[git] GnuPG - branch, wk/test-gpgrt-estream, updated. gnupg-2.1.0-beta783-20-gafe8558
by Werner Koch
cvs at cvs.gnupg.org
Tue Sep 2 11:24:09 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, wk/test-gpgrt-estream has been updated
via afe85582ddc2ebc285728bf6417f8929fd0b3281 (commit)
via 4054d86abcb7ad953ed9e988b1765cb9266faefd (commit)
via c913e09ebdbb1a1e9838a0a5897448841f5e9bc3 (commit)
via b6386367aca957c52586fbf52f11604451ba4fe7 (commit)
from be98b5960ebd48929c399b0b91c95bfc0cb9749b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit afe85582ddc2ebc285728bf6417f8929fd0b3281
Author: Werner Koch <wk at gnupg.org>
Date: Tue Sep 2 11:22:07 2014 +0200
agent: Fix import of OpenPGP EdDSA keys.
* agent/cvt-openpgp.c (get_keygrip): Special case EdDSA.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(apply_protection): Handle opaque MPIs.
(do_unprotect): Check FLAG_OPAQUE instead of FLAG_USER1 before
unpacking an opaque mpi.
--
The key transfer protocol between gpg and gpg-agent uses gcrypt
algorithm numbers which merge all ECC algorithms into one. Thus it is
not possible to use the algorithm number to determine the EdDSA
algorithm. We need to known that because Libgcrypt requires the
"eddsa" flag with the curve "Ed25519" to actually use the Ed25519
signature specification.
The last fix is for correctness; the first case won't be used anyway.
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index 58327c6..6ea2666 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -81,9 +81,16 @@ get_keygrip (int pubkey_algo, const char *curve, gcry_mpi_t *pkey,
break;
case GCRY_PK_ECC:
- err = gcry_sexp_build (&s_pkey, NULL,
- "(public-key(ecc(curve %s)(q%m)))",
- curve, pkey[0]);
+ if (!curve)
+ err = gpg_error (GPG_ERR_BAD_SECKEY);
+ else if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
+ err = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(ecc(curve %s)(flags eddsa)(q%m)))",
+ "Ed25519", pkey[0]);
+ else
+ err = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(ecc(curve %s)(q%m)))",
+ curve, pkey[0]);
break;
default:
@@ -139,6 +146,15 @@ convert_secret_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey,
case GCRY_PK_ECC:
if (!curve)
err = gpg_error (GPG_ERR_BAD_SECKEY);
+ else if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
+ {
+ /* Do not store the OID as name but the real name and the
+ EdDSA flag. */
+ err = gcry_sexp_build (&s_skey, NULL,
+ "(private-key(ecc(curve%s)(flags eddsa)"
+ "(q%m)(d%m)))",
+ "Ed25519", skey[0], skey[1]);
+ }
else
err = gcry_sexp_build (&s_skey, NULL,
"(private-key(ecc(curve%s)(q%m)(d%m)))",
@@ -198,11 +214,24 @@ convert_transfer_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey,
break;
case GCRY_PK_ECC:
- err = gcry_sexp_build
- (&s_skey, NULL,
- "(protected-private-key(ecc(curve%s)(q%m)"
- "(protected openpgp-native%S)))",
- curve, skey[0], transfer_key);
+ if (!curve)
+ err = gpg_error (GPG_ERR_BAD_SECKEY);
+ else if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
+ {
+ /* Do not store the OID as name but the real name and the
+ EdDSA flag. */
+ err = gcry_sexp_build
+ (&s_skey, NULL,
+ "(protected-private-key(ecc(curve%s)(flags eddsa)(q%m)"
+ "(protected openpgp-native%S)))",
+ "Ed25519", skey[0], transfer_key);
+ }
+ else
+ err = gcry_sexp_build
+ (&s_skey, NULL,
+ "(protected-private-key(ecc(curve%s)(q%m)"
+ "(protected openpgp-native%S)))",
+ curve, skey[0], transfer_key);
break;
default:
@@ -373,7 +402,7 @@ do_unprotect (const char *passphrase,
if (!skey[i] || gcry_mpi_get_flag (skey[i], GCRYMPI_FLAG_USER1))
return gpg_error (GPG_ERR_BAD_SECKEY);
- if (gcry_mpi_get_flag (skey[i], GCRYMPI_FLAG_USER1))
+ if (gcry_mpi_get_flag (skey[i], GCRYMPI_FLAG_OPAQUE))
{
unsigned int nbits;
const unsigned char *buffer;
@@ -1064,15 +1093,36 @@ apply_protection (gcry_mpi_t *array, int npkey, int nskey,
ndata = 20; /* Space for the SHA-1 checksum. */
for (i = npkey, j = 0; i < nskey; i++, j++ )
{
- err = gcry_mpi_aprint (GCRYMPI_FMT_USG, bufarr+j, narr+j, array[i]);
- if (err)
+ if (gcry_mpi_get_flag (array[i], GCRYMPI_FLAG_OPAQUE))
{
- err = gpg_error_from_syserror ();
- for (i = 0; i < j; i++)
- xfree (bufarr[i]);
- return err;
+ const void *s;
+ unsigned int n;
+
+ s = gcry_mpi_get_opaque (array[i], &n);
+ nbits[j] = n;
+ n = (n+7)/8;
+ narr[j] = n;
+ bufarr[j] = gcry_is_secure (s)? xtrymalloc_secure (n):xtrymalloc (n);
+ if (!bufarr[j])
+ {
+ err = gpg_error_from_syserror ();
+ for (i = 0; i < j; i++)
+ xfree (bufarr[i]);
+ return err;
+ }
+ memcpy (bufarr[j], s, n);
+ }
+ else
+ {
+ err = gcry_mpi_aprint (GCRYMPI_FMT_USG, bufarr+j, narr+j, array[i]);
+ if (err)
+ {
+ for (i = 0; i < j; i++)
+ xfree (bufarr[i]);
+ return err;
+ }
+ nbits[j] = gcry_mpi_get_nbits (array[i]);
}
- nbits[j] = gcry_mpi_get_nbits (array[i]);
ndata += 2 + narr[j];
}
@@ -1218,8 +1268,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase,
assert (iob.len < sizeof iobbuf -1);
iobbuf[iob.len] = 0;
err = gcry_sexp_build (&curve, NULL, "(curve %s)", iobbuf);
-
- gcry_log_debugsxp ("at 1", curve);
}
}
else if (!strcmp (name, "ecdsa"))
commit 4054d86abcb7ad953ed9e988b1765cb9266faefd
Author: Kyle Butt <kylebutt at gmail.com>
Date: Tue Aug 26 14:11:47 2014 -0700
gpg: Fix export of ecc secret keys by adjusting check ordering.
* g10/export.c (transfer_format_to_openpgp): Move the check against
PUBKEY_MAX_NSKEY to after the ECC code adjusts the number of
parameters.
diff --git a/g10/export.c b/g10/export.c
index 6a921c1..b4f1a2e 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -462,7 +462,7 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
xfree (string); string = NULL;
if (gcry_pk_algo_info (pk_algo, GCRYCTL_GET_ALGO_NPKEY, NULL, &npkey)
|| gcry_pk_algo_info (pk_algo, GCRYCTL_GET_ALGO_NSKEY, NULL, &nskey)
- || !npkey || npkey >= nskey || nskey > PUBKEY_MAX_NSKEY)
+ || !npkey || npkey >= nskey)
goto bad_seckey;
/* Check that the pubkey algo matches the one from the public key. */
@@ -503,6 +503,10 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
goto leave;
}
+ /* This check has to go after the ecc adjustments. */
+ if (nskey > PUBKEY_MAX_NSKEY)
+ goto bad_seckey;
+
/* Parse the key parameters. */
gcry_sexp_release (list);
list = gcry_sexp_find_token (top_list, "skey", 0);
commit c913e09ebdbb1a1e9838a0a5897448841f5e9bc3
Author: Werner Koch <wk at gnupg.org>
Date: Mon Sep 1 10:15:21 2014 +0200
agent: Allow key unprotection using AES-256.
* agent/protect.c (PROT_CIPHER): Rename to GCRY_CIPHER_AES128 for
clarity.
(do_decryption): Add args prot_cipher and prot_cipher_keylen. USe
them instead of the hardwired values.
(agent_unprotect): Change to use a table of protection algorithms.
Add AES-256 variant.
--
This patch will make a possible future key protection algorithm
changes smoother. AES-256 is also allowed although there is currently
no way to encrypt using it.
diff --git a/agent/protect.c b/agent/protect.c
index 3a00218..f633d56 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -42,7 +42,9 @@
#include "cvt-openpgp.h"
#include "sexp-parse.h"
-#define PROT_CIPHER GCRY_CIPHER_AES
+/* The protection mode for encryption. The supported modes for
+ decryption are listed in agent_unprotect(). */
+#define PROT_CIPHER GCRY_CIPHER_AES128
#define PROT_CIPHER_STRING "aes"
#define PROT_CIPHER_KEYLEN (128/8)
@@ -632,6 +634,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
const char *passphrase,
const unsigned char *s2ksalt, unsigned long s2kcount,
const unsigned char *iv, size_t ivlen,
+ int prot_cipher, int prot_cipher_keylen,
unsigned char **result)
{
int rc = 0;
@@ -640,11 +643,11 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
unsigned char *outbuf;
size_t reallen;
- blklen = gcry_cipher_get_algo_blklen (PROT_CIPHER);
+ blklen = gcry_cipher_get_algo_blklen (prot_cipher);
if (protectedlen < 4 || (protectedlen%blklen))
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
- rc = gcry_cipher_open (&hd, PROT_CIPHER, GCRY_CIPHER_MODE_CBC,
+ rc = gcry_cipher_open (&hd, prot_cipher, GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
if (rc)
return rc;
@@ -657,17 +660,16 @@ do_decryption (const unsigned char *protected, size_t protectedlen,
if (!rc)
{
unsigned char *key;
- size_t keylen = PROT_CIPHER_KEYLEN;
- key = gcry_malloc_secure (keylen);
+ key = gcry_malloc_secure (prot_cipher_keylen);
if (!key)
rc = out_of_core ();
else
{
rc = hash_passphrase (passphrase, GCRY_MD_SHA1,
- 3, s2ksalt, s2kcount, key, keylen);
+ 3, s2ksalt, s2kcount, key, prot_cipher_keylen);
if (!rc)
- rc = gcry_cipher_setkey (hd, key, keylen);
+ rc = gcry_cipher_setkey (hd, key, prot_cipher_keylen);
xfree (key);
}
}
@@ -860,6 +862,15 @@ agent_unprotect (ctrl_t ctrl,
gnupg_isotime_t protected_at,
unsigned char **result, size_t *resultlen)
{
+ static struct {
+ const char *name; /* Name of the protection method. */
+ int algo; /* (A zero indicates the "openpgp-native" hack.) */
+ int keylen; /* Used key length in bytes. */
+ } algotable[] = {
+ { "openpgp-s2k3-sha1-aes-cbc", GCRY_CIPHER_AES128, (128/8)},
+ { "openpgp-s2k3-sha1-aes256-cbc", GCRY_CIPHER_AES256, (256/8)},
+ { "openpgp-native", 0, 0 }
+ };
int rc;
const unsigned char *s;
const unsigned char *protect_list;
@@ -869,6 +880,7 @@ agent_unprotect (ctrl_t ctrl,
const unsigned char *s2ksalt;
unsigned long s2kcount;
const unsigned char *iv;
+ int prot_cipher, prot_cipher_keylen;
const unsigned char *prot_begin;
unsigned char *cleartext;
unsigned char *final;
@@ -959,31 +971,40 @@ agent_unprotect (ctrl_t ctrl,
n = snext (&s);
if (!n)
return gpg_error (GPG_ERR_INV_SEXP);
- if (!smatch (&s, n, "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc"))
+
+ /* Lookup the protection algo. */
+ prot_cipher = 0; /* (avoid gcc warning) */
+ prot_cipher_keylen = 0; /* (avoid gcc warning) */
+ for (i= 0; i < DIM (algotable); i++)
+ if (smatch (&s, n, algotable[i].name))
+ {
+ prot_cipher = algotable[i].algo;
+ prot_cipher_keylen = algotable[i].keylen;
+ break;
+ }
+ if (i == DIM (algotable))
+ return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
+
+ if (!prot_cipher) /* This is "openpgp-native". */
{
- if (smatch (&s, n, "openpgp-native"))
- {
- gcry_sexp_t s_prot_begin;
+ gcry_sexp_t s_prot_begin;
- rc = gcry_sexp_sscan (&s_prot_begin, NULL,
- prot_begin,
- gcry_sexp_canon_len (prot_begin, 0,NULL,NULL));
- if (rc)
- return rc;
+ rc = gcry_sexp_sscan (&s_prot_begin, NULL,
+ prot_begin,
+ gcry_sexp_canon_len (prot_begin, 0,NULL,NULL));
+ if (rc)
+ return rc;
- rc = convert_from_openpgp_native (ctrl,
- s_prot_begin, passphrase, &final);
- gcry_sexp_release (s_prot_begin);
- if (!rc)
- {
- *result = final;
- *resultlen = gcry_sexp_canon_len (final, 0, NULL, NULL);
- }
- return rc;
+ rc = convert_from_openpgp_native (ctrl, s_prot_begin, passphrase, &final);
+ gcry_sexp_release (s_prot_begin);
+ if (!rc)
+ {
+ *result = final;
+ *resultlen = gcry_sexp_canon_len (final, 0, NULL, NULL);
}
- else
- return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
+ return rc;
}
+
if (*s != '(' || s[1] != '(')
return gpg_error (GPG_ERR_INV_SEXP);
s += 2;
@@ -1026,7 +1047,7 @@ agent_unprotect (ctrl_t ctrl,
s++; /* skip list end */
n = snext (&s);
- if (n != 16) /* Wrong blocksize for IV (we support only aes-128). */
+ if (n != 16) /* Wrong blocksize for IV (we support only 128 bit). */
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
iv = s;
s += n;
@@ -1040,7 +1061,7 @@ agent_unprotect (ctrl_t ctrl,
cleartext = NULL; /* Avoid cc warning. */
rc = do_decryption (s, n,
passphrase, s2ksalt, s2kcount,
- iv, 16,
+ iv, 16, prot_cipher, prot_cipher_keylen,
&cleartext);
if (rc)
return rc;
commit b6386367aca957c52586fbf52f11604451ba4fe7
Author: Werner Koch <wk at gnupg.org>
Date: Mon Sep 1 10:10:30 2014 +0200
speedo: Fix for non-Windows build of glib.
--
diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk
index 69af39c..f81a835 100644
--- a/build-aux/speedo.mk
+++ b/build-aux/speedo.mk
@@ -376,8 +376,9 @@ speedo_pkg_glib_configure = \
CCC=$(host)-g++ \
LIBFFI_CFLAGS=-I$(idir)/lib/libffi-$(libffi_ver)/include \
LIBFFI_LIBS=\"-L$(idir)/lib -lffi\"
+ifeq ($(TARGETOS),w32)
speedo_pkg_glib_extracflags = -march=i486
-
+endif
speedo_pkg_libpng_configure = \
CPPFLAGS=\"-I$(idir)/include -DPNG_BUILD_DLL\" \
-----------------------------------------------------------------------
Summary of changes:
agent/cvt-openpgp.c | 84 ++++++++++++++++++++++++++++++++++++++++-----------
agent/protect.c | 79 ++++++++++++++++++++++++++++++------------------
build-aux/speedo.mk | 3 +-
g10/export.c | 6 +++-
4 files changed, 123 insertions(+), 49 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list