP-compatible products. :CUSTOM_ID: rsa2048_in_the_real_world :END: - 2048-bit RSA is commonly used to secure SSL root signing certificates. It?s also used to sign operating system patches, Authenticode signatures, Java applets and more. RSA-2048 is believed to be safe @@ -1924,13 +1952,11 @@ against attack until at least the year 2030, so use it with confidence. - ** Why doesn?t GnuPG default to using RSA-4096? :PROPERTIES: :CUSTOM_ID: no_default_of_rsa4096 :END: - Because it gives us almost nothing, while costing us quite a lot. Breaking an RSA-10 key requires you to try each prime number between @@ -1961,7 +1987,6 @@ well-served with RSA-2048. :CUSTOM_ID: please_use_ecc :END: - Almost always when people use 4096-bit RSA they?re doing so because they believe RSA-4096 to be much stronger than it is. The United States? National Institute of Standards and Technology ([[http://www.nist.gov][NIST]]) states @@ -1982,7 +2007,6 @@ RSA. :CUSTOM_ID: not_a_bad_idea_just_unnecessary :END: - RSA-4096 is not a bad idea: it?s just, generally speaking, unnecessary. You gain very little in the way of additional resistance to brute-forcing and cryptanalysis. diff --git a/web/index.org b/web/index.org index b67c585..37ed1a4 100644 --- a/web/index.org +++ b/web/index.org @@ -5,17 +5,18 @@ * The GNU Privacy Guard #+index: GnuPG #+index: GPG +#+index: PGP #+index: Gpg4win #+index: GPGTools -GnuPG is the [[http://www.gnu.org/][GNU project]]'s complete and free implementation of the -OpenPGP standard as defined by [[http://www.ietf.org/rfc/rfc4880.txt][RFC4880]]. GnuPG allows to encrypt and +GnuPG is a complete and free implementation of the OpenPGP standard as +defined by [[http://www.ietf.org/rfc/rfc4880.txt][RFC4880]] (also known as /PGP/). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as /GPG/, is a command line tool with features for easy integration with other applications. A wealth of [[file:related_software/frontends.html][frontend applications]] and [[file:related_software/libraries.html][libraries]] are available. Version 2 of GnuPG -also provides support for S/MIME. +also provides support for S/MIME and Secure Shell (ssh). GnuPG is [[http://www.gnu.org/philosophy/free-sw.html][Free Software]] (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the @@ -23,7 +24,7 @@ be freely used, modified and distributed under the terms of the GnuPG comes in two flavours: [[download][{{{gnupg1_ver}}}]] is the well known and portable standalone version, whereas [[download][{{{gnupg_ver}}}]] is the enhanced -and somewhat harder to build version. +and modern version and suggested for most users. Project [[http://www.gpg4win.org][Gpg4win]] provides a Windows version of GnuPG. It is nicely integrated into an installer and features several frontends as well as @@ -32,8 +33,6 @@ English and German manuals. Project [[http://gpgtools.org][GPGTools]] provides a Mac OS X version of GnuPG. It is nicely integrated into an installer and features all required tools. -Project [[https://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME functionality in GnuPG 2. - #+BEGIN_HTML

This site is currently undergoing a complete redesign. We apologize for any inconveniences like broken links @@ -41,6 +40,18 @@ Project [[https://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME funct already aware of them. (2014-05-28 wk)

#+END_HTML +* Reconquer your privacy + +Even if you have nothing to hide, using encryption helps protect the +privacy of people you communicate with, and makes life difficult for +bulk surveillance systems. If you do have something important to hide, +you are in good company; GnuPG is one of the tools that Edward Snowden +used to uncover his secrets about the NSA. + +Please visit the [[https://emailselfdefense.fsf.org][Email Self-Defense]] site to learn how and why you +should use GnuPG for your electronic communication. + + * Latest news #+index: News @@ -51,10 +62,33 @@ all [[file:news.org][news of previous years]] is also available. # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just # point or paste the [[news.en.rss][RSS file]] into your aggregator. + +** GnuPG 2.0.26 released (2014-08-12) + +GnuPG 2.0.26 is now available. This is a maintenance release. [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000353.html][{more}]] + +** Libgcrypt 1.5.4 security fix release :important: + +Using any Libgcrypt version less than 1.5.4 with GnuPG 2.0.x and +Elgamal encryption keys is vulnerable to the /Get Your Hands Off My +Laptop/ attack. Please update to the newly released Libgcrypt 1.5.4 +or a 1.6 version. [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html][{more}]] + +** Get Your Hands Off My Laptop (2014-08-07) + +Daniel Genkin, Itamar Pipman, and Eran Tromer latest side channel +attack targets an /older version/ of GnuPG. If your GnuPG and +Libgcrypt versions are up-to-date you are safe. [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000349.html][{more}]] + +** GPGME 1.5.1 and 1.4.4 released (2014-08-07) :important: + +A security fix release for the GPGME library is available. It is +suggested to update to one of these version. [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000350.html][{more}]] + ** GnuPG 2.0.25 and 1.4.18 released (2014-06-30) To fix a minor regression in the previous releases we released today -new version sof GnuPG-1 and GnuPG-2: [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000346.html][{2.0.25}]], [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000347.html][{1.4.18}]] +new versions of GnuPG-1 and GnuPG-2: [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000346.html][{2.0.25}]], [[http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000347.html][{1.4.18}]] ** GnuPG 2.0.24 released (2014-06-24) :important: diff --git a/web/swdb.mac b/web/swdb.mac index 0840198..17192c1 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -8,10 +8,10 @@ # # GnuPG-2 # -#+macro: gnupg_ver 2.0.25 +#+macro: gnupg_ver 2.0.26 #+macro: gnupg_branch STABLE-BRANCH-2-0 -#+macro: gnupg_size 4201k -#+macro: gnupg_sha1 890d77d89f2d187382f95e83e386f2f7ba789436 +#+macro: gnupg_size 4203k +#+macro: gnupg_sha1 3ff5b38152c919724fd09cf2f17df704272ba192 # @@ -51,10 +51,10 @@ # # GPGME # -#+macro: gpgme_ver 1.4.3 +#+macro: gpgme_ver 1.5.1 #+macro: gpgme_branch master -#+macro: gpgme_size 950k -#+macro: gpgme_sha1 ffdb5e4ce85220501515af8ead86fd499525ef9a +#+macro: gpgme_size 943k +#+macro: gpgme_sha1 a91c258e79acf30ec86a667e07f835e5e79342d8 # @@ -92,9 +92,9 @@ # # LIBASSUAN # -#+macro: libassuan_ver 2.1.1 -#+macro: libassuan_size 526k -#+macro: libassuan_sha1 8bd3826de30651eb8f9b8673e2edff77cd70aca1 +#+macro: libassuan_ver 2.1.2 +#+macro: libassuan_size 504k +#+macro: libassuan_sha1 7aed69734ba64b63004107cada671b5861d332a4 ----------------------------------------------------------------------- Summary of changes: web/Makefile | 8 ++++++++ web/donate/index.org | 9 ++++++--- web/faq/gnupg-faq.org | 54 +++++++++++++++++++++++++++++++++++-------------- web/index.org | 48 ++++++++++++++++++++++++++++++++++++------- web/share/gpgweb.el | 5 ++--- web/swdb.mac | 40 +++++++++++++++++++++++++++--------- 6 files changed, 126 insertions(+), 38 deletions(-) create mode 100644 web/Makefile hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 20 11:42:44 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 20 Aug 2014 11:42:44 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-18-g4d8f020 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via 4d8f020fce608d24ec2738a42fe889cddfea879b (commit) via d0f90d06514a470b814c0b8351e515e54425019e (commit) from 2285a1e3666488c5bba2c5fa3e51541541b2d23e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4d8f020fce608d24ec2738a42fe889cddfea879b Author: Werner Koch Date: Thu Jul 24 12:30:32 2014 +0200 ecc: Support the non-standard 0x40 compression flag for EdDSA. * cipher/ecc.c (ecc_generate): Check the "comp" flag for EdDSA. * cipher/ecc-eddsa.c (eddsa_encode_x_y): Add arg WITH_PREFIX. (_gcry_ecc_eddsa_encodepoint): Ditto. (_gcry_ecc_eddsa_ensure_compact): Handle the 0x40 compression prefix. (_gcry_ecc_eddsa_decodepoint): Ditto. * tests/keygrip.c: Check an compresssed with prefix Ed25519 key. * tests/t-ed25519.inp: Ditto. -- (cherry picked from commit 4556f9b19c024f16bdf542da7173395c0741b91d) diff --git a/cipher/ecc-common.h b/cipher/ecc-common.h index c407c74..f066b4b 100644 --- a/cipher/ecc-common.h +++ b/cipher/ecc-common.h @@ -107,6 +107,7 @@ gpg_err_code_t _gcry_ecc_eddsa_recover_x (gcry_mpi_t x, gcry_mpi_t y, int sign, mpi_ec_t ec); gpg_err_code_t _gcry_ecc_eddsa_encodepoint (mpi_point_t point, mpi_ec_t ctx, gcry_mpi_t x, gcry_mpi_t y, + int with_prefix, unsigned char **r_buffer, unsigned int *r_buflen); gpg_err_code_t _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 41adfd1..306f2ad 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -1044,7 +1044,7 @@ _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy) unsigned char *encpk; unsigned int encpklen; - if (!_gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, + if (!_gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, 0, &encpk, &encpklen)) return mpi_set_opaque (NULL, encpk, encpklen*8); } diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index d08a84f..65024a3 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -1,5 +1,5 @@ /* ecc-eddsa.c - Elliptic Curve EdDSA signatures - * Copyright (C) 2013 g10 Code GmbH + * Copyright (C) 2013, 2014 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -83,35 +83,42 @@ eddsa_encodempi (gcry_mpi_t mpi, unsigned int minlen, /* Encode (X,Y) using the EdDSA scheme. MINLEN is the required length - in bytes for the result. On success 0 is returned and a malloced - buffer with the encoded point is stored at R_BUFFER; the length of - this buffer is stored at R_BUFLEN. */ + in bytes for the result. If WITH_PREFIX is set the returned buffer + is prefixed with a 0x40 byte. On success 0 is returned and a + malloced buffer with the encoded point is stored at R_BUFFER; the + length of this buffer is stored at R_BUFLEN. */ static gpg_err_code_t eddsa_encode_x_y (gcry_mpi_t x, gcry_mpi_t y, unsigned int minlen, + int with_prefix, unsigned char **r_buffer, unsigned int *r_buflen) { unsigned char *rawmpi; unsigned int rawmpilen; + int off = with_prefix? 1:0; - rawmpi = _gcry_mpi_get_buffer (y, minlen, &rawmpilen, NULL); + rawmpi = _gcry_mpi_get_buffer_extra (y, minlen, off?-1:0, &rawmpilen, NULL); if (!rawmpi) return gpg_err_code_from_syserror (); if (mpi_test_bit (x, 0) && rawmpilen) - rawmpi[rawmpilen - 1] |= 0x80; /* Set sign bit. */ + rawmpi[off + rawmpilen - 1] |= 0x80; /* Set sign bit. */ + if (off) + rawmpi[0] = 0x40; *r_buffer = rawmpi; - *r_buflen = rawmpilen; + *r_buflen = rawmpilen + off; return 0; } /* Encode POINT using the EdDSA scheme. X and Y are either scratch variables supplied by the caller or NULL. CTX is the usual - context. On success 0 is returned and a malloced buffer with the - encoded point is stored at R_BUFFER; the length of this buffer is - stored at R_BUFLEN. */ + context. If WITH_PREFIX is set the returned buffer is prefixed + with a 0x40 byte. On success 0 is returned and a malloced buffer + with the encoded point is stored at R_BUFFER; the length of this + buffer is stored at R_BUFLEN. */ gpg_err_code_t _gcry_ecc_eddsa_encodepoint (mpi_point_t point, mpi_ec_t ec, gcry_mpi_t x_in, gcry_mpi_t y_in, + int with_prefix, unsigned char **r_buffer, unsigned int *r_buflen) { gpg_err_code_t rc; @@ -126,7 +133,7 @@ _gcry_ecc_eddsa_encodepoint (mpi_point_t point, mpi_ec_t ec, rc = GPG_ERR_INTERNAL; } else - rc = eddsa_encode_x_y (x, y, ec->nbits/8, r_buffer, r_buflen); + rc = eddsa_encode_x_y (x, y, ec->nbits/8, with_prefix, r_buffer, r_buflen); if (!x_in) mpi_free (x); @@ -155,29 +162,40 @@ _gcry_ecc_eddsa_ensure_compact (gcry_mpi_t value, unsigned int nbits) return GPG_ERR_INV_OBJ; rawmpilen = (rawmpilen + 7)/8; - /* Check whether the public key has been given in standard - uncompressed format. In this case extract y and compress. */ - if (rawmpilen > 1 && buf[0] == 0x04 && (rawmpilen%2)) + if (rawmpilen > 1 && (rawmpilen%2)) { - rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD, - buf+1, (rawmpilen-1)/2, NULL); - if (rc) - return rc; - rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD, - buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL); - if (rc) + if (buf[0] == 0x04) { - mpi_free (x); - return rc; - } + /* Buffer is in SEC1 uncompressed format. Extract y and + compress. */ + rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD, + buf+1, (rawmpilen-1)/2, NULL); + if (rc) + return rc; + rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD, + buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL); + if (rc) + { + mpi_free (x); + return rc; + } - rc = eddsa_encode_x_y (x, y, nbits/8, &enc, &enclen); - mpi_free (x); - mpi_free (y); - if (rc) - return rc; + rc = eddsa_encode_x_y (x, y, nbits/8, 0, &enc, &enclen); + mpi_free (x); + mpi_free (y); + if (rc) + return rc; - mpi_set_opaque (value, enc, 8*enclen); + mpi_set_opaque (value, enc, 8*enclen); + } + else if (buf[0] == 0x40) + { + /* Buffer is compressed but with our SEC1 alike compression + indicator. Remove that byte. FIXME: We should write and + use a function to manipulate an opaque MPI in place. */ + if (!_gcry_mpi_set_opaque_copy (value, buf + 1, (rawmpilen - 1)*8)) + return gpg_err_code_from_syserror (); + } } return 0; @@ -267,7 +285,7 @@ _gcry_ecc_eddsa_recover_x (gcry_mpi_t x, gcry_mpi_t y, int sign, mpi_ec_t ec) the usual curve context. If R_ENCPK is not NULL, the encoded PK is stored at that address; this is a new copy to be released by the caller. In contrast to the supplied PK, this is not an MPI and - thus guarnateed to be properly padded. R_ENCPKLEN receives the + thus guaranteed to be properly padded. R_ENCPKLEN receives the length of that encoded key. */ gpg_err_code_t _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, @@ -287,40 +305,54 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, return GPG_ERR_INV_OBJ; rawmpilen = (rawmpilen + 7)/8; - /* First check whether the public key has been given in standard - uncompressed format. No need to recover x in this case. - Detection is easy: The size of the buffer will be odd and the - first byte be 0x04. */ - if (rawmpilen > 1 && buf[0] == 0x04 && (rawmpilen%2)) + /* Handle compression prefixes. The size of the buffer will be + odd in this case. */ + if (rawmpilen > 1 && (rawmpilen%2)) { - gcry_mpi_t x, y; - - rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD, - buf+1, (rawmpilen-1)/2, NULL); - if (rc) - return rc; - rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD, - buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2, NULL); - if (rc) + /* First check whether the public key has been given in + standard uncompressed format (SEC1). No need to recover + x in this case. */ + if (buf[0] == 0x04) { - mpi_free (x); - return rc; - } + gcry_mpi_t x, y; - if (r_encpk) - { - rc = eddsa_encode_x_y (x, y, ctx->nbits/8, r_encpk, r_encpklen); + rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_STD, + buf+1, (rawmpilen-1)/2, NULL); + if (rc) + return rc; + rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_STD, + buf+1+(rawmpilen-1)/2, (rawmpilen-1)/2,NULL); if (rc) { mpi_free (x); - mpi_free (y); return rc; } + + if (r_encpk) + { + rc = eddsa_encode_x_y (x, y, ctx->nbits/8, 0, + r_encpk, r_encpklen); + if (rc) + { + mpi_free (x); + mpi_free (y); + return rc; + } + } + mpi_snatch (result->x, x); + mpi_snatch (result->y, y); + mpi_set_ui (result->z, 1); + return 0; + } + + /* Check whether the public key has been prefixed with a 0x40 + byte to explicitly indicate compressed format using a SEC1 + alike prefix byte. This is a Libgcrypt extension. */ + if (buf[0] == 0x40) + { + rawmpilen--; + buf++; } - mpi_snatch (result->x, x); - mpi_snatch (result->y, y); - mpi_set_ui (result->z, 1); - return 0; } /* EdDSA compressed point. */ @@ -334,7 +366,7 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, { /* Note: Without using an opaque MPI it is not reliable possible to find out whether the public key has been given in - uncompressed format. Thus we expect EdDSA format here. */ + uncompressed format. Thus we expect native EdDSA format. */ rawmpi = _gcry_mpi_get_buffer (pk, ctx->nbits/8, &rawmpilen, NULL); if (!rawmpi) return gpg_err_code_from_syserror (); @@ -582,7 +614,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, else { _gcry_mpi_ec_mul_point (&Q, a, &skey->E.G, ctx); - rc = _gcry_ecc_eddsa_encodepoint (&Q, ctx, x, y, &encpk, &encpklen); + rc = _gcry_ecc_eddsa_encodepoint (&Q, ctx, x, y, 0, &encpk, &encpklen); if (rc) goto leave; if (DBG_CIPHER) @@ -612,7 +644,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, log_printpnt (" r", &I, ctx); /* Convert R into affine coordinates and apply encoding. */ - rc = _gcry_ecc_eddsa_encodepoint (&I, ctx, x, y, &rawmpi, &rawmpilen); + rc = _gcry_ecc_eddsa_encodepoint (&I, ctx, x, y, 0, &rawmpi, &rawmpilen); if (rc) goto leave; if (DBG_CIPHER) @@ -784,7 +816,7 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey, _gcry_mpi_ec_mul_point (&Ib, h, &Q, ctx); _gcry_mpi_neg (Ib.x, Ib.x); _gcry_mpi_ec_add_points (&Ia, &Ia, &Ib, ctx); - rc = _gcry_ecc_eddsa_encodepoint (&Ia, ctx, s, h, &tbuf, &tlen); + rc = _gcry_ecc_eddsa_encodepoint (&Ia, ctx, s, h, 0, &tbuf, &tlen); if (rc) goto leave; if (tlen != rlen || memcmp (tbuf, rbuf, tlen)) diff --git a/cipher/ecc.c b/cipher/ecc.c index debb71b..885ff09 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -35,15 +35,12 @@ verification algorithms. The arithmetic functions have entirely been rewritten and moved to mpi/ec.c. - ECDH encrypt and decrypt code written by Andrey Jivsov, + ECDH encrypt and decrypt code written by Andrey Jivsov. */ /* TODO: - - If we support point compression we need to uncompress before - computing the keygrip - - In mpi/ec.c we use mpi_powm for x^2 mod p: Either implement a special case in mpi_powm or check whether mpi_mulm is faster. @@ -487,7 +484,9 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) unsigned char *encpk; unsigned int encpklen; - rc = _gcry_ecc_eddsa_encodepoint (&sk.Q, ctx, x, y, &encpk, &encpklen); + rc = _gcry_ecc_eddsa_encodepoint (&sk.Q, ctx, x, y, + !!(flags & PUBKEY_FLAG_COMP), + &encpk, &encpklen); if (rc) return rc; public = mpi_new (0); @@ -1653,7 +1652,7 @@ _gcry_pk_ecc_get_sexp (gcry_sexp_t *r_sexp, int mode, mpi_ec_t ec) unsigned char *encpk; unsigned int encpklen; - rc = _gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, + rc = _gcry_ecc_eddsa_encodepoint (ec->Q, ec, NULL, NULL, 0, &encpk, &encpklen); if (rc) goto leave; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 58491fb..9e9d436 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2235,7 +2235,9 @@ The private key @math{d} All point values are encoded in standard format; Libgcrypt does in general only support uncompressed points, thus the first byte needs to be @code{0x04}. However ``EdDSA'' describes its own compression -scheme which is used by default. +scheme which is used by default; the non-standard first byte + at code{0x40} may optionally be used to explicit flag the use of the +algorithm?s native compression method. The public key is similar with "private-key" replaced by "public-key" and no @var{d-mpi}. @@ -2305,9 +2307,11 @@ are known: If supported by the algorithm and curve the @code{comp} flag requests that points are returned in compact (compressed) representation. The @code{nocomp} flag requests that points are returned with full -coordinates. The default depends on the the algorithm and curve. -The compact representation requires a small overhead before a point -can be used but halves the size of a to be conveyed public key. +coordinates. The default depends on the the algorithm and curve. The +compact representation requires a small overhead before a point can be +used but halves the size of a to be conveyed public key. If + at code{comp} is used with the ``EdDSA'' algorithm the key generation +prefix the public key with a @code{0x40} byte. @item pkcs1 @cindex PKCS1 diff --git a/tests/keygrip.c b/tests/keygrip.c index 330935d..72960ea 100644 --- a/tests/keygrip.c +++ b/tests/keygrip.c @@ -175,6 +175,17 @@ static struct "\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70" "\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47" }, + { /* Ed25519+EdDSA (with compression prefix) */ + GCRY_PK_ECC, + "(public-key" + " (ecc" + " (curve Ed25519)(flags eddsa)" + " (q #40" + " 773E72848C1FD5F9652B29E2E7AF79571A04990E96F2016BF4E0EC1890C2B7DB#)" + " ))", + "\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70" + "\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47" + }, { /* Ed25519+EdDSA (same but uncompressed)*/ GCRY_PK_ECC, "(public-key" diff --git a/tests/t-ed25519.c b/tests/t-ed25519.c index 465a217..b7f3307 100644 --- a/tests/t-ed25519.c +++ b/tests/t-ed25519.c @@ -32,7 +32,7 @@ #include "stopwatch.h" #define PGM "t-ed25519" -#define N_TESTS 1025 +#define N_TESTS 1026 #define my_isascii(c) (!((c) & 0x80)) #define digitp(p) (*(p) >= '0' && *(p) <= '9') diff --git a/tests/t-ed25519.inp b/tests/t-ed25519.inp index 61387c4..e13566f 100644 --- a/tests/t-ed25519.inp +++ b/tests/t-ed25519.inp @@ -6162,3 +6162,11 @@ SK: 9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60 PK: 0455d0e09a2b9d34292297e08d60d0f620c513d47253187c24b12786bd777645ce1a5107f7681a02af2523a6daf372e10e3a0764c9d3fe4bd5b70ab18201985ad7 MSG: SIG: e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b + +# Now an additional test with the data from test 1 but using an +# compressed prefix. +TST: 1 +SK: 9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60 +PK: 40d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a +MSG: +SIG: e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b commit d0f90d06514a470b814c0b8351e515e54425019e Author: Werner Koch Date: Thu Jul 24 16:16:53 2014 +0200 mpi: Extend the internal mpi_get_buffer. * mpi/mpicoder.c (do_get_buffer): Add arg EXTRAALLOC. (_gcry_mpi_get_buffer_extra): New. -- (cherry picked from commit 0e10902ad7584277ac966367efc712b183784532) diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index 58a4240..896dda1 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -1,7 +1,7 @@ /* mpicoder.c - Coder for the external representation of MPIs * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 * 2008 Free Software Foundation, Inc. - * Copyright (C) 2013 g10 Code GmbH + * Copyright (C) 2013, 2014 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -181,19 +181,27 @@ mpi_fromstr (gcry_mpi_t val, const char *str) returned value is stored as little endian and right padded with zeroes so that the returned buffer has at least FILL_LE bytes. + If EXTRAALLOC > 0 the returned buffer has these number of bytes + extra allocated at the end; if EXTRAALLOC < 0 the returned buffer + has the absolute value of EXTRAALLOC allocated at the begin of the + buffer (the are not initialized) and the MPI is stored right after + this. This feature is useful to allow the caller to prefix the + returned value. EXTRAALLOC is _not_ included in the value stored + at NBYTES. + Caller must free the return string. This function returns an allocated buffer with NBYTES set to zero if the value of A is zero. If sign is not NULL, it will be set to the sign of the A. On error NULL is returned and ERRNO set appropriately. */ static unsigned char * -do_get_buffer (gcry_mpi_t a, unsigned int fill_le, +do_get_buffer (gcry_mpi_t a, unsigned int fill_le, int extraalloc, unsigned int *nbytes, int *sign, int force_secure) { - unsigned char *p, *buffer; + unsigned char *p, *buffer, *retbuffer; unsigned int length, tmp; mpi_limb_t alimb; int i; - size_t n; + size_t n, n2; if (sign) *sign = a->sign; @@ -202,10 +210,20 @@ do_get_buffer (gcry_mpi_t a, unsigned int fill_le, n = *nbytes? *nbytes:1; /* Allocate at least one byte. */ if (n < fill_le) n = fill_le; - p = buffer = (force_secure || mpi_is_secure(a))? xtrymalloc_secure (n) - : xtrymalloc (n); - if (!buffer) + if (extraalloc < 0) + n2 = n + -extraalloc; + else + n2 = n + extraalloc; + + retbuffer = (force_secure || mpi_is_secure(a))? xtrymalloc_secure (n2) + : xtrymalloc (n2); + if (!retbuffer) return NULL; + if (extraalloc < 0) + buffer = retbuffer + -extraalloc; + else + buffer = retbuffer; + p = buffer; for (i=a->nlimbs-1; i >= 0; i--) { @@ -244,7 +262,7 @@ do_get_buffer (gcry_mpi_t a, unsigned int fill_le, *p++ = 0; *nbytes = length; - return buffer; + return retbuffer; } /* This is sub-optimal but we need to do the shift operation because @@ -252,8 +270,8 @@ do_get_buffer (gcry_mpi_t a, unsigned int fill_le, for (p=buffer; *nbytes && !*p; p++, --*nbytes) ; if (p != buffer) - memmove (buffer,p, *nbytes); - return buffer; + memmove (buffer, p, *nbytes); + return retbuffer; } @@ -261,14 +279,21 @@ byte * _gcry_mpi_get_buffer (gcry_mpi_t a, unsigned int fill_le, unsigned int *r_nbytes, int *sign) { - return do_get_buffer (a, fill_le, r_nbytes, sign, 0); + return do_get_buffer (a, fill_le, 0, r_nbytes, sign, 0); +} + +byte * +_gcry_mpi_get_buffer_extra (gcry_mpi_t a, unsigned int fill_le, int extraalloc, + unsigned int *r_nbytes, int *sign) +{ + return do_get_buffer (a, fill_le, extraalloc, r_nbytes, sign, 0); } byte * _gcry_mpi_get_secure_buffer (gcry_mpi_t a, unsigned int fill_le, unsigned int *r_nbytes, int *sign) { - return do_get_buffer (a, fill_le, r_nbytes, sign, 1); + return do_get_buffer (a, fill_le, 0, r_nbytes, sign, 1); } diff --git a/src/mpi.h b/src/mpi.h index 7a57b9a..8446d23 100644 --- a/src/mpi.h +++ b/src/mpi.h @@ -156,6 +156,9 @@ void _gcry_log_mpidump( const char *text, gcry_mpi_t a ); u32 _gcry_mpi_get_keyid( gcry_mpi_t a, u32 *keyid ); byte *_gcry_mpi_get_buffer (gcry_mpi_t a, unsigned int fill_le, unsigned int *r_nbytes, int *sign); +byte *_gcry_mpi_get_buffer_extra (gcry_mpi_t a, unsigned int fill_le, + int extraalloc, + unsigned int *r_nbytes, int *sign); byte *_gcry_mpi_get_secure_buffer (gcry_mpi_t a, unsigned int fill_le, unsigned *r_nbytes, int *sign); void _gcry_mpi_set_buffer ( gcry_mpi_t a, const void *buffer, ----------------------------------------------------------------------- Summary of changes: cipher/ecc-common.h | 1 + cipher/ecc-curves.c | 2 +- cipher/ecc-eddsa.c | 152 +++++++++++++++++++++++++++++++-------------------- cipher/ecc.c | 11 ++-- doc/gcrypt.texi | 12 ++-- mpi/mpicoder.c | 49 +++++++++++++---- src/mpi.h | 3 + tests/keygrip.c | 11 ++++ tests/t-ed25519.c | 2 +- tests/t-ed25519.inp | 8 +++ 10 files changed, 167 insertions(+), 84 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 20 11:58:21 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 20 Aug 2014 11:58:21 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-12-gcb680c5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cb680c5ea540738692a5c74951802b0fdc658e85 (commit) from 31649e72fd106a990614ce3cf720640a841ba722 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cb680c5ea540738692a5c74951802b0fdc658e85 Author: Werner Koch Date: Wed Aug 20 09:59:36 2014 +0200 gpg: Fix "can't handle public key algorithm" warning. * g10/parse-packet.c (unknown_pubkey_warning): Check for encr/sign capabilities. diff --git a/g10/parse-packet.c b/g10/parse-packet.c index c69393a..cfae788 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -195,12 +195,29 @@ unknown_pubkey_warning (int algo) { static byte unknown_pubkey_algos[256]; - algo &= 0xff; - if (!unknown_pubkey_algos[algo]) + /* First check whether the algorithm is usable but not suitable for + encryption/signing. */ + if (pubkey_get_npkey (algo)) { if (opt.verbose) - log_info (_("can't handle public key algorithm %d\n"), algo); - unknown_pubkey_algos[algo] = 1; + { + if (!pubkey_get_nsig (algo)) + log_info ("public key algorithm %s not suitable for %s\n", + openpgp_pk_algo_name (algo), "signing"); + if (!pubkey_get_nenc (algo)) + log_info ("public key algorithm %s not suitable for %s\n", + openpgp_pk_algo_name (algo), "encryption"); + } + } + else + { + algo &= 0xff; + if (!unknown_pubkey_algos[algo]) + { + if (opt.verbose) + log_info (_("can't handle public key algorithm %d\n"), algo); + unknown_pubkey_algos[algo] = 1; + } } } ----------------------------------------------------------------------- Summary of changes: g10/parse-packet.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Aug 20 13:26:00 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 20 Aug 2014 13:26:00 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.18-6-gb89f57f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-1-4 has been updated via b89f57fe5db364f78154671e1b2fe1ecd1b5c407 (commit) via ecf2728230788f413cf1864c3cbda73d63de8491 (commit) via 45e3b81114f40070dd638ac790f42df01b8c1484 (commit) from d58552760b26d840824658814d59c8b1a25a4219 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b89f57fe5db364f78154671e1b2fe1ecd1b5c407 Author: Werner Koch Date: Wed Aug 20 13:25:17 2014 +0200 mpi: Suppress set-but-unused-variables warnings. * include/types.h (GNUPG_GCC_ATTR_UNUSED): Define for gcc >= 3.5. * mpi/mpih-div.c (mpihelp_divmod_1, mpihelp_mod_1): Mark dummy as unused. * mpi/mpi-internal.h (UDIV_QRNND_PREINV): Mark _ql as unused. -- Due to the use of macros and longlong.h, we use variables which are only used by some architectures. At least gcc 4.7.2 prints new warnings about set but not used variables. This patch silences them. diff --git a/include/types.h b/include/types.h index 6baccdb..3c52485 100644 --- a/include/types.h +++ b/include/types.h @@ -143,4 +143,13 @@ struct string_list { typedef struct string_list *STRLIST; typedef struct string_list *strlist_t; + + +#if __GNUC__ > 2 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 5 ) +# define GNUPG_GCC_ATTR_UNUSED __attribute__ ((unused)) +#else +# define GNUPG_GCC_ATTR_UNUSED +#endif + + #endif /*G10_TYPES_H*/ diff --git a/mpi/mpi-internal.h b/mpi/mpi-internal.h index 46da08d..9f79781 100644 --- a/mpi/mpi-internal.h +++ b/mpi/mpi-internal.h @@ -157,7 +157,8 @@ typedef int mpi_size_t; /* (must be a signed type) */ */ #define UDIV_QRNND_PREINV(q, r, nh, nl, d, di) \ do { \ - mpi_limb_t _q, _ql, _r; \ + mpi_limb_t _ql GNUPG_GCC_ATTR_UNUSED; \ + mpi_limb_t _q, _r; \ mpi_limb_t _xh, _xl; \ umul_ppmm (_q, _ql, (nh), (di)); \ _q += (nh); /* DI is 2**BITS_PER_MPI_LIMB too small */ \ diff --git a/mpi/mpih-div.c b/mpi/mpih-div.c index 235a810..eedfabf 100644 --- a/mpi/mpih-div.c +++ b/mpi/mpih-div.c @@ -49,7 +49,7 @@ mpihelp_mod_1(mpi_ptr_t dividend_ptr, mpi_size_t dividend_size, { mpi_size_t i; mpi_limb_t n1, n0, r; - int dummy; + int dummy GNUPG_GCC_ATTR_UNUSED; /* Botch: Should this be handled at all? Rely on callers? */ if( !dividend_size ) @@ -398,7 +398,7 @@ mpihelp_divmod_1( mpi_ptr_t quot_ptr, { mpi_size_t i; mpi_limb_t n1, n0, r; - int dummy; + int dummy GNUPG_GCC_ATTR_UNUSED; if( !dividend_size ) return 0; commit ecf2728230788f413cf1864c3cbda73d63de8491 Author: Werner Koch Date: Wed Aug 20 12:22:35 2014 +0200 Fix strict-alias warnings for rijndael.c * cipher/rijndael.c (do_setkey, prepare_decryption): Use u32_a_t cast. -- This extends commit 0ad1458f827c7602ef7f1a4652af05641fd02b62 diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 99ee4a0..57142df 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -1773,14 +1773,14 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen) #define W (ctx->keySched) for (j = KC-1; j >= 0; j--) { - *((u32*)tk[j]) = *((u32*)k[j]); + *((u32_a_t*)tk[j]) = *((u32_a_t*)k[j]); } r = 0; t = 0; /* copy values into round key array */ for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { for (; (j < KC) && (t < 4); j++, t++) { - *((u32*)W[r][t]) = *((u32*)tk[j]); + *((u32_a_t*)W[r][t]) = *((u32_a_t*)tk[j]); } if (t == 4) { r++; @@ -1799,24 +1799,24 @@ do_setkey (RIJNDAEL_context *ctx, const byte *key, const unsigned keylen) if (KC != 8) { for (j = 1; j < KC; j++) { - *((u32*)tk[j]) ^= *((u32*)tk[j-1]); + *((u32_a_t*)tk[j]) ^= *((u32_a_t*)tk[j-1]); } } else { for (j = 1; j < KC/2; j++) { - *((u32*)tk[j]) ^= *((u32*)tk[j-1]); + *((u32_a_t*)tk[j]) ^= *((u32_a_t*)tk[j-1]); } tk[KC/2][0] ^= S[tk[KC/2 - 1][0]]; tk[KC/2][1] ^= S[tk[KC/2 - 1][1]]; tk[KC/2][2] ^= S[tk[KC/2 - 1][2]]; tk[KC/2][3] ^= S[tk[KC/2 - 1][3]]; for (j = KC/2 + 1; j < KC; j++) { - *((u32*)tk[j]) ^= *((u32*)tk[j-1]); + *((u32_a_t*)tk[j]) ^= *((u32_a_t*)tk[j-1]); } } /* copy values into round key array */ for (j = 0; (j < KC) && (r < ROUNDS + 1); ) { for (; (j < KC) && (t < 4); j++, t++) { - *((u32*)W[r][t]) = *((u32*)tk[j]); + *((u32_a_t*)W[r][t]) = *((u32_a_t*)tk[j]); } if (t == 4) { r++; @@ -1845,29 +1845,29 @@ prepare_decryption( RIJNDAEL_context *ctx ) byte *w; for (r=0; r < MAXROUNDS+1; r++ ) { - *((u32*)ctx->keySched2[r][0]) = *((u32*)ctx->keySched[r][0]); - *((u32*)ctx->keySched2[r][1]) = *((u32*)ctx->keySched[r][1]); - *((u32*)ctx->keySched2[r][2]) = *((u32*)ctx->keySched[r][2]); - *((u32*)ctx->keySched2[r][3]) = *((u32*)ctx->keySched[r][3]); + *((u32_a_t*)ctx->keySched2[r][0]) = *((u32_a_t*)ctx->keySched[r][0]); + *((u32_a_t*)ctx->keySched2[r][1]) = *((u32_a_t*)ctx->keySched[r][1]); + *((u32_a_t*)ctx->keySched2[r][2]) = *((u32_a_t*)ctx->keySched[r][2]); + *((u32_a_t*)ctx->keySched2[r][3]) = *((u32_a_t*)ctx->keySched[r][3]); } #define W (ctx->keySched2) for (r = 1; r < ctx->ROUNDS; r++) { w = W[r][0]; - *((u32*)w) = *((u32*)U1[w[0]]) ^ *((u32*)U2[w[1]]) - ^ *((u32*)U3[w[2]]) ^ *((u32*)U4[w[3]]); + *((u32_a_t*)w) = *((u32_a_t*)U1[w[0]]) ^ *((u32_a_t*)U2[w[1]]) + ^ *((u32_a_t*)U3[w[2]]) ^ *((u32_a_t*)U4[w[3]]); w = W[r][1]; - *((u32*)w) = *((u32*)U1[w[0]]) ^ *((u32*)U2[w[1]]) - ^ *((u32*)U3[w[2]]) ^ *((u32*)U4[w[3]]); + *((u32_a_t*)w) = *((u32_a_t*)U1[w[0]]) ^ *((u32_a_t*)U2[w[1]]) + ^ *((u32_a_t*)U3[w[2]]) ^ *((u32_a_t*)U4[w[3]]); w = W[r][2]; - *((u32*)w) = *((u32*)U1[w[0]]) ^ *((u32*)U2[w[1]]) - ^ *((u32*)U3[w[2]]) ^ *((u32*)U4[w[3]]); + *((u32_a_t*)w) = *((u32_a_t*)U1[w[0]]) ^ *((u32_a_t*)U2[w[1]]) + ^ *((u32_a_t*)U3[w[2]]) ^ *((u32_a_t*)U4[w[3]]); w = W[r][3]; - *((u32*)w) = *((u32*)U1[w[0]]) ^ *((u32*)U2[w[1]]) - ^ *((u32*)U3[w[2]]) ^ *((u32*)U4[w[3]]); - } + *((u32_a_t*)w) = *((u32_a_t*)U1[w[0]]) ^ *((u32_a_t*)U2[w[1]]) + ^ *((u32_a_t*)U3[w[2]]) ^ *((u32_a_t*)U4[w[3]]); +} #undef W } commit 45e3b81114f40070dd638ac790f42df01b8c1484 Author: Werner Koch Date: Wed Aug 20 12:05:16 2014 +0200 gpg: Allow compressed data with algorithm 0. * g10/mainproc.c (proc_compressed): Remove superfluous check for an algorithm number of 0. -- (backport from commit 88633bf3d417aeb5ea0f75508aba8e32adc8acef) GnuPG-bug-id: 1326, 1684 diff --git a/g10/mainproc.c b/g10/mainproc.c index 5b6d8db..1e140ed 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -778,10 +778,7 @@ proc_compressed( CTX c, PACKET *pkt ) PKT_compressed *zd = pkt->pkt.compressed; int rc; - /*printf("zip: compressed data packet\n");*/ - if( !zd->algorithm ) - rc=G10ERR_COMPR_ALGO; - else if( c->sigs_only ) + if (c->sigs_only) rc = handle_compressed( c, zd, proc_compressed_cb, c ); else if( c->encrypt_only ) rc = handle_compressed( c, zd, proc_encrypt_cb, c ); ----------------------------------------------------------------------- Summary of changes: cipher/rijndael.c | 38 +++++++++++++++++++------------------- g10/mainproc.c | 5 +---- include/types.h | 9 +++++++++ mpi/mpi-internal.h | 3 ++- mpi/mpih-div.c | 4 ++-- 5 files changed, 33 insertions(+), 26 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 12:27:12 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 12:27:12 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-107-gf850add Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via f850add813d783f31ca6a60459dea25ef71bce7e (commit) via 18056ace7f466cb8c1eaf08e5dc0400516d83b4c (commit) from 34bb55ee36df3aca3ebca88f8b61c786cd0c0701 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f850add813d783f31ca6a60459dea25ef71bce7e Author: Werner Koch Date: Thu Aug 21 11:47:16 2014 +0200 cipher: Fix a segv in case of calling with wrong parameters. * cipher/md.c (_gcry_md_info): Fix arg testing. -- GnuPG-bug-id: 1697 diff --git a/cipher/md.c b/cipher/md.c index a1e5859..df8b027 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1181,7 +1181,7 @@ _gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes) GcryDigestEntry *r; int algo; - if ( !buffer || (nbytes && (*nbytes != sizeof (int)))) + if ( !buffer || !nbytes || *nbytes != sizeof (int)) rc = GPG_ERR_INV_ARG; else { commit 18056ace7f466cb8c1eaf08e5dc0400516d83b4c Author: Werner Koch Date: Thu Aug 21 11:39:17 2014 +0200 cipher: Fix possible NULL deref in call to prime generator. * cipher/primegen.c (_gcry_generate_elg_prime): Change to return an error code. * cipher/dsa.c (generate): Take care of new return code. * cipher/elgamal.c (generate): Change to return an error code. Take care of _gcry_generate_elg_prime return code. (generate_using_x): Take care of _gcry_generate_elg_prime return code. (elg_generate): Propagate return code from generate. -- GnuPG-bug-id: 1699, 1700 Reported-by: S.K. Gupta Note that the NULL deref may have only happened on malloc failure. diff --git a/cipher/dsa.c b/cipher/dsa.c index 1707d8c..09cd969 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -196,6 +196,7 @@ static gpg_err_code_t generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, int transient_key, dsa_domain_t *domain, gcry_mpi_t **ret_factors ) { + gpg_err_code_t rc; gcry_mpi_t p; /* the prime */ gcry_mpi_t q; /* the 160 bit prime factor */ gcry_mpi_t g; /* the generator */ @@ -247,7 +248,10 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, else { /* Generate new domain parameters. */ - p = _gcry_generate_elg_prime (1, nbits, qbits, NULL, ret_factors); + rc = _gcry_generate_elg_prime (1, nbits, qbits, NULL, &p, ret_factors); + if (rc) + return rc; + /* Get q out of factors. */ q = mpi_copy ((*ret_factors)[0]); gcry_assert (mpi_get_nbits (q) == qbits); diff --git a/cipher/elgamal.c b/cipher/elgamal.c index a71a9bc..cb3ca43 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -61,7 +61,8 @@ static const char *elg_names[] = static int test_keys (ELG_secret_key *sk, unsigned int nbits, int nodie); static gcry_mpi_t gen_k (gcry_mpi_t p, int small_k); -static void generate (ELG_secret_key *sk, unsigned nbits, gcry_mpi_t **factors); +static gcry_err_code_t generate (ELG_secret_key *sk, unsigned nbits, + gcry_mpi_t **factors); static int check_secret_key (ELG_secret_key *sk); static void do_encrypt (gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey); @@ -268,9 +269,10 @@ gen_k( gcry_mpi_t p, int small_k ) * Returns: 2 structures filled with all needed values * and an array with n-1 factors of (p-1) */ -static void +static gcry_err_code_t generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* the prime */ gcry_mpi_t p_min1; gcry_mpi_t g; @@ -285,7 +287,13 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) if( qbits & 1 ) /* better have a even one */ qbits++; g = mpi_alloc(1); - p = _gcry_generate_elg_prime( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui(p_min1, p, 1); @@ -359,6 +367,8 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) /* Now we can test our keys (this should never fail!) */ test_keys ( sk, nbits - 64, 0 ); + + return 0; } @@ -373,6 +383,7 @@ static gcry_err_code_t generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* The prime. */ gcry_mpi_t p_min1; /* The prime minus 1. */ gcry_mpi_t g; /* The generator. */ @@ -395,7 +406,13 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, if ( (qbits & 1) ) /* Better have an even one. */ qbits++; g = mpi_alloc (1); - p = _gcry_generate_elg_prime ( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors ); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui (p_min1, p, 1); if (DBG_CIPHER) @@ -662,8 +679,7 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) } else { - generate (&sk, nbits, &factors); - rc = 0; + rc = generate (&sk, nbits, &factors); } if (rc) goto leave; diff --git a/cipher/primegen.c b/cipher/primegen.c index 9f6ec70..14a5ccf 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -726,19 +726,22 @@ prime_generate_internal (int need_q_factor, /* Generate a prime used for discrete logarithm algorithms; i.e. this - prime will be public and no strong random is required. */ -gcry_mpi_t + prime will be public and no strong random is required. On success + R_PRIME receives a new MPI with the prime. On error R_PRIME is set + to NULL and an error code is returned. If RET_FACTORS is not NULL + it is set to an allocated array of factors on success or to NULL on + error. */ +gcry_err_code_t _gcry_generate_elg_prime (int mode, unsigned pbits, unsigned qbits, - gcry_mpi_t g, gcry_mpi_t **ret_factors) + gcry_mpi_t g, + gcry_mpi_t *r_prime, gcry_mpi_t **ret_factors) { - gcry_mpi_t prime = NULL; - - if (prime_generate_internal ((mode == 1), &prime, pbits, qbits, g, - ret_factors, GCRY_WEAK_RANDOM, 0, 0, - NULL, NULL)) - prime = NULL; /* (Should be NULL in the error case anyway.) */ - - return prime; + *r_prime = NULL; + if (ret_factors) + *ret_factors = NULL; + return prime_generate_internal ((mode == 1), r_prime, pbits, qbits, g, + ret_factors, GCRY_WEAK_RANDOM, 0, 0, + NULL, NULL); } diff --git a/src/g10lib.h b/src/g10lib.h index 43dc011..238871d 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -236,9 +236,12 @@ gcry_mpi_t _gcry_generate_public_prime (unsigned int nbits, gcry_random_level_t random_level, int (*extra_check)(void*, gcry_mpi_t), void *extra_check_arg); -gcry_mpi_t _gcry_generate_elg_prime (int mode, - unsigned int pbits, unsigned int qbits, - gcry_mpi_t g, gcry_mpi_t **factors); +gcry_err_code_t _gcry_generate_elg_prime (int mode, + unsigned int pbits, + unsigned int qbits, + gcry_mpi_t g, + gcry_mpi_t *r_prime, + gcry_mpi_t **factors); gcry_mpi_t _gcry_derive_x931_prime (const gcry_mpi_t xp, const gcry_mpi_t xp1, const gcry_mpi_t xp2, const gcry_mpi_t e, ----------------------------------------------------------------------- Summary of changes: cipher/dsa.c | 6 +++++- cipher/elgamal.c | 28 ++++++++++++++++++++++------ cipher/md.c | 2 +- cipher/primegen.c | 25 ++++++++++++++----------- src/g10lib.h | 9 ++++++--- 5 files changed, 48 insertions(+), 22 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 12:52:13 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 12:52:13 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-20-gf853993 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via f853993737e5f9865023264df6aa75f0c3cc42e6 (commit) via bd828db70ebbb36f2ca4febd04dc8cc00c31bfd3 (commit) from 4d8f020fce608d24ec2738a42fe889cddfea879b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f853993737e5f9865023264df6aa75f0c3cc42e6 Author: Werner Koch Date: Thu Aug 21 11:47:16 2014 +0200 cipher: Fix a segv in case of calling with wrong parameters. * cipher/md.c (_gcry_md_info): Fix arg testing. -- GnuPG-bug-id: 1697 diff --git a/cipher/md.c b/cipher/md.c index 94f5cb7..008ef5b 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1177,7 +1177,7 @@ _gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes) GcryDigestEntry *r; int algo; - if ( !buffer || (nbytes && (*nbytes != sizeof (int)))) + if ( !buffer || !nbytes || *nbytes != sizeof (int)) rc = GPG_ERR_INV_ARG; else { commit bd828db70ebbb36f2ca4febd04dc8cc00c31bfd3 Author: Werner Koch Date: Thu Aug 21 11:39:17 2014 +0200 cipher: Fix possible NULL deref in call to prime generator. * cipher/primegen.c (_gcry_generate_elg_prime): Change to return an error code. * cipher/dsa.c (generate): Take care of new return code. * cipher/elgamal.c (generate): Change to return an error code. Take care of _gcry_generate_elg_prime return code. (generate_using_x): Take care of _gcry_generate_elg_prime return code. (elg_generate): Propagate return code from generate. -- GnuPG-bug-id: 1699, 1700 Reported-by: S.K. Gupta Note that the NULL deref may have only happened on malloc failure. diff --git a/cipher/dsa.c b/cipher/dsa.c index 1707d8c..09cd969 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -196,6 +196,7 @@ static gpg_err_code_t generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, int transient_key, dsa_domain_t *domain, gcry_mpi_t **ret_factors ) { + gpg_err_code_t rc; gcry_mpi_t p; /* the prime */ gcry_mpi_t q; /* the 160 bit prime factor */ gcry_mpi_t g; /* the generator */ @@ -247,7 +248,10 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, else { /* Generate new domain parameters. */ - p = _gcry_generate_elg_prime (1, nbits, qbits, NULL, ret_factors); + rc = _gcry_generate_elg_prime (1, nbits, qbits, NULL, &p, ret_factors); + if (rc) + return rc; + /* Get q out of factors. */ q = mpi_copy ((*ret_factors)[0]); gcry_assert (mpi_get_nbits (q) == qbits); diff --git a/cipher/elgamal.c b/cipher/elgamal.c index a71a9bc..cb3ca43 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -61,7 +61,8 @@ static const char *elg_names[] = static int test_keys (ELG_secret_key *sk, unsigned int nbits, int nodie); static gcry_mpi_t gen_k (gcry_mpi_t p, int small_k); -static void generate (ELG_secret_key *sk, unsigned nbits, gcry_mpi_t **factors); +static gcry_err_code_t generate (ELG_secret_key *sk, unsigned nbits, + gcry_mpi_t **factors); static int check_secret_key (ELG_secret_key *sk); static void do_encrypt (gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey); @@ -268,9 +269,10 @@ gen_k( gcry_mpi_t p, int small_k ) * Returns: 2 structures filled with all needed values * and an array with n-1 factors of (p-1) */ -static void +static gcry_err_code_t generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* the prime */ gcry_mpi_t p_min1; gcry_mpi_t g; @@ -285,7 +287,13 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) if( qbits & 1 ) /* better have a even one */ qbits++; g = mpi_alloc(1); - p = _gcry_generate_elg_prime( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui(p_min1, p, 1); @@ -359,6 +367,8 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) /* Now we can test our keys (this should never fail!) */ test_keys ( sk, nbits - 64, 0 ); + + return 0; } @@ -373,6 +383,7 @@ static gcry_err_code_t generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* The prime. */ gcry_mpi_t p_min1; /* The prime minus 1. */ gcry_mpi_t g; /* The generator. */ @@ -395,7 +406,13 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, if ( (qbits & 1) ) /* Better have an even one. */ qbits++; g = mpi_alloc (1); - p = _gcry_generate_elg_prime ( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors ); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui (p_min1, p, 1); if (DBG_CIPHER) @@ -662,8 +679,7 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) } else { - generate (&sk, nbits, &factors); - rc = 0; + rc = generate (&sk, nbits, &factors); } if (rc) goto leave; diff --git a/cipher/primegen.c b/cipher/primegen.c index 645b0f8..dd1f2ea 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -740,19 +740,22 @@ prime_generate_internal (int need_q_factor, /* Generate a prime used for discrete logarithm algorithms; i.e. this - prime will be public and no strong random is required. */ -gcry_mpi_t + prime will be public and no strong random is required. On success + R_PRIME receives a new MPI with the prime. On error R_PRIME is set + to NULL and an error code is returned. If RET_FACTORS is not NULL + it is set to an allocated array of factors on success or to NULL on + error. */ +gcry_err_code_t _gcry_generate_elg_prime (int mode, unsigned pbits, unsigned qbits, - gcry_mpi_t g, gcry_mpi_t **ret_factors) + gcry_mpi_t g, + gcry_mpi_t *r_prime, gcry_mpi_t **ret_factors) { - gcry_mpi_t prime = NULL; - - if (prime_generate_internal ((mode == 1), &prime, pbits, qbits, g, - ret_factors, GCRY_WEAK_RANDOM, 0, 0, - NULL, NULL)) - prime = NULL; /* (Should be NULL in the error case anyway.) */ - - return prime; + *r_prime = NULL; + if (ret_factors) + *ret_factors = NULL; + return prime_generate_internal ((mode == 1), r_prime, pbits, qbits, g, + ret_factors, GCRY_WEAK_RANDOM, 0, 0, + NULL, NULL); } diff --git a/src/g10lib.h b/src/g10lib.h index 43dc011..238871d 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -236,9 +236,12 @@ gcry_mpi_t _gcry_generate_public_prime (unsigned int nbits, gcry_random_level_t random_level, int (*extra_check)(void*, gcry_mpi_t), void *extra_check_arg); -gcry_mpi_t _gcry_generate_elg_prime (int mode, - unsigned int pbits, unsigned int qbits, - gcry_mpi_t g, gcry_mpi_t **factors); +gcry_err_code_t _gcry_generate_elg_prime (int mode, + unsigned int pbits, + unsigned int qbits, + gcry_mpi_t g, + gcry_mpi_t *r_prime, + gcry_mpi_t **factors); gcry_mpi_t _gcry_derive_x931_prime (const gcry_mpi_t xp, const gcry_mpi_t xp1, const gcry_mpi_t xp2, const gcry_mpi_t e, ----------------------------------------------------------------------- Summary of changes: cipher/dsa.c | 6 +++++- cipher/elgamal.c | 28 ++++++++++++++++++++++------ cipher/md.c | 2 +- cipher/primegen.c | 25 ++++++++++++++----------- src/g10lib.h | 9 ++++++--- 5 files changed, 48 insertions(+), 22 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 14:13:40 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 14:13:40 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-21-g1047a7b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via 1047a7b41c9beb09daaba5bd196dbeec7699f2c9 (commit) from f853993737e5f9865023264df6aa75f0c3cc42e6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1047a7b41c9beb09daaba5bd196dbeec7699f2c9 Author: Werner Koch Date: Thu Aug 21 14:12:55 2014 +0200 sexp: Check args of gcry_sexp_build. * src/sexp.c (do_vsexp_sscan): Return error for invalid args. -- This helps to avoid usage errors by passing NULL for the return variable and the format string. diff --git a/src/sexp.c b/src/sexp.c index 0e4af52..9bc13ca 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -1119,6 +1119,13 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, int arg_counter = 0; int level = 0; + if (!retsexp) + return GPG_ERR_INV_ARG; + *retsexp = NULL; + + if (!buffer) + return GPG_ERR_INV_ARG; + if (!erroff) erroff = &dummy_erroff; @@ -1160,7 +1167,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, the provided one. However, we add space for one extra datalen so that the code which does the ST_CLOSE can use MAKE_SPACE */ c.allocated = length + sizeof(DATALEN); - if (buffer && length && _gcry_is_secure (buffer)) + if (length && _gcry_is_secure (buffer)) c.sexp = xtrymalloc_secure (sizeof *c.sexp + c.allocated - 1); else c.sexp = xtrymalloc (sizeof *c.sexp + c.allocated - 1); @@ -1682,8 +1689,6 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1); xfree (c.sexp); } - /* This might be expected by existing code... */ - *retsexp = NULL; } else *retsexp = normalize (c.sexp); ----------------------------------------------------------------------- Summary of changes: src/sexp.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 14:15:58 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 14:15:58 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-108-ge606d5f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e606d5f1bada1f2d21faeedd3fa2cf2dca7b274c (commit) from f850add813d783f31ca6a60459dea25ef71bce7e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e606d5f1bada1f2d21faeedd3fa2cf2dca7b274c Author: Werner Koch Date: Thu Aug 21 14:12:55 2014 +0200 sexp: Check args of gcry_sexp_build. * src/sexp.c (do_vsexp_sscan): Return error for invalid args. -- This helps to avoid usage errors by passing NULL for the return variable and the format string. diff --git a/src/sexp.c b/src/sexp.c index 0e4af52..9bc13ca 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -1119,6 +1119,13 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, int arg_counter = 0; int level = 0; + if (!retsexp) + return GPG_ERR_INV_ARG; + *retsexp = NULL; + + if (!buffer) + return GPG_ERR_INV_ARG; + if (!erroff) erroff = &dummy_erroff; @@ -1160,7 +1167,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, the provided one. However, we add space for one extra datalen so that the code which does the ST_CLOSE can use MAKE_SPACE */ c.allocated = length + sizeof(DATALEN); - if (buffer && length && _gcry_is_secure (buffer)) + if (length && _gcry_is_secure (buffer)) c.sexp = xtrymalloc_secure (sizeof *c.sexp + c.allocated - 1); else c.sexp = xtrymalloc (sizeof *c.sexp + c.allocated - 1); @@ -1682,8 +1689,6 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1); xfree (c.sexp); } - /* This might be expected by existing code... */ - *retsexp = NULL; } else *retsexp = normalize (c.sexp); ----------------------------------------------------------------------- Summary of changes: src/sexp.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 15:30:42 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 15:30:42 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-24-g8c88814 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via 8c88814ec6eca32d2224c02f1d47557ae54ebae1 (commit) via b3936b691abddb835d17f279a57171d7589b9c6b (commit) via 2106a89ae69b43d0c81fc8373e6e0244ed790cb6 (commit) from 1047a7b41c9beb09daaba5bd196dbeec7699f2c9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8c88814ec6eca32d2224c02f1d47557ae54ebae1 Author: Werner Koch Date: Thu Aug 21 15:30:53 2014 +0200 Post release updates. -- diff --git a/NEWS b/NEWS index e6027f4..b996067 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.6.3 (unreleased) [C20/A0/R3] +------------------------------------------------ + + Noteworthy changes in version 1.6.2 (2014-08-21) [C20/A0/R2] ------------------------------------------------ diff --git a/configure.ac b/configure.ac index b08c181..4220047 100644 --- a/configure.ac +++ b/configure.ac @@ -30,7 +30,7 @@ min_automake_version="1.10" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [6]) -m4_define(mym4_version_micro, [2]) +m4_define(mym4_version_micro, [3]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit b3936b691abddb835d17f279a57171d7589b9c6b Author: Werner Koch Date: Thu Aug 21 15:12:03 2014 +0200 Release 1.6.2 * configure.ac: Set LT version to C20/A0/R2. diff --git a/NEWS b/NEWS index ee4e842..e6027f4 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,23 @@ -Noteworthy changes in version 1.6.2 (unreleased) +Noteworthy changes in version 1.6.2 (2014-08-21) [C20/A0/R2] ------------------------------------------------ + * Map deprecated RSA algo number to the RSA algo number for better + backward compatibility. -Noteworthy changes in version 1.6.1 (2014-01-29) + * Support a 0x40 compression prefix for EdDSA. + + * Improve ARM hardware feature detection and building. + + * Fix powerpc-apple-darwin detection + + * Fix building for the x32 ABI platform. + + * Support building using the latest mingw-w64 toolchain. + + * Fix some possible NULL deref bugs. + + +Noteworthy changes in version 1.6.1 (2014-01-29) [C20/A0/R1] ------------------------------------------------ * Added emulation for broken Whirlpool code prior to 1.6.0. @@ -27,7 +42,7 @@ Noteworthy changes in version 1.6.1 (2014-01-29) GCRY_MD_FLAG_BUGEMU1 NEW (minor API change). -Noteworthy changes in version 1.6.0 (2013-12-16) +Noteworthy changes in version 1.6.0 (2013-12-16) [C20/A0/R0] ------------------------------------------------ * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is diff --git a/configure.ac b/configure.ac index a7ee35f..b08c181 100644 --- a/configure.ac +++ b/configure.ac @@ -56,7 +56,7 @@ AC_INIT([libgcrypt],[mym4_full_version],[http://bugs.gnupg.org]) # (No interfaces changed: REVISION++) LIBGCRYPT_LT_CURRENT=20 LIBGCRYPT_LT_AGE=0 -LIBGCRYPT_LT_REVISION=1 +LIBGCRYPT_LT_REVISION=2 # If the API is changed in an incompatible way: increment the next counter. commit 2106a89ae69b43d0c81fc8373e6e0244ed790cb6 Author: Werner Koch Date: Thu Aug 21 14:54:20 2014 +0200 build: Fix typo in help string * configure.ac: Fix. -- GnuPG-bug-id: 1631 diff --git a/configure.ac b/configure.ac index bf4fcce..a7ee35f 100644 --- a/configure.ac +++ b/configure.ac @@ -440,7 +440,7 @@ AC_MSG_RESULT([$enabled_digests]) # Implementation of the --enable-kdfs switch. AC_ARG_ENABLE(kdfs, - AC_HELP_STRING([--enable-kfds=kdfs], + AC_HELP_STRING([--enable-kdfs=kdfs], [select the KDFs to include]), [enabled_kdfs=`echo $enableval | tr ',:' ' ' | tr '[A-Z]' '[a-z]'`], [enabled_kdfs=""]) ----------------------------------------------------------------------- Summary of changes: NEWS | 25 ++++++++++++++++++++++--- configure.ac | 6 +++--- 2 files changed, 25 insertions(+), 6 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 15:34:04 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 15:34:04 +0200 Subject: [git] gnupg-doc - branch, master, updated. 959ca8a73c9719eb6d153b3a5486466c1b6467ee Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 959ca8a73c9719eb6d153b3a5486466c1b6467ee (commit) from 1d63effe8d30c76530cf7f6d3ba44ae76eab2371 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 959ca8a73c9719eb6d153b3a5486466c1b6467ee Author: Werner Koch Date: Thu Aug 21 15:34:16 2014 +0200 swdb: Update libgcrypt diff --git a/.gitignore b/.gitignore index c938f5a..7cd9006 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ stage/ /web/faq/gnupg-faq.pdf /web/faq/gnupg-faq.tex /web/faq/gnupg-faq.txt +/web/swdb.lst +/web/swdb.lst.sig diff --git a/web/swdb.mac b/web/swdb.mac index 0e78807..095ef2e 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -67,9 +67,9 @@ # # LIBGCRYPT # -#+macro: libgcrypt_ver 1.6.1 -#+macro: libgcrypt_size 2413k -#+macro: libgcrypt_sha1 f03d9b63ac3b17a6972fc11150d136925b702f02 +#+macro: libgcrypt_ver 1.6.2 +#+macro: libgcrypt_size 2418k +#+macro: libgcrypt_sha1 cdaf2bdd5f34b20f4f9d926536673c15b857d2e6 # ----------------------------------------------------------------------- Summary of changes: .gitignore | 2 ++ web/swdb.mac | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 21 18:18:07 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 21 Aug 2014 18:18:07 +0200 Subject: [git] gnupg-doc - branch, master, updated. 656273a5058d41c3f3419a3751f59a2e03507d9f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 656273a5058d41c3f3419a3751f59a2e03507d9f (commit) from 959ca8a73c9719eb6d153b3a5486466c1b6467ee (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 656273a5058d41c3f3419a3751f59a2e03507d9f Author: Werner Koch Date: Thu Aug 21 18:18:15 2014 +0200 web: Rename Miscellaneous to Archive Also move old stuff to there. diff --git a/web/misc/index.org b/web/misc/index.org index 9084c3e..fa5d7e5 100644 --- a/web/misc/index.org +++ b/web/misc/index.org @@ -2,12 +2,15 @@ #+STARTUP: showall #+SETUPFILE: "../share/setup.inc" -* Miscellaneous +* Archive - Any respectful site features a misc section. We are not an exception: + This is a list of pages we used in the past. The content is + not anymore relevant for the project but we keep them here in case + people like to dive into old times. + - [[file:thanks.org][Thanks]] - We have to thank many people for making GnuPG possible. - [[file:links.org][Links]] - Cryptography is a wide-spread science and other people have something to tell about. - [[file:logo-contest.org][Logo Contest]] - GnuPG needs a new Logo. - - [[http://www-old.gnupg.org][The old GnuPG website]] - in case something is missing at the new one. - - [[file:thanks.org][Thanks]] - We have to thank many people for making GnuPG possible. + - [[http://www-old.gnupg.org][The old GnuPG website]] - In case something is missing at the new one. + - [[file:~/s/gnupg-doc/web/legal.org][Law survey]] - Info on the legal issues of using cryptography. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index b5f3ae3..6d5b827 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -70,7 +70,6 @@
  • Features
  • News
  • Service
  • -
  • Legal
  • Donate
  • -
  • Miscellaneous
  • -
  • Blog
  • Privacy Policy
  • +
  • Archive
  • Sitemap
  • @@ -205,7 +199,7 @@ "werner at trithemius.gnupg.org:" "/var/www/www/www.gnupg.org/htdocs/ ;" " ssh werner at trithemius.gnupg.org" - " touch /var/www/www/www.gnupg.org/htdocs/donate/donors.dat")) + " touch /var/www/www/www.gnupg.org/htdocs/donate/donors.dat")))) (provide 'gpgweb) ----------------------------------------------------------------------- Summary of changes: web/misc/index.org | 11 +++++++---- web/share/gpgweb.el | 10 ++-------- 2 files changed, 9 insertions(+), 12 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 10:16:02 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 10:16:02 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0-beta783-13-ga731c22 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a731c22952278c12c601b73d7581fda3a15a4b5b (commit) from cb680c5ea540738692a5c74951802b0fdc658e85 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a731c22952278c12c601b73d7581fda3a15a4b5b Author: Werner Koch Date: Tue Aug 26 10:16:04 2014 +0200 gpg: Allow for positional parameters in the passphrase prompt. * g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf. -- Without that at least the French translation does not always work because it requires positional parameters. Windows for example does not support them as they are not defined by C99 but by POSIX. diff --git a/g10/passphrase.c b/g10/passphrase.c index 9d3f497..4d0fda6 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -265,38 +265,27 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat, if ( !algo_name ) algo_name = "?"; -#define KEYIDSTRING _(" (main key ID %s)") - - maink = xmalloc ( strlen (KEYIDSTRING) + keystrlen() + 20 ); - if( keyid[2] && keyid[3] && keyid[0] != keyid[2] + if (keyid[2] && keyid[3] + && keyid[0] != keyid[2] && keyid[1] != keyid[3] ) - sprintf( maink, KEYIDSTRING, keystr(&keyid[2]) ); + maink = xasprintf (_(" (main key ID %s)"), keystr (&keyid[2])); else - *maink = 0; + maink = xstrdup (""); uid = get_user_id ( keyid, &uidlen ); timestr = strtimestamp (pk->timestamp); -#undef KEYIDSTRING - -#define PROMPTSTRING _("Please enter the passphrase to unlock the" \ - " secret key for the OpenPGP certificate:\n" \ - "\"%.*s\"\n" \ - "%u-bit %s key, ID %s,\n" \ - "created %s%s.\n" ) - - atext = xmalloc ( 100 + strlen (PROMPTSTRING) - + uidlen + 15 + strlen(algo_name) + keystrlen() - + strlen (timestr) + strlen (maink) ); - sprintf (atext, PROMPTSTRING, - (int)uidlen, uid, - nbits_from_pk (pk), algo_name, keystr(&keyid[0]), timestr, - maink ); + atext = xasprintf (_("Please enter the passphrase to unlock the" + " secret key for the OpenPGP certificate:\n" + "\"%.*s\"\n" + "%u-bit %s key, ID %s,\n" + "created %s%s.\n"), + (int)uidlen, uid, + nbits_from_pk (pk), algo_name, keystr(&keyid[0]), + timestr, maink); xfree (uid); xfree (maink); -#undef PROMPTSTRING - { size_t dummy; fingerprint_from_pk( pk, fpr, &dummy ); ----------------------------------------------------------------------- Summary of changes: g10/passphrase.c | 35 ++++++++++++----------------------- 1 file changed, 12 insertions(+), 23 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 10:20:25 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 10:20:25 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.26-2-gc45b981 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via c45b9819e8f4b35681c91ffb67abdc38dcc32a2a (commit) from ee30bb945f316f2e3bba64fc1f006d7ce19cd1b7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c45b9819e8f4b35681c91ffb67abdc38dcc32a2a Author: Werner Koch Date: Tue Aug 26 10:16:04 2014 +0200 gpg: Allow for positional parameters in the passphrase prompt. * g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf. -- Without that at least the French translation does not always work because it requires positional parameters. Windows for example does not support them as they are not defined by C99 but by POSIX. diff --git a/g10/passphrase.c b/g10/passphrase.c index 9752718..54caf72 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -341,38 +341,27 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat, if ( !algo_name ) algo_name = "?"; -#define KEYIDSTRING _(" (main key ID %s)") - - maink = xmalloc ( strlen (KEYIDSTRING) + keystrlen() + 20 ); - if( keyid[2] && keyid[3] && keyid[0] != keyid[2] + if (keyid[2] && keyid[3] + && keyid[0] != keyid[2] && keyid[1] != keyid[3] ) - sprintf( maink, KEYIDSTRING, keystr(&keyid[2]) ); + maink = xasprintf (_(" (main key ID %s)"), keystr (&keyid[2])); else - *maink = 0; + maink = xstrdup (""); uid = get_user_id ( keyid, &uidlen ); timestr = strtimestamp (pk->timestamp); -#undef KEYIDSTRING - -#define PROMPTSTRING _("Please enter the passphrase to unlock the" \ - " secret key for the OpenPGP certificate:\n" \ - "\"%.*s\"\n" \ - "%u-bit %s key, ID %s,\n" \ - "created %s%s.\n" ) - - atext = xmalloc ( 100 + strlen (PROMPTSTRING) - + uidlen + 15 + strlen(algo_name) + keystrlen() - + strlen (timestr) + strlen (maink) ); - sprintf (atext, PROMPTSTRING, - (int)uidlen, uid, - nbits_from_pk (pk), algo_name, keystr(&keyid[0]), timestr, - maink ); + atext = xasprintf (_("Please enter the passphrase to unlock the" + " secret key for the OpenPGP certificate:\n" + "\"%.*s\"\n" + "%u-bit %s key, ID %s,\n" + "created %s%s.\n"), + (int)uidlen, uid, + nbits_from_pk (pk), algo_name, keystr(&keyid[0]), + timestr, maink); xfree (uid); xfree (maink); -#undef PROMPTSTRING - { size_t dummy; fingerprint_from_pk( pk, fpr, &dummy ); ----------------------------------------------------------------------- Summary of changes: g10/passphrase.c | 35 ++++++++++++----------------------- 1 file changed, 12 insertions(+), 23 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 12:41:58 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 12:41:58 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-22-g320f1b8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 320f1b864553f105217ad6b0c70598f9a48c6aaa (commit) from fc651665010056e6184e8514e5c5436427d7052d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 320f1b864553f105217ad6b0c70598f9a48c6aaa Author: Werner Koch Date: Tue Aug 26 12:41:54 2014 +0200 Include required headers into gpg-error.h. * src/gpg-error.h.in: Include stdarg.h. diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index 993e83b..a0bbf17 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -25,6 +25,7 @@ #include #include +#include #ifdef __GNUC__ #define GPG_ERR_INLINE __inline__ ----------------------------------------------------------------------- Summary of changes: src/gpg-error.h.in | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 16:14:01 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 16:14:01 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.26-3-gd91db67 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via d91db67e5180fcbda2f3fb7667ffd1b99cac51c6 (commit) from c45b9819e8f4b35681c91ffb67abdc38dcc32a2a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d91db67e5180fcbda2f3fb7667ffd1b99cac51c6 Author: Werner Koch Date: Tue Aug 26 16:13:21 2014 +0200 build: Print an error message if zlib is not installed. * configure.ac (missing_zlib): New. diff --git a/configure.ac b/configure.ac index c5f9bb6..5da6ea5 100644 --- a/configure.ac +++ b/configure.ac @@ -1208,6 +1208,7 @@ AM_CONDITIONAL(DISABLE_REGEX, test x"$use_regex" != xyes) # when compiling a conftest (due to the "-lz" from LIBS). # Note that we combine zlib and bzlib2 in ZLIBS. # +missing_zlib=yes _cppflags="${CPPFLAGS}" _ldflags="${LDFLAGS}" AC_ARG_WITH(zlib, @@ -1220,7 +1221,10 @@ AC_ARG_WITH(zlib, AC_CHECK_HEADER(zlib.h, AC_CHECK_LIB(z, deflateInit2_, - ZLIBS="-lz", + [ + ZLIBS="-lz" + missing_zlib=no + ], CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}), CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}) @@ -1529,6 +1533,16 @@ if test "$missing_pth" = "yes"; then ***]]) die=yes fi +if test "$missing_zlib" = "yes"; then + AC_MSG_NOTICE([[ +*** +*** The zlib compression library is required. +*** Please install a suitable development package +*** (e.g. Debian package zlib1g-dev) or download +*** it from http://zlib.net and build yourself. +***]]) + die=yes +fi if test "$missing_iconv" = "yes"; then AC_MSG_NOTICE([[ *** ----------------------------------------------------------------------- Summary of changes: configure.ac | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 18:11:17 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 18:11:17 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.13-24-g7fdca61 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 7fdca61bcf60e730177889fbbd2f935ba33ae0c3 (commit) via d9d5b61a9f70556e8fc0775f1501380f65ce9502 (commit) from 320f1b864553f105217ad6b0c70598f9a48c6aaa (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7fdca61bcf60e730177889fbbd2f935ba33ae0c3 Author: Werner Koch Date: Tue Aug 26 17:56:44 2014 +0200 Add gpgrt_set_alloc_func. * src/visibility.c (gpgrt_set_alloc_func): New. * configure.ac (_ESTREAM_PRINTF_REALLOC): Define. (_ESTREAM_PRINTF_EXTRA_INCLUDE): Define. * src/estream.c (mem_alloc, mem_realloc, mem_free): Simplify. (_gpgrt_free): Remove. * src/init.c (custom_realloc): New var. (_gpgrt_set_alloc_func): New. (_gpgrt_realloc, _gpgrt_malloc, _gpgrt_free): New. * src/visibility.h (gpg_err_deinit): Mark as visible. diff --git a/NEWS b/NEWS index 35532e5..6099d5b 100644 --- a/NEWS +++ b/NEWS @@ -13,6 +13,7 @@ Noteworthy changes in version 1.14 (unreleased) gpgrt_check_version NEW. gpgrt_lock_trylock NEW. gpgrt_set_syscall_clamp NEW. + gpgrt_set_alloc_func NEW. gpgrt_stream_t NEW. gpgrt_cookie_io_functions_t NEW. gpgrt_syshd_t NEW. diff --git a/configure.ac b/configure.ac index cf0d37c..b155437 100644 --- a/configure.ac +++ b/configure.ac @@ -136,6 +136,11 @@ AH_BOTTOM([ #if defined(HAVE_W32_SYSTEM) && !defined(ENABLE_NLS) #define ENABLE_NLS 1 #endif + +/* Connect the generic estream-printf.c to our framework. */ +#define _ESTREAM_PRINTF_REALLOC _gpgrt_realloc +#define _ESTREAM_PRINTF_EXTRA_INCLUDE "gpgrt-int.h" + /* For building we need to define these macro. */ #define GPG_ERR_ENABLE_GETTEXT_MACROS 1 #define GPG_ERR_ENABLE_ERRNO_MACROS 1 diff --git a/src/estream-printf.c b/src/estream-printf.c index b1eb828..39a813f 100644 --- a/src/estream-printf.c +++ b/src/estream-printf.c @@ -446,7 +446,7 @@ compute_type (argspec_t arg) at the address ARGSPECS_ADDR. The caller has provided enough space to store up to MAX_ARGSPECS in that buffer. The function may however ignore the provided buffer and malloc a larger one. On - success the addrrss of that larger buffer will be stored at + success the address of that larger buffer will be stored at ARGSPECS_ADDR. The actual number of specifications will be returned at R_ARGSPECS_COUNT. */ static int diff --git a/src/estream.c b/src/estream.c index cf3067b..7a5646e 100644 --- a/src/estream.c +++ b/src/estream.c @@ -242,28 +242,23 @@ static void fname_set_internal (estream_t stream, const char *fname, int quote); -/* Malloc wrappers to overcome problems on some older OSes. */ static void * mem_alloc (size_t n) { - if (!n) - n++; - return malloc (n); + return _gpgrt_malloc (n); } static void * mem_realloc (void *p, size_t n) { - if (!p) - return mem_alloc (n); - return realloc (p, n); + return _gpgrt_realloc (p, n); } static void mem_free (void *p) { if (p) - free (p); + _gpgrt_free (p); } #ifdef HAVE_W32_SYSTEM @@ -518,7 +513,7 @@ _gpgrt_es_init (void) should be used before any I/O happens. The function is commonly used with the nPth library: - gpgrt_set_syscall_clamp (npth_protect, npth_unprotect); + gpgrt_set_syscall_clamp (npth_unprotect, npth_protect); These functions may not modify ERRNO. */ @@ -3210,7 +3205,7 @@ _gpgrt_fclose (estream_t stream) the buffer. On error NULL is stored at R_BUFFER. Note that if no write operation has happened, NULL may also be stored at BUFFER on success. The caller needs to release the returned memory using - es_free. */ + gpgrt_free. */ int _gpgrt_fclose_snatch (estream_t stream, void **r_buffer, size_t *r_buflen) { @@ -3835,7 +3830,7 @@ _gpgrt_getline (char *_GPGRT__RESTRICT *_GPGRT__RESTRICT lineptr, Note: The returned buffer is allocated with enough extra space to allow the caller to append a CR,LF,Nul. The buffer should be - released using es_free. + released using gpgrt_free. */ ssize_t _gpgrt_read_line (estream_t stream, @@ -3922,14 +3917,16 @@ _gpgrt_read_line (estream_t stream, return nbytes; } -/* Wrapper around free() to match the memory allocation system used - by estream. Should be used for all buffers returned to the caller - by libestream. */ -void -_gpgrt_free (void *a) -{ - mem_free (a); -} +/* Wrapper around free() to match the memory allocation system used by + estream. Should be used for all buffers returned to the caller by + libestream. If a custom allocation handler has been set with + gpgrt_set_alloc_func that register function may be used + instead. This function has been moved to init.c. */ +/* void */ +/* _gpgrt_free (void *a) */ +/* { */ +/* mem_free (a); */ +/* } */ int diff --git a/src/gpg-error.def.in b/src/gpg-error.def.in index b318d61..ac20a69 100644 --- a/src/gpg-error.def.in +++ b/src/gpg-error.def.in @@ -135,6 +135,6 @@ EXPORTS gpgrt_check_version @100 gpg_err_init @101 gpg_err_deinit @102 - + gpgrt_set_alloc_func @103 ;; end of file with public symbols for Windows. diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index 8c008ac..4b1c0a0 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -181,13 +181,17 @@ gpg_error_t gpg_err_init (void) _GPG_ERR_CONSTRUCTOR; # define gpgrt_init() do { ; } while (0) #endif -/* Register blocking system I/O clamping functions. */ -void gpgrt_set_syscall_clamp (void (*pre)(void), void (*post)(void)); - /* See the source on how to use the deinit function; it is usually not required. */ void gpg_err_deinit (int mode); +/* Register blocking system I/O clamping functions. */ +void gpgrt_set_syscall_clamp (void (*pre)(void), void (*post)(void)); + +/* Register a custom malloc/realloc/free function. */ +void gpgrt_set_alloc_func (void *(*f)(void *a, size_t n)); + + /* Constructor and accessor functions. */ diff --git a/src/gpg-error.vers b/src/gpg-error.vers index 0847cfe..43becea 100644 --- a/src/gpg-error.vers +++ b/src/gpg-error.vers @@ -118,6 +118,7 @@ GPG_ERROR_1.0 { gpgrt_check_version; gpg_err_init; gpg_err_deinit; + gpgrt_set_alloc_func; local: *; diff --git a/src/gpgrt-int.h b/src/gpgrt-int.h index a029ac0..df7c606 100644 --- a/src/gpgrt-int.h +++ b/src/gpgrt-int.h @@ -34,6 +34,12 @@ void _gpg_err_set_errno (int err); gpg_error_t _gpg_err_init (void); void _gpg_err_deinit (int mode); +void _gpgrt_set_alloc_func (void *(*f)(void *a, size_t n)); + +void *_gpgrt_realloc (void *a, size_t n); +void *_gpgrt_malloc (size_t n); +void _gpgrt_free (void *a); + const char *_gpg_error_check_version (const char *req_version); gpg_err_code_t _gpgrt_lock_init (gpgrt_lock_t *lockhd); @@ -162,7 +168,6 @@ ssize_t _gpgrt_getline (char *_GPGRT__RESTRICT *_GPGRT__RESTRICT lineptr, ssize_t _gpgrt_read_line (gpgrt_stream_t stream, char **addr_of_buffer, size_t *length_of_buffer, size_t *max_length); -void _gpgrt_free (void *a); int _gpgrt_fprintf (gpgrt_stream_t _GPGRT__RESTRICT stream, const char *_GPGRT__RESTRICT format, ...) diff --git a/src/init.c b/src/init.c index 16cdfed..6305fe3 100644 --- a/src/init.c +++ b/src/init.c @@ -60,6 +60,11 @@ static void drop_locale_dir (char *locale_dir); #endif /*!HAVE_W32_SYSTEM*/ + +/* The realloc function as set by gpgrt_set_alloc_func. */ +static void *(*custom_realloc)(void *a, size_t n); + + static void real_init (void) @@ -146,6 +151,58 @@ _gpg_err_deinit (int mode) } + + +/* Register F as allocation function. This function is used for all + APIs which return an allocated buffer. F needs to have standard + realloc semantics. It should be called as early as possible and + not changed later. */ +void +_gpgrt_set_alloc_func (void *(*f)(void *a, size_t n)) +{ + custom_realloc = f; +} + + +/* The realloc to be used for data returned by the public API. */ +void * +_gpgrt_realloc (void *a, size_t n) +{ + if (custom_realloc) + return custom_realloc (a, n); + + if (!a) + return malloc (n); + + if (!n) + { + free (a); + return NULL; + } + + return realloc (a, n); +} + + +/* The malloc to be used for data returned by the public API. */ +void * +_gpgrt_malloc (size_t n) +{ + if (!n) + n++; + return _gpgrt_realloc (NULL, n); +} + + +/* The free to be used for data returned by the public API. */ +void +_gpgrt_free (void *a) +{ + _gpgrt_realloc (a, 0); +} + + + #ifdef HAVE_W32_SYSTEM diff --git a/src/visibility.c b/src/visibility.c index 829c720..f1bbca6 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -96,6 +96,12 @@ gpgrt_set_syscall_clamp (void (*pre)(void), void (*post)(void)) _gpgrt_set_syscall_clamp (pre, post); } +void +gpgrt_set_alloc_func (void *(*f)(void *a, size_t n)) +{ + _gpgrt_set_alloc_func (f); +} + gpg_err_code_t gpgrt_lock_init (gpgrt_lock_t *lockhd) diff --git a/src/visibility.h b/src/visibility.h index d0ef0bf..feeb8d1 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -52,6 +52,7 @@ MARK_VISIBLE (gpg_err_code_from_syserror) MARK_VISIBLE (gpg_err_set_errno) MARK_VISIBLE (gpg_err_init) +MARK_VISIBLE (gpg_err_deinit) MARK_VISIBLE (gpg_error_check_version) MARK_VISIBLE (gpgrt_check_version) @@ -136,6 +137,7 @@ MARK_VISIBLE (gpgrt_vbsprintf) MARK_VISIBLE (gpgrt_snprintf) MARK_VISIBLE (gpgrt_vsnprintf) MARK_VISIBLE (gpgrt_set_syscall_clamp) +MARK_VISIBLE (gpgrt_set_alloc_func) #undef MARK_VISIBLE @@ -153,9 +155,9 @@ MARK_VISIBLE (gpgrt_set_syscall_clamp) #define gpg_err_set_errno _gpgrt_USE_UNDERSCORED_FUNCTION #define gpg_err_init _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpg_err_deinit _gpgrt_USE_UNDERSCORED_FUNCTION #define gpg_error_check_version _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_check_version _gpgrt_USE_OTHER_FUNCTION -#define gpgrt_set_syscall_clamp _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_lock_init _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_lock_lock _gpgrt_USE_UNDERSCORED_FUNCTION @@ -238,6 +240,10 @@ MARK_VISIBLE (gpgrt_set_syscall_clamp) #define gpgrt_snprintf _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_vsnprintf _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_set_syscall_clamp _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_set_alloc_func _gpgrt_USE_UNDERSCORED_FUNCTION + + #endif /*!_GPGRT_INCL_BY_VISIBILITY_C*/ #endif /*_GPGRT_VISIBILITY_H*/ commit d9d5b61a9f70556e8fc0775f1501380f65ce9502 Author: Werner Koch Date: Tue Aug 26 13:30:55 2014 +0200 Export missing init functions. * src/gpg-error.h.in (gpgrt_init): New macro. (gpgrt_check_version): New prototype. * src/init.c (_gpg_err_init): Rename from gpg_err_init. (_gpg_err_deinit): Rename from gpg_err_deinit. * src/visibility.c (gpg_err_init): New. (gpg_err_deinit): New. (gpgrt_check_version): New. * src/gpg-error.vers (gpg_err_init, gpg_err_deinit): Add missing symbols. (gpgrt_check_version): New. * src/gpg-error.def.in (gpg_err_init, gpg_err_deinit): Add missing symbols. (gpgrt_check_version): New. * src/gpg-error.c (main): Use gpgrt_init macro. diff --git a/NEWS b/NEWS index a6043a2..35532e5 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,8 @@ Noteworthy changes in version 1.14 (unreleased) * Interface changes relative to the 1.13 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPG_ERR_KEY_DISABLED NEW. + gpgrt_init NEW macro. + gpgrt_check_version NEW. gpgrt_lock_trylock NEW. gpgrt_set_syscall_clamp NEW. gpgrt_stream_t NEW. diff --git a/src/gpg-error.c b/src/gpg-error.c index fa868ae..3de8478 100644 --- a/src/gpg-error.c +++ b/src/gpg-error.c @@ -7,12 +7,12 @@ modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + libgpg-error is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with libgpg-error; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA @@ -30,7 +30,7 @@ #include #ifdef HAVE_LOCALE_H -# include +# include #endif #ifdef ENABLE_NLS #ifdef HAVE_W32_SYSTEM @@ -66,7 +66,7 @@ i18n_init (void) { #ifdef ENABLE_NLS char *locale_dir; - + #ifdef HAVE_LC_MESSAGES setlocale (LC_TIME, ""); setlocale (LC_MESSAGES, ""); @@ -75,7 +75,7 @@ i18n_init (void) setlocale (LC_ALL, "" ); # endif #endif - + /* Note that for this program we would only need the textdomain call because libgpg-error already initializes itself to its locale dir (via gpg_err_init or a constructor). However this is only done @@ -115,7 +115,7 @@ get_locale_dir (void) nbytes = WideCharToMultiByte (CP_UTF8, 0, moddir, -1, NULL, 0, NULL, NULL); if (nbytes < 0) return NULL; - + result = malloc (nbytes + strlen (SLDIR) + 1); if (result) { @@ -149,8 +149,8 @@ get_locale_dir (void) strcpy (result, "c:\\gnupg"); strcat (result, SLDIR); } - } -#undef SLDIR + } +#undef SLDIR return result; } @@ -314,7 +314,7 @@ get_err_from_str_one (char *str, gpg_error_t *err, { if (*have_code) return 0; - + *have_code = 1; *err |= code; return 1; @@ -380,16 +380,12 @@ main (int argc, char *argv[]) const char *error_sym; gpg_error_t err; -#ifndef GPG_ERR_INITIALIZED - gpg_err_init (); -#endif - + gpgrt_init (); i18n_init (); - if (argc == 1) { - fprintf (stderr, _("Usage: %s GPG-ERROR [...]\n"), + fprintf (stderr, _("Usage: %s GPG-ERROR [...]\n"), strrchr (argv[0],'/')? (strrchr (argv[0], '/')+1): argv[0]); exit (1); } @@ -438,7 +434,7 @@ main (int argc, char *argv[]) { source_sym = gpg_strsource_sym (err); error_sym = gpg_strerror_sym (err); - + printf ("%u = (%u, %u) = (%s, %s) = (%s, %s)\n", err, gpg_err_source (err), gpg_err_code (err), source_sym ? source_sym : "-", error_sym ? error_sym : "-", diff --git a/src/gpg-error.def.in b/src/gpg-error.def.in index 2b50962..b318d61 100644 --- a/src/gpg-error.def.in +++ b/src/gpg-error.def.in @@ -30,7 +30,7 @@ EXPORTS gpg_strsource @3 gpg_err_code_from_errno @4 gpg_err_code_to_errno @5 - /* Not anymore used. */ + /* @6 - Not anymore used. */ gpg_err_code_from_syserror @7 gpg_err_set_errno @8 #ifdef HAVE_W32CE_SYSTEM @@ -46,7 +46,7 @@ EXPORTS _gpg_w32_gettext_localename @16 _gpg_w32_gettext_use_utf8 @17 #endif - /* Not anymore used. */ + /* @18 - Not anymore used. */ gpg_error_check_version @19 gpgrt_lock_init @20 @@ -132,5 +132,9 @@ EXPORTS gpgrt_snprintf @98 gpgrt_vsnprintf @99 + gpgrt_check_version @100 + gpg_err_init @101 + gpg_err_deinit @102 + ;; end of file with public symbols for Windows. diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index a0bbf17..8c008ac 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -175,7 +175,10 @@ gpg_error_t gpg_err_init (void) _GPG_ERR_CONSTRUCTOR; constructor and does not need to be initialized explicitely. */ #undef GPG_ERR_INITIALIZED #ifdef _GPG_ERR_HAVE_CONSTRUCTOR -#define GPG_ERR_INITIALIZED 1 +# define GPG_ERR_INITIALIZED 1 +# define gpgrt_init() do { gpg_err_init (); } while (0) +#else +# define gpgrt_init() do { ; } while (0) #endif /* Register blocking system I/O clamping functions. */ @@ -272,7 +275,8 @@ gpg_err_code_t gpg_err_code_from_syserror (void); ERRNO due to peculiarities on WindowsCE. */ void gpg_err_set_errno (int err); -/* Return or check the version. */ +/* Return or check the version. Both functions are identical. */ +const char *gpgrt_check_version (const char *req_version); const char *gpg_error_check_version (const char *req_version); /* The version string of this header. */ diff --git a/src/gpg-error.vers b/src/gpg-error.vers index d07372e..0847cfe 100644 --- a/src/gpg-error.vers +++ b/src/gpg-error.vers @@ -115,6 +115,10 @@ GPG_ERROR_1.0 { gpgrt_snprintf; gpgrt_vsnprintf; + gpgrt_check_version; + gpg_err_init; + gpg_err_deinit; + local: *; }; diff --git a/src/gpgrt-int.h b/src/gpgrt-int.h index 025d781..a029ac0 100644 --- a/src/gpgrt-int.h +++ b/src/gpgrt-int.h @@ -32,6 +32,8 @@ int _gpg_err_code_to_errno (gpg_err_code_t code); gpg_err_code_t _gpg_err_code_from_syserror (void); void _gpg_err_set_errno (int err); +gpg_error_t _gpg_err_init (void); +void _gpg_err_deinit (int mode); const char *_gpg_error_check_version (const char *req_version); gpg_err_code_t _gpgrt_lock_init (gpgrt_lock_t *lockhd); diff --git a/src/init.c b/src/init.c index c10285c..16cdfed 100644 --- a/src/init.c +++ b/src/init.c @@ -80,7 +80,7 @@ real_init (void) /* Initialize the library. This function should be run early. */ gpg_error_t -gpg_err_init (void) +_gpg_err_init (void) { #ifdef HAVE_W32_SYSTEM # ifdef DLL_EXPORT @@ -123,7 +123,7 @@ gpg_err_init (void) this function may be called from the DllMain function of a DLL which statically links to libgpg-error. */ void -gpg_err_deinit (int mode) +_gpg_err_deinit (int mode) { #if defined (HAVE_W32_SYSTEM) && !defined(DLL_EXPORT) struct tls_space_s *tls; diff --git a/src/visibility.c b/src/visibility.c index 67c5bfd..829c720 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -66,12 +66,29 @@ gpg_err_set_errno (int err) } +gpg_error_t +gpg_err_init (void) +{ + return _gpg_err_init (); +} + +void +gpg_err_deinit (int mode) +{ + _gpg_err_deinit (mode); +} + const char * gpg_error_check_version (const char *req_version) { return _gpg_error_check_version (req_version); } +const char * +gpgrt_check_version (const char *req_version) +{ + return _gpg_error_check_version (req_version); +} void gpgrt_set_syscall_clamp (void (*pre)(void), void (*post)(void)) diff --git a/src/visibility.h b/src/visibility.h index 64a01a0..d0ef0bf 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -51,7 +51,9 @@ MARK_VISIBLE (gpg_err_code_to_errno) MARK_VISIBLE (gpg_err_code_from_syserror) MARK_VISIBLE (gpg_err_set_errno) +MARK_VISIBLE (gpg_err_init) MARK_VISIBLE (gpg_error_check_version) +MARK_VISIBLE (gpgrt_check_version) MARK_VISIBLE (gpgrt_lock_init) MARK_VISIBLE (gpgrt_lock_lock) @@ -150,7 +152,9 @@ MARK_VISIBLE (gpgrt_set_syscall_clamp) #define gpg_err_code_from_syserror _gpgrt_USE_UNDERSCORED_FUNCTION #define gpg_err_set_errno _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpg_err_init _gpgrt_USE_UNDERSCORED_FUNCTION #define gpg_error_check_version _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_check_version _gpgrt_USE_OTHER_FUNCTION #define gpgrt_set_syscall_clamp _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_lock_init _gpgrt_USE_UNDERSCORED_FUNCTION ----------------------------------------------------------------------- Summary of changes: NEWS | 3 +++ configure.ac | 5 +++++ src/estream-printf.c | 2 +- src/estream.c | 35 +++++++++++++---------------- src/gpg-error.c | 28 ++++++++++------------- src/gpg-error.def.in | 8 +++++-- src/gpg-error.h.in | 18 ++++++++++----- src/gpg-error.vers | 5 +++++ src/gpgrt-int.h | 9 +++++++- src/init.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++-- src/visibility.c | 23 +++++++++++++++++++ src/visibility.h | 12 +++++++++- 12 files changed, 162 insertions(+), 47 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Aug 26 23:24:00 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 26 Aug 2014 23:24:00 +0200 Subject: [git] GnuPG - branch, wk/test-gpgrt-estream, updated. gnupg-2.1.0-beta783-15-g15cfd9a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, wk/test-gpgrt-estream has been updated via 15cfd9a3bcdd561091a28c8f989c616b87348463 (commit) from 519305feb888b529c005b40445d041a088a2f8fc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 15cfd9a3bcdd561091a28c8f989c616b87348463 Author: Werner Koch Date: Tue Aug 26 23:20:07 2014 +0200 gpg: Remove CAST5 from the default prefs and order SHA-1 last. * g10/keygen.c (keygen_set_std_prefs): Update prefs. diff --git a/g10/keygen.c b/g10/keygen.c index 1bf5348..c2c31d5 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -338,23 +338,14 @@ keygen_set_std_prefs (const char *string,int personal) strcat(dummy_string,"S8 "); if ( !openpgp_cipher_test_algo (CIPHER_ALGO_AES) ) strcat(dummy_string,"S7 "); - if ( !openpgp_cipher_test_algo (CIPHER_ALGO_CAST5) ) - strcat(dummy_string,"S3 "); strcat(dummy_string,"S2 "); /* 3DES */ /* The default hash algo order is: - SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. - Ordering SHA-1 before SHA-384 might be viewed as a bit - strange; it is done because we expect that soon enough - SHA-3 will be available and at that point there should - be no more need for SHA-384 etc. Anyway this order is - just a default and can easily be changed by a config - option. */ + SHA-256, SHA-384, SHA-512, SHA-224, SHA-1. + */ if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256)) strcat (dummy_string, "H8 "); - strcat (dummy_string, "H2 "); /* SHA-1 */ - if (!openpgp_md_test_algo (DIGEST_ALGO_SHA384)) strcat (dummy_string, "H9 "); @@ -364,6 +355,8 @@ keygen_set_std_prefs (const char *string,int personal) if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224)) strcat (dummy_string, "H11 "); + strcat (dummy_string, "H2 "); /* SHA-1 */ + if(!check_compress_algo(COMPRESS_ALGO_ZLIB)) { strcat(dummy_string,"Z2 "); ----------------------------------------------------------------------- Summary of changes: g10/keygen.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 28 14:05:51 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 28 Aug 2014 14:05:51 +0200 Subject: [git] gnupg-doc - branch, master, updated. 96e9b9a86bff1d0c55fae6b65f2c68b667a03628 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 96e9b9a86bff1d0c55fae6b65f2c68b667a03628 (commit) via 7069098bc2e5d7317e5736b761b7e7c87dddc824 (commit) from a36e78cbb12cd8c4c2403864e025bc638b5454df (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 96e9b9a86bff1d0c55fae6b65f2c68b667a03628 Author: Werner Koch Date: Thu Aug 28 14:06:09 2014 +0200 web: Minor CSS changes. - Removed use of italic if already a smaller font is used. - Made submenus larger now that there is only one shown. diff --git a/web/share/site.css b/web/share/site.css index 6f0e373..e7b0ea5 100644 --- a/web/share/site.css +++ b/web/share/site.css @@ -183,12 +183,12 @@ div.entry-qotd nav ul { list-style: none; font-size: 100%; - font-family: verdana,arial,helvetica; + font-family: verdana,helvetica; margin-bottom: 1em; } nav ul ul { - font-size: 70%; + font-size: 80%; } nav * li a { @@ -261,13 +261,11 @@ div.outline-text-3 { } #cpyright { - font-style: italic; font-size: 0.6em; padding-top: 4em; } #smallnote { - font-style: italic; font-size: 0.8em; } @@ -279,7 +277,6 @@ div.outline-text-3 { } #footer p { - font-style: italic; font-size: 0.3em; padding: 2em 0; } commit 7069098bc2e5d7317e5736b761b7e7c87dddc824 Author: Werner Koch Date: Thu Aug 28 11:59:42 2014 +0200 web: Open only the active submenu. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index e91a198..19d5a55 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -118,24 +118,43 @@ Or set a new date only if the file really changed. " ())) "The definition of the gnupg.org menu structure.") +(defun gpgweb--any-selected-menu-p (menu selected-file) + "Return t if any item in MENU has been selected." + (let ((item (car menu)) + res) + (when menu + (when item + (when (string= (car item) selected-file) + (setq res t)) + (when (caddr item) + (when (gpgweb--any-selected-menu-p (caddr item) selected-file) + (setq res t)))) + (when (gpgweb--any-selected-menu-p (cdr menu) selected-file) + (setq res t))) + res)) -(defun gpgweb--insert-menuitem (item lvl selected-file) - (when item - (dotimes (i lvl) (insert " ")) - (insert "
  • " (cadr item) "
  • \n") - (when (caddr item) - (dotimes (i (1+ lvl)) (insert " ")) - (insert "
      \n") - (gpgweb--insert-menu (caddr item) (1+ lvl) selected-file) - (dotimes (i (1+ lvl)) (insert " ")) - (insert "
    \n")))) (defun gpgweb--insert-menu (menu lvl selected-file) + "Helper function to insert the menu." (when menu - (gpgweb--insert-menuitem (car menu) lvl selected-file) + (let ((item (car menu)) + sel) + (when item + (dotimes (i lvl) (insert " ")) + (insert "
  • " (cadr item) "
  • \n") + (when (and (caddr item) + (or + sel + (gpgweb--any-selected-menu-p (caddr item) selected-file))) + (dotimes (i (1+ lvl)) (insert " ")) + (insert "
      \n") + (gpgweb--insert-menu (caddr item) (1+ lvl) selected-file) + (dotimes (i (1+ lvl)) (insert " ")) + (insert "
    \n")))) (gpgweb--insert-menu (cdr menu) lvl selected-file))) (defun gpgweb-insert-menu (selected-file) ----------------------------------------------------------------------- Summary of changes: web/share/gpgweb.el | 47 +++++++++++++++++++++++++++++++++-------------- web/share/site.css | 7 ++----- 2 files changed, 35 insertions(+), 19 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Aug 28 16:03:33 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 28 Aug 2014 16:03:33 +0200 Subject: [git] GnuPG - branch, wk/test-gpgrt-estream, updated. gnupg-2.1.0-beta783-16-gbe98b59 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, wk/test-gpgrt-estream has been updated via be98b5960ebd48929c399b0b91c95bfc0cb9749b (commit) from 15cfd9a3bcdd561091a28c8f989c616b87348463 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit be98b5960ebd48929c399b0b91c95bfc0cb9749b Author: Werner Koch Date: Thu Aug 28 16:01:22 2014 +0200 gpg: Do not show "MD5" and triplicated "RSA" in --version. * g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases (build_list_md_test_algo): Ignore MD5. diff --git a/g10/gpg.c b/g10/gpg.c index ce1a87f..8d69da0 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -842,6 +842,12 @@ make_libversion (const char *libname, const char *(*getfnc)(const char*)) static int build_list_pk_test_algo (int algo) { + /* Show only one "RSA" string. If RSA_E or RSA_S is available RSA + is also available. */ + if (algo == PUBKEY_ALGO_RSA_E + || algo == PUBKEY_ALGO_RSA_S) + return GPG_ERR_DIGEST_ALGO; + return openpgp_pk_test_algo (algo); } @@ -866,6 +872,11 @@ build_list_cipher_algo_name (int algo) static int build_list_md_test_algo (int algo) { + /* By default we do not accept MD5 based signatures. To avoid + confusion we do not announce support for it either. */ + if (algo == DIGEST_ALGO_MD5) + return GPG_ERR_DIGEST_ALGO; + return openpgp_md_test_algo (algo); } ----------------------------------------------------------------------- Summary of changes: g10/gpg.c | 11 +++++++++++ 1 file changed, 11 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Aug 29 14:54:15 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 29 Aug 2014 14:54:15 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-109-gdb3c028 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via db3c0286bf159568aa315d15f9708fe2de02b022 (commit) from e606d5f1bada1f2d21faeedd3fa2cf2dca7b274c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit db3c0286bf159568aa315d15f9708fe2de02b022 Author: Werner Koch Date: Fri Aug 29 14:54:11 2014 +0200 mpi: Re-indent longlong.h. -- Indenting the cpp statements should make longlong.h better readable. diff --git a/mpi/longlong.h b/mpi/longlong.h index 4f33937..db98e47 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h @@ -1,5 +1,6 @@ /* longlong.h -- definitions for mixed size 32/64 bit arithmetic. - Note: I added some stuff for use with gnupg + Note: This is the Libgcrypt version + Copyright (C) 1991, 1992, 1993, 1994, 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2011 Free Software Foundation, Inc. @@ -41,7 +42,7 @@ MA 02111-1307, USA. */ /* This is used to make sure no undesirable sharing between different libraries that use this file takes place. */ #ifndef __MPN -#define __MPN(x) __##x +# define __MPN(x) __##x #endif /* Define auxiliary asm macros. @@ -102,19 +103,22 @@ MA 02111-1307, USA. */ /* We sometimes need to clobber "cc" with gcc2, but that would not be understood by gcc1. Use cpp to avoid major code duplication. */ #if __GNUC__ < 2 -#define __CLOBBER_CC -#define __AND_CLOBBER_CC +# define __CLOBBER_CC +# define __AND_CLOBBER_CC #else /* __GNUC__ >= 2 */ -#define __CLOBBER_CC : "cc" -#define __AND_CLOBBER_CC , "cc" +# define __CLOBBER_CC : "cc" +# define __AND_CLOBBER_CC , "cc" #endif /* __GNUC__ < 2 */ +/*************************************** + **** Begin CPU Specific Versions **** + ***************************************/ /*************************************** ************** A29K ***************** ***************************************/ #if (defined (__a29k__) || defined (_AM29K)) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("add %1,%4,%5\n" \ "addc %0,%2,%3" \ : "=r" ((USItype)(sh)), \ @@ -123,7 +127,7 @@ MA 02111-1307, USA. */ "rI" ((USItype)(bh)), \ "%r" ((USItype)(al)), \ "rI" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("sub %1,%4,%5\n" \ "subc %0,%2,%3" \ : "=r" ((USItype)(sh)), \ @@ -132,7 +136,7 @@ MA 02111-1307, USA. */ "rI" ((USItype)(bh)), \ "r" ((USItype)(al)), \ "rI" ((USItype)(bl))) -#define umul_ppmm(xh, xl, m0, m1) \ +# define umul_ppmm(xh, xl, m0, m1) \ do { \ USItype __m0 = (m0), __m1 = (m1); \ __asm__ ("multiplu %0,%1,%2" \ @@ -144,23 +148,23 @@ MA 02111-1307, USA. */ : "r" (__m0), \ "r" (__m1)); \ } while (0) -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define udiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("dividu %0,%3,%4" \ : "=r" ((USItype)(q)), \ "=q" ((USItype)(r)) \ : "1" ((USItype)(n1)), \ "r" ((USItype)(n0)), \ "r" ((USItype)(d))) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ __asm__ ("clz %0,%1" \ : "=r" ((USItype)(count)) \ : "r" ((USItype)(x))) -#define COUNT_LEADING_ZEROS_0 32 +# define COUNT_LEADING_ZEROS_0 32 #endif /* __a29k__ */ #if defined (__alpha) && W_TYPE_SIZE == 64 -#define umul_ppmm(ph, pl, m0, m1) \ +# define umul_ppmm(ph, pl, m0, m1) \ do { \ UDItype __m0 = (m0), __m1 = (m1); \ __asm__ ("umulh %r1,%2,%0" \ @@ -169,16 +173,16 @@ MA 02111-1307, USA. */ "rI" (__m1)); \ (pl) = __m0 * __m1; \ } while (0) -#define UMUL_TIME 46 -#ifndef LONGLONG_STANDALONE -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 46 +# ifndef LONGLONG_STANDALONE +# define udiv_qrnnd(q, r, n1, n0, d) \ do { UDItype __r; \ (q) = __udiv_qrnnd (&__r, (n1), (n0), (d)); \ (r) = __r; \ } while (0) extern UDItype __udiv_qrnnd (); -#define UDIV_TIME 220 -#endif /* LONGLONG_STANDALONE */ +# define UDIV_TIME 220 +# endif /* !LONGLONG_STANDALONE */ #endif /* __alpha */ /*************************************** @@ -187,30 +191,31 @@ extern UDItype __udiv_qrnnd (); #if defined (__arm__) && W_TYPE_SIZE == 32 && \ (!defined (__thumb__) || defined (__thumb2__)) /* The __ARM_ARCH define is provided by gcc 4.8. Construct it otherwise. */ -#ifndef __ARM_ARCH -# ifdef __ARM_ARCH_2__ -# define __ARM_ARCH 2 -# elif defined (__ARM_ARCH_3__) || defined (__ARM_ARCH_3M__) -# define __ARM_ARCH 3 -# elif defined (__ARM_ARCH_4__) || defined (__ARM_ARCH_4T__) -# define __ARM_ARCH 4 -# elif defined (__ARM_ARCH_5__) || defined (__ARM_ARCH_5E__) \ - || defined(__ARM_ARCH_5T__) || defined(__ARM_ARCH_5TE__) \ - || defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH 5 -# elif defined (__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \ - || defined (__ARM_ARCH_6Z__) || defined(__ARM_ARCH_6ZK__) \ - || defined (__ARM_ARCH_6K__) || defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH 6 -# elif defined (__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \ - || defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) \ - || defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH 7 -# else +# ifndef __ARM_ARCH +# ifdef __ARM_ARCH_2__ +# define __ARM_ARCH 2 +# elif defined (__ARM_ARCH_3__) || defined (__ARM_ARCH_3M__) +# define __ARM_ARCH 3 +# elif defined (__ARM_ARCH_4__) || defined (__ARM_ARCH_4T__) +# define __ARM_ARCH 4 +# elif defined (__ARM_ARCH_5__) || defined (__ARM_ARCH_5E__) \ + || defined(__ARM_ARCH_5T__) || defined(__ARM_ARCH_5TE__) \ + || defined(__ARM_ARCH_5TEJ__) +# define __ARM_ARCH 5 +# elif defined (__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \ + || defined (__ARM_ARCH_6Z__) || defined(__ARM_ARCH_6ZK__) \ + || defined (__ARM_ARCH_6K__) || defined(__ARM_ARCH_6T2__) +# define __ARM_ARCH 6 +# elif defined (__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \ + || defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) \ + || defined(__ARM_ARCH_7EM__) +# define __ARM_ARCH 7 +# else /* could not detect? */ -# endif -#endif -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# endif +# endif /* !__ARM_ARCH */ + +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("adds %1, %4, %5\n" \ "adc %0, %2, %3" \ : "=r" ((sh)), \ @@ -219,7 +224,7 @@ extern UDItype __udiv_qrnnd (); "rI" ((USItype)(bh)), \ "%r" ((USItype)(al)), \ "rI" ((USItype)(bl)) __CLOBBER_CC) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subs %1, %4, %5\n" \ "sbc %0, %2, %3" \ : "=r" ((sh)), \ @@ -228,8 +233,8 @@ extern UDItype __udiv_qrnnd (); "rI" ((USItype)(bh)), \ "r" ((USItype)(al)), \ "rI" ((USItype)(bl)) __CLOBBER_CC) -#if (defined __ARM_ARCH && __ARM_ARCH <= 3) -#define umul_ppmm(xh, xl, a, b) \ +# if (defined __ARM_ARCH && __ARM_ARCH <= 3) +# define umul_ppmm(xh, xl, a, b) \ __asm__ ("@ Inlined umul_ppmm\n" \ "mov %|r0, %2, lsr #16 @ AAAA\n" \ "mov %|r2, %3, lsr #16 @ BBBB\n" \ @@ -248,30 +253,30 @@ extern UDItype __udiv_qrnnd (); : "r" ((USItype)(a)), \ "r" ((USItype)(b)) \ : "r0", "r1", "r2" __AND_CLOBBER_CC) -#else /* __ARM_ARCH >= 4 */ -#define umul_ppmm(xh, xl, a, b) \ +# else /* __ARM_ARCH >= 4 */ +# define umul_ppmm(xh, xl, a, b) \ __asm__ ("@ Inlined umul_ppmm\n" \ "umull %1, %0, %2, %3" \ : "=&r" ((xh)), \ "=r" ((xl)) \ : "r" ((USItype)(a)), \ "r" ((USItype)(b))) -#endif /* __ARM_ARCH >= 4 */ -#define UMUL_TIME 20 -#define UDIV_TIME 100 -#if (defined __ARM_ARCH && __ARM_ARCH >= 5) -#define count_leading_zeros(count, x) \ +# endif /* __ARM_ARCH >= 4 */ +# define UMUL_TIME 20 +# define UDIV_TIME 100 +# if (defined __ARM_ARCH && __ARM_ARCH >= 5) +# define count_leading_zeros(count, x) \ __asm__ ("clz %0, %1" \ : "=r" ((count)) \ : "r" ((USItype)(x))) -#endif /* __ARM_ARCH >= 5 */ +# endif /* __ARM_ARCH >= 5 */ #endif /* __arm__ */ /*************************************** ********** ARM64 / Aarch64 ********** ***************************************/ #if defined(__aarch64__) && W_TYPE_SIZE == 64 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("adds %1, %4, %5\n" \ "adc %0, %2, %3\n" \ : "=r" ((sh)), \ @@ -280,7 +285,7 @@ extern UDItype __udiv_qrnnd (); "r" ((UDItype)(bh)), \ "r" ((UDItype)(al)), \ "r" ((UDItype)(bl)) __CLOBBER_CC) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subs %1, %4, %5\n" \ "sbc %0, %2, %3\n" \ : "=r" ((sh)), \ @@ -289,7 +294,7 @@ extern UDItype __udiv_qrnnd (); "r" ((UDItype)(bh)), \ "r" ((UDItype)(al)), \ "r" ((UDItype)(bl)) __CLOBBER_CC) -#define umul_ppmm(ph, pl, m0, m1) \ +# define umul_ppmm(ph, pl, m0, m1) \ do { \ UDItype __m0 = (m0), __m1 = (m1), __ph; \ (pl) = __m0 * __m1; \ @@ -299,7 +304,7 @@ extern UDItype __udiv_qrnnd (); "r" (__m1)); \ (ph) = __ph; \ } while (0) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ __asm__ ("clz %0, %1\n" \ : "=r" ((count)) \ : "r" ((UDItype)(x))) @@ -309,7 +314,7 @@ extern UDItype __udiv_qrnnd (); ************** CLIPPER ************** ***************************************/ #if defined (__clipper__) && W_TYPE_SIZE == 32 -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ ({union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ } __xx; \ @@ -318,7 +323,7 @@ extern UDItype __udiv_qrnnd (); : "%0" ((USItype)(u)), \ "r" ((USItype)(v))); \ (w1) = __xx.__i.__h; (w0) = __xx.__i.__l;}) -#define smul_ppmm(w1, w0, u, v) \ +# define smul_ppmm(w1, w0, u, v) \ ({union {DItype __ll; \ struct {SItype __l, __h;} __i; \ } __xx; \ @@ -327,7 +332,7 @@ extern UDItype __udiv_qrnnd (); : "%0" ((SItype)(u)), \ "r" ((SItype)(v))); \ (w1) = __xx.__i.__h; (w0) = __xx.__i.__l;}) -#define __umulsidi3(u, v) \ +# define __umulsidi3(u, v) \ ({UDItype __w; \ __asm__ ("mulwux %2,%0" \ : "=r" (__w) \ @@ -341,7 +346,7 @@ extern UDItype __udiv_qrnnd (); ************** GMICRO *************** ***************************************/ #if defined (__gmicro__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("add.w %5,%1\n" \ "addx %3,%0" \ : "=g" ((USItype)(sh)), \ @@ -350,7 +355,7 @@ extern UDItype __udiv_qrnnd (); "g" ((USItype)(bh)), \ "%1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("sub.w %5,%1\n" \ "subx %3,%0" \ : "=g" ((USItype)(sh)), \ @@ -359,20 +364,20 @@ extern UDItype __udiv_qrnnd (); "g" ((USItype)(bh)), \ "1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define umul_ppmm(ph, pl, m0, m1) \ +# define umul_ppmm(ph, pl, m0, m1) \ __asm__ ("mulx %3,%0,%1" \ : "=g" ((USItype)(ph)), \ "=r" ((USItype)(pl)) \ : "%0" ((USItype)(m0)), \ "g" ((USItype)(m1))) -#define udiv_qrnnd(q, r, nh, nl, d) \ +# define udiv_qrnnd(q, r, nh, nl, d) \ __asm__ ("divx %4,%0,%1" \ : "=g" ((USItype)(q)), \ "=r" ((USItype)(r)) \ : "1" ((USItype)(nh)), \ "0" ((USItype)(nl)), \ "g" ((USItype)(d))) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ __asm__ ("bsch/1 %1,%0" \ : "=g" (count) \ : "g" ((USItype)(x)), \ @@ -384,7 +389,7 @@ extern UDItype __udiv_qrnnd (); ************** HPPA ***************** ***************************************/ #if defined (__hppa) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ (" add %4,%5,%1\n" \ " addc %2,%3,%0" \ : "=r" ((USItype)(sh)), \ @@ -393,7 +398,7 @@ extern UDItype __udiv_qrnnd (); "rM" ((USItype)(bh)), \ "%rM" ((USItype)(al)), \ "rM" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ (" sub %4,%5,%1\n" \ " subb %2,%3,%0" \ : "=r" ((USItype)(sh)), \ @@ -402,8 +407,8 @@ extern UDItype __udiv_qrnnd (); "rM" ((USItype)(bh)), \ "rM" ((USItype)(al)), \ "rM" ((USItype)(bl))) -#if defined (_PA_RISC1_1) -#define umul_ppmm(wh, wl, u, v) \ +# if defined (_PA_RISC1_1) +# define umul_ppmm(wh, wl, u, v) \ do { \ union {UDItype __ll; \ struct {USItype __h, __l;} __i; \ @@ -415,21 +420,21 @@ extern UDItype __udiv_qrnnd (); (wh) = __xx.__i.__h; \ (wl) = __xx.__i.__l; \ } while (0) -#define UMUL_TIME 8 -#define UDIV_TIME 60 -#else -#define UMUL_TIME 40 -#define UDIV_TIME 80 -#endif -#ifndef LONGLONG_STANDALONE -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 8 +# define UDIV_TIME 60 +# else +# define UMUL_TIME 40 +# define UDIV_TIME 80 +# endif +# ifndef LONGLONG_STANDALONE +# define udiv_qrnnd(q, r, n1, n0, d) \ do { USItype __r; \ (q) = __udiv_qrnnd (&__r, (n1), (n0), (d)); \ (r) = __r; \ } while (0) extern USItype __udiv_qrnnd (); -#endif /* LONGLONG_STANDALONE */ -#define count_leading_zeros(count, x) \ +# endif /* !LONGLONG_STANDALONE */ +# define count_leading_zeros(count, x) \ do { \ USItype __tmp; \ __asm__ ( \ @@ -457,7 +462,7 @@ extern USItype __udiv_qrnnd (); ************** I370 ***************** ***************************************/ #if (defined (__i370__) || defined (__mvs__)) && W_TYPE_SIZE == 32 -#define umul_ppmm(xh, xl, m0, m1) \ +# define umul_ppmm(xh, xl, m0, m1) \ do { \ union {UDItype __ll; \ struct {USItype __h, __l;} __i; \ @@ -472,7 +477,7 @@ extern USItype __udiv_qrnnd (); (xh) += ((((SItype) __m0 >> 31) & __m1) \ + (((SItype) __m1 >> 31) & __m0)); \ } while (0) -#define smul_ppmm(xh, xl, m0, m1) \ +# define smul_ppmm(xh, xl, m0, m1) \ do { \ union {DItype __ll; \ struct {USItype __h, __l;} __i; \ @@ -484,7 +489,7 @@ extern USItype __udiv_qrnnd (); "r" (m1)); \ (xh) = __xx.__i.__h; (xl) = __xx.__i.__l; \ } while (0) -#define sdiv_qrnnd(q, r, n1, n0, d) \ +# define sdiv_qrnnd(q, r, n1, n0, d) \ do { \ union {DItype __ll; \ struct {USItype __h, __l;} __i; \ @@ -502,7 +507,7 @@ extern USItype __udiv_qrnnd (); ************** I386 ***************** ***************************************/ #if (defined (__i386__) || defined (__i486__)) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addl %5,%1\n" \ "adcl %3,%0" \ : "=r" ((sh)), \ @@ -512,7 +517,7 @@ extern USItype __udiv_qrnnd (); "%1" ((USItype)(al)), \ "g" ((USItype)(bl)) \ __CLOBBER_CC) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subl %5,%1\n" \ "sbbl %3,%0" \ : "=r" ((sh)), \ @@ -522,14 +527,14 @@ extern USItype __udiv_qrnnd (); "1" ((USItype)(al)), \ "g" ((USItype)(bl)) \ __CLOBBER_CC) -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("mull %3" \ : "=a" ((w0)), \ "=d" ((w1)) \ : "%0" ((USItype)(u)), \ "rm" ((USItype)(v)) \ __CLOBBER_CC) -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define udiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("divl %4" \ : "=a" ((q)), \ "=d" ((r)) \ @@ -537,7 +542,7 @@ extern USItype __udiv_qrnnd (); "1" ((USItype)(n1)), \ "rm" ((USItype)(d)) \ __CLOBBER_CC) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ do { \ USItype __cbtmp; \ __asm__ ("bsrl %1,%0" \ @@ -545,21 +550,21 @@ extern USItype __udiv_qrnnd (); __CLOBBER_CC); \ (count) = __cbtmp ^ 31; \ } while (0) -#define count_trailing_zeros(count, x) \ +# define count_trailing_zeros(count, x) \ __asm__ ("bsfl %1,%0" : "=r" (count) : "rm" ((USItype)(x)) __CLOBBER_CC) -#ifndef UMUL_TIME -#define UMUL_TIME 40 -#endif -#ifndef UDIV_TIME -#define UDIV_TIME 40 -#endif +# ifndef UMUL_TIME +# define UMUL_TIME 40 +# endif +# ifndef UDIV_TIME +# define UDIV_TIME 40 +# endif #endif /* 80x86 */ /*************************************** *********** AMD64 / x86-64 ************ ***************************************/ #if defined(__x86_64) && W_TYPE_SIZE == 64 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addq %5,%1\n" \ "adcq %3,%0" \ : "=r" ((sh)), \ @@ -569,7 +574,7 @@ extern USItype __udiv_qrnnd (); "1" ((UDItype)(al)), \ "g" ((UDItype)(bl)) \ __CLOBBER_CC) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subq %5,%1\n" \ "sbbq %3,%0" \ : "=r" ((sh)), \ @@ -579,14 +584,14 @@ extern USItype __udiv_qrnnd (); "1" ((UDItype)(al)), \ "g" ((UDItype)(bl)) \ __CLOBBER_CC) -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("mulq %3" \ : "=a" ((w0)), \ "=d" ((w1)) \ : "0" ((UDItype)(u)), \ "rm" ((UDItype)(v)) \ __CLOBBER_CC) -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define udiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("divq %4" \ : "=a" ((q)), \ "=d" ((r)) \ @@ -594,7 +599,7 @@ extern USItype __udiv_qrnnd (); "1" ((UDItype)(n1)), \ "rm" ((UDItype)(d)) \ __CLOBBER_CC) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ do { \ UDItype __cbtmp; \ __asm__ ("bsrq %1,%0" \ @@ -602,7 +607,7 @@ extern USItype __udiv_qrnnd (); __CLOBBER_CC); \ (count) = __cbtmp ^ 63; \ } while (0) -#define count_trailing_zeros(count, x) \ +# define count_trailing_zeros(count, x) \ do { \ UDItype __cbtmp; \ __asm__ ("bsfq %1,%0" \ @@ -610,12 +615,12 @@ extern USItype __udiv_qrnnd (); __CLOBBER_CC); \ (count) = __cbtmp; \ } while (0) -#ifndef UMUL_TIME -#define UMUL_TIME 40 -#endif -#ifndef UDIV_TIME -#define UDIV_TIME 40 -#endif +# ifndef UMUL_TIME +# define UMUL_TIME 40 +# endif +# ifndef UDIV_TIME +# define UDIV_TIME 40 +# endif #endif /* __x86_64 */ @@ -623,7 +628,7 @@ extern USItype __udiv_qrnnd (); ************** I860 ***************** ***************************************/ #if defined (__i860__) && W_TYPE_SIZE == 32 -#define rshift_rhlc(r,h,l,c) \ +# define rshift_rhlc(r,h,l,c) \ __asm__ ("shr %3,r0,r0\n" \ "shrd %1,%2,%0" \ "=r" (r) : "r" (h), "r" (l), "rn" (c)) @@ -633,7 +638,7 @@ extern USItype __udiv_qrnnd (); ************** I960 ***************** ***************************************/ #if defined (__i960__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("cmpo 1,0\n" \ "addc %5,%4,%1\n" \ "addc %3,%2,%0" \ @@ -643,7 +648,7 @@ extern USItype __udiv_qrnnd (); "dI" ((USItype)(bh)), \ "%dI" ((USItype)(al)), \ "dI" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("cmpo 0,0\n" \ "subc %5,%4,%1\n" \ "subc %3,%2,%0" \ @@ -653,7 +658,7 @@ extern USItype __udiv_qrnnd (); "dI" ((USItype)(bh)), \ "dI" ((USItype)(al)), \ "dI" ((USItype)(bl))) -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ ({union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ } __xx; \ @@ -662,14 +667,14 @@ extern USItype __udiv_qrnnd (); : "%dI" ((USItype)(u)), \ "dI" ((USItype)(v))); \ (w1) = __xx.__i.__h; (w0) = __xx.__i.__l;}) -#define __umulsidi3(u, v) \ +# define __umulsidi3(u, v) \ ({UDItype __w; \ __asm__ ("emul %2,%1,%0" \ : "=d" (__w) \ : "%dI" ((USItype)(u)), \ "dI" ((USItype)(v))); \ __w; }) -#define udiv_qrnnd(q, r, nh, nl, d) \ +# define udiv_qrnnd(q, r, nh, nl, d) \ do { \ union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ @@ -681,7 +686,7 @@ extern USItype __udiv_qrnnd (); "dI" ((USItype)(d))); \ (r) = __rq.__i.__l; (q) = __rq.__i.__h; \ } while (0) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ do { \ USItype __cbtmp; \ __asm__ ("scanbit %1,%0" \ @@ -689,9 +694,9 @@ extern USItype __udiv_qrnnd (); : "r" ((USItype)(x))); \ (count) = __cbtmp ^ 31; \ } while (0) -#define COUNT_LEADING_ZEROS_0 (-32) /* sic */ -#if defined (__i960mx) /* what is the proper symbol to test??? */ -#define rshift_rhlc(r,h,l,c) \ +# define COUNT_LEADING_ZEROS_0 (-32) /* sic */ +# if defined (__i960mx) /* what is the proper symbol to test??? */ +# define rshift_rhlc(r,h,l,c) \ do { \ union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ @@ -700,15 +705,16 @@ extern USItype __udiv_qrnnd (); __asm__ ("shre %2,%1,%0" \ : "=d" (r) : "dI" (__nn.__ll), "dI" (c)); \ } -#endif /* i960mx */ +# endif /* i960mx */ #endif /* i960 */ /*************************************** ************** 68000 **************** ***************************************/ -#if (defined (__mc68000__) || defined (__mc68020__) || defined (__NeXT__) || defined(mc68020)) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +#if (defined (__mc68000__) || defined (__mc68020__) \ + || defined (__NeXT__) || defined(mc68020)) && W_TYPE_SIZE == 32 +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("add%.l %5,%1\n" \ "addx%.l %3,%0" \ : "=d" ((USItype)(sh)), \ @@ -717,7 +723,7 @@ extern USItype __udiv_qrnnd (); "d" ((USItype)(bh)), \ "%1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("sub%.l %5,%1\n" \ "subx%.l %3,%0" \ : "=d" ((USItype)(sh)), \ @@ -726,36 +732,36 @@ extern USItype __udiv_qrnnd (); "d" ((USItype)(bh)), \ "1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#if (defined (__mc68020__) || defined (__NeXT__) || defined(mc68020)) -#define umul_ppmm(w1, w0, u, v) \ +# if (defined (__mc68020__) || defined (__NeXT__) || defined(mc68020)) +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("mulu%.l %3,%1:%0" \ : "=d" ((USItype)(w0)), \ "=d" ((USItype)(w1)) \ : "%0" ((USItype)(u)), \ "dmi" ((USItype)(v))) -#define UMUL_TIME 45 -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 45 +# define udiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("divu%.l %4,%1:%0" \ : "=d" ((USItype)(q)), \ "=d" ((USItype)(r)) \ : "0" ((USItype)(n0)), \ "1" ((USItype)(n1)), \ "dmi" ((USItype)(d))) -#define UDIV_TIME 90 -#define sdiv_qrnnd(q, r, n1, n0, d) \ +# define UDIV_TIME 90 +# define sdiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("divs%.l %4,%1:%0" \ : "=d" ((USItype)(q)), \ "=d" ((USItype)(r)) \ : "0" ((USItype)(n0)), \ "1" ((USItype)(n1)), \ "dmi" ((USItype)(d))) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ __asm__ ("bfffo %1{%b2:%b2},%0" \ : "=d" ((USItype)(count)) \ : "od" ((USItype)(x)), "n" (0)) -#define COUNT_LEADING_ZEROS_0 32 -#else /* not mc68020 */ -#define umul_ppmm(xh, xl, a, b) \ +# define COUNT_LEADING_ZEROS_0 32 +# else /* not mc68020 */ +# define umul_ppmm(xh, xl, a, b) \ do { USItype __umul_tmp1, __umul_tmp2; \ __asm__ ("| Inlined umul_ppmm \n" \ " move%.l %5,%3 \n" \ @@ -783,9 +789,9 @@ extern USItype __udiv_qrnnd (); "=d" (__umul_tmp1), "=&d" (__umul_tmp2) \ : "%2" ((USItype)(a)), "d" ((USItype)(b))); \ } while (0) -#define UMUL_TIME 100 -#define UDIV_TIME 400 -#endif /* not mc68020 */ +# define UMUL_TIME 100 +# define UDIV_TIME 400 +# endif /* not mc68020 */ #endif /* mc68000 */ @@ -793,7 +799,7 @@ extern USItype __udiv_qrnnd (); ************** 88000 **************** ***************************************/ #if defined (__m88000__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addu.co %1,%r4,%r5\n" \ "addu.ci %0,%r2,%r3" \ : "=r" ((USItype)(sh)), \ @@ -802,7 +808,7 @@ extern USItype __udiv_qrnnd (); "rJ" ((USItype)(bh)), \ "%rJ" ((USItype)(al)), \ "rJ" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subu.co %1,%r4,%r5\n" \ "subu.ci %0,%r2,%r3" \ : "=r" ((USItype)(sh)), \ @@ -811,7 +817,7 @@ extern USItype __udiv_qrnnd (); "rJ" ((USItype)(bh)), \ "rJ" ((USItype)(al)), \ "rJ" ((USItype)(bl))) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ do { \ USItype __cbtmp; \ __asm__ ("ff1 %0,%1" \ @@ -819,9 +825,9 @@ extern USItype __udiv_qrnnd (); : "r" ((USItype)(x))); \ (count) = __cbtmp ^ 31; \ } while (0) -#define COUNT_LEADING_ZEROS_0 63 /* sic */ -#if defined (__m88110__) -#define umul_ppmm(wh, wl, u, v) \ +# define COUNT_LEADING_ZEROS_0 63 /* sic */ +# if defined (__m88110__) +# define umul_ppmm(wh, wl, u, v) \ do { \ union {UDItype __ll; \ struct {USItype __h, __l;} __i; \ @@ -830,7 +836,7 @@ extern USItype __udiv_qrnnd (); (wh) = __x.__i.__h; \ (wl) = __x.__i.__l; \ } while (0) -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define udiv_qrnnd(q, r, n1, n0, d) \ ({union {UDItype __ll; \ struct {USItype __h, __l;} __i; \ } __x, __q; \ @@ -838,36 +844,36 @@ extern USItype __udiv_qrnnd (); __asm__ ("divu.d %0,%1,%2" \ : "=r" (__q.__ll) : "r" (__x.__ll), "r" (d)); \ (r) = (n0) - __q.__l * (d); (q) = __q.__l; }) -#define UMUL_TIME 5 -#define UDIV_TIME 25 -#else -#define UMUL_TIME 17 -#define UDIV_TIME 150 -#endif /* __m88110__ */ +# define UMUL_TIME 5 +# define UDIV_TIME 25 +# else +# define UMUL_TIME 17 +# define UDIV_TIME 150 +# endif /* __m88110__ */ #endif /* __m88000__ */ /*************************************** ************** MIPS ***************** ***************************************/ #if defined (__mips__) && W_TYPE_SIZE == 32 -#if defined (__clang__) || (__GNUC__ >= 5) || (__GNUC__ == 4 && \ +# if defined (__clang__) || (__GNUC__ >= 5) || (__GNUC__ == 4 && \ __GNUC_MINOR__ >= 4) -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ do { \ UDItype _r; \ _r = (UDItype) u * v; \ (w1) = _r >> 32; \ (w0) = (USItype) _r; \ } while (0) -#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 -#define umul_ppmm(w1, w0, u, v) \ +# elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("multu %2,%3" \ : "=l" ((USItype)(w0)), \ "=h" ((USItype)(w1)) \ : "d" ((USItype)(u)), \ "d" ((USItype)(v))) -#else -#define umul_ppmm(w1, w0, u, v) \ +# else +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("multu %2,%3 \n" \ "mflo %0 \n" \ "mfhi %1" \ @@ -875,33 +881,33 @@ extern USItype __udiv_qrnnd (); "=d" ((USItype)(w1)) \ : "d" ((USItype)(u)), \ "d" ((USItype)(v))) -#endif -#define UMUL_TIME 10 -#define UDIV_TIME 100 +# endif +# define UMUL_TIME 10 +# define UDIV_TIME 100 #endif /* __mips__ */ /*************************************** ************** MIPS/64 ************** ***************************************/ #if (defined (__mips) && __mips >= 3) && W_TYPE_SIZE == 64 -#if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +# if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) typedef unsigned int UTItype __attribute__ ((mode (TI))); -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ do { \ UTItype _r; \ _r = (UTItype) u * v; \ (w1) = _r >> 64; \ (w0) = (UDItype) _r; \ } while (0) -#elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 -#define umul_ppmm(w1, w0, u, v) \ +# elif __GNUC__ > 2 || __GNUC_MINOR__ >= 7 +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("dmultu %2,%3" \ : "=l" ((UDItype)(w0)), \ "=h" ((UDItype)(w1)) \ : "d" ((UDItype)(u)), \ "d" ((UDItype)(v))) -#else -#define umul_ppmm(w1, w0, u, v) \ +# else +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("dmultu %2,%3 \n" \ "mflo %0 \n" \ "mfhi %1" \ @@ -909,9 +915,9 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "=d" ((UDItype)(w1)) \ : "d" ((UDItype)(u)), \ "d" ((UDItype)(v))) -#endif -#define UMUL_TIME 20 -#define UDIV_TIME 140 +# endif +# define UMUL_TIME 20 +# define UDIV_TIME 140 #endif /* __mips__ */ @@ -919,7 +925,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); ************** 32000 **************** ***************************************/ #if defined (__ns32000__) && W_TYPE_SIZE == 32 -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ ({union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ } __xx; \ @@ -928,14 +934,14 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); : "%0" ((USItype)(u)), \ "g" ((USItype)(v))); \ (w1) = __xx.__i.__h; (w0) = __xx.__i.__l;}) -#define __umulsidi3(u, v) \ +# define __umulsidi3(u, v) \ ({UDItype __w; \ __asm__ ("meid %2,%0" \ : "=g" (__w) \ : "%0" ((USItype)(u)), \ "g" ((USItype)(v))); \ __w; }) -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define udiv_qrnnd(q, r, n1, n0, d) \ ({union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ } __xx; \ @@ -945,7 +951,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); : "0" (__xx.__ll), \ "g" ((USItype)(d))); \ (r) = __xx.__i.__l; (q) = __xx.__i.__h; }) -#define count_trailing_zeros(count,x) \ +# define count_trailing_zeros(count,x) \ do { __asm__ ("ffsd %2,%0" \ : "=r" ((USItype) (count)) \ @@ -959,7 +965,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); ************** PPC ****************** ***************************************/ #if (defined (_ARCH_PPC) || defined (_IBMR2)) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ do { \ if (__builtin_constant_p (bh) && (bh) == 0) \ __asm__ ("{a%I4|add%I4c} %1,%3,%4\n\t{aze|addze} %0,%2" \ @@ -984,7 +990,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "%r" ((USItype)(al)), \ "rI" ((USItype)(bl))); \ } while (0) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ do { \ if (__builtin_constant_p (ah) && (ah) == 0) \ __asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{sfze|subfze} %0,%2" \ @@ -1023,13 +1029,13 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "rI" ((USItype)(al)), \ "r" ((USItype)(bl))); \ } while (0) -#define count_leading_zeros(count, x) \ +# define count_leading_zeros(count, x) \ __asm__ ("{cntlz|cntlzw} %0,%1" \ : "=r" ((count)) \ : "r" ((USItype)(x))) -#define COUNT_LEADING_ZEROS_0 32 -#if defined (_ARCH_PPC) -#define umul_ppmm(ph, pl, m0, m1) \ +# define COUNT_LEADING_ZEROS_0 32 +# if defined (_ARCH_PPC) +# define umul_ppmm(ph, pl, m0, m1) \ do { \ USItype __m0 = (m0), __m1 = (m1); \ __asm__ ("mulhwu %0,%1,%2" \ @@ -1038,8 +1044,8 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "r" (__m1)); \ (pl) = __m0 * __m1; \ } while (0) -#define UMUL_TIME 15 -#define smul_ppmm(ph, pl, m0, m1) \ +# define UMUL_TIME 15 +# define smul_ppmm(ph, pl, m0, m1) \ do { \ SItype __m0 = (m0), __m1 = (m1); \ __asm__ ("mulhw %0,%1,%2" \ @@ -1048,10 +1054,10 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "r" (__m1)); \ (pl) = __m0 * __m1; \ } while (0) -#define SMUL_TIME 14 -#define UDIV_TIME 120 -#else -#define umul_ppmm(xh, xl, m0, m1) \ +# define SMUL_TIME 14 +# define UDIV_TIME 120 +# else +# define umul_ppmm(xh, xl, m0, m1) \ do { \ USItype __m0 = (m0), __m1 = (m1); \ __asm__ ("mul %0,%2,%3" \ @@ -1062,20 +1068,20 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); (xh) += ((((SItype) __m0 >> 31) & __m1) \ + (((SItype) __m1 >> 31) & __m0)); \ } while (0) -#define UMUL_TIME 8 -#define smul_ppmm(xh, xl, m0, m1) \ +# define UMUL_TIME 8 +# define smul_ppmm(xh, xl, m0, m1) \ __asm__ ("mul %0,%2,%3" \ : "=r" ((SItype)(xh)), \ "=q" ((SItype)(xl)) \ : "r" (m0), \ "r" (m1)) -#define SMUL_TIME 4 -#define sdiv_qrnnd(q, r, nh, nl, d) \ +# define SMUL_TIME 4 +# define sdiv_qrnnd(q, r, nh, nl, d) \ __asm__ ("div %0,%2,%4" \ : "=r" ((SItype)(q)), "=q" ((SItype)(r)) \ : "r" ((SItype)(nh)), "1" ((SItype)(nl)), "r" ((SItype)(d))) -#define UDIV_TIME 100 -#endif +# define UDIV_TIME 100 +# endif #endif /* Power architecture variants. */ /* Powerpc 64 bit support taken from gmp-4.1.2. */ @@ -1140,7 +1146,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); ************** PYR ****************** ***************************************/ #if defined (__pyr__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addw %5,%1 \n" \ "addwc %3,%0" \ : "=r" ((USItype)(sh)), \ @@ -1149,7 +1155,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "g" ((USItype)(bh)), \ "%1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subw %5,%1 \n" \ "subwb %3,%0" \ : "=r" ((USItype)(sh)), \ @@ -1159,7 +1165,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "1" ((USItype)(al)), \ "g" ((USItype)(bl))) /* This insn works on Pyramids with AP, XP, or MI CPUs, but not with SP. */ -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ ({union {UDItype __ll; \ struct {USItype __h, __l;} __i; \ } __xx; \ @@ -1176,7 +1182,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); ************** RT/ROMP ************** ***************************************/ #if defined (__ibm032__) /* RT/ROMP */ && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("a %1,%5 \n" \ "ae %0,%3" \ : "=r" ((USItype)(sh)), \ @@ -1185,7 +1191,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "r" ((USItype)(bh)), \ "%1" ((USItype)(al)), \ "r" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("s %1,%5\n" \ "se %0,%3" \ : "=r" ((USItype)(sh)), \ @@ -1194,7 +1200,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "r" ((USItype)(bh)), \ "1" ((USItype)(al)), \ "r" ((USItype)(bl))) -#define umul_ppmm(ph, pl, m0, m1) \ +# define umul_ppmm(ph, pl, m0, m1) \ do { \ USItype __m0 = (m0), __m1 = (m1); \ __asm__ ( \ @@ -1226,9 +1232,9 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); (ph) += ((((SItype) __m0 >> 31) & __m1) \ + (((SItype) __m1 >> 31) & __m0)); \ } while (0) -#define UMUL_TIME 20 -#define UDIV_TIME 200 -#define count_leading_zeros(count, x) \ +# define UMUL_TIME 20 +# define UDIV_TIME 200 +# define count_leading_zeros(count, x) \ do { \ if ((x) >= 0x10000) \ __asm__ ("clz %0,%1" \ @@ -1250,7 +1256,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); ***************************************/ #if (defined (__sh2__) || defined(__sh3__) || defined(__SH4__) ) \ && W_TYPE_SIZE == 32 -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ __asm__ ( \ "dmulu.l %2,%3\n" \ "sts macl,%1\n" \ @@ -1260,14 +1266,14 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); : "r" ((USItype)(u)), \ "r" ((USItype)(v)) \ : "macl", "mach") -#define UMUL_TIME 5 +# define UMUL_TIME 5 #endif /*************************************** ************** SPARC **************** ***************************************/ #if defined (__sparc__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addcc %r4,%5,%1\n" \ "addx %r2,%3,%0" \ : "=r" ((USItype)(sh)), \ @@ -1277,7 +1283,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "%rJ" ((USItype)(al)), \ "rI" ((USItype)(bl)) \ __CLOBBER_CC) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subcc %r4,%5,%1\n" \ "subx %r2,%3,%0" \ : "=r" ((USItype)(sh)), \ @@ -1287,20 +1293,20 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "rJ" ((USItype)(al)), \ "rI" ((USItype)(bl)) \ __CLOBBER_CC) -#if defined (__sparc_v8__) +# if defined (__sparc_v8__) /* Don't match immediate range because, 1) it is not often useful, 2) the 'I' flag thinks of the range as a 13 bit signed interval, while we want to match a 13 bit interval, sign extended to 32 bits, but INTERPRETED AS UNSIGNED. */ -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("umul %2,%3,%1;rd %%y,%0" \ : "=r" ((USItype)(w1)), \ "=r" ((USItype)(w0)) \ : "r" ((USItype)(u)), \ "r" ((USItype)(v))) -#define UMUL_TIME 5 -#ifndef SUPERSPARC /* SuperSPARC's udiv only handles 53 bit dividends */ -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 5 +# ifndef SUPERSPARC /* SuperSPARC's udiv only handles 53 bit dividends */ +# define udiv_qrnnd(q, r, n1, n0, d) \ do { \ USItype __q; \ __asm__ ("mov %1,%%y;nop;nop;nop;udiv %2,%3,%0" \ @@ -1311,20 +1317,20 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); (r) = (n0) - __q * (d); \ (q) = __q; \ } while (0) -#define UDIV_TIME 25 -#endif /* SUPERSPARC */ -#else /* ! __sparc_v8__ */ -#if defined (__sparclite__) +# define UDIV_TIME 25 +# endif /*!SUPERSPARC */ +# else /* ! __sparc_v8__ */ +# if defined (__sparclite__) /* This has hardware multiply but not divide. It also has two additional instructions scan (ffs from high bit) and divscc. */ -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("umul %2,%3,%1;rd %%y,%0" \ : "=r" ((USItype)(w1)), \ "=r" ((USItype)(w0)) \ : "r" ((USItype)(u)), \ "r" ((USItype)(v))) -#define UMUL_TIME 5 -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 5 +# define udiv_qrnnd(q, r, n1, n0, d) \ __asm__ ("! Inlined udiv_qrnnd \n" \ " wr %%g0,%2,%%y ! Not a delayed write for sparclite \n" \ " tst %%g0 \n" \ @@ -1370,19 +1376,19 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); "r" ((USItype)(n0)), \ "rI" ((USItype)(d)) \ : "%g1" __AND_CLOBBER_CC) -#define UDIV_TIME 37 -#define count_leading_zeros(count, x) \ +# define UDIV_TIME 37 +# define count_leading_zeros(count, x) \ __asm__ ("scan %1,0,%0" \ : "=r" ((USItype)(x)) \ : "r" ((USItype)(count))) /* Early sparclites return 63 for an argument of 0, but they warn that future implementations might change this. Therefore, leave COUNT_LEADING_ZEROS_0 undefined. */ -#endif /* __sparclite__ */ -#endif /* __sparc_v8__ */ +# endif /* !__sparclite__ */ +# endif /* !__sparc_v8__ */ /* Default to sparc v7 versions of umul_ppmm and udiv_qrnnd. */ -#ifndef umul_ppmm -#define umul_ppmm(w1, w0, u, v) \ +# ifndef umul_ppmm +# define umul_ppmm(w1, w0, u, v) \ __asm__ ("! Inlined umul_ppmm \n" \ " wr %%g0,%2,%%y ! SPARC has 0-3 delay insn after a wr \n" \ " sra %3,31,%%g2 ! Don't move this insn \n" \ @@ -1428,19 +1434,19 @@ typedef unsigned int UTItype __attribute__ ((mode (TI))); : "%rI" ((USItype)(u)), \ "r" ((USItype)(v)) \ : "%g1", "%g2" __AND_CLOBBER_CC) -#define UMUL_TIME 39 /* 39 instructions */ -#endif -#ifndef udiv_qrnnd -#ifndef LONGLONG_STANDALONE -#define udiv_qrnnd(q, r, n1, n0, d) \ +# define UMUL_TIME 39 /* 39 instructions */ +# endif /* umul_ppmm */ +# ifndef udiv_qrnnd +# ifndef LONGLONG_STANDALONE +# define udiv_qrnnd(q, r, n1, n0, d) \ do { USItype __r; \ (q) = __udiv_qrnnd (&__r, (n1), (n0), (d)); \ (r) = __r; \ } while (0) extern USItype __udiv_qrnnd (); -#define UDIV_TIME 140 -#endif /* LONGLONG_STANDALONE */ -#endif /* udiv_qrnnd */ +# define UDIV_TIME 140 +# endif /* LONGLONG_STANDALONE */ +# endif /* udiv_qrnnd */ #endif /* __sparc__ */ @@ -1448,7 +1454,7 @@ extern USItype __udiv_qrnnd (); ************** VAX ****************** ***************************************/ #if defined (__vax__) && W_TYPE_SIZE == 32 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("addl2 %5,%1\n" \ "adwc %3,%0" \ : "=g" ((USItype)(sh)), \ @@ -1457,7 +1463,7 @@ extern USItype __udiv_qrnnd (); "g" ((USItype)(bh)), \ "%1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("subl2 %5,%1\n" \ "sbwc %3,%0" \ : "=g" ((USItype)(sh)), \ @@ -1466,7 +1472,7 @@ extern USItype __udiv_qrnnd (); "g" ((USItype)(bh)), \ "1" ((USItype)(al)), \ "g" ((USItype)(bl))) -#define umul_ppmm(xh, xl, m0, m1) \ +# define umul_ppmm(xh, xl, m0, m1) \ do { \ union {UDItype __ll; \ struct {USItype __l, __h;} __i; \ @@ -1480,7 +1486,7 @@ extern USItype __udiv_qrnnd (); (xh) += ((((SItype) __m0 >> 31) & __m1) \ + (((SItype) __m1 >> 31) & __m0)); \ } while (0) -#define sdiv_qrnnd(q, r, n1, n0, d) \ +# define sdiv_qrnnd(q, r, n1, n0, d) \ do { \ union {DItype __ll; \ struct {SItype __l, __h;} __i; \ @@ -1497,7 +1503,7 @@ extern USItype __udiv_qrnnd (); ************** Z8000 **************** ***************************************/ #if defined (__z8000__) && W_TYPE_SIZE == 16 -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ __asm__ ("add %H1,%H5\n\tadc %H0,%H3" \ : "=r" ((unsigned int)(sh)), \ "=&r" ((unsigned int)(sl)) \ @@ -1505,7 +1511,7 @@ extern USItype __udiv_qrnnd (); "r" ((unsigned int)(bh)), \ "%1" ((unsigned int)(al)), \ "rQR" ((unsigned int)(bl))) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ __asm__ ("sub %H1,%H5\n\tsbc %H0,%H3" \ : "=r" ((unsigned int)(sh)), \ "=&r" ((unsigned int)(sl)) \ @@ -1513,7 +1519,7 @@ extern USItype __udiv_qrnnd (); "r" ((unsigned int)(bh)), \ "1" ((unsigned int)(al)), \ "rQR" ((unsigned int)(bl))) -#define umul_ppmm(xh, xl, m0, m1) \ +# define umul_ppmm(xh, xl, m0, m1) \ do { \ union {long int __ll; \ struct {unsigned int __h, __l;} __i; \ @@ -1530,6 +1536,11 @@ extern USItype __udiv_qrnnd (); } while (0) #endif /* __z8000__ */ + +/*************************************** + ***** End CPU Specific Versions ***** + ***************************************/ + #endif /* __GNUC__ */ #endif /* !__riscos__ */ @@ -1538,7 +1549,7 @@ extern USItype __udiv_qrnnd (); *********** Generic Versions ******** ***************************************/ #if !defined (umul_ppmm) && defined (__umulsidi3) -#define umul_ppmm(ph, pl, m0, m1) \ +# define umul_ppmm(ph, pl, m0, m1) \ { \ UDWtype __ll = __umulsidi3 (m0, m1); \ ph = (UWtype) (__ll >> W_TYPE_SIZE); \ @@ -1547,7 +1558,7 @@ extern USItype __udiv_qrnnd (); #endif #if !defined (__umulsidi3) -#define __umulsidi3(u, v) \ +# define __umulsidi3(u, v) \ ({UWtype __hi, __lo; \ umul_ppmm (__hi, __lo, u, v); \ ((UDWtype) __hi << W_TYPE_SIZE) | __lo; }) @@ -1556,7 +1567,7 @@ extern USItype __udiv_qrnnd (); /* If this machine has no inline assembler, use C macros. */ #if !defined (add_ssaaaa) -#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ +# define add_ssaaaa(sh, sl, ah, al, bh, bl) \ do { \ UWtype __x; \ __x = (al) + (bl); \ @@ -1566,7 +1577,7 @@ extern USItype __udiv_qrnnd (); #endif #if !defined (sub_ddmmss) -#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ +# define sub_ddmmss(sh, sl, ah, al, bh, bl) \ do { \ UWtype __x; \ __x = (al) - (bl); \ @@ -1576,7 +1587,7 @@ extern USItype __udiv_qrnnd (); #endif #if !defined (umul_ppmm) -#define umul_ppmm(w1, w0, u, v) \ +# define umul_ppmm(w1, w0, u, v) \ do { \ UWtype __x0, __x1, __x2, __x3; \ UHWtype __ul, __vl, __uh, __vh; \ @@ -1603,7 +1614,7 @@ extern USItype __udiv_qrnnd (); #endif #if !defined (umul_ppmm) -#define smul_ppmm(w1, w0, u, v) \ +# define smul_ppmm(w1, w0, u, v) \ do { \ UWtype __w1; \ UWtype __m0 = (u), __m1 = (v); \ @@ -1653,7 +1664,7 @@ extern USItype __udiv_qrnnd (); /* If the processor has no udiv_qrnnd but sdiv_qrnnd, go through __udiv_w_sdiv (defined in libgcc or elsewhere). */ #if !defined (udiv_qrnnd) && defined (sdiv_qrnnd) -#define udiv_qrnnd(q, r, nh, nl, d) \ +# define udiv_qrnnd(q, r, nh, nl, d) \ do { \ UWtype __r; \ (q) = __MPN(udiv_w_sdiv) (&__r, nh, nl, d); \ @@ -1663,18 +1674,18 @@ extern USItype __udiv_qrnnd (); /* If udiv_qrnnd was not defined for this processor, use __udiv_qrnnd_c. */ #if !defined (udiv_qrnnd) -#define UDIV_NEEDS_NORMALIZATION 1 -#define udiv_qrnnd __udiv_qrnnd_c +# define UDIV_NEEDS_NORMALIZATION 1 +# define udiv_qrnnd __udiv_qrnnd_c #endif #if !defined (count_leading_zeros) extern -#ifdef __STDC__ +# ifdef __STDC__ const -#endif +# endif unsigned char _gcry_clz_tab[]; -#define MPI_INTERNAL_NEED_CLZ_TAB 1 -#define count_leading_zeros(count, x) \ +# define MPI_INTERNAL_NEED_CLZ_TAB 1 +# define count_leading_zeros(count, x) \ do { \ UWtype __xr = (x); \ UWtype __a; \ @@ -1695,21 +1706,25 @@ unsigned char _gcry_clz_tab[]; (count) = W_TYPE_SIZE - (_gcry_clz_tab[__xr >> __a] + __a); \ } while (0) /* This version gives a well-defined value for zero. */ -#define COUNT_LEADING_ZEROS_0 W_TYPE_SIZE -#endif +# define COUNT_LEADING_ZEROS_0 W_TYPE_SIZE +#endif /* !count_leading_zeros */ #if !defined (count_trailing_zeros) /* Define count_trailing_zeros using count_leading_zeros. The latter might be defined in asm, but if it is not, the C version above is good enough. */ -#define count_trailing_zeros(count, x) \ +# define count_trailing_zeros(count, x) \ do { \ UWtype __ctz_x = (x); \ UWtype __ctz_c; \ count_leading_zeros (__ctz_c, __ctz_x & -__ctz_x); \ (count) = W_TYPE_SIZE - 1 - __ctz_c; \ } while (0) -#endif +#endif /* !count_trailing_zeros */ #ifndef UDIV_NEEDS_NORMALIZATION -#define UDIV_NEEDS_NORMALIZATION 0 +# define UDIV_NEEDS_NORMALIZATION 0 #endif + +/*************************************** + ****** longlong.h ends here ********* + ***************************************/ ----------------------------------------------------------------------- Summary of changes: mpi/longlong.h | 513 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 264 insertions(+), 249 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org