[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-commit-watchers
Subject: [gnutls-commits] CVS opencdk/src
From: "CVS User twoaday" <twoaday () gnutls ! org>
Date: 2007-04-27 13:59:59
Message-ID: E1HhQzP-00026f-W7 () trithemius ! gnupg ! org
[Download RAW message or body]
Update of /cvs/gnutls/opencdk/src
In directory trithemius:/tmp/cvs-serv8053
Modified Files:
ChangeLog keydb.c main.c opencdk.h opencdk.h.in proc-packet.c
Log Message:
--- /cvs/gnutls/opencdk/src/ChangeLog 2007/04/27 13:17:21 1.178
+++ /cvs/gnutls/opencdk/src/ChangeLog 2007/04/27 13:59:58 1.179
@@ -1,6 +1,8 @@
2007-04-27 Timo Schulz <twoaday@gmx.net>
* read-packet.c (read_symkey_enc): Fix EOF detection.
+ * proc-packet.c (handle_pubkey_enc): Rewrote secret key
+ 'caching'.
2007-04-22 Timo Schulz <twoaday@gmx.net>
--- /cvs/gnutls/opencdk/src/keydb.c 2007/04/24 18:46:02 1.146
+++ /cvs/gnutls/opencdk/src/keydb.c 2007/04/27 13:59:58 1.147
@@ -1286,15 +1286,15 @@
cdk_error_t
-cdk_keydb_get_sk (cdk_keydb_hd_t hd, u32 *keyid, cdk_pkt_seckey_t *ret_sk)
+cdk_keydb_get_sk (cdk_keydb_hd_t hd, u32 *keyid, cdk_seckey_t *ret_sk)
{
cdk_kbnode_t snode, node;
- cdk_pkt_seckey_t sk;
+ cdk_seckey_t sk;
cdk_error_t rc;
if (!keyid || !ret_sk)
return CDK_Inv_Value;
- if (!hd )
+ if (!hd)
return CDK_Error_No_Keyring;
*ret_sk = NULL;
--- /cvs/gnutls/opencdk/src/main.c 2007/04/22 15:05:14 1.71
+++ /cvs/gnutls/opencdk/src/main.c 2007/04/27 13:59:58 1.72
@@ -526,21 +526,9 @@
val = hd->_s2k.mode;
break;
- case CDK_CTL_KEYCACHE_ON:
- if (set)
- hd->cache.on = va_arg (arg_ptr, int);
- else
- val = hd->cache.on;
- break;
-
- case CDK_CTL_KEYCACHE_FREE:
- cdk_sk_release (hd->cache.sk);
- hd->cache.sk = NULL;
- break;
-
case CDK_CTL_FORCE_DIGEST:
- if( set )
- hd->opt.force_digest = va_arg( arg_ptr, int );
+ if (set)
+ hd->opt.force_digest = va_arg (arg_ptr, int);
else
val = hd->opt.force_digest;
break;
@@ -712,7 +700,6 @@
if (!hd)
return;
_cdk_result_verify_free (hd->result.verify);
- cdk_sk_release (hd->cache.sk);
/* If cdk_handle_set_keyring() were used, we need to free the key db
handles here because the handles are not controlled by the user. */
--- /cvs/gnutls/opencdk/src/opencdk.h 2007/04/22 15:05:14 1.217
+++ /cvs/gnutls/opencdk/src/opencdk.h 2007/04/27 13:59:58 1.218
@@ -134,10 +134,9 @@
CDK_CTL_CIPHER = 11, /* Option to set the cipher algorithm. */
CDK_CTL_ARMOR = 12, /* Option to enable armor output. */
CDK_CTL_COMPRESS = 13, /* Option to enable compression. */
+ CDK_CTL_COMPAT = 14, /* Option to switch in compat mode. */
CDK_CTL_OVERWRITE = 15, /* Option to enable file overwritting. */
CDK_CTL_S2K = 16, /* Option to set S2K values. */
- CDK_CTL_KEYCACHE_ON = 17,
- CDK_CTL_KEYCACHE_FREE = 18,
CDK_CTL_FORCE_DIGEST = 19, /* Force the use of a digest algorithm. */
CDK_CTL_BLOCKMODE_ON = 20 /* Enable partial body lengths */
};
--- /cvs/gnutls/opencdk/src/opencdk.h.in 2007/04/21 10:32:27 1.37
+++ /cvs/gnutls/opencdk/src/opencdk.h.in 2007/04/27 13:59:58 1.38
@@ -137,8 +137,6 @@
CDK_CTL_COMPAT = 14, /* Option to switch in compat mode. */
CDK_CTL_OVERWRITE = 15, /* Option to enable file overwritting. */
CDK_CTL_S2K = 16, /* Option to set S2K values. */
- CDK_CTL_KEYCACHE_ON = 17,
- CDK_CTL_KEYCACHE_FREE = 18,
CDK_CTL_FORCE_DIGEST = 19, /* Force the use of a digest algorithm. */
CDK_CTL_BLOCKMODE_ON = 20 /* Enable partial body lengths */
};
--- /cvs/gnutls/opencdk/src/proc-packet.c 2007/04/20 18:31:56 1.6
+++ /cvs/gnutls/opencdk/src/proc-packet.c 2007/04/27 13:59:58 1.7
@@ -34,6 +34,7 @@
cdk_kbnode_t node;
cdk_stream_t tmpfp;
cdk_stream_t data; /* For detached signatures, this is the data stream. */
+ cdk_seckey_t last_sk;
unsigned int data_close:1;
struct {
unsigned present:1;
@@ -134,39 +135,11 @@
static cdk_error_t
-get_seckey (cdk_ctx_t hd, cdk_keydb_hd_t db, u32 *keyid,
- cdk_pkt_seckey_t *r_sk)
-{
- cdk_error_t rc;
-
- if (!r_sk)
- return CDK_Inv_Value;
- if (hd->cache.on && hd->cache.sk)
- {
- cdk_pkt_seckey_t sk = hd->cache.sk;
-
- cdk_sk_get_keyid (sk, NULL);
- if (sk->keyid[0] == keyid[0] && sk->keyid[1] == keyid[1])
- {
- *r_sk = sk;
- return 0;
- }
- }
- rc = cdk_keydb_get_sk (db, keyid, r_sk);
- if (rc)
- return rc;
-
- if (hd->cache.on)
- hd->cache.sk = *r_sk;
- return 0;
-}
-
-
-static cdk_error_t
handle_pubkey_enc (mainproc_ctx_t c, cdk_ctx_t hd, cdk_packet_t pkt)
{
cdk_pkt_pubkey_enc_t enc;
cdk_pkt_seckey_t sk;
+ u32 sk_keyid[2];
cdk_error_t rc;
assert (pkt->pkttype == CDK_PKT_PUBKEY_ENC);
@@ -182,12 +155,31 @@
skip this packet and continue without errors. */
if (cdk_keydb_check_sk (hd->db.sec, enc->keyid))
return 0;
- sk = NULL;
- rc = get_seckey (hd, hd->db.sec, enc->keyid, &sk);
- if (!rc)
- rc = cdk_dek_extract (&c->dek, hd, enc, sk);
- cdk_sk_release (sk);
+ if (c->last_sk != NULL)
+ {
+ cdk_sk_get_keyid (c->last_sk, sk_keyid);
+ if (sk_keyid[0] == enc->keyid[0] &&
+ sk_keyid[1] == enc->keyid[1])
+ sk = c->last_sk;
+ else
+ {
+ /* key ID does not match, release key. */
+ cdk_sk_release (c->last_sk);
+ c->last_sk = NULL;
+ sk = NULL;
+ }
+ }
+
+ /* The last secret key did not match, so replace it */
+ if (sk == NULL)
+ {
+ rc = cdk_keydb_get_sk (hd->db.sec, enc->keyid, &sk);
+ if (rc)
+ return rc;
+ c->last_sk = sk;
+ }
+ rc = cdk_dek_extract (&c->dek, hd, enc, sk);
return rc;
}
@@ -481,6 +473,7 @@
{
if (!c)
return;
+ cdk_sk_release (c->last_sk);
cdk_kbnode_release (c->node);
c->node = NULL;
if (c->data && c->data_close)
_______________________________________________
Gnutls-commits mailing list
Gnutls-commits@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnutls-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic