[git] GnuPG - branch, master, updated. gnupg-2.1.2-37-gab17f7b
by Werner Koch
cvs at cvs.gnupg.org
Mon Mar 16 20:18:22 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via ab17f7b6c392782718f57eaea94fc18a0ff49389 (commit)
via bcc8250bc5b9a357c6d1444f03e334edec573ede (commit)
via 8bc1debfefb7cd4b0be724317793d59dea37d677 (commit)
from 1a9f13bc663daa75c5009f6a0bf7d7483f12cce0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ab17f7b6c392782718f57eaea94fc18a0ff49389
Author: Werner Koch <wk at gnupg.org>
Date: Mon Mar 16 20:14:58 2015 +0100
gpg: Create all MPIs with RFC-4880 correct length headers.
* g10/build-packet.c (gpg_mpi_write): Strip leading zeroes.
--
This used not to work with opaque MPI as returned by Libgcrypt from
ECC operations. This patch fixes this.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/build-packet.c b/g10/build-packet.c
index e984e3e..269c63c 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -164,10 +164,28 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a)
if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
{
unsigned int nbits;
- const void *p;
+ const unsigned char *p;
unsigned char lenhdr[2];
+ /* gcry_log_debugmpi ("a", a); */
p = gcry_mpi_get_opaque (a, &nbits);
+ if (p)
+ {
+ /* Strip leading zero bits. */
+ for (; nbits >= 8 && !*p; p++, nbits -= 8)
+ ;
+ if (nbits >= 8 && !(*p & 0x80))
+ if (--nbits >= 7 && !(*p & 0x40))
+ if (--nbits >= 6 && !(*p & 0x20))
+ if (--nbits >= 5 && !(*p & 0x10))
+ if (--nbits >= 4 && !(*p & 0x08))
+ if (--nbits >= 3 && !(*p & 0x04))
+ if (--nbits >= 2 && !(*p & 0x02))
+ if (--nbits >= 1 && !(*p & 0x01))
+ --nbits;
+ }
+ /* gcry_log_debug (" [%u bit]\n", nbits); */
+ /* gcry_log_debughex (" ", p, (nbits+7)/8); */
lenhdr[0] = nbits >> 8;
lenhdr[1] = nbits;
rc = iobuf_write (out, lenhdr, 2);
commit bcc8250bc5b9a357c6d1444f03e334edec573ede
Author: Werner Koch <wk at gnupg.org>
Date: Mon Mar 16 19:57:11 2015 +0100
gpg: Allow printing of MPI values in --list-mode.
* g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode.
* g10/misc.c (mpi_print): Do not print an extra leading zero.
--
This was in older versions possible using "--debug 4" but that was
disabled in 2.1 due to a conflict using this values also for
Libgcrypt. Now the values are dumped either with --debug 4 or using
--list-packets along with --verbose.
Because OpenPGP only uses unsigned integers an extra leading zero will
not be printed anymore.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 11d8919..741271e 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -333,8 +333,9 @@ listed too.
@item --list-packets
@opindex list-packets
-List only the sequence of packets. This is mainly
-useful for debugging.
+List only the sequence of packets. This is mainly useful for
+debugging. When used with option @option{--verbose} the actual MPI
+values are dumped and not only their lengths.
@item --card-edit
diff --git a/g10/misc.c b/g10/misc.c
index 4cff2dc..654908d 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1636,7 +1636,8 @@ pubkey_nbits( int algo, gcry_mpi_t *key )
int
mpi_print (estream_t fp, gcry_mpi_t a, int mode)
{
- int n=0;
+ int n = 0;
+ size_t nwritten;
if (!a)
return es_fprintf (fp, "[MPI_NULL]");
@@ -1654,19 +1655,19 @@ mpi_print (estream_t fp, gcry_mpi_t a, int mode)
n += es_fprintf (fp, "[invalid opaque value]");
else
{
- nbits = (nbits + 7)/8;
- for (; nbits; nbits--, p++)
- n += es_fprintf (fp, "%02X", *p);
+ if (!es_write_hexstring (fp, p, (nbits + 7)/8, 0, &nwritten))
+ n += nwritten;
}
}
else
{
unsigned char *buffer;
+ size_t buflen;
- if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a))
+ if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &buflen, a))
BUG ();
- es_fputs (buffer, fp);
- n += strlen (buffer);
+ if (!es_write_hexstring (fp, buffer, buflen, 0, &nwritten))
+ n += nwritten;
gcry_free (buffer);
}
return n;
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 6232086..d6a6d10 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -112,7 +112,7 @@ read_32 (IOBUF inp)
/* Read an external representation of an mpi and return the MPI. The
* external format is a 16 bit unsigned value stored in network byte
* order, giving the number of bits for the following integer. The
- * integer is stored with MSB first (left padded with zeroes to align
+ * integer is stored with MSB first (left padded with zero bits to align
* on a byte boundary). */
static gcry_mpi_t
mpi_read (iobuf_t inp, unsigned int *ret_nread, int secure)
@@ -177,24 +177,38 @@ set_packet_list_mode (int mode)
{
int old = list_mode;
list_mode = mode;
- /* FIXME(gcrypt) mpi_print_mode = DBG_MPI; */
- /* We use stdout print only if invoked by the --list-packets command
+
+ /* We use stdout only if invoked by the --list-packets command
but switch to stderr in all other cases. This breaks the
previous behaviour but that seems to be more of a bug than
intentional. I don't believe that any application makes use of
this long standing annoying way of printing to stdout except when
doing a --list-packets. If this assumption fails, it will be easy
to add an option for the listing stream. Note that we initialize
- it only once; mainly because some code may switch the option
- value later back to 1 and we want to have all output to the same
- stream.
+ it only once; mainly because there is code which switches
+ opt.list_mode back to 1 and we want to have all output to the
+ same stream. The MPI_PRINT_MODE will be enabled if the
+ corresponding debug flag is set or if we are in --list-packets
+ and --verbose is given.
Using stderr is not actually very clean because it bypasses the
logging code but it is a special thing anyway. I am not sure
whether using log_stream() would be better. Perhaps we should
- enable the list mdoe only with a special option. */
+ enable the list mode only with a special option. */
if (!listfp)
- listfp = opt.list_packets == 2 ? es_stdout : es_stderr;
+ {
+ if (opt.list_packets == 2)
+ {
+ listfp = es_stdout;
+ if (opt.verbose)
+ mpi_print_mode = 1;
+ }
+ else
+ listfp = es_stderr;
+
+ if (opt.debug && DBG_MPI_VALUE)
+ mpi_print_mode = 1;
+ }
return old;
}
commit 8bc1debfefb7cd4b0be724317793d59dea37d677
Author: Werner Koch <wk at gnupg.org>
Date: Mon Mar 16 19:51:06 2015 +0100
gpg: Fix broken write of opaque MPI length header.
* g10/build-packet.c (gpg_mpi_write): Use a char array for the length.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 557dffe..e984e3e 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -165,7 +165,7 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a)
{
unsigned int nbits;
const void *p;
- unsigned int lenhdr[2];
+ unsigned char lenhdr[2];
p = gcry_mpi_get_opaque (a, &nbits);
lenhdr[0] = nbits >> 8;
-----------------------------------------------------------------------
Summary of changes:
doc/gpg.texi | 5 +++--
g10/build-packet.c | 22 ++++++++++++++++++++--
g10/misc.c | 15 ++++++++-------
g10/parse-packet.c | 30 ++++++++++++++++++++++--------
4 files changed, 53 insertions(+), 19 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list