1
/* misc.c - miscellaneous functions
2
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
3
* 2003 Free Software Foundation, Inc.
1
/* misc.c - miscellaneous functions
2
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3
* 2005, 2006 Free Software Foundation, Inc.
5
5
* This file is part of GnuPG.
35
35
#include <sys/time.h>
36
36
#include <sys/resource.h>
38
#ifdef ENABLE_SELINUX_HACKS
42
#ifdef HAVE_W32_SYSTEM
48
#define CSIDL_APPDATA 0x001a
50
#ifndef CSIDL_LOCAL_APPDATA
51
#define CSIDL_LOCAL_APPDATA 0x001c
53
#ifndef CSIDL_FLAG_CREATE
54
#define CSIDL_FLAG_CREATE 0x8000
56
#endif /*HAVE_W32_SYSTEM*/
59
#ifdef HAVE_W32_SYSTEM
62
#endif /*HAVE_W32_SYSTEM*/
42
65
#include "photoid.h"
43
66
#include "options.h"
46
#define MAX_EXTERN_MPI_BITS 16384
71
string_count_chr (const char *string, int c)
75
for (count=0; *string; string++ )
83
#ifdef ENABLE_SELINUX_HACKS
84
/* A object and a global variable to keep track of files marked as
86
struct secured_file_item
88
struct secured_file_item *next;
92
static struct secured_file_item *secured_files;
93
#endif /*ENABLE_SELINUX_HACKS*/
49
97
#if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
143
/* For the sake of SELinux we want to restrict access through gpg to
144
certain files we keep under our own control. This function
145
registers such a file and is_secured_file may then be used to
146
check whether a file has ben registered as secured. */
148
register_secured_file (const char *fname)
150
#ifdef ENABLE_SELINUX_HACKS
152
struct secured_file_item *sf;
154
/* Note that we stop immediatley if something goes wrong here. */
155
if (stat (fname, &buf))
156
log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname,
157
"register_secured_file", strerror (errno));
158
/* log_debug ("registering `%s' i=%lu.%lu\n", fname, */
159
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
160
for (sf=secured_files; sf; sf = sf->next)
162
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
163
return; /* Already registered. */
166
sf = xmalloc (sizeof *sf);
167
sf->ino = buf.st_ino;
168
sf->dev = buf.st_dev;
169
sf->next = secured_files;
171
#endif /*ENABLE_SELINUX_HACKS*/
174
/* Remove a file registered as secure. */
176
unregister_secured_file (const char *fname)
178
#ifdef ENABLE_SELINUX_HACKS
180
struct secured_file_item *sf, *sfprev;
182
if (stat (fname, &buf))
184
log_error (_("fstat of `%s' failed in %s: %s\n"), fname,
185
"unregister_secured_file", strerror (errno));
188
/* log_debug ("unregistering `%s' i=%lu.%lu\n", fname, */
189
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
190
for (sfprev=NULL,sf=secured_files; sf; sfprev=sf, sf = sf->next)
192
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
195
sfprev->next = sf->next;
197
secured_files = sf->next;
202
#endif /*ENABLE_SELINUX_HACKS*/
205
/* Return true if FD is corresponds to a secured file. Using -1 for
206
FS is allowed and will return false. */
208
is_secured_file (int fd)
210
#ifdef ENABLE_SELINUX_HACKS
212
struct secured_file_item *sf;
215
return 0; /* No file descriptor so it can't be secured either. */
217
/* Note that we print out a error here and claim that a file is
218
secure if something went wrong. */
219
if (fstat (fd, &buf))
221
log_error (_("fstat(%d) failed in %s: %s\n"), fd,
222
"is_secured_file", strerror (errno));
225
/* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
226
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
227
for (sf=secured_files; sf; sf = sf->next)
229
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
232
#endif /*ENABLE_SELINUX_HACKS*/
236
/* Return true if FNAME is corresponds to a secured file. Using NULL,
237
"" or "-" for FS is allowed and will return false. This function is
238
used before creating a file, thus it won't fail if the file does
241
is_secured_filename (const char *fname)
243
#ifdef ENABLE_SELINUX_HACKS
245
struct secured_file_item *sf;
247
if (iobuf_is_pipe_filename (fname) || !*fname)
250
/* Note that we print out a error here and claim that a file is
251
secure if something went wrong. */
252
if (stat (fname, &buf))
254
if (errno == ENOENT || errno == EPERM || errno == EACCES)
256
log_error (_("fstat of `%s' failed in %s: %s\n"), fname,
257
"is_secured_filename", strerror (errno));
260
/* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
261
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
262
for (sf=secured_files; sf; sf = sf->next)
264
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
267
#endif /*ENABLE_SELINUX_HACKS*/
97
274
checksum_u16( unsigned n )
118
checksum_mpi( gcry_mpi_t a )
295
checksum_mpi (gcry_mpi_t a)
125
rc = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a );
128
/* fixme: for numbers not in secure memory we should use a stack
129
* based buffer and only allocate a larger one if mpi_print return
131
buffer = gcry_is_secure(a)? gcry_xmalloc_secure(nbytes):gcry_xmalloc(nbytes);
132
rc = gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a );
135
csum = checksum (buffer, nbytes );
302
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
304
/* Fixme: For numbers not in secure memory we should use a stack
305
* based buffer and only allocate a larger one if mpi_print returns
307
buffer = (gcry_is_secure(a)?
308
gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
309
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
311
nbits = gcry_mpi_get_nbits (a);
312
csum = checksum_u16 (nbits);
313
csum += checksum (buffer, nbytes);
155
static int did_note = 0;
159
log_info(_("Experimental algorithms should not be used!\n"));
164
330
print_pubkey_algo_note( int algo )
166
if( algo >= 100 && algo <= 110 )
332
if(algo >= 100 && algo <= 110)
338
log_info (_("WARNING: using experimental public key algorithm %s\n"),
339
gcry_pk_algo_name (algo));
171
345
print_cipher_algo_note( int algo )
173
if( algo >= 100 && algo <= 110 )
175
else if( algo == CIPHER_ALGO_3DES
176
|| algo == CIPHER_ALGO_CAST5
177
|| algo == CIPHER_ALGO_BLOWFISH
178
|| algo == CIPHER_ALGO_TWOFISH
179
|| algo == CIPHER_ALGO_RIJNDAEL
180
|| algo == CIPHER_ALGO_RIJNDAEL192
181
|| algo == CIPHER_ALGO_RIJNDAEL256
185
static int did_note = 0;
189
log_info(_("this cipher algorithm is deprecated; "
190
"please use a more standard one!\n"));
347
if(algo >= 100 && algo <= 110)
353
log_info (_("WARNING: using experimental cipher algorithm %s\n"),
354
gcry_cipher_algo_name (algo));
196
360
print_digest_algo_note( int algo )
198
if( algo >= 100 && algo <= 110 )
362
if(algo >= 100 && algo <= 110)
368
log_info (_("WARNING: using experimental digest algorithm %s\n"),
369
gcry_md_algo_name (algo));
372
else if(algo==DIGEST_ALGO_MD5)
373
log_info (_("WARNING: digest algorithm %s is deprecated\n"),
374
gcry_md_algo_name (algo));
203
377
/* Return a string which is used as a kind of process ID */
205
379
get_session_marker( size_t *rlen )
207
static byte marker[SIZEOF_UNSIGNED_LONG*2];
208
static int initialized;
210
if ( !initialized ) {
211
volatile ulong aa, bb; /* we really want the uninitialized value */
215
/* also this marker is guessable it is not easy to use this
216
* for a faked control packet because an attacker does not
217
* have enough control about the time the verification does
218
* take place. Of course, we can add just more random but
219
* than we need the random generator even for verification
220
* tasks - which does not make sense. */
221
a = aa ^ (ulong)getpid();
222
b = bb ^ (ulong)time(NULL);
223
memcpy( marker, &a, SIZEOF_UNSIGNED_LONG );
224
memcpy( marker+SIZEOF_UNSIGNED_LONG, &b, SIZEOF_UNSIGNED_LONG );
381
static byte marker[SIZEOF_UNSIGNED_LONG*2];
382
static int initialized;
386
volatile ulong aa, bb; /* We really want the uninitialized value. */
390
/* Although this marker is guessable it is not easy to use this
391
* for a faked control packet because an attacker does not have
392
* enough control about the time the verification takes place.
393
* Of course, we could add just more random but than we need the
394
* random generator even for verification tasks - which does not
396
a = aa ^ (ulong)getpid();
397
b = bb ^ (ulong)time(NULL);
398
memcpy ( marker, &a, SIZEOF_UNSIGNED_LONG );
399
memcpy ( marker+SIZEOF_UNSIGNED_LONG, &b, SIZEOF_UNSIGNED_LONG );
226
*rlen = sizeof(marker);
401
*rlen = sizeof(marker);
230
405
/****************
231
* Wrapper around the libgcrypt function with addional checks on
232
* openPGP contraints for the algo ID.
406
* Wrapper around the libgcrypt function with additonal checks on
407
* the OpenPGP contraints for the algo ID.
235
410
openpgp_cipher_test_algo( int algo )
237
if( algo < 0 || algo > 110 )
238
return GPG_ERR_CIPHER_ALGO;
239
return gcry_cipher_test_algo (algo);
243
openpgp_pk_test_algo( int algo, unsigned int usage_flags )
245
size_t value = usage_flags;
247
if (algo == GCRY_PK_ELG_E)
250
#warning need to handle the usage here?
252
if (algo < 0 || algo > 110)
253
return GPG_ERR_PUBKEY_ALGO;
254
return gcry_pk_algo_info (algo, GCRYCTL_TEST_ALGO, NULL, &value);
412
if ( algo < 0 || algo > 110 )
413
return gpg_error (GPG_ERR_CIPHER_ALGO);
414
return gcry_cipher_test_algo (algo);
418
openpgp_pk_test_algo( int algo )
420
if (algo == GCRY_PK_ELG_E)
423
if (algo < 0 || algo > 110)
424
return gpg_error (GPG_ERR_PUBKEY_ALGO);
425
return gcry_pk_test_algo (algo);
429
openpgp_pk_test_algo2( int algo, unsigned int use )
433
if (algo == GCRY_PK_ELG_E)
436
if (algo < 0 || algo > 110)
437
return gpg_error (GPG_ERR_PUBKEY_ALGO);
439
return gcry_pk_algo_info (algo, GCRYCTL_TEST_ALGO, NULL, &use_buf);
289
472
openpgp_md_test_algo( int algo )
291
if( algo < 0 || algo > 110 )
292
return GPG_ERR_DIGEST_ALGO;
293
return gcry_md_test_algo (algo);
297
openpgp_md_map_name (const char *string)
299
int i = gcry_md_map_name (string);
301
if (!i && (string[0]=='H' || string[0]=='h'))
302
{ /* Didn't find it, so try the Hx format */
308
val=strtol(string,&endptr,10);
309
if (*string!='\0' && *endptr=='\0' && !openpgp_md_test_algo(val))
312
return i < 0 || i > 110? 0 : i;
316
openpgp_cipher_map_name (const char *string)
318
int i = gcry_cipher_map_name (string);
320
if (!i && (string[0]=='S' || string[0]=='s'))
321
{ /* Didn't find it, so try the Sx format */
327
val=strtol(string,&endptr,10);
328
if (*string!='\0' && *endptr=='\0' && !openpgp_cipher_test_algo(val))
331
return i < 0 || i > 110? 0 : i;
335
openpgp_pk_map_name (const char *string)
337
int i = gcry_pk_map_name (string);
338
return i < 0 || i > 110? 0 : i;
474
if (algo < 0 || algo > 110)
475
return gpg_error (GPG_ERR_DIGEST_ALGO);
476
return gcry_md_test_algo (algo);
348
486
if(!warned || show)
350
488
log_info(_("the IDEA cipher plugin is not present\n"));
351
log_info(_("please see http://www.gnupg.org/why-not-idea.html "
352
"for more information\n"));
489
log_info(_("please see %s for more information\n"),
490
"http://www.gnupg.org/faq/why-not-idea.html");
358
/* Expand %-strings. Returns a string which must be m_freed. Returns
496
static unsigned long get_signature_count(PKT_secret_key *sk)
498
#ifdef ENABLE_CARD_SUPPORT
499
if(sk && sk->is_protected && sk->protect.s2k.mode==1002)
501
struct agent_card_info_s info;
502
if(agent_scd_getattr("SIG-COUNTER",&info)==0)
503
return info.sig_counter;
507
/* How to do this without a card? */
512
/* Expand %-strings. Returns a string which must be xfreed. Returns
359
513
NULL if the string cannot be expanded (too large). */
361
515
pct_expando(const char *string,struct expando_args *args)
460
624
memset(array,0,(len=MAX_FINGERPRINT_LEN));
462
else if( ch[1]=='f' && args->pk)
626
else if((*(ch+1))=='f' && args->pk)
463
627
fingerprint_from_pk(args->pk,array,&len);
464
else if( ch[1]=='g' && args->sk)
628
else if((*(ch+1))=='g' && args->sk)
465
629
fingerprint_from_sk(args->sk,array,&len);
467
memset(array, 0, (len=MAX_FINGERPRINT_LEN));
631
memset(array,0,(len=MAX_FINGERPRINT_LEN));
469
633
if(idx+(len*2)<maxlen)
547
hextobyte( const char *s )
551
if( *s >= '0' && *s <= '9' )
553
else if( *s >= 'A' && *s <= 'F' )
554
c = 16 * (10 + *s - 'A');
555
else if( *s >= 'a' && *s <= 'f' )
556
c = 16 * (10 + *s - 'a');
560
if( *s >= '0' && *s <= '9' )
562
else if( *s >= 'A' && *s <= 'F' )
564
else if( *s >= 'a' && *s <= 'f' )
572
711
deprecated_warning(const char *configname,unsigned int configlineno,
573
712
const char *option,const char *repl1,const char *repl2)
589
728
log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
733
deprecated_command (const char *name)
735
log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
741
* Wrapper around gcry_cipher_map_name to provide a fallback using the
742
* "Sn" syntax as used by the preference strings.
745
string_to_cipher_algo (const char *string)
749
val = gcry_cipher_map_name (string);
750
if (!val && string && (string[0]=='S' || string[0]=='s'))
755
val = strtol (string, &endptr, 10);
756
if (!*string || *endptr || openpgp_cipher_test_algo (val))
764
* Wrapper around gcry_md_map_name to provide a fallback using the
765
* "Hn" syntax as used by the preference strings.
768
string_to_digest_algo (const char *string)
772
val = gcry_md_map_name (string);
773
if (!val && string && (string[0]=='H' || string[0]=='h'))
778
val = strtol (string, &endptr, 10);
779
if (!*string || *endptr || openpgp_md_test_algo (val))
593
789
compress_algo_to_string(int algo)
795
case COMPRESS_ALGO_NONE:
799
case COMPRESS_ALGO_ZIP:
803
case COMPRESS_ALGO_ZLIB:
808
case COMPRESS_ALGO_BZIP2:
616
818
string_to_compress_algo(const char *string)
618
if(ascii_strcasecmp(string,"uncompressed")==0)
820
/* TRANSLATORS: See doc/TRANSLATE about this string. */
821
if(match_multistr(_("uncompressed|none"),string))
823
else if(ascii_strcasecmp(string,"uncompressed")==0)
825
else if(ascii_strcasecmp(string,"none")==0)
620
827
else if(ascii_strcasecmp(string,"zip")==0)
622
829
else if(ascii_strcasecmp(string,"zlib")==0)
832
else if(ascii_strcasecmp(string,"bzip2")==0)
624
835
else if(ascii_strcasecmp(string,"z0")==0)
626
837
else if(ascii_strcasecmp(string,"z1")==0)
628
839
else if(ascii_strcasecmp(string,"z2")==0)
842
else if(ascii_strcasecmp(string,"z3")==0)
712
932
opt.compliance=CO_GNUPG;
935
/* Break a string into successive option pieces. Accepts single word
936
options and key=value argument options. */
938
optsep(char **stringp)
945
end=strpbrk(tok," ,=");
951
/* what we need to do now is scan along starting with *end,
952
If the next character we see (ignoring spaces) is an =
953
sign, then there is an argument. */
964
/* There is an argument, so grab that too. At this point,
965
ptr points to the first character of the argument. */
968
/* Is it a quoted argument? */
977
end=strpbrk(ptr," ,");
995
/* Breaks an option value into key and value. Returns NULL if there
996
is no value. Note that "string" is modified to remove the =value
999
argsplit(char *string)
1001
char *equals,*arg=NULL;
1003
equals=strchr(string,'=');
1012
quote=strchr(arg,'"');
1017
quote=strchr(arg,'"');
1025
/* Trim leading spaces off of the arg */
1026
spaces=strspn(arg," ");
1030
/* Trim tailing spaces off of the tag */
1031
space=strchr(string,' ');
1039
/* Return the length of the initial token, leaving off any
1042
optlen(const char *s)
1044
char *end=strpbrk(s," =");
716
parse_options(char *str,unsigned int *options,struct parse_options *opts)
1053
parse_options(char *str,unsigned int *options,
1054
struct parse_options *opts,int noisy)
720
while((tok=strsep(&str," ,")))
1058
if (str && !strcmp (str, "help"))
1062
/* Figure out the longest option name so we can line these up
1064
for(i=0;opts[i].name;i++)
1065
if(opts[i].help && maxlen<strlen(opts[i].name))
1066
maxlen=strlen(opts[i].name);
1068
for(i=0;opts[i].name;i++)
1070
printf("%s%*s%s\n",opts[i].name,
1071
maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
1076
while((tok=optsep(&str)))
724
1081
if(tok[0]=='\0')
733
1090
for(i=0;opts[i].name;i++)
735
if(ascii_strcasecmp(opts[i].name,tok)==0)
1092
size_t toklen=optlen(tok);
1094
if(ascii_strncasecmp(opts[i].name,tok,toklen)==0)
1096
/* We have a match, but it might be incomplete */
1097
if(toklen!=strlen(opts[i].name))
1101
for(j=i+1;opts[j].name;j++)
1103
if(ascii_strncasecmp(opts[j].name,tok,toklen)==0)
1106
log_info(_("ambiguous option `%s'\n"),otok);
738
*options&=~opts[i].bit;
1114
*options&=~opts[i].bit;
1116
*opts[i].value=NULL;
740
*options|=opts[i].bit;
1120
*options|=opts[i].bit;
1122
*opts[i].value=argsplit(tok);
745
1128
if(!opts[i].name)
1131
log_info(_("unknown option `%s'\n"),otok);
1140
/* Return a new malloced string by unescaping the string S. Escaping
1141
is percent escaping and '+'/space mapping. A binary nul will
1142
silently be replaced by a 0xFF. */
1144
unescape_percent_string (const unsigned char *s)
1148
buffer = d = xmalloc (strlen (s)+1);
1151
if (*s == '%' && s[1] && s[2])
1174
has_invalid_email_chars (const char *s)
1177
const char *valid_chars=
1178
"01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
1186
else if ( !at_seen && !( !!strchr( valid_chars, *s ) || *s == '+' ) )
1188
else if ( at_seen && !strchr( valid_chars, *s ) )
1195
/* Check whether NAME represents a valid mailbox according to
1196
RFC822. Returns true if so. */
1198
is_valid_mailbox (const char *name)
1202
|| has_invalid_email_chars (name)
1203
|| string_count_chr (name,'@') != 1
1205
|| name[strlen(name)-1] == '@'
1206
|| name[strlen(name)-1] == '.'
1207
|| strstr (name, "..") );
1211
/* This is a helper function to load a Windows function from either of
1213
#ifdef HAVE_W32_SYSTEM
1215
w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e)
1217
static int initialized;
1218
static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPSTR);
1222
static char *dllnames[] = { "shell32.dll", "shfolder.dll", NULL };
1228
for (i=0, handle = NULL; !handle && dllnames[i]; i++)
1230
handle = dlopen (dllnames[i], RTLD_LAZY);
1233
func = dlsym (handle, "SHGetFolderPathA");
1244
return func (a,b,c,d,e);
1248
#endif /*HAVE_W32_SYSTEM*/
1251
/* Return the name of the libexec directory. The name is allocated in
1252
a static area on the first use. This function won't fail. */
1254
get_libexecdir (void)
1256
#ifdef HAVE_W32_SYSTEM
1258
static char dir[MAX_PATH+5];
1264
if ( !GetModuleFileName ( NULL, dir, MAX_PATH) )
1266
log_debug ("GetModuleFileName failed: %s\n", w32_strerror (0));
1270
p = strrchr (dir, DIRSEP_C);
1275
log_debug ("bad filename `%s' returned for this process\n", dir);
1282
/* Fallback to the hardwired value. */
1283
#endif /*HAVE_W32_SYSTEM*/
1285
return GNUPG_LIBEXECDIR;
1288
/* Similar to access(2), but uses PATH to find the file. */
1290
path_access(const char *file,int mode)
1295
envpath=getenv("PATH");
1298
#ifdef HAVE_DRIVE_LETTERS
1299
|| (((file[0]>='A' && file[0]<='Z')
1300
|| (file[0]>='a' && file[0]<='z'))
1306
return access(file,mode);
1309
/* At least as large as, but most often larger than we need. */
1310
char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
1311
char *split,*item,*path=xstrdup(envpath);
1315
while((item=strsep(&split,PATHSEP_S)))
1317
strcpy(buffer,item);
1319
strcat(buffer,file);
1320
ret=access(buffer,mode);
754
1334
/* Temporary helper. */
756
1336
pubkey_get_npkey( int algo )
841
/* MPI helper functions. */
845
* write an mpi to out.
848
mpi_write( iobuf_t out, gcry_mpi_t a )
850
char buffer[(MAX_EXTERN_MPI_BITS+7)/8];
854
nbytes = (MAX_EXTERN_MPI_BITS+7)/8;
855
rc = gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, &nbytes, a );
857
rc = iobuf_write( out, buffer, nbytes );
863
* Writyeg a MPI to out, but in this case it is an opaque one,
864
* s used vor v3 protected keys.
867
mpi_write_opaque( iobuf_t out, gcry_mpi_t a )
869
size_t nbytes, nbits;
873
assert( gcry_mpi_get_flag( a, GCRYMPI_FLAG_OPAQUE ) );
874
p = gcry_mpi_get_opaque( a, &nbits );
875
nbytes = (nbits+7) / 8;
876
iobuf_put( out, nbits >> 8 );
877
iobuf_put( out, nbits );
878
rc = iobuf_write( out, p, nbytes );
884
* Read an external representation of an mpi and return the MPI
885
* The external format is a 16 bit unsigned value stored in network byte order,
886
* giving the number of bits for the following integer. The integer is stored
887
* with MSB first (left padded with zeroes to align on a byte boundary).
890
mpi_read(iobuf_t inp, unsigned int *ret_nread, int secure)
893
unsigned int nbits, nbytes, nread=0;
898
if( (c = c1 = iobuf_get(inp)) == -1 )
901
if( (c = c2 = iobuf_get(inp)) == -1 )
904
if( nbits > MAX_EXTERN_MPI_BITS ) {
905
log_error("mpi too large (%u bits)\n", nbits);
909
nbytes = (nbits+7) / 8;
910
buf = secure? gcry_xmalloc_secure( nbytes+2 ) : gcry_xmalloc( nbytes+2 );
914
for( i=0 ; i < nbytes; i++ ) {
915
p[i+2] = iobuf_get(inp) & 0xff;
919
if( gcry_mpi_scan( &a, GCRYMPI_FMT_PGP, buf, nread, &nread ) )
924
if( nread > *ret_nread )
925
log_bug("mpi larger than packet");
932
* Same as mpi_read but the value is stored as an opaque MPI.
933
* This function is used to read encrypted MPI of v3 packets.
936
mpi_read_opaque(iobuf_t inp, unsigned *ret_nread )
939
unsigned nbits, nbytes, nread=0;
944
if( (c = c1 = iobuf_get(inp)) == -1 )
947
if( (c = c2 = iobuf_get(inp)) == -1 )
950
if( nbits > MAX_EXTERN_MPI_BITS ) {
951
log_error("mpi too large (%u bits)\n", nbits);
955
nbytes = (nbits+7) / 8;
956
buf = gcry_xmalloc( nbytes );
958
for( i=0 ; i < nbytes; i++ ) {
959
p[i] = iobuf_get(inp) & 0xff;
962
a = gcry_mpi_set_opaque(NULL, buf, nbits );
967
if( nread > *ret_nread )
968
log_bug("mpi larger than packet");
1422
/* FIXME: Use gcry_mpi_print directly. */
976
1424
mpi_print( FILE *fp, gcry_mpi_t a, int mode )