diff options
58 files changed, 685 insertions, 274 deletions
@@ -1,7 +1,13 @@ 2007-02-20 Werner Koch <wk@g10code.com> - * configure.ac: New option --disable-endian-check. + * configure.ac: Bump LT version to C14/A3/R0 in preparation for a + release. + * autogen.sh: Add option --force. + * configure.ac: New option --disable-endian-check. Use a real + noexecstack test instead of requiring an option. Add SVN version + magic. + 2007-02-02 Werner Koch <wk@g10code.com> * configure.ac (FALLBACK_SOCKLEN_T): Special case for mingw32. diff --git a/Makefile.am b/Makefile.am index 70fd2caf..c0e0042a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -20,7 +20,7 @@ ACLOCAL_AMFLAGS = -I m4 AUTOMAKE_OPTIONS = dist-bzip2 -DIST_SUBDIRS = mpi cipher src doc tests w32-dll +DIST_SUBDIRS = m4 mpi cipher src doc tests w32-dll SUBDIRS = mpi cipher src doc tests EXTRA_DIST = BUGS autogen.sh README.apichanges README.SVN DISTCLEANFILES = @@ -14,12 +14,17 @@ Noteworthy changes in version 1.3.0 (unreleased) * Support for the SEED cipher. + * Support for OFB encryption mode. + * gcry_mpi_rshift does not anymore truncate the shift count. * Reserved algorithm ranges for use by applications. * Support for DSA2. + * The new function gcry_md_debug should be used instead of the + gcry_md_start_debug and gcry_md_stop_debug macros. + * Interface changes relative to the 1.2.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_fast_random_poll NEW @@ -32,6 +37,13 @@ Noteworthy changes in version 1.3.0 (unreleased) GCRY_PK_USAGE_UNKN NEW gcry_mpi_scan CHANGED: Argument BUFFER is now void*. GCR_CIPHER_SEED NEW + gcry_pk_spec_t CHANGED (minor change, bug fix) + gcry_md_write_t CHANGED (minor change, bug fix) + gcry_md_debug NEW + gcry_cipher_encrypt CHANGED (minor change) + gcry_cipher_decrypt CHANGED (minor change) + gcry_randomize CHANGED (minor change) + gcry_cipher_register CHANGED (minor change) FIXME: Please add API changes immediatley so that we don't forget about them. @@ -6,7 +6,7 @@ version is 1.2.x. - Copyright 2000, 2002, 2003, 2004 Free Software Foundation, Inc. + Copyright 2000, 2002, 2003, 2004, 2007 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -30,6 +30,11 @@ check_version () { DIE=no +FORCE= +if test "$1" == "--force"; then + FORCE=" --force" + shift +fi # ***** W32 build script ******* # Used to cross-compile for Windows. @@ -189,7 +194,8 @@ echo "Running autoheader..." $AUTOHEADER echo "Running automake --gnu ..." $AUTOMAKE --gnu; -echo "Running autoconf..." -$AUTOCONF +echo "Running autoconf${FORCE} ..." +$AUTOCONF${FORCE} echo "You may now run \"./configure --enable-maintainer-mode && make\"." +echo "(gcc users may want to add the option \"--enable-gcc-warnings\")" diff --git a/cipher/ChangeLog b/cipher/ChangeLog index cbd78ce2..8bb2585c 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,45 @@ +2007-02-21 Werner Koch <wk@g10code.com> + + * random.c (rndpool, keypool): Make unsigned. + (mix_pool): Change char* variables to unsigned char*. + (gcry_randomize): Make arg BUFFER a void*. + (gcry_create_nonce): Ditto. + + * rmd160.c (gcry_rmd160_mixblock): Make BUFFER a void*. + (_gcry_rmd160_hash_buffer): Make OUTBUF and BUFFER void*. + * sha1.c (_gcry_sha1_hash_buffer): Ditto. + + * cipher.c (gcry_cipher_encrypt, cry_cipher_decrypt): Change + buffer args to void*. + (gcry_cipher_register): Make ALGORITHM_ID a int *. + + * md.c (md_start_debug): Make SUFFIX a const char*. Use snprintf. + (gcry_md_debug): New. + (gcry_md_ctl): Changed arg BUFFER from unsigned char*. + + * md.c (md_write): Make INBUF a const void*. + (gcry_md_write): Remove needless cast. + * crc.c (crc32_write): Make INBUF a const void* + (update_crc32, crc24rfc2440_write): Ditto. + * sha512.c (sha512_write, transform): Ditto. + * sha256.c (sha256_write, transform): Ditto. + * rmd160.c (rmd160_write, transform): Ditto. + * md5.c (md5_write, transform): Ditto. + * md4.c (md4_write, transform): Ditto. + * sha1.c (sha1_write, transform): Ditto. + + * tiger.c (tiger_write, transform): Ditto. + * whirlpool.c (whirlpool_write, whirlpool_add, transform): Ditto. + + * elgamal.c (elg_names): Change to a const*. + * dsa.c (dsa_names): Ditto. + * rsa.c (rsa_names): Ditto. + * pubkey.c (gcry_pk_lookup_func_name): Make ALIASES a const. + +2007-02-20 Werner Koch <wk@g10code.com> + + * rndlinux.c (open_device): Remove unsused arg MINOR. + 2007-01-30 Werner Koch <wk@g10code.com> * sha256.c (oid_spec_sha256): Add alias from pkcs#1. diff --git a/cipher/ac.c b/cipher/ac.c index f845addb..4eef0eae 100644 --- a/cipher/ac.c +++ b/cipher/ac.c @@ -71,7 +71,7 @@ struct gcry_ac_key_generate_spec } ac_key_generate_specs[] = { { GCRY_AC_RSA, "rsa-use-e", offsetof (gcry_ac_key_spec_rsa_t, e) }, - { 0 }, + { 0 } }; /* Handle structure. */ @@ -1373,10 +1373,12 @@ ac_data_construct (const char *identifier, int include_flags, /* Fill list with MPIs. */ for (i = 0; i < data_length; i++) { - /* FIXME!! */ - arg_list[(i * 2) + 0] = (data->data[i].name - ? (void **) &data->data[i].name - : (void **) &data->data[i].name_provided); + /* FIXME!! name_provided is a const char* whereas name is char. */ + char **nameaddr = (data->data[i].name + ? &data->data[i].name + : &data->data[i].name_provided); + + arg_list[(i * 2) + 0] = nameaddr; arg_list[(i * 2) + 1] = &data->data[i].mpi; } @@ -1552,6 +1554,8 @@ _gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle, gcry_ac_key_t key_new; gcry_error_t err; + (void)handle; + /* Allocate. */ key_new = gcry_malloc (sizeof (*key_new)); if (! key_new) @@ -1617,6 +1621,8 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits, unsigned int i; unsigned int j; + (void)misc_data; + key_data_secret = NULL; key_data_public = NULL; key_secret = NULL; @@ -2415,6 +2421,8 @@ eme_pkcs_v1_5_encode (unsigned int flags, void *opts, unsigned int ps_n; unsigned int k; + (void)flags; + options = opts; buffer = NULL; m = NULL; @@ -2487,6 +2495,8 @@ eme_pkcs_v1_5_decode (unsigned int flags, void *opts, unsigned int i; unsigned int k; + (void)flags; + options = opts; buffer = NULL; em = NULL; @@ -2567,6 +2577,8 @@ emsa_pkcs_v1_5_encode (unsigned int flags, void *opts, unsigned char asn[100]; /* FIXME, always enough? */ size_t asn_n; unsigned int i; + + (void)flags; options = opts; buffer = NULL; @@ -2948,6 +2960,8 @@ ac_es_dencode_prepare_pkcs_v1_5 (gcry_ac_handle_t handle, gcry_ac_key_t key, unsigned int nbits; gcry_error_t err; + (void)opts; + err = _gcry_ac_key_get_nbits (handle, key, &nbits); if (err) goto out; @@ -3112,6 +3126,8 @@ _gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle, void *opts_em; ac_scheme_t *scheme; + (void)flags; + data_encrypted = NULL; mpi_encrypted = NULL; mpi_plain = NULL; @@ -3217,6 +3233,8 @@ _gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle, unsigned char *c; size_t c_n; + (void)flags; + data_encrypted = NULL; mpi_encrypted = NULL; mpi_decrypted = NULL; @@ -3341,6 +3359,8 @@ _gcry_ac_data_sign_scheme (gcry_ac_handle_t handle, gcry_mpi_t mpi_signed; ac_scheme_t *scheme; + (void)flags; + data_signed = NULL; mpi_signed = NULL; opts_em = NULL; @@ -3448,6 +3468,8 @@ _gcry_ac_data_verify_scheme (gcry_ac_handle_t handle, unsigned char *s; size_t s_n; + (void)flags; + mpi_signature = NULL; elements_sig = NULL; data_signed = NULL; diff --git a/cipher/blowfish.c b/cipher/blowfish.c index 2f76ba95..6ef68e37 100644 --- a/cipher/blowfish.c +++ b/cipher/blowfish.c @@ -601,5 +601,5 @@ gcry_cipher_spec_t _gcry_cipher_spec_blowfish = { "BLOWFISH", NULL, NULL, BLOWFISH_BLOCKSIZE, 128, sizeof (BLOWFISH_context), - bf_setkey, encrypt_block, decrypt_block, + bf_setkey, encrypt_block, decrypt_block }; diff --git a/cipher/cast5.c b/cipher/cast5.c index 866d2b4c..333d55e9 100644 --- a/cipher/cast5.c +++ b/cipher/cast5.c @@ -616,5 +616,5 @@ cast_setkey (void *context, const byte *key, unsigned keylen ) gcry_cipher_spec_t _gcry_cipher_spec_cast5 = { "CAST5", NULL, NULL, CAST5_BLOCKSIZE, 128, sizeof (CAST5_context), - cast_setkey, encrypt_block, decrypt_block, + cast_setkey, encrypt_block, decrypt_block }; diff --git a/cipher/cipher.c b/cipher/cipher.c index 726a4147..9b17592c 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -75,7 +75,7 @@ static struct cipher_table_entry #ifdef USE_SEED { &_gcry_cipher_spec_seed, GCRY_CIPHER_SEED }, #endif - { NULL }, + { NULL } }; /* List of registered ciphers. */ @@ -123,8 +123,11 @@ struct gcry_cipher_handle refuses to provide it's own functions. */ static gcry_err_code_t -dummy_setkey (void *c, const unsigned char *key, unsigned keylen) +dummy_setkey (void *c, const unsigned char *key, unsigned int keylen) { + (void)c; + (void)key; + (void)keylen; return GPG_ERR_NO_ERROR; } @@ -132,6 +135,9 @@ static void dummy_encrypt_block (void *c, unsigned char *outbuf, const unsigned char *inbuf) { + (void)c; + (void)outbuf; + (void)inbuf; BUG(); } @@ -139,6 +145,9 @@ static void dummy_decrypt_block (void *c, unsigned char *outbuf, const unsigned char *inbuf) { + (void)c; + (void)outbuf; + (void)inbuf; BUG(); } @@ -147,6 +156,10 @@ dummy_encrypt_stream (void *c, unsigned char *outbuf, const unsigned char *inbuf, unsigned int n) { + (void)c; + (void)outbuf; + (void)inbuf; + (void)n; BUG(); } @@ -155,6 +168,10 @@ dummy_decrypt_stream (void *c, unsigned char *outbuf, const unsigned char *inbuf, unsigned int n) { + (void)c; + (void)outbuf; + (void)inbuf; + (void)n; BUG(); } @@ -253,7 +270,7 @@ gcry_cipher_lookup_oid (const char *oid) and a pointer representhing this module is stored in MODULE. */ gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher, - unsigned int *algorithm_id, + int *algorithm_id, gcry_module_t *module) { gcry_err_code_t err = 0; @@ -1172,15 +1189,15 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, * been requested. */ gcry_error_t -gcry_cipher_encrypt (gcry_cipher_hd_t h, byte *out, size_t outsize, - const byte *in, size_t inlen) +gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize, + const void *in, size_t inlen) { gcry_err_code_t err; if (!in) /* Caller requested in-place encryption. */ - /* Actullay cipher_encrypt() does not need to know about it, but - * we may change this to get better performance. */ + /* Actually cipher_encrypt() does not need to know about it, but + * we may change it in the future to get better performance. */ err = cipher_encrypt (h, out, out, outsize); else if (outsize < ((h->flags & GCRY_CIPHER_CBC_MAC) ? h->cipher->blocksize : inlen)) @@ -1257,15 +1274,15 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf, gcry_error_t -gcry_cipher_decrypt (gcry_cipher_hd_t h, byte *out, size_t outsize, - const byte *in, size_t inlen) +gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize, + const void *in, size_t inlen) { - gcry_err_code_t err = GPG_ERR_NO_ERROR; + gcry_err_code_t err = 0; - if (! in) + if (!in) /* Caller requested in-place encryption. */ - /* Actullay cipher_encrypt() does not need to know about it, but - * we may chnage this to get better performance. */ + /* Actually cipher_encrypt() does not need to know about it, but + * we may change it in the future to get better performance. */ err = cipher_decrypt (h, out, out, outsize); else if (outsize < inlen) err = GPG_ERR_TOO_SHORT; @@ -1368,6 +1385,10 @@ gcry_cipher_info( gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes) { gcry_err_code_t err = GPG_ERR_NO_ERROR; + (void)h; + (void)buffer; + (void)nbytes; + switch (cmd) { default: diff --git a/cipher/crc.c b/cipher/crc.c index 098237c0..d04fff89 100644 --- a/cipher/crc.c +++ b/cipher/crc.c @@ -129,8 +129,9 @@ static u32 crc32_table[256] = { * */ static u32 -update_crc32 (u32 crc, char *buf, size_t len) +update_crc32 (u32 crc, const void *buf_arg, size_t len) { + const char *buf = buf_arg; size_t n; for (n = 0; n < len; n++) @@ -156,7 +157,7 @@ crc32_init (void *context) } static void -crc32_write (void *context, byte * inbuf, size_t inlen) +crc32_write (void *context, const void *inbuf, size_t inlen) { CRC_CONTEXT *ctx = (CRC_CONTEXT *) context; if (!inbuf) @@ -244,8 +245,9 @@ crc24rfc2440_init (void *context) } static void -crc24rfc2440_write (void *context, byte * inbuf, size_t inlen) +crc24rfc2440_write (void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; int i; CRC_CONTEXT *ctx = (CRC_CONTEXT *) context; diff --git a/cipher/dsa.c b/cipher/dsa.c index 4d477c64..45b638ca 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -398,6 +398,9 @@ _gcry_dsa_generate (int algo, unsigned int nbits, unsigned long dummy, gpg_err_code_t err; DSA_secret_key sk; + (void)algo; + (void)dummy; + err = generate (&sk, nbits, 0, retfactors); if (!err) { @@ -425,6 +428,9 @@ _gcry_dsa_generate2 (int algo, unsigned int nbits, unsigned int qbits, gpg_err_code_t err; DSA_secret_key sk; + (void)algo; + (void)dummy; + err = generate (&sk, nbits, qbits, retfactors); if (!err) { @@ -445,6 +451,8 @@ _gcry_dsa_check_secret_key (int algo, gcry_mpi_t *skey) gcry_err_code_t err = GPG_ERR_NO_ERROR; DSA_secret_key sk; + (void)algo; + if ((! skey[0]) || (! skey[1]) || (! skey[2]) || (! skey[3]) || (! skey[4])) err = GPG_ERR_BAD_MPI; else @@ -468,6 +476,8 @@ _gcry_dsa_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey) gcry_err_code_t err = GPG_ERR_NO_ERROR; DSA_secret_key sk; + (void)algo; + if ((! data) || (! skey[0]) || (! skey[1]) || (! skey[2]) || (! skey[3]) || (! skey[4])) @@ -493,6 +503,10 @@ _gcry_dsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, gcry_err_code_t err = GPG_ERR_NO_ERROR; DSA_public_key pk; + (void)algo; + (void)cmp; + (void)opaquev; + if ((! data[0]) || (! data[1]) || (! hash) || (! pkey[0]) || (! pkey[1]) || (! pkey[2]) || (! pkey[3])) err = GPG_ERR_BAD_MPI; @@ -512,10 +526,12 @@ _gcry_dsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, unsigned int _gcry_dsa_get_nbits (int algo, gcry_mpi_t *pkey) { + (void)algo; + return mpi_get_nbits (pkey[0]); } -static char *dsa_names[] = +static const char *dsa_names[] = { "dsa", "openpgp-dsa", diff --git a/cipher/elgamal.c b/cipher/elgamal.c index e62b1e51..066ffb61 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -528,6 +528,9 @@ _gcry_elg_generate (int algo, unsigned nbits, unsigned long dummy, { ELG_secret_key sk; + (void)algo; + (void)dummy; + generate (&sk, nbits, retfactors); skey[0] = sk.p; skey[1] = sk.g; @@ -544,6 +547,8 @@ _gcry_elg_check_secret_key (int algo, gcry_mpi_t *skey) gcry_err_code_t err = GPG_ERR_NO_ERROR; ELG_secret_key sk; + (void)algo; + if ((! skey[0]) || (! skey[1]) || (! skey[2]) || (! skey[3])) err = GPG_ERR_BAD_MPI; else @@ -568,6 +573,9 @@ _gcry_elg_encrypt (int algo, gcry_mpi_t *resarr, gcry_err_code_t err = GPG_ERR_NO_ERROR; ELG_public_key pk; + (void)algo; + (void)flags; + if ((! data) || (! pkey[0]) || (! pkey[1]) || (! pkey[2])) err = GPG_ERR_BAD_MPI; else @@ -590,6 +598,9 @@ _gcry_elg_decrypt (int algo, gcry_mpi_t *result, gcry_err_code_t err = GPG_ERR_NO_ERROR; ELG_secret_key sk; + (void)algo; + (void)flags; + if ((! data[0]) || (! data[1]) || (! skey[0]) || (! skey[1]) || (! skey[2]) || (! skey[3])) err = GPG_ERR_BAD_MPI; @@ -612,6 +623,8 @@ _gcry_elg_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey) gcry_err_code_t err = GPG_ERR_NO_ERROR; ELG_secret_key sk; + (void)algo; + if ((! data) || (! skey[0]) || (! skey[1]) || (! skey[2]) || (! skey[3])) err = GPG_ERR_BAD_MPI; @@ -636,6 +649,10 @@ _gcry_elg_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, gcry_err_code_t err = GPG_ERR_NO_ERROR; ELG_public_key pk; + (void)algo; + (void)cmp; + (void)opaquev; + if ((! data[0]) || (! data[1]) || (! hash) || (! pkey[0]) || (! pkey[1]) || (! pkey[2])) err = GPG_ERR_BAD_MPI; @@ -655,10 +672,12 @@ _gcry_elg_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, unsigned int _gcry_elg_get_nbits (int algo, gcry_mpi_t *pkey) { + (void)algo; + return mpi_get_nbits (pkey[0]); } -static char *elg_names[] = +static const char *elg_names[] = { "elg", "openpgp-elg", diff --git a/cipher/md.c b/cipher/md.c index 176c881c..706d2744 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -130,14 +130,14 @@ static gcry_err_code_t md_open (gcry_md_hd_t *h, int algo, static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo); static gcry_err_code_t md_copy (gcry_md_hd_t a, gcry_md_hd_t *b); static void md_close (gcry_md_hd_t a); -static void md_write (gcry_md_hd_t a, byte *inbuf, size_t inlen); +static void md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen); static void md_final(gcry_md_hd_t a); static byte *md_read( gcry_md_hd_t a, int algo ); static int md_get_algo( gcry_md_hd_t a ); static int md_digest_length( int algo ); static const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen ); -static void md_start_debug( gcry_md_hd_t a, char *suffix ); -static void md_stop_debug( gcry_md_hd_t a ); +static void md_start_debug ( gcry_md_hd_t a, const char *suffix ); +static void md_stop_debug ( gcry_md_hd_t a ); @@ -717,7 +717,7 @@ gcry_md_close (gcry_md_hd_t hd) } static void -md_write (gcry_md_hd_t a, byte *inbuf, size_t inlen) +md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen) { GcryDigestEntry *r; @@ -741,7 +741,7 @@ md_write (gcry_md_hd_t a, byte *inbuf, size_t inlen) void gcry_md_write (gcry_md_hd_t hd, const void *inbuf, size_t inlen) { - md_write (hd, (unsigned char *) inbuf, inlen); + md_write (hd, inbuf, inlen); } static void @@ -818,7 +818,7 @@ prepare_macpads( gcry_md_hd_t hd, const byte *key, size_t keylen) } gcry_error_t -gcry_md_ctl (gcry_md_hd_t hd, int cmd, byte *buffer, size_t buflen) +gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen) { gcry_err_code_t rc = 0; @@ -831,10 +831,10 @@ gcry_md_ctl (gcry_md_hd_t hd, int cmd, byte *buffer, size_t buflen) rc = gcry_err_code (gcry_md_setkey (hd, buffer, buflen)); break; case GCRYCTL_START_DUMP: - md_start_debug (hd, (char*)buffer); + md_start_debug (hd, buffer); break; case GCRYCTL_STOP_DUMP: - md_stop_debug( hd ); + md_stop_debug ( hd ); break; default: rc = GPG_ERR_INV_OP; @@ -859,6 +859,19 @@ gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen) return gcry_error (rc); } +/* The new debug interface. If SUFFIX is a string it creates an debug + file for the context HD. IF suffix is NULL, the file is closed and + debugging is stopped. */ +void +gcry_md_debug (gcry_md_hd_t hd, const char *suffix) +{ + if (suffix) + md_start_debug (hd, suffix); + else + md_stop_debug (hd); +} + + /**************** * if ALGO is null get the digest for the used algo (which should be only one) @@ -954,6 +967,11 @@ md_digest( gcry_md_hd_t a, int algo, byte *buffer, int buflen ) gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, byte *buffer, int buflen) { + (void)hd; + (void)algo; + (void)buffer; + (void)buflen; + /*md_digest ... */ return GPG_ERR_INTERNAL; } @@ -1136,31 +1154,34 @@ gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes) static void -md_start_debug( gcry_md_hd_t md, char *suffix ) +md_start_debug ( gcry_md_hd_t md, const char *suffix ) { static int idx=0; char buf[50]; - - if( md->ctx->debug ) { - log_debug("Oops: md debug already started\n"); - return; - } + + if ( md->ctx->debug ) + { + log_debug("Oops: md debug already started\n"); + return; + } idx++; - sprintf(buf, "dbgmd-%05d.%.10s", idx, suffix ); + snprintf (buf, DIM(buf)-1, "dbgmd-%05d.%.10s", idx, suffix ); md->ctx->debug = fopen(buf, "w"); - if( !md->ctx->debug ) + if ( !md->ctx->debug ) log_debug("md debug: can't open %s\n", buf ); } static void md_stop_debug( gcry_md_hd_t md ) { - if( md->ctx->debug ) { - if( md->bufpos ) - md_write( md, NULL, 0 ); - fclose(md->ctx->debug); - md->ctx->debug = NULL; - } + if ( md->ctx->debug ) + { + if ( md->bufpos ) + md_write ( md, NULL, 0 ); + fclose (md->ctx->debug); + md->ctx->debug = NULL; + } + #ifdef HAVE_U64_TYPEDEF { /* a kludge to pull in the __muldi3 for Solaris */ volatile u32 a = (u32)(ulong)md; diff --git a/cipher/md4.c b/cipher/md4.c index 59953be4..680cf87f 100644 --- a/cipher/md4.c +++ b/cipher/md4.c @@ -90,7 +90,7 @@ md4_init( void *context ) * transform 64 bytes */ static void -transform( MD4_CONTEXT *ctx, byte *data ) +transform ( MD4_CONTEXT *ctx, const unsigned char *data ) { u32 in[16]; register u32 A = ctx->A; @@ -192,8 +192,9 @@ transform( MD4_CONTEXT *ctx, byte *data ) * in the message whose digest is being computed. */ static void -md4_write( void *context, byte *inbuf, size_t inlen) +md4_write ( void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; MD4_CONTEXT *hd = context; if( hd->count == 64 ) /* flush the buffer */ diff --git a/cipher/md5.c b/cipher/md5.c index c79bc167..899dce89 100644 --- a/cipher/md5.c +++ b/cipher/md5.c @@ -80,7 +80,7 @@ md5_init( void *context ) * transform n*64 bytes */ static void -transform( MD5_CONTEXT *ctx, byte *data ) +transform ( MD5_CONTEXT *ctx, const unsigned char *data ) { u32 correct_words[16]; register u32 A = ctx->A; @@ -217,8 +217,9 @@ transform( MD5_CONTEXT *ctx, byte *data ) * in the message whose digest is being computed. */ static void -md5_write( void *context, byte *inbuf, size_t inlen) +md5_write( void *context, const void *inbuf_arg , size_t inlen) { + const unsigned char *inbuf = inbuf_arg; MD5_CONTEXT *hd = context; if( hd->count == 64 ) /* flush the buffer */ diff --git a/cipher/primegen.c b/cipher/primegen.c index 17c65d7d..11da16a0 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -1172,6 +1172,8 @@ gcry_prime_check (gcry_mpi_t x, unsigned int flags) gcry_err_code_t err = GPG_ERR_NO_ERROR; gcry_mpi_t val_2 = mpi_alloc_set_ui (2); /* Used by the Fermat test. */ + (void)flags; + /* We use 64 rounds because the prime we are going to test is not guaranteed to be a random one. */ if (! check_prime (x, val_2, 64, NULL, NULL)) diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 10d21b40..228b0d04 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -93,12 +93,19 @@ static gcry_err_code_t dummy_generate (int algorithm, unsigned int nbits, unsigned long dummy, gcry_mpi_t *skey, gcry_mpi_t **retfactors) { + (void)algorithm; + (void)nbits; + (void)dummy; + (void)skey; + (void)retfactors; return GPG_ERR_NOT_IMPLEMENTED; } static gcry_err_code_t dummy_check_secret_key (int algorithm, gcry_mpi_t *skey) { + (void)algorithm; + (void)skey; return GPG_ERR_NOT_IMPLEMENTED; } @@ -106,6 +113,11 @@ static gcry_err_code_t dummy_encrypt (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *pkey, int flags) { + (void)algorithm; + (void)resarr; + (void)data; + (void)pkey; + (void)flags; return GPG_ERR_NOT_IMPLEMENTED; } @@ -113,6 +125,11 @@ static gcry_err_code_t dummy_decrypt (int algorithm, gcry_mpi_t *result, gcry_mpi_t *data, gcry_mpi_t *skey, int flags) { + (void)algorithm; + (void)result; + (void)data; + (void)skey; + (void)flags; return GPG_ERR_NOT_IMPLEMENTED; } @@ -120,6 +137,10 @@ static gcry_err_code_t dummy_sign (int algorithm, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey) { + (void)algorithm; + (void)resarr; + (void)data; + (void)skey; return GPG_ERR_NOT_IMPLEMENTED; } @@ -128,12 +149,20 @@ dummy_verify (int algorithm, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, int (*cmp) (void *, gcry_mpi_t), void *opaquev) { + (void)algorithm; + (void)hash; + (void)data; + (void)pkey; + (void)cmp; + (void)opaquev; return GPG_ERR_NOT_IMPLEMENTED; } static unsigned dummy_get_nbits (int algorithm, gcry_mpi_t *pkey) { + (void)algorithm; + (void)pkey; return 0; } @@ -174,7 +203,7 @@ gcry_pk_lookup_func_name (void *spec, void *data) { gcry_pk_spec_t *pubkey = (gcry_pk_spec_t *) spec; char *name = (char *) data; - char **aliases = pubkey->aliases; + const char **aliases = pubkey->aliases; int ret = stricmp (name, pubkey->name); while (ret && *aliases) @@ -1280,7 +1309,7 @@ sexp_data_to_mpi (gcry_sexp_t input, unsigned int nbits, gcry_mpi_t *ret_mpi, { "md4", GCRY_MD_MD4 }, { "tiger", GCRY_MD_TIGER }, { "haval", GCRY_MD_HAVAL }, - { NULL } + { NULL, 0 } }; int algo; byte asn[100]; diff --git a/cipher/random-daemon.c b/cipher/random-daemon.c index 95d76f7d..7ce6f5c5 100644 --- a/cipher/random-daemon.c +++ b/cipher/random-daemon.c @@ -160,7 +160,7 @@ writen (int fd, const void *buffer, size_t length) return -1; /* write error */ } length -= n; - buffer += n; + buffer = (const char*)buffer + n; } return 0; /* Okay */ } diff --git a/cipher/random.c b/cipher/random.c index a18f57cd..c9c95cc0 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -96,8 +96,8 @@ static int is_initialized; static int allow_daemon; /* If true, try to use the daemon first. */ #define MASK_LEVEL(a) do { (a) &= 3; } while(0) -static char *rndpool; /* allocated size is POOLSIZE+BLOCKLEN */ -static char *keypool; /* allocated size is POOLSIZE+BLOCKLEN */ +static unsigned char *rndpool; /* Allocated size is POOLSIZE+BLOCKLEN. */ +static unsigned char *keypool; /* Allocated size is POOLSIZE+BLOCKLEN. */ static size_t pool_readpos; static size_t pool_writepos; static int pool_filled; @@ -404,9 +404,9 @@ gcry_random_bytes_secure( size_t nbytes, enum gcry_random_level level ) 1 is strong enough for most usage, 2 is good for key generation stuff but may be very slow. */ void -gcry_randomize (byte *buffer, size_t length, enum gcry_random_level level) +gcry_randomize (void *buffer, size_t length, enum gcry_random_level level) { - byte *p; + unsigned char *p; int err; /* Make sure we are initialized. */ @@ -500,16 +500,16 @@ gcry_randomize (byte *buffer, size_t length, enum gcry_random_level level) To better protect against implementation errors in this code, we xor a digest of the entire pool into the pool before mixing. - Note, that this function muts only be called with a locked pool. + Note: this function must only be called with a locked pool. */ static void -mix_pool(byte *pool) +mix_pool(unsigned char *pool) { static unsigned char failsafe_digest[DIGESTLEN]; static int failsafe_digest_valid; - char *hashbuf = pool + POOLSIZE; - char *p, *pend; + unsigned char *hashbuf = pool + POOLSIZE; + unsigned char *p, *pend; int i, n; RMD160_CONTEXT md; @@ -520,14 +520,14 @@ mix_pool(byte *pool) assert (pool_is_locked); _gcry_rmd160_init( &md ); - /* loop over the pool */ + /* Loop over the pool. */ pend = pool + POOLSIZE; memcpy(hashbuf, pend - DIGESTLEN, DIGESTLEN ); memcpy(hashbuf+DIGESTLEN, pool, BLOCKLEN-DIGESTLEN); _gcry_rmd160_mixblock( &md, hashbuf); memcpy(pool, hashbuf, 20 ); - if (failsafe_digest_valid && (char *)pool == rndpool) + if (failsafe_digest_valid && pool == rndpool) { for (i=0; i < 20; i++) pool[i] ^= failsafe_digest[i]; @@ -543,7 +543,7 @@ mix_pool(byte *pool) memcpy (hashbuf+DIGESTLEN, p+DIGESTLEN, BLOCKLEN-DIGESTLEN); else { - char *pp = p + DIGESTLEN; + unsigned char *pp = p + DIGESTLEN; for (i=DIGESTLEN; i < BLOCKLEN; i++ ) { @@ -553,7 +553,7 @@ mix_pool(byte *pool) } } - _gcry_rmd160_mixblock( &md, hashbuf); + _gcry_rmd160_mixblock ( &md, hashbuf); memcpy(p, hashbuf, 20 ); } @@ -561,7 +561,7 @@ mix_pool(byte *pool) of the pool on the stack, so it is okay not to require secure memory here. Before we use this pool, it will be copied to the help buffer anyway. */ - if ( (char*)pool == rndpool) + if ( pool == rndpool) { _gcry_rmd160_hash_buffer (failsafe_digest, pool, POOLSIZE); failsafe_digest_valid = 1; @@ -1186,6 +1186,9 @@ gather_faked( void (*add)(const void*, size_t, int), int requester, size_t n; char *buffer, *p; + (void)add; + (void)level; + if( !initialized ) { log_info(_("WARNING: using insecure random number generator!!\n")); /* we can't use tty_printf here - do we need this function at @@ -1221,7 +1224,7 @@ gather_faked( void (*add)(const void*, size_t, int), int requester, /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */ void -gcry_create_nonce (unsigned char *buffer, size_t length) +gcry_create_nonce (void *buffer, size_t length) { static unsigned char nonce_buffer[20+8]; static int nonce_buffer_initialized = 0; diff --git a/cipher/random.h b/cipher/random.h index 3c9c75f3..25f96254 100644 --- a/cipher/random.h +++ b/cipher/random.h @@ -29,6 +29,7 @@ void _gcry_random_dump_stats(void); void _gcry_secure_random_alloc(void); int _gcry_quick_random_gen( int onoff ); int _gcry_random_is_faked(void); +void _gcry_set_random_daemon_socket (const char *socketname); int _gcry_use_random_daemon (int onoff); void _gcry_set_random_seed_file (const char *name); void _gcry_update_random_seed_file (void); diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 633bad36..2abea013 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -2213,7 +2213,7 @@ selftest (void) static const char *rijndael_names[] = { "RIJNDAEL", - NULL, + NULL }; static gcry_cipher_oid_spec_t rijndael_oids[] = @@ -2228,13 +2228,13 @@ static gcry_cipher_oid_spec_t rijndael_oids[] = gcry_cipher_spec_t _gcry_cipher_spec_aes = { "AES", rijndael_names, rijndael_oids, 16, 128, sizeof (RIJNDAEL_context), - rijndael_setkey, rijndael_encrypt, rijndael_decrypt, + rijndael_setkey, rijndael_encrypt, rijndael_decrypt }; static const char *rijndael192_names[] = { "RIJNDAEL192", - NULL, + NULL }; static gcry_cipher_oid_spec_t rijndael192_oids[] = @@ -2249,13 +2249,13 @@ static gcry_cipher_oid_spec_t rijndael192_oids[] = gcry_cipher_spec_t _gcry_cipher_spec_aes192 = { "AES192", rijndael192_names, rijndael192_oids, 16, 192, sizeof (RIJNDAEL_context), - rijndael_setkey, rijndael_encrypt, rijndael_decrypt, + rijndael_setkey, rijndael_encrypt, rijndael_decrypt }; static const char *rijndael256_names[] = { "RIJNDAEL256", - NULL, + NULL }; static gcry_cipher_oid_spec_t rijndael256_oids[] = @@ -2271,5 +2271,5 @@ gcry_cipher_spec_t _gcry_cipher_spec_aes256 = { "AES256", rijndael256_names, rijndael256_oids, 16, 256, sizeof (RIJNDAEL_context), - rijndael_setkey, rijndael_encrypt, rijndael_decrypt, + rijndael_setkey, rijndael_encrypt, rijndael_decrypt }; diff --git a/cipher/rmd.h b/cipher/rmd.h index 6c44017a..f4ce9c67 100644 --- a/cipher/rmd.h +++ b/cipher/rmd.h @@ -21,16 +21,17 @@ #define G10_RMD_H -/* we need this here because random.c must have direct access */ -typedef struct { - u32 h0,h1,h2,h3,h4; - u32 nblocks; - byte buf[64]; - int count; +/* We need this here because random.c must have direct access. */ +typedef struct +{ + u32 h0,h1,h2,h3,h4; + u32 nblocks; + byte buf[64]; + int count; } RMD160_CONTEXT; -void _gcry_rmd160_init( void *context ); -void _gcry_rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer ); +void _gcry_rmd160_init ( void *context ); +void _gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte ); #endif /*G10_RMD_H*/ diff --git a/cipher/rmd160.c b/cipher/rmd160.c index 1c863c02..5a0c1fc1 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -26,7 +26,7 @@ #include "g10lib.h" #include "memory.h" #include "rmd.h" -#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */ +#include "cipher.h" /* Only used for the rmd160_hash_buffer() prototype. */ #include "bithelp.h" @@ -161,7 +161,7 @@ _gcry_rmd160_init (void *context) * Transform the message X which consists of 16 32-bit-words */ static void -transform( RMD160_CONTEXT *hd, byte *data ) +transform ( RMD160_CONTEXT *hd, const unsigned char *data ) { register u32 a,b,c,d,e; u32 aa,bb,cc,dd,ee,t; @@ -401,8 +401,9 @@ transform( RMD160_CONTEXT *hd, byte *data ) * of INBUF with length INLEN. */ static void -rmd160_write( void *context, byte *inbuf, size_t inlen) +rmd160_write ( void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; RMD160_CONTEXT *hd = context; if( hd->count == 64 ) /* flush the buffer */ @@ -443,11 +444,11 @@ rmd160_write( void *context, byte *inbuf, size_t inlen) * Returns: 16 bytes in buffer with the mixed contentes of buffer. */ void -_gcry_rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer ) +_gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte ) { - char *p = buffer; + char *p = blockof64byte; - transform( hd, (unsigned char *)buffer ); + transform ( hd, blockof64byte ); #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) X(0); X(1); @@ -540,14 +541,14 @@ rmd160_read( void *context ) * into outbuf which must have a size of 20 bytes. */ void -_gcry_rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) +_gcry_rmd160_hash_buffer (void *outbuf, const void *buffer, size_t length ) { RMD160_CONTEXT hd; - _gcry_rmd160_init( &hd ); - rmd160_write( &hd, (byte*)buffer, length ); - rmd160_final( &hd ); - memcpy( outbuf, hd.buf, 20 ); + _gcry_rmd160_init ( &hd ); + rmd160_write ( &hd, buffer, length ); + rmd160_final ( &hd ); + memcpy ( outbuf, hd.buf, 20 ); } static byte asn[15] = /* Object ID is 1.3.36.3.2.1 */ diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c index f23abfc5..d36491cd 100644 --- a/cipher/rndlinux.c +++ b/cipher/rndlinux.c @@ -36,7 +36,7 @@ #include "g10lib.h" #include "rand-internal.h" -static int open_device( const char *name, int minor ); +static int open_device ( const char *name ); int _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, int), int requester, size_t length, int level ); @@ -60,7 +60,7 @@ set_cloexec_flag (int fd) * Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists)). */ static int -open_device( const char *name, int minor ) +open_device ( const char *name ) { int fd; @@ -72,9 +72,9 @@ open_device( const char *name, int minor ) log_error ("error setting FD_CLOEXEC on fd %d: %s\n", fd, strerror (errno)); - /* We used to do the follwing check, however it turned out that this + /* We used to do the following check, however it turned out that this is not portable since more OSes provide a random device which is - sometimes implemented as anoteher device type. + sometimes implemented as another device type. struct stat sb; @@ -102,13 +102,13 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, int), if( level >= 2 ) { if( fd_random == -1 ) - fd_random = open_device( NAME_OF_DEV_RANDOM, 8 ); + fd_random = open_device ( NAME_OF_DEV_RANDOM ); fd = fd_random; } else { if( fd_urandom == -1 ) - fd_urandom = open_device( NAME_OF_DEV_URANDOM, 9 ); + fd_urandom = open_device ( NAME_OF_DEV_URANDOM ); fd = fd_urandom; } diff --git a/cipher/rsa.c b/cipher/rsa.c index 18fda93e..7d5fd4c0 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -445,6 +445,8 @@ _gcry_rsa_generate (int algo, unsigned int nbits, unsigned long use_e, gpg_err_code_t rc; int i; + (void)algo; + generate (&sk, nbits, use_e); skey[0] = sk.n; skey[1] = sk.e; @@ -477,6 +479,8 @@ _gcry_rsa_check_secret_key( int algo, gcry_mpi_t *skey ) gcry_err_code_t err = GPG_ERR_NO_ERROR; RSA_secret_key sk; + (void)algo; + sk.n = skey[0]; sk.e = skey[1]; sk.d = skey[2]; @@ -496,6 +500,9 @@ _gcry_rsa_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *pkey, int flags) { RSA_public_key pk; + + (void)algo; + (void)flags; pk.n = pkey[0]; pk.e = pkey[1]; @@ -516,6 +523,8 @@ _gcry_rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data, gcry_mpi_t x = MPI_NULL; /* Data to decrypt. */ gcry_mpi_t y; /* Result. */ + (void)algo; + /* Extract private key. */ sk.n = skey[0]; sk.e = skey[1]; @@ -584,6 +593,8 @@ gcry_err_code_t _gcry_rsa_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey) { RSA_secret_key sk; + + (void)algo; sk.n = skey[0]; sk.e = skey[1]; @@ -606,6 +617,10 @@ _gcry_rsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, gcry_mpi_t result; gcry_err_code_t rc; + (void)algo; + (void)cmp; + (void)opaquev; + pk.n = pkey[0]; pk.e = pkey[1]; result = gcry_mpi_new ( 160 ); @@ -621,10 +636,12 @@ _gcry_rsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey, unsigned int _gcry_rsa_get_nbits (int algo, gcry_mpi_t *pkey) { + (void)algo; + return mpi_get_nbits (pkey[0]); } -static char *rsa_names[] = +static const char *rsa_names[] = { "rsa", "openpgp-rsa", diff --git a/cipher/serpent.c b/cipher/serpent.c index 26267be7..6b7e655a 100644 --- a/cipher/serpent.c +++ b/cipher/serpent.c @@ -953,26 +953,26 @@ serpent_test (void) static const char *cipher_spec_serpent128_aliases[] = { "SERPENT", - NULL, + NULL }; gcry_cipher_spec_t _gcry_cipher_spec_serpent128 = { "SERPENT128", cipher_spec_serpent128_aliases, NULL, 16, 128, sizeof (serpent_context_t), - serpent_setkey, serpent_encrypt, serpent_decrypt, + serpent_setkey, serpent_encrypt, serpent_decrypt }; gcry_cipher_spec_t _gcry_cipher_spec_serpent192 = { "SERPENT192", NULL, NULL, 16, 192, sizeof (serpent_context_t), - serpent_setkey, serpent_encrypt, serpent_decrypt, + serpent_setkey, serpent_encrypt, serpent_decrypt }; gcry_cipher_spec_t _gcry_cipher_spec_serpent256 = { "SERPENT256", NULL, NULL, 16, 256, sizeof (serpent_context_t), - serpent_setkey, serpent_encrypt, serpent_decrypt, + serpent_setkey, serpent_encrypt, serpent_decrypt }; diff --git a/cipher/sha1.c b/cipher/sha1.c index 7f1e38b8..c393a570 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -66,7 +66,7 @@ sha1_init (void *context) * Transform the message X which consists of 16 32-bit-words */ static void -transform( SHA1_CONTEXT *hd, byte *data ) +transform ( SHA1_CONTEXT *hd, const unsigned char *data ) { register u32 a,b,c,d,e,tm; u32 x[16]; @@ -209,8 +209,9 @@ transform( SHA1_CONTEXT *hd, byte *data ) * of INBUF with length INLEN. */ static void -sha1_write( void *context, byte *inbuf, size_t inlen) +sha1_write( void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; SHA1_CONTEXT *hd = context; if( hd->count == 64 ) /* flush the buffer */ @@ -332,12 +333,12 @@ sha1_read( void *context ) * into outbuf which must have a size of 20 bytes. */ void -_gcry_sha1_hash_buffer (char *outbuf, const char *buffer, size_t length) +_gcry_sha1_hash_buffer (void *outbuf, const void *buffer, size_t length) { SHA1_CONTEXT hd; sha1_init (&hd); - sha1_write (&hd, (byte*)buffer, length); + sha1_write (&hd, buffer, length); sha1_final (&hd); memcpy (outbuf, hd.buf, 20); } diff --git a/cipher/sha256.c b/cipher/sha256.c index 7a526a85..ce53b916 100644 --- a/cipher/sha256.c +++ b/cipher/sha256.c @@ -116,7 +116,7 @@ sha224_init (void *context) } while (0) static void -transform (SHA256_CONTEXT *hd, byte *data) +transform (SHA256_CONTEXT *hd, const unsigned char *data) { static const u32 K[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, @@ -196,8 +196,9 @@ transform (SHA256_CONTEXT *hd, byte *data) /* Update the message digest with the contents of INBUF with length INLEN. */ static void -sha256_write (void *context, byte *inbuf, size_t inlen) +sha256_write (void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; SHA256_CONTEXT *hd = context; if (hd->count == 64) diff --git a/cipher/sha512.c b/cipher/sha512.c index 57fd180a..b70b175b 100644 --- a/cipher/sha512.c +++ b/cipher/sha512.c @@ -104,7 +104,7 @@ sha384_init (void *context) * Transform the message W which consists of 16 64-bit-words */ static void -transform (SHA512_CONTEXT *hd, byte *data) +transform (SHA512_CONTEXT *hd, const unsigned char *data) { u64 a, b, c, d, e, f, g, h; u64 w[80]; @@ -230,8 +230,9 @@ transform (SHA512_CONTEXT *hd, byte *data) * of INBUF with length INLEN. */ static void -sha512_write (void *context, byte *inbuf, size_t inlen) +sha512_write (void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; SHA512_CONTEXT *hd = context; if (hd->count == 128) diff --git a/cipher/tiger.c b/cipher/tiger.c index 067521bf..a6200457 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -667,7 +667,7 @@ key_schedule( u64 *x ) * Transform the message DATA which consists of 512 bytes (8 words) */ static void -transform( TIGER_CONTEXT *hd, byte *data ) +transform ( TIGER_CONTEXT *hd, const unsigned char *data ) { u64 a,b,c,aa,bb,cc; u64 x[8]; @@ -717,8 +717,9 @@ transform( TIGER_CONTEXT *hd, byte *data ) * of INBUF with length INLEN. */ static void -tiger_write( void *context, byte *inbuf, size_t inlen) +tiger_write ( void *context, const void *inbuf_arg, size_t inlen) { + const unsigned char *inbuf = inbuf_arg; TIGER_CONTEXT *hd = context; if( hd->count == 64 ) /* flush the buffer */ diff --git a/cipher/twofish.c b/cipher/twofish.c index 32589a05..5274c400 100644 --- a/cipher/twofish.c +++ b/cipher/twofish.c @@ -1030,11 +1030,11 @@ main() gcry_cipher_spec_t _gcry_cipher_spec_twofish = { "TWOFISH", NULL, NULL, 16, 256, sizeof (TWOFISH_context), - twofish_setkey, twofish_encrypt, twofish_decrypt, + twofish_setkey, twofish_encrypt, twofish_decrypt }; gcry_cipher_spec_t _gcry_cipher_spec_twofish128 = { "TWOFISH128", NULL, NULL, 16, 128, sizeof (TWOFISH_context), - twofish_setkey, twofish_encrypt, twofish_decrypt, + twofish_setkey, twofish_encrypt, twofish_decrypt }; diff --git a/cipher/whirlpool.c b/cipher/whirlpool.c index f77c2cf3..91bac244 100644 --- a/cipher/whirlpool.c +++ b/cipher/whirlpool.c @@ -1194,7 +1194,7 @@ whirlpool_init (void *ctx) * Transform block. */ static void -whirlpool_transform (whirlpool_context_t *context, unsigned char *data) +whirlpool_transform (whirlpool_context_t *context, const unsigned char *data) { whirlpool_block_t data_block; whirlpool_block_t key; @@ -1291,8 +1291,9 @@ whirlpool_transform (whirlpool_context_t *context, unsigned char *data) static void whirlpool_add (whirlpool_context_t *context, - unsigned char *buffer, size_t buffer_n) + const void *buffer_arg, size_t buffer_n) { + const unsigned char *buffer = buffer_arg; u64 buffer_size; unsigned int carry; unsigned int i; @@ -1303,12 +1304,11 @@ whirlpool_add (whirlpool_context_t *context, { /* Flush the buffer. */ whirlpool_transform (context, context->buffer); - //_gcry_burn_stack (80+6*sizeof(void*)); /* FIXME */ + /*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */ context->count = 0; } if (! buffer) - /* Nothing to add. */ - return; + return; /* Nothing to add. */ if (context->count) { @@ -1322,7 +1322,7 @@ whirlpool_add (whirlpool_context_t *context, /* Done. */ return; } - //_gcry_burn_stack (80+6*sizeof(void*)); /* FIXME */ + /*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */ while (buffer_n >= BLOCK_SIZE) { @@ -1354,7 +1354,7 @@ whirlpool_add (whirlpool_context_t *context, } static void -whirlpool_write (void *ctx, unsigned char *buffer, size_t buffer_n) +whirlpool_write (void *ctx, const void *buffer, size_t buffer_n) { whirlpool_context_t *context = ctx; diff --git a/configure.ac b/configure.ac index 69ef67d8..c33437e4 100644 --- a/configure.ac +++ b/configure.ac @@ -23,19 +23,25 @@ AC_REVISION($Revision$) AC_PREREQ(2.59) min_automake_version="1.9.3" -# Version number: Remember to change it immediately *after* a release -# but remove a "-cvs" prefix right *before* a release and append it -# soon later. -AC_INIT(libgcrypt, 1.3.0-cvs, bug-libgcrypt@gnupg.org) +# Remember to change the version number immediately *after* a release. +# Set my_issvn to "yes" for non-released code. Remember to run an +# "svn up" and "autogen.sh" right before creating a distribution. +m4_define([my_version], [1.3.0]) +m4_define([my_issvn], [yes]) +m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ + || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')])) +AC_INIT([libgcrypt], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), + [bug-libgcrypt@gnupg.org]) # LT Version numbers, remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) -LIBGCRYPT_LT_CURRENT=12 -LIBGCRYPT_LT_AGE=1 -LIBGCRYPT_LT_REVISION=1 +LIBGCRYPT_LT_CURRENT=14 +LIBGCRYPT_LT_AGE=3 +LIBGCRYPT_LT_REVISION=0 + # If the API is changed in an incompatible way: increment the next counter. LIBGCRYPT_CONFIG_API_VERSION=1 @@ -422,16 +428,6 @@ AC_ARG_WITH(capabilities, [use_capabilities="$withval"],[use_capabilities=no]) AC_MSG_RESULT($use_capabilities) -# We don't have a test to check whether as(1) knows about the -# non executable stack option. Thus we provide an option to enable it. -AC_MSG_CHECKING([whether non excutable stack support is requested]) -AC_ARG_ENABLE(noexecstack, - AC_HELP_STRING([--enable-noexecstack], - [enable non executable stack support (gcc only)]), - noexecstack_support=$enableval, noexecstack_support=no) -AC_MSG_RESULT($noexecstack_support) - - AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", [A human readable text with the name of the OS]) @@ -710,22 +706,24 @@ if test "$GCC" = yes; then test "$more_gcc_warnings" = "yes"; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" if test "$more_gcc_warnings" = "yes"; then - CFLAGS="$CFLAGS -W -Wpointer-arith -Wbad-function-cast" - CFLAGS="$CFLAGS -Wwrite-strings -Wunreachable-code" + CFLAGS="$CFLAGS -W -Wextra -Wpointer-arith -Wbad-function-cast" + CFLAGS="$CFLAGS -Wwrite-strings" + CFLAGS="$CFLAGS -Wdeclaration-after-statement" + CFLAGS="$CFLAGS -Wno-missing-field-initializers" CFLAGS="$CFLAGS -Wno-sign-compare" + # Note: We don't use -Wunreachable-code because this gives + # warnings for all asserts and many inline functions like + # gpg_error (gcc 4.1.2 20060928). fi else CFLAGS="$CFLAGS -Wall" fi - - # Non exec stack hack. Fixme: Write a test to check whether as - # can cope with it and use the enable-noexecstack option only to - # disable it in case it is required on some platforms. - if test "$noexecstack_support" = yes; then - NOEXECSTACK_FLAGS="-Wa,--noexecstack" - fi fi -AC_SUBST(NOEXECSTACK_FLAGS) + +# Check whether as(1) supports a noeexecstack feature. This test +# includes an override option. +CL_AS_NOEXECSTACK + AC_SUBST(LIBGCRYPT_CONFIG_API_VERSION) AC_SUBST(LIBGCRYPT_CONFIG_LIBS) @@ -886,6 +884,7 @@ AC_SUBST(LIBGCRYPT_DIGESTS, $enabled_digests) AC_CONFIG_FILES([ Makefile +m4/Makefile mpi/Makefile cipher/Makefile doc/Makefile diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index aecda5f9..298971f1 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2033,10 +2033,25 @@ enabled for the digest object @var{h}. Tracking bugs related to hashing is often a cumbersome task which -requires to add a lot of printf statements into the code. @acronym{Libgcrypt} -provides an easy way to avoid this. The actual data hashed can be -written to files on request. The following 2 macros should be used to -implement such a debugging facility: +requires to add a lot of printf statements into the code. +@acronym{Libgcrypt} provides an easy way to avoid this. The actual data +hashed can be written to files on request. + +@deftypefun void gcry_md_debug (gcry_md_hd_t @var{h}, const char *@var{suffix}) + +Enable debugging for the digest object with handle @var{h}. This +creates create files named @file{dbgmd-<n>.<string>} while doing the +actual hashing. @var{suffix} is the string part in the filename. The +number is a counter incremented for each new hashing. The data in the +file is the raw data as passed to @code{gcry_md_write} or +@code{gcry_md_putc}. If @code{NULL} is used for @var{suffix}, the +debugging is stopped and the file closed. This is only rarely required +because @code{gcry_md_close} implicitly stops debugging. +@end deftypefun + + +The following two deprecated macros are used for debugging by old code. +They shopuld be replaced by @code{gcry_md_debug}. @deftypefun void gcry_md_start_debug (gcry_md_hd_t @var{h}, const char *@var{suffix}) diff --git a/m4/ChangeLog b/m4/ChangeLog index 4a033dc7..6a76f5a6 100644 --- a/m4/ChangeLog +++ b/m4/ChangeLog @@ -1,3 +1,9 @@ +2007-02-20 Werner Koch <wk@g10code.com> + + * Makefile.am: New. + + * noexecstack.m4: New. Taken from gnupg 1.4 + 2006-10-11 Marcus Brinkmann <marcus@g10code.de> * fallback.m4: Removed again. diff --git a/m4/Makefile.am b/m4/Makefile.am new file mode 100644 index 00000000..ca65d10a --- /dev/null +++ b/m4/Makefile.am @@ -0,0 +1 @@ +EXTRA_DIST = libtool.m4 onceonly.m4 socklen.m4 sys_socket_h.m4 noexecstack.m4 diff --git a/m4/noexecstack.m4 b/m4/noexecstack.m4 new file mode 100644 index 00000000..629e3513 --- /dev/null +++ b/m4/noexecstack.m4 @@ -0,0 +1,55 @@ +# noexecstack.m4 +dnl Copyright (C) 1995-2006 Free Software Foundation, Inc. +dnl +dnl This library is free software; you can redistribute it and/or +dnl modify it under the terms of the GNU Lesser General Public +dnl License as published by the Free Software Foundation; either +dnl version 2.1 of the License, or (at your option) any later version. +dnl +dnl This library is distributed in the hope that it will be useful, +dnl but WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +dnl Lesser General Public License for more details. +dnl +dnl You should have received a copy of the GNU Lesser General Public +dnl License along with this library; if not, write to the Free Software +dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +dnl Checks whether the stack can be marked nonexecutable by passing an +dnl option to the C-compiler when acting on .s files. Returns that +dnl option in NOEXECSTACK_FLAGS. +dnl This macro is adapted from one found in GLIBC-2.3.5. +AC_DEFUN([CL_AS_NOEXECSTACK],[ +AC_REQUIRE([AC_PROG_CC]) +AC_REQUIRE([AM_PROG_AS]) + +AC_MSG_CHECKING([whether non excutable stack support is requested]) +AC_ARG_ENABLE(noexecstack, + AC_HELP_STRING([--enable-noexecstack], + [enable non executable stack support (gcc only)]), + noexecstack_support=$enableval, noexecstack_support=no) +AC_MSG_RESULT($noexecstack_support) + +AC_CACHE_CHECK([whether assembler supports --noexecstack option], +cl_cv_as_noexecstack, [dnl + cat > conftest.c <<EOF +void foo() {} +EOF + if AC_TRY_COMMAND([${CC} $CFLAGS $CPPFLAGS + -S -o conftest.s conftest.c >/dev/null]) \ + && grep -q .note.GNU-stack conftest.s \ + && AC_TRY_COMMAND([${CCAS} $CCASFLAGS $CPPFLAGS -Wa,--noexecstack + -c -o conftest.o conftest.s >/dev/null]) + then + cl_cv_as_noexecstack=yes + else + cl_cv_as_noexecstack=no + fi + rm -f conftest*]) + if test "$noexecstack_support" = yes -a "$cl_cv_as_noexecstack" = yes; then + NOEXECSTACK_FLAGS="-Wa,--noexecstack" + else + NOEXECSTACK_FLAGS= + fi + AC_SUBST(NOEXECSTACK_FLAGS) +]) diff --git a/mpi/ChangeLog b/mpi/ChangeLog index 7c007a49..9a1e9dd6 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,7 @@ +2007-02-21 Werner Koch <wk@g10code.com> + + * mpicoder.c (_gcry_mpi_set_buffer): Made BUFFER a void*. + 2006-11-15 Werner Koch <wk@g10code.com> * Makefile.am (.S.o): Check for srcdir also in in CPP pass. diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index 038bf899..a0ae8f89 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -274,8 +274,10 @@ _gcry_mpi_get_secure_buffer( gcry_mpi_t a, unsigned *nbytes, int *sign ) * Use BUFFER to update MPI. */ void -_gcry_mpi_set_buffer( gcry_mpi_t a, const byte *buffer, unsigned nbytes, int sign ) +_gcry_mpi_set_buffer ( gcry_mpi_t a, const void *buffer_arg, + unsigned int nbytes, int sign ) { + const unsigned char *buffer = (const unsigned char*)buffer_arg; const byte *p; mpi_limb_t alimb; int nlimbs; diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index fe1b7617..d74a1f89 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -450,10 +450,13 @@ gcry_mpi_set_flag( gcry_mpi_t a, enum gcry_mpi_flag flag ) void gcry_mpi_clear_flag( gcry_mpi_t a, enum gcry_mpi_flag flag ) { - switch( flag ) { - case GCRYMPI_FLAG_SECURE: - case GCRYMPI_FLAG_OPAQUE: - default: log_bug("invalid flag value\n"); + (void)a; /* Not yet used. */ + + switch (flag) + { + case GCRYMPI_FLAG_SECURE: + case GCRYMPI_FLAG_OPAQUE: + default: log_bug("invalid flag value\n"); } } diff --git a/src/ChangeLog b/src/ChangeLog index de6c5004..783dc6f4 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,29 @@ +2007-02-21 Werner Koch <wk@g10code.com> + + * gcrypt.h.in (gcry_sexp_sprint): Change BUFFER from char* to void*. + (gcry_md_ctl): Change BUFFER from unsigned char* to void*. + (gcry_md_debug): New. + (gcry_cipher_encrypt, gcry_cipher_decrypt): Change buffer args to + void*. + (gcry_randomize): Change BUFFER to void. + (gcry_create_nonce): Ditto. + + * libgcrypt.vers (gcry_md_debug): New. + + * sexp.c (gcry_sexp_sprint): Ditto. + (normalize): Make P unsigned. + (gcry_sexp_nth_data): Cast return value to char*. + (sexp_sscan): Fix sign/unsigned conflicts. + (whitespacep): Change P to char*. + (unquote_string): Change STRING to char*. + (convert_to_hex): Change DEST to char*. + (convert_to_string): Change DEST and P to char*. + (convert_to_token): Chnage DEST to char*. + (gcry_sexp_canon_len): Change DISPHINT to unsigned char*. + + * gcrypt-module.h (gcry_pk_spec): Made ALIASES a const. + (gcry_md_write_t): Changed BUF to a const void*. + 2007-02-12 Werner Koch <wk@g10code.com> * gcrypt.h.in: Include stdlib.h for the sake fo the trheading diff --git a/src/cipher.h b/src/cipher.h index bdf8c803..7aeaef6a 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -29,9 +29,11 @@ #define PUBKEY_FLAG_NO_BLINDING (1 << 0) /*-- rmd160.c --*/ -void _gcry_rmd160_hash_buffer (char *outbuf, const char *buffer, size_t length); +void _gcry_rmd160_hash_buffer (void *outbuf, + const void *buffer, size_t length); /*-- sha1.c --*/ -void _gcry_sha1_hash_buffer (char *outbuf, const char *buffer, size_t length); +void _gcry_sha1_hash_buffer (void *outbuf, + const void *buffer, size_t length); /*-- dsa.c --*/ void _gcry_register_pk_dsa_progress (gcry_handler_progress_t cbc, void *cb_data); diff --git a/src/gcrypt-module.h b/src/gcrypt-module.h index 1099c92c..5cb298bf 100644 --- a/src/gcrypt-module.h +++ b/src/gcrypt-module.h @@ -1,26 +1,28 @@ -/* gcrypt-module.h - GNU cryptographic library interface - * Copyright (C) 2003 Free Software Foundation, Inc. - * - * This file is part of Libgcrypt. - * - * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * Libgcrypt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA +/* gcrypt-module.h - GNU Cryptographic Library Interface + Copyright (C) 2003, 2007 Free Software Foundation, Inc. + + This file is part of Libgcrypt. + + Libgcrypt is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + Libgcrypt is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + +/* + This file contains the necessary declarations/definitions for + working with Libgcrypt modules. */ -/* This file contains the necessary declarations/definitions for - working with Libgcrypt modules. */ - #ifndef _GCRYPT_MODULE_H #define _GCRYPT_MODULE_H @@ -89,7 +91,7 @@ typedef struct gcry_cipher_spec CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID and a pointer representhing this module is stored in MODULE. */ gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher, - unsigned int *algorithm_id, + int *algorithm_id, gcry_module_t *module); /* Unregister the cipher identified by MODULE, which must have been @@ -144,7 +146,7 @@ typedef unsigned (*gcry_pk_get_nbits_t) (int algo, gcry_mpi_t *pkey); typedef struct gcry_pk_spec { const char *name; - char **aliases; + const char **aliases; const char *elements_pkey; const char *elements_skey; const char *elements_enc; @@ -177,7 +179,7 @@ void gcry_pk_unregister (gcry_module_t module); typedef void (*gcry_md_init_t) (void *c); /* Type for the md_write function. */ -typedef void (*gcry_md_write_t) (void *c, unsigned char *buf, size_t nbytes); +typedef void (*gcry_md_write_t) (void *c, const void *buf, size_t nbytes); /* Type for the md_final function. */ typedef void (*gcry_md_final_t) (void *c); diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index a43aabe7..b53276b6 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1,23 +1,25 @@ -/* gcrypt.h - GNU cryptographic library interface -*- c -*- - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2006 Free Software Foundation, Inc. - * - * This file is part of Libgcrypt. - * - * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * Libgcrypt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ +/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- + Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, + 2004, 2006, 2007 Free Software Foundation, Inc. + + This file is part of Libgcrypt. + + Libgcrypt is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + Libgcrypt is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. + + File: @configure_input@ */ #ifndef _GCRYPT_H #define _GCRYPT_H @@ -417,7 +419,7 @@ size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, /* Copies the S-expression object SEXP into BUFFER using the format specified in MODE. */ -size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, char *buffer, +size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer, size_t maxlength); /* Dumps the S-expression object A in a aformat suitable for debugging @@ -826,13 +828,13 @@ int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE; most algorithms it is possible to pass NULL for in and 0 for INLEN and do a in-place decryption of the data provided in OUT. */ gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h, - unsigned char *out, size_t outsize, - const unsigned char *in, size_t inlen); + void *out, size_t outsize, + const void *in, size_t inlen); /* The counterpart to gcry_cipher_encrypt. */ gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h, - unsigned char *out, size_t outsize, - const unsigned char *in, size_t inlen); + void *out, size_t outsize, + const void *in, size_t inlen); /* Set key K of length L for the cipher handle H. (We have to cast away a const char* here - this catch-all ctl function was probably @@ -1045,9 +1047,9 @@ gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd); /* Reset the digest object HD to its initial state. */ void gcry_md_reset (gcry_md_hd_t hd); -/* Perform various operations on the digets object HD. */ -gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd, unsigned char *buffer, - size_t buflen); +/* Perform various operations on the digest object HD. */ +gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd, + void *buffer, size_t buflen); /* Pass LENGTH bytes of data in BUFFER to the digest object HD so that it can update the digest values. This is the actual hash @@ -1102,6 +1104,12 @@ int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE; KEYLEN. */ gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen); +/* Start or stop debugging for digest handle HD; i.e. create a file + named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL, + debugging stops and the file will be closed. */ +void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); + + /* Update the hash(s) of H with the character C. This is a buffered version of the gcry_md_write function. */ #define gcry_md_putc(h,c) \ @@ -1128,13 +1136,14 @@ gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen); #define gcry_md_get_asnoid(a,b,n) \ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) -/* Enable debugging for digets object A; i.e. create files named +/* Enable debugging for digest object A; i.e. create files named dbgmd-<n>.<string> while hashing. B is a string used as the suffix - for the filename. */ + for the filename. This macro is deprecated, use gcry_md_debug. */ #define gcry_md_start_debug(a,b) \ gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 ) -/* Disable the debugging of A. */ +/* Disable the debugging of A. This macro is deprecated, use + gcry_md_debug. */ #define gcry_md_stop_debug(a,b) \ gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 ) @@ -1537,7 +1546,7 @@ gcry_random_level_t; /* Fill BUFFER with LENGTH bytes of random, using random numbers of quality LEVEL. */ -void gcry_randomize (unsigned char *buffer, size_t length, +void gcry_randomize (void *buffer, size_t length, enum gcry_random_level level); /* Add the external random from BUFFER with LENGTH bytes into the @@ -1571,7 +1580,7 @@ void gcry_mpi_randomize (gcry_mpi_t w, /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */ -void gcry_create_nonce (unsigned char *buffer, size_t length); +void gcry_create_nonce (void *buffer, size_t length); diff --git a/src/gcryptrnd.c b/src/gcryptrnd.c index 5a645bb4..c15be287 100644 --- a/src/gcryptrnd.c +++ b/src/gcryptrnd.c @@ -106,6 +106,8 @@ logit (int priority, const char *format, ...) static void my_gcry_logger (void *dummy, int level, const char *format, va_list arg_ptr) { + (void)dummy; + /* Map the log levels. */ switch (level) { @@ -391,7 +393,7 @@ writen (int fd, const void *buffer, size_t length) return -1; /* write error */ } length -= n; - buffer += n; + buffer = (const char*)buffer + n; } return 0; /* Okay */ } diff --git a/src/getrandom.c b/src/getrandom.c index cf31eeb7..9123c0c6 100644 --- a/src/getrandom.c +++ b/src/getrandom.c @@ -66,7 +66,7 @@ writen (int fd, const void *buffer, size_t length) return -1; /* write error */ } length -= n; - buffer += n; + buffer = (const char *)buffer + n; } return 0; /* Okay */ } diff --git a/src/global.c b/src/global.c index 0692a561..0b3b1f8f 100644 --- a/src/global.c +++ b/src/global.c @@ -525,6 +525,8 @@ gcry_is_secure (const void *a) void _gcry_check_heap( const void *a ) { + (void)a; + /* FIXME: implement this*/ #if 0 if( some_handler ) diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers index 6054b143..11639524 100644 --- a/src/libgcrypt.vers +++ b/src/libgcrypt.vers @@ -39,7 +39,7 @@ GCRYPT_1.2 { gcry_md_info; gcry_md_is_enabled; gcry_md_is_secure; gcry_md_list; gcry_md_map_name; gcry_md_open; gcry_md_read; gcry_md_register; gcry_md_reset; gcry_md_setkey; - gcry_md_unregister; gcry_md_write; + gcry_md_unregister; gcry_md_write; gcry_md_debug; gcry_cipher_algo_info; gcry_cipher_algo_name; gcry_cipher_close; gcry_cipher_ctl; gcry_cipher_decrypt; gcry_cipher_encrypt; @@ -126,7 +126,8 @@ void _gcry_log_mpidump( const char *text, gcry_mpi_t a ); u32 _gcry_mpi_get_keyid( gcry_mpi_t a, u32 *keyid ); byte *_gcry_mpi_get_buffer( gcry_mpi_t a, unsigned *nbytes, int *sign ); byte *_gcry_mpi_get_secure_buffer( gcry_mpi_t a, unsigned *nbytes, int *sign ); -void _gcry_mpi_set_buffer( gcry_mpi_t a, const byte *buffer, unsigned nbytes, int sign ); +void _gcry_mpi_set_buffer ( gcry_mpi_t a, const void *buffer, + unsigned int nbytes, int sign ); #define log_mpidump _gcry_log_mpidump @@ -63,7 +63,7 @@ sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, to the S-expressions definition. */ #undef whitespacep static GPG_ERR_INLINE int -whitespacep (const unsigned char *p) +whitespacep (const char *p) { switch (*p) { @@ -169,22 +169,25 @@ gcry_sexp_dump (const gcry_sexp_t a) static gcry_sexp_t normalize ( gcry_sexp_t list ) { - char *p; - if ( !list ) - return NULL; - p = list->d; - if ( *p == ST_STOP ) { - /* this is "" */ - gcry_sexp_release ( list ); - return NULL; + unsigned char *p; + + if ( !list ) + return NULL; + p = list->d; + if ( *p == ST_STOP ) + { + /* this is "" */ + gcry_sexp_release ( list ); + return NULL; } - if( *p == ST_OPEN && p[1] == ST_CLOSE ) { - /* this is "()" */ - gcry_sexp_release ( list ); - return NULL; + if ( *p == ST_OPEN && p[1] == ST_CLOSE ) + { + /* this is "()" */ + gcry_sexp_release ( list ); + return NULL; } - - return list; + + return list; } /* Create a new S-expression object by reading LENGTH bytes from @@ -304,6 +307,9 @@ gcry_sexp_release( gcry_sexp_t sexp ) gcry_sexp_t gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b ) { + (void)a; + (void)b; + /* NYI: Implementation should be quite easy with our new data representation */ BUG (); @@ -318,6 +324,8 @@ gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b ) gcry_sexp_t gcry_sexp_alist( const gcry_sexp_t *array ) { + (void)array; + /* NYI: Implementation should be quite easy with our new data representation. */ BUG (); @@ -330,6 +338,7 @@ gcry_sexp_alist( const gcry_sexp_t *array ) gcry_sexp_t gcry_sexp_vlist( const gcry_sexp_t a, ... ) { + (void)a; /* NYI: Implementation should be quite easy with our new data representation. */ BUG (); @@ -344,6 +353,8 @@ gcry_sexp_vlist( const gcry_sexp_t a, ... ) gcry_sexp_t gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n ) { + (void)a; + (void)n; /* NYI: Implementation should be quite easy with our new data representation. */ BUG (); @@ -353,6 +364,8 @@ gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n ) gcry_sexp_t gcry_sexp_prepend( const gcry_sexp_t a, const gcry_sexp_t n ) { + (void)a; + (void)n; /* NYI: Implementation should be quite easy with our new data representation. */ BUG (); @@ -617,7 +630,7 @@ gcry_sexp_nth_data( const gcry_sexp_t list, int number, size_t *datalen ) if ( *p == ST_DATA ) { memcpy ( &n, ++p, sizeof n ); *datalen = n; - return p + sizeof n; + return (const char*)p + sizeof n; } return NULL; @@ -828,10 +841,10 @@ make_space ( struct make_space_ctx *c, size_t n ) quotes are must already be removed from STRING. We assume that the quoted string is syntacillay correct. */ static size_t -unquote_string (const unsigned char *string, size_t length, unsigned char *buf) +unquote_string (const char *string, size_t length, unsigned char *buf) { int esc = 0; - const unsigned char *s = string; + const unsigned char *s = (const unsigned char*)string; unsigned char *d = buf; size_t n = length; @@ -1088,7 +1101,7 @@ sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, { /* Keep it easy - we know that the unquoted string will never be larger. */ - char *save; + unsigned char *save; size_t len; quoted++; /* Skip leading quote. */ @@ -1123,7 +1136,7 @@ sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, { if (whitespacep (hexfmt)) continue; - *c.pos++ = hextobyte (hexfmt); + *c.pos++ = hextobyte ((const unsigned char*)hexfmt); hexfmt++; } hexfmt = NULL; @@ -1517,7 +1530,7 @@ suitable_encoding (const unsigned char *buffer, size_t length) static int -convert_to_hex (const unsigned char *src, size_t len, unsigned char *dest) +convert_to_hex (const unsigned char *src, size_t len, char *dest) { int i; @@ -1532,11 +1545,11 @@ convert_to_hex (const unsigned char *src, size_t len, unsigned char *dest) } static int -convert_to_string (const unsigned char *s, size_t len, unsigned char *dest) +convert_to_string (const unsigned char *s, size_t len, char *dest) { if (dest) { - unsigned char *p = dest; + char *p = dest; *p++ = '\"'; for (; len; len--, s++ ) { @@ -1594,7 +1607,7 @@ convert_to_string (const unsigned char *s, size_t len, unsigned char *dest) static int -convert_to_token (const unsigned char *src, size_t len, unsigned char *dest) +convert_to_token (const unsigned char *src, size_t len, char *dest) { if (dest) memcpy (dest, src, len); @@ -1609,11 +1622,11 @@ convert_to_token (const unsigned char *src, size_t len, unsigned char *dest) * the required length is returned. */ size_t -gcry_sexp_sprint( const gcry_sexp_t list, int mode, - char *buffer, size_t maxlength ) +gcry_sexp_sprint (const gcry_sexp_t list, int mode, + void *buffer, size_t maxlength ) { - static byte empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP }; - const byte *s; + static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP }; + const unsigned char *s; char *d; DATALEN n; char numbuf[20]; @@ -1764,7 +1777,7 @@ gcry_sexp_canon_len (const unsigned char *buffer, size_t length, size_t *erroff, gcry_error_t *errcode) { const unsigned char *p; - const char *disphint=NULL; + const unsigned char *disphint = NULL; unsigned int datalen = 0; size_t dummy_erroff; gcry_error_t dummy_errcode; @@ -1857,7 +1870,7 @@ gcry_sexp_canon_len (const unsigned char *buffer, size_t length, } else if (*p == ']') { - if( !disphint ) + if ( !disphint ) { *erroff = count; *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH); diff --git a/tests/ChangeLog b/tests/ChangeLog index fb32c390..8e619fd4 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,12 @@ +2007-02-21 Werner Koch <wk@g10code.com> + + * hmac.c (check_one_mac): Make pointer args const. + * basic.c (check_one_md): Ditto. + (check_one_hmac): Ditto. + + * keygen.c (progress_cb): Filter out line feeds. + * basic.c (progress_handler): Ditto. + 2006-12-18 Werner Koch <wk@g10code.com> * Makefile.am (AM_CFLAGS, AM_CPPFLAGS): Splitted and merged with diff --git a/tests/basic.c b/tests/basic.c index bbc680e0..f20f7b59 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -79,7 +79,16 @@ void progress_handler (void *cb_data, const char *what, int printchar, int current, int total) { - putchar (printchar); + (void)cb_data; + (void)what; + (void)current; + (void)total; + + if (printchar == '\n') + fputs ( "<LF>", stdout); + else + putchar (printchar); + fflush (stdout); } static void @@ -1004,7 +1013,7 @@ check_ciphers (void) static void -check_one_md (int algo, char *data, int len, char *expect) +check_one_md (int algo, const char *data, int len, const char *expect) { gcry_md_hd_t hd, hd2; unsigned char *p; @@ -1069,8 +1078,8 @@ check_digests (void) static struct algos { int md; - char *data; - char *expect; + const char *data; + const char *expect; } algos[] = { { GCRY_MD_MD4, "", @@ -1245,8 +1254,8 @@ check_digests (void) } static void -check_one_hmac (int algo, char *data, int datalen, - char *key, int keylen, char *expect) +check_one_hmac (int algo, const char *data, int datalen, + const char *key, int keylen, const char *expect) { gcry_md_hd_t hd, hd2; unsigned char *p; @@ -1306,9 +1315,9 @@ check_hmac (void) static struct algos { int md; - char *data; - char *key; - char *expect; + const char *data; + const char *key; + const char *expect; } algos[] = { { GCRY_MD_MD5, "what do ya want for nothing?", "Jefe", @@ -1666,6 +1675,8 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey) { NULL } }; + (void)n; + rc = gcry_sexp_sscan (&badhash, NULL, baddata, strlen (baddata)); if (rc) die ("converting data failed: %s\n", gpg_strerror (rc)); @@ -1736,7 +1747,8 @@ check_one_pubkey (int n, test_spec_pubkey_t spec) if (err) die ("converting sample key failed: %s\n", gpg_strerror (err)); - do_check_one_pubkey (n, skey, pkey, spec.key.grip, spec.flags); + do_check_one_pubkey (n, skey, pkey, + (const unsigned char*)spec.key.grip, spec.flags); gcry_sexp_release (skey); gcry_sexp_release (pkey); diff --git a/tests/hmac.c b/tests/hmac.c index 5e71f2c9..9d87dbb5 100644 --- a/tests/hmac.c +++ b/tests/hmac.c @@ -57,12 +57,12 @@ die (const char *format, ...) static void check_one_mac (int algo, - void *key, size_t keylen, - void *data, size_t datalen, - char *expect) + const void *key, size_t keylen, + const void *data, size_t datalen, + const char *expect) { gcry_md_hd_t hd; - char *p; + unsigned char *p; int mdlen; int i; gcry_error_t err = 0; diff --git a/tests/keygen.c b/tests/keygen.c index 25f753ea..f5d5610c 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -271,7 +271,15 @@ static void progress_cb (void *cb_data, const char *what, int printchar, int current, int total) { - putchar (printchar); + (void)cb_data; + (void)what; + (void)current; + (void)total; + + if (printchar == '\n') + fputs ( "<LF>", stdout); + else + putchar (printchar); fflush (stdout); } diff --git a/tests/keygrip.c b/tests/keygrip.c index 36ebb276..351139f1 100644 --- a/tests/keygrip.c +++ b/tests/keygrip.c @@ -113,6 +113,11 @@ static void progress_handler (void *cb_data, const char *what, int printchar, int current, int total) { + (void)cb_data; + (void)what; + (void)current; + (void)total; + putchar (printchar); } diff --git a/tests/register.c b/tests/register.c index 1181beb9..49686017 100644 --- a/tests/register.c +++ b/tests/register.c @@ -45,6 +45,10 @@ die (const char *format, ...) gcry_err_code_t foo_setkey (void *c, const unsigned char *key, unsigned keylen) { + (void)c; + (void)key; + (void)keylen; + return 0; } @@ -55,6 +59,8 @@ foo_encrypt (void *c, unsigned char *outbuf, const unsigned char *inbuf) { int i; + (void)c; + for (i = 0; i < FOO_BLOCKSIZE; i++) outbuf[i] = inbuf[i] ^ 0x42; } @@ -64,6 +70,8 @@ foo_decrypt (void *c, unsigned char *outbuf, const unsigned char *inbuf) { int i; + (void)c; + for (i = 0; i < FOO_BLOCKSIZE; i++) outbuf[i] = inbuf[i] ^ 0x42; } diff --git a/tests/tsexp.c b/tests/tsexp.c index 5f3205cb..1d71208e 100644 --- a/tests/tsexp.c +++ b/tests/tsexp.c @@ -222,7 +222,7 @@ canon_len (void) size_t expected;/* expected length or 0 on error and then ... */ size_t erroff; /* ... and at this offset */ gcry_error_t errcode; /* ... with this error code */ - unsigned char *text; + const char *text; } values[] = { { 14, 13, 0, GPG_ERR_NO_ERROR, "(9:abcdefghi) " }, { 16, 15, 0, GPG_ERR_NO_ERROR, "(10:abcdefghix)" }, @@ -341,7 +341,7 @@ back_and_forth_one (int testno, const char *buffer, size_t length) static void back_and_forth (void) { - static struct { char *buf; int len; } tests[] = { + static struct { const char *buf; int len; } tests[] = { { "(7:g34:fgh1::2:())", 0 }, { "(7:g34:fgh1::2:())", 18 }, { |