7 files changed, 88 insertions, 24 deletions

diff --git a/ChangeLog b/ChangeLog
index e8ea8951..dc3a75db 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2009-04-23  Werner Koch  <wk@g10code.com>
+
+	* README: Add a section on build problems.
+
 2009-01-22  Werner Koch  <wk@g10code.com>
 
 	* configure.ac: Bump LT version to C17/A7/R0 to mark the start of
diff --git a/README b/README
index 289296f0..5b1050c8 100644
--- a/README
+++ b/README
@@ -73,7 +73,7 @@
       cd doc
       make pdf
 
-
+      
 
     Mailing List
     ------------
@@ -132,7 +132,7 @@
                      time.  This is helpful to create OS X fat binaries.
 
      --enable-random-daemon
-                     Include support for a global random damon and
+                     Include support for a global random daemon and
                      build the daemon.  This is an experimental feature.
 
      --enable-mpi-path=EXTRA_PATH
@@ -170,7 +170,52 @@
                      available.  Try this if you get problems with
                      assembler code.
 
-       
+
+    Build Problems
+    --------------
+
+    We can't check all assembler files, so if you have problems
+    assembling them (or the program crashes) use --disable-asm with
+    ./configure.  If you opt to delete individual replacement files in
+    hopes of using the remaining ones, be aware that the configure
+    scripts may consider several subdirectories to get all available
+    assembler files; be sure to delete the correct ones.  Never delete
+    udiv-qrnnd.S in any CPU directory, because there may be no C
+    substitute (in mpi/genereic).  Don't forget to delete
+    "config.cache" and run "./config.status --recheck".  We got a few
+    reports about problems using versions of gcc earlier than 2.96
+    along with a non-GNU assembler (as).  If this applies to your
+    platform, you can either upgrade gcc to a more recent version, or
+    use the GNU assembler.
+
+    Some make tools are broken - the best solution is to use GNU's
+    make.  Try gmake or grab the sources from a GNU archive and
+    install them.
+
+    If you are cross-compiling and you get an error either building a
+    tool called "yat2m" or running that tool, the problem is most
+    likely a bad or missing native compiler.  We require a standard
+    C-89 compiler to produce an executable to be run on the build
+    platform.  You can explicitly set such a compiler with configure
+    arguments. On HP/UX you might want to try: "CC_FOR_BUILD=c89".
+
+    Specific problems on some machines:
+
+      * IBM RS/6000 running AIX
+
+	Due to a change in gcc (since version 2.8) the MPI stuff may
+	not build. In this case try to run configure using:
+	    CFLAGS="-g -O2 -mcpu=powerpc" ./configure
+
+      * SVR4.2 (ESIX V4.2 cc)
+
+        Due to problems with the ESIX as(1), you probably want to do:
+            CFLAGS="-O -K pentium" ./configure --disable-asm
+
+      * SunOS 4.1.4
+      
+         ./configure ac_cv_sys_symbol_underscore=yes
+
 
 
     License
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 3efd490c..27f686a3 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3 +1,8 @@
+2009-03-31  Werner Koch  <wk@g10code.com>
+
+	* rsa.c (rsa_check_secret_key): Return GPG_ERR_BAD_SECKEY and not
+	GPG_ERR_PUBKEY_ALGO.
+
 2009-02-16  Werner Koch  <wk@g10code.com>
 
 	* rsa.c (generate_x931): Do not initialize TBL with automatic
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 8ee60183..484d103d 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -886,7 +886,7 @@ rsa_check_secret_key (int algo, gcry_mpi_t *skey)
     err = GPG_ERR_NO_OBJ;  /* To check the key we need the optional
                               parameters. */
   else if (!check_secret_key (&sk))
-    err = GPG_ERR_PUBKEY_ALGO;
+    err = GPG_ERR_BAD_SECKEY;
 
   return err;
 }
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 835df381..a04cef62 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,12 @@
+2009-05-10  Werner Koch  <wk@g10code.com>
+
+	* gcrypt.texi (Working with cipher handles): Clarified that
+	keylengths are in bytes.
+
+2009-04-02  Werner Koch  <wk@g10code.com>
+
+	* gcrypt.texi (Self-Tests): Fix register fucntion names.
+
 2009-02-22  Werner Koch  <wk@g10code.com>
 
 	* gcrypt.texi (Memory allocation): Fix describion of gcry-calloc.
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 0bfc44b1..be06fa6d 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -12,7 +12,7 @@ This manual is for Libgcrypt
 (version @value{VERSION}, @value{UPDATED}),
 which is GNU's library of cryptographic building blocks.
 
-Copyright @copyright{} 2000, 2002, 2003, 2004, 2006, 2007, 2008 Free Software Foundation, Inc.
+Copyright @copyright{} 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
 
 @quotation
 Permission is granted to copy, distribute and/or modify this document
@@ -1703,11 +1703,11 @@ In order to use a handle for performing cryptographic operations, a
 @deftypefun gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t @var{h}, const void *@var{k}, size_t @var{l})
 
 Set the key @var{k} used for encryption or decryption in the context
-denoted by the handle @var{h}.  The length @var{l} of the key @var{k}
-must match the required length of the algorithm set for this context or
-be in the allowed range for algorithms with variable key size.  The
-function checks this and returns an error if there is a problem.  A
-caller should always check for an error.
+denoted by the handle @var{h}.  The length @var{l} (in bytes) of the
+key @var{k} must match the required length of the algorithm set for
+this context or be in the allowed range for algorithms with variable
+key size.  The function checks this and returns an error if there is a
+problem.  A caller should always check for an error.
 
 @end deftypefun
 
@@ -1719,18 +1719,18 @@ value.  To set the IV or CTR, use these functions:
 @deftypefun gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t @var{h}, const void *@var{k}, size_t @var{l})
 
 Set the initialization vector used for encryption or decryption. The
-vector is passed as the buffer @var{K} of length @var{l} and copied to
-internal data structures.  The function checks that the IV matches the
-requirement of the selected algorithm and mode. 
+vector is passed as the buffer @var{K} of length @var{l} bytes and
+copied to internal data structures.  The function checks that the IV
+matches the requirement of the selected algorithm and mode.
 @end deftypefun
 
 @deftypefun gcry_error_t gcry_cipher_setctr (gcry_cipher_hd_t @var{h}, const void *@var{c}, size_t @var{l})
 
 Set the counter vector used for encryption or decryption. The counter
-is passed as the buffer @var{c} of length @var{l} and copied to
+is passed as the buffer @var{c} of length @var{l} bytes and copied to
 internal data structures.  The function checks that the counter
 matches the requirement of the selected algorithm (i.e., it must be
-the same size as the block size).  
+the same size as the block size).
 @end deftypefun
 
 @deftypefun gcry_error_t gcry_cipher_reset (gcry_cipher_hd_t @var{h})
@@ -3639,8 +3639,9 @@ be set using the function:
 
 @deftypefun gcry_error_t gcry_md_setkey (gcry_md_hd_t @var{h}, const void *@var{key}, size_t @var{keylen})
 
-For use with the HMAC feature, set the MAC key to the value of @var{key}
-of length @var{keylen}.  There is no restriction on the length of the key.
+For use with the HMAC feature, set the MAC key to the value of
+@var{key} of length @var{keylen} bytes.  There is no restriction on
+the length of the key.
 @end deftypefun
 
 
@@ -5401,9 +5402,9 @@ verification fails.  (@code{cipher/@/dsa.c:@/test_keys})
 
 Loading of extra modules into libgcrypt is disabled in FIPS mode and
 thus no tests are
-implemented. (@code{cipher/@/cipher.c:@/gcry_cipher_register},
-@code{cipher/@/md.c:@/gcry_md_register},
-@code{cipher/@/md.c:@/gcry_pk_register})
+implemented. (@code{cipher/@/cipher.c:@/_gcry_cipher_register},
+@code{cipher/@/md.c:@/_gcry_md_register},
+@code{cipher/@/pubkey.c:@/_gcry_pk_register})
 
 
 @subsection Manual Key Entry Tests
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index f1c3e310..37390b21 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -909,7 +909,7 @@ gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
                                   void *out, size_t outsize,
                                   const void *in, size_t inlen);
 
-/* Set KEY of length KEYLEN for the cipher handle HD.  */
+/* Set KEY of length KEYLEN bytes for the cipher handle HD.  */
 gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
                                  const void *key, size_t keylen);
 
@@ -935,10 +935,10 @@ gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
 gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
                                 const void *ctr, size_t ctrlen);
 
-/* Retrieved the key length used with algorithm A. */
+/* Retrieved the key length in bytes used with algorithm A. */
 size_t gcry_cipher_get_algo_keylen (int algo);
 
-/* Retrieve the block length used with algorithm A. */
+/* Retrieve the block length in bytes used with algorithm A. */
 size_t gcry_cipher_get_algo_blklen (int algo);
 
 /* Return 0 if the algorithm A is available for use. */
@@ -1174,7 +1174,7 @@ const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
 int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
 
 /* For use with the HMAC feature, the set MAC key to the KEY of
-   KEYLEN. */
+   KEYLEN bytes. */
 gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
 
 /* Start or stop debugging for digest handle HD; i.e. create a file