nearly ready for 0.3.0

9 files changed, 99 insertions, 57 deletions

diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 35420646..92ca470d 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,6 +1,14 @@
+Thu Jun 25 11:18:25 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* Makefile.am: Support for extensions
+
+Thu Jun 18 12:09:38 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* random.c (mix_pool): simpler handling for level 0
+
 Mon Jun 15 14:40:48 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
-	* tiger.c: Removed from dis, will reappear as dynload module
+	* tiger.c: Removed from dist, will reappear as dynload module
 
 Sat Jun 13 14:16:57 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index d0c0202c..f01bb784 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -1,9 +1,15 @@
 ## Process this file with automake to produce Makefile.in
 
+gnupg_extensions = tiger
+
 INCLUDES =  -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
 
-EXTRA_DIST = tiger.c
 noinst_LIBRARIES = libcipher.a
+if ENABLE_GNUPG_EXTENSIONS
+pkglib_PROGRAMS  = $(gnupg_extensions)
+else
+pkglib_PROGRAMS  =
+endif
 
 
 libcipher_a_SOURCES = cipher.c	\
@@ -18,6 +24,7 @@ libcipher_a_SOURCES = cipher.c	\
 		 elgamal.c	\
 		 elgamal.h	\
 		 md5.c		\
+		 md5.h		\
 		 primegen.c	\
 		 random.h	\
 		 random.c	\
@@ -34,4 +41,16 @@ libcipher_a_SOURCES = cipher.c	\
 		 g10c.c 	\
 		 smallprime.c
 
+EXTRA_tiger_SOURCES = tiger.c
+
+tiger: tiger.c
+	$(COMPILE) -shared -fPIC -o tiger tiger.c
+
+install-exec-hook:
+	@list='$(pkglib_PROGRAMS)'; for p in $$list; do \
+	  if test -f $(pkglibdir)/$$p; then \
+	    echo "chmod 644 $(pkglibdir)/$$p"; \
+	    chmod 644 $(pkglibdir)/$$p; \
+	  fi; \
+	done
 
diff --git a/cipher/blowfish.c b/cipher/blowfish.c
index 65a408ef..3ed2ed85 100644
--- a/cipher/blowfish.c
+++ b/cipher/blowfish.c
@@ -55,7 +55,7 @@ typedef struct {
     u32 p[BLOWFISH_ROUNDS+2];
 } BLOWFISH_context;
 
-static void setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
+static void bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
 static void encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
 static void decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
 
@@ -461,7 +461,7 @@ selftest()
     byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 };
     byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 };
 
-    setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
+    bf_setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
     encrypt_block( &c, buffer, plain );
     if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) )
 	log_error("wrong blowfish encryption\n");
@@ -469,7 +469,7 @@ selftest()
     if( memcmp( buffer, plain, 8 ) )
 	log_bug("blowfish failed\n");
 
-    setkey( &c, key3, 8 );
+    bf_setkey( &c, key3, 8 );
     encrypt_block( &c, buffer, plain3 );
     if( memcmp( buffer, cipher3, 8 ) )
 	log_error("wrong blowfish encryption (3)\n");
@@ -481,7 +481,7 @@ selftest()
 
 
 static void
-setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
+bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
 {
     int i, j;
     u32 data, datal, datar;
@@ -563,7 +563,7 @@ blowfish_get_info( int algo, size_t *keylen,
     *keylen = algo == CIPHER_ALGO_BLOWFISH ? 128 : 160;
     *blocksize = BLOWFISH_BLOCKSIZE;
     *contextsize = sizeof(BLOWFISH_context);
-    *r_setkey = FNCCAST_SETKEY(setkey);
+    *r_setkey = FNCCAST_SETKEY(bf_setkey);
     *r_encrypt= FNCCAST_CRYPT(encrypt_block);
     *r_decrypt= FNCCAST_CRYPT(decrypt_block);
 
diff --git a/cipher/cast5.c b/cipher/cast5.c
index 0bd90f9d..6b2e5a96 100644
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@@ -57,7 +57,7 @@ typedef struct {
     byte Kr[16];
 } CAST5_context;
 
-static void setkey( CAST5_context *c, byte *key, unsigned keylen );
+static void cast_setkey( CAST5_context *c, byte *key, unsigned keylen );
 static void encrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
 static void decrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
 
@@ -465,7 +465,7 @@ selftest()
     byte cipher[8]= { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 };
     byte buffer[8];
 
-    setkey( &c, key, 16 );
+    cast_setkey( &c, key, 16 );
     encrypt_block( &c, buffer, plain );
     if( memcmp( buffer, cipher, 8 ) )
 	log_error("wrong cast5-128 encryption\n");
@@ -486,10 +486,10 @@ selftest()
 			0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E };
 
 	for(i=0; i < 1000000; i++ ) {
-	    setkey( &c, b0, 16 );
+	    cast_setkey( &c, b0, 16 );
 	    encrypt_block( &c, a0, a0 );
 	    encrypt_block( &c, a0+8, a0+8 );
-	    setkey( &c, a0, 16 );
+	    cast_setkey( &c, a0, 16 );
 	    encrypt_block( &c, b0, b0 );
 	    encrypt_block( &c, b0+8, b0+8 );
 	}
@@ -550,7 +550,7 @@ key_schedule( u32 *x, u32 *z, u32 *k )
 
 
 static void
-setkey( CAST5_context *c, byte *key, unsigned keylen )
+cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
 {
   static int initialized;
     int i;
@@ -602,7 +602,7 @@ cast5_get_info( int algo, size_t *keylen,
     *keylen = 128;
     *blocksize = CAST5_BLOCKSIZE;
     *contextsize = sizeof(CAST5_context);
-    *r_setkey = FNCCAST_SETKEY(setkey);
+    *r_setkey = FNCCAST_SETKEY(cast_setkey);
     *r_encrypt= FNCCAST_CRYPT(encrypt_block);
     *r_decrypt= FNCCAST_CRYPT(decrypt_block);
 
diff --git a/cipher/dsa.c b/cipher/dsa.c
index 19a59d90..46484c1e 100644
--- a/cipher/dsa.c
+++ b/cipher/dsa.c
@@ -150,7 +150,7 @@ generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors )
      * is the secret part. */
     if( DBG_CIPHER )
 	log_debug("choosing a random x ");
-    assert( qbits >= 16 );
+    assert( qbits >= 160 );
     x = mpi_alloc_secure( mpi_get_nlimbs(q) );
     mpi_sub_ui( h, q, 1 );  /* put q-1 into h */
     rndbuf = NULL;
diff --git a/cipher/dynload.c b/cipher/dynload.c
index 767372a7..e2273170 100644
--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@@ -34,6 +34,7 @@ typedef struct ext_list {
     void *handle; /* handle from dlopen() */
     int  failed;  /* already tried but failed */
     void * (*enumfunc)(int, int*, int*, int*);
+    char *hintstr; /* pointer into name */
     char name[1];
 } *EXTLIST;
 
@@ -48,12 +49,19 @@ typedef struct {
 
 /****************
  * Register an extension module.  The last registered module will
- * be loaded first.
+ * be loaded first.  A name may have a list of classes
+ * appended; e.g:
+ *	mymodule.so(1:17,3:20,3:109)
+ * means that this module provides digest algorithm 17 and public key
+ * algorithms 20 and 109.  This is only a hint but if it is there the
+ * loader may decide to only load a module which claims to have a
+ * requested algorithm.
  */
 void
 register_cipher_extension( const char *fname )
 {
     EXTLIST r, el;
+    char *p, *pe;
 
     if( *fname != '/' ) { /* do tilde expansion etc */
 	char *p ;
@@ -70,6 +78,14 @@ register_cipher_extension( const char *fname )
 	el = m_alloc_clear( sizeof *el + strlen(fname) );
 	strcpy(el->name, fname );
     }
+    /* check whether we have a class hint */
+    if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
+	*p = *pe = 0;
+	el->hintstr = p+1;
+    }
+    else
+	el->hintstr = NULL;
+
     /* check that it is not already registered */
     for(r = extensions; r; r = r->next )
 	if( !compare_filenames(r->name, el->name) ) {
@@ -77,8 +93,6 @@ register_cipher_extension( const char *fname )
 	    m_free(el);
 	    return;
 	}
-    if( DBG_CIPHER )
-	log_debug("extension '%s' registered\n", el->name );
     /* and register */
     el->next = extensions;
     extensions = el;
@@ -95,6 +109,7 @@ load_extension( EXTLIST el )
     int seq = 0;
     int class, vers;
 
+
     el->handle = dlopen(el->name, RTLD_NOW);
     if( !el->handle ) {
 	log_error("%s: error loading extension: %s\n", el->name, dlerror() );
@@ -107,7 +122,10 @@ load_extension( EXTLIST el )
     }
 
     if( g10_opt_verbose )
-	log_info("%s: version '%s'\n", el->name, *name );
+	log_info("%s: %s%s%s%s\n", el->name, *name,
+		  el->hintstr? " (":"",
+		  el->hintstr? el->hintstr:"",
+		  el->hintstr? ")":"");
 
     sym = dlsym(el->handle, "gnupgext_enum_func");
     if( (err=dlerror()) ) {
diff --git a/cipher/md.c b/cipher/md.c
index 3fd7581d..56f639cf 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -314,8 +314,9 @@ md_final(MD_HANDLE a)
     if( a->bufcount )
 	md_write( a, NULL, 0 );
 
-    for(r=a->list; r; r = r->next )
+    for(r=a->list; r; r = r->next ) {
 	(*r->final)( &r->context );
+    }
 }
 
 
diff --git a/cipher/rand-unix.c b/cipher/rand-unix.c
index 93afba13..855b23b8 100644
--- a/cipher/rand-unix.c
+++ b/cipher/rand-unix.c
@@ -129,23 +129,11 @@ read_random_source( byte *buffer, size_t length, int level )
 	    fd_random = open_device( "/dev/random", 8 );
 	fd = fd_random;
     }
-    else if( level == 1 ) {
-	if( fd_urandom == -1 )
-	    fd_urandom = open_device( "/dev/urandom", 9 );
-	fd = fd_urandom;
-    }
     else {
-	/* This is level 0, which only yields simple random bytes.
-	 * We do not use /dev/urandom as this would remove entropy
-	 * from the kernel entropy pool */
-       /* FIXME !!!! */
-
 	if( fd_urandom == -1 )
 	    fd_urandom = open_device( "/dev/urandom", 9 );
 	fd = fd_urandom;
     }
-
-
     do {
 	fd_set rfds;
 	struct timeval tv;
diff --git a/cipher/random.c b/cipher/random.c
index ea6b9080..f44e4c3a 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -211,10 +211,6 @@ read_pool( byte *buffer, size_t length, int level )
 
     if( length >= POOLSIZE )
 	BUG(); /* not allowed */
-    if( !level ) { /* read simple random bytes */
-	read_random_source( buffer, length, level );
-	return;
-    }
 
     /* for level 2 make sure that there is enough random in the pool */
     if( level == 2 && pool_balance < length ) {
@@ -236,33 +232,45 @@ read_pool( byte *buffer, size_t length, int level )
     /* make sure the pool is filled */
     while( !pool_filled )
 	random_poll();
+
     /* do always a fast random poll */
     fast_random_poll();
 
-    /* mix the pool (if add_randomness() didn't it) */
-    if( !just_mixed )
+    if( !level ) { /* no need for cryptographic strong random */
+	/* create a new pool */
+	for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
+				    i < POOLWORDS; i++, dp++, sp++ )
+	    *dp = *sp + ADD_VALUE;
+	/* must mix both pools */
 	mix_pool(rndpool);
-
-    /* create a new pool */
-    for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
-				i < POOLWORDS; i++, dp++, sp++ )
-	*dp = *sp + ADD_VALUE;
-    /* and mix both pools */
-    mix_pool(rndpool);
-    mix_pool(keypool);
-    /* read the required data
-     * we use a readpoiter to read from a different postion each
-     * time */
-    while( length-- ) {
-	*buffer++ = keypool[pool_readpos++];
-	if( pool_readpos >= POOLSIZE )
-	    pool_readpos = 0;
-	pool_balance--;
+	mix_pool(keypool);
+	memcpy( buffer, keypool, length );
+    }
+    else {
+	/* mix the pool (if add_randomness() didn't it) */
+	if( !just_mixed )
+	    mix_pool(rndpool);
+	/* create a new pool */
+	for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
+				    i < POOLWORDS; i++, dp++, sp++ )
+	    *dp = *sp + ADD_VALUE;
+	/* and mix both pools */
+	mix_pool(rndpool);
+	mix_pool(keypool);
+	/* read the required data
+	 * we use a readpoiter to read from a different postion each
+	 * time */
+	while( length-- ) {
+	    *buffer++ = keypool[pool_readpos++];
+	    if( pool_readpos >= POOLSIZE )
+		pool_readpos = 0;
+	    pool_balance--;
+	}
+	if( pool_balance < 0 )
+	    pool_balance = 0;
+	/* and clear the keypool */
+	memset( keypool, 0, POOLSIZE );
     }
-    if( pool_balance < 0 )
-	pool_balance = 0;
-    /* and clear the keypool */
-    memset( keypool, 0, POOLSIZE );
 }