Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' of git.funtoo.org:funtoo-overlay
- Loading branch information
Showing
24 changed files
with
892 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DIST gnupg-2.0.19.tar.bz2 4187460 SHA256 efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622 SHA512 9bfc83ebca29ca8e3dde803ba494adb3c4e2fdcacbf33b5592764fe187dbe2433e04ff53734a9c3197358d559c1046098707089ddbea9fa63c849d48ce73ca51 WHIRLPOOL 026f9a8740322b951b256ec87fabb8a1b3ad2114208f52c2082b73b2193d1be8e276f0f526762bbebb04e612351162eb78c9c50eeb058e35fad9c4df1d7db540 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
From c34486a64c223bcbfbb57d9abcf107d684b815b6 Mon Sep 17 00:00:00 2001 | ||
From: =?UTF-8?q?Diego=20Elio=20Petten=C3=B2?= <flameeyes@gmail.com> | ||
Date: Sun, 17 Apr 2011 01:34:39 +0200 | ||
Subject: [PATCH] gpgsm-gencert.sh: make sure not to abort after creating temp | ||
file. | ||
|
||
https://bugs.g10code.com/gnupg/issue1466 | ||
|
||
--- | ||
tools/gpgsm-gencert.sh | 8 ++++---- | ||
1 files changed, 4 insertions(+), 4 deletions(-) | ||
|
||
diff --git a/tools/gpgsm-gencert.sh b/tools/gpgsm-gencert.sh | ||
index b209c8e..e7c812f 100755 | ||
--- a/tools/gpgsm-gencert.sh | ||
+++ b/tools/gpgsm-gencert.sh | ||
@@ -178,10 +178,10 @@ Key-Length: $KEY_LENGTH | ||
Key-Usage: $KEY_USAGE | ||
Name-DN: $NAME | ||
EOF | ||
-[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" | ||
-[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" | ||
-[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" | ||
-[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" | ||
+[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" || true | ||
+[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" || true | ||
+[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" || true | ||
+[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" || true | ||
) > "$file_parameter" | ||
|
||
|
||
-- | ||
1.7.5.rc1 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
diff --git a/gl/stdinit_.h b/gl/stdint_.h | ||
|
||
--- a/gl/stdint_.h 2012-12-26 15:40:09.771486357 -0500 | ||
+++ b/gl/stdint_.h 2012-12-26 15:41:45.409931190 -0500 | ||
@@ -62,7 +62,8 @@ | ||
int{8,16,32,64}_t, uint{8,16,32,64}_t and __BIT_TYPES_DEFINED__. | ||
<inttypes.h> also defines intptr_t and uintptr_t. */ | ||
# define _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H | ||
-# include <inttypes.h> | ||
+// This line breaks Clang/LLVM Builds. | ||
+//# include <inttypes.h> | ||
# undef _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H | ||
#elif @HAVE_SYS_INTTYPES_H@ | ||
/* Solaris 7 <sys/inttypes.h> has the types except the *_fast*_t types, and | ||
@@ -206,10 +207,12 @@ | ||
|
||
/* 7.18.1.4. Integer types capable of holding object pointers */ | ||
|
||
-#undef intptr_t | ||
-#undef uintptr_t | ||
-#define intptr_t long int | ||
-#define uintptr_t unsigned long int | ||
+/* Comment this out, it breaks Clang/LLVM builds. */ | ||
+ | ||
+//#undef intptr_t | ||
+//#undef uintptr_t | ||
+//#define intptr_t long int | ||
+//#define uintptr_t unsigned long int | ||
|
||
/* 7.18.1.5. Greatest-width integer types */ | ||
|
184 changes: 184 additions & 0 deletions
184
app-crypt/gnupg/files/gnupg-2.0.19-support-sc-key-3072.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,184 @@ | ||
From ab4ea45f54006eba55db11263431c4c0c4f557dc Mon Sep 17 00:00:00 2001 | ||
From: Werner Koch <wk@gnupg.org> | ||
Date: Tue, 6 Nov 2012 14:39:22 +0100 | ||
Subject: [PATCH 1/1] Allow decryption with card keys > 3072 bit | ||
|
||
* scd/command.c (MAXLEN_SETDATA): New. | ||
(cmd_setdata): Add option --append. | ||
* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data | ||
|
||
* scd/app-openpgp.c (struct app_local_s): Add field manufacturer. | ||
(app_select_openpgp): Store manufacturer. | ||
(do_decipher): Print a note for broken cards. | ||
|
||
-- | ||
|
||
Please note that I was not able to run a full test because I only have | ||
broken cards (S/N < 346) available. | ||
--- | ||
g10/call-agent.c | 22 ++++++++++++++-------- | ||
scd/app-openpgp.c | 10 ++++++++++ | ||
scd/command.c | 38 ++++++++++++++++++++++++++++++++------ | ||
3 files changed, 56 insertions(+), 14 deletions(-) | ||
|
||
diff --git a/g10/call-agent.c b/g10/call-agent.c | ||
index cded773..373d8c9 100644 | ||
--- a/g10/call-agent.c | ||
+++ b/g10/call-agent.c | ||
@@ -1034,7 +1034,7 @@ agent_scd_pksign (const char *serialno, int hashalgo, | ||
|
||
|
||
/* Decrypt INDATA of length INDATALEN using the card identified by | ||
- SERIALNO. Return the plaintext in a nwly allocated buffer stored | ||
+ SERIALNO. Return the plaintext in a newly allocated buffer stored | ||
at the address of R_BUF. | ||
|
||
Note, we currently support only RSA or more exactly algorithms | ||
@@ -1058,20 +1058,26 @@ agent_scd_pkdecrypt (const char *serialno, | ||
return rc; | ||
|
||
/* FIXME: use secure memory where appropriate */ | ||
- if (indatalen*2 + 50 > DIM(line)) | ||
- return gpg_error (GPG_ERR_GENERAL); | ||
|
||
rc = select_openpgp (serialno); | ||
if (rc) | ||
return rc; | ||
|
||
- sprintf (line, "SCD SETDATA "); | ||
- p = line + strlen (line); | ||
- for (i=0; i < indatalen ; i++, p += 2 ) | ||
- sprintf (p, "%02X", indata[i]); | ||
- rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); | ||
+ for (len = 0; len < indatalen;) | ||
+ { | ||
+ p = stpcpy (line, "SCD SETDATA "); | ||
+ if (len) | ||
+ p = stpcpy (p, "--append "); | ||
+ for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++) | ||
+ { | ||
+ sprintf (p, "%02X", indata[len]); | ||
+ p += 2; | ||
+ } | ||
+ rc = assuan_transact (agent_ctx, line, | ||
+ NULL, NULL, NULL, NULL, NULL, NULL); | ||
if (rc) | ||
return rc; | ||
+ } | ||
|
||
init_membuf (&data, 1024); | ||
snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno); | ||
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c | ||
index ff26b36..141b2b7 100644 | ||
--- a/scd/app-openpgp.c | ||
+++ b/scd/app-openpgp.c | ||
@@ -158,6 +158,8 @@ struct app_local_s { | ||
|
||
unsigned char status_indicator; /* The card status indicator. */ | ||
|
||
+ unsigned int manufacturer:16; /* Manufacturer ID from the s/n. */ | ||
+ | ||
/* Keep track of the ISO card capabilities. */ | ||
struct | ||
{ | ||
@@ -3462,6 +3464,12 @@ do_decipher (app_t app, const char *keyidstr, | ||
indata, indatalen, le_value, padind, | ||
outdata, outdatalen); | ||
xfree (fixbuf); | ||
+ | ||
+ if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */ | ||
+ && app->app_local->manufacturer == 5 | ||
+ && app->card_version == 0x0200) | ||
+ log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)" | ||
+ " do not work with encryption keys > 2048 bits\n"); | ||
} | ||
|
||
return rc; | ||
@@ -3749,6 +3757,8 @@ app_select_openpgp (app_t app) | ||
goto leave; | ||
} | ||
|
||
+ app->app_local->manufacturer = manufacturer; | ||
+ | ||
if (app->card_version >= 0x0200) | ||
app->app_local->extcap.is_v2 = 1; | ||
|
||
diff --git a/scd/command.c b/scd/command.c | ||
index 6053fc6..3ce4a57 100644 | ||
--- a/scd/command.c | ||
+++ b/scd/command.c | ||
@@ -46,6 +46,9 @@ | ||
/* Maximum allowed size of key data as used in inquiries. */ | ||
#define MAXLEN_KEYDATA 4096 | ||
|
||
+/* Maximum allowed total data size for SETDATA. */ | ||
+#define MAXLEN_SETDATA 4096 | ||
+ | ||
/* Maximum allowed size of certificate data as used in inquiries. */ | ||
#define MAXLEN_CERTDATA 16384 | ||
|
||
@@ -820,17 +823,24 @@ cmd_readkey (assuan_context_t ctx, char *line) | ||
|
||
|
||
static const char hlp_setdata[] = | ||
- "SETDATA <hexstring> \n" | ||
+ "SETDATA [--append] <hexstring>\n" | ||
"\n" | ||
- "The client should use this command to tell us the data he want to sign."; | ||
+ "The client should use this command to tell us the data he want to sign.\n" | ||
+ "With the option --append, the data is appended to the data set by a\n" | ||
+ "previous SETDATA command."; | ||
static gpg_error_t | ||
cmd_setdata (assuan_context_t ctx, char *line) | ||
{ | ||
ctrl_t ctrl = assuan_get_pointer (ctx); | ||
- int n; | ||
+ int append; | ||
+ int n, i, off; | ||
char *p; | ||
unsigned char *buf; | ||
|
||
+ append = (ctrl->in_data.value && has_option (line, "--append")); | ||
+ | ||
+ line = skip_options (line); | ||
+ | ||
if (locked_session && locked_session != ctrl->server_local) | ||
return gpg_error (GPG_ERR_LOCKED); | ||
|
||
@@ -844,14 +854,30 @@ cmd_setdata (assuan_context_t ctx, char *line) | ||
if ((n&1)) | ||
return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits"); | ||
n /= 2; | ||
+ if (append) | ||
+ { | ||
+ if (ctrl->in_data.valuelen + n > MAXLEN_SETDATA) | ||
+ return set_error (GPG_ERR_TOO_LARGE, | ||
+ "limit on total size of data reached"); | ||
+ buf = xtrymalloc (ctrl->in_data.valuelen + n); | ||
+ } | ||
+ else | ||
buf = xtrymalloc (n); | ||
if (!buf) | ||
return out_of_core (); | ||
|
||
+ if (append) | ||
+ { | ||
+ memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen); | ||
+ off = ctrl->in_data.valuelen; | ||
+ } | ||
+ else | ||
+ off = 0; | ||
+ for (p=line, i=0; i < n; p += 2, i++) | ||
+ buf[off+i] = xtoi_2 (p); | ||
+ | ||
ctrl->in_data.value = buf; | ||
- ctrl->in_data.valuelen = n; | ||
- for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++) | ||
- buf[n] = xtoi_2 (p); | ||
+ ctrl->in_data.valuelen = off + n; | ||
return 0; | ||
} | ||
|
||
-- | ||
1.7.2.5 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
diff -ru gnupg-2.0.19.orig/doc/gpgsm.texi gnupg-2.0.19/doc/gpgsm.texi | ||
--- gnupg-2.0.19.orig/doc/gpgsm.texi 2012-03-27 10:03:23.000000000 +0200 | ||
+++ gnupg-2.0.19/doc/gpgsm.texi 2013-04-10 11:46:02.179960198 +0200 | ||
@@ -760,8 +760,8 @@ | ||
This is the standard configuration file read by @command{gpgsm} on | ||
startup. It may contain any valid long option; the leading two dashes | ||
may not be entered and the option may not be abbreviated. This default | ||
-name may be changed on the command line (@pxref{option | ||
- --options}). You should backup this file. | ||
+name may be changed on the command line (@pxref{option --options}). | ||
+You should backup this file. | ||
|
||
|
||
@item policies.txt | ||
diff -ru gnupg-2.0.19.orig/doc/gpl.texi gnupg-2.0.19/doc/gpl.texi | ||
--- gnupg-2.0.19.orig/doc/gpl.texi 2012-03-27 10:03:23.000000000 +0200 | ||
+++ gnupg-2.0.19/doc/gpl.texi 2013-04-10 12:45:20.988492453 +0200 | ||
@@ -659,12 +659,14 @@ | ||
Program, unless a warranty or assumption of liability accompanies a | ||
copy of the Program in return for a fee. | ||
|
||
+@end enumerate | ||
+ | ||
@iftex | ||
@heading END OF TERMS AND CONDITIONS | ||
@end iftex | ||
@ifinfo | ||
@center END OF TERMS AND CONDITIONS | ||
@end ifinfo | ||
@unnumberedsec How to Apply These Terms to Your New Programs | ||
|
||
If you develop a new program, and you want it to be of the greatest | ||
@@ -721,5 +724,3 @@ | ||
applications with the library. If this is what you want to do, use | ||
the GNU Lesser General Public License instead of this License. But | ||
first, please read @url{http://www.gnu.org/philosophy/why-not-lgpl.html}. | ||
- | ||
-@end enumerate |
Oops, something went wrong.