summaryrefslogtreecommitdiff
path: root/libgcrypt-1.4.6/src
diff options
context:
space:
mode:
Diffstat (limited to 'libgcrypt-1.4.6/src')
-rw-r--r--libgcrypt-1.4.6/src/ath.c140
-rw-r--r--libgcrypt-1.4.6/src/fips.c4
-rw-r--r--libgcrypt-1.4.6/src/gcrypt.h698
-rw-r--r--libgcrypt-1.4.6/src/gcrypt.h.in3684
-rw-r--r--libgcrypt-1.4.6/src/misc.c2
-rw-r--r--libgcrypt-1.4.6/src/sexp.c3950
6 files changed, 4243 insertions, 4235 deletions
diff --git a/libgcrypt-1.4.6/src/ath.c b/libgcrypt-1.4.6/src/ath.c
index 0c274cd..fe7f289 100644
--- a/libgcrypt-1.4.6/src/ath.c
+++ b/libgcrypt-1.4.6/src/ath.c
@@ -38,7 +38,7 @@
#include "ath.h"
-
+
/* The interface table. */
static struct ath_ops ops;
@@ -58,7 +58,7 @@ static int ops_set;
#define GET_VERSION(a) (((a) >> 8)& 0xff)
-
+
/* The lock we take while checking for lazy lock initialization. */
static ath_mutex_t check_init_lock = ATH_MUTEX_INITIALIZER;
@@ -68,13 +68,13 @@ ath_init (void)
int err = 0;
if (ops_set)
- {
- if (ops.init)
+ {
+ if (ops.init)
err = (*ops.init) ();
- if (err)
+ if (err)
return err;
- err = (*ops.mutex_init) (&check_init_lock);
- }
+ err = (*ops.mutex_init) (&check_init_lock);
+ }
return err;
}
@@ -86,38 +86,38 @@ gpg_err_code_t
ath_install (struct ath_ops *ath_ops, int check_only)
{
if (check_only)
- {
- unsigned int option = 0;
-
- /* Check if the requested thread option is compatible to the
+ {
+ unsigned int option = 0;
+
+ /* Check if the requested thread option is compatible to the
thread option we are already committed to. */
- if (ath_ops)
+ if (ath_ops)
option = ath_ops->option;
- if (!ops_set && GET_OPTION (option))
+ if (!ops_set && GET_OPTION (option))
return GPG_ERR_NOT_SUPPORTED;
- if (GET_OPTION (ops.option) == ATH_THREAD_OPTION_USER
+ if (GET_OPTION (ops.option) == ATH_THREAD_OPTION_USER
|| GET_OPTION (option) == ATH_THREAD_OPTION_USER
|| GET_OPTION (ops.option) != GET_OPTION (option)
- || GET_VERSION (ops.option) != GET_VERSION (option))
+ || GET_VERSION (ops.option) != GET_VERSION (option))
return GPG_ERR_NOT_SUPPORTED;
- return 0;
- }
-
+ return 0;
+ }
+
if (ath_ops)
- {
- /* It is convenient to not require DESTROY. */
- if (!ath_ops->mutex_init || !ath_ops->mutex_lock
+ {
+ /* It is convenient to not require DESTROY. */
+ if (!ath_ops->mutex_init || !ath_ops->mutex_lock
|| !ath_ops->mutex_unlock)
return GPG_ERR_INV_ARG;
- ops = *ath_ops;
- ops_set = 1;
- }
+ ops = *ath_ops;
+ ops_set = 1;
+ }
else
- ops_set = 0;
+ ops_set = 0;
return 0;
}
@@ -129,11 +129,11 @@ mutex_init (ath_mutex_t *lock, int just_check)
int err = 0;
if (just_check)
- (*ops.mutex_lock) (&check_init_lock);
+ (*ops.mutex_lock) (&check_init_lock);
if (*lock == ATH_MUTEX_INITIALIZER || !just_check)
- err = (*ops.mutex_init) (lock);
+ err = (*ops.mutex_init) (lock);
if (just_check)
- (*ops.mutex_unlock) (&check_init_lock);
+ (*ops.mutex_unlock) (&check_init_lock);
return err;
}
@@ -142,7 +142,7 @@ int
ath_mutex_init (ath_mutex_t *lock)
{
if (ops_set)
- return mutex_init (lock, 0);
+ return mutex_init (lock, 0);
#ifndef NDEBUG
*lock = MUTEX_UNLOCKED;
@@ -155,19 +155,19 @@ int
ath_mutex_destroy (ath_mutex_t *lock)
{
if (ops_set)
- {
- if (!ops.mutex_destroy)
+ {
+ if (!ops.mutex_destroy)
return 0;
- (*ops.mutex_lock) (&check_init_lock);
- if (*lock == ATH_MUTEX_INITIALIZER)
+ (*ops.mutex_lock) (&check_init_lock);
+ if (*lock == ATH_MUTEX_INITIALIZER)
{
(*ops.mutex_unlock) (&check_init_lock);
return 0;
}
- (*ops.mutex_unlock) (&check_init_lock);
- return (*ops.mutex_destroy) (lock);
- }
+ (*ops.mutex_unlock) (&check_init_lock);
+ return (*ops.mutex_destroy) (lock);
+ }
#ifndef NDEBUG
assert (*lock == MUTEX_UNLOCKED);
@@ -182,12 +182,12 @@ int
ath_mutex_lock (ath_mutex_t *lock)
{
if (ops_set)
- {
- int ret = mutex_init (lock, 1);
- if (ret)
+ {
+ int ret = mutex_init (lock, 1);
+ if (ret)
return ret;
- return (*ops.mutex_lock) (lock);
- }
+ return (*ops.mutex_lock) (lock);
+ }
#ifndef NDEBUG
assert (*lock == MUTEX_UNLOCKED);
@@ -202,12 +202,12 @@ int
ath_mutex_unlock (ath_mutex_t *lock)
{
if (ops_set)
- {
- int ret = mutex_init (lock, 1);
- if (ret)
+ {
+ int ret = mutex_init (lock, 1);
+ if (ret)
return ret;
- return (*ops.mutex_unlock) (lock);
- }
+ return (*ops.mutex_unlock) (lock);
+ }
#ifndef NDEBUG
assert (*lock == MUTEX_LOCKED);
@@ -222,9 +222,9 @@ ssize_t
ath_read (int fd, void *buf, size_t nbytes)
{
if (ops_set && ops.read)
- return (*ops.read) (fd, buf, nbytes);
+ return (*ops.read) (fd, buf, nbytes);
else
- return read (fd, buf, nbytes);
+ return _read (fd, buf, nbytes);
}
@@ -232,28 +232,28 @@ ssize_t
ath_write (int fd, const void *buf, size_t nbytes)
{
if (ops_set && ops.write)
- return (*ops.write) (fd, buf, nbytes);
+ return (*ops.write) (fd, buf, nbytes);
else
- return write (fd, buf, nbytes);
+ return _write (fd, buf, nbytes);
}
ssize_t
#ifdef _WIN32
ath_select (int nfd, void *rset, void *wset, void *eset,
- struct timeval *timeout)
+ struct timeval *timeout)
#else
ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
- struct timeval *timeout)
+ struct timeval *timeout)
#endif
{
if (ops_set && ops.select)
- return (*ops.select) (nfd, rset, wset, eset, timeout);
+ return (*ops.select) (nfd, rset, wset, eset, timeout);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return select (nfd, rset, wset, eset, timeout);
+ return select (nfd, rset, wset, eset, timeout);
#endif
}
@@ -262,12 +262,12 @@ ssize_t
ath_waitpid (pid_t pid, int *status, int options)
{
if (ops_set && ops.waitpid)
- return (*ops.waitpid) (pid, status, options);
+ return (*ops.waitpid) (pid, status, options);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return waitpid (pid, status, options);
+ return waitpid (pid, status, options);
#endif
}
@@ -280,12 +280,12 @@ ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr)
#endif
{
if (ops_set && ops.accept)
- return (*ops.accept) (s, addr, length_ptr);
+ return (*ops.accept) (s, addr, length_ptr);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return accept (s, addr, length_ptr);
+ return accept (s, addr, length_ptr);
#endif
}
@@ -298,12 +298,12 @@ ath_connect (int s, struct sockaddr *addr, socklen_t length)
#endif
{
if (ops_set && ops.connect)
- return (*ops.connect) (s, addr, length);
+ return (*ops.connect) (s, addr, length);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return connect (s, addr, length);
+ return connect (s, addr, length);
#endif
}
@@ -316,12 +316,12 @@ ath_sendmsg (int s, const struct msghdr *msg, int flags)
#endif
{
if (ops_set && ops.sendmsg)
- return (*ops.sendmsg) (s, msg, flags);
+ return (*ops.sendmsg) (s, msg, flags);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return sendmsg (s, msg, flags);
+ return sendmsg (s, msg, flags);
#endif
}
@@ -334,12 +334,12 @@ ath_recvmsg (int s, struct msghdr *msg, int flags)
#endif
{
if (ops_set && ops.recvmsg)
- return (*ops.recvmsg) (s, msg, flags);
+ return (*ops.recvmsg) (s, msg, flags);
else
#ifdef _WIN32
- return -1;
+ return -1;
#else
- return recvmsg (s, msg, flags);
+ return recvmsg (s, msg, flags);
#endif
}
diff --git a/libgcrypt-1.4.6/src/fips.c b/libgcrypt-1.4.6/src/fips.c
index 91f3042..8709dae 100644
--- a/libgcrypt-1.4.6/src/fips.c
+++ b/libgcrypt-1.4.6/src/fips.c
@@ -128,7 +128,7 @@ _gcry_initialize_fips_mode (int force)
file. The filename is hardwired so that there won't be any
confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is
actually used. The file itself may be empty. */
- if ( !access (FIPS_FORCE_FILE, F_OK) )
+ if ( !_access (FIPS_FORCE_FILE, F_OK) )
{
gcry_assert (!no_fips_mode_required);
goto leave;
@@ -156,7 +156,7 @@ _gcry_initialize_fips_mode (int force)
}
else if ((saved_errno = errno) != ENOENT
&& saved_errno != EACCES
- && !access ("/proc/version", F_OK) )
+ && !_access ("/proc/version", F_OK) )
{
/* Problem reading the fips file despite that we have the proc
file system. We better stop right away. */
diff --git a/libgcrypt-1.4.6/src/gcrypt.h b/libgcrypt-1.4.6/src/gcrypt.h
index 08112a7..d583c52 100644
--- a/libgcrypt-1.4.6/src/gcrypt.h
+++ b/libgcrypt-1.4.6/src/gcrypt.h
@@ -1,6 +1,6 @@
/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
- 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is part of Libgcrypt.
@@ -38,8 +38,8 @@
# include <ws2tcpip.h>
# include <time.h>
# ifndef __GNUC__
- typedef long ssize_t;
- typedef int pid_t;
+ typedef long SSIZE_T;
+ typedef int pid_t;
# endif /*!__GNUC__*/
#else
# include <sys/socket.h>
@@ -80,8 +80,8 @@ extern "C" {
#ifdef __GNUC__
#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
- + __GNUC_MINOR__ * 100 \
- + __GNUC_PATCHLEVEL__)
+ + __GNUC_MINOR__ * 100 \
+ + __GNUC_PATCHLEVEL__)
#if _GCRY_GCC_VERSION >= 30100
#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
@@ -177,12 +177,12 @@ gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
/* Return an error value with the system error ERR. */
gcry_err_code_t gcry_error_from_errno (int err);
-
+
/* This enum is deprecated; it is only declared for the sake of
complete API compatibility. */
enum gcry_thread_option
{
- _GCRY_THREAD_OPTION_DUMMY
+ _GCRY_THREAD_OPTION_DUMMY
} _GCRY_GCC_ATTR_DEPRECATED;
@@ -201,9 +201,9 @@ enum gcry_thread_option
struct gcry_thread_cbs
{
/* The OPTION field encodes the thread model and the version number
- of this structure.
- Bits 7 - 0 are used for the thread model
- Bits 15 - 8 are used for the version number.
+ of this structure.
+ Bits 7 - 0 are used for the thread model
+ Bits 15 - 8 are used for the version number.
*/
unsigned int option;
@@ -216,7 +216,7 @@ struct gcry_thread_cbs
ssize_t (*write) (int fd, const void *buf, size_t nbytes);
#ifdef _WIN32
ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
- struct timeval *timeout);
+ struct timeval *timeout);
ssize_t (*waitpid) (pid_t pid, int *status, int options);
int (*accept) (int s, void *addr, int *length_ptr);
int (*connect) (int s, void *addr, gcry_socklen_t length);
@@ -224,7 +224,7 @@ struct gcry_thread_cbs
int (*recvmsg) (int s, void *msg, int flags);
#else
ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
- struct timeval *timeout);
+ struct timeval *timeout);
ssize_t (*waitpid) (pid_t pid, int *status, int options);
int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
@@ -241,10 +241,10 @@ static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
{ return pth_waitpid (pid, status, options); } \
static int gcry_pth_accept (int s, void *addr, \
- gcry_socklen_t *length_ptr) \
+ gcry_socklen_t *length_ptr) \
{ return pth_accept (s, addr, length_ptr); } \
static int gcry_pth_connect (int s, void *addr, \
- gcry_socklen_t length) \
+ gcry_socklen_t length) \
{ return pth_connect (s, addr, length); }
#else /*!_WIN32*/
# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
@@ -254,10 +254,10 @@ static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
{ return pth_waitpid (pid, status, options); } \
static int gcry_pth_accept (int s, struct sockaddr *addr, \
- gcry_socklen_t *length_ptr) \
+ gcry_socklen_t *length_ptr) \
{ return pth_accept (s, addr, length_ptr); } \
static int gcry_pth_connect (int s, struct sockaddr *addr, \
- gcry_socklen_t length) \
+ gcry_socklen_t length) \
{ return pth_connect (s, addr, length); }
#endif /*!_WIN32*/
@@ -270,37 +270,37 @@ static int gcry_pth_mutex_init (void **priv) \
{ \
int err = 0; \
pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
- \
+ \
if (!lock) \
- err = ENOMEM; \
+ err = ENOMEM; \
if (!err) \
- { \
- err = pth_mutex_init (lock); \
- if (err == FALSE) \
+ { \
+ err = pth_mutex_init (lock); \
+ if (err == FALSE) \
err = errno; \
- else \
+ else \
err = 0; \
- if (err) \
+ if (err) \
free (lock); \
- else \
+ else \
*priv = lock; \
- } \
+ } \
return err; \
} \
static int gcry_pth_mutex_destroy (void **lock) \
{ /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
static int gcry_pth_mutex_lock (void **lock) \
{ return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
- ? errno : 0; } \
+ ? errno : 0; } \
static int gcry_pth_mutex_unlock (void **lock) \
{ return ((pth_mutex_release (*lock)) == FALSE) \
- ? errno : 0; } \
+ ? errno : 0; } \
static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
{ return pth_read (fd, buf, nbytes); } \
static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
{ return pth_write (fd, buf, nbytes); } \
_GCRY_THREAD_OPTION_PTH_IMPL_NET \
- \
+ \
/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
static struct gcry_thread_cbs gcry_threads_pth = { \
(GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
@@ -315,34 +315,34 @@ static int gcry_pthread_mutex_init (void **priv) \
{ \
int err = 0; \
pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
- \
+ \
if (!lock) \
- err = ENOMEM; \
+ err = ENOMEM; \
if (!err) \
- { \
- err = pthread_mutex_init (lock, NULL); \
- if (err) \
+ { \
+ err = pthread_mutex_init (lock, NULL); \
+ if (err) \
free (lock); \
- else \
+ else \
*priv = lock; \
- } \
+ } \
return err; \
} \
static int gcry_pthread_mutex_destroy (void **lock) \
{ int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
- free (*lock); return err; } \
+ free (*lock); return err; } \
static int gcry_pthread_mutex_lock (void **lock) \
{ return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
static int gcry_pthread_mutex_unlock (void **lock) \
{ return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
- \
+ \
static struct gcry_thread_cbs gcry_threads_pthread = { \
(GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
-
+
/* The data object used to hold a multi precision integer. */
struct gcry_mpi;
typedef struct gcry_mpi *gcry_mpi_t;
@@ -352,7 +352,7 @@ typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
#endif
-
+
/* Check that the library fulfills the version requirement. */
const char *gcry_check_version (const char *req_version);
@@ -362,69 +362,69 @@ const char *gcry_check_version (const char *req_version);
/* Codes used with the gcry_control function. */
enum gcry_ctl_cmds
{
- GCRYCTL_SET_KEY = 1,
- GCRYCTL_SET_IV = 2,
- GCRYCTL_CFB_SYNC = 3,
- GCRYCTL_RESET = 4, /* e.g. for MDs */
- GCRYCTL_FINALIZE = 5,
- GCRYCTL_GET_KEYLEN = 6,
- GCRYCTL_GET_BLKLEN = 7,
- GCRYCTL_TEST_ALGO = 8,
- GCRYCTL_IS_SECURE = 9,
- GCRYCTL_GET_ASNOID = 10,
- GCRYCTL_ENABLE_ALGO = 11,
- GCRYCTL_DISABLE_ALGO = 12,
- GCRYCTL_DUMP_RANDOM_STATS = 13,
- GCRYCTL_DUMP_SECMEM_STATS = 14,
- GCRYCTL_GET_ALGO_NPKEY = 15,
- GCRYCTL_GET_ALGO_NSKEY = 16,
- GCRYCTL_GET_ALGO_NSIGN = 17,
- GCRYCTL_GET_ALGO_NENCR = 18,
- GCRYCTL_SET_VERBOSITY = 19,
- GCRYCTL_SET_DEBUG_FLAGS = 20,
- GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
- GCRYCTL_USE_SECURE_RNDPOOL= 22,
- GCRYCTL_DUMP_MEMORY_STATS = 23,
- GCRYCTL_INIT_SECMEM = 24,
- GCRYCTL_TERM_SECMEM = 25,
- GCRYCTL_DISABLE_SECMEM_WARN = 27,
- GCRYCTL_SUSPEND_SECMEM_WARN = 28,
- GCRYCTL_RESUME_SECMEM_WARN = 29,
- GCRYCTL_DROP_PRIVS = 30,
- GCRYCTL_ENABLE_M_GUARD = 31,
- GCRYCTL_START_DUMP = 32,
- GCRYCTL_STOP_DUMP = 33,
- GCRYCTL_GET_ALGO_USAGE = 34,
- GCRYCTL_IS_ALGO_ENABLED = 35,
- GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
- GCRYCTL_DISABLE_SECMEM = 37,
- GCRYCTL_INITIALIZATION_FINISHED = 38,
- GCRYCTL_INITIALIZATION_FINISHED_P = 39,
- GCRYCTL_ANY_INITIALIZATION_P = 40,
- GCRYCTL_SET_CBC_CTS = 41,
- GCRYCTL_SET_CBC_MAC = 42,
- GCRYCTL_SET_CTR = 43,
- GCRYCTL_ENABLE_QUICK_RANDOM = 44,
- GCRYCTL_SET_RANDOM_SEED_FILE = 45,
- GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
- GCRYCTL_SET_THREAD_CBS = 47,
- GCRYCTL_FAST_POLL = 48,
- GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
- GCRYCTL_USE_RANDOM_DAEMON = 50,
- GCRYCTL_FAKED_RANDOM_P = 51,
- GCRYCTL_SET_RNDEGD_SOCKET = 52,
- GCRYCTL_PRINT_CONFIG = 53,
- GCRYCTL_OPERATIONAL_P = 54,
- GCRYCTL_FIPS_MODE_P = 55,
- GCRYCTL_FORCE_FIPS_MODE = 56,
- GCRYCTL_SELFTEST = 57
- /* Note: 58 .. 62 are used internally. */
+ GCRYCTL_SET_KEY = 1,
+ GCRYCTL_SET_IV = 2,
+ GCRYCTL_CFB_SYNC = 3,
+ GCRYCTL_RESET = 4, /* e.g. for MDs */
+ GCRYCTL_FINALIZE = 5,
+ GCRYCTL_GET_KEYLEN = 6,
+ GCRYCTL_GET_BLKLEN = 7,
+ GCRYCTL_TEST_ALGO = 8,
+ GCRYCTL_IS_SECURE = 9,
+ GCRYCTL_GET_ASNOID = 10,
+ GCRYCTL_ENABLE_ALGO = 11,
+ GCRYCTL_DISABLE_ALGO = 12,
+ GCRYCTL_DUMP_RANDOM_STATS = 13,
+ GCRYCTL_DUMP_SECMEM_STATS = 14,
+ GCRYCTL_GET_ALGO_NPKEY = 15,
+ GCRYCTL_GET_ALGO_NSKEY = 16,
+ GCRYCTL_GET_ALGO_NSIGN = 17,
+ GCRYCTL_GET_ALGO_NENCR = 18,
+ GCRYCTL_SET_VERBOSITY = 19,
+ GCRYCTL_SET_DEBUG_FLAGS = 20,
+ GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
+ GCRYCTL_USE_SECURE_RNDPOOL= 22,
+ GCRYCTL_DUMP_MEMORY_STATS = 23,
+ GCRYCTL_INIT_SECMEM = 24,
+ GCRYCTL_TERM_SECMEM = 25,
+ GCRYCTL_DISABLE_SECMEM_WARN = 27,
+ GCRYCTL_SUSPEND_SECMEM_WARN = 28,
+ GCRYCTL_RESUME_SECMEM_WARN = 29,
+ GCRYCTL_DROP_PRIVS = 30,
+ GCRYCTL_ENABLE_M_GUARD = 31,
+ GCRYCTL_START_DUMP = 32,
+ GCRYCTL_STOP_DUMP = 33,
+ GCRYCTL_GET_ALGO_USAGE = 34,
+ GCRYCTL_IS_ALGO_ENABLED = 35,
+ GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
+ GCRYCTL_DISABLE_SECMEM = 37,
+ GCRYCTL_INITIALIZATION_FINISHED = 38,
+ GCRYCTL_INITIALIZATION_FINISHED_P = 39,
+ GCRYCTL_ANY_INITIALIZATION_P = 40,
+ GCRYCTL_SET_CBC_CTS = 41,
+ GCRYCTL_SET_CBC_MAC = 42,
+ GCRYCTL_SET_CTR = 43,
+ GCRYCTL_ENABLE_QUICK_RANDOM = 44,
+ GCRYCTL_SET_RANDOM_SEED_FILE = 45,
+ GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
+ GCRYCTL_SET_THREAD_CBS = 47,
+ GCRYCTL_FAST_POLL = 48,
+ GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
+ GCRYCTL_USE_RANDOM_DAEMON = 50,
+ GCRYCTL_FAKED_RANDOM_P = 51,
+ GCRYCTL_SET_RNDEGD_SOCKET = 52,
+ GCRYCTL_PRINT_CONFIG = 53,
+ GCRYCTL_OPERATIONAL_P = 54,
+ GCRYCTL_FIPS_MODE_P = 55,
+ GCRYCTL_FORCE_FIPS_MODE = 56,
+ GCRYCTL_SELFTEST = 57
+ /* Note: 58 .. 62 are used internally. */
};
/* Perform various operations defined by CMD. */
gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
-
+
/* S-expression management. */
/* The object to represent an S-expression as used with the public key
@@ -440,39 +440,39 @@ typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
/* The possible values for the S-expression format. */
enum gcry_sexp_format
{
- GCRYSEXP_FMT_DEFAULT = 0,
- GCRYSEXP_FMT_CANON = 1,
- GCRYSEXP_FMT_BASE64 = 2,
- GCRYSEXP_FMT_ADVANCED = 3
+ GCRYSEXP_FMT_DEFAULT = 0,
+ GCRYSEXP_FMT_CANON = 1,
+ GCRYSEXP_FMT_BASE64 = 2,
+ GCRYSEXP_FMT_ADVANCED = 3
};
/* Create an new S-expression object from BUFFER of size LENGTH and
return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
is expected to be in canonized format. */
gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
- const void *buffer, size_t length,
- int autodetect);
+ const void *buffer, size_t length,
+ int autodetect);
/* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
- effect to transfer ownership of BUFFER to the created object. */
+ effect to transfer ownership of BUFFER to the created object. */
gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
- void *buffer, size_t length,
- int autodetect, void (*freefnc) (void *));
+ void *buffer, size_t length,
+ int autodetect, void (*freefnc) (void *));
/* Scan BUFFER and return a new S-expression object in RETSEXP. This
function expects a printf like string in BUFFER. */
gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length);
+ const char *buffer, size_t length);
/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
only be used for certain encodings. */
gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, ...);
+ const char *format, ...);
/* Like gcry_sexp_build, but uses an array instead of variable
function arguments. */
gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, void **arg_list);
+ const char *format, void **arg_list);
/* Release the S-expression object SEXP */
void gcry_sexp_release (gcry_sexp_t sexp);
@@ -480,12 +480,12 @@ void gcry_sexp_release (gcry_sexp_t sexp);
/* Calculate the length of an canonized S-expresion in BUFFER and
check for a valid encoding. */
size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
- size_t *erroff, gcry_error_t *errcode);
+ size_t *erroff, gcry_error_t *errcode);
/* Copies the S-expression object SEXP into BUFFER using the format
specified in MODE. */
size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
- size_t maxlength);
+ size_t maxlength);
/* Dumps the S-expression object A in a format suitable for debugging
to Libgcrypt's logging stream. */
@@ -503,7 +503,7 @@ gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
newly allocated S-expression consisting of the found sublist or
`NULL' when not found. */
gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
- const char *tok, size_t toklen);
+ const char *tok, size_t toklen);
/* Return the length of the LIST. For a valid S-expression this
should be at least 1. */
int gcry_sexp_length (const gcry_sexp_t list);
@@ -535,7 +535,7 @@ gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
*Note:* The returned pointer is valid as long as LIST is not
modified or released. */
const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
- size_t *datalen);
+ size_t *datalen);
/* This function is used to get and convert data from a LIST. The
data is assumed to be a Nul terminated string. The caller must
@@ -553,7 +553,7 @@ char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
-
+
/*******************************************
* *
* Multi Precision Integer Functions *
@@ -563,21 +563,21 @@ gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
/* Different formats of external big integer representation. */
enum gcry_mpi_format
{
- GCRYMPI_FMT_NONE= 0,
- GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
- GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
- GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
- GCRYMPI_FMT_HEX = 4, /* Hex format. */
- GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
+ GCRYMPI_FMT_NONE= 0,
+ GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
+ GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
+ GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
+ GCRYMPI_FMT_HEX = 4, /* Hex format. */
+ GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
};
/* Flags used for creating big integers. */
enum gcry_mpi_flag
{
- GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
- GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
- a way to store some bytes. This is
- useful for encrypted big integers. */
+ GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
+ GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
+ a way to store some bytes. This is
+ useful for encrypted big integers. */
};
@@ -617,8 +617,8 @@ int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
RET_MPI. If NSCANNED is not NULL, it will receive the number of
bytes actually scanned after a successful operation. */
gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
- const void *buffer, size_t buflen,
- size_t *nscanned);
+ const void *buffer, size_t buflen,
+ size_t *nscanned);
/* Convert the big integer A into the external representation
described by FORMAT and store it in the provided BUFFER which has
@@ -626,17 +626,17 @@ gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
receives the actual length of the external representation unless it
has been passed as NULL. */
gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
- unsigned char *buffer, size_t buflen,
- size_t *nwritten,
- const gcry_mpi_t a);
+ unsigned char *buffer, size_t buflen,
+ size_t *nwritten,
+ const gcry_mpi_t a);
/* Convert the big integer A int the external representation described
by FORMAT and store it in a newly allocated buffer which address
will be put into BUFFER. NWRITTEN receives the actual lengths of the
external representation. */
gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
- unsigned char **buffer, size_t *nwritten,
- const gcry_mpi_t a);
+ unsigned char **buffer, size_t *nwritten,
+ const gcry_mpi_t a);
/* Dump the value of A in a format suitable for debugging to
Libgcrypt's logging stream. Note that one leading space but no
@@ -678,15 +678,15 @@ void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
Q or R may be passed as NULL. ROUND should be negative or 0. */
void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
- gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
+ gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
/* R = DIVIDEND % DIVISOR */
void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
/* W = B ^ E mod M. */
void gcry_mpi_powm (gcry_mpi_t w,
- const gcry_mpi_t b, const gcry_mpi_t e,
- const gcry_mpi_t m);
+ const gcry_mpi_t b, const gcry_mpi_t e,
+ const gcry_mpi_t m);
/* Set G to the greatest common divisor of A and B.
Return true if the G is 1. */
@@ -750,10 +750,10 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
#define mpi_secure_new( n ) gcry_mpi_snew( (n) )
#define mpi_release(a) \
do \
- { \
- gcry_mpi_release ((a)); \
- (a) = NULL; \
- } \
+ { \
+ gcry_mpi_release ((a)); \
+ (a) = NULL; \
+ } \
while (0)
#define mpi_copy( a ) gcry_mpi_copy( (a) )
@@ -761,7 +761,7 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
-
+
#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
@@ -793,7 +793,7 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
#endif /* GCRYPT_NO_MPI_MACROS */
-
+
/************************************
* *
* Symmetric Cipher Functions *
@@ -813,31 +813,31 @@ typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
More IDs may be registered at runtime. */
enum gcry_cipher_algos
{
- GCRY_CIPHER_NONE = 0,
- GCRY_CIPHER_IDEA = 1,
- GCRY_CIPHER_3DES = 2,
- GCRY_CIPHER_CAST5 = 3,
- GCRY_CIPHER_BLOWFISH = 4,
- GCRY_CIPHER_SAFER_SK128 = 5,
- GCRY_CIPHER_DES_SK = 6,
- GCRY_CIPHER_AES = 7,
- GCRY_CIPHER_AES192 = 8,
- GCRY_CIPHER_AES256 = 9,
- GCRY_CIPHER_TWOFISH = 10,
-
- /* Other cipher numbers are above 300 for OpenPGP reasons. */
- GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
- GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
- GCRY_CIPHER_TWOFISH128 = 303,
- GCRY_CIPHER_SERPENT128 = 304,
- GCRY_CIPHER_SERPENT192 = 305,
- GCRY_CIPHER_SERPENT256 = 306,
- GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
- GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
- GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
- GCRY_CIPHER_CAMELLIA128 = 310,
- GCRY_CIPHER_CAMELLIA192 = 311,
- GCRY_CIPHER_CAMELLIA256 = 312
+ GCRY_CIPHER_NONE = 0,
+ GCRY_CIPHER_IDEA = 1,
+ GCRY_CIPHER_3DES = 2,
+ GCRY_CIPHER_CAST5 = 3,
+ GCRY_CIPHER_BLOWFISH = 4,
+ GCRY_CIPHER_SAFER_SK128 = 5,
+ GCRY_CIPHER_DES_SK = 6,
+ GCRY_CIPHER_AES = 7,
+ GCRY_CIPHER_AES192 = 8,
+ GCRY_CIPHER_AES256 = 9,
+ GCRY_CIPHER_TWOFISH = 10,
+
+ /* Other cipher numbers are above 300 for OpenPGP reasons. */
+ GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
+ GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
+ GCRY_CIPHER_TWOFISH128 = 303,
+ GCRY_CIPHER_SERPENT128 = 304,
+ GCRY_CIPHER_SERPENT192 = 305,
+ GCRY_CIPHER_SERPENT256 = 306,
+ GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
+ GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
+ GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
+ GCRY_CIPHER_CAMELLIA128 = 310,
+ GCRY_CIPHER_CAMELLIA192 = 311,
+ GCRY_CIPHER_CAMELLIA256 = 312
};
/* The Rijndael algorithm is basically AES, so provide some macros. */
@@ -851,45 +851,45 @@ enum gcry_cipher_algos
supported for each algorithm. */
enum gcry_cipher_modes
{
- GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
- GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
- GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
- GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
- GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
- GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
- GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
- GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
+ GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
+ GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
+ GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
+ GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
+ GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
+ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
+ GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
+ GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
};
/* Flags used with the open function. */
enum gcry_cipher_flags
{
- GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
- GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
- GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
- GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
+ GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
+ GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
+ GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
+ GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
};
/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
be given as an bitwise OR of the gcry_cipher_flags values. */
gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
- int algo, int mode, unsigned int flags);
+ int algo, int mode, unsigned int flags);
/* Close the cioher handle H and release all resource. */
void gcry_cipher_close (gcry_cipher_hd_t h);
/* Perform various operations on the cipher object H. */
gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
- size_t buflen);
+ size_t buflen);
/* Retrieve various information about the cipher object H. */
gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
- size_t *nbytes);
+ size_t *nbytes);
/* Retrieve various information about the cipher algorithm ALGO. */
gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
- size_t *nbytes);
+ size_t *nbytes);
/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
string representation of the algorithm name. For unknown algorithm
@@ -910,22 +910,22 @@ int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
most algorithms it is possible to pass NULL for in and 0 for INLEN
and do a in-place decryption of the data provided in OUT. */
gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
- void *out, size_t outsize,
- const void *in, size_t inlen);
+ void *out, size_t outsize,
+ const void *in, size_t inlen);
/* The counterpart to gcry_cipher_encrypt. */
gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
- void *out, size_t outsize,
- const void *in, size_t inlen);
+ void *out, size_t outsize,
+ const void *in, size_t inlen);
/* Set KEY of length KEYLEN bytes for the cipher handle HD. */
gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
- const void *key, size_t keylen);
+ const void *key, size_t keylen);
/* Set initialization vector IV of length IVLEN for the cipher handle HD. */
gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
- const void *iv, size_t ivlen);
+ const void *iv, size_t ivlen);
/* Reset the handle to the state after open. */
@@ -937,12 +937,12 @@ gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
/* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
#define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
- NULL, on )
+ NULL, on )
/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
block size length, or (NULL,0) to set the CTR to the all-zero block. */
gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
- const void *ctr, size_t ctrlen);
+ const void *ctr, size_t ctrlen);
/* Retrieved the key length in bytes used with algorithm A. */
size_t gcry_cipher_get_algo_keylen (int algo);
@@ -952,7 +952,7 @@ size_t gcry_cipher_get_algo_blklen (int algo);
/* Return 0 if the algorithm A is available for use. */
#define gcry_cipher_test_algo(a) \
- gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+ gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
/* Get a list consisting of the IDs of the loaded cipher modules. If
LIST is zero, write the number of loaded cipher modules to
@@ -962,7 +962,7 @@ size_t gcry_cipher_get_algo_blklen (int algo);
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t gcry_cipher_list (int *list, int *list_length);
-
+
/************************************
* *
* Asymmetric Cipher Functions *
@@ -972,13 +972,13 @@ gcry_error_t gcry_cipher_list (int *list, int *list_length);
/* The algorithms and their IDs we support. */
enum gcry_pk_algos
{
- GCRY_PK_RSA = 1,
- GCRY_PK_RSA_E = 2, /* (deprecated) */
- GCRY_PK_RSA_S = 3, /* (deprecated) */
- GCRY_PK_ELG_E = 16,
- GCRY_PK_DSA = 17,
- GCRY_PK_ELG = 20,
- GCRY_PK_ECDSA = 301
+ GCRY_PK_RSA = 1,
+ GCRY_PK_RSA_E = 2, /* (deprecated) */
+ GCRY_PK_RSA_S = 3, /* (deprecated) */
+ GCRY_PK_ELG_E = 16,
+ GCRY_PK_DSA = 17,
+ GCRY_PK_ELG = 20,
+ GCRY_PK_ECDSA = 301
};
/* Flags describing usage capabilities of a PK algorithm. */
@@ -991,21 +991,21 @@ enum gcry_pk_algos
/* Encrypt the DATA using the public key PKEY and store the result as
a newly created S-expression at RESULT. */
gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t pkey);
+ gcry_sexp_t data, gcry_sexp_t pkey);
/* Decrypt the DATA using the private key SKEY and store the result as
a newly created S-expression at RESULT. */
gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t skey);
+ gcry_sexp_t data, gcry_sexp_t skey);
/* Sign the DATA using the private key SKEY and store the result as
a newly created S-expression at RESULT. */
gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t skey);
+ gcry_sexp_t data, gcry_sexp_t skey);
/* Check the signature SIGVAL on DATA using the public key PKEY. */
gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
- gcry_sexp_t data, gcry_sexp_t pkey);
+ gcry_sexp_t data, gcry_sexp_t pkey);
/* Check that private KEY is sane. */
gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
@@ -1020,7 +1020,7 @@ gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
/* Retrieve information about the public key algorithm ALGO. */
gcry_error_t gcry_pk_algo_info (int algo, int what,
- void *buffer, size_t *nbytes);
+ void *buffer, size_t *nbytes);
/* Map the public key algorithm whose ID is contained in ALGORITHM to
a string representation of the algorithm name. For unknown
@@ -1041,7 +1041,7 @@ unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
/* Return 0 if the public key algorithm A is available for use. */
#define gcry_pk_test_algo(a) \
- gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+ gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
/* Get a list consisting of the IDs of the loaded pubkey modules. If
LIST is zero, write the number of loaded pubkey modules to
@@ -1051,7 +1051,7 @@ unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t gcry_pk_list (int *list, int *list_length);
-
+
/************************************
* *
@@ -1063,31 +1063,31 @@ gcry_error_t gcry_pk_list (int *list, int *list_length);
are implemnted. */
enum gcry_md_algos
{
- GCRY_MD_NONE = 0,
- GCRY_MD_MD5 = 1,
- GCRY_MD_SHA1 = 2,
- GCRY_MD_RMD160 = 3,
- GCRY_MD_MD2 = 5,
- GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */
- GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
- GCRY_MD_SHA256 = 8,
- GCRY_MD_SHA384 = 9,
- GCRY_MD_SHA512 = 10,
- GCRY_MD_SHA224 = 11,
- GCRY_MD_MD4 = 301,
- GCRY_MD_CRC32 = 302,
- GCRY_MD_CRC32_RFC1510 = 303,
- GCRY_MD_CRC24_RFC2440 = 304,
- GCRY_MD_WHIRLPOOL = 305,
- GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */
- GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
+ GCRY_MD_NONE = 0,
+ GCRY_MD_MD5 = 1,
+ GCRY_MD_SHA1 = 2,
+ GCRY_MD_RMD160 = 3,
+ GCRY_MD_MD2 = 5,
+ GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */
+ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
+ GCRY_MD_SHA256 = 8,
+ GCRY_MD_SHA384 = 9,
+ GCRY_MD_SHA512 = 10,
+ GCRY_MD_SHA224 = 11,
+ GCRY_MD_MD4 = 301,
+ GCRY_MD_CRC32 = 302,
+ GCRY_MD_CRC32_RFC1510 = 303,
+ GCRY_MD_CRC24_RFC2440 = 304,
+ GCRY_MD_WHIRLPOOL = 305,
+ GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */
+ GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
};
/* Flags used with the open function. */
enum gcry_md_flags
{
- GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
- GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
+ GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
+ GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
};
/* (Forward declaration.) */
@@ -1133,7 +1133,7 @@ void gcry_md_reset (gcry_md_hd_t hd);
/* Perform various operations on the digest object HD. */
gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
- void *buffer, size_t buflen);
+ void *buffer, size_t buflen);
/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
it can update the digest values. This is the actual hash
@@ -1150,7 +1150,7 @@ unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
DIGEST which must be large enough to hold the digest of the given
algorithm. */
void gcry_md_hash_buffer (int algo, void *digest,
- const void *buffer, size_t length);
+ const void *buffer, size_t length);
/* Retrieve the algorithm used with HD. This does not work reliable
if more than one algorithm is enabled in HD. */
@@ -1169,11 +1169,11 @@ int gcry_md_is_secure (gcry_md_hd_t a);
/* Retrieve various information about the object H. */
gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
- size_t *nbytes);
+ size_t *nbytes);
/* Retrieve various information about the algorithm ALGO. */
gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
- size_t *nbytes);
+ size_t *nbytes);
/* Map the digest algorithm id ALGO to a string representation of the
algorithm name. For unknown algorithms this function returns
@@ -1197,40 +1197,40 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
/* Update the hash(s) of H with the character C. This is a buffered
version of the gcry_md_write function. */
#define gcry_md_putc(h,c) \
- do { \
- gcry_md_hd_t h__ = (h); \
- if( (h__)->bufpos == (h__)->bufsize ) \
- gcry_md_write( (h__), NULL, 0 ); \
- (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
- } while(0)
+ do { \
+ gcry_md_hd_t h__ = (h); \
+ if( (h__)->bufpos == (h__)->bufsize ) \
+ gcry_md_write( (h__), NULL, 0 ); \
+ (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
+ } while(0)
/* Finalize the digest calculation. This is not really needed because
gcry_md_read() does this implicitly. */
#define gcry_md_final(a) \
- gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
+ gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
/* Return 0 if the algorithm A is available for use. */
#define gcry_md_test_algo(a) \
- gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+ gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
/* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
must point to size_t variable with the available size of buffer B.
After return it will receive the actual size of the returned
OID. */
#define gcry_md_get_asnoid(a,b,n) \
- gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
+ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
/* Enable debugging for digest object A; i.e. create files named
dbgmd-<n>.<string> while hashing. B is a string used as the suffix
for the filename. This macro is deprecated, use gcry_md_debug. */
#ifndef GCRYPT_NO_DEPRECATED
#define gcry_md_start_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
+ gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
/* Disable the debugging of A. This macro is deprecated, use
gcry_md_debug. */
#define gcry_md_stop_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
+ gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
#endif
/* Get a list consisting of the IDs of the loaded message digest
@@ -1242,7 +1242,7 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
number. */
gcry_error_t gcry_md_list (int *list, int *list_length);
-
+
/* Alternative interface for asymmetric cryptography. This interface
is deprecated. */
@@ -1250,34 +1250,34 @@ gcry_error_t gcry_md_list (int *list, int *list_length);
/* The algorithm IDs. */
typedef enum gcry_ac_id
{
- GCRY_AC_RSA = 1,
- GCRY_AC_DSA = 17,
- GCRY_AC_ELG = 20,
- GCRY_AC_ELG_E = 16
+ GCRY_AC_RSA = 1,
+ GCRY_AC_DSA = 17,
+ GCRY_AC_ELG = 20,
+ GCRY_AC_ELG_E = 16
}
gcry_ac_id_t;
/* Key types. */
typedef enum gcry_ac_key_type
{
- GCRY_AC_KEY_SECRET,
- GCRY_AC_KEY_PUBLIC
+ GCRY_AC_KEY_SECRET,
+ GCRY_AC_KEY_PUBLIC
}
gcry_ac_key_type_t;
/* Encoding methods. */
typedef enum gcry_ac_em
{
- GCRY_AC_EME_PKCS_V1_5,
- GCRY_AC_EMSA_PKCS_V1_5
+ GCRY_AC_EME_PKCS_V1_5,
+ GCRY_AC_EMSA_PKCS_V1_5
}
gcry_ac_em_t;
/* Encryption and Signature schemes. */
typedef enum gcry_ac_scheme
{
- GCRY_AC_ES_PKCS_V1_5,
- GCRY_AC_SSA_PKCS_V1_5
+ GCRY_AC_ES_PKCS_V1_5,
+ GCRY_AC_SSA_PKCS_V1_5
}
gcry_ac_scheme_t;
@@ -1302,8 +1302,8 @@ typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
typedef struct gcry_ac_handle *gcry_ac_handle_t;
typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
- unsigned char *buffer,
- size_t *buffer_n);
+ unsigned char *buffer,
+ size_t *buffer_n);
typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
unsigned char *buffer,
@@ -1311,15 +1311,15 @@ typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
typedef enum
{
- GCRY_AC_IO_READABLE,
- GCRY_AC_IO_WRITABLE
+ GCRY_AC_IO_READABLE,
+ GCRY_AC_IO_WRITABLE
}
gcry_ac_io_mode_t;
typedef enum
{
- GCRY_AC_IO_STRING,
- GCRY_AC_IO_CALLBACK
+ GCRY_AC_IO_STRING,
+ GCRY_AC_IO_CALLBACK
}
gcry_ac_io_type_t;
@@ -1330,34 +1330,34 @@ typedef struct gcry_ac_io
gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
union
{
- union
- {
- struct
- {
+ union
+ {
+ struct
+ {
gcry_ac_data_read_cb_t cb;
void *opaque;
- } callback;
- struct
- {
+ } callback;
+ struct
+ {
unsigned char *data;
size_t data_n;
- } string;
- void *opaque;
- } readable;
- union
- {
- struct
- {
+ } string;
+ void *opaque;
+ } readable;
+ union
+ {
+ struct
+ {
gcry_ac_data_write_cb_t cb;
void *opaque;
- } callback;
- struct
- {
+ } callback;
+ struct
+ {
unsigned char **data;
size_t *data_n;
- } string;
- void *opaque;
- } writable;
+ } string;
+ void *opaque;
+ } writable;
} io _GCRY_ATTR_INTERNAL;
}
gcry_ac_io_t;
@@ -1402,7 +1402,7 @@ void gcry_ac_data_destroy (gcry_ac_data_t data);
/* Create a copy of the data set DATA and store it in DATA_CP. */
gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
- gcry_ac_data_t data);
+ gcry_ac_data_t data);
/* Return the number of named MPI values inside of the data set
DATA. */
@@ -1417,21 +1417,21 @@ void gcry_ac_data_clear (gcry_ac_data_t data);
GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
be deallocated when they are to be removed from the data set. */
gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t mpi);
+ const char *name, gcry_mpi_t mpi);
/* Store the value labelled with NAME found in DATA in MPI. If FLAGS
contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
in the data set. MPI may be NULL. */
gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t *mpi);
+ const char *name, gcry_mpi_t *mpi);
/* Stores in NAME and MPI the named MPI value contained in the data
set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
store copies of the values contained in the data set. NAME or MPI
may be NULL. */
gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
- unsigned int idx,
- const char **name, gcry_mpi_t *mpi);
+ unsigned int idx,
+ const char **name, gcry_mpi_t *mpi);
/* Convert the data set DATA into a new S-Expression, which is to be
stored in SEXP, according to the identifiers contained in
@@ -1443,13 +1443,13 @@ gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
S-Expression SEXP, according to the identifiers contained in
IDENTIFIERS. */
gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
- const char **identifiers);
+ const char **identifiers);
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments. The list of variable arguments to specify depends on
the given TYPE. */
void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
- gcry_ac_io_type_t type, ...);
+ gcry_ac_io_type_t type, ...);
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments AP. The list of variable arguments to specify depends on
@@ -1459,14 +1459,14 @@ void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
/* Create a new ac handle. */
gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
- gcry_ac_id_t algorithm, unsigned int flags);
+ gcry_ac_id_t algorithm, unsigned int flags);
/* Destroy an ac handle. */
void gcry_ac_close (gcry_ac_handle_t handle);
/* Initialize a key from a given data set. */
gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
- gcry_ac_key_type_t type, gcry_ac_data_t data);
+ gcry_ac_key_type_t type, gcry_ac_data_t data);
/* Generates a new key pair via the handle HANDLE of NBITS bits and
stores it in KEY_PAIR. In case non-standard settings are wanted, a
@@ -1474,13 +1474,13 @@ gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
matching the selected algorithm, can be given as KEY_SPEC.
MISC_DATA is not used yet. */
gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
- unsigned int nbits, void *spec,
- gcry_ac_key_pair_t *key_pair,
- gcry_mpi_t **misc_data);
+ unsigned int nbits, void *spec,
+ gcry_ac_key_pair_t *key_pair,
+ gcry_mpi_t **misc_data);
/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
- gcry_ac_key_type_t which);
+ gcry_ac_key_type_t which);
/* Returns the data set contained in the key KEY. */
gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
@@ -1490,12 +1490,12 @@ gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
- gcry_ac_key_t key, unsigned int *nbits);
+ gcry_ac_key_t key, unsigned int *nbits);
/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
HANDLE. */
gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
- unsigned char *key_grip);
+ unsigned char *key_grip);
/* Destroy a key. */
void gcry_ac_key_destroy (gcry_ac_key_t key);
@@ -1523,34 +1523,34 @@ gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
the control of the flags FLAGS and store the resulting data set
into DATA_ENCRYPTED. */
gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t data_plain,
- gcry_ac_data_t *data_encrypted);
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t data_plain,
+ gcry_ac_data_t *data_encrypted);
/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
with the key KEY under the control of the flags FLAGS and store the
resulting plain text MPI value in DATA_PLAIN. */
gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t *data_plain,
- gcry_ac_data_t data_encrypted);
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t *data_plain,
+ gcry_ac_data_t data_encrypted);
/* Sign the data contained in DATA with the key KEY and store the
resulting signature in the data set DATA_SIGNATURE. */
gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t *data_signature);
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t *data_signature);
/* Verify that the signature contained in the data set DATA_SIGNATURE
is indeed the result of signing the data contained in DATA with the
secret key belonging to the public key KEY. */
gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t data_signature);
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t data_signature);
/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
with the public key KEY according to SCHEME, FLAGS and OPTS. If
@@ -1582,11 +1582,11 @@ gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
scheme (gcry_ac_ssa_*_t). The signature is written to
IO_SIGNATURE. */
gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_signature);
+ gcry_ac_scheme_t scheme,
+ unsigned int flags, void *opts,
+ gcry_ac_key_t key,
+ gcry_ac_io_t *io_message,
+ gcry_ac_io_t *io_signature);
/* Verifies through HANDLE that the signature readable from
IO_SIGNATURE is indeed the result of signing the message readable
@@ -1606,17 +1606,17 @@ gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_pk_algo_name. */
#ifndef GCRYPT_NO_DEPRECATED
gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
- const char **name)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
+ const char **name)
+ /* */ _GCRY_GCC_ATTR_DEPRECATED;
/* Store the numeric ID of the algorithm whose textual representation
is contained in NAME in ALGORITHM. This function is deprecated;
use gcry_pk_map_name. */
gcry_error_t gcry_ac_name_to_id (const char *name,
- gcry_ac_id_t *algorithm)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
+ gcry_ac_id_t *algorithm)
+ /* */ _GCRY_GCC_ATTR_DEPRECATED;
#endif
-
+
/************************************
* *
* Random Generating Functions *
@@ -1629,22 +1629,22 @@ gcry_error_t gcry_ac_name_to_id (const char *name,
(except with gcry_mpi_randomize); use gcry_create_nonce instead. */
typedef enum gcry_random_level
{
- GCRY_WEAK_RANDOM = 0,
- GCRY_STRONG_RANDOM = 1,
- GCRY_VERY_STRONG_RANDOM = 2
+ GCRY_WEAK_RANDOM = 0,
+ GCRY_STRONG_RANDOM = 1,
+ GCRY_VERY_STRONG_RANDOM = 2
}
gcry_random_level_t;
/* Fill BUFFER with LENGTH bytes of random, using random numbers of
quality LEVEL. */
void gcry_randomize (void *buffer, size_t length,
- enum gcry_random_level level);
+ enum gcry_random_level level);
/* Add the external random from BUFFER with LENGTH bytes into the
pool. QUALITY should either be -1 for unknown or in the range of 0
to 100 */
gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
- int quality);
+ int quality);
/* If random numbers are used in an application, this macro should be
called from time to time so that new stuff gets added to the
@@ -1655,20 +1655,20 @@ gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
/* Return NBYTES of allocated random using a random numbers of quality
LEVEL. */
void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
- _GCRY_GCC_ATTR_MALLOC;
+ _GCRY_GCC_ATTR_MALLOC;
/* Return NBYTES of allocated random using a random numbers of quality
LEVEL. The random numbers are created returned in "secure"
memory. */
void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
- _GCRY_GCC_ATTR_MALLOC;
+ _GCRY_GCC_ATTR_MALLOC;
/* Set the big integer W to a random value of NBITS using a random
generator with quality LEVEL. Note that by using a level of
GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
void gcry_mpi_randomize (gcry_mpi_t w,
- unsigned int nbits, enum gcry_random_level level);
+ unsigned int nbits, enum gcry_random_level level);
/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
@@ -1677,7 +1677,7 @@ void gcry_create_nonce (void *buffer, size_t length);
-
+
/*******************************/
/* */
/* Prime Number Functions */
@@ -1692,7 +1692,7 @@ void gcry_create_nonce (void *buffer, size_t length);
/* The function should return 1 if the operation shall continue, 0 to
reject the prime candidate. */
typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
- gcry_mpi_t candidate);
+ gcry_mpi_t candidate);
/* Flags for gcry_prime_generate(): */
@@ -1710,22 +1710,22 @@ typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
factors and store it in FACTORS. FLAGS might be used to influence
the prime number generation process. */
gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
- unsigned int prime_bits,
- unsigned int factor_bits,
- gcry_mpi_t **factors,
- gcry_prime_check_func_t cb_func,
- void *cb_arg,
- gcry_random_level_t random_level,
- unsigned int flags);
+ unsigned int prime_bits,
+ unsigned int factor_bits,
+ gcry_mpi_t **factors,
+ gcry_prime_check_func_t cb_func,
+ void *cb_arg,
+ gcry_random_level_t random_level,
+ unsigned int flags);
/* Find a generator for PRIME where the factorization of (prime-1) is
in the NULL terminated array FACTORS. Return the generator as a
newly allocated MPI in R_G. If START_G is not NULL, use this as
teh start for the search. */
gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
- gcry_mpi_t prime,
- gcry_mpi_t *factors,
- gcry_mpi_t start_g);
+ gcry_mpi_t prime,
+ gcry_mpi_t *factors,
+ gcry_mpi_t start_g);
/* Convenience function to release the FACTORS array. */
@@ -1736,7 +1736,7 @@ void gcry_prime_release_factors (gcry_mpi_t *factors);
gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
-
+
/************************************
* *
* Miscellaneous Stuff *
@@ -1746,13 +1746,13 @@ gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
/* Log levels used by the internal logging facility. */
enum gcry_log_levels
{
- GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
- GCRY_LOG_INFO = 10,
- GCRY_LOG_WARN = 20,
- GCRY_LOG_ERROR = 30,
- GCRY_LOG_FATAL = 40,
- GCRY_LOG_BUG = 50,
- GCRY_LOG_DEBUG = 100
+ GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
+ GCRY_LOG_INFO = 10,
+ GCRY_LOG_WARN = 20,
+ GCRY_LOG_ERROR = 30,
+ GCRY_LOG_FATAL = 40,
+ GCRY_LOG_BUG = 50,
+ GCRY_LOG_DEBUG = 100
};
/* Type for progress handlers. */
@@ -1786,11 +1786,11 @@ void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
/* Register a custom memory allocation functions. */
void gcry_set_allocation_handler (
- gcry_handler_alloc_t func_alloc,
- gcry_handler_alloc_t func_alloc_secure,
- gcry_handler_secure_check_t func_secure_check,
- gcry_handler_realloc_t func_realloc,
- gcry_handler_free_t func_free);
+ gcry_handler_alloc_t func_alloc,
+ gcry_handler_alloc_t func_alloc_secure,
+ gcry_handler_secure_check_t func_secure_check,
+ gcry_handler_realloc_t func_realloc,
+ gcry_handler_free_t func_free);
/* Register a function used instead of the internal out of memory
handler. */
diff --git a/libgcrypt-1.4.6/src/gcrypt.h.in b/libgcrypt-1.4.6/src/gcrypt.h.in
index 3d1cb4c..cf6eef6 100644
--- a/libgcrypt-1.4.6/src/gcrypt.h.in
+++ b/libgcrypt-1.4.6/src/gcrypt.h.in
@@ -1,1839 +1,1845 @@
-/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
- Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
- 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
-
- This file is part of Libgcrypt.
-
- Libgcrypt is free software; you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation; either version 2.1 of
- the License, or (at your option) any later version.
-
- Libgcrypt is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this program; if not, see <http://www.gnu.org/licenses/>.
-
- File: @configure_input@ */
-
-#ifndef _GCRYPT_H
-#define _GCRYPT_H
-
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-
-#include <gpg-error.h>
-
-#include <sys/types.h>
-
-#if defined _WIN32 || defined __WIN32__
-# include <winsock2.h>
-# include <ws2tcpip.h>
-# include <time.h>
-# ifndef __GNUC__
- typedef long ssize_t;
- typedef int pid_t;
-# endif /*!__GNUC__*/
-#else
-# include <sys/socket.h>
-# include <sys/time.h>
-#endif /*!_WIN32*/
-
-@FALLBACK_SOCKLEN_T@
-
-
-/* This is required for error code compatibility. */
-#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
-
-#ifdef __cplusplus
-extern "C" {
-#if 0 /* (Keep Emacsens' auto-indent happy.) */
-}
-#endif
-#endif
-
-/* The version of this header should match the one of the library. It
- should not be used by a program because gcry_check_version() should
- return the same version. The purpose of this macro is to let
- autoconf (using the AM_PATH_GCRYPT macro) check that this header
- matches the installed library. */
-#define GCRYPT_VERSION "@VERSION@"
-
-/* Internal: We can't use the convenience macros for the multi
- precision integer functions when building this library. */
-#ifdef _GCRYPT_IN_LIBGCRYPT
-#ifndef GCRYPT_NO_MPI_MACROS
-#define GCRYPT_NO_MPI_MACROS 1
-#endif
-#endif
-
-/* We want to use gcc attributes when possible. Warning: Don't use
- these macros in your programs: As indicated by the leading
- underscore they are subject to change without notice. */
-#ifdef __GNUC__
-
-#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
- + __GNUC_MINOR__ * 100 \
- + __GNUC_PATCHLEVEL__)
-
-#if _GCRY_GCC_VERSION >= 30100
-#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
-#endif
-
-#if _GCRY_GCC_VERSION >= 29600
-#define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
-#endif
-
-#if _GCRY_GCC_VERSION >= 30200
-#define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
-#endif
-
-#endif /*__GNUC__*/
-
-#ifndef _GCRY_GCC_ATTR_DEPRECATED
-#define _GCRY_GCC_ATTR_DEPRECATED
-#endif
-#ifndef _GCRY_GCC_ATTR_PURE
-#define _GCRY_GCC_ATTR_PURE
-#endif
-#ifndef _GCRY_GCC_ATTR_MALLOC
-#define _GCRY_GCC_ATTR_MALLOC
-#endif
-
-/* Some members in a public type should only be used internally.
- There is no "internal" attribute, so we abuse the deprecated
- attribute to discourage external use. */
-#ifdef _GCRYPT_IN_LIBGCRYPT
-#define _GCRY_ATTR_INTERNAL
-#else
-#define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED
-#endif
-
-/* Wrappers for the libgpg-error library. */
-
-typedef gpg_error_t gcry_error_t;
-typedef gpg_err_code_t gcry_err_code_t;
-typedef gpg_err_source_t gcry_err_source_t;
-
-static GPG_ERR_INLINE gcry_error_t
-gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
-{
- return gpg_err_make (source, code);
-}
-
-/* The user can define GPG_ERR_SOURCE_DEFAULT before including this
- file to specify a default source for gpg_error. */
-#ifndef GCRY_ERR_SOURCE_DEFAULT
-#define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
-#endif
-
-static GPG_ERR_INLINE gcry_error_t
-gcry_error (gcry_err_code_t code)
-{
- return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
-}
-
-static GPG_ERR_INLINE gcry_err_code_t
-gcry_err_code (gcry_error_t err)
-{
- return gpg_err_code (err);
-}
-
-
-static GPG_ERR_INLINE gcry_err_source_t
-gcry_err_source (gcry_error_t err)
-{
- return gpg_err_source (err);
-}
-
-/* Return a pointer to a string containing a description of the error
- code in the error value ERR. */
-const char *gcry_strerror (gcry_error_t err);
-
-/* Return a pointer to a string containing a description of the error
- source in the error value ERR. */
-const char *gcry_strsource (gcry_error_t err);
-
-/* Retrieve the error code for the system error ERR. This returns
- GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
- this). */
-gcry_err_code_t gcry_err_code_from_errno (int err);
-
-/* Retrieve the system error for the error code CODE. This returns 0
- if CODE is not a system error code. */
-int gcry_err_code_to_errno (gcry_err_code_t code);
-
-/* Return an error value with the error source SOURCE and the system
- error ERR. */
-gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
-
-/* Return an error value with the system error ERR. */
-gcry_err_code_t gcry_error_from_errno (int err);
-
-
-/* This enum is deprecated; it is only declared for the sake of
- complete API compatibility. */
-enum gcry_thread_option
- {
- _GCRY_THREAD_OPTION_DUMMY
- } _GCRY_GCC_ATTR_DEPRECATED;
-
-
-/* Constants defining the thread model to use. Used with the OPTION
- field of the struct gcry_thread_cbs. */
-#define GCRY_THREAD_OPTION_DEFAULT 0
-#define GCRY_THREAD_OPTION_USER 1
-#define GCRY_THREAD_OPTION_PTH 2
-#define GCRY_THREAD_OPTION_PTHREAD 3
-
-/* The version number encoded in the OPTION field of the struct
- gcry_thread_cbs. */
-#define GCRY_THREAD_OPTION_VERSION 0
-
-/* Wrapper for struct ath_ops. */
-struct gcry_thread_cbs
-{
- /* The OPTION field encodes the thread model and the version number
- of this structure.
- Bits 7 - 0 are used for the thread model
- Bits 15 - 8 are used for the version number.
- */
- unsigned int option;
-
- int (*init) (void);
- int (*mutex_init) (void **priv);
- int (*mutex_destroy) (void **priv);
- int (*mutex_lock) (void **priv);
- int (*mutex_unlock) (void **priv);
- ssize_t (*read) (int fd, void *buf, size_t nbytes);
- ssize_t (*write) (int fd, const void *buf, size_t nbytes);
-#ifdef _WIN32
- ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
- struct timeval *timeout);
- ssize_t (*waitpid) (pid_t pid, int *status, int options);
- int (*accept) (int s, void *addr, int *length_ptr);
- int (*connect) (int s, void *addr, gcry_socklen_t length);
- int (*sendmsg) (int s, const void *msg, int flags);
- int (*recvmsg) (int s, void *msg, int flags);
-#else
- ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
- struct timeval *timeout);
- ssize_t (*waitpid) (pid_t pid, int *status, int options);
- int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
- int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
- int (*sendmsg) (int s, const struct msghdr *msg, int flags);
- int (*recvmsg) (int s, struct msghdr *msg, int flags);
-#endif
-};
-
-#ifdef _WIN32
-# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
-static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
- void *eset, struct timeval *timeout) \
- { return pth_select (nfd, rset, wset, eset, timeout); } \
-static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
- { return pth_waitpid (pid, status, options); } \
-static int gcry_pth_accept (int s, void *addr, \
- gcry_socklen_t *length_ptr) \
- { return pth_accept (s, addr, length_ptr); } \
-static int gcry_pth_connect (int s, void *addr, \
- gcry_socklen_t length) \
- { return pth_connect (s, addr, length); }
-#else /*!_WIN32*/
-# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
-static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
- fd_set *eset, struct timeval *timeout) \
- { return pth_select (nfd, rset, wset, eset, timeout); } \
-static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
- { return pth_waitpid (pid, status, options); } \
-static int gcry_pth_accept (int s, struct sockaddr *addr, \
- gcry_socklen_t *length_ptr) \
- { return pth_accept (s, addr, length_ptr); } \
-static int gcry_pth_connect (int s, struct sockaddr *addr, \
- gcry_socklen_t length) \
- { return pth_connect (s, addr, length); }
-#endif /*!_WIN32*/
-
-
-
-#define GCRY_THREAD_OPTION_PTH_IMPL \
-static int gcry_pth_init (void) \
-{ return (pth_init () == FALSE) ? errno : 0; } \
-static int gcry_pth_mutex_init (void **priv) \
-{ \
- int err = 0; \
- pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
- \
- if (!lock) \
- err = ENOMEM; \
- if (!err) \
- { \
- err = pth_mutex_init (lock); \
- if (err == FALSE) \
- err = errno; \
- else \
- err = 0; \
- if (err) \
- free (lock); \
- else \
- *priv = lock; \
- } \
- return err; \
-} \
-static int gcry_pth_mutex_destroy (void **lock) \
- { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
-static int gcry_pth_mutex_lock (void **lock) \
- { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
- ? errno : 0; } \
-static int gcry_pth_mutex_unlock (void **lock) \
- { return ((pth_mutex_release (*lock)) == FALSE) \
- ? errno : 0; } \
-static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
- { return pth_read (fd, buf, nbytes); } \
-static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
- { return pth_write (fd, buf, nbytes); } \
-_GCRY_THREAD_OPTION_PTH_IMPL_NET \
- \
-/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
-static struct gcry_thread_cbs gcry_threads_pth = { \
- (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
- gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \
- gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \
- gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \
- NULL, NULL }
-
-
-#define GCRY_THREAD_OPTION_PTHREAD_IMPL \
-static int gcry_pthread_mutex_init (void **priv) \
-{ \
- int err = 0; \
- pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
- \
- if (!lock) \
- err = ENOMEM; \
- if (!err) \
- { \
- err = pthread_mutex_init (lock, NULL); \
- if (err) \
- free (lock); \
- else \
- *priv = lock; \
- } \
- return err; \
-} \
-static int gcry_pthread_mutex_destroy (void **lock) \
- { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
- free (*lock); return err; } \
-static int gcry_pthread_mutex_lock (void **lock) \
- { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
-static int gcry_pthread_mutex_unlock (void **lock) \
- { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
- \
-static struct gcry_thread_cbs gcry_threads_pthread = { \
- (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
- NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
- gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
-
-
-/* The data object used to hold a multi precision integer. */
-struct gcry_mpi;
-typedef struct gcry_mpi *gcry_mpi_t;
-
-#ifndef GCRYPT_NO_DEPRECATED
-typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
-typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
-#endif
-
-
-
-/* Check that the library fulfills the version requirement. */
-const char *gcry_check_version (const char *req_version);
-
-/* Codes for function dispatchers. */
-
-/* Codes used with the gcry_control function. */
-enum gcry_ctl_cmds
- {
- GCRYCTL_SET_KEY = 1,
- GCRYCTL_SET_IV = 2,
- GCRYCTL_CFB_SYNC = 3,
- GCRYCTL_RESET = 4, /* e.g. for MDs */
- GCRYCTL_FINALIZE = 5,
- GCRYCTL_GET_KEYLEN = 6,
- GCRYCTL_GET_BLKLEN = 7,
- GCRYCTL_TEST_ALGO = 8,
- GCRYCTL_IS_SECURE = 9,
- GCRYCTL_GET_ASNOID = 10,
- GCRYCTL_ENABLE_ALGO = 11,
- GCRYCTL_DISABLE_ALGO = 12,
- GCRYCTL_DUMP_RANDOM_STATS = 13,
- GCRYCTL_DUMP_SECMEM_STATS = 14,
- GCRYCTL_GET_ALGO_NPKEY = 15,
- GCRYCTL_GET_ALGO_NSKEY = 16,
- GCRYCTL_GET_ALGO_NSIGN = 17,
- GCRYCTL_GET_ALGO_NENCR = 18,
- GCRYCTL_SET_VERBOSITY = 19,
- GCRYCTL_SET_DEBUG_FLAGS = 20,
- GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
- GCRYCTL_USE_SECURE_RNDPOOL= 22,
- GCRYCTL_DUMP_MEMORY_STATS = 23,
- GCRYCTL_INIT_SECMEM = 24,
- GCRYCTL_TERM_SECMEM = 25,
- GCRYCTL_DISABLE_SECMEM_WARN = 27,
- GCRYCTL_SUSPEND_SECMEM_WARN = 28,
- GCRYCTL_RESUME_SECMEM_WARN = 29,
- GCRYCTL_DROP_PRIVS = 30,
- GCRYCTL_ENABLE_M_GUARD = 31,
- GCRYCTL_START_DUMP = 32,
- GCRYCTL_STOP_DUMP = 33,
- GCRYCTL_GET_ALGO_USAGE = 34,
- GCRYCTL_IS_ALGO_ENABLED = 35,
- GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
- GCRYCTL_DISABLE_SECMEM = 37,
- GCRYCTL_INITIALIZATION_FINISHED = 38,
- GCRYCTL_INITIALIZATION_FINISHED_P = 39,
- GCRYCTL_ANY_INITIALIZATION_P = 40,
- GCRYCTL_SET_CBC_CTS = 41,
- GCRYCTL_SET_CBC_MAC = 42,
- GCRYCTL_SET_CTR = 43,
- GCRYCTL_ENABLE_QUICK_RANDOM = 44,
- GCRYCTL_SET_RANDOM_SEED_FILE = 45,
- GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
- GCRYCTL_SET_THREAD_CBS = 47,
- GCRYCTL_FAST_POLL = 48,
- GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
- GCRYCTL_USE_RANDOM_DAEMON = 50,
- GCRYCTL_FAKED_RANDOM_P = 51,
- GCRYCTL_SET_RNDEGD_SOCKET = 52,
- GCRYCTL_PRINT_CONFIG = 53,
- GCRYCTL_OPERATIONAL_P = 54,
- GCRYCTL_FIPS_MODE_P = 55,
- GCRYCTL_FORCE_FIPS_MODE = 56,
- GCRYCTL_SELFTEST = 57
- /* Note: 58 .. 62 are used internally. */
- };
-
-/* Perform various operations defined by CMD. */
-gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
-
-
-/* S-expression management. */
-
-/* The object to represent an S-expression as used with the public key
- functions. */
-struct gcry_sexp;
-typedef struct gcry_sexp *gcry_sexp_t;
-
-#ifndef GCRYPT_NO_DEPRECATED
-typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
-typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
-#endif
-
-/* The possible values for the S-expression format. */
-enum gcry_sexp_format
- {
- GCRYSEXP_FMT_DEFAULT = 0,
- GCRYSEXP_FMT_CANON = 1,
- GCRYSEXP_FMT_BASE64 = 2,
- GCRYSEXP_FMT_ADVANCED = 3
- };
-
-/* Create an new S-expression object from BUFFER of size LENGTH and
- return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
- is expected to be in canonized format. */
-gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
- const void *buffer, size_t length,
- int autodetect);
-
- /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
- effect to transfer ownership of BUFFER to the created object. */
-gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
- void *buffer, size_t length,
- int autodetect, void (*freefnc) (void *));
-
-/* Scan BUFFER and return a new S-expression object in RETSEXP. This
- function expects a printf like string in BUFFER. */
-gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length);
-
-/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
- only be used for certain encodings. */
-gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, ...);
-
-/* Like gcry_sexp_build, but uses an array instead of variable
- function arguments. */
-gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, void **arg_list);
-
-/* Release the S-expression object SEXP */
-void gcry_sexp_release (gcry_sexp_t sexp);
-
-/* Calculate the length of an canonized S-expresion in BUFFER and
- check for a valid encoding. */
-size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
- size_t *erroff, gcry_error_t *errcode);
-
-/* Copies the S-expression object SEXP into BUFFER using the format
- specified in MODE. */
-size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
- size_t maxlength);
-
-/* Dumps the S-expression object A in a format suitable for debugging
- to Libgcrypt's logging stream. */
-void gcry_sexp_dump (const gcry_sexp_t a);
-
-gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
-gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
-gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
-gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
-gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
-
-/* Scan the S-expression for a sublist with a type (the car of the
- list) matching the string TOKEN. If TOKLEN is not 0, the token is
- assumed to be raw memory of this length. The function returns a
- newly allocated S-expression consisting of the found sublist or
- `NULL' when not found. */
-gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
- const char *tok, size_t toklen);
-/* Return the length of the LIST. For a valid S-expression this
- should be at least 1. */
-int gcry_sexp_length (const gcry_sexp_t list);
-
-/* Create and return a new S-expression from the element with index
- NUMBER in LIST. Note that the first element has the index 0. If
- there is no such element, `NULL' is returned. */
-gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
-
-/* Create and return a new S-expression from the first element in
- LIST; this called the "type" and should always exist and be a
- string. `NULL' is returned in case of a problem. */
-gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
-
-/* Create and return a new list form all elements except for the first
- one. Note, that this function may return an invalid S-expression
- because it is not guaranteed, that the type exists and is a string.
- However, for parsing a complex S-expression it might be useful for
- intermediate lists. Returns `NULL' on error. */
-gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
-
-gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
-
-
-/* This function is used to get data from a LIST. A pointer to the
- actual data with index NUMBER is returned and the length of this
- data will be stored to DATALEN. If there is no data at the given
- index or the index represents another list, `NULL' is returned.
- *Note:* The returned pointer is valid as long as LIST is not
- modified or released. */
-const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
- size_t *datalen);
-
-/* This function is used to get and convert data from a LIST. The
- data is assumed to be a Nul terminated string. The caller must
- release the returned value using `gcry_free'. If there is no data
- at the given index, the index represents a list or the value can't
- be converted to a string, `NULL' is returned. */
-char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
-
-/* This function is used to get and convert data from a LIST. This
- data is assumed to be an MPI stored in the format described by
- MPIFMT and returned as a standard Libgcrypt MPI. The caller must
- release this returned value using `gcry_mpi_release'. If there is
- no data at the given index, the index represents a list or the
- value can't be converted to an MPI, `NULL' is returned. */
-gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
-
-
-
-/*******************************************
- * *
- * Multi Precision Integer Functions *
- * *
- *******************************************/
-
-/* Different formats of external big integer representation. */
-enum gcry_mpi_format
- {
- GCRYMPI_FMT_NONE= 0,
- GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
- GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
- GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
- GCRYMPI_FMT_HEX = 4, /* Hex format. */
- GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
- };
-
-/* Flags used for creating big integers. */
-enum gcry_mpi_flag
- {
- GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
- GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
- a way to store some bytes. This is
- useful for encrypted big integers. */
- };
-
-
-/* Allocate a new big integer object, initialize it with 0 and
- initially allocate memory for a number of at least NBITS. */
-gcry_mpi_t gcry_mpi_new (unsigned int nbits);
-
-/* Same as gcry_mpi_new() but allocate in "secure" memory. */
-gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
-
-/* Release the number A and free all associated resources. */
-void gcry_mpi_release (gcry_mpi_t a);
-
-/* Create a new number with the same value as A. */
-gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
-
-/* Store the big integer value U in W. */
-gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
-
-/* Store the unsigned integer value U in W. */
-gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
-
-/* Swap the values of A and B. */
-void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
-
-/* Compare the big integer number U and V returning 0 for equality, a
- positive value for U > V and a negative for U < V. */
-int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
-
-/* Compare the big integer number U with the unsigned integer V
- returning 0 for equality, a positive value for U > V and a negative
- for U < V. */
-int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
-
-/* Convert the external representation of an integer stored in BUFFER
- with a length of BUFLEN into a newly create MPI returned in
- RET_MPI. If NSCANNED is not NULL, it will receive the number of
- bytes actually scanned after a successful operation. */
-gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
- const void *buffer, size_t buflen,
- size_t *nscanned);
-
-/* Convert the big integer A into the external representation
- described by FORMAT and store it in the provided BUFFER which has
- been allocated by the user with a size of BUFLEN bytes. NWRITTEN
- receives the actual length of the external representation unless it
- has been passed as NULL. */
-gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
- unsigned char *buffer, size_t buflen,
- size_t *nwritten,
- const gcry_mpi_t a);
-
-/* Convert the big integer A int the external representation described
- by FORMAT and store it in a newly allocated buffer which address
- will be put into BUFFER. NWRITTEN receives the actual lengths of the
- external representation. */
-gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
- unsigned char **buffer, size_t *nwritten,
- const gcry_mpi_t a);
-
-/* Dump the value of A in a format suitable for debugging to
- Libgcrypt's logging stream. Note that one leading space but no
- trailing space or linefeed will be printed. It is okay to pass
- NULL for A. */
-void gcry_mpi_dump (const gcry_mpi_t a);
-
-
-/* W = U + V. */
-void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
-
-/* W = U + V. V is an unsigned integer. */
-void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
-
-/* W = U + V mod M. */
-void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
-
-/* W = U - V. */
-void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
-
-/* W = U - V. V is an unsigned integer. */
-void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
-
-/* W = U - V mod M */
-void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
-
-/* W = U * V. */
-void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
-
-/* W = U * V. V is an unsigned integer. */
-void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
-
-/* W = U * V mod M. */
-void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
-
-/* W = U * (2 ^ CNT). */
-void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
-
-/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
- Q or R may be passed as NULL. ROUND should be negative or 0. */
-void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
- gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
-
-/* R = DIVIDEND % DIVISOR */
-void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
-
-/* W = B ^ E mod M. */
-void gcry_mpi_powm (gcry_mpi_t w,
- const gcry_mpi_t b, const gcry_mpi_t e,
- const gcry_mpi_t m);
-
-/* Set G to the greatest common divisor of A and B.
- Return true if the G is 1. */
-int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
-
-/* Set X to the multiplicative inverse of A mod M.
- Return true if the value exists. */
-int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
-
-
-/* Return the number of bits required to represent A. */
-unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
-
-/* Return true when bit number N (counting from 0) is set in A. */
-int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
-
-/* Set bit number N in A. */
-void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
-
-/* Clear bit number N in A. */
-void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
-
-/* Set bit number N in A and clear all bits greater than N. */
-void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
-
-/* Clear bit number N in A and all bits greater than N. */
-void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
-
-/* Shift the value of A by N bits to the right and store the result in X. */
-void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
-
-/* Shift the value of A by N bits to the left and store the result in X. */
-void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
-
-/* Store NBITS of the value P points to in A and mark A as an opaque
- value. WARNING: Never use an opaque MPI for anything thing else then
- gcry_mpi_release, gcry_mpi_get_opaque. */
-gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
-
-/* Return a pointer to an opaque value stored in A and return its size
- in NBITS. Note that the returned pointer is still owned by A and
- that the function should never be used for an non-opaque MPI. */
-void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
-
-/* Set the FLAG for the big integer A. Currently only the flag
- GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
- stored in "secure" memory. */
-void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
-
-/* Clear FLAG for the big integer A. Note that this function is
- currently useless as no flags are allowed. */
-void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
-
-/* Return true when the FLAG is set for A. */
-int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
-
-/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
- convenience macros for the big integer functions. */
-#ifndef GCRYPT_NO_MPI_MACROS
-#define mpi_new(n) gcry_mpi_new( (n) )
-#define mpi_secure_new( n ) gcry_mpi_snew( (n) )
-#define mpi_release(a) \
- do \
- { \
- gcry_mpi_release ((a)); \
- (a) = NULL; \
- } \
- while (0)
-
-#define mpi_copy( a ) gcry_mpi_copy( (a) )
-#define mpi_set( w, u) gcry_mpi_set( (w), (u) )
-#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
-#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
-#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
-
-#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
-#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
-#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
-#define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v))
-#define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v))
-#define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m))
-#define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v))
-#define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
-#define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v))
-#define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m))
-#define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) )
-#define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0)
-#define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1)
-#define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m))
-#define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
-#define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
-
-#define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
-#define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
-#define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
-#define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b))
-#define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b))
-#define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
-#define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c))
-#define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c))
-
-#define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
-#define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) )
-#endif /* GCRYPT_NO_MPI_MACROS */
-
-
-
-/************************************
- * *
- * Symmetric Cipher Functions *
- * *
- ************************************/
-
-/* The data object used to hold a handle to an encryption object. */
-struct gcry_cipher_handle;
-typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
-
-#ifndef GCRYPT_NO_DEPRECATED
-typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
-typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
-#endif
-
-/* All symmetric encryption algorithms are identified by their IDs.
- More IDs may be registered at runtime. */
-enum gcry_cipher_algos
- {
- GCRY_CIPHER_NONE = 0,
- GCRY_CIPHER_IDEA = 1,
- GCRY_CIPHER_3DES = 2,
- GCRY_CIPHER_CAST5 = 3,
- GCRY_CIPHER_BLOWFISH = 4,
- GCRY_CIPHER_SAFER_SK128 = 5,
- GCRY_CIPHER_DES_SK = 6,
- GCRY_CIPHER_AES = 7,
- GCRY_CIPHER_AES192 = 8,
- GCRY_CIPHER_AES256 = 9,
- GCRY_CIPHER_TWOFISH = 10,
-
- /* Other cipher numbers are above 300 for OpenPGP reasons. */
- GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
- GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
- GCRY_CIPHER_TWOFISH128 = 303,
- GCRY_CIPHER_SERPENT128 = 304,
- GCRY_CIPHER_SERPENT192 = 305,
- GCRY_CIPHER_SERPENT256 = 306,
- GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
- GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
- GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
- GCRY_CIPHER_CAMELLIA128 = 310,
- GCRY_CIPHER_CAMELLIA192 = 311,
- GCRY_CIPHER_CAMELLIA256 = 312
- };
-
-/* The Rijndael algorithm is basically AES, so provide some macros. */
-#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
-#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
-#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
-#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
-#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
-
-/* The supported encryption modes. Note that not all of them are
- supported for each algorithm. */
-enum gcry_cipher_modes
- {
- GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
- GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
- GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
- GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
- GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
- GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
- GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
- GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
- };
-
-/* Flags used with the open function. */
-enum gcry_cipher_flags
- {
- GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
- GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
- GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
- GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
- };
-
-
-/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
- be given as an bitwise OR of the gcry_cipher_flags values. */
-gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
- int algo, int mode, unsigned int flags);
-
-/* Close the cioher handle H and release all resource. */
-void gcry_cipher_close (gcry_cipher_hd_t h);
-
-/* Perform various operations on the cipher object H. */
-gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
- size_t buflen);
-
-/* Retrieve various information about the cipher object H. */
-gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
- size_t *nbytes);
-
-/* Retrieve various information about the cipher algorithm ALGO. */
-gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
- size_t *nbytes);
-
-/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
- string representation of the algorithm name. For unknown algorithm
- IDs this function returns "?". */
-const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
-
-/* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if
- the algorithm name is not known. */
-int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
-
-/* Given an ASN.1 object identifier in standard IETF dotted decimal
- format in STRING, return the encryption mode associated with that
- OID or 0 if not known or applicable. */
-int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
-
-/* Encrypt the plaintext of size INLEN in IN using the cipher handle H
- into the buffer OUT which has an allocated length of OUTSIZE. For
- most algorithms it is possible to pass NULL for in and 0 for INLEN
- and do a in-place decryption of the data provided in OUT. */
-gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
- void *out, size_t outsize,
- const void *in, size_t inlen);
-
-/* The counterpart to gcry_cipher_encrypt. */
-gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
- void *out, size_t outsize,
- const void *in, size_t inlen);
-
-/* Set KEY of length KEYLEN bytes for the cipher handle HD. */
-gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
- const void *key, size_t keylen);
-
-
-/* Set initialization vector IV of length IVLEN for the cipher handle HD. */
-gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
- const void *iv, size_t ivlen);
-
-
-/* Reset the handle to the state after open. */
-#define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
-
-/* Perform the OpenPGP sync operation if this is enabled for the
- cipher handle H. */
-#define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0)
-
-/* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
-#define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
- NULL, on )
-
-/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
- block size length, or (NULL,0) to set the CTR to the all-zero block. */
-gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
- const void *ctr, size_t ctrlen);
-
-/* Retrieved the key length in bytes used with algorithm A. */
-size_t gcry_cipher_get_algo_keylen (int algo);
-
-/* Retrieve the block length in bytes used with algorithm A. */
-size_t gcry_cipher_get_algo_blklen (int algo);
-
-/* Return 0 if the algorithm A is available for use. */
-#define gcry_cipher_test_algo(a) \
- gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
-
-/* Get a list consisting of the IDs of the loaded cipher modules. If
- LIST is zero, write the number of loaded cipher modules to
- LIST_LENGTH and return. If LIST is non-zero, the first
- *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
- according size. In case there are less cipher modules than
- *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
-gcry_error_t gcry_cipher_list (int *list, int *list_length);
-
-
-/************************************
- * *
- * Asymmetric Cipher Functions *
- * *
- ************************************/
-
-/* The algorithms and their IDs we support. */
-enum gcry_pk_algos
- {
- GCRY_PK_RSA = 1,
- GCRY_PK_RSA_E = 2, /* (deprecated) */
- GCRY_PK_RSA_S = 3, /* (deprecated) */
- GCRY_PK_ELG_E = 16,
- GCRY_PK_DSA = 17,
- GCRY_PK_ELG = 20,
- GCRY_PK_ECDSA = 301
- };
-
-/* Flags describing usage capabilities of a PK algorithm. */
-#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
-#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
-#define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
-#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
-#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
-
-/* Encrypt the DATA using the public key PKEY and store the result as
- a newly created S-expression at RESULT. */
-gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t pkey);
-
-/* Decrypt the DATA using the private key SKEY and store the result as
- a newly created S-expression at RESULT. */
-gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t skey);
-
-/* Sign the DATA using the private key SKEY and store the result as
- a newly created S-expression at RESULT. */
-gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
- gcry_sexp_t data, gcry_sexp_t skey);
-
-/* Check the signature SIGVAL on DATA using the public key PKEY. */
-gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
- gcry_sexp_t data, gcry_sexp_t pkey);
-
-/* Check that private KEY is sane. */
-gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
-
-/* Generate a new key pair according to the parameters given in
- S_PARMS. The new key pair is returned in as an S-expression in
- R_KEY. */
-gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
-
-/* Catch all function for miscellaneous operations. */
-gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
-
-/* Retrieve information about the public key algorithm ALGO. */
-gcry_error_t gcry_pk_algo_info (int algo, int what,
- void *buffer, size_t *nbytes);
-
-/* Map the public key algorithm whose ID is contained in ALGORITHM to
- a string representation of the algorithm name. For unknown
- algorithm IDs this functions returns "?". */
-const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
-
-/* Map the algorithm NAME to a public key algorithm Id. Return 0 if
- the algorithm name is not known. */
-int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
-
-/* Return what is commonly referred as the key length for the given
- public or private KEY. */
-unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
-
-/* Please note that keygrip is still experimental and should not be
- used without contacting the author. */
-unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
-
-/* Return 0 if the public key algorithm A is available for use. */
-#define gcry_pk_test_algo(a) \
- gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
-
-/* Get a list consisting of the IDs of the loaded pubkey modules. If
- LIST is zero, write the number of loaded pubkey modules to
- LIST_LENGTH and return. If LIST is non-zero, the first
- *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
- according size. In case there are less pubkey modules than
- *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
-gcry_error_t gcry_pk_list (int *list, int *list_length);
-
-
-
-/************************************
- * *
- * Cryptograhic Hash Functions *
- * *
- ************************************/
-
-/* Algorithm IDs for the hash functions we know about. Not all of them
- are implemnted. */
-enum gcry_md_algos
- {
- GCRY_MD_NONE = 0,
- GCRY_MD_MD5 = 1,
- GCRY_MD_SHA1 = 2,
- GCRY_MD_RMD160 = 3,
- GCRY_MD_MD2 = 5,
- GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */
- GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
- GCRY_MD_SHA256 = 8,
- GCRY_MD_SHA384 = 9,
- GCRY_MD_SHA512 = 10,
- GCRY_MD_SHA224 = 11,
- GCRY_MD_MD4 = 301,
- GCRY_MD_CRC32 = 302,
- GCRY_MD_CRC32_RFC1510 = 303,
- GCRY_MD_CRC24_RFC2440 = 304,
- GCRY_MD_WHIRLPOOL = 305,
- GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */
- GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
- };
-
-/* Flags used with the open function. */
-enum gcry_md_flags
- {
- GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
- GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
- };
-
-/* (Forward declaration.) */
-struct gcry_md_context;
-
-/* This object is used to hold a handle to a message digest object.
- This structure is private - only to be used by the public gcry_md_*
- macros. */
-typedef struct gcry_md_handle
-{
- /* Actual context. */
- struct gcry_md_context *ctx;
-
- /* Buffer management. */
- int bufpos;
- int bufsize;
- unsigned char buf[1];
-} *gcry_md_hd_t;
-
-/* Compatibility types, do not use them. */
-#ifndef GCRYPT_NO_DEPRECATED
-typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
-typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
-#endif
-
-/* Create a message digest object for algorithm ALGO. FLAGS may be
- given as an bitwise OR of the gcry_md_flags values. ALGO may be
- given as 0 if the algorithms to be used are later set using
- gcry_md_enable. */
-gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
-
-/* Release the message digest object HD. */
-void gcry_md_close (gcry_md_hd_t hd);
-
-/* Add the message digest algorithm ALGO to the digest object HD. */
-gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
-
-/* Create a new digest object as an exact copy of the object HD. */
-gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
-
-/* Reset the digest object HD to its initial state. */
-void gcry_md_reset (gcry_md_hd_t hd);
-
-/* Perform various operations on the digest object HD. */
-gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
- void *buffer, size_t buflen);
-
-/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
- it can update the digest values. This is the actual hash
- function. */
-void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
-
-/* Read out the final digest from HD return the digest value for
- algorithm ALGO. */
-unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
-
-/* Convenience function to calculate the hash from the data in BUFFER
- of size LENGTH using the algorithm ALGO avoiding the creating of a
- hash object. The hash is returned in the caller provided buffer
- DIGEST which must be large enough to hold the digest of the given
- algorithm. */
-void gcry_md_hash_buffer (int algo, void *digest,
- const void *buffer, size_t length);
-
-/* Retrieve the algorithm used with HD. This does not work reliable
- if more than one algorithm is enabled in HD. */
-int gcry_md_get_algo (gcry_md_hd_t hd);
-
-/* Retrieve the length in bytes of the digest yielded by algorithm
- ALGO. */
-unsigned int gcry_md_get_algo_dlen (int algo);
-
-/* Return true if the the algorithm ALGO is enabled in the digest
- object A. */
-int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
-
-/* Return true if the digest object A is allocated in "secure" memory. */
-int gcry_md_is_secure (gcry_md_hd_t a);
-
-/* Retrieve various information about the object H. */
-gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
- size_t *nbytes);
-
-/* Retrieve various information about the algorithm ALGO. */
-gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
- size_t *nbytes);
-
-/* Map the digest algorithm id ALGO to a string representation of the
- algorithm name. For unknown algorithms this function returns
- "?". */
-const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
-
-/* Map the algorithm NAME to a digest algorithm Id. Return 0 if
- the algorithm name is not known. */
-int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
-
-/* For use with the HMAC feature, the set MAC key to the KEY of
- KEYLEN bytes. */
-gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
-
-/* Start or stop debugging for digest handle HD; i.e. create a file
- named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL,
- debugging stops and the file will be closed. */
-void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
-
-
-/* Update the hash(s) of H with the character C. This is a buffered
- version of the gcry_md_write function. */
-#define gcry_md_putc(h,c) \
- do { \
- gcry_md_hd_t h__ = (h); \
- if( (h__)->bufpos == (h__)->bufsize ) \
- gcry_md_write( (h__), NULL, 0 ); \
- (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
- } while(0)
-
-/* Finalize the digest calculation. This is not really needed because
- gcry_md_read() does this implicitly. */
-#define gcry_md_final(a) \
- gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
-
-/* Return 0 if the algorithm A is available for use. */
-#define gcry_md_test_algo(a) \
- gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
-
-/* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
- must point to size_t variable with the available size of buffer B.
- After return it will receive the actual size of the returned
- OID. */
-#define gcry_md_get_asnoid(a,b,n) \
- gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
-
-/* Enable debugging for digest object A; i.e. create files named
- dbgmd-<n>.<string> while hashing. B is a string used as the suffix
- for the filename. This macro is deprecated, use gcry_md_debug. */
-#ifndef GCRYPT_NO_DEPRECATED
-#define gcry_md_start_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
-
-/* Disable the debugging of A. This macro is deprecated, use
- gcry_md_debug. */
-#define gcry_md_stop_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
-#endif
-
-/* Get a list consisting of the IDs of the loaded message digest
- modules. If LIST is zero, write the number of loaded message
- digest modules to LIST_LENGTH and return. If LIST is non-zero, the
- first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
- of according size. In case there are less message digest modules
- than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
- number. */
-gcry_error_t gcry_md_list (int *list, int *list_length);
-
-
-
-/* Alternative interface for asymmetric cryptography. This interface
- is deprecated. */
-
-/* The algorithm IDs. */
-typedef enum gcry_ac_id
- {
- GCRY_AC_RSA = 1,
- GCRY_AC_DSA = 17,
- GCRY_AC_ELG = 20,
- GCRY_AC_ELG_E = 16
- }
-gcry_ac_id_t;
-
-/* Key types. */
-typedef enum gcry_ac_key_type
- {
- GCRY_AC_KEY_SECRET,
- GCRY_AC_KEY_PUBLIC
- }
-gcry_ac_key_type_t;
-
-/* Encoding methods. */
-typedef enum gcry_ac_em
- {
- GCRY_AC_EME_PKCS_V1_5,
- GCRY_AC_EMSA_PKCS_V1_5
- }
-gcry_ac_em_t;
-
-/* Encryption and Signature schemes. */
-typedef enum gcry_ac_scheme
- {
- GCRY_AC_ES_PKCS_V1_5,
- GCRY_AC_SSA_PKCS_V1_5
- }
-gcry_ac_scheme_t;
-
-/* AC data. */
-#define GCRY_AC_FLAG_DEALLOC (1 << 0)
-#define GCRY_AC_FLAG_COPY (1 << 1)
-#define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
-
-/* This type represents a `data set'. */
-typedef struct gcry_ac_data *gcry_ac_data_t;
-
-/* This type represents a single `key', either a secret one or a
- public one. */
-typedef struct gcry_ac_key *gcry_ac_key_t;
-
-/* This type represents a `key pair' containing a secret and a public
- key. */
-typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
-
-/* This type represents a `handle' that is needed by functions
- performing cryptographic operations. */
-typedef struct gcry_ac_handle *gcry_ac_handle_t;
-
-typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
- unsigned char *buffer,
- size_t *buffer_n);
-
-typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
- unsigned char *buffer,
- size_t buffer_n);
-
-typedef enum
- {
- GCRY_AC_IO_READABLE,
- GCRY_AC_IO_WRITABLE
- }
-gcry_ac_io_mode_t;
-
-typedef enum
- {
- GCRY_AC_IO_STRING,
- GCRY_AC_IO_CALLBACK
- }
-gcry_ac_io_type_t;
-
-typedef struct gcry_ac_io
-{
- /* This is an INTERNAL structure, do NOT use manually. */
- gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
- gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
- union
- {
- union
- {
- struct
- {
- gcry_ac_data_read_cb_t cb;
- void *opaque;
- } callback;
- struct
- {
- unsigned char *data;
- size_t data_n;
- } string;
- void *opaque;
- } readable;
- union
- {
- struct
- {
- gcry_ac_data_write_cb_t cb;
- void *opaque;
- } callback;
- struct
- {
- unsigned char **data;
- size_t *data_n;
- } string;
- void *opaque;
- } writable;
- } io _GCRY_ATTR_INTERNAL;
-}
-gcry_ac_io_t;
-
-/* The caller of gcry_ac_key_pair_generate can provide one of these
- structures in order to influence the key generation process in an
- algorithm-specific way. */
-typedef struct gcry_ac_key_spec_rsa
-{
- gcry_mpi_t e; /* E to use. */
-} gcry_ac_key_spec_rsa_t;
-
-/* Structure used for passing data to the implementation of the
- `EME-PKCS-V1_5' encoding method. */
-typedef struct gcry_ac_eme_pkcs_v1_5
-{
- size_t key_size;
-} gcry_ac_eme_pkcs_v1_5_t;
-
-typedef enum gcry_md_algos gcry_md_algo_t;
-
-/* Structure used for passing data to the implementation of the
- `EMSA-PKCS-V1_5' encoding method. */
-typedef struct gcry_ac_emsa_pkcs_v1_5
-{
- gcry_md_algo_t md;
- size_t em_n;
-} gcry_ac_emsa_pkcs_v1_5_t;
-
-/* Structure used for passing data to the implementation of the
- `SSA-PKCS-V1_5' signature scheme. */
-typedef struct gcry_ac_ssa_pkcs_v1_5
-{
- gcry_md_algo_t md;
-} gcry_ac_ssa_pkcs_v1_5_t;
-
-/* Returns a new, empty data set in DATA. */
-gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
-
-/* Destroy the data set DATA. */
-void gcry_ac_data_destroy (gcry_ac_data_t data);
-
-/* Create a copy of the data set DATA and store it in DATA_CP. */
-gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
- gcry_ac_data_t data);
-
-/* Return the number of named MPI values inside of the data set
- DATA. */
-unsigned int gcry_ac_data_length (gcry_ac_data_t data);
-
-/* Destroy any values contained in the data set DATA. */
-void gcry_ac_data_clear (gcry_ac_data_t data);
-
-/* Add the value MPI to DATA with the label NAME. If FLAGS contains
- GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
- and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
- GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
- be deallocated when they are to be removed from the data set. */
-gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t mpi);
-
-/* Store the value labelled with NAME found in DATA in MPI. If FLAGS
- contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
- in the data set. MPI may be NULL. */
-gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t *mpi);
-
-/* Stores in NAME and MPI the named MPI value contained in the data
- set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
- store copies of the values contained in the data set. NAME or MPI
- may be NULL. */
-gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
- unsigned int idx,
- const char **name, gcry_mpi_t *mpi);
-
-/* Convert the data set DATA into a new S-Expression, which is to be
- stored in SEXP, according to the identifiers contained in
- IDENTIFIERS. */
-gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
- const char **identifiers);
-
-/* Create a new data set, which is to be stored in DATA_SET, from the
- S-Expression SEXP, according to the identifiers contained in
- IDENTIFIERS. */
-gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
- const char **identifiers);
-
-/* Initialize AC_IO according to MODE, TYPE and the variable list of
- arguments. The list of variable arguments to specify depends on
- the given TYPE. */
-void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
- gcry_ac_io_type_t type, ...);
-
-/* Initialize AC_IO according to MODE, TYPE and the variable list of
- arguments AP. The list of variable arguments to specify depends on
- the given TYPE. */
-void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
- gcry_ac_io_type_t type, va_list ap);
-
-/* Create a new ac handle. */
-gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
- gcry_ac_id_t algorithm, unsigned int flags);
-
-/* Destroy an ac handle. */
-void gcry_ac_close (gcry_ac_handle_t handle);
-
-/* Initialize a key from a given data set. */
-gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
- gcry_ac_key_type_t type, gcry_ac_data_t data);
-
-/* Generates a new key pair via the handle HANDLE of NBITS bits and
- stores it in KEY_PAIR. In case non-standard settings are wanted, a
- pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
- matching the selected algorithm, can be given as KEY_SPEC.
- MISC_DATA is not used yet. */
-gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
- unsigned int nbits, void *spec,
- gcry_ac_key_pair_t *key_pair,
- gcry_mpi_t **misc_data);
-
-/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
-gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
- gcry_ac_key_type_t which);
-
-/* Returns the data set contained in the key KEY. */
-gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
-
-/* Verifies that the key KEY is sane via HANDLE. */
-gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
-
-/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
-gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
- gcry_ac_key_t key, unsigned int *nbits);
-
-/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
- HANDLE. */
-gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
- unsigned char *key_grip);
-
-/* Destroy a key. */
-void gcry_ac_key_destroy (gcry_ac_key_t key);
-
-/* Destroy a key pair. */
-void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
-
-/* Encodes a message according to the encoding method METHOD. OPTIONS
- must be a pointer to a method-specific structure
- (gcry_ac_em*_t). */
-gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
- unsigned int flags, void *options,
- gcry_ac_io_t *io_read,
- gcry_ac_io_t *io_write);
-
-/* Decodes a message according to the encoding method METHOD. OPTIONS
- must be a pointer to a method-specific structure
- (gcry_ac_em*_t). */
-gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
- unsigned int flags, void *options,
- gcry_ac_io_t *io_read,
- gcry_ac_io_t *io_write);
-
-/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
- the control of the flags FLAGS and store the resulting data set
- into DATA_ENCRYPTED. */
-gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t data_plain,
- gcry_ac_data_t *data_encrypted);
-
-/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
- with the key KEY under the control of the flags FLAGS and store the
- resulting plain text MPI value in DATA_PLAIN. */
-gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t *data_plain,
- gcry_ac_data_t data_encrypted);
-
-/* Sign the data contained in DATA with the key KEY and store the
- resulting signature in the data set DATA_SIGNATURE. */
-gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t *data_signature);
-
-/* Verify that the signature contained in the data set DATA_SIGNATURE
- is indeed the result of signing the data contained in DATA with the
- secret key belonging to the public key KEY. */
-gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t data_signature);
-
-/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
- with the public key KEY according to SCHEME, FLAGS and OPTS. If
- OPTS is not NULL, it has to be a pointer to a structure specific to
- the chosen scheme (gcry_ac_es_*_t). The encrypted message is
- written to IO_CIPHER. */
-gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_cipher);
-
-/* Decrypts the cipher text readable from IO_CIPHER through HANDLE
- with the secret key KEY according to SCHEME, @var{flags} and OPTS.
- If OPTS is not NULL, it has to be a pointer to a structure specific
- to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
- written to IO_MESSAGE. */
-gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_cipher,
- gcry_ac_io_t *io_message);
-
-/* Signs the message readable from IO_MESSAGE through HANDLE with the
- secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
- NULL, it has to be a pointer to a structure specific to the chosen
- scheme (gcry_ac_ssa_*_t). The signature is written to
- IO_SIGNATURE. */
-gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_signature);
-
-/* Verifies through HANDLE that the signature readable from
- IO_SIGNATURE is indeed the result of signing the message readable
- from IO_MESSAGE with the secret key belonging to the public key KEY
- according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
- anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
- scheme. */
-gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_signature);
-
-/* Store the textual representation of the algorithm whose id is given
- in ALGORITHM in NAME. This function is deprecated; use
- gcry_pk_algo_name. */
-#ifndef GCRYPT_NO_DEPRECATED
-gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
- const char **name)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
-/* Store the numeric ID of the algorithm whose textual representation
- is contained in NAME in ALGORITHM. This function is deprecated;
- use gcry_pk_map_name. */
-gcry_error_t gcry_ac_name_to_id (const char *name,
- gcry_ac_id_t *algorithm)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
-#endif
-
-
-/************************************
- * *
- * Random Generating Functions *
- * *
- ************************************/
-
-/* The possible values for the random quality. The rule of thumb is
- to use STRONG for session keys and VERY_STRONG for key material.
- WEAK is usually an alias for STRONG and should not be used anymore
- (except with gcry_mpi_randomize); use gcry_create_nonce instead. */
-typedef enum gcry_random_level
- {
- GCRY_WEAK_RANDOM = 0,
- GCRY_STRONG_RANDOM = 1,
- GCRY_VERY_STRONG_RANDOM = 2
- }
-gcry_random_level_t;
-
-/* Fill BUFFER with LENGTH bytes of random, using random numbers of
- quality LEVEL. */
-void gcry_randomize (void *buffer, size_t length,
- enum gcry_random_level level);
-
-/* Add the external random from BUFFER with LENGTH bytes into the
- pool. QUALITY should either be -1 for unknown or in the range of 0
- to 100 */
-gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
- int quality);
-
-/* If random numbers are used in an application, this macro should be
- called from time to time so that new stuff gets added to the
- internal pool of the RNG. */
-#define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
-
-
-/* Return NBYTES of allocated random using a random numbers of quality
- LEVEL. */
-void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
- _GCRY_GCC_ATTR_MALLOC;
-
-/* Return NBYTES of allocated random using a random numbers of quality
- LEVEL. The random numbers are created returned in "secure"
- memory. */
-void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
- _GCRY_GCC_ATTR_MALLOC;
-
-
-/* Set the big integer W to a random value of NBITS using a random
- generator with quality LEVEL. Note that by using a level of
- GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
-void gcry_mpi_randomize (gcry_mpi_t w,
- unsigned int nbits, enum gcry_random_level level);
-
-
-/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
-void gcry_create_nonce (void *buffer, size_t length);
-
-
-
-
-
-/*******************************/
-/* */
-/* Prime Number Functions */
-/* */
-/*******************************/
-
-/* Mode values passed to a gcry_prime_check_func_t. */
-#define GCRY_PRIME_CHECK_AT_FINISH 0
-#define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
-#define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
-
-/* The function should return 1 if the operation shall continue, 0 to
- reject the prime candidate. */
-typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
- gcry_mpi_t candidate);
-
-/* Flags for gcry_prime_generate(): */
-
-/* Allocate prime numbers and factors in secure memory. */
-#define GCRY_PRIME_FLAG_SECRET (1 << 0)
-
-/* Make sure that at least one prime factor is of size
- `FACTOR_BITS'. */
-#define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
-
-/* Generate a new prime number of PRIME_BITS bits and store it in
- PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
- (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
- non-zero, allocate a new, NULL-terminated array holding the prime
- factors and store it in FACTORS. FLAGS might be used to influence
- the prime number generation process. */
-gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
- unsigned int prime_bits,
- unsigned int factor_bits,
- gcry_mpi_t **factors,
- gcry_prime_check_func_t cb_func,
- void *cb_arg,
- gcry_random_level_t random_level,
- unsigned int flags);
-
-/* Find a generator for PRIME where the factorization of (prime-1) is
- in the NULL terminated array FACTORS. Return the generator as a
- newly allocated MPI in R_G. If START_G is not NULL, use this as
- teh start for the search. */
-gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
- gcry_mpi_t prime,
- gcry_mpi_t *factors,
- gcry_mpi_t start_g);
-
-
-/* Convenience function to release the FACTORS array. */
-void gcry_prime_release_factors (gcry_mpi_t *factors);
-
-
-/* Check wether the number X is prime. */
-gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
-
-
-
-/************************************
- * *
- * Miscellaneous Stuff *
- * *
- ************************************/
-
-/* Log levels used by the internal logging facility. */
-enum gcry_log_levels
- {
- GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
- GCRY_LOG_INFO = 10,
- GCRY_LOG_WARN = 20,
- GCRY_LOG_ERROR = 30,
- GCRY_LOG_FATAL = 40,
- GCRY_LOG_BUG = 50,
- GCRY_LOG_DEBUG = 100
- };
-
-/* Type for progress handlers. */
-typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
-
-/* Type for memory allocation handlers. */
-typedef void *(*gcry_handler_alloc_t) (size_t n);
-
-/* Type for secure memory check handlers. */
-typedef int (*gcry_handler_secure_check_t) (const void *);
-
-/* Type for memory reallocation handlers. */
-typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
-
-/* Type for memory free handlers. */
-typedef void (*gcry_handler_free_t) (void *);
-
-/* Type for out-of-memory handlers. */
-typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
-
-/* Type for fatal error handlers. */
-typedef void (*gcry_handler_error_t) (void *, int, const char *);
-
-/* Type for logging handlers. */
-typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
-
-/* Certain operations can provide progress information. This function
- is used to register a handler for retrieving these information. */
-void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
-
-
-/* Register a custom memory allocation functions. */
-void gcry_set_allocation_handler (
- gcry_handler_alloc_t func_alloc,
- gcry_handler_alloc_t func_alloc_secure,
- gcry_handler_secure_check_t func_secure_check,
- gcry_handler_realloc_t func_realloc,
- gcry_handler_free_t func_free);
-
-/* Register a function used instead of the internal out of memory
- handler. */
-void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
-
-/* Register a function used instead of the internal fatal error
- handler. */
-void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
-
-/* Register a function used instead of the internal logging
- facility. */
-void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
-
-/* Reserved for future use. */
-void gcry_set_gettext_handler (const char *(*f)(const char*));
-
-/* Libgcrypt uses its own memory allocation. It is important to use
- gcry_free () to release memory allocated by libgcrypt. */
-void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_realloc (void *a, size_t n);
-char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
-void *gcry_xrealloc (void *a, size_t n);
-char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
-void gcry_free (void *a);
-
-/* Return true if A is allocated in "secure" memory. */
-int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
-
-/* Return true if Libgcrypt is in FIPS mode. */
-#define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
-
-
-/* Include support for Libgcrypt modules. */
-#include <gcrypt-module.h>
-
-#if 0 /* (Keep Emacsens' auto-indent happy.) */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif /* _GCRYPT_H */
+/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
+ Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
+
+ This file is part of Libgcrypt.
+
+ Libgcrypt is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ Libgcrypt is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+ File: @configure_input@ */
+
+#ifndef _GCRYPT_H
+#define _GCRYPT_H
+
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+
+#include <gpg-error.h>
+
+#include <sys/types.h>
+
+#if defined _WIN32 || defined __WIN32__
+# include <winsock2.h>
+# include <ws2tcpip.h>
+# include <time.h>
+# ifndef __GNUC__
+ typedef long ssize_t;
+ typedef int pid_t;
+# endif /*!__GNUC__*/
+#else
+# include <sys/socket.h>
+# include <sys/time.h>
+#@INSERT_SYS_SELECT_H@
+#endif /*!_WIN32*/
+
+@FALLBACK_SOCKLEN_T@
+
+/* This is required for error code compatibility. */
+#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
+
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* (Keep Emacsens' auto-indent happy.) */
+}
+#endif
+#endif
+
+/* The version of this header should match the one of the library. It
+ should not be used by a program because gcry_check_version() should
+ return the same version. The purpose of this macro is to let
+ autoconf (using the AM_PATH_GCRYPT macro) check that this header
+ matches the installed library. */
+#define GCRYPT_VERSION "@VERSION@"
+
+/* Internal: We can't use the convenience macros for the multi
+ precision integer functions when building this library. */
+#ifdef _GCRYPT_IN_LIBGCRYPT
+#ifndef GCRYPT_NO_MPI_MACROS
+#define GCRYPT_NO_MPI_MACROS 1
+#endif
+#endif
+
+/* We want to use gcc attributes when possible. Warning: Don't use
+ these macros in your programs: As indicated by the leading
+ underscore they are subject to change without notice. */
+#ifdef __GNUC__
+
+#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
+ + __GNUC_MINOR__ * 100 \
+ + __GNUC_PATCHLEVEL__)
+
+#if _GCRY_GCC_VERSION >= 30100
+#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
+#endif
+
+#if _GCRY_GCC_VERSION >= 29600
+#define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
+#endif
+
+#if _GCRY_GCC_VERSION >= 30200
+#define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
+#endif
+
+#endif /*__GNUC__*/
+
+#ifndef _GCRY_GCC_ATTR_DEPRECATED
+#define _GCRY_GCC_ATTR_DEPRECATED
+#endif
+#ifndef _GCRY_GCC_ATTR_PURE
+#define _GCRY_GCC_ATTR_PURE
+#endif
+#ifndef _GCRY_GCC_ATTR_MALLOC
+#define _GCRY_GCC_ATTR_MALLOC
+#endif
+
+/* Some members in a public type should only be used internally.
+ There is no "internal" attribute, so we abuse the deprecated
+ attribute to discourage external use. */
+#ifdef _GCRYPT_IN_LIBGCRYPT
+#define _GCRY_ATTR_INTERNAL
+#else
+#define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED
+#endif
+
+/* Wrappers for the libgpg-error library. */
+
+typedef gpg_error_t gcry_error_t;
+typedef gpg_err_code_t gcry_err_code_t;
+typedef gpg_err_source_t gcry_err_source_t;
+
+static GPG_ERR_INLINE gcry_error_t
+gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
+{
+ return gpg_err_make (source, code);
+}
+
+/* The user can define GPG_ERR_SOURCE_DEFAULT before including this
+ file to specify a default source for gpg_error. */
+#ifndef GCRY_ERR_SOURCE_DEFAULT
+#define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
+#endif
+
+static GPG_ERR_INLINE gcry_error_t
+gcry_error (gcry_err_code_t code)
+{
+ return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
+}
+
+static GPG_ERR_INLINE gcry_err_code_t
+gcry_err_code (gcry_error_t err)
+{
+ return gpg_err_code (err);
+}
+
+
+static GPG_ERR_INLINE gcry_err_source_t
+gcry_err_source (gcry_error_t err)
+{
+ return gpg_err_source (err);
+}
+
+/* Return a pointer to a string containing a description of the error
+ code in the error value ERR. */
+const char *gcry_strerror (gcry_error_t err);
+
+/* Return a pointer to a string containing a description of the error
+ source in the error value ERR. */
+const char *gcry_strsource (gcry_error_t err);
+
+/* Retrieve the error code for the system error ERR. This returns
+ GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
+ this). */
+gcry_err_code_t gcry_err_code_from_errno (int err);
+
+/* Retrieve the system error for the error code CODE. This returns 0
+ if CODE is not a system error code. */
+int gcry_err_code_to_errno (gcry_err_code_t code);
+
+/* Return an error value with the error source SOURCE and the system
+ error ERR. */
+gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
+
+/* Return an error value with the system error ERR. */
+gcry_err_code_t gcry_error_from_errno (int err);
+
+
+/* This enum is deprecated; it is only declared for the sake of
+ complete API compatibility. */
+enum gcry_thread_option
+ {
+ _GCRY_THREAD_OPTION_DUMMY
+ } _GCRY_GCC_ATTR_DEPRECATED;
+
+
+/* Constants defining the thread model to use. Used with the OPTION
+ field of the struct gcry_thread_cbs. */
+#define GCRY_THREAD_OPTION_DEFAULT 0
+#define GCRY_THREAD_OPTION_USER 1
+#define GCRY_THREAD_OPTION_PTH 2
+#define GCRY_THREAD_OPTION_PTHREAD 3
+
+/* The version number encoded in the OPTION field of the struct
+ gcry_thread_cbs. */
+#define GCRY_THREAD_OPTION_VERSION 0
+
+/* Wrapper for struct ath_ops. */
+struct gcry_thread_cbs
+{
+ /* The OPTION field encodes the thread model and the version number
+ of this structure.
+ Bits 7 - 0 are used for the thread model
+ Bits 15 - 8 are used for the version number.
+ */
+ unsigned int option;
+
+ int (*init) (void);
+ int (*mutex_init) (void **priv);
+ int (*mutex_destroy) (void **priv);
+ int (*mutex_lock) (void **priv);
+ int (*mutex_unlock) (void **priv);
+ ssize_t (*read) (int fd, void *buf, size_t nbytes);
+ ssize_t (*write) (int fd, const void *buf, size_t nbytes);
+#ifdef _WIN32
+ ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
+ struct timeval *timeout);
+ ssize_t (*waitpid) (pid_t pid, int *status, int options);
+ int (*accept) (int s, void *addr, int *length_ptr);
+ int (*connect) (int s, void *addr, gcry_socklen_t length);
+ int (*sendmsg) (int s, const void *msg, int flags);
+ int (*recvmsg) (int s, void *msg, int flags);
+#else
+ ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
+ struct timeval *timeout);
+ ssize_t (*waitpid) (pid_t pid, int *status, int options);
+ int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
+ int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
+ int (*sendmsg) (int s, const struct msghdr *msg, int flags);
+ int (*recvmsg) (int s, struct msghdr *msg, int flags);
+#endif
+};
+
+#ifdef _WIN32
+# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
+static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
+ void *eset, struct timeval *timeout) \
+ { return pth_select (nfd, rset, wset, eset, timeout); } \
+static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
+ { return pth_waitpid (pid, status, options); } \
+static int gcry_pth_accept (int s, void *addr, \
+ gcry_socklen_t *length_ptr) \
+ { return pth_accept (s, addr, length_ptr); } \
+static int gcry_pth_connect (int s, void *addr, \
+ gcry_socklen_t length) \
+ { return pth_connect (s, addr, length); }
+#else /*!_WIN32*/
+# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
+static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
+ fd_set *eset, struct timeval *timeout) \
+ { return pth_select (nfd, rset, wset, eset, timeout); } \
+static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
+ { return pth_waitpid (pid, status, options); } \
+static int gcry_pth_accept (int s, struct sockaddr *addr, \
+ gcry_socklen_t *length_ptr) \
+ { return pth_accept (s, addr, length_ptr); } \
+static int gcry_pth_connect (int s, struct sockaddr *addr, \
+ gcry_socklen_t length) \
+ { return pth_connect (s, addr, length); }
+#endif /*!_WIN32*/
+
+
+
+#define GCRY_THREAD_OPTION_PTH_IMPL \
+static int gcry_pth_init (void) \
+{ return (pth_init () == FALSE) ? errno : 0; } \
+static int gcry_pth_mutex_init (void **priv) \
+{ \
+ int err = 0; \
+ pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
+ \
+ if (!lock) \
+ err = ENOMEM; \
+ if (!err) \
+ { \
+ err = pth_mutex_init (lock); \
+ if (err == FALSE) \
+ err = errno; \
+ else \
+ err = 0; \
+ if (err) \
+ free (lock); \
+ else \
+ *priv = lock; \
+ } \
+ return err; \
+} \
+static int gcry_pth_mutex_destroy (void **lock) \
+ { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
+static int gcry_pth_mutex_lock (void **lock) \
+ { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
+ ? errno : 0; } \
+static int gcry_pth_mutex_unlock (void **lock) \
+ { return ((pth_mutex_release (*lock)) == FALSE) \
+ ? errno : 0; } \
+static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
+ { return pth_read (fd, buf, nbytes); } \
+static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
+ { return pth_write (fd, buf, nbytes); } \
+_GCRY_THREAD_OPTION_PTH_IMPL_NET \
+ \
+/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
+static struct gcry_thread_cbs gcry_threads_pth = { \
+ (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
+ gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \
+ gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \
+ gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \
+ NULL, NULL }
+
+
+#define GCRY_THREAD_OPTION_PTHREAD_IMPL \
+static int gcry_pthread_mutex_init (void **priv) \
+{ \
+ int err = 0; \
+ pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
+ \
+ if (!lock) \
+ err = ENOMEM; \
+ if (!err) \
+ { \
+ err = pthread_mutex_init (lock, NULL); \
+ if (err) \
+ free (lock); \
+ else \
+ *priv = lock; \
+ } \
+ return err; \
+} \
+static int gcry_pthread_mutex_destroy (void **lock) \
+ { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
+ free (*lock); return err; } \
+static int gcry_pthread_mutex_lock (void **lock) \
+ { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
+static int gcry_pthread_mutex_unlock (void **lock) \
+ { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
+ \
+static struct gcry_thread_cbs gcry_threads_pthread = { \
+ (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
+ NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
+ gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
+
+
+/* The data object used to hold a multi precision integer. */
+struct gcry_mpi;
+typedef struct gcry_mpi *gcry_mpi_t;
+
+#ifndef GCRYPT_NO_DEPRECATED
+typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
+#endif
+
+
+
+/* Check that the library fulfills the version requirement. */
+const char *gcry_check_version (const char *req_version);
+
+/* Codes for function dispatchers. */
+
+/* Codes used with the gcry_control function. */
+enum gcry_ctl_cmds
+ {
+ GCRYCTL_SET_KEY = 1,
+ GCRYCTL_SET_IV = 2,
+ GCRYCTL_CFB_SYNC = 3,
+ GCRYCTL_RESET = 4, /* e.g. for MDs */
+ GCRYCTL_FINALIZE = 5,
+ GCRYCTL_GET_KEYLEN = 6,
+ GCRYCTL_GET_BLKLEN = 7,
+ GCRYCTL_TEST_ALGO = 8,
+ GCRYCTL_IS_SECURE = 9,
+ GCRYCTL_GET_ASNOID = 10,
+ GCRYCTL_ENABLE_ALGO = 11,
+ GCRYCTL_DISABLE_ALGO = 12,
+ GCRYCTL_DUMP_RANDOM_STATS = 13,
+ GCRYCTL_DUMP_SECMEM_STATS = 14,
+ GCRYCTL_GET_ALGO_NPKEY = 15,
+ GCRYCTL_GET_ALGO_NSKEY = 16,
+ GCRYCTL_GET_ALGO_NSIGN = 17,
+ GCRYCTL_GET_ALGO_NENCR = 18,
+ GCRYCTL_SET_VERBOSITY = 19,
+ GCRYCTL_SET_DEBUG_FLAGS = 20,
+ GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
+ GCRYCTL_USE_SECURE_RNDPOOL= 22,
+ GCRYCTL_DUMP_MEMORY_STATS = 23,
+ GCRYCTL_INIT_SECMEM = 24,
+ GCRYCTL_TERM_SECMEM = 25,
+ GCRYCTL_DISABLE_SECMEM_WARN = 27,
+ GCRYCTL_SUSPEND_SECMEM_WARN = 28,
+ GCRYCTL_RESUME_SECMEM_WARN = 29,
+ GCRYCTL_DROP_PRIVS = 30,
+ GCRYCTL_ENABLE_M_GUARD = 31,
+ GCRYCTL_START_DUMP = 32,
+ GCRYCTL_STOP_DUMP = 33,
+ GCRYCTL_GET_ALGO_USAGE = 34,
+ GCRYCTL_IS_ALGO_ENABLED = 35,
+ GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
+ GCRYCTL_DISABLE_SECMEM = 37,
+ GCRYCTL_INITIALIZATION_FINISHED = 38,
+ GCRYCTL_INITIALIZATION_FINISHED_P = 39,
+ GCRYCTL_ANY_INITIALIZATION_P = 40,
+ GCRYCTL_SET_CBC_CTS = 41,
+ GCRYCTL_SET_CBC_MAC = 42,
+ GCRYCTL_SET_CTR = 43,
+ GCRYCTL_ENABLE_QUICK_RANDOM = 44,
+ GCRYCTL_SET_RANDOM_SEED_FILE = 45,
+ GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
+ GCRYCTL_SET_THREAD_CBS = 47,
+ GCRYCTL_FAST_POLL = 48,
+ GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
+ GCRYCTL_USE_RANDOM_DAEMON = 50,
+ GCRYCTL_FAKED_RANDOM_P = 51,
+ GCRYCTL_SET_RNDEGD_SOCKET = 52,
+ GCRYCTL_PRINT_CONFIG = 53,
+ GCRYCTL_OPERATIONAL_P = 54,
+ GCRYCTL_FIPS_MODE_P = 55,
+ GCRYCTL_FORCE_FIPS_MODE = 56,
+ GCRYCTL_SELFTEST = 57
+ /* Note: 58 .. 62 are used internally. */
+ };
+
+/* Perform various operations defined by CMD. */
+gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
+
+
+/* S-expression management. */
+
+/* The object to represent an S-expression as used with the public key
+ functions. */
+struct gcry_sexp;
+typedef struct gcry_sexp *gcry_sexp_t;
+
+#ifndef GCRYPT_NO_DEPRECATED
+typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
+#endif
+
+/* The possible values for the S-expression format. */
+enum gcry_sexp_format
+ {
+ GCRYSEXP_FMT_DEFAULT = 0,
+ GCRYSEXP_FMT_CANON = 1,
+ GCRYSEXP_FMT_BASE64 = 2,
+ GCRYSEXP_FMT_ADVANCED = 3
+ };
+
+/* Create an new S-expression object from BUFFER of size LENGTH and
+ return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
+ is expected to be in canonized format. */
+gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
+ const void *buffer, size_t length,
+ int autodetect);
+
+ /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
+ effect to transfer ownership of BUFFER to the created object. */
+gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
+ void *buffer, size_t length,
+ int autodetect, void (*freefnc) (void *));
+
+/* Scan BUFFER and return a new S-expression object in RETSEXP. This
+ function expects a printf like string in BUFFER. */
+gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length);
+
+/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
+ only be used for certain encodings. */
+gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, ...);
+
+/* Like gcry_sexp_build, but uses an array instead of variable
+ function arguments. */
+gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, void **arg_list);
+
+/* Release the S-expression object SEXP */
+void gcry_sexp_release (gcry_sexp_t sexp);
+
+/* Calculate the length of an canonized S-expresion in BUFFER and
+ check for a valid encoding. */
+size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
+ size_t *erroff, gcry_error_t *errcode);
+
+/* Copies the S-expression object SEXP into BUFFER using the format
+ specified in MODE. */
+size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
+ size_t maxlength);
+
+/* Dumps the S-expression object A in a format suitable for debugging
+ to Libgcrypt's logging stream. */
+void gcry_sexp_dump (const gcry_sexp_t a);
+
+gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
+gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
+gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
+gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
+gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
+
+/* Scan the S-expression for a sublist with a type (the car of the
+ list) matching the string TOKEN. If TOKLEN is not 0, the token is
+ assumed to be raw memory of this length. The function returns a
+ newly allocated S-expression consisting of the found sublist or
+ `NULL' when not found. */
+gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
+ const char *tok, size_t toklen);
+/* Return the length of the LIST. For a valid S-expression this
+ should be at least 1. */
+int gcry_sexp_length (const gcry_sexp_t list);
+
+/* Create and return a new S-expression from the element with index
+ NUMBER in LIST. Note that the first element has the index 0. If
+ there is no such element, `NULL' is returned. */
+gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
+
+/* Create and return a new S-expression from the first element in
+ LIST; this called the "type" and should always exist and be a
+ string. `NULL' is returned in case of a problem. */
+gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
+
+/* Create and return a new list form all elements except for the first
+ one. Note, that this function may return an invalid S-expression
+ because it is not guaranteed, that the type exists and is a string.
+ However, for parsing a complex S-expression it might be useful for
+ intermediate lists. Returns `NULL' on error. */
+gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
+
+gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
+
+
+/* This function is used to get data from a LIST. A pointer to the
+ actual data with index NUMBER is returned and the length of this
+ data will be stored to DATALEN. If there is no data at the given
+ index or the index represents another list, `NULL' is returned.
+ *Note:* The returned pointer is valid as long as LIST is not
+ modified or released. */
+const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
+ size_t *datalen);
+
+/* This function is used to get and convert data from a LIST. The
+ data is assumed to be a Nul terminated string. The caller must
+ release the returned value using `gcry_free'. If there is no data
+ at the given index, the index represents a list or the value can't
+ be converted to a string, `NULL' is returned. */
+char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
+
+/* This function is used to get and convert data from a LIST. This
+ data is assumed to be an MPI stored in the format described by
+ MPIFMT and returned as a standard Libgcrypt MPI. The caller must
+ release this returned value using `gcry_mpi_release'. If there is
+ no data at the given index, the index represents a list or the
+ value can't be converted to an MPI, `NULL' is returned. */
+gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
+
+
+
+/*******************************************
+ * *
+ * Multi Precision Integer Functions *
+ * *
+ *******************************************/
+
+/* Different formats of external big integer representation. */
+enum gcry_mpi_format
+ {
+ GCRYMPI_FMT_NONE= 0,
+ GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
+ GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
+ GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
+ GCRYMPI_FMT_HEX = 4, /* Hex format. */
+ GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
+ };
+
+/* Flags used for creating big integers. */
+enum gcry_mpi_flag
+ {
+ GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
+ GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
+ a way to store some bytes. This is
+ useful for encrypted big integers. */
+ };
+
+
+/* Allocate a new big integer object, initialize it with 0 and
+ initially allocate memory for a number of at least NBITS. */
+gcry_mpi_t gcry_mpi_new (unsigned int nbits);
+
+/* Same as gcry_mpi_new() but allocate in "secure" memory. */
+gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
+
+/* Release the number A and free all associated resources. */
+void gcry_mpi_release (gcry_mpi_t a);
+
+/* Create a new number with the same value as A. */
+gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
+
+/* Store the big integer value U in W. */
+gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
+
+/* Store the unsigned integer value U in W. */
+gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
+
+/* Swap the values of A and B. */
+void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
+
+/* Compare the big integer number U and V returning 0 for equality, a
+ positive value for U > V and a negative for U < V. */
+int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
+
+/* Compare the big integer number U with the unsigned integer V
+ returning 0 for equality, a positive value for U > V and a negative
+ for U < V. */
+int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
+
+/* Convert the external representation of an integer stored in BUFFER
+ with a length of BUFLEN into a newly create MPI returned in
+ RET_MPI. If NSCANNED is not NULL, it will receive the number of
+ bytes actually scanned after a successful operation. */
+gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
+ const void *buffer, size_t buflen,
+ size_t *nscanned);
+
+/* Convert the big integer A into the external representation
+ described by FORMAT and store it in the provided BUFFER which has
+ been allocated by the user with a size of BUFLEN bytes. NWRITTEN
+ receives the actual length of the external representation unless it
+ has been passed as NULL. */
+gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
+ unsigned char *buffer, size_t buflen,
+ size_t *nwritten,
+ const gcry_mpi_t a);
+
+/* Convert the big integer A int the external representation described
+ by FORMAT and store it in a newly allocated buffer which address
+ will be put into BUFFER. NWRITTEN receives the actual lengths of the
+ external representation. */
+gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
+ unsigned char **buffer, size_t *nwritten,
+ const gcry_mpi_t a);
+
+/* Dump the value of A in a format suitable for debugging to
+ Libgcrypt's logging stream. Note that one leading space but no
+ trailing space or linefeed will be printed. It is okay to pass
+ NULL for A. */
+void gcry_mpi_dump (const gcry_mpi_t a);
+
+
+/* W = U + V. */
+void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U + V. V is an unsigned integer. */
+void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
+
+/* W = U + V mod M. */
+void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U - V. */
+void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U - V. V is an unsigned integer. */
+void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
+
+/* W = U - V mod M */
+void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U * V. */
+void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U * V. V is an unsigned integer. */
+void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
+
+/* W = U * V mod M. */
+void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U * (2 ^ CNT). */
+void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
+
+/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
+ Q or R may be passed as NULL. ROUND should be negative or 0. */
+void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
+ gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
+
+/* R = DIVIDEND % DIVISOR */
+void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
+
+/* W = B ^ E mod M. */
+void gcry_mpi_powm (gcry_mpi_t w,
+ const gcry_mpi_t b, const gcry_mpi_t e,
+ const gcry_mpi_t m);
+
+/* Set G to the greatest common divisor of A and B.
+ Return true if the G is 1. */
+int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
+
+/* Set X to the multiplicative inverse of A mod M.
+ Return true if the value exists. */
+int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
+
+
+/* Return the number of bits required to represent A. */
+unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
+
+/* Return true when bit number N (counting from 0) is set in A. */
+int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
+
+/* Set bit number N in A. */
+void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
+
+/* Clear bit number N in A. */
+void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
+
+/* Set bit number N in A and clear all bits greater than N. */
+void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
+
+/* Clear bit number N in A and all bits greater than N. */
+void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
+
+/* Shift the value of A by N bits to the right and store the result in X. */
+void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
+
+/* Shift the value of A by N bits to the left and store the result in X. */
+void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
+
+/* Store NBITS of the value P points to in A and mark A as an opaque
+ value. WARNING: Never use an opaque MPI for anything thing else then
+ gcry_mpi_release, gcry_mpi_get_opaque. */
+gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
+
+/* Return a pointer to an opaque value stored in A and return its size
+ in NBITS. Note that the returned pointer is still owned by A and
+ that the function should never be used for an non-opaque MPI. */
+void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
+
+/* Set the FLAG for the big integer A. Currently only the flag
+ GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
+ stored in "secure" memory. */
+void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Clear FLAG for the big integer A. Note that this function is
+ currently useless as no flags are allowed. */
+void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Return true when the FLAG is set for A. */
+int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
+ convenience macros for the big integer functions. */
+#ifndef GCRYPT_NO_MPI_MACROS
+#define mpi_new(n) gcry_mpi_new( (n) )
+#define mpi_secure_new( n ) gcry_mpi_snew( (n) )
+#define mpi_release(a) \
+ do \
+ { \
+ gcry_mpi_release ((a)); \
+ (a) = NULL; \
+ } \
+ while (0)
+
+#define mpi_copy( a ) gcry_mpi_copy( (a) )
+#define mpi_set( w, u) gcry_mpi_set( (w), (u) )
+#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
+#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
+#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
+
+#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
+#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
+#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
+#define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v))
+#define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v))
+#define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m))
+#define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v))
+#define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
+#define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v))
+#define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m))
+#define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) )
+#define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0)
+#define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1)
+#define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m))
+#define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
+#define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
+
+#define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
+#define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
+#define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
+#define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b))
+#define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b))
+#define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
+#define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c))
+#define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c))
+
+#define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
+#define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) )
+#endif /* GCRYPT_NO_MPI_MACROS */
+
+
+
+/************************************
+ * *
+ * Symmetric Cipher Functions *
+ * *
+ ************************************/
+
+/* The data object used to hold a handle to an encryption object. */
+struct gcry_cipher_handle;
+typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
+
+#ifndef GCRYPT_NO_DEPRECATED
+typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
+#endif
+
+/* All symmetric encryption algorithms are identified by their IDs.
+ More IDs may be registered at runtime. */
+enum gcry_cipher_algos
+ {
+ GCRY_CIPHER_NONE = 0,
+ GCRY_CIPHER_IDEA = 1,
+ GCRY_CIPHER_3DES = 2,
+ GCRY_CIPHER_CAST5 = 3,
+ GCRY_CIPHER_BLOWFISH = 4,
+ GCRY_CIPHER_SAFER_SK128 = 5,
+ GCRY_CIPHER_DES_SK = 6,
+ GCRY_CIPHER_AES = 7,
+ GCRY_CIPHER_AES192 = 8,
+ GCRY_CIPHER_AES256 = 9,
+ GCRY_CIPHER_TWOFISH = 10,
+
+ /* Other cipher numbers are above 300 for OpenPGP reasons. */
+ GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
+ GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
+ GCRY_CIPHER_TWOFISH128 = 303,
+ GCRY_CIPHER_SERPENT128 = 304,
+ GCRY_CIPHER_SERPENT192 = 305,
+ GCRY_CIPHER_SERPENT256 = 306,
+ GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
+ GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
+ GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
+ GCRY_CIPHER_CAMELLIA128 = 310,
+ GCRY_CIPHER_CAMELLIA192 = 311,
+ GCRY_CIPHER_CAMELLIA256 = 312
+ };
+
+/* The Rijndael algorithm is basically AES, so provide some macros. */
+#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
+#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
+#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
+#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
+#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
+
+/* The supported encryption modes. Note that not all of them are
+ supported for each algorithm. */
+enum gcry_cipher_modes
+ {
+ GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
+ GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
+ GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
+ GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
+ GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
+ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
+ GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
+ GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
+ };
+
+/* Flags used with the open function. */
+enum gcry_cipher_flags
+ {
+ GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
+ GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
+ GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
+ GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
+ };
+
+
+/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
+ be given as an bitwise OR of the gcry_cipher_flags values. */
+gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
+ int algo, int mode, unsigned int flags);
+
+/* Close the cioher handle H and release all resource. */
+void gcry_cipher_close (gcry_cipher_hd_t h);
+
+/* Perform various operations on the cipher object H. */
+gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
+ size_t buflen);
+
+/* Retrieve various information about the cipher object H. */
+gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
+ size_t *nbytes);
+
+/* Retrieve various information about the cipher algorithm ALGO. */
+gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
+ size_t *nbytes);
+
+/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
+ string representation of the algorithm name. For unknown algorithm
+ IDs this function returns "?". */
+const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if
+ the algorithm name is not known. */
+int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
+
+/* Given an ASN.1 object identifier in standard IETF dotted decimal
+ format in STRING, return the encryption mode associated with that
+ OID or 0 if not known or applicable. */
+int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
+
+/* Encrypt the plaintext of size INLEN in IN using the cipher handle H
+ into the buffer OUT which has an allocated length of OUTSIZE. For
+ most algorithms it is possible to pass NULL for in and 0 for INLEN
+ and do a in-place decryption of the data provided in OUT. */
+gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
+ void *out, size_t outsize,
+ const void *in, size_t inlen);
+
+/* The counterpart to gcry_cipher_encrypt. */
+gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
+ void *out, size_t outsize,
+ const void *in, size_t inlen);
+
+/* Set KEY of length KEYLEN bytes for the cipher handle HD. */
+gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
+ const void *key, size_t keylen);
+
+
+/* Set initialization vector IV of length IVLEN for the cipher handle HD. */
+gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
+ const void *iv, size_t ivlen);
+
+
+/* Reset the handle to the state after open. */
+#define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
+
+/* Perform the OpenPGP sync operation if this is enabled for the
+ cipher handle H. */
+#define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0)
+
+/* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
+#define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
+ NULL, on )
+
+/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
+ block size length, or (NULL,0) to set the CTR to the all-zero block. */
+gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
+ const void *ctr, size_t ctrlen);
+
+/* Retrieved the key length in bytes used with algorithm A. */
+size_t gcry_cipher_get_algo_keylen (int algo);
+
+/* Retrieve the block length in bytes used with algorithm A. */
+size_t gcry_cipher_get_algo_blklen (int algo);
+
+/* Return 0 if the algorithm A is available for use. */
+#define gcry_cipher_test_algo(a) \
+ gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Get a list consisting of the IDs of the loaded cipher modules. If
+ LIST is zero, write the number of loaded cipher modules to
+ LIST_LENGTH and return. If LIST is non-zero, the first
+ *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+ according size. In case there are less cipher modules than
+ *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
+gcry_error_t gcry_cipher_list (int *list, int *list_length);
+
+
+/************************************
+ * *
+ * Asymmetric Cipher Functions *
+ * *
+ ************************************/
+
+/* The algorithms and their IDs we support. */
+enum gcry_pk_algos
+ {
+ GCRY_PK_RSA = 1,
+ GCRY_PK_RSA_E = 2, /* (deprecated) */
+ GCRY_PK_RSA_S = 3, /* (deprecated) */
+ GCRY_PK_ELG_E = 16,
+ GCRY_PK_DSA = 17,
+ GCRY_PK_ELG = 20,
+ GCRY_PK_ECDSA = 301,
+ GCRY_PK_ECDH = 302
+ };
+
+/* Flags describing usage capabilities of a PK algorithm. */
+#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
+#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
+#define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
+#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
+#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
+
+/* Encrypt the DATA using the public key PKEY and store the result as
+ a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
+ gcry_sexp_t data, gcry_sexp_t pkey);
+
+/* Decrypt the DATA using the private key SKEY and store the result as
+ a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
+ gcry_sexp_t data, gcry_sexp_t skey);
+
+/* Sign the DATA using the private key SKEY and store the result as
+ a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
+ gcry_sexp_t data, gcry_sexp_t skey);
+
+/* Check the signature SIGVAL on DATA using the public key PKEY. */
+gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
+ gcry_sexp_t data, gcry_sexp_t pkey);
+
+/* Check that private KEY is sane. */
+gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
+
+/* Generate a new key pair according to the parameters given in
+ S_PARMS. The new key pair is returned in as an S-expression in
+ R_KEY. */
+gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
+
+/* Catch all function for miscellaneous operations. */
+gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
+
+/* Retrieve information about the public key algorithm ALGO. */
+gcry_error_t gcry_pk_algo_info (int algo, int what,
+ void *buffer, size_t *nbytes);
+
+/* Map the public key algorithm whose ID is contained in ALGORITHM to
+ a string representation of the algorithm name. For unknown
+ algorithm IDs this functions returns "?". */
+const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm NAME to a public key algorithm Id. Return 0 if
+ the algorithm name is not known. */
+int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
+
+/* Return what is commonly referred as the key length for the given
+ public or private KEY. */
+unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
+
+/* Please note that keygrip is still experimental and should not be
+ used without contacting the author. */
+unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
+
+/* Return 0 if the public key algorithm A is available for use. */
+#define gcry_pk_test_algo(a) \
+ gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Get a list consisting of the IDs of the loaded pubkey modules. If
+ LIST is zero, write the number of loaded pubkey modules to
+ LIST_LENGTH and return. If LIST is non-zero, the first
+ *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+ according size. In case there are less pubkey modules than
+ *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
+gcry_error_t gcry_pk_list (int *list, int *list_length);
+
+
+
+/************************************
+ * *
+ * Cryptograhic Hash Functions *
+ * *
+ ************************************/
+
+/* Algorithm IDs for the hash functions we know about. Not all of them
+ are implemnted. */
+enum gcry_md_algos
+ {
+ GCRY_MD_NONE = 0,
+ GCRY_MD_MD5 = 1,
+ GCRY_MD_SHA1 = 2,
+ GCRY_MD_RMD160 = 3,
+ GCRY_MD_MD2 = 5,
+ GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */
+ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
+ GCRY_MD_SHA256 = 8,
+ GCRY_MD_SHA384 = 9,
+ GCRY_MD_SHA512 = 10,
+ GCRY_MD_SHA224 = 11,
+ GCRY_MD_MD4 = 301,
+ GCRY_MD_CRC32 = 302,
+ GCRY_MD_CRC32_RFC1510 = 303,
+ GCRY_MD_CRC24_RFC2440 = 304,
+ GCRY_MD_WHIRLPOOL = 305,
+ GCRY_MD_TIGER1 = 306, /* TIGER fixed. */
+ GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
+ };
+
+/* Flags used with the open function. */
+enum gcry_md_flags
+ {
+ GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
+ GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
+ };
+
+/* (Forward declaration.) */
+struct gcry_md_context;
+
+/* This object is used to hold a handle to a message digest object.
+ This structure is private - only to be used by the public gcry_md_*
+ macros. */
+typedef struct gcry_md_handle
+{
+ /* Actual context. */
+ struct gcry_md_context *ctx;
+
+ /* Buffer management. */
+ int bufpos;
+ int bufsize;
+ unsigned char buf[1];
+} *gcry_md_hd_t;
+
+/* Compatibility types, do not use them. */
+#ifndef GCRYPT_NO_DEPRECATED
+typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
+#endif
+
+/* Create a message digest object for algorithm ALGO. FLAGS may be
+ given as an bitwise OR of the gcry_md_flags values. ALGO may be
+ given as 0 if the algorithms to be used are later set using
+ gcry_md_enable. */
+gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
+
+/* Release the message digest object HD. */
+void gcry_md_close (gcry_md_hd_t hd);
+
+/* Add the message digest algorithm ALGO to the digest object HD. */
+gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
+
+/* Create a new digest object as an exact copy of the object HD. */
+gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
+
+/* Reset the digest object HD to its initial state. */
+void gcry_md_reset (gcry_md_hd_t hd);
+
+/* Perform various operations on the digest object HD. */
+gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
+ void *buffer, size_t buflen);
+
+/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
+ it can update the digest values. This is the actual hash
+ function. */
+void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
+
+/* Read out the final digest from HD return the digest value for
+ algorithm ALGO. */
+unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
+
+/* Convenience function to calculate the hash from the data in BUFFER
+ of size LENGTH using the algorithm ALGO avoiding the creating of a
+ hash object. The hash is returned in the caller provided buffer
+ DIGEST which must be large enough to hold the digest of the given
+ algorithm. */
+void gcry_md_hash_buffer (int algo, void *digest,
+ const void *buffer, size_t length);
+
+/* Retrieve the algorithm used with HD. This does not work reliable
+ if more than one algorithm is enabled in HD. */
+int gcry_md_get_algo (gcry_md_hd_t hd);
+
+/* Retrieve the length in bytes of the digest yielded by algorithm
+ ALGO. */
+unsigned int gcry_md_get_algo_dlen (int algo);
+
+/* Return true if the the algorithm ALGO is enabled in the digest
+ object A. */
+int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
+
+/* Return true if the digest object A is allocated in "secure" memory. */
+int gcry_md_is_secure (gcry_md_hd_t a);
+
+/* Retrieve various information about the object H. */
+gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
+ size_t *nbytes);
+
+/* Retrieve various information about the algorithm ALGO. */
+gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
+ size_t *nbytes);
+
+/* Map the digest algorithm id ALGO to a string representation of the
+ algorithm name. For unknown algorithms this function returns
+ "?". */
+const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm NAME to a digest algorithm Id. Return 0 if
+ the algorithm name is not known. */
+int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
+
+/* For use with the HMAC feature, the set MAC key to the KEY of
+ KEYLEN bytes. */
+gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
+
+/* Start or stop debugging for digest handle HD; i.e. create a file
+ named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL,
+ debugging stops and the file will be closed. */
+void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
+
+
+/* Update the hash(s) of H with the character C. This is a buffered
+ version of the gcry_md_write function. */
+#define gcry_md_putc(h,c) \
+ do { \
+ gcry_md_hd_t h__ = (h); \
+ if( (h__)->bufpos == (h__)->bufsize ) \
+ gcry_md_write( (h__), NULL, 0 ); \
+ (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
+ } while(0)
+
+/* Finalize the digest calculation. This is not really needed because
+ gcry_md_read() does this implicitly. */
+#define gcry_md_final(a) \
+ gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
+
+/* Return 0 if the algorithm A is available for use. */
+#define gcry_md_test_algo(a) \
+ gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
+ must point to size_t variable with the available size of buffer B.
+ After return it will receive the actual size of the returned
+ OID. */
+#define gcry_md_get_asnoid(a,b,n) \
+ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
+
+/* Enable debugging for digest object A; i.e. create files named
+ dbgmd-<n>.<string> while hashing. B is a string used as the suffix
+ for the filename. This macro is deprecated, use gcry_md_debug. */
+#ifndef GCRYPT_NO_DEPRECATED
+#define gcry_md_start_debug(a,b) \
+ gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
+
+/* Disable the debugging of A. This macro is deprecated, use
+ gcry_md_debug. */
+#define gcry_md_stop_debug(a,b) \
+ gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
+#endif
+
+/* Get a list consisting of the IDs of the loaded message digest
+ modules. If LIST is zero, write the number of loaded message
+ digest modules to LIST_LENGTH and return. If LIST is non-zero, the
+ first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
+ of according size. In case there are less message digest modules
+ than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
+ number. */
+gcry_error_t gcry_md_list (int *list, int *list_length);
+
+
+
+/* Alternative interface for asymmetric cryptography. This interface
+ is deprecated. */
+
+/* The algorithm IDs. */
+typedef enum gcry_ac_id
+ {
+ GCRY_AC_RSA = 1,
+ GCRY_AC_DSA = 17,
+ GCRY_AC_ELG = 20,
+ GCRY_AC_ELG_E = 16
+ }
+gcry_ac_id_t;
+
+/* Key types. */
+typedef enum gcry_ac_key_type
+ {
+ GCRY_AC_KEY_SECRET,
+ GCRY_AC_KEY_PUBLIC
+ }
+gcry_ac_key_type_t;
+
+/* Encoding methods. */
+typedef enum gcry_ac_em
+ {
+ GCRY_AC_EME_PKCS_V1_5,
+ GCRY_AC_EMSA_PKCS_V1_5
+ }
+gcry_ac_em_t;
+
+/* Encryption and Signature schemes. */
+typedef enum gcry_ac_scheme
+ {
+ GCRY_AC_ES_PKCS_V1_5,
+ GCRY_AC_SSA_PKCS_V1_5
+ }
+gcry_ac_scheme_t;
+
+/* AC data. */
+#define GCRY_AC_FLAG_DEALLOC (1 << 0)
+#define GCRY_AC_FLAG_COPY (1 << 1)
+#define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
+
+/* This type represents a `data set'. */
+typedef struct gcry_ac_data *gcry_ac_data_t;
+
+/* This type represents a single `key', either a secret one or a
+ public one. */
+typedef struct gcry_ac_key *gcry_ac_key_t;
+
+/* This type represents a `key pair' containing a secret and a public
+ key. */
+typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
+
+/* This type represents a `handle' that is needed by functions
+ performing cryptographic operations. */
+typedef struct gcry_ac_handle *gcry_ac_handle_t;
+
+typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
+ unsigned char *buffer,
+ size_t *buffer_n);
+
+typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
+ unsigned char *buffer,
+ size_t buffer_n);
+
+typedef enum
+ {
+ GCRY_AC_IO_READABLE,
+ GCRY_AC_IO_WRITABLE
+ }
+gcry_ac_io_mode_t;
+
+typedef enum
+ {
+ GCRY_AC_IO_STRING,
+ GCRY_AC_IO_CALLBACK
+ }
+gcry_ac_io_type_t;
+
+typedef struct gcry_ac_io
+{
+ /* This is an INTERNAL structure, do NOT use manually. */
+ gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
+ gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
+ union
+ {
+ union
+ {
+ struct
+ {
+ gcry_ac_data_read_cb_t cb;
+ void *opaque;
+ } callback;
+ struct
+ {
+ unsigned char *data;
+ size_t data_n;
+ } string;
+ void *opaque;
+ } readable;
+ union
+ {
+ struct
+ {
+ gcry_ac_data_write_cb_t cb;
+ void *opaque;
+ } callback;
+ struct
+ {
+ unsigned char **data;
+ size_t *data_n;
+ } string;
+ void *opaque;
+ } writable;
+ } io _GCRY_ATTR_INTERNAL;
+}
+gcry_ac_io_t;
+
+/* The caller of gcry_ac_key_pair_generate can provide one of these
+ structures in order to influence the key generation process in an
+ algorithm-specific way. */
+typedef struct gcry_ac_key_spec_rsa
+{
+ gcry_mpi_t e; /* E to use. */
+} gcry_ac_key_spec_rsa_t;
+
+/* Structure used for passing data to the implementation of the
+ `EME-PKCS-V1_5' encoding method. */
+typedef struct gcry_ac_eme_pkcs_v1_5
+{
+ size_t key_size;
+} gcry_ac_eme_pkcs_v1_5_t;
+
+typedef enum gcry_md_algos gcry_md_algo_t;
+
+/* Structure used for passing data to the implementation of the
+ `EMSA-PKCS-V1_5' encoding method. */
+typedef struct gcry_ac_emsa_pkcs_v1_5
+{
+ gcry_md_algo_t md;
+ size_t em_n;
+} gcry_ac_emsa_pkcs_v1_5_t;
+
+/* Structure used for passing data to the implementation of the
+ `SSA-PKCS-V1_5' signature scheme. */
+typedef struct gcry_ac_ssa_pkcs_v1_5
+{
+ gcry_md_algo_t md;
+} gcry_ac_ssa_pkcs_v1_5_t;
+
+/* Returns a new, empty data set in DATA. */
+gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
+
+/* Destroy the data set DATA. */
+void gcry_ac_data_destroy (gcry_ac_data_t data);
+
+/* Create a copy of the data set DATA and store it in DATA_CP. */
+gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
+ gcry_ac_data_t data);
+
+/* Return the number of named MPI values inside of the data set
+ DATA. */
+unsigned int gcry_ac_data_length (gcry_ac_data_t data);
+
+/* Destroy any values contained in the data set DATA. */
+void gcry_ac_data_clear (gcry_ac_data_t data);
+
+/* Add the value MPI to DATA with the label NAME. If FLAGS contains
+ GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
+ and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
+ GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
+ be deallocated when they are to be removed from the data set. */
+gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
+ const char *name, gcry_mpi_t mpi);
+
+/* Store the value labelled with NAME found in DATA in MPI. If FLAGS
+ contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
+ in the data set. MPI may be NULL. */
+gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
+ const char *name, gcry_mpi_t *mpi);
+
+/* Stores in NAME and MPI the named MPI value contained in the data
+ set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
+ store copies of the values contained in the data set. NAME or MPI
+ may be NULL. */
+gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
+ unsigned int idx,
+ const char **name, gcry_mpi_t *mpi);
+
+/* Convert the data set DATA into a new S-Expression, which is to be
+ stored in SEXP, according to the identifiers contained in
+ IDENTIFIERS. */
+gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
+ const char **identifiers);
+
+/* Create a new data set, which is to be stored in DATA_SET, from the
+ S-Expression SEXP, according to the identifiers contained in
+ IDENTIFIERS. */
+gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
+ const char **identifiers);
+
+/* Initialize AC_IO according to MODE, TYPE and the variable list of
+ arguments. The list of variable arguments to specify depends on
+ the given TYPE. */
+void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
+ gcry_ac_io_type_t type, ...);
+
+/* Initialize AC_IO according to MODE, TYPE and the variable list of
+ arguments AP. The list of variable arguments to specify depends on
+ the given TYPE. */
+void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
+ gcry_ac_io_type_t type, va_list ap);
+
+/* Create a new ac handle. */
+gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
+ gcry_ac_id_t algorithm, unsigned int flags);
+
+/* Destroy an ac handle. */
+void gcry_ac_close (gcry_ac_handle_t handle);
+
+/* Initialize a key from a given data set. */
+gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
+ gcry_ac_key_type_t type, gcry_ac_data_t data);
+
+/* Generates a new key pair via the handle HANDLE of NBITS bits and
+ stores it in KEY_PAIR. In case non-standard settings are wanted, a
+ pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
+ matching the selected algorithm, can be given as KEY_SPEC.
+ MISC_DATA is not used yet. */
+gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
+ unsigned int nbits, void *spec,
+ gcry_ac_key_pair_t *key_pair,
+ gcry_mpi_t **misc_data);
+
+/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
+gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
+ gcry_ac_key_type_t which);
+
+/* Returns the data set contained in the key KEY. */
+gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
+
+/* Verifies that the key KEY is sane via HANDLE. */
+gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
+
+/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
+gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
+ gcry_ac_key_t key, unsigned int *nbits);
+
+/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
+ HANDLE. */
+gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
+ unsigned char *key_grip);
+
+/* Destroy a key. */
+void gcry_ac_key_destroy (gcry_ac_key_t key);
+
+/* Destroy a key pair. */
+void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
+
+/* Encodes a message according to the encoding method METHOD. OPTIONS
+ must be a pointer to a method-specific structure
+ (gcry_ac_em*_t). */
+gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
+ unsigned int flags, void *options,
+ gcry_ac_io_t *io_read,
+ gcry_ac_io_t *io_write);
+
+/* Decodes a message according to the encoding method METHOD. OPTIONS
+ must be a pointer to a method-specific structure
+ (gcry_ac_em*_t). */
+gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
+ unsigned int flags, void *options,
+ gcry_ac_io_t *io_read,
+ gcry_ac_io_t *io_write);
+
+/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
+ the control of the flags FLAGS and store the resulting data set
+ into DATA_ENCRYPTED. */
+gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t data_plain,
+ gcry_ac_data_t *data_encrypted);
+
+/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
+ with the key KEY under the control of the flags FLAGS and store the
+ resulting plain text MPI value in DATA_PLAIN. */
+gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t *data_plain,
+ gcry_ac_data_t data_encrypted);
+
+/* Sign the data contained in DATA with the key KEY and store the
+ resulting signature in the data set DATA_SIGNATURE. */
+gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t *data_signature);
+
+/* Verify that the signature contained in the data set DATA_SIGNATURE
+ is indeed the result of signing the data contained in DATA with the
+ secret key belonging to the public key KEY. */
+gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t data_signature);
+
+/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
+ with the public key KEY according to SCHEME, FLAGS and OPTS. If
+ OPTS is not NULL, it has to be a pointer to a structure specific to
+ the chosen scheme (gcry_ac_es_*_t). The encrypted message is
+ written to IO_CIPHER. */
+gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
+ gcry_ac_scheme_t scheme,
+ unsigned int flags, void *opts,
+ gcry_ac_key_t key,
+ gcry_ac_io_t *io_message,
+ gcry_ac_io_t *io_cipher);
+
+/* Decrypts the cipher text readable from IO_CIPHER through HANDLE
+ with the secret key KEY according to SCHEME, @var{flags} and OPTS.
+ If OPTS is not NULL, it has to be a pointer to a structure specific
+ to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
+ written to IO_MESSAGE. */
+gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
+ gcry_ac_scheme_t scheme,
+ unsigned int flags, void *opts,
+ gcry_ac_key_t key,
+ gcry_ac_io_t *io_cipher,
+ gcry_ac_io_t *io_message);
+
+/* Signs the message readable from IO_MESSAGE through HANDLE with the
+ secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
+ NULL, it has to be a pointer to a structure specific to the chosen
+ scheme (gcry_ac_ssa_*_t). The signature is written to
+ IO_SIGNATURE. */
+gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
+ gcry_ac_scheme_t scheme,
+ unsigned int flags, void *opts,
+ gcry_ac_key_t key,
+ gcry_ac_io_t *io_message,
+ gcry_ac_io_t *io_signature);
+
+/* Verifies through HANDLE that the signature readable from
+ IO_SIGNATURE is indeed the result of signing the message readable
+ from IO_MESSAGE with the secret key belonging to the public key KEY
+ according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
+ anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
+ scheme. */
+gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
+ gcry_ac_scheme_t scheme,
+ unsigned int flags, void *opts,
+ gcry_ac_key_t key,
+ gcry_ac_io_t *io_message,
+ gcry_ac_io_t *io_signature);
+
+/* Store the textual representation of the algorithm whose id is given
+ in ALGORITHM in NAME. This function is deprecated; use
+ gcry_pk_algo_name. */
+#ifndef GCRYPT_NO_DEPRECATED
+gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
+ const char **name)
+ /* */ _GCRY_GCC_ATTR_DEPRECATED;
+/* Store the numeric ID of the algorithm whose textual representation
+ is contained in NAME in ALGORITHM. This function is deprecated;
+ use gcry_pk_map_name. */
+gcry_error_t gcry_ac_name_to_id (const char *name,
+ gcry_ac_id_t *algorithm)
+ /* */ _GCRY_GCC_ATTR_DEPRECATED;
+#endif
+
+
+/************************************
+ * *
+ * Random Generating Functions *
+ * *
+ ************************************/
+
+/* The possible values for the random quality. The rule of thumb is
+ to use STRONG for session keys and VERY_STRONG for key material.
+ WEAK is usually an alias for STRONG and should not be used anymore
+ (except with gcry_mpi_randomize); use gcry_create_nonce instead. */
+typedef enum gcry_random_level
+ {
+ GCRY_WEAK_RANDOM = 0,
+ GCRY_STRONG_RANDOM = 1,
+ GCRY_VERY_STRONG_RANDOM = 2
+ }
+gcry_random_level_t;
+
+/* Fill BUFFER with LENGTH bytes of random, using random numbers of
+ quality LEVEL. */
+void gcry_randomize (void *buffer, size_t length,
+ enum gcry_random_level level);
+
+/* Add the external random from BUFFER with LENGTH bytes into the
+ pool. QUALITY should either be -1 for unknown or in the range of 0
+ to 100 */
+gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
+ int quality);
+
+/* If random numbers are used in an application, this macro should be
+ called from time to time so that new stuff gets added to the
+ internal pool of the RNG. */
+#define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
+
+
+/* Return NBYTES of allocated random using a random numbers of quality
+ LEVEL. */
+void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
+ _GCRY_GCC_ATTR_MALLOC;
+
+/* Return NBYTES of allocated random using a random numbers of quality
+ LEVEL. The random numbers are created returned in "secure"
+ memory. */
+void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
+ _GCRY_GCC_ATTR_MALLOC;
+
+
+/* Set the big integer W to a random value of NBITS using a random
+ generator with quality LEVEL. Note that by using a level of
+ GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
+void gcry_mpi_randomize (gcry_mpi_t w,
+ unsigned int nbits, enum gcry_random_level level);
+
+
+/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
+void gcry_create_nonce (void *buffer, size_t length);
+
+
+
+
+
+/*******************************/
+/* */
+/* Prime Number Functions */
+/* */
+/*******************************/
+
+/* Mode values passed to a gcry_prime_check_func_t. */
+#define GCRY_PRIME_CHECK_AT_FINISH 0
+#define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
+#define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
+
+/* The function should return 1 if the operation shall continue, 0 to
+ reject the prime candidate. */
+typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
+ gcry_mpi_t candidate);
+
+/* Flags for gcry_prime_generate(): */
+
+/* Allocate prime numbers and factors in secure memory. */
+#define GCRY_PRIME_FLAG_SECRET (1 << 0)
+
+/* Make sure that at least one prime factor is of size
+ `FACTOR_BITS'. */
+#define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
+
+/* Generate a new prime number of PRIME_BITS bits and store it in
+ PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
+ (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
+ non-zero, allocate a new, NULL-terminated array holding the prime
+ factors and store it in FACTORS. FLAGS might be used to influence
+ the prime number generation process. */
+gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
+ unsigned int prime_bits,
+ unsigned int factor_bits,
+ gcry_mpi_t **factors,
+ gcry_prime_check_func_t cb_func,
+ void *cb_arg,
+ gcry_random_level_t random_level,
+ unsigned int flags);
+
+/* Find a generator for PRIME where the factorization of (prime-1) is
+ in the NULL terminated array FACTORS. Return the generator as a
+ newly allocated MPI in R_G. If START_G is not NULL, use this as
+ teh start for the search. */
+gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
+ gcry_mpi_t prime,
+ gcry_mpi_t *factors,
+ gcry_mpi_t start_g);
+
+
+/* Convenience function to release the FACTORS array. */
+void gcry_prime_release_factors (gcry_mpi_t *factors);
+
+
+/* Check wether the number X is prime. */
+gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
+
+
+
+/************************************
+ * *
+ * Miscellaneous Stuff *
+ * *
+ ************************************/
+
+/* Log levels used by the internal logging facility. */
+enum gcry_log_levels
+ {
+ GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
+ GCRY_LOG_INFO = 10,
+ GCRY_LOG_WARN = 20,
+ GCRY_LOG_ERROR = 30,
+ GCRY_LOG_FATAL = 40,
+ GCRY_LOG_BUG = 50,
+ GCRY_LOG_DEBUG = 100
+ };
+
+/* Type for progress handlers. */
+typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
+
+/* Type for memory allocation handlers. */
+typedef void *(*gcry_handler_alloc_t) (size_t n);
+
+/* Type for secure memory check handlers. */
+typedef int (*gcry_handler_secure_check_t) (const void *);
+
+/* Type for memory reallocation handlers. */
+typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
+
+/* Type for memory free handlers. */
+typedef void (*gcry_handler_free_t) (void *);
+
+/* Type for out-of-memory handlers. */
+typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
+
+/* Type for fatal error handlers. */
+typedef void (*gcry_handler_error_t) (void *, int, const char *);
+
+/* Type for logging handlers. */
+typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
+
+/* Certain operations can provide progress information. This function
+ is used to register a handler for retrieving these information. */
+void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
+
+
+/* Register a custom memory allocation functions. */
+void gcry_set_allocation_handler (
+ gcry_handler_alloc_t func_alloc,
+ gcry_handler_alloc_t func_alloc_secure,
+ gcry_handler_secure_check_t func_secure_check,
+ gcry_handler_realloc_t func_realloc,
+ gcry_handler_free_t func_free);
+
+/* Register a function used instead of the internal out of memory
+ handler. */
+void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
+
+/* Register a function used instead of the internal fatal error
+ handler. */
+void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
+
+/* Register a function used instead of the internal logging
+ facility. */
+void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
+
+/* Reserved for future use. */
+void gcry_set_gettext_handler (const char *(*f)(const char*));
+
+/* Libgcrypt uses its own memory allocation. It is important to use
+ gcry_free () to release memory allocated by libgcrypt. */
+void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_realloc (void *a, size_t n);
+char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xrealloc (void *a, size_t n);
+char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
+void gcry_free (void *a);
+
+/* Return true if A is allocated in "secure" memory. */
+int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
+
+/* Return true if Libgcrypt is in FIPS mode. */
+#define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
+
+
+/* Include support for Libgcrypt modules. */
+#include <gcrypt-module.h>
+
+#if 0 /* (Keep Emacsens' auto-indent happy.) */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif /* _GCRYPT_H */
+/*
+@emacs_local_vars_begin@
+@emacs_local_vars_read_only@
+@emacs_local_vars_end@
+*/
diff --git a/libgcrypt-1.4.6/src/misc.c b/libgcrypt-1.4.6/src/misc.c
index fcad8d4..a20163c 100644
--- a/libgcrypt-1.4.6/src/misc.c
+++ b/libgcrypt-1.4.6/src/misc.c
@@ -64,7 +64,7 @@ gcry_set_fatalerror_handler( void (*fnc)(void*,int, const char*), void *value)
static void
write2stderr( const char *s )
{
- write( 2, s, strlen(s) );
+ _write( 2, s, strlen(s) );
}
/*
diff --git a/libgcrypt-1.4.6/src/sexp.c b/libgcrypt-1.4.6/src/sexp.c
index 99d0141..e11f86e 100644
--- a/libgcrypt-1.4.6/src/sexp.c
+++ b/libgcrypt-1.4.6/src/sexp.c
@@ -1,1974 +1,1976 @@
-/* sexp.c - S-Expression handling
- * Copyright (C) 1999, 2000, 2001, 2002, 2003,
- * 2004, 2006, 2007, 2008 Free Software Foundation, Inc.
- *
- * This file is part of Libgcrypt.
- *
- * Libgcrypt is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser general Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * Libgcrypt is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <ctype.h>
-#include <errno.h>
-
-#define GCRYPT_NO_MPI_MACROS 1
-#include "g10lib.h"
-#include "memory.h"
-
-typedef struct gcry_sexp *NODE;
-typedef unsigned short DATALEN;
-
-struct gcry_sexp
-{
- byte d[1];
-};
-
-#define ST_STOP 0
-#define ST_DATA 1 /* datalen follows */
-#define ST_HINT 2 /* datalen follows */
-#define ST_OPEN 3
-#define ST_CLOSE 4
-
-/* the atoi macros assume that the buffer has only valid digits */
-#define atoi_1(p) (*(p) - '0' )
-#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
- *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
-#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
-
-#define TOKEN_SPECIALS "-./_:*+="
-
-static gcry_error_t
-sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- va_list arg_ptr, void **arg_list);
-
-/* Return true if P points to a byte containing a whitespace according
- to the S-expressions definition. */
-#undef whitespacep
-static GPG_ERR_INLINE int
-whitespacep (const char *p)
-{
- switch (*p)
- {
- case ' ': case '\t': case '\v': case '\f': case '\r': case '\n': return 1;
- default: return 0;
- }
-}
-
-
-#if 0
-static void
-dump_mpi( gcry_mpi_t a )
-{
- char buffer[1000];
- size_t n = 1000;
-
- if( !a )
- fputs("[no MPI]", stderr );
- else if( gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &n, a ) )
- fputs("[MPI too large to print]", stderr );
- else
- fputs( buffer, stderr );
-}
-#endif
-
-static void
-dump_string (const byte *p, size_t n, int delim )
-{
- for (; n; n--, p++ )
- {
- if ((*p & 0x80) || iscntrl( *p ) || *p == delim )
- {
- if( *p == '\n' )
- log_printf ("\\n");
- else if( *p == '\r' )
- log_printf ("\\r");
- else if( *p == '\f' )
- log_printf ("\\f");
- else if( *p == '\v' )
- log_printf ("\\v");
- else if( *p == '\b' )
- log_printf ("\\b");
- else if( !*p )
- log_printf ("\\0");
- else
- log_printf ("\\x%02x", *p );
- }
- else
- log_printf ("%c", *p);
- }
-}
-
-
-void
-gcry_sexp_dump (const gcry_sexp_t a)
-{
- const byte *p;
- int indent = 0;
- int type;
-
- if (!a)
- {
- log_printf ( "[nil]\n");
- return;
- }
-
- p = a->d;
- while ( (type = *p) != ST_STOP )
- {
- p++;
- switch ( type )
- {
- case ST_OPEN:
- log_printf ("%*s[open]\n", 2*indent, "");
- indent++;
- break;
- case ST_CLOSE:
- if( indent )
- indent--;
- log_printf ("%*s[close]\n", 2*indent, "");
- break;
- case ST_DATA: {
- DATALEN n;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- log_printf ("%*s[data=\"", 2*indent, "" );
- dump_string (p, n, '\"' );
- log_printf ("\"]\n");
- p += n;
- }
- break;
- default:
- log_printf ("%*s[unknown tag %d]\n", 2*indent, "", type);
- break;
- }
- }
-}
-
-/****************
- * Pass list through except when it is an empty list - in that case
- * return NULL and release the passed list.
- */
-static gcry_sexp_t
-normalize ( gcry_sexp_t list )
-{
- unsigned char *p;
-
- if ( !list )
- return NULL;
- p = list->d;
- if ( *p == ST_STOP )
- {
- /* this is "" */
- gcry_sexp_release ( list );
- return NULL;
- }
- if ( *p == ST_OPEN && p[1] == ST_CLOSE )
- {
- /* this is "()" */
- gcry_sexp_release ( list );
- return NULL;
- }
-
- return list;
-}
-#pragma runtime_checks("su", off)
-/* Create a new S-expression object by reading LENGTH bytes from
- BUFFER, assuming it is canonical encoded or autodetected encoding
- when AUTODETECT is set to 1. With FREEFNC not NULL, ownership of
- the buffer is transferred to the newly created object. FREEFNC
- should be the freefnc used to release BUFFER; there is no guarantee
- at which point this function is called; most likey you want to use
- free() or gcry_free().
-
- Passing LENGTH and AUTODETECT as 0 is allowed to indicate that
- BUFFER points to a valid canonical encoded S-expression. A LENGTH
- of 0 and AUTODETECT 1 indicates that buffer points to a
- null-terminated string.
-
- This function returns 0 and and the pointer to the new object in
- RETSEXP or an error code in which case RETSEXP is set to NULL. */
-gcry_error_t
-gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length,
- int autodetect, void (*freefnc)(void*) )
-{
- gcry_error_t errcode;
- gcry_sexp_t se;
- volatile va_list dummy_arg_ptr;
-
- if (!retsexp)
- return gcry_error (GPG_ERR_INV_ARG);
- *retsexp = NULL;
- if (autodetect < 0 || autodetect > 1 || !buffer)
- return gcry_error (GPG_ERR_INV_ARG);
-
- if (!length && !autodetect)
- { /* What a brave caller to assume that there is really a canonical
- encoded S-expression in buffer */
- length = gcry_sexp_canon_len (buffer, 0, NULL, &errcode);
- if (!length)
- return errcode;
- }
- else if (!length && autodetect)
- { /* buffer is a string */
- length = strlen ((char *)buffer);
- }
-
- errcode = sexp_sscan (&se, NULL, buffer, length, 0, dummy_arg_ptr, NULL);
- if (errcode)
- return errcode;
-
- *retsexp = se;
- if (freefnc)
- {
- /* For now we release the buffer immediately. As soon as we
- have changed the internal represenation of S-expression to
- the canoncial format - which has the advantage of faster
- parsing - we will use this function as a closure in our
- GCRYSEXP object and use the BUFFER directly. */
- freefnc (buffer);
- }
- return gcry_error (GPG_ERR_NO_ERROR);
-}
-
-/* Same as gcry_sexp_create but don't transfer ownership */
-gcry_error_t
-gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length,
- int autodetect)
-{
- return gcry_sexp_create (retsexp, (void *)buffer, length, autodetect, NULL);
-}
-
-
-/****************
- * Release resource of the given SEXP object.
- */
-void
-gcry_sexp_release( gcry_sexp_t sexp )
-{
- if (sexp)
- {
- if (gcry_is_secure (sexp))
- {
- /* Extra paranoid wiping. */
- const byte *p = sexp->d;
- int type;
-
- while ( (type = *p) != ST_STOP )
- {
- p++;
- switch ( type )
- {
- case ST_OPEN:
- break;
- case ST_CLOSE:
- break;
- case ST_DATA:
- {
- DATALEN n;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- p += n;
- }
- break;
- default:
- break;
- }
- }
- wipememory (sexp->d, p - sexp->d);
- }
- gcry_free ( sexp );
- }
-}
-
-
-/****************
- * Make a pair from lists a and b, don't use a or b later on.
- * Special behaviour: If one is a single element list we put the
- * element straight into the new pair.
- */
-gcry_sexp_t
-gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b )
-{
- (void)a;
- (void)b;
-
- /* NYI: Implementation should be quite easy with our new data
- representation */
- BUG ();
- return NULL;
-}
-
-
-/****************
- * Make a list from all items in the array the end of the array is marked
- * with a NULL.
- */
-gcry_sexp_t
-gcry_sexp_alist( const gcry_sexp_t *array )
-{
- (void)array;
-
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-/****************
- * Make a list from all items, the end of list is indicated by a NULL
- */
-gcry_sexp_t
-gcry_sexp_vlist( const gcry_sexp_t a, ... )
-{
- (void)a;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-
-/****************
- * Append n to the list a
- * Returns: a new ist (which maybe a)
- */
-gcry_sexp_t
-gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n )
-{
- (void)a;
- (void)n;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-gcry_sexp_t
-gcry_sexp_prepend( const gcry_sexp_t a, const gcry_sexp_t n )
-{
- (void)a;
- (void)n;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-
-
-/****************
- * Locate token in a list. The token must be the car of a sublist.
- * Returns: A new list with this sublist or NULL if not found.
- */
-gcry_sexp_t
-gcry_sexp_find_token( const gcry_sexp_t list, const char *tok, size_t toklen )
-{
- const byte *p;
- DATALEN n;
-
- if ( !list )
- return NULL;
-
- if ( !toklen )
- toklen = strlen(tok);
-
- p = list->d;
- while ( *p != ST_STOP )
- {
- if ( *p == ST_OPEN && p[1] == ST_DATA )
- {
- const byte *head = p;
-
- p += 2;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- if ( n == toklen && !memcmp( p, tok, toklen ) )
- { /* found it */
- gcry_sexp_t newlist;
- byte *d;
- int level = 1;
-
- /* Look for the end of the list. */
- for ( p += n; level; p++ )
- {
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--; /* Compensate for later increment. */
- }
- else if ( *p == ST_OPEN )
- {
- level++;
- }
- else if ( *p == ST_CLOSE )
- {
- level--;
- }
- else if ( *p == ST_STOP )
- {
- BUG ();
- }
- }
- n = p - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n );
- if (!newlist)
- {
- /* No way to return an error code, so we can only
- return Not Found. */
- return NULL;
- }
- d = newlist->d;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_STOP;
- return normalize ( newlist );
- }
- p += n;
- }
- else if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n ); p += sizeof n;
- p += n;
- }
- else
- p++;
- }
- return NULL;
-}
-
-/****************
- * Return the length of the given list
- */
-int
-gcry_sexp_length( const gcry_sexp_t list )
-{
- const byte *p;
- DATALEN n;
- int type;
- int length = 0;
- int level = 0;
-
- if ( !list )
- return 0;
-
- p = list->d;
- while ( (type=*p) != ST_STOP ) {
- p++;
- if ( type == ST_DATA ) {
- memcpy ( &n, p, sizeof n );
- p += sizeof n + n;
- if ( level == 1 )
- length++;
- }
- else if ( type == ST_OPEN ) {
- if ( level == 1 )
- length++;
- level++;
- }
- else if ( type == ST_CLOSE ) {
- level--;
- }
- }
- return length;
-}
-
-
-/* Return the internal lengths offset of LIST. That is the size of
- the buffer from the first ST_OPEN, which is retruned at R_OFF, to
- the corresponding ST_CLOSE inclusive. */
-static size_t
-get_internal_buffer (const gcry_sexp_t list, size_t *r_off)
-{
- const unsigned char *p;
- DATALEN n;
- int type;
- int level = 0;
-
- *r_off = 0;
- if (list)
- {
- p = list->d;
- while ( (type=*p) != ST_STOP )
- {
- p++;
- if (type == ST_DATA)
- {
- memcpy (&n, p, sizeof n);
- p += sizeof n + n;
- }
- else if (type == ST_OPEN)
- {
- if (!level)
- *r_off = (p-1) - list->d;
- level++;
- }
- else if ( type == ST_CLOSE )
- {
- level--;
- if (!level)
- return p - list->d;
- }
- }
- }
- return 0; /* Not a proper list. */
-}
-
-
-
-/* Extract the CAR of the given list. May return NULL for bad lists
- or memory failure. */
-gcry_sexp_t
-gcry_sexp_nth( const gcry_sexp_t list, int number )
-{
- const byte *p;
- DATALEN n;
- gcry_sexp_t newlist;
- byte *d;
- int level = 0;
-
- if ( !list || list->d[0] != ST_OPEN )
- return NULL;
- p = list->d;
-
- while ( number > 0 ) {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- }
- p++;
-
- if ( *p == ST_DATA ) {
- memcpy ( &n, p, sizeof n ); p += sizeof n;
- newlist = gcry_malloc ( sizeof *newlist + n + 1 );
- if (!newlist)
- return NULL;
- d = newlist->d;
- memcpy ( d, p, n ); d += n;
- *d++ = ST_STOP;
- }
- else if ( *p == ST_OPEN ) {
- const byte *head = p;
-
- level = 1;
- do {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- }
- else if ( *p == ST_STOP ) {
- BUG ();
- }
- } while ( level );
- n = p + 1 - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n );
- if (!newlist)
- return NULL;
- d = newlist->d;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_STOP;
- }
- else
- newlist = NULL;
-
- return normalize (newlist);
-}
-
-gcry_sexp_t
-gcry_sexp_car( const gcry_sexp_t list )
-{
- return gcry_sexp_nth ( list, 0 );
-}
-
-
-/* Helper to get data from the car. The returned value is valid as
- long as the list is not modified. */
-static const char *
-sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen)
-{
- const byte *p;
- DATALEN n;
- int level = 0;
-
- *datalen = 0;
- if ( !list )
- return NULL;
-
- p = list->d;
- if ( *p == ST_OPEN )
- p++; /* Yep, a list. */
- else if (number)
- return NULL; /* Not a list but N > 0 requested. */
-
- /* Skip over N elements. */
- while ( number > 0 )
- {
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_OPEN )
- {
- level++;
- }
- else if ( *p == ST_CLOSE )
- {
- level--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_STOP )
- {
- return NULL;
- }
- p++;
- }
-
- /* If this is data, return it. */
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- *datalen = n;
- return (const char*)p + sizeof n;
- }
-
- return NULL;
-}
-
-
-/* Get data from the car. The returned value is valid as long as the
- list is not modified. */
-const char *
-gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen )
-{
- return sexp_nth_data (list, number, datalen);
-}
-
-
-/* Get a string from the car. The returned value is a malloced string
- and needs to be freed by the caller. */
-char *
-gcry_sexp_nth_string (const gcry_sexp_t list, int number)
-{
- const char *s;
- size_t n;
- char *buf;
-
- s = sexp_nth_data (list, number, &n);
- if (!s || n < 1 || (n+1) < 1)
- return NULL;
- buf = gcry_malloc (n+1);
- if (!buf)
- return NULL;
- memcpy (buf, s, n);
- buf[n] = 0;
- return buf;
-}
-
-/*
- * Get a MPI from the car
- */
-gcry_mpi_t
-gcry_sexp_nth_mpi( gcry_sexp_t list, int number, int mpifmt )
-{
- const char *s;
- size_t n;
- gcry_mpi_t a;
-
- if ( !mpifmt )
- mpifmt = GCRYMPI_FMT_STD;
-
- s = sexp_nth_data (list, number, &n);
- if (!s)
- return NULL;
-
- if ( gcry_mpi_scan ( &a, mpifmt, s, n, NULL ) )
- return NULL;
-
- return a;
-}
-
-
-/****************
- * Get the CDR
- */
-gcry_sexp_t
-gcry_sexp_cdr( const gcry_sexp_t list )
-{
- const byte *p;
- const byte *head;
- DATALEN n;
- gcry_sexp_t newlist;
- byte *d;
- int level = 0;
- int skip = 1;
-
- if ( !list || list->d[0] != ST_OPEN )
- return NULL;
- p = list->d;
-
- while ( skip > 0 ) {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- skip--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- if ( !level )
- skip--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- }
- p++;
-
- head = p;
- level = 0;
- do {
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- p++;
- } while ( level );
- n = p - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n + 2 );
- if (!newlist)
- return NULL;
- d = newlist->d;
- *d++ = ST_OPEN;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_CLOSE;
- *d++ = ST_STOP;
-
- return normalize (newlist);
-}
-
-gcry_sexp_t
-gcry_sexp_cadr ( const gcry_sexp_t list )
-{
- gcry_sexp_t a, b;
-
- a = gcry_sexp_cdr ( list );
- b = gcry_sexp_car ( a );
- gcry_sexp_release ( a );
- return b;
-}
-
-
-
-static int
-hextobyte( const byte *s )
-{
- int c=0;
-
- if( *s >= '0' && *s <= '9' )
- c = 16 * (*s - '0');
- else if( *s >= 'A' && *s <= 'F' )
- c = 16 * (10 + *s - 'A');
- else if( *s >= 'a' && *s <= 'f' ) {
- c = 16 * (10 + *s - 'a');
- }
- s++;
- if( *s >= '0' && *s <= '9' )
- c += *s - '0';
- else if( *s >= 'A' && *s <= 'F' )
- c += 10 + *s - 'A';
- else if( *s >= 'a' && *s <= 'f' ) {
- c += 10 + *s - 'a';
- }
- return c;
-}
-
-struct make_space_ctx {
- gcry_sexp_t sexp;
- size_t allocated;
- byte *pos;
-};
-
-static gpg_err_code_t
-make_space ( struct make_space_ctx *c, size_t n )
-{
- size_t used = c->pos - c->sexp->d;
-
- if ( used + n + sizeof(DATALEN) + 1 >= c->allocated )
- {
- gcry_sexp_t newsexp;
- byte *newhead;
- size_t newsize;
-
- newsize = c->allocated + 2*(n+sizeof(DATALEN)+1);
- if (newsize <= c->allocated)
- return GPG_ERR_TOO_LARGE;
- newsexp = gcry_realloc ( c->sexp, sizeof *newsexp + newsize - 1);
- if (!newsexp)
- return gpg_err_code_from_errno (errno);
- c->allocated = newsize;
- newhead = newsexp->d;
- c->pos = newhead + used;
- c->sexp = newsexp;
- }
- return 0;
-}
-
-
-/* Unquote STRING of LENGTH and store it into BUF. The surrounding
- quotes are must already be removed from STRING. We assume that the
- quoted string is syntacillay correct. */
-static size_t
-unquote_string (const char *string, size_t length, unsigned char *buf)
-{
- int esc = 0;
- const unsigned char *s = (const unsigned char*)string;
- unsigned char *d = buf;
- size_t n = length;
-
- for (; n; n--, s++)
- {
- if (esc)
- {
- switch (*s)
- {
- case 'b': *d++ = '\b'; break;
- case 't': *d++ = '\t'; break;
- case 'v': *d++ = '\v'; break;
- case 'n': *d++ = '\n'; break;
- case 'f': *d++ = '\f'; break;
- case 'r': *d++ = '\r'; break;
- case '"': *d++ = '\"'; break;
- case '\'': *d++ = '\''; break;
- case '\\': *d++ = '\\'; break;
-
- case '\r': /* ignore CR[,LF] */
- if (n>1 && s[1] == '\n')
- {
- s++; n--;
- }
- esc = 0;
- break;
-
- case '\n': /* ignore LF[,CR] */
- if (n>1 && s[1] == '\r')
- {
- s++; n--;
- }
- break;
-
- case 'x': /* hex value */
- if (n>2 && hexdigitp (s+1) && hexdigitp (s+2))
- {
- s++; n--;
- *d++ = xtoi_2 (s);
- s++; n--;
- }
- break;
-
- default:
- if (n>2 && octdigitp (s) && octdigitp (s+1) && octdigitp (s+2))
- {
- *d++ = (atoi_1 (s)*64) + (atoi_1 (s+1)*8) + atoi_1 (s+2);
- s += 2;
- n -= 2;
- }
- break;
- }
- esc = 0;
- }
- else if( *s == '\\' )
- esc = 1;
- else
- *d++ = *s;
- }
-
- return d - buf;
-}
-
-/****************
- * Scan the provided buffer and return the S expression in our internal
- * format. Returns a newly allocated expression. If erroff is not NULL and
- * a parsing error has occured, the offset into buffer will be returned.
- * If ARGFLAG is true, the function supports some printf like
- * expressions.
- * These are:
- * %m - MPI
- * %s - string (no autoswitch to secure allocation)
- * %d - integer stored as string (no autoswitch to secure allocation)
- * %b - memory buffer; this takes _two_ arguments: an integer with the
- * length of the buffer and a pointer to the buffer.
- * %S - Copy an gcry_sexp_t here. The S-expression needs to be a
- * regular one, starting with a parenthesis.
- * (no autoswitch to secure allocation)
- * all other format elements are currently not defined and return an error.
- * this includes the "%%" sequence becauce the percent sign is not an
- * allowed character.
- * FIXME: We should find a way to store the secure-MPIs not in the string
- * but as reference to somewhere - this can help us to save huge amounts
- * of secure memory. The problem is, that if only one element is secure, all
- * other elements are automagicaly copied to secure memory too, so the most
- * common operation gcry_sexp_cdr_mpi() will always return a secure MPI
- * regardless whether it is needed or not.
- */
-static gcry_error_t
-sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- va_list arg_ptr, void **arg_list)
-{
- gcry_err_code_t err = 0;
- static const char tokenchars[] =
- "abcdefghijklmnopqrstuvwxyz"
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "0123456789-./_:*+=";
- const char *p;
- size_t n;
- const char *digptr = NULL;
- const char *quoted = NULL;
- const char *tokenp = NULL;
- const char *hexfmt = NULL;
- const char *base64 = NULL;
- const char *disphint = NULL;
- const char *percent = NULL;
- int hexcount = 0;
- int quoted_esc = 0;
- int datalen = 0;
- size_t dummy_erroff;
- struct make_space_ctx c;
- int arg_counter = 0;
- int level = 0;
-
- if (!erroff)
- erroff = &dummy_erroff;
-
- /* Depending on wether ARG_LIST is non-zero or not, this macro gives
- us the next argument, either from the variable argument list as
- specified by ARG_PTR or from the argument array ARG_LIST. */
-#define ARG_NEXT(storage, type) \
- do \
- { \
- if (!arg_list) \
- storage = va_arg (arg_ptr, type); \
- else \
- storage = *((type *) (arg_list[arg_counter++])); \
- } \
- while (0)
-
- /* The MAKE_SPACE macro is used before each store operation to
- ensure that the buffer is large enough. It requires a global
- context named C and jumps out to the label LEAVE on error! It
- also sets ERROFF using the variables BUFFER and P. */
-#define MAKE_SPACE(n) do { \
- gpg_err_code_t _ms_err = make_space (&c, (n)); \
- if (_ms_err) \
- { \
- err = _ms_err; \
- *erroff = p - buffer; \
- goto leave; \
- } \
- } while (0)
-
- /* The STORE_LEN macro is used to store the length N at buffer P. */
-#define STORE_LEN(p,n) do { \
- DATALEN ashort = (n); \
- memcpy ( (p), &ashort, sizeof(ashort) ); \
- (p) += sizeof (ashort); \
- } while (0)
-
- /* We assume that the internal representation takes less memory than
- the provided one. However, we add space for one extra datalen so
- that the code which does the ST_CLOSE can use MAKE_SPACE */
- c.allocated = length + sizeof(DATALEN);
- if (buffer && length && gcry_is_secure (buffer))
- c.sexp = gcry_malloc_secure (sizeof *c.sexp + c.allocated - 1);
- else
- c.sexp = gcry_malloc (sizeof *c.sexp + c.allocated - 1);
- if (!c.sexp)
- {
- err = gpg_err_code_from_errno (errno);
- *erroff = 0;
- goto leave;
- }
- c.pos = c.sexp->d;
-
- for (p = buffer, n = length; n; p++, n--)
- {
- if (tokenp && !hexfmt)
- {
- if (strchr (tokenchars, *p))
- continue;
- else
- {
- datalen = p - tokenp;
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- memcpy (c.pos, tokenp, datalen);
- c.pos += datalen;
- tokenp = NULL;
- }
- }
-
- if (quoted)
- {
- if (quoted_esc)
- {
- switch (*p)
- {
- case 'b': case 't': case 'v': case 'n': case 'f':
- case 'r': case '"': case '\'': case '\\':
- quoted_esc = 0;
- break;
-
- case '0': case '1': case '2': case '3': case '4':
- case '5': case '6': case '7':
- if (!((n > 2)
- && (p[1] >= '0') && (p[1] <= '7')
- && (p[2] >= '0') && (p[2] <= '7')))
- {
- *erroff = p - buffer;
- /* Invalid octal value. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- p += 2;
- n -= 2;
- quoted_esc = 0;
- break;
-
- case 'x':
- if (!((n > 2) && hexdigitp (p+1) && hexdigitp (p+2)))
- {
- *erroff = p - buffer;
- /* Invalid hex value. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- p += 2;
- n -= 2;
- quoted_esc = 0;
- break;
-
- case '\r':
- /* ignore CR[,LF] */
- if (n && (p[1] == '\n'))
- {
- p++;
- n--;
- }
- quoted_esc = 0;
- break;
-
- case '\n':
- /* ignore LF[,CR] */
- if (n && (p[1] == '\r'))
- {
- p++;
- n--;
- }
- quoted_esc = 0;
- break;
-
- default:
- *erroff = p - buffer;
- /* Invalid quoted string escape. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- }
- else if (*p == '\\')
- quoted_esc = 1;
- else if (*p == '\"')
- {
- /* Keep it easy - we know that the unquoted string will
- never be larger. */
- unsigned char *save;
- size_t len;
-
- quoted++; /* Skip leading quote. */
- MAKE_SPACE (p - quoted);
- *c.pos++ = ST_DATA;
- save = c.pos;
- STORE_LEN (c.pos, 0); /* Will be fixed up later. */
- len = unquote_string (quoted, p - quoted, c.pos);
- c.pos += len;
- STORE_LEN (save, len);
- quoted = NULL;
- }
- }
- else if (hexfmt)
- {
- if (isxdigit (*p))
- hexcount++;
- else if (*p == '#')
- {
- if ((hexcount & 1))
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_ODD_HEX_NUMBERS;
- goto leave;
- }
-
- datalen = hexcount / 2;
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- for (hexfmt++; hexfmt < p; hexfmt++)
- {
- if (whitespacep (hexfmt))
- continue;
- *c.pos++ = hextobyte ((const unsigned char*)hexfmt);
- hexfmt++;
- }
- hexfmt = NULL;
- }
- else if (!whitespacep (p))
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_BAD_HEX_CHAR;
- goto leave;
- }
- }
- else if (base64)
- {
- if (*p == '|')
- base64 = NULL;
- }
- else if (digptr)
- {
- if (digitp (p))
- ;
- else if (*p == ':')
- {
- datalen = atoi (digptr); /* FIXME: check for overflow. */
- digptr = NULL;
- if (datalen > n - 1)
- {
- *erroff = p - buffer;
- /* Buffer too short. */
- err = GPG_ERR_SEXP_STRING_TOO_LONG;
- goto leave;
- }
- /* Make a new list entry. */
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- memcpy (c.pos, p + 1, datalen);
- c.pos += datalen;
- n -= datalen;
- p += datalen;
- }
- else if (*p == '\"')
- {
- digptr = NULL; /* We ignore the optional length. */
- quoted = p;
- quoted_esc = 0;
- }
- else if (*p == '#')
- {
- digptr = NULL; /* We ignore the optional length. */
- hexfmt = p;
- hexcount = 0;
- }
- else if (*p == '|')
- {
- digptr = NULL; /* We ignore the optional length. */
- base64 = p;
- }
- else
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_INV_LEN_SPEC;
- goto leave;
- }
- }
- else if (percent)
- {
- if (*p == 'm')
- {
- /* Insert an MPI. */
- gcry_mpi_t m;
- size_t nm = 0;
-
- ARG_NEXT (m, gcry_mpi_t);
-
- if (gcry_mpi_print (GCRYMPI_FMT_STD, NULL, 0, &nm, m))
- BUG ();
-
- MAKE_SPACE (nm);
- if (!gcry_is_secure (c.sexp->d)
- && gcry_mpi_get_flag ( m, GCRYMPI_FLAG_SECURE))
- {
- /* We have to switch to secure allocation. */
- gcry_sexp_t newsexp;
- byte *newhead;
-
- newsexp = gcry_malloc_secure (sizeof *newsexp
- + c.allocated - 1);
- if (!newsexp)
- {
- err = gpg_err_code_from_errno (errno);
- goto leave;
- }
- newhead = newsexp->d;
- memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
- c.pos = newhead + (c.pos - c.sexp->d);
- gcry_free (c.sexp);
- c.sexp = newsexp;
- }
-
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, nm);
- if (gcry_mpi_print (GCRYMPI_FMT_STD, c.pos, nm, &nm, m))
- BUG ();
- c.pos += nm;
- }
- else if (*p == 's')
- {
- /* Insert an string. */
- const char *astr;
- size_t alen;
-
- ARG_NEXT (astr, const char *);
- alen = strlen (astr);
-
- MAKE_SPACE (alen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, astr, alen);
- c.pos += alen;
- }
- else if (*p == 'b')
- {
- /* Insert a memory buffer. */
- const char *astr;
- int alen;
-
- ARG_NEXT (alen, int);
- ARG_NEXT (astr, const char *);
-
- MAKE_SPACE (alen);
- if (alen
- && !gcry_is_secure (c.sexp->d)
- && gcry_is_secure (astr))
- {
- /* We have to switch to secure allocation. */
- gcry_sexp_t newsexp;
- byte *newhead;
-
- newsexp = gcry_malloc_secure (sizeof *newsexp
- + c.allocated - 1);
- if (!newsexp)
- {
- err = gpg_err_code_from_errno (errno);
- goto leave;
- }
- newhead = newsexp->d;
- memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
- c.pos = newhead + (c.pos - c.sexp->d);
- gcry_free (c.sexp);
- c.sexp = newsexp;
- }
-
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, astr, alen);
- c.pos += alen;
- }
- else if (*p == 'd')
- {
- /* Insert an integer as string. */
- int aint;
- size_t alen;
- char buf[20];
-
- ARG_NEXT (aint, int);
- sprintf (buf, "%d", aint);
- alen = strlen (buf);
- MAKE_SPACE (alen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, buf, alen);
- c.pos += alen;
- }
- else if (*p == 'S')
- {
- /* Insert a gcry_sexp_t. */
- gcry_sexp_t asexp;
- size_t alen, aoff;
-
- ARG_NEXT (asexp, gcry_sexp_t);
- alen = get_internal_buffer (asexp, &aoff);
- if (alen)
- {
- MAKE_SPACE (alen);
- memcpy (c.pos, asexp->d + aoff, alen);
- c.pos += alen;
- }
- }
- else
- {
- *erroff = p - buffer;
- /* Invalid format specifier. */
- err = GPG_ERR_SEXP_INV_LEN_SPEC;
- goto leave;
- }
- percent = NULL;
- }
- else if (*p == '(')
- {
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_OPEN;
- level++;
- }
- else if (*p == ')')
- {
- /* Walk up. */
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_CLOSE;
- level--;
- }
- else if (*p == '\"')
- {
- quoted = p;
- quoted_esc = 0;
- }
- else if (*p == '#')
- {
- hexfmt = p;
- hexcount = 0;
- }
- else if (*p == '|')
- base64 = p;
- else if (*p == '[')
- {
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_NESTED_DH;
- goto leave;
- }
- disphint = p;
- }
- else if (*p == ']')
- {
- if (!disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- disphint = NULL;
- }
- else if (digitp (p))
- {
- if (*p == '0')
- {
- /* A length may not begin with zero. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_ZERO_PREFIX;
- goto leave;
- }
- digptr = p;
- }
- else if (strchr (tokenchars, *p))
- tokenp = p;
- else if (whitespacep (p))
- ;
- else if (*p == '{')
- {
- /* fixme: handle rescanning: we can do this by saving our
- current state and start over at p+1 -- Hmmm. At this
- point here we are in a well defined state, so we don't
- need to save it. Great. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
- goto leave;
- }
- else if (strchr ("&\\", *p))
- {
- /* Reserved punctuation. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
- goto leave;
- }
- else if (argflag && (*p == '%'))
- percent = p;
- else
- {
- /* Bad or unavailable. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_BAD_CHARACTER;
- goto leave;
- }
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_STOP;
-
- if (level && !err)
- err = GPG_ERR_SEXP_UNMATCHED_PAREN;
-
- leave:
- if (err)
- {
- /* Error -> deallocate. */
- if (c.sexp)
- {
- /* Extra paranoid wipe on error. */
- if (gcry_is_secure (c.sexp))
- wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1);
- gcry_free (c.sexp);
- }
- /* This might be expected by existing code... */
- *retsexp = NULL;
- }
- else
- *retsexp = normalize (c.sexp);
-
- return gcry_error (err);
-#undef MAKE_SPACE
-#undef STORE_LEN
-}
-
-gcry_error_t
-gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, const char *format, ...)
-{
- gcry_error_t rc;
- va_list arg_ptr;
-
- va_start (arg_ptr, format);
- rc = sexp_sscan (retsexp, erroff, format, strlen(format), 1,
- arg_ptr, NULL);
- va_end (arg_ptr);
-
- return rc;
-}
-
-
-gcry_error_t
-_gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, va_list arg_ptr)
-{
- return sexp_sscan (retsexp, erroff, format, strlen(format), 1,
- arg_ptr, NULL);
-}
-
-/* Like gcry_sexp_build, but uses an array instead of variable
- function arguments. */
-gcry_error_t
-gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, void **arg_list)
-{
- /* We don't need the va_list because it is controlled by the
- following flag, however we have to pass it but can't initialize
- it as there is no portable way to do so. volatile is needed to
- suppress the compiler warning */
- volatile va_list dummy_arg_ptr;
-
- gcry_error_t rc;
-
- rc = sexp_sscan (retsexp, erroff, format, strlen(format), 1,
- dummy_arg_ptr, arg_list);
-
- return rc;
-}
-
-gcry_error_t
-gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length)
-{
- /* We don't need the va_list because it is controlled by the
- following flag, however we have to pass it but can't initialize
- it as there is no portable way to do so. volatile is needed to
- suppress the compiler warning */
- volatile va_list dummy_arg_ptr;
-
- return sexp_sscan (retsexp, erroff, buffer, length, 0,
- dummy_arg_ptr, NULL);
-}
-
-#pragma runtime_checks("su", restore)
-
-
-/* Figure out a suitable encoding for BUFFER of LENGTH.
- Returns: 0 = Binary
- 1 = String possible
- 2 = Token possible
-*/
-static int
-suitable_encoding (const unsigned char *buffer, size_t length)
-{
- const unsigned char *s;
- int maybe_token = 1;
-
- if (!length)
- return 1;
-
- for (s=buffer; length; s++, length--)
- {
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0))
- && !strchr ("\b\t\v\n\f\r\"\'\\", *s))
- return 0; /*binary*/
- if ( maybe_token
- && !alphap (s) && !digitp (s) && !strchr (TOKEN_SPECIALS, *s))
- maybe_token = 0;
- }
- s = buffer;
- if ( maybe_token && !digitp (s) )
- return 2;
- return 1;
-}
-
-
-static int
-convert_to_hex (const unsigned char *src, size_t len, char *dest)
-{
- int i;
-
- if (dest)
- {
- *dest++ = '#';
- for (i=0; i < len; i++, dest += 2 )
- sprintf (dest, "%02X", src[i]);
- *dest++ = '#';
- }
- return len*2+2;
-}
-
-static int
-convert_to_string (const unsigned char *s, size_t len, char *dest)
-{
- if (dest)
- {
- char *p = dest;
- *p++ = '\"';
- for (; len; len--, s++ )
- {
- switch (*s)
- {
- case '\b': *p++ = '\\'; *p++ = 'b'; break;
- case '\t': *p++ = '\\'; *p++ = 't'; break;
- case '\v': *p++ = '\\'; *p++ = 'v'; break;
- case '\n': *p++ = '\\'; *p++ = 'n'; break;
- case '\f': *p++ = '\\'; *p++ = 'f'; break;
- case '\r': *p++ = '\\'; *p++ = 'r'; break;
- case '\"': *p++ = '\\'; *p++ = '\"'; break;
- case '\'': *p++ = '\\'; *p++ = '\''; break;
- case '\\': *p++ = '\\'; *p++ = '\\'; break;
- default:
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
- {
- sprintf (p, "\\x%02x", *s);
- p += 4;
- }
- else
- *p++ = *s;
- }
- }
- *p++ = '\"';
- return p - dest;
- }
- else
- {
- int count = 2;
- for (; len; len--, s++ )
- {
- switch (*s)
- {
- case '\b':
- case '\t':
- case '\v':
- case '\n':
- case '\f':
- case '\r':
- case '\"':
- case '\'':
- case '\\': count += 2; break;
- default:
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
- count += 4;
- else
- count++;
- }
- }
- return count;
- }
-}
-
-
-
-static int
-convert_to_token (const unsigned char *src, size_t len, char *dest)
-{
- if (dest)
- memcpy (dest, src, len);
- return len;
-}
-
-
-/****************
- * Print SEXP to buffer using the MODE. Returns the length of the
- * SEXP in buffer or 0 if the buffer is too short (We have at least an
- * empty list consisting of 2 bytes). If a buffer of NULL is provided,
- * the required length is returned.
- */
-size_t
-gcry_sexp_sprint (const gcry_sexp_t list, int mode,
- void *buffer, size_t maxlength )
-{
- static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP };
- const unsigned char *s;
- char *d;
- DATALEN n;
- char numbuf[20];
- size_t len = 0;
- int i, indent = 0;
-
- s = list? list->d : empty;
- d = buffer;
- while ( *s != ST_STOP )
- {
- switch ( *s )
- {
- case ST_OPEN:
- s++;
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- if (indent)
- len++;
- len += indent;
- }
- len++;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- if (indent)
- *d++ = '\n';
- for (i=0; i < indent; i++)
- *d++ = ' ';
- }
- *d++ = '(';
- }
- indent++;
- break;
- case ST_CLOSE:
- s++;
- len++;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- *d++ = ')';
- }
- indent--;
- if (*s != ST_OPEN && *s != ST_STOP && mode != GCRYSEXP_FMT_CANON)
- {
- len++;
- len += indent;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- *d++ = '\n';
- for (i=0; i < indent; i++)
- *d++ = ' ';
- }
- }
- break;
- case ST_DATA:
- s++;
- memcpy ( &n, s, sizeof n ); s += sizeof n;
- if (mode == GCRYSEXP_FMT_ADVANCED)
- {
- int type;
- size_t nn;
-
- switch ( (type=suitable_encoding (s, n)))
- {
- case 1: nn = convert_to_string (s, n, NULL); break;
- case 2: nn = convert_to_token (s, n, NULL); break;
- default: nn = convert_to_hex (s, n, NULL); break;
- }
- len += nn;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- switch (type)
- {
- case 1: convert_to_string (s, n, d); break;
- case 2: convert_to_token (s, n, d); break;
- default: convert_to_hex (s, n, d); break;
- }
- d += nn;
- }
- if (s[n] != ST_CLOSE)
- {
- len++;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- *d++ = ' ';
- }
- }
- }
- else
- {
- sprintf (numbuf, "%u:", (unsigned int)n );
- len += strlen (numbuf) + n;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- d = stpcpy ( d, numbuf );
- memcpy ( d, s, n ); d += n;
- }
- }
- s += n;
- break;
- default:
- BUG ();
- }
- }
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- len++;
- if (buffer)
- {
- if ( len >= maxlength )
- return 0;
- *d++ = '\n';
- }
- }
- if (buffer)
- {
- if ( len >= maxlength )
- return 0;
- *d++ = 0; /* for convenience we make a C string */
- }
- else
- len++; /* we need one byte more for this */
-
- return len;
-}
-
-
-/* Scan a cannocial encoded buffer with implicit length values and
- return the actual length this S-expression uses. For a valid S-Exp
- it should never return 0. If LENGTH is not zero, the maximum
- length to scan is given - this can be used for syntax checks of
- data passed from outside. errorcode and erroff may both be passed as
- NULL. */
-size_t
-gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
- size_t *erroff, gcry_error_t *errcode)
-{
- const unsigned char *p;
- const unsigned char *disphint = NULL;
- unsigned int datalen = 0;
- size_t dummy_erroff;
- gcry_error_t dummy_errcode;
- size_t count = 0;
- int level = 0;
-
- if (!erroff)
- erroff = &dummy_erroff;
- if (!errcode)
- errcode = &dummy_errcode;
-
- *errcode = gcry_error (GPG_ERR_NO_ERROR);
- *erroff = 0;
- if (!buffer)
- return 0;
- if (*buffer != '(')
- {
- *errcode = gcry_error (GPG_ERR_SEXP_NOT_CANONICAL);
- return 0;
- }
-
- for (p=buffer; ; p++, count++ )
- {
- if (length && count >= length)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
- return 0;
- }
-
- if (datalen)
- {
- if (*p == ':')
- {
- if (length && (count+datalen) >= length)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
- return 0;
- }
- count += datalen;
- p += datalen;
- datalen = 0;
- }
- else if (digitp(p))
- datalen = datalen*10 + atoi_1(p);
- else
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_INV_LEN_SPEC);
- return 0;
- }
- }
- else if (*p == '(')
- {
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- level++;
- }
- else if (*p == ')')
- { /* walk up */
- if (!level)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_PAREN);
- return 0;
- }
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- if (!--level)
- return ++count; /* ready */
- }
- else if (*p == '[')
- {
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_NESTED_DH);
- return 0;
- }
- disphint = p;
- }
- else if (*p == ']')
- {
- if ( !disphint )
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- disphint = NULL;
- }
- else if (digitp (p) )
- {
- if (*p == '0')
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_ZERO_PREFIX);
- return 0;
- }
- datalen = atoi_1 (p);
- }
- else if (*p == '&' || *p == '\\')
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNEXPECTED_PUNC);
- return 0;
- }
- else
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_BAD_CHARACTER);
- return 0;
- }
- }
-}
+/* sexp.c - S-Expression handling
+ * Copyright (C) 1999, 2000, 2001, 2002, 2003,
+ * 2004, 2006, 2007, 2008 Free Software Foundation, Inc.
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser general Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <ctype.h>
+#include <errno.h>
+
+#define GCRYPT_NO_MPI_MACROS 1
+#include "g10lib.h"
+
+typedef struct gcry_sexp *NODE;
+typedef unsigned short DATALEN;
+
+struct gcry_sexp
+{
+ byte d[1];
+};
+
+#define ST_STOP 0
+#define ST_DATA 1 /* datalen follows */
+#define ST_HINT 2 /* datalen follows */
+#define ST_OPEN 3
+#define ST_CLOSE 4
+
+/* the atoi macros assume that the buffer has only valid digits */
+#define atoi_1(p) (*(p) - '0' )
+#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
+ *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
+#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
+
+#define TOKEN_SPECIALS "-./_:*+="
+
+static gcry_error_t
+vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length, int argflag,
+ void **arg_list, va_list arg_ptr);
+
+static gcry_error_t
+sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length, int argflag,
+ void **arg_list, ...);
+
+/* Return true if P points to a byte containing a whitespace according
+ to the S-expressions definition. */
+#undef whitespacep
+static GPG_ERR_INLINE int
+whitespacep (const char *p)
+{
+ switch (*p)
+ {
+ case ' ': case '\t': case '\v': case '\f': case '\r': case '\n': return 1;
+ default: return 0;
+ }
+}
+
+
+#if 0
+static void
+dump_mpi( gcry_mpi_t a )
+{
+ char buffer[1000];
+ size_t n = 1000;
+
+ if( !a )
+ fputs("[no MPI]", stderr );
+ else if( gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &n, a ) )
+ fputs("[MPI too large to print]", stderr );
+ else
+ fputs( buffer, stderr );
+}
+#endif
+
+static void
+dump_string (const byte *p, size_t n, int delim )
+{
+ for (; n; n--, p++ )
+ {
+ if ((*p & 0x80) || iscntrl( *p ) || *p == delim )
+ {
+ if( *p == '\n' )
+ log_printf ("\\n");
+ else if( *p == '\r' )
+ log_printf ("\\r");
+ else if( *p == '\f' )
+ log_printf ("\\f");
+ else if( *p == '\v' )
+ log_printf ("\\v");
+ else if( *p == '\b' )
+ log_printf ("\\b");
+ else if( !*p )
+ log_printf ("\\0");
+ else
+ log_printf ("\\x%02x", *p );
+ }
+ else
+ log_printf ("%c", *p);
+ }
+}
+
+
+void
+gcry_sexp_dump (const gcry_sexp_t a)
+{
+ const byte *p;
+ int indent = 0;
+ int type;
+
+ if (!a)
+ {
+ log_printf ( "[nil]\n");
+ return;
+ }
+
+ p = a->d;
+ while ( (type = *p) != ST_STOP )
+ {
+ p++;
+ switch ( type )
+ {
+ case ST_OPEN:
+ log_printf ("%*s[open]\n", 2*indent, "");
+ indent++;
+ break;
+ case ST_CLOSE:
+ if( indent )
+ indent--;
+ log_printf ("%*s[close]\n", 2*indent, "");
+ break;
+ case ST_DATA: {
+ DATALEN n;
+ memcpy ( &n, p, sizeof n );
+ p += sizeof n;
+ log_printf ("%*s[data=\"", 2*indent, "" );
+ dump_string (p, n, '\"' );
+ log_printf ("\"]\n");
+ p += n;
+ }
+ break;
+ default:
+ log_printf ("%*s[unknown tag %d]\n", 2*indent, "", type);
+ break;
+ }
+ }
+}
+
+/****************
+ * Pass list through except when it is an empty list - in that case
+ * return NULL and release the passed list.
+ */
+static gcry_sexp_t
+normalize ( gcry_sexp_t list )
+{
+ unsigned char *p;
+
+ if ( !list )
+ return NULL;
+ p = list->d;
+ if ( *p == ST_STOP )
+ {
+ /* this is "" */
+ gcry_sexp_release ( list );
+ return NULL;
+ }
+ if ( *p == ST_OPEN && p[1] == ST_CLOSE )
+ {
+ /* this is "()" */
+ gcry_sexp_release ( list );
+ return NULL;
+ }
+
+ return list;
+}
+
+/* Create a new S-expression object by reading LENGTH bytes from
+ BUFFER, assuming it is canonical encoded or autodetected encoding
+ when AUTODETECT is set to 1. With FREEFNC not NULL, ownership of
+ the buffer is transferred to the newly created object. FREEFNC
+ should be the freefnc used to release BUFFER; there is no guarantee
+ at which point this function is called; most likey you want to use
+ free() or gcry_free().
+
+ Passing LENGTH and AUTODETECT as 0 is allowed to indicate that
+ BUFFER points to a valid canonical encoded S-expression. A LENGTH
+ of 0 and AUTODETECT 1 indicates that buffer points to a
+ null-terminated string.
+
+ This function returns 0 and and the pointer to the new object in
+ RETSEXP or an error code in which case RETSEXP is set to NULL. */
+gcry_error_t
+gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length,
+ int autodetect, void (*freefnc)(void*) )
+{
+ gcry_error_t errcode;
+ gcry_sexp_t se;
+
+ if (!retsexp)
+ return gcry_error (GPG_ERR_INV_ARG);
+ *retsexp = NULL;
+ if (autodetect < 0 || autodetect > 1 || !buffer)
+ return gcry_error (GPG_ERR_INV_ARG);
+
+ if (!length && !autodetect)
+ { /* What a brave caller to assume that there is really a canonical
+ encoded S-expression in buffer */
+ length = gcry_sexp_canon_len (buffer, 0, NULL, &errcode);
+ if (!length)
+ return errcode;
+ }
+ else if (!length && autodetect)
+ { /* buffer is a string */
+ length = strlen ((char *)buffer);
+ }
+
+ errcode = sexp_sscan (&se, NULL, buffer, length, 0, NULL);
+ if (errcode)
+ return errcode;
+
+ *retsexp = se;
+ if (freefnc)
+ {
+ /* For now we release the buffer immediately. As soon as we
+ have changed the internal represenation of S-expression to
+ the canoncial format - which has the advantage of faster
+ parsing - we will use this function as a closure in our
+ GCRYSEXP object and use the BUFFER directly. */
+ freefnc (buffer);
+ }
+ return gcry_error (GPG_ERR_NO_ERROR);
+}
+
+/* Same as gcry_sexp_create but don't transfer ownership */
+gcry_error_t
+gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length,
+ int autodetect)
+{
+ return gcry_sexp_create (retsexp, (void *)buffer, length, autodetect, NULL);
+}
+
+
+/****************
+ * Release resource of the given SEXP object.
+ */
+void
+gcry_sexp_release( gcry_sexp_t sexp )
+{
+ if (sexp)
+ {
+ if (gcry_is_secure (sexp))
+ {
+ /* Extra paranoid wiping. */
+ const byte *p = sexp->d;
+ int type;
+
+ while ( (type = *p) != ST_STOP )
+ {
+ p++;
+ switch ( type )
+ {
+ case ST_OPEN:
+ break;
+ case ST_CLOSE:
+ break;
+ case ST_DATA:
+ {
+ DATALEN n;
+ memcpy ( &n, p, sizeof n );
+ p += sizeof n;
+ p += n;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ wipememory (sexp->d, p - sexp->d);
+ }
+ gcry_free ( sexp );
+ }
+}
+
+
+/****************
+ * Make a pair from lists a and b, don't use a or b later on.
+ * Special behaviour: If one is a single element list we put the
+ * element straight into the new pair.
+ */
+gcry_sexp_t
+gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b )
+{
+ (void)a;
+ (void)b;
+
+ /* NYI: Implementation should be quite easy with our new data
+ representation */
+ BUG ();
+ return NULL;
+}
+
+
+/****************
+ * Make a list from all items in the array the end of the array is marked
+ * with a NULL.
+ */
+gcry_sexp_t
+gcry_sexp_alist( const gcry_sexp_t *array )
+{
+ (void)array;
+
+ /* NYI: Implementation should be quite easy with our new data
+ representation. */
+ BUG ();
+ return NULL;
+}
+
+/****************
+ * Make a list from all items, the end of list is indicated by a NULL
+ */
+gcry_sexp_t
+gcry_sexp_vlist( const gcry_sexp_t a, ... )
+{
+ (void)a;
+ /* NYI: Implementation should be quite easy with our new data
+ representation. */
+ BUG ();
+ return NULL;
+}
+
+
+/****************
+ * Append n to the list a
+ * Returns: a new ist (which maybe a)
+ */
+gcry_sexp_t
+gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n )
+{
+ (void)a;
+ (void)n;
+ /* NYI: Implementation should be quite easy with our new data
+ representation. */
+ BUG ();
+ return NULL;
+}
+
+gcry_sexp_t
+gcry_sexp_prepend( const gcry_sexp_t a, const gcry_sexp_t n )
+{
+ (void)a;
+ (void)n;
+ /* NYI: Implementation should be quite easy with our new data
+ representation. */
+ BUG ();
+ return NULL;
+}
+
+
+
+/****************
+ * Locate token in a list. The token must be the car of a sublist.
+ * Returns: A new list with this sublist or NULL if not found.
+ */
+gcry_sexp_t
+gcry_sexp_find_token( const gcry_sexp_t list, const char *tok, size_t toklen )
+{
+ const byte *p;
+ DATALEN n;
+
+ if ( !list )
+ return NULL;
+
+ if ( !toklen )
+ toklen = strlen(tok);
+
+ p = list->d;
+ while ( *p != ST_STOP )
+ {
+ if ( *p == ST_OPEN && p[1] == ST_DATA )
+ {
+ const byte *head = p;
+
+ p += 2;
+ memcpy ( &n, p, sizeof n );
+ p += sizeof n;
+ if ( n == toklen && !memcmp( p, tok, toklen ) )
+ { /* found it */
+ gcry_sexp_t newlist;
+ byte *d;
+ int level = 1;
+
+ /* Look for the end of the list. */
+ for ( p += n; level; p++ )
+ {
+ if ( *p == ST_DATA )
+ {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--; /* Compensate for later increment. */
+ }
+ else if ( *p == ST_OPEN )
+ {
+ level++;
+ }
+ else if ( *p == ST_CLOSE )
+ {
+ level--;
+ }
+ else if ( *p == ST_STOP )
+ {
+ BUG ();
+ }
+ }
+ n = p - head;
+
+ newlist = gcry_malloc ( sizeof *newlist + n );
+ if (!newlist)
+ {
+ /* No way to return an error code, so we can only
+ return Not Found. */
+ return NULL;
+ }
+ d = newlist->d;
+ memcpy ( d, head, n ); d += n;
+ *d++ = ST_STOP;
+ return normalize ( newlist );
+ }
+ p += n;
+ }
+ else if ( *p == ST_DATA )
+ {
+ memcpy ( &n, ++p, sizeof n ); p += sizeof n;
+ p += n;
+ }
+ else
+ p++;
+ }
+ return NULL;
+}
+
+/****************
+ * Return the length of the given list
+ */
+int
+gcry_sexp_length( const gcry_sexp_t list )
+{
+ const byte *p;
+ DATALEN n;
+ int type;
+ int length = 0;
+ int level = 0;
+
+ if ( !list )
+ return 0;
+
+ p = list->d;
+ while ( (type=*p) != ST_STOP ) {
+ p++;
+ if ( type == ST_DATA ) {
+ memcpy ( &n, p, sizeof n );
+ p += sizeof n + n;
+ if ( level == 1 )
+ length++;
+ }
+ else if ( type == ST_OPEN ) {
+ if ( level == 1 )
+ length++;
+ level++;
+ }
+ else if ( type == ST_CLOSE ) {
+ level--;
+ }
+ }
+ return length;
+}
+
+
+/* Return the internal lengths offset of LIST. That is the size of
+ the buffer from the first ST_OPEN, which is retruned at R_OFF, to
+ the corresponding ST_CLOSE inclusive. */
+static size_t
+get_internal_buffer (const gcry_sexp_t list, size_t *r_off)
+{
+ const unsigned char *p;
+ DATALEN n;
+ int type;
+ int level = 0;
+
+ *r_off = 0;
+ if (list)
+ {
+ p = list->d;
+ while ( (type=*p) != ST_STOP )
+ {
+ p++;
+ if (type == ST_DATA)
+ {
+ memcpy (&n, p, sizeof n);
+ p += sizeof n + n;
+ }
+ else if (type == ST_OPEN)
+ {
+ if (!level)
+ *r_off = (p-1) - list->d;
+ level++;
+ }
+ else if ( type == ST_CLOSE )
+ {
+ level--;
+ if (!level)
+ return p - list->d;
+ }
+ }
+ }
+ return 0; /* Not a proper list. */
+}
+
+
+
+/* Extract the CAR of the given list. May return NULL for bad lists
+ or memory failure. */
+gcry_sexp_t
+gcry_sexp_nth( const gcry_sexp_t list, int number )
+{
+ const byte *p;
+ DATALEN n;
+ gcry_sexp_t newlist;
+ byte *d;
+ int level = 0;
+
+ if ( !list || list->d[0] != ST_OPEN )
+ return NULL;
+ p = list->d;
+
+ while ( number > 0 ) {
+ p++;
+ if ( *p == ST_DATA ) {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--;
+ if ( !level )
+ number--;
+ }
+ else if ( *p == ST_OPEN ) {
+ level++;
+ }
+ else if ( *p == ST_CLOSE ) {
+ level--;
+ if ( !level )
+ number--;
+ }
+ else if ( *p == ST_STOP ) {
+ return NULL;
+ }
+ }
+ p++;
+
+ if ( *p == ST_DATA ) {
+ memcpy ( &n, p, sizeof n ); p += sizeof n;
+ newlist = gcry_malloc ( sizeof *newlist + n + 1 );
+ if (!newlist)
+ return NULL;
+ d = newlist->d;
+ memcpy ( d, p, n ); d += n;
+ *d++ = ST_STOP;
+ }
+ else if ( *p == ST_OPEN ) {
+ const byte *head = p;
+
+ level = 1;
+ do {
+ p++;
+ if ( *p == ST_DATA ) {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--;
+ }
+ else if ( *p == ST_OPEN ) {
+ level++;
+ }
+ else if ( *p == ST_CLOSE ) {
+ level--;
+ }
+ else if ( *p == ST_STOP ) {
+ BUG ();
+ }
+ } while ( level );
+ n = p + 1 - head;
+
+ newlist = gcry_malloc ( sizeof *newlist + n );
+ if (!newlist)
+ return NULL;
+ d = newlist->d;
+ memcpy ( d, head, n ); d += n;
+ *d++ = ST_STOP;
+ }
+ else
+ newlist = NULL;
+
+ return normalize (newlist);
+}
+
+gcry_sexp_t
+gcry_sexp_car( const gcry_sexp_t list )
+{
+ return gcry_sexp_nth ( list, 0 );
+}
+
+
+/* Helper to get data from the car. The returned value is valid as
+ long as the list is not modified. */
+static const char *
+sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen)
+{
+ const byte *p;
+ DATALEN n;
+ int level = 0;
+
+ *datalen = 0;
+ if ( !list )
+ return NULL;
+
+ p = list->d;
+ if ( *p == ST_OPEN )
+ p++; /* Yep, a list. */
+ else if (number)
+ return NULL; /* Not a list but N > 0 requested. */
+
+ /* Skip over N elements. */
+ while ( number > 0 )
+ {
+ if ( *p == ST_DATA )
+ {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--;
+ if ( !level )
+ number--;
+ }
+ else if ( *p == ST_OPEN )
+ {
+ level++;
+ }
+ else if ( *p == ST_CLOSE )
+ {
+ level--;
+ if ( !level )
+ number--;
+ }
+ else if ( *p == ST_STOP )
+ {
+ return NULL;
+ }
+ p++;
+ }
+
+ /* If this is data, return it. */
+ if ( *p == ST_DATA )
+ {
+ memcpy ( &n, ++p, sizeof n );
+ *datalen = n;
+ return (const char*)p + sizeof n;
+ }
+
+ return NULL;
+}
+
+
+/* Get data from the car. The returned value is valid as long as the
+ list is not modified. */
+const char *
+gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen )
+{
+ return sexp_nth_data (list, number, datalen);
+}
+
+
+/* Get a string from the car. The returned value is a malloced string
+ and needs to be freed by the caller. */
+char *
+gcry_sexp_nth_string (const gcry_sexp_t list, int number)
+{
+ const char *s;
+ size_t n;
+ char *buf;
+
+ s = sexp_nth_data (list, number, &n);
+ if (!s || n < 1 || (n+1) < 1)
+ return NULL;
+ buf = gcry_malloc (n+1);
+ if (!buf)
+ return NULL;
+ memcpy (buf, s, n);
+ buf[n] = 0;
+ return buf;
+}
+
+/*
+ * Get a MPI from the car
+ */
+gcry_mpi_t
+gcry_sexp_nth_mpi( gcry_sexp_t list, int number, int mpifmt )
+{
+ const char *s;
+ size_t n;
+ gcry_mpi_t a;
+
+ if ( !mpifmt )
+ mpifmt = GCRYMPI_FMT_STD;
+
+ s = sexp_nth_data (list, number, &n);
+ if (!s)
+ return NULL;
+
+ if ( gcry_mpi_scan ( &a, mpifmt, s, n, NULL ) )
+ return NULL;
+
+ return a;
+}
+
+
+/****************
+ * Get the CDR
+ */
+gcry_sexp_t
+gcry_sexp_cdr( const gcry_sexp_t list )
+{
+ const byte *p;
+ const byte *head;
+ DATALEN n;
+ gcry_sexp_t newlist;
+ byte *d;
+ int level = 0;
+ int skip = 1;
+
+ if ( !list || list->d[0] != ST_OPEN )
+ return NULL;
+ p = list->d;
+
+ while ( skip > 0 ) {
+ p++;
+ if ( *p == ST_DATA ) {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--;
+ if ( !level )
+ skip--;
+ }
+ else if ( *p == ST_OPEN ) {
+ level++;
+ }
+ else if ( *p == ST_CLOSE ) {
+ level--;
+ if ( !level )
+ skip--;
+ }
+ else if ( *p == ST_STOP ) {
+ return NULL;
+ }
+ }
+ p++;
+
+ head = p;
+ level = 0;
+ do {
+ if ( *p == ST_DATA ) {
+ memcpy ( &n, ++p, sizeof n );
+ p += sizeof n + n;
+ p--;
+ }
+ else if ( *p == ST_OPEN ) {
+ level++;
+ }
+ else if ( *p == ST_CLOSE ) {
+ level--;
+ }
+ else if ( *p == ST_STOP ) {
+ return NULL;
+ }
+ p++;
+ } while ( level );
+ n = p - head;
+
+ newlist = gcry_malloc ( sizeof *newlist + n + 2 );
+ if (!newlist)
+ return NULL;
+ d = newlist->d;
+ *d++ = ST_OPEN;
+ memcpy ( d, head, n ); d += n;
+ *d++ = ST_CLOSE;
+ *d++ = ST_STOP;
+
+ return normalize (newlist);
+}
+
+gcry_sexp_t
+gcry_sexp_cadr ( const gcry_sexp_t list )
+{
+ gcry_sexp_t a, b;
+
+ a = gcry_sexp_cdr ( list );
+ b = gcry_sexp_car ( a );
+ gcry_sexp_release ( a );
+ return b;
+}
+
+
+
+static int
+hextobyte( const byte *s )
+{
+ int c=0;
+
+ if( *s >= '0' && *s <= '9' )
+ c = 16 * (*s - '0');
+ else if( *s >= 'A' && *s <= 'F' )
+ c = 16 * (10 + *s - 'A');
+ else if( *s >= 'a' && *s <= 'f' ) {
+ c = 16 * (10 + *s - 'a');
+ }
+ s++;
+ if( *s >= '0' && *s <= '9' )
+ c += *s - '0';
+ else if( *s >= 'A' && *s <= 'F' )
+ c += 10 + *s - 'A';
+ else if( *s >= 'a' && *s <= 'f' ) {
+ c += 10 + *s - 'a';
+ }
+ return c;
+}
+
+struct make_space_ctx {
+ gcry_sexp_t sexp;
+ size_t allocated;
+ byte *pos;
+};
+
+static gpg_err_code_t
+make_space ( struct make_space_ctx *c, size_t n )
+{
+ size_t used = c->pos - c->sexp->d;
+
+ if ( used + n + sizeof(DATALEN) + 1 >= c->allocated )
+ {
+ gcry_sexp_t newsexp;
+ byte *newhead;
+ size_t newsize;
+
+ newsize = c->allocated + 2*(n+sizeof(DATALEN)+1);
+ if (newsize <= c->allocated)
+ return GPG_ERR_TOO_LARGE;
+ newsexp = gcry_realloc ( c->sexp, sizeof *newsexp + newsize - 1);
+ if (!newsexp)
+ return gpg_err_code_from_errno (errno);
+ c->allocated = newsize;
+ newhead = newsexp->d;
+ c->pos = newhead + used;
+ c->sexp = newsexp;
+ }
+ return 0;
+}
+
+
+/* Unquote STRING of LENGTH and store it into BUF. The surrounding
+ quotes are must already be removed from STRING. We assume that the
+ quoted string is syntacillay correct. */
+static size_t
+unquote_string (const char *string, size_t length, unsigned char *buf)
+{
+ int esc = 0;
+ const unsigned char *s = (const unsigned char*)string;
+ unsigned char *d = buf;
+ size_t n = length;
+
+ for (; n; n--, s++)
+ {
+ if (esc)
+ {
+ switch (*s)
+ {
+ case 'b': *d++ = '\b'; break;
+ case 't': *d++ = '\t'; break;
+ case 'v': *d++ = '\v'; break;
+ case 'n': *d++ = '\n'; break;
+ case 'f': *d++ = '\f'; break;
+ case 'r': *d++ = '\r'; break;
+ case '"': *d++ = '\"'; break;
+ case '\'': *d++ = '\''; break;
+ case '\\': *d++ = '\\'; break;
+
+ case '\r': /* ignore CR[,LF] */
+ if (n>1 && s[1] == '\n')
+ {
+ s++; n--;
+ }
+ break;
+
+ case '\n': /* ignore LF[,CR] */
+ if (n>1 && s[1] == '\r')
+ {
+ s++; n--;
+ }
+ break;
+
+ case 'x': /* hex value */
+ if (n>2 && hexdigitp (s+1) && hexdigitp (s+2))
+ {
+ s++; n--;
+ *d++ = xtoi_2 (s);
+ s++; n--;
+ }
+ break;
+
+ default:
+ if (n>2 && octdigitp (s) && octdigitp (s+1) && octdigitp (s+2))
+ {
+ *d++ = (atoi_1 (s)*64) + (atoi_1 (s+1)*8) + atoi_1 (s+2);
+ s += 2;
+ n -= 2;
+ }
+ break;
+ }
+ esc = 0;
+ }
+ else if( *s == '\\' )
+ esc = 1;
+ else
+ *d++ = *s;
+ }
+
+ return d - buf;
+}
+
+/****************
+ * Scan the provided buffer and return the S expression in our internal
+ * format. Returns a newly allocated expression. If erroff is not NULL and
+ * a parsing error has occurred, the offset into buffer will be returned.
+ * If ARGFLAG is true, the function supports some printf like
+ * expressions.
+ * These are:
+ * %m - MPI
+ * %s - string (no autoswitch to secure allocation)
+ * %d - integer stored as string (no autoswitch to secure allocation)
+ * %b - memory buffer; this takes _two_ arguments: an integer with the
+ * length of the buffer and a pointer to the buffer.
+ * %S - Copy an gcry_sexp_t here. The S-expression needs to be a
+ * regular one, starting with a parenthesis.
+ * (no autoswitch to secure allocation)
+ * all other format elements are currently not defined and return an error.
+ * this includes the "%%" sequence becauce the percent sign is not an
+ * allowed character.
+ * FIXME: We should find a way to store the secure-MPIs not in the string
+ * but as reference to somewhere - this can help us to save huge amounts
+ * of secure memory. The problem is, that if only one element is secure, all
+ * other elements are automagicaly copied to secure memory too, so the most
+ * common operation gcry_sexp_cdr_mpi() will always return a secure MPI
+ * regardless whether it is needed or not.
+ */
+static gcry_error_t
+vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length, int argflag,
+ void **arg_list, va_list arg_ptr)
+{
+ gcry_err_code_t err = 0;
+ static const char tokenchars[] =
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789-./_:*+=";
+ const char *p;
+ size_t n;
+ const char *digptr = NULL;
+ const char *quoted = NULL;
+ const char *tokenp = NULL;
+ const char *hexfmt = NULL;
+ const char *base64 = NULL;
+ const char *disphint = NULL;
+ const char *percent = NULL;
+ int hexcount = 0;
+ int quoted_esc = 0;
+ int datalen = 0;
+ size_t dummy_erroff;
+ struct make_space_ctx c;
+ int arg_counter = 0;
+ int level = 0;
+
+ if (!erroff)
+ erroff = &dummy_erroff;
+
+ /* Depending on whether ARG_LIST is non-zero or not, this macro gives
+ us the next argument, either from the variable argument list as
+ specified by ARG_PTR or from the argument array ARG_LIST. */
+#define ARG_NEXT(storage, type) \
+ do \
+ { \
+ if (!arg_list) \
+ storage = va_arg (arg_ptr, type); \
+ else \
+ storage = *((type *) (arg_list[arg_counter++])); \
+ } \
+ while (0)
+
+ /* The MAKE_SPACE macro is used before each store operation to
+ ensure that the buffer is large enough. It requires a global
+ context named C and jumps out to the label LEAVE on error! It
+ also sets ERROFF using the variables BUFFER and P. */
+#define MAKE_SPACE(n) do { \
+ gpg_err_code_t _ms_err = make_space (&c, (n)); \
+ if (_ms_err) \
+ { \
+ err = _ms_err; \
+ *erroff = p - buffer; \
+ goto leave; \
+ } \
+ } while (0)
+
+ /* The STORE_LEN macro is used to store the length N at buffer P. */
+#define STORE_LEN(p,n) do { \
+ DATALEN ashort = (n); \
+ memcpy ( (p), &ashort, sizeof(ashort) ); \
+ (p) += sizeof (ashort); \
+ } while (0)
+
+ /* We assume that the internal representation takes less memory than
+ the provided one. However, we add space for one extra datalen so
+ that the code which does the ST_CLOSE can use MAKE_SPACE */
+ c.allocated = length + sizeof(DATALEN);
+ if (buffer && length && gcry_is_secure (buffer))
+ c.sexp = gcry_malloc_secure (sizeof *c.sexp + c.allocated - 1);
+ else
+ c.sexp = gcry_malloc (sizeof *c.sexp + c.allocated - 1);
+ if (!c.sexp)
+ {
+ err = gpg_err_code_from_errno (errno);
+ *erroff = 0;
+ goto leave;
+ }
+ c.pos = c.sexp->d;
+
+ for (p = buffer, n = length; n; p++, n--)
+ {
+ if (tokenp && !hexfmt)
+ {
+ if (strchr (tokenchars, *p))
+ continue;
+ else
+ {
+ datalen = p - tokenp;
+ MAKE_SPACE (datalen);
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, datalen);
+ memcpy (c.pos, tokenp, datalen);
+ c.pos += datalen;
+ tokenp = NULL;
+ }
+ }
+
+ if (quoted)
+ {
+ if (quoted_esc)
+ {
+ switch (*p)
+ {
+ case 'b': case 't': case 'v': case 'n': case 'f':
+ case 'r': case '"': case '\'': case '\\':
+ quoted_esc = 0;
+ break;
+
+ case '0': case '1': case '2': case '3': case '4':
+ case '5': case '6': case '7':
+ if (!((n > 2)
+ && (p[1] >= '0') && (p[1] <= '7')
+ && (p[2] >= '0') && (p[2] <= '7')))
+ {
+ *erroff = p - buffer;
+ /* Invalid octal value. */
+ err = GPG_ERR_SEXP_BAD_QUOTATION;
+ goto leave;
+ }
+ p += 2;
+ n -= 2;
+ quoted_esc = 0;
+ break;
+
+ case 'x':
+ if (!((n > 2) && hexdigitp (p+1) && hexdigitp (p+2)))
+ {
+ *erroff = p - buffer;
+ /* Invalid hex value. */
+ err = GPG_ERR_SEXP_BAD_QUOTATION;
+ goto leave;
+ }
+ p += 2;
+ n -= 2;
+ quoted_esc = 0;
+ break;
+
+ case '\r':
+ /* ignore CR[,LF] */
+ if (n && (p[1] == '\n'))
+ {
+ p++;
+ n--;
+ }
+ quoted_esc = 0;
+ break;
+
+ case '\n':
+ /* ignore LF[,CR] */
+ if (n && (p[1] == '\r'))
+ {
+ p++;
+ n--;
+ }
+ quoted_esc = 0;
+ break;
+
+ default:
+ *erroff = p - buffer;
+ /* Invalid quoted string escape. */
+ err = GPG_ERR_SEXP_BAD_QUOTATION;
+ goto leave;
+ }
+ }
+ else if (*p == '\\')
+ quoted_esc = 1;
+ else if (*p == '\"')
+ {
+ /* Keep it easy - we know that the unquoted string will
+ never be larger. */
+ unsigned char *save;
+ size_t len;
+
+ quoted++; /* Skip leading quote. */
+ MAKE_SPACE (p - quoted);
+ *c.pos++ = ST_DATA;
+ save = c.pos;
+ STORE_LEN (c.pos, 0); /* Will be fixed up later. */
+ len = unquote_string (quoted, p - quoted, c.pos);
+ c.pos += len;
+ STORE_LEN (save, len);
+ quoted = NULL;
+ }
+ }
+ else if (hexfmt)
+ {
+ if (isxdigit (*p))
+ hexcount++;
+ else if (*p == '#')
+ {
+ if ((hexcount & 1))
+ {
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_ODD_HEX_NUMBERS;
+ goto leave;
+ }
+
+ datalen = hexcount / 2;
+ MAKE_SPACE (datalen);
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, datalen);
+ for (hexfmt++; hexfmt < p; hexfmt++)
+ {
+ if (whitespacep (hexfmt))
+ continue;
+ *c.pos++ = hextobyte ((const unsigned char*)hexfmt);
+ hexfmt++;
+ }
+ hexfmt = NULL;
+ }
+ else if (!whitespacep (p))
+ {
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_BAD_HEX_CHAR;
+ goto leave;
+ }
+ }
+ else if (base64)
+ {
+ if (*p == '|')
+ base64 = NULL;
+ }
+ else if (digptr)
+ {
+ if (digitp (p))
+ ;
+ else if (*p == ':')
+ {
+ datalen = atoi (digptr); /* FIXME: check for overflow. */
+ digptr = NULL;
+ if (datalen > n - 1)
+ {
+ *erroff = p - buffer;
+ /* Buffer too short. */
+ err = GPG_ERR_SEXP_STRING_TOO_LONG;
+ goto leave;
+ }
+ /* Make a new list entry. */
+ MAKE_SPACE (datalen);
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, datalen);
+ memcpy (c.pos, p + 1, datalen);
+ c.pos += datalen;
+ n -= datalen;
+ p += datalen;
+ }
+ else if (*p == '\"')
+ {
+ digptr = NULL; /* We ignore the optional length. */
+ quoted = p;
+ quoted_esc = 0;
+ }
+ else if (*p == '#')
+ {
+ digptr = NULL; /* We ignore the optional length. */
+ hexfmt = p;
+ hexcount = 0;
+ }
+ else if (*p == '|')
+ {
+ digptr = NULL; /* We ignore the optional length. */
+ base64 = p;
+ }
+ else
+ {
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_INV_LEN_SPEC;
+ goto leave;
+ }
+ }
+ else if (percent)
+ {
+ if (*p == 'm')
+ {
+ /* Insert an MPI. */
+ gcry_mpi_t m;
+ size_t nm = 0;
+
+ ARG_NEXT (m, gcry_mpi_t);
+
+ if (gcry_mpi_print (GCRYMPI_FMT_STD, NULL, 0, &nm, m))
+ BUG ();
+
+ MAKE_SPACE (nm);
+ if (!gcry_is_secure (c.sexp->d)
+ && gcry_mpi_get_flag ( m, GCRYMPI_FLAG_SECURE))
+ {
+ /* We have to switch to secure allocation. */
+ gcry_sexp_t newsexp;
+ byte *newhead;
+
+ newsexp = gcry_malloc_secure (sizeof *newsexp
+ + c.allocated - 1);
+ if (!newsexp)
+ {
+ err = gpg_err_code_from_errno (errno);
+ goto leave;
+ }
+ newhead = newsexp->d;
+ memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
+ c.pos = newhead + (c.pos - c.sexp->d);
+ gcry_free (c.sexp);
+ c.sexp = newsexp;
+ }
+
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, nm);
+ if (gcry_mpi_print (GCRYMPI_FMT_STD, c.pos, nm, &nm, m))
+ BUG ();
+ c.pos += nm;
+ }
+ else if (*p == 's')
+ {
+ /* Insert an string. */
+ const char *astr;
+ size_t alen;
+
+ ARG_NEXT (astr, const char *);
+ alen = strlen (astr);
+
+ MAKE_SPACE (alen);
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, alen);
+ memcpy (c.pos, astr, alen);
+ c.pos += alen;
+ }
+ else if (*p == 'b')
+ {
+ /* Insert a memory buffer. */
+ const char *astr;
+ int alen;
+
+ ARG_NEXT (alen, int);
+ ARG_NEXT (astr, const char *);
+
+ MAKE_SPACE (alen);
+ if (alen
+ && !gcry_is_secure (c.sexp->d)
+ && gcry_is_secure (astr))
+ {
+ /* We have to switch to secure allocation. */
+ gcry_sexp_t newsexp;
+ byte *newhead;
+
+ newsexp = gcry_malloc_secure (sizeof *newsexp
+ + c.allocated - 1);
+ if (!newsexp)
+ {
+ err = gpg_err_code_from_errno (errno);
+ goto leave;
+ }
+ newhead = newsexp->d;
+ memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
+ c.pos = newhead + (c.pos - c.sexp->d);
+ gcry_free (c.sexp);
+ c.sexp = newsexp;
+ }
+
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, alen);
+ memcpy (c.pos, astr, alen);
+ c.pos += alen;
+ }
+ else if (*p == 'd')
+ {
+ /* Insert an integer as string. */
+ int aint;
+ size_t alen;
+ char buf[20];
+
+ ARG_NEXT (aint, int);
+ sprintf (buf, "%d", aint);
+ alen = strlen (buf);
+ MAKE_SPACE (alen);
+ *c.pos++ = ST_DATA;
+ STORE_LEN (c.pos, alen);
+ memcpy (c.pos, buf, alen);
+ c.pos += alen;
+ }
+ else if (*p == 'S')
+ {
+ /* Insert a gcry_sexp_t. */
+ gcry_sexp_t asexp;
+ size_t alen, aoff;
+
+ ARG_NEXT (asexp, gcry_sexp_t);
+ alen = get_internal_buffer (asexp, &aoff);
+ if (alen)
+ {
+ MAKE_SPACE (alen);
+ memcpy (c.pos, asexp->d + aoff, alen);
+ c.pos += alen;
+ }
+ }
+ else
+ {
+ *erroff = p - buffer;
+ /* Invalid format specifier. */
+ err = GPG_ERR_SEXP_INV_LEN_SPEC;
+ goto leave;
+ }
+ percent = NULL;
+ }
+ else if (*p == '(')
+ {
+ if (disphint)
+ {
+ *erroff = p - buffer;
+ /* Open display hint. */
+ err = GPG_ERR_SEXP_UNMATCHED_DH;
+ goto leave;
+ }
+ MAKE_SPACE (0);
+ *c.pos++ = ST_OPEN;
+ level++;
+ }
+ else if (*p == ')')
+ {
+ /* Walk up. */
+ if (disphint)
+ {
+ *erroff = p - buffer;
+ /* Open display hint. */
+ err = GPG_ERR_SEXP_UNMATCHED_DH;
+ goto leave;
+ }
+ MAKE_SPACE (0);
+ *c.pos++ = ST_CLOSE;
+ level--;
+ }
+ else if (*p == '\"')
+ {
+ quoted = p;
+ quoted_esc = 0;
+ }
+ else if (*p == '#')
+ {
+ hexfmt = p;
+ hexcount = 0;
+ }
+ else if (*p == '|')
+ base64 = p;
+ else if (*p == '[')
+ {
+ if (disphint)
+ {
+ *erroff = p - buffer;
+ /* Open display hint. */
+ err = GPG_ERR_SEXP_NESTED_DH;
+ goto leave;
+ }
+ disphint = p;
+ }
+ else if (*p == ']')
+ {
+ if (!disphint)
+ {
+ *erroff = p - buffer;
+ /* Open display hint. */
+ err = GPG_ERR_SEXP_UNMATCHED_DH;
+ goto leave;
+ }
+ disphint = NULL;
+ }
+ else if (digitp (p))
+ {
+ if (*p == '0')
+ {
+ /* A length may not begin with zero. */
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_ZERO_PREFIX;
+ goto leave;
+ }
+ digptr = p;
+ }
+ else if (strchr (tokenchars, *p))
+ tokenp = p;
+ else if (whitespacep (p))
+ ;
+ else if (*p == '{')
+ {
+ /* fixme: handle rescanning: we can do this by saving our
+ current state and start over at p+1 -- Hmmm. At this
+ point here we are in a well defined state, so we don't
+ need to save it. Great. */
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
+ goto leave;
+ }
+ else if (strchr ("&\\", *p))
+ {
+ /* Reserved punctuation. */
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
+ goto leave;
+ }
+ else if (argflag && (*p == '%'))
+ percent = p;
+ else
+ {
+ /* Bad or unavailable. */
+ *erroff = p - buffer;
+ err = GPG_ERR_SEXP_BAD_CHARACTER;
+ goto leave;
+ }
+ }
+ MAKE_SPACE (0);
+ *c.pos++ = ST_STOP;
+
+ if (level && !err)
+ err = GPG_ERR_SEXP_UNMATCHED_PAREN;
+
+ leave:
+ if (err)
+ {
+ /* Error -> deallocate. */
+ if (c.sexp)
+ {
+ /* Extra paranoid wipe on error. */
+ if (gcry_is_secure (c.sexp))
+ wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1);
+ gcry_free (c.sexp);
+ }
+ /* This might be expected by existing code... */
+ *retsexp = NULL;
+ }
+ else
+ *retsexp = normalize (c.sexp);
+
+ return gcry_error (err);
+#undef MAKE_SPACE
+#undef STORE_LEN
+}
+
+
+static gcry_error_t
+sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length, int argflag,
+ void **arg_list, ...)
+{
+ gcry_error_t rc;
+ va_list arg_ptr;
+
+ va_start (arg_ptr, arg_list);
+ rc = vsexp_sscan (retsexp, erroff, buffer, length, argflag,
+ arg_list, arg_ptr);
+ va_end (arg_ptr);
+
+ return rc;
+}
+
+
+gcry_error_t
+gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, const char *format, ...)
+{
+ gcry_error_t rc;
+ va_list arg_ptr;
+
+ va_start (arg_ptr, format);
+ rc = vsexp_sscan (retsexp, erroff, format, strlen(format), 1,
+ NULL, arg_ptr);
+ va_end (arg_ptr);
+
+ return rc;
+}
+
+
+gcry_error_t
+_gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, va_list arg_ptr)
+{
+ return vsexp_sscan (retsexp, erroff, format, strlen(format), 1,
+ NULL, arg_ptr);
+}
+
+
+/* Like gcry_sexp_build, but uses an array instead of variable
+ function arguments. */
+gcry_error_t
+gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, void **arg_list)
+{
+ return sexp_sscan (retsexp, erroff, format, strlen(format), 1, arg_list);
+}
+
+
+gcry_error_t
+gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length)
+{
+ return sexp_sscan (retsexp, erroff, buffer, length, 0, NULL);
+}
+
+
+/* Figure out a suitable encoding for BUFFER of LENGTH.
+ Returns: 0 = Binary
+ 1 = String possible
+ 2 = Token possible
+*/
+static int
+suitable_encoding (const unsigned char *buffer, size_t length)
+{
+ const unsigned char *s;
+ int maybe_token = 1;
+
+ if (!length)
+ return 1;
+
+ for (s=buffer; length; s++, length--)
+ {
+ if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0))
+ && !strchr ("\b\t\v\n\f\r\"\'\\", *s))
+ return 0; /*binary*/
+ if ( maybe_token
+ && !alphap (s) && !digitp (s) && !strchr (TOKEN_SPECIALS, *s))
+ maybe_token = 0;
+ }
+ s = buffer;
+ if ( maybe_token && !digitp (s) )
+ return 2;
+ return 1;
+}
+
+
+static int
+convert_to_hex (const unsigned char *src, size_t len, char *dest)
+{
+ int i;
+
+ if (dest)
+ {
+ *dest++ = '#';
+ for (i=0; i < len; i++, dest += 2 )
+ sprintf (dest, "%02X", src[i]);
+ *dest++ = '#';
+ }
+ return len*2+2;
+}
+
+static int
+convert_to_string (const unsigned char *s, size_t len, char *dest)
+{
+ if (dest)
+ {
+ char *p = dest;
+ *p++ = '\"';
+ for (; len; len--, s++ )
+ {
+ switch (*s)
+ {
+ case '\b': *p++ = '\\'; *p++ = 'b'; break;
+ case '\t': *p++ = '\\'; *p++ = 't'; break;
+ case '\v': *p++ = '\\'; *p++ = 'v'; break;
+ case '\n': *p++ = '\\'; *p++ = 'n'; break;
+ case '\f': *p++ = '\\'; *p++ = 'f'; break;
+ case '\r': *p++ = '\\'; *p++ = 'r'; break;
+ case '\"': *p++ = '\\'; *p++ = '\"'; break;
+ case '\'': *p++ = '\\'; *p++ = '\''; break;
+ case '\\': *p++ = '\\'; *p++ = '\\'; break;
+ default:
+ if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
+ {
+ sprintf (p, "\\x%02x", *s);
+ p += 4;
+ }
+ else
+ *p++ = *s;
+ }
+ }
+ *p++ = '\"';
+ return p - dest;
+ }
+ else
+ {
+ int count = 2;
+ for (; len; len--, s++ )
+ {
+ switch (*s)
+ {
+ case '\b':
+ case '\t':
+ case '\v':
+ case '\n':
+ case '\f':
+ case '\r':
+ case '\"':
+ case '\'':
+ case '\\': count += 2; break;
+ default:
+ if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
+ count += 4;
+ else
+ count++;
+ }
+ }
+ return count;
+ }
+}
+
+
+
+static int
+convert_to_token (const unsigned char *src, size_t len, char *dest)
+{
+ if (dest)
+ memcpy (dest, src, len);
+ return len;
+}
+
+
+/****************
+ * Print SEXP to buffer using the MODE. Returns the length of the
+ * SEXP in buffer or 0 if the buffer is too short (We have at least an
+ * empty list consisting of 2 bytes). If a buffer of NULL is provided,
+ * the required length is returned.
+ */
+size_t
+gcry_sexp_sprint (const gcry_sexp_t list, int mode,
+ void *buffer, size_t maxlength )
+{
+ static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP };
+ const unsigned char *s;
+ char *d;
+ DATALEN n;
+ char numbuf[20];
+ size_t len = 0;
+ int i, indent = 0;
+
+ s = list? list->d : empty;
+ d = buffer;
+ while ( *s != ST_STOP )
+ {
+ switch ( *s )
+ {
+ case ST_OPEN:
+ s++;
+ if ( mode != GCRYSEXP_FMT_CANON )
+ {
+ if (indent)
+ len++;
+ len += indent;
+ }
+ len++;
+ if ( buffer )
+ {
+ if ( len >= maxlength )
+ return 0;
+ if ( mode != GCRYSEXP_FMT_CANON )
+ {
+ if (indent)
+ *d++ = '\n';
+ for (i=0; i < indent; i++)
+ *d++ = ' ';
+ }
+ *d++ = '(';
+ }
+ indent++;
+ break;
+ case ST_CLOSE:
+ s++;
+ len++;
+ if ( buffer )
+ {
+ if ( len >= maxlength )
+ return 0;
+ *d++ = ')';
+ }
+ indent--;
+ if (*s != ST_OPEN && *s != ST_STOP && mode != GCRYSEXP_FMT_CANON)
+ {
+ len++;
+ len += indent;
+ if (buffer)
+ {
+ if (len >= maxlength)
+ return 0;
+ *d++ = '\n';
+ for (i=0; i < indent; i++)
+ *d++ = ' ';
+ }
+ }
+ break;
+ case ST_DATA:
+ s++;
+ memcpy ( &n, s, sizeof n ); s += sizeof n;
+ if (mode == GCRYSEXP_FMT_ADVANCED)
+ {
+ int type;
+ size_t nn;
+
+ switch ( (type=suitable_encoding (s, n)))
+ {
+ case 1: nn = convert_to_string (s, n, NULL); break;
+ case 2: nn = convert_to_token (s, n, NULL); break;
+ default: nn = convert_to_hex (s, n, NULL); break;
+ }
+ len += nn;
+ if (buffer)
+ {
+ if (len >= maxlength)
+ return 0;
+ switch (type)
+ {
+ case 1: convert_to_string (s, n, d); break;
+ case 2: convert_to_token (s, n, d); break;
+ default: convert_to_hex (s, n, d); break;
+ }
+ d += nn;
+ }
+ if (s[n] != ST_CLOSE)
+ {
+ len++;
+ if (buffer)
+ {
+ if (len >= maxlength)
+ return 0;
+ *d++ = ' ';
+ }
+ }
+ }
+ else
+ {
+ sprintf (numbuf, "%u:", (unsigned int)n );
+ len += strlen (numbuf) + n;
+ if ( buffer )
+ {
+ if ( len >= maxlength )
+ return 0;
+ d = stpcpy ( d, numbuf );
+ memcpy ( d, s, n ); d += n;
+ }
+ }
+ s += n;
+ break;
+ default:
+ BUG ();
+ }
+ }
+ if ( mode != GCRYSEXP_FMT_CANON )
+ {
+ len++;
+ if (buffer)
+ {
+ if ( len >= maxlength )
+ return 0;
+ *d++ = '\n';
+ }
+ }
+ if (buffer)
+ {
+ if ( len >= maxlength )
+ return 0;
+ *d++ = 0; /* for convenience we make a C string */
+ }
+ else
+ len++; /* we need one byte more for this */
+
+ return len;
+}
+
+
+/* Scan a canonical encoded buffer with implicit length values and
+ return the actual length this S-expression uses. For a valid S-Exp
+ it should never return 0. If LENGTH is not zero, the maximum
+ length to scan is given - this can be used for syntax checks of
+ data passed from outside. errorcode and erroff may both be passed as
+ NULL. */
+size_t
+gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
+ size_t *erroff, gcry_error_t *errcode)
+{
+ const unsigned char *p;
+ const unsigned char *disphint = NULL;
+ unsigned int datalen = 0;
+ size_t dummy_erroff;
+ gcry_error_t dummy_errcode;
+ size_t count = 0;
+ int level = 0;
+
+ if (!erroff)
+ erroff = &dummy_erroff;
+ if (!errcode)
+ errcode = &dummy_errcode;
+
+ *errcode = gcry_error (GPG_ERR_NO_ERROR);
+ *erroff = 0;
+ if (!buffer)
+ return 0;
+ if (*buffer != '(')
+ {
+ *errcode = gcry_error (GPG_ERR_SEXP_NOT_CANONICAL);
+ return 0;
+ }
+
+ for (p=buffer; ; p++, count++ )
+ {
+ if (length && count >= length)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
+ return 0;
+ }
+
+ if (datalen)
+ {
+ if (*p == ':')
+ {
+ if (length && (count+datalen) >= length)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
+ return 0;
+ }
+ count += datalen;
+ p += datalen;
+ datalen = 0;
+ }
+ else if (digitp(p))
+ datalen = datalen*10 + atoi_1(p);
+ else
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_INV_LEN_SPEC);
+ return 0;
+ }
+ }
+ else if (*p == '(')
+ {
+ if (disphint)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
+ return 0;
+ }
+ level++;
+ }
+ else if (*p == ')')
+ { /* walk up */
+ if (!level)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_PAREN);
+ return 0;
+ }
+ if (disphint)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
+ return 0;
+ }
+ if (!--level)
+ return ++count; /* ready */
+ }
+ else if (*p == '[')
+ {
+ if (disphint)
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_NESTED_DH);
+ return 0;
+ }
+ disphint = p;
+ }
+ else if (*p == ']')
+ {
+ if ( !disphint )
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
+ return 0;
+ }
+ disphint = NULL;
+ }
+ else if (digitp (p) )
+ {
+ if (*p == '0')
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_ZERO_PREFIX);
+ return 0;
+ }
+ datalen = atoi_1 (p);
+ }
+ else if (*p == '&' || *p == '\\')
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_UNEXPECTED_PUNC);
+ return 0;
+ }
+ else
+ {
+ *erroff = count;
+ *errcode = gcry_error (GPG_ERR_SEXP_BAD_CHARACTER);
+ return 0;
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 22:24:06 +0000