gnome-keyring r1474 - in trunk: . common common/tests daemon daemon/keyrings daemon/pk daemon/pkix daemon/pkix/tests daemon/ssh po
- From: nnielsen svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-keyring r1474 - in trunk: . common common/tests daemon daemon/keyrings daemon/pk daemon/pkix daemon/pkix/tests daemon/ssh po
- Date: Thu, 22 Jan 2009 22:53:47 +0000 (UTC)
Author: nnielsen
Date: Thu Jan 22 22:53:47 2009
New Revision: 1474
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1474&view=rev
Log:
* common/gkr-crypto.c:
* common/gkr-crypto.h:
* common/tests/Makefile.am:
* common/tests/unit-test-crypto.c: (removed)
* daemon/Makefile.am:
* daemon/keyrings/gkr-keyring-binary.c:
* daemon/pk/gkr-pk-index.c:
* daemon/pk/gkr-pk-root-storage.c:
* daemon/pk/gkr-pk-session-storage.c:
* daemon/pkix/gkr-pkix-der.c:
* daemon/pkix/gkr-pkix-openssl.c: (removed)
* daemon/pkix/gkr-pkix-openssl.h: (removed)
* daemon/pkix/gkr-pkix-pem.c: (removed)
* daemon/pkix/gkr-pkix-pem.h: (removed)
* daemon/pkix/gkr-pkix-serialize.c:
* daemon/pkix/Makefile.am:
* daemon/pkix/tests/Makefile.am:
* daemon/pkix/tests/unit-test-pkix-openssl.c: (removed)
* daemon/ssh/*: (removed)
* daemon/ssh/tests/*: (removed)
* configure.in: Removed lots of unused code resulting from refactoring.
Removed:
trunk/common/tests/unit-test-crypto.c
trunk/daemon/pkix/gkr-pkix-openssl.c
trunk/daemon/pkix/gkr-pkix-openssl.h
trunk/daemon/pkix/gkr-pkix-pem.c
trunk/daemon/pkix/gkr-pkix-pem.h
trunk/daemon/pkix/tests/unit-test-pkix-openssl.c
trunk/daemon/ssh/
Modified:
trunk/ChangeLog
trunk/common/gkr-crypto.c
trunk/common/gkr-crypto.h
trunk/common/tests/Makefile.am
trunk/configure.in
trunk/daemon/Makefile.am
trunk/daemon/keyrings/gkr-keyring-binary.c
trunk/daemon/pk/gkr-pk-index.c
trunk/daemon/pk/gkr-pk-root-storage.c
trunk/daemon/pk/gkr-pk-session-storage.c
trunk/daemon/pkix/Makefile.am
trunk/daemon/pkix/gkr-pkix-der.c
trunk/daemon/pkix/gkr-pkix-parser.c
trunk/daemon/pkix/gkr-pkix-serialize.c
trunk/daemon/pkix/tests/Makefile.am
trunk/po/ChangeLog
trunk/po/POTFILES.in
Modified: trunk/common/gkr-crypto.c
==============================================================================
--- trunk/common/gkr-crypto.c (original)
+++ trunk/common/gkr-crypto.c Thu Jan 22 22:53:47 2009
@@ -87,561 +87,6 @@
srand (seed);
}
-static const char HEXC[] = "0123456789ABCDEF";
-
-gboolean
-gkr_crypto_hex_encode (const guchar *data, gsize n_data,
- gchar *encoded, gsize *n_encoded)
-{
- guchar j;
-
- g_return_val_if_fail (*n_encoded >= n_data * 2 + 1, FALSE);
-
- while(n_data > 0) {
- j = *(data) >> 4 & 0xf;
- *(encoded++) = HEXC[j];
-
- j = *(data++) & 0xf;
- *(encoded++) = HEXC[j];
-
- n_data--;
- }
-
- /* Null terminate */
- *encoded = 0;
- return TRUE;
-}
-
-gboolean
-gkr_crypto_hex_decode (const gchar *data, gsize n_data,
- guchar *decoded, gsize *n_decoded)
-{
- gushort j;
- gint state = 0;
- const gchar* pos;
-
- g_assert (data);
- g_assert (decoded);
- g_assert (n_decoded);
-
- g_return_val_if_fail (*n_decoded >= n_data / 2, FALSE);
- *n_decoded = 0;
-
- while (n_data > 0)
- {
- if (!isspace (*data)) {
-
- /* Find the position */
- pos = strchr (HEXC, toupper (*data));
- if (pos == 0)
- break;
-
- j = pos - HEXC;
- if(!state) {
- *decoded = (j & 0xf) << 4;
- state = 1;
- } else {
- *decoded |= (j & 0xf);
- (*n_decoded)++;
- decoded++;
- state = 0;
- }
- }
-
- ++data;
- --n_data;
- }
-
- g_return_val_if_fail (state == 0, FALSE);
-
- return TRUE;
-}
-
-/* -----------------------------------------------------------------------------
- * PASSWORD TO KEY/IV
- */
-
-gboolean
-gkr_crypto_generate_symkey_simple (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations, guchar **key,
- guchar **iv)
-{
- gcry_md_hd_t mdh;
- gcry_error_t gcry;
- guchar *digest;
- guchar *digested;
- guint n_digest;
- gint pass, i;
- gint needed_iv, needed_key;
- guchar *at_iv, *at_key;
-
- g_assert (cipher_algo);
- g_assert (hash_algo);
-
- g_return_val_if_fail (iterations >= 1, FALSE);
-
- /*
- * If cipher algo needs more bytes than hash algo has available
- * then the entire hashing process is done again (with the previous
- * hash bytes as extra input), and so on until satisfied.
- */
-
- needed_key = gcry_cipher_get_algo_keylen (cipher_algo);
- needed_iv = gcry_cipher_get_algo_blklen (cipher_algo);
-
- gcry = gcry_md_open (&mdh, hash_algo, 0);
- if (gcry) {
- g_warning ("couldn't create '%s' hash context: %s",
- gcry_md_algo_name (hash_algo), gcry_strerror (gcry));
- return FALSE;
- }
-
- n_digest = gcry_md_get_algo_dlen (hash_algo);
- g_return_val_if_fail (n_digest > 0, FALSE);
-
- digest = egg_secure_alloc (n_digest);
- g_return_val_if_fail (digest, FALSE);
- if (key) {
- *key = egg_secure_alloc (needed_key);
- g_return_val_if_fail (*key, FALSE);
- }
- if (iv)
- *iv = g_new0 (guchar, needed_iv);
-
- at_key = key ? *key : NULL;
- at_iv = iv ? *iv : NULL;
-
- for (pass = 0; TRUE; ++pass) {
- gcry_md_reset (mdh);
-
- /* Hash in the previous buffer on later passes */
- if (pass > 0)
- gcry_md_write (mdh, digest, n_digest);
-
- if (password)
- gcry_md_write (mdh, password, strlen (password));
- if (salt && n_salt)
- gcry_md_write (mdh, salt, n_salt);
- gcry_md_final (mdh);
- digested = gcry_md_read (mdh, 0);
- g_return_val_if_fail (digested, FALSE);
- memcpy (digest, digested, n_digest);
-
- for (i = 1; i < iterations; ++i) {
- gcry_md_reset (mdh);
- gcry_md_write (mdh, digest, n_digest);
- gcry_md_final (mdh);
- digested = gcry_md_read (mdh, 0);
- g_return_val_if_fail (digested, FALSE);
- memcpy (digest, digested, n_digest);
- }
-
- /* Copy as much as possible into the destinations */
- i = 0;
- while (needed_key && i < n_digest) {
- if (at_key)
- *(at_key++) = digest[i];
- needed_key--;
- i++;
- }
- while (needed_iv && i < n_digest) {
- if (at_iv)
- *(at_iv++) = digest[i];
- needed_iv--;
- i++;
- }
-
- if (needed_key == 0 && needed_iv == 0)
- break;
- }
-
- egg_secure_free (digest);
- gcry_md_close (mdh);
-
- return TRUE;
-}
-
-gboolean
-gkr_crypto_generate_symkey_pbe (int cipher_algo, int hash_algo, const gchar *password,
- const guchar *salt, gsize n_salt, int iterations,
- guchar **key, guchar **iv)
-{
- gcry_md_hd_t mdh;
- gcry_error_t gcry;
- guchar *digest;
- guchar *digested;
- guint i, n_digest;
- gint needed_iv, needed_key;
-
- g_assert (cipher_algo);
- g_assert (hash_algo);
-
- g_return_val_if_fail (iterations >= 1, FALSE);
-
- /*
- * We only do one pass here.
- *
- * The key ends up as the first needed_key bytes of the hash buffer.
- * The iv ends up as the last needed_iv bytes of the hash buffer.
- *
- * The IV may overlap the key (which is stupid) if the wrong pair of
- * hash/cipher algorithms are chosen.
- */
-
- n_digest = gcry_md_get_algo_dlen (hash_algo);
- g_return_val_if_fail (n_digest > 0, FALSE);
-
- needed_key = gcry_cipher_get_algo_keylen (cipher_algo);
- needed_iv = gcry_cipher_get_algo_blklen (cipher_algo);
- if (needed_iv + needed_key > 16 || needed_iv + needed_key > n_digest) {
- g_warning ("using PBE symkey generation with %s using an algorithm that needs "
- "too many bytes of key and/or IV: %s",
- gcry_cipher_algo_name (hash_algo),
- gcry_cipher_algo_name (cipher_algo));
- return FALSE;
- }
-
- gcry = gcry_md_open (&mdh, hash_algo, 0);
- if (gcry) {
- g_warning ("couldn't create '%s' hash context: %s",
- gcry_md_algo_name (hash_algo), gcry_strerror (gcry));
- return FALSE;
- }
-
- digest = egg_secure_alloc (n_digest);
- g_return_val_if_fail (digest, FALSE);
- if (key) {
- *key = egg_secure_alloc (needed_key);
- g_return_val_if_fail (*key, FALSE);
- }
- if (iv)
- *iv = g_new0 (guchar, needed_iv);
-
- if (password)
- gcry_md_write (mdh, password, strlen (password));
- if (salt && n_salt)
- gcry_md_write (mdh, salt, n_salt);
- gcry_md_final (mdh);
- digested = gcry_md_read (mdh, 0);
- g_return_val_if_fail (digested, FALSE);
- memcpy (digest, digested, n_digest);
-
- for (i = 1; i < iterations; ++i)
- gcry_md_hash_buffer (hash_algo, digest, digest, n_digest);
-
- /* The first x bytes are the key */
- if (key) {
- g_assert (needed_key <= n_digest);
- memcpy (*key, digest, needed_key);
- }
-
- /* The last 16 - x bytes are the iv */
- if (iv) {
- g_assert (needed_iv <= n_digest && n_digest >= 16);
- memcpy (*iv, digest + (16 - needed_iv), needed_iv);
- }
-
- egg_secure_free (digest);
- gcry_md_close (mdh);
-
- return TRUE;
-}
-
-static gboolean
-generate_pkcs12 (int hash_algo, int type, const gchar *utf8_password,
- const guchar *salt, gsize n_salt, int iterations,
- guchar *output, gsize n_output)
-{
- gcry_mpi_t num_b1, num_ij;
- guchar *hash, *buf_i, *buf_b;
- gcry_md_hd_t mdh;
- const gchar *p2;
- guchar *p;
- gsize n_hash, i;
- gunichar unich;
- gcry_error_t gcry;
-
- num_b1 = num_ij = NULL;
-
- n_hash = gcry_md_get_algo_dlen (hash_algo);
- g_return_val_if_fail (n_hash > 0, FALSE);
-
- gcry = gcry_md_open (&mdh, hash_algo, 0);
- if (gcry) {
- g_warning ("couldn't create '%s' hash context: %s",
- gcry_md_algo_name (hash_algo), gcry_strerror (gcry));
- return FALSE;
- }
-
- /* Reqisition me a buffer */
- hash = egg_secure_alloc (n_hash);
- buf_i = egg_secure_alloc (128);
- buf_b = egg_secure_alloc (64);
- g_return_val_if_fail (hash && buf_i && buf_b, FALSE);
-
- /* Bring in the salt */
- p = buf_i;
- if (salt) {
- for (i = 0; i < 64; ++i)
- *(p++) = salt[i % n_salt];
- } else {
- memset (p, 0, 64);
- p += 64;
- }
-
- /* Bring in the password, as 16bits per character BMP string, ie: UCS2 */
- if (utf8_password) {
- p2 = utf8_password;
- for (i = 0; i < 64; i += 2) {
- unich = *p2 ? g_utf8_get_char (p2) : 0;
- *(p++) = (unich & 0xFF00) >> 8;
- *(p++) = (unich & 0xFF);
- if (*p2) /* Loop back to beginning if more bytes are needed */
- p2 = g_utf8_next_char (p2);
- else
- p2 = utf8_password;
- }
- } else {
- memset (p, 0, 64);
- p += 64;
- }
-
- /* Hash and bash */
- for (;;) {
- gcry_md_reset (mdh);
-
- /* Put in the PKCS#12 type of key */
- for (i = 0; i < 64; ++i)
- gcry_md_putc (mdh, type);
-
- /* Bring in the password */
- gcry_md_write (mdh, buf_i, utf8_password ? 128 : 64);
-
- /* First iteration done */
- memcpy (hash, gcry_md_read (mdh, hash_algo), n_hash);
-
- /* All the other iterations */
- for (i = 1; i < iterations; i++)
- gcry_md_hash_buffer (hash_algo, hash, hash, n_hash);
-
- /* Take out as much as we need */
- for (i = 0; i < n_hash && n_output; ++i) {
- *(output++) = hash[i];
- --n_output;
- }
-
- /* Is that enough generated keying material? */
- if (!n_output)
- break;
-
- /* Need more bytes, do some voodoo */
- for (i = 0; i < 64; ++i)
- buf_b[i] = hash[i % n_hash];
- gcry = gcry_mpi_scan (&num_b1, GCRYMPI_FMT_USG, buf_b, 64, NULL);
- g_return_val_if_fail (gcry == 0, FALSE);
- gcry_mpi_add_ui (num_b1, num_b1, 1);
- for (i = 0; i < 128; i += 64) {
- gcry = gcry_mpi_scan (&num_ij, GCRYMPI_FMT_USG, buf_i + i, 64, NULL);
- g_return_val_if_fail (gcry == 0, FALSE);
- gcry_mpi_add (num_ij, num_ij, num_b1);
- gcry_mpi_clear_highbit (num_ij, 64 * 8);
- gcry = gcry_mpi_print (GCRYMPI_FMT_USG, buf_i + i, 64, NULL, num_ij);
- g_return_val_if_fail (gcry == 0, FALSE);
- gcry_mpi_release (num_ij);
- }
- }
-
- egg_secure_free (buf_i);
- egg_secure_free (buf_b);
- egg_secure_free (hash);
- gcry_mpi_release (num_b1);
- gcry_md_close (mdh);
-
- return TRUE;
-}
-
-gboolean
-gkr_crypto_generate_symkey_pkcs12 (int cipher_algo, int hash_algo, const gchar *password,
- const guchar *salt, gsize n_salt,
- int iterations, guchar **key, guchar **iv)
-{
- gsize n_block, n_key;
- gboolean ret = TRUE;
-
- g_return_val_if_fail (cipher_algo, FALSE);
- g_return_val_if_fail (hash_algo, FALSE);
- g_return_val_if_fail (iterations > 0, FALSE);
-
- n_key = gcry_cipher_get_algo_keylen (cipher_algo);
- n_block = gcry_cipher_get_algo_blklen (cipher_algo);
-
- if (password && !g_utf8_validate (password, -1, NULL)) {
- g_warning ("invalid non-UTF8 password");
- g_return_val_if_reached (FALSE);
- }
-
- if (key)
- *key = NULL;
- if (iv)
- *iv = NULL;
-
- /* Generate us an key */
- if (key) {
- *key = egg_secure_alloc (n_key);
- g_return_val_if_fail (*key != NULL, FALSE);
- ret = generate_pkcs12 (hash_algo, 1, password, salt, n_salt,
- iterations, *key, n_key);
- }
-
- /* Generate us an iv */
- if (ret && iv) {
- if (n_block > 1) {
- *iv = g_malloc (n_block);
- ret = generate_pkcs12 (hash_algo, 2, password, salt, n_salt,
- iterations, *iv, n_block);
- } else {
- *iv = NULL;
- }
- }
-
- /* Cleanup in case of failure */
- if (!ret) {
- g_free (iv ? *iv : NULL);
- g_free (key ? *key : NULL);
- }
-
- return ret;
-}
-
-static gboolean
-generate_pbkdf2 (int hash_algo, const gchar *password, gsize n_password,
- const guchar *salt, gsize n_salt, guint iterations,
- guchar *output, gsize n_output)
-{
- gcry_md_hd_t mdh;
- guint u, l, r, i, k;
- gcry_error_t gcry;
- guchar *U, *T, *buf;
- gsize n_buf, n_hash;
-
- g_return_val_if_fail (hash_algo > 0, FALSE);
- g_return_val_if_fail (iterations > 0, FALSE);
- g_return_val_if_fail (n_output > 0, FALSE);
- g_return_val_if_fail (n_output < G_MAXUINT32, FALSE);
-
- n_hash = gcry_md_get_algo_dlen (hash_algo);
- g_return_val_if_fail (n_hash > 0, FALSE);
-
- gcry = gcry_md_open (&mdh, hash_algo, GCRY_MD_FLAG_HMAC);
- if (gcry != 0) {
- g_warning ("couldn't create '%s' hash context: %s",
- gcry_md_algo_name (hash_algo), gcry_strerror (gcry));
- return FALSE;
- }
-
- /* Get us a temporary buffers */
- T = egg_secure_alloc (n_hash);
- U = egg_secure_alloc (n_hash);
- n_buf = n_salt + 4;
- buf = egg_secure_alloc (n_buf);
- g_return_val_if_fail (buf && T && U, FALSE);
-
- /* n_hash blocks in output, rounding up */
- l = ((n_output - 1) / n_hash) + 1;
-
- /* number of bytes in last, rounded up, n_hash block */
- r = n_output - (l - 1) * n_hash;
-
- memcpy (buf, salt, n_salt);
- for (i = 1; i <= l; i++) {
- memset (T, 0, n_hash);
- for (u = 1; u <= iterations; u++) {
- gcry_md_reset (mdh);
-
- gcry = gcry_md_setkey (mdh, password, n_password);
- g_return_val_if_fail (gcry == 0, FALSE);
-
- /* For first iteration on each block add 4 extra bytes */
- if (u == 1) {
- buf[n_salt + 0] = (i & 0xff000000) >> 24;
- buf[n_salt + 1] = (i & 0x00ff0000) >> 16;
- buf[n_salt + 2] = (i & 0x0000ff00) >> 8;
- buf[n_salt + 3] = (i & 0x000000ff) >> 0;
-
- gcry_md_write (mdh, buf, n_buf);
-
- /* Other iterations, any block */
- } else {
- gcry_md_write (mdh, U, n_hash);
- }
-
- memcpy (U, gcry_md_read (mdh, hash_algo), n_hash);
-
- for (k = 0; k < n_hash; k++)
- T[k] ^= U[k];
- }
-
- memcpy (output + (i - 1) * n_hash, T, i == l ? r : n_hash);
- }
-
- egg_secure_free (T);
- egg_secure_free (U);
- egg_secure_free (buf);
- gcry_md_close (mdh);
- return TRUE;
-}
-
-gboolean
-gkr_crypto_generate_symkey_pbkdf2 (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations,
- guchar **key, guchar **iv)
-{
- gsize n_key, n_block, n_password;
- gboolean ret = TRUE;
-
- g_return_val_if_fail (hash_algo, FALSE);
- g_return_val_if_fail (cipher_algo, FALSE);
- g_return_val_if_fail (iterations > 0, FALSE);
-
- n_key = gcry_cipher_get_algo_keylen (cipher_algo);
- n_block = gcry_cipher_get_algo_blklen (cipher_algo);
-
- if (key)
- *key = NULL;
- if (iv)
- *iv = NULL;
-
- n_password = password ? strlen (password) : 0;
-
- /* Generate us an key */
- if (key) {
- *key = egg_secure_alloc (n_key);
- g_return_val_if_fail (*key != NULL, FALSE);
- ret = generate_pbkdf2 (hash_algo, password, n_password, salt, n_salt,
- iterations, *key, n_key);
- }
-
- /* Generate us an iv */
- if (ret && iv) {
- if (n_block > 1) {
- *iv = g_malloc (n_block);
- gcry_create_nonce (*iv, n_block);
- } else {
- *iv = NULL;
- }
- }
-
- /* Cleanup in case of failure */
- if (!ret) {
- g_free (iv ? *iv : NULL);
- g_free (key ? *key : NULL);
- }
-
- return ret;
-}
-
/* -----------------------------------------------------------------------------
* MPI HELPERS
*/
@@ -670,19 +115,6 @@
return at;
}
-gcry_sexp_t
-gkr_crypto_sexp_get_child (gcry_sexp_t sexp, ...)
-{
- gcry_sexp_t child;
- va_list va;
-
- va_start (va, sexp);
- child = sexp_get_childv (sexp, va);
- va_end (va);
-
- return child;
-}
-
gboolean
gkr_crypto_sexp_extract_mpi (gcry_sexp_t sexp, gcry_mpi_t *mpi, ...)
{
Modified: trunk/common/gkr-crypto.h
==============================================================================
--- trunk/common/gkr-crypto.h (original)
+++ trunk/common/gkr-crypto.h Thu Jan 22 22:53:47 2009
@@ -35,35 +35,6 @@
void gkr_crypto_setup (void);
-gboolean gkr_crypto_hex_encode (const guchar *data, gsize n_data,
- gchar *encoded, gsize *n_encoded);
-
-gboolean gkr_crypto_hex_decode (const gchar *data, gsize n_data,
- guchar *decoded, gsize *n_decoded);
-
-gboolean gkr_crypto_generate_symkey_simple (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations,
- guchar **key, guchar **iv);
-
-gboolean gkr_crypto_generate_symkey_pkcs12 (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations,
- guchar **key, guchar **iv);
-
-gboolean gkr_crypto_generate_symkey_pbe (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations,
- guchar **key, guchar **iv);
-
-gboolean gkr_crypto_generate_symkey_pbkdf2 (int cipher_algo, int hash_algo,
- const gchar *password, const guchar *salt,
- gsize n_salt, int iterations,
- guchar **key, guchar **iv);
-
-gcry_sexp_t gkr_crypto_sexp_get_child (gcry_sexp_t sexp, ...)
- G_GNUC_NULL_TERMINATED;
-
gboolean gkr_crypto_sexp_extract_mpi (gcry_sexp_t sexp, gcry_mpi_t *mpi, ...)
G_GNUC_NULL_TERMINATED;
Modified: trunk/common/tests/Makefile.am
==============================================================================
--- trunk/common/tests/Makefile.am (original)
+++ trunk/common/tests/Makefile.am Thu Jan 22 22:53:47 2009
@@ -1,7 +1,6 @@
UNIT_AUTO = \
unit-test-async.c \
unit-test-unique.c \
- unit-test-crypto.c \
unit-test-cleanup.c \
unit-test-location.c \
unit-test-location-watch.c \
Modified: trunk/configure.in
==============================================================================
--- trunk/configure.in (original)
+++ trunk/configure.in Thu Jan 22 22:53:47 2009
@@ -500,8 +500,6 @@
daemon/pkcs11/Makefile
daemon/pkix/Makefile
daemon/pkix/tests/Makefile
-daemon/ssh/Makefile
-daemon/ssh/tests/Makefile
daemon/ui/Makefile
egg/Makefile
egg/tests/Makefile
Modified: trunk/daemon/Makefile.am
==============================================================================
--- trunk/daemon/Makefile.am (original)
+++ trunk/daemon/Makefile.am Thu Jan 22 22:53:47 2009
@@ -1,16 +1,9 @@
-if WITH_SSH
-SSH_DIR = ssh
-else
-SSH_DIR =
-endif
-
SUBDIRS = \
ui \
keyrings \
pkix \
pk \
pkcs11 \
- $(SSH_DIR) \
data
bin_PROGRAMS= \
@@ -37,7 +30,6 @@
gkr-daemon-ops.c
gnome_keyring_daemon_LDADD = \
- $(top_builddir)/daemon/ssh/libgkr-ssh.la \
$(top_builddir)/daemon/pkcs11/libgkr-pkcs11.la \
$(top_builddir)/daemon/pk/libgkr-pk.la \
$(top_builddir)/daemon/keyrings/libgkr-keyrings.la \
Modified: trunk/daemon/keyrings/gkr-keyring-binary.c
==============================================================================
--- trunk/daemon/keyrings/gkr-keyring-binary.c (original)
+++ trunk/daemon/keyrings/gkr-keyring-binary.c Thu Jan 22 22:53:47 2009
@@ -28,7 +28,7 @@
#include "gkr-keyring-item.h"
#include "egg/egg-buffer.h"
-#include "common/gkr-crypto.h"
+#include "egg/egg-symkey.h"
#include "egg/egg-secure-memory.h"
#include "library/gnome-keyring-private.h"
@@ -119,8 +119,8 @@
g_assert (16 == gcry_cipher_get_algo_blklen (GCRY_CIPHER_AES128));
g_assert (16 == gcry_cipher_get_algo_keylen (GCRY_CIPHER_AES128));
- if (!gkr_crypto_generate_symkey_simple (GCRY_CIPHER_AES128, GCRY_MD_SHA256,
- password, salt, 8, iterations, &key, &iv))
+ if (!egg_symkey_generate_simple (GCRY_CIPHER_AES128, GCRY_MD_SHA256,
+ password, -1, salt, 8, iterations, &key, &iv))
return FALSE;
gerr = gcry_cipher_open (&cih, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0);
@@ -168,8 +168,8 @@
g_assert (16 == gcry_cipher_get_algo_blklen (GCRY_CIPHER_AES128));
g_assert (16 == gcry_cipher_get_algo_keylen (GCRY_CIPHER_AES128));
- if (!gkr_crypto_generate_symkey_simple (GCRY_CIPHER_AES128, GCRY_MD_SHA256,
- password, salt, 8, iterations, &key, &iv))
+ if (!egg_symkey_generate_simple (GCRY_CIPHER_AES128, GCRY_MD_SHA256,
+ password, -1, salt, 8, iterations, &key, &iv))
return FALSE;
gerr = gcry_cipher_open (&cih, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0);
Modified: trunk/daemon/pk/gkr-pk-index.c
==============================================================================
--- trunk/daemon/pk/gkr-pk-index.c (original)
+++ trunk/daemon/pk/gkr-pk-index.c Thu Jan 22 22:53:47 2009
@@ -29,6 +29,8 @@
#include "common/gkr-cleanup.h"
#include "common/gkr-crypto.h"
#include "common/gkr-location.h"
+
+#include "egg/egg-hex.h"
#include "egg/egg-secure-memory.h"
#include "keyrings/gkr-keyring-login.h"
@@ -73,8 +75,7 @@
digdata = gkr_id_get_raw (digest, &n_digdata);
g_assert (digdata);
n_group = (n_digdata * 2) + 1;
- group = g_malloc0 (n_group);
- r = gkr_crypto_hex_encode (digdata, n_digdata, group, &n_group);
+ group = egg_hex_encode (digdata, n_digdata);
g_assert (r == TRUE);
return group;
@@ -593,9 +594,8 @@
return NULL;
n_string = strlen (string);
- *n_data = (n_string / 2) + 1;
- data = g_malloc0 (*n_data);
- if (!gkr_crypto_hex_decode (string, n_string, data, n_data)) {
+ data = egg_hex_decode (string, n_string, n_data);
+ if (data == NULL) {
g_message ("invalid binary data in index under field '%s'", field);
g_free (data);
data = NULL;
@@ -768,7 +768,7 @@
const gchar *field, const guchar *data,
gsize n_data)
{
- gboolean ret, r;
+ gboolean ret;
gchar *str;
gsize n_str;
@@ -782,8 +782,8 @@
n_str = (n_data * 2) + 1;
str = g_malloc0 (n_str);
- r = gkr_crypto_hex_encode (data, n_data, str, &n_str);
- g_assert (r == TRUE);
+ str = egg_hex_encode (data, n_data);
+ g_assert (str);
ret = write_string (index, digest, field, str);
g_free (str);
Modified: trunk/daemon/pk/gkr-pk-root-storage.c
==============================================================================
--- trunk/daemon/pk/gkr-pk-root-storage.c (original)
+++ trunk/daemon/pk/gkr-pk-root-storage.c Thu Jan 22 22:53:47 2009
@@ -39,8 +39,7 @@
#include "pkix/gkr-pkix-asn1.h"
#include "pkix/gkr-pkix-der.h"
-#include "pkix/gkr-pkix-openssl.h"
-#include "pkix/gkr-pkix-pem.h"
+#include "pkix/gkr-pkix-parser.h"
#include "pkix/gkr-pkix-types.h"
#include "ui/gkr-ask-daemon.h"
Modified: trunk/daemon/pk/gkr-pk-session-storage.c
==============================================================================
--- trunk/daemon/pk/gkr-pk-session-storage.c (original)
+++ trunk/daemon/pk/gkr-pk-session-storage.c Thu Jan 22 22:53:47 2009
@@ -28,9 +28,11 @@
#include "gkr-pk-session-storage.h"
#include "gkr-pk-util.h"
-#include "egg/egg-buffer.h"
#include "common/gkr-location.h"
#include "common/gkr-location-watch.h"
+
+#include "egg/egg-buffer.h"
+#include "egg/egg-openssl.h"
#include "egg/egg-secure-memory.h"
#include "keyrings/gkr-keyring-login.h"
@@ -39,8 +41,6 @@
#include "pkix/gkr-pkix-asn1.h"
#include "pkix/gkr-pkix-der.h"
-#include "pkix/gkr-pkix-openssl.h"
-#include "pkix/gkr-pkix-pem.h"
#include "pkix/gkr-pkix-types.h"
#include "ui/gkr-ask-daemon.h"
Modified: trunk/daemon/pkix/Makefile.am
==============================================================================
--- trunk/daemon/pkix/Makefile.am (original)
+++ trunk/daemon/pkix/Makefile.am Thu Jan 22 22:53:47 2009
@@ -21,9 +21,7 @@
gkr-pkix-asn1.c gkr-pkix-asn1.h \
gkr-pkix-constants.h \
gkr-pkix-der.c gkr-pkix-der.h \
- gkr-pkix-openssl.c gkr-pkix-openssl.h \
gkr-pkix-parser.c gkr-pkix-parser.h \
- gkr-pkix-pem.c gkr-pkix-pem.h \
gkr-pkix-serialize.c gkr-pkix-serialize.h \
gkr-pkix-types.h \
$(BUILT_SOURCES)
Modified: trunk/daemon/pkix/gkr-pkix-der.c
==============================================================================
--- trunk/daemon/pkix/gkr-pkix-der.c (original)
+++ trunk/daemon/pkix/gkr-pkix-der.c Thu Jan 22 22:53:47 2009
@@ -27,6 +27,8 @@
#include "gkr-pkix-der.h"
#include "common/gkr-crypto.h"
+
+#include "egg/egg-symkey.h"
#include "egg/egg-secure-memory.h"
#include <glib.h>
@@ -1061,8 +1063,8 @@
g_return_val_if_fail (n_key > 0, GKR_PKIX_FAILURE);
n_block = gcry_cipher_get_algo_blklen (cipher_algo);
- if (!gkr_crypto_generate_symkey_pbe (cipher_algo, hash_algo, password, salt,
- n_salt, iterations, &key, n_block > 1 ? &iv : NULL))
+ if (!egg_symkey_generate_pbe (cipher_algo, hash_algo, password, -1, salt,
+ n_salt, iterations, &key, n_block > 1 ? &iv : NULL))
goto done;
gcry = gcry_cipher_open (cih, cipher_algo, cipher_mode, 0);
@@ -1182,8 +1184,8 @@
if (!salt)
goto done;
- if (!gkr_crypto_generate_symkey_pbkdf2 (cipher_algo, GCRY_MD_SHA1, password,
- salt, n_salt, iterations, &key, NULL))
+ if (!egg_symkey_generate_pbkdf2 (cipher_algo, GCRY_MD_SHA1, password, -1,
+ salt, n_salt, iterations, &key, NULL))
goto done;
n_key = gcry_cipher_get_algo_keylen (cipher_algo);
@@ -1350,9 +1352,9 @@
n_key = gcry_cipher_get_algo_keylen (cipher_algo);
/* Generate IV and key using salt read above */
- if (!gkr_crypto_generate_symkey_pkcs12 (cipher_algo, GCRY_MD_SHA1, password,
- salt, n_salt, iterations, &key,
- n_block > 1 ? &iv : NULL))
+ if (!egg_symkey_generate_pkcs12 (cipher_algo, GCRY_MD_SHA1, password, -1,
+ salt, n_salt, iterations, &key,
+ n_block > 1 ? &iv : NULL))
goto done;
gcry = gcry_cipher_open (cih, cipher_algo, cipher_mode, 0);
Modified: trunk/daemon/pkix/gkr-pkix-parser.c
==============================================================================
--- trunk/daemon/pkix/gkr-pkix-parser.c (original)
+++ trunk/daemon/pkix/gkr-pkix-parser.c Thu Jan 22 22:53:47 2009
@@ -34,12 +34,12 @@
#include "gkr-pkix-asn1.h"
#include "gkr-pkix-der.h"
#include "gkr-pkix-marshal.h"
-#include "gkr-pkix-openssl.h"
#include "gkr-pkix-parser.h"
-#include "gkr-pkix-pem.h"
#include "common/gkr-crypto.h"
#include "common/gkr-location.h"
+
+#include "egg/egg-openssl.h"
#include "egg/egg-secure-memory.h"
#include "library/gnome-keyring.h"
@@ -1379,8 +1379,8 @@
n_decrypted = 0;
/* Decrypt, this will result in garble if invalid password */
- res = gkr_pkix_openssl_decrypt_block (val, password, data, n_data,
- &decrypted, &n_decrypted);
+ res = egg_openssl_decrypt_block (val, password, -1, data, n_data,
+ &decrypted, &n_decrypted);
if (!res)
return GKR_PKIX_FAILURE;
@@ -1446,7 +1446,7 @@
if (n_data == 0)
return GKR_PKIX_UNRECOGNIZED;
- found = gkr_pkix_pem_parse (data, n_data, handle_pem_data, &ctx);
+ found = egg_openssl_pem_parse (data, n_data, handle_pem_data, &ctx);
if (found == 0)
return GKR_PKIX_UNRECOGNIZED;
Modified: trunk/daemon/pkix/gkr-pkix-serialize.c
==============================================================================
--- trunk/daemon/pkix/gkr-pkix-serialize.c (original)
+++ trunk/daemon/pkix/gkr-pkix-serialize.c Thu Jan 22 22:53:47 2009
@@ -8,6 +8,8 @@
#include "common/gkr-crypto.h"
#include "common/gkr-location.h"
+
+#include "egg/egg-symkey.h"
#include "egg/egg-secure-memory.h"
#include <glib/gi18n.h>
@@ -129,9 +131,9 @@
*n_block = gcry_cipher_get_algo_blklen (GCRY_MD_SHA1);
g_return_val_if_fail (n_key && *n_block, NULL);
- if (!gkr_crypto_generate_symkey_pkcs12 (GCRY_CIPHER_3DES, GCRY_MD_SHA1,
- password, salt, sizeof (salt),
- iterations, &key, &iv))
+ if (!egg_symkey_generate_pkcs12 (GCRY_CIPHER_3DES, GCRY_MD_SHA1,
+ password, -1, salt, sizeof (salt),
+ iterations, &key, &iv))
g_return_val_if_reached (NULL);
/* Now write out the parameters */
Modified: trunk/daemon/pkix/tests/Makefile.am
==============================================================================
--- trunk/daemon/pkix/tests/Makefile.am (original)
+++ trunk/daemon/pkix/tests/Makefile.am Thu Jan 22 22:53:47 2009
@@ -9,7 +9,6 @@
unit-test-gcrypt-setup.c \
unit-test-pkix-asn1.c \
unit-test-pkix-der.c \
- unit-test-pkix-openssl.c \
unit-test-pkix-parser.c \
unit-test-pkix-serialize.c \
$(BUILT_SOURCES)
Modified: trunk/po/POTFILES.in
==============================================================================
--- trunk/po/POTFILES.in (original)
+++ trunk/po/POTFILES.in Thu Jan 22 22:53:47 2009
@@ -14,9 +14,9 @@
daemon/pkcs11/gkr-pkcs11-auth.c
daemon/pkix/gkr-pkix-parser.c
daemon/pkix/gkr-pkix-serialize.c
-daemon/ssh/gkr-ssh-storage.c
daemon/ui/gkr-ask-tool.c
gcr/gcr-import-dialog.glade
+gcr/gcr-importer.c
gcr/gcr-parser.c
gp11/gp11-misc.c
library/gnome-keyring-utils.c
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
