diff options
Diffstat (limited to 'plugins/MirOTR/Libgcrypt/src')
39 files changed, 7949 insertions, 7623 deletions
diff --git a/plugins/MirOTR/Libgcrypt/src/ath.c b/plugins/MirOTR/Libgcrypt/src/ath.c index a3d300c1b9..9085d3e143 100644 --- a/plugins/MirOTR/Libgcrypt/src/ath.c +++ b/plugins/MirOTR/Libgcrypt/src/ath.c @@ -1,345 +1,406 @@ -/* ath.c - Thread-safeness library. - Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with Libgcrypt; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA. */ +/* ath.c - A Thread-safeness library. + * Copyright (C) 2002, 2003, 2004, 2011 Free Software Foundation, Inc. + * Copyright (C) 2014 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ #ifdef HAVE_CONFIG_H #include <config.h> #endif -#include <assert.h> /* Right: We need to use assert and not gcry_assert. */ +#include <assert.h> +#include <stdlib.h> #include <unistd.h> -#ifdef HAVE_SYS_SELECT_H -# include <sys/select.h> -#else -# include <sys/time.h> -#endif -#include <sys/types.h> -#ifndef _WIN32 -#include <sys/wait.h> -#endif #include <errno.h> +#if USE_POSIX_THREADS +# include <pthread.h> +#endif #include "ath.h" +#if USE_POSIX_THREADS_WEAK +# if !USE_POSIX_THREADS +# error USE_POSIX_THREADS_WEAK but no USE_POSIX_THREADS +# endif +#endif -/* The interface table. */ -static struct ath_ops ops; - -/* True if we should use the external callbacks. */ -static int ops_set; - +/* On an ELF system it is easy to use pthreads using weak references. + Take care not to test the address of a weak referenced function we + actually use; some GCC versions have a bug were &foo != NULL is + always evaluated to true in PIC mode. USING_PTHREAD_AS_DEFAULT is + used by ath_install to detect the default usage of pthread. */ +#if USE_POSIX_THREADS_WEAK +# pragma weak pthread_cancel +# pragma weak pthread_mutex_init +# pragma weak pthread_mutex_lock +# pragma weak pthread_mutex_unlock +# pragma weak pthread_mutex_destroy +#endif -/* For the dummy interface. */ -#define MUTEX_UNLOCKED ((ath_mutex_t) 0) -#define MUTEX_LOCKED ((ath_mutex_t) 1) -#define MUTEX_DESTROYED ((ath_mutex_t) 2) +/* For the dummy interface. The MUTEX_NOTINIT value is used to check + that a mutex has been initialized. */ +#define MUTEX_NOTINIT ((ath_mutex_t) 0) +#define MUTEX_UNLOCKED ((ath_mutex_t) 1) +#define MUTEX_LOCKED ((ath_mutex_t) 2) +#define MUTEX_DESTROYED ((ath_mutex_t) 3) /* Return the thread type from the option field. */ #define GET_OPTION(a) ((a) & 0xff) -/* Return the version number from the option field. */ -#define GET_VERSION(a) (((a) >> 8)& 0xff) -/* The lock we take while checking for lazy lock initialization. */ -static ath_mutex_t check_init_lock = ATH_MUTEX_INITIALIZER; +enum ath_thread_model { + ath_model_undefined = 0, + ath_model_none, /* No thread support. */ + ath_model_pthreads_weak, /* POSIX threads using weak symbols. */ + ath_model_pthreads, /* POSIX threads directly linked. */ + ath_model_w32 /* Microsoft Windows threads. */ +}; + +/* The thread model in use. */ +static enum ath_thread_model thread_model; + + +/* Initialize the ath subsystem. This is called as part of the + Libgcrypt initialization. It's purpose is to initialize the + locking system. It returns 0 on sucess or an ERRNO value on error. + In the latter case it is not defined whether ERRNO was changed. + + Note: This should be called as early as possible because it is not + always possible to detect the thread model to use while already + running multi threaded. */ int ath_init (void) { int err = 0; - if (ops_set) - { - if (ops.init) - err = (*ops.init) (); - if (err) - return err; - err = (*ops.mutex_init) (&check_init_lock); - } - return err; -} - + if (thread_model) + return 0; /* Already initialized - no error. */ -/* Initialize the locking library. Returns 0 if the operation was - successful, EINVAL if the operation table was invalid and EBUSY if - we already were initialized. */ -gpg_err_code_t -ath_install (struct ath_ops *ath_ops, int check_only) -{ - if (check_only) + if (0) + ; +#if USE_POSIX_THREADS_WEAK + else if (pthread_cancel) { - unsigned int option = 0; - - /* Check if the requested thread option is compatible to the - thread option we are already committed to. */ - if (ath_ops) - option = ath_ops->option; - - if (!ops_set && GET_OPTION (option)) - return GPG_ERR_NOT_SUPPORTED; - - if (GET_OPTION (ops.option) == ATH_THREAD_OPTION_USER - || GET_OPTION (option) == ATH_THREAD_OPTION_USER - || GET_OPTION (ops.option) != GET_OPTION (option) - || GET_VERSION (ops.option) != GET_VERSION (option)) - return GPG_ERR_NOT_SUPPORTED; - - return 0; + thread_model = ath_model_pthreads_weak; } - - if (ath_ops) +#endif + else { - /* It is convenient to not require DESTROY. */ - if (!ath_ops->mutex_init || !ath_ops->mutex_lock - || !ath_ops->mutex_unlock) - return GPG_ERR_INV_ARG; - - ops = *ath_ops; - ops_set = 1; +#if HAVE_W32_SYSTEM + thread_model = ath_model_w32; +#elif USE_POSIX_THREADS && !USE_POSIX_THREADS_WEAK + thread_model = ath_model_pthreads; +#else /*!USE_POSIX_THREADS*/ + /* Assume a single threaded application. */ + thread_model = ath_model_none; +#endif /*!USE_POSIX_THREADS*/ } - else - ops_set = 0; - - return 0; -} - - -static int -mutex_init (ath_mutex_t *lock, int just_check) -{ - int err = 0; - if (just_check) - (*ops.mutex_lock) (&check_init_lock); - if (*lock == ATH_MUTEX_INITIALIZER || !just_check) - err = (*ops.mutex_init) (lock); - if (just_check) - (*ops.mutex_unlock) (&check_init_lock); return err; } -int -ath_mutex_init (ath_mutex_t *lock) +/* Return the used thread model as string for display purposes an if + R_MODEL is not null store its internal number at R_MODEL. */ +const char * +ath_get_model (int *r_model) { - if (ops_set) - return mutex_init (lock, 0); - -#ifndef NDEBUG - *lock = MUTEX_UNLOCKED; -#endif - return 0; -} - - -int -ath_mutex_destroy (ath_mutex_t *lock) -{ - if (ops_set) + if (r_model) + *r_model = thread_model; + switch (thread_model) { - if (!ops.mutex_destroy) - return 0; - - (*ops.mutex_lock) (&check_init_lock); - if (*lock == ATH_MUTEX_INITIALIZER) - { - (*ops.mutex_unlock) (&check_init_lock); - return 0; - } - (*ops.mutex_unlock) (&check_init_lock); - return (*ops.mutex_destroy) (lock); + case ath_model_undefined: return "undefined"; + case ath_model_none: return "none"; + case ath_model_pthreads_weak: return "pthread(weak)"; + case ath_model_pthreads: return "pthread"; + case ath_model_w32: return "w32"; + default: return "?"; } - -#ifndef NDEBUG - assert (*lock == MUTEX_UNLOCKED); - - *lock = MUTEX_DESTROYED; -#endif - return 0; } -int -ath_mutex_lock (ath_mutex_t *lock) +/* This function was used in old Libgcrypt versions (via + GCRYCTL_SET_THREAD_CBS) to register the thread callback functions. + It is not anymore required. However to allow existing code to + continue to work, we keep this function and check that no user + defined callbacks are used and that the requested thread system + matches the one Libgcrypt is using. */ +gpg_err_code_t +ath_install (struct ath_ops *ath_ops) { - if (ops_set) + gpg_err_code_t rc; + unsigned int thread_option; + + /* Fist call ath_init so that we know our thread model. */ + rc = ath_init (); + if (rc) + return rc; + + /* Check if the requested thread option is compatible to the + thread option we are already committed to. */ + thread_option = ath_ops? GET_OPTION (ath_ops->option) : 0; + + /* Return an error if the requested thread model does not match the + configured one. */ + if (0) + ; +#if USE_POSIX_THREADS + else if (thread_model == ath_model_pthreads + || thread_model == ath_model_pthreads_weak) { - int ret = mutex_init (lock, 1); - if (ret) - return ret; - return (*ops.mutex_lock) (lock); + if (thread_option == ATH_THREAD_OPTION_PTHREAD) + return 0; /* Okay - compatible. */ + if (thread_option == ATH_THREAD_OPTION_PTH) + return 0; /* Okay - compatible. */ } +#endif /*USE_POSIX_THREADS*/ + else if (thread_option == ATH_THREAD_OPTION_PTH) + { + if (thread_model == ath_model_none) + return 0; /* Okay - compatible. */ + } + else if (thread_option == ATH_THREAD_OPTION_DEFAULT) + return 0; /* No thread support requested. */ +#if HAVE_W32_SYSTEM + else + return 0; /* It is always enabled. */ +#endif /*HAVE_W32_SYSTEM*/ -#ifndef NDEBUG - assert (*lock == MUTEX_UNLOCKED); - - *lock = MUTEX_LOCKED; -#endif - return 0; + return GPG_ERR_NOT_SUPPORTED; } +/* Initialize a new mutex. This function returns 0 on success or an + system error code (i.e. an ERRNO value). ERRNO may or may not be + changed on error. */ int -ath_mutex_unlock (ath_mutex_t *lock) +ath_mutex_init (ath_mutex_t *lock) { - if (ops_set) + int err; + + switch (thread_model) { - int ret = mutex_init (lock, 1); - if (ret) - return ret; - return (*ops.mutex_unlock) (lock); + case ath_model_none: + *lock = MUTEX_UNLOCKED; + err = 0; + break; + +#if USE_POSIX_THREADS + case ath_model_pthreads: + case ath_model_pthreads_weak: + { + pthread_mutex_t *plck; + + plck = malloc (sizeof *plck); + if (!plck) + err = errno? errno : ENOMEM; + else + { + err = pthread_mutex_init (plck, NULL); + if (err) + free (plck); + else + *lock = (void*)plck; + } + } + break; +#endif /*USE_POSIX_THREADS*/ + +#if HAVE_W32_SYSTEM + case ath_model_w32: + { + CRITICAL_SECTION *csec; + + csec = malloc (sizeof *csec); + if (!csec) + err = errno? errno : ENOMEM; + else + { + InitializeCriticalSection (csec); + *lock = (void*)csec; + err = 0; + } + } + break; +#endif /*HAVE_W32_SYSTEM*/ + + default: + err = EINVAL; + break; } -#ifndef NDEBUG - assert (*lock == MUTEX_LOCKED); - - *lock = MUTEX_UNLOCKED; -#endif - return 0; -} - - -ssize_t -ath_read (int fd, void *buf, size_t nbytes) -{ - if (ops_set && ops.read) - return (*ops.read) (fd, buf, nbytes); - else - return _read (fd, buf, nbytes); + return err; } -ssize_t -ath_write (int fd, const void *buf, size_t nbytes) +/* Destroy a mutex. This function is a NOP if LOCK is NULL. If the + mutex is still locked it can't be destroyed and the function + returns EBUSY. ERRNO may or may not be changed on error. */ +int +ath_mutex_destroy (ath_mutex_t *lock) { - if (ops_set && ops.write) - return (*ops.write) (fd, buf, nbytes); - else - return _write (fd, buf, nbytes); -} + int err; + if (!*lock) + return 0; -ssize_t -#ifdef _WIN32 -ath_select (int nfd, void *rset, void *wset, void *eset, - struct timeval *timeout) -#else -ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, - struct timeval *timeout) -#endif -{ - if (ops_set && ops.select) - return (*ops.select) (nfd, rset, wset, eset, timeout); - else -#ifdef _WIN32 - return -1; -#else - return select (nfd, rset, wset, eset, timeout); -#endif -} + switch (thread_model) + { + case ath_model_none: + if (*lock != MUTEX_UNLOCKED) + err = EBUSY; + else + { + *lock = MUTEX_DESTROYED; + err = 0; + } + break; + +#if USE_POSIX_THREADS + case ath_model_pthreads: + case ath_model_pthreads_weak: + { + pthread_mutex_t *plck = (pthread_mutex_t*) (*lock); + + err = pthread_mutex_destroy (plck); + if (!err) + { + free (plck); + lock = NULL; + } + } + break; +#endif /*USE_POSIX_THREADS*/ + +#if HAVE_W32_SYSTEM + case ath_model_w32: + { + CRITICAL_SECTION *csec = (CRITICAL_SECTION *)(*lock); + + DeleteCriticalSection (csec); + free (csec); + err = 0; + } + break; +#endif /*HAVE_W32_SYSTEM*/ + + default: + err = EINVAL; + break; + } - -ssize_t -ath_waitpid (pid_t pid, int *status, int options) -{ - if (ops_set && ops.waitpid) - return (*ops.waitpid) (pid, status, options); - else -#ifdef _WIN32 - return -1; -#else - return waitpid (pid, status, options); -#endif + return err; } +/* Lock the mutex LOCK. On success the function returns 0; on error + an error code. ERRNO may or may not be changed on error. */ int -#ifdef _WIN32 -ath_accept (int s, void *addr, int *length_ptr) -#else -ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr) -#endif +ath_mutex_lock (ath_mutex_t *lock) { - if (ops_set && ops.accept) - return (*ops.accept) (s, addr, length_ptr); - else -#ifdef _WIN32 - return -1; -#else - return accept (s, addr, length_ptr); -#endif -} + int err; + switch (thread_model) + { + case ath_model_none: + if (*lock == MUTEX_NOTINIT) + err = EINVAL; + else if (*lock == MUTEX_UNLOCKED) + { + *lock = MUTEX_LOCKED; + err = 0; + } + else + err = EDEADLK; + break; + +#if USE_POSIX_THREADS + case ath_model_pthreads: + case ath_model_pthreads_weak: + err = pthread_mutex_lock ((pthread_mutex_t*)(*lock)); + break; +#endif /*USE_POSIX_THREADS*/ + +#if HAVE_W32_SYSTEM + case ath_model_w32: + { + CRITICAL_SECTION *csec = (CRITICAL_SECTION *)(*lock); + + EnterCriticalSection (csec); + err = 0; + } + break; +#endif /*HAVE_W32_SYSTEM*/ + + default: + err = EINVAL; + break; + } -int -#ifdef _WIN32 -ath_connect (int s, void *addr, int length) -#else -ath_connect (int s, struct sockaddr *addr, socklen_t length) -#endif -{ - if (ops_set && ops.connect) - return (*ops.connect) (s, addr, length); - else -#ifdef _WIN32 - return -1; -#else - return connect (s, addr, length); -#endif + return err; } - +/* Unlock the mutex LOCK. On success the function returns 0; on error + an error code. ERRNO may or may not be changed on error. */ int -#ifdef _WIN32 -ath_sendmsg (int s, const void *msg, int flags) -#else -ath_sendmsg (int s, const struct msghdr *msg, int flags) -#endif +ath_mutex_unlock (ath_mutex_t *lock) { - if (ops_set && ops.sendmsg) - return (*ops.sendmsg) (s, msg, flags); - else -#ifdef _WIN32 - return -1; -#else - return sendmsg (s, msg, flags); -#endif -} + int err; + switch (thread_model) + { + case ath_model_none: + if (*lock == MUTEX_NOTINIT) + err = EINVAL; + else if (*lock == MUTEX_LOCKED) + { + *lock = MUTEX_UNLOCKED; + err = 0; + } + else + err = EPERM; + break; + +#if USE_POSIX_THREADS + case ath_model_pthreads: + case ath_model_pthreads_weak: + err = pthread_mutex_unlock ((pthread_mutex_t*)(*lock)); + break; +#endif /*USE_POSIX_THREADS*/ + +#if HAVE_W32_SYSTEM + case ath_model_w32: + { + CRITICAL_SECTION *csec = (CRITICAL_SECTION *)(*lock); + + LeaveCriticalSection (csec); + err = 0; + } + break; +#endif /*HAVE_W32_SYSTEM*/ + + default: + err = EINVAL; + break; + } -int -#ifdef _WIN32 -ath_recvmsg (int s, void *msg, int flags) -#else -ath_recvmsg (int s, struct msghdr *msg, int flags) -#endif -{ - if (ops_set && ops.recvmsg) - return (*ops.recvmsg) (s, msg, flags); - else -#ifdef _WIN32 - return -1; -#else - return recvmsg (s, msg, flags); -#endif + return err; } - diff --git a/plugins/MirOTR/Libgcrypt/src/ath.h b/plugins/MirOTR/Libgcrypt/src/ath.h index aba5e78359..a132e0b78a 100644 --- a/plugins/MirOTR/Libgcrypt/src/ath.h +++ b/plugins/MirOTR/Libgcrypt/src/ath.h @@ -1,39 +1,45 @@ /* ath.h - Thread-safeness library. - Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with Libgcrypt; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA. */ + * Copyright (C) 2002, 2003, 2004, 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ #ifndef ATH_H #define ATH_H +#include <config.h> + #ifdef _WIN32 -#define WIN32_LEAN_AND_MEAN -#include <windows.h> -#else -#include <sys/types.h> -#include <sys/socket.h> -#endif +# include <winsock2.h> +# include <windows.h> +#else /* !_WIN32 */ +# ifdef HAVE_SYS_SELECT_H +# include <sys/select.h> +# else +# include <sys/time.h> +# endif +# include <sys/types.h> +# ifdef HAVE_SYS_MSG_H +# include <sys/msg.h> /* (e.g. for zOS) */ +# endif +# include <sys/socket.h> +#endif /* !_WIN32 */ #include <gpg-error.h> -#include <sys/time.h> /* Required by Interix. */ -#include <config.h> -#include <io.h> /* Define _ATH_EXT_SYM_PREFIX if you want to give all external symbols a prefix. */ @@ -45,18 +51,11 @@ #define _ATH_PREFIX(x) _ATH_PREFIX2(_ATH_EXT_SYM_PREFIX,x) #define ath_install _ATH_PREFIX(ath_install) #define ath_init _ATH_PREFIX(ath_init) +#define ath_get_model _ATH_PREFIX(ath_get_model) #define ath_mutex_init _ATH_PREFIX(ath_mutex_init) #define ath_mutex_destroy _ATH_PREFIX(ath_mutex_destroy) #define ath_mutex_lock _ATH_PREFIX(ath_mutex_lock) #define ath_mutex_unlock _ATH_PREFIX(ath_mutex_unlock) -#define ath_read _ATH_PREFIX(ath_read) -#define ath_write _ATH_PREFIX(ath_write) -#define ath_select _ATH_PREFIX(ath_select) -#define ath_waitpid _ATH_PREFIX(ath_waitpid) -#define ath_connect _ATH_PREFIX(ath_connect) -#define ath_accept _ATH_PREFIX(ath_accept) -#define ath_sendmsg _ATH_PREFIX(ath_sendmsg) -#define ath_recvmsg _ATH_PREFIX(ath_recvmsg) #endif @@ -71,71 +70,24 @@ enum ath_thread_option struct ath_ops { /* The OPTION field encodes the thread model and the version number - of this structure. + of this structure. Bits 7 - 0 are used for the thread model Bits 15 - 8 are used for the version number. */ unsigned int option; - int (*init) (void); - int (*mutex_init) (void **priv); - int (*mutex_destroy) (void *priv); - int (*mutex_lock) (void *priv); - int (*mutex_unlock) (void *priv); - ssize_t (*read) (int fd, void *buf, size_t nbytes); - ssize_t (*write) (int fd, const void *buf, size_t nbytes); -#ifdef _WIN32 - ssize_t (*select) (int nfd, void *rset, void *wset, void *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, void *addr, int *length_ptr); - int (*connect) (int s, void *addr, int length); - int (*sendmsg) (int s, const void *msg, int flags); - int (*recvmsg) (int s, void *msg, int flags); -#else - ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, struct sockaddr *addr, socklen_t *length_ptr); - int (*connect) (int s, struct sockaddr *addr, socklen_t length); - int (*sendmsg) (int s, const struct msghdr *msg, int flags); - int (*recvmsg) (int s, struct msghdr *msg, int flags); -#endif }; -gpg_err_code_t ath_install (struct ath_ops *ath_ops, int check_only); +gpg_err_code_t ath_install (struct ath_ops *ath_ops); int ath_init (void); - +const char *ath_get_model (int *r_model); /* Functions for mutual exclusion. */ typedef void *ath_mutex_t; -#define ATH_MUTEX_INITIALIZER 0 int ath_mutex_init (ath_mutex_t *mutex); int ath_mutex_destroy (ath_mutex_t *mutex); int ath_mutex_lock (ath_mutex_t *mutex); int ath_mutex_unlock (ath_mutex_t *mutex); -/* Replacement for the POSIX functions, which can be used to allow - other (user-level) threads to run. */ -ssize_t ath_read (int fd, void *buf, size_t nbytes); -ssize_t ath_write (int fd, const void *buf, size_t nbytes); -#ifdef _WIN32 -ssize_t ath_select (int nfd, void *rset, void *wset, void *eset, - struct timeval *timeout); -ssize_t ath_waitpid (pid_t pid, int *status, int options); -int ath_accept (int s, void *addr, int *length_ptr); -int ath_connect (int s, void *addr, int length); -int ath_sendmsg (int s, const void *msg, int flags); -int ath_recvmsg (int s, void *msg, int flags); -#else -ssize_t ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, - struct timeval *timeout); -ssize_t ath_waitpid (pid_t pid, int *status, int options); -int ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr); -int ath_connect (int s, struct sockaddr *addr, socklen_t length); -int ath_sendmsg (int s, const struct msghdr *msg, int flags); -int ath_recvmsg (int s, struct msghdr *msg, int flags); -#endif - #endif /* ATH_H */ diff --git a/plugins/MirOTR/Libgcrypt/src/cipher-proto.h b/plugins/MirOTR/Libgcrypt/src/cipher-proto.h index 215323671e..8267791732 100644 --- a/plugins/MirOTR/Libgcrypt/src/cipher-proto.h +++ b/plugins/MirOTR/Libgcrypt/src/cipher-proto.h @@ -1,5 +1,5 @@ /* cipher-proto.h - Internal declarations - * Copyright (C) 2008 Free Software Foundation, Inc. + * Copyright (C) 2008, 2011 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -23,14 +23,18 @@ #ifndef G10_CIPHER_PROTO_H #define G10_CIPHER_PROTO_H -/* Definition of a function used to report selftest failures. + +enum pk_encoding; + + +/* Definition of a function used to report selftest failures. DOMAIN is a string describing the function block: "cipher", "digest", "pubkey or "random", ALGO is the algorithm under test, WHAT is a string describing what has been tested, DESC is a string describing the error. */ typedef void (*selftest_report_func_t)(const char *domain, - int algo, + int algo, const char *what, const char *errdesc); @@ -38,70 +42,209 @@ typedef void (*selftest_report_func_t)(const char *domain, typedef gpg_err_code_t (*selftest_func_t) (int algo, int extended, selftest_report_func_t report); + +/* + * + * Public key related definitions. + * + */ + +/* Type for the pk_generate function. */ +typedef gcry_err_code_t (*gcry_pk_generate_t) (gcry_sexp_t genparms, + gcry_sexp_t *r_skey); + +/* Type for the pk_check_secret_key function. */ +typedef gcry_err_code_t (*gcry_pk_check_secret_key_t) (gcry_sexp_t keyparms); + +/* Type for the pk_encrypt function. */ +typedef gcry_err_code_t (*gcry_pk_encrypt_t) (gcry_sexp_t *r_ciph, + gcry_sexp_t s_data, + gcry_sexp_t keyparms); + +/* Type for the pk_decrypt function. */ +typedef gcry_err_code_t (*gcry_pk_decrypt_t) (gcry_sexp_t *r_plain, + gcry_sexp_t s_data, + gcry_sexp_t keyparms); + +/* Type for the pk_sign function. */ +typedef gcry_err_code_t (*gcry_pk_sign_t) (gcry_sexp_t *r_sig, + gcry_sexp_t s_data, + gcry_sexp_t keyparms); + +/* Type for the pk_verify function. */ +typedef gcry_err_code_t (*gcry_pk_verify_t) (gcry_sexp_t s_sig, + gcry_sexp_t s_data, + gcry_sexp_t keyparms); + +/* Type for the pk_get_nbits function. */ +typedef unsigned (*gcry_pk_get_nbits_t) (gcry_sexp_t keyparms); -/* An extended type of the generate function. */ -typedef gcry_err_code_t (*pk_ext_generate_t) - (int algo, - unsigned int nbits, - unsigned long evalue, - gcry_sexp_t genparms, - gcry_mpi_t *skey, - gcry_mpi_t **retfactors, - gcry_sexp_t *extrainfo); /* The type used to compute the keygrip. */ -typedef gpg_err_code_t (*pk_comp_keygrip_t) - (gcry_md_hd_t md, gcry_sexp_t keyparm); +typedef gpg_err_code_t (*pk_comp_keygrip_t) (gcry_md_hd_t md, + gcry_sexp_t keyparm); + +/* The type used to query an ECC curve name. */ +typedef const char *(*pk_get_curve_t)(gcry_sexp_t keyparms, int iterator, + unsigned int *r_nbits); + +/* The type used to query ECC curve parameters by name. */ +typedef gcry_sexp_t (*pk_get_curve_param_t)(const char *name); + + +/* Module specification structure for public key algoritms. */ +typedef struct gcry_pk_spec +{ + int algo; + struct { + unsigned int disabled:1; + unsigned int fips:1; + } flags; + int use; + const char *name; + const char **aliases; + const char *elements_pkey; + const char *elements_skey; + const char *elements_enc; + const char *elements_sig; + const char *elements_grip; + gcry_pk_generate_t generate; + gcry_pk_check_secret_key_t check_secret_key; + gcry_pk_encrypt_t encrypt; + gcry_pk_decrypt_t decrypt; + gcry_pk_sign_t sign; + gcry_pk_verify_t verify; + gcry_pk_get_nbits_t get_nbits; + selftest_func_t selftest; + pk_comp_keygrip_t comp_keygrip; + pk_get_curve_t get_curve; + pk_get_curve_param_t get_curve_param; +} gcry_pk_spec_t; + + + +/* + * + * Symmetric cipher related definitions. + * + */ + +/* Type for the cipher_setkey function. */ +typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c, + const unsigned char *key, + unsigned keylen); + +/* Type for the cipher_encrypt function. */ +typedef unsigned int (*gcry_cipher_encrypt_t) (void *c, + unsigned char *outbuf, + const unsigned char *inbuf); -/* The type used to quert ECC curve parameters. */ -typedef gcry_err_code_t (*pk_get_param_t) - (const char *name, gcry_mpi_t *pkey); +/* Type for the cipher_decrypt function. */ +typedef unsigned int (*gcry_cipher_decrypt_t) (void *c, + unsigned char *outbuf, + const unsigned char *inbuf); + +/* Type for the cipher_stencrypt function. */ +typedef void (*gcry_cipher_stencrypt_t) (void *c, + unsigned char *outbuf, + const unsigned char *inbuf, + size_t n); + +/* Type for the cipher_stdecrypt function. */ +typedef void (*gcry_cipher_stdecrypt_t) (void *c, + unsigned char *outbuf, + const unsigned char *inbuf, + size_t n); /* The type used to convey additional information to a cipher. */ typedef gpg_err_code_t (*cipher_set_extra_info_t) (void *c, int what, const void *buffer, size_t buflen); +/* The type used to set an IV directly in the algorithm module. */ +typedef void (*cipher_setiv_func_t)(void *c, const byte *iv, size_t ivlen); + +/* A structure to map OIDs to encryption modes. */ +typedef struct gcry_cipher_oid_spec +{ + const char *oid; + int mode; +} gcry_cipher_oid_spec_t; + -/* Extra module specification structures. These are used for internal - modules which provide more functions than available through the - public algorithm register APIs. */ -typedef struct cipher_extra_spec +/* Module specification structure for ciphers. */ +typedef struct gcry_cipher_spec { + int algo; + struct { + unsigned int disabled:1; + unsigned int fips:1; + } flags; + const char *name; + const char **aliases; + gcry_cipher_oid_spec_t *oids; + size_t blocksize; + size_t keylen; + size_t contextsize; + gcry_cipher_setkey_t setkey; + gcry_cipher_encrypt_t encrypt; + gcry_cipher_decrypt_t decrypt; + gcry_cipher_stencrypt_t stencrypt; + gcry_cipher_stdecrypt_t stdecrypt; selftest_func_t selftest; cipher_set_extra_info_t set_extra_info; -} cipher_extra_spec_t; + cipher_setiv_func_t setiv; +} gcry_cipher_spec_t; + + + +/* + * + * Message digest related definitions. + * + */ + +/* Type for the md_init function. */ +typedef void (*gcry_md_init_t) (void *c, unsigned int flags); + +/* Type for the md_write function. */ +typedef void (*gcry_md_write_t) (void *c, const void *buf, size_t nbytes); -typedef struct md_extra_spec +/* Type for the md_final function. */ +typedef void (*gcry_md_final_t) (void *c); + +/* Type for the md_read function. */ +typedef unsigned char *(*gcry_md_read_t) (void *c); + +typedef struct gcry_md_oid_spec { - selftest_func_t selftest; -} md_extra_spec_t; + const char *oidstring; +} gcry_md_oid_spec_t; -typedef struct pk_extra_spec +/* Module specification structure for message digests. */ +typedef struct gcry_md_spec { + int algo; + struct { + unsigned int disabled:1; + unsigned int fips:1; + } flags; + const char *name; + unsigned char *asnoid; + int asnlen; + gcry_md_oid_spec_t *oids; + int mdlen; + gcry_md_init_t init; + gcry_md_write_t write; + gcry_md_final_t final; + gcry_md_read_t read; + size_t contextsize; /* allocate this amount of context */ selftest_func_t selftest; - pk_ext_generate_t ext_generate; - pk_comp_keygrip_t comp_keygrip; - pk_get_param_t get_param; -} pk_extra_spec_t; - - +} gcry_md_spec_t; -/* The private register functions. */ -gcry_error_t _gcry_cipher_register (gcry_cipher_spec_t *cipher, - cipher_extra_spec_t *extraspec, - int *algorithm_id, - gcry_module_t *module); -gcry_error_t _gcry_md_register (gcry_md_spec_t *cipher, - md_extra_spec_t *extraspec, - unsigned int *algorithm_id, - gcry_module_t *module); -gcry_error_t _gcry_pk_register (gcry_pk_spec_t *cipher, - pk_extra_spec_t *extraspec, - unsigned int *algorithm_id, - gcry_module_t *module); + /* The selftest functions. */ -gcry_error_t _gcry_cipher_selftest (int algo, int extended, +gcry_error_t _gcry_cipher_selftest (int algo, int extended, selftest_report_func_t report); gcry_error_t _gcry_md_selftest (int algo, int extended, selftest_report_func_t report); @@ -112,4 +255,7 @@ gcry_error_t _gcry_hmac_selftest (int algo, int extended, gcry_error_t _gcry_random_selftest (selftest_report_func_t report); + + + #endif /*G10_CIPHER_PROTO_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/cipher.h b/plugins/MirOTR/Libgcrypt/src/cipher.h index 48baab4225..10bfe0c50d 100644 --- a/plugins/MirOTR/Libgcrypt/src/cipher.h +++ b/plugins/MirOTR/Libgcrypt/src/cipher.h @@ -1,5 +1,5 @@ /* cipher.h - * Copyright (C) 1998, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 2002, 2003, 2009 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -20,18 +20,94 @@ #ifndef G10_CIPHER_H #define G10_CIPHER_H -#include <gcrypt.h> +#include "gcrypt-int.h" #define DBG_CIPHER _gcry_get_debug_flag( 1 ) #include "../random/random.h" #define PUBKEY_FLAG_NO_BLINDING (1 << 0) +#define PUBKEY_FLAG_RFC6979 (1 << 1) +#define PUBKEY_FLAG_FIXEDLEN (1 << 2) +#define PUBKEY_FLAG_LEGACYRESULT (1 << 3) +#define PUBKEY_FLAG_RAW_FLAG (1 << 4) +#define PUBKEY_FLAG_TRANSIENT_KEY (1 << 5) +#define PUBKEY_FLAG_USE_X931 (1 << 6) +#define PUBKEY_FLAG_USE_FIPS186 (1 << 7) +#define PUBKEY_FLAG_USE_FIPS186_2 (1 << 8) +#define PUBKEY_FLAG_PARAM (1 << 9) +#define PUBKEY_FLAG_COMP (1 << 10) +#define PUBKEY_FLAG_NOCOMP (1 << 11) +#define PUBKEY_FLAG_EDDSA (1 << 12) +#define PUBKEY_FLAG_GOST (1 << 13) + + +enum pk_operation + { + PUBKEY_OP_ENCRYPT, + PUBKEY_OP_DECRYPT, + PUBKEY_OP_SIGN, + PUBKEY_OP_VERIFY + }; + +enum pk_encoding + { + PUBKEY_ENC_RAW, + PUBKEY_ENC_PKCS1, + PUBKEY_ENC_OAEP, + PUBKEY_ENC_PSS, + PUBKEY_ENC_UNKNOWN + }; + +struct pk_encoding_ctx +{ + enum pk_operation op; + unsigned int nbits; + + enum pk_encoding encoding; + int flags; + + int hash_algo; + + /* for OAEP */ + unsigned char *label; + size_t labellen; + + /* for PSS */ + size_t saltlen; + + int (* verify_cmp) (void *opaque, gcry_mpi_t tmp); + void *verify_arg; +}; #define CIPHER_INFO_NO_WEAK_KEY 1 #include "cipher-proto.h" +/* The internal encryption modes. */ +enum gcry_cipher_internal_modes + { + GCRY_CIPHER_MODE_INTERNAL = 0x10000, + GCRY_CIPHER_MODE_CMAC = 0x10000 + 1 /* Cipher-based MAC. */ + }; + + +/*-- cipher.c --*/ +gcry_err_code_t _gcry_cipher_open_internal (gcry_cipher_hd_t *handle, + int algo, int mode, + unsigned int flags); + +/*-- cipher-cmac.c --*/ +gcry_err_code_t _gcry_cipher_cmac_authenticate +/* */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen); +gcry_err_code_t _gcry_cipher_cmac_get_tag +/* */ (gcry_cipher_hd_t c, + unsigned char *outtag, size_t taglen); +gcry_err_code_t _gcry_cipher_cmac_check_tag +/* */ (gcry_cipher_hd_t c, + const unsigned char *intag, size_t taglen); +gcry_err_code_t _gcry_cipher_cmac_set_subkeys +/* */ (gcry_cipher_hd_t c); /*-- rmd160.c --*/ void _gcry_rmd160_hash_buffer (void *outbuf, @@ -39,21 +115,84 @@ void _gcry_rmd160_hash_buffer (void *outbuf, /*-- sha1.c --*/ void _gcry_sha1_hash_buffer (void *outbuf, const void *buffer, size_t length); +void _gcry_sha1_hash_buffers (void *outbuf, + const gcry_buffer_t *iov, int iovcnt); /*-- rijndael.c --*/ -void _gcry_aes_cfb_enc (void *context, unsigned char *iv, +void _gcry_aes_cfb_enc (void *context, unsigned char *iv, void *outbuf, const void *inbuf, - unsigned int nblocks); -void _gcry_aes_cfb_dec (void *context, unsigned char *iv, + size_t nblocks); +void _gcry_aes_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_aes_cbc_enc (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); -void _gcry_aes_cbc_enc (void *context, unsigned char *iv, + size_t nblocks, int cbc_mac); +void _gcry_aes_cbc_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks, int cbc_mac); -void _gcry_aes_cbc_dec (void *context, unsigned char *iv, + size_t nblocks); +void _gcry_aes_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); + size_t nblocks); +/*-- blowfish.c --*/ +void _gcry_blowfish_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_blowfish_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_blowfish_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +/*-- cast5.c --*/ +void _gcry_cast5_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_cast5_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_cast5_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +/*-- camellia-glue.c --*/ +void _gcry_camellia_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_camellia_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_camellia_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +/*-- serpent.c --*/ +void _gcry_serpent_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_serpent_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_serpent_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +/*-- twofish.c --*/ +void _gcry_twofish_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_twofish_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); +void _gcry_twofish_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); /*-- dsa.c --*/ void _gcry_register_pk_dsa_progress (gcry_handler_progress_t cbc, void *cb_data); @@ -73,7 +212,6 @@ void _gcry_register_primegen_progress (gcry_handler_progress_t cb, void *cb_data); /*-- pubkey.c --*/ -const char * _gcry_pk_aliased_algo_name (int algorithm); /* Declarations for the cipher specifications. */ extern gcry_cipher_spec_t _gcry_cipher_spec_blowfish; @@ -90,21 +228,23 @@ extern gcry_cipher_spec_t _gcry_cipher_spec_serpent128; extern gcry_cipher_spec_t _gcry_cipher_spec_serpent192; extern gcry_cipher_spec_t _gcry_cipher_spec_serpent256; extern gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_40; +extern gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_128; extern gcry_cipher_spec_t _gcry_cipher_spec_seed; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia128; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia192; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia256; - -extern cipher_extra_spec_t _gcry_cipher_extraspec_tripledes; -extern cipher_extra_spec_t _gcry_cipher_extraspec_aes; -extern cipher_extra_spec_t _gcry_cipher_extraspec_aes192; -extern cipher_extra_spec_t _gcry_cipher_extraspec_aes256; - +extern gcry_cipher_spec_t _gcry_cipher_spec_idea; +extern gcry_cipher_spec_t _gcry_cipher_spec_salsa20; +extern gcry_cipher_spec_t _gcry_cipher_spec_salsa20r12; +extern gcry_cipher_spec_t _gcry_cipher_spec_gost28147; /* Declarations for the digest specifications. */ extern gcry_md_spec_t _gcry_digest_spec_crc32; extern gcry_md_spec_t _gcry_digest_spec_crc32_rfc1510; extern gcry_md_spec_t _gcry_digest_spec_crc24_rfc2440; +extern gcry_md_spec_t _gcry_digest_spec_gost3411_94; +extern gcry_md_spec_t _gcry_digest_spec_stribog_256; +extern gcry_md_spec_t _gcry_digest_spec_stribog_512; extern gcry_md_spec_t _gcry_digest_spec_md4; extern gcry_md_spec_t _gcry_digest_spec_md5; extern gcry_md_spec_t _gcry_digest_spec_rmd160; @@ -118,22 +258,12 @@ extern gcry_md_spec_t _gcry_digest_spec_tiger1; extern gcry_md_spec_t _gcry_digest_spec_tiger2; extern gcry_md_spec_t _gcry_digest_spec_whirlpool; -extern md_extra_spec_t _gcry_digest_extraspec_sha1; -extern md_extra_spec_t _gcry_digest_extraspec_sha224; -extern md_extra_spec_t _gcry_digest_extraspec_sha256; -extern md_extra_spec_t _gcry_digest_extraspec_sha384; -extern md_extra_spec_t _gcry_digest_extraspec_sha512; - /* Declarations for the pubkey cipher specifications. */ extern gcry_pk_spec_t _gcry_pubkey_spec_rsa; extern gcry_pk_spec_t _gcry_pubkey_spec_elg; +extern gcry_pk_spec_t _gcry_pubkey_spec_elg_e; extern gcry_pk_spec_t _gcry_pubkey_spec_dsa; -extern gcry_pk_spec_t _gcry_pubkey_spec_ecdsa; - -extern pk_extra_spec_t _gcry_pubkey_extraspec_rsa; -extern pk_extra_spec_t _gcry_pubkey_extraspec_dsa; -extern pk_extra_spec_t _gcry_pubkey_extraspec_elg; -extern pk_extra_spec_t _gcry_pubkey_extraspec_ecdsa; +extern gcry_pk_spec_t _gcry_pubkey_spec_ecc; #endif /*G10_CIPHER_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/context.c b/plugins/MirOTR/Libgcrypt/src/context.c new file mode 100644 index 0000000000..94e5be9e15 --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/context.c @@ -0,0 +1,137 @@ +/* context.c - Context management + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <config.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <unistd.h> + +#include "g10lib.h" +#include "mpi.h" +#include "context.h" + +#define CTX_MAGIC "cTx" +#define CTX_MAGIC_LEN 3 + + +/* The definition of the generic context object. The public typedef + gcry_ctx_t is used to access it. */ +struct gcry_context +{ + char magic[CTX_MAGIC_LEN]; /* Magic value to cross check that this + is really a context object. */ + char type; /* The type of the context (CONTEXT_TYPE_foo). */ + + void (*deinit)(void*); /* Function used to free the private part. */ + PROPERLY_ALIGNED_TYPE u; +}; + + +/* Allocate a fresh generic context of contect TYPE and allocate + LENGTH extra bytes for private use of the type handler. DEINIT is a + fucntion used called to deinitialize the private part; it may be + NULL if de-initialization is not required. Returns NULL and sets + ERRNO if memory allocation failed. */ +gcry_ctx_t +_gcry_ctx_alloc (int type, size_t length, void (*deinit)(void*)) +{ + gcry_ctx_t ctx; + + switch (type) + { + case CONTEXT_TYPE_EC: + break; + default: + log_bug ("bad context type %d given to _gcry_ctx_alloc\n", type); + break; + } + + if (length < sizeof (PROPERLY_ALIGNED_TYPE)) + length = sizeof (PROPERLY_ALIGNED_TYPE); + + ctx = xtrycalloc (1, sizeof *ctx - sizeof (PROPERLY_ALIGNED_TYPE) + length); + if (!ctx) + return NULL; + memcpy (ctx->magic, CTX_MAGIC, CTX_MAGIC_LEN); + ctx->type = type; + ctx->deinit = deinit; + + return ctx; +} + + +/* Return a pointer to the private part of the context CTX. TYPE is + the requested context type. Using an explicit type allows to cross + check the type and eventually allows to store several private + contexts in one context object. The function does not return an + error but aborts if the provided CTX is not valid. */ +void * +_gcry_ctx_get_pointer (gcry_ctx_t ctx, int type) +{ + if (!ctx || memcmp (ctx->magic, CTX_MAGIC, CTX_MAGIC_LEN)) + log_fatal ("bad pointer %p passed to _gcry_ctx_get_pointer\n", ctx); + if (ctx->type != type) + log_fatal ("wrong context type %d request for context %p of type %d\n", + type, ctx, ctx->type); + return &ctx->u; +} + +/* Return a pointer to the private part of the context CTX. TYPE is + the requested context type. Using an explicit type allows to cross + check the type and eventually allows to store several private + contexts in one context object. In contrast to + _gcry_ctx_get_pointer, this function returns NULL if no context for + the given type was found. If CTX is NULL the function does not + abort but returns NULL. */ +void * +_gcry_ctx_find_pointer (gcry_ctx_t ctx, int type) +{ + if (!ctx) + return NULL; + if (memcmp (ctx->magic, CTX_MAGIC, CTX_MAGIC_LEN)) + log_fatal ("bad pointer %p passed to _gcry_ctx_get_pointer\n", ctx); + if (ctx->type != type) + return NULL; + return &ctx->u; +} + + +/* Release the generic context CTX. */ +void +_gcry_ctx_release (gcry_ctx_t ctx) +{ + if (!ctx) + return; + if (memcmp (ctx->magic, CTX_MAGIC, CTX_MAGIC_LEN)) + log_fatal ("bad pointer %p passed to gcry_ctx_relase\n", ctx); + switch (ctx->type) + { + case CONTEXT_TYPE_EC: + break; + default: + log_fatal ("bad context type %d detected in gcry_ctx_relase\n", + ctx->type); + break; + } + if (ctx->deinit) + ctx->deinit (&ctx->u); + xfree (ctx); +} diff --git a/plugins/MirOTR/Libgcrypt/src/context.h b/plugins/MirOTR/Libgcrypt/src/context.h new file mode 100644 index 0000000000..875de24396 --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/context.h @@ -0,0 +1,32 @@ +/* context.h - Declarations for the context management + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GCRY_CONTEXT_H +#define GCRY_CONTEXT_H + +/* Context types as used in struct gcry_context. */ +#define CONTEXT_TYPE_EC 1 /* The context is used with EC functions. */ + + +gcry_ctx_t _gcry_ctx_alloc (int type, size_t length, void (*deinit)(void*)); +void *_gcry_ctx_get_pointer (gcry_ctx_t ctx, int type); +void *_gcry_ctx_find_pointer (gcry_ctx_t ctx, int type); + + +#endif /*GCRY_CONTEXT_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/dumpsexp.c b/plugins/MirOTR/Libgcrypt/src/dumpsexp.c index 8f5c0d30be..f6384d7d59 100644 --- a/plugins/MirOTR/Libgcrypt/src/dumpsexp.c +++ b/plugins/MirOTR/Libgcrypt/src/dumpsexp.c @@ -1,12 +1,12 @@ /* dumpsexp.c - Dump S-expressions. - * Copyright (C) 2007 Free Software Foundation, Inc. + * Copyright (C) 2007, 2010 Free Software Foundation, Inc. * - * Getrandom is free software; you can redistribute it and/or modify + * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2 of the License, + * by the Free Software Foundation; either version 3 of the License, * or (at your option) any later version. * - * Getrandom is distributed in the hope that it will be useful, but + * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. @@ -22,6 +22,11 @@ #include <assert.h> #include <stdarg.h> #include <errno.h> +/* For a native WindowsCE binary we need to include gpg-error.h to + provide a replacement for strerror. */ +#ifdef __MINGW32CE__ +# include <gpg-error.h> +#endif #define PGM "dumpsexp" #define MYVERSION_LINE PGM " (Libgcrypt) " VERSION @@ -31,18 +36,19 @@ static int verbose; /* Verbose mode. */ static int decimal; /* Print addresses in decimal. */ static int assume_hex; /* Assume input is hexencoded. */ +static int advanced; /* Advanced format output. */ static void print_version (int with_help) { fputs (MYVERSION_LINE "\n" - "Copyright (C) 2007 Free Software Foundation, Inc.\n" - "License GPLv2+: GNU GPL version 2 or later " - "<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>\n" + "Copyright (C) 2010 Free Software Foundation, Inc.\n" + "License GPLv3+: GNU GPL version 3 or later " + "<http://gnu.org/licenses/gpl.html>\n" "This is free software: you are free to change and redistribute it.\n" "There is NO WARRANTY, to the extent permitted by law.\n", stdout); - + if (with_help) fputs ("\n" "Usage: " PGM " [OPTIONS] [file]\n" @@ -50,11 +56,12 @@ print_version (int with_help) "\n" " --decimal Print offsets using decimal notation\n" " --assume-hex Assume input is a hex dump\n" + " --advanced Print file in advanced format\n" " --verbose Show what we are doing\n" " --version Print version of the program and exit\n" " --help Display this help and exit\n" BUGREPORT_LINE, stdout ); - + exit (0); } @@ -83,7 +90,7 @@ print_usage (void) to the S-expressions definition. */ static inline int whitespace_p (int c) -{ +{ switch (c) { case ' ': case '\t': case '\v': case '\f': case '\r': case '\n': return 1; @@ -213,11 +220,11 @@ addrawdata (int c) } -static void +static void printcursor (int both) { int i; - + flushdatabuffer (); printf ("%8s ", ""); for (i=0; i < sizeof (databuffer); i++) @@ -243,40 +250,146 @@ printcursor (int both) databufferlen = skipdatabufferlen = nbytesprinted; } -static void +static void printerr (const char *text) { printcursor (1); printf ("\n Error: %s\n", text); } -static void +static void printctl (const char *text) { - if (verbose) + if (verbose && !advanced) { printcursor (0); printf ("%s\n", text); } } -static void +static void printchr (int c) { - (void)c; + putchar (c); } -static void -printhex (int c) +/* static void */ +/* printhex (int c) */ +/* { */ +/* printf ("\\x%02x", c); */ +/* } */ + + +#if 0 +/**************** + * Print SEXP to buffer using the MODE. Returns the length of the + * SEXP in buffer or 0 if the buffer is too short (We have at least an + * empty list consisting of 2 bytes). If a buffer of NULL is provided, + * the required length is returned. + */ +size_t +gcry_sexp_sprint (const gcry_sexp_t list, + void *buffer, size_t maxlength ) { - (void)c; + static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP }; + const unsigned char *s; + char *d; + DATALEN n; + char numbuf[20]; + int i, indent = 0; + + s = list? list->d : empty; + d = buffer; + while ( *s != ST_STOP ) + { + switch ( *s ) + { + case ST_OPEN: + s++; + if (indent) + putchar ('\n'); + for (i=0; i < indent; i++) + putchar (' '); + putchar ('('); + indent++; + break; + case ST_CLOSE: + s++; + putchar (')'); + indent--; + if (*s != ST_OPEN && *s != ST_STOP) + { + putchar ('\n'); + for (i=0; i < indent; i++) + putchar (' '); + } + break; + case ST_DATA: + s++; + memcpy (&n, s, sizeof n); + s += sizeof n; + { + int type; + size_t nn; + + switch ( (type=suitable_encoding (s, n))) + { + case 1: nn = convert_to_string (s, n, NULL); break; + case 2: nn = convert_to_token (s, n, NULL); break; + default: nn = convert_to_hex (s, n, NULL); break; + } + switch (type) + { + case 1: convert_to_string (s, n, d); break; + case 2: convert_to_token (s, n, d); break; + default: convert_to_hex (s, n, d); break; + } + d += nn; + if (s[n] != ST_CLOSE) + putchar (' '); + } + else + { + snprintf (numbuf, sizeof numbuf, "%u:", (unsigned int)n ); + d = stpcpy (d, numbuf); + memcpy (d, s, n); + d += n; + } + s += n; + break; + default: + BUG (); + } + } + putchar ('\n'); + return len; } +#endif + + +/* Prepare for saving a chunk of data. */ +static void +init_data (void) +{ +} +/* Push C on the current data chunk. */ +static void +push_data (int c) +{ + (void)c; +} +/* Flush and thus print the current data chunk. */ +static void +flush_data (void) +{ +} +/* Returns 0 on success. */ static int parse_and_print (FILE *fp) { @@ -292,14 +405,14 @@ parse_and_print (FILE *fp) unsigned long datalen = 0; char quote_buf[10]; int quote_idx = 0; - enum + enum { INIT_STATE = 0, IN_NUMBER, PRE_DATA, IN_DATA, IN_STRING, IN_ESCAPE, IN_OCT_ESC, IN_HEX_ESC, CR_ESC, LF_ESC, IN_HEXFMT, IN_BASE64 } state = INIT_STATE; - + while ((c = my_getc (fp)) != EOF ) { @@ -341,17 +454,20 @@ parse_and_print (FILE *fp) { state = IN_STRING; printctl ("beginstring"); + init_data (); } else if (c == '#') { state = IN_HEXFMT; hexcount = 0; printctl ("beginhex"); + init_data (); } else if (c == '|') { state = IN_BASE64; printctl ("beginbase64"); + init_data (); } else if (c == '[') { @@ -429,16 +545,18 @@ parse_and_print (FILE *fp) case PRE_DATA: state = IN_DATA; printctl ("begindata"); + init_data (); case IN_DATA: if (datalen) { - printhex (c); + push_data (c); datalen--; } if (!datalen) { state = INIT_STATE; printctl ("enddata"); + flush_data (); } break; @@ -446,39 +564,44 @@ parse_and_print (FILE *fp) if (c == '\"') { printctl ("endstring"); + flush_data (); state = INIT_STATE; - } + } else if (c == '\\') state = IN_ESCAPE; else - printchr (c); + push_data (c); break; case IN_ESCAPE: switch (c) { - case 'b': case 't': case 'v': case 'n': case 'f': - case 'r': case '"': case '\'': case '\\': - printhex (c); - state = IN_STRING; - break; - + case 'b': push_data ('\b'); state = IN_STRING; break; + case 't': push_data ('\t'); state = IN_STRING; break; + case 'v': push_data ('\v'); state = IN_STRING; break; + case 'n': push_data ('\n'); state = IN_STRING; break; + case 'f': push_data ('\f'); state = IN_STRING; break; + case 'r': push_data ('\r'); state = IN_STRING; break; + case '"': push_data ('"'); state = IN_STRING; break; + case '\'': push_data ('\''); state = IN_STRING; break; + case '\\': push_data ('\\'); state = IN_STRING; break; + case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': state = IN_OCT_ESC; quote_idx = 0; - quote_buf[quote_idx++] = c; + quote_buf[quote_idx++] = c; break; - + case 'x': state = IN_HEX_ESC; quote_idx = 0; break; - + case '\r': state = CR_ESC; break; - + case '\n': state = LF_ESC; break; @@ -488,12 +611,36 @@ parse_and_print (FILE *fp) state = IN_STRING; break; } - - case IN_OCT_ESC: - state = IN_STRING; break; - case IN_HEX_ESC: - state = IN_STRING; + + case IN_OCT_ESC: + if (quote_idx < 3 && strchr ("01234567", c)) + { + quote_buf[quote_idx++] = c; + if (quote_idx == 3) + { + push_data ((unsigned int)quote_buf[0] * 8 * 8 + + (unsigned int)quote_buf[1] * 8 + + (unsigned int)quote_buf[2]); + state = IN_STRING; + } + } + else + state = IN_STRING; + break; + case IN_HEX_ESC: + if (quote_idx < 2 && strchr ("0123456789abcdefABCDEF", c)) + { + quote_buf[quote_idx++] = c; + if (quote_idx == 2) + { + push_data (xtoi_1 (quote_buf[0]) * 16 + + xtoi_1 (quote_buf[1])); + state = IN_STRING; + } + } + else + state = IN_STRING; break; case CR_ESC: state = IN_STRING; @@ -505,7 +652,7 @@ parse_and_print (FILE *fp) case IN_HEXFMT: if (hexdigit_p (c)) { - printchr (c); + push_data (c); hexcount++; } else if (c == '#') @@ -513,6 +660,7 @@ parse_and_print (FILE *fp) if ((hexcount & 1)) printerr ("odd number of hex digits"); printctl ("endhex"); + flush_data (); state = INIT_STATE; } else if (!whitespace_p (c)) @@ -523,10 +671,11 @@ parse_and_print (FILE *fp) if (c == '|') { printctl ("endbase64"); + flush_data (); state = INIT_STATE; } else - printchr (c); + push_data (c); break; default: @@ -545,7 +694,7 @@ parse_and_print (FILE *fp) -int +int main (int argc, char **argv) { int rc; @@ -580,9 +729,14 @@ main (int argc, char **argv) argc--; argv++; assume_hex = 1; } + else if (!strcmp (*argv, "--advanced")) + { + argc--; argv++; + advanced = 1; + } else print_usage (); - } + } if (!argc) { @@ -590,7 +744,8 @@ main (int argc, char **argv) } else { - for (; argc; argc--) + rc = 0; + for (; argc; argv++, argc--) { FILE *fp = fopen (*argv, "rb"); if (!fp) @@ -598,16 +753,14 @@ main (int argc, char **argv) logit ("can't open `%s': %s\n", *argv, strerror (errno)); rc = 1; } - else + else { - if ( parse_and_print (fp) ) + if (parse_and_print (fp)) rc = 1; fclose (fp); } } } - - return !rc; + return !!rc; } - diff --git a/plugins/MirOTR/Libgcrypt/src/ec-context.h b/plugins/MirOTR/Libgcrypt/src/ec-context.h new file mode 100644 index 0000000000..60ca75909e --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/ec-context.h @@ -0,0 +1,84 @@ +/* ec-context.h - Private definitions for CONTEXT_TYPE_EC. + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GCRY_EC_CONTEXT_H +#define GCRY_EC_CONTEXT_H + +/* This context is used with all our EC functions. */ +struct mpi_ec_ctx_s +{ + enum gcry_mpi_ec_models model; /* The model describing this curve. */ + + enum ecc_dialects dialect; /* The ECC dialect used with the curve. */ + + int flags; /* Public key flags (not always used). */ + + unsigned int nbits; /* Number of bits. */ + + /* Domain parameters. Note that they may not all be set and if set + the MPIs may be flaged as constant. */ + gcry_mpi_t p; /* Prime specifying the field GF(p). */ + gcry_mpi_t a; /* First coefficient of the Weierstrass equation. */ + gcry_mpi_t b; /* Second coefficient of the Weierstrass equation. */ + gcry_mpi_point_t G; /* Base point (generator). */ + gcry_mpi_t n; /* Order of G. */ + + /* The actual key. May not be set. */ + gcry_mpi_point_t Q; /* Public key. */ + gcry_mpi_t d; /* Private key. */ + + + /* This structure is private to mpi/ec.c! */ + struct { + struct { + unsigned int a_is_pminus3:1; + unsigned int two_inv_p:1; + } valid; /* Flags to help setting the helper vars below. */ + + int a_is_pminus3; /* True if A = P - 3. */ + + gcry_mpi_t two_inv_p; + + mpi_barrett_t p_barrett; + + /* Scratch variables. */ + gcry_mpi_t scratch[11]; + + /* Helper for fast reduction. */ + /* int nist_nbits; /\* If this is a NIST curve, the # of bits. *\/ */ + /* gcry_mpi_t s[10]; */ + /* gcry_mpi_t c; */ + } t; +}; + + +/*-- mpi/ec.c --*/ +void _gcry_mpi_ec_get_reset (mpi_ec_t ec); + + +/*-- cipher/ecc-curves.c --*/ +gcry_mpi_t _gcry_ecc_get_mpi (const char *name, mpi_ec_t ec, int copy); +gcry_mpi_point_t _gcry_ecc_get_point (const char *name, mpi_ec_t ec); +gpg_err_code_t _gcry_ecc_set_mpi (const char *name, + gcry_mpi_t newvalue, mpi_ec_t ec); +gpg_err_code_t _gcry_ecc_set_point (const char *name, + gcry_mpi_point_t newvalue, mpi_ec_t ec); + + +#endif /*GCRY_EC_CONTEXT_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/fips.c b/plugins/MirOTR/Libgcrypt/src/fips.c index 8709dae96d..3ab33f9335 100644 --- a/plugins/MirOTR/Libgcrypt/src/fips.c +++ b/plugins/MirOTR/Libgcrypt/src/fips.c @@ -24,7 +24,7 @@ #include <unistd.h> #include <string.h> #ifdef ENABLE_HMAC_BINARY_CHECK -# include <dlfcn.h> +# include <dlfcn.h> #endif #ifdef HAVE_SYSLOG # include <syslog.h> @@ -36,12 +36,12 @@ #include "hmac256.h" -/* The name of the file used to foce libgcrypt into fips mode. */ +/* The name of the file used to force libgcrypt into fips mode. */ #define FIPS_FORCE_FILE "/etc/gcrypt/fips_enabled" /* The states of the finite state machine used in fips mode. */ -enum module_states +enum module_states { /* POWEROFF cannot be represented. */ STATE_POWERON = 0, @@ -55,7 +55,7 @@ enum module_states /* Flag telling whether we are in fips mode. It uses inverse logic so - that fips mode is the default unless changed by the intialization + that fips mode is the default unless changed by the initialization code. To check whether fips mode is enabled, use the function fips_mode()! */ static int no_fips_mode_required; @@ -69,7 +69,7 @@ static int enforced_fips_mode; static int inactive_fips_mode; /* This is the lock we use to protect the FSM. */ -static ath_mutex_t fsm_lock = ATH_MUTEX_INITIALIZER; +static ath_mutex_t fsm_lock; /* The current state of the FSM. The whole state machinery is only used while in fips mode. Change this only while holding fsm_lock. */ @@ -102,7 +102,7 @@ _gcry_initialize_fips_mode (int force) { static int done; gpg_error_t err; - + /* Make sure we are not accidently called twice. */ if (done) { @@ -128,7 +128,7 @@ _gcry_initialize_fips_mode (int force) file. The filename is hardwired so that there won't be any confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is actually used. The file itself may be empty. */ - if ( !_access (FIPS_FORCE_FILE, F_OK) ) + if ( !access (FIPS_FORCE_FILE, F_OK) ) { gcry_assert (!no_fips_mode_required); goto leave; @@ -144,7 +144,7 @@ _gcry_initialize_fips_mode (int force) if (fp) { char line[256]; - + if (fgets (line, sizeof line, fp) && atoi (line)) { /* System is in fips mode. */ @@ -156,7 +156,7 @@ _gcry_initialize_fips_mode (int force) } else if ((saved_errno = errno) != ENOENT && saved_errno != EACCES - && !_access ("/proc/version", F_OK) ) + && !access ("/proc/version", F_OK) ) { /* Problem reading the fips file despite that we have the proc file system. We better stop right away. */ @@ -170,7 +170,7 @@ _gcry_initialize_fips_mode (int force) abort (); } } - + /* Fips not not requested, set flag. */ no_fips_mode_required = 1; @@ -197,14 +197,14 @@ _gcry_initialize_fips_mode (int force) abort (); } - + /* If the FIPS force files exists, is readable and has a number != 0 on its first line, we enable the enforced fips mode. */ fp = fopen (FIPS_FORCE_FILE, "r"); if (fp) { char line[256]; - + if (fgets (line, sizeof line, fp) && atoi (line)) enforced_fips_mode = 1; fclose (fp); @@ -212,7 +212,7 @@ _gcry_initialize_fips_mode (int force) /* Now get us into the INIT state. */ fips_new_state (STATE_INIT); - + } return; } @@ -225,7 +225,7 @@ lock_fsm (void) err = ath_mutex_lock (&fsm_lock); if (err) { - log_info ("FATAL: failed to acquire the FSM lock in libgrypt: %s\n", + log_info ("FATAL: failed to acquire the FSM lock in libgrypt: %s\n", strerror (err)); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_ERR, "Libgcrypt error: " @@ -271,12 +271,20 @@ _gcry_fips_mode (void) /* Return a flag telling whether we are in the enforced fips mode. */ -int +int _gcry_enforced_fips_mode (void) { + if (!_gcry_fips_mode ()) + return 0; return enforced_fips_mode; } +/* Set a flag telling whether we are in the enforced fips mode. */ +void +_gcry_set_enforced_fips_mode (void) +{ + enforced_fips_mode = 1; +} /* If we do not want to enforce the fips mode, we can set a flag so that the application may check whether it is still in fips mode. @@ -347,7 +355,7 @@ state2str (enum module_states state) /* Return true if the library is in the operational state. */ -int +int _gcry_fips_is_operational (void) { int result; @@ -384,7 +392,7 @@ _gcry_fips_is_operational (void) } -/* This is test on wether the library is in the operational state. In +/* This is test on whether the library is in the operational state. In contrast to _gcry_fips_is_operational this function won't do a state transition on the fly. */ int @@ -437,8 +445,8 @@ reporter (const char *domain, int algo, const char *what, const char *errtxt) !strcmp (domain, "digest")? _gcry_md_algo_name (algo) : !strcmp (domain, "hmac")? _gcry_md_algo_name (algo) : !strcmp (domain, "pubkey")? _gcry_pk_algo_name (algo) : "", - algo, errtxt? errtxt:"Okay", - what?" (":"", what? what:"", what?")":""); + algo, errtxt? errtxt:"Okay", + what?" (":"", what? what:"", what?")":""); } /* Run self-tests for all required cipher algorithms. Return 0 on @@ -446,7 +454,7 @@ reporter (const char *domain, int algo, const char *what, const char *errtxt) static int run_cipher_selftests (int extended) { - static int algos[] = + static int algos[] = { GCRY_CIPHER_3DES, GCRY_CIPHER_AES128, @@ -475,7 +483,7 @@ run_cipher_selftests (int extended) static int run_digest_selftests (int extended) { - static int algos[] = + static int algos[] = { GCRY_MD_SHA1, GCRY_MD_SHA224, @@ -504,7 +512,7 @@ run_digest_selftests (int extended) static int run_hmac_selftests (int extended) { - static int algos[] = + static int algos[] = { GCRY_MD_SHA1, GCRY_MD_SHA224, @@ -534,11 +542,11 @@ run_hmac_selftests (int extended) static int run_pubkey_selftests (int extended) { - static int algos[] = + static int algos[] = { GCRY_PK_RSA, GCRY_PK_DSA, - /* GCRY_PK_ECDSA is not enabled in fips mode. */ + /* GCRY_PK_ECC is not enabled in fips mode. */ 0 }; int idx; @@ -566,7 +574,7 @@ run_random_selftests (void) err = _gcry_random_selftest (reporter); reporter ("random", 0, NULL, err? gpg_strerror (err):NULL); - + return !!err; } @@ -581,7 +589,7 @@ check_binary_integrity (void) int dlen; char *fname = NULL; const char key[] = "What am I, a doctor or a moonshuttle conductor?"; - + if (!dladdr ("gcry_check_version", &info)) err = gpg_error_from_syserror (); else @@ -594,7 +602,7 @@ check_binary_integrity (void) err = gpg_error (GPG_ERR_INTERNAL); else { - fname = gcry_malloc (strlen (info.dli_fname) + 1 + 5 + 1 ); + fname = xtrymalloc (strlen (info.dli_fname) + 1 + 5 + 1 ); if (!fname) err = gpg_error_from_syserror (); else @@ -621,7 +629,7 @@ check_binary_integrity (void) { /* A buffer of 64 bytes plus one for a LF and one to detect garbage. */ - unsigned char buffer[64+1+1]; + unsigned char buffer[64+1+1]; const unsigned char *s; int n; @@ -652,7 +660,7 @@ check_binary_integrity (void) "integrity check using `%s' failed: %s", fname? fname:"[?]", gpg_strerror (err)); #endif /*HAVE_SYSLOG*/ - gcry_free (fname); + xfree (fname); return !!err; #else return 0; @@ -667,7 +675,7 @@ _gcry_fips_run_selftests (int extended) { enum module_states result = STATE_ERROR; gcry_err_code_t ec = GPG_ERR_SELFTEST_FAILED; - + if (fips_mode ()) fips_new_state (STATE_SELFTEST); @@ -726,14 +734,14 @@ _gcry_fips_signal_error (const char *srcfile, int srcline, const char *srcfunc, /* Print error. */ log_info ("%serror in libgcrypt, file %s, line %d%s%s: %s\n", is_fatal? "fatal ":"", - srcfile, srcline, + srcfile, srcline, srcfunc? ", function ":"", srcfunc? srcfunc:"", description? description : "no description available"); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_ERR, "Libgcrypt error: " "%serror in file %s, line %d%s%s: %s", is_fatal? "fatal ":"", - srcfile, srcline, + srcfile, srcline, srcfunc? ", function ":"", srcfunc? srcfunc:"", description? description : "no description available"); #endif /*HAVE_SYSLOG*/ @@ -766,22 +774,22 @@ fips_new_state (enum module_states new_state) || new_state == STATE_FATALERROR) ok = 1; break; - + case STATE_SELFTEST: if (new_state == STATE_OPERATIONAL || new_state == STATE_ERROR || new_state == STATE_FATALERROR) ok = 1; break; - + case STATE_OPERATIONAL: - if (new_state == STATE_SHUTDOWN + if (new_state == STATE_SHUTDOWN || new_state == STATE_SELFTEST || new_state == STATE_ERROR || new_state == STATE_FATALERROR) ok = 1; break; - + case STATE_ERROR: if (new_state == STATE_SHUTDOWN || new_state == STATE_ERROR @@ -789,18 +797,18 @@ fips_new_state (enum module_states new_state) || new_state == STATE_SELFTEST) ok = 1; break; - + case STATE_FATALERROR: if (new_state == STATE_SHUTDOWN ) ok = 1; break; - + case STATE_SHUTDOWN: /* We won't see any transition *from* Shutdown because the only allowed new state is Power-Off and that one can't be represented. */ break; - + } if (ok) @@ -814,12 +822,12 @@ fips_new_state (enum module_states new_state) log_info ("libgcrypt state transition %s => %s %s\n", state2str (last_state), state2str (new_state), ok? "granted":"denied"); - + if (!ok) { /* Invalid state transition. Halting library. */ #ifdef HAVE_SYSLOG - syslog (LOG_USER|LOG_ERR, + syslog (LOG_USER|LOG_ERR, "Libgcrypt error: invalid state transition %s => %s", state2str (last_state), state2str (new_state)); #endif /*HAVE_SYSLOG*/ @@ -828,7 +836,7 @@ fips_new_state (enum module_states new_state) else if (new_state == STATE_ERROR || new_state == STATE_FATALERROR) { #ifdef HAVE_SYSLOG - syslog (LOG_USER|LOG_WARNING, + syslog (LOG_USER|LOG_WARNING, "Libgcrypt notice: state transition %s => %s", state2str (last_state), state2str (new_state)); #endif /*HAVE_SYSLOG*/ diff --git a/plugins/MirOTR/Libgcrypt/src/g10lib.h b/plugins/MirOTR/Libgcrypt/src/g10lib.h index 7deb90c419..238871d0e9 100644 --- a/plugins/MirOTR/Libgcrypt/src/g10lib.h +++ b/plugins/MirOTR/Libgcrypt/src/g10lib.h @@ -1,6 +1,6 @@ /* g10lib.h - Internal definitions for libgcrypt * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2005 - * 2007 Free Software Foundation, Inc. + * 2007, 2011 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -29,7 +29,7 @@ #error gcrypt.h already included #endif -#ifndef _GCRYPT_IN_LIBGCRYPT +#ifndef _GCRYPT_IN_LIBGCRYPT #error something is wrong with config.h #endif @@ -55,17 +55,25 @@ #define JNLIB_GCC_A_NR #define JNLIB_GCC_A_PRINTF( f, a ) #define JNLIB_GCC_A_NR_PRINTF( f, a ) -#define GCC_ATTR_NORETURN +#define GCC_ATTR_NORETURN #endif -#if __GNUC__ >= 3 +#if __GNUC__ >= 3 /* According to glibc this attribute is available since 2.8 however we better play safe and use it only with gcc 3 or newer. */ #define GCC_ATTR_FORMAT_ARG(a) __attribute__ ((format_arg (a))) #else -#define GCC_ATTR_FORMAT_ARG(a) +#define GCC_ATTR_FORMAT_ARG(a) #endif +/* I am not sure since when the unused attribute is really supported. + In any case it it only needed for gcc versions which print a + warning. Thus let us require gcc >= 3.5. */ +#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 5 ) +#define GCC_ATTR_UNUSED __attribute__ ((unused)) +#else +#define GCC_ATTR_UNUSED +#endif /* Gettext macros. */ @@ -88,6 +96,36 @@ gcry_error_t _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr); void _gcry_check_heap (const void *a); int _gcry_get_debug_flag (unsigned int mask); +/* Malloc functions and common wrapper macros. */ +void *_gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_realloc (void *a, size_t n); +char *_gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xrealloc (void *a, size_t n); +char *_gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC; +void _gcry_free (void *a); +int _gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; + +#define xtrymalloc(a) _gcry_malloc ((a)) +#define xtrycalloc(a,b) _gcry_calloc ((a),(b)) +#define xtrymalloc_secure(a) _gcry_malloc_secure ((a)) +#define xtrycalloc_secure(a,b) _gcry_calloc_secure ((a),(b)) +#define xtryrealloc(a,b) _gcry_realloc ((a),(b)) +#define xtrystrdup(a) _gcry_strdup ((a)) +#define xmalloc(a) _gcry_xmalloc ((a)) +#define xcalloc(a,b) _gcry_xcalloc ((a),(b)) +#define xmalloc_secure(a) _gcry_xmalloc_secure ((a)) +#define xcalloc_secure(a,b) _gcry_xcalloc_secure ((a),(b)) +#define xrealloc(a,b) _gcry_xrealloc ((a),(b)) +#define xstrdup(a) _gcry_xstrdup ((a)) +#define xfree(a) _gcry_free ((a)) + /*-- src/misc.c --*/ @@ -101,8 +139,12 @@ void _gcry_bug (const char *file, int line); void _gcry_assert_failed (const char *expr, const char *file, int line); #endif +void _gcry_divide_by_zero (void) JNLIB_GCC_A_NR; + const char *_gcry_gettext (const char *key) GCC_ATTR_FORMAT_ARG(1); void _gcry_fatal_error(int rc, const char *text ) JNLIB_GCC_A_NR; +void _gcry_logv (int level, + const char *fmt, va_list arg_ptr) JNLIB_GCC_A_PRINTF(2,0); void _gcry_log( int level, const char *fmt, ... ) JNLIB_GCC_A_PRINTF(2,3); void _gcry_log_bug( const char *fmt, ... ) JNLIB_GCC_A_NR_PRINTF(1,2); void _gcry_log_fatal( const char *fmt, ... ) JNLIB_GCC_A_NR_PRINTF(1,2); @@ -113,6 +155,8 @@ int _gcry_log_info_with_dummy_fp (FILE *fp, const char *fmt, ... ) void _gcry_log_debug( const char *fmt, ... ) JNLIB_GCC_A_PRINTF(1,2); void _gcry_log_printf ( const char *fmt, ... ) JNLIB_GCC_A_PRINTF(1,2); void _gcry_log_printhex (const char *text, const void *buffer, size_t length); +void _gcry_log_printmpi (const char *text, gcry_mpi_t mpi); +void _gcry_log_printsxp (const char *text, gcry_sexp_t sexp); void _gcry_set_log_verbosity( int level ); int _gcry_log_verbosity( int level ); @@ -139,6 +183,11 @@ int _gcry_log_verbosity( int level ); #define log_debug _gcry_log_debug #define log_printf _gcry_log_printf #define log_printhex _gcry_log_printhex +#define log_printmpi _gcry_log_printmpi +#define log_printsxp _gcry_log_printsxp + +/* Compatibility macro. */ +#define log_mpidump _gcry_log_printmpi /*-- src/hwfeatures.c --*/ @@ -148,8 +197,22 @@ int _gcry_log_verbosity( int level ); #define HWF_PADLOCK_SHA 4 #define HWF_PADLOCK_MMUL 8 -unsigned int _gcry_get_hw_features (void); +#define HWF_INTEL_CPU 16 +#define HWF_INTEL_BMI2 32 +#define HWF_INTEL_SSSE3 64 +#define HWF_INTEL_PCLMUL 128 +#define HWF_INTEL_AESNI 256 +#define HWF_INTEL_RDRAND 512 +#define HWF_INTEL_AVX 1024 +#define HWF_INTEL_AVX2 2048 + +#define HWF_ARM_NEON 4096 + + +gpg_err_code_t _gcry_disable_hw_feature (const char *name); void _gcry_detect_hw_features (void); +unsigned int _gcry_get_hw_features (void); +const char *_gcry_enum_hw_features (int idx, unsigned int *r_feature); /*-- mpi/mpiutil.c --*/ @@ -164,6 +227,7 @@ const char *_gcry_mpi_get_hw_config (void); #endif /*-- primegen.c --*/ +gcry_err_code_t _gcry_primegen_init (void); gcry_mpi_t _gcry_generate_secret_prime (unsigned int nbits, gcry_random_level_t random_level, int (*extra_check)(void*, gcry_mpi_t), @@ -172,10 +236,13 @@ gcry_mpi_t _gcry_generate_public_prime (unsigned int nbits, gcry_random_level_t random_level, int (*extra_check)(void*, gcry_mpi_t), void *extra_check_arg); -gcry_mpi_t _gcry_generate_elg_prime (int mode, - unsigned int pbits, unsigned int qbits, - gcry_mpi_t g, gcry_mpi_t **factors); -gcry_mpi_t _gcry_derive_x931_prime (const gcry_mpi_t xp, +gcry_err_code_t _gcry_generate_elg_prime (int mode, + unsigned int pbits, + unsigned int qbits, + gcry_mpi_t g, + gcry_mpi_t *r_prime, + gcry_mpi_t **factors); +gcry_mpi_t _gcry_derive_x931_prime (const gcry_mpi_t xp, const gcry_mpi_t xp1, const gcry_mpi_t xp2, const gcry_mpi_t e, gcry_mpi_t *r_p1, gcry_mpi_t *r_p2); @@ -185,7 +252,7 @@ gpg_err_code_t _gcry_generate_fips186_2_prime gcry_mpi_t *r_q, gcry_mpi_t *r_p, int *r_counter, void **r_seed, size_t *r_seedlen); -gpg_err_code_t _gcry_generate_fips186_3_prime +gpg_err_code_t _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits, const void *seed, size_t seedlen, gcry_mpi_t *r_q, gcry_mpi_t *r_p, @@ -201,6 +268,9 @@ char *stpcpy (char *a, const char *b); int strcasecmp (const char *a, const char *b) _GCRY_GCC_ATTR_PURE; #endif +#include "../compat/libcompat.h" + + /* Macros used to rename missing functions. */ #ifndef HAVE_STRTOUL #define strtoul(a,b,c) ((unsigned long)strtol((a),(b),(c))) @@ -221,7 +291,16 @@ int strcasecmp (const char *a, const char *b) _GCRY_GCC_ATTR_PURE; /* Stack burning. */ -void _gcry_burn_stack (int bytes); +#ifdef HAVE_GCC_ASM_VOLATILE_MEMORY +#define __gcry_burn_stack_dummy() asm volatile ("":::"memory") +#else +void __gcry_burn_stack_dummy (void); +#endif + +void __gcry_burn_stack (unsigned int bytes); +#define _gcry_burn_stack(bytes) \ + do { __gcry_burn_stack (bytes); \ + __gcry_burn_stack_dummy (); } while(0) /* To avoid that a compiler optimizes certain memset calls away, these @@ -229,10 +308,48 @@ void _gcry_burn_stack (int bytes); #define wipememory2(_ptr,_set,_len) do { \ volatile char *_vptr=(volatile char *)(_ptr); \ size_t _vlen=(_len); \ - while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } \ + unsigned char _vset=(_set); \ + fast_wipememory2(_vptr,_vset,_vlen); \ + while(_vlen) { *_vptr=(_vset); _vptr++; _vlen--; } \ } while(0) #define wipememory(_ptr,_len) wipememory2(_ptr,0,_len) +#ifdef HAVE_U64_TYPEDEF + #define FASTWIPE_T u64 + #define FASTWIPE_MULT (U64_C(0x0101010101010101)) +#else + #define FASTWIPE_T u32 + #define FASTWIPE_MULT (0x01010101U) +#endif + +/* Following architectures can handle unaligned accesses fast. */ +#if defined(__i386__) || defined(__x86_64__) || \ + defined(__powerpc__) || defined(__powerpc64__) || \ + (defined(__arm__) && defined(__ARM_FEATURE_UNALIGNED)) || \ + defined(__aarch64__) +#define fast_wipememory2_unaligned_head(_ptr,_set,_len) /*do nothing*/ +#else +#define fast_wipememory2_unaligned_head(_vptr,_vset,_vlen) do { \ + while((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1) && _vlen) \ + { *_vptr=(_vset); _vptr++; _vlen--; } \ + } while(0) +#endif + +/* fast_wipememory2 may leave tail bytes unhandled, in which case tail bytes + are handled by wipememory2. */ +#define fast_wipememory2(_vptr,_vset,_vlen) do { \ + FASTWIPE_T _vset_long = _vset; \ + fast_wipememory2_unaligned_head(_vptr,_vset,_vlen); \ + if (_vlen < sizeof(FASTWIPE_T)) \ + break; \ + _vset_long *= FASTWIPE_MULT; \ + do { \ + volatile FASTWIPE_T *_vptr_long = (volatile void *)_vptr; \ + *_vptr_long = _vset_long; \ + _vlen -= sizeof(FASTWIPE_T); \ + _vptr += sizeof(FASTWIPE_T); \ + } while (_vlen >= sizeof(FASTWIPE_T)); \ + } while (0) /* Digit predicates. */ @@ -245,70 +362,24 @@ void _gcry_burn_stack (int bytes); || (*(a) >= 'A' && *(a) <= 'F') \ || (*(a) >= 'a' && *(a) <= 'f')) -/* Management for ciphers/digests/pubkey-ciphers. */ - -/* Structure for each registered `module'. */ -struct gcry_module -{ - struct gcry_module *next; /* List pointers. */ - struct gcry_module **prevp; - void *spec; /* Pointer to the subsystem-specific - specification structure. */ - void *extraspec; /* Pointer to the subsystem-specific - extra specification structure. */ - int flags; /* Associated flags. */ - int counter; /* Use counter. */ - unsigned int mod_id; /* ID of this module. */ -}; - -/* Flags for the `flags' member of gcry_module_t. */ -#define FLAG_MODULE_DISABLED (1 << 0) - -gcry_err_code_t _gcry_module_add (gcry_module_t *entries, - unsigned int id, - void *spec, - void *extraspec, - gcry_module_t *module); - -typedef int (*gcry_module_lookup_t) (void *spec, void *data); - -/* Lookup a module specification by it's ID. After a successfull - lookup, the module has it's resource counter incremented. */ -gcry_module_t _gcry_module_lookup_id (gcry_module_t entries, - unsigned int id); - -/* Internal function. Lookup a module specification. */ -gcry_module_t _gcry_module_lookup (gcry_module_t entries, void *data, - gcry_module_lookup_t func); - -/* Release a module. In case the use-counter reaches zero, destroy - the module. */ -void _gcry_module_release (gcry_module_t entry); - -/* Add a reference to a module. */ -void _gcry_module_use (gcry_module_t module); - -/* Return a list of module IDs. */ -gcry_err_code_t _gcry_module_list (gcry_module_t modules, - int *list, int *list_length); +/* Init functions. */ gcry_err_code_t _gcry_cipher_init (void); gcry_err_code_t _gcry_md_init (void); gcry_err_code_t _gcry_pk_init (void); -gcry_err_code_t _gcry_ac_init (void); - -gcry_err_code_t _gcry_pk_module_lookup (int id, gcry_module_t *module); -void _gcry_pk_module_release (gcry_module_t module); -gcry_err_code_t _gcry_pk_get_elements (int algo, char **enc, char **sig); +gcry_err_code_t _gcry_secmem_module_init (void); +gcry_err_code_t _gcry_mpi_init (void); /* Memory management. */ #define GCRY_ALLOC_FLAG_SECURE (1 << 0) /*-- sexp.c --*/ -gcry_error_t _gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff, - const char *format, va_list arg_ptr); +gcry_err_code_t _gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff, + const char *format, va_list arg_ptr); char *_gcry_sexp_nth_string (const gcry_sexp_t list, int number); +gpg_err_code_t _gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, + const char *list, va_list arg_ptr); /*-- fips.c --*/ @@ -320,12 +391,14 @@ int _gcry_fips_mode (void); int _gcry_enforced_fips_mode (void); +void _gcry_set_enforced_fips_mode (void); + void _gcry_inactivate_fips_mode (const char *text); int _gcry_is_fips_mode_inactive (void); -void _gcry_fips_signal_error (const char *srcfile, - int srcline, +void _gcry_fips_signal_error (const char *srcfile, + int srcline, const char *srcfunc, int is_fatal, const char *description); @@ -343,7 +416,7 @@ void _gcry_fips_signal_error (const char *srcfile, int _gcry_fips_is_operational (void); #define fips_is_operational() (_gcry_global_is_operational ()) -#define fips_not_operational() (GCRY_GPG_ERR_NOT_OPERATIONAL) +#define fips_not_operational() (GPG_ERR_NOT_OPERATIONAL) int _gcry_fips_test_operational (void); int _gcry_fips_test_error_or_operational (void); diff --git a/plugins/MirOTR/Libgcrypt/src/gcrypt-int.h b/plugins/MirOTR/Libgcrypt/src/gcrypt-int.h new file mode 100644 index 0000000000..65dcb4d0ec --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/gcrypt-int.h @@ -0,0 +1,534 @@ +/* gcrypt-int.h - Internal version of gcrypt.h + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GCRY_GCRYPT_INT_H +#define GCRY_GCRYPT_INT_H + +#ifdef _GCRYPT_H +#error gcrypt.h already included +#endif + +#include "gcrypt.h" +#include "types.h" + +/* These error codes are used but not defined in the required + libgpg-error 1.11. Define them here. */ +#if GPG_ERROR_VERSION_NUMBER < 0x010c00 /* 1.12 */ +# define GPG_ERR_NO_CRYPT_CTX 191 +# define GPG_ERR_WRONG_CRYPT_CTX 192 +# define GPG_ERR_BAD_CRYPT_CTX 193 +# define GPG_ERR_CRYPT_CTX_CONFLICT 194 +# define GPG_ERR_BROKEN_PUBKEY 195 +# define GPG_ERR_BROKEN_SECKEY 196 +#endif + +#if GPG_ERROR_VERSION_NUMBER < 0x010d00 /* 1.13 */ +# define GPG_ERR_MAC_ALGO 197 +#endif + + +/* Context used with elliptic curve functions. */ +struct mpi_ec_ctx_s; +typedef struct mpi_ec_ctx_s *mpi_ec_t; + + + +/* Underscore prefixed internal versions of the public functions. + They return gpg_err_code and not gpg_error_t. Some macros also + need an underscore prefixed internal version. + + Note that the memory allocation functions and macros (xmalloc etc.) + are not defined here but in g10lib.h because this file here is + included by some test programs which define theie own xmalloc + macros. */ + +gpg_err_code_t _gcry_cipher_open (gcry_cipher_hd_t *handle, + int algo, int mode, unsigned int flags); +void _gcry_cipher_close (gcry_cipher_hd_t h); +gpg_err_code_t _gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, + size_t buflen); +gpg_err_code_t _gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer, + size_t *nbytes); +gpg_err_code_t _gcry_cipher_algo_info (int algo, int what, void *buffer, + size_t *nbytes); +const char *_gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; +int _gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE; +int _gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE; +gpg_err_code_t _gcry_cipher_encrypt (gcry_cipher_hd_t h, + void *out, size_t outsize, + const void *in, size_t inlen); +gpg_err_code_t _gcry_cipher_decrypt (gcry_cipher_hd_t h, + void *out, size_t outsize, + const void *in, size_t inlen); +gcry_err_code_t _gcry_cipher_setkey (gcry_cipher_hd_t hd, + const void *key, size_t keylen); +gcry_err_code_t _gcry_cipher_setiv (gcry_cipher_hd_t hd, + const void *iv, size_t ivlen); +gpg_err_code_t _gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf, + size_t abuflen); +gpg_err_code_t _gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, + size_t taglen); +gpg_err_code_t _gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, + size_t taglen); +gpg_err_code_t _gcry_cipher_setctr (gcry_cipher_hd_t hd, + const void *ctr, size_t ctrlen); +size_t _gcry_cipher_get_algo_keylen (int algo); +size_t _gcry_cipher_get_algo_blklen (int algo); + +#define _gcry_cipher_reset(h) _gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0) + + + + +gpg_err_code_t _gcry_pk_encrypt (gcry_sexp_t *result, + gcry_sexp_t data, gcry_sexp_t pkey); +gpg_err_code_t _gcry_pk_decrypt (gcry_sexp_t *result, + gcry_sexp_t data, gcry_sexp_t skey); +gpg_err_code_t _gcry_pk_sign (gcry_sexp_t *result, + gcry_sexp_t data, gcry_sexp_t skey); +gpg_err_code_t _gcry_pk_verify (gcry_sexp_t sigval, + gcry_sexp_t data, gcry_sexp_t pkey); +gpg_err_code_t _gcry_pk_testkey (gcry_sexp_t key); +gpg_err_code_t _gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms); +gpg_err_code_t _gcry_pk_ctl (int cmd, void *buffer, size_t buflen); +gpg_err_code_t _gcry_pk_algo_info (int algo, int what, + void *buffer, size_t *nbytes); +const char *_gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; +int _gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE; +unsigned int _gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE; +unsigned char *_gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array); +const char *_gcry_pk_get_curve (gcry_sexp_t key, int iterator, + unsigned int *r_nbits); +gcry_sexp_t _gcry_pk_get_param (int algo, const char *name); +gpg_err_code_t _gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp, + int mode, gcry_ctx_t ctx); + + +gpg_err_code_t _gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags); +void _gcry_md_close (gcry_md_hd_t hd); +gpg_err_code_t _gcry_md_enable (gcry_md_hd_t hd, int algo); +gpg_err_code_t _gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd); +void _gcry_md_reset (gcry_md_hd_t hd); +gpg_err_code_t _gcry_md_ctl (gcry_md_hd_t hd, int cmd, + void *buffer, size_t buflen); +void _gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length); +unsigned char *_gcry_md_read (gcry_md_hd_t hd, int algo); +void _gcry_md_hash_buffer (int algo, void *digest, + const void *buffer, size_t length); +gpg_err_code_t _gcry_md_hash_buffers (int algo, unsigned int flags, + void *digest, + const gcry_buffer_t *iov, int iovcnt); +int _gcry_md_get_algo (gcry_md_hd_t hd); +unsigned int _gcry_md_get_algo_dlen (int algo); +int _gcry_md_is_enabled (gcry_md_hd_t a, int algo); +int _gcry_md_is_secure (gcry_md_hd_t a); +gpg_err_code_t _gcry_md_info (gcry_md_hd_t h, int what, void *buffer, + size_t *nbytes); +gpg_err_code_t _gcry_md_algo_info (int algo, int what, void *buffer, + size_t *nbytes); +const char *_gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE; +int _gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE; +gpg_err_code_t _gcry_md_setkey (gcry_md_hd_t hd, + const void *key, size_t keylen); +void _gcry_md_debug (gcry_md_hd_t hd, const char *suffix); + +#define _gcry_md_test_algo(a) \ + _gcry_md_algo_info ((a), GCRYCTL_TEST_ALGO, NULL, NULL) + +#define _gcry_md_final(a) \ + _gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0) + +#define _gcry_md_putc(h,c) \ + do { \ + gcry_md_hd_t h__ = (h); \ + if( (h__)->bufpos == (h__)->bufsize ) \ + _gcry_md_write( (h__), NULL, 0 ); \ + (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \ + } while(0) + + + +gpg_err_code_t _gcry_mac_open (gcry_mac_hd_t *handle, int algo, + unsigned int flags, gcry_ctx_t ctx); +void _gcry_mac_close (gcry_mac_hd_t h); +gpg_err_code_t _gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer, + size_t buflen); +gpg_err_code_t _gcry_mac_algo_info (int algo, int what, void *buffer, + size_t *nbytes); +gpg_err_code_t _gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, + size_t keylen); +gpg_err_code_t _gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, + size_t ivlen); +gpg_err_code_t _gcry_mac_write (gcry_mac_hd_t hd, const void *buffer, + size_t length); +gpg_err_code_t _gcry_mac_read (gcry_mac_hd_t hd, void *buffer, size_t *buflen); +gpg_err_code_t _gcry_mac_verify (gcry_mac_hd_t hd, const void *buffer, + size_t buflen); +unsigned int _gcry_mac_get_algo_maclen (int algo); +unsigned int _gcry_mac_get_algo_keylen (int algo); +const char *_gcry_mac_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; +int _gcry_mac_map_name (const char *name) _GCRY_GCC_ATTR_PURE; + +#define _gcry_mac_reset(h) _gcry_mac_ctl ((h), GCRYCTL_RESET, NULL, 0) + + +gpg_err_code_t _gcry_kdf_derive (const void *passphrase, size_t passphraselen, + int algo, int subalgo, + const void *salt, size_t saltlen, + unsigned long iterations, + size_t keysize, void *keybuffer); + + +gpg_err_code_t _gcry_prime_generate (gcry_mpi_t *prime, + unsigned int prime_bits, + unsigned int factor_bits, + gcry_mpi_t **factors, + gcry_prime_check_func_t cb_func, + void *cb_arg, + gcry_random_level_t random_level, + unsigned int flags); +gpg_err_code_t _gcry_prime_group_generator (gcry_mpi_t *r_g, + gcry_mpi_t prime, + gcry_mpi_t *factors, + gcry_mpi_t start_g); +void _gcry_prime_release_factors (gcry_mpi_t *factors); +gpg_err_code_t _gcry_prime_check (gcry_mpi_t x, unsigned int flags); + + +void _gcry_randomize (void *buffer, size_t length, + enum gcry_random_level level); +gpg_err_code_t _gcry_random_add_bytes (const void *buffer, size_t length, + int quality); +void *_gcry_random_bytes (size_t nbytes, enum gcry_random_level level) + _GCRY_GCC_ATTR_MALLOC; +void *_gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level) + _GCRY_GCC_ATTR_MALLOC; +void _gcry_mpi_randomize (gcry_mpi_t w, + unsigned int nbits, enum gcry_random_level level); +void _gcry_create_nonce (void *buffer, size_t length); + + +void _gcry_ctx_release (gcry_ctx_t ctx); + + +const char *_gcry_check_version (const char *req_version); + +void _gcry_set_allocation_handler (gcry_handler_alloc_t func_alloc, + gcry_handler_alloc_t func_alloc_secure, + gcry_handler_secure_check_t func_secure_check, + gcry_handler_realloc_t func_realloc, + gcry_handler_free_t func_free); +void _gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque); +void _gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque); +void _gcry_set_log_handler (gcry_handler_log_t f, void *opaque); +void _gcry_set_gettext_handler (const char *(*f)(const char*)); +void _gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data); + + +/* Return a pointer to a string containing a description of the error + code in the error value ERR. */ +static inline const char * +_gcry_strerror (gcry_error_t err) +{ + return gpg_strerror (err); +} + +/* Return a pointer to a string containing a description of the error + source in the error value ERR. */ +static inline const char * +_gcry_strsource (gcry_error_t err) +{ + return gpg_strsource (err); +} + +/* Retrieve the error code for the system error ERR. This returns + GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report + this). */ +static inline gcry_err_code_t +_gcry_err_code_from_errno (int err) +{ + return gpg_err_code_from_errno (err); +} + +/* Retrieve the system error for the error code CODE. This returns 0 + if CODE is not a system error code. */ +static inline int +_gcry_err_code_to_errno (gcry_err_code_t code) +{ + return gpg_err_code_from_errno (code); +} + +/* Return an error value with the error source SOURCE and the system + error ERR. */ +static inline gcry_err_code_t +_gcry_err_make_from_errno (gpg_err_source_t source, int err) +{ + return gpg_err_make_from_errno (source, err); +} + + +/* Return an error value with the system error ERR. */ +static inline gcry_err_code_t +_gcry_error_from_errno (int err) +{ + return gpg_error (gpg_err_code_from_errno (err)); +} + + + +gpg_err_code_t _gcry_sexp_new (gcry_sexp_t *retsexp, + const void *buffer, size_t length, + int autodetect); +gpg_err_code_t _gcry_sexp_create (gcry_sexp_t *retsexp, + void *buffer, size_t length, + int autodetect, void (*freefnc) (void *)); +gpg_err_code_t _gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length); +gpg_err_code_t _gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, + const char *format, ...); +gpg_err_code_t _gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, + const char *format, void **arg_list); +void _gcry_sexp_release (gcry_sexp_t sexp); +size_t _gcry_sexp_canon_len (const unsigned char *buffer, size_t length, + size_t *erroff, gcry_err_code_t *errcode); +size_t _gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer, + size_t maxlength); +void _gcry_sexp_dump (const gcry_sexp_t a); +gcry_sexp_t _gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b); +gcry_sexp_t _gcry_sexp_alist (const gcry_sexp_t *array); +gcry_sexp_t _gcry_sexp_vlist (const gcry_sexp_t a, ...); +gcry_sexp_t _gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n); +gcry_sexp_t _gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n); +gcry_sexp_t _gcry_sexp_find_token (gcry_sexp_t list, + const char *tok, size_t toklen); +int _gcry_sexp_length (const gcry_sexp_t list); +gcry_sexp_t _gcry_sexp_nth (const gcry_sexp_t list, int number); +gcry_sexp_t _gcry_sexp_car (const gcry_sexp_t list); +gcry_sexp_t _gcry_sexp_cdr (const gcry_sexp_t list); +gcry_sexp_t _gcry_sexp_cadr (const gcry_sexp_t list); +const char *_gcry_sexp_nth_data (const gcry_sexp_t list, int number, + size_t *datalen); +void *_gcry_sexp_nth_buffer (const gcry_sexp_t list, int number, + size_t *rlength); +char *_gcry_sexp_nth_string (gcry_sexp_t list, int number); +gcry_mpi_t _gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt); +gpg_err_code_t _gcry_sexp_extract_param (gcry_sexp_t sexp, + const char *path, + const char *list, + ...) _GCRY_GCC_ATTR_SENTINEL(0); + +#define sexp_new(a, b, c, d) _gcry_sexp_new ((a), (b), (c), (d)) +#define sexp_create(a, b, c, d, e) _gcry_sexp_create ((a), (b), (c), (d), (e)) +#define sexp_sscan(a, b, c, d) _gcry_sexp_sscan ((a), (b), (c), (d)) +#define sexp_build _gcry_sexp_build +#define sexp_build_array(a, b, c, d) _gcry_sexp_build_array ((a), (b), (c), (d)) +#define sexp_release(a) _gcry_sexp_release ((a)) +#define sexp_canon_len(a, b, c, d) _gcry_sexp_canon_len ((a), (b), (c), (d)) +#define sexp_sprint(a, b, c, d) _gcry_sexp_sprint ((a), (b), (c), (d)) +#define sexp_dump(a) _gcry_sexp_dump ((a)) +#define sexp_cons(a, b) _gcry_sexp_cons ((a), (b)) +#define sexp_alist(a) _gcry_sexp_alist ((a)) +#define sexp_vlist _gcry_sexp_vlist +#define sexp_append(a, b) _gcry_sexp_append ((a), (b)) +#define sexp_prepend(a, b) _gcry_sexp_prepend ((a), (b)) +#define sexp_find_token(a, b, c) _gcry_sexp_find_token ((a), (b), (c)) +#define sexp_length(a) _gcry_sexp_length ((a)) +#define sexp_nth(a, b) _gcry_sexp_nth ((a), (b)) +#define sexp_car(a) _gcry_sexp_car ((a)) +#define sexp_cdr(a) _gcry_sexp_cdr ((a)) +#define sexp_cadr(a) _gcry_sexp_cadr ((a)) +#define sexp_nth_data(a, b, c) _gcry_sexp_nth_data ((a), (b), (c)) +#define sexp_nth_buffer(a, b, c) _gcry_sexp_nth_buffer ((a), (b), (c)) +#define sexp_nth_string(a, b) _gcry_sexp_nth_string ((a), (b)) +#define sexp_nth_mpi(a, b, c) _gcry_sexp_nth_mpi ((a), (b), (c)) +#define sexp_extract_param _gcry_sexp_extract_param + + + +gcry_mpi_t _gcry_mpi_new (unsigned int nbits); +gcry_mpi_t _gcry_mpi_snew (unsigned int nbits); +void _gcry_mpi_release (gcry_mpi_t a); +gcry_mpi_t _gcry_mpi_copy (const gcry_mpi_t a); +void _gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u); +gcry_mpi_t _gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u); +gcry_mpi_t _gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u); +gcry_err_code_t _gcry_mpi_get_ui (gcry_mpi_t w, ulong *u); +void _gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b); +int _gcry_mpi_is_neg (gcry_mpi_t a); +void _gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u); +void _gcry_mpi_abs (gcry_mpi_t w); +int _gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v); +int _gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v); +gpg_err_code_t _gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, + const void *buffer, size_t buflen, + size_t *nscanned); +gpg_err_code_t _gcry_mpi_print (enum gcry_mpi_format format, + unsigned char *buffer, size_t buflen, + size_t *nwritten, + const gcry_mpi_t a); +gpg_err_code_t _gcry_mpi_aprint (enum gcry_mpi_format format, + unsigned char **buffer, size_t *nwritten, + const gcry_mpi_t a); +void _gcry_mpi_dump (const gcry_mpi_t a); +void _gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); +void _gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v); +void _gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); +void _gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); +void _gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v ); +void _gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); +void _gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); +void _gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v ); +void _gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); +void _gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt); +void _gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r, + gcry_mpi_t dividend, gcry_mpi_t divisor, int round); +void _gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor); +void _gcry_mpi_powm (gcry_mpi_t w, + const gcry_mpi_t b, const gcry_mpi_t e, + const gcry_mpi_t m); +int _gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b); +int _gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m); +gcry_mpi_point_t _gcry_mpi_point_new (unsigned int nbits); +void _gcry_mpi_point_release (gcry_mpi_point_t point); +void _gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point); +void _gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point); +gcry_mpi_point_t _gcry_mpi_point_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z); +gcry_mpi_point_t _gcry_mpi_point_snatch_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, + gcry_mpi_t z); +gpg_error_t _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, + gcry_sexp_t keyparam, const char *curvename); +gcry_mpi_t _gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy); +gcry_mpi_point_t _gcry_mpi_ec_get_point (const char *name, + gcry_ctx_t ctx, int copy); +gpg_error_t _gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue, + gcry_ctx_t ctx); +gpg_error_t _gcry_mpi_ec_set_point (const char *name, gcry_mpi_point_t newvalue, + gcry_ctx_t ctx); +int _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_point_t point, + mpi_ec_t ctx); +void _gcry_mpi_ec_dup (gcry_mpi_point_t w, gcry_mpi_point_t u, gcry_ctx_t ctx); +void _gcry_mpi_ec_add (gcry_mpi_point_t w, + gcry_mpi_point_t u, gcry_mpi_point_t v, mpi_ec_t ctx); +void _gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u, + mpi_ec_t ctx); +int _gcry_mpi_ec_curve_point (gcry_mpi_point_t w, mpi_ec_t ctx); +unsigned int _gcry_mpi_get_nbits (gcry_mpi_t a); +int _gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n); +void _gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n); +void _gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n); +void _gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n); +void _gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n); +void _gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); +void _gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); +gcry_mpi_t _gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits); +gcry_mpi_t _gcry_mpi_set_opaque_copy (gcry_mpi_t a, + const void *p, unsigned int nbits); +void *_gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits); +void _gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); +void _gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); +int _gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); + + +/* Private function - do not use. */ +/* gcry_mpi_t _gcry_mpi_get_const (int no); */ + +/* We need our internal versions of the macros. */ +#ifndef GCRYPT_NO_MPI_MACROS +# error GCRYPT_NO_MPI_MACROS is not defined +#endif + +#define mpi_new(n) _gcry_mpi_new ((n)) +#define mpi_secure_new( n ) _gcry_mpi_snew ((n)) +#define mpi_snew(n) _gcry_mpi_snew ((n)) + +#define mpi_release(a) \ + do \ + { \ + _gcry_mpi_release ((a));\ + (a) = NULL; \ + } \ + while (0) + +#define mpi_snatch( w, u) _gcry_mpi_snatch( (w), (u) ) +#define mpi_set( w, u) _gcry_mpi_set( (w), (u) ) +#define mpi_set_ui( w, u) _gcry_mpi_set_ui( (w), (u) ) +#define mpi_get_ui(a,b) _gcry_mpi_get_ui( (a), (b) ) +#define mpi_swap(a,b) _gcry_mpi_swap ((a),(b)) +#define mpi_abs( w ) _gcry_mpi_abs( (w) ) +#define mpi_neg( w, u) _gcry_mpi_neg( (w), (u) ) +#define mpi_cmp( u, v ) _gcry_mpi_cmp( (u), (v) ) +#define mpi_cmp_ui( u, v ) _gcry_mpi_cmp_ui( (u), (v) ) +#define mpi_is_neg( a ) _gcry_mpi_is_neg ((a)) + +#define mpi_add_ui(w,u,v) _gcry_mpi_add_ui((w),(u),(v)) +#define mpi_add(w,u,v) _gcry_mpi_add ((w),(u),(v)) +#define mpi_addm(w,u,v,m) _gcry_mpi_addm ((w),(u),(v),(m)) +#define mpi_sub_ui(w,u,v) _gcry_mpi_sub_ui ((w),(u),(v)) +#define mpi_sub(w,u,v) _gcry_mpi_sub ((w),(u),(v)) +#define mpi_subm(w,u,v,m) _gcry_mpi_subm ((w),(u),(v),(m)) +#define mpi_mul_ui(w,u,v) _gcry_mpi_mul_ui ((w),(u),(v)) +#define mpi_mul_2exp(w,u,v) _gcry_mpi_mul_2exp ((w),(u),(v)) +#define mpi_mul(w,u,v) _gcry_mpi_mul ((w),(u),(v)) +#define mpi_mulm(w,u,v,m) _gcry_mpi_mulm ((w),(u),(v),(m)) +#define mpi_powm(w,b,e,m) _gcry_mpi_powm ( (w), (b), (e), (m) ) +#define mpi_tdiv(q,r,a,m) _gcry_mpi_div ( (q), (r), (a), (m), 0) +#define mpi_fdiv(q,r,a,m) _gcry_mpi_div ( (q), (r), (a), (m), -1) +#define mpi_mod(r,a,m) _gcry_mpi_mod ((r), (a), (m)) +#define mpi_gcd(g,a,b) _gcry_mpi_gcd ( (g), (a), (b) ) +#define mpi_invm(g,a,b) _gcry_mpi_invm ( (g), (a), (b) ) + +#define mpi_point_new(n) _gcry_mpi_point_new((n)) + +#define mpi_point_release(p) \ + do \ + { \ + _gcry_mpi_point_release ((p)); \ + (p) = NULL; \ + } \ + while (0) + +#define mpi_point_get(x,y,z,p) _gcry_mpi_point_get((x),(y),(z),(p)) +#define mpi_point_snatch_get(x,y,z,p) _gcry_mpi_point_snatch_get((x),(y), \ + (z),(p)) +#define mpi_point_set(p,x,y,z) _gcry_mpi_point_set((p),(x),(y),(z)) +#define mpi_point_snatch_set(p,x,y,z) _gcry_mpi_point_snatch_set((p),(x), \ + (y),(z)) + +#define mpi_get_nbits(a) _gcry_mpi_get_nbits ((a)) +#define mpi_test_bit(a,b) _gcry_mpi_test_bit ((a),(b)) +#define mpi_set_bit(a,b) _gcry_mpi_set_bit ((a),(b)) +#define mpi_set_highbit(a,b) _gcry_mpi_set_highbit ((a),(b)) +#define mpi_clear_bit(a,b) _gcry_mpi_clear_bit ((a),(b)) +#define mpi_clear_highbit(a,b) _gcry_mpi_clear_highbit ((a),(b)) +#define mpi_rshift(a,b,c) _gcry_mpi_rshift ((a),(b),(c)) +#define mpi_lshift(a,b,c) _gcry_mpi_lshift ((a),(b),(c)) + +#define mpi_set_opaque(a,b,c) _gcry_mpi_set_opaque ((a), (b), (c)) +#define mpi_get_opaque(a,b) _gcry_mpi_get_opaque ((a), (b)) +#define mpi_set_flag(a,f) _gcry_mpi_set_flag ((a), (f)) +#define mpi_set_flag(a,f) _gcry_mpi_set_flag ((a), (f)) +#define mpi_clear_flag(a,f) _gcry_mpi_clear_flag ((a), (f)) +#define mpi_get_flag(a,f) _gcry_mpi_get_flag ((a), (f)) + + +#endif /*GCRY_GCRYPT_INT_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/gcrypt-module.h b/plugins/MirOTR/Libgcrypt/src/gcrypt-module.h deleted file mode 100644 index e717b70c97..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/gcrypt-module.h +++ /dev/null @@ -1,233 +0,0 @@ -/* gcrypt-module.h - GNU Cryptographic Library Interface - Copyright (C) 2003, 2007 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* - This file contains the necessary declarations/definitions for - working with Libgcrypt modules. - */ - -#ifndef _GCRYPT_MODULE_H -#define _GCRYPT_MODULE_H - -#ifdef __cplusplus -extern "C" { -#if 0 /* keep Emacsens's auto-indent happy */ -} -#endif -#endif - -/* The interfaces using the module system reserve a certain range of - IDs for application use. These IDs are not valid within Libgcrypt - but Libgcrypt makes sure never to allocate such a module ID. */ -#define GCRY_MODULE_ID_USER 1024 -#define GCRY_MODULE_ID_USER_LAST 4095 - - -/* This type represents a `module'. */ -typedef struct gcry_module *gcry_module_t; - -/* Check that the library fulfills the version requirement. */ - -/* Type for the cipher_setkey function. */ -typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c, - const unsigned char *key, - unsigned keylen); - -/* Type for the cipher_encrypt function. */ -typedef void (*gcry_cipher_encrypt_t) (void *c, - unsigned char *outbuf, - const unsigned char *inbuf); - -/* Type for the cipher_decrypt function. */ -typedef void (*gcry_cipher_decrypt_t) (void *c, - unsigned char *outbuf, - const unsigned char *inbuf); - -/* Type for the cipher_stencrypt function. */ -typedef void (*gcry_cipher_stencrypt_t) (void *c, - unsigned char *outbuf, - const unsigned char *inbuf, - unsigned int n); - -/* Type for the cipher_stdecrypt function. */ -typedef void (*gcry_cipher_stdecrypt_t) (void *c, - unsigned char *outbuf, - const unsigned char *inbuf, - unsigned int n); - -typedef struct gcry_cipher_oid_spec -{ - const char *oid; - int mode; -} gcry_cipher_oid_spec_t; - -/* Module specification structure for ciphers. */ -typedef struct gcry_cipher_spec -{ - const char *name; - const char **aliases; - gcry_cipher_oid_spec_t *oids; - size_t blocksize; - size_t keylen; - size_t contextsize; - gcry_cipher_setkey_t setkey; - gcry_cipher_encrypt_t encrypt; - gcry_cipher_decrypt_t decrypt; - gcry_cipher_stencrypt_t stencrypt; - gcry_cipher_stdecrypt_t stdecrypt; -} gcry_cipher_spec_t; - -/* Register a new cipher module whose specification can be found in - CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representing this module is stored in MODULE. */ -gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher, - int *algorithm_id, - gcry_module_t *module); - -/* Unregister the cipher identified by MODULE, which must have been - registered with gcry_cipher_register. */ -void gcry_cipher_unregister (gcry_module_t module); - -/* ********************** */ - -/* Type for the pk_generate function. */ -typedef gcry_err_code_t (*gcry_pk_generate_t) (int algo, - unsigned int nbits, - unsigned long use_e, - gcry_mpi_t *skey, - gcry_mpi_t **retfactors); - -/* Type for the pk_check_secret_key function. */ -typedef gcry_err_code_t (*gcry_pk_check_secret_key_t) (int algo, - gcry_mpi_t *skey); - -/* Type for the pk_encrypt function. */ -typedef gcry_err_code_t (*gcry_pk_encrypt_t) (int algo, - gcry_mpi_t *resarr, - gcry_mpi_t data, - gcry_mpi_t *pkey, - int flags); - -/* Type for the pk_decrypt function. */ -typedef gcry_err_code_t (*gcry_pk_decrypt_t) (int algo, - gcry_mpi_t *result, - gcry_mpi_t *data, - gcry_mpi_t *skey, - int flags); - -/* Type for the pk_sign function. */ -typedef gcry_err_code_t (*gcry_pk_sign_t) (int algo, - gcry_mpi_t *resarr, - gcry_mpi_t data, - gcry_mpi_t *skey); - -/* Type for the pk_verify function. */ -typedef gcry_err_code_t (*gcry_pk_verify_t) (int algo, - gcry_mpi_t hash, - gcry_mpi_t *data, - gcry_mpi_t *pkey, - int (*cmp) (void *, gcry_mpi_t), - void *opaquev); - -/* Type for the pk_get_nbits function. */ -typedef unsigned (*gcry_pk_get_nbits_t) (int algo, gcry_mpi_t *pkey); - -/* Module specification structure for message digests. */ -typedef struct gcry_pk_spec -{ - const char *name; - const char **aliases; - const char *elements_pkey; - const char *elements_skey; - const char *elements_enc; - const char *elements_sig; - const char *elements_grip; - int use; - gcry_pk_generate_t generate; - gcry_pk_check_secret_key_t check_secret_key; - gcry_pk_encrypt_t encrypt; - gcry_pk_decrypt_t decrypt; - gcry_pk_sign_t sign; - gcry_pk_verify_t verify; - gcry_pk_get_nbits_t get_nbits; -} gcry_pk_spec_t; - -/* Register a new pubkey module whose specification can be found in - PUBKEY. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representhing this module is stored in MODULE. */ -gcry_error_t gcry_pk_register (gcry_pk_spec_t *pubkey, - unsigned int *algorithm_id, - gcry_module_t *module); - -/* Unregister the pubkey identified by ID, which must have been - registered with gcry_pk_register. */ -void gcry_pk_unregister (gcry_module_t module); - -/* ********************** */ - -/* Type for the md_init function. */ -typedef void (*gcry_md_init_t) (void *c); - -/* Type for the md_write function. */ -typedef void (*gcry_md_write_t) (void *c, const void *buf, size_t nbytes); - -/* Type for the md_final function. */ -typedef void (*gcry_md_final_t) (void *c); - -/* Type for the md_read function. */ -typedef unsigned char *(*gcry_md_read_t) (void *c); - -typedef struct gcry_md_oid_spec -{ - const char *oidstring; -} gcry_md_oid_spec_t; - -/* Module specification structure for message digests. */ -typedef struct gcry_md_spec -{ - const char *name; - unsigned char *asnoid; - int asnlen; - gcry_md_oid_spec_t *oids; - int mdlen; - gcry_md_init_t init; - gcry_md_write_t write; - gcry_md_final_t final; - gcry_md_read_t read; - size_t contextsize; /* allocate this amount of context */ -} gcry_md_spec_t; - -/* Register a new digest module whose specification can be found in - DIGEST. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representhing this module is stored in MODULE. */ -gcry_error_t gcry_md_register (gcry_md_spec_t *digest, - unsigned int *algorithm_id, - gcry_module_t *module); - -/* Unregister the digest identified by ID, which must have been - registered with gcry_digest_register. */ -void gcry_md_unregister (gcry_module_t module); - -#if 0 /* keep Emacsens's auto-indent happy */ -{ -#endif -#ifdef __cplusplus -} -#endif -#endif diff --git a/plugins/MirOTR/Libgcrypt/src/gcrypt.h b/plugins/MirOTR/Libgcrypt/src/gcrypt.h index ef4196c266..3071732bf6 100644 --- a/plugins/MirOTR/Libgcrypt/src/gcrypt.h +++ b/plugins/MirOTR/Libgcrypt/src/gcrypt.h @@ -1,23 +1,24 @@ /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- - Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006 - 2007, 2008, 2009, 2010 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, see <http://www.gnu.org/licenses/>. - - File: src/gcrypt.h. Generated from gcrypt.h.in by configure. */ + * Copyright (C) 1998-2015 Free Software Foundation, Inc. + * Copyright (C) 2012-2015 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + * + * File: src/gcrypt.h. Generated from gcrypt.h.in by configure. + */ #ifndef _GCRYPT_H #define _GCRYPT_H @@ -25,30 +26,26 @@ #include <stdlib.h> #include <stdarg.h> #include <string.h> -#include <tchar.h> #include <gpg-error.h> #include <sys/types.h> #if defined _WIN32 || defined __WIN32__ -#ifdef socklen_t - #undef socklen_t -#endif # include <winsock2.h> # include <ws2tcpip.h> # include <time.h> # ifndef __GNUC__ - typedef signed int ssize_t; + typedef long ssize_t; typedef int pid_t; # endif /*!__GNUC__*/ #else # include <sys/socket.h> # include <sys/time.h> +# #endif /*!_WIN32*/ -typedef socklen_t gcry_socklen_t; - +typedef int gcry_socklen_t; /* This is required for error code compatibility. */ #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT @@ -65,7 +62,12 @@ extern "C" { return the same version. The purpose of this macro is to let autoconf (using the AM_PATH_GCRYPT macro) check that this header matches the installed library. */ -#define GCRYPT_VERSION "1.4.6" +#define GCRYPT_VERSION "1.6.3" + +/* The version number of this header. It may be used to handle minor + API incompatibilities. */ +#define GCRYPT_VERSION_NUMBER 0x010603 + /* Internal: We can't use the convenience macros for the multi precision integer functions when building this library. */ @@ -96,6 +98,12 @@ extern "C" { #define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__)) #endif +#define _GCRY_GCC_ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a))) + +#if _GCRY_GCC_VERSION >= 40000 +#define _GCRY_GCC_ATTR_SENTINEL(a) __attribute__ ((sentinel(a))) +#endif + #endif /*__GNUC__*/ #ifndef _GCRY_GCC_ATTR_DEPRECATED @@ -107,10 +115,15 @@ extern "C" { #ifndef _GCRY_GCC_ATTR_MALLOC #define _GCRY_GCC_ATTR_MALLOC #endif +#ifndef _GCRY_GCC_ATTR_PRINTF +#define _GCRY_GCC_ATTR_PRINTF(f,a) +#endif +#ifndef _GCRY_GCC_ATTR_SENTINEL +#define _GCRY_GCC_ATTR_SENTINEL(a) +#endif -/* Some members in a public type should only be used internally. - There is no "internal" attribute, so we abuse the deprecated - attribute to discourage external use. */ +/* Make up an attribute to mark functions and types as deprecated but + allow internal use by Libgcrypt. */ #ifdef _GCRYPT_IN_LIBGCRYPT #define _GCRY_ATTR_INTERNAL #else @@ -179,13 +192,9 @@ gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err); gcry_err_code_t gcry_error_from_errno (int err); -/* This enum is deprecated; it is only declared for the sake of - complete API compatibility. */ -enum gcry_thread_option - { - _GCRY_THREAD_OPTION_DUMMY - } _GCRY_GCC_ATTR_DEPRECATED; - +/* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore + used. However we keep it to allow for some source code + compatibility if used in the standard way. */ /* Constants defining the thread model to use. Used with the OPTION field of the struct gcry_thread_cbs. */ @@ -196,163 +205,53 @@ enum gcry_thread_option /* The version number encoded in the OPTION field of the struct gcry_thread_cbs. */ -#define GCRY_THREAD_OPTION_VERSION 0 +#define GCRY_THREAD_OPTION_VERSION 1 /* Wrapper for struct ath_ops. */ struct gcry_thread_cbs { /* The OPTION field encodes the thread model and the version number - of this structure. + of this structure. Bits 7 - 0 are used for the thread model - Bits 15 - 8 are used for the version number. - */ + Bits 15 - 8 are used for the version number. */ unsigned int option; +} _GCRY_ATTR_INTERNAL; - int (*init) (void); - int (*mutex_init) (void **priv); - int (*mutex_destroy) (void **priv); - int (*mutex_lock) (void **priv); - int (*mutex_unlock) (void **priv); - ssize_t (*read) (int fd, void *buf, size_t nbytes); - ssize_t (*write) (int fd, const void *buf, size_t nbytes); -#ifdef _WIN32 - ssize_t (*select) (int nfd, void *rset, void *wset, void *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, void *addr, int *length_ptr); - int (*connect) (int s, void *addr, gcry_socklen_t length); - int (*sendmsg) (int s, const void *msg, int flags); - int (*recvmsg) (int s, void *msg, int flags); -#else - ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr); - int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length); - int (*sendmsg) (int s, const struct msghdr *msg, int flags); - int (*recvmsg) (int s, struct msghdr *msg, int flags); -#endif -}; - -#ifdef _WIN32 -# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \ -static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \ - void *eset, struct timeval *timeout) \ - { return pth_select (nfd, rset, wset, eset, timeout); } \ -static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \ - { return pth_waitpid (pid, status, options); } \ -static int gcry_pth_accept (int s, void *addr, \ - gcry_socklen_t *length_ptr) \ - { return pth_accept (s, addr, length_ptr); } \ -static int gcry_pth_connect (int s, void *addr, \ - gcry_socklen_t length) \ - { return pth_connect (s, addr, length); } -#else /*!_WIN32*/ -# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \ -static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \ - fd_set *eset, struct timeval *timeout) \ - { return pth_select (nfd, rset, wset, eset, timeout); } \ -static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \ - { return pth_waitpid (pid, status, options); } \ -static int gcry_pth_accept (int s, struct sockaddr *addr, \ - gcry_socklen_t *length_ptr) \ - { return pth_accept (s, addr, length_ptr); } \ -static int gcry_pth_connect (int s, struct sockaddr *addr, \ - gcry_socklen_t length) \ - { return pth_connect (s, addr, length); } -#endif /*!_WIN32*/ - +#define GCRY_THREAD_OPTION_PTH_IMPL \ + static struct gcry_thread_cbs gcry_threads_pth = { \ + (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8))} +#define GCRY_THREAD_OPTION_PTHREAD_IMPL \ + static struct gcry_thread_cbs gcry_threads_pthread = { \ + (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8))} -#define GCRY_THREAD_OPTION_PTH_IMPL \ -static int gcry_pth_init (void) \ -{ return (pth_init () == FALSE) ? errno : 0; } \ -static int gcry_pth_mutex_init (void **priv) \ -{ \ - int err = 0; \ - pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \ - \ - if (!lock) \ - err = ENOMEM; \ - if (!err) \ - { \ - err = pth_mutex_init (lock); \ - if (err == FALSE) \ - err = errno; \ - else \ - err = 0; \ - if (err) \ - free (lock); \ - else \ - *priv = lock; \ - } \ - return err; \ -} \ -static int gcry_pth_mutex_destroy (void **lock) \ - { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \ -static int gcry_pth_mutex_lock (void **lock) \ - { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \ - ? errno : 0; } \ -static int gcry_pth_mutex_unlock (void **lock) \ - { return ((pth_mutex_release (*lock)) == FALSE) \ - ? errno : 0; } \ -static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \ - { return pth_read (fd, buf, nbytes); } \ -static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \ - { return pth_write (fd, buf, nbytes); } \ -_GCRY_THREAD_OPTION_PTH_IMPL_NET \ - \ -/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \ -static struct gcry_thread_cbs gcry_threads_pth = { \ - (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \ - gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \ - gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \ - gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \ - NULL, NULL } - - -#define GCRY_THREAD_OPTION_PTHREAD_IMPL \ -static int gcry_pthread_mutex_init (void **priv) \ -{ \ - int err = 0; \ - pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\ - \ - if (!lock) \ - err = ENOMEM; \ - if (!err) \ - { \ - err = pthread_mutex_init (lock, NULL); \ - if (err) \ - free (lock); \ - else \ - *priv = lock; \ - } \ - return err; \ -} \ -static int gcry_pthread_mutex_destroy (void **lock) \ - { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \ - free (*lock); return err; } \ -static int gcry_pthread_mutex_lock (void **lock) \ - { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \ -static int gcry_pthread_mutex_unlock (void **lock) \ - { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \ - \ -static struct gcry_thread_cbs gcry_threads_pthread = { \ - (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \ - NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \ - gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \ - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } -/* The data object used to hold a multi precision integer. */ +/* A generic context object as used by some functions. */ +struct gcry_context; +typedef struct gcry_context *gcry_ctx_t; + +/* The data objects used to hold multi precision integers. */ struct gcry_mpi; typedef struct gcry_mpi *gcry_mpi_t; +struct gcry_mpi_point; +typedef struct gcry_mpi_point *gcry_mpi_point_t; #ifndef GCRYPT_NO_DEPRECATED typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED; typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED; #endif +/* A structure used for scatter gather hashing. */ +typedef struct +{ + size_t size; /* The allocated size of the buffer or 0. */ + size_t off; /* Offset into the buffer. */ + size_t len; /* The used length of the buffer. */ + void *data; /* The buffer. */ +} gcry_buffer_t; + + /* Check that the library fulfills the version requirement. */ @@ -361,10 +260,9 @@ const char *gcry_check_version (const char *req_version); /* Codes for function dispatchers. */ /* Codes used with the gcry_control function. */ -enum gcry_ctl_cmds +enum gcry_ctl_cmds { - GCRYCTL_SET_KEY = 1, - GCRYCTL_SET_IV = 2, + /* Note: 1 .. 2 are not anymore used. */ GCRYCTL_CFB_SYNC = 3, GCRYCTL_RESET = 4, /* e.g. for MDs */ GCRYCTL_FINALIZE = 5, @@ -404,7 +302,7 @@ enum gcry_ctl_cmds GCRYCTL_ANY_INITIALIZATION_P = 40, GCRYCTL_SET_CBC_CTS = 41, GCRYCTL_SET_CBC_MAC = 42, - GCRYCTL_SET_CTR = 43, + /* Note: 43 is not anymore used. */ GCRYCTL_ENABLE_QUICK_RANDOM = 44, GCRYCTL_SET_RANDOM_SEED_FILE = 45, GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46, @@ -418,15 +316,25 @@ enum gcry_ctl_cmds GCRYCTL_OPERATIONAL_P = 54, GCRYCTL_FIPS_MODE_P = 55, GCRYCTL_FORCE_FIPS_MODE = 56, - GCRYCTL_SELFTEST = 57 + GCRYCTL_SELFTEST = 57, /* Note: 58 .. 62 are used internally. */ + GCRYCTL_DISABLE_HWF = 63, + GCRYCTL_SET_ENFORCED_FIPS_FLAG = 64, + GCRYCTL_SET_PREFERRED_RNG_TYPE = 65, + GCRYCTL_GET_CURRENT_RNG_TYPE = 66, + GCRYCTL_DISABLE_LOCKED_SECMEM = 67, + GCRYCTL_DISABLE_PRIV_DROP = 68, + GCRYCTL_SET_CCM_LENGTHS = 69, + GCRYCTL_CLOSE_RANDOM_DEVICE = 70, + GCRYCTL_INACTIVATE_FIPS_FLAG = 71, + GCRYCTL_REACTIVATE_FIPS_FLAG = 72 }; /* Perform various operations defined by CMD. */ gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...); -/* S-expression management. */ +/* S-expression management. */ /* The object to represent an S-expression as used with the public key functions. */ @@ -480,7 +388,7 @@ void gcry_sexp_release (gcry_sexp_t sexp); /* Calculate the length of an canonized S-expresion in BUFFER and check for a valid encoding. */ -size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, +size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, size_t *erroff, gcry_error_t *errcode); /* Copies the S-expression object SEXP into BUFFER using the format @@ -538,6 +446,13 @@ gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list); const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen); +/* This function is used to get data from a LIST. A malloced buffer to the + data with index NUMBER is returned and the length of this + data will be stored to RLENGTH. If there is no data at the given + index or the index represents another list, `NULL' is returned. */ +void *gcry_sexp_nth_buffer (const gcry_sexp_t list, int number, + size_t *rlength); + /* This function is used to get and convert data from a LIST. The data is assumed to be a Nul terminated string. The caller must release the returned value using `gcry_free'. If there is no data @@ -553,6 +468,12 @@ char *gcry_sexp_nth_string (gcry_sexp_t list, int number); value can't be converted to an MPI, `NULL' is returned. */ gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt); +/* Convenience fucntion to extract parameters from an S-expression + * using a list of single letter parameters. */ +gpg_error_t gcry_sexp_extract_param (gcry_sexp_t sexp, + const char *path, + const char *list, + ...) _GCRY_GCC_ATTR_SENTINEL(0); /******************************************* @@ -562,26 +483,40 @@ gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt); *******************************************/ /* Different formats of external big integer representation. */ -enum gcry_mpi_format +enum gcry_mpi_format { GCRYMPI_FMT_NONE= 0, GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */ GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */ GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */ GCRYMPI_FMT_HEX = 4, /* Hex format. */ - GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */ + GCRYMPI_FMT_USG = 5, /* Like STD but unsigned. */ + GCRYMPI_FMT_OPAQUE = 8 /* Opaque format (some functions only). */ }; /* Flags used for creating big integers. */ -enum gcry_mpi_flag +enum gcry_mpi_flag { GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */ - GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just + GCRYMPI_FLAG_OPAQUE = 2, /* The number is not a real one but just a way to store some bytes. This is useful for encrypted big integers. */ + GCRYMPI_FLAG_IMMUTABLE = 4, /* Mark the MPI as immutable. */ + GCRYMPI_FLAG_CONST = 8, /* Mark the MPI as a constant. */ + GCRYMPI_FLAG_USER1 = 0x0100,/* User flag 1. */ + GCRYMPI_FLAG_USER2 = 0x0200,/* User flag 2. */ + GCRYMPI_FLAG_USER3 = 0x0400,/* User flag 3. */ + GCRYMPI_FLAG_USER4 = 0x0800,/* User flag 4. */ }; +/* Macros to return pre-defined MPI constants. */ +#define GCRYMPI_CONST_ONE (_gcry_mpi_get_const (1)) +#define GCRYMPI_CONST_TWO (_gcry_mpi_get_const (2)) +#define GCRYMPI_CONST_THREE (_gcry_mpi_get_const (3)) +#define GCRYMPI_CONST_FOUR (_gcry_mpi_get_const (4)) +#define GCRYMPI_CONST_EIGHT (_gcry_mpi_get_const (8)) + /* Allocate a new big integer object, initialize it with 0 and initially allocate memory for a number of at least NBITS. */ gcry_mpi_t gcry_mpi_new (unsigned int nbits); @@ -595,6 +530,9 @@ void gcry_mpi_release (gcry_mpi_t a); /* Create a new number with the same value as A. */ gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a); +/* Store the big integer value U in W and release U. */ +void gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u); + /* Store the big integer value U in W. */ gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u); @@ -604,6 +542,15 @@ gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u); /* Swap the values of A and B. */ void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b); +/* Return 1 if A is negative; 0 if zero or positive. */ +int gcry_mpi_is_neg (gcry_mpi_t a); + +/* W = - U */ +void gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u); + +/* W = [W] */ +void gcry_mpi_abs (gcry_mpi_t w); + /* Compare the big integer number U and V returning 0 for equality, a positive value for U > V and a negative for U < V. */ int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v); @@ -618,7 +565,7 @@ int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v); RET_MPI. If NSCANNED is not NULL, it will receive the number of bytes actually scanned after a successful operation. */ gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, - const void *buffer, size_t buflen, + const void *buffer, size_t buflen, size_t *nscanned); /* Convert the big integer A into the external representation @@ -689,7 +636,7 @@ void gcry_mpi_powm (gcry_mpi_t w, const gcry_mpi_t b, const gcry_mpi_t e, const gcry_mpi_t m); -/* Set G to the greatest common divisor of A and B. +/* Set G to the greatest common divisor of A and B. Return true if the G is 1. */ int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b); @@ -697,6 +644,68 @@ int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b); Return true if the value exists. */ int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m); +/* Create a new point object. NBITS is usually 0. */ +gcry_mpi_point_t gcry_mpi_point_new (unsigned int nbits); + +/* Release the object POINT. POINT may be NULL. */ +void gcry_mpi_point_release (gcry_mpi_point_t point); + +/* Store the projective coordinates from POINT into X, Y, and Z. */ +void gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point); + +/* Store the projective coordinates from POINT into X, Y, and Z and + release POINT. */ +void gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point); + +/* Store the projective coordinates X, Y, and Z into POINT. */ +gcry_mpi_point_t gcry_mpi_point_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z); + +/* Store the projective coordinates X, Y, and Z into POINT and release + X, Y, and Z. */ +gcry_mpi_point_t gcry_mpi_point_snatch_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, + gcry_mpi_t z); + +/* Allocate a new context for elliptic curve operations based on the + parameters given by KEYPARAM or using CURVENAME. */ +gpg_error_t gcry_mpi_ec_new (gcry_ctx_t *r_ctx, + gcry_sexp_t keyparam, const char *curvename); + +/* Get a named MPI from an elliptic curve context. */ +gcry_mpi_t gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy); + +/* Get a named point from an elliptic curve context. */ +gcry_mpi_point_t gcry_mpi_ec_get_point (const char *name, + gcry_ctx_t ctx, int copy); + +/* Store a named MPI into an elliptic curve context. */ +gpg_error_t gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue, + gcry_ctx_t ctx); + +/* Store a named point into an elliptic curve context. */ +gpg_error_t gcry_mpi_ec_set_point (const char *name, gcry_mpi_point_t newvalue, + gcry_ctx_t ctx); + +/* Store the affine coordinates of POINT into X and Y. */ +int gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_point_t point, + gcry_ctx_t ctx); + +/* W = 2 * U. */ +void gcry_mpi_ec_dup (gcry_mpi_point_t w, gcry_mpi_point_t u, gcry_ctx_t ctx); + +/* W = U + V. */ +void gcry_mpi_ec_add (gcry_mpi_point_t w, + gcry_mpi_point_t u, gcry_mpi_point_t v, gcry_ctx_t ctx); + +/* W = N * U. */ +void gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u, + gcry_ctx_t ctx); + +/* Return true if POINT is on the curve described by CTX. */ +int gcry_mpi_ec_curve_point (gcry_mpi_point_t w, gcry_ctx_t ctx); /* Return the number of bits required to represent A. */ unsigned int gcry_mpi_get_nbits (gcry_mpi_t a); @@ -723,10 +732,18 @@ void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); /* Store NBITS of the value P points to in A and mark A as an opaque - value. WARNING: Never use an opaque MPI for anything thing else then + value. On success A received the the ownership of the value P. + WARNING: Never use an opaque MPI for anything thing else than gcry_mpi_release, gcry_mpi_get_opaque. */ gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits); +/* Store NBITS of the value P points to in A and mark A as an opaque + value. The function takes a copy of the provided value P. + WARNING: Never use an opaque MPI for anything thing else than + gcry_mpi_release, gcry_mpi_get_opaque. */ +gcry_mpi_t gcry_mpi_set_opaque_copy (gcry_mpi_t a, + const void *p, unsigned int nbits); + /* Return a pointer to an opaque value stored in A and return its size in NBITS. Note that the returned pointer is still owned by A and that the function should never be used for an non-opaque MPI. */ @@ -741,9 +758,12 @@ void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); currently useless as no flags are allowed. */ void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); -/* Return true when the FLAG is set for A. */ +/* Return true if the FLAG is set for A. */ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); +/* Private function - do not use. */ +gcry_mpi_t _gcry_mpi_get_const (int no); + /* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of convenience macros for the big integer functions. */ #ifndef GCRYPT_NO_MPI_MACROS @@ -758,11 +778,15 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); while (0) #define mpi_copy( a ) gcry_mpi_copy( (a) ) +#define mpi_snatch( w, u) gcry_mpi_snatch( (w), (u) ) #define mpi_set( w, u) gcry_mpi_set( (w), (u) ) #define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) ) +#define mpi_abs( w ) gcry_mpi_abs( (w) ) +#define mpi_neg( w, u) gcry_mpi_neg( (w), (u) ) #define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) ) #define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) ) - +#define mpi_is_neg( a ) gcry_mpi_is_neg ((a)) + #define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v)) #define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v)) #define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m)) @@ -780,6 +804,19 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); #define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) ) #define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) ) +#define mpi_point_new(n) gcry_mpi_point_new((n)) +#define mpi_point_release(p) \ + do \ + { \ + gcry_mpi_point_release ((p)); \ + (p) = NULL; \ + } \ + while (0) +#define mpi_point_get(x,y,z,p) gcry_mpi_point_get((x),(y),(z),(p)) +#define mpi_point_snatch_get(x,y,z,p) gcry_mpi_point_snatch_get((x),(y),(z),(p)) +#define mpi_point_set(p,x,y,z) gcry_mpi_point_set((p),(x),(y),(z)) +#define mpi_point_snatch_set(p,x,y,z) gcry_mpi_point_snatch_set((p),(x),(y),(z)) + #define mpi_get_nbits(a) gcry_mpi_get_nbits ((a)) #define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b)) #define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b)) @@ -838,19 +875,22 @@ enum gcry_cipher_algos GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */ GCRY_CIPHER_CAMELLIA128 = 310, GCRY_CIPHER_CAMELLIA192 = 311, - GCRY_CIPHER_CAMELLIA256 = 312 + GCRY_CIPHER_CAMELLIA256 = 312, + GCRY_CIPHER_SALSA20 = 313, + GCRY_CIPHER_SALSA20R12 = 314, + GCRY_CIPHER_GOST28147 = 315 }; /* The Rijndael algorithm is basically AES, so provide some macros. */ -#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES -#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES -#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128 -#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192 -#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256 +#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES +#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES +#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128 +#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192 +#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256 /* The supported encryption modes. Note that not all of them are supported for each algorithm. */ -enum gcry_cipher_modes +enum gcry_cipher_modes { GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */ GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */ @@ -859,10 +899,12 @@ enum gcry_cipher_modes GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */ GCRY_CIPHER_MODE_CTR = 6, /* Counter. */ - GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */ + GCRY_CIPHER_MODE_AESWRAP= 7, /* AES-WRAP algorithm. */ + GCRY_CIPHER_MODE_CCM = 8, /* Counter with CBC-MAC. */ + GCRY_CIPHER_MODE_GCM = 9 /* Galois Counter Mode. */ }; -/* Flags used with the open function. */ +/* Flags used with the open function. */ enum gcry_cipher_flags { GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */ @@ -871,6 +913,11 @@ enum gcry_cipher_flags GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */ }; +/* GCM works only with blocks of 128 bits */ +#define GCRY_GCM_BLOCK_LEN (128 / 8) + +/* CCM works only with blocks of 128 bits. */ +#define GCRY_CCM_BLOCK_LEN (128 / 8) /* Create a handle for algorithm ALGO to be used in MODE. FLAGS may be given as an bitwise OR of the gcry_cipher_flags values. */ @@ -928,6 +975,17 @@ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd, gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen); +/* Provide additional authentication data for AEAD modes/ciphers. */ +gcry_error_t gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf, + size_t abuflen); + +/* Get authentication tag for AEAD modes/ciphers. */ +gcry_error_t gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, + size_t taglen); + +/* Check authentication tag for AEAD modes/ciphers. */ +gcry_error_t gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, + size_t taglen); /* Reset the handle to the state after open. */ #define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0) @@ -945,7 +1003,7 @@ gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd, gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen); -/* Retrieved the key length in bytes used with algorithm A. */ +/* Retrieve the key length in bytes used with algorithm A. */ size_t gcry_cipher_get_algo_keylen (int algo); /* Retrieve the block length in bytes used with algorithm A. */ @@ -955,14 +1013,6 @@ size_t gcry_cipher_get_algo_blklen (int algo); #define gcry_cipher_test_algo(a) \ gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) -/* Get a list consisting of the IDs of the loaded cipher modules. If - LIST is zero, write the number of loaded cipher modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less cipher modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_cipher_list (int *list, int *list_length); - /************************************ * * @@ -970,24 +1020,30 @@ gcry_error_t gcry_cipher_list (int *list, int *list_length); * * ************************************/ -/* The algorithms and their IDs we support. */ -enum gcry_pk_algos +/* The algorithms and their IDs we support. */ +enum gcry_pk_algos { - GCRY_PK_RSA = 1, - GCRY_PK_RSA_E = 2, /* (deprecated) */ - GCRY_PK_RSA_S = 3, /* (deprecated) */ - GCRY_PK_ELG_E = 16, - GCRY_PK_DSA = 17, - GCRY_PK_ELG = 20, - GCRY_PK_ECDSA = 301 + GCRY_PK_RSA = 1, /* RSA */ + GCRY_PK_RSA_E = 2, /* (deprecated: use 1). */ + GCRY_PK_RSA_S = 3, /* (deprecated: use 1). */ + GCRY_PK_ELG_E = 16, /* (deprecated: use 20). */ + GCRY_PK_DSA = 17, /* Digital Signature Algorithm. */ + GCRY_PK_ECC = 18, /* Generic ECC. */ + GCRY_PK_ELG = 20, /* Elgamal */ + GCRY_PK_ECDSA = 301, /* (deprecated: use 18). */ + GCRY_PK_ECDH = 302 /* (deprecated: use 18). */ }; /* Flags describing usage capabilities of a PK algorithm. */ -#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */ -#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */ +#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */ +#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */ #define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */ -#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */ -#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */ +#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */ +#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */ + +/* Modes used with gcry_pubkey_get_sexp. */ +#define GCRY_PK_GET_PUBKEY 1 +#define GCRY_PK_GET_SECKEY 2 /* Encrypt the DATA using the public key PKEY and store the result as a newly created S-expression at RESULT. */ @@ -1036,21 +1092,25 @@ int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE; public or private KEY. */ unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE; -/* Please note that keygrip is still experimental and should not be - used without contacting the author. */ +/* Return the so called KEYGRIP which is the SHA-1 hash of the public + key parameters expressed in a way depending on the algorithm. */ unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array); +/* Return the name of the curve matching KEY. */ +const char *gcry_pk_get_curve (gcry_sexp_t key, int iterator, + unsigned int *r_nbits); + +/* Return an S-expression with the parameters of the named ECC curve + NAME. ALGO must be set to an ECC algorithm. */ +gcry_sexp_t gcry_pk_get_param (int algo, const char *name); + /* Return 0 if the public key algorithm A is available for use. */ #define gcry_pk_test_algo(a) \ gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) -/* Get a list consisting of the IDs of the loaded pubkey modules. If - LIST is zero, write the number of loaded pubkey modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less pubkey modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_pk_list (int *list, int *list_length); +/* Return an S-expression representing the context CTX. */ +gcry_error_t gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp, + int mode, gcry_ctx_t ctx); @@ -1064,12 +1124,12 @@ gcry_error_t gcry_pk_list (int *list, int *list_length); are implemnted. */ enum gcry_md_algos { - GCRY_MD_NONE = 0, + GCRY_MD_NONE = 0, GCRY_MD_MD5 = 1, GCRY_MD_SHA1 = 2, GCRY_MD_RMD160 = 3, GCRY_MD_MD2 = 5, - GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */ + GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ GCRY_MD_SHA256 = 8, GCRY_MD_SHA384 = 9, @@ -1079,16 +1139,20 @@ enum gcry_md_algos GCRY_MD_CRC32 = 302, GCRY_MD_CRC32_RFC1510 = 303, GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305, - GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */ - GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */ + GCRY_MD_WHIRLPOOL = 305, + GCRY_MD_TIGER1 = 306, /* TIGER fixed. */ + GCRY_MD_TIGER2 = 307, /* TIGER2 variant. */ + GCRY_MD_GOSTR3411_94 = 308, /* GOST R 34.11-94. */ + GCRY_MD_STRIBOG256 = 309, /* GOST R 34.11-2012, 256 bit. */ + GCRY_MD_STRIBOG512 = 310 /* GOST R 34.11-2012, 512 bit. */ }; /* Flags used with the open function. */ enum gcry_md_flags { GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ - GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */ + GCRY_MD_FLAG_HMAC = 2, /* Make an HMAC out of this algorithm. */ + GCRY_MD_FLAG_BUGEMU1 = 0x0100 }; /* (Forward declaration.) */ @@ -1097,11 +1161,11 @@ struct gcry_md_context; /* This object is used to hold a handle to a message digest object. This structure is private - only to be used by the public gcry_md_* macros. */ -typedef struct gcry_md_handle +typedef struct gcry_md_handle { /* Actual context. */ struct gcry_md_context *ctx; - + /* Buffer management. */ int bufpos; int bufsize; @@ -1153,6 +1217,10 @@ unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo); void gcry_md_hash_buffer (int algo, void *digest, const void *buffer, size_t length); +/* Convenience function to hash multiple buffers. */ +gpg_error_t gcry_md_hash_buffers (int algo, unsigned int flags, void *digest, + const gcry_buffer_t *iov, int iovcnt); + /* Retrieve the algorithm used with HD. This does not work reliable if more than one algorithm is enabled in HD. */ int gcry_md_get_algo (gcry_md_hd_t hd); @@ -1221,401 +1289,149 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); #define gcry_md_get_asnoid(a,b,n) \ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) -/* Enable debugging for digest object A; i.e. create files named - dbgmd-<n>.<string> while hashing. B is a string used as the suffix - for the filename. This macro is deprecated, use gcry_md_debug. */ -#ifndef GCRYPT_NO_DEPRECATED -#define gcry_md_start_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 ) - -/* Disable the debugging of A. This macro is deprecated, use - gcry_md_debug. */ -#define gcry_md_stop_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 ) -#endif - -/* Get a list consisting of the IDs of the loaded message digest - modules. If LIST is zero, write the number of loaded message - digest modules to LIST_LENGTH and return. If LIST is non-zero, the - first *LIST_LENGTH algorithm IDs are stored in LIST, which must be - of according size. In case there are less message digest modules - than *LIST_LENGTH, *LIST_LENGTH is updated to the correct - number. */ -gcry_error_t gcry_md_list (int *list, int *list_length); - -/* Alternative interface for asymmetric cryptography. This interface - is deprecated. */ +/********************************************** + * * + * Message Authentication Code Functions * + * * + **********************************************/ -/* The algorithm IDs. */ -typedef enum gcry_ac_id - { - GCRY_AC_RSA = 1, - GCRY_AC_DSA = 17, - GCRY_AC_ELG = 20, - GCRY_AC_ELG_E = 16 - } -gcry_ac_id_t; +/* The data object used to hold a handle to an encryption object. */ +struct gcry_mac_handle; +typedef struct gcry_mac_handle *gcry_mac_hd_t; -/* Key types. */ -typedef enum gcry_ac_key_type +/* Algorithm IDs for the hash functions we know about. Not all of them + are implemented. */ +enum gcry_mac_algos { - GCRY_AC_KEY_SECRET, - GCRY_AC_KEY_PUBLIC - } -gcry_ac_key_type_t; + GCRY_MAC_NONE = 0, + + GCRY_MAC_HMAC_SHA256 = 101, + GCRY_MAC_HMAC_SHA224 = 102, + GCRY_MAC_HMAC_SHA512 = 103, + GCRY_MAC_HMAC_SHA384 = 104, + GCRY_MAC_HMAC_SHA1 = 105, + GCRY_MAC_HMAC_MD5 = 106, + GCRY_MAC_HMAC_MD4 = 107, + GCRY_MAC_HMAC_RMD160 = 108, + GCRY_MAC_HMAC_TIGER1 = 109, /* The fixed TIGER variant */ + GCRY_MAC_HMAC_WHIRLPOOL = 110, + GCRY_MAC_HMAC_GOSTR3411_94 = 111, + GCRY_MAC_HMAC_STRIBOG256 = 112, + GCRY_MAC_HMAC_STRIBOG512 = 113, + + GCRY_MAC_CMAC_AES = 201, + GCRY_MAC_CMAC_3DES = 202, + GCRY_MAC_CMAC_CAMELLIA = 203, + GCRY_MAC_CMAC_CAST5 = 204, + GCRY_MAC_CMAC_BLOWFISH = 205, + GCRY_MAC_CMAC_TWOFISH = 206, + GCRY_MAC_CMAC_SERPENT = 207, + GCRY_MAC_CMAC_SEED = 208, + GCRY_MAC_CMAC_RFC2268 = 209, + GCRY_MAC_CMAC_IDEA = 210, + GCRY_MAC_CMAC_GOST28147 = 211, + + GCRY_MAC_GMAC_AES = 401, + GCRY_MAC_GMAC_CAMELLIA = 402, + GCRY_MAC_GMAC_TWOFISH = 403, + GCRY_MAC_GMAC_SERPENT = 404, + GCRY_MAC_GMAC_SEED = 405 + }; -/* Encoding methods. */ -typedef enum gcry_ac_em +/* Flags used with the open function. */ +enum gcry_mac_flags { - GCRY_AC_EME_PKCS_V1_5, - GCRY_AC_EMSA_PKCS_V1_5 - } -gcry_ac_em_t; + GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ + }; -/* Encryption and Signature schemes. */ -typedef enum gcry_ac_scheme - { - GCRY_AC_ES_PKCS_V1_5, - GCRY_AC_SSA_PKCS_V1_5 - } -gcry_ac_scheme_t; +/* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR + of the gcry_mac_flags values. CTX maybe NULL or gcry_ctx_t object to be + associated with HANDLE. */ +gcry_error_t gcry_mac_open (gcry_mac_hd_t *handle, int algo, + unsigned int flags, gcry_ctx_t ctx); -/* AC data. */ -#define GCRY_AC_FLAG_DEALLOC (1 << 0) -#define GCRY_AC_FLAG_COPY (1 << 1) -#define GCRY_AC_FLAG_NO_BLINDING (1 << 2) +/* Close the MAC handle H and release all resource. */ +void gcry_mac_close (gcry_mac_hd_t h); -/* This type represents a `data set'. */ -typedef struct gcry_ac_data *gcry_ac_data_t; +/* Perform various operations on the MAC object H. */ +gcry_error_t gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer, + size_t buflen); -/* This type represents a single `key', either a secret one or a - public one. */ -typedef struct gcry_ac_key *gcry_ac_key_t; +/* Retrieve various information about the MAC algorithm ALGO. */ +gcry_error_t gcry_mac_algo_info (int algo, int what, void *buffer, + size_t *nbytes); -/* This type represents a `key pair' containing a secret and a public - key. */ -typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t; +/* Set KEY of length KEYLEN bytes for the MAC handle HD. */ +gcry_error_t gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, + size_t keylen); -/* This type represents a `handle' that is needed by functions - performing cryptographic operations. */ -typedef struct gcry_ac_handle *gcry_ac_handle_t; +/* Set initialization vector IV of length IVLEN for the MAC handle HD. */ +gcry_error_t gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, + size_t ivlen); -typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque, - unsigned char *buffer, - size_t *buffer_n); +/* Pass LENGTH bytes of data in BUFFER to the MAC object HD so that + it can update the MAC values. */ +gcry_error_t gcry_mac_write (gcry_mac_hd_t hd, const void *buffer, + size_t length); -typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque, - unsigned char *buffer, - size_t buffer_n); +/* Read out the final authentication code from the MAC object HD to BUFFER. */ +gcry_error_t gcry_mac_read (gcry_mac_hd_t hd, void *buffer, size_t *buflen); -typedef enum - { - GCRY_AC_IO_READABLE, - GCRY_AC_IO_WRITABLE - } -gcry_ac_io_mode_t; +/* Verify the final authentication code from the MAC object HD with BUFFER. */ +gcry_error_t gcry_mac_verify (gcry_mac_hd_t hd, const void *buffer, + size_t buflen); -typedef enum - { - GCRY_AC_IO_STRING, - GCRY_AC_IO_CALLBACK - } -gcry_ac_io_type_t; +/* Retrieve the length in bytes of the MAC yielded by algorithm ALGO. */ +unsigned int gcry_mac_get_algo_maclen (int algo); -typedef struct gcry_ac_io -{ - /* This is an INTERNAL structure, do NOT use manually. */ - gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL; - gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL; - union - { - union - { - struct - { - gcry_ac_data_read_cb_t cb; - void *opaque; - } callback; - struct - { - unsigned char *data; - size_t data_n; - } string; - void *opaque; - } readable; - union - { - struct - { - gcry_ac_data_write_cb_t cb; - void *opaque; - } callback; - struct - { - unsigned char **data; - size_t *data_n; - } string; - void *opaque; - } writable; - } io _GCRY_ATTR_INTERNAL; -} -gcry_ac_io_t; +/* Retrieve the default key length in bytes used with algorithm A. */ +unsigned int gcry_mac_get_algo_keylen (int algo); -/* The caller of gcry_ac_key_pair_generate can provide one of these - structures in order to influence the key generation process in an - algorithm-specific way. */ -typedef struct gcry_ac_key_spec_rsa -{ - gcry_mpi_t e; /* E to use. */ -} gcry_ac_key_spec_rsa_t; +/* Map the MAC algorithm whose ID is contained in ALGORITHM to a + string representation of the algorithm name. For unknown algorithm + IDs this function returns "?". */ +const char *gcry_mac_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; -/* Structure used for passing data to the implementation of the - `EME-PKCS-V1_5' encoding method. */ -typedef struct gcry_ac_eme_pkcs_v1_5 -{ - size_t key_size; -} gcry_ac_eme_pkcs_v1_5_t; +/* Map the algorithm name NAME to an MAC algorithm ID. Return 0 if + the algorithm name is not known. */ +int gcry_mac_map_name (const char *name) _GCRY_GCC_ATTR_PURE; -typedef enum gcry_md_algos gcry_md_algo_t; +/* Reset the handle to the state after open/setkey. */ +#define gcry_mac_reset(h) gcry_mac_ctl ((h), GCRYCTL_RESET, NULL, 0) + +/* Return 0 if the algorithm A is available for use. */ +#define gcry_mac_test_algo(a) \ + gcry_mac_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) + + +/****************************** + * * + * Key Derivation Functions * + * * + ******************************/ + +/* Algorithm IDs for the KDFs. */ +enum gcry_kdf_algos + { + GCRY_KDF_NONE = 0, + GCRY_KDF_SIMPLE_S2K = 16, + GCRY_KDF_SALTED_S2K = 17, + GCRY_KDF_ITERSALTED_S2K = 19, + GCRY_KDF_PBKDF1 = 33, + GCRY_KDF_PBKDF2 = 34, + GCRY_KDF_SCRYPT = 48 + }; + +/* Derive a key from a passphrase. */ +gpg_error_t gcry_kdf_derive (const void *passphrase, size_t passphraselen, + int algo, int subalgo, + const void *salt, size_t saltlen, + unsigned long iterations, + size_t keysize, void *keybuffer); -/* Structure used for passing data to the implementation of the - `EMSA-PKCS-V1_5' encoding method. */ -typedef struct gcry_ac_emsa_pkcs_v1_5 -{ - gcry_md_algo_t md; - size_t em_n; -} gcry_ac_emsa_pkcs_v1_5_t; -/* Structure used for passing data to the implementation of the - `SSA-PKCS-V1_5' signature scheme. */ -typedef struct gcry_ac_ssa_pkcs_v1_5 -{ - gcry_md_algo_t md; -} gcry_ac_ssa_pkcs_v1_5_t; - -/* Returns a new, empty data set in DATA. */ -gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data); - -/* Destroy the data set DATA. */ -void gcry_ac_data_destroy (gcry_ac_data_t data); - -/* Create a copy of the data set DATA and store it in DATA_CP. */ -gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp, - gcry_ac_data_t data); - -/* Return the number of named MPI values inside of the data set - DATA. */ -unsigned int gcry_ac_data_length (gcry_ac_data_t data); - -/* Destroy any values contained in the data set DATA. */ -void gcry_ac_data_clear (gcry_ac_data_t data); - -/* Add the value MPI to DATA with the label NAME. If FLAGS contains - GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME - and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or - GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will - be deallocated when they are to be removed from the data set. */ -gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t mpi); - -/* Store the value labelled with NAME found in DATA in MPI. If FLAGS - contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained - in the data set. MPI may be NULL. */ -gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t *mpi); - -/* Stores in NAME and MPI the named MPI value contained in the data - set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY, - store copies of the values contained in the data set. NAME or MPI - may be NULL. */ -gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags, - unsigned int idx, - const char **name, gcry_mpi_t *mpi); - -/* Convert the data set DATA into a new S-Expression, which is to be - stored in SEXP, according to the identifiers contained in - IDENTIFIERS. */ -gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp, - const char **identifiers); - -/* Create a new data set, which is to be stored in DATA_SET, from the - S-Expression SEXP, according to the identifiers contained in - IDENTIFIERS. */ -gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp, - const char **identifiers); - -/* Initialize AC_IO according to MODE, TYPE and the variable list of - arguments. The list of variable arguments to specify depends on - the given TYPE. */ -void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, ...); - -/* Initialize AC_IO according to MODE, TYPE and the variable list of - arguments AP. The list of variable arguments to specify depends on - the given TYPE. */ -void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, va_list ap); - -/* Create a new ac handle. */ -gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle, - gcry_ac_id_t algorithm, unsigned int flags); - -/* Destroy an ac handle. */ -void gcry_ac_close (gcry_ac_handle_t handle); - -/* Initialize a key from a given data set. */ -gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle, - gcry_ac_key_type_t type, gcry_ac_data_t data); - -/* Generates a new key pair via the handle HANDLE of NBITS bits and - stores it in KEY_PAIR. In case non-standard settings are wanted, a - pointer to a structure of type gcry_ac_key_spec_<algorithm>_t, - matching the selected algorithm, can be given as KEY_SPEC. - MISC_DATA is not used yet. */ -gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle, - unsigned int nbits, void *spec, - gcry_ac_key_pair_t *key_pair, - gcry_mpi_t **misc_data); - -/* Returns the key of type WHICH out of the key pair KEY_PAIR. */ -gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair, - gcry_ac_key_type_t which); - -/* Returns the data set contained in the key KEY. */ -gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key); - -/* Verifies that the key KEY is sane via HANDLE. */ -gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key); - -/* Stores the number of bits of the key KEY in NBITS via HANDLE. */ -gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle, - gcry_ac_key_t key, unsigned int *nbits); - -/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via - HANDLE. */ -gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key, - unsigned char *key_grip); - -/* Destroy a key. */ -void gcry_ac_key_destroy (gcry_ac_key_t key); - -/* Destroy a key pair. */ -void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair); - -/* Encodes a message according to the encoding method METHOD. OPTIONS - must be a pointer to a method-specific structure - (gcry_ac_em*_t). */ -gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method, - unsigned int flags, void *options, - gcry_ac_io_t *io_read, - gcry_ac_io_t *io_write); - -/* Decodes a message according to the encoding method METHOD. OPTIONS - must be a pointer to a method-specific structure - (gcry_ac_em*_t). */ -gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method, - unsigned int flags, void *options, - gcry_ac_io_t *io_read, - gcry_ac_io_t *io_write); - -/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under - the control of the flags FLAGS and store the resulting data set - into DATA_ENCRYPTED. */ -gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t data_plain, - gcry_ac_data_t *data_encrypted); - -/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED - with the key KEY under the control of the flags FLAGS and store the - resulting plain text MPI value in DATA_PLAIN. */ -gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t *data_plain, - gcry_ac_data_t data_encrypted); - -/* Sign the data contained in DATA with the key KEY and store the - resulting signature in the data set DATA_SIGNATURE. */ -gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t *data_signature); - -/* Verify that the signature contained in the data set DATA_SIGNATURE - is indeed the result of signing the data contained in DATA with the - secret key belonging to the public key KEY. */ -gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t data_signature); - -/* Encrypts the plain text readable from IO_MESSAGE through HANDLE - with the public key KEY according to SCHEME, FLAGS and OPTS. If - OPTS is not NULL, it has to be a pointer to a structure specific to - the chosen scheme (gcry_ac_es_*_t). The encrypted message is - written to IO_CIPHER. */ -gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_cipher); - -/* Decrypts the cipher text readable from IO_CIPHER through HANDLE - with the secret key KEY according to SCHEME, @var{flags} and OPTS. - If OPTS is not NULL, it has to be a pointer to a structure specific - to the chosen scheme (gcry_ac_es_*_t). The decrypted message is - written to IO_MESSAGE. */ -gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_cipher, - gcry_ac_io_t *io_message); - -/* Signs the message readable from IO_MESSAGE through HANDLE with the - secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not - NULL, it has to be a pointer to a structure specific to the chosen - scheme (gcry_ac_ssa_*_t). The signature is written to - IO_SIGNATURE. */ -gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature); - -/* Verifies through HANDLE that the signature readable from - IO_SIGNATURE is indeed the result of signing the message readable - from IO_MESSAGE with the secret key belonging to the public key KEY - according to SCHEME and OPTS. If OPTS is not NULL, it has to be an - anonymous structure (gcry_ac_ssa_*_t) specific to the chosen - scheme. */ -gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature); - -/* Store the textual representation of the algorithm whose id is given - in ALGORITHM in NAME. This function is deprecated; use - gcry_pk_algo_name. */ -#ifndef GCRYPT_NO_DEPRECATED -gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm, - const char **name) - /* */ _GCRY_GCC_ATTR_DEPRECATED; -/* Store the numeric ID of the algorithm whose textual representation - is contained in NAME in ALGORITHM. This function is deprecated; - use gcry_pk_map_name. */ -gcry_error_t gcry_ac_name_to_id (const char *name, - gcry_ac_id_t *algorithm) - /* */ _GCRY_GCC_ATTR_DEPRECATED; -#endif /************************************ @@ -1624,6 +1440,14 @@ gcry_error_t gcry_ac_name_to_id (const char *name, * * ************************************/ +/* The type of the random number generator. */ +enum gcry_rng_types + { + GCRY_RNG_TYPE_STANDARD = 1, /* The default CSPRNG generator. */ + GCRY_RNG_TYPE_FIPS = 2, /* The FIPS X9.31 AES generator. */ + GCRY_RNG_TYPE_SYSTEM = 3 /* The system's native generator. */ + }; + /* The possible values for the random quality. The rule of thumb is to use STRONG for session keys and VERY_STRONG for key material. WEAK is usually an alias for STRONG and should not be used anymore @@ -1744,8 +1568,20 @@ gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags); * * ************************************/ +/* Release the context object CTX. */ +void gcry_ctx_release (gcry_ctx_t ctx); + +/* Log data using Libgcrypt's own log interface. */ +void gcry_log_debug (const char *fmt, ...) _GCRY_GCC_ATTR_PRINTF(1,2); +void gcry_log_debughex (const char *text, const void *buffer, size_t length); +void gcry_log_debugmpi (const char *text, gcry_mpi_t mpi); +void gcry_log_debugpnt (const char *text, + gcry_mpi_point_t point, gcry_ctx_t ctx); +void gcry_log_debugsxp (const char *text, gcry_sexp_t sexp); + + /* Log levels used by the internal logging facility. */ -enum gcry_log_levels +enum gcry_log_levels { GCRY_LOG_CONT = 0, /* (Continue the last log line.) */ GCRY_LOG_INFO = 10, @@ -1831,9 +1667,6 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) -/* Include support for Libgcrypt modules. */ -#include <gcrypt-module.h> - #if 0 /* (Keep Emacsens' auto-indent happy.) */ { #endif @@ -1841,3 +1674,8 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; } #endif #endif /* _GCRYPT_H */ +/* +Local Variables: +buffer-read-only: t +End: +*/ diff --git a/plugins/MirOTR/Libgcrypt/src/gcrypt.h.in b/plugins/MirOTR/Libgcrypt/src/gcrypt.h.in deleted file mode 100644 index 3d1cb4cb3d..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/gcrypt.h.in +++ /dev/null @@ -1,1839 +0,0 @@ -/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- - Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006 - 2007, 2008, 2009, 2010 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, see <http://www.gnu.org/licenses/>. - - File: @configure_input@ */ - -#ifndef _GCRYPT_H -#define _GCRYPT_H - -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> - -#include <gpg-error.h> - -#include <sys/types.h> - -#if defined _WIN32 || defined __WIN32__ -# include <winsock2.h> -# include <ws2tcpip.h> -# include <time.h> -# ifndef __GNUC__ - typedef long ssize_t; - typedef int pid_t; -# endif /*!__GNUC__*/ -#else -# include <sys/socket.h> -# include <sys/time.h> -#endif /*!_WIN32*/ - -@FALLBACK_SOCKLEN_T@ - - -/* This is required for error code compatibility. */ -#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT - -#ifdef __cplusplus -extern "C" { -#if 0 /* (Keep Emacsens' auto-indent happy.) */ -} -#endif -#endif - -/* The version of this header should match the one of the library. It - should not be used by a program because gcry_check_version() should - return the same version. The purpose of this macro is to let - autoconf (using the AM_PATH_GCRYPT macro) check that this header - matches the installed library. */ -#define GCRYPT_VERSION "@VERSION@" - -/* Internal: We can't use the convenience macros for the multi - precision integer functions when building this library. */ -#ifdef _GCRYPT_IN_LIBGCRYPT -#ifndef GCRYPT_NO_MPI_MACROS -#define GCRYPT_NO_MPI_MACROS 1 -#endif -#endif - -/* We want to use gcc attributes when possible. Warning: Don't use - these macros in your programs: As indicated by the leading - underscore they are subject to change without notice. */ -#ifdef __GNUC__ - -#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \ - + __GNUC_MINOR__ * 100 \ - + __GNUC_PATCHLEVEL__) - -#if _GCRY_GCC_VERSION >= 30100 -#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__)) -#endif - -#if _GCRY_GCC_VERSION >= 29600 -#define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__)) -#endif - -#if _GCRY_GCC_VERSION >= 30200 -#define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__)) -#endif - -#endif /*__GNUC__*/ - -#ifndef _GCRY_GCC_ATTR_DEPRECATED -#define _GCRY_GCC_ATTR_DEPRECATED -#endif -#ifndef _GCRY_GCC_ATTR_PURE -#define _GCRY_GCC_ATTR_PURE -#endif -#ifndef _GCRY_GCC_ATTR_MALLOC -#define _GCRY_GCC_ATTR_MALLOC -#endif - -/* Some members in a public type should only be used internally. - There is no "internal" attribute, so we abuse the deprecated - attribute to discourage external use. */ -#ifdef _GCRYPT_IN_LIBGCRYPT -#define _GCRY_ATTR_INTERNAL -#else -#define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED -#endif - -/* Wrappers for the libgpg-error library. */ - -typedef gpg_error_t gcry_error_t; -typedef gpg_err_code_t gcry_err_code_t; -typedef gpg_err_source_t gcry_err_source_t; - -static GPG_ERR_INLINE gcry_error_t -gcry_err_make (gcry_err_source_t source, gcry_err_code_t code) -{ - return gpg_err_make (source, code); -} - -/* The user can define GPG_ERR_SOURCE_DEFAULT before including this - file to specify a default source for gpg_error. */ -#ifndef GCRY_ERR_SOURCE_DEFAULT -#define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1 -#endif - -static GPG_ERR_INLINE gcry_error_t -gcry_error (gcry_err_code_t code) -{ - return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code); -} - -static GPG_ERR_INLINE gcry_err_code_t -gcry_err_code (gcry_error_t err) -{ - return gpg_err_code (err); -} - - -static GPG_ERR_INLINE gcry_err_source_t -gcry_err_source (gcry_error_t err) -{ - return gpg_err_source (err); -} - -/* Return a pointer to a string containing a description of the error - code in the error value ERR. */ -const char *gcry_strerror (gcry_error_t err); - -/* Return a pointer to a string containing a description of the error - source in the error value ERR. */ -const char *gcry_strsource (gcry_error_t err); - -/* Retrieve the error code for the system error ERR. This returns - GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report - this). */ -gcry_err_code_t gcry_err_code_from_errno (int err); - -/* Retrieve the system error for the error code CODE. This returns 0 - if CODE is not a system error code. */ -int gcry_err_code_to_errno (gcry_err_code_t code); - -/* Return an error value with the error source SOURCE and the system - error ERR. */ -gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err); - -/* Return an error value with the system error ERR. */ -gcry_err_code_t gcry_error_from_errno (int err); - - -/* This enum is deprecated; it is only declared for the sake of - complete API compatibility. */ -enum gcry_thread_option - { - _GCRY_THREAD_OPTION_DUMMY - } _GCRY_GCC_ATTR_DEPRECATED; - - -/* Constants defining the thread model to use. Used with the OPTION - field of the struct gcry_thread_cbs. */ -#define GCRY_THREAD_OPTION_DEFAULT 0 -#define GCRY_THREAD_OPTION_USER 1 -#define GCRY_THREAD_OPTION_PTH 2 -#define GCRY_THREAD_OPTION_PTHREAD 3 - -/* The version number encoded in the OPTION field of the struct - gcry_thread_cbs. */ -#define GCRY_THREAD_OPTION_VERSION 0 - -/* Wrapper for struct ath_ops. */ -struct gcry_thread_cbs -{ - /* The OPTION field encodes the thread model and the version number - of this structure. - Bits 7 - 0 are used for the thread model - Bits 15 - 8 are used for the version number. - */ - unsigned int option; - - int (*init) (void); - int (*mutex_init) (void **priv); - int (*mutex_destroy) (void **priv); - int (*mutex_lock) (void **priv); - int (*mutex_unlock) (void **priv); - ssize_t (*read) (int fd, void *buf, size_t nbytes); - ssize_t (*write) (int fd, const void *buf, size_t nbytes); -#ifdef _WIN32 - ssize_t (*select) (int nfd, void *rset, void *wset, void *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, void *addr, int *length_ptr); - int (*connect) (int s, void *addr, gcry_socklen_t length); - int (*sendmsg) (int s, const void *msg, int flags); - int (*recvmsg) (int s, void *msg, int flags); -#else - ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, - struct timeval *timeout); - ssize_t (*waitpid) (pid_t pid, int *status, int options); - int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr); - int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length); - int (*sendmsg) (int s, const struct msghdr *msg, int flags); - int (*recvmsg) (int s, struct msghdr *msg, int flags); -#endif -}; - -#ifdef _WIN32 -# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \ -static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \ - void *eset, struct timeval *timeout) \ - { return pth_select (nfd, rset, wset, eset, timeout); } \ -static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \ - { return pth_waitpid (pid, status, options); } \ -static int gcry_pth_accept (int s, void *addr, \ - gcry_socklen_t *length_ptr) \ - { return pth_accept (s, addr, length_ptr); } \ -static int gcry_pth_connect (int s, void *addr, \ - gcry_socklen_t length) \ - { return pth_connect (s, addr, length); } -#else /*!_WIN32*/ -# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \ -static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \ - fd_set *eset, struct timeval *timeout) \ - { return pth_select (nfd, rset, wset, eset, timeout); } \ -static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \ - { return pth_waitpid (pid, status, options); } \ -static int gcry_pth_accept (int s, struct sockaddr *addr, \ - gcry_socklen_t *length_ptr) \ - { return pth_accept (s, addr, length_ptr); } \ -static int gcry_pth_connect (int s, struct sockaddr *addr, \ - gcry_socklen_t length) \ - { return pth_connect (s, addr, length); } -#endif /*!_WIN32*/ - - - -#define GCRY_THREAD_OPTION_PTH_IMPL \ -static int gcry_pth_init (void) \ -{ return (pth_init () == FALSE) ? errno : 0; } \ -static int gcry_pth_mutex_init (void **priv) \ -{ \ - int err = 0; \ - pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \ - \ - if (!lock) \ - err = ENOMEM; \ - if (!err) \ - { \ - err = pth_mutex_init (lock); \ - if (err == FALSE) \ - err = errno; \ - else \ - err = 0; \ - if (err) \ - free (lock); \ - else \ - *priv = lock; \ - } \ - return err; \ -} \ -static int gcry_pth_mutex_destroy (void **lock) \ - { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \ -static int gcry_pth_mutex_lock (void **lock) \ - { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \ - ? errno : 0; } \ -static int gcry_pth_mutex_unlock (void **lock) \ - { return ((pth_mutex_release (*lock)) == FALSE) \ - ? errno : 0; } \ -static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \ - { return pth_read (fd, buf, nbytes); } \ -static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \ - { return pth_write (fd, buf, nbytes); } \ -_GCRY_THREAD_OPTION_PTH_IMPL_NET \ - \ -/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \ -static struct gcry_thread_cbs gcry_threads_pth = { \ - (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \ - gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \ - gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \ - gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \ - NULL, NULL } - - -#define GCRY_THREAD_OPTION_PTHREAD_IMPL \ -static int gcry_pthread_mutex_init (void **priv) \ -{ \ - int err = 0; \ - pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\ - \ - if (!lock) \ - err = ENOMEM; \ - if (!err) \ - { \ - err = pthread_mutex_init (lock, NULL); \ - if (err) \ - free (lock); \ - else \ - *priv = lock; \ - } \ - return err; \ -} \ -static int gcry_pthread_mutex_destroy (void **lock) \ - { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \ - free (*lock); return err; } \ -static int gcry_pthread_mutex_lock (void **lock) \ - { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \ -static int gcry_pthread_mutex_unlock (void **lock) \ - { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \ - \ -static struct gcry_thread_cbs gcry_threads_pthread = { \ - (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \ - NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \ - gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \ - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } - - -/* The data object used to hold a multi precision integer. */ -struct gcry_mpi; -typedef struct gcry_mpi *gcry_mpi_t; - -#ifndef GCRYPT_NO_DEPRECATED -typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED; -typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED; -#endif - - - -/* Check that the library fulfills the version requirement. */ -const char *gcry_check_version (const char *req_version); - -/* Codes for function dispatchers. */ - -/* Codes used with the gcry_control function. */ -enum gcry_ctl_cmds - { - GCRYCTL_SET_KEY = 1, - GCRYCTL_SET_IV = 2, - GCRYCTL_CFB_SYNC = 3, - GCRYCTL_RESET = 4, /* e.g. for MDs */ - GCRYCTL_FINALIZE = 5, - GCRYCTL_GET_KEYLEN = 6, - GCRYCTL_GET_BLKLEN = 7, - GCRYCTL_TEST_ALGO = 8, - GCRYCTL_IS_SECURE = 9, - GCRYCTL_GET_ASNOID = 10, - GCRYCTL_ENABLE_ALGO = 11, - GCRYCTL_DISABLE_ALGO = 12, - GCRYCTL_DUMP_RANDOM_STATS = 13, - GCRYCTL_DUMP_SECMEM_STATS = 14, - GCRYCTL_GET_ALGO_NPKEY = 15, - GCRYCTL_GET_ALGO_NSKEY = 16, - GCRYCTL_GET_ALGO_NSIGN = 17, - GCRYCTL_GET_ALGO_NENCR = 18, - GCRYCTL_SET_VERBOSITY = 19, - GCRYCTL_SET_DEBUG_FLAGS = 20, - GCRYCTL_CLEAR_DEBUG_FLAGS = 21, - GCRYCTL_USE_SECURE_RNDPOOL= 22, - GCRYCTL_DUMP_MEMORY_STATS = 23, - GCRYCTL_INIT_SECMEM = 24, - GCRYCTL_TERM_SECMEM = 25, - GCRYCTL_DISABLE_SECMEM_WARN = 27, - GCRYCTL_SUSPEND_SECMEM_WARN = 28, - GCRYCTL_RESUME_SECMEM_WARN = 29, - GCRYCTL_DROP_PRIVS = 30, - GCRYCTL_ENABLE_M_GUARD = 31, - GCRYCTL_START_DUMP = 32, - GCRYCTL_STOP_DUMP = 33, - GCRYCTL_GET_ALGO_USAGE = 34, - GCRYCTL_IS_ALGO_ENABLED = 35, - GCRYCTL_DISABLE_INTERNAL_LOCKING = 36, - GCRYCTL_DISABLE_SECMEM = 37, - GCRYCTL_INITIALIZATION_FINISHED = 38, - GCRYCTL_INITIALIZATION_FINISHED_P = 39, - GCRYCTL_ANY_INITIALIZATION_P = 40, - GCRYCTL_SET_CBC_CTS = 41, - GCRYCTL_SET_CBC_MAC = 42, - GCRYCTL_SET_CTR = 43, - GCRYCTL_ENABLE_QUICK_RANDOM = 44, - GCRYCTL_SET_RANDOM_SEED_FILE = 45, - GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46, - GCRYCTL_SET_THREAD_CBS = 47, - GCRYCTL_FAST_POLL = 48, - GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49, - GCRYCTL_USE_RANDOM_DAEMON = 50, - GCRYCTL_FAKED_RANDOM_P = 51, - GCRYCTL_SET_RNDEGD_SOCKET = 52, - GCRYCTL_PRINT_CONFIG = 53, - GCRYCTL_OPERATIONAL_P = 54, - GCRYCTL_FIPS_MODE_P = 55, - GCRYCTL_FORCE_FIPS_MODE = 56, - GCRYCTL_SELFTEST = 57 - /* Note: 58 .. 62 are used internally. */ - }; - -/* Perform various operations defined by CMD. */ -gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...); - - -/* S-expression management. */ - -/* The object to represent an S-expression as used with the public key - functions. */ -struct gcry_sexp; -typedef struct gcry_sexp *gcry_sexp_t; - -#ifndef GCRYPT_NO_DEPRECATED -typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED; -typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED; -#endif - -/* The possible values for the S-expression format. */ -enum gcry_sexp_format - { - GCRYSEXP_FMT_DEFAULT = 0, - GCRYSEXP_FMT_CANON = 1, - GCRYSEXP_FMT_BASE64 = 2, - GCRYSEXP_FMT_ADVANCED = 3 - }; - -/* Create an new S-expression object from BUFFER of size LENGTH and - return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER - is expected to be in canonized format. */ -gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp, - const void *buffer, size_t length, - int autodetect); - - /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the - effect to transfer ownership of BUFFER to the created object. */ -gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp, - void *buffer, size_t length, - int autodetect, void (*freefnc) (void *)); - -/* Scan BUFFER and return a new S-expression object in RETSEXP. This - function expects a printf like string in BUFFER. */ -gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, - const char *buffer, size_t length); - -/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus - only be used for certain encodings. */ -gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, - const char *format, ...); - -/* Like gcry_sexp_build, but uses an array instead of variable - function arguments. */ -gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, - const char *format, void **arg_list); - -/* Release the S-expression object SEXP */ -void gcry_sexp_release (gcry_sexp_t sexp); - -/* Calculate the length of an canonized S-expresion in BUFFER and - check for a valid encoding. */ -size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, - size_t *erroff, gcry_error_t *errcode); - -/* Copies the S-expression object SEXP into BUFFER using the format - specified in MODE. */ -size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer, - size_t maxlength); - -/* Dumps the S-expression object A in a format suitable for debugging - to Libgcrypt's logging stream. */ -void gcry_sexp_dump (const gcry_sexp_t a); - -gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b); -gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array); -gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...); -gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n); -gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n); - -/* Scan the S-expression for a sublist with a type (the car of the - list) matching the string TOKEN. If TOKLEN is not 0, the token is - assumed to be raw memory of this length. The function returns a - newly allocated S-expression consisting of the found sublist or - `NULL' when not found. */ -gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list, - const char *tok, size_t toklen); -/* Return the length of the LIST. For a valid S-expression this - should be at least 1. */ -int gcry_sexp_length (const gcry_sexp_t list); - -/* Create and return a new S-expression from the element with index - NUMBER in LIST. Note that the first element has the index 0. If - there is no such element, `NULL' is returned. */ -gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number); - -/* Create and return a new S-expression from the first element in - LIST; this called the "type" and should always exist and be a - string. `NULL' is returned in case of a problem. */ -gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list); - -/* Create and return a new list form all elements except for the first - one. Note, that this function may return an invalid S-expression - because it is not guaranteed, that the type exists and is a string. - However, for parsing a complex S-expression it might be useful for - intermediate lists. Returns `NULL' on error. */ -gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list); - -gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list); - - -/* This function is used to get data from a LIST. A pointer to the - actual data with index NUMBER is returned and the length of this - data will be stored to DATALEN. If there is no data at the given - index or the index represents another list, `NULL' is returned. - *Note:* The returned pointer is valid as long as LIST is not - modified or released. */ -const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number, - size_t *datalen); - -/* This function is used to get and convert data from a LIST. The - data is assumed to be a Nul terminated string. The caller must - release the returned value using `gcry_free'. If there is no data - at the given index, the index represents a list or the value can't - be converted to a string, `NULL' is returned. */ -char *gcry_sexp_nth_string (gcry_sexp_t list, int number); - -/* This function is used to get and convert data from a LIST. This - data is assumed to be an MPI stored in the format described by - MPIFMT and returned as a standard Libgcrypt MPI. The caller must - release this returned value using `gcry_mpi_release'. If there is - no data at the given index, the index represents a list or the - value can't be converted to an MPI, `NULL' is returned. */ -gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt); - - - -/******************************************* - * * - * Multi Precision Integer Functions * - * * - *******************************************/ - -/* Different formats of external big integer representation. */ -enum gcry_mpi_format - { - GCRYMPI_FMT_NONE= 0, - GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */ - GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */ - GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */ - GCRYMPI_FMT_HEX = 4, /* Hex format. */ - GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */ - }; - -/* Flags used for creating big integers. */ -enum gcry_mpi_flag - { - GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */ - GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just - a way to store some bytes. This is - useful for encrypted big integers. */ - }; - - -/* Allocate a new big integer object, initialize it with 0 and - initially allocate memory for a number of at least NBITS. */ -gcry_mpi_t gcry_mpi_new (unsigned int nbits); - -/* Same as gcry_mpi_new() but allocate in "secure" memory. */ -gcry_mpi_t gcry_mpi_snew (unsigned int nbits); - -/* Release the number A and free all associated resources. */ -void gcry_mpi_release (gcry_mpi_t a); - -/* Create a new number with the same value as A. */ -gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a); - -/* Store the big integer value U in W. */ -gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u); - -/* Store the unsigned integer value U in W. */ -gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u); - -/* Swap the values of A and B. */ -void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b); - -/* Compare the big integer number U and V returning 0 for equality, a - positive value for U > V and a negative for U < V. */ -int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v); - -/* Compare the big integer number U with the unsigned integer V - returning 0 for equality, a positive value for U > V and a negative - for U < V. */ -int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v); - -/* Convert the external representation of an integer stored in BUFFER - with a length of BUFLEN into a newly create MPI returned in - RET_MPI. If NSCANNED is not NULL, it will receive the number of - bytes actually scanned after a successful operation. */ -gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, - const void *buffer, size_t buflen, - size_t *nscanned); - -/* Convert the big integer A into the external representation - described by FORMAT and store it in the provided BUFFER which has - been allocated by the user with a size of BUFLEN bytes. NWRITTEN - receives the actual length of the external representation unless it - has been passed as NULL. */ -gcry_error_t gcry_mpi_print (enum gcry_mpi_format format, - unsigned char *buffer, size_t buflen, - size_t *nwritten, - const gcry_mpi_t a); - -/* Convert the big integer A int the external representation described - by FORMAT and store it in a newly allocated buffer which address - will be put into BUFFER. NWRITTEN receives the actual lengths of the - external representation. */ -gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format, - unsigned char **buffer, size_t *nwritten, - const gcry_mpi_t a); - -/* Dump the value of A in a format suitable for debugging to - Libgcrypt's logging stream. Note that one leading space but no - trailing space or linefeed will be printed. It is okay to pass - NULL for A. */ -void gcry_mpi_dump (const gcry_mpi_t a); - - -/* W = U + V. */ -void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); - -/* W = U + V. V is an unsigned integer. */ -void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v); - -/* W = U + V mod M. */ -void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); - -/* W = U - V. */ -void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); - -/* W = U - V. V is an unsigned integer. */ -void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v ); - -/* W = U - V mod M */ -void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); - -/* W = U * V. */ -void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v); - -/* W = U * V. V is an unsigned integer. */ -void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v ); - -/* W = U * V mod M. */ -void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m); - -/* W = U * (2 ^ CNT). */ -void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt); - -/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR, - Q or R may be passed as NULL. ROUND should be negative or 0. */ -void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r, - gcry_mpi_t dividend, gcry_mpi_t divisor, int round); - -/* R = DIVIDEND % DIVISOR */ -void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor); - -/* W = B ^ E mod M. */ -void gcry_mpi_powm (gcry_mpi_t w, - const gcry_mpi_t b, const gcry_mpi_t e, - const gcry_mpi_t m); - -/* Set G to the greatest common divisor of A and B. - Return true if the G is 1. */ -int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b); - -/* Set X to the multiplicative inverse of A mod M. - Return true if the value exists. */ -int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m); - - -/* Return the number of bits required to represent A. */ -unsigned int gcry_mpi_get_nbits (gcry_mpi_t a); - -/* Return true when bit number N (counting from 0) is set in A. */ -int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n); - -/* Set bit number N in A. */ -void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n); - -/* Clear bit number N in A. */ -void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n); - -/* Set bit number N in A and clear all bits greater than N. */ -void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n); - -/* Clear bit number N in A and all bits greater than N. */ -void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n); - -/* Shift the value of A by N bits to the right and store the result in X. */ -void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); - -/* Shift the value of A by N bits to the left and store the result in X. */ -void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n); - -/* Store NBITS of the value P points to in A and mark A as an opaque - value. WARNING: Never use an opaque MPI for anything thing else then - gcry_mpi_release, gcry_mpi_get_opaque. */ -gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits); - -/* Return a pointer to an opaque value stored in A and return its size - in NBITS. Note that the returned pointer is still owned by A and - that the function should never be used for an non-opaque MPI. */ -void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits); - -/* Set the FLAG for the big integer A. Currently only the flag - GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger - stored in "secure" memory. */ -void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); - -/* Clear FLAG for the big integer A. Note that this function is - currently useless as no flags are allowed. */ -void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); - -/* Return true when the FLAG is set for A. */ -int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); - -/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of - convenience macros for the big integer functions. */ -#ifndef GCRYPT_NO_MPI_MACROS -#define mpi_new(n) gcry_mpi_new( (n) ) -#define mpi_secure_new( n ) gcry_mpi_snew( (n) ) -#define mpi_release(a) \ - do \ - { \ - gcry_mpi_release ((a)); \ - (a) = NULL; \ - } \ - while (0) - -#define mpi_copy( a ) gcry_mpi_copy( (a) ) -#define mpi_set( w, u) gcry_mpi_set( (w), (u) ) -#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) ) -#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) ) -#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) ) - -#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v)) -#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v)) -#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m)) -#define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v)) -#define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v)) -#define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m)) -#define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v)) -#define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v)) -#define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v)) -#define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m)) -#define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) ) -#define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0) -#define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1) -#define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m)) -#define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) ) -#define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) ) - -#define mpi_get_nbits(a) gcry_mpi_get_nbits ((a)) -#define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b)) -#define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b)) -#define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b)) -#define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b)) -#define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b)) -#define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c)) -#define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c)) - -#define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) ) -#define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) ) -#endif /* GCRYPT_NO_MPI_MACROS */ - - - -/************************************ - * * - * Symmetric Cipher Functions * - * * - ************************************/ - -/* The data object used to hold a handle to an encryption object. */ -struct gcry_cipher_handle; -typedef struct gcry_cipher_handle *gcry_cipher_hd_t; - -#ifndef GCRYPT_NO_DEPRECATED -typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED; -typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED; -#endif - -/* All symmetric encryption algorithms are identified by their IDs. - More IDs may be registered at runtime. */ -enum gcry_cipher_algos - { - GCRY_CIPHER_NONE = 0, - GCRY_CIPHER_IDEA = 1, - GCRY_CIPHER_3DES = 2, - GCRY_CIPHER_CAST5 = 3, - GCRY_CIPHER_BLOWFISH = 4, - GCRY_CIPHER_SAFER_SK128 = 5, - GCRY_CIPHER_DES_SK = 6, - GCRY_CIPHER_AES = 7, - GCRY_CIPHER_AES192 = 8, - GCRY_CIPHER_AES256 = 9, - GCRY_CIPHER_TWOFISH = 10, - - /* Other cipher numbers are above 300 for OpenPGP reasons. */ - GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */ - GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */ - GCRY_CIPHER_TWOFISH128 = 303, - GCRY_CIPHER_SERPENT128 = 304, - GCRY_CIPHER_SERPENT192 = 305, - GCRY_CIPHER_SERPENT256 = 306, - GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */ - GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */ - GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */ - GCRY_CIPHER_CAMELLIA128 = 310, - GCRY_CIPHER_CAMELLIA192 = 311, - GCRY_CIPHER_CAMELLIA256 = 312 - }; - -/* The Rijndael algorithm is basically AES, so provide some macros. */ -#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES -#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES -#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128 -#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192 -#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256 - -/* The supported encryption modes. Note that not all of them are - supported for each algorithm. */ -enum gcry_cipher_modes - { - GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */ - GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */ - GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */ - GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */ - GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */ - GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */ - GCRY_CIPHER_MODE_CTR = 6, /* Counter. */ - GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */ - }; - -/* Flags used with the open function. */ -enum gcry_cipher_flags - { - GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */ - GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */ - GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */ - GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */ - }; - - -/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may - be given as an bitwise OR of the gcry_cipher_flags values. */ -gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle, - int algo, int mode, unsigned int flags); - -/* Close the cioher handle H and release all resource. */ -void gcry_cipher_close (gcry_cipher_hd_t h); - -/* Perform various operations on the cipher object H. */ -gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, - size_t buflen); - -/* Retrieve various information about the cipher object H. */ -gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer, - size_t *nbytes); - -/* Retrieve various information about the cipher algorithm ALGO. */ -gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer, - size_t *nbytes); - -/* Map the cipher algorithm whose ID is contained in ALGORITHM to a - string representation of the algorithm name. For unknown algorithm - IDs this function returns "?". */ -const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; - -/* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if - the algorithm name is not known. */ -int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE; - -/* Given an ASN.1 object identifier in standard IETF dotted decimal - format in STRING, return the encryption mode associated with that - OID or 0 if not known or applicable. */ -int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE; - -/* Encrypt the plaintext of size INLEN in IN using the cipher handle H - into the buffer OUT which has an allocated length of OUTSIZE. For - most algorithms it is possible to pass NULL for in and 0 for INLEN - and do a in-place decryption of the data provided in OUT. */ -gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h, - void *out, size_t outsize, - const void *in, size_t inlen); - -/* The counterpart to gcry_cipher_encrypt. */ -gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h, - void *out, size_t outsize, - const void *in, size_t inlen); - -/* Set KEY of length KEYLEN bytes for the cipher handle HD. */ -gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd, - const void *key, size_t keylen); - - -/* Set initialization vector IV of length IVLEN for the cipher handle HD. */ -gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd, - const void *iv, size_t ivlen); - - -/* Reset the handle to the state after open. */ -#define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0) - -/* Perform the OpenPGP sync operation if this is enabled for the - cipher handle H. */ -#define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0) - -/* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */ -#define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \ - NULL, on ) - -/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of - block size length, or (NULL,0) to set the CTR to the all-zero block. */ -gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd, - const void *ctr, size_t ctrlen); - -/* Retrieved the key length in bytes used with algorithm A. */ -size_t gcry_cipher_get_algo_keylen (int algo); - -/* Retrieve the block length in bytes used with algorithm A. */ -size_t gcry_cipher_get_algo_blklen (int algo); - -/* Return 0 if the algorithm A is available for use. */ -#define gcry_cipher_test_algo(a) \ - gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) - -/* Get a list consisting of the IDs of the loaded cipher modules. If - LIST is zero, write the number of loaded cipher modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less cipher modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_cipher_list (int *list, int *list_length); - - -/************************************ - * * - * Asymmetric Cipher Functions * - * * - ************************************/ - -/* The algorithms and their IDs we support. */ -enum gcry_pk_algos - { - GCRY_PK_RSA = 1, - GCRY_PK_RSA_E = 2, /* (deprecated) */ - GCRY_PK_RSA_S = 3, /* (deprecated) */ - GCRY_PK_ELG_E = 16, - GCRY_PK_DSA = 17, - GCRY_PK_ELG = 20, - GCRY_PK_ECDSA = 301 - }; - -/* Flags describing usage capabilities of a PK algorithm. */ -#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */ -#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */ -#define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */ -#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */ -#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */ - -/* Encrypt the DATA using the public key PKEY and store the result as - a newly created S-expression at RESULT. */ -gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result, - gcry_sexp_t data, gcry_sexp_t pkey); - -/* Decrypt the DATA using the private key SKEY and store the result as - a newly created S-expression at RESULT. */ -gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result, - gcry_sexp_t data, gcry_sexp_t skey); - -/* Sign the DATA using the private key SKEY and store the result as - a newly created S-expression at RESULT. */ -gcry_error_t gcry_pk_sign (gcry_sexp_t *result, - gcry_sexp_t data, gcry_sexp_t skey); - -/* Check the signature SIGVAL on DATA using the public key PKEY. */ -gcry_error_t gcry_pk_verify (gcry_sexp_t sigval, - gcry_sexp_t data, gcry_sexp_t pkey); - -/* Check that private KEY is sane. */ -gcry_error_t gcry_pk_testkey (gcry_sexp_t key); - -/* Generate a new key pair according to the parameters given in - S_PARMS. The new key pair is returned in as an S-expression in - R_KEY. */ -gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms); - -/* Catch all function for miscellaneous operations. */ -gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen); - -/* Retrieve information about the public key algorithm ALGO. */ -gcry_error_t gcry_pk_algo_info (int algo, int what, - void *buffer, size_t *nbytes); - -/* Map the public key algorithm whose ID is contained in ALGORITHM to - a string representation of the algorithm name. For unknown - algorithm IDs this functions returns "?". */ -const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; - -/* Map the algorithm NAME to a public key algorithm Id. Return 0 if - the algorithm name is not known. */ -int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE; - -/* Return what is commonly referred as the key length for the given - public or private KEY. */ -unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE; - -/* Please note that keygrip is still experimental and should not be - used without contacting the author. */ -unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array); - -/* Return 0 if the public key algorithm A is available for use. */ -#define gcry_pk_test_algo(a) \ - gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) - -/* Get a list consisting of the IDs of the loaded pubkey modules. If - LIST is zero, write the number of loaded pubkey modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less pubkey modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_pk_list (int *list, int *list_length); - - - -/************************************ - * * - * Cryptograhic Hash Functions * - * * - ************************************/ - -/* Algorithm IDs for the hash functions we know about. Not all of them - are implemnted. */ -enum gcry_md_algos - { - GCRY_MD_NONE = 0, - GCRY_MD_MD5 = 1, - GCRY_MD_SHA1 = 2, - GCRY_MD_RMD160 = 3, - GCRY_MD_MD2 = 5, - GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */ - GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ - GCRY_MD_SHA256 = 8, - GCRY_MD_SHA384 = 9, - GCRY_MD_SHA512 = 10, - GCRY_MD_SHA224 = 11, - GCRY_MD_MD4 = 301, - GCRY_MD_CRC32 = 302, - GCRY_MD_CRC32_RFC1510 = 303, - GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305, - GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */ - GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */ - }; - -/* Flags used with the open function. */ -enum gcry_md_flags - { - GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */ - GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */ - }; - -/* (Forward declaration.) */ -struct gcry_md_context; - -/* This object is used to hold a handle to a message digest object. - This structure is private - only to be used by the public gcry_md_* - macros. */ -typedef struct gcry_md_handle -{ - /* Actual context. */ - struct gcry_md_context *ctx; - - /* Buffer management. */ - int bufpos; - int bufsize; - unsigned char buf[1]; -} *gcry_md_hd_t; - -/* Compatibility types, do not use them. */ -#ifndef GCRYPT_NO_DEPRECATED -typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED; -typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED; -#endif - -/* Create a message digest object for algorithm ALGO. FLAGS may be - given as an bitwise OR of the gcry_md_flags values. ALGO may be - given as 0 if the algorithms to be used are later set using - gcry_md_enable. */ -gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags); - -/* Release the message digest object HD. */ -void gcry_md_close (gcry_md_hd_t hd); - -/* Add the message digest algorithm ALGO to the digest object HD. */ -gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo); - -/* Create a new digest object as an exact copy of the object HD. */ -gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd); - -/* Reset the digest object HD to its initial state. */ -void gcry_md_reset (gcry_md_hd_t hd); - -/* Perform various operations on the digest object HD. */ -gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd, - void *buffer, size_t buflen); - -/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that - it can update the digest values. This is the actual hash - function. */ -void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length); - -/* Read out the final digest from HD return the digest value for - algorithm ALGO. */ -unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo); - -/* Convenience function to calculate the hash from the data in BUFFER - of size LENGTH using the algorithm ALGO avoiding the creating of a - hash object. The hash is returned in the caller provided buffer - DIGEST which must be large enough to hold the digest of the given - algorithm. */ -void gcry_md_hash_buffer (int algo, void *digest, - const void *buffer, size_t length); - -/* Retrieve the algorithm used with HD. This does not work reliable - if more than one algorithm is enabled in HD. */ -int gcry_md_get_algo (gcry_md_hd_t hd); - -/* Retrieve the length in bytes of the digest yielded by algorithm - ALGO. */ -unsigned int gcry_md_get_algo_dlen (int algo); - -/* Return true if the the algorithm ALGO is enabled in the digest - object A. */ -int gcry_md_is_enabled (gcry_md_hd_t a, int algo); - -/* Return true if the digest object A is allocated in "secure" memory. */ -int gcry_md_is_secure (gcry_md_hd_t a); - -/* Retrieve various information about the object H. */ -gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer, - size_t *nbytes); - -/* Retrieve various information about the algorithm ALGO. */ -gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer, - size_t *nbytes); - -/* Map the digest algorithm id ALGO to a string representation of the - algorithm name. For unknown algorithms this function returns - "?". */ -const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE; - -/* Map the algorithm NAME to a digest algorithm Id. Return 0 if - the algorithm name is not known. */ -int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE; - -/* For use with the HMAC feature, the set MAC key to the KEY of - KEYLEN bytes. */ -gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen); - -/* Start or stop debugging for digest handle HD; i.e. create a file - named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL, - debugging stops and the file will be closed. */ -void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); - - -/* Update the hash(s) of H with the character C. This is a buffered - version of the gcry_md_write function. */ -#define gcry_md_putc(h,c) \ - do { \ - gcry_md_hd_t h__ = (h); \ - if( (h__)->bufpos == (h__)->bufsize ) \ - gcry_md_write( (h__), NULL, 0 ); \ - (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \ - } while(0) - -/* Finalize the digest calculation. This is not really needed because - gcry_md_read() does this implicitly. */ -#define gcry_md_final(a) \ - gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0) - -/* Return 0 if the algorithm A is available for use. */ -#define gcry_md_test_algo(a) \ - gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) - -/* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N - must point to size_t variable with the available size of buffer B. - After return it will receive the actual size of the returned - OID. */ -#define gcry_md_get_asnoid(a,b,n) \ - gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) - -/* Enable debugging for digest object A; i.e. create files named - dbgmd-<n>.<string> while hashing. B is a string used as the suffix - for the filename. This macro is deprecated, use gcry_md_debug. */ -#ifndef GCRYPT_NO_DEPRECATED -#define gcry_md_start_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 ) - -/* Disable the debugging of A. This macro is deprecated, use - gcry_md_debug. */ -#define gcry_md_stop_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 ) -#endif - -/* Get a list consisting of the IDs of the loaded message digest - modules. If LIST is zero, write the number of loaded message - digest modules to LIST_LENGTH and return. If LIST is non-zero, the - first *LIST_LENGTH algorithm IDs are stored in LIST, which must be - of according size. In case there are less message digest modules - than *LIST_LENGTH, *LIST_LENGTH is updated to the correct - number. */ -gcry_error_t gcry_md_list (int *list, int *list_length); - - - -/* Alternative interface for asymmetric cryptography. This interface - is deprecated. */ - -/* The algorithm IDs. */ -typedef enum gcry_ac_id - { - GCRY_AC_RSA = 1, - GCRY_AC_DSA = 17, - GCRY_AC_ELG = 20, - GCRY_AC_ELG_E = 16 - } -gcry_ac_id_t; - -/* Key types. */ -typedef enum gcry_ac_key_type - { - GCRY_AC_KEY_SECRET, - GCRY_AC_KEY_PUBLIC - } -gcry_ac_key_type_t; - -/* Encoding methods. */ -typedef enum gcry_ac_em - { - GCRY_AC_EME_PKCS_V1_5, - GCRY_AC_EMSA_PKCS_V1_5 - } -gcry_ac_em_t; - -/* Encryption and Signature schemes. */ -typedef enum gcry_ac_scheme - { - GCRY_AC_ES_PKCS_V1_5, - GCRY_AC_SSA_PKCS_V1_5 - } -gcry_ac_scheme_t; - -/* AC data. */ -#define GCRY_AC_FLAG_DEALLOC (1 << 0) -#define GCRY_AC_FLAG_COPY (1 << 1) -#define GCRY_AC_FLAG_NO_BLINDING (1 << 2) - -/* This type represents a `data set'. */ -typedef struct gcry_ac_data *gcry_ac_data_t; - -/* This type represents a single `key', either a secret one or a - public one. */ -typedef struct gcry_ac_key *gcry_ac_key_t; - -/* This type represents a `key pair' containing a secret and a public - key. */ -typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t; - -/* This type represents a `handle' that is needed by functions - performing cryptographic operations. */ -typedef struct gcry_ac_handle *gcry_ac_handle_t; - -typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque, - unsigned char *buffer, - size_t *buffer_n); - -typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque, - unsigned char *buffer, - size_t buffer_n); - -typedef enum - { - GCRY_AC_IO_READABLE, - GCRY_AC_IO_WRITABLE - } -gcry_ac_io_mode_t; - -typedef enum - { - GCRY_AC_IO_STRING, - GCRY_AC_IO_CALLBACK - } -gcry_ac_io_type_t; - -typedef struct gcry_ac_io -{ - /* This is an INTERNAL structure, do NOT use manually. */ - gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL; - gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL; - union - { - union - { - struct - { - gcry_ac_data_read_cb_t cb; - void *opaque; - } callback; - struct - { - unsigned char *data; - size_t data_n; - } string; - void *opaque; - } readable; - union - { - struct - { - gcry_ac_data_write_cb_t cb; - void *opaque; - } callback; - struct - { - unsigned char **data; - size_t *data_n; - } string; - void *opaque; - } writable; - } io _GCRY_ATTR_INTERNAL; -} -gcry_ac_io_t; - -/* The caller of gcry_ac_key_pair_generate can provide one of these - structures in order to influence the key generation process in an - algorithm-specific way. */ -typedef struct gcry_ac_key_spec_rsa -{ - gcry_mpi_t e; /* E to use. */ -} gcry_ac_key_spec_rsa_t; - -/* Structure used for passing data to the implementation of the - `EME-PKCS-V1_5' encoding method. */ -typedef struct gcry_ac_eme_pkcs_v1_5 -{ - size_t key_size; -} gcry_ac_eme_pkcs_v1_5_t; - -typedef enum gcry_md_algos gcry_md_algo_t; - -/* Structure used for passing data to the implementation of the - `EMSA-PKCS-V1_5' encoding method. */ -typedef struct gcry_ac_emsa_pkcs_v1_5 -{ - gcry_md_algo_t md; - size_t em_n; -} gcry_ac_emsa_pkcs_v1_5_t; - -/* Structure used for passing data to the implementation of the - `SSA-PKCS-V1_5' signature scheme. */ -typedef struct gcry_ac_ssa_pkcs_v1_5 -{ - gcry_md_algo_t md; -} gcry_ac_ssa_pkcs_v1_5_t; - -/* Returns a new, empty data set in DATA. */ -gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data); - -/* Destroy the data set DATA. */ -void gcry_ac_data_destroy (gcry_ac_data_t data); - -/* Create a copy of the data set DATA and store it in DATA_CP. */ -gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp, - gcry_ac_data_t data); - -/* Return the number of named MPI values inside of the data set - DATA. */ -unsigned int gcry_ac_data_length (gcry_ac_data_t data); - -/* Destroy any values contained in the data set DATA. */ -void gcry_ac_data_clear (gcry_ac_data_t data); - -/* Add the value MPI to DATA with the label NAME. If FLAGS contains - GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME - and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or - GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will - be deallocated when they are to be removed from the data set. */ -gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t mpi); - -/* Store the value labelled with NAME found in DATA in MPI. If FLAGS - contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained - in the data set. MPI may be NULL. */ -gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t *mpi); - -/* Stores in NAME and MPI the named MPI value contained in the data - set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY, - store copies of the values contained in the data set. NAME or MPI - may be NULL. */ -gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags, - unsigned int idx, - const char **name, gcry_mpi_t *mpi); - -/* Convert the data set DATA into a new S-Expression, which is to be - stored in SEXP, according to the identifiers contained in - IDENTIFIERS. */ -gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp, - const char **identifiers); - -/* Create a new data set, which is to be stored in DATA_SET, from the - S-Expression SEXP, according to the identifiers contained in - IDENTIFIERS. */ -gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp, - const char **identifiers); - -/* Initialize AC_IO according to MODE, TYPE and the variable list of - arguments. The list of variable arguments to specify depends on - the given TYPE. */ -void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, ...); - -/* Initialize AC_IO according to MODE, TYPE and the variable list of - arguments AP. The list of variable arguments to specify depends on - the given TYPE. */ -void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, va_list ap); - -/* Create a new ac handle. */ -gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle, - gcry_ac_id_t algorithm, unsigned int flags); - -/* Destroy an ac handle. */ -void gcry_ac_close (gcry_ac_handle_t handle); - -/* Initialize a key from a given data set. */ -gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle, - gcry_ac_key_type_t type, gcry_ac_data_t data); - -/* Generates a new key pair via the handle HANDLE of NBITS bits and - stores it in KEY_PAIR. In case non-standard settings are wanted, a - pointer to a structure of type gcry_ac_key_spec_<algorithm>_t, - matching the selected algorithm, can be given as KEY_SPEC. - MISC_DATA is not used yet. */ -gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle, - unsigned int nbits, void *spec, - gcry_ac_key_pair_t *key_pair, - gcry_mpi_t **misc_data); - -/* Returns the key of type WHICH out of the key pair KEY_PAIR. */ -gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair, - gcry_ac_key_type_t which); - -/* Returns the data set contained in the key KEY. */ -gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key); - -/* Verifies that the key KEY is sane via HANDLE. */ -gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key); - -/* Stores the number of bits of the key KEY in NBITS via HANDLE. */ -gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle, - gcry_ac_key_t key, unsigned int *nbits); - -/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via - HANDLE. */ -gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key, - unsigned char *key_grip); - -/* Destroy a key. */ -void gcry_ac_key_destroy (gcry_ac_key_t key); - -/* Destroy a key pair. */ -void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair); - -/* Encodes a message according to the encoding method METHOD. OPTIONS - must be a pointer to a method-specific structure - (gcry_ac_em*_t). */ -gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method, - unsigned int flags, void *options, - gcry_ac_io_t *io_read, - gcry_ac_io_t *io_write); - -/* Decodes a message according to the encoding method METHOD. OPTIONS - must be a pointer to a method-specific structure - (gcry_ac_em*_t). */ -gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method, - unsigned int flags, void *options, - gcry_ac_io_t *io_read, - gcry_ac_io_t *io_write); - -/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under - the control of the flags FLAGS and store the resulting data set - into DATA_ENCRYPTED. */ -gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t data_plain, - gcry_ac_data_t *data_encrypted); - -/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED - with the key KEY under the control of the flags FLAGS and store the - resulting plain text MPI value in DATA_PLAIN. */ -gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t *data_plain, - gcry_ac_data_t data_encrypted); - -/* Sign the data contained in DATA with the key KEY and store the - resulting signature in the data set DATA_SIGNATURE. */ -gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t *data_signature); - -/* Verify that the signature contained in the data set DATA_SIGNATURE - is indeed the result of signing the data contained in DATA with the - secret key belonging to the public key KEY. */ -gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t data_signature); - -/* Encrypts the plain text readable from IO_MESSAGE through HANDLE - with the public key KEY according to SCHEME, FLAGS and OPTS. If - OPTS is not NULL, it has to be a pointer to a structure specific to - the chosen scheme (gcry_ac_es_*_t). The encrypted message is - written to IO_CIPHER. */ -gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_cipher); - -/* Decrypts the cipher text readable from IO_CIPHER through HANDLE - with the secret key KEY according to SCHEME, @var{flags} and OPTS. - If OPTS is not NULL, it has to be a pointer to a structure specific - to the chosen scheme (gcry_ac_es_*_t). The decrypted message is - written to IO_MESSAGE. */ -gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_cipher, - gcry_ac_io_t *io_message); - -/* Signs the message readable from IO_MESSAGE through HANDLE with the - secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not - NULL, it has to be a pointer to a structure specific to the chosen - scheme (gcry_ac_ssa_*_t). The signature is written to - IO_SIGNATURE. */ -gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature); - -/* Verifies through HANDLE that the signature readable from - IO_SIGNATURE is indeed the result of signing the message readable - from IO_MESSAGE with the secret key belonging to the public key KEY - according to SCHEME and OPTS. If OPTS is not NULL, it has to be an - anonymous structure (gcry_ac_ssa_*_t) specific to the chosen - scheme. */ -gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature); - -/* Store the textual representation of the algorithm whose id is given - in ALGORITHM in NAME. This function is deprecated; use - gcry_pk_algo_name. */ -#ifndef GCRYPT_NO_DEPRECATED -gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm, - const char **name) - /* */ _GCRY_GCC_ATTR_DEPRECATED; -/* Store the numeric ID of the algorithm whose textual representation - is contained in NAME in ALGORITHM. This function is deprecated; - use gcry_pk_map_name. */ -gcry_error_t gcry_ac_name_to_id (const char *name, - gcry_ac_id_t *algorithm) - /* */ _GCRY_GCC_ATTR_DEPRECATED; -#endif - - -/************************************ - * * - * Random Generating Functions * - * * - ************************************/ - -/* The possible values for the random quality. The rule of thumb is - to use STRONG for session keys and VERY_STRONG for key material. - WEAK is usually an alias for STRONG and should not be used anymore - (except with gcry_mpi_randomize); use gcry_create_nonce instead. */ -typedef enum gcry_random_level - { - GCRY_WEAK_RANDOM = 0, - GCRY_STRONG_RANDOM = 1, - GCRY_VERY_STRONG_RANDOM = 2 - } -gcry_random_level_t; - -/* Fill BUFFER with LENGTH bytes of random, using random numbers of - quality LEVEL. */ -void gcry_randomize (void *buffer, size_t length, - enum gcry_random_level level); - -/* Add the external random from BUFFER with LENGTH bytes into the - pool. QUALITY should either be -1 for unknown or in the range of 0 - to 100 */ -gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length, - int quality); - -/* If random numbers are used in an application, this macro should be - called from time to time so that new stuff gets added to the - internal pool of the RNG. */ -#define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL) - - -/* Return NBYTES of allocated random using a random numbers of quality - LEVEL. */ -void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level) - _GCRY_GCC_ATTR_MALLOC; - -/* Return NBYTES of allocated random using a random numbers of quality - LEVEL. The random numbers are created returned in "secure" - memory. */ -void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level) - _GCRY_GCC_ATTR_MALLOC; - - -/* Set the big integer W to a random value of NBITS using a random - generator with quality LEVEL. Note that by using a level of - GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */ -void gcry_mpi_randomize (gcry_mpi_t w, - unsigned int nbits, enum gcry_random_level level); - - -/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */ -void gcry_create_nonce (void *buffer, size_t length); - - - - - -/*******************************/ -/* */ -/* Prime Number Functions */ -/* */ -/*******************************/ - -/* Mode values passed to a gcry_prime_check_func_t. */ -#define GCRY_PRIME_CHECK_AT_FINISH 0 -#define GCRY_PRIME_CHECK_AT_GOT_PRIME 1 -#define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2 - -/* The function should return 1 if the operation shall continue, 0 to - reject the prime candidate. */ -typedef int (*gcry_prime_check_func_t) (void *arg, int mode, - gcry_mpi_t candidate); - -/* Flags for gcry_prime_generate(): */ - -/* Allocate prime numbers and factors in secure memory. */ -#define GCRY_PRIME_FLAG_SECRET (1 << 0) - -/* Make sure that at least one prime factor is of size - `FACTOR_BITS'. */ -#define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1) - -/* Generate a new prime number of PRIME_BITS bits and store it in - PRIME. If FACTOR_BITS is non-zero, one of the prime factors of - (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is - non-zero, allocate a new, NULL-terminated array holding the prime - factors and store it in FACTORS. FLAGS might be used to influence - the prime number generation process. */ -gcry_error_t gcry_prime_generate (gcry_mpi_t *prime, - unsigned int prime_bits, - unsigned int factor_bits, - gcry_mpi_t **factors, - gcry_prime_check_func_t cb_func, - void *cb_arg, - gcry_random_level_t random_level, - unsigned int flags); - -/* Find a generator for PRIME where the factorization of (prime-1) is - in the NULL terminated array FACTORS. Return the generator as a - newly allocated MPI in R_G. If START_G is not NULL, use this as - teh start for the search. */ -gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g, - gcry_mpi_t prime, - gcry_mpi_t *factors, - gcry_mpi_t start_g); - - -/* Convenience function to release the FACTORS array. */ -void gcry_prime_release_factors (gcry_mpi_t *factors); - - -/* Check wether the number X is prime. */ -gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags); - - - -/************************************ - * * - * Miscellaneous Stuff * - * * - ************************************/ - -/* Log levels used by the internal logging facility. */ -enum gcry_log_levels - { - GCRY_LOG_CONT = 0, /* (Continue the last log line.) */ - GCRY_LOG_INFO = 10, - GCRY_LOG_WARN = 20, - GCRY_LOG_ERROR = 30, - GCRY_LOG_FATAL = 40, - GCRY_LOG_BUG = 50, - GCRY_LOG_DEBUG = 100 - }; - -/* Type for progress handlers. */ -typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int); - -/* Type for memory allocation handlers. */ -typedef void *(*gcry_handler_alloc_t) (size_t n); - -/* Type for secure memory check handlers. */ -typedef int (*gcry_handler_secure_check_t) (const void *); - -/* Type for memory reallocation handlers. */ -typedef void *(*gcry_handler_realloc_t) (void *p, size_t n); - -/* Type for memory free handlers. */ -typedef void (*gcry_handler_free_t) (void *); - -/* Type for out-of-memory handlers. */ -typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int); - -/* Type for fatal error handlers. */ -typedef void (*gcry_handler_error_t) (void *, int, const char *); - -/* Type for logging handlers. */ -typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list); - -/* Certain operations can provide progress information. This function - is used to register a handler for retrieving these information. */ -void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data); - - -/* Register a custom memory allocation functions. */ -void gcry_set_allocation_handler ( - gcry_handler_alloc_t func_alloc, - gcry_handler_alloc_t func_alloc_secure, - gcry_handler_secure_check_t func_secure_check, - gcry_handler_realloc_t func_realloc, - gcry_handler_free_t func_free); - -/* Register a function used instead of the internal out of memory - handler. */ -void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque); - -/* Register a function used instead of the internal fatal error - handler. */ -void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque); - -/* Register a function used instead of the internal logging - facility. */ -void gcry_set_log_handler (gcry_handler_log_t f, void *opaque); - -/* Reserved for future use. */ -void gcry_set_gettext_handler (const char *(*f)(const char*)); - -/* Libgcrypt uses its own memory allocation. It is important to use - gcry_free () to release memory allocated by libgcrypt. */ -void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; -void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; -void *gcry_realloc (void *a, size_t n); -char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC; -void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; -void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; -void *gcry_xrealloc (void *a, size_t n); -char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC; -void gcry_free (void *a); - -/* Return true if A is allocated in "secure" memory. */ -int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; - -/* Return true if Libgcrypt is in FIPS mode. */ -#define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) - - -/* Include support for Libgcrypt modules. */ -#include <gcrypt-module.h> - -#if 0 /* (Keep Emacsens' auto-indent happy.) */ -{ -#endif -#ifdef __cplusplus -} -#endif -#endif /* _GCRYPT_H */ diff --git a/plugins/MirOTR/Libgcrypt/src/gcryptrnd.c b/plugins/MirOTR/Libgcrypt/src/gcryptrnd.c index e15fecaf35..b13931b6e8 100644 --- a/plugins/MirOTR/Libgcrypt/src/gcryptrnd.c +++ b/plugins/MirOTR/Libgcrypt/src/gcryptrnd.c @@ -81,7 +81,7 @@ static void serve (int listen_fd); /* Error printing utility. PRIORITY should be one of syslog's - priority levels. This fucntions prints to the stderro or syslog + priority levels. This functions prints to the stderr or syslog depending on whether we are already daemonized. */ static void logit (int priority, const char *format, ...) @@ -118,7 +118,7 @@ my_gcry_logger (void *dummy, int level, const char *format, va_list arg_ptr) case GCRY_LOG_FATAL:level = LOG_CRIT; break; case GCRY_LOG_BUG: level = LOG_CRIT; break; case GCRY_LOG_DEBUG:level = LOG_DEBUG; break; - default: level = LOG_ERR; break; + default: level = LOG_ERR; break; } if (running_detached) { @@ -152,24 +152,24 @@ daemonize (void) fflush (NULL); pid = fork (); - if (pid == (pid_t)-1) + if (pid == (pid_t)-1) { logit (LOG_CRIT, "fork failed: %s", strerror (errno)); exit (1); } if (pid) - exit (0); + exit (0); if (setsid() == -1) { logit (LOG_CRIT, "setsid() failed: %s", strerror(errno)); exit (1); } - + signal (SIGHUP, SIG_IGN); pid = fork (); - if (pid == (pid_t)-1) + if (pid == (pid_t)-1) { logit (LOG_CRIT, PGM ": second fork failed: %s", strerror (errno)); exit (1); @@ -221,7 +221,7 @@ print_version (int with_help) "This is free software: you are free to change and redistribute it.\n" "There is NO WARRANTY, to the extent permitted by law.\n", stdout); - + if (with_help) fputs ("\n" "Usage: " PGM " [OPTIONS] [SOCKETNAME]\n" @@ -229,11 +229,11 @@ print_version (int with_help) " on socket SOCKETNAME\n" "SOCKETNAME defaults to XXX\n" "\n" - " --no-detach do not deatach from the console\n" + " --no-detach do not deatach from the console\n" " --version print version of the program and exit\n" " --help display this help and exit\n" BUGREPORT_LINE, stdout ); - + exit (0); } @@ -246,7 +246,7 @@ print_usage (void) } -int +int main (int argc, char **argv) { int no_detach = 0; @@ -257,7 +257,7 @@ main (int argc, char **argv) int rc; const char *socketname = "/var/run/libgcrypt/S.gcryptrnd"; - + if (argc) { argc--; argv++; @@ -280,8 +280,8 @@ main (int argc, char **argv) } else print_usage (); - } - + } + if (argc == 1) socketname = argv[0]; else if (argc > 1) @@ -336,7 +336,7 @@ main (int argc, char **argv) logit (LOG_CRIT, "can't create socket: %s", strerror (errno)); exit (1); } - srvr_addr = gcry_xmalloc (sizeof *srvr_addr); + srvr_addr = gcry_xmalloc (sizeof *srvr_addr); memset (srvr_addr, 0, sizeof *srvr_addr); srvr_addr->sun_family = AF_UNIX; if (strlen (socketname) + 1 >= sizeof (srvr_addr->sun_path)) @@ -367,7 +367,7 @@ main (int argc, char **argv) close (fd); exit (1); } - + logit (LOG_INFO, "listening on socket `%s', fd=%d", srvr_addr->sun_path, fd); @@ -536,7 +536,7 @@ connection_loop (int fd) break; } if (rc) - break; /* A write error occured while sending the response. */ + break; /* A write error occurred while sending the response. */ } } @@ -556,7 +556,7 @@ connection_thread (void *arg) close (fd); logit (LOG_INFO, "connection handler for fd %d terminated", fd); active_connections--; - + return NULL; } @@ -573,11 +573,11 @@ handle_signal (int signo) case SIGHUP: logit (LOG_NOTICE, "SIGHUP received - re-reading configuration"); break; - + case SIGUSR1: logit (LOG_NOTICE, "SIGUSR1 received - no action defined"); break; - + case SIGUSR2: logit (LOG_NOTICE, "SIGUSR2 received - no action defined"); break; @@ -595,7 +595,7 @@ handle_signal (int signo) return 1; } break; - + case SIGINT: logit (LOG_NOTICE, "SIGINT received - immediate shutdown"); return 1; @@ -675,7 +675,6 @@ serve (int listen_fd) close (fd); } } - + pth_event_free (ev, PTH_FREE_ALL); } - diff --git a/plugins/MirOTR/Libgcrypt/src/getrandom.c b/plugins/MirOTR/Libgcrypt/src/getrandom.c index f4c9b4b2d3..f9bb5c0c5f 100644 --- a/plugins/MirOTR/Libgcrypt/src/getrandom.c +++ b/plugins/MirOTR/Libgcrypt/src/getrandom.c @@ -56,7 +56,7 @@ writen (int fd, const void *buffer, size_t length) while (length) { ssize_t n; - + do n = write (fd, buffer, length); while (n < 0 && errno == EINTR); @@ -84,7 +84,7 @@ print_version (int with_help) "This is free software: you are free to change and redistribute it.\n" "There is NO WARRANTY, to the extent permitted by law.\n", stdout); - + if (with_help) fputs ("\n" "Usage: " PGM " [OPTIONS] NBYTES\n" @@ -94,13 +94,13 @@ print_version (int with_help) " --nonce Return weak random suitable for a nonce\n" " --very-strong Return very strong random\n" " --ping Send a ping\n" - " --socket NAME Name of sockket to connect to\n" + " --socket NAME Name of sockket to connect to\n" " --hex Return result as a hex dump\n" " --verbose Show what we are doing\n" " --version Print version of the program and exit\n" " --help Display this help and exit\n" BUGREPORT_LINE, stdout ); - + exit (0); } @@ -113,7 +113,7 @@ print_usage (void) } -int +int main (int argc, char **argv) { struct sockaddr_un *srvr_addr; @@ -130,7 +130,7 @@ main (int argc, char **argv) int verbose = 0; int fail = 0; int do_hex = 0; - + if (argc) { argc--; argv++; @@ -179,15 +179,15 @@ main (int argc, char **argv) } else print_usage (); - } + } + - if (!argc && do_ping) ; /* This is allowed. */ else if (argc != 1) print_usage (); req_nbytes = argc? atoi (*argv) : 0; - + if (req_nbytes < 0) print_usage (); @@ -198,7 +198,7 @@ main (int argc, char **argv) logit ("can't create socket: %s", strerror (errno)); exit (1); } - srvr_addr = malloc (sizeof *srvr_addr); + srvr_addr = malloc (sizeof *srvr_addr); if (!srvr_addr) { logit ("malloc failed: %s", strerror (errno)); @@ -244,7 +244,7 @@ main (int argc, char **argv) { for (nleft=2, nread=0; nleft > 0; ) { - do + do n = read (fd, buffer+nread, nleft); while (n < 0 && errno == EINTR); if (n < 0) @@ -281,7 +281,7 @@ main (int argc, char **argv) for (nleft=nbytes, nread=0; nleft > 0; ) { - do + do n = read (fd, buffer+nread, nleft); while (n < 0 && errno == EINTR); if (n < 0) @@ -324,4 +324,3 @@ main (int argc, char **argv) free (srvr_addr); return fail? 1 : 0; } - diff --git a/plugins/MirOTR/Libgcrypt/src/global.c b/plugins/MirOTR/Libgcrypt/src/global.c index a69513e7d5..6f9cbf965d 100644 --- a/plugins/MirOTR/Libgcrypt/src/global.c +++ b/plugins/MirOTR/Libgcrypt/src/global.c @@ -1,6 +1,8 @@ /* global.c - global control functions * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 - * 2004, 2005, 2006, 2008 Free Software Foundation, Inc. + * 2004, 2005, 2006, 2008, 2011, + * 2012 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -47,14 +49,12 @@ static unsigned int debug_flags; /* gcry_control (GCRYCTL_SET_FIPS_MODE), sets this flag so that the - intialization code swicthed fips mode on. */ + initialization code switched fips mode on. */ static int force_fips_mode; /* Controlled by global_init(). */ static int any_init_done; - - /* Memory management. */ static gcry_handler_alloc_t alloc_func; @@ -66,6 +66,8 @@ static gcry_handler_no_mem_t outofcore_handler; static void *outofcore_handler_value; static int no_secure_memory; +/* Prototypes. */ +static gpg_err_code_t external_lock_test (int cmd); @@ -83,19 +85,27 @@ global_init (void) return; any_init_done = 1; + /* Tell the random module that we have seen an init call. */ + _gcry_set_preferred_rng_type (0); + /* Initialize our portable thread/mutex wrapper. */ err = ath_init (); if (err) - goto fail; - + { + err = gpg_error_from_errno (err); + goto fail; + } + /* See whether the system is in FIPS mode. This needs to come as - early as possible put after the ATH has been initialized. */ + early as possible but after ATH has been initialized. */ _gcry_initialize_fips_mode (force_fips_mode); /* Before we do any other initialization we need to test available hardware features. */ _gcry_detect_hw_features (); + /* Initialize the modules - this is mainly allocating some memory and + creating mutexes. */ err = _gcry_cipher_init (); if (err) goto fail; @@ -105,15 +115,15 @@ global_init (void) err = _gcry_pk_init (); if (err) goto fail; -#if 0 - /* Hmmm, as of now ac_init does nothing. */ - if ( !fips_mode () ) - { - err = _gcry_ac_init (); - if (err) - goto fail; - } -#endif + err = _gcry_primegen_init (); + if (err) + goto fail; + err = _gcry_secmem_module_init (); + if (err) + goto fail; + err = _gcry_mpi_init (); + if (err) + goto fail; return; @@ -126,7 +136,7 @@ global_init (void) sure that the minimal initialization has been done. This is far from a perfect solution and hides problems with an improper initialization but at least in single-threaded mode it should work - reliable. + reliable. The reason we need this is that a lot of applications don't use Libgcrypt properly by not running any initialization code at all. @@ -159,7 +169,7 @@ _gcry_global_is_operational (void) /* Version number parsing. */ /* This function parses the first portion of the version number S and - stores it in *NUMBER. On sucess, this function returns a pointer + stores it in *NUMBER. On success, this function returns a pointer into S starting with the first character, which is not part of the initial number portion; on failure, NULL is returned. */ static const char* @@ -211,12 +221,15 @@ parse_version_string( const char *s, int *major, int *minor, int *micro ) If a NULL is passed to this function, no check is done, but the string representation of the library is simply returned. */ const char * -gcry_check_version( const char *req_version ) +_gcry_check_version (const char *req_version) { const char *ver = VERSION; int my_major, my_minor, my_micro; int rq_major, rq_minor, rq_micro; - const char *my_plvl, *rq_plvl; + const char *my_plvl; + + if (req_version && req_version[0] == 1 && req_version[1] == 1) + return _gcry_compat_identification (); /* Initialize library. */ global_init (); @@ -232,23 +245,19 @@ gcry_check_version( const char *req_version ) assert() here and bail out in case this happens? -mo. */ return NULL; - /* Parse requested version number. */ - rq_plvl = parse_version_string( req_version, &rq_major, &rq_minor, - &rq_micro ); - if ( !rq_plvl ) - /* req version string is invalid, this can happen. */ - return NULL; + /* Parse requested version number. */ + if (!parse_version_string (req_version, &rq_major, &rq_minor, &rq_micro)) + return NULL; /* req version string is invalid, this can happen. */ /* Compare version numbers. */ if ( my_major > rq_major || (my_major == rq_major && my_minor > rq_minor) + || (my_major == rq_major && my_minor == rq_minor && my_micro > rq_micro) || (my_major == rq_major && my_minor == rq_minor - && my_micro > rq_micro) - || (my_major == rq_major && my_minor == rq_minor - && my_micro == rq_micro - && strcmp( my_plvl, rq_plvl ) >= 0) ) { + && my_micro == rq_micro)) + { return ver; - } + } return NULL; } @@ -257,17 +266,9 @@ gcry_check_version( const char *req_version ) static void print_config ( int (*fnc)(FILE *fp, const char *format, ...), FILE *fp) { - unsigned int hwf; - struct { - unsigned int flag; - const char *desc; - } hwflist[] = { - { HWF_PADLOCK_RNG, "padlock-rng" }, - { HWF_PADLOCK_AES, "padlock-aes" }, - { HWF_PADLOCK_SHA, "padlock-sha" }, - { 0, NULL} - }; + unsigned int hwfeatures, afeature; int i; + const char *s; fnc (fp, "version:%s:\n", VERSION); fnc (fp, "ciphers:%s:\n", LIBGCRYPT_CIPHERS); @@ -287,19 +288,50 @@ print_config ( int (*fnc)(FILE *fp, const char *format, ...), FILE *fp) "w32:" #endif "\n"); + fnc (fp, "cpu-arch:" +#if defined(HAVE_CPU_ARCH_X86) + "x86" +#elif defined(HAVE_CPU_ARCH_ALPHA) + "alpha" +#elif defined(HAVE_CPU_ARCH_SPARC) + "sparc" +#elif defined(HAVE_CPU_ARCH_MIPS) + "mips" +#elif defined(HAVE_CPU_ARCH_M68K) + "m68k" +#elif defined(HAVE_CPU_ARCH_PPC) + "ppc" +#elif defined(HAVE_CPU_ARCH_ARM) + "arm" +#endif + ":\n"); fnc (fp, "mpi-asm:%s:\n", _gcry_mpi_get_hw_config ()); - hwf = _gcry_get_hw_features (); + fnc (fp, "threads:%s:\n", ath_get_model (NULL)); + hwfeatures = _gcry_get_hw_features (); fnc (fp, "hwflist:"); - for (i=0; hwflist[i].desc; i++) - if ( (hwf & hwflist[i].flag) ) - fnc (fp, "%s:", hwflist[i].desc); + for (i=0; (s = _gcry_enum_hw_features (i, &afeature)); i++) + if ((hwfeatures & afeature)) + fnc (fp, "%s:", s); fnc (fp, "\n"); /* We use y/n instead of 1/0 for the simple reason that Emacsen's compile error parser would accidently flag that line when printed during "make check" as an error. */ - fnc (fp, "fips-mode:%c:%c:\n", + fnc (fp, "fips-mode:%c:%c:\n", fips_mode ()? 'y':'n', _gcry_enforced_fips_mode ()? 'y':'n' ); + /* The currently used RNG type. */ + { + i = _gcry_get_rng_type (0); + switch (i) + { + case GCRY_RNG_TYPE_STANDARD: s = "standard"; break; + case GCRY_RNG_TYPE_FIPS: s = "fips"; break; + case GCRY_RNG_TYPE_SYSTEM: s = "system"; break; + default: BUG (); + } + fnc (fp, "rng-type:%s:%d:\n", s, i); + } + } @@ -307,12 +339,12 @@ print_config ( int (*fnc)(FILE *fp, const char *format, ...), FILE *fp) /* Command dispatcher function, acting as general control function. */ -gcry_error_t +gcry_err_code_t _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) { static int init_finished = 0; - gcry_err_code_t err = 0; - + gcry_err_code_t rc = 0; + switch (cmd) { case GCRYCTL_ENABLE_M_GUARD: @@ -320,6 +352,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_ENABLE_QUICK_RANDOM: + _gcry_set_preferred_rng_type (0); _gcry_enable_quick_random_gen (); break; @@ -327,7 +360,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) /* Return an error if the RNG is faked one (e.g. enabled by ENABLE_QUICK_RANDOM. */ if (_gcry_random_is_faked ()) - err = GPG_ERR_GENERAL; /* Use as TRUE value. */ + rc = GPG_ERR_GENERAL; /* Use as TRUE value. */ break; case GCRYCTL_DUMP_RANDOM_STATS: @@ -350,13 +383,13 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) case GCRYCTL_DISABLE_SECMEM: global_init (); no_secure_memory = 1; - break; + break; case GCRYCTL_INIT_SECMEM: global_init (); _gcry_secmem_init (va_arg (arg_ptr, unsigned int)); if ((_gcry_secmem_get_flags () & GCRY_SECMEM_FLAG_NOT_LOCKED)) - err = GPG_ERR_GENERAL; + rc = GPG_ERR_GENERAL; break; case GCRYCTL_TERM_SECMEM: @@ -365,16 +398,19 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_DISABLE_SECMEM_WARN: + _gcry_set_preferred_rng_type (0); _gcry_secmem_set_flags ((_gcry_secmem_get_flags () | GCRY_SECMEM_FLAG_NO_WARNING)); break; case GCRYCTL_SUSPEND_SECMEM_WARN: + _gcry_set_preferred_rng_type (0); _gcry_secmem_set_flags ((_gcry_secmem_get_flags () | GCRY_SECMEM_FLAG_SUSPEND_WARNING)); break; case GCRYCTL_RESUME_SECMEM_WARN: + _gcry_set_preferred_rng_type (0); _gcry_secmem_set_flags ((_gcry_secmem_get_flags () & ~GCRY_SECMEM_FLAG_SUSPEND_WARNING)); break; @@ -385,15 +421,18 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_SET_RANDOM_SEED_FILE: + _gcry_set_preferred_rng_type (0); _gcry_set_random_seed_file (va_arg (arg_ptr, const char *)); break; case GCRYCTL_UPDATE_RANDOM_SEED_FILE: + _gcry_set_preferred_rng_type (0); if ( fips_is_operational () ) _gcry_update_random_seed_file (); break; case GCRYCTL_SET_VERBOSITY: + _gcry_set_preferred_rng_type (0); _gcry_set_log_verbosity (va_arg (arg_ptr, int)); break; @@ -412,12 +451,12 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) case GCRYCTL_ANY_INITIALIZATION_P: if (any_init_done) - err = GPG_ERR_GENERAL; + rc = GPG_ERR_GENERAL; break; case GCRYCTL_INITIALIZATION_FINISHED_P: if (init_finished) - err = GPG_ERR_GENERAL; /* Yes. */ + rc = GPG_ERR_GENERAL; /* Yes. */ break; case GCRYCTL_INITIALIZATION_FINISHED: @@ -439,46 +478,56 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_SET_THREAD_CBS: - err = ath_install (va_arg (arg_ptr, void *), any_init_done); - if (! err) + _gcry_set_preferred_rng_type (0); + rc = ath_install (va_arg (arg_ptr, void *)); + if (!rc) global_init (); break; case GCRYCTL_FAST_POLL: + _gcry_set_preferred_rng_type (0); /* We need to do make sure that the random pool is really initialized so that the poll function is not a NOP. */ _gcry_random_initialize (1); if ( fips_is_operational () ) - _gcry_fast_random_poll (); + _gcry_fast_random_poll (); break; case GCRYCTL_SET_RNDEGD_SOCKET: #if USE_RNDEGD - err = _gcry_rndegd_set_socket_name (va_arg (arg_ptr, const char *)); + _gcry_set_preferred_rng_type (0); + rc = _gcry_rndegd_set_socket_name (va_arg (arg_ptr, const char *)); #else - err = gpg_error (GPG_ERR_NOT_SUPPORTED); + rc = gpg_error (GPG_ERR_NOT_SUPPORTED); #endif break; case GCRYCTL_SET_RANDOM_DAEMON_SOCKET: + _gcry_set_preferred_rng_type (0); _gcry_set_random_daemon_socket (va_arg (arg_ptr, const char *)); break; case GCRYCTL_USE_RANDOM_DAEMON: /* We need to do make sure that the random pool is really initialized so that the poll function is not a NOP. */ + _gcry_set_preferred_rng_type (0); _gcry_random_initialize (1); _gcry_use_random_daemon (!! va_arg (arg_ptr, int)); break; - + + case GCRYCTL_CLOSE_RANDOM_DEVICE: + _gcry_random_close_fds (); + break; + /* This command dumps information pertaining to the configuration of libgcrypt to the given stream. It may be - used before the intialization has been finished but not + used before the initialization has been finished but not before a gcry_version_check. */ case GCRYCTL_PRINT_CONFIG: { FILE *fp = va_arg (arg_ptr, FILE *); + _gcry_set_preferred_rng_type (0); print_config (fp?fprintf:_gcry_log_info_with_dummy_fp, fp); } break; @@ -486,29 +535,31 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) case GCRYCTL_OPERATIONAL_P: /* Returns true if the library is in an operational state. This is always true for non-fips mode. */ + _gcry_set_preferred_rng_type (0); if (_gcry_fips_test_operational ()) - err = GPG_ERR_GENERAL; /* Used as TRUE value */ + rc = GPG_ERR_GENERAL; /* Used as TRUE value */ break; case GCRYCTL_FIPS_MODE_P: - if (fips_mode () - && !_gcry_is_fips_mode_inactive () + if (fips_mode () + && !_gcry_is_fips_mode_inactive () && !no_secure_memory) - err = GPG_ERR_GENERAL; /* Used as TRUE value */ + rc = GPG_ERR_GENERAL; /* Used as TRUE value */ break; case GCRYCTL_FORCE_FIPS_MODE: /* Performing this command puts the library into fips mode. If the library has already been initialized into fips mode, a - selftest is triggered. it is not possible to put the libraty + selftest is triggered. It is not possible to put the libraty into fips mode after having passed the initialization. */ + _gcry_set_preferred_rng_type (0); if (!any_init_done) { /* Not yet intialized at all. Set a flag so that we are put into fips mode during initialization. */ force_fips_mode = 1; } - else + else { /* Already initialized. If we are already operational we run a selftest. If not we use the is_operational call to @@ -516,7 +567,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) if (_gcry_fips_test_error_or_operational ()) _gcry_fips_run_selftests (1); if (_gcry_fips_is_operational ()) - err = GPG_ERR_GENERAL; /* Used as TRUE value */ + rc = GPG_ERR_GENERAL; /* Used as TRUE value */ } break; @@ -526,9 +577,13 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) extended version of the selftests. Returns 0 on success or an error code. */ global_init (); - err = _gcry_fips_run_selftests (1); + rc = _gcry_fips_run_selftests (1); break; +#if _GCRY_GCC_VERSION >= 40600 +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Wswitch" +#endif case 58: /* Init external random test. */ { void **rctx = va_arg (arg_ptr, void **); @@ -540,10 +595,10 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) const void *dt = va_arg (arg_ptr, const void *); size_t dtlen = va_arg (arg_ptr, size_t); if (!fips_is_operational ()) - err = fips_not_operational (); + rc = fips_not_operational (); else - err = _gcry_random_init_external_test (rctx, flags, key, keylen, - seed, seedlen, dt, dtlen); + rc = _gcry_random_init_external_test (rctx, flags, key, keylen, + seed, seedlen, dt, dtlen); } break; case 59: /* Run external random test. */ @@ -552,9 +607,9 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) void *buffer = va_arg (arg_ptr, void *); size_t buflen = va_arg (arg_ptr, size_t); if (!fips_is_operational ()) - err = fips_not_operational (); + rc = fips_not_operational (); else - err = _gcry_random_run_external_test (ctx, buffer, buflen); + rc = _gcry_random_run_external_test (ctx, buffer, buflen); } break; case 60: /* Deinit external random test. */ @@ -563,94 +618,88 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) _gcry_random_deinit_external_test (ctx); } break; + case 61: /* Run external lock test */ + rc = external_lock_test (va_arg (arg_ptr, int)); + break; + case 62: /* RFU */ + break; +#if _GCRY_GCC_VERSION >= 40600 +# pragma GCC diagnostic pop +#endif + case GCRYCTL_DISABLE_HWF: + { + const char *name = va_arg (arg_ptr, const char *); + rc = _gcry_disable_hw_feature (name); + } + break; - default: - err = GPG_ERR_INV_OP; - } - - return gcry_error (err); -} - - -/* Command dispatcher function, acting as general control - function. */ -gcry_error_t -gcry_control (enum gcry_ctl_cmds cmd, ...) -{ - gcry_error_t err; - va_list arg_ptr; - - va_start (arg_ptr, cmd); - err = _gcry_vcontrol (cmd, arg_ptr); - va_end(arg_ptr); - return err; -} - + case GCRYCTL_SET_ENFORCED_FIPS_FLAG: + if (!any_init_done) + { + /* Not yet initialized at all. Set the enforced fips mode flag */ + _gcry_set_preferred_rng_type (0); + _gcry_set_enforced_fips_mode (); + } + else + rc = GPG_ERR_GENERAL; + break; + case GCRYCTL_SET_PREFERRED_RNG_TYPE: + /* This may be called before gcry_check_version. */ + { + int i = va_arg (arg_ptr, int); + /* Note that we may not pass 0 to _gcry_set_preferred_rng_type. */ + if (i > 0) + _gcry_set_preferred_rng_type (i); + } + break; -/* Return a pointer to a string containing a description of the error - code in the error value ERR. */ -const char * -gcry_strerror (gcry_error_t err) -{ - return gpg_strerror (err); -} + case GCRYCTL_GET_CURRENT_RNG_TYPE: + { + int *ip = va_arg (arg_ptr, int*); + if (ip) + *ip = _gcry_get_rng_type (!any_init_done); + } + break; -/* Return a pointer to a string containing a description of the error - source in the error value ERR. */ -const char * -gcry_strsource (gcry_error_t err) -{ - return gpg_strsource (err); -} + case GCRYCTL_DISABLE_LOCKED_SECMEM: + _gcry_set_preferred_rng_type (0); + _gcry_secmem_set_flags ((_gcry_secmem_get_flags () + | GCRY_SECMEM_FLAG_NO_MLOCK)); + break; -/* Retrieve the error code for the system error ERR. This returns - GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report - this). */ -gcry_err_code_t -gcry_err_code_from_errno (int err) -{ - return gpg_err_code_from_errno (err); -} + case GCRYCTL_DISABLE_PRIV_DROP: + _gcry_set_preferred_rng_type (0); + _gcry_secmem_set_flags ((_gcry_secmem_get_flags () + | GCRY_SECMEM_FLAG_NO_PRIV_DROP)); + break; + case GCRYCTL_INACTIVATE_FIPS_FLAG: + case GCRYCTL_REACTIVATE_FIPS_FLAG: + rc = GPG_ERR_NOT_IMPLEMENTED; + break; -/* Retrieve the system error for the error code CODE. This returns 0 - if CODE is not a system error code. */ -int -gcry_err_code_to_errno (gcry_err_code_t code) -{ - return gpg_err_code_from_errno (code); -} + default: + _gcry_set_preferred_rng_type (0); + rc = GPG_ERR_INV_OP; + } - -/* Return an error value with the error source SOURCE and the system - error ERR. */ -gcry_error_t -gcry_err_make_from_errno (gpg_err_source_t source, int err) -{ - return gpg_err_make_from_errno (source, err); + return rc; } -/* Return an error value with the system error ERR. */ -gcry_err_code_t -gcry_error_from_errno (int err) -{ - return gcry_error (gpg_err_code_from_errno (err)); -} - /* Set custom allocation handlers. This is in general not useful * because the libgcrypt allocation functions are guaranteed to * provide proper allocation handlers which zeroize memory if needed. * NOTE: All 5 functions should be set. */ void -gcry_set_allocation_handler (gcry_handler_alloc_t new_alloc_func, - gcry_handler_alloc_t new_alloc_secure_func, - gcry_handler_secure_check_t new_is_secure_func, - gcry_handler_realloc_t new_realloc_func, - gcry_handler_free_t new_free_func) +_gcry_set_allocation_handler (gcry_handler_alloc_t new_alloc_func, + gcry_handler_alloc_t new_alloc_secure_func, + gcry_handler_secure_check_t new_is_secure_func, + gcry_handler_realloc_t new_realloc_func, + gcry_handler_free_t new_free_func) { global_init (); @@ -686,8 +735,7 @@ gcry_set_allocation_handler (gcry_handler_alloc_t new_alloc_func, * bit 0 set = secure memory has been requested. */ void -gcry_set_outofcore_handler( int (*f)( void*, size_t, unsigned int ), - void *value ) +_gcry_set_outofcore_handler (int (*f)(void*, size_t, unsigned int), void *value) { global_init (); @@ -696,7 +744,7 @@ gcry_set_outofcore_handler( int (*f)( void*, size_t, unsigned int ), log_info ("out of core handler ignored in FIPS mode\n"); return; } - + outofcore_handler = f; outofcore_handler_value = value; } @@ -742,7 +790,7 @@ do_malloc (size_t n, unsigned int flags, void **mem) /* Make sure that ERRNO has been set in case a user supplied memory handler didn't it correctly. */ if (!errno) - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); err = gpg_err_code_from_errno (errno); } else @@ -750,9 +798,9 @@ do_malloc (size_t n, unsigned int flags, void **mem) return err; } - + void * -gcry_malloc (size_t n) +_gcry_malloc (size_t n) { void *mem = NULL; @@ -762,7 +810,7 @@ gcry_malloc (size_t n) } void * -gcry_malloc_secure (size_t n) +_gcry_malloc_secure (size_t n) { void *mem = NULL; @@ -772,7 +820,7 @@ gcry_malloc_secure (size_t n) } int -gcry_is_secure (const void *a) +_gcry_is_secure (const void *a) { if (get_no_secure_memory ()) return 0; @@ -785,7 +833,7 @@ void _gcry_check_heap( const void *a ) { (void)a; - + /* FIXME: implement this*/ #if 0 if( some_handler ) @@ -796,21 +844,31 @@ _gcry_check_heap( const void *a ) } void * -gcry_realloc (void *a, size_t n) +_gcry_realloc (void *a, size_t n) { void *p; + /* To avoid problems with non-standard realloc implementations and + our own secmem_realloc, we divert to malloc and free here. */ + if (!a) + return _gcry_malloc (n); + if (!n) + { + xfree (a); + return NULL; + } + if (realloc_func) p = realloc_func (a, n); else p = _gcry_private_realloc (a, n); if (!p && !errno) - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); return p; } void -gcry_free (void *p) +_gcry_free (void *p) { int save_errno; @@ -827,44 +885,44 @@ gcry_free (void *p) _gcry_private_free (p); if (save_errno) - errno = save_errno; + gpg_err_set_errno (save_errno); } void * -gcry_calloc (size_t n, size_t m) +_gcry_calloc (size_t n, size_t m) { size_t bytes; void *p; bytes = n * m; /* size_t is unsigned so the behavior on overflow is defined. */ - if (m && bytes / m != n) + if (m && bytes / m != n) { - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); return NULL; } - p = gcry_malloc (bytes); + p = _gcry_malloc (bytes); if (p) memset (p, 0, bytes); return p; } void * -gcry_calloc_secure (size_t n, size_t m) +_gcry_calloc_secure (size_t n, size_t m) { size_t bytes; void *p; bytes = n * m; /* size_t is unsigned so the behavior on overflow is defined. */ - if (m && bytes / m != n) + if (m && bytes / m != n) { - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); return NULL; } - - p = gcry_malloc_secure (bytes); + + p = _gcry_malloc_secure (bytes); if (p) memset (p, 0, bytes); return p; @@ -876,18 +934,18 @@ gcry_calloc_secure (size_t n, size_t m) secure memory as well. In an out-of-memory condition, NULL is returned. */ char * -gcry_strdup (const char *string) +_gcry_strdup (const char *string) { char *string_cp = NULL; size_t string_n = 0; string_n = strlen (string); - if (gcry_is_secure (string)) - string_cp = gcry_malloc_secure (string_n + 1); + if (_gcry_is_secure (string)) + string_cp = _gcry_malloc_secure (string_n + 1); else - string_cp = gcry_malloc (string_n + 1); - + string_cp = _gcry_malloc (string_n + 1); + if (string_cp) strcpy (string_cp, string); @@ -896,13 +954,13 @@ gcry_strdup (const char *string) void * -gcry_xmalloc( size_t n ) +_gcry_xmalloc( size_t n ) { void *p; - - while ( !(p = gcry_malloc( n )) ) + + while ( !(p = _gcry_malloc( n )) ) { - if ( fips_mode () + if ( fips_mode () || !outofcore_handler || !outofcore_handler (outofcore_handler_value, n, 0) ) { @@ -913,16 +971,16 @@ gcry_xmalloc( size_t n ) } void * -gcry_xrealloc( void *a, size_t n ) +_gcry_xrealloc( void *a, size_t n ) { void *p; - - while ( !(p = gcry_realloc( a, n )) ) + + while ( !(p = _gcry_realloc( a, n )) ) { if ( fips_mode () || !outofcore_handler || !outofcore_handler (outofcore_handler_value, n, - gcry_is_secure(a)? 3:2 ) ) + _gcry_is_secure(a)? 3:2)) { _gcry_fatal_error (gpg_err_code_from_errno (errno), NULL ); } @@ -931,11 +989,11 @@ gcry_xrealloc( void *a, size_t n ) } void * -gcry_xmalloc_secure( size_t n ) +_gcry_xmalloc_secure( size_t n ) { void *p; - - while ( !(p = gcry_malloc_secure( n )) ) + + while ( !(p = _gcry_malloc_secure( n )) ) { if ( fips_mode () || !outofcore_handler @@ -950,54 +1008,54 @@ gcry_xmalloc_secure( size_t n ) void * -gcry_xcalloc( size_t n, size_t m ) +_gcry_xcalloc( size_t n, size_t m ) { size_t nbytes; void *p; - nbytes = n * m; - if (m && nbytes / m != n) + nbytes = n * m; + if (m && nbytes / m != n) { - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL ); } - p = gcry_xmalloc ( nbytes ); + p = _gcry_xmalloc ( nbytes ); memset ( p, 0, nbytes ); return p; } void * -gcry_xcalloc_secure( size_t n, size_t m ) +_gcry_xcalloc_secure( size_t n, size_t m ) { size_t nbytes; void *p; - nbytes = n * m; - if (m && nbytes / m != n) + nbytes = n * m; + if (m && nbytes / m != n) { - errno = ENOMEM; + gpg_err_set_errno (ENOMEM); _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL ); } - p = gcry_xmalloc_secure ( nbytes ); + p = _gcry_xmalloc_secure ( nbytes ); memset ( p, 0, nbytes ); return p; } char * -gcry_xstrdup (const char *string) +_gcry_xstrdup (const char *string) { char *p; - - while ( !(p = gcry_strdup (string)) ) + + while ( !(p = _gcry_strdup (string)) ) { size_t n = strlen (string); - int is_sec = !!gcry_is_secure (string); - + int is_sec = !!_gcry_is_secure (string); + if (fips_mode () || !outofcore_handler - || !outofcore_handler (outofcore_handler_value, n, is_sec) ) + || !outofcore_handler (outofcore_handler_value, n, is_sec) ) { _gcry_fatal_error (gpg_err_code_from_errno (errno), is_sec? _("out of core in secure memory"):NULL); @@ -1019,7 +1077,7 @@ _gcry_get_debug_flag (unsigned int mask) /* It is often useful to get some feedback of long running operations. - This function may be used to register a handler for this. + This function may be used to register a handler for this. The callback function CB is used as: void cb (void *opaque, const char *what, int printchar, @@ -1048,15 +1106,15 @@ _gcry_get_debug_flag (unsigned int mask) ':' Restart with a new random value '+' - Rabin Miller test passed + Rabin Miller test passed "pk_elg" '+','-','.','\n' 0 0 Only used in debugging mode. - "pk_dsa" + "pk_dsa" Only used in debugging mode. */ void -gcry_set_progress_handler (void (*cb)(void *,const char*,int, int, int), - void *cb_data) +_gcry_set_progress_handler (void (*cb)(void *,const char*,int, int, int), + void *cb_data) { #if USE_DSA _gcry_register_pk_dsa_progress (cb, cb_data); @@ -1067,3 +1125,48 @@ gcry_set_progress_handler (void (*cb)(void *,const char*,int, int, int), _gcry_register_primegen_progress (cb, cb_data); _gcry_register_random_progress (cb, cb_data); } + + + +/* This is a helper for the regression test suite to test Libgcrypt's locks. + It works using a one test lock with CMD controlling what to do: + + 30111 - Allocate and init lock + 30112 - Take lock + 30113 - Release lock + 30114 - Destroy lock. + + This function is used by tests/t-lock.c - it is not part of the + public API! + */ +static gpg_err_code_t +external_lock_test (int cmd) +{ + static ath_mutex_t testlock; + gpg_err_code_t rc = 0; + + switch (cmd) + { + case 30111: /* Init Lock. */ + rc = ath_mutex_init (&testlock); + break; + + case 30112: /* Take Lock. */ + rc = ath_mutex_lock (&testlock); + break; + + case 30113: /* Release Lock. */ + rc = ath_mutex_unlock (&testlock); + break; + + case 30114: /* Destroy Lock. */ + rc = ath_mutex_destroy (&testlock); + break; + + default: + rc = GPG_ERR_INV_OP; + break; + } + + return rc; +} diff --git a/plugins/MirOTR/Libgcrypt/src/hmac256.c b/plugins/MirOTR/Libgcrypt/src/hmac256.c index b2f83dd0e7..94a26da448 100644 --- a/plugins/MirOTR/Libgcrypt/src/hmac256.c +++ b/plugins/MirOTR/Libgcrypt/src/hmac256.c @@ -17,7 +17,7 @@ * License along with this program; if not, see <http://www.gnu.org/licenses/>. */ -/* +/* This is a standalone HMAC-SHA-256 implementation based on the code from ../cipher/sha256.c. It is a second implementation to allow comparing against the standard implementations and to be used for @@ -33,7 +33,7 @@ Constants: - WORDS_BIGENDIAN Defined to 1 on big endian systems. + WORDS_BIGENDIAN Defined to 1 on big endian systems. inline If defined, it should yield the keyword used to inline a function. HAVE_U32_TYPEDEF Defined if the u32 type is available. @@ -56,6 +56,15 @@ # include <fcntl.h> /* We need setmode(). */ #endif +/* For a native WindowsCE binary we need to include gpg-error.h to + provide a replacement for strerror. In other cases we need a + replacement macro for gpg_err_set_errno. */ +#ifdef __MINGW32CE__ +# include <gpg-error.h> +#else +# define gpg_err_set_errno(a) (errno = (a)) +#endif + #include "hmac256.h" @@ -82,25 +91,17 @@ struct hmac256_context u32 nblocks; int count; int finalized:1; - int use_hmac:1; + int use_hmac:1; unsigned char buf[64]; unsigned char opad[64]; }; /* Rotate a 32 bit word. */ -#if defined(__GNUC__) && defined(__i386__) -static inline u32 -ror(u32 x, int n) +static inline u32 ror(u32 x, int n) { - __asm__("rorl %%cl,%0" - :"=r" (x) - :"0" (x),"c" (n)); - return x; + return ( ((x) >> (n)) | ((x) << (32-(n))) ); } -#else -#define ror(x,n) ( ((x) >> (n)) | ((x) << (32-(n))) ) -#endif #define my_wipememory2(_ptr,_set,_len) do { \ volatile char *_vptr=(volatile char *)(_ptr); \ @@ -112,7 +113,7 @@ ror(u32 x, int n) -/* +/* The SHA-256 core: Transform the message X which consists of 16 32-bit-words. See FIPS 180-2 for details. */ @@ -140,13 +141,13 @@ transform (hmac256_context_t hd, const void *data_arg) b = a; \ a = t1 + t2; \ } while (0) - - static const u32 K[64] = + + static const u32 K[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, @@ -165,7 +166,7 @@ transform (hmac256_context_t hd, const void *data_arg) u32 x[16]; u32 w[64]; int i; - + a = hd->h0; b = hd->h1; c = hd->h2; @@ -174,14 +175,14 @@ transform (hmac256_context_t hd, const void *data_arg) f = hd->h5; g = hd->h6; h = hd->h7; - + #ifdef WORDS_BIGENDIAN memcpy (x, data, 64); #else /*!WORDS_BIGENDIAN*/ - { + { unsigned char *p2; - - for (i=0, p2=(unsigned char*)x; i < 16; i++, p2 += 4 ) + + for (i=0, p2=(unsigned char*)x; i < 16; i++, p2 += 4 ) { p2[3] = *data++; p2[2] = *data++; @@ -223,7 +224,7 @@ finalize (hmac256_context_t hd) { u32 t, msb, lsb; unsigned char *p; - + if (hd->finalized) return; /* Silently ignore a finalized context. */ @@ -287,7 +288,7 @@ finalize (hmac256_context_t hd) /* Create a new context. On error NULL is returned and errno is set - appropriately. If KEY is given the fucntion computes HMAC using + appropriately. If KEY is given the function computes HMAC using this key; with KEY given as NULL, a plain SHA-256 digest is computed. */ hmac256_context_t @@ -327,7 +328,7 @@ _gcry_hmac256_new (const void *key, size_t keylen) else { hmac256_context_t tmphd; - + tmphd = _gcry_hmac256_new (NULL, 0); if (!tmphd) { @@ -340,7 +341,7 @@ _gcry_hmac256_new (const void *key, size_t keylen) memcpy (hd->opad, tmphd->buf, 32); _gcry_hmac256_release (tmphd); } - for (i=0; i < 64; i++) + for (i=0; i < 64; i++) { ipad[i] ^= 0x36; hd->opad[i] ^= 0x5c; @@ -349,7 +350,7 @@ _gcry_hmac256_new (const void *key, size_t keylen) _gcry_hmac256_update (hd, ipad, 64); my_wipememory (ipad, 64); } - + return hd; } @@ -380,7 +381,7 @@ _gcry_hmac256_update (hmac256_context_t hd, return; /* Silently ignore a finalized context. */ if (hd->count == 64) - { + { /* Flush the buffer. */ transform (hd, hd->buf); hd->count = 0; @@ -422,7 +423,7 @@ _gcry_hmac256_finalize (hmac256_context_t hd, size_t *r_dlen) if (hd->use_hmac) { hmac256_context_t tmphd; - + tmphd = _gcry_hmac256_new (NULL, 0); if (!tmphd) { @@ -447,7 +448,7 @@ _gcry_hmac256_finalize (hmac256_context_t hd, size_t *r_dlen) FILENAME. KEY and KEYLEN are as described for _gcry_hmac256_new. On success the function returns the valid length of the result buffer (which will be 32) or -1 on error. On error ERRNO is set - appropriate. */ + appropriate. */ int _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, const void *key, size_t keylen) @@ -457,7 +458,7 @@ _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, size_t buffer_size, nread, digestlen; char *buffer; const unsigned char *digest; - + fp = fopen (filename, "rb"); if (!fp) return -1; @@ -498,11 +499,11 @@ _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, _gcry_hmac256_release (hd); return -1; } - + if (digestlen > resultsize) { _gcry_hmac256_release (hd); - errno = EINVAL; + gpg_err_set_errno (EINVAL); return -1; } memcpy (result, digest, digestlen); @@ -517,7 +518,7 @@ _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, static int selftest (void) { - static struct + static struct { const char * const desc; const char * const data; @@ -526,7 +527,7 @@ selftest (void) } tv[] = { { "data-28 key-4", - "what do ya want for nothing?", + "what do ya want for nothing?", "Jefe", { 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, @@ -603,7 +604,7 @@ selftest (void) { NULL } }; int tvidx; - + for (tvidx=0; tv[tvidx].desc; tvidx++) { hmac256_context_t hmachd; @@ -628,12 +629,12 @@ selftest (void) } _gcry_hmac256_release (hmachd); } - + return 0; /* Succeeded. */ } -int +int main (int argc, char **argv) { const char *pgm; @@ -690,7 +691,7 @@ main (int argc, char **argv) argc--; argv++; use_binary = 1; } - } + } if (argc < 1) { @@ -720,14 +721,14 @@ main (int argc, char **argv) fp = use_stdin? stdin : fopen (fname, "rb"); if (!fp) { - fprintf (stderr, "%s: can't open `%s': %s\n", + fprintf (stderr, "%s: can't open `%s': %s\n", pgm, fname, strerror (errno)); exit (1); } hd = _gcry_hmac256_new (key, keylen); if (!hd) { - fprintf (stderr, "%s: can't allocate context: %s\n", + fprintf (stderr, "%s: can't allocate context: %s\n", pgm, strerror (errno)); exit (1); } @@ -735,7 +736,7 @@ main (int argc, char **argv) _gcry_hmac256_update (hd, buffer, n); if (ferror (fp)) { - fprintf (stderr, "%s: error reading `%s': %s\n", + fprintf (stderr, "%s: error reading `%s': %s\n", pgm, fname, strerror (errno)); exit (1); } @@ -753,10 +754,12 @@ main (int argc, char **argv) { if (fwrite (digest, dlen, 1, stdout) != 1) { - fprintf (stderr, "%s: error writing output: %s\n", + fprintf (stderr, "%s: error writing output: %s\n", pgm, strerror (errno)); exit (1); } + if (use_stdin) + break; } else { diff --git a/plugins/MirOTR/Libgcrypt/src/hwf-arm.c b/plugins/MirOTR/Libgcrypt/src/hwf-arm.c new file mode 100644 index 0000000000..aa4bfd79e7 --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/hwf-arm.c @@ -0,0 +1,166 @@ +/* hwf-arm.c - Detect hardware features - ARM part + * Copyright © 2013 Jussi Kivilinna <jussi.kivilinna@iki.fi> + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <config.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <unistd.h> + +#include "g10lib.h" +#include "hwf-common.h" + +#if !defined (__arm__) +# error Module build for wrong CPU. +#endif + +#undef HAS_SYS_AT_HWCAP +#undef HAS_PROC_CPUINFO +#ifdef __linux__ + +#define HAS_SYS_AT_HWCAP 1 + +#define AT_HWCAP 16 +#define HWCAP_NEON 4096 + +static int +get_hwcap(unsigned int *hwcap) +{ + struct { unsigned int a_type; unsigned int a_val; } auxv; + FILE *f; + int err = -1; + static int hwcap_initialized = 0; + static unsigned int stored_hwcap; + + if (hwcap_initialized) + { + *hwcap = stored_hwcap; + return 0; + } + + f = fopen("/proc/self/auxv", "r"); + if (!f) + { + *hwcap = stored_hwcap; + return -1; + } + + while (fread(&auxv, sizeof(auxv), 1, f) > 0) + { + if (auxv.a_type != AT_HWCAP) + continue; + + stored_hwcap = auxv.a_val; + hwcap_initialized = 1; + err = 0; + break; + } + + fclose(f); + *hwcap = stored_hwcap; + return err; +} + +static unsigned int +detect_arm_at_hwcap(void) +{ + unsigned int hwcap; + unsigned int features = 0; + + if (get_hwcap(&hwcap) < 0) + return features; + +#ifdef ENABLE_NEON_SUPPORT + if (hwcap & HWCAP_NEON) + features |= HWF_ARM_NEON; +#endif + + return features; +} + +#define HAS_PROC_CPUINFO 1 + +static unsigned int +detect_arm_proc_cpuinfo(void) +{ + char buf[1024]; /* large enough */ + char *str_features, *str_neon; + FILE *f; + int readlen, i; + static int cpuinfo_initialized = 0; + static unsigned int stored_cpuinfo_features; + + if (cpuinfo_initialized) + return stored_cpuinfo_features; + + f = fopen("/proc/cpuinfo", "r"); + if (!f) + return 0; + + memset (buf, 0, sizeof(buf)); + readlen = fread (buf, 1, sizeof(buf), f); + fclose (f); + if (readlen <= 0 || readlen > sizeof(buf)) + return 0; + + buf[sizeof(buf) - 1] = '\0'; + + cpuinfo_initialized = 1; + stored_cpuinfo_features = 0; + + /* Find features line. */ + str_features = strstr(buf, "Features"); + if (!str_features) + return stored_cpuinfo_features; + + /* Lines to strings. */ + for (i = 0; i < sizeof(buf); i++) + if (buf[i] == '\n') + buf[i] = '\0'; + + /* Check for NEON. */ + str_neon = strstr(str_features, " neon"); + if (str_neon && (str_neon[5] == ' ' || str_neon[5] == '\0')) + stored_cpuinfo_features |= HWF_ARM_NEON; + + return stored_cpuinfo_features; +} + +#endif /* __linux__ */ + +unsigned int +_gcry_hwf_detect_arm (void) +{ + unsigned int ret = 0; + +#if defined (HAS_SYS_AT_HWCAP) + ret |= detect_arm_at_hwcap (); +#endif + +#if defined (HAS_PROC_CPUINFO) + ret |= detect_arm_proc_cpuinfo (); +#endif + +#if defined(__ARM_NEON__) && defined(ENABLE_NEON_SUPPORT) + ret |= HWF_ARM_NEON; +#endif + + return ret; +} diff --git a/plugins/MirOTR/Libgcrypt/src/hwf-common.h b/plugins/MirOTR/Libgcrypt/src/hwf-common.h new file mode 100644 index 0000000000..8f156b5644 --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/hwf-common.h @@ -0,0 +1,27 @@ +/* hwf-common.h - Declarations for hwf-CPU.c modules + * Copyright (C) 2012 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef HWF_COMMON_H +#define HWF_COMMON_H + +unsigned int _gcry_hwf_detect_x86 (void); +unsigned int _gcry_hwf_detect_arm (void); + + +#endif /*HWF_COMMON_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/hwf-x86.c b/plugins/MirOTR/Libgcrypt/src/hwf-x86.c new file mode 100644 index 0000000000..7ee246d8cf --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/hwf-x86.c @@ -0,0 +1,310 @@ +/* hwf-x86.c - Detect hardware features - x86 part + * Copyright (C) 2007, 2011, 2012 Free Software Foundation, Inc. + * Copyright (C) 2012 Jussi Kivilinna + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <config.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <unistd.h> + +#include "g10lib.h" +#include "hwf-common.h" + +#if !defined (__i386__) && !defined (__x86_64__) +# error Module build for wrong CPU. +#endif + +/* We use the next macro to decide whether we can test for certain + features. */ +#undef HAS_X86_CPUID + +#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +# define HAS_X86_CPUID 1 + +static int +is_cpuid_available(void) +{ + int has_cpuid = 0; + + /* Detect the CPUID feature by testing some undefined behaviour (16 + vs 32 bit pushf/popf). */ + asm volatile + ("pushf\n\t" /* Copy flags to EAX. */ + "popl %%eax\n\t" + "movl %%eax, %%ecx\n\t" /* Save flags into ECX. */ + "xorl $0x200000, %%eax\n\t" /* Toggle ID bit and copy it to the flags. */ + "pushl %%eax\n\t" + "popf\n\t" + "pushf\n\t" /* Copy changed flags again to EAX. */ + "popl %%eax\n\t" + "pushl %%ecx\n\t" /* Restore flags from ECX. */ + "popf\n\t" + "xorl %%eax, %%ecx\n\t" /* Compare flags against saved flags. */ + "jz .Lno_cpuid%=\n\t" /* Toggling did not work, thus no CPUID. */ + "movl $1, %0\n" /* Worked. true -> HAS_CPUID. */ + ".Lno_cpuid%=:\n\t" + : "+r" (has_cpuid) + : + : "%eax", "%ecx", "cc" + ); + + return has_cpuid; +} + +static void +get_cpuid(unsigned int in, unsigned int *eax, unsigned int *ebx, + unsigned int *ecx, unsigned int *edx) +{ + unsigned int regs[4]; + + asm volatile + ("pushl %%ebx\n\t" /* Save GOT register. */ + "movl %1, %%ebx\n\t" + "cpuid\n\t" + "movl %%ebx, %1\n\t" + "popl %%ebx\n\t" /* Restore GOT register. */ + : "=a" (regs[0]), "=r" (regs[1]), "=c" (regs[2]), "=d" (regs[3]) + : "0" (in), "1" (0), "2" (0), "3" (0) + : "cc" + ); + + if (eax) + *eax = regs[0]; + if (ebx) + *ebx = regs[1]; + if (ecx) + *ecx = regs[2]; + if (edx) + *edx = regs[3]; +} + +#if defined(ENABLE_AVX_SUPPORT) || defined(ENABLE_AVX2_SUPPORT) +static unsigned int +get_xgetbv(void) +{ + unsigned int t_eax; + + asm volatile + ("xgetbv\n\t" + : "=a" (t_eax) + : "c" (0) + ); + + return t_eax; +} +#endif /* ENABLE_AVX_SUPPORT || ENABLE_AVX2_SUPPORT */ + +#endif /* i386 && GNUC */ + + +#if defined (__x86_64__) && defined (__GNUC__) +# define HAS_X86_CPUID 1 + +static int +is_cpuid_available(void) +{ + return 1; +} + +static void +get_cpuid(unsigned int in, unsigned int *eax, unsigned int *ebx, + unsigned int *ecx, unsigned int *edx) +{ + unsigned int regs[4]; + + asm volatile + ("cpuid\n\t" + : "=a" (regs[0]), "=b" (regs[1]), "=c" (regs[2]), "=d" (regs[3]) + : "0" (in), "1" (0), "2" (0), "3" (0) + : "cc" + ); + + if (eax) + *eax = regs[0]; + if (ebx) + *ebx = regs[1]; + if (ecx) + *ecx = regs[2]; + if (edx) + *edx = regs[3]; +} + +#if defined(ENABLE_AVX_SUPPORT) || defined(ENABLE_AVX2_SUPPORT) +static unsigned int +get_xgetbv(void) +{ + unsigned int t_eax; + + asm volatile + ("xgetbv\n\t" + : "=a" (t_eax) + : "c" (0) + ); + + return t_eax; +} +#endif /* ENABLE_AVX_SUPPORT || ENABLE_AVX2_SUPPORT */ + +#endif /* x86-64 && GNUC */ + + +#ifdef HAS_X86_CPUID +static unsigned int +detect_x86_gnuc (void) +{ + char vendor_id[12+1]; + unsigned int features; + unsigned int os_supports_avx_avx2_registers = 0; + unsigned int max_cpuid_level; + unsigned int result = 0; + + (void)os_supports_avx_avx2_registers; + + if (!is_cpuid_available()) + return 0; + + get_cpuid(0, &max_cpuid_level, + (unsigned int *)&vendor_id[0], + (unsigned int *)&vendor_id[8], + (unsigned int *)&vendor_id[4]); + vendor_id[12] = 0; + + if (0) + ; /* Just to make "else if" and ifdef macros look pretty. */ +#ifdef ENABLE_PADLOCK_SUPPORT + else if (!strcmp (vendor_id, "CentaurHauls")) + { + /* This is a VIA CPU. Check what PadLock features we have. */ + + /* Check for extended centaur (EAX). */ + get_cpuid(0xC0000000, &features, NULL, NULL, NULL); + + /* Has extended centaur features? */ + if (features > 0xC0000000) + { + /* Ask for the extended feature flags (EDX). */ + get_cpuid(0xC0000001, NULL, NULL, NULL, &features); + + /* Test bits 2 and 3 to see whether the RNG exists and is enabled. */ + if ((features & 0x0C) == 0x0C) + result |= HWF_PADLOCK_RNG; + + /* Test bits 6 and 7 to see whether the ACE exists and is enabled. */ + if ((features & 0xC0) == 0xC0) + result |= HWF_PADLOCK_AES; + + /* Test bits 10 and 11 to see whether the PHE exists and is + enabled. */ + if ((features & 0xC00) == 0xC00) + result |= HWF_PADLOCK_SHA; + + /* Test bits 12 and 13 to see whether the MONTMUL exists and is + enabled. */ + if ((features & 0x3000) == 0x3000) + result |= HWF_PADLOCK_MMUL; + } + } +#endif /*ENABLE_PADLOCK_SUPPORT*/ + else if (!strcmp (vendor_id, "GenuineIntel")) + { + /* This is an Intel CPU. */ + result |= HWF_INTEL_CPU; + } + else if (!strcmp (vendor_id, "AuthenticAMD")) + { + /* This is an AMD CPU. */ + } + + /* Detect Intel features, that might also be supported by other + vendors. */ + + /* Get CPU info and Intel feature flags (ECX). */ + get_cpuid(1, NULL, NULL, &features, NULL); + +#ifdef ENABLE_PCLMUL_SUPPORT + /* Test bit 1 for PCLMUL. */ + if (features & 0x00000002) + result |= HWF_INTEL_PCLMUL; +#endif + /* Test bit 9 for SSSE3. */ + if (features & 0x00000200) + result |= HWF_INTEL_SSSE3; +#ifdef ENABLE_AESNI_SUPPORT + /* Test bit 25 for AES-NI. */ + if (features & 0x02000000) + result |= HWF_INTEL_AESNI; +#endif /*ENABLE_AESNI_SUPPORT*/ +#if defined(ENABLE_AVX_SUPPORT) || defined(ENABLE_AVX2_SUPPORT) + /* Test bit 27 for OSXSAVE (required for AVX/AVX2). */ + if (features & 0x08000000) + { + /* Check that OS has enabled both XMM and YMM state support. */ + if ((get_xgetbv() & 0x6) == 0x6) + os_supports_avx_avx2_registers = 1; + } +#endif +#ifdef ENABLE_AVX_SUPPORT + /* Test bit 28 for AVX. */ + if (features & 0x10000000) + if (os_supports_avx_avx2_registers) + result |= HWF_INTEL_AVX; +#endif /*ENABLE_AVX_SUPPORT*/ +#ifdef ENABLE_DRNG_SUPPORT + /* Test bit 30 for RDRAND. */ + if (features & 0x40000000) + result |= HWF_INTEL_RDRAND; +#endif /*ENABLE_DRNG_SUPPORT*/ + + /* Check additional Intel feature flags. Early Intel P5 processors report + * too high max_cpuid_level, so don't check level 7 if processor does not + * support SSE3 (as cpuid:7 contains only features for newer processors). + * Source: http://www.sandpile.org/x86/cpuid.htm */ + if (max_cpuid_level >= 7 && (features & 0x00000001)) + { + /* Get CPUID:7 contains further Intel feature flags. */ + get_cpuid(7, NULL, &features, NULL, NULL); + + /* Test bit 8 for BMI2. */ + if (features & 0x00000100) + result |= HWF_INTEL_BMI2; + +#ifdef ENABLE_AVX2_SUPPORT + /* Test bit 5 for AVX2. */ + if (features & 0x00000020) + if (os_supports_avx_avx2_registers) + result |= HWF_INTEL_AVX2; +#endif /*ENABLE_AVX_SUPPORT*/ + } + + return result; +} +#endif /* HAS_X86_CPUID */ + + +unsigned int +_gcry_hwf_detect_x86 (void) +{ +#if defined (HAS_X86_CPUID) + return detect_x86_gnuc (); +#else + return 0; +#endif +} diff --git a/plugins/MirOTR/Libgcrypt/src/hwfeatures.c b/plugins/MirOTR/Libgcrypt/src/hwfeatures.c index 97442dbad4..58099c49ca 100644 --- a/plugins/MirOTR/Libgcrypt/src/hwfeatures.c +++ b/plugins/MirOTR/Libgcrypt/src/hwfeatures.c @@ -1,5 +1,6 @@ /* hwfeatures.c - Detect hardware features. - * Copyright (C) 2007 Free Software Foundation, Inc. + * Copyright (C) 2007, 2011 Free Software Foundation, Inc. + * Copyright (C) 2012 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -19,17 +20,72 @@ #include <config.h> #include <stdio.h> +#include <ctype.h> #include <stdlib.h> #include <string.h> #include <stdarg.h> #include <unistd.h> +#ifdef HAVE_SYSLOG +# include <syslog.h> +#endif /*HAVE_SYSLOG*/ #include "g10lib.h" +#include "hwf-common.h" + +/* The name of a file used to globally disable selected features. */ +#define HWF_DENY_FILE "/etc/gcrypt/hwf.deny" + +/* A table to map hardware features to a string. */ +static struct +{ + unsigned int flag; + const char *desc; +} hwflist[] = + { + { HWF_PADLOCK_RNG, "padlock-rng" }, + { HWF_PADLOCK_AES, "padlock-aes" }, + { HWF_PADLOCK_SHA, "padlock-sha" }, + { HWF_PADLOCK_MMUL,"padlock-mmul"}, + { HWF_INTEL_CPU, "intel-cpu" }, + { HWF_INTEL_BMI2, "intel-bmi2" }, + { HWF_INTEL_SSSE3, "intel-ssse3" }, + { HWF_INTEL_PCLMUL,"intel-pclmul" }, + { HWF_INTEL_AESNI, "intel-aesni" }, + { HWF_INTEL_RDRAND,"intel-rdrand" }, + { HWF_INTEL_AVX, "intel-avx" }, + { HWF_INTEL_AVX2, "intel-avx2" }, + { HWF_ARM_NEON, "arm-neon" } + }; + +/* A bit vector with the hardware features which shall not be used. + This variable must be set prior to any initialization. */ +static unsigned int disabled_hw_features; /* A bit vector describing the hardware features currently available. */ static unsigned int hw_features; +/* Convenience macros. */ +#define my_isascii(c) (!((c) & 0x80)) + + + +/* Disable a feature by name. This function must be called *before* + _gcry_detect_hw_features is called. */ +gpg_err_code_t +_gcry_disable_hw_feature (const char *name) +{ + int i; + + for (i=0; i < DIM (hwflist); i++) + if (!strcmp (hwflist[i].desc, name)) + { + disabled_hw_features |= hwflist[i].flag; + return 0; + } + return GPG_ERR_INV_NAME; +} + /* Return a bit vector describing the available hardware features. The HWF_ constants are used to test for them. */ @@ -40,109 +96,81 @@ _gcry_get_hw_features (void) } -#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) +/* Enumerate all features. The caller is expected to start with an + IDX of 0 and then increment IDX until NULL is returned. */ +const char * +_gcry_enum_hw_features (int idx, unsigned int *r_feature) +{ + if (idx < 0 || idx >= DIM (hwflist)) + return NULL; + if (r_feature) + *r_feature = hwflist[idx].flag; + return hwflist[idx].desc; +} + + +/* Read a file with features which shall not be used. The file is a + simple text file where empty lines and lines with the first non + white-space character being '#' are ignored. */ static void -detect_ia32_gnuc (void) +parse_hwf_deny_file (void) { -#ifdef ENABLE_PADLOCK_SUPPORT - /* The code here is only useful for the PadLock engine thus we don't - build it if that support has been disabled. */ - int has_cpuid = 0; - char vendor_id[12+1]; - - /* Detect the CPUID feature by testing some undefined behaviour (16 - vs 32 bit pushf/popf). */ - asm volatile - ("pushf\n\t" /* Copy flags to EAX. */ - "popl %%eax\n\t" - "movl %%eax, %%ecx\n\t" /* Save flags into ECX. */ - "xorl $0x200000, %%eax\n\t" /* Toggle ID bit and copy it to the flags. */ - "pushl %%eax\n\t" - "popf\n\t" - "pushf\n\t" /* Copy changed flags again to EAX. */ - "popl %%eax\n\t" - "pushl %%ecx\n\t" /* Restore flags from ECX. */ - "popf\n\t" - "xorl %%eax, %%ecx\n\t" /* Compare flags against saved flags. */ - "jz .Lno_cpuid%=\n\t" /* Toggling did not work, thus no CPUID. */ - "movl $1, %0\n" /* Worked. true -> HAS_CPUID. */ - ".Lno_cpuid%=:\n\t" - : "+r" (has_cpuid) - : - : "%eax", "%ecx", "cc" - ); - - if (!has_cpuid) - return; /* No way. */ - - asm volatile - ("pushl %%ebx\n\t" /* Save GOT register. */ - "xorl %%eax, %%eax\n\t" /* 0 -> EAX. */ - "cpuid\n\t" /* Get vendor ID. */ - "movl %%ebx, (%0)\n\t" /* EBX,EDX,ECX -> VENDOR_ID. */ - "movl %%edx, 4(%0)\n\t" - "movl %%ecx, 8(%0)\n\t" - "popl %%ebx\n" - : - : "S" (&vendor_id[0]) - : "%eax", "%ecx", "%edx", "cc" - ); - vendor_id[12] = 0; - - /* Check whether this is a VIA CPU and what PadLock features we - have. */ - if (!strcmp (vendor_id, "CentaurHauls")) + const char *fname = HWF_DENY_FILE; + FILE *fp; + char buffer[256]; + char *p, *pend; + int i, lnr = 0; + + fp = fopen (fname, "r"); + if (!fp) + return; + + for (;;) { - asm volatile - ("pushl %%ebx\n\t" /* Save GOT register. */ - "movl $0xC0000000, %%eax\n\t" /* Check for extended centaur */ - "cpuid\n\t" /* feature flags. */ - "popl %%ebx\n\t" /* Restore GOT register. */ - "cmpl $0xC0000001, %%eax\n\t" - "jb .Lready%=\n\t" /* EAX < 0xC0000000 => no padlock. */ - - "pushl %%ebx\n\t" /* Save GOT register. */ - "movl $0xC0000001, %%eax\n\t" /* Ask for the extended */ - "cpuid\n\t" /* feature flags. */ - "popl %%ebx\n\t" /* Restore GOT register. */ - - "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ - "andl $0x0C, %%eax\n\t" /* Test bits 2 and 3 to see whether */ - "cmpl $0x0C, %%eax\n\t" /* the RNG exists and is enabled. */ - "jnz .Lno_rng%=\n\t" - "orl $1, %0\n" /* Set our HWF_PADLOCK_RNG bit. */ - - ".Lno_rng%=:\n\t" - "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ - "andl $0xC0, %%eax\n\t" /* Test bits 6 and 7 to see whether */ - "cmpl $0xC0, %%eax\n\t" /* the ACE exists and is enabled. */ - "jnz .Lno_ace%=\n\t" - "orl $2, %0\n" /* Set our HWF_PADLOCK_AES bit. */ - - ".Lno_ace%=:\n\t" - "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ - "andl $0xC00, %%eax\n\t" /* Test bits 10, 11 to see whether */ - "cmpl $0xC00, %%eax\n\t" /* the PHE exists and is enabled. */ - "jnz .Lno_phe%=\n\t" - "orl $4, %0\n" /* Set our HWF_PADLOCK_SHA bit. */ - - ".Lno_phe%=:\n\t" - "movl %%edx, %%eax\n\t" /* Take copy of feature flags. */ - "andl $0x3000, %%eax\n\t" /* Test bits 12, 13 to see whether */ - "cmpl $0x3000, %%eax\n\t" /* MONTMUL exists and is enabled. */ - "jnz .Lready%=\n\t" - "orl $8, %0\n" /* Set our HWF_PADLOCK_MMUL bit. */ - - ".Lready%=:\n" - : "+r" (hw_features) - : - : "%eax", "%edx", "cc" - ); + if (!fgets (buffer, sizeof buffer, fp)) + { + if (!feof (fp)) + { +#ifdef HAVE_SYSLOG + syslog (LOG_USER|LOG_WARNING, + "Libgcrypt warning: error reading '%s', line %d", + fname, lnr); +#endif /*HAVE_SYSLOG*/ + } + fclose (fp); + return; + } + lnr++; + for (p=buffer; my_isascii (*p) && isspace (*p); p++) + ; + pend = strchr (p, '\n'); + if (pend) + *pend = 0; + pend = p + (*p? (strlen (p)-1):0); + for ( ;pend > p; pend--) + if (my_isascii (*pend) && isspace (*pend)) + *pend = 0; + if (!*p || *p == '#') + continue; + + for (i=0; i < DIM (hwflist); i++) + { + if (!strcmp (hwflist[i].desc, p)) + { + disabled_hw_features |= hwflist[i].flag; + break; + } + } + if (i == DIM (hwflist)) + { +#ifdef HAVE_SYSLOG + syslog (LOG_USER|LOG_WARNING, + "Libgcrypt warning: unknown feature in '%s', line %d", + fname, lnr); +#endif /*HAVE_SYSLOG*/ + } } -#endif /*ENABLE_PADLOCK_SUPPORT*/ } -#endif /* __i386__ && SIZEOF_UNSIGNED_LONG == 4 && __GNUC__ */ - /* Detect the available hardware features. This function is called @@ -154,14 +182,20 @@ _gcry_detect_hw_features (void) hw_features = 0; if (fips_mode ()) - return; /* Hardware support is not to be evaluated. */ - -#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 -#ifdef __GNUC__ - detect_ia32_gnuc (); -#endif -#elif defined (__i386__) && SIZEOF_UNSIGNED_LONG == 8 -#ifdef __GNUC__ -#endif -#endif + return; /* Hardware support is not to be evaluated. */ + + parse_hwf_deny_file (); + +#if defined (HAVE_CPU_ARCH_X86) + { + hw_features = _gcry_hwf_detect_x86 (); + } +#endif /* HAVE_CPU_ARCH_X86 */ +#if defined (HAVE_CPU_ARCH_ARM) + { + hw_features = _gcry_hwf_detect_arm (); + } +#endif /* HAVE_CPU_ARCH_ARM */ + + hw_features &= ~disabled_hw_features; } diff --git a/plugins/MirOTR/Libgcrypt/src/libgcrypt-config.in b/plugins/MirOTR/Libgcrypt/src/libgcrypt-config.in deleted file mode 100644 index be6df8aceb..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/libgcrypt-config.in +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/sh -# Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc. -# -# This file is free software; as a special exception the author gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. -# -# This file is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -# -# File: @configure_input@ - -# General. -prefix="@prefix@" -exec_prefix="@exec_prefix@" -version="@VERSION@" -includedir="@includedir@" -libdir="@libdir@" -gpg_error_libs="@GPG_ERROR_LIBS@" -gpg_error_cflags="@GPG_ERROR_CFLAGS@" - -# libgcrypt values. -libs="@LIBGCRYPT_CONFIG_LIBS@" -cflags="@LIBGCRYPT_CONFIG_CFLAGS@" - -# API info -api_version="@LIBGCRYPT_CONFIG_API_VERSION@" - -# Misc information. -symmetric_ciphers="@LIBGCRYPT_CIPHERS@" -asymmetric_ciphers="@LIBGCRYPT_PUBKEY_CIPHERS@" -digests="@LIBGCRYPT_DIGESTS@" - -# State variables. -echo_libs=no -echo_cflags=no -echo_prefix=no -echo_algorithms=no -echo_exec_prefix=no -echo_version=no -echo_api_version=no - -# Prints usage information. -usage() -{ - cat <<EOF -Usage: $0 [OPTIONS] -Options: - [--prefix] - [--exec-prefix] - [--version] - [--api-version] - [--libs] - [--cflags] - [--algorithms] -EOF - exit $1 -} - -if test $# -eq 0; then - # Nothing to do. - usage 1 1>&2 -fi - -while test $# -gt 0; do - case "$1" in - # Set up `optarg'. - --*=*) - optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` - ;; - *) - optarg="" - ;; - esac - - case $1 in - --thread=*) - echo "$0: --thread option obsolete: use the thread callback interface" 1>&2 - exit 1 - ;; - --prefix=*) - # For compatibility reasons with old M4 macros, we ignore - # setting of prefix. - ;; - --prefix) - echo_prefix=yes - ;; - --exec-prefix=*) - ;; - --exec-prefix) - echo_exec_prefix=yes - ;; - --version) - echo_version=yes - ;; - --api-version) - echo_api_version=yes - ;; - --cflags) - echo_cflags=yes - ;; - --libs) - echo_libs=yes - ;; - --algorithms) - echo_algorithms=yes - ;; - *) - usage 1 1>&2 - ;; - esac - shift -done - -if test "$echo_prefix" = "yes"; then - echo "$prefix" -fi - -if test "$echo_exec_prefix" = "yes"; then - echo "$exec_prefix" -fi - -if test "$echo_cflags" = "yes"; then - includes="" - cflags_final="$cflags" - - # Set up `includes'. - if test "x$includedir" != "x/usr/include" -a "x$includedir" != "x/include"; then - includes="-I$includedir" - fi - # Set up `cflags_final'. - cflags_final="$cflags_final $gpg_error_cflags" - - tmp="" - for i in $includes $cflags_final; do - if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then - tmp="$tmp $i" - fi - done - echo $tmp -fi - -if test "$echo_libs" = "yes"; then - libdirs="" - libs_final="$libs" - - # Set up `libdirs'. - if test "x$libdir" != "x/usr/lib" -a "x$libdir" != "x/lib"; then - libdirs="-L$libdir" - fi - - # Set up `libs_final'. - libs_final="$libs_final $gpg_error_libs" - - tmp="" - for i in $libdirs $libs_final; do - if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then - tmp="$tmp $i" - fi - done - echo $tmp -fi - -if test "$echo_version" = "yes"; then - echo "$version" -fi - -if test "$echo_api_version" = "yes"; then - echo "$api_version" -fi - -if test "$echo_algorithms" = "yes"; then - echo "Symmetric cipher algorithms: $symmetric_ciphers" - echo "Public-key cipher algorithms: $asymmetric_ciphers" - echo "Message digest algorithms: $digests" -fi diff --git a/plugins/MirOTR/Libgcrypt/src/libgcrypt.def b/plugins/MirOTR/Libgcrypt/src/libgcrypt.def index 8fc4d329aa..a90efcec01 100644 --- a/plugins/MirOTR/Libgcrypt/src/libgcrypt.def +++ b/plugins/MirOTR/Libgcrypt/src/libgcrypt.def @@ -1,6 +1,6 @@ ;; libgcrypt.defs - Exported symbols for W32 ;; Copyright (C) 2003, 2007 Free Software Foundation, Inc. -;; +;; ;; This file is part of Libgcrypt. ;; ;; Libgcrypt is free software; you can redistribute it and/or modify @@ -25,7 +25,7 @@ EXPORTS gcry_check_version @1 gcry_control @2 - + gcry_malloc @3 gcry_calloc @4 gcry_malloc_secure @5 @@ -40,21 +40,21 @@ EXPORTS gcry_xstrdup @14 gcry_is_secure @15 gcry_free @16 - + gcry_set_progress_handler @17 gcry_set_allocation_handler @18 gcry_set_outofcore_handler @19 gcry_set_fatalerror_handler @20 gcry_set_log_handler @21 gcry_set_gettext_handler @22 - + gcry_strerror @23 gcry_strsource @24 gcry_err_code_from_errno @25 gcry_err_code_to_errno @26 gcry_err_make_from_errno @27 gcry_error_from_errno @28 - + gcry_sexp_new @29 gcry_sexp_create @30 gcry_sexp_sscan @31 @@ -77,7 +77,7 @@ EXPORTS gcry_sexp_cadr @48 gcry_sexp_nth_data @49 gcry_sexp_nth_mpi @50 - + gcry_mpi_new @51 gcry_mpi_snew @52 gcry_mpi_release @53 @@ -119,7 +119,7 @@ EXPORTS gcry_mpi_clear_flag @89 gcry_mpi_get_flag @90 - + gcry_cipher_open @92 gcry_cipher_close @93 gcry_cipher_ctl @94 @@ -132,8 +132,9 @@ EXPORTS gcry_cipher_decrypt @101 gcry_cipher_get_algo_keylen @102 gcry_cipher_get_algo_blklen @103 - gcry_cipher_list @104 - + +;; @104 used to be part of the module register interface + gcry_pk_encrypt @105 gcry_pk_decrypt @106 gcry_pk_sign @107 @@ -146,34 +147,14 @@ EXPORTS gcry_pk_map_name @114 gcry_pk_get_nbits @115 gcry_pk_get_keygrip @116 - gcry_pk_list @117 - - gcry_ac_data_new @118 - gcry_ac_data_destroy @119 - gcry_ac_data_set @120 - gcry_ac_data_copy @121 - gcry_ac_data_length @122 - gcry_ac_data_get_name @123 - gcry_ac_data_get_index @124 - gcry_ac_data_clear @125 - gcry_ac_open @126 - gcry_ac_close @127 - gcry_ac_key_init @128 - gcry_ac_key_pair_generate @129 - gcry_ac_key_pair_extract @130 - gcry_ac_key_data_get @131 - gcry_ac_key_test @132 - gcry_ac_key_get_nbits @133 - gcry_ac_key_get_grip @134 - gcry_ac_key_destroy @135 - gcry_ac_key_pair_destroy @136 - gcry_ac_data_encrypt @137 - gcry_ac_data_decrypt @138 - gcry_ac_data_sign @139 - gcry_ac_data_verify @140 - gcry_ac_id_to_name @141 - gcry_ac_name_to_id @142 - + +;; @117 used to be part of the module register interface + +;; +;; 118 to 142 were used in previous Libgcrypt versions for the gcry_ac +;; interface +;; + gcry_md_open @143 gcry_md_close @144 gcry_md_enable @145 @@ -192,14 +173,13 @@ EXPORTS gcry_md_algo_name @158 gcry_md_map_name @159 gcry_md_setkey @160 - gcry_md_list @161 - +;; @161 used to be part of the module register interface gcry_randomize @162 gcry_random_add_bytes @163 gcry_random_bytes @164 gcry_random_bytes_secure @165 gcry_mpi_randomize @166 - + gcry_prime_generate @167 gcry_prime_group_generator @168 gcry_prime_release_factors @169 @@ -209,29 +189,91 @@ EXPORTS gcry_md_debug @172 - gcry_cipher_register @173 - gcry_cipher_unregister @174 - gcry_md_register @175 - gcry_md_unregister @176 - gcry_pk_register @177 - gcry_pk_unregister @178 - - gcry_ac_data_from_sexp @179 - gcry_ac_data_to_sexp @180 - gcry_ac_io_init @181 - gcry_ac_io_init_va @182 - gcry_ac_data_encrypt_scheme @183 - gcry_ac_data_decrypt_scheme @184 - gcry_ac_data_sign_scheme @185 - gcry_ac_data_verify_scheme @186 +;; @173 used to be part of the module register interface +;; @174 used to be part of the module register interface +;; @175 used to be part of the module register interface +;; @176 used to be part of the module register interface +;; @177 used to be part of the module register interface +;; @178 used to be part of the module register interface +;; +;; @179 to @186 used to be part of the removed gcry_ac interface +;; gcry_sexp_nth_string @187 gcry_cipher_setkey @188 gcry_cipher_setiv @189 gcry_cipher_setctr @190 - + gcry_mpi_lshift @191 - + + gcry_pk_get_curve @192 + gcry_pk_get_param @193 + + gcry_kdf_derive @194 + + gcry_mpi_snatch @195 + + gcry_mpi_point_new @196 + gcry_mpi_point_release @197 + gcry_mpi_point_get @198 + gcry_mpi_point_snatch_get @199 + gcry_mpi_point_set @200 + gcry_mpi_point_snatch_set @201 + + gcry_ctx_release @202 + + gcry_mpi_ec_new @203 + gcry_mpi_ec_get_mpi @204 + gcry_mpi_ec_get_point @205 + gcry_mpi_ec_set_mpi @206 + gcry_mpi_ec_set_point @207 + gcry_mpi_ec_get_affine @208 + gcry_mpi_ec_dup @209 + gcry_mpi_ec_add @210 + gcry_mpi_ec_mul @211 + + gcry_pubkey_get_sexp @212 + + _gcry_mpi_get_const @213 + + gcry_sexp_nth_buffer @214 + + gcry_mpi_is_neg @215 + gcry_mpi_neg @216 + gcry_mpi_abs @217 + + gcry_mpi_ec_curve_point @218 + + gcry_md_hash_buffers @219 + + gcry_log_debug @220 + gcry_log_debughex @221 + gcry_log_debugmpi @222 + gcry_log_debugpnt @223 + gcry_log_debugsxp @224 + + gcry_sexp_extract_param @225 + + gcry_cipher_authenticate @226 + gcry_cipher_gettag @227 + gcry_cipher_checktag @228 + + gcry_mpi_set_opaque_copy @229 + + gcry_mac_algo_info @230 + gcry_mac_algo_name @231 + gcry_mac_map_name @232 + gcry_mac_get_algo_maclen @233 + gcry_mac_get_algo_keylen @234 + gcry_mac_open @235 + gcry_mac_close @236 + gcry_mac_setkey @237 + gcry_mac_setiv @238 + gcry_mac_write @239 + gcry_mac_read @240 + gcry_mac_verify @241 + gcry_mac_ctl @242 +;; end of file with public symbols for Windows. diff --git a/plugins/MirOTR/Libgcrypt/src/libgcrypt.m4 b/plugins/MirOTR/Libgcrypt/src/libgcrypt.m4 deleted file mode 100644 index 854eaaa8cc..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/libgcrypt.m4 +++ /dev/null @@ -1,108 +0,0 @@ -dnl Autoconf macros for libgcrypt -dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc. -dnl -dnl This file is free software; as a special exception the author gives -dnl unlimited permission to copy and/or distribute it, with or without -dnl modifications, as long as this notice is preserved. -dnl -dnl This file is distributed in the hope that it will be useful, but -dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - -dnl AM_PATH_LIBGCRYPT([MINIMUM-VERSION, -dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) -dnl Test for libgcrypt and define LIBGCRYPT_CFLAGS and LIBGCRYPT_LIBS. -dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed -dnl with the API version to also check the API compatibility. Example: -dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed -dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1. Using -dnl this features allows to prevent build against newer versions of libgcrypt -dnl with a changed API. -dnl -AC_DEFUN([AM_PATH_LIBGCRYPT], -[ AC_ARG_WITH(libgcrypt-prefix, - AC_HELP_STRING([--with-libgcrypt-prefix=PFX], - [prefix where LIBGCRYPT is installed (optional)]), - libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") - if test x$libgcrypt_config_prefix != x ; then - if test x${LIBGCRYPT_CONFIG+set} != xset ; then - LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config - fi - fi - - AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no) - tmp=ifelse([$1], ,1:1.2.0,$1) - if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then - req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` - min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` - else - req_libgcrypt_api=0 - min_libgcrypt_version="$tmp" - fi - - AC_MSG_CHECKING(for LIBGCRYPT - version >= $min_libgcrypt_version) - ok=no - if test "$LIBGCRYPT_CONFIG" != "no" ; then - req_major=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` - req_minor=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` - req_micro=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` - libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version` - major=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` - minor=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'` - micro=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'` - if test "$major" -gt "$req_major"; then - ok=yes - else - if test "$major" -eq "$req_major"; then - if test "$minor" -gt "$req_minor"; then - ok=yes - else - if test "$minor" -eq "$req_minor"; then - if test "$micro" -ge "$req_micro"; then - ok=yes - fi - fi - fi - fi - fi - fi - if test $ok = yes; then - AC_MSG_RESULT([yes ($libgcrypt_config_version)]) - else - AC_MSG_RESULT(no) - fi - if test $ok = yes; then - # If we have a recent libgcrypt, we should also check that the - # API is compatible - if test "$req_libgcrypt_api" -gt 0 ; then - tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0` - if test "$tmp" -gt 0 ; then - AC_MSG_CHECKING([LIBGCRYPT API version]) - if test "$req_libgcrypt_api" -eq "$tmp" ; then - AC_MSG_RESULT([okay]) - else - ok=no - AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp]) - fi - fi - fi - fi - if test $ok = yes; then - LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` - LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` - ifelse([$2], , :, [$2]) - else - LIBGCRYPT_CFLAGS="" - LIBGCRYPT_LIBS="" - ifelse([$3], , :, [$3]) - fi - AC_SUBST(LIBGCRYPT_CFLAGS) - AC_SUBST(LIBGCRYPT_LIBS) -]) diff --git a/plugins/MirOTR/Libgcrypt/src/libgcrypt.vers b/plugins/MirOTR/Libgcrypt/src/libgcrypt.vers deleted file mode 100644 index ef9fcee12e..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/libgcrypt.vers +++ /dev/null @@ -1,109 +0,0 @@ -# libgcrypt.vers - What symbols to export -*- std -*- -# Copyright (C) 2002, 2004, 2008 Free Software Foundation, Inc. -# -# This file is part of Libgcrypt. -# -# Libgcrypt is free software; you can redistribute it and/or modify -# it under the terms of the GNU Lesser general Public License as -# published by the Free Software Foundation; either version 2.1 of -# the License, or (at your option) any later version. -# -# Libgcrypt is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - -# NOTE: When adding new functions, please make sure to add them to -# visibility.h and libgcrypt.def as well. - -GCRYPT_1.2 { - global: - gcry_check_version; gcry_control; - gcry_set_allocation_handler; gcry_set_fatalerror_handler; - gcry_set_gettext_handler; gcry_set_log_handler; - gcry_set_outofcore_handler; gcry_set_progress_handler; - - gcry_err_code_from_errno; gcry_err_code_to_errno; - gcry_err_make_from_errno; gcry_error_from_errno; - gcry_strerror; gcry_strsource; - - gcry_free; gcry_malloc; gcry_malloc_secure; gcry_calloc; - gcry_calloc_secure; gcry_realloc; gcry_strdup; gcry_is_secure; - gcry_xcalloc; gcry_xcalloc_secure; gcry_xmalloc; - gcry_xmalloc_secure; gcry_xrealloc; gcry_xstrdup; - - gcry_md_algo_info; gcry_md_algo_name; gcry_md_close; - gcry_md_copy; gcry_md_ctl; gcry_md_enable; gcry_md_get; - gcry_md_get_algo; gcry_md_get_algo_dlen; gcry_md_hash_buffer; - gcry_md_info; gcry_md_is_enabled; gcry_md_is_secure; - gcry_md_list; gcry_md_map_name; gcry_md_open; gcry_md_read; - gcry_md_register; gcry_md_reset; gcry_md_setkey; - gcry_md_unregister; gcry_md_write; gcry_md_debug; - - gcry_cipher_algo_info; gcry_cipher_algo_name; gcry_cipher_close; - gcry_cipher_ctl; gcry_cipher_decrypt; gcry_cipher_encrypt; - gcry_cipher_get_algo_blklen; gcry_cipher_get_algo_keylen; - gcry_cipher_info; gcry_cipher_list; gcry_cipher_map_name; - gcry_cipher_mode_from_oid; gcry_cipher_open; - gcry_cipher_register; gcry_cipher_unregister; - gcry_cipher_setkey; gcry_cipher_setiv; gcry_cipher_setctr; - - gcry_pk_algo_info; gcry_pk_algo_name; gcry_pk_ctl; - gcry_pk_decrypt; gcry_pk_encrypt; gcry_pk_genkey; - gcry_pk_get_keygrip; gcry_pk_get_nbits; gcry_pk_list; - gcry_pk_map_name; gcry_pk_register; gcry_pk_sign; - gcry_pk_testkey; gcry_pk_unregister; gcry_pk_verify; - - gcry_ac_data_new; gcry_ac_data_destroy; gcry_ac_data_copy; - gcry_ac_data_length; gcry_ac_data_clear; gcry_ac_data_set; - gcry_ac_data_get_name; gcry_ac_data_get_index; gcry_ac_open; - gcry_ac_close; gcry_ac_key_init; gcry_ac_key_pair_generate; - gcry_ac_key_pair_extract; gcry_ac_key_data_get; gcry_ac_key_test; - gcry_ac_key_get_nbits; gcry_ac_key_get_grip; gcry_ac_key_destroy; - gcry_ac_key_pair_destroy; gcry_ac_data_encrypt; gcry_ac_data_decrypt; - gcry_ac_data_sign; gcry_ac_data_verify; gcry_ac_id_to_name; - gcry_ac_name_to_id; gcry_ac_list; gcry_ac_data_encode; - gcry_ac_data_decode; gcry_ac_mpi_to_os; gcry_ac_mpi_to_os_alloc; - gcry_ac_os_to_mpi; gcry_ac_data_encrypt_scheme; - gcry_ac_data_decrypt_scheme; - gcry_ac_data_sign_scheme; gcry_ac_data_verify_scheme; - gcry_ac_data_to_sexp; gcry_ac_data_from_sexp; - gcry_ac_io_init; gcry_ac_io_init_va; - - gcry_prime_check; gcry_prime_generate; - gcry_prime_group_generator; gcry_prime_release_factors; - - gcry_random_add_bytes; gcry_random_bytes; gcry_random_bytes_secure; - gcry_randomize; gcry_create_nonce; - - gcry_sexp_alist; gcry_sexp_append; gcry_sexp_build; - gcry_sexp_build_array; gcry_sexp_cadr; gcry_sexp_canon_len; - gcry_sexp_car; gcry_sexp_cdr; gcry_sexp_cons; gcry_sexp_create; - gcry_sexp_dump; gcry_sexp_find_token; gcry_sexp_length; - gcry_sexp_new; gcry_sexp_nth; gcry_sexp_nth_data; - gcry_sexp_nth_mpi; gcry_sexp_prepend; gcry_sexp_release; - gcry_sexp_sprint; gcry_sexp_sscan; gcry_sexp_vlist; - gcry_sexp_nth_string; - - gcry_mpi_add; gcry_mpi_add_ui; gcry_mpi_addm; gcry_mpi_aprint; - gcry_mpi_clear_bit; gcry_mpi_clear_flag; gcry_mpi_clear_highbit; - gcry_mpi_cmp; gcry_mpi_cmp_ui; gcry_mpi_copy; gcry_mpi_div; - gcry_mpi_dump; gcry_mpi_gcd; gcry_mpi_get_flag; gcry_mpi_get_nbits; - gcry_mpi_get_opaque; gcry_mpi_invm; gcry_mpi_mod; gcry_mpi_mul; - gcry_mpi_mul_2exp; gcry_mpi_mul_ui; gcry_mpi_mulm; gcry_mpi_new; - gcry_mpi_powm; gcry_mpi_print; gcry_mpi_randomize; gcry_mpi_release; - gcry_mpi_rshift; gcry_mpi_scan; gcry_mpi_set; gcry_mpi_set_bit; - gcry_mpi_set_flag; gcry_mpi_set_highbit; gcry_mpi_set_opaque; - gcry_mpi_set_ui; gcry_mpi_snew; gcry_mpi_sub; gcry_mpi_sub_ui; - gcry_mpi_subm; gcry_mpi_swap; gcry_mpi_test_bit; - gcry_mpi_lshift; - - local: - *; - -}; - diff --git a/plugins/MirOTR/Libgcrypt/src/misc.c b/plugins/MirOTR/Libgcrypt/src/misc.c index fcad8d4e3b..b3c56e29bf 100644 --- a/plugins/MirOTR/Libgcrypt/src/misc.c +++ b/plugins/MirOTR/Libgcrypt/src/misc.c @@ -1,5 +1,5 @@ /* misc.c - * Copyright (C) 1999, 2001, 2002, 2003, 2007, + * Copyright (C) 1999, 2001, 2002, 2003, 2007, * 2008 Free Software Foundation, Inc. * * This file is part of Libgcrypt. @@ -19,7 +19,7 @@ */ #include <config.h> -#include <io.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -28,6 +28,7 @@ #include "g10lib.h" #include "secmem.h" +#include "mpi.h" static int verbosity_level = 0; @@ -39,7 +40,7 @@ static void *log_handler_value = 0; static const char *(*user_gettext_handler)( const char * ) = NULL; void -gcry_set_gettext_handler( const char *(*f)(const char*) ) +_gcry_set_gettext_handler (const char *(*f)(const char*)) { user_gettext_handler = f; } @@ -55,7 +56,7 @@ _gcry_gettext( const char *key ) } void -gcry_set_fatalerror_handler( void (*fnc)(void*,int, const char*), void *value) +_gcry_set_fatalerror_handler( void (*fnc)(void*,int, const char*), void *value) { fatal_error_handler_value = value; fatal_error_handler = fnc; @@ -64,7 +65,9 @@ gcry_set_fatalerror_handler( void (*fnc)(void*,int, const char*), void *value) static void write2stderr( const char *s ) { - write( 2, s, strlen(s) ); + /* Dummy variable to silence gcc warning. */ + int res = write( 2, s, strlen(s) ); + (void) res; } /* @@ -89,8 +92,7 @@ _gcry_fatal_error (int rc, const char *text) } void -gcry_set_log_handler( void (*f)(void*,int, const char*, va_list ), - void *opaque ) +_gcry_set_log_handler (void (*f)(void*,int, const char*, va_list), void *opaque) { log_handler = f; log_handler_value = opaque; @@ -112,14 +114,14 @@ _gcry_log_verbosity( int level ) * This is our log function which prints all log messages to stderr or * using the function defined with gcry_set_log_handler(). */ -static void +void _gcry_logv( int level, const char *fmt, va_list arg_ptr ) { if (log_handler) log_handler (log_handler_value, level, fmt, arg_ptr); - else + else { - switch (level) + switch (level) { case GCRY_LOG_CONT: break; case GCRY_LOG_INFO: break; @@ -132,7 +134,7 @@ _gcry_logv( int level, const char *fmt, va_list arg_ptr ) } vfprintf(stderr,fmt,arg_ptr) ; } - + if ( level == GCRY_LOG_FATAL || level == GCRY_LOG_BUG ) { fips_signal_fatal_error ("internal error (fatal or bug)"); @@ -256,8 +258,8 @@ void _gcry_log_printf (const char *fmt, ...) { va_list arg_ptr; - - if (fmt) + + if (fmt) { va_start( arg_ptr, fmt ) ; _gcry_logv (GCRY_LOG_CONT, fmt, arg_ptr); @@ -265,33 +267,204 @@ _gcry_log_printf (const char *fmt, ...) } } -/* Print a hexdump of BUFFER. With TEXT of NULL print just the raw - dump, with TEXT an empty string, print a trailing linefeed, - otherwise print an entire debug line. */ -void -_gcry_log_printhex (const char *text, const void *buffer, size_t length) + +/* Helper for _gcry_log_printhex and _gcry_log_printmpi. */ +static void +do_printhex (const char *text, const char *text2, + const void *buffer, size_t length) { + int wrap = 0; + int cnt = 0; + if (text && *text) - log_debug ("%s ", text); + { + wrap = 1; + log_debug ("%s:%s", text, text2); + if (text2[1] == '[' && length && buffer) + { + /* Start with a new line so that we get nice output for + opaque MPIS: + "value: [31 bit]" + " 01020300" */ + log_printf ("\n"); + text2 = " "; + log_debug ("%*s ", (int)strlen(text), ""); + } + } if (length) { const unsigned char *p = buffer; - log_printf ("%02X", *p); - for (length--, p++; length--; p++) - log_printf (" %02X", *p); + for (; length--; p++) + { + log_printf ("%02x", *p); + if (wrap && ++cnt == 32 && length) + { + cnt = 0; + log_printf (" \\\n"); + log_debug ("%*s %*s", + (int)strlen(text), "", (int)strlen(text2), ""); + } + } } if (text) log_printf ("\n"); } +/* Print a hexdump of BUFFER. With TEXT of NULL print just the raw + dump without any wrappping, with TEXT an empty string, print a + trailing linefeed, otherwise print an entire debug line. */ void -_gcry_burn_stack (int bytes) +_gcry_log_printhex (const char *text, const void *buffer, size_t length) { - char buf[64]; - + do_printhex (text, " ", buffer, length); +} + + +/* Print MPI in hex notation. To make clear that the output is an MPI + a sign is always printed. With TEXT of NULL print just the raw dump + without any wrapping, with TEXT an empty string, print a trailing + linefeed, otherwise print an entire debug line. */ +void +_gcry_log_printmpi (const char *text, gcry_mpi_t mpi) +{ + unsigned char *rawmpi; + unsigned int rawmpilen; + int sign; + + if (!mpi) + do_printhex (text? text:" ", " (null)", NULL, 0); + else if (mpi_is_opaque (mpi)) + { + unsigned int nbits; + const unsigned char *p; + char prefix[30]; + + p = mpi_get_opaque (mpi, &nbits); + snprintf (prefix, sizeof prefix, " [%u bit]", nbits); + do_printhex (text? text:" ", prefix, p, (nbits+7)/8); + } + else + { + rawmpi = _gcry_mpi_get_buffer (mpi, 0, &rawmpilen, &sign); + if (!rawmpi) + do_printhex (text? text:" ", " [out of core]", NULL, 0); + else + { + if (!rawmpilen) + do_printhex (text, sign? "-":"+", "", 1); + else + do_printhex (text, sign? "-":"+", rawmpi, rawmpilen); + xfree (rawmpi); + } + } +} + + +static int +count_closing_parens (const char *p) +{ + int count = 0; + + for (; *p; p++) + if (*p == ')') + count++; + else if (!strchr ("\n \t", *p)) + return 0; + + return count; +} + + +/* Print SEXP in human readabale format. With TEXT of NULL print just the raw + dump without any wrappping, with TEXT an empty string, print a + trailing linefeed, otherwise print the full debug output. */ +void +_gcry_log_printsxp (const char *text, gcry_sexp_t sexp) +{ + int with_lf = 0; + + if (text && *text) + { + if ((with_lf = !!strchr (text, '\n'))) + log_debug ("%s", text); + else + log_debug ("%s: ", text); + } + if (sexp) + { + int any = 0; + int n_closing; + char *buf, *pend; + const char *p; + size_t size; + + size = sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); + p = buf = xmalloc (size); + sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, buf, size); + + do + { + if (any && !with_lf) + log_debug ("%*s ", (int)strlen(text), ""); + else + any = 1; + pend = strchr (p, '\n'); + size = pend? (pend - p) : strlen (p); + if (with_lf) + log_debug ("%.*s", (int)size, p); + else + log_printf ("%.*s", (int)size, p); + if (pend) + p = pend + 1; + else + p += size; + n_closing = count_closing_parens (p); + if (n_closing) + { + while (n_closing--) + log_printf (")"); + p = ""; + } + log_printf ("\n"); + } + while (*p); + xfree (buf); + } + else if (text) + log_printf ("\n"); +} + + +void +__gcry_burn_stack (unsigned int bytes) +{ +#ifdef HAVE_VLA + /* (bytes == 0 ? 1 : bytes) == (!bytes + bytes) */ + unsigned int buflen = ((!bytes + bytes) + 63) & ~63; + volatile char buf[buflen]; + wipememory (buf, sizeof buf); - bytes -= sizeof buf; - if (bytes > 0) - _gcry_burn_stack (bytes); +#else + volatile char buf[64]; + + wipememory (buf, sizeof buf); + + if (bytes > sizeof buf) + _gcry_burn_stack (bytes - sizeof buf); +#endif +} + +#ifndef HAVE_GCC_ASM_VOLATILE_MEMORY +void +__gcry_burn_stack_dummy (void) +{ +} +#endif + +void +_gcry_divide_by_zero (void) +{ + gpg_err_set_errno (EDOM); + _gcry_fatal_error (gpg_err_code_from_errno (errno), "divide by zero"); } diff --git a/plugins/MirOTR/Libgcrypt/src/missing-string.c b/plugins/MirOTR/Libgcrypt/src/missing-string.c index a5e56c3f76..4756c00ea7 100644 --- a/plugins/MirOTR/Libgcrypt/src/missing-string.c +++ b/plugins/MirOTR/Libgcrypt/src/missing-string.c @@ -1,5 +1,5 @@ /* missing-string.c - missing string utilities - * Copyright (C) 1994, 1998, 1999, 2000, 2001, + * Copyright (C) 1994, 1998, 1999, 2000, 2001, * 2003 Free Software Foundation, Inc. * * This file is part of Libgcrypt. @@ -52,4 +52,3 @@ strcasecmp( const char *a, const char *b ) return *(const byte*)a - *(const byte*)b; } #endif - diff --git a/plugins/MirOTR/Libgcrypt/src/module.c b/plugins/MirOTR/Libgcrypt/src/module.c deleted file mode 100644 index c70a44c08a..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/module.c +++ /dev/null @@ -1,212 +0,0 @@ -/* module.c - Module management for libgcrypt. - * Copyright (C) 2003, 2008 Free Software Foundation, Inc. - * - * This file is part of Libgcrypt. - * - * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser general Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * Libgcrypt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#include <config.h> -#include <errno.h> -#include "g10lib.h" - -/* Please match these numbers with the allocated algorithm - numbers. */ -#define MODULE_ID_MIN 600 -#define MODULE_ID_LAST 65500 -#define MODULE_ID_USER GCRY_MODULE_ID_USER -#define MODULE_ID_USER_LAST GCRY_MODULE_ID_USER_LAST - -#if MODULE_ID_MIN >= MODULE_ID_USER -#error Need to implement a different search strategy -#endif - -/* Internal function. Generate a new, unique module ID for a module - that should be inserted into the module chain starting at - MODULES. */ -static gcry_err_code_t -_gcry_module_id_new (gcry_module_t modules, unsigned int *id_new) -{ - unsigned int mod_id; - gcry_err_code_t err = GPG_ERR_NO_ERROR; - gcry_module_t module; - - /* Search for unused ID. */ - for (mod_id = MODULE_ID_MIN; mod_id < MODULE_ID_LAST; mod_id++) - { - if (mod_id == MODULE_ID_USER) - { - mod_id = MODULE_ID_USER_LAST; - continue; - } - - /* Search for a module with the current ID. */ - for (module = modules; module; module = module->next) - if (mod_id == module->mod_id) - break; - - if (! module) - /* None found -> the ID is available for use. */ - break; - } - - if (mod_id < MODULE_ID_LAST) - /* Done. */ - *id_new = mod_id; - else - /* No free ID found. */ - err = GPG_ERR_INTERNAL; - - return err; -} - -/* Add a module specification to the list ENTRIES. The new module has - it's use-counter set to one. */ -gcry_err_code_t -_gcry_module_add (gcry_module_t *entries, unsigned int mod_id, - void *spec, void *extraspec, gcry_module_t *module) -{ - gcry_err_code_t err = 0; - gcry_module_t entry; - - if (! mod_id) - err = _gcry_module_id_new (*entries, &mod_id); - - if (! err) - { - entry = gcry_malloc (sizeof (struct gcry_module)); - if (! entry) - err = gpg_err_code_from_errno (errno); - } - - if (! err) - { - /* Fill new module entry. */ - entry->flags = 0; - entry->counter = 1; - entry->spec = spec; - entry->extraspec = extraspec; - entry->mod_id = mod_id; - - /* Link it into the list. */ - entry->next = *entries; - entry->prevp = entries; - if (*entries) - (*entries)->prevp = &entry->next; - *entries = entry; - - /* And give it to the caller. */ - if (module) - *module = entry; - } - return err; -} - -/* Internal function. Unlink CIPHER_ENTRY from the list of registered - ciphers and destroy it. */ -static void -_gcry_module_drop (gcry_module_t entry) -{ - *entry->prevp = entry->next; - if (entry->next) - entry->next->prevp = entry->prevp; - - gcry_free (entry); -} - -/* Lookup a module specification by it's ID. After a successfull - lookup, the module has it's resource counter incremented. */ -gcry_module_t -_gcry_module_lookup_id (gcry_module_t entries, unsigned int mod_id) -{ - gcry_module_t entry; - - for (entry = entries; entry; entry = entry->next) - if (entry->mod_id == mod_id) - { - entry->counter++; - break; - } - - return entry; -} - -/* Lookup a module specification. After a successfull lookup, the - module has it's resource counter incremented. FUNC is a function - provided by the caller, which is responsible for identifying the - wanted module. */ -gcry_module_t -_gcry_module_lookup (gcry_module_t entries, void *data, - gcry_module_lookup_t func) -{ - gcry_module_t entry; - - for (entry = entries; entry; entry = entry->next) - if ((*func) (entry->spec, data)) - { - entry->counter++; - break; - } - - return entry; -} - -/* Release a module. In case the use-counter reaches zero, destroy - the module. Passing MODULE as NULL is a dummy operation (similar - to free()). */ -void -_gcry_module_release (gcry_module_t module) -{ - if (module && ! --module->counter) - _gcry_module_drop (module); -} - -/* Add a reference to a module. */ -void -_gcry_module_use (gcry_module_t module) -{ - ++module->counter; -} - -/* If LIST is zero, write the number of modules identified by MODULES - to LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less cipher modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_err_code_t -_gcry_module_list (gcry_module_t modules, - int *list, int *list_length) -{ - gcry_err_code_t err = GPG_ERR_NO_ERROR; - gcry_module_t module; - int length, i; - - for (module = modules, length = 0; module; module = module->next, length++); - - if (list) - { - if (length > *list_length) - length = *list_length; - - for (module = modules, i = 0; i < length; module = module->next, i++) - list[i] = module->mod_id; - - if (length < *list_length) - *list_length = length; - } - else - *list_length = length; - - return err; -} diff --git a/plugins/MirOTR/Libgcrypt/src/mpi.h b/plugins/MirOTR/Libgcrypt/src/mpi.h index f630c3f6f3..bb3c26d0f4 100644 --- a/plugins/MirOTR/Libgcrypt/src/mpi.h +++ b/plugins/MirOTR/Libgcrypt/src/mpi.h @@ -30,8 +30,9 @@ #include <config.h> #include <stdio.h> +#include <string.h> + #include "types.h" -#include "memory.h" #include "../mpi/mpi-asm-defs.h" #include "g10lib.h" @@ -61,21 +62,23 @@ #define DBG_MPI _gcry_get_debug_flag( 2 ); -struct gcry_mpi +struct gcry_mpi { int alloced; /* Array size (# of allocated limbs). */ int nlimbs; /* Number of valid limbs. */ int sign; /* Indicates a negative number and is also used for opaque MPIs to store the length. */ unsigned int flags; /* Bit 0: Array to be allocated in secure memory space.*/ - /* Bit 2: the limb is a pointer to some m_alloced data.*/ + /* Bit 2: The limb is a pointer to some m_alloced data.*/ + /* Bit 4: Immutable MPI - the MPI may not be modified. */ + /* Bit 5: Constant MPI - the MPI will not be freed. */ mpi_limb_t *d; /* Array with the limbs */ }; #define MPI_NULL NULL #define mpi_get_nlimbs(a) ((a)->nlimbs) -#define mpi_is_neg(a) ((a)->sign) +#define mpi_has_sign(a) ((a)->sign) /*-- mpiutil.c --*/ @@ -103,53 +106,69 @@ struct gcry_mpi gcry_mpi_t _gcry_mpi_copy( gcry_mpi_t a ); #endif -#define mpi_is_opaque(a) ((a) && ((a)->flags&4)) -#define mpi_is_secure(a) ((a) && ((a)->flags&1)) +void _gcry_mpi_immutable_failed (void); +#define mpi_immutable_failed() _gcry_mpi_immutable_failed () + +#define mpi_is_const(a) ((a) && ((a)->flags&32)) +#define mpi_is_immutable(a) ((a) && ((a)->flags&16)) +#define mpi_is_opaque(a) ((a) && ((a)->flags&4)) +#define mpi_is_secure(a) ((a) && ((a)->flags&1)) #define mpi_clear(a) _gcry_mpi_clear ((a)) -#define mpi_alloc_like(a) _gcry_mpi_alloc_like((a)) -#define mpi_set(a,b) _gcry_mpi_set ((a),(b)) -#define mpi_set_ui(a,b) _gcry_mpi_set_ui ((a),(b)) -#define mpi_get_ui(a,b) _gcry_mpi_get_ui ((a),(b)) +#define mpi_alloc_like(a) _gcry_mpi_alloc_like((a)) + #define mpi_alloc_set_ui(a) _gcry_mpi_alloc_set_ui ((a)) -#define mpi_m_check(a) _gcry_mpi_m_check ((a)) -#define mpi_swap(a,b) _gcry_mpi_swap ((a),(b)) -#define mpi_new(n) _gcry_mpi_new ((n)) -#define mpi_snew(n) _gcry_mpi_snew ((n)) +#define mpi_m_check(a) _gcry_mpi_m_check ((a)) +#define mpi_const(n) _gcry_mpi_const ((n)) +#define mpi_set_cond(w,u,set) _gcry_mpi_set_cond ((w),(u),(set)) void _gcry_mpi_clear( gcry_mpi_t a ); +gcry_mpi_t _gcry_mpi_set_cond (gcry_mpi_t w, const gcry_mpi_t u, + unsigned long swap); gcry_mpi_t _gcry_mpi_alloc_like( gcry_mpi_t a ); gcry_mpi_t _gcry_mpi_alloc_set_ui( unsigned long u); -gcry_err_code_t _gcry_mpi_get_ui (gcry_mpi_t w, ulong *u); void _gcry_mpi_m_check( gcry_mpi_t a ); void _gcry_mpi_swap( gcry_mpi_t a, gcry_mpi_t b); gcry_mpi_t _gcry_mpi_new (unsigned int nbits); gcry_mpi_t _gcry_mpi_snew (unsigned int nbits); +gcry_mpi_t _gcry_mpi_set_opaque_copy (gcry_mpi_t a, + const void *p, unsigned int nbits); +void *_gcry_mpi_get_opaque_copy (gcry_mpi_t a, unsigned int *nbits); +int _gcry_mpi_is_neg (gcry_mpi_t a); +void _gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u); +void _gcry_mpi_abs (gcry_mpi_t w); + +/* Constants used to return constant MPIs. See _gcry_mpi_init if you + want to add more constants. */ +#define MPI_NUMBER_OF_CONSTANTS 6 +enum gcry_mpi_constants + { + MPI_C_ZERO, + MPI_C_ONE, + MPI_C_TWO, + MPI_C_THREE, + MPI_C_FOUR, + MPI_C_EIGHT + }; + + +gcry_mpi_t _gcry_mpi_const (enum gcry_mpi_constants no); + /*-- mpicoder.c --*/ void _gcry_log_mpidump( const char *text, gcry_mpi_t a ); u32 _gcry_mpi_get_keyid( gcry_mpi_t a, u32 *keyid ); -byte *_gcry_mpi_get_buffer( gcry_mpi_t a, unsigned *nbytes, int *sign ); -byte *_gcry_mpi_get_secure_buffer( gcry_mpi_t a, unsigned *nbytes, int *sign ); -void _gcry_mpi_set_buffer ( gcry_mpi_t a, const void *buffer, +byte *_gcry_mpi_get_buffer (gcry_mpi_t a, unsigned int fill_le, + unsigned int *r_nbytes, int *sign); +byte *_gcry_mpi_get_buffer_extra (gcry_mpi_t a, unsigned int fill_le, + int extraalloc, + unsigned int *r_nbytes, int *sign); +byte *_gcry_mpi_get_secure_buffer (gcry_mpi_t a, unsigned int fill_le, + unsigned *r_nbytes, int *sign); +void _gcry_mpi_set_buffer ( gcry_mpi_t a, const void *buffer, unsigned int nbytes, int sign ); - -#define log_mpidump _gcry_log_mpidump - -/*-- mpi-add.c --*/ -#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v)) -#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v)) -#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m)) -#define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v)) -#define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v)) -#define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m)) - - -/*-- mpi-mul.c --*/ -#define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v)) -#define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v)) -#define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v)) -#define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m)) - +gpg_err_code_t _gcry_mpi_to_octet_string (unsigned char **r_frame, + void *space, + gcry_mpi_t value, size_t nbytes); /*-- mpi-div.c --*/ #define mpi_fdiv_r_ui(a,b,c) _gcry_mpi_fdiv_r_ui((a),(b),(c)) @@ -172,14 +191,11 @@ int _gcry_mpi_divisible_ui(gcry_mpi_t dividend, ulong divisor ); /*-- mpi-mod.c --*/ -#define mpi_mod(r,a,m) _gcry_mpi_mod ((r), (a), (m)) #define mpi_barrett_init(m,f) _gcry_mpi_barrett_init ((m),(f)) #define mpi_barrett_free(c) _gcry_mpi_barrett_free ((c)) #define mpi_mod_barrett(r,a,c) _gcry_mpi_mod_barrett ((r), (a), (c)) #define mpi_mul_barrett(r,u,v,c) _gcry_mpi_mul_barrett ((r), (u), (v), (c)) -void _gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor); - /* Context used with Barrett reduction. */ struct barrett_ctx_s; typedef struct barrett_ctx_s *mpi_barrett_t; @@ -191,19 +207,10 @@ void _gcry_mpi_mul_barrett (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, mpi_barrett_t ctx); - -/*-- mpi-gcd.c --*/ - /*-- mpi-mpow.c --*/ #define mpi_mulpowm(a,b,c,d) _gcry_mpi_mulpowm ((a),(b),(c),(d)) void _gcry_mpi_mulpowm( gcry_mpi_t res, gcry_mpi_t *basearray, gcry_mpi_t *exparray, gcry_mpi_t mod); -/*-- mpi-cmp.c --*/ -#define mpi_cmp_ui(a,b) gcry_mpi_cmp_ui ((a),(b)) -#define mpi_cmp(a,b) gcry_mpi_cmp ((a),(b)) -int gcry_mpi_cmp_ui( gcry_mpi_t u, ulong v ); -int gcry_mpi_cmp( gcry_mpi_t u, gcry_mpi_t v ); - /*-- mpi-scan.c --*/ #define mpi_trailing_zeros(a) _gcry_mpi_trailing_zeros ((a)) int _gcry_mpi_getbyte( gcry_mpi_t a, unsigned idx ); @@ -212,50 +219,88 @@ unsigned _gcry_mpi_trailing_zeros( gcry_mpi_t a ); /*-- mpi-bit.c --*/ #define mpi_normalize(a) _gcry_mpi_normalize ((a)) -#define mpi_get_nbits(a) gcry_mpi_get_nbits ((a)) -#define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b)) -#define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b)) -#define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b)) -#define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b)) -#define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b)) -#define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c)) -#define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c)) void _gcry_mpi_normalize( gcry_mpi_t a ); -/*-- mpi-inv.c --*/ -#define mpi_invm(a,b,c) _gcry_mpi_invm ((a),(b),(c)) - /*-- ec.c --*/ /* Object to represent a point in projective coordinates. */ -struct mpi_point_s; -typedef struct mpi_point_s mpi_point_t; -struct mpi_point_s +struct gcry_mpi_point { gcry_mpi_t x; gcry_mpi_t y; gcry_mpi_t z; }; - -/* Context used with elliptic curve fucntions. */ -struct mpi_ec_ctx_s; -typedef struct mpi_ec_ctx_s *mpi_ec_t; - -void _gcry_mpi_ec_point_init (mpi_point_t *p); -void _gcry_mpi_ec_point_free (mpi_point_t *p); -mpi_ec_t _gcry_mpi_ec_init (gcry_mpi_t p, gcry_mpi_t a); +typedef struct gcry_mpi_point mpi_point_struct; +typedef struct gcry_mpi_point *mpi_point_t; + +void _gcry_mpi_point_init (mpi_point_t p); +void _gcry_mpi_point_free_parts (mpi_point_t p); +void _gcry_mpi_get_point (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + mpi_point_t point); +void _gcry_mpi_snatch_point (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + mpi_point_t point); + + +/* Models describing an elliptic curve. */ +enum gcry_mpi_ec_models + { + + MPI_EC_WEIERSTRASS = 0, + MPI_EC_MONTGOMERY, + MPI_EC_TWISTEDEDWARDS + /* The equation for Twisted Edwards curves is + ax^2 + y^2 = 1 + bx^2y^2 + Note that we use 'b' instead of the commonly used 'd'. */ + }; + +/* Dialects used with elliptic curves. It is easier to keep the + definition here than in ecc-common.h. */ +enum ecc_dialects + { + ECC_DIALECT_STANDARD = 0, + ECC_DIALECT_ED25519 + }; + + +void _gcry_mpi_point_log (const char *name, mpi_point_t point, mpi_ec_t ctx); +#define log_printpnt(a,p,c) _gcry_mpi_point_log ((a), (p), (c)) + +mpi_ec_t _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, + enum ecc_dialects dialect, + int flags, + gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b); +gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, + enum gcry_mpi_ec_models model, + enum ecc_dialects dialect, + int flags, + gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b); void _gcry_mpi_ec_free (mpi_ec_t ctx); -int _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t *point, - mpi_ec_t ctx); -void _gcry_mpi_ec_dup_point (mpi_point_t *result, - mpi_point_t *point, mpi_ec_t ctx); -void _gcry_mpi_ec_add_points (mpi_point_t *result, - mpi_point_t *p1, mpi_point_t *p2, + +void _gcry_mpi_ec_dup_point (mpi_point_t result, + mpi_point_t point, mpi_ec_t ctx); +void _gcry_mpi_ec_add_points (mpi_point_t result, + mpi_point_t p1, mpi_point_t p2, mpi_ec_t ctx); -void _gcry_mpi_ec_mul_point (mpi_point_t *result, - gcry_mpi_t scalar, mpi_point_t *point, +void _gcry_mpi_ec_mul_point (mpi_point_t result, + gcry_mpi_t scalar, mpi_point_t point, mpi_ec_t ctx); +int _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx); + +gcry_mpi_t _gcry_mpi_ec_ec2os (gcry_mpi_point_t point, mpi_ec_t ectx); + +gcry_mpi_t _gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy); +gcry_mpi_point_t _gcry_mpi_ec_get_point (const char *name, + gcry_ctx_t ctx, int copy); +gpg_err_code_t _gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue, + gcry_ctx_t ctx); +gpg_err_code_t _gcry_mpi_ec_set_point (const char *name, + gcry_mpi_point_t newvalue, + gcry_ctx_t ctx); + +/*-- ecc-curves.c --*/ +gpg_err_code_t _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, + gcry_sexp_t keyparam, const char *curvename); diff --git a/plugins/MirOTR/Libgcrypt/src/mpicalc.c b/plugins/MirOTR/Libgcrypt/src/mpicalc.c new file mode 100644 index 0000000000..f1fbbefe08 --- /dev/null +++ b/plugins/MirOTR/Libgcrypt/src/mpicalc.c @@ -0,0 +1,609 @@ +/* mpicalc.c - Simple RPN calculator using gcry_mpi functions + * Copyright (C) 1997, 1998, 1999, 2004, 2006, 2013 Werner Koch + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +/* + This program is a simple RPN calculator which was originally used + to develop the mpi functions of GnuPG. Values must be given in + hex. Operation is like dc(1) except that the input/output radix is + always 16 and you can use a '-' to prefix a negative number. + Addition operators: ++ and --. All operators must be delimited by + a blank. + */ + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <ctype.h> + +#ifdef _GCRYPT_IN_LIBGCRYPT +# undef _GCRYPT_IN_LIBGCRYPT +# include "gcrypt.h" +#else +# include <gcrypt.h> +#endif + + +#define MPICALC_VERSION "2.0" +#define NEED_LIBGCRYPT_VERSION "1.6.0" + +#define STACKSIZE 500 +static gcry_mpi_t stack[STACKSIZE]; +static int stackidx; + + +static int +scan_mpi (gcry_mpi_t retval, const char *string) +{ + gpg_error_t err; + gcry_mpi_t val; + + err = gcry_mpi_scan (&val, GCRYMPI_FMT_HEX, string, 0, NULL); + if (err) + { + fprintf (stderr, "scanning input failed: %s\n", gpg_strerror (err)); + return -1; + } + mpi_set (retval, val); + mpi_release (val); + return 0; +} + + +static void +print_mpi (gcry_mpi_t a) +{ + gpg_error_t err; + char *buf; + void *bufaddr = &buf; + + err = gcry_mpi_aprint (GCRYMPI_FMT_HEX, bufaddr, NULL, a); + if (err) + fprintf (stderr, "[error printing number: %s]\n", gpg_strerror (err)); + else + { + fputs (buf, stdout); + gcry_free (buf); + } +} + + + +static void +do_add (void) +{ + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_add (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; +} + +static void +do_sub (void) +{ + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_sub (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; +} + +static void +do_inc (void) +{ + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_add_ui (stack[stackidx - 1], stack[stackidx - 1], 1); +} + +static void +do_dec (void) +{ + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + /* mpi_sub_ui( stack[stackidx-1], stack[stackidx-1], 1 ); */ +} + +static void +do_mul (void) +{ + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_mul (stack[stackidx - 2], stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; +} + +static void +do_mulm (void) +{ + if (stackidx < 3) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_mulm (stack[stackidx - 3], stack[stackidx - 3], + stack[stackidx - 2], stack[stackidx - 1]); + stackidx -= 2; +} + +static void +do_div (void) +{ + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_fdiv (stack[stackidx - 2], NULL, + stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; +} + +static void +do_rem (void) +{ + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_mod (stack[stackidx - 2], + stack[stackidx - 2], stack[stackidx - 1]); + stackidx--; +} + +static void +do_powm (void) +{ + gcry_mpi_t a; + if (stackidx < 3) + { + fputs ("stack underflow\n", stderr); + return; + } + a = mpi_new (0); + mpi_powm (a, stack[stackidx - 3], stack[stackidx - 2], stack[stackidx - 1]); + mpi_release (stack[stackidx - 3]); + stack[stackidx - 3] = a; + stackidx -= 2; +} + +static void +do_inv (void) +{ + gcry_mpi_t a = mpi_new (0); + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_invm (a, stack[stackidx - 2], stack[stackidx - 1]); + mpi_set (stack[stackidx - 2], a); + mpi_release (a); + stackidx--; +} + +static void +do_gcd (void) +{ + gcry_mpi_t a = mpi_new (0); + if (stackidx < 2) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_gcd (a, stack[stackidx - 2], stack[stackidx - 1]); + mpi_set (stack[stackidx - 2], a); + mpi_release (a); + stackidx--; +} + +static void +do_rshift (void) +{ + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + mpi_rshift (stack[stackidx - 1], stack[stackidx - 1], 1); +} + + +static void +do_nbits (void) +{ + unsigned int n; + + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + n = mpi_get_nbits (stack[stackidx - 1]); + mpi_set_ui (stack[stackidx - 1], n); +} + + +static void +do_primecheck (void) +{ + gpg_error_t err; + + if (stackidx < 1) + { + fputs ("stack underflow\n", stderr); + return; + } + err = gcry_prime_check (stack[stackidx - 1], 0); + mpi_set_ui (stack[stackidx - 1], !err); + if (err && gpg_err_code (err) != GPG_ERR_NO_PRIME) + fprintf (stderr, "checking prime failed: %s\n", gpg_strerror (err)); +} + + +static int +my_getc (void) +{ + static int shown; + int c; + + for (;;) + { + if ((c = getc (stdin)) == EOF) + return EOF; + if (!(c & 0x80)) + return c; + + if (!shown) + { + shown = 1; + fputs ("note: Non ASCII characters are ignored\n", stderr); + } + } +} + + +static void +print_help (void) +{ + fputs ("+ add [0] := [1] + [0] {-1}\n" + "- subtract [0] := [1] - [0] {-1}\n" + "* multiply [0] := [1] * [0] {-1}\n" + "/ divide [0] := [1] - [0] {-1}\n" + "% modulo [0] := [1] % [0] {-1}\n" + "> right shift [0] := [0] >> 1 {0}\n" + "++ increment [0] := [0]++ {0}\n" + "-- decrement [0] := [0]-- {0}\n" + "m multiply mod [0] := [2] * [1] mod [0] {-2}\n" + "^ power mod [0] := [2] ^ [1] mod [0] {-2}\n" + "I inverse mod [0] := [1]^-1 mod [0] {-1}\n" + "G gcd [0] := gcd([1],[0]) {-1}\n" + "i remove item [0] := [1] {-1}\n" + "d dup item [-1] := [0] {+1}\n" + "r reverse [0] := [1], [1] := [0] {0}\n" + "b # of bits [0] := nbits([0]) {0}\n" + "P prime check [0] := is_prime([0])?1:0 {0}\n" + "c clear stack\n" + "p print top item\n" + "f print the stack\n" + "# ignore until end of line\n" + "? print this help\n" + , stdout); +} + + + +int +main (int argc, char **argv) +{ + const char *pgm; + int last_argc = -1; + int print_config = 0; + int i, c; + int state = 0; + char strbuf[4096]; + int stridx = 0; + + if (argc) + { + pgm = strrchr (*argv, '/'); + if (pgm) + pgm++; + else + pgm = *argv; + argc--; argv++; + } + else + pgm = "?"; + + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--version") + || !strcmp (*argv, "--help")) + { + printf ("%s " MPICALC_VERSION "\n" + "libgcrypt %s\n" + "Copyright (C) 1997, 2013 Werner Koch\n" + "License LGPLv2.1+: GNU LGPL version 2.1 or later " + "<http://gnu.org/licenses/old-licenses/lgpl-2.1.html>\n" + "This is free software: you are free to change and " + "redistribute it.\n" + "There is NO WARRANTY, to the extent permitted by law.\n" + "\n" + "Syntax: mpicalc [options]\n" + "Simple interactive big integer RPN calculator\n" + "\n" + "Options:\n" + " --version print version information\n" + " --print-config print the Libgcrypt config\n" + " --disable-hwf NAME disable feature NAME\n", + pgm, gcry_check_version (NULL)); + exit (0); + } + else if (!strcmp (*argv, "--print-config")) + { + argc--; argv++; + print_config = 1; + } + else if (!strcmp (*argv, "--disable-hwf")) + { + argc--; argv++; + if (argc) + { + if (gcry_control (GCRYCTL_DISABLE_HWF, *argv, NULL)) + fprintf (stderr, "%s: unknown hardware feature `%s'" + " - option ignored\n", pgm, *argv); + argc--; argv++; + } + } + } + + if (argc) + { + fprintf (stderr, "usage: %s [options] (--help for help)\n", pgm); + exit (1); + } + + if (!gcry_check_version (NEED_LIBGCRYPT_VERSION)) + { + fprintf (stderr, "%s: Libgcrypt is too old (need %s, have %s)\n", + pgm, NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); + exit (1); + } + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if (print_config) + { + gcry_control (GCRYCTL_PRINT_CONFIG, stdout); + exit (0); + } + + for (i = 0; i < STACKSIZE; i++) + stack[i] = NULL; + stackidx = 0; + + while ((c = my_getc ()) != EOF) + { + if (!state) /* waiting */ + { + if (isdigit (c)) + { + state = 1; + ungetc (c, stdin); + strbuf[0] = '0'; + strbuf[1] = 'x'; + stridx = 2; + } + else if (isspace (c)) + ; + else + { + switch (c) + { + case '#': + state = 2; + break; + case '+': + if ((c = my_getc ()) == '+') + do_inc (); + else + { + ungetc (c, stdin); + do_add (); + } + break; + case '-': + if ((c = my_getc ()) == '-') + do_dec (); + else if (isdigit (c) + || (c >= 'A' && c <= 'F') + || (c >= 'a' && c <= 'f')) + { + state = 1; + ungetc (c, stdin); + strbuf[0] = '-'; + strbuf[1] = '0'; + strbuf[2] = 'x'; + stridx = 3; + } + else + { + ungetc (c, stdin); + do_sub (); + } + break; + case '*': + do_mul (); + break; + case 'm': + do_mulm (); + break; + case '/': + do_div (); + break; + case '%': + do_rem (); + break; + case '^': + do_powm (); + break; + case '>': + do_rshift (); + break; + case 'I': + do_inv (); + break; + case 'G': + do_gcd (); + break; + case 'i': /* dummy */ + if (!stackidx) + fputs ("stack underflow\n", stderr); + else + { + mpi_release (stack[stackidx - 1]); + stackidx--; + } + break; + case 'd': /* duplicate the tos */ + if (!stackidx) + fputs ("stack underflow\n", stderr); + else if (stackidx < STACKSIZE) + { + mpi_release (stack[stackidx]); + stack[stackidx] = mpi_copy (stack[stackidx - 1]); + stackidx++; + } + else + fputs ("stack overflow\n", stderr); + break; + case 'r': /* swap top elements */ + if (stackidx < 2) + fputs ("stack underflow\n", stderr); + else if (stackidx < STACKSIZE) + { + gcry_mpi_t tmp = stack[stackidx-1]; + stack[stackidx-1] = stack[stackidx - 2]; + stack[stackidx-2] = tmp; + } + break; + case 'b': + do_nbits (); + break; + case 'P': + do_primecheck (); + break; + case 'c': + for (i = 0; i < stackidx; i++) + { + mpi_release (stack[i]); stack[i] = NULL; + } + stackidx = 0; + break; + case 'p': /* print the tos */ + if (!stackidx) + puts ("stack is empty"); + else + { + print_mpi (stack[stackidx - 1]); + putchar ('\n'); + } + break; + case 'f': /* print the stack */ + for (i = stackidx - 1; i >= 0; i--) + { + printf ("[%2d]: ", i); + print_mpi (stack[i]); + putchar ('\n'); + } + break; + case '?': + print_help (); + break; + default: + fputs ("invalid operator\n", stderr); + } + } + } + else if (state == 1) /* In a number. */ + { + if (!isxdigit (c)) + { + /* Store the number */ + state = 0; + ungetc (c, stdin); + if (stridx < sizeof strbuf) + strbuf[stridx] = 0; + + if (stackidx < STACKSIZE) + { + if (!stack[stackidx]) + stack[stackidx] = mpi_new (0); + if (scan_mpi (stack[stackidx], strbuf)) + fputs ("invalid number\n", stderr); + else + stackidx++; + } + else + fputs ("stack overflow\n", stderr); + } + else + { /* Store a digit. */ + if (stridx < sizeof strbuf - 1) + strbuf[stridx++] = c; + else if (stridx == sizeof strbuf - 1) + { + strbuf[stridx] = 0; + fputs ("input too large - truncated\n", stderr); + stridx++; + } + } + } + else if (state == 2) /* In a comment. */ + { + if (c == '\n') + state = 0; + } + + } + + for (i = 0; i < stackidx; i++) + mpi_release (stack[i]); + return 0; +} diff --git a/plugins/MirOTR/Libgcrypt/src/secmem.c b/plugins/MirOTR/Libgcrypt/src/secmem.c index a12af58a22..2bf7d8c6ab 100644 --- a/plugins/MirOTR/Libgcrypt/src/secmem.c +++ b/plugins/MirOTR/Libgcrypt/src/secmem.c @@ -1,6 +1,7 @@ /* secmem.c - memory allocation from a secure heap * Copyright (C) 1998, 1999, 2000, 2001, 2002, * 2003, 2007 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -78,6 +79,8 @@ static int show_warning; static int not_locked; static int no_warning; static int suspend_warning; +static int no_mlock; +static int no_priv_drop; /* Stats. */ static unsigned int cur_alloced, cur_blocks; @@ -136,14 +139,14 @@ mb_get_next (memblock_t *mb) memblock_t *mb_next; mb_next = (memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size); - + if (! ptr_into_pool_p (mb_next)) mb_next = NULL; return mb_next; } -/* Return the block preceeding MB or NULL, if MB is the first +/* Return the block preceding MB or NULL, if MB is the first block. */ static memblock_t * mb_get_prev (memblock_t *mb) @@ -168,7 +171,7 @@ mb_get_prev (memblock_t *mb) return mb_prev; } -/* If the preceeding block of MB and/or the following block of MB +/* If the preceding block of MB and/or the following block of MB exist and are not active, merge them to form a bigger block. */ static void mb_merge (memblock_t *mb) @@ -192,7 +195,7 @@ static memblock_t * mb_get_new (memblock_t *block, size_t size) { memblock_t *mb, *mb_split; - + for (mb = block; ptr_into_pool_p (mb); mb = mb_get_next (mb)) if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size) { @@ -202,7 +205,7 @@ mb_get_new (memblock_t *block, size_t size) if (mb->size - size > BLOCK_HEAD_SIZE) { /* Split block. */ - + mb_split = (memblock_t *) (((char *) mb) + BLOCK_HEAD_SIZE + size); mb_split->size = mb->size - size - BLOCK_HEAD_SIZE; mb_split->flags = 0; @@ -217,7 +220,10 @@ mb_get_new (memblock_t *block, size_t size) } if (! ptr_into_pool_p (mb)) - mb = NULL; + { + gpg_err_set_errno (ENOMEM); + mb = NULL; + } return mb; } @@ -237,11 +243,19 @@ lock_pool (void *p, size_t n) #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK) int err; - cap_set_proc (cap_from_text ("cap_ipc_lock+ep")); - err = mlock (p, n); - if (err && errno) - err = errno; - cap_set_proc (cap_from_text ("cap_ipc_lock+p")); + { + cap_t cap; + + cap = cap_from_text ("cap_ipc_lock+ep"); + cap_set_proc (cap); + cap_free (cap); + err = no_mlock? 0 : mlock (p, n); + if (err && errno) + err = errno; + cap = cap_from_text ("cap_ipc_lock+p"); + cap_set_proc (cap); + cap_free(cap); + } if (err) { @@ -271,7 +285,7 @@ lock_pool (void *p, size_t n) /* Under HP/UX mlock segfaults if called by non-root. Note, we have noch checked whether mlock does really work under AIX where we also detected a broken nlock. Note further, that using plock () - is not a good idea under AIX. */ + is not a good idea under AIX. */ if (uid) { errno = EPERM; @@ -279,22 +293,27 @@ lock_pool (void *p, size_t n) } else { - err = mlock (p, n); + err = no_mlock? 0 : mlock (p, n); if (err && errno) err = errno; } #else /* !HAVE_BROKEN_MLOCK */ - err = mlock (p, n); + err = no_mlock? 0 : mlock (p, n); if (err && errno) err = errno; #endif /* !HAVE_BROKEN_MLOCK */ + /* Test whether we are running setuid(0). */ if (uid && ! geteuid ()) { - /* check that we really dropped the privs. - * Note: setuid(0) should always fail */ - if (setuid (uid) || getuid () != geteuid () || !setuid (0)) - log_fatal ("failed to reset uid: %s\n", strerror (errno)); + /* Yes, we are. */ + if (!no_priv_drop) + { + /* Check that we really dropped the privs. + * Note: setuid(0) should always fail */ + if (setuid (uid) || getuid () != geteuid () || !setuid (0)) + log_fatal ("failed to reset uid: %s\n", strerror (errno)); + } } if (err) @@ -319,19 +338,25 @@ lock_pool (void *p, size_t n) /* QNX does not page at all, so the whole secure memory stuff does * not make much sense. However it is still of use because it * wipes out the memory on a free(). - * Therefore it is sufficient to suppress the warning - */ + * Therefore it is sufficient to suppress the warning. */ + (void)p; + (void)n; #elif defined (HAVE_DOSISH_SYSTEM) || defined (__CYGWIN__) - /* It does not make sense to print such a warning, given the fact that - * this whole Windows !@#$% and their user base are inherently insecure - */ + /* It does not make sense to print such a warning, given the fact that + * this whole Windows !@#$% and their user base are inherently insecure. */ + (void)p; + (void)n; #elif defined (__riscos__) - /* no virtual memory on RISC OS, so no pages are swapped to disc, + /* No virtual memory on RISC OS, so no pages are swapped to disc, * besides we don't have mmap, so we don't use it! ;-) - * But don't complain, as explained above. - */ + * But don't complain, as explained above. */ + (void)p; + (void)n; #else - log_info ("Please note that you don't have secure memory on this system\n"); + (void)p; + (void)n; + if (!no_mlock) + log_info ("Please note that you don't have secure memory on this system\n"); #endif } @@ -416,6 +441,8 @@ _gcry_secmem_set_flags (unsigned flags) was_susp = suspend_warning; no_warning = flags & GCRY_SECMEM_FLAG_NO_WARNING; suspend_warning = flags & GCRY_SECMEM_FLAG_SUSPEND_WARNING; + no_mlock = flags & GCRY_SECMEM_FLAG_NO_MLOCK; + no_priv_drop = flags & GCRY_SECMEM_FLAG_NO_PRIV_DROP; /* and now issue the warning if it is not longer suspended */ if (was_susp && !suspend_warning && show_warning) @@ -437,6 +464,8 @@ _gcry_secmem_get_flags (void) flags = no_warning ? GCRY_SECMEM_FLAG_NO_WARNING : 0; flags |= suspend_warning ? GCRY_SECMEM_FLAG_SUSPEND_WARNING : 0; flags |= not_locked ? GCRY_SECMEM_FLAG_NOT_LOCKED : 0; + flags |= no_mlock ? GCRY_SECMEM_FLAG_NO_MLOCK : 0; + flags |= no_priv_drop ? GCRY_SECMEM_FLAG_NO_PRIV_DROP : 0; SECMEM_UNLOCK; @@ -453,7 +482,13 @@ secmem_init (size_t n) { #ifdef USE_CAPABILITIES /* drop all capabilities */ - cap_set_proc (cap_from_text ("all-eip")); + { + cap_t cap; + + cap = cap_from_text ("all-eip"); + cap_set_proc (cap); + cap_free (cap); + } #elif !defined(HAVE_DOSISH_SYSTEM) uid_t uid; @@ -498,6 +533,19 @@ _gcry_secmem_init (size_t n) } +gcry_err_code_t +_gcry_secmem_module_init () +{ + int err; + + err = ath_mutex_init (&secmem_lock); + if (err) + log_fatal ("could not allocate secmem lock\n"); + + return 0; +} + + static void * _gcry_secmem_malloc_internal (size_t size) { @@ -511,12 +559,14 @@ _gcry_secmem_malloc_internal (size_t size) { log_info (_("operation is not possible without " "initialized secure memory\n")); + gpg_err_set_errno (ENOMEM); return NULL; } } if (not_locked && fips_mode ()) { log_info (_("secure memory pool is not locked while in FIPS mode\n")); + gpg_err_set_errno (ENOMEM); return NULL; } if (show_warning && !suspend_warning) @@ -543,7 +593,7 @@ _gcry_secmem_malloc (size_t size) SECMEM_LOCK; p = _gcry_secmem_malloc_internal (size); SECMEM_UNLOCK; - + return p; } @@ -661,7 +711,7 @@ _gcry_secmem_term () void _gcry_secmem_dump_stats () { -#if 1 +#if 1 SECMEM_LOCK; if (pool_okay) diff --git a/plugins/MirOTR/Libgcrypt/src/secmem.h b/plugins/MirOTR/Libgcrypt/src/secmem.h index 29e151af43..3577381cf8 100644 --- a/plugins/MirOTR/Libgcrypt/src/secmem.h +++ b/plugins/MirOTR/Libgcrypt/src/secmem.h @@ -35,5 +35,7 @@ int _gcry_private_is_secure (const void *p); #define GCRY_SECMEM_FLAG_NO_WARNING (1 << 0) #define GCRY_SECMEM_FLAG_SUSPEND_WARNING (1 << 1) #define GCRY_SECMEM_FLAG_NOT_LOCKED (1 << 2) +#define GCRY_SECMEM_FLAG_NO_MLOCK (1 << 3) +#define GCRY_SECMEM_FLAG_NO_PRIV_DROP (1 << 4) #endif /* G10_SECMEM_H */ diff --git a/plugins/MirOTR/Libgcrypt/src/sexp.c b/plugins/MirOTR/Libgcrypt/src/sexp.c index e11f86ec0a..9bc13caf37 100644 --- a/plugins/MirOTR/Libgcrypt/src/sexp.c +++ b/plugins/MirOTR/Libgcrypt/src/sexp.c @@ -1,1976 +1,2437 @@ -/* sexp.c - S-Expression handling
- * Copyright (C) 1999, 2000, 2001, 2002, 2003,
- * 2004, 2006, 2007, 2008 Free Software Foundation, Inc.
- *
- * This file is part of Libgcrypt.
- *
- * Libgcrypt is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser general Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * Libgcrypt is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <ctype.h>
-#include <errno.h>
-
-#define GCRYPT_NO_MPI_MACROS 1
-#include "g10lib.h"
-
-typedef struct gcry_sexp *NODE;
-typedef unsigned short DATALEN;
-
-struct gcry_sexp
-{
- byte d[1];
-};
-
-#define ST_STOP 0
-#define ST_DATA 1 /* datalen follows */
-#define ST_HINT 2 /* datalen follows */
-#define ST_OPEN 3
-#define ST_CLOSE 4
-
-/* the atoi macros assume that the buffer has only valid digits */
-#define atoi_1(p) (*(p) - '0' )
-#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
- *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
-#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
-
-#define TOKEN_SPECIALS "-./_:*+="
-
-static gcry_error_t
-vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- void **arg_list, va_list arg_ptr);
-
-static gcry_error_t
-sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- void **arg_list, ...);
-
-/* Return true if P points to a byte containing a whitespace according
- to the S-expressions definition. */
-#undef whitespacep
-static GPG_ERR_INLINE int
-whitespacep (const char *p)
-{
- switch (*p)
- {
- case ' ': case '\t': case '\v': case '\f': case '\r': case '\n': return 1;
- default: return 0;
- }
-}
-
-
-#if 0
-static void
-dump_mpi( gcry_mpi_t a )
-{
- char buffer[1000];
- size_t n = 1000;
-
- if( !a )
- fputs("[no MPI]", stderr );
- else if( gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &n, a ) )
- fputs("[MPI too large to print]", stderr );
- else
- fputs( buffer, stderr );
-}
-#endif
-
-static void
-dump_string (const byte *p, size_t n, int delim )
-{
- for (; n; n--, p++ )
- {
- if ((*p & 0x80) || iscntrl( *p ) || *p == delim )
- {
- if( *p == '\n' )
- log_printf ("\\n");
- else if( *p == '\r' )
- log_printf ("\\r");
- else if( *p == '\f' )
- log_printf ("\\f");
- else if( *p == '\v' )
- log_printf ("\\v");
- else if( *p == '\b' )
- log_printf ("\\b");
- else if( !*p )
- log_printf ("\\0");
- else
- log_printf ("\\x%02x", *p );
- }
- else
- log_printf ("%c", *p);
- }
-}
-
-
-void
-gcry_sexp_dump (const gcry_sexp_t a)
-{
- const byte *p;
- int indent = 0;
- int type;
-
- if (!a)
- {
- log_printf ( "[nil]\n");
- return;
- }
-
- p = a->d;
- while ( (type = *p) != ST_STOP )
- {
- p++;
- switch ( type )
- {
- case ST_OPEN:
- log_printf ("%*s[open]\n", 2*indent, "");
- indent++;
- break;
- case ST_CLOSE:
- if( indent )
- indent--;
- log_printf ("%*s[close]\n", 2*indent, "");
- break;
- case ST_DATA: {
- DATALEN n;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- log_printf ("%*s[data=\"", 2*indent, "" );
- dump_string (p, n, '\"' );
- log_printf ("\"]\n");
- p += n;
- }
- break;
- default:
- log_printf ("%*s[unknown tag %d]\n", 2*indent, "", type);
- break;
- }
- }
-}
-
-/****************
- * Pass list through except when it is an empty list - in that case
- * return NULL and release the passed list.
- */
-static gcry_sexp_t
-normalize ( gcry_sexp_t list )
-{
- unsigned char *p;
-
- if ( !list )
- return NULL;
- p = list->d;
- if ( *p == ST_STOP )
- {
- /* this is "" */
- gcry_sexp_release ( list );
- return NULL;
- }
- if ( *p == ST_OPEN && p[1] == ST_CLOSE )
- {
- /* this is "()" */
- gcry_sexp_release ( list );
- return NULL;
- }
-
- return list;
-}
-
-/* Create a new S-expression object by reading LENGTH bytes from
- BUFFER, assuming it is canonical encoded or autodetected encoding
- when AUTODETECT is set to 1. With FREEFNC not NULL, ownership of
- the buffer is transferred to the newly created object. FREEFNC
- should be the freefnc used to release BUFFER; there is no guarantee
- at which point this function is called; most likey you want to use
- free() or gcry_free().
-
- Passing LENGTH and AUTODETECT as 0 is allowed to indicate that
- BUFFER points to a valid canonical encoded S-expression. A LENGTH
- of 0 and AUTODETECT 1 indicates that buffer points to a
- null-terminated string.
-
- This function returns 0 and and the pointer to the new object in
- RETSEXP or an error code in which case RETSEXP is set to NULL. */
-gcry_error_t
-gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length,
- int autodetect, void (*freefnc)(void*) )
-{
- gcry_error_t errcode;
- gcry_sexp_t se;
-
- if (!retsexp)
- return gcry_error (GPG_ERR_INV_ARG);
- *retsexp = NULL;
- if (autodetect < 0 || autodetect > 1 || !buffer)
- return gcry_error (GPG_ERR_INV_ARG);
-
- if (!length && !autodetect)
- { /* What a brave caller to assume that there is really a canonical
- encoded S-expression in buffer */
- length = gcry_sexp_canon_len (buffer, 0, NULL, &errcode);
- if (!length)
- return errcode;
- }
- else if (!length && autodetect)
- { /* buffer is a string */
- length = strlen ((char *)buffer);
- }
-
- errcode = sexp_sscan (&se, NULL, buffer, length, 0, NULL);
- if (errcode)
- return errcode;
-
- *retsexp = se;
- if (freefnc)
- {
- /* For now we release the buffer immediately. As soon as we
- have changed the internal represenation of S-expression to
- the canoncial format - which has the advantage of faster
- parsing - we will use this function as a closure in our
- GCRYSEXP object and use the BUFFER directly. */
- freefnc (buffer);
- }
- return gcry_error (GPG_ERR_NO_ERROR);
-}
-
-/* Same as gcry_sexp_create but don't transfer ownership */
-gcry_error_t
-gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length,
- int autodetect)
-{
- return gcry_sexp_create (retsexp, (void *)buffer, length, autodetect, NULL);
-}
-
-
-/****************
- * Release resource of the given SEXP object.
- */
-void
-gcry_sexp_release( gcry_sexp_t sexp )
-{
- if (sexp)
- {
- if (gcry_is_secure (sexp))
- {
- /* Extra paranoid wiping. */
- const byte *p = sexp->d;
- int type;
-
- while ( (type = *p) != ST_STOP )
- {
- p++;
- switch ( type )
- {
- case ST_OPEN:
- break;
- case ST_CLOSE:
- break;
- case ST_DATA:
- {
- DATALEN n;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- p += n;
- }
- break;
- default:
- break;
- }
- }
- wipememory (sexp->d, p - sexp->d);
- }
- gcry_free ( sexp );
- }
-}
-
-
-/****************
- * Make a pair from lists a and b, don't use a or b later on.
- * Special behaviour: If one is a single element list we put the
- * element straight into the new pair.
- */
-gcry_sexp_t
-gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b )
-{
- (void)a;
- (void)b;
-
- /* NYI: Implementation should be quite easy with our new data
- representation */
- BUG ();
- return NULL;
-}
-
-
-/****************
- * Make a list from all items in the array the end of the array is marked
- * with a NULL.
- */
-gcry_sexp_t
-gcry_sexp_alist( const gcry_sexp_t *array )
-{
- (void)array;
-
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-/****************
- * Make a list from all items, the end of list is indicated by a NULL
- */
-gcry_sexp_t
-gcry_sexp_vlist( const gcry_sexp_t a, ... )
-{
- (void)a;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-
-/****************
- * Append n to the list a
- * Returns: a new ist (which maybe a)
- */
-gcry_sexp_t
-gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n )
-{
- (void)a;
- (void)n;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-gcry_sexp_t
-gcry_sexp_prepend( const gcry_sexp_t a, const gcry_sexp_t n )
-{
- (void)a;
- (void)n;
- /* NYI: Implementation should be quite easy with our new data
- representation. */
- BUG ();
- return NULL;
-}
-
-
-
-/****************
- * Locate token in a list. The token must be the car of a sublist.
- * Returns: A new list with this sublist or NULL if not found.
- */
-gcry_sexp_t
-gcry_sexp_find_token( const gcry_sexp_t list, const char *tok, size_t toklen )
-{
- const byte *p;
- DATALEN n;
-
- if ( !list )
- return NULL;
-
- if ( !toklen )
- toklen = strlen(tok);
-
- p = list->d;
- while ( *p != ST_STOP )
- {
- if ( *p == ST_OPEN && p[1] == ST_DATA )
- {
- const byte *head = p;
-
- p += 2;
- memcpy ( &n, p, sizeof n );
- p += sizeof n;
- if ( n == toklen && !memcmp( p, tok, toklen ) )
- { /* found it */
- gcry_sexp_t newlist;
- byte *d;
- int level = 1;
-
- /* Look for the end of the list. */
- for ( p += n; level; p++ )
- {
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--; /* Compensate for later increment. */
- }
- else if ( *p == ST_OPEN )
- {
- level++;
- }
- else if ( *p == ST_CLOSE )
- {
- level--;
- }
- else if ( *p == ST_STOP )
- {
- BUG ();
- }
- }
- n = p - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n );
- if (!newlist)
- {
- /* No way to return an error code, so we can only
- return Not Found. */
- return NULL;
- }
- d = newlist->d;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_STOP;
- return normalize ( newlist );
- }
- p += n;
- }
- else if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n ); p += sizeof n;
- p += n;
- }
- else
- p++;
- }
- return NULL;
-}
-
-/****************
- * Return the length of the given list
- */
-int
-gcry_sexp_length( const gcry_sexp_t list )
-{
- const byte *p;
- DATALEN n;
- int type;
- int length = 0;
- int level = 0;
-
- if ( !list )
- return 0;
-
- p = list->d;
- while ( (type=*p) != ST_STOP ) {
- p++;
- if ( type == ST_DATA ) {
- memcpy ( &n, p, sizeof n );
- p += sizeof n + n;
- if ( level == 1 )
- length++;
- }
- else if ( type == ST_OPEN ) {
- if ( level == 1 )
- length++;
- level++;
- }
- else if ( type == ST_CLOSE ) {
- level--;
- }
- }
- return length;
-}
-
-
-/* Return the internal lengths offset of LIST. That is the size of
- the buffer from the first ST_OPEN, which is retruned at R_OFF, to
- the corresponding ST_CLOSE inclusive. */
-static size_t
-get_internal_buffer (const gcry_sexp_t list, size_t *r_off)
-{
- const unsigned char *p;
- DATALEN n;
- int type;
- int level = 0;
-
- *r_off = 0;
- if (list)
- {
- p = list->d;
- while ( (type=*p) != ST_STOP )
- {
- p++;
- if (type == ST_DATA)
- {
- memcpy (&n, p, sizeof n);
- p += sizeof n + n;
- }
- else if (type == ST_OPEN)
- {
- if (!level)
- *r_off = (p-1) - list->d;
- level++;
- }
- else if ( type == ST_CLOSE )
- {
- level--;
- if (!level)
- return p - list->d;
- }
- }
- }
- return 0; /* Not a proper list. */
-}
-
-
-
-/* Extract the CAR of the given list. May return NULL for bad lists
- or memory failure. */
-gcry_sexp_t
-gcry_sexp_nth( const gcry_sexp_t list, int number )
-{
- const byte *p;
- DATALEN n;
- gcry_sexp_t newlist;
- byte *d;
- int level = 0;
-
- if ( !list || list->d[0] != ST_OPEN )
- return NULL;
- p = list->d;
-
- while ( number > 0 ) {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- }
- p++;
-
- if ( *p == ST_DATA ) {
- memcpy ( &n, p, sizeof n ); p += sizeof n;
- newlist = gcry_malloc ( sizeof *newlist + n + 1 );
- if (!newlist)
- return NULL;
- d = newlist->d;
- memcpy ( d, p, n ); d += n;
- *d++ = ST_STOP;
- }
- else if ( *p == ST_OPEN ) {
- const byte *head = p;
-
- level = 1;
- do {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- }
- else if ( *p == ST_STOP ) {
- BUG ();
- }
- } while ( level );
- n = p + 1 - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n );
- if (!newlist)
- return NULL;
- d = newlist->d;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_STOP;
- }
- else
- newlist = NULL;
-
- return normalize (newlist);
-}
-
-gcry_sexp_t
-gcry_sexp_car( const gcry_sexp_t list )
-{
- return gcry_sexp_nth ( list, 0 );
-}
-
-
-/* Helper to get data from the car. The returned value is valid as
- long as the list is not modified. */
-static const char *
-sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen)
-{
- const byte *p;
- DATALEN n;
- int level = 0;
-
- *datalen = 0;
- if ( !list )
- return NULL;
-
- p = list->d;
- if ( *p == ST_OPEN )
- p++; /* Yep, a list. */
- else if (number)
- return NULL; /* Not a list but N > 0 requested. */
-
- /* Skip over N elements. */
- while ( number > 0 )
- {
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_OPEN )
- {
- level++;
- }
- else if ( *p == ST_CLOSE )
- {
- level--;
- if ( !level )
- number--;
- }
- else if ( *p == ST_STOP )
- {
- return NULL;
- }
- p++;
- }
-
- /* If this is data, return it. */
- if ( *p == ST_DATA )
- {
- memcpy ( &n, ++p, sizeof n );
- *datalen = n;
- return (const char*)p + sizeof n;
- }
-
- return NULL;
-}
-
-
-/* Get data from the car. The returned value is valid as long as the
- list is not modified. */
-const char *
-gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen )
-{
- return sexp_nth_data (list, number, datalen);
-}
-
-
-/* Get a string from the car. The returned value is a malloced string
- and needs to be freed by the caller. */
-char *
-gcry_sexp_nth_string (const gcry_sexp_t list, int number)
-{
- const char *s;
- size_t n;
- char *buf;
-
- s = sexp_nth_data (list, number, &n);
- if (!s || n < 1 || (n+1) < 1)
- return NULL;
- buf = gcry_malloc (n+1);
- if (!buf)
- return NULL;
- memcpy (buf, s, n);
- buf[n] = 0;
- return buf;
-}
-
-/*
- * Get a MPI from the car
- */
-gcry_mpi_t
-gcry_sexp_nth_mpi( gcry_sexp_t list, int number, int mpifmt )
-{
- const char *s;
- size_t n;
- gcry_mpi_t a;
-
- if ( !mpifmt )
- mpifmt = GCRYMPI_FMT_STD;
-
- s = sexp_nth_data (list, number, &n);
- if (!s)
- return NULL;
-
- if ( gcry_mpi_scan ( &a, mpifmt, s, n, NULL ) )
- return NULL;
-
- return a;
-}
-
-
-/****************
- * Get the CDR
- */
-gcry_sexp_t
-gcry_sexp_cdr( const gcry_sexp_t list )
-{
- const byte *p;
- const byte *head;
- DATALEN n;
- gcry_sexp_t newlist;
- byte *d;
- int level = 0;
- int skip = 1;
-
- if ( !list || list->d[0] != ST_OPEN )
- return NULL;
- p = list->d;
-
- while ( skip > 0 ) {
- p++;
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- if ( !level )
- skip--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- if ( !level )
- skip--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- }
- p++;
-
- head = p;
- level = 0;
- do {
- if ( *p == ST_DATA ) {
- memcpy ( &n, ++p, sizeof n );
- p += sizeof n + n;
- p--;
- }
- else if ( *p == ST_OPEN ) {
- level++;
- }
- else if ( *p == ST_CLOSE ) {
- level--;
- }
- else if ( *p == ST_STOP ) {
- return NULL;
- }
- p++;
- } while ( level );
- n = p - head;
-
- newlist = gcry_malloc ( sizeof *newlist + n + 2 );
- if (!newlist)
- return NULL;
- d = newlist->d;
- *d++ = ST_OPEN;
- memcpy ( d, head, n ); d += n;
- *d++ = ST_CLOSE;
- *d++ = ST_STOP;
-
- return normalize (newlist);
-}
-
-gcry_sexp_t
-gcry_sexp_cadr ( const gcry_sexp_t list )
-{
- gcry_sexp_t a, b;
-
- a = gcry_sexp_cdr ( list );
- b = gcry_sexp_car ( a );
- gcry_sexp_release ( a );
- return b;
-}
-
-
-
-static int
-hextobyte( const byte *s )
-{
- int c=0;
-
- if( *s >= '0' && *s <= '9' )
- c = 16 * (*s - '0');
- else if( *s >= 'A' && *s <= 'F' )
- c = 16 * (10 + *s - 'A');
- else if( *s >= 'a' && *s <= 'f' ) {
- c = 16 * (10 + *s - 'a');
- }
- s++;
- if( *s >= '0' && *s <= '9' )
- c += *s - '0';
- else if( *s >= 'A' && *s <= 'F' )
- c += 10 + *s - 'A';
- else if( *s >= 'a' && *s <= 'f' ) {
- c += 10 + *s - 'a';
- }
- return c;
-}
-
-struct make_space_ctx {
- gcry_sexp_t sexp;
- size_t allocated;
- byte *pos;
-};
-
-static gpg_err_code_t
-make_space ( struct make_space_ctx *c, size_t n )
-{
- size_t used = c->pos - c->sexp->d;
-
- if ( used + n + sizeof(DATALEN) + 1 >= c->allocated )
- {
- gcry_sexp_t newsexp;
- byte *newhead;
- size_t newsize;
-
- newsize = c->allocated + 2*(n+sizeof(DATALEN)+1);
- if (newsize <= c->allocated)
- return GPG_ERR_TOO_LARGE;
- newsexp = gcry_realloc ( c->sexp, sizeof *newsexp + newsize - 1);
- if (!newsexp)
- return gpg_err_code_from_errno (errno);
- c->allocated = newsize;
- newhead = newsexp->d;
- c->pos = newhead + used;
- c->sexp = newsexp;
- }
- return 0;
-}
-
-
-/* Unquote STRING of LENGTH and store it into BUF. The surrounding
- quotes are must already be removed from STRING. We assume that the
- quoted string is syntacillay correct. */
-static size_t
-unquote_string (const char *string, size_t length, unsigned char *buf)
-{
- int esc = 0;
- const unsigned char *s = (const unsigned char*)string;
- unsigned char *d = buf;
- size_t n = length;
-
- for (; n; n--, s++)
- {
- if (esc)
- {
- switch (*s)
- {
- case 'b': *d++ = '\b'; break;
- case 't': *d++ = '\t'; break;
- case 'v': *d++ = '\v'; break;
- case 'n': *d++ = '\n'; break;
- case 'f': *d++ = '\f'; break;
- case 'r': *d++ = '\r'; break;
- case '"': *d++ = '\"'; break;
- case '\'': *d++ = '\''; break;
- case '\\': *d++ = '\\'; break;
-
- case '\r': /* ignore CR[,LF] */
- if (n>1 && s[1] == '\n')
- {
- s++; n--;
- }
- break;
-
- case '\n': /* ignore LF[,CR] */
- if (n>1 && s[1] == '\r')
- {
- s++; n--;
- }
- break;
-
- case 'x': /* hex value */
- if (n>2 && hexdigitp (s+1) && hexdigitp (s+2))
- {
- s++; n--;
- *d++ = xtoi_2 (s);
- s++; n--;
- }
- break;
-
- default:
- if (n>2 && octdigitp (s) && octdigitp (s+1) && octdigitp (s+2))
- {
- *d++ = (atoi_1 (s)*64) + (atoi_1 (s+1)*8) + atoi_1 (s+2);
- s += 2;
- n -= 2;
- }
- break;
- }
- esc = 0;
- }
- else if( *s == '\\' )
- esc = 1;
- else
- *d++ = *s;
- }
-
- return d - buf;
-}
-
-/****************
- * Scan the provided buffer and return the S expression in our internal
- * format. Returns a newly allocated expression. If erroff is not NULL and
- * a parsing error has occurred, the offset into buffer will be returned.
- * If ARGFLAG is true, the function supports some printf like
- * expressions.
- * These are:
- * %m - MPI
- * %s - string (no autoswitch to secure allocation)
- * %d - integer stored as string (no autoswitch to secure allocation)
- * %b - memory buffer; this takes _two_ arguments: an integer with the
- * length of the buffer and a pointer to the buffer.
- * %S - Copy an gcry_sexp_t here. The S-expression needs to be a
- * regular one, starting with a parenthesis.
- * (no autoswitch to secure allocation)
- * all other format elements are currently not defined and return an error.
- * this includes the "%%" sequence becauce the percent sign is not an
- * allowed character.
- * FIXME: We should find a way to store the secure-MPIs not in the string
- * but as reference to somewhere - this can help us to save huge amounts
- * of secure memory. The problem is, that if only one element is secure, all
- * other elements are automagicaly copied to secure memory too, so the most
- * common operation gcry_sexp_cdr_mpi() will always return a secure MPI
- * regardless whether it is needed or not.
- */
-static gcry_error_t
-vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- void **arg_list, va_list arg_ptr)
-{
- gcry_err_code_t err = 0;
- static const char tokenchars[] =
- "abcdefghijklmnopqrstuvwxyz"
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "0123456789-./_:*+=";
- const char *p;
- size_t n;
- const char *digptr = NULL;
- const char *quoted = NULL;
- const char *tokenp = NULL;
- const char *hexfmt = NULL;
- const char *base64 = NULL;
- const char *disphint = NULL;
- const char *percent = NULL;
- int hexcount = 0;
- int quoted_esc = 0;
- int datalen = 0;
- size_t dummy_erroff;
- struct make_space_ctx c;
- int arg_counter = 0;
- int level = 0;
-
- if (!erroff)
- erroff = &dummy_erroff;
-
- /* Depending on whether ARG_LIST is non-zero or not, this macro gives
- us the next argument, either from the variable argument list as
- specified by ARG_PTR or from the argument array ARG_LIST. */
-#define ARG_NEXT(storage, type) \
- do \
- { \
- if (!arg_list) \
- storage = va_arg (arg_ptr, type); \
- else \
- storage = *((type *) (arg_list[arg_counter++])); \
- } \
- while (0)
-
- /* The MAKE_SPACE macro is used before each store operation to
- ensure that the buffer is large enough. It requires a global
- context named C and jumps out to the label LEAVE on error! It
- also sets ERROFF using the variables BUFFER and P. */
-#define MAKE_SPACE(n) do { \
- gpg_err_code_t _ms_err = make_space (&c, (n)); \
- if (_ms_err) \
- { \
- err = _ms_err; \
- *erroff = p - buffer; \
- goto leave; \
- } \
- } while (0)
-
- /* The STORE_LEN macro is used to store the length N at buffer P. */
-#define STORE_LEN(p,n) do { \
- DATALEN ashort = (n); \
- memcpy ( (p), &ashort, sizeof(ashort) ); \
- (p) += sizeof (ashort); \
- } while (0)
-
- /* We assume that the internal representation takes less memory than
- the provided one. However, we add space for one extra datalen so
- that the code which does the ST_CLOSE can use MAKE_SPACE */
- c.allocated = length + sizeof(DATALEN);
- if (buffer && length && gcry_is_secure (buffer))
- c.sexp = gcry_malloc_secure (sizeof *c.sexp + c.allocated - 1);
- else
- c.sexp = gcry_malloc (sizeof *c.sexp + c.allocated - 1);
- if (!c.sexp)
- {
- err = gpg_err_code_from_errno (errno);
- *erroff = 0;
- goto leave;
- }
- c.pos = c.sexp->d;
-
- for (p = buffer, n = length; n; p++, n--)
- {
- if (tokenp && !hexfmt)
- {
- if (strchr (tokenchars, *p))
- continue;
- else
- {
- datalen = p - tokenp;
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- memcpy (c.pos, tokenp, datalen);
- c.pos += datalen;
- tokenp = NULL;
- }
- }
-
- if (quoted)
- {
- if (quoted_esc)
- {
- switch (*p)
- {
- case 'b': case 't': case 'v': case 'n': case 'f':
- case 'r': case '"': case '\'': case '\\':
- quoted_esc = 0;
- break;
-
- case '0': case '1': case '2': case '3': case '4':
- case '5': case '6': case '7':
- if (!((n > 2)
- && (p[1] >= '0') && (p[1] <= '7')
- && (p[2] >= '0') && (p[2] <= '7')))
- {
- *erroff = p - buffer;
- /* Invalid octal value. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- p += 2;
- n -= 2;
- quoted_esc = 0;
- break;
-
- case 'x':
- if (!((n > 2) && hexdigitp (p+1) && hexdigitp (p+2)))
- {
- *erroff = p - buffer;
- /* Invalid hex value. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- p += 2;
- n -= 2;
- quoted_esc = 0;
- break;
-
- case '\r':
- /* ignore CR[,LF] */
- if (n && (p[1] == '\n'))
- {
- p++;
- n--;
- }
- quoted_esc = 0;
- break;
-
- case '\n':
- /* ignore LF[,CR] */
- if (n && (p[1] == '\r'))
- {
- p++;
- n--;
- }
- quoted_esc = 0;
- break;
-
- default:
- *erroff = p - buffer;
- /* Invalid quoted string escape. */
- err = GPG_ERR_SEXP_BAD_QUOTATION;
- goto leave;
- }
- }
- else if (*p == '\\')
- quoted_esc = 1;
- else if (*p == '\"')
- {
- /* Keep it easy - we know that the unquoted string will
- never be larger. */
- unsigned char *save;
- size_t len;
-
- quoted++; /* Skip leading quote. */
- MAKE_SPACE (p - quoted);
- *c.pos++ = ST_DATA;
- save = c.pos;
- STORE_LEN (c.pos, 0); /* Will be fixed up later. */
- len = unquote_string (quoted, p - quoted, c.pos);
- c.pos += len;
- STORE_LEN (save, len);
- quoted = NULL;
- }
- }
- else if (hexfmt)
- {
- if (isxdigit (*p))
- hexcount++;
- else if (*p == '#')
- {
- if ((hexcount & 1))
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_ODD_HEX_NUMBERS;
- goto leave;
- }
-
- datalen = hexcount / 2;
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- for (hexfmt++; hexfmt < p; hexfmt++)
- {
- if (whitespacep (hexfmt))
- continue;
- *c.pos++ = hextobyte ((const unsigned char*)hexfmt);
- hexfmt++;
- }
- hexfmt = NULL;
- }
- else if (!whitespacep (p))
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_BAD_HEX_CHAR;
- goto leave;
- }
- }
- else if (base64)
- {
- if (*p == '|')
- base64 = NULL;
- }
- else if (digptr)
- {
- if (digitp (p))
- ;
- else if (*p == ':')
- {
- datalen = atoi (digptr); /* FIXME: check for overflow. */
- digptr = NULL;
- if (datalen > n - 1)
- {
- *erroff = p - buffer;
- /* Buffer too short. */
- err = GPG_ERR_SEXP_STRING_TOO_LONG;
- goto leave;
- }
- /* Make a new list entry. */
- MAKE_SPACE (datalen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, datalen);
- memcpy (c.pos, p + 1, datalen);
- c.pos += datalen;
- n -= datalen;
- p += datalen;
- }
- else if (*p == '\"')
- {
- digptr = NULL; /* We ignore the optional length. */
- quoted = p;
- quoted_esc = 0;
- }
- else if (*p == '#')
- {
- digptr = NULL; /* We ignore the optional length. */
- hexfmt = p;
- hexcount = 0;
- }
- else if (*p == '|')
- {
- digptr = NULL; /* We ignore the optional length. */
- base64 = p;
- }
- else
- {
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_INV_LEN_SPEC;
- goto leave;
- }
- }
- else if (percent)
- {
- if (*p == 'm')
- {
- /* Insert an MPI. */
- gcry_mpi_t m;
- size_t nm = 0;
-
- ARG_NEXT (m, gcry_mpi_t);
-
- if (gcry_mpi_print (GCRYMPI_FMT_STD, NULL, 0, &nm, m))
- BUG ();
-
- MAKE_SPACE (nm);
- if (!gcry_is_secure (c.sexp->d)
- && gcry_mpi_get_flag ( m, GCRYMPI_FLAG_SECURE))
- {
- /* We have to switch to secure allocation. */
- gcry_sexp_t newsexp;
- byte *newhead;
-
- newsexp = gcry_malloc_secure (sizeof *newsexp
- + c.allocated - 1);
- if (!newsexp)
- {
- err = gpg_err_code_from_errno (errno);
- goto leave;
- }
- newhead = newsexp->d;
- memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
- c.pos = newhead + (c.pos - c.sexp->d);
- gcry_free (c.sexp);
- c.sexp = newsexp;
- }
-
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, nm);
- if (gcry_mpi_print (GCRYMPI_FMT_STD, c.pos, nm, &nm, m))
- BUG ();
- c.pos += nm;
- }
- else if (*p == 's')
- {
- /* Insert an string. */
- const char *astr;
- size_t alen;
-
- ARG_NEXT (astr, const char *);
- alen = strlen (astr);
-
- MAKE_SPACE (alen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, astr, alen);
- c.pos += alen;
- }
- else if (*p == 'b')
- {
- /* Insert a memory buffer. */
- const char *astr;
- int alen;
-
- ARG_NEXT (alen, int);
- ARG_NEXT (astr, const char *);
-
- MAKE_SPACE (alen);
- if (alen
- && !gcry_is_secure (c.sexp->d)
- && gcry_is_secure (astr))
- {
- /* We have to switch to secure allocation. */
- gcry_sexp_t newsexp;
- byte *newhead;
-
- newsexp = gcry_malloc_secure (sizeof *newsexp
- + c.allocated - 1);
- if (!newsexp)
- {
- err = gpg_err_code_from_errno (errno);
- goto leave;
- }
- newhead = newsexp->d;
- memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d));
- c.pos = newhead + (c.pos - c.sexp->d);
- gcry_free (c.sexp);
- c.sexp = newsexp;
- }
-
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, astr, alen);
- c.pos += alen;
- }
- else if (*p == 'd')
- {
- /* Insert an integer as string. */
- int aint;
- size_t alen;
- char buf[20];
-
- ARG_NEXT (aint, int);
- sprintf (buf, "%d", aint);
- alen = strlen (buf);
- MAKE_SPACE (alen);
- *c.pos++ = ST_DATA;
- STORE_LEN (c.pos, alen);
- memcpy (c.pos, buf, alen);
- c.pos += alen;
- }
- else if (*p == 'S')
- {
- /* Insert a gcry_sexp_t. */
- gcry_sexp_t asexp;
- size_t alen, aoff;
-
- ARG_NEXT (asexp, gcry_sexp_t);
- alen = get_internal_buffer (asexp, &aoff);
- if (alen)
- {
- MAKE_SPACE (alen);
- memcpy (c.pos, asexp->d + aoff, alen);
- c.pos += alen;
- }
- }
- else
- {
- *erroff = p - buffer;
- /* Invalid format specifier. */
- err = GPG_ERR_SEXP_INV_LEN_SPEC;
- goto leave;
- }
- percent = NULL;
- }
- else if (*p == '(')
- {
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_OPEN;
- level++;
- }
- else if (*p == ')')
- {
- /* Walk up. */
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_CLOSE;
- level--;
- }
- else if (*p == '\"')
- {
- quoted = p;
- quoted_esc = 0;
- }
- else if (*p == '#')
- {
- hexfmt = p;
- hexcount = 0;
- }
- else if (*p == '|')
- base64 = p;
- else if (*p == '[')
- {
- if (disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_NESTED_DH;
- goto leave;
- }
- disphint = p;
- }
- else if (*p == ']')
- {
- if (!disphint)
- {
- *erroff = p - buffer;
- /* Open display hint. */
- err = GPG_ERR_SEXP_UNMATCHED_DH;
- goto leave;
- }
- disphint = NULL;
- }
- else if (digitp (p))
- {
- if (*p == '0')
- {
- /* A length may not begin with zero. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_ZERO_PREFIX;
- goto leave;
- }
- digptr = p;
- }
- else if (strchr (tokenchars, *p))
- tokenp = p;
- else if (whitespacep (p))
- ;
- else if (*p == '{')
- {
- /* fixme: handle rescanning: we can do this by saving our
- current state and start over at p+1 -- Hmmm. At this
- point here we are in a well defined state, so we don't
- need to save it. Great. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
- goto leave;
- }
- else if (strchr ("&\\", *p))
- {
- /* Reserved punctuation. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_UNEXPECTED_PUNC;
- goto leave;
- }
- else if (argflag && (*p == '%'))
- percent = p;
- else
- {
- /* Bad or unavailable. */
- *erroff = p - buffer;
- err = GPG_ERR_SEXP_BAD_CHARACTER;
- goto leave;
- }
- }
- MAKE_SPACE (0);
- *c.pos++ = ST_STOP;
-
- if (level && !err)
- err = GPG_ERR_SEXP_UNMATCHED_PAREN;
-
- leave:
- if (err)
- {
- /* Error -> deallocate. */
- if (c.sexp)
- {
- /* Extra paranoid wipe on error. */
- if (gcry_is_secure (c.sexp))
- wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1);
- gcry_free (c.sexp);
- }
- /* This might be expected by existing code... */
- *retsexp = NULL;
- }
- else
- *retsexp = normalize (c.sexp);
-
- return gcry_error (err);
-#undef MAKE_SPACE
-#undef STORE_LEN
-}
-
-
-static gcry_error_t
-sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length, int argflag,
- void **arg_list, ...)
-{
- gcry_error_t rc;
- va_list arg_ptr;
-
- va_start (arg_ptr, arg_list);
- rc = vsexp_sscan (retsexp, erroff, buffer, length, argflag,
- arg_list, arg_ptr);
- va_end (arg_ptr);
-
- return rc;
-}
-
-
-gcry_error_t
-gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, const char *format, ...)
-{
- gcry_error_t rc;
- va_list arg_ptr;
-
- va_start (arg_ptr, format);
- rc = vsexp_sscan (retsexp, erroff, format, strlen(format), 1,
- NULL, arg_ptr);
- va_end (arg_ptr);
-
- return rc;
-}
-
-
-gcry_error_t
-_gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, va_list arg_ptr)
-{
- return vsexp_sscan (retsexp, erroff, format, strlen(format), 1,
- NULL, arg_ptr);
-}
-
-
-/* Like gcry_sexp_build, but uses an array instead of variable
- function arguments. */
-gcry_error_t
-gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
- const char *format, void **arg_list)
-{
- return sexp_sscan (retsexp, erroff, format, strlen(format), 1, arg_list);
-}
-
-
-gcry_error_t
-gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
- const char *buffer, size_t length)
-{
- return sexp_sscan (retsexp, erroff, buffer, length, 0, NULL);
-}
-
-
-/* Figure out a suitable encoding for BUFFER of LENGTH.
- Returns: 0 = Binary
- 1 = String possible
- 2 = Token possible
-*/
-static int
-suitable_encoding (const unsigned char *buffer, size_t length)
-{
- const unsigned char *s;
- int maybe_token = 1;
-
- if (!length)
- return 1;
-
- for (s=buffer; length; s++, length--)
- {
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0))
- && !strchr ("\b\t\v\n\f\r\"\'\\", *s))
- return 0; /*binary*/
- if ( maybe_token
- && !alphap (s) && !digitp (s) && !strchr (TOKEN_SPECIALS, *s))
- maybe_token = 0;
- }
- s = buffer;
- if ( maybe_token && !digitp (s) )
- return 2;
- return 1;
-}
-
-
-static int
-convert_to_hex (const unsigned char *src, size_t len, char *dest)
-{
- int i;
-
- if (dest)
- {
- *dest++ = '#';
- for (i=0; i < len; i++, dest += 2 )
- sprintf (dest, "%02X", src[i]);
- *dest++ = '#';
- }
- return len*2+2;
-}
-
-static int
-convert_to_string (const unsigned char *s, size_t len, char *dest)
-{
- if (dest)
- {
- char *p = dest;
- *p++ = '\"';
- for (; len; len--, s++ )
- {
- switch (*s)
- {
- case '\b': *p++ = '\\'; *p++ = 'b'; break;
- case '\t': *p++ = '\\'; *p++ = 't'; break;
- case '\v': *p++ = '\\'; *p++ = 'v'; break;
- case '\n': *p++ = '\\'; *p++ = 'n'; break;
- case '\f': *p++ = '\\'; *p++ = 'f'; break;
- case '\r': *p++ = '\\'; *p++ = 'r'; break;
- case '\"': *p++ = '\\'; *p++ = '\"'; break;
- case '\'': *p++ = '\\'; *p++ = '\''; break;
- case '\\': *p++ = '\\'; *p++ = '\\'; break;
- default:
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
- {
- sprintf (p, "\\x%02x", *s);
- p += 4;
- }
- else
- *p++ = *s;
- }
- }
- *p++ = '\"';
- return p - dest;
- }
- else
- {
- int count = 2;
- for (; len; len--, s++ )
- {
- switch (*s)
- {
- case '\b':
- case '\t':
- case '\v':
- case '\n':
- case '\f':
- case '\r':
- case '\"':
- case '\'':
- case '\\': count += 2; break;
- default:
- if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)))
- count += 4;
- else
- count++;
- }
- }
- return count;
- }
-}
-
-
-
-static int
-convert_to_token (const unsigned char *src, size_t len, char *dest)
-{
- if (dest)
- memcpy (dest, src, len);
- return len;
-}
-
-
-/****************
- * Print SEXP to buffer using the MODE. Returns the length of the
- * SEXP in buffer or 0 if the buffer is too short (We have at least an
- * empty list consisting of 2 bytes). If a buffer of NULL is provided,
- * the required length is returned.
- */
-size_t
-gcry_sexp_sprint (const gcry_sexp_t list, int mode,
- void *buffer, size_t maxlength )
-{
- static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP };
- const unsigned char *s;
- char *d;
- DATALEN n;
- char numbuf[20];
- size_t len = 0;
- int i, indent = 0;
-
- s = list? list->d : empty;
- d = buffer;
- while ( *s != ST_STOP )
- {
- switch ( *s )
- {
- case ST_OPEN:
- s++;
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- if (indent)
- len++;
- len += indent;
- }
- len++;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- if (indent)
- *d++ = '\n';
- for (i=0; i < indent; i++)
- *d++ = ' ';
- }
- *d++ = '(';
- }
- indent++;
- break;
- case ST_CLOSE:
- s++;
- len++;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- *d++ = ')';
- }
- indent--;
- if (*s != ST_OPEN && *s != ST_STOP && mode != GCRYSEXP_FMT_CANON)
- {
- len++;
- len += indent;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- *d++ = '\n';
- for (i=0; i < indent; i++)
- *d++ = ' ';
- }
- }
- break;
- case ST_DATA:
- s++;
- memcpy ( &n, s, sizeof n ); s += sizeof n;
- if (mode == GCRYSEXP_FMT_ADVANCED)
- {
- int type;
- size_t nn;
-
- switch ( (type=suitable_encoding (s, n)))
- {
- case 1: nn = convert_to_string (s, n, NULL); break;
- case 2: nn = convert_to_token (s, n, NULL); break;
- default: nn = convert_to_hex (s, n, NULL); break;
- }
- len += nn;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- switch (type)
- {
- case 1: convert_to_string (s, n, d); break;
- case 2: convert_to_token (s, n, d); break;
- default: convert_to_hex (s, n, d); break;
- }
- d += nn;
- }
- if (s[n] != ST_CLOSE)
- {
- len++;
- if (buffer)
- {
- if (len >= maxlength)
- return 0;
- *d++ = ' ';
- }
- }
- }
- else
- {
- sprintf (numbuf, "%u:", (unsigned int)n );
- len += strlen (numbuf) + n;
- if ( buffer )
- {
- if ( len >= maxlength )
- return 0;
- d = stpcpy ( d, numbuf );
- memcpy ( d, s, n ); d += n;
- }
- }
- s += n;
- break;
- default:
- BUG ();
- }
- }
- if ( mode != GCRYSEXP_FMT_CANON )
- {
- len++;
- if (buffer)
- {
- if ( len >= maxlength )
- return 0;
- *d++ = '\n';
- }
- }
- if (buffer)
- {
- if ( len >= maxlength )
- return 0;
- *d++ = 0; /* for convenience we make a C string */
- }
- else
- len++; /* we need one byte more for this */
-
- return len;
-}
-
-
-/* Scan a canonical encoded buffer with implicit length values and
- return the actual length this S-expression uses. For a valid S-Exp
- it should never return 0. If LENGTH is not zero, the maximum
- length to scan is given - this can be used for syntax checks of
- data passed from outside. errorcode and erroff may both be passed as
- NULL. */
-size_t
-gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
- size_t *erroff, gcry_error_t *errcode)
-{
- const unsigned char *p;
- const unsigned char *disphint = NULL;
- unsigned int datalen = 0;
- size_t dummy_erroff;
- gcry_error_t dummy_errcode;
- size_t count = 0;
- int level = 0;
-
- if (!erroff)
- erroff = &dummy_erroff;
- if (!errcode)
- errcode = &dummy_errcode;
-
- *errcode = gcry_error (GPG_ERR_NO_ERROR);
- *erroff = 0;
- if (!buffer)
- return 0;
- if (*buffer != '(')
- {
- *errcode = gcry_error (GPG_ERR_SEXP_NOT_CANONICAL);
- return 0;
- }
-
- for (p=buffer; ; p++, count++ )
- {
- if (length && count >= length)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
- return 0;
- }
-
- if (datalen)
- {
- if (*p == ':')
- {
- if (length && (count+datalen) >= length)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_STRING_TOO_LONG);
- return 0;
- }
- count += datalen;
- p += datalen;
- datalen = 0;
- }
- else if (digitp(p))
- datalen = datalen*10 + atoi_1(p);
- else
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_INV_LEN_SPEC);
- return 0;
- }
- }
- else if (*p == '(')
- {
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- level++;
- }
- else if (*p == ')')
- { /* walk up */
- if (!level)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_PAREN);
- return 0;
- }
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- if (!--level)
- return ++count; /* ready */
- }
- else if (*p == '[')
- {
- if (disphint)
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_NESTED_DH);
- return 0;
- }
- disphint = p;
- }
- else if (*p == ']')
- {
- if ( !disphint )
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNMATCHED_DH);
- return 0;
- }
- disphint = NULL;
- }
- else if (digitp (p) )
- {
- if (*p == '0')
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_ZERO_PREFIX);
- return 0;
- }
- datalen = atoi_1 (p);
- }
- else if (*p == '&' || *p == '\\')
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_UNEXPECTED_PUNC);
- return 0;
- }
- else
- {
- *erroff = count;
- *errcode = gcry_error (GPG_ERR_SEXP_BAD_CHARACTER);
- return 0;
- }
- }
-}
+/* sexp.c - S-Expression handling + * Copyright (C) 1999, 2000, 2001, 2002, 2003, + * 2004, 2006, 2007, 2008, 2011 Free Software Foundation, Inc. + * Copyright (C) 2013, 2014 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +#include <config.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <ctype.h> +#include <errno.h> + +#define GCRYPT_NO_MPI_MACROS 1 +#include "g10lib.h" + + +/* Notes on the internal memory layout. + + We store an S-expression as one memory buffer with tags, length and + value. The simplest list would thus be: + + /----------+----------+---------+------+-----------+----------\ + | open_tag | data_tag | datalen | data | close_tag | stop_tag | + \----------+----------+---------+------+-----------+----------/ + + Expressed more compact and with an example: + + /----+----+----+---+----+----\ + | OT | DT | DL | D | CT | ST | "(foo)" + \----+----+----+---+----+----/ + + The open tag must always be the first tag of a list as requires by + the S-expression specs. At least data element (data_tag, datalen, + data) is required as well. The close_tag finishes the list and + would actually be sufficient. For fail-safe reasons a final stop + tag is always the last byte in a buffer; it has a value of 0 so + that string function accidently applied to an S-expression will + never access unallocated data. We do not support display hints and + thus don't need to represent them. A list may have more an + arbitrary number of data elements but at least one is required. + The length of each data must be greater than 0 and has a current + limit to 65535 bytes (by means of the DATALEN type). + + A list with two data elements: + + /----+----+----+---+----+----+---+----+----\ + | OT | DT | DL | D | DT | DL | D | CT | ST | "(foo bar)" + \----+----+----+---+----+----+---+----+----/ + + In the above example both DL fields have a value of 3. + A list of a list with one data element: + + /----+----+----+----+---+----+----+----\ + | OT | OT | DT | DL | D | CT | CT | ST | "((foo))" + \----+----+----+----+---+----+----+----/ + + A list with one element followed by another list: + + /----+----+----+---+----+----+----+---+----+----+----\ + | OT | DT | DL | D | OT | DT | DL | D | CT | CT | ST | "(foo (bar))" + \----+----+----+---+----+----+----+---+----+----+----/ + + */ + +typedef unsigned short DATALEN; + +struct gcry_sexp +{ + byte d[1]; +}; + +#define ST_STOP 0 +#define ST_DATA 1 /* datalen follows */ +/*#define ST_HINT 2 datalen follows (currently not used) */ +#define ST_OPEN 3 +#define ST_CLOSE 4 + +/* The atoi macros assume that the buffer has only valid digits. */ +#define atoi_1(p) (*(p) - '0' ) +#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ + *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) +#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) + +#define TOKEN_SPECIALS "-./_:*+=" + +static gcry_err_code_t +do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length, int argflag, + void **arg_list, va_list arg_ptr); + +static gcry_err_code_t +do_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length, int argflag, + void **arg_list, ...); + +/* Return true if P points to a byte containing a whitespace according + to the S-expressions definition. */ +#undef whitespacep +static GPG_ERR_INLINE int +whitespacep (const char *p) +{ + switch (*p) + { + case ' ': case '\t': case '\v': case '\f': case '\r': case '\n': return 1; + default: return 0; + } +} + + +#if 0 +static void +dump_mpi( gcry_mpi_t a ) +{ + char buffer[1000]; + size_t n = 1000; + + if( !a ) + fputs("[no MPI]", stderr ); + else if( gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &n, a ) ) + fputs("[MPI too large to print]", stderr ); + else + fputs( buffer, stderr ); +} +#endif + +static void +dump_string (const byte *p, size_t n, int delim ) +{ + for (; n; n--, p++ ) + { + if ((*p & 0x80) || iscntrl( *p ) || *p == delim ) + { + if( *p == '\n' ) + log_printf ("\\n"); + else if( *p == '\r' ) + log_printf ("\\r"); + else if( *p == '\f' ) + log_printf ("\\f"); + else if( *p == '\v' ) + log_printf ("\\v"); + else if( *p == '\b' ) + log_printf ("\\b"); + else if( !*p ) + log_printf ("\\0"); + else + log_printf ("\\x%02x", *p ); + } + else + log_printf ("%c", *p); + } +} + + +void +_gcry_sexp_dump (const gcry_sexp_t a) +{ + const byte *p; + int indent = 0; + int type; + + if (!a) + { + log_printf ( "[nil]\n"); + return; + } + + p = a->d; + while ( (type = *p) != ST_STOP ) + { + p++; + switch ( type ) + { + case ST_OPEN: + log_printf ("%*s[open]\n", 2*indent, ""); + indent++; + break; + case ST_CLOSE: + if( indent ) + indent--; + log_printf ("%*s[close]\n", 2*indent, ""); + break; + case ST_DATA: { + DATALEN n; + memcpy ( &n, p, sizeof n ); + p += sizeof n; + log_printf ("%*s[data=\"", 2*indent, "" ); + dump_string (p, n, '\"' ); + log_printf ("\"]\n"); + p += n; + } + break; + default: + log_printf ("%*s[unknown tag %d]\n", 2*indent, "", type); + break; + } + } +} + + +/* Pass list through except when it is an empty list - in that case + * return NULL and release the passed list. This is used to make sure + * that no forbidden empty lists are created. + */ +static gcry_sexp_t +normalize ( gcry_sexp_t list ) +{ + unsigned char *p; + + if ( !list ) + return NULL; + p = list->d; + if ( *p == ST_STOP ) + { + /* this is "" */ + sexp_release ( list ); + return NULL; + } + if ( *p == ST_OPEN && p[1] == ST_CLOSE ) + { + /* this is "()" */ + sexp_release ( list ); + return NULL; + } + + return list; +} + +/* Create a new S-expression object by reading LENGTH bytes from + BUFFER, assuming it is canonical encoded or autodetected encoding + when AUTODETECT is set to 1. With FREEFNC not NULL, ownership of + the buffer is transferred to the newly created object. FREEFNC + should be the freefnc used to release BUFFER; there is no guarantee + at which point this function is called; most likey you want to use + free() or gcry_free(). + + Passing LENGTH and AUTODETECT as 0 is allowed to indicate that + BUFFER points to a valid canonical encoded S-expression. A LENGTH + of 0 and AUTODETECT 1 indicates that buffer points to a + null-terminated string. + + This function returns 0 and and the pointer to the new object in + RETSEXP or an error code in which case RETSEXP is set to NULL. */ +gcry_err_code_t +_gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length, + int autodetect, void (*freefnc)(void*) ) +{ + gcry_err_code_t errcode; + gcry_sexp_t se; + + if (!retsexp) + return GPG_ERR_INV_ARG; + *retsexp = NULL; + if (autodetect < 0 || autodetect > 1 || !buffer) + return GPG_ERR_INV_ARG; + + if (!length && !autodetect) + { /* What a brave caller to assume that there is really a canonical + encoded S-expression in buffer */ + length = _gcry_sexp_canon_len (buffer, 0, NULL, &errcode); + if (!length) + return errcode; + } + else if (!length && autodetect) + { /* buffer is a string */ + length = strlen ((char *)buffer); + } + + errcode = do_sexp_sscan (&se, NULL, buffer, length, 0, NULL); + if (errcode) + return errcode; + + *retsexp = se; + if (freefnc) + { + /* For now we release the buffer immediately. As soon as we + have changed the internal represenation of S-expression to + the canoncial format - which has the advantage of faster + parsing - we will use this function as a closure in our + GCRYSEXP object and use the BUFFER directly. */ + freefnc (buffer); + } + return 0; +} + +/* Same as gcry_sexp_create but don't transfer ownership */ +gcry_err_code_t +_gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length, + int autodetect) +{ + return _gcry_sexp_create (retsexp, (void *)buffer, length, autodetect, NULL); +} + + +/**************** + * Release resource of the given SEXP object. + */ +void +_gcry_sexp_release( gcry_sexp_t sexp ) +{ + if (sexp) + { + if (_gcry_is_secure (sexp)) + { + /* Extra paranoid wiping. */ + const byte *p = sexp->d; + int type; + + while ( (type = *p) != ST_STOP ) + { + p++; + switch ( type ) + { + case ST_OPEN: + break; + case ST_CLOSE: + break; + case ST_DATA: + { + DATALEN n; + memcpy ( &n, p, sizeof n ); + p += sizeof n; + p += n; + } + break; + default: + break; + } + } + wipememory (sexp->d, p - sexp->d); + } + xfree ( sexp ); + } +} + + +/**************** + * Make a pair from lists a and b, don't use a or b later on. + * Special behaviour: If one is a single element list we put the + * element straight into the new pair. + */ +gcry_sexp_t +_gcry_sexp_cons( const gcry_sexp_t a, const gcry_sexp_t b ) +{ + (void)a; + (void)b; + + /* NYI: Implementation should be quite easy with our new data + representation */ + BUG (); + return NULL; +} + + +/**************** + * Make a list from all items in the array the end of the array is marked + * with a NULL. + */ +gcry_sexp_t +_gcry_sexp_alist( const gcry_sexp_t *array ) +{ + (void)array; + + /* NYI: Implementation should be quite easy with our new data + representation. */ + BUG (); + return NULL; +} + +/**************** + * Make a list from all items, the end of list is indicated by a NULL + */ +gcry_sexp_t +_gcry_sexp_vlist( const gcry_sexp_t a, ... ) +{ + (void)a; + /* NYI: Implementation should be quite easy with our new data + representation. */ + BUG (); + return NULL; +} + + +/**************** + * Append n to the list a + * Returns: a new ist (which maybe a) + */ +gcry_sexp_t +_gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n ) +{ + (void)a; + (void)n; + /* NYI: Implementation should be quite easy with our new data + representation. */ + BUG (); + return NULL; +} + +gcry_sexp_t +_gcry_sexp_prepend( const gcry_sexp_t a, const gcry_sexp_t n ) +{ + (void)a; + (void)n; + /* NYI: Implementation should be quite easy with our new data + representation. */ + BUG (); + return NULL; +} + + + +/**************** + * Locate token in a list. The token must be the car of a sublist. + * Returns: A new list with this sublist or NULL if not found. + */ +gcry_sexp_t +_gcry_sexp_find_token( const gcry_sexp_t list, const char *tok, size_t toklen ) +{ + const byte *p; + DATALEN n; + + if ( !list ) + return NULL; + + if ( !toklen ) + toklen = strlen(tok); + + p = list->d; + while ( *p != ST_STOP ) + { + if ( *p == ST_OPEN && p[1] == ST_DATA ) + { + const byte *head = p; + + p += 2; + memcpy ( &n, p, sizeof n ); + p += sizeof n; + if ( n == toklen && !memcmp( p, tok, toklen ) ) + { /* found it */ + gcry_sexp_t newlist; + byte *d; + int level = 1; + + /* Look for the end of the list. */ + for ( p += n; level; p++ ) + { + if ( *p == ST_DATA ) + { + memcpy ( &n, ++p, sizeof n ); + p += sizeof n + n; + p--; /* Compensate for later increment. */ + } + else if ( *p == ST_OPEN ) + { + level++; + } + else if ( *p == ST_CLOSE ) + { + level--; + } + else if ( *p == ST_STOP ) + { + BUG (); + } + } + n = p - head; + + newlist = xtrymalloc ( sizeof *newlist + n ); + if (!newlist) + { + /* No way to return an error code, so we can only + return Not Found. */ + return NULL; + } + d = newlist->d; + memcpy ( d, head, n ); d += n; + *d++ = ST_STOP; + return normalize ( newlist ); + } + p += n; + } + else if ( *p == ST_DATA ) + { + memcpy ( &n, ++p, sizeof n ); p += sizeof n; + p += n; + } + else + p++; + } + return NULL; +} + +/**************** + * Return the length of the given list + */ +int +_gcry_sexp_length (const gcry_sexp_t list) +{ + const byte *p; + DATALEN n; + int type; + int length = 0; + int level = 0; + + if (!list) + return 0; + + p = list->d; + while ((type=*p) != ST_STOP) + { + p++; + if (type == ST_DATA) + { + memcpy (&n, p, sizeof n); + p += sizeof n + n; + if (level == 1) + length++; + } + else if (type == ST_OPEN) + { + if (level == 1) + length++; + level++; + } + else if (type == ST_CLOSE) + { + level--; + } + } + return length; +} + + +/* Return the internal lengths offset of LIST. That is the size of + the buffer from the first ST_OPEN, which is returned at R_OFF, to + the corresponding ST_CLOSE inclusive. */ +static size_t +get_internal_buffer (const gcry_sexp_t list, size_t *r_off) +{ + const unsigned char *p; + DATALEN n; + int type; + int level = 0; + + *r_off = 0; + if (list) + { + p = list->d; + while ( (type=*p) != ST_STOP ) + { + p++; + if (type == ST_DATA) + { + memcpy (&n, p, sizeof n); + p += sizeof n + n; + } + else if (type == ST_OPEN) + { + if (!level) + *r_off = (p-1) - list->d; + level++; + } + else if ( type == ST_CLOSE ) + { + level--; + if (!level) + return p - list->d; + } + } + } + return 0; /* Not a proper list. */ +} + + + +/* Extract the n-th element of the given LIST. Returns NULL for + no-such-element, a corrupt list, or memory failure. */ +gcry_sexp_t +_gcry_sexp_nth (const gcry_sexp_t list, int number) +{ + const byte *p; + DATALEN n; + gcry_sexp_t newlist; + byte *d; + int level = 0; + + if (!list || list->d[0] != ST_OPEN) + return NULL; + p = list->d; + + while (number > 0) + { + p++; + if (*p == ST_DATA) + { + memcpy (&n, ++p, sizeof n); + p += sizeof n + n; + p--; + if (!level) + number--; + } + else if (*p == ST_OPEN) + { + level++; + } + else if (*p == ST_CLOSE) + { + level--; + if ( !level ) + number--; + } + else if (*p == ST_STOP) + { + return NULL; + } + } + p++; + + if (*p == ST_DATA) + { + memcpy (&n, p+1, sizeof n); + newlist = xtrymalloc (sizeof *newlist + 1 + 1 + sizeof n + n + 1); + if (!newlist) + return NULL; + d = newlist->d; + *d++ = ST_OPEN; + memcpy (d, p, 1 + sizeof n + n); + d += 1 + sizeof n + n; + *d++ = ST_CLOSE; + *d = ST_STOP; + } + else if (*p == ST_OPEN) + { + const byte *head = p; + + level = 1; + do { + p++; + if (*p == ST_DATA) + { + memcpy (&n, ++p, sizeof n); + p += sizeof n + n; + p--; + } + else if (*p == ST_OPEN) + { + level++; + } + else if (*p == ST_CLOSE) + { + level--; + } + else if (*p == ST_STOP) + { + BUG (); + } + } while (level); + n = p + 1 - head; + + newlist = xtrymalloc (sizeof *newlist + n); + if (!newlist) + return NULL; + d = newlist->d; + memcpy (d, head, n); + d += n; + *d++ = ST_STOP; + } + else + newlist = NULL; + + return normalize (newlist); +} + + +gcry_sexp_t +_gcry_sexp_car (const gcry_sexp_t list) +{ + return _gcry_sexp_nth (list, 0); +} + + +/* Helper to get data from the car. The returned value is valid as + long as the list is not modified. */ +static const char * +do_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen) +{ + const byte *p; + DATALEN n; + int level = 0; + + *datalen = 0; + if ( !list ) + return NULL; + + p = list->d; + if ( *p == ST_OPEN ) + p++; /* Yep, a list. */ + else if (number) + return NULL; /* Not a list but N > 0 requested. */ + + /* Skip over N elements. */ + while (number > 0) + { + if (*p == ST_DATA) + { + memcpy ( &n, ++p, sizeof n ); + p += sizeof n + n; + p--; + if ( !level ) + number--; + } + else if (*p == ST_OPEN) + { + level++; + } + else if (*p == ST_CLOSE) + { + level--; + if ( !level ) + number--; + } + else if (*p == ST_STOP) + { + return NULL; + } + p++; + } + + /* If this is data, return it. */ + if (*p == ST_DATA) + { + memcpy ( &n, ++p, sizeof n ); + *datalen = n; + return (const char*)p + sizeof n; + } + + return NULL; +} + + +/* Get data from the car. The returned value is valid as long as the + list is not modified. */ +const char * +_gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen ) +{ + return do_sexp_nth_data (list, number, datalen); +} + + +/* Get the nth element of a list which needs to be a simple object. + The returned value is a malloced buffer and needs to be freed by + the caller. This is basically the same as gcry_sexp_nth_data but + with an allocated result. */ +void * +_gcry_sexp_nth_buffer (const gcry_sexp_t list, int number, size_t *rlength) +{ + const char *s; + size_t n; + char *buf; + + *rlength = 0; + s = do_sexp_nth_data (list, number, &n); + if (!s || !n) + return NULL; + buf = xtrymalloc (n); + if (!buf) + return NULL; + memcpy (buf, s, n); + *rlength = n; + return buf; +} + + +/* Get a string from the car. The returned value is a malloced string + and needs to be freed by the caller. */ +char * +_gcry_sexp_nth_string (const gcry_sexp_t list, int number) +{ + const char *s; + size_t n; + char *buf; + + s = do_sexp_nth_data (list, number, &n); + if (!s || n < 1 || (n+1) < 1) + return NULL; + buf = xtrymalloc (n+1); + if (!buf) + return NULL; + memcpy (buf, s, n); + buf[n] = 0; + return buf; +} + + +/* + * Get a MPI from the car + */ +gcry_mpi_t +_gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt) +{ + size_t n; + gcry_mpi_t a; + + if (mpifmt == GCRYMPI_FMT_OPAQUE) + { + char *p; + + p = _gcry_sexp_nth_buffer (list, number, &n); + if (!p) + return NULL; + + a = _gcry_is_secure (list)? _gcry_mpi_snew (0) : _gcry_mpi_new (0); + if (a) + mpi_set_opaque (a, p, n*8); + else + xfree (p); + } + else + { + const char *s; + + if (!mpifmt) + mpifmt = GCRYMPI_FMT_STD; + + s = do_sexp_nth_data (list, number, &n); + if (!s) + return NULL; + + if (_gcry_mpi_scan (&a, mpifmt, s, n, NULL)) + return NULL; + } + + return a; +} + + +/**************** + * Get the CDR + */ +gcry_sexp_t +_gcry_sexp_cdr(const gcry_sexp_t list) +{ + const byte *p; + const byte *head; + DATALEN n; + gcry_sexp_t newlist; + byte *d; + int level = 0; + int skip = 1; + + if (!list || list->d[0] != ST_OPEN) + return NULL; + p = list->d; + + while (skip > 0) + { + p++; + if (*p == ST_DATA) + { + memcpy ( &n, ++p, sizeof n ); + p += sizeof n + n; + p--; + if ( !level ) + skip--; + } + else if (*p == ST_OPEN) + { + level++; + } + else if (*p == ST_CLOSE) + { + level--; + if ( !level ) + skip--; + } + else if (*p == ST_STOP) + { + return NULL; + } + } + p++; + + head = p; + level = 0; + do { + if (*p == ST_DATA) + { + memcpy ( &n, ++p, sizeof n ); + p += sizeof n + n; + p--; + } + else if (*p == ST_OPEN) + { + level++; + } + else if (*p == ST_CLOSE) + { + level--; + } + else if (*p == ST_STOP) + { + return NULL; + } + p++; + } while (level); + n = p - head; + + newlist = xtrymalloc (sizeof *newlist + n + 2); + if (!newlist) + return NULL; + d = newlist->d; + *d++ = ST_OPEN; + memcpy (d, head, n); + d += n; + *d++ = ST_CLOSE; + *d++ = ST_STOP; + + return normalize (newlist); +} + + +gcry_sexp_t +_gcry_sexp_cadr ( const gcry_sexp_t list ) +{ + gcry_sexp_t a, b; + + a = _gcry_sexp_cdr (list); + b = _gcry_sexp_car (a); + sexp_release (a); + return b; +} + + +static GPG_ERR_INLINE int +hextonibble (int s) +{ + if (s >= '0' && s <= '9') + return s - '0'; + else if (s >= 'A' && s <= 'F') + return 10 + s - 'A'; + else if (s >= 'a' && s <= 'f') + return 10 + s - 'a'; + else + return 0; +} + + +struct make_space_ctx +{ + gcry_sexp_t sexp; + size_t allocated; + byte *pos; +}; + + +static gpg_err_code_t +make_space ( struct make_space_ctx *c, size_t n ) +{ + size_t used = c->pos - c->sexp->d; + + if ( used + n + sizeof(DATALEN) + 1 >= c->allocated ) + { + gcry_sexp_t newsexp; + byte *newhead; + size_t newsize; + + newsize = c->allocated + 2*(n+sizeof(DATALEN)+1); + if (newsize <= c->allocated) + return GPG_ERR_TOO_LARGE; + newsexp = xtryrealloc ( c->sexp, sizeof *newsexp + newsize - 1); + if (!newsexp) + return gpg_err_code_from_errno (errno); + c->allocated = newsize; + newhead = newsexp->d; + c->pos = newhead + used; + c->sexp = newsexp; + } + return 0; +} + + +/* Unquote STRING of LENGTH and store it into BUF. The surrounding + quotes are must already be removed from STRING. We assume that the + quoted string is syntacillay correct. */ +static size_t +unquote_string (const char *string, size_t length, unsigned char *buf) +{ + int esc = 0; + const unsigned char *s = (const unsigned char*)string; + unsigned char *d = buf; + size_t n = length; + + for (; n; n--, s++) + { + if (esc) + { + switch (*s) + { + case 'b': *d++ = '\b'; break; + case 't': *d++ = '\t'; break; + case 'v': *d++ = '\v'; break; + case 'n': *d++ = '\n'; break; + case 'f': *d++ = '\f'; break; + case 'r': *d++ = '\r'; break; + case '"': *d++ = '\"'; break; + case '\'': *d++ = '\''; break; + case '\\': *d++ = '\\'; break; + + case '\r': /* ignore CR[,LF] */ + if (n>1 && s[1] == '\n') + { + s++; n--; + } + break; + + case '\n': /* ignore LF[,CR] */ + if (n>1 && s[1] == '\r') + { + s++; n--; + } + break; + + case 'x': /* hex value */ + if (n>2 && hexdigitp (s+1) && hexdigitp (s+2)) + { + s++; n--; + *d++ = xtoi_2 (s); + s++; n--; + } + break; + + default: + if (n>2 && octdigitp (s) && octdigitp (s+1) && octdigitp (s+2)) + { + *d++ = (atoi_1 (s)*64) + (atoi_1 (s+1)*8) + atoi_1 (s+2); + s += 2; + n -= 2; + } + break; + } + esc = 0; + } + else if( *s == '\\' ) + esc = 1; + else + *d++ = *s; + } + + return d - buf; +} + +/**************** + * Scan the provided buffer and return the S expression in our internal + * format. Returns a newly allocated expression. If erroff is not NULL and + * a parsing error has occurred, the offset into buffer will be returned. + * If ARGFLAG is true, the function supports some printf like + * expressions. + * These are: + * %m - MPI + * %s - string (no autoswitch to secure allocation) + * %d - integer stored as string (no autoswitch to secure allocation) + * %b - memory buffer; this takes _two_ arguments: an integer with the + * length of the buffer and a pointer to the buffer. + * %S - Copy an gcry_sexp_t here. The S-expression needs to be a + * regular one, starting with a parenthesis. + * (no autoswitch to secure allocation) + * all other format elements are currently not defined and return an error. + * this includes the "%%" sequence becauce the percent sign is not an + * allowed character. + * FIXME: We should find a way to store the secure-MPIs not in the string + * but as reference to somewhere - this can help us to save huge amounts + * of secure memory. The problem is, that if only one element is secure, all + * other elements are automagicaly copied to secure memory too, so the most + * common operation gcry_sexp_cdr_mpi() will always return a secure MPI + * regardless whether it is needed or not. + */ +static gpg_err_code_t +do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length, int argflag, + void **arg_list, va_list arg_ptr) +{ + gcry_err_code_t err = 0; + static const char tokenchars[] = + "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "0123456789-./_:*+="; + const char *p; + size_t n; + const char *digptr = NULL; + const char *quoted = NULL; + const char *tokenp = NULL; + const char *hexfmt = NULL; + const char *base64 = NULL; + const char *disphint = NULL; + const char *percent = NULL; + int hexcount = 0; + int quoted_esc = 0; + int datalen = 0; + size_t dummy_erroff; + struct make_space_ctx c; + int arg_counter = 0; + int level = 0; + + if (!retsexp) + return GPG_ERR_INV_ARG; + *retsexp = NULL; + + if (!buffer) + return GPG_ERR_INV_ARG; + + if (!erroff) + erroff = &dummy_erroff; + + /* Depending on whether ARG_LIST is non-zero or not, this macro gives + us the next argument, either from the variable argument list as + specified by ARG_PTR or from the argument array ARG_LIST. */ +#define ARG_NEXT(storage, type) \ + do \ + { \ + if (!arg_list) \ + storage = va_arg (arg_ptr, type); \ + else \ + storage = *((type *) (arg_list[arg_counter++])); \ + } \ + while (0) + + /* The MAKE_SPACE macro is used before each store operation to + ensure that the buffer is large enough. It requires a global + context named C and jumps out to the label LEAVE on error! It + also sets ERROFF using the variables BUFFER and P. */ +#define MAKE_SPACE(n) do { \ + gpg_err_code_t _ms_err = make_space (&c, (n)); \ + if (_ms_err) \ + { \ + err = _ms_err; \ + *erroff = p - buffer; \ + goto leave; \ + } \ + } while (0) + + /* The STORE_LEN macro is used to store the length N at buffer P. */ +#define STORE_LEN(p,n) do { \ + DATALEN ashort = (n); \ + memcpy ( (p), &ashort, sizeof(ashort) ); \ + (p) += sizeof (ashort); \ + } while (0) + + /* We assume that the internal representation takes less memory than + the provided one. However, we add space for one extra datalen so + that the code which does the ST_CLOSE can use MAKE_SPACE */ + c.allocated = length + sizeof(DATALEN); + if (length && _gcry_is_secure (buffer)) + c.sexp = xtrymalloc_secure (sizeof *c.sexp + c.allocated - 1); + else + c.sexp = xtrymalloc (sizeof *c.sexp + c.allocated - 1); + if (!c.sexp) + { + err = gpg_err_code_from_errno (errno); + *erroff = 0; + goto leave; + } + c.pos = c.sexp->d; + + for (p = buffer, n = length; n; p++, n--) + { + if (tokenp && !hexfmt) + { + if (strchr (tokenchars, *p)) + continue; + else + { + datalen = p - tokenp; + MAKE_SPACE (datalen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, datalen); + memcpy (c.pos, tokenp, datalen); + c.pos += datalen; + tokenp = NULL; + } + } + + if (quoted) + { + if (quoted_esc) + { + switch (*p) + { + case 'b': case 't': case 'v': case 'n': case 'f': + case 'r': case '"': case '\'': case '\\': + quoted_esc = 0; + break; + + case '0': case '1': case '2': case '3': case '4': + case '5': case '6': case '7': + if (!((n > 2) + && (p[1] >= '0') && (p[1] <= '7') + && (p[2] >= '0') && (p[2] <= '7'))) + { + *erroff = p - buffer; + /* Invalid octal value. */ + err = GPG_ERR_SEXP_BAD_QUOTATION; + goto leave; + } + p += 2; + n -= 2; + quoted_esc = 0; + break; + + case 'x': + if (!((n > 2) && hexdigitp (p+1) && hexdigitp (p+2))) + { + *erroff = p - buffer; + /* Invalid hex value. */ + err = GPG_ERR_SEXP_BAD_QUOTATION; + goto leave; + } + p += 2; + n -= 2; + quoted_esc = 0; + break; + + case '\r': + /* ignore CR[,LF] */ + if (n && (p[1] == '\n')) + { + p++; + n--; + } + quoted_esc = 0; + break; + + case '\n': + /* ignore LF[,CR] */ + if (n && (p[1] == '\r')) + { + p++; + n--; + } + quoted_esc = 0; + break; + + default: + *erroff = p - buffer; + /* Invalid quoted string escape. */ + err = GPG_ERR_SEXP_BAD_QUOTATION; + goto leave; + } + } + else if (*p == '\\') + quoted_esc = 1; + else if (*p == '\"') + { + /* Keep it easy - we know that the unquoted string will + never be larger. */ + unsigned char *save; + size_t len; + + quoted++; /* Skip leading quote. */ + MAKE_SPACE (p - quoted); + *c.pos++ = ST_DATA; + save = c.pos; + STORE_LEN (c.pos, 0); /* Will be fixed up later. */ + len = unquote_string (quoted, p - quoted, c.pos); + c.pos += len; + STORE_LEN (save, len); + quoted = NULL; + } + } + else if (hexfmt) + { + if (isxdigit (*p)) + hexcount++; + else if (*p == '#') + { + if ((hexcount & 1)) + { + *erroff = p - buffer; + err = GPG_ERR_SEXP_ODD_HEX_NUMBERS; + goto leave; + } + + datalen = hexcount / 2; + MAKE_SPACE (datalen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, datalen); + for (hexfmt++; hexfmt < p; hexfmt++) + { + int tmpc; + + if (whitespacep (hexfmt)) + continue; + tmpc = hextonibble (*(const unsigned char*)hexfmt); + for (hexfmt++; hexfmt < p && whitespacep (hexfmt); hexfmt++) + ; + if (hexfmt < p) + { + tmpc *= 16; + tmpc += hextonibble (*(const unsigned char*)hexfmt); + } + *c.pos++ = tmpc; + } + hexfmt = NULL; + } + else if (!whitespacep (p)) + { + *erroff = p - buffer; + err = GPG_ERR_SEXP_BAD_HEX_CHAR; + goto leave; + } + } + else if (base64) + { + if (*p == '|') + base64 = NULL; + } + else if (digptr) + { + if (digitp (p)) + ; + else if (*p == ':') + { + datalen = atoi (digptr); /* FIXME: check for overflow. */ + digptr = NULL; + if (datalen > n - 1) + { + *erroff = p - buffer; + /* Buffer too short. */ + err = GPG_ERR_SEXP_STRING_TOO_LONG; + goto leave; + } + /* Make a new list entry. */ + MAKE_SPACE (datalen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, datalen); + memcpy (c.pos, p + 1, datalen); + c.pos += datalen; + n -= datalen; + p += datalen; + } + else if (*p == '\"') + { + digptr = NULL; /* We ignore the optional length. */ + quoted = p; + quoted_esc = 0; + } + else if (*p == '#') + { + digptr = NULL; /* We ignore the optional length. */ + hexfmt = p; + hexcount = 0; + } + else if (*p == '|') + { + digptr = NULL; /* We ignore the optional length. */ + base64 = p; + } + else + { + *erroff = p - buffer; + err = GPG_ERR_SEXP_INV_LEN_SPEC; + goto leave; + } + } + else if (percent) + { + if (*p == 'm' || *p == 'M') + { + /* Insert an MPI. */ + gcry_mpi_t m; + size_t nm = 0; + int mpifmt = *p == 'm'? GCRYMPI_FMT_STD: GCRYMPI_FMT_USG; + + ARG_NEXT (m, gcry_mpi_t); + + if (mpi_get_flag (m, GCRYMPI_FLAG_OPAQUE)) + { + void *mp; + unsigned int nbits; + + mp = mpi_get_opaque (m, &nbits); + nm = (nbits+7)/8; + if (mp && nm) + { + MAKE_SPACE (nm); + if (!_gcry_is_secure (c.sexp->d) + && mpi_get_flag (m, GCRYMPI_FLAG_SECURE)) + { + /* We have to switch to secure allocation. */ + gcry_sexp_t newsexp; + byte *newhead; + + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); + if (!newsexp) + { + err = gpg_err_code_from_errno (errno); + goto leave; + } + newhead = newsexp->d; + memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); + c.pos = newhead + (c.pos - c.sexp->d); + xfree (c.sexp); + c.sexp = newsexp; + } + + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, nm); + memcpy (c.pos, mp, nm); + c.pos += nm; + } + } + else + { + if (_gcry_mpi_print (mpifmt, NULL, 0, &nm, m)) + BUG (); + + MAKE_SPACE (nm); + if (!_gcry_is_secure (c.sexp->d) + && mpi_get_flag ( m, GCRYMPI_FLAG_SECURE)) + { + /* We have to switch to secure allocation. */ + gcry_sexp_t newsexp; + byte *newhead; + + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); + if (!newsexp) + { + err = gpg_err_code_from_errno (errno); + goto leave; + } + newhead = newsexp->d; + memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); + c.pos = newhead + (c.pos - c.sexp->d); + xfree (c.sexp); + c.sexp = newsexp; + } + + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, nm); + if (_gcry_mpi_print (mpifmt, c.pos, nm, &nm, m)) + BUG (); + c.pos += nm; + } + } + else if (*p == 's') + { + /* Insert an string. */ + const char *astr; + size_t alen; + + ARG_NEXT (astr, const char *); + alen = strlen (astr); + + MAKE_SPACE (alen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, alen); + memcpy (c.pos, astr, alen); + c.pos += alen; + } + else if (*p == 'b') + { + /* Insert a memory buffer. */ + const char *astr; + int alen; + + ARG_NEXT (alen, int); + ARG_NEXT (astr, const char *); + + MAKE_SPACE (alen); + if (alen + && !_gcry_is_secure (c.sexp->d) + && _gcry_is_secure (astr)) + { + /* We have to switch to secure allocation. */ + gcry_sexp_t newsexp; + byte *newhead; + + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); + if (!newsexp) + { + err = gpg_err_code_from_errno (errno); + goto leave; + } + newhead = newsexp->d; + memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); + c.pos = newhead + (c.pos - c.sexp->d); + xfree (c.sexp); + c.sexp = newsexp; + } + + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, alen); + memcpy (c.pos, astr, alen); + c.pos += alen; + } + else if (*p == 'd') + { + /* Insert an integer as string. */ + int aint; + size_t alen; + char buf[35]; + + ARG_NEXT (aint, int); + sprintf (buf, "%d", aint); + alen = strlen (buf); + MAKE_SPACE (alen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, alen); + memcpy (c.pos, buf, alen); + c.pos += alen; + } + else if (*p == 'u') + { + /* Insert an unsigned integer as string. */ + unsigned int aint; + size_t alen; + char buf[35]; + + ARG_NEXT (aint, unsigned int); + sprintf (buf, "%u", aint); + alen = strlen (buf); + MAKE_SPACE (alen); + *c.pos++ = ST_DATA; + STORE_LEN (c.pos, alen); + memcpy (c.pos, buf, alen); + c.pos += alen; + } + else if (*p == 'S') + { + /* Insert a gcry_sexp_t. */ + gcry_sexp_t asexp; + size_t alen, aoff; + + ARG_NEXT (asexp, gcry_sexp_t); + alen = get_internal_buffer (asexp, &aoff); + if (alen) + { + MAKE_SPACE (alen); + memcpy (c.pos, asexp->d + aoff, alen); + c.pos += alen; + } + } + else + { + *erroff = p - buffer; + /* Invalid format specifier. */ + err = GPG_ERR_SEXP_INV_LEN_SPEC; + goto leave; + } + percent = NULL; + } + else if (*p == '(') + { + if (disphint) + { + *erroff = p - buffer; + /* Open display hint. */ + err = GPG_ERR_SEXP_UNMATCHED_DH; + goto leave; + } + MAKE_SPACE (0); + *c.pos++ = ST_OPEN; + level++; + } + else if (*p == ')') + { + /* Walk up. */ + if (disphint) + { + *erroff = p - buffer; + /* Open display hint. */ + err = GPG_ERR_SEXP_UNMATCHED_DH; + goto leave; + } + MAKE_SPACE (0); + *c.pos++ = ST_CLOSE; + level--; + } + else if (*p == '\"') + { + quoted = p; + quoted_esc = 0; + } + else if (*p == '#') + { + hexfmt = p; + hexcount = 0; + } + else if (*p == '|') + base64 = p; + else if (*p == '[') + { + if (disphint) + { + *erroff = p - buffer; + /* Open display hint. */ + err = GPG_ERR_SEXP_NESTED_DH; + goto leave; + } + disphint = p; + } + else if (*p == ']') + { + if (!disphint) + { + *erroff = p - buffer; + /* Open display hint. */ + err = GPG_ERR_SEXP_UNMATCHED_DH; + goto leave; + } + disphint = NULL; + } + else if (digitp (p)) + { + if (*p == '0') + { + /* A length may not begin with zero. */ + *erroff = p - buffer; + err = GPG_ERR_SEXP_ZERO_PREFIX; + goto leave; + } + digptr = p; + } + else if (strchr (tokenchars, *p)) + tokenp = p; + else if (whitespacep (p)) + ; + else if (*p == '{') + { + /* fixme: handle rescanning: we can do this by saving our + current state and start over at p+1 -- Hmmm. At this + point here we are in a well defined state, so we don't + need to save it. Great. */ + *erroff = p - buffer; + err = GPG_ERR_SEXP_UNEXPECTED_PUNC; + goto leave; + } + else if (strchr ("&\\", *p)) + { + /* Reserved punctuation. */ + *erroff = p - buffer; + err = GPG_ERR_SEXP_UNEXPECTED_PUNC; + goto leave; + } + else if (argflag && (*p == '%')) + percent = p; + else + { + /* Bad or unavailable. */ + *erroff = p - buffer; + err = GPG_ERR_SEXP_BAD_CHARACTER; + goto leave; + } + } + MAKE_SPACE (0); + *c.pos++ = ST_STOP; + + if (level && !err) + err = GPG_ERR_SEXP_UNMATCHED_PAREN; + + leave: + if (err) + { + /* Error -> deallocate. */ + if (c.sexp) + { + /* Extra paranoid wipe on error. */ + if (_gcry_is_secure (c.sexp)) + wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1); + xfree (c.sexp); + } + } + else + *retsexp = normalize (c.sexp); + + return err; +#undef MAKE_SPACE +#undef STORE_LEN +} + + +static gpg_err_code_t +do_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length, int argflag, + void **arg_list, ...) +{ + gcry_err_code_t rc; + va_list arg_ptr; + + va_start (arg_ptr, arg_list); + rc = do_vsexp_sscan (retsexp, erroff, buffer, length, argflag, + arg_list, arg_ptr); + va_end (arg_ptr); + + return rc; +} + + +gpg_err_code_t +_gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, const char *format, ...) +{ + gcry_err_code_t rc; + va_list arg_ptr; + + va_start (arg_ptr, format); + rc = do_vsexp_sscan (retsexp, erroff, format, strlen(format), 1, + NULL, arg_ptr); + va_end (arg_ptr); + + return rc; +} + + +gcry_err_code_t +_gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff, + const char *format, va_list arg_ptr) +{ + return do_vsexp_sscan (retsexp, erroff, format, strlen(format), 1, + NULL, arg_ptr); +} + + +/* Like gcry_sexp_build, but uses an array instead of variable + function arguments. */ +gcry_err_code_t +_gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, + const char *format, void **arg_list) +{ + return do_sexp_sscan (retsexp, erroff, format, strlen(format), 1, arg_list); +} + + +gcry_err_code_t +_gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, + const char *buffer, size_t length) +{ + return do_sexp_sscan (retsexp, erroff, buffer, length, 0, NULL); +} + + +/* Figure out a suitable encoding for BUFFER of LENGTH. + Returns: 0 = Binary + 1 = String possible + 2 = Token possible +*/ +static int +suitable_encoding (const unsigned char *buffer, size_t length) +{ + const unsigned char *s; + int maybe_token = 1; + + if (!length) + return 1; + + if (*buffer & 0x80) + return 0; /* If the MSB is set we assume that buffer represents a + negative number. */ + if (!*buffer) + return 0; /* Starting with a zero is pretty much a binary string. */ + + for (s=buffer; length; s++, length--) + { + if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0)) + && !strchr ("\b\t\v\n\f\r\"\'\\", *s)) + return 0; /*binary*/ + if ( maybe_token + && !alphap (s) && !digitp (s) && !strchr (TOKEN_SPECIALS, *s)) + maybe_token = 0; + } + s = buffer; + if ( maybe_token && !digitp (s) ) + return 2; + return 1; +} + + +static int +convert_to_hex (const unsigned char *src, size_t len, char *dest) +{ + int i; + + if (dest) + { + *dest++ = '#'; + for (i=0; i < len; i++, dest += 2 ) + sprintf (dest, "%02X", src[i]); + *dest++ = '#'; + } + return len*2+2; +} + +static int +convert_to_string (const unsigned char *s, size_t len, char *dest) +{ + if (dest) + { + char *p = dest; + *p++ = '\"'; + for (; len; len--, s++ ) + { + switch (*s) + { + case '\b': *p++ = '\\'; *p++ = 'b'; break; + case '\t': *p++ = '\\'; *p++ = 't'; break; + case '\v': *p++ = '\\'; *p++ = 'v'; break; + case '\n': *p++ = '\\'; *p++ = 'n'; break; + case '\f': *p++ = '\\'; *p++ = 'f'; break; + case '\r': *p++ = '\\'; *p++ = 'r'; break; + case '\"': *p++ = '\\'; *p++ = '\"'; break; + case '\'': *p++ = '\\'; *p++ = '\''; break; + case '\\': *p++ = '\\'; *p++ = '\\'; break; + default: + if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0))) + { + sprintf (p, "\\x%02x", *s); + p += 4; + } + else + *p++ = *s; + } + } + *p++ = '\"'; + return p - dest; + } + else + { + int count = 2; + for (; len; len--, s++ ) + { + switch (*s) + { + case '\b': + case '\t': + case '\v': + case '\n': + case '\f': + case '\r': + case '\"': + case '\'': + case '\\': count += 2; break; + default: + if ( (*s < 0x20 || (*s >= 0x7f && *s <= 0xa0))) + count += 4; + else + count++; + } + } + return count; + } +} + + + +static int +convert_to_token (const unsigned char *src, size_t len, char *dest) +{ + if (dest) + memcpy (dest, src, len); + return len; +} + + +/**************** + * Print SEXP to buffer using the MODE. Returns the length of the + * SEXP in buffer or 0 if the buffer is too short (We have at least an + * empty list consisting of 2 bytes). If a buffer of NULL is provided, + * the required length is returned. + */ +size_t +_gcry_sexp_sprint (const gcry_sexp_t list, int mode, + void *buffer, size_t maxlength ) +{ + static unsigned char empty[3] = { ST_OPEN, ST_CLOSE, ST_STOP }; + const unsigned char *s; + char *d; + DATALEN n; + char numbuf[20]; + size_t len = 0; + int i, indent = 0; + + s = list? list->d : empty; + d = buffer; + while ( *s != ST_STOP ) + { + switch ( *s ) + { + case ST_OPEN: + s++; + if ( mode != GCRYSEXP_FMT_CANON ) + { + if (indent) + len++; + len += indent; + } + len++; + if ( buffer ) + { + if ( len >= maxlength ) + return 0; + if ( mode != GCRYSEXP_FMT_CANON ) + { + if (indent) + *d++ = '\n'; + for (i=0; i < indent; i++) + *d++ = ' '; + } + *d++ = '('; + } + indent++; + break; + case ST_CLOSE: + s++; + len++; + if ( buffer ) + { + if ( len >= maxlength ) + return 0; + *d++ = ')'; + } + indent--; + if (*s != ST_OPEN && *s != ST_STOP && mode != GCRYSEXP_FMT_CANON) + { + len++; + len += indent; + if (buffer) + { + if (len >= maxlength) + return 0; + *d++ = '\n'; + for (i=0; i < indent; i++) + *d++ = ' '; + } + } + break; + case ST_DATA: + s++; + memcpy ( &n, s, sizeof n ); s += sizeof n; + if (mode == GCRYSEXP_FMT_ADVANCED) + { + int type; + size_t nn; + + switch ( (type=suitable_encoding (s, n))) + { + case 1: nn = convert_to_string (s, n, NULL); break; + case 2: nn = convert_to_token (s, n, NULL); break; + default: nn = convert_to_hex (s, n, NULL); break; + } + len += nn; + if (buffer) + { + if (len >= maxlength) + return 0; + switch (type) + { + case 1: convert_to_string (s, n, d); break; + case 2: convert_to_token (s, n, d); break; + default: convert_to_hex (s, n, d); break; + } + d += nn; + } + if (s[n] != ST_CLOSE) + { + len++; + if (buffer) + { + if (len >= maxlength) + return 0; + *d++ = ' '; + } + } + } + else + { + sprintf (numbuf, "%u:", (unsigned int)n ); + len += strlen (numbuf) + n; + if ( buffer ) + { + if ( len >= maxlength ) + return 0; + d = stpcpy ( d, numbuf ); + memcpy ( d, s, n ); d += n; + } + } + s += n; + break; + default: + BUG (); + } + } + if ( mode != GCRYSEXP_FMT_CANON ) + { + len++; + if (buffer) + { + if ( len >= maxlength ) + return 0; + *d++ = '\n'; + } + } + if (buffer) + { + if ( len >= maxlength ) + return 0; + *d++ = 0; /* for convenience we make a C string */ + } + else + len++; /* we need one byte more for this */ + + return len; +} + + +/* Scan a canonical encoded buffer with implicit length values and + return the actual length this S-expression uses. For a valid S-Exp + it should never return 0. If LENGTH is not zero, the maximum + length to scan is given - this can be used for syntax checks of + data passed from outside. errorcode and erroff may both be passed as + NULL. */ +size_t +_gcry_sexp_canon_len (const unsigned char *buffer, size_t length, + size_t *erroff, gcry_err_code_t *errcode) +{ + const unsigned char *p; + const unsigned char *disphint = NULL; + unsigned int datalen = 0; + size_t dummy_erroff; + gcry_err_code_t dummy_errcode; + size_t count = 0; + int level = 0; + + if (!erroff) + erroff = &dummy_erroff; + if (!errcode) + errcode = &dummy_errcode; + + *errcode = GPG_ERR_NO_ERROR; + *erroff = 0; + if (!buffer) + return 0; + if (*buffer != '(') + { + *errcode = GPG_ERR_SEXP_NOT_CANONICAL; + return 0; + } + + for (p=buffer; ; p++, count++ ) + { + if (length && count >= length) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_STRING_TOO_LONG; + return 0; + } + + if (datalen) + { + if (*p == ':') + { + if (length && (count+datalen) >= length) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_STRING_TOO_LONG; + return 0; + } + count += datalen; + p += datalen; + datalen = 0; + } + else if (digitp(p)) + datalen = datalen*10 + atoi_1(p); + else + { + *erroff = count; + *errcode = GPG_ERR_SEXP_INV_LEN_SPEC; + return 0; + } + } + else if (*p == '(') + { + if (disphint) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_UNMATCHED_DH; + return 0; + } + level++; + } + else if (*p == ')') + { /* walk up */ + if (!level) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_UNMATCHED_PAREN; + return 0; + } + if (disphint) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_UNMATCHED_DH; + return 0; + } + if (!--level) + return ++count; /* ready */ + } + else if (*p == '[') + { + if (disphint) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_NESTED_DH; + return 0; + } + disphint = p; + } + else if (*p == ']') + { + if ( !disphint ) + { + *erroff = count; + *errcode = GPG_ERR_SEXP_UNMATCHED_DH; + return 0; + } + disphint = NULL; + } + else if (digitp (p) ) + { + if (*p == '0') + { + *erroff = count; + *errcode = GPG_ERR_SEXP_ZERO_PREFIX; + return 0; + } + datalen = atoi_1 (p); + } + else if (*p == '&' || *p == '\\') + { + *erroff = count; + *errcode = GPG_ERR_SEXP_UNEXPECTED_PUNC; + return 0; + } + else + { + *erroff = count; + *errcode = GPG_ERR_SEXP_BAD_CHARACTER; + return 0; + } + } +} + + +/* Extract MPIs from an s-expression using a list of parameters. The + * names of these parameters are given by the string LIST. Some + * special characters may be given to control the conversion: + * + * + :: Switch to unsigned integer format (default). + * - :: Switch to standard signed format. + * / :: Switch to opaque format. + * & :: Switch to buffer descriptor mode - see below. + * ? :: The previous parameter is optional. + * + * In general parameter names are single letters. To use a string for + * a parameter name, enclose the name in single quotes. + * + * Unless in gcry_buffer_t mode for each parameter name a pointer to + * an MPI variable is expected and finally a NULL is expected. + * Example: + * + * _gcry_sexp_extract_param (key, NULL, "n/x+ed", + * &mpi_n, &mpi_x, &mpi_e, NULL) + * + * This stores the parameter "N" from KEY as an unsigned MPI into + * MPI_N, the parameter "X" as an opaque MPI into MPI_X, and the + * parameter "E" again as an unsigned MPI into MPI_E. + * + * If in buffer descriptor mode a pointer to gcry_buffer_t descriptor + * is expected instead of a pointer to an MPI. The caller may use two + * different operation modes: If the DATA field of the provided buffer + * descriptor is NULL, the function allocates a new buffer and stores + * it at DATA; the other fields are set accordingly with OFF being 0. + * If DATA is not NULL, the function assumes that DATA, SIZE, and OFF + * describe a buffer where to but the data; on return the LEN field + * receives the number of bytes copied to that buffer; if the buffer + * is too small, the function immediately returns with an error code + * (and LEN set to 0). + * + * PATH is an optional string used to locate a token. The exclamation + * mark separated tokens are used to via gcry_sexp_find_token to find + * a start point inside SEXP. + * + * The function returns NULL on success. On error an error code is + * returned and the passed MPIs are either unchanged or set to NULL. + */ +gpg_err_code_t +_gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, + const char *list, va_list arg_ptr) +{ + gpg_err_code_t rc; + const char *s, *s2; + gcry_mpi_t *array[20]; + char arrayisdesc[20]; + int idx; + gcry_sexp_t l1; + int mode = '+'; /* Default to GCRYMPI_FMT_USG. */ + gcry_sexp_t freethis = NULL; + + memset (arrayisdesc, 0, sizeof arrayisdesc); + + /* First copy all the args into an array. This is required so that + we are able to release already allocated MPIs if later an error + was found. */ + for (s=list, idx=0; *s && idx < DIM (array); s++) + { + if (*s == '&' || *s == '+' || *s == '-' || *s == '/' || *s == '?') + ; + else if (whitespacep (s)) + ; + else + { + if (*s == '\'') + { + s++; + s2 = strchr (s, '\''); + if (!s2 || s2 == s) + { + /* Closing quote not found or empty string. */ + return GPG_ERR_SYNTAX; + } + s = s2; + } + array[idx] = va_arg (arg_ptr, gcry_mpi_t *); + if (!array[idx]) + return GPG_ERR_MISSING_VALUE; /* NULL pointer given. */ + idx++; + } + } + if (*s) + return GPG_ERR_LIMIT_REACHED; /* Too many list elements. */ + if (va_arg (arg_ptr, gcry_mpi_t *)) + return GPG_ERR_INV_ARG; /* Not enough list elemends. */ + + /* Drill down. */ + while (path && *path) + { + size_t n; + + s = strchr (path, '!'); + if (s == path) + { + rc = GPG_ERR_NOT_FOUND; + goto cleanup; + } + n = s? s - path : 0; + l1 = _gcry_sexp_find_token (sexp, path, n); + if (!l1) + { + rc = GPG_ERR_NOT_FOUND; + goto cleanup; + } + sexp = l1; l1 = NULL; + sexp_release (freethis); + freethis = sexp; + if (n) + path += n + 1; + else + path = NULL; + } + + + /* Now extract all parameters. */ + for (s=list, idx=0; *s; s++) + { + if (*s == '&' || *s == '+' || *s == '-' || *s == '/') + mode = *s; + else if (whitespacep (s)) + ; + else if (*s == '?') + ; /* Only used via lookahead. */ + else + { + if (*s == '\'') + { + /* Find closing quote, find token, set S to closing quote. */ + s++; + s2 = strchr (s, '\''); + if (!s2 || s2 == s) + { + /* Closing quote not found or empty string. */ + rc = GPG_ERR_SYNTAX; + goto cleanup; + } + l1 = _gcry_sexp_find_token (sexp, s, s2 - s); + s = s2; + } + else + l1 = _gcry_sexp_find_token (sexp, s, 1); + + if (!l1 && s[1] == '?') + { + /* Optional element not found. */ + if (mode == '&') + { + gcry_buffer_t *spec = (gcry_buffer_t*)array[idx]; + if (!spec->data) + { + spec->size = 0; + spec->off = 0; + } + spec->len = 0; + } + else + *array[idx] = NULL; + } + else if (!l1) + { + rc = GPG_ERR_NO_OBJ; /* List element not found. */ + goto cleanup; + } + else + { + if (mode == '&') + { + gcry_buffer_t *spec = (gcry_buffer_t*)array[idx]; + + if (spec->data) + { + const char *pbuf; + size_t nbuf; + + pbuf = _gcry_sexp_nth_data (l1, 1, &nbuf); + if (!pbuf || !nbuf) + { + rc = GPG_ERR_INV_OBJ; + goto cleanup; + } + if (spec->off + nbuf > spec->size) + { + rc = GPG_ERR_BUFFER_TOO_SHORT; + goto cleanup; + } + memcpy ((char*)spec->data + spec->off, pbuf, nbuf); + spec->len = nbuf; + arrayisdesc[idx] = 1; + } + else + { + spec->data = _gcry_sexp_nth_buffer (l1, 1, &spec->size); + if (!spec->data) + { + rc = GPG_ERR_INV_OBJ; /* Or out of core. */ + goto cleanup; + } + spec->len = spec->size; + spec->off = 0; + arrayisdesc[idx] = 2; + } + } + else if (mode == '/') + *array[idx] = _gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_OPAQUE); + else if (mode == '-') + *array[idx] = _gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_STD); + else + *array[idx] = _gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); + sexp_release (l1); l1 = NULL; + if (!*array[idx]) + { + rc = GPG_ERR_INV_OBJ; /* Conversion failed. */ + goto cleanup; + } + } + idx++; + } + } + + sexp_release (freethis); + return 0; + + cleanup: + sexp_release (freethis); + sexp_release (l1); + while (idx--) + { + if (!arrayisdesc[idx]) + { + _gcry_mpi_release (*array[idx]); + *array[idx] = NULL; + } + else if (!arrayisdesc[idx] == 1) + { + /* Caller provided buffer. */ + gcry_buffer_t *spec = (gcry_buffer_t*)array[idx]; + spec->len = 0; + } + else + { + /* We might have allocated a buffer. */ + gcry_buffer_t *spec = (gcry_buffer_t*)array[idx]; + xfree (spec->data); + spec->data = NULL; + spec->size = spec->off = spec->len = 0; + } + } + return rc; +} + +gpg_error_t +_gcry_sexp_extract_param (gcry_sexp_t sexp, const char *path, + const char *list, ...) +{ + gcry_err_code_t rc; + va_list arg_ptr; + + va_start (arg_ptr, list); + rc = _gcry_sexp_vextract_param (sexp, path, list, arg_ptr); + va_end (arg_ptr); + return gpg_error (rc); +} diff --git a/plugins/MirOTR/Libgcrypt/src/stdmem.c b/plugins/MirOTR/Libgcrypt/src/stdmem.c index bb8adeabec..189da37207 100644 --- a/plugins/MirOTR/Libgcrypt/src/stdmem.c +++ b/plugins/MirOTR/Libgcrypt/src/stdmem.c @@ -25,8 +25,8 @@ * | * \ / * global.c: [MM entrance points] -----> [user callbacks] - * | | - * | | + * | | + * | | * \ / \ / * * stdmem.c: [non-secure handlers] [secure handlers] @@ -49,6 +49,7 @@ #include <stdlib.h> #include <string.h> #include <stdarg.h> +#include <errno.h> #include "g10lib.h" #include "stdmem.h" @@ -87,13 +88,17 @@ _gcry_private_enable_m_guard (void) void * _gcry_private_malloc (size_t n) { - if (!n) - return NULL; /* Allocating 0 bytes is undefined - we better return - an error to detect such coding errors. */ - if (use_m_guard) + if (!n) + { + gpg_err_set_errno (EINVAL); + return NULL; /* Allocating 0 bytes is undefined - we better return + an error to detect such coding errors. */ + } + + if (use_m_guard) { char *p; - + if ( !(p = malloc (n + EXTRA_ALIGN+5)) ) return NULL; ((byte*)p)[EXTRA_ALIGN+0] = n; @@ -103,7 +108,7 @@ _gcry_private_malloc (size_t n) p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE; return p+EXTRA_ALIGN+4; } - else + else { return malloc( n ); } @@ -117,13 +122,17 @@ _gcry_private_malloc (size_t n) void * _gcry_private_malloc_secure (size_t n) { - if (!n) - return NULL; /* Allocating 0 bytes is undefined - better return an - error to detect such coding errors. */ - if (use_m_guard) + if (!n) + { + gpg_err_set_errno (EINVAL); + return NULL; /* Allocating 0 bytes is undefined - better return an + error to detect such coding errors. */ + } + + if (use_m_guard) { char *p; - + if ( !(p = _gcry_secmem_malloc (n +EXTRA_ALIGN+ 5)) ) return NULL; ((byte*)p)[EXTRA_ALIGN+0] = n; @@ -152,10 +161,10 @@ _gcry_private_realloc ( void *a, size_t n ) unsigned char *p = a; char *b; size_t len; - + if (!a) return _gcry_private_malloc(n); - + _gcry_private_check_heap(p); len = p[-4]; len |= p[-3] << 8; @@ -191,10 +200,10 @@ _gcry_private_check_heap (const void *a) { const byte *p = a; size_t len; - + if (!p) return; - + if ( !(p[-1] == MAGIC_NOR_BYTE || p[-1] == MAGIC_SEC_BYTE) ) _gcry_log_fatal ("memory at %p corrupted (underflow=%02x)\n", p, p[-1]); len = p[-4]; @@ -231,5 +240,3 @@ _gcry_private_free (void *a) else free(p); } - - diff --git a/plugins/MirOTR/Libgcrypt/src/types.h b/plugins/MirOTR/Libgcrypt/src/types.h index ee0a62bb91..561b74d17e 100644 --- a/plugins/MirOTR/Libgcrypt/src/types.h +++ b/plugins/MirOTR/Libgcrypt/src/types.h @@ -25,16 +25,16 @@ /* The AC_CHECK_SIZEOF() in configure fails for some machines. * we provide some fallback values here */ #if !SIZEOF_UNSIGNED_SHORT -#undef SIZEOF_UNSIGNED_SHORT -#define SIZEOF_UNSIGNED_SHORT 2 +# undef SIZEOF_UNSIGNED_SHORT +# define SIZEOF_UNSIGNED_SHORT 2 #endif #if !SIZEOF_UNSIGNED_INT -#undef SIZEOF_UNSIGNED_INT -#define SIZEOF_UNSIGNED_INT 4 +# undef SIZEOF_UNSIGNED_INT +# define SIZEOF_UNSIGNED_INT 4 #endif #if !SIZEOF_UNSIGNED_LONG -#undef SIZEOF_UNSIGNED_LONG -#define SIZEOF_UNSIGNED_LONG 4 +# undef SIZEOF_UNSIGNED_LONG +# define SIZEOF_UNSIGNED_LONG 4 #endif @@ -42,87 +42,88 @@ #ifndef HAVE_BYTE_TYPEDEF -#undef byte /* maybe there is a macro with this name */ -/* Windows typedefs byte in the rpc headers. Avoid warning about - double definition. */ -#if !(defined(_WIN32) && defined(cbNDRContext)) - typedef unsigned char byte; -#endif -#define HAVE_BYTE_TYPEDEF +# undef byte /* In case there is a macro with that name. */ +# if !(defined(_WIN32) && defined(cbNDRContext)) + /* Windows typedefs byte in the rpc headers. Avoid warning about + double definition. */ + typedef unsigned char byte; +# endif +# define HAVE_BYTE_TYPEDEF #endif #ifndef HAVE_USHORT_TYPEDEF -#undef ushort /* maybe there is a macro with this name */ +# undef ushort /* In case there is a macro with that name. */ typedef unsigned short ushort; -#define HAVE_USHORT_TYPEDEF +# define HAVE_USHORT_TYPEDEF #endif #ifndef HAVE_ULONG_TYPEDEF -#undef ulong /* maybe there is a macro with this name */ +# undef ulong /* In case there is a macro with that name. */ typedef unsigned long ulong; -#define HAVE_ULONG_TYPEDEF +# define HAVE_ULONG_TYPEDEF #endif #ifndef HAVE_U16_TYPEDEF -#undef u16 /* maybe there is a macro with this name */ -#if SIZEOF_UNSIGNED_INT == 2 - typedef unsigned int u16; -#elif SIZEOF_UNSIGNED_SHORT == 2 - typedef unsigned short u16; -#else -#error no typedef for u16 -#endif -#define HAVE_U16_TYPEDEF +# undef u16 /* In case there is a macro with that name. */ +# if SIZEOF_UNSIGNED_INT == 2 + typedef unsigned int u16; +# elif SIZEOF_UNSIGNED_SHORT == 2 + typedef unsigned short u16; +# else +# error no typedef for u16 +# endif +# define HAVE_U16_TYPEDEF #endif #ifndef HAVE_U32_TYPEDEF -#undef u32 /* maybe there is a macro with this name */ -#if SIZEOF_UNSIGNED_INT == 4 - typedef unsigned int u32; -#elif SIZEOF_UNSIGNED_LONG == 4 - typedef unsigned long u32; -#else -#error no typedef for u32 -#endif -#define HAVE_U32_TYPEDEF +# undef u32 /* In case there is a macro with that name. */ +# if SIZEOF_UNSIGNED_INT == 4 + typedef unsigned int u32; +# elif SIZEOF_UNSIGNED_LONG == 4 + typedef unsigned long u32; +# else +# error no typedef for u32 +# endif +# define HAVE_U32_TYPEDEF #endif -/**************** +/* * Warning: Some systems segfault when this u64 typedef and * the dummy code in cipher/md.c is not available. Examples are * Solaris and IRIX. */ #ifndef HAVE_U64_TYPEDEF -#undef u64 /* maybe there is a macro with this name */ -#if SIZEOF_UNSIGNED_INT == 8 - typedef unsigned int u64; -#define U64_C(c) (c ## U) -#define HAVE_U64_TYPEDEF -#elif SIZEOF_UNSIGNED_LONG == 8 - typedef unsigned long u64; -#define U64_C(c) (c ## UL) -#define HAVE_U64_TYPEDEF -#elif SIZEOF_UNSIGNED_LONG_LONG == 8 - typedef unsigned long long u64; -#define U64_C(c) (c ## ULL) -#define HAVE_U64_TYPEDEF -#elif SIZEOF_UINT64_T == 8 - typedef uint64_t u64; -#define U64_C(c) (UINT64_C(c)) -#define HAVE_U64_TYPEDEF -#endif +# undef u64 /* In case there is a macro with that name. */ +# if SIZEOF_UNSIGNED_INT == 8 + typedef unsigned int u64; +# define U64_C(c) (c ## U) +# define HAVE_U64_TYPEDEF +# elif SIZEOF_UNSIGNED_LONG == 8 + typedef unsigned long u64; +# define U64_C(c) (c ## UL) +# define HAVE_U64_TYPEDEF +# elif SIZEOF_UNSIGNED_LONG_LONG == 8 + typedef unsigned long long u64; +# define U64_C(c) (c ## ULL) +# define HAVE_U64_TYPEDEF +# elif SIZEOF_UINT64_T == 8 + typedef uint64_t u64; +# define U64_C(c) (UINT64_C(c)) +# define HAVE_U64_TYPEDEF +# endif #endif -typedef union { - int a; - short b; - char c[1]; - long d; +typedef union +{ + int a; + short b; + char c[1]; + long d; #ifdef HAVE_U64_TYPEDEF - u64 e; + u64 e; #endif - float f; - double g; + float f; + double g; } PROPERLY_ALIGNED_TYPE; #endif /*GCRYPT_TYPES_H*/ diff --git a/plugins/MirOTR/Libgcrypt/src/versioninfo.rc.in b/plugins/MirOTR/Libgcrypt/src/versioninfo.rc.in deleted file mode 100644 index e5e87e0b82..0000000000 --- a/plugins/MirOTR/Libgcrypt/src/versioninfo.rc.in +++ /dev/null @@ -1,52 +0,0 @@ -/* versioninfo.rc.in - for libgcrypt - * Copyright (C) 2005, 2006 g10 Code GmbH - * - * This file is free software; as a special exception the author gives - * unlimited permission to copy and/or distribute it, with or without - * modifications, as long as this notice is preserved. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - */ - -/* This file is processed by configure to create versioninfo.rc */ - -#line __LINE__ "versioninfo.rc.in" - -#include <afxres.h> - - -VS_VERSION_INFO VERSIONINFO - FILEVERSION @LIBGCRYPT_LT_CURRENT@,@LIBGCRYPT_LT_AGE@,@LIBGCRYPT_LT_REVISION@,@BUILD_REVISION@ - PRODUCTVERSION @BUILD_FILEVERSION@ - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x21L -#else - FILEFLAGS 0x20L -#endif - FILEOS 0x40004L - FILETYPE 0x1L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License (LGPLv2.1+).\0" - VALUE "CompanyName", "g10 Code GmbH\0" - VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" - VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0" - VALUE "InternalName", "libgcrypt\0" - VALUE "LegalCopyright", "Copyright © 2008 Free Software Foundation, Inc.\0" - VALUE "LegalTrademarks", "\0" - VALUE "OriginalFilename", "libgcrypt.dll\0" - VALUE "PrivateBuild", "\0" - VALUE "ProductName", "libgcrypt\0" - VALUE "ProductVersion", "@VERSION@\0" - VALUE "SpecialBuild", "@BUILD_TIMESTAMP@\0" - END - END -END - diff --git a/plugins/MirOTR/Libgcrypt/src/visibility.c b/plugins/MirOTR/Libgcrypt/src/visibility.c index f187a65e7a..2989498e10 100644 --- a/plugins/MirOTR/Libgcrypt/src/visibility.c +++ b/plugins/MirOTR/Libgcrypt/src/visibility.c @@ -1,5 +1,6 @@ /* visibility.c - Wrapper for all public functions. - * Copyright (C) 2007, 2008 Free Software Foundation, Inc. + * Copyright (C) 2007, 2008, 2011 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -20,11 +21,11 @@ #include <config.h> #include <stdarg.h> -#define _GCRY_INCLUDED_BY_VISIBILITY_C +#define _GCRY_INCLUDED_BY_VISIBILITY_C #include "g10lib.h" #include "cipher-proto.h" - - +#include "context.h" +#include "mpi.h" const char * gcry_strerror (gcry_error_t err) @@ -38,7 +39,7 @@ gcry_strsource (gcry_error_t err) return _gcry_strsource (err); } -gcry_err_code_t +gcry_err_code_t gcry_err_code_from_errno (int err) { return _gcry_err_code_from_errno (err); @@ -50,13 +51,13 @@ gcry_err_code_to_errno (gcry_err_code_t code) return _gcry_err_code_to_errno (code); } -gcry_error_t +gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err) { return _gcry_err_make_from_errno (source, err); } -gcry_err_code_t +gcry_err_code_t gcry_error_from_errno (int err) { return _gcry_error_from_errno (err); @@ -68,82 +69,88 @@ gcry_check_version (const char *req_version) return _gcry_check_version (req_version); } -gcry_error_t +gcry_error_t gcry_control (enum gcry_ctl_cmds cmd, ...) { gcry_error_t err; va_list arg_ptr; - + va_start (arg_ptr, cmd); - err = _gcry_vcontrol (cmd, arg_ptr); + err = gpg_error (_gcry_vcontrol (cmd, arg_ptr)); va_end(arg_ptr); return err; } -gcry_error_t +gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length, int autodetect) { - return _gcry_sexp_new (retsexp, buffer, length, autodetect); + return gpg_error (_gcry_sexp_new (retsexp, buffer, length, autodetect)); } -gcry_error_t +gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length, int autodetect, void (*freefnc) (void *)) { - return _gcry_sexp_create (retsexp, buffer, length, - autodetect, freefnc); + return gpg_error (_gcry_sexp_create (retsexp, buffer, length, + autodetect, freefnc)); } -gcry_error_t +gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, const char *buffer, size_t length) { - return _gcry_sexp_sscan (retsexp, erroff, buffer, length); + return gpg_error (_gcry_sexp_sscan (retsexp, erroff, buffer, length)); } -gcry_error_t +gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff, const char *format, ...) { - gcry_error_t err; + gcry_err_code_t rc; va_list arg_ptr; - + va_start (arg_ptr, format); - err = _gcry_sexp_vbuild (retsexp, erroff, format, arg_ptr); + rc = _gcry_sexp_vbuild (retsexp, erroff, format, arg_ptr); va_end (arg_ptr); - return err; + return gpg_error (rc); } -gcry_error_t +gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, const char *format, void **arg_list) { - return _gcry_sexp_build_array (retsexp, erroff, format, arg_list); + return gpg_error (_gcry_sexp_build_array (retsexp, erroff, format, arg_list)); } -void +void gcry_sexp_release (gcry_sexp_t sexp) { _gcry_sexp_release (sexp); } -size_t -gcry_sexp_canon_len (const unsigned char *buffer, size_t length, +size_t +gcry_sexp_canon_len (const unsigned char *buffer, size_t length, size_t *erroff, gcry_error_t *errcode) { - return _gcry_sexp_canon_len (buffer, length, erroff, errcode); + size_t n; + gpg_err_code_t rc; + + n = _gcry_sexp_canon_len (buffer, length, erroff, &rc); + if (errcode) + *errcode = gpg_error (rc); + return n; } -size_t +size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer, size_t maxlength) { return _gcry_sexp_sprint (sexp, mode, buffer, maxlength); } -void +void gcry_sexp_dump (const gcry_sexp_t a) { _gcry_sexp_dump (a); @@ -225,6 +232,12 @@ gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen) return _gcry_sexp_nth_data (list, number, datalen); } +void * +gcry_sexp_nth_buffer (const gcry_sexp_t list, int number, size_t *rlength) +{ + return _gcry_sexp_nth_buffer (list, number, rlength); +} + char * gcry_sexp_nth_string (gcry_sexp_t list, int number) { @@ -237,6 +250,21 @@ gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt) return _gcry_sexp_nth_mpi (list, number, mpifmt); } +gpg_error_t +gcry_sexp_extract_param (gcry_sexp_t sexp, const char *path, + const char *list, ...) +{ + gcry_err_code_t rc; + va_list arg_ptr; + + va_start (arg_ptr, list); + rc = _gcry_sexp_vextract_param (sexp, path, list, arg_ptr); + va_end (arg_ptr); + return gpg_error (rc); +} + + + gcry_mpi_t gcry_mpi_new (unsigned int nbits) { @@ -249,7 +277,7 @@ gcry_mpi_snew (unsigned int nbits) return _gcry_mpi_snew (nbits); } -void +void gcry_mpi_release (gcry_mpi_t a) { _gcry_mpi_release (a); @@ -261,6 +289,12 @@ gcry_mpi_copy (const gcry_mpi_t a) return _gcry_mpi_copy (a); } +void +gcry_mpi_snatch (gcry_mpi_t w, const gcry_mpi_t u) +{ + return _gcry_mpi_snatch (w, u); +} + gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u) { @@ -273,6 +307,12 @@ gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u) return _gcry_mpi_set_ui (w, u); } +gcry_error_t +gcry_mpi_get_ui (gcry_mpi_t w, unsigned long *u) +{ + return gpg_error (_gcry_mpi_get_ui (w, u)); +} + void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b) { @@ -280,6 +320,24 @@ gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b) } int +gcry_mpi_is_neg (gcry_mpi_t a) +{ + return _gcry_mpi_is_neg (a); +} + +void +gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u) +{ + _gcry_mpi_neg (w, u); +} + +void +gcry_mpi_abs (gcry_mpi_t w) +{ + _gcry_mpi_abs (w); +} + +int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v) { return _gcry_mpi_cmp (u, v); @@ -293,10 +351,10 @@ gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v) gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, - const void *buffer, size_t buflen, + const void *buffer, size_t buflen, size_t *nscanned) { - return _gcry_mpi_scan (ret_mpi, format, buffer, buflen, nscanned); + return gpg_error (_gcry_mpi_scan (ret_mpi, format, buffer, buflen, nscanned)); } gcry_error_t @@ -305,7 +363,7 @@ gcry_mpi_print (enum gcry_mpi_format format, size_t *nwritten, const gcry_mpi_t a) { - return _gcry_mpi_print (format, buffer, buflen, nwritten, a); + return gpg_error (_gcry_mpi_print (format, buffer, buflen, nwritten, a)); } gcry_error_t @@ -313,13 +371,13 @@ gcry_mpi_aprint (enum gcry_mpi_format format, unsigned char **buffer, size_t *nwritten, const gcry_mpi_t a) { - return _gcry_mpi_aprint (format, buffer, nwritten, a); + return gpg_error (_gcry_mpi_aprint (format, buffer, nwritten, a)); } void gcry_mpi_dump (const gcry_mpi_t a) { - _gcry_mpi_dump (a); + _gcry_log_printmpi (NULL, a); } void @@ -414,6 +472,114 @@ gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m) return _gcry_mpi_invm (x, a, m); } +gcry_mpi_point_t +gcry_mpi_point_new (unsigned int nbits) +{ + return _gcry_mpi_point_new (nbits); +} + +void +gcry_mpi_point_release (gcry_mpi_point_t point) +{ + _gcry_mpi_point_release (point); +} + +void +gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point) +{ + _gcry_mpi_point_get (x, y, z, point); +} + +void +gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + gcry_mpi_point_t point) +{ + _gcry_mpi_point_snatch_get (x, y, z, point); +} + +gcry_mpi_point_t +gcry_mpi_point_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z) +{ + return _gcry_mpi_point_set (point, x, y, z); +} + +gcry_mpi_point_t +gcry_mpi_point_snatch_set (gcry_mpi_point_t point, + gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z) +{ + return _gcry_mpi_point_snatch_set (point, x, y, z); +} + +gpg_error_t +gcry_mpi_ec_new (gcry_ctx_t *r_ctx, + gcry_sexp_t keyparam, const char *curvename) +{ + return gpg_error (_gcry_mpi_ec_new (r_ctx, keyparam, curvename)); +} + +gcry_mpi_t +gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy) +{ + return _gcry_mpi_ec_get_mpi (name, ctx, copy); +} + +gcry_mpi_point_t +gcry_mpi_ec_get_point (const char *name, gcry_ctx_t ctx, int copy) +{ + return _gcry_mpi_ec_get_point (name, ctx, copy); +} + +gpg_error_t +gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue, gcry_ctx_t ctx) +{ + return gpg_error (_gcry_mpi_ec_set_mpi (name, newvalue, ctx)); +} + +gpg_error_t +gcry_mpi_ec_set_point (const char *name, gcry_mpi_point_t newvalue, + gcry_ctx_t ctx) +{ + return gpg_error (_gcry_mpi_ec_set_point (name, newvalue, ctx)); +} + +int +gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_point_t point, + gcry_ctx_t ctx) +{ + return _gcry_mpi_ec_get_affine (x, y, point, + _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC)); +} + +void +gcry_mpi_ec_dup (gcry_mpi_point_t w, gcry_mpi_point_t u, gcry_ctx_t ctx) +{ + _gcry_mpi_ec_dup_point (w, u, _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC)); +} + +void +gcry_mpi_ec_add (gcry_mpi_point_t w, + gcry_mpi_point_t u, gcry_mpi_point_t v, gcry_ctx_t ctx) +{ + _gcry_mpi_ec_add_points (w, u, v, + _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC)); +} + +void +gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u, + gcry_ctx_t ctx) +{ + _gcry_mpi_ec_mul_point (w, n, u, + _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC)); +} + +int +gcry_mpi_ec_curve_point (gcry_mpi_point_t point, gcry_ctx_t ctx) +{ + return _gcry_mpi_ec_curve_point + (point, _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC)); +} unsigned int gcry_mpi_get_nbits (gcry_mpi_t a) @@ -469,6 +635,12 @@ gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits) return _gcry_mpi_set_opaque (a, p, nbits); } +gcry_mpi_t +gcry_mpi_set_opaque_copy (gcry_mpi_t a, const void *p, unsigned int nbits) +{ + return _gcry_mpi_set_opaque_copy (a, p, nbits); +} + void * gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits) { @@ -493,6 +665,20 @@ gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag) return _gcry_mpi_get_flag (a, flag); } +gcry_mpi_t +_gcry_mpi_get_const (int no) +{ + switch (no) + { + case 1: return _gcry_mpi_const (MPI_C_ONE); + case 2: return _gcry_mpi_const (MPI_C_TWO); + case 3: return _gcry_mpi_const (MPI_C_THREE); + case 4: return _gcry_mpi_const (MPI_C_FOUR); + case 8: return _gcry_mpi_const (MPI_C_EIGHT); + default: log_bug("unsupported GCRYMPI_CONST_ macro used\n"); + } +} + gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle, int algo, int mode, unsigned int flags) @@ -503,7 +689,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle, return gpg_error (fips_not_operational ()); } - return _gcry_cipher_open (handle, algo, mode, flags); + return gpg_error (_gcry_cipher_open (handle, algo, mode, flags)); } void @@ -518,7 +704,7 @@ gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_setkey (hd, key, keylen); + return gcry_error (_gcry_cipher_setkey (hd, key, keylen)); } gcry_error_t @@ -527,7 +713,7 @@ gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_setiv (hd, iv, ivlen); + return gcry_error (_gcry_cipher_setiv (hd, iv, ivlen)); } gpg_error_t @@ -536,7 +722,34 @@ gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_setctr (hd, ctr, ctrlen); + return gcry_error (_gcry_cipher_setctr (hd, ctr, ctrlen)); +} + +gcry_error_t +gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf, size_t abuflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_cipher_authenticate (hd, abuf, abuflen)); +} + +gcry_error_t +gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, size_t taglen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_cipher_gettag (hd, outtag, taglen)); +} + +gcry_error_t +gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_cipher_checktag (hd, intag, taglen)); } @@ -546,13 +759,13 @@ gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_ctl (h, cmd, buffer, buflen); + return gpg_error (_gcry_cipher_ctl (h, cmd, buffer, buflen)); } gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer, size_t *nbytes) { - return _gcry_cipher_info (h, what, buffer, nbytes); + return gpg_error (_gcry_cipher_info (h, what, buffer, nbytes)); } gcry_error_t @@ -561,7 +774,7 @@ gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_algo_info (algo, what, buffer, nbytes); + return gpg_error (_gcry_cipher_algo_info (algo, what, buffer, nbytes)); } const char * @@ -591,11 +804,11 @@ gcry_cipher_encrypt (gcry_cipher_hd_t h, { /* Make sure that the plaintext will never make it to OUT. */ if (out) - memset (out, 0x42, outsize); + memset (out, 0x42, outsize); return gpg_error (fips_not_operational ()); } - return _gcry_cipher_encrypt (h, out, outsize, in, inlen); + return gpg_error (_gcry_cipher_encrypt (h, out, outsize, in, inlen)); } gcry_error_t @@ -606,7 +819,7 @@ gcry_cipher_decrypt (gcry_cipher_hd_t h, if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_cipher_decrypt (h, out, outsize, in, inlen); + return gpg_error (_gcry_cipher_decrypt (h, out, outsize, in, inlen)); } size_t @@ -622,9 +835,109 @@ gcry_cipher_get_algo_blklen (int algo) } gcry_error_t -gcry_cipher_list (int *list, int *list_length) +gcry_mac_algo_info (int algo, int what, void *buffer, size_t *nbytes) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_algo_info (algo, what, buffer, nbytes)); +} + +const char * +gcry_mac_algo_name (int algorithm) +{ + return _gcry_mac_algo_name (algorithm); +} + +int +gcry_mac_map_name (const char *string) +{ + return _gcry_mac_map_name (string); +} + +unsigned int +gcry_mac_get_algo_maclen (int algo) +{ + return _gcry_mac_get_algo_maclen (algo); +} + +unsigned int +gcry_mac_get_algo_keylen (int algo) { - return _gcry_cipher_list (list, list_length); + return _gcry_mac_get_algo_keylen (algo); +} + +gcry_error_t +gcry_mac_open (gcry_mac_hd_t *handle, int algo, unsigned int flags, + gcry_ctx_t ctx) +{ + if (!fips_is_operational ()) + { + *handle = NULL; + return gpg_error (fips_not_operational ()); + } + + return gpg_error (_gcry_mac_open (handle, algo, flags, ctx)); +} + +void +gcry_mac_close (gcry_mac_hd_t hd) +{ + _gcry_mac_close (hd); +} + +gcry_error_t +gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_setkey (hd, key, keylen)); +} + +gcry_error_t +gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, size_t ivlen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_setiv (hd, iv, ivlen)); +} + +gcry_error_t +gcry_mac_write (gcry_mac_hd_t hd, const void *buf, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_write (hd, buf, buflen)); +} + +gcry_error_t +gcry_mac_read (gcry_mac_hd_t hd, void *outbuf, size_t *outlen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_read (hd, outbuf, outlen)); +} + +gcry_error_t +gcry_mac_verify (gcry_mac_hd_t hd, const void *buf, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_verify (hd, buf, buflen)); +} + +gcry_error_t +gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return gpg_error (_gcry_mac_ctl (h, cmd, buffer, buflen)); } gcry_error_t @@ -635,7 +948,7 @@ gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey) *result = NULL; return gpg_error (fips_not_operational ()); } - return _gcry_pk_encrypt (result, data, pkey); + return gpg_error (_gcry_pk_encrypt (result, data, pkey)); } gcry_error_t @@ -646,7 +959,7 @@ gcry_pk_decrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey) *result = NULL; return gpg_error (fips_not_operational ()); } - return _gcry_pk_decrypt (result, data, skey); + return gpg_error (_gcry_pk_decrypt (result, data, skey)); } gcry_error_t @@ -657,7 +970,7 @@ gcry_pk_sign (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey) *result = NULL; return gpg_error (fips_not_operational ()); } - return _gcry_pk_sign (result, data, skey); + return gpg_error (_gcry_pk_sign (result, data, skey)); } gcry_error_t @@ -665,7 +978,7 @@ gcry_pk_verify (gcry_sexp_t sigval, gcry_sexp_t data, gcry_sexp_t pkey) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_pk_verify (sigval, data, pkey); + return gpg_error (_gcry_pk_verify (sigval, data, pkey)); } gcry_error_t @@ -673,7 +986,7 @@ gcry_pk_testkey (gcry_sexp_t key) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_pk_testkey (key); + return gpg_error (_gcry_pk_testkey (key)); } gcry_error_t @@ -684,13 +997,13 @@ gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms) *r_key = NULL; return gpg_error (fips_not_operational ()); } - return _gcry_pk_genkey (r_key, s_parms); + return gpg_error (_gcry_pk_genkey (r_key, s_parms)); } gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen) { - return _gcry_pk_ctl (cmd, buffer, buflen); + return gpg_error (_gcry_pk_ctl (cmd, buffer, buflen)); } gcry_error_t @@ -699,7 +1012,7 @@ gcry_pk_algo_info (int algo, int what, void *buffer, size_t *nbytes) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_pk_algo_info (algo, what, buffer, nbytes); + return gpg_error (_gcry_pk_algo_info (algo, what, buffer, nbytes)); } const char * @@ -737,10 +1050,37 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array) return _gcry_pk_get_keygrip (key, array); } +const char * +gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits) +{ + if (!fips_is_operational ()) + { + (void)fips_not_operational (); + return NULL; + } + return _gcry_pk_get_curve (key, iterator, r_nbits); +} + +gcry_sexp_t +gcry_pk_get_param (int algo, const char *name) +{ + if (!fips_is_operational ()) + { + (void)fips_not_operational (); + return NULL; + } + return _gcry_pk_get_param (algo, name); +} + gcry_error_t -gcry_pk_list (int *list, int *list_length) +gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp, int mode, gcry_ctx_t ctx) { - return _gcry_pk_list (list, list_length); + if (!fips_is_operational ()) + { + *r_sexp = NULL; + return gpg_error (fips_not_operational ()); + } + return gpg_error (_gcry_pubkey_get_sexp (r_sexp, mode, ctx)); } gcry_error_t @@ -752,10 +1092,10 @@ gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags) return gpg_error (fips_not_operational ()); } - return _gcry_md_open (h, algo, flags); + return gpg_error (_gcry_md_open (h, algo, flags)); } -void +void gcry_md_close (gcry_md_hd_t hd) { _gcry_md_close (hd); @@ -766,7 +1106,7 @@ gcry_md_enable (gcry_md_hd_t hd, int algo) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_md_enable (hd, algo); + return gpg_error (_gcry_md_enable (hd, algo)); } gcry_error_t @@ -777,7 +1117,7 @@ gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd) *bhd = NULL; return gpg_error (fips_not_operational ()); } - return _gcry_md_copy (bhd, ahd); + return gpg_error (_gcry_md_copy (bhd, ahd)); } void @@ -791,7 +1131,7 @@ gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_md_ctl (hd, cmd, buffer, buflen); + return gpg_error (_gcry_md_ctl (hd, cmd, buffer, buflen)); } void @@ -811,7 +1151,7 @@ gcry_md_read (gcry_md_hd_t hd, int algo) return _gcry_md_read (hd, algo); } -void +void gcry_md_hash_buffer (int algo, void *digest, const void *buffer, size_t length) { @@ -823,6 +1163,18 @@ gcry_md_hash_buffer (int algo, void *digest, _gcry_md_hash_buffer (algo, digest, buffer, length); } +gpg_error_t +gcry_md_hash_buffers (int algo, unsigned int flags, void *digest, + const gcry_buffer_t *iov, int iovcnt) +{ + if (!fips_is_operational ()) + { + (void)fips_not_operational (); + fips_signal_error ("called in non-operational state"); + } + return gpg_error (_gcry_md_hash_buffers (algo, flags, digest, iov, iovcnt)); +} + int gcry_md_get_algo (gcry_md_hd_t hd) { @@ -865,13 +1217,13 @@ gcry_md_info (gcry_md_hd_t h, int what, void *buffer, size_t *nbytes) if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_md_info (h, what, buffer, nbytes); + return gpg_error (_gcry_md_info (h, what, buffer, nbytes)); } gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes) { - return _gcry_md_algo_info (algo, what, buffer, nbytes); + return gpg_error (_gcry_md_algo_info (algo, what, buffer, nbytes)); } const char * @@ -891,7 +1243,7 @@ gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_md_setkey (hd, key, keylen); + return gpg_error (_gcry_md_setkey (hd, key, keylen)); } void @@ -900,292 +1252,16 @@ gcry_md_debug (gcry_md_hd_t hd, const char *suffix) _gcry_md_debug (hd, suffix); } -gcry_error_t -gcry_md_list (int *list, int *list_length) -{ - return _gcry_md_list (list, list_length); -} - -gcry_error_t -gcry_ac_data_new (gcry_ac_data_t *data) -{ - return _gcry_ac_data_new (data); -} - -void -gcry_ac_data_destroy (gcry_ac_data_t data) -{ - _gcry_ac_data_destroy (data); -} - -gcry_error_t -gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data) -{ - return _gcry_ac_data_copy (data_cp, data); -} - -unsigned int -gcry_ac_data_length (gcry_ac_data_t data) -{ - return _gcry_ac_data_length (data); -} - -void -gcry_ac_data_clear (gcry_ac_data_t data) -{ - _gcry_ac_data_clear (data); -} - -gcry_error_t -gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t mpi) -{ - return _gcry_ac_data_set (data, flags, name, mpi); -} - -gcry_error_t -gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags, - const char *name, gcry_mpi_t *mpi) -{ - return _gcry_ac_data_get_name (data, flags, name, mpi); -} - -gcry_error_t -gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags, - unsigned int idx, const char **name, gcry_mpi_t *mpi) -{ - return _gcry_ac_data_get_index (data, flags, idx, name, mpi); -} - -gcry_error_t -gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp, - const char **identifiers) -{ - return _gcry_ac_data_to_sexp (data, sexp, identifiers); -} - -gcry_error_t -gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp, - const char **identifiers) -{ - return _gcry_ac_data_from_sexp (data, sexp, identifiers); -} - -void -gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, ...) -{ - va_list arg_ptr; - - va_start (arg_ptr, type); - _gcry_ac_io_init_va (ac_io, mode, type, arg_ptr); - va_end (arg_ptr); -} - -void -gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode, - gcry_ac_io_type_t type, va_list ap) -{ - _gcry_ac_io_init_va (ac_io, mode, type, ap); -} - -gcry_error_t -gcry_ac_open (gcry_ac_handle_t *handle, - gcry_ac_id_t algorithm, unsigned int flags) -{ - return _gcry_ac_open (handle, algorithm, flags); -} - -void -gcry_ac_close (gcry_ac_handle_t handle) -{ - _gcry_ac_close (handle); -} - -gcry_error_t -gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle, - gcry_ac_key_type_t type, gcry_ac_data_t data) -{ - return _gcry_ac_key_init (key, handle, type, data); -} - -gcry_error_t -gcry_ac_key_pair_generate (gcry_ac_handle_t handle, - unsigned int nbits, void *spec, - gcry_ac_key_pair_t *key_pair, - gcry_mpi_t **miscdata) -{ - return _gcry_ac_key_pair_generate ( handle, nbits, spec, key_pair, miscdata); -} - -gcry_ac_key_t -gcry_ac_key_pair_extract (gcry_ac_key_pair_t keypair, gcry_ac_key_type_t which) -{ - return _gcry_ac_key_pair_extract (keypair, which); -} - -gcry_ac_data_t -gcry_ac_key_data_get (gcry_ac_key_t key) -{ - return _gcry_ac_key_data_get (key); -} - -gcry_error_t -gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key) -{ - return _gcry_ac_key_test (handle, key); -} - -gcry_error_t -gcry_ac_key_get_nbits (gcry_ac_handle_t handle, - gcry_ac_key_t key, unsigned int *nbits) -{ - return _gcry_ac_key_get_nbits (handle, key, nbits); -} - -gcry_error_t -gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key, - unsigned char *key_grip) -{ - return _gcry_ac_key_get_grip (handle, key, key_grip); -} - -void -gcry_ac_key_destroy (gcry_ac_key_t key) -{ - _gcry_ac_key_destroy (key); -} - -void -gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair) -{ - _gcry_ac_key_pair_destroy (key_pair); -} - -gcry_error_t -gcry_ac_data_encode (gcry_ac_em_t method, unsigned int flags, void *options, - gcry_ac_io_t *io_read, gcry_ac_io_t *io_write) -{ - return _gcry_ac_data_encode (method, flags, options, io_read, io_write); -} - -gcry_error_t -gcry_ac_data_decode (gcry_ac_em_t method, unsigned int flags, void *options, - gcry_ac_io_t *io_read, gcry_ac_io_t *io_write) -{ - return _gcry_ac_data_decode (method, flags, options, io_read, io_write); -} - -gcry_error_t -gcry_ac_data_encrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t data_plain, - gcry_ac_data_t *data_encrypted) -{ - return _gcry_ac_data_encrypt (handle, flags, key, - data_plain, data_encrypted); -} - -gcry_error_t -gcry_ac_data_decrypt (gcry_ac_handle_t handle, - unsigned int flags, - gcry_ac_key_t key, - gcry_mpi_t *data_plain, - gcry_ac_data_t data_encrypted) -{ - return _gcry_ac_data_decrypt (handle, flags, key, - data_plain, data_encrypted); -} - -gcry_error_t -gcry_ac_data_sign (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t *data_signature) -{ - return _gcry_ac_data_sign (handle, key, data, data_signature); -} - -gcry_error_t -gcry_ac_data_verify (gcry_ac_handle_t handle, - gcry_ac_key_t key, - gcry_mpi_t data, - gcry_ac_data_t data_signature) -{ - return _gcry_ac_data_verify (handle, key, data, data_signature); -} - -gcry_error_t -gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_cipher) -{ - return _gcry_ac_data_encrypt_scheme (handle, scheme, flags, opts, key, - io_message, io_cipher); -} - -gcry_error_t -gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_cipher, - gcry_ac_io_t *io_message) -{ - return _gcry_ac_data_decrypt_scheme (handle, scheme, flags, opts, key, - io_cipher, io_message); -} - -gcry_error_t -gcry_ac_data_sign_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature) -{ - return _gcry_ac_data_sign_scheme (handle, scheme, flags, opts, key, - io_message, io_signature); -} - -gcry_error_t -gcry_ac_data_verify_scheme (gcry_ac_handle_t handle, - gcry_ac_scheme_t scheme, - unsigned int flags, void *opts, - gcry_ac_key_t key, - gcry_ac_io_t *io_message, - gcry_ac_io_t *io_signature) -{ - return _gcry_ac_data_verify_scheme (handle, scheme, flags, opts, key, - io_message, io_signature); -} - -gcry_error_t -gcry_ac_id_to_name (gcry_ac_id_t algorithm, const char **name) -{ - /* This function is deprecated. We implement it in terms of the - suggested replacement. */ - const char *tmp = _gcry_pk_algo_name (algorithm); - if (!*tmp) - return gcry_error (GPG_ERR_PUBKEY_ALGO); - *name = tmp; - return 0; -} - -gcry_error_t -gcry_ac_name_to_id (const char *name, gcry_ac_id_t *algorithm) +gpg_error_t +gcry_kdf_derive (const void *passphrase, size_t passphraselen, + int algo, int hashalgo, + const void *salt, size_t saltlen, + unsigned long iterations, + size_t keysize, void *keybuffer) { - /* This function is deprecated. We implement it in terms of the - suggested replacement. */ - int algo = _gcry_pk_map_name (name); - if (!algo) - return gcry_error (GPG_ERR_PUBKEY_ALGO); - *algorithm = algo; - return 0; + return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo, + salt, saltlen, iterations, + keysize, keybuffer)); } void @@ -1195,7 +1271,7 @@ gcry_randomize (void *buffer, size_t length, enum gcry_random_level level) { (void)fips_not_operational (); fips_signal_fatal_error ("called in non-operational state"); - fips_noreturn (); + fips_noreturn (); } _gcry_randomize (buffer, length, level); } @@ -1205,7 +1281,7 @@ gcry_random_add_bytes (const void *buffer, size_t length, int quality) { if (!fips_is_operational ()) return gpg_error (fips_not_operational ()); - return _gcry_random_add_bytes (buffer, length, quality); + return gpg_error (_gcry_random_add_bytes (buffer, length, quality)); } void * @@ -1215,7 +1291,7 @@ gcry_random_bytes (size_t nbytes, enum gcry_random_level level) { (void)fips_not_operational (); fips_signal_fatal_error ("called in non-operational state"); - fips_noreturn (); + fips_noreturn (); } return _gcry_random_bytes (nbytes,level); @@ -1228,7 +1304,7 @@ gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level) { (void)fips_not_operational (); fips_signal_fatal_error ("called in non-operational state"); - fips_noreturn (); + fips_noreturn (); } return _gcry_random_bytes_secure (nbytes, level); @@ -1248,7 +1324,7 @@ gcry_create_nonce (void *buffer, size_t length) { (void)fips_not_operational (); fips_signal_fatal_error ("called in non-operational state"); - fips_noreturn (); + fips_noreturn (); } _gcry_create_nonce (buffer, length); } @@ -1263,8 +1339,9 @@ gcry_prime_generate (gcry_mpi_t *prime, gcry_random_level_t random_level, unsigned int flags) { - return _gcry_prime_generate (prime, prime_bits, factor_bits, factors, - cb_func, cb_arg, random_level, flags); + return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits, + factors, cb_func, cb_arg, + random_level, flags)); } gcry_error_t @@ -1272,7 +1349,7 @@ gcry_prime_group_generator (gcry_mpi_t *r_g, gcry_mpi_t prime, gcry_mpi_t *factors, gcry_mpi_t start_g) { - return _gcry_prime_group_generator (r_g, prime, factors, start_g); + return gpg_error (_gcry_prime_group_generator (r_g, prime, factors, start_g)); } void @@ -1284,7 +1361,49 @@ gcry_prime_release_factors (gcry_mpi_t *factors) gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags) { - return _gcry_prime_check (x, flags); + return gpg_error (_gcry_prime_check (x, flags)); +} + +void +gcry_ctx_release (gcry_ctx_t ctx) +{ + _gcry_ctx_release (ctx); +} + +void +gcry_log_debug (const char *fmt, ...) +{ + va_list arg_ptr ; + + va_start( arg_ptr, fmt ) ; + _gcry_logv (GCRY_LOG_DEBUG, fmt, arg_ptr); + va_end (arg_ptr); +} + +void +gcry_log_debughex (const char *text, const void *buffer, size_t length) +{ + _gcry_log_printhex (text, buffer, length); +} + +void +gcry_log_debugmpi (const char *text, gcry_mpi_t mpi) +{ + _gcry_log_printmpi (text, mpi); +} + +void +gcry_log_debugpnt (const char *text, mpi_point_t point, gcry_ctx_t ctx) +{ + mpi_ec_t ec = ctx? _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC) : NULL; + + _gcry_mpi_point_log (text, point, ec); +} + +void +gcry_log_debugsxp (const char *text, gcry_sexp_t sexp) +{ + _gcry_log_printsxp (text, sexp); } void @@ -1411,43 +1530,3 @@ gcry_is_secure (const void *a) { return _gcry_is_secure (a); } - - -gcry_error_t -gcry_cipher_register (gcry_cipher_spec_t *cipher, int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_cipher_register (cipher, NULL, algorithm_id, module); -} - -void -gcry_cipher_unregister (gcry_module_t module) -{ - _gcry_cipher_unregister (module); -} - -gcry_error_t -gcry_pk_register (gcry_pk_spec_t *pubkey, unsigned int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_pk_register (pubkey, NULL, algorithm_id, module); -} - -void -gcry_pk_unregister (gcry_module_t module) -{ - _gcry_pk_unregister (module); -} - -gcry_error_t -gcry_md_register (gcry_md_spec_t *digest, unsigned int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_md_register (digest, NULL, algorithm_id, module); -} - -void -gcry_md_unregister (gcry_module_t module) -{ - _gcry_md_unregister (module); -} diff --git a/plugins/MirOTR/Libgcrypt/src/visibility.h b/plugins/MirOTR/Libgcrypt/src/visibility.h index a11e5474fd..4127a43258 100644 --- a/plugins/MirOTR/Libgcrypt/src/visibility.h +++ b/plugins/MirOTR/Libgcrypt/src/visibility.h @@ -22,212 +22,6 @@ /* Redefine all public symbols with an underscore unless we already use the underscore prefixed version internally. */ -#define gcry_check_version _gcry_check_version -#define gcry_control _gcry_control - -#define gcry_set_allocation_handler _gcry_set_allocation_handler -#define gcry_set_fatalerror_handler _gcry_set_fatalerror_handler -#define gcry_set_gettext_handler _gcry_set_gettext_handler -#define gcry_set_log_handler _gcry_set_log_handler -#define gcry_set_outofcore_handler _gcry_set_outofcore_handler -#define gcry_set_progress_handler _gcry_set_progress_handler -#define gcry_err_code_from_errno _gcry_err_code_from_errno -#define gcry_err_code_to_errno _gcry_err_code_to_errno -#define gcry_err_make_from_errno _gcry_err_make_from_errno -#define gcry_error_from_errno _gcry_error_from_errno -#define gcry_strerror _gcry_strerror -#define gcry_strsource _gcry_strsource - -#define gcry_free _gcry_free -#define gcry_malloc _gcry_malloc -#define gcry_malloc_secure _gcry_malloc_secure -#define gcry_calloc _gcry_calloc -#define gcry_calloc_secure _gcry_calloc_secure -#define gcry_realloc _gcry_realloc -#define gcry_strdup _gcry_strdup -#define gcry_is_secure _gcry_is_secure -#define gcry_xcalloc _gcry_xcalloc -#define gcry_xcalloc_secure _gcry_xcalloc_secure -#define gcry_xmalloc _gcry_xmalloc -#define gcry_xmalloc_secure _gcry_xmalloc_secure -#define gcry_xrealloc _gcry_xrealloc -#define gcry_xstrdup _gcry_xstrdup - -#define gcry_md_algo_info _gcry_md_algo_info -#define gcry_md_algo_name _gcry_md_algo_name -#define gcry_md_close _gcry_md_close -#define gcry_md_copy _gcry_md_copy -#define gcry_md_ctl _gcry_md_ctl -#define gcry_md_enable _gcry_md_enable -#define gcry_md_get _gcry_md_get -#define gcry_md_get_algo _gcry_md_get_algo -#define gcry_md_get_algo_dlen _gcry_md_get_algo_dlen -#define gcry_md_hash_buffer _gcry_md_hash_buffer -#define gcry_md_info _gcry_md_info -#define gcry_md_is_enabled _gcry_md_is_enabled -#define gcry_md_is_secure _gcry_md_is_secure -#define gcry_md_list _gcry_md_list -#define gcry_md_map_name _gcry_md_map_name -#define gcry_md_open _gcry_md_open -#define gcry_md_read _gcry_md_read -/* gcry_md_register and _gcry_md_register differ. */ -#define gcry_md_unregister _gcry_md_unregister -#define gcry_md_reset _gcry_md_reset -#define gcry_md_setkey _gcry_md_setkey -#define gcry_md_write _gcry_md_write -#define gcry_md_debug _gcry_md_debug - -#define gcry_cipher_algo_info _gcry_cipher_algo_info -#define gcry_cipher_algo_name _gcry_cipher_algo_name -#define gcry_cipher_close _gcry_cipher_close -#define gcry_cipher_setkey _gcry_cipher_setkey -#define gcry_cipher_setiv _gcry_cipher_setiv -#define gcry_cipher_setctr _gcry_cipher_setctr -#define gcry_cipher_ctl _gcry_cipher_ctl -#define gcry_cipher_decrypt _gcry_cipher_decrypt -#define gcry_cipher_encrypt _gcry_cipher_encrypt -#define gcry_cipher_get_algo_blklen _gcry_cipher_get_algo_blklen -#define gcry_cipher_get_algo_keylen _gcry_cipher_get_algo_keylen -#define gcry_cipher_info _gcry_cipher_info -#define gcry_cipher_list _gcry_cipher_list -#define gcry_cipher_map_name _gcry_cipher_map_name -#define gcry_cipher_mode_from_oid _gcry_cipher_mode_from_oid -#define gcry_cipher_open _gcry_cipher_open -/* gcry_cipher_register and _gcry_cipher_register differ. */ -#define gcry_cipher_unregister _gcry_cipher_unregister - -#define gcry_pk_algo_info _gcry_pk_algo_info -#define gcry_pk_algo_name _gcry_pk_algo_name -#define gcry_pk_ctl _gcry_pk_ctl -#define gcry_pk_decrypt _gcry_pk_decrypt -#define gcry_pk_encrypt _gcry_pk_encrypt -#define gcry_pk_genkey _gcry_pk_genkey -#define gcry_pk_get_keygrip _gcry_pk_get_keygrip -#define gcry_pk_get_nbits _gcry_pk_get_nbits -#define gcry_pk_list _gcry_pk_list -#define gcry_pk_map_name _gcry_pk_map_name -/* gcry_pk_register and _gcry_pk_register differ. */ -#define gcry_pk_unregister _gcry_pk_unregister -#define gcry_pk_sign _gcry_pk_sign -#define gcry_pk_testkey _gcry_pk_testkey -#define gcry_pk_verify _gcry_pk_verify - -#define gcry_ac_data_new _gcry_ac_data_new -#define gcry_ac_data_destroy _gcry_ac_data_destroy -#define gcry_ac_data_copy _gcry_ac_data_copy -#define gcry_ac_data_length _gcry_ac_data_length -#define gcry_ac_data_clear _gcry_ac_data_clear -#define gcry_ac_data_set _gcry_ac_data_set -#define gcry_ac_data_get_name _gcry_ac_data_get_name -#define gcry_ac_data_get_index _gcry_ac_data_get_index -#define gcry_ac_open _gcry_ac_open -#define gcry_ac_close _gcry_ac_close -#define gcry_ac_key_init _gcry_ac_key_init -#define gcry_ac_key_pair_generate _gcry_ac_key_pair_generate -#define gcry_ac_key_pair_extract _gcry_ac_key_pair_extract -#define gcry_ac_key_data_get _gcry_ac_key_data_get -#define gcry_ac_key_test _gcry_ac_key_test -#define gcry_ac_key_get_nbits _gcry_ac_key_get_nbits -#define gcry_ac_key_get_grip _gcry_ac_key_get_grip -#define gcry_ac_key_destroy _gcry_ac_key_destroy -#define gcry_ac_key_pair_destroy _gcry_ac_key_pair_destroy -#define gcry_ac_data_encrypt _gcry_ac_data_encrypt -#define gcry_ac_data_decrypt _gcry_ac_data_decrypt -#define gcry_ac_data_sign _gcry_ac_data_sign -#define gcry_ac_data_verify _gcry_ac_data_verify -#define gcry_ac_id_to_name _gcry_ac_id_to_name -#define gcry_ac_name_to_id _gcry_ac_name_to_id -#define gcry_ac_data_encode _gcry_ac_data_encode -#define gcry_ac_data_decode _gcry_ac_data_decode -#define gcry_ac_mpi_to_os _gcry_ac_mpi_to_os -#define gcry_ac_mpi_to_os_alloc _gcry_ac_mpi_to_os_alloc -#define gcry_ac_os_to_mpi _gcry_ac_os_to_mpi -#define gcry_ac_data_encrypt_scheme _gcry_ac_data_encrypt_scheme -#define gcry_ac_data_decrypt_scheme _gcry_ac_data_decrypt_scheme -#define gcry_ac_data_sign_scheme _gcry_ac_data_sign_scheme -#define gcry_ac_data_verify_scheme _gcry_ac_data_verify_scheme -#define gcry_ac_data_to_sexp _gcry_ac_data_to_sexp -#define gcry_ac_data_from_sexp _gcry_ac_data_from_sexp -#define gcry_ac_io_init _gcry_ac_io_init -#define gcry_ac_io_init_va _gcry_ac_io_init_va - -#define gcry_prime_check _gcry_prime_check -#define gcry_prime_generate _gcry_prime_generate -#define gcry_prime_group_generator _gcry_prime_group_generator -#define gcry_prime_release_factors _gcry_prime_release_factors - -#define gcry_random_add_bytes _gcry_random_add_bytes -#define gcry_random_bytes _gcry_random_bytes -#define gcry_random_bytes_secure _gcry_random_bytes_secure -#define gcry_randomize _gcry_randomize -#define gcry_create_nonce _gcry_create_nonce - -#define gcry_sexp_alist _gcry_sexp_alist -#define gcry_sexp_append _gcry_sexp_append -#define gcry_sexp_build _gcry_sexp_build -#define gcry_sexp_build_array _gcry_sexp_build_array -#define gcry_sexp_cadr _gcry_sexp_cadr -#define gcry_sexp_canon_len _gcry_sexp_canon_len -#define gcry_sexp_car _gcry_sexp_car -#define gcry_sexp_cdr _gcry_sexp_cdr -#define gcry_sexp_cons _gcry_sexp_cons -#define gcry_sexp_create _gcry_sexp_create -#define gcry_sexp_dump _gcry_sexp_dump -#define gcry_sexp_find_token _gcry_sexp_find_token -#define gcry_sexp_length _gcry_sexp_length -#define gcry_sexp_new _gcry_sexp_new -#define gcry_sexp_nth _gcry_sexp_nth -#define gcry_sexp_nth_data _gcry_sexp_nth_data -#define gcry_sexp_nth_mpi _gcry_sexp_nth_mpi -#define gcry_sexp_prepend _gcry_sexp_prepend -#define gcry_sexp_release _gcry_sexp_release -#define gcry_sexp_sprint _gcry_sexp_sprint -#define gcry_sexp_sscan _gcry_sexp_sscan -#define gcry_sexp_vlist _gcry_sexp_vlist -#define gcry_sexp_nth_string _gcry_sexp_nth_string - -#define gcry_mpi_add _gcry_mpi_add -#define gcry_mpi_add_ui _gcry_mpi_add_ui -#define gcry_mpi_addm _gcry_mpi_addm -#define gcry_mpi_aprint _gcry_mpi_aprint -#define gcry_mpi_clear_bit _gcry_mpi_clear_bit -#define gcry_mpi_clear_flag _gcry_mpi_clear_flag -#define gcry_mpi_clear_highbit _gcry_mpi_clear_highbit -#define gcry_mpi_cmp _gcry_mpi_cmp -#define gcry_mpi_cmp_ui _gcry_mpi_cmp_ui -#define gcry_mpi_copy _gcry_mpi_copy -#define gcry_mpi_div _gcry_mpi_div -#define gcry_mpi_dump _gcry_mpi_dump -#define gcry_mpi_gcd _gcry_mpi_gcd -#define gcry_mpi_get_flag _gcry_mpi_get_flag -#define gcry_mpi_get_nbits _gcry_mpi_get_nbits -#define gcry_mpi_get_opaque _gcry_mpi_get_opaque -#define gcry_mpi_invm _gcry_mpi_invm -#define gcry_mpi_mod _gcry_mpi_mod -#define gcry_mpi_mul _gcry_mpi_mul -#define gcry_mpi_mul_2exp _gcry_mpi_mul_2exp -#define gcry_mpi_mul_ui _gcry_mpi_mul_ui -#define gcry_mpi_mulm _gcry_mpi_mulm -#define gcry_mpi_new _gcry_mpi_new -#define gcry_mpi_powm _gcry_mpi_powm -#define gcry_mpi_print _gcry_mpi_print -#define gcry_mpi_randomize _gcry_mpi_randomize -#define gcry_mpi_release _gcry_mpi_release -#define gcry_mpi_rshift _gcry_mpi_rshift -#define gcry_mpi_lshift _gcry_mpi_lshift -#define gcry_mpi_scan _gcry_mpi_scan -#define gcry_mpi_set _gcry_mpi_set -#define gcry_mpi_set_bit _gcry_mpi_set_bit -#define gcry_mpi_set_flag _gcry_mpi_set_flag -#define gcry_mpi_set_highbit _gcry_mpi_set_highbit -#define gcry_mpi_set_opaque _gcry_mpi_set_opaque -#define gcry_mpi_set_ui _gcry_mpi_set_ui -#define gcry_mpi_snew _gcry_mpi_snew -#define gcry_mpi_sub _gcry_mpi_sub -#define gcry_mpi_sub_ui _gcry_mpi_sub_ui -#define gcry_mpi_subm _gcry_mpi_subm -#define gcry_mpi_swap _gcry_mpi_swap -#define gcry_mpi_test_bit _gcry_mpi_test_bit /* Include the main header here so that public symbols are mapped to @@ -236,469 +30,474 @@ /* We need to redeclare the deprecated functions without the deprecated attribute. */ # define GCRYPT_NO_DEPRECATED -# include "gcrypt.h" - gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm, const char **name); - gcry_error_t gcry_ac_name_to_id (const char *name, gcry_ac_id_t *algorithm); +# include "gcrypt-int.h" + /* None in this version. */ #else -# include "gcrypt.h" +# include "gcrypt-int.h" #endif /* Prototypes of functions exported but not ready for use. */ -gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, +gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, unsigned char *buffer, int buflen); -void gcry_ac_mpi_to_os (gcry_mpi_t mpi, unsigned char *os, size_t os_n); -gcry_error_t gcry_ac_mpi_to_os_alloc (gcry_mpi_t mpi, unsigned char **os, - size_t *os_n); -void gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n); - /* Our use of the ELF visibility feature works by passing -fvisibiliy=hidden on the command line and by explicitly marking - all exported functions as visible. + all exported functions as visible. NOTE: When adding new functions, please make sure to add them to libgcrypt.vers and libgcrypt.def as well. */ #ifdef _GCRY_INCLUDED_BY_VISIBILITY_C -/* A macro to flag a function as visible. Note that we take the - definition from the mapped name. */ +/* A macro to flag a function as visible. */ #ifdef GCRY_USE_VISIBILITY -# define MARK_VISIBLE(name) \ - extern __typeof__ (_##name) name __attribute__ ((visibility("default"))); # define MARK_VISIBLEX(name) \ extern __typeof__ (name) name __attribute__ ((visibility("default"))); #else -# define MARK_VISIBLE(name) /* */ # define MARK_VISIBLEX(name) /* */ #endif -/* First undef all redefined symbols so that we set the attribute on - the correct version name. */ -#undef gcry_check_version -#undef gcry_control - -#undef gcry_set_allocation_handler -#undef gcry_set_fatalerror_handler -#undef gcry_set_gettext_handler -#undef gcry_set_log_handler -#undef gcry_set_outofcore_handler -#undef gcry_set_progress_handler -#undef gcry_err_code_from_errno -#undef gcry_err_code_to_errno -#undef gcry_err_make_from_errno -#undef gcry_error_from_errno -#undef gcry_strerror -#undef gcry_strsource - -#undef gcry_free -#undef gcry_malloc -#undef gcry_malloc_secure -#undef gcry_calloc -#undef gcry_calloc_secure -#undef gcry_realloc -#undef gcry_strdup -#undef gcry_is_secure -#undef gcry_xcalloc -#undef gcry_xcalloc_secure -#undef gcry_xmalloc -#undef gcry_xmalloc_secure -#undef gcry_xrealloc -#undef gcry_xstrdup - -#undef gcry_md_algo_info -#undef gcry_md_algo_name -#undef gcry_md_close -#undef gcry_md_copy -#undef gcry_md_ctl -#undef gcry_md_enable -#undef gcry_md_get -#undef gcry_md_get_algo -#undef gcry_md_get_algo_dlen -#undef gcry_md_hash_buffer -#undef gcry_md_info -#undef gcry_md_is_enabled -#undef gcry_md_is_secure -#undef gcry_md_list -#undef gcry_md_map_name -#undef gcry_md_open -#undef gcry_md_read -/* gcry_md_register is not anymore a macro. */ -#undef gcry_md_unregister -#undef gcry_md_reset -#undef gcry_md_setkey -#undef gcry_md_write -#undef gcry_md_debug - -#undef gcry_cipher_algo_info -#undef gcry_cipher_algo_name -#undef gcry_cipher_close -#undef gcry_cipher_setkey -#undef gcry_cipher_setiv -#undef gcry_cipher_setctr -#undef gcry_cipher_ctl -#undef gcry_cipher_decrypt -#undef gcry_cipher_encrypt -#undef gcry_cipher_get_algo_blklen -#undef gcry_cipher_get_algo_keylen -#undef gcry_cipher_info -#undef gcry_cipher_list -#undef gcry_cipher_map_name -#undef gcry_cipher_mode_from_oid -#undef gcry_cipher_open -/* gcry_cipher_register is not anymore a macro. */ -#undef gcry_cipher_unregister - -#undef gcry_pk_algo_info -#undef gcry_pk_algo_name -#undef gcry_pk_ctl -#undef gcry_pk_decrypt -#undef gcry_pk_encrypt -#undef gcry_pk_genkey -#undef gcry_pk_get_keygrip -#undef gcry_pk_get_nbits -#undef gcry_pk_list -#undef gcry_pk_map_name -/* gcry_pk_register is not anymore a macro. */ -#undef gcry_pk_unregister -#undef gcry_pk_sign -#undef gcry_pk_testkey -#undef gcry_pk_verify - -#undef gcry_ac_data_new -#undef gcry_ac_data_destroy -#undef gcry_ac_data_copy -#undef gcry_ac_data_length -#undef gcry_ac_data_clear -#undef gcry_ac_data_set -#undef gcry_ac_data_get_name -#undef gcry_ac_data_get_index -#undef gcry_ac_open -#undef gcry_ac_close -#undef gcry_ac_key_init -#undef gcry_ac_key_pair_generate -#undef gcry_ac_key_pair_extract -#undef gcry_ac_key_data_get -#undef gcry_ac_key_test -#undef gcry_ac_key_get_nbits -#undef gcry_ac_key_get_grip -#undef gcry_ac_key_destroy -#undef gcry_ac_key_pair_destroy -#undef gcry_ac_data_encrypt -#undef gcry_ac_data_decrypt -#undef gcry_ac_data_sign -#undef gcry_ac_data_verify -#undef gcry_ac_id_to_name -#undef gcry_ac_name_to_id -#undef gcry_ac_data_encode -#undef gcry_ac_data_decode -#undef gcry_ac_mpi_to_os -#undef gcry_ac_mpi_to_os_alloc -#undef gcry_ac_os_to_mpi -#undef gcry_ac_data_encrypt_scheme -#undef gcry_ac_data_decrypt_scheme -#undef gcry_ac_data_sign_scheme -#undef gcry_ac_data_verify_scheme -#undef gcry_ac_data_to_sexp -#undef gcry_ac_data_from_sexp -#undef gcry_ac_io_init -#undef gcry_ac_io_init_va - -#undef gcry_prime_check -#undef gcry_prime_generate -#undef gcry_prime_group_generator -#undef gcry_prime_release_factors - -#undef gcry_random_add_bytes -#undef gcry_random_bytes -#undef gcry_random_bytes_secure -#undef gcry_randomize -#undef gcry_create_nonce - -#undef gcry_sexp_alist -#undef gcry_sexp_append -#undef gcry_sexp_build -#undef gcry_sexp_build_array -#undef gcry_sexp_cadr -#undef gcry_sexp_canon_len -#undef gcry_sexp_car -#undef gcry_sexp_cdr -#undef gcry_sexp_cons -#undef gcry_sexp_create -#undef gcry_sexp_dump -#undef gcry_sexp_find_token -#undef gcry_sexp_length -#undef gcry_sexp_new -#undef gcry_sexp_nth -#undef gcry_sexp_nth_data -#undef gcry_sexp_nth_mpi -#undef gcry_sexp_prepend -#undef gcry_sexp_release -#undef gcry_sexp_sprint -#undef gcry_sexp_sscan -#undef gcry_sexp_vlist -#undef gcry_sexp_nth_string - -#undef gcry_mpi_add -#undef gcry_mpi_add_ui -#undef gcry_mpi_addm -#undef gcry_mpi_aprint -#undef gcry_mpi_clear_bit -#undef gcry_mpi_clear_flag -#undef gcry_mpi_clear_highbit -#undef gcry_mpi_cmp -#undef gcry_mpi_cmp_ui -#undef gcry_mpi_copy -#undef gcry_mpi_div -#undef gcry_mpi_dump -#undef gcry_mpi_gcd -#undef gcry_mpi_get_flag -#undef gcry_mpi_get_nbits -#undef gcry_mpi_get_opaque -#undef gcry_mpi_invm -#undef gcry_mpi_mod -#undef gcry_mpi_mul -#undef gcry_mpi_mul_2exp -#undef gcry_mpi_mul_ui -#undef gcry_mpi_mulm -#undef gcry_mpi_new -#undef gcry_mpi_powm -#undef gcry_mpi_print -#undef gcry_mpi_randomize -#undef gcry_mpi_release -#undef gcry_mpi_rshift -#undef gcry_mpi_lshift -#undef gcry_mpi_scan -#undef gcry_mpi_set -#undef gcry_mpi_set_bit -#undef gcry_mpi_set_flag -#undef gcry_mpi_set_highbit -#undef gcry_mpi_set_opaque -#undef gcry_mpi_set_ui -#undef gcry_mpi_snew -#undef gcry_mpi_sub -#undef gcry_mpi_sub_ui -#undef gcry_mpi_subm -#undef gcry_mpi_swap -#undef gcry_mpi_test_bit - - /* Now mark all symbols. */ -MARK_VISIBLE (gcry_check_version) -MARK_VISIBLE (gcry_control) - -MARK_VISIBLE (gcry_set_allocation_handler) -MARK_VISIBLE (gcry_set_fatalerror_handler) -MARK_VISIBLE (gcry_set_gettext_handler) -MARK_VISIBLE (gcry_set_log_handler) -MARK_VISIBLE (gcry_set_outofcore_handler) -MARK_VISIBLE (gcry_set_progress_handler) -MARK_VISIBLE (gcry_err_code_from_errno) -MARK_VISIBLE (gcry_err_code_to_errno) -MARK_VISIBLE (gcry_err_make_from_errno) -MARK_VISIBLE (gcry_error_from_errno) -MARK_VISIBLE (gcry_strerror) -MARK_VISIBLE (gcry_strsource) - -MARK_VISIBLE (gcry_free) -MARK_VISIBLE (gcry_malloc) -MARK_VISIBLE (gcry_malloc_secure) -MARK_VISIBLE (gcry_calloc) -MARK_VISIBLE (gcry_calloc_secure) -MARK_VISIBLE (gcry_realloc) -MARK_VISIBLE (gcry_strdup) -MARK_VISIBLE (gcry_is_secure) -MARK_VISIBLE (gcry_xcalloc) -MARK_VISIBLE (gcry_xcalloc_secure) -MARK_VISIBLE (gcry_xmalloc) -MARK_VISIBLE (gcry_xmalloc_secure) -MARK_VISIBLE (gcry_xrealloc) -MARK_VISIBLE (gcry_xstrdup) - -MARK_VISIBLE (gcry_md_algo_info) -MARK_VISIBLE (gcry_md_algo_name) -MARK_VISIBLE (gcry_md_close) -MARK_VISIBLE (gcry_md_copy) -MARK_VISIBLE (gcry_md_ctl) -MARK_VISIBLE (gcry_md_enable) -MARK_VISIBLE (gcry_md_get) -MARK_VISIBLE (gcry_md_get_algo) -MARK_VISIBLE (gcry_md_get_algo_dlen) -MARK_VISIBLE (gcry_md_hash_buffer) -MARK_VISIBLE (gcry_md_info) -MARK_VISIBLE (gcry_md_is_enabled) -MARK_VISIBLE (gcry_md_is_secure) -MARK_VISIBLE (gcry_md_list) -MARK_VISIBLE (gcry_md_map_name) -MARK_VISIBLE (gcry_md_open) -MARK_VISIBLE (gcry_md_read) -MARK_VISIBLEX(gcry_md_register) -MARK_VISIBLE (gcry_md_reset) -MARK_VISIBLE (gcry_md_setkey) -MARK_VISIBLE (gcry_md_unregister) -MARK_VISIBLE (gcry_md_write) -MARK_VISIBLE (gcry_md_debug) - -MARK_VISIBLE (gcry_cipher_algo_info) -MARK_VISIBLE (gcry_cipher_algo_name) -MARK_VISIBLE (gcry_cipher_close) -MARK_VISIBLE (gcry_cipher_setkey) -MARK_VISIBLE (gcry_cipher_setiv) -MARK_VISIBLE (gcry_cipher_setctr) -MARK_VISIBLE (gcry_cipher_ctl) -MARK_VISIBLE (gcry_cipher_decrypt) -MARK_VISIBLE (gcry_cipher_encrypt) -MARK_VISIBLE (gcry_cipher_get_algo_blklen) -MARK_VISIBLE (gcry_cipher_get_algo_keylen) -MARK_VISIBLE (gcry_cipher_info) -MARK_VISIBLE (gcry_cipher_list) -MARK_VISIBLE (gcry_cipher_map_name) -MARK_VISIBLE (gcry_cipher_mode_from_oid) -MARK_VISIBLE (gcry_cipher_open) -MARK_VISIBLEX(gcry_cipher_register) -MARK_VISIBLE (gcry_cipher_unregister) - -MARK_VISIBLE (gcry_pk_algo_info) -MARK_VISIBLE (gcry_pk_algo_name) -MARK_VISIBLE (gcry_pk_ctl) -MARK_VISIBLE (gcry_pk_decrypt) -MARK_VISIBLE (gcry_pk_encrypt) -MARK_VISIBLE (gcry_pk_genkey) -MARK_VISIBLE (gcry_pk_get_keygrip) -MARK_VISIBLE (gcry_pk_get_nbits) -MARK_VISIBLE (gcry_pk_list) -MARK_VISIBLE (gcry_pk_map_name) -MARK_VISIBLEX(gcry_pk_register) -MARK_VISIBLE (gcry_pk_sign) -MARK_VISIBLE (gcry_pk_testkey) -MARK_VISIBLE (gcry_pk_unregister) -MARK_VISIBLE (gcry_pk_verify) - -MARK_VISIBLE (gcry_ac_data_new) -MARK_VISIBLE (gcry_ac_data_destroy) -MARK_VISIBLE (gcry_ac_data_copy) -MARK_VISIBLE (gcry_ac_data_length) -MARK_VISIBLE (gcry_ac_data_clear) -MARK_VISIBLE (gcry_ac_data_set) -MARK_VISIBLE (gcry_ac_data_get_name) -MARK_VISIBLE (gcry_ac_data_get_index) -MARK_VISIBLE (gcry_ac_open) -MARK_VISIBLE (gcry_ac_close) -MARK_VISIBLE (gcry_ac_key_init) -MARK_VISIBLE (gcry_ac_key_pair_generate) -MARK_VISIBLE (gcry_ac_key_pair_extract) -MARK_VISIBLE (gcry_ac_key_data_get) -MARK_VISIBLE (gcry_ac_key_test) -MARK_VISIBLE (gcry_ac_key_get_nbits) -MARK_VISIBLE (gcry_ac_key_get_grip) -MARK_VISIBLE (gcry_ac_key_destroy) -MARK_VISIBLE (gcry_ac_key_pair_destroy) -MARK_VISIBLE (gcry_ac_data_encrypt) -MARK_VISIBLE (gcry_ac_data_decrypt) -MARK_VISIBLE (gcry_ac_data_sign) -MARK_VISIBLE (gcry_ac_data_verify) -MARK_VISIBLE (gcry_ac_id_to_name) -MARK_VISIBLE (gcry_ac_name_to_id) -/* MARK_VISIBLE (gcry_ac_list) Not defined although it is in - libgcrypt.vers. */ -MARK_VISIBLE (gcry_ac_data_encode) -MARK_VISIBLE (gcry_ac_data_decode) -MARK_VISIBLE (gcry_ac_mpi_to_os) -MARK_VISIBLE (gcry_ac_mpi_to_os_alloc) -MARK_VISIBLE (gcry_ac_os_to_mpi) -MARK_VISIBLE (gcry_ac_data_encrypt_scheme) -MARK_VISIBLE (gcry_ac_data_decrypt_scheme) -MARK_VISIBLE (gcry_ac_data_sign_scheme) -MARK_VISIBLE (gcry_ac_data_verify_scheme) -MARK_VISIBLE (gcry_ac_data_to_sexp) -MARK_VISIBLE (gcry_ac_data_from_sexp) -MARK_VISIBLE (gcry_ac_io_init) -MARK_VISIBLE (gcry_ac_io_init_va) - -MARK_VISIBLE (gcry_prime_check) -MARK_VISIBLE (gcry_prime_generate) -MARK_VISIBLE (gcry_prime_group_generator) -MARK_VISIBLE (gcry_prime_release_factors) - -MARK_VISIBLE (gcry_random_add_bytes) -MARK_VISIBLE (gcry_random_bytes) -MARK_VISIBLE (gcry_random_bytes_secure) -MARK_VISIBLE (gcry_randomize) -MARK_VISIBLE (gcry_create_nonce) - -MARK_VISIBLE (gcry_sexp_alist) -MARK_VISIBLE (gcry_sexp_append) -MARK_VISIBLE (gcry_sexp_build) -MARK_VISIBLE (gcry_sexp_build_array) -MARK_VISIBLE (gcry_sexp_cadr) -MARK_VISIBLE (gcry_sexp_canon_len) -MARK_VISIBLE (gcry_sexp_car) -MARK_VISIBLE (gcry_sexp_cdr) -MARK_VISIBLE (gcry_sexp_cons) -MARK_VISIBLE (gcry_sexp_create) -MARK_VISIBLE (gcry_sexp_dump) -MARK_VISIBLE (gcry_sexp_find_token) -MARK_VISIBLE (gcry_sexp_length) -MARK_VISIBLE (gcry_sexp_new) -MARK_VISIBLE (gcry_sexp_nth) -MARK_VISIBLE (gcry_sexp_nth_data) -MARK_VISIBLE (gcry_sexp_nth_mpi) -MARK_VISIBLE (gcry_sexp_prepend) -MARK_VISIBLE (gcry_sexp_release) -MARK_VISIBLE (gcry_sexp_sprint) -MARK_VISIBLE (gcry_sexp_sscan) -MARK_VISIBLE (gcry_sexp_vlist) -MARK_VISIBLE (gcry_sexp_nth_string) - -MARK_VISIBLE (gcry_mpi_add) -MARK_VISIBLE (gcry_mpi_add_ui) -MARK_VISIBLE (gcry_mpi_addm) -MARK_VISIBLE (gcry_mpi_aprint) -MARK_VISIBLE (gcry_mpi_clear_bit) -MARK_VISIBLE (gcry_mpi_clear_flag) -MARK_VISIBLE (gcry_mpi_clear_highbit) -MARK_VISIBLE (gcry_mpi_cmp) -MARK_VISIBLE (gcry_mpi_cmp_ui) -MARK_VISIBLE (gcry_mpi_copy) -MARK_VISIBLE (gcry_mpi_div) -MARK_VISIBLE (gcry_mpi_dump) -MARK_VISIBLE (gcry_mpi_gcd) -MARK_VISIBLE (gcry_mpi_get_flag) -MARK_VISIBLE (gcry_mpi_get_nbits) -MARK_VISIBLE (gcry_mpi_get_opaque) -MARK_VISIBLE (gcry_mpi_invm) -MARK_VISIBLE (gcry_mpi_mod) -MARK_VISIBLE (gcry_mpi_mul) -MARK_VISIBLE (gcry_mpi_mul_2exp) -MARK_VISIBLE (gcry_mpi_mul_ui) -MARK_VISIBLE (gcry_mpi_mulm) -MARK_VISIBLE (gcry_mpi_new) -MARK_VISIBLE (gcry_mpi_powm) -MARK_VISIBLE (gcry_mpi_print) -MARK_VISIBLE (gcry_mpi_randomize) -MARK_VISIBLE (gcry_mpi_release) -MARK_VISIBLE (gcry_mpi_rshift) -MARK_VISIBLE (gcry_mpi_lshift) -MARK_VISIBLE (gcry_mpi_scan) -MARK_VISIBLE (gcry_mpi_set) -MARK_VISIBLE (gcry_mpi_set_bit) -MARK_VISIBLE (gcry_mpi_set_flag) -MARK_VISIBLE (gcry_mpi_set_highbit) -MARK_VISIBLE (gcry_mpi_set_opaque) -MARK_VISIBLE (gcry_mpi_set_ui) -MARK_VISIBLE (gcry_mpi_snew) -MARK_VISIBLE (gcry_mpi_sub) -MARK_VISIBLE (gcry_mpi_sub_ui) -MARK_VISIBLE (gcry_mpi_subm) -MARK_VISIBLE (gcry_mpi_swap) -MARK_VISIBLE (gcry_mpi_test_bit) - - - -#undef MARK_VISIBLE -#endif /*_GCRY_INCLUDED_BY_VISIBILITY_C*/ +MARK_VISIBLEX (gcry_check_version) +MARK_VISIBLEX (gcry_control) + +MARK_VISIBLEX (gcry_set_allocation_handler) +MARK_VISIBLEX (gcry_set_fatalerror_handler) +MARK_VISIBLEX (gcry_set_gettext_handler) +MARK_VISIBLEX (gcry_set_log_handler) +MARK_VISIBLEX (gcry_set_outofcore_handler) +MARK_VISIBLEX (gcry_set_progress_handler) + +MARK_VISIBLEX (gcry_err_code_from_errno) +MARK_VISIBLEX (gcry_err_code_to_errno) +MARK_VISIBLEX (gcry_err_make_from_errno) +MARK_VISIBLEX (gcry_error_from_errno) +MARK_VISIBLEX (gcry_strerror) +MARK_VISIBLEX (gcry_strsource) + +MARK_VISIBLEX (gcry_malloc) +MARK_VISIBLEX (gcry_malloc_secure) +MARK_VISIBLEX (gcry_calloc) +MARK_VISIBLEX (gcry_calloc_secure) +MARK_VISIBLEX (gcry_realloc) +MARK_VISIBLEX (gcry_strdup) +MARK_VISIBLEX (gcry_is_secure) +MARK_VISIBLEX (gcry_xcalloc) +MARK_VISIBLEX (gcry_xcalloc_secure) +MARK_VISIBLEX (gcry_xmalloc) +MARK_VISIBLEX (gcry_xmalloc_secure) +MARK_VISIBLEX (gcry_xrealloc) +MARK_VISIBLEX (gcry_xstrdup) +MARK_VISIBLEX (gcry_free) + +MARK_VISIBLEX (gcry_md_algo_info) +MARK_VISIBLEX (gcry_md_algo_name) +MARK_VISIBLEX (gcry_md_close) +MARK_VISIBLEX (gcry_md_copy) +MARK_VISIBLEX (gcry_md_ctl) +MARK_VISIBLEX (gcry_md_enable) +MARK_VISIBLEX (gcry_md_get) +MARK_VISIBLEX (gcry_md_get_algo) +MARK_VISIBLEX (gcry_md_get_algo_dlen) +MARK_VISIBLEX (gcry_md_hash_buffer) +MARK_VISIBLEX (gcry_md_hash_buffers) +MARK_VISIBLEX (gcry_md_info) +MARK_VISIBLEX (gcry_md_is_enabled) +MARK_VISIBLEX (gcry_md_is_secure) +MARK_VISIBLEX (gcry_md_map_name) +MARK_VISIBLEX (gcry_md_open) +MARK_VISIBLEX (gcry_md_read) +MARK_VISIBLEX (gcry_md_reset) +MARK_VISIBLEX (gcry_md_setkey) +MARK_VISIBLEX (gcry_md_write) +MARK_VISIBLEX (gcry_md_debug) + +MARK_VISIBLEX (gcry_cipher_algo_info) +MARK_VISIBLEX (gcry_cipher_algo_name) +MARK_VISIBLEX (gcry_cipher_close) +MARK_VISIBLEX (gcry_cipher_setkey) +MARK_VISIBLEX (gcry_cipher_setiv) +MARK_VISIBLEX (gcry_cipher_setctr) +MARK_VISIBLEX (gcry_cipher_authenticate) +MARK_VISIBLEX (gcry_cipher_checktag) +MARK_VISIBLEX (gcry_cipher_gettag) +MARK_VISIBLEX (gcry_cipher_ctl) +MARK_VISIBLEX (gcry_cipher_decrypt) +MARK_VISIBLEX (gcry_cipher_encrypt) +MARK_VISIBLEX (gcry_cipher_get_algo_blklen) +MARK_VISIBLEX (gcry_cipher_get_algo_keylen) +MARK_VISIBLEX (gcry_cipher_info) +MARK_VISIBLEX (gcry_cipher_map_name) +MARK_VISIBLEX (gcry_cipher_mode_from_oid) +MARK_VISIBLEX (gcry_cipher_open) + +MARK_VISIBLEX (gcry_mac_algo_info) +MARK_VISIBLEX (gcry_mac_algo_name) +MARK_VISIBLEX (gcry_mac_map_name) +MARK_VISIBLEX (gcry_mac_get_algo_maclen) +MARK_VISIBLEX (gcry_mac_get_algo_keylen) +MARK_VISIBLEX (gcry_mac_open) +MARK_VISIBLEX (gcry_mac_close) +MARK_VISIBLEX (gcry_mac_setkey) +MARK_VISIBLEX (gcry_mac_setiv) +MARK_VISIBLEX (gcry_mac_write) +MARK_VISIBLEX (gcry_mac_read) +MARK_VISIBLEX (gcry_mac_verify) +MARK_VISIBLEX (gcry_mac_ctl) + +MARK_VISIBLEX (gcry_pk_algo_info) +MARK_VISIBLEX (gcry_pk_algo_name) +MARK_VISIBLEX (gcry_pk_ctl) +MARK_VISIBLEX (gcry_pk_decrypt) +MARK_VISIBLEX (gcry_pk_encrypt) +MARK_VISIBLEX (gcry_pk_genkey) +MARK_VISIBLEX (gcry_pk_get_keygrip) +MARK_VISIBLEX (gcry_pk_get_curve) +MARK_VISIBLEX (gcry_pk_get_param) +MARK_VISIBLEX (gcry_pk_get_nbits) +MARK_VISIBLEX (gcry_pk_map_name) +MARK_VISIBLEX (gcry_pk_sign) +MARK_VISIBLEX (gcry_pk_testkey) +MARK_VISIBLEX (gcry_pk_verify) +MARK_VISIBLEX (gcry_pubkey_get_sexp) + +MARK_VISIBLEX (gcry_kdf_derive) + +MARK_VISIBLEX (gcry_prime_check) +MARK_VISIBLEX (gcry_prime_generate) +MARK_VISIBLEX (gcry_prime_group_generator) +MARK_VISIBLEX (gcry_prime_release_factors) + +MARK_VISIBLEX (gcry_random_add_bytes) +MARK_VISIBLEX (gcry_random_bytes) +MARK_VISIBLEX (gcry_random_bytes_secure) +MARK_VISIBLEX (gcry_randomize) +MARK_VISIBLEX (gcry_create_nonce) + +MARK_VISIBLEX (gcry_sexp_alist) +MARK_VISIBLEX (gcry_sexp_append) +MARK_VISIBLEX (gcry_sexp_build) +MARK_VISIBLEX (gcry_sexp_build_array) +MARK_VISIBLEX (gcry_sexp_cadr) +MARK_VISIBLEX (gcry_sexp_canon_len) +MARK_VISIBLEX (gcry_sexp_car) +MARK_VISIBLEX (gcry_sexp_cdr) +MARK_VISIBLEX (gcry_sexp_cons) +MARK_VISIBLEX (gcry_sexp_create) +MARK_VISIBLEX (gcry_sexp_dump) +MARK_VISIBLEX (gcry_sexp_find_token) +MARK_VISIBLEX (gcry_sexp_length) +MARK_VISIBLEX (gcry_sexp_new) +MARK_VISIBLEX (gcry_sexp_nth) +MARK_VISIBLEX (gcry_sexp_nth_buffer) +MARK_VISIBLEX (gcry_sexp_nth_data) +MARK_VISIBLEX (gcry_sexp_nth_mpi) +MARK_VISIBLEX (gcry_sexp_nth_string) +MARK_VISIBLEX (gcry_sexp_prepend) +MARK_VISIBLEX (gcry_sexp_release) +MARK_VISIBLEX (gcry_sexp_sprint) +MARK_VISIBLEX (gcry_sexp_sscan) +MARK_VISIBLEX (gcry_sexp_vlist) +MARK_VISIBLEX (gcry_sexp_extract_param) + +MARK_VISIBLEX (gcry_mpi_abs) +MARK_VISIBLEX (gcry_mpi_add) +MARK_VISIBLEX (gcry_mpi_add_ui) +MARK_VISIBLEX (gcry_mpi_addm) +MARK_VISIBLEX (gcry_mpi_aprint) +MARK_VISIBLEX (gcry_mpi_clear_bit) +MARK_VISIBLEX (gcry_mpi_clear_flag) +MARK_VISIBLEX (gcry_mpi_clear_highbit) +MARK_VISIBLEX (gcry_mpi_cmp) +MARK_VISIBLEX (gcry_mpi_cmp_ui) +MARK_VISIBLEX (gcry_mpi_copy) +MARK_VISIBLEX (gcry_mpi_div) +MARK_VISIBLEX (gcry_mpi_dump) +MARK_VISIBLEX (gcry_mpi_ec_add) +MARK_VISIBLEX (gcry_mpi_ec_curve_point) +MARK_VISIBLEX (gcry_mpi_ec_dup) +MARK_VISIBLEX (gcry_mpi_ec_get_affine) +MARK_VISIBLEX (gcry_mpi_ec_mul) +MARK_VISIBLEX (gcry_mpi_ec_new) +MARK_VISIBLEX (gcry_mpi_ec_get_mpi) +MARK_VISIBLEX (gcry_mpi_ec_get_point) +MARK_VISIBLEX (gcry_mpi_ec_set_mpi) +MARK_VISIBLEX (gcry_mpi_ec_set_point) +MARK_VISIBLEX (gcry_mpi_gcd) +MARK_VISIBLEX (gcry_mpi_get_flag) +MARK_VISIBLEX (gcry_mpi_get_nbits) +MARK_VISIBLEX (gcry_mpi_get_opaque) +MARK_VISIBLEX (gcry_mpi_is_neg) +MARK_VISIBLEX (gcry_mpi_invm) +MARK_VISIBLEX (gcry_mpi_mod) +MARK_VISIBLEX (gcry_mpi_mul) +MARK_VISIBLEX (gcry_mpi_mul_2exp) +MARK_VISIBLEX (gcry_mpi_mul_ui) +MARK_VISIBLEX (gcry_mpi_mulm) +MARK_VISIBLEX (gcry_mpi_neg) +MARK_VISIBLEX (gcry_mpi_new) +MARK_VISIBLEX (gcry_mpi_point_get) +MARK_VISIBLEX (gcry_mpi_point_new) +MARK_VISIBLEX (gcry_mpi_point_release) +MARK_VISIBLEX (gcry_mpi_point_set) +MARK_VISIBLEX (gcry_mpi_point_snatch_get) +MARK_VISIBLEX (gcry_mpi_point_snatch_set) +MARK_VISIBLEX (gcry_mpi_powm) +MARK_VISIBLEX (gcry_mpi_print) +MARK_VISIBLEX (gcry_mpi_randomize) +MARK_VISIBLEX (gcry_mpi_release) +MARK_VISIBLEX (gcry_mpi_rshift) +MARK_VISIBLEX (gcry_mpi_lshift) +MARK_VISIBLEX (gcry_mpi_scan) +MARK_VISIBLEX (gcry_mpi_snatch) +MARK_VISIBLEX (gcry_mpi_set) +MARK_VISIBLEX (gcry_mpi_set_bit) +MARK_VISIBLEX (gcry_mpi_set_flag) +MARK_VISIBLEX (gcry_mpi_set_highbit) +MARK_VISIBLEX (gcry_mpi_set_opaque) +MARK_VISIBLEX (gcry_mpi_set_opaque_copy) +MARK_VISIBLEX (gcry_mpi_set_ui) +MARK_VISIBLEX (gcry_mpi_snew) +MARK_VISIBLEX (gcry_mpi_sub) +MARK_VISIBLEX (gcry_mpi_sub_ui) +MARK_VISIBLEX (gcry_mpi_subm) +MARK_VISIBLEX (gcry_mpi_swap) +MARK_VISIBLEX (gcry_mpi_test_bit) + +MARK_VISIBLEX (gcry_ctx_release) + +MARK_VISIBLEX (gcry_log_debug) +MARK_VISIBLEX (gcry_log_debughex) +MARK_VISIBLEX (gcry_log_debugmpi) +MARK_VISIBLEX (gcry_log_debugpnt) +MARK_VISIBLEX (gcry_log_debugsxp) + +/* Functions used to implement macros. */ +MARK_VISIBLEX (_gcry_mpi_get_const) + + +#undef MARK_VISIBLEX + +#else /*!_GCRY_INCLUDED_BY_VISIBILITY_C*/ + +/* To avoid accidental use of the public functions inside Libgcrypt, + we redefine them to catch such errors. The usual difference + between a public and an internal version is that the internal + version use gpg_err_code_t and the public version gpg_error_t. */ + +#define gcry_check_version _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_control _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_set_allocation_handler _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_set_fatalerror_handler _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_set_gettext_handler _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_set_log_handler _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_set_outofcore_handler _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_set_progress_handler _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_err_code_from_errno _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_err_code_to_errno _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_err_make_from_errno _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_error_from_errno _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_strerror _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_strsource _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_malloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_malloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_calloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_calloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_realloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_strdup _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xcalloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xcalloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xmalloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xmalloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xrealloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xstrdup _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_free _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_is_secure _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_cipher_open _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_close _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_setkey _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_setiv _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_setctr _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_algo_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_algo_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_authenticate _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_checktag _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_gettag _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_ctl _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_decrypt _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_encrypt _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_get_algo_blklen _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_get_algo_keylen _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_map_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_cipher_mode_from_oid _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_pk_algo_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_algo_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_ctl _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_decrypt _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_encrypt _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_genkey _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_get_keygrip _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_get_curve _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_get_param _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_get_nbits _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_map_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_sign _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_testkey _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pk_verify _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_pubkey_get_sexp _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_md_algo_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_algo_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_close _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_copy _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_ctl _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_enable _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_get _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_get_algo _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_get_algo_dlen _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_hash_buffer _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_hash_buffers _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_is_enabled _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_is_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_map_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_open _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_read _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_reset _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_setkey _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_write _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_md_debug _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_mac_algo_info _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_algo_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_map_name _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_get_algo_maclen _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_get_algo_keylen _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_open _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_close _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_setkey _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_setiv _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_write _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_read _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_verify _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mac_ctl _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_kdf_derive _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_prime_check _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_prime_generate _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_prime_group_generator _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_prime_release_factors _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_random_add_bytes _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_random_bytes _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_random_bytes_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_randomize _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_create_nonce _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_ctx_release _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_sexp_alist _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_append _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_build _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_build_array _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_cadr _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_canon_len _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_car _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_cdr _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_cons _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_create _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_dump _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_find_token _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_length _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_new _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_nth _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_nth_buffer _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_nth_data _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_nth_mpi _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_nth_string _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_prepend _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_release _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_sprint _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_sscan _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_vlist _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_sexp_extract_param _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_mpi_add _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_add_ui _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_addm _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_aprint _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_clear_bit _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_clear_flag _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_clear_highbit _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_cmp _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_cmp_ui _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_copy _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_div _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_dump _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_gcd _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_get_flag _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_get_nbits _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_get_opaque _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_invm _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_mod _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_mul _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_mul_2exp _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_mul_ui _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_mulm _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_new _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_get _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_new _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_release _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_set _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_snatch_get _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_point_snatch_set _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_powm _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_print _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_randomize _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_release _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_rshift _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_lshift _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_scan _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_bit _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_flag _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_highbit _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_opaque _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_ui _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_snatch _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_snew _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_sub _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_sub_ui _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_subm _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_swap _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_test_bit _gcry_USE_THE_UNDERSCORED_FUNCTION + +#define gcry_mpi_abs _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_add _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_curve_point _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_dup _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_get_affine _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_get_mpi _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_get_point _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_mul _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_new _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_set_mpi _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_ec_set_point _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_is_neg _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_neg _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_mpi_set_opaque_copy _gcry_USE_THE_UNDERSCORED_FUNCTION + + +#endif /*!_GCRY_INCLUDED_BY_VISIBILITY_C*/ #endif /*GCRY_VISIBILITY_H*/ |