--- pgp/src/pgp.c 2018/04/24 16:39:42 1.1.1.4 +++ pgp/src/pgp.c 2018/04/24 16:40:32 1.1.1.5 @@ -1,4 +1,4 @@ -#undef TEMP_VERSION /* if defined, temporary experimental version of PGP */ +/* #define TEMP_VERSION / * if defined, temporary experimental version of PGP */ /* pgp.c -- main module for PGP. PGP: Pretty Good(tm) Privacy - public key cryptography for the masses. @@ -44,7 +44,9 @@ Version 1.8 - 23 May 92 Version 2.0 - 2 Sep 92 Version 2.1 - 6 Dec 92 - Version 2.2 - 6 Mar 92 + Version 2.2 - 6 Mar 93 + Version 2.3 - 13 Jun 93 + Version 2.3a - 1 Jul 93 (c) Copyright 1990-1993 by Philip Zimmermann. All rights reserved. The author assumes no liability for damages resulting from the use @@ -123,6 +125,7 @@ #include "config.h" #include "keymaint.h" #include "keyadd.h" +#include "rsaglue.h" #ifdef M_XENIX char *strstr(); long time(); @@ -139,8 +142,13 @@ unsigned _stklen = 24*1024; #define STACK_WIPE 4096 /* Global filenames and system-wide file extensions... */ -char rel_version[] = "2.2"; /* release version */ -static char rel_date[] = "6 Mar 93"; /* release date */ +char rel_version[] = "2.3a"; /* release version */ +#ifdef RSAREF +#define RSASTRING " (with RSAREF)" +#else +#define RSASTRING "" +#endif +static char rel_date[] = "1 Jul 93"; /* release date */ char PGP_EXTENSION[] = ".pgp"; char ASC_EXTENSION[] = ".asc"; char SIG_EXTENSION[] = ".sig"; @@ -286,8 +294,8 @@ static void signon_msg(void) if (quietmode || printed) return; printed = TRUE; - fprintf(stderr,PSTR("Pretty Good Privacy %s - Public-key encryption for the masses.\n"), - rel_version); + fprintf(stderr,PSTR("Pretty Good Privacy %s%s - Public-key encryption for the masses.\n"), + rel_version, RSASTRING); #ifdef TEMP_VERSION fprintf(stderr, "Internal development version only - not for general release.\n"); #endif @@ -301,8 +309,8 @@ static void signon_msg(void) #ifdef TEMP_VERSION /* temporary experimental version of PGP */ #include -#define CREATION_DATE ((unsigned long) 0x2a6f17dcL) - /* CREATION_DATE is Thu Jul 23 14:34:36 1992 */ +#define CREATION_DATE ((unsigned long) 0x2C18C6BCL) + /* CREATION_DATE is Fri Jun 11 17:54:04 1993 UTC */ #define LIFESPAN ((unsigned long) 30L * (unsigned long) 86400L) /* LIFESPAN is 30 days */ void check_expiration_date(void) @@ -348,6 +356,7 @@ boolean encrypt_to_self = FALSE; /* shou boolean batchmode = FALSE; /* if TRUE: don't ask questions */ boolean quietmode = FALSE; boolean force_flag = FALSE; /* overwrite existing file without asking */ +boolean pkcs_compat = 1; #ifdef VMS /* kludge for those stupid VMS variable-length text records */ char literal_mode = MODE_TEXT; /* MODE_TEXT or MODE_BINARY for literal packet */ #else /* not VMS */ @@ -368,7 +377,8 @@ boolean signature_checked = FALSE; char plainfile[MAX_PATH]; int myArgc = 2; char **myArgv; -char password[256] = ""; +struct hashedpw *passwds = 0, *keypasswds = 0; +static struct hashedpw **passwdstail = &passwds; int main(int argc, char *argv[]) { @@ -392,6 +402,7 @@ int main(int argc, char *argv[]) char keychar = '\0'; char *p; byte ctb; + struct hashedpw *hpw; /* Initial messages to stderr */ pgpout = stderr; @@ -399,9 +410,25 @@ int main(int argc, char *argv[]) #ifdef DEBUG1 verbose = TRUE; #endif + /* The various places one can get passwords from. + * We accumulate them all into two lists. One is + * to try on keys only, and is stored in no particular + * order, while the other is of unknown purpose so + * far (they may be used for conventional encryption + * or decryption as well), and are kept in a specific + * order. If any password in the general list is found + * to decode a key, it is moved to the key list. + * The general list is not grown after initialization, + * so the tail pointer is not used after this. + */ if ((p = getenv("PGPPASS")) != NULL) - strcpy(password, p); + { hpw = xmalloc(sizeof(struct hashedpw)); + hashpass(p, strlen(p), hpw->hash); + /* Add to linked list of key passwords */ + hpw->next = keypasswds; + keypasswds = hpw; + } /* The -z "password" option should be used instead of PGPPASS if * the environment can be displayed with the ps command (eg. BSD). @@ -410,26 +437,45 @@ int main(int argc, char *argv[]) * should be used. */ for (opt = 1; opt < argc; ++opt) - { if (strcmp(argv[opt], "-z") == 0 && ++opt < argc) - { strcpy(password, argv[opt]); - for (p = argv[opt]; *p; ++p) - *p = ' '; - } + { p = argv[opt]; + if (p[0] != '-' || p[1] != 'z') + continue; + /* Accept either "-zpassword" or "-z password" */ + p += 2; + if (!*p) + p = argv[++opt]; + /* p now points to password */ + hpw = xmalloc(sizeof(struct hashedpw)); + hashpass(p, strlen(p), hpw->hash); + /* Wipe password */ + while (*p) + *p++ = ' '; + /* Add to tail of linked list of passwords */ + hpw->next = 0; + *passwdstail = hpw; + passwdstail = &hpw->next; } /* * If PGPPASSFD is set in the environment try to read the password * from this file descriptor. If you set PGPPASSFD to 0 pgp will * use the first line read from stdin as password. */ - if (*password == '\0' && (p = getenv("PGPPASSFD")) != NULL) + if ((p = getenv("PGPPASSFD")) != NULL) { int passfd; if (*p && (passfd = atoi(p)) >= 0) { - p = password; + char pwbuf[256]; + p = pwbuf; while (read(passfd, p, 1) == 1 && *p != '\n') ++p; - *p = '\0'; + hpw = xmalloc(sizeof(struct hashedpw)); + hashpass(pwbuf, p-pwbuf, hpw->hash); + memset(pwbuf, 0, p-pwbuf); + /* Add to tail of linked list of passwords */ + hpw->next = 0; + *passwdstail = hpw; + passwdstail = &hpw->next; } } @@ -968,10 +1014,13 @@ static void initsigs() #ifdef ATARI signal(SIGINT,(sigfunc_t) breakHandler); #else - signal(SIGINT,breakHandler); + if (signal(SIGINT, SIG_IGN) != SIG_IGN) + signal(SIGINT,breakHandler); #if defined(UNIX) || defined(VMS) - signal(SIGHUP,breakHandler); - signal(SIGQUIT,breakHandler); + if (signal(SIGHUP, SIG_IGN) != SIG_IGN) + signal(SIGHUP,breakHandler); + if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) + signal(SIGQUIT,breakHandler); #ifdef UNIX signal(SIGPIPE,breakHandler); #endif @@ -1853,10 +1902,14 @@ void user_error() /* comes here if user void exitPGP(int returnval) { char buf[STACK_WIPE]; + struct hashedpw *hpw; if (verbose) fprintf(pgpout, "exitPGP: exitcode = %d\n", returnval); - memset(password, 0, sizeof(password)); + for (hpw = passwds; hpw; hpw = hpw->next) + memset(hpw->hash, 0, sizeof(hpw->hash)); + for (hpw = keypasswds; hpw; hpw = hpw->next) + memset(hpw->hash, 0, sizeof(hpw->hash)); cleanup_tmpf(); #if defined(DEBUG) && defined(linux) if (verbose) @@ -1914,7 +1967,9 @@ static void usage() tmphelp = tempfile(TMP_TMPDIR); CONVERSION = EXT_CONV; if (copyfiles_by_name(helpfile, tmphelp) < 0) + { rmtemp(tmphelp); tmphelp = helpfile; + } CONVERSION = NO_CONV; }