diff options
| -rw-r--r-- | cipher/ChangeLog | 21 | ||||
| -rw-r--r-- | cipher/cipher.c | 8 | ||||
| -rw-r--r-- | cipher/dsa.c | 6 | ||||
| -rw-r--r-- | cipher/dynload.c | 37 | ||||
| -rw-r--r-- | cipher/elgamal.c | 8 | ||||
| -rw-r--r-- | cipher/md.c | 1 | ||||
| -rw-r--r-- | cipher/md5.c | 2 | ||||
| -rw-r--r-- | cipher/primegen.c | 13 | ||||
| -rw-r--r-- | cipher/pubkey.c | 1 | ||||
| -rw-r--r-- | cipher/random.c | 11 | ||||
| -rw-r--r-- | cipher/rmd160.c | 2 | ||||
| -rw-r--r-- | cipher/rndegd.c | 41 | ||||
| -rw-r--r-- | cipher/rndlinux.c | 15 | ||||
| -rw-r--r-- | cipher/rndunix.c | 2 | ||||
| -rw-r--r-- | cipher/rndw32.c | 1 | ||||
| -rw-r--r-- | cipher/sha1.c | 2 | ||||
| -rw-r--r-- | cipher/smallprime.c | 1 | ||||
| -rw-r--r-- | cipher/tiger.c | 2 | ||||
| -rw-r--r-- | cipher/twofish.c | 1 | ||||
| -rw-r--r-- | configure.in | 4 | ||||
| -rw-r--r-- | mpi/ChangeLog | 20 | ||||
| -rw-r--r-- | mpi/mpicoder.c | 14 | ||||
| -rw-r--r-- | mpi/mpih-mul.c | 11 | ||||
| -rw-r--r-- | mpi/mpiutil.c | 173 | ||||
| -rw-r--r-- | src/ChangeLog | 9 | ||||
| -rw-r--r-- | src/Makefile.am | 9 | ||||
| -rw-r--r-- | src/gcrypt.h | 27 | ||||
| -rw-r--r-- | src/global.c | 14 | ||||
| -rw-r--r-- | src/misc.c | 123 | ||||
| -rw-r--r-- | src/mpiapi.c | 7 | ||||
| -rw-r--r-- | src/sexp.c | 27 | ||||
| -rw-r--r-- | src/testapi.c | 23 |
32 files changed, 390 insertions, 246 deletions
diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 8231cbed..bfe180d9 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,24 @@ +Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de> + + * dynload.c (cmp_filenames): New to replaced compare_filename() in + module. + (register_cipher_extension): Removed the tilde expansion stuff. + * rndeg.c (my_make_filename): New. + + * : Replaced header util.h by g10lib.h + + * random.c (gather_faked): Replaced make_timestamp by time(2). + Disabled wrning printed with tty_printf. + * rndlinux.c (gather_random): Always use fprintf instead of tty_xxx; + this should be replaced by a callback function. + + * primegen.c (gen_prime): Use gcry_mpi_randomize. + (is_prime): Ditto. + * elgamal.c (test_keys): Ditto. + * dsa.c (test_keys): Ditto. + + * cipher.c (gcry_cipher_close): Die on invalid handle. + Mon Nov 15 21:36:02 CET 1999 Werner Koch <wk@gnupg.de> * elgamal.c (gen_k): Use the new random API. diff --git a/cipher/cipher.c b/cipher/cipher.c index 0a1ad604..1a7a6584 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "des.h" #include "blowfish.h" @@ -418,10 +417,9 @@ gcry_cipher_close( GCRY_CIPHER_HD h ) { if( !h ) return; - if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) { - fatal_invalid_arg("gcry_cipher_close: already closed/invalid handle"); - return; - } + if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) + g10_fatal_error(GCRYERR_INTERNAL, + "gcry_cipher_close: already closed/invalid handle"); h->magic = 0; g10_free(h); } diff --git a/cipher/dsa.c b/cipher/dsa.c index 91c797c4..903625c1 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -24,7 +24,6 @@ #include <string.h> #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "dsa.h" @@ -130,10 +129,7 @@ test_keys( DSA_secret_key *sk, unsigned qbits ) pk.q = sk->q; pk.g = sk->g; pk.y = sk->y; - { char *p = gcry_random_bytes( (qbits+7)/8, GCRY_WEAK_RANDOM ); - mpi_set_buffer( test, p, (qbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( test, qbits, GCRY_WEAK_RANDOM ); sign( out1_a, out1_b, test, sk ); if( !verify( out1_a, out1_b, test, &pk ) ) diff --git a/cipher/dynload.c b/cipher/dynload.c index 962b398a..262325c7 100644 --- a/cipher/dynload.c +++ b/cipher/dynload.c @@ -32,7 +32,6 @@ #include <errno.h> #endif #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "dynload.h" @@ -102,6 +101,20 @@ static int dld_available; #endif +static int +cmp_filenames( const char *a, const char *b ) +{ + /* ? check whether this is an absolute filename and + * resolve symlinks? + */ + #ifdef HAVE_DRIVE_LETTERS + return stricmp(a,b); + #else + return strcmp(a,b); + #endif +} + + /**************** * Register an extension module. The last registered module will * be loaded first. A name may have a list of classes @@ -125,21 +138,9 @@ register_cipher_extension( const char *mainpgm, const char *fname ) if( !mainpgm_path && mainpgm && *mainpgm ) mainpgm_path = m_strdup(mainpgm); #endif - if( *fname != '/' ) { /* do tilde expansion etc */ - char *tmp; - - if( strchr(fname, '/') ) - tmp = make_filename(fname, NULL); - else - tmp = make_filename(GNUPG_LIBDIR, fname, NULL); - el = g10_xcalloc( 1, sizeof *el + strlen(tmp) ); - strcpy(el->name, tmp ); - g10_free(tmp); - } - else { - el = g10_xcalloc( 1, sizeof *el + strlen(fname) ); - strcpy(el->name, fname ); - } + el = g10_xcalloc( 1, sizeof *el + strlen(fname) ); + strcpy(el->name, fname ); + /* check whether we have a class hint */ if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) { *p = *pe = 0; @@ -151,7 +152,7 @@ register_cipher_extension( const char *mainpgm, const char *fname ) /* check that it is not already registered */ intex = NULL; for(r = extensions; r; r = r->next ) { - if( !compare_filenames(r->name, el->name) ) { + if( !cmp_filenames(r->name, el->name) ) { log_info("extension `%s' already registered\n", el->name ); g10_free(el); return; @@ -187,7 +188,7 @@ register_internal_cipher_extension( /* check that it is not already registered */ for(r = extensions; r; r = r->next ) { - if( !compare_filenames(r->name, el->name) ) { + if( !cmp_filenames(r->name, el->name) ) { log_info("extension `%s' already registered\n", el->name ); g10_free(el); return; diff --git a/cipher/elgamal.c b/cipher/elgamal.c index d5790645..f88aa91d 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -27,7 +27,6 @@ #include <stdlib.h> #include <string.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "elgamal.h" @@ -77,12 +76,7 @@ test_keys( ELG_secret_key *sk, unsigned nbits ) pk.g = sk->g; pk.y = sk->y; - /*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/ - { char *p = gcry_random_bytes( (nbits+7)/8, GCRY_WEAK_RANDOM ); - mpi_set_buffer( test, p, (nbits+7)/8, 0 ); - g10_free(p); - } - + gcry_mpi_randomize( test, nbits, GCRY_WEAK_RANDOM ); encrypt( out1_a, out1_b, test, &pk ); decrypt( out2, out1_a, out1_b, sk ); diff --git a/cipher/md.c b/cipher/md.c index 480954a6..bc9c6e86 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "cipher.h" #include "dynload.h" #include "rmd.h" diff --git a/cipher/md5.c b/cipher/md5.c index bb930d04..161d4430 100644 --- a/cipher/md5.c +++ b/cipher/md5.c @@ -33,7 +33,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "dynload.h" diff --git a/cipher/primegen.c b/cipher/primegen.c index 5dc1e1a4..cb7327a4 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -29,7 +29,6 @@ #include <string.h> #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" @@ -307,10 +306,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel ) int dotcount=0; /* generate a random number */ - { char *p = get_random_bits( nbits, randomlevel, secret ); - mpi_set_buffer( prime, p, (nbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( prime, nbits, randomlevel ); /* set high order bit to 1, set low order bit to 1 */ mpi_set_highbit( prime, nbits-1 ); @@ -434,11 +430,8 @@ is_prime( MPI n, int steps, int *count ) mpi_set_ui( x, 2 ); } else { - /*mpi_set_bytes( x, nbits-1, get_random_byte, 0 );*/ - { char *p = get_random_bits( nbits, 0, 0 ); - mpi_set_buffer( x, p, (nbits+7)/8, 0 ); - g10_free(p); - } + gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM ); + /* make sure that the number is smaller than the prime * and keep the randomness of the high bit */ if( mpi_test_bit( x, nbits-2 ) ) { diff --git a/cipher/pubkey.c b/cipher/pubkey.c index b77ebffa..49f4773e 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -26,7 +26,6 @@ #include <assert.h> #include "g10lib.h" -#include "util.h" #include "mpi.h" #include "cipher.h" #include "elgamal.h" diff --git a/cipher/random.c b/cipher/random.c index d80b870b..78c9ecda 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -46,7 +46,6 @@ #include <sys/resource.h> #endif #include "g10lib.h" -#include "util.h" #include "rmd.h" #include "ttyio.h" #include "random.h" @@ -463,14 +462,20 @@ gather_faked( void (*add)(const void*, size_t, int), int requester, if( !initialized ) { log_info(_("WARNING: using insecure random number generator!!\n")); + /* we can't use tty_printf here - do we need this function at + all - does it really make sense or canit be viewed as a potential + security problem ? wk 17.11.99 */ + #warning Extended warning disabled + #if 0 tty_printf(_("The random number generator is only a kludge to let\n" "it run - it is in no way a strong RNG!\n\n" "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n")); + #endif initialized=1; #ifdef HAVE_RAND - srand(make_timestamp()*getpid()); + srand( time(NULL) * getpid()); #else - srandom(make_timestamp()*getpid()); + srandom( time(NULL) * getpid()); #endif } diff --git a/cipher/rmd160.c b/cipher/rmd160.c index ecd65b35..7b230087 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -23,7 +23,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "rmd.h" #include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */ diff --git a/cipher/rndegd.c b/cipher/rndegd.c index d6a6a394..36c8b4e3 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -32,7 +32,6 @@ #include <sys/un.h> #include "types.h" #include "g10lib.h" -#include "util.h" #include "ttyio.h" #include "dynload.h" #include "cipher.h" @@ -41,6 +40,44 @@ #define offsetof(type, member) ((size_t) &((type *)0)->member) #endif + +/* FIXME: this is duplicated code from util/fileutil + * I don't think that this code should go into libgcrypt anyway. + */ +char * +my_make_filename( const char *first_part, ... ) +{ + va_list arg_ptr ; + size_t n; + const char *s; + char *name, *home, *p; + + va_start( arg_ptr, first_part ) ; + n = strlen(first_part)+1; + while( (s=va_arg(arg_ptr, const char *)) ) + n += strlen(s) + 1; + va_end(arg_ptr); + + home = NULL; + if( *first_part == '~' && first_part[1] == '/' + && (home = getenv("HOME")) && *home ) + n += strlen(home); + + name = m_alloc(n); + p = home ? stpcpy(stpcpy(name,home), first_part+1) + : stpcpy(name, first_part); + va_start( arg_ptr, first_part ) ; + while( (s=va_arg(arg_ptr, const char *)) ) + p = stpcpy(stpcpy(p,"/"), s); + va_end(arg_ptr); + + return name; +} + + + + + static int do_write( int fd, void *buf, size_t nbytes ) { @@ -104,7 +141,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester, } } if( fd == -1 ) { - char *name = make_filename( g10_opt_homedir, "entropy", NULL ); + char *name = my_make_filename( g10_opt_homedir, "entropy", NULL ); struct sockaddr_un addr; int addr_len; diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c index 63befd25..d25abcd3 100644 --- a/cipher/rndlinux.c +++ b/cipher/rndlinux.c @@ -41,8 +41,7 @@ #endif #endif #include "types.h" -#include "g10lib.h" /* need this for i18n */ -#include "util.h" +#include "g10lib.h" #include "ttyio.h" #include "dynload.h" @@ -121,12 +120,9 @@ gather_random( void (*add)(const void*, size_t, int), int requester, tv.tv_sec = 3; tv.tv_usec = 0; if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { + #warning FIXME: Replace fprintf by a callback if( !warn ) - #ifdef IS_MODULE fprintf(stderr, - #else - tty_printf( - #endif _("\n" "Not enough random bytes available. Please do some other work to give\n" "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length ); @@ -134,12 +130,7 @@ _("\n" continue; } else if( rc == -1 ) { - #ifdef IS_MODULE - fprintf(stderr, - #else - tty_printf( - #endif - "select() error: %s\n", strerror(errno)); + fprintf(stderr, "select() error: %s\n", strerror(errno)); continue; } diff --git a/cipher/rndunix.c b/cipher/rndunix.c index 849f1e00..4ab9f65f 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -97,7 +97,7 @@ #ifndef IS_MODULE #include "dynload.h" #endif -#include "util.h" +#include "g10lib.h" #ifndef EAGAIN #define EAGAIN EWOULDBLOCK diff --git a/cipher/rndw32.c b/cipher/rndw32.c index d7801e39..c1045851 100644 --- a/cipher/rndw32.c +++ b/cipher/rndw32.c @@ -29,7 +29,6 @@ #include "types.h" #include "g10lib.h" -#include "util.h" #include "dynload.h" diff --git a/cipher/sha1.c b/cipher/sha1.c index 40ad62f1..f231e37b 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -36,7 +36,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" #include "dynload.h" #include "bithelp.h" diff --git a/cipher/smallprime.c b/cipher/smallprime.c index 8187aa76..d50e3174 100644 --- a/cipher/smallprime.c +++ b/cipher/smallprime.c @@ -21,7 +21,6 @@ #include <config.h> #include <stdio.h> #include <stdlib.h> -#include "util.h" #include "types.h" /* Note: 2 is not included because it can be tested more easily diff --git a/cipher/tiger.c b/cipher/tiger.c index 0765f0bb..0e42160a 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -23,7 +23,7 @@ #include <stdlib.h> #include <string.h> #include <assert.h> -#include "util.h" +#include "g10lib.h" #include "memory.h" diff --git a/cipher/twofish.c b/cipher/twofish.c index 42eed8bf..1eea4b8e 100644 --- a/cipher/twofish.c +++ b/cipher/twofish.c @@ -28,7 +28,6 @@ #include "types.h" /* for byte and u32 typedefs */ #include "g10lib.h" -#include "util.h" #include "dynload.h" diff --git a/configure.in b/configure.in index 8f1ab0b2..0bd7ecfa 100644 --- a/configure.in +++ b/configure.in @@ -172,8 +172,8 @@ dnl dnl Build shared libraries only when compilation of libgcrypt dnl has been requested dnl -AM_DISABLE_SHARED -enable_shared="$compile_libgcrypt" +dnl AM_DISABLE_STATIC +dnl enable_shared="$compile_libgcrypt" AM_PROG_LIBTOOL diff --git a/mpi/ChangeLog b/mpi/ChangeLog index d6cf6e3e..3a0fca1a 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,23 @@ +Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de> + + * mpicoder.c (g10_log_mpidump): Add a temporary workaround + + * mpih-mul.c (mpihelp_mul_n): s/m_is_ecure/g10_is_secure/ + + * mpiutil.c (mpi_alloc): Remved the debug mode because it has turned + out, that this feature was not very useful in the past. Use the + new alloc functions. + (mpi_alloc_secure): Ditto. + (mpi_alloc_limb_space): Ditto. + (mpi_free_limb_space): Ditto. + (mpi_resize): Ditto. + (mpi_free): Ditto. + (mpi_set_secure): Removed the debug stuff. + (mpi_set_opaque): Ditto. + (mpi_copy): Ditto. + (mpi_alloc_set_ui): Ditto. + (mpi_m_check): Use g10_ wrapper. + Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index dae6eb4e..25d37ec4 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -42,6 +42,9 @@ int mpi_write( IOBUF out, MPI a ) { + return -1; + #warning Function is disabled + #if 0 int rc; unsigned nbits = mpi_get_nbits(a); byte *p, *buf; @@ -57,6 +60,7 @@ mpi_write( IOBUF out, MPI a ) rc = iobuf_write( out, p, n ); m_free(buf); return rc; + #endif } @@ -73,6 +77,9 @@ mpi_debug_read(IOBUF inp, unsigned *ret_nread, int secure, const char *info) mpi_read(IOBUF inp, unsigned *ret_nread, int secure) #endif { + return NULL; + #warning Function is disabled + #if 0 int c, i, j; unsigned nbits, nbytes, nlimbs, nread=0; mpi_limb_t a; @@ -120,6 +127,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure) else *ret_nread = nread; return val; + #endif } @@ -246,6 +254,7 @@ mpi_fromstr(MPI val, const char *str) /**************** * print an MPI to the given stream and return the number of characters * printed. + * FIXME: Replace this by the more generic gcry_mpi_print() */ int mpi_print( FILE *fp, MPI a, int mode ) @@ -289,9 +298,10 @@ mpi_print( FILE *fp, MPI a, int mode ) void g10_log_mpidump( const char *text, MPI a ) { - FILE *fp = log_stream(); + FILE *fp = stderr; /* used to be log_stream() */ - g10_log_print_prefix(text); + /* FIXME: Replace this function by a g10_log_xxx one */ + fprintf(fp,"%s: ",text); mpi_print(fp, a, 1 ); fputc('\n', fp); } diff --git a/mpi/mpih-mul.c b/mpi/mpih-mul.c index 7707c0e3..67749f4c 100644 --- a/mpi/mpih-mul.c +++ b/mpi/mpih-mul.c @@ -31,6 +31,7 @@ #include <stdlib.h> #include "mpi-internal.h" #include "longlong.h" +#include "g10lib.h" /* for g10_is_secure() */ @@ -352,7 +353,7 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size) mpih_sqr_n_basecase( prodp, up, size ); else { mpi_ptr_t tspace; - secure = m_is_secure( up ); + secure = g10_is_secure( up ); tspace = mpi_alloc_limb_space( 2 * size, secure ); mpih_sqr_n( prodp, up, size, tspace ); mpi_free_limb_space( tspace ); @@ -363,7 +364,7 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size) mul_n_basecase( prodp, up, vp, size ); else { mpi_ptr_t tspace; - secure = m_is_secure( up ) || m_is_secure( vp ); + secure = g10_is_secure( up ) || g10_is_secure( vp ); tspace = mpi_alloc_limb_space( 2 * size, secure ); mul_n (prodp, up, vp, size, tspace); mpi_free_limb_space( tspace ); @@ -438,15 +439,15 @@ mpihelp_mul( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t usize, } tspace = mpi_alloc_limb_space( 2 * vsize, - m_is_secure( up ) || m_is_secure( vp ) ); + g10_is_secure( up ) || g10_is_secure( vp ) ); MPN_MUL_N_RECURSE( prodp, up, vp, vsize, tspace ); prodp += vsize; up += vsize; usize -= vsize; if( usize >= vsize ) { - mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, m_is_secure( up ) - || m_is_secure( vp ) ); + mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, g10_is_secure( up ) + || g10_is_secure( vp ) ); do { MPN_MUL_N_RECURSE( tp, up, vp, vsize, tspace ); cy = mpihelp_add_n( prodp, prodp, tp, vsize ); diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 62cb882d..317940b5 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -27,14 +27,7 @@ #include "mpi.h" #include "mpi-internal.h" #include "memory.h" -#include "util.h" - - -#ifdef M_DEBUG - #undef mpi_alloc - #undef mpi_alloc_secure - #undef mpi_free -#endif +#include "g10lib.h" /**************** * Note: It was a bad idea to use the number of limbs to allocate @@ -44,23 +37,14 @@ * But mpi_alloc is used in a lot of places :-) */ MPI -#ifdef M_DEBUG -mpi_debug_alloc( unsigned nlimbs, const char *info ) -#else mpi_alloc( unsigned nlimbs ) -#endif { MPI a; if( DBG_MEMORY ) log_debug("mpi_alloc(%u)\n", nlimbs*BITS_PER_MPI_LIMB ); - #ifdef M_DEBUG - a = m_debug_alloc( sizeof *a, info ); - a->d = nlimbs? mpi_debug_alloc_limb_space( nlimbs, 0, info ) : NULL; - #else - a = m_alloc( sizeof *a ); + a = g10_xmalloc( sizeof *a ); a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 0 ) : NULL; - #endif a->alloced = nlimbs; a->nlimbs = 0; a->sign = 0; @@ -72,28 +56,19 @@ mpi_alloc( unsigned nlimbs ) void mpi_m_check( MPI a ) { - m_check(a); - m_check(a->d); + g10_check_heap(a); + g10_check_heap(a->d); } MPI -#ifdef M_DEBUG -mpi_debug_alloc_secure( unsigned nlimbs, const char *info ) -#else mpi_alloc_secure( unsigned nlimbs ) -#endif { MPI a; if( DBG_MEMORY ) log_debug("mpi_alloc_secure(%u)\n", nlimbs*BITS_PER_MPI_LIMB ); - #ifdef M_DEBUG - a = m_debug_alloc( sizeof *a, info ); - a->d = nlimbs? mpi_debug_alloc_limb_space( nlimbs, 1, info ) : NULL; - #else - a = m_alloc( sizeof *a ); + a = g10_xmalloc( sizeof *a ); a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 1 ) : NULL; - #endif a->alloced = nlimbs; a->flags = 1; a->nlimbs = 0; @@ -103,90 +78,30 @@ mpi_alloc_secure( unsigned nlimbs ) } -#if 0 -static void *unused_limbs_5; -static void *unused_limbs_32; -static void *unused_limbs_64; -#endif mpi_ptr_t -#ifdef M_DEBUG -mpi_debug_alloc_limb_space( unsigned nlimbs, int secure, const char *info ) -#else mpi_alloc_limb_space( unsigned nlimbs, int secure ) -#endif { size_t len = nlimbs * sizeof(mpi_limb_t); mpi_ptr_t p; if( DBG_MEMORY ) log_debug("mpi_alloc_limb_space(%u)\n", (unsigned)len*8 ); - #if 0 - if( !secure ) { - if( nlimbs == 5 && unused_limbs_5 ) { /* DSA 160 bits */ - p = unused_limbs_5; - unused_limbs_5 = *p; - return p; - } - else if( nlimbs == 32 && unused_limbs_32 ) { /* DSA 1024 bits */ - p = unused_limbs_32; - unused_limbs_32 = *p; - return p; - } - else if( nlimbs == 64 && unused_limbs_64 ) { /* DSA 2*1024 bits */ - p = unused_limbs_64; - unused_limbs_64 = *p; - return p; - } - } - #endif - #ifdef M_DEBUG - p = secure? m_debug_alloc_secure(len, info):m_debug_alloc( len, info ); - #else - p = secure? m_alloc_secure( len ):m_alloc( len ); - #endif + p = secure? g10_xmalloc_secure( len ) : g10_xmalloc( len ); return p; } void -#ifdef M_DEBUG -mpi_debug_free_limb_space( mpi_ptr_t a, const char *info ) -#else mpi_free_limb_space( mpi_ptr_t a ) -#endif { if( !a ) return; if( DBG_MEMORY ) - log_debug("mpi_free_limb_space of size %lu\n", (ulong)m_size(a)*8 ); - - #if 0 - if( !m_is_secure(a) ) { - size_t nlimbs = m_size(a) / 4 ; - void *p = a; - - if( nlimbs == 5 ) { /* DSA 160 bits */ - *a = unused_limbs_5; - unused_limbs_5 = a; - return; - } - else if( nlimbs == 32 ) { /* DSA 1024 bits */ - *a = unused_limbs_32; - unused_limbs_32 = a; - return; - } - else if( nlimbs == 64 ) { /* DSA 2*1024 bits */ - *a = unused_limbs_64; - unused_limbs_64 = a; - return; - } - } - #endif + log_debug("mpi_free_limb_space\n" ); - - m_free(a); + g10_free(a); } @@ -202,33 +117,22 @@ mpi_assign_limb_space( MPI a, mpi_ptr_t ap, unsigned nlimbs ) /**************** * Resize the array of A to NLIMBS. the additional space is cleared - * (set to 0) [done by m_realloc()] + * (set to 0) [done by g10_realloc()] */ void -#ifdef M_DEBUG -mpi_debug_resize( MPI a, unsigned nlimbs, const char *info ) -#else mpi_resize( MPI a, unsigned nlimbs ) -#endif { if( nlimbs <= a->alloced ) return; /* no need to do it */ /* Note: a->secure is not used - instead the realloc functions * take care of it. Maybe we should drop a->secure completely * and rely on a mpi_is_secure function, which would be - * a wrapper around m_is_secure + * a wrapper around g10_is_secure */ - #ifdef M_DEBUG - if( a->d ) - a->d = m_debug_realloc(a->d, nlimbs * sizeof(mpi_limb_t), info ); - else - a->d = m_debug_alloc_clear( nlimbs * sizeof(mpi_limb_t), info ); - #else if( a->d ) - a->d = m_realloc(a->d, nlimbs * sizeof(mpi_limb_t) ); - else - a->d = m_alloc_clear( nlimbs * sizeof(mpi_limb_t) ); - #endif + a->d = g10_xrealloc(a->d, nlimbs * sizeof(mpi_limb_t) ); + else /* FIXME: It may not be allocted in secure memory */ + a->d = g10_xcalloc( nlimbs , sizeof(mpi_limb_t) ); a->alloced = nlimbs; } @@ -242,28 +146,20 @@ mpi_clear( MPI a ) void -#ifdef M_DEBUG -mpi_debug_free( MPI a, const char *info ) -#else mpi_free( MPI a ) -#endif { if( !a ) return; if( DBG_MEMORY ) log_debug("mpi_free\n" ); if( a->flags & 4 ) - m_free( a->d ); + g10_free( a->d ); else { - #ifdef M_DEBUG - mpi_debug_free_limb_space(a->d, info); - #else mpi_free_limb_space(a->d); - #endif } if( a->flags & ~7 ) log_bug("invalid flag value in mpi\n"); - m_free(a); + g10_free(a); } @@ -280,18 +176,10 @@ mpi_set_secure( MPI a ) assert(!ap); return; } - #ifdef M_DEBUG - bp = mpi_debug_alloc_limb_space( a->nlimbs, 1, "set_secure" ); - #else bp = mpi_alloc_limb_space( a->nlimbs, 1 ); - #endif MPN_COPY( bp, ap, a->nlimbs ); a->d = bp; - #ifdef M_DEBUG - mpi_debug_free_limb_space(ap, "set_secure"); - #else mpi_free_limb_space(ap); - #endif } @@ -299,21 +187,13 @@ MPI mpi_set_opaque( MPI a, void *p, int len ) { if( !a ) { - #ifdef M_DEBUG - a = mpi_debug_alloc(0,"alloc_opaque"); - #else a = mpi_alloc(0); - #endif } if( a->flags & 4 ) - m_free( a->d ); + g10_free( a->d ); else { - #ifdef M_DEBUG - mpi_debug_free_limb_space(a->d, "alloc_opaque"); - #else mpi_free_limb_space(a->d); - #endif } a->d = p; @@ -341,29 +221,20 @@ mpi_get_opaque( MPI a, int *len ) * but copy it transparently. */ MPI -#ifdef M_DEBUG -mpi_debug_copy( MPI a, const char *info ) -#else mpi_copy( MPI a ) -#endif { int i; MPI b; if( a && (a->flags & 4) ) { - void *p = m_is_secure(a->d)? m_alloc_secure( a->nbits ) - : m_alloc( a->nbits ); + void *p = g10_is_secure(a->d)? g10_xmalloc_secure( a->nbits ) + : g10_xmalloc( a->nbits ); memcpy( p, a->d, a->nbits ); b = mpi_set_opaque( NULL, p, a->nbits ); } else if( a ) { - #ifdef M_DEBUG - b = mpi_is_secure(a)? mpi_debug_alloc_secure( a->nlimbs, info ) - : mpi_debug_alloc( a->nlimbs, info ); - #else b = mpi_is_secure(a)? mpi_alloc_secure( a->nlimbs ) : mpi_alloc( a->nlimbs ); - #endif b->nlimbs = a->nlimbs; b->sign = a->sign; b->flags = a->flags; @@ -388,8 +259,8 @@ mpi_alloc_like( MPI a ) MPI b; if( a && (a->flags & 4) ) { - void *p = m_is_secure(a->d)? m_alloc_secure( a->nbits ) - : m_alloc( a->nbits ); + void *p = g10_is_secure(a->d)? g10_malloc_secure( a->nbits ) + : g10_malloc( a->nbits ); memcpy( p, a->d, a->nbits ); b = mpi_set_opaque( NULL, p, a->nbits ); } @@ -440,11 +311,7 @@ mpi_set_ui( MPI w, unsigned long u) MPI mpi_alloc_set_ui( unsigned long u) { - #ifdef M_DEBUG - MPI w = mpi_debug_alloc(1,"alloc_set_ui"); - #else MPI w = mpi_alloc(1); - #endif w->d[0] = u; w->nlimbs = u? 1:0; w->sign = 0; diff --git a/src/ChangeLog b/src/ChangeLog index 778a003f..128e6af8 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,12 @@ +Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de> + + * sexp.c (dump_string): New. Taken from gnupg/util/miscutil.c. + (do_dump_list): s/print_string/dump_string/. + + * testapi.c: New. + + * mpiapi.c (gcry_mpi_randomize): Use new random API. + Sat Nov 13 17:44:23 CET 1999 Werner Koch <wk@gnupg.de> * gloabl.c (gcry_control): Add cases for dumping random diff --git a/src/Makefile.am b/src/Makefile.am index eece892c..adcc0099 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -5,17 +5,20 @@ INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl lib_LTLIBRARIES = libgcrypt.la -#noinst_PROGRAMS = sexp +noinst_PROGRAMS = testapi #sexp_SOURCES = sexp.c mpiapi.c #sexp_LDADD = ../cipher/libcipher.la ../mpi/libmpi.la ../util/libutil.la ./libgcrypt.la @INTLLIBS@ - +testapi_SOURCES = testapi.c +testapi_LDADD = libgcrypt.la libgcrypt_la_LDFLAGS = -version-info 0:0:0 -export-symbols libgcrypt.sym libgcrypt_la_SOURCES = gcrypt.h \ misc.c \ global.c \ sexp.c \ - mpiapi.c + mpiapi.c \ + memory.c \ + secmem.c libgcrypt_la_DEPENDENCIES = libgcrypt.sym libgcrypt_la_LIBADD = ../cipher/libcipher.la \ diff --git a/src/gcrypt.h b/src/gcrypt.h index dee14cdf..85de69cd 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -20,6 +20,9 @@ #ifndef _GCRYPT_H #define _GCRYPT_H + +#include <stdarg.h> + #ifdef __cplusplus extern "C" { #endif @@ -355,15 +358,29 @@ int gcry_md_map_name( const char* name ); #define gcry_md_test_algo(a) \ gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) -/***************************************** - ******* miscellaneous stuff ********** - *****************************************/ - +/********************************************* + ******* random generating functions ******* + *********************************************/ void gcry_randomize( byte *buffer, size_t length, enum gcry_random_level level ); void *gcry_random_bytes( size_t nbytes, enum gcry_random_level level ); void *gcry_random_bytes_secure( size_t nbytes, enum gcry_random_level level ); +/***************************************** + ******* miscellaneous stuff ********** + *****************************************/ + +enum gcry_log_levels { + GCRY_LOG_CONT = 0, /* continue the last log line */ + GCRY_LOG_INFO = 10, + GCRY_LOG_WARN = 20, + GCRY_LOG_ERROR = 30, + GCRY_LOG_FATAL = 40, + GCRY_LOG_BUG = 50, + GCRY_LOG_DEBUG = 100, +}; + + /* Provide custom functions for special tasks of libgcrypt. */ void gcry_set_allocation_handler( void *(*new_alloc_func)(size_t n), @@ -376,6 +393,8 @@ void gcry_set_outofcore_handler( int (*h)( void*, size_t, unsigned int ), void gcry_set_fatalerror_handler( void (*fnc)(void*,int, const char*), void *opaque ); void gcry_set_gettext_handler( const char *(*f)(const char*) ); +void gcry_set_log_handler( void (*f)(void*,int, const char*, va_list ), + void *opaque ); /* Access to the memory function of libgcrypt. diff --git a/src/global.c b/src/global.c index 9a54bf6c..06d62f7e 100644 --- a/src/global.c +++ b/src/global.c @@ -179,9 +179,23 @@ g10_is_secure( const void *a ) return g10_private_is_secure( a ); } +void +g10_check_heap( const void *a ) +{ + /* FIXME: implement this*/ + #if 0 + if( some_handler ) + some_handler(a) + else + g10_private_check_heap(a) + #endif +} + void * g10_realloc( void *a, size_t n ) { + /* FIXME: Make sure that the realloced memory is cleared out */ + if( realloc_func ) return realloc_func( a, n ) ; return g10_private_realloc( a, n ); @@ -30,6 +30,8 @@ static void (*fatal_error_handler)(void*,int, const char*) = NULL; static void *fatal_error_handler_value = 0; +static void (*log_handler)(void*,int, const char*, va_list) = NULL; +static void *log_handler_value = 0; static const char *(*user_gettext_handler)( const char * ) = NULL; @@ -81,3 +83,124 @@ g10_fatal_error(int rc, const char *text ) abort(); } + +void +gcry_set_log_handler( void (*logf)(void*,int, const char*, va_list ), + void *opaque ) +{ + log_handler = logf; + log_handler_value = opaque; +} + + +/**************** + * This is our log function which prints all log messages to stderr or + * using the function defined with gcry_set_log_handler(). + */ +static void +g10_logv( int level, const char *fmt, va_list arg_ptr ) +{ + if( log_handler ) + log_handler( log_handler_value, level, fmt, arg_ptr ); + else { + switch ( level ) { + case GCRY_LOG_CONT: break; + case GCRY_LOG_INFO: break; + case GCRY_LOG_WARN: break; + case GCRY_LOG_ERROR: break; + case GCRY_LOG_FATAL: fputs("Fatal: ",stderr ); break; + case GCRY_LOG_BUG: fputs("Ohhhh jeeee: ", stderr); break; + case GCRY_LOG_DEBUG: fputs("DBG: ", stderr ); break; + default: fprintf(stderr,"[Unknown log level %d]: ", level ); break; + } + vfprintf(stderr,fmt,arg_ptr) ; + } + + if( level == GCRY_LOG_FATAL ) + exit(2); + else if( level == GCRY_LOG_BUG ) + abort(); +} + +void +g10_log( int level, const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( level, fmt, arg_ptr ); + va_end(arg_ptr); +} + + +#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ) +void +g10_bug( const char *file, int line, const char *func ) +{ + g10_log( GCRY_LOG_BUG, + ("... this is a bug (%s:%d:%s)\n"), file, line, func ); + abort(); /* never called, bugs it makes the compiler happy */ +} +#else +void +g10_bug( const char *file, int line ) +{ + g10_log( GCRY_LOG_BUG, + _("you found a bug ... (%s:%d)\n"), file, line); + abort(); /* never called, bugs it makes the compiler happy */ +} +#endif + +void +g10_log_info( const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( GCRY_LOG_INFO, fmt, arg_ptr ); + va_end(arg_ptr); +} + +void +g10_log_error( const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( GCRY_LOG_ERROR, fmt, arg_ptr ); + va_end(arg_ptr); +} + + +void +g10_log_fatal( const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( GCRY_LOG_FATAL, fmt, arg_ptr ); + va_end(arg_ptr); + abort(); /* never called, bugs it makes the compiler happy */ +} + +void +g10_log_bug( const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( GCRY_LOG_BUG, fmt, arg_ptr ); + va_end(arg_ptr); + abort(); /* never called, bugs it makes the compiler happy */ +} + +void +g10_log_debug( const char *fmt, ... ) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + g10_logv( GCRY_LOG_DEBUG, fmt, arg_ptr ); + va_end(arg_ptr); +} + diff --git a/src/mpiapi.c b/src/mpiapi.c index 28841652..da21aba5 100644 --- a/src/mpiapi.c +++ b/src/mpiapi.c @@ -1,5 +1,5 @@ /* mpiapi.a - MPI function interface - * Copyright (C) 1998 Free Software Foundation, Inc. + * Copyright (C) 1998,1999 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -92,7 +92,8 @@ void gcry_mpi_randomize( GCRY_MPI w, unsigned int nbits, enum gcry_random_level level ) { - char *p = get_random_bits( nbits, level, mpi_is_secure(w) ); + char *p = mpi_is_secure(w) ? gcry_random_bytes( (nbits+7)/8, level ) + : gcry_random_bytes_secure( (nbits+7)/8, level ); mpi_set_buffer( w, p, (nbits+7)/8, 0 ); m_free(p); } @@ -198,7 +199,7 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, } /**************** - * Write a in format into buffer which has a length of *NBYTES. + * Write a using format into buffer which has a length of *NBYTES. * Return the number of bytes actually written in nbytes. * TODO: Move this stuff to mpicoder.c or replace mpicoder.c */ @@ -37,7 +37,6 @@ #define GCRYPT_NO_MPI_MACROS 1 #include "g10lib.h" -#include "util.h" #include "memory.h" @@ -95,6 +94,30 @@ dump_mpi( GCRY_MPI a ) fputs( buffer, stderr ); } +static void +dump_string( FILE *fp, const byte *p, size_t n, int delim ) +{ + for( ; n; n--, p++ ) + if( iscntrl( *p ) || *p == delim ) { + putc('\\', fp); + if( *p == '\n' ) + putc('n', fp); + else if( *p == '\r' ) + putc('r', fp); + else if( *p == '\f' ) + putc('f', fp); + else if( *p == '\v' ) + putc('v', fp); + else if( *p == '\b' ) + putc('b', fp); + else if( !*p ) + putc('0', fp); + else + fprintf(fp, "x%02x", *p ); + } + else + putc(*p, fp); +} static void do_dump_list( NODE node, int indent ) @@ -112,7 +135,7 @@ do_dump_list( NODE node, int indent ) if( !node->u.data.len ) fputs("EMPTY", stderr ); else - print_string(stderr, node->u.data.d, node->u.data.len, ')'); + dump_string(stderr, node->u.data.d, node->u.data.len, ')'); putc(' ', stderr); break; case ntMPI: diff --git a/src/testapi.c b/src/testapi.c new file mode 100644 index 00000000..9e51b427 --- /dev/null +++ b/src/testapi.c @@ -0,0 +1,23 @@ +/* testapi.c - for libgcrypt + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <gcrypt.h> + + +int +main( int argc, char **argv ) +{ + GCRY_MD_HD md; + + + md = gcry_md_open( GCRY_MD_RMD160, 0 ); + + + + + return 0; +} + |