[Pkg-privacy-commits] [codecrypt] 01/02: New upstream version 1.8
Mirek Kratochvil
exa-guest at moszumanska.debian.org
Tue Oct 31 21:03:22 UTC 2017
This is an automated email from the git hooks/post-receive script.
exa-guest pushed a commit to branch master
in repository codecrypt.
commit 74d8b1fd40c6dbf149103e75cf9de380684c9bc0
Author: Mirek Kratochvil <exa.exa at gmail.com>
Date: Tue Oct 31 21:49:11 2017 +0100
New upstream version 1.8
---
INSTALL | 320 +++++++++++++++++++-------------------
Makefile.am | 6 +-
Makefile.in | 251 ++++++++++++++++++------------
README | 36 +++--
aclocal.m4 | 44 +++---
autogen.sh | 2 +-
configure | 103 ++++++++++--
configure.ac | 23 ++-
depcomp | 6 +-
man/ccr.1 | 62 +++++++-
src/actions.cpp | 361 +++++++++++++++++++++++++------------------
src/actions.h | 29 +++-
src/arcfour.h | 43 +++++-
src/generator.h | 7 +-
src/keyring.cpp | 143 ++++++++++++-----
src/keyring.h | 81 +++++++---
src/main.cpp | 96 +++++++++---
src/message.cpp | 9 +-
src/privfile.cpp | 61 ++++++++
src/{symkey.h => privfile.h} | 33 +---
src/pwrng.cpp | 99 ++++++++++++
src/pwrng.h | 90 +++++++++++
src/seclock.cpp | 135 ++++++++++++++++
src/seclock.h | 52 +++++++
src/symkey.cpp | 114 +++++++++++++-
src/symkey.h | 7 +-
26 files changed, 1609 insertions(+), 604 deletions(-)
diff --git a/INSTALL b/INSTALL
index 2099840..8865734 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,8 +1,8 @@
Installation Instructions
*************************
-Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation,
-Inc.
+ Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software
+Foundation, Inc.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
@@ -12,97 +12,96 @@ without warranty of any kind.
Basic Installation
==================
- Briefly, the shell command `./configure && make && make install'
+ Briefly, the shell command './configure && make && make install'
should configure, build, and install this package. The following
-more-detailed instructions are generic; see the `README' file for
+more-detailed instructions are generic; see the 'README' file for
instructions specific to this package. Some packages provide this
-`INSTALL' file but do not implement all of the features documented
+'INSTALL' file but do not implement all of the features documented
below. The lack of an optional feature in a given package is not
necessarily a bug. More recommendations for GNU packages can be found
in *note Makefile Conventions: (standards)Makefile Conventions.
- The `configure' shell script attempts to guess correct values for
+ The 'configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions. Finally, it creates a shell script `config.status' that
+those values to create a 'Makefile' in each directory of the package.
+It may also create one or more '.h' files containing system-dependent
+definitions. Finally, it creates a shell script 'config.status' that
you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
+file 'config.log' containing compiler output (useful mainly for
+debugging 'configure').
- It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring. Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.
+ It can also use an optional file (typically called 'config.cache' and
+enabled with '--cache-file=config.cache' or simply '-C') that saves the
+results of its tests to speed up reconfiguring. Caching is disabled by
+default to prevent problems with accidental use of stale cache files.
If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
+to figure out how 'configure' could check whether to do them, and mail
+diffs or instructions to the address given in the 'README' so they can
be considered for the next release. If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
+some point 'config.cache' contains results you don't want to keep, you
may remove or edit it.
- The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'. You need `configure.ac' if
-you want to change it or regenerate `configure' using a newer version
-of `autoconf'.
+ The file 'configure.ac' (or 'configure.in') is used to create
+'configure' by a program called 'autoconf'. You need 'configure.ac' if
+you want to change it or regenerate 'configure' using a newer version of
+'autoconf'.
The simplest way to compile this package is:
- 1. `cd' to the directory containing the package's source code and type
- `./configure' to configure the package for your system.
+ 1. 'cd' to the directory containing the package's source code and type
+ './configure' to configure the package for your system.
- Running `configure' might take a while. While running, it prints
+ Running 'configure' might take a while. While running, it prints
some messages telling which features it is checking for.
- 2. Type `make' to compile the package.
+ 2. Type 'make' to compile the package.
- 3. Optionally, type `make check' to run any self-tests that come with
+ 3. Optionally, type 'make check' to run any self-tests that come with
the package, generally using the just-built uninstalled binaries.
- 4. Type `make install' to install the programs and any data files and
+ 4. Type 'make install' to install the programs and any data files and
documentation. When installing into a prefix owned by root, it is
recommended that the package be configured and built as a regular
- user, and only the `make install' phase executed with root
+ user, and only the 'make install' phase executed with root
privileges.
- 5. Optionally, type `make installcheck' to repeat any self-tests, but
+ 5. Optionally, type 'make installcheck' to repeat any self-tests, but
this time using the binaries in their final installed location.
This target does not install anything. Running this target as a
- regular user, particularly if the prior `make install' required
+ regular user, particularly if the prior 'make install' required
root privileges, verifies that the installation completed
correctly.
6. You can remove the program binaries and object files from the
- source code directory by typing `make clean'. To also remove the
- files that `configure' created (so you can compile the package for
- a different kind of computer), type `make distclean'. There is
- also a `make maintainer-clean' target, but that is intended mainly
+ source code directory by typing 'make clean'. To also remove the
+ files that 'configure' created (so you can compile the package for
+ a different kind of computer), type 'make distclean'. There is
+ also a 'make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
- 7. Often, you can also type `make uninstall' to remove the installed
+ 7. Often, you can also type 'make uninstall' to remove the installed
files again. In practice, not all packages have tested that
uninstallation works correctly, even though it is required by the
GNU Coding Standards.
- 8. Some packages, particularly those that use Automake, provide `make
+ 8. Some packages, particularly those that use Automake, provide 'make
distcheck', which can by used by developers to test that all other
- targets like `make install' and `make uninstall' work correctly.
+ targets like 'make install' and 'make uninstall' work correctly.
This target is generally not run by end users.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
-the `configure' script does not know about. Run `./configure --help'
+the 'configure' script does not know about. Run './configure --help'
for details on some of the pertinent environment variables.
- You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment. Here
-is an example:
+ You can give 'configure' initial values for configuration parameters
+by setting variables in the command line or in the environment. Here is
+an example:
./configure CC=c99 CFLAGS=-g LIBS=-lposix
@@ -113,21 +112,21 @@ Compiling For Multiple Architectures
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
-own directory. To do this, you can use GNU `make'. `cd' to the
+own directory. To do this, you can use GNU 'make'. 'cd' to the
directory where you want the object files and executables to go and run
-the `configure' script. `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'. This
-is known as a "VPATH" build.
+the 'configure' script. 'configure' automatically checks for the source
+code in the directory that 'configure' is in and in '..'. This is known
+as a "VPATH" build.
- With a non-GNU `make', it is safer to compile the package for one
+ With a non-GNU 'make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
-installed the package for one architecture, use `make distclean' before
+installed the package for one architecture, use 'make distclean' before
reconfiguring for another architecture.
On MacOS X 10.5 and later systems, you can create libraries and
executables that work on multiple system types--known as "fat" or
-"universal" binaries--by specifying multiple `-arch' options to the
-compiler but only a single `-arch' option to the preprocessor. Like
+"universal" binaries--by specifying multiple '-arch' options to the
+compiler but only a single '-arch' option to the preprocessor. Like
this:
./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
@@ -136,105 +135,104 @@ this:
This is not guaranteed to produce working output in all cases, you
may have to build one architecture at a time and combine the results
-using the `lipo' tool if you have problems.
+using the 'lipo' tool if you have problems.
Installation Names
==================
- By default, `make install' installs the package's commands under
-`/usr/local/bin', include files under `/usr/local/include', etc. You
-can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX', where PREFIX must be an
+ By default, 'make install' installs the package's commands under
+'/usr/local/bin', include files under '/usr/local/include', etc. You
+can specify an installation prefix other than '/usr/local' by giving
+'configure' the option '--prefix=PREFIX', where PREFIX must be an
absolute file name.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
-pass the option `--exec-prefix=PREFIX' to `configure', the package uses
+pass the option '--exec-prefix=PREFIX' to 'configure', the package uses
PREFIX as the prefix for installing programs and libraries.
Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give
-options like `--bindir=DIR' to specify different values for particular
-kinds of files. Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them. In general, the
-default for these options is expressed in terms of `${prefix}', so that
-specifying just `--prefix' will affect all of the other directory
+options like '--bindir=DIR' to specify different values for particular
+kinds of files. Run 'configure --help' for a list of the directories
+you can set and what kinds of files go in them. In general, the default
+for these options is expressed in terms of '${prefix}', so that
+specifying just '--prefix' will affect all of the other directory
specifications that were not explicitly provided.
The most portable way to affect installation locations is to pass the
-correct locations to `configure'; however, many packages provide one or
+correct locations to 'configure'; however, many packages provide one or
both of the following shortcuts of passing variable assignments to the
-`make install' command line to change installation locations without
+'make install' command line to change installation locations without
having to reconfigure or recompile.
The first method involves providing an override variable for each
-affected directory. For example, `make install
+affected directory. For example, 'make install
prefix=/alternate/directory' will choose an alternate location for all
directory configuration variables that were expressed in terms of
-`${prefix}'. Any directories that were specified during `configure',
-but not in terms of `${prefix}', must each be overridden at install
-time for the entire installation to be relocated. The approach of
-makefile variable overrides for each directory variable is required by
-the GNU Coding Standards, and ideally causes no recompilation.
-However, some platforms have known limitations with the semantics of
-shared libraries that end up requiring recompilation when using this
-method, particularly noticeable in packages that use GNU Libtool.
-
- The second method involves providing the `DESTDIR' variable. For
-example, `make install DESTDIR=/alternate/directory' will prepend
-`/alternate/directory' before all installation names. The approach of
-`DESTDIR' overrides is not required by the GNU Coding Standards, and
+'${prefix}'. Any directories that were specified during 'configure',
+but not in terms of '${prefix}', must each be overridden at install time
+for the entire installation to be relocated. The approach of makefile
+variable overrides for each directory variable is required by the GNU
+Coding Standards, and ideally causes no recompilation. However, some
+platforms have known limitations with the semantics of shared libraries
+that end up requiring recompilation when using this method, particularly
+noticeable in packages that use GNU Libtool.
+
+ The second method involves providing the 'DESTDIR' variable. For
+example, 'make install DESTDIR=/alternate/directory' will prepend
+'/alternate/directory' before all installation names. The approach of
+'DESTDIR' overrides is not required by the GNU Coding Standards, and
does not work on platforms that have drive letters. On the other hand,
it does better at avoiding recompilation issues, and works well even
-when some directory options were not specified in terms of `${prefix}'
-at `configure' time.
+when some directory options were not specified in terms of '${prefix}'
+at 'configure' time.
Optional Features
=================
If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
- Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System). The
-`README' should mention any `--enable-' and `--with-' options that the
+with an extra prefix or suffix on their names by giving 'configure' the
+option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'.
+
+ Some packages pay attention to '--enable-FEATURE' options to
+'configure', where FEATURE indicates an optional part of the package.
+They may also pay attention to '--with-PACKAGE' options, where PACKAGE
+is something like 'gnu-as' or 'x' (for the X Window System). The
+'README' should mention any '--enable-' and '--with-' options that the
package recognizes.
- For packages that use the X Window System, `configure' can usually
+ For packages that use the X Window System, 'configure' can usually
find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
+you can use the 'configure' options '--x-includes=DIR' and
+'--x-libraries=DIR' to specify their locations.
Some packages offer the ability to configure how verbose the
-execution of `make' will be. For these packages, running `./configure
+execution of 'make' will be. For these packages, running './configure
--enable-silent-rules' sets the default to minimal output, which can be
-overridden with `make V=1'; while running `./configure
+overridden with 'make V=1'; while running './configure
--disable-silent-rules' sets the default to verbose, which can be
-overridden with `make V=0'.
+overridden with 'make V=0'.
Particular systems
==================
- On HP-UX, the default C compiler is not ANSI C compatible. If GNU
-CC is not installed, it is recommended to use the following options in
+ On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC
+is not installed, it is recommended to use the following options in
order to use an ANSI C compiler:
./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
- HP-UX `make' updates targets which have the same time stamps as
-their prerequisites, which makes it generally unusable when shipped
-generated files such as `configure' are involved. Use GNU `make'
-instead.
+ HP-UX 'make' updates targets which have the same time stamps as their
+prerequisites, which makes it generally unusable when shipped generated
+files such as 'configure' are involved. Use GNU 'make' instead.
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
-parse its `<wchar.h>' header file. The option `-nodtk' can be used as
-a workaround. If GNU CC is not installed, it is therefore recommended
-to try
+parse its '<wchar.h>' header file. The option '-nodtk' can be used as a
+workaround. If GNU CC is not installed, it is therefore recommended to
+try
./configure CC="cc"
@@ -242,26 +240,26 @@ and if that doesn't work, try
./configure CC="cc -nodtk"
- On Solaris, don't put `/usr/ucb' early in your `PATH'. This
+ On Solaris, don't put '/usr/ucb' early in your 'PATH'. This
directory contains several dysfunctional programs; working variants of
-these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
-in your `PATH', put it _after_ `/usr/bin'.
+these programs are available in '/usr/bin'. So, if you need '/usr/ucb'
+in your 'PATH', put it _after_ '/usr/bin'.
- On Haiku, software installed for all users goes in `/boot/common',
-not `/usr/local'. It is recommended to use the following options:
+ On Haiku, software installed for all users goes in '/boot/common',
+not '/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common
Specifying the System Type
==========================
- There may be some features `configure' cannot figure out
+ There may be some features 'configure' cannot figure out
automatically, but needs to determine by the type of machine the package
will run on. Usually, assuming the package is built to be run on the
-_same_ architectures, `configure' can figure that out, but if it prints
+_same_ architectures, 'configure' can figure that out, but if it prints
a message saying it cannot guess the machine type, give it the
-`--build=TYPE' option. TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
+'--build=TYPE' option. TYPE can either be a short name for the system
+type, such as 'sun4', or a canonical name which has the form:
CPU-COMPANY-SYSTEM
@@ -270,101 +268,101 @@ where SYSTEM can have one of these forms:
OS
KERNEL-OS
- See the file `config.sub' for the possible values of each field. If
-`config.sub' isn't included in this package, then this package doesn't
+ See the file 'config.sub' for the possible values of each field. If
+'config.sub' isn't included in this package, then this package doesn't
need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should
-use the option `--target=TYPE' to select the type of system they will
+use the option '--target=TYPE' to select the type of system they will
produce code for.
If you want to _use_ a cross compiler, that generates code for a
platform different from the build platform, you should specify the
"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
+eventually be run) with '--host=TYPE'.
Sharing Defaults
================
- If you want to set default values for `configure' scripts to share,
-you can create a site shell script called `config.site' that gives
-default values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists. Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
+ If you want to set default values for 'configure' scripts to share,
+you can create a site shell script called 'config.site' that gives
+default values for variables like 'CC', 'cache_file', and 'prefix'.
+'configure' looks for 'PREFIX/share/config.site' if it exists, then
+'PREFIX/etc/config.site' if it exists. Or, you can set the
+'CONFIG_SITE' environment variable to the location of the site script.
+A warning: not all 'configure' scripts look for a site script.
Defining Variables
==================
Variables not defined in a site shell script can be set in the
-environment passed to `configure'. However, some packages may run
+environment passed to 'configure'. However, some packages may run
configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'. For example:
+them in the 'configure' command line, using 'VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc
-causes the specified `gcc' to be used as the C compiler (unless it is
+causes the specified 'gcc' to be used as the C compiler (unless it is
overridden in the site shell script).
-Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf limitation. Until the limitation is lifted, you can use
-this workaround:
+Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an
+Autoconf limitation. Until the limitation is lifted, you can use this
+workaround:
CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
-`configure' Invocation
+'configure' Invocation
======================
- `configure' recognizes the following options to control how it
+ 'configure' recognizes the following options to control how it
operates.
-`--help'
-`-h'
- Print a summary of all of the options to `configure', and exit.
+'--help'
+'-h'
+ Print a summary of all of the options to 'configure', and exit.
-`--help=short'
-`--help=recursive'
+'--help=short'
+'--help=recursive'
Print a summary of the options unique to this package's
- `configure', and exit. The `short' variant lists options used
- only in the top level, while the `recursive' variant lists options
- also present in any nested packages.
+ 'configure', and exit. The 'short' variant lists options used only
+ in the top level, while the 'recursive' variant lists options also
+ present in any nested packages.
-`--version'
-`-V'
- Print the version of Autoconf used to generate the `configure'
+'--version'
+'-V'
+ Print the version of Autoconf used to generate the 'configure'
script, and exit.
-`--cache-file=FILE'
+'--cache-file=FILE'
Enable the cache: use and save the results of the tests in FILE,
- traditionally `config.cache'. FILE defaults to `/dev/null' to
+ traditionally 'config.cache'. FILE defaults to '/dev/null' to
disable caching.
-`--config-cache'
-`-C'
- Alias for `--cache-file=config.cache'.
+'--config-cache'
+'-C'
+ Alias for '--cache-file=config.cache'.
-`--quiet'
-`--silent'
-`-q'
+'--quiet'
+'--silent'
+'-q'
Do not print messages saying which checks are being made. To
- suppress all normal output, redirect it to `/dev/null' (any error
+ suppress all normal output, redirect it to '/dev/null' (any error
messages will still be shown).
-`--srcdir=DIR'
+'--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
- `configure' can determine that directory automatically.
+ 'configure' can determine that directory automatically.
-`--prefix=DIR'
- Use DIR as the installation prefix. *note Installation Names::
- for more details, including other options available for fine-tuning
- the installation locations.
+'--prefix=DIR'
+ Use DIR as the installation prefix. *note Installation Names:: for
+ more details, including other options available for fine-tuning the
+ installation locations.
-`--no-create'
-`-n'
+'--no-create'
+'-n'
Run the configure checks, but stop before creating any output
files.
-`configure' also accepts some other, not widely useful, options. Run
-`configure --help' for more details.
+'configure' also accepts some other, not widely useful, options. Run
+'configure --help' for more details.
diff --git a/Makefile.am b/Makefile.am
index 701f87e..30f3a25 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,10 +5,10 @@ dist_man_MANS = man/ccr.1
dist_noinst_SCRIPTS = autogen.sh
bin_PROGRAMS = ccr
ccrdir = src/
-ccr_SOURCES = src/serialization.cpp src/actions.cpp src/algo_suite.cpp src/str_match.cpp src/generator.cpp src/algos_enc.cpp src/symkey.cpp src/ios.cpp src/algos_sig.cpp src/base64.cpp src/xsynd.cpp src/bvector.cpp src/keyring.cpp src/main.cpp src/matrix.cpp src/mce_qcmdpc.cpp src/message.cpp src/permutation.cpp src/polynomial.cpp src/sc.cpp src/chacha.cpp src/envelope.cpp src/fft.cpp src/fmtseq.cpp src/gf2m.cpp src/hash.cpp src/hashfile.cpp src/sencode.cpp src/iohelpers.cpp
-noinst_HEADERS = src/sencode.h src/sha_hash.h src/actions.h src/generator.h src/algo_suite.h src/str_match.h src/algorithm.h src/algos_enc.h src/symkey.h src/algos_sig.h src/tiger_hash.h src/types.h src/vector_item.h src/base64.h src/xsynd.h src/bvector.h src/ios.h src/keyring.h src/matrix.h src/mce_qcmdpc.h src/message.h src/permutation.h src/polynomial.h src/prng.h src/rmd_hash.h src/chacha.h src/cube_hash.h src/arcfour.h src/cubehash_impl.h src/decoding.h src/envelope.h src/factoryof. [...]
+ccr_SOURCES = src/serialization.cpp src/algo_suite.cpp src/str_match.cpp src/generator.cpp src/algos_enc.cpp src/actions.cpp src/ios.cpp src/algos_sig.cpp src/base64.cpp src/xsynd.cpp src/bvector.cpp src/pwrng.cpp src/sc.cpp src/matrix.cpp src/seclock.cpp src/keyring.cpp src/message.cpp src/mce_qcmdpc.cpp src/main.cpp src/symkey.cpp src/permutation.cpp src/polynomial.cpp src/chacha.cpp src/privfile.cpp src/envelope.cpp src/fft.cpp src/fmtseq.cpp src/gf2m.cpp src/hash.cpp src/hashfile.cpp [...]
+noinst_HEADERS = src/sencode.h src/sha_hash.h src/symkey.h src/algo_suite.h src/str_match.h src/algorithm.h src/algos_enc.h src/privfile.h src/algos_sig.h src/tiger_hash.h src/types.h src/arcfour.h src/vector_item.h src/base64.h src/xsynd.h src/bvector.h src/ios.h src/keyring.h src/pwrng.h src/generator.h src/matrix.h src/actions.h src/seclock.h src/mce_qcmdpc.h src/message.h src/permutation.h src/polynomial.h src/prng.h src/rmd_hash.h src/chacha.h src/cube_hash.h src/cubehash_impl.h src [...]
ccr_CPPFLAGS = -I$(srcdir)// -I/usr/local/include
ccr_CFLAGS = -Wall
ccr_CXXFLAGS = -Wall -std=c++11
ccr_LDFLAGS = -L/usr/local/lib $(CRYPTOPP_CFLAGS)
-ccr_LDADD = -lgmp -lfftw3 -lm $(CRYPTOPP_LIBS)
+ccr_LDADD = -lgmp -lfftw3 -lm $(CRYPTOPP_LIBS) $(EXTRA_LIBS)
diff --git a/Makefile.in b/Makefile.in
index 466d861..393dbf9 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.15 from Makefile.am.
+# Makefile.in generated by automake 1.15.1 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -111,20 +111,22 @@ am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"
PROGRAMS = $(bin_PROGRAMS)
am__dirstamp = $(am__leading_dot)dirstamp
am_ccr_OBJECTS = src/ccr-serialization.$(OBJEXT) \
- src/ccr-actions.$(OBJEXT) src/ccr-algo_suite.$(OBJEXT) \
- src/ccr-str_match.$(OBJEXT) src/ccr-generator.$(OBJEXT) \
- src/ccr-algos_enc.$(OBJEXT) src/ccr-symkey.$(OBJEXT) \
- src/ccr-ios.$(OBJEXT) src/ccr-algos_sig.$(OBJEXT) \
- src/ccr-base64.$(OBJEXT) src/ccr-xsynd.$(OBJEXT) \
- src/ccr-bvector.$(OBJEXT) src/ccr-keyring.$(OBJEXT) \
- src/ccr-main.$(OBJEXT) src/ccr-matrix.$(OBJEXT) \
- src/ccr-mce_qcmdpc.$(OBJEXT) src/ccr-message.$(OBJEXT) \
- src/ccr-permutation.$(OBJEXT) src/ccr-polynomial.$(OBJEXT) \
- src/ccr-sc.$(OBJEXT) src/ccr-chacha.$(OBJEXT) \
- src/ccr-envelope.$(OBJEXT) src/ccr-fft.$(OBJEXT) \
- src/ccr-fmtseq.$(OBJEXT) src/ccr-gf2m.$(OBJEXT) \
- src/ccr-hash.$(OBJEXT) src/ccr-hashfile.$(OBJEXT) \
- src/ccr-sencode.$(OBJEXT) src/ccr-iohelpers.$(OBJEXT)
+ src/ccr-algo_suite.$(OBJEXT) src/ccr-str_match.$(OBJEXT) \
+ src/ccr-generator.$(OBJEXT) src/ccr-algos_enc.$(OBJEXT) \
+ src/ccr-actions.$(OBJEXT) src/ccr-ios.$(OBJEXT) \
+ src/ccr-algos_sig.$(OBJEXT) src/ccr-base64.$(OBJEXT) \
+ src/ccr-xsynd.$(OBJEXT) src/ccr-bvector.$(OBJEXT) \
+ src/ccr-pwrng.$(OBJEXT) src/ccr-sc.$(OBJEXT) \
+ src/ccr-matrix.$(OBJEXT) src/ccr-seclock.$(OBJEXT) \
+ src/ccr-keyring.$(OBJEXT) src/ccr-message.$(OBJEXT) \
+ src/ccr-mce_qcmdpc.$(OBJEXT) src/ccr-main.$(OBJEXT) \
+ src/ccr-symkey.$(OBJEXT) src/ccr-permutation.$(OBJEXT) \
+ src/ccr-polynomial.$(OBJEXT) src/ccr-chacha.$(OBJEXT) \
+ src/ccr-privfile.$(OBJEXT) src/ccr-envelope.$(OBJEXT) \
+ src/ccr-fft.$(OBJEXT) src/ccr-fmtseq.$(OBJEXT) \
+ src/ccr-gf2m.$(OBJEXT) src/ccr-hash.$(OBJEXT) \
+ src/ccr-hashfile.$(OBJEXT) src/ccr-sencode.$(OBJEXT) \
+ src/ccr-iohelpers.$(OBJEXT)
ccr_OBJECTS = $(am_ccr_OBJECTS)
am__DEPENDENCIES_1 =
ccr_DEPENDENCIES = $(am__DEPENDENCIES_1)
@@ -380,13 +382,13 @@ ACLOCAL_AMFLAGS = -I m4
dist_man_MANS = man/ccr.1
dist_noinst_SCRIPTS = autogen.sh
ccrdir = src/
-ccr_SOURCES = src/serialization.cpp src/actions.cpp src/algo_suite.cpp src/str_match.cpp src/generator.cpp src/algos_enc.cpp src/symkey.cpp src/ios.cpp src/algos_sig.cpp src/base64.cpp src/xsynd.cpp src/bvector.cpp src/keyring.cpp src/main.cpp src/matrix.cpp src/mce_qcmdpc.cpp src/message.cpp src/permutation.cpp src/polynomial.cpp src/sc.cpp src/chacha.cpp src/envelope.cpp src/fft.cpp src/fmtseq.cpp src/gf2m.cpp src/hash.cpp src/hashfile.cpp src/sencode.cpp src/iohelpers.cpp
-noinst_HEADERS = src/sencode.h src/sha_hash.h src/actions.h src/generator.h src/algo_suite.h src/str_match.h src/algorithm.h src/algos_enc.h src/symkey.h src/algos_sig.h src/tiger_hash.h src/types.h src/vector_item.h src/base64.h src/xsynd.h src/bvector.h src/ios.h src/keyring.h src/matrix.h src/mce_qcmdpc.h src/message.h src/permutation.h src/polynomial.h src/prng.h src/rmd_hash.h src/chacha.h src/cube_hash.h src/arcfour.h src/cubehash_impl.h src/decoding.h src/envelope.h src/factoryof. [...]
+ccr_SOURCES = src/serialization.cpp src/algo_suite.cpp src/str_match.cpp src/generator.cpp src/algos_enc.cpp src/actions.cpp src/ios.cpp src/algos_sig.cpp src/base64.cpp src/xsynd.cpp src/bvector.cpp src/pwrng.cpp src/sc.cpp src/matrix.cpp src/seclock.cpp src/keyring.cpp src/message.cpp src/mce_qcmdpc.cpp src/main.cpp src/symkey.cpp src/permutation.cpp src/polynomial.cpp src/chacha.cpp src/privfile.cpp src/envelope.cpp src/fft.cpp src/fmtseq.cpp src/gf2m.cpp src/hash.cpp src/hashfile.cpp [...]
+noinst_HEADERS = src/sencode.h src/sha_hash.h src/symkey.h src/algo_suite.h src/str_match.h src/algorithm.h src/algos_enc.h src/privfile.h src/algos_sig.h src/tiger_hash.h src/types.h src/arcfour.h src/vector_item.h src/base64.h src/xsynd.h src/bvector.h src/ios.h src/keyring.h src/pwrng.h src/generator.h src/matrix.h src/actions.h src/seclock.h src/mce_qcmdpc.h src/message.h src/permutation.h src/polynomial.h src/prng.h src/rmd_hash.h src/chacha.h src/cube_hash.h src/cubehash_impl.h src [...]
ccr_CPPFLAGS = -I$(srcdir)// -I/usr/local/include
ccr_CFLAGS = -Wall
ccr_CXXFLAGS = -Wall -std=c++11
ccr_LDFLAGS = -L/usr/local/lib $(CRYPTOPP_CFLAGS)
-ccr_LDADD = -lgmp -lfftw3 -lm $(CRYPTOPP_LIBS)
+ccr_LDADD = -lgmp -lfftw3 -lm $(CRYPTOPP_LIBS) $(EXTRA_LIBS)
all: all-am
.SUFFIXES:
@@ -481,8 +483,6 @@ src/$(DEPDIR)/$(am__dirstamp):
@: > src/$(DEPDIR)/$(am__dirstamp)
src/ccr-serialization.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-actions.$(OBJEXT): src/$(am__dirstamp) \
- src/$(DEPDIR)/$(am__dirstamp)
src/ccr-algo_suite.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-str_match.$(OBJEXT): src/$(am__dirstamp) \
@@ -491,7 +491,7 @@ src/ccr-generator.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-algos_enc.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-symkey.$(OBJEXT): src/$(am__dirstamp) \
+src/ccr-actions.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-ios.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
@@ -503,24 +503,32 @@ src/ccr-xsynd.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-bvector.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-keyring.$(OBJEXT): src/$(am__dirstamp) \
+src/ccr-pwrng.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-main.$(OBJEXT): src/$(am__dirstamp) \
+src/ccr-sc.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-matrix.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-mce_qcmdpc.$(OBJEXT): src/$(am__dirstamp) \
+src/ccr-seclock.$(OBJEXT): src/$(am__dirstamp) \
+ src/$(DEPDIR)/$(am__dirstamp)
+src/ccr-keyring.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-message.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
+src/ccr-mce_qcmdpc.$(OBJEXT): src/$(am__dirstamp) \
+ src/$(DEPDIR)/$(am__dirstamp)
+src/ccr-main.$(OBJEXT): src/$(am__dirstamp) \
+ src/$(DEPDIR)/$(am__dirstamp)
+src/ccr-symkey.$(OBJEXT): src/$(am__dirstamp) \
+ src/$(DEPDIR)/$(am__dirstamp)
src/ccr-permutation.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-polynomial.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
-src/ccr-sc.$(OBJEXT): src/$(am__dirstamp) \
- src/$(DEPDIR)/$(am__dirstamp)
src/ccr-chacha.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
+src/ccr-privfile.$(OBJEXT): src/$(am__dirstamp) \
+ src/$(DEPDIR)/$(am__dirstamp)
src/ccr-envelope.$(OBJEXT): src/$(am__dirstamp) \
src/$(DEPDIR)/$(am__dirstamp)
src/ccr-fft.$(OBJEXT): src/$(am__dirstamp) \
@@ -572,7 +580,10 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-message.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-permutation.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-polynomial.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-privfile.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-pwrng.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-sc.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-seclock.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-sencode.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-serialization.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at src/$(DEPDIR)/ccr-str_match.Po at am__quote@
@@ -617,20 +628,6 @@ src/ccr-serialization.obj: src/serialization.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-serialization.obj `if test -f 'src/serialization.cpp'; then $(CYGPATH_W) 'src/serialization.cpp'; else $(CYGPATH_W) '$(srcdir)/src/serialization.cpp'; fi`
-src/ccr-actions.o: src/actions.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-actions.o -MD -MP -MF src/$(DEPDIR)/ccr-actions.Tpo -c -o src/ccr-actions.o `test -f 'src/actions.cpp' || echo '$(srcdir)/'`src/actions.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-actions.Tpo src/$(DEPDIR)/ccr-actions.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/actions.cpp' object='src/ccr-actions.o' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-actions.o `test -f 'src/actions.cpp' || echo '$(srcdir)/'`src/actions.cpp
-
-src/ccr-actions.obj: src/actions.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-actions.obj -MD -MP -MF src/$(DEPDIR)/ccr-actions.Tpo -c -o src/ccr-actions.obj `if test -f 'src/actions.cpp'; then $(CYGPATH_W) 'src/actions.cpp'; else $(CYGPATH_W) '$(srcdir)/src/actions.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-actions.Tpo src/$(DEPDIR)/ccr-actions.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/actions.cpp' object='src/ccr-actions.obj' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-actions.obj `if test -f 'src/actions.cpp'; then $(CYGPATH_W) 'src/actions.cpp'; else $(CYGPATH_W) '$(srcdir)/src/actions.cpp'; fi`
-
src/ccr-algo_suite.o: src/algo_suite.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-algo_suite.o -MD -MP -MF src/$(DEPDIR)/ccr-algo_suite.Tpo -c -o src/ccr-algo_suite.o `test -f 'src/algo_suite.cpp' || echo '$(srcdir)/'`src/algo_suite.cpp
@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-algo_suite.Tpo src/$(DEPDIR)/ccr-algo_suite.Po
@@ -687,19 +684,19 @@ src/ccr-algos_enc.obj: src/algos_enc.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-algos_enc.obj `if test -f 'src/algos_enc.cpp'; then $(CYGPATH_W) 'src/algos_enc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/algos_enc.cpp'; fi`
-src/ccr-symkey.o: src/symkey.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-symkey.o -MD -MP -MF src/$(DEPDIR)/ccr-symkey.Tpo -c -o src/ccr-symkey.o `test -f 'src/symkey.cpp' || echo '$(srcdir)/'`src/symkey.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-symkey.Tpo src/$(DEPDIR)/ccr-symkey.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/symkey.cpp' object='src/ccr-symkey.o' libtool=no @AMDEPBACKSLASH@
+src/ccr-actions.o: src/actions.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-actions.o -MD -MP -MF src/$(DEPDIR)/ccr-actions.Tpo -c -o src/ccr-actions.o `test -f 'src/actions.cpp' || echo '$(srcdir)/'`src/actions.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-actions.Tpo src/$(DEPDIR)/ccr-actions.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/actions.cpp' object='src/ccr-actions.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-symkey.o `test -f 'src/symkey.cpp' || echo '$(srcdir)/'`src/symkey.cpp
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-actions.o `test -f 'src/actions.cpp' || echo '$(srcdir)/'`src/actions.cpp
-src/ccr-symkey.obj: src/symkey.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-symkey.obj -MD -MP -MF src/$(DEPDIR)/ccr-symkey.Tpo -c -o src/ccr-symkey.obj `if test -f 'src/symkey.cpp'; then $(CYGPATH_W) 'src/symkey.cpp'; else $(CYGPATH_W) '$(srcdir)/src/symkey.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-symkey.Tpo src/$(DEPDIR)/ccr-symkey.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/symkey.cpp' object='src/ccr-symkey.obj' libtool=no @AMDEPBACKSLASH@
+src/ccr-actions.obj: src/actions.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-actions.obj -MD -MP -MF src/$(DEPDIR)/ccr-actions.Tpo -c -o src/ccr-actions.obj `if test -f 'src/actions.cpp'; then $(CYGPATH_W) 'src/actions.cpp'; else $(CYGPATH_W) '$(srcdir)/src/actions.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-actions.Tpo src/$(DEPDIR)/ccr-actions.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/actions.cpp' object='src/ccr-actions.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-symkey.obj `if test -f 'src/symkey.cpp'; then $(CYGPATH_W) 'src/symkey.cpp'; else $(CYGPATH_W) '$(srcdir)/src/symkey.cpp'; fi`
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-actions.obj `if test -f 'src/actions.cpp'; then $(CYGPATH_W) 'src/actions.cpp'; else $(CYGPATH_W) '$(srcdir)/src/actions.cpp'; fi`
src/ccr-ios.o: src/ios.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-ios.o -MD -MP -MF src/$(DEPDIR)/ccr-ios.Tpo -c -o src/ccr-ios.o `test -f 'src/ios.cpp' || echo '$(srcdir)/'`src/ios.cpp
@@ -771,33 +768,33 @@ src/ccr-bvector.obj: src/bvector.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-bvector.obj `if test -f 'src/bvector.cpp'; then $(CYGPATH_W) 'src/bvector.cpp'; else $(CYGPATH_W) '$(srcdir)/src/bvector.cpp'; fi`
-src/ccr-keyring.o: src/keyring.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-keyring.o -MD -MP -MF src/$(DEPDIR)/ccr-keyring.Tpo -c -o src/ccr-keyring.o `test -f 'src/keyring.cpp' || echo '$(srcdir)/'`src/keyring.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-keyring.Tpo src/$(DEPDIR)/ccr-keyring.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/keyring.cpp' object='src/ccr-keyring.o' libtool=no @AMDEPBACKSLASH@
+src/ccr-pwrng.o: src/pwrng.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-pwrng.o -MD -MP -MF src/$(DEPDIR)/ccr-pwrng.Tpo -c -o src/ccr-pwrng.o `test -f 'src/pwrng.cpp' || echo '$(srcdir)/'`src/pwrng.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-pwrng.Tpo src/$(DEPDIR)/ccr-pwrng.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/pwrng.cpp' object='src/ccr-pwrng.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-keyring.o `test -f 'src/keyring.cpp' || echo '$(srcdir)/'`src/keyring.cpp
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-pwrng.o `test -f 'src/pwrng.cpp' || echo '$(srcdir)/'`src/pwrng.cpp
-src/ccr-keyring.obj: src/keyring.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-keyring.obj -MD -MP -MF src/$(DEPDIR)/ccr-keyring.Tpo -c -o src/ccr-keyring.obj `if test -f 'src/keyring.cpp'; then $(CYGPATH_W) 'src/keyring.cpp'; else $(CYGPATH_W) '$(srcdir)/src/keyring.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-keyring.Tpo src/$(DEPDIR)/ccr-keyring.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/keyring.cpp' object='src/ccr-keyring.obj' libtool=no @AMDEPBACKSLASH@
+src/ccr-pwrng.obj: src/pwrng.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-pwrng.obj -MD -MP -MF src/$(DEPDIR)/ccr-pwrng.Tpo -c -o src/ccr-pwrng.obj `if test -f 'src/pwrng.cpp'; then $(CYGPATH_W) 'src/pwrng.cpp'; else $(CYGPATH_W) '$(srcdir)/src/pwrng.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-pwrng.Tpo src/$(DEPDIR)/ccr-pwrng.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/pwrng.cpp' object='src/ccr-pwrng.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-keyring.obj `if test -f 'src/keyring.cpp'; then $(CYGPATH_W) 'src/keyring.cpp'; else $(CYGPATH_W) '$(srcdir)/src/keyring.cpp'; fi`
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-pwrng.obj `if test -f 'src/pwrng.cpp'; then $(CYGPATH_W) 'src/pwrng.cpp'; else $(CYGPATH_W) '$(srcdir)/src/pwrng.cpp'; fi`
-src/ccr-main.o: src/main.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-main.o -MD -MP -MF src/$(DEPDIR)/ccr-main.Tpo -c -o src/ccr-main.o `test -f 'src/main.cpp' || echo '$(srcdir)/'`src/main.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-main.Tpo src/$(DEPDIR)/ccr-main.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/main.cpp' object='src/ccr-main.o' libtool=no @AMDEPBACKSLASH@
+src/ccr-sc.o: src/sc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-sc.o -MD -MP -MF src/$(DEPDIR)/ccr-sc.Tpo -c -o src/ccr-sc.o `test -f 'src/sc.cpp' || echo '$(srcdir)/'`src/sc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-sc.Tpo src/$(DEPDIR)/ccr-sc.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/sc.cpp' object='src/ccr-sc.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-main.o `test -f 'src/main.cpp' || echo '$(srcdir)/'`src/main.cpp
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-sc.o `test -f 'src/sc.cpp' || echo '$(srcdir)/'`src/sc.cpp
-src/ccr-main.obj: src/main.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-main.obj -MD -MP -MF src/$(DEPDIR)/ccr-main.Tpo -c -o src/ccr-main.obj `if test -f 'src/main.cpp'; then $(CYGPATH_W) 'src/main.cpp'; else $(CYGPATH_W) '$(srcdir)/src/main.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-main.Tpo src/$(DEPDIR)/ccr-main.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/main.cpp' object='src/ccr-main.obj' libtool=no @AMDEPBACKSLASH@
+src/ccr-sc.obj: src/sc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-sc.obj -MD -MP -MF src/$(DEPDIR)/ccr-sc.Tpo -c -o src/ccr-sc.obj `if test -f 'src/sc.cpp'; then $(CYGPATH_W) 'src/sc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/sc.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-sc.Tpo src/$(DEPDIR)/ccr-sc.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/sc.cpp' object='src/ccr-sc.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-main.obj `if test -f 'src/main.cpp'; then $(CYGPATH_W) 'src/main.cpp'; else $(CYGPATH_W) '$(srcdir)/src/main.cpp'; fi`
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-sc.obj `if test -f 'src/sc.cpp'; then $(CYGPATH_W) 'src/sc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/sc.cpp'; fi`
src/ccr-matrix.o: src/matrix.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-matrix.o -MD -MP -MF src/$(DEPDIR)/ccr-matrix.Tpo -c -o src/ccr-matrix.o `test -f 'src/matrix.cpp' || echo '$(srcdir)/'`src/matrix.cpp
@@ -813,19 +810,33 @@ src/ccr-matrix.obj: src/matrix.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-matrix.obj `if test -f 'src/matrix.cpp'; then $(CYGPATH_W) 'src/matrix.cpp'; else $(CYGPATH_W) '$(srcdir)/src/matrix.cpp'; fi`
-src/ccr-mce_qcmdpc.o: src/mce_qcmdpc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-mce_qcmdpc.o -MD -MP -MF src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo -c -o src/ccr-mce_qcmdpc.o `test -f 'src/mce_qcmdpc.cpp' || echo '$(srcdir)/'`src/mce_qcmdpc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo src/$(DEPDIR)/ccr-mce_qcmdpc.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/mce_qcmdpc.cpp' object='src/ccr-mce_qcmdpc.o' libtool=no @AMDEPBACKSLASH@
+src/ccr-seclock.o: src/seclock.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-seclock.o -MD -MP -MF src/$(DEPDIR)/ccr-seclock.Tpo -c -o src/ccr-seclock.o `test -f 'src/seclock.cpp' || echo '$(srcdir)/'`src/seclock.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-seclock.Tpo src/$(DEPDIR)/ccr-seclock.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/seclock.cpp' object='src/ccr-seclock.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-mce_qcmdpc.o `test -f 'src/mce_qcmdpc.cpp' || echo '$(srcdir)/'`src/mce_qcmdpc.cpp
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-seclock.o `test -f 'src/seclock.cpp' || echo '$(srcdir)/'`src/seclock.cpp
-src/ccr-mce_qcmdpc.obj: src/mce_qcmdpc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-mce_qcmdpc.obj -MD -MP -MF src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo -c -o src/ccr-mce_qcmdpc.obj `if test -f 'src/mce_qcmdpc.cpp'; then $(CYGPATH_W) 'src/mce_qcmdpc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/mce_qcmdpc.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo src/$(DEPDIR)/ccr-mce_qcmdpc.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/mce_qcmdpc.cpp' object='src/ccr-mce_qcmdpc.obj' libtool=no @AMDEPBACKSLASH@
+src/ccr-seclock.obj: src/seclock.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-seclock.obj -MD -MP -MF src/$(DEPDIR)/ccr-seclock.Tpo -c -o src/ccr-seclock.obj `if test -f 'src/seclock.cpp'; then $(CYGPATH_W) 'src/seclock.cpp'; else $(CYGPATH_W) '$(srcdir)/src/seclock.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-seclock.Tpo src/$(DEPDIR)/ccr-seclock.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/seclock.cpp' object='src/ccr-seclock.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-mce_qcmdpc.obj `if test -f 'src/mce_qcmdpc.cpp'; then $(CYGPATH_W) 'src/mce_qcmdpc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/mce_qcmdpc.cpp'; fi`
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-seclock.obj `if test -f 'src/seclock.cpp'; then $(CYGPATH_W) 'src/seclock.cpp'; else $(CYGPATH_W) '$(srcdir)/src/seclock.cpp'; fi`
+
+src/ccr-keyring.o: src/keyring.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-keyring.o -MD -MP -MF src/$(DEPDIR)/ccr-keyring.Tpo -c -o src/ccr-keyring.o `test -f 'src/keyring.cpp' || echo '$(srcdir)/'`src/keyring.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-keyring.Tpo src/$(DEPDIR)/ccr-keyring.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/keyring.cpp' object='src/ccr-keyring.o' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-keyring.o `test -f 'src/keyring.cpp' || echo '$(srcdir)/'`src/keyring.cpp
+
+src/ccr-keyring.obj: src/keyring.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-keyring.obj -MD -MP -MF src/$(DEPDIR)/ccr-keyring.Tpo -c -o src/ccr-keyring.obj `if test -f 'src/keyring.cpp'; then $(CYGPATH_W) 'src/keyring.cpp'; else $(CYGPATH_W) '$(srcdir)/src/keyring.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-keyring.Tpo src/$(DEPDIR)/ccr-keyring.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/keyring.cpp' object='src/ccr-keyring.obj' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-keyring.obj `if test -f 'src/keyring.cpp'; then $(CYGPATH_W) 'src/keyring.cpp'; else $(CYGPATH_W) '$(srcdir)/src/keyring.cpp'; fi`
src/ccr-message.o: src/message.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-message.o -MD -MP -MF src/$(DEPDIR)/ccr-message.Tpo -c -o src/ccr-message.o `test -f 'src/message.cpp' || echo '$(srcdir)/'`src/message.cpp
@@ -841,6 +852,48 @@ src/ccr-message.obj: src/message.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-message.obj `if test -f 'src/message.cpp'; then $(CYGPATH_W) 'src/message.cpp'; else $(CYGPATH_W) '$(srcdir)/src/message.cpp'; fi`
+src/ccr-mce_qcmdpc.o: src/mce_qcmdpc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-mce_qcmdpc.o -MD -MP -MF src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo -c -o src/ccr-mce_qcmdpc.o `test -f 'src/mce_qcmdpc.cpp' || echo '$(srcdir)/'`src/mce_qcmdpc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo src/$(DEPDIR)/ccr-mce_qcmdpc.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/mce_qcmdpc.cpp' object='src/ccr-mce_qcmdpc.o' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-mce_qcmdpc.o `test -f 'src/mce_qcmdpc.cpp' || echo '$(srcdir)/'`src/mce_qcmdpc.cpp
+
+src/ccr-mce_qcmdpc.obj: src/mce_qcmdpc.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-mce_qcmdpc.obj -MD -MP -MF src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo -c -o src/ccr-mce_qcmdpc.obj `if test -f 'src/mce_qcmdpc.cpp'; then $(CYGPATH_W) 'src/mce_qcmdpc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/mce_qcmdpc.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-mce_qcmdpc.Tpo src/$(DEPDIR)/ccr-mce_qcmdpc.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/mce_qcmdpc.cpp' object='src/ccr-mce_qcmdpc.obj' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-mce_qcmdpc.obj `if test -f 'src/mce_qcmdpc.cpp'; then $(CYGPATH_W) 'src/mce_qcmdpc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/mce_qcmdpc.cpp'; fi`
+
+src/ccr-main.o: src/main.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-main.o -MD -MP -MF src/$(DEPDIR)/ccr-main.Tpo -c -o src/ccr-main.o `test -f 'src/main.cpp' || echo '$(srcdir)/'`src/main.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-main.Tpo src/$(DEPDIR)/ccr-main.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/main.cpp' object='src/ccr-main.o' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-main.o `test -f 'src/main.cpp' || echo '$(srcdir)/'`src/main.cpp
+
+src/ccr-main.obj: src/main.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-main.obj -MD -MP -MF src/$(DEPDIR)/ccr-main.Tpo -c -o src/ccr-main.obj `if test -f 'src/main.cpp'; then $(CYGPATH_W) 'src/main.cpp'; else $(CYGPATH_W) '$(srcdir)/src/main.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-main.Tpo src/$(DEPDIR)/ccr-main.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/main.cpp' object='src/ccr-main.obj' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-main.obj `if test -f 'src/main.cpp'; then $(CYGPATH_W) 'src/main.cpp'; else $(CYGPATH_W) '$(srcdir)/src/main.cpp'; fi`
+
+src/ccr-symkey.o: src/symkey.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-symkey.o -MD -MP -MF src/$(DEPDIR)/ccr-symkey.Tpo -c -o src/ccr-symkey.o `test -f 'src/symkey.cpp' || echo '$(srcdir)/'`src/symkey.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-symkey.Tpo src/$(DEPDIR)/ccr-symkey.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/symkey.cpp' object='src/ccr-symkey.o' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-symkey.o `test -f 'src/symkey.cpp' || echo '$(srcdir)/'`src/symkey.cpp
+
+src/ccr-symkey.obj: src/symkey.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-symkey.obj -MD -MP -MF src/$(DEPDIR)/ccr-symkey.Tpo -c -o src/ccr-symkey.obj `if test -f 'src/symkey.cpp'; then $(CYGPATH_W) 'src/symkey.cpp'; else $(CYGPATH_W) '$(srcdir)/src/symkey.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-symkey.Tpo src/$(DEPDIR)/ccr-symkey.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/symkey.cpp' object='src/ccr-symkey.obj' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-symkey.obj `if test -f 'src/symkey.cpp'; then $(CYGPATH_W) 'src/symkey.cpp'; else $(CYGPATH_W) '$(srcdir)/src/symkey.cpp'; fi`
+
src/ccr-permutation.o: src/permutation.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-permutation.o -MD -MP -MF src/$(DEPDIR)/ccr-permutation.Tpo -c -o src/ccr-permutation.o `test -f 'src/permutation.cpp' || echo '$(srcdir)/'`src/permutation.cpp
@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-permutation.Tpo src/$(DEPDIR)/ccr-permutation.Po
@@ -869,20 +922,6 @@ src/ccr-polynomial.obj: src/polynomial.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-polynomial.obj `if test -f 'src/polynomial.cpp'; then $(CYGPATH_W) 'src/polynomial.cpp'; else $(CYGPATH_W) '$(srcdir)/src/polynomial.cpp'; fi`
-src/ccr-sc.o: src/sc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-sc.o -MD -MP -MF src/$(DEPDIR)/ccr-sc.Tpo -c -o src/ccr-sc.o `test -f 'src/sc.cpp' || echo '$(srcdir)/'`src/sc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-sc.Tpo src/$(DEPDIR)/ccr-sc.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/sc.cpp' object='src/ccr-sc.o' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-sc.o `test -f 'src/sc.cpp' || echo '$(srcdir)/'`src/sc.cpp
-
-src/ccr-sc.obj: src/sc.cpp
- at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-sc.obj -MD -MP -MF src/$(DEPDIR)/ccr-sc.Tpo -c -o src/ccr-sc.obj `if test -f 'src/sc.cpp'; then $(CYGPATH_W) 'src/sc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/sc.cpp'; fi`
- at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-sc.Tpo src/$(DEPDIR)/ccr-sc.Po
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/sc.cpp' object='src/ccr-sc.obj' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-sc.obj `if test -f 'src/sc.cpp'; then $(CYGPATH_W) 'src/sc.cpp'; else $(CYGPATH_W) '$(srcdir)/src/sc.cpp'; fi`
-
src/ccr-chacha.o: src/chacha.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-chacha.o -MD -MP -MF src/$(DEPDIR)/ccr-chacha.Tpo -c -o src/ccr-chacha.o `test -f 'src/chacha.cpp' || echo '$(srcdir)/'`src/chacha.cpp
@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-chacha.Tpo src/$(DEPDIR)/ccr-chacha.Po
@@ -897,6 +936,20 @@ src/ccr-chacha.obj: src/chacha.cpp
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-chacha.obj `if test -f 'src/chacha.cpp'; then $(CYGPATH_W) 'src/chacha.cpp'; else $(CYGPATH_W) '$(srcdir)/src/chacha.cpp'; fi`
+src/ccr-privfile.o: src/privfile.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-privfile.o -MD -MP -MF src/$(DEPDIR)/ccr-privfile.Tpo -c -o src/ccr-privfile.o `test -f 'src/privfile.cpp' || echo '$(srcdir)/'`src/privfile.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-privfile.Tpo src/$(DEPDIR)/ccr-privfile.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/privfile.cpp' object='src/ccr-privfile.o' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-privfile.o `test -f 'src/privfile.cpp' || echo '$(srcdir)/'`src/privfile.cpp
+
+src/ccr-privfile.obj: src/privfile.cpp
+ at am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-privfile.obj -MD -MP -MF src/$(DEPDIR)/ccr-privfile.Tpo -c -o src/ccr-privfile.obj `if test -f 'src/privfile.cpp'; then $(CYGPATH_W) 'src/privfile.cpp'; else $(CYGPATH_W) '$(srcdir)/src/privfile.cpp'; fi`
+ at am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-privfile.Tpo src/$(DEPDIR)/ccr-privfile.Po
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='src/privfile.cpp' object='src/ccr-privfile.obj' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(AM_V_CXX at am__nodep@)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -c -o src/ccr-privfile.obj `if test -f 'src/privfile.cpp'; then $(CYGPATH_W) 'src/privfile.cpp'; else $(CYGPATH_W) '$(srcdir)/src/privfile.cpp'; fi`
+
src/ccr-envelope.o: src/envelope.cpp
@am__fastdepCXX_TRUE@ $(AM_V_CXX)$(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ccr_CPPFLAGS) $(CPPFLAGS) $(ccr_CXXFLAGS) $(CXXFLAGS) -MT src/ccr-envelope.o -MD -MP -MF src/$(DEPDIR)/ccr-envelope.Tpo -c -o src/ccr-envelope.o `test -f 'src/envelope.cpp' || echo '$(srcdir)/'`src/envelope.cpp
@am__fastdepCXX_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/ccr-envelope.Tpo src/$(DEPDIR)/ccr-envelope.Po
@@ -1160,7 +1213,7 @@ distdir: $(DISTFILES)
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r "$(distdir)"
dist-gzip: distdir
- tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
$(am__post_remove_distdir)
dist-bzip2: distdir
@@ -1186,7 +1239,7 @@ dist-shar: distdir
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
- shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
+ shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
$(am__post_remove_distdir)
dist-zip: distdir
@@ -1204,7 +1257,7 @@ dist dist-all:
distcheck: dist
case '$(DIST_ARCHIVES)' in \
*.tar.gz*) \
- GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lz*) \
@@ -1214,7 +1267,7 @@ distcheck: dist
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
- GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
+ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
esac
diff --git a/README b/README
index ab473c4..b142a75 100644
--- a/README
+++ b/README
@@ -57,10 +57,10 @@ Stream ciphers used:
CRHFs used:
-- Cubehash variants where selected for implementation ease, really clean
- design, quite good speed and flexibility of parameter choices. This is also
- the only hash possibility when Crypto++ library is not linked to codecrypt.
- KeyID's are CUBE256 hashes of serialized public key.
+- Cubehash variants were selected for implementation ease, really clean design,
+ quite good speed and flexibility of parameter choices. This is also the only
+ hash possibility when Crypto++ library is not linked to codecrypt. KeyIDs
+ are CUBE256 hashes of corresponding serialized public keys.
- ripemd128 for small hashes
- tiger192 is used as an alternative for Cubehash for 192bit hashes
- There's always a variant with SHA-256, SHA-384 or SHA-512.
@@ -135,6 +135,15 @@ margin. Let's play with random data!
#decrypt a large file
ccr -daS symkey.asc <big_data_encrypted.iso >big_data.iso
+ #password-protect all your private keys
+ ccr -L
+
+ #protect a symmetric key using another symmetric key
+ ccr -L -S symkey1 -w symkey2
+
+ #password-protect symkey2 with a custom cipher
+ ccr -L -S symkey2 -w @xsynd,cube512
+
## Option reference
For completeness I add listing of all options here (also available from
@@ -148,8 +157,8 @@ For completeness I add listing of all options here (also available from
-T, --test perform (probably nonexistent) testing/debugging stuff
Global options:
- -R, --in input file, default is stdin
- -o, --out output file, default is stdout
+ -R, --in set input file, default is stdin
+ -o, --out set output file, default is stdout
-E, --err the same for stderr
-a, --armor use ascii-armored I/O
-y, --yes assume that answer is `yes' everytime
@@ -166,13 +175,13 @@ For completeness I add listing of all options here (also available from
-C, --clearsign work with cleartext signatures
-b, --detach-sign specify file with detached signature
-S, --symmetric enable symmetric mode of operation where encryption
- is done using symmetric cipher and signatures are
- hashes, and specify a filename of symmetric key or hashes
+ is done using symmetric cipher and signatures are
+ hashes, and specify a filename of symmetric key or hashes
Key management:
-g, --gen-key generate keys for specified algorithm
-g help list available cryptographic algorithms
- -k, --list list contents of keyring
+ -k, --list list the contents of keyring
-K, --list-secret
-i, --import import keys
-I, --import-secret
@@ -182,12 +191,17 @@ For completeness I add listing of all options here (also available from
-X, --delete-secret
-m, --rename rename matching keys
-M, --rename-secret
+ -L, --lock lock secrets
+ -U, --unlock unlock secrets
Key management options:
- -n, --no-action on import, only show what would be imported
- -N, --name specify a new name for renaming or importing
-F, --filter only work with keys with matching names
-f, --fingerprint format full key IDs nicely for human eyes
+ -N, --name specify a new name for renaming or importing
+ -n, --no-action on import, only show what would be imported
+ -w, --with-lock specify the symmetric key for (un)locking the secrets
+ -w @SPEC ask for password and expand it to a symmetric key
+ of type SPEC for (un)locking the secret
## Disclaimer
diff --git a/aclocal.m4 b/aclocal.m4
index f6c1264..4472463 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -1,6 +1,6 @@
-# generated automatically by aclocal 1.15 -*- Autoconf -*-
+# generated automatically by aclocal 1.15.1 -*- Autoconf -*-
-# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+# Copyright (C) 1996-2017 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -296,7 +296,7 @@ AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])dnl PKG_CHECK_VAR
-# Copyright (C) 2002-2014 Free Software Foundation, Inc.
+# Copyright (C) 2002-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -311,7 +311,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.15'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
-m4_if([$1], [1.15], [],
+m4_if([$1], [1.15.1], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@@ -327,14 +327,14 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.15])dnl
+[AM_AUTOMAKE_VERSION([1.15.1])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -386,7 +386,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*-
-# Copyright (C) 1997-2014 Free Software Foundation, Inc.
+# Copyright (C) 1997-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -417,7 +417,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]])
fi])])
-# Copyright (C) 1999-2014 Free Software Foundation, Inc.
+# Copyright (C) 1999-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -608,7 +608,7 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*-
-# Copyright (C) 1999-2014 Free Software Foundation, Inc.
+# Copyright (C) 1999-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -684,7 +684,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
# Do all the work for Automake. -*- Autoconf -*-
-# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+# Copyright (C) 1996-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -881,7 +881,7 @@ for _am_header in $config_headers :; do
done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -902,7 +902,7 @@ if test x"${install_sh+set}" != xset; then
fi
AC_SUBST([install_sh])])
-# Copyright (C) 2003-2014 Free Software Foundation, Inc.
+# Copyright (C) 2003-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -923,7 +923,7 @@ AC_SUBST([am__leading_dot])])
# Check to see how 'make' treats includes. -*- Autoconf -*-
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -973,7 +973,7 @@ rm -f confinc confmf
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
-# Copyright (C) 1997-2014 Free Software Foundation, Inc.
+# Copyright (C) 1997-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1012,7 +1012,7 @@ fi
# Helper functions for option handling. -*- Autoconf -*-
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1041,7 +1041,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
-# Copyright (C) 1999-2014 Free Software Foundation, Inc.
+# Copyright (C) 1999-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1088,7 +1088,7 @@ AC_LANG_POP([C])])
# For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1107,7 +1107,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*-
-# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+# Copyright (C) 1996-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1188,7 +1188,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file
])
-# Copyright (C) 2009-2014 Free Software Foundation, Inc.
+# Copyright (C) 2009-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1248,7 +1248,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
])
-# Copyright (C) 2001-2014 Free Software Foundation, Inc.
+# Copyright (C) 2001-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1276,7 +1276,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])])
-# Copyright (C) 2006-2014 Free Software Foundation, Inc.
+# Copyright (C) 2006-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -1295,7 +1295,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*-
-# Copyright (C) 2004-2014 Free Software Foundation, Inc.
+# Copyright (C) 2004-2017 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
diff --git a/autogen.sh b/autogen.sh
index 271d2c0..2f7d9d5 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -28,7 +28,7 @@ echo "${NAME}_CPPFLAGS = -I\$(srcdir)/$i/ ${COMMON_CPPFLAGS}" >>$OUT
echo "${NAME}_CFLAGS = ${COMMON_CFLAGS}" >>$OUT
echo "${NAME}_CXXFLAGS = ${COMMON_CXXFLAGS}" >>$OUT
echo "${NAME}_LDFLAGS = ${COMMON_LDFLAGS} \$(CRYPTOPP_CFLAGS) " >>$OUT
-echo "${NAME}_LDADD = -lgmp -lfftw3 -lm \$(CRYPTOPP_LIBS) ${COMMON_LDADD} " >>$OUT
+echo "${NAME}_LDADD = -lgmp -lfftw3 -lm \$(CRYPTOPP_LIBS) ${COMMON_LDADD} \$(EXTRA_LIBS) " >>$OUT
if [[ "$OSTYPE" == "darwin"* ]]; then
glibtoolize --force && aclocal && autoconf && automake --add-missing
diff --git a/configure b/configure
index 908248c..30b676a 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for codecrypt 1.7.6.
+# Generated by GNU Autoconf 2.69 for codecrypt 1.8.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -587,8 +587,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='codecrypt'
PACKAGE_TARNAME='codecrypt'
-PACKAGE_VERSION='1.7.6'
-PACKAGE_STRING='codecrypt 1.7.6'
+PACKAGE_VERSION='1.8'
+PACKAGE_STRING='codecrypt 1.8'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1342,7 +1342,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures codecrypt 1.7.6 to adapt to many kinds of systems.
+\`configure' configures codecrypt 1.8 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1413,7 +1413,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of codecrypt 1.7.6:";;
+ short | recursive ) echo "Configuration of codecrypt 1.8:";;
esac
cat <<\_ACEOF
@@ -1536,7 +1536,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-codecrypt configure 1.7.6
+codecrypt configure 1.8
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2217,7 +2217,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by codecrypt $as_me 1.7.6, which was
+It was created by codecrypt $as_me 1.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3082,7 +3082,7 @@ fi
# Define the identity of the package.
PACKAGE='codecrypt'
- VERSION='1.7.6'
+ VERSION='1.8'
cat >>confdefs.h <<_ACEOF
@@ -3183,7 +3183,7 @@ fi
case $enable_silent_rules in # (((
yes) AM_DEFAULT_VERBOSITY=0;;
no) AM_DEFAULT_VERBOSITY=1;;
- *) AM_DEFAULT_VERBOSITY=1;;
+ *) AM_DEFAULT_VERBOSITY=0;;
esac
am_make=${MAKE-make}
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
@@ -16446,7 +16446,7 @@ fi
fi
if test -n "$PKG_CONFIG"; then
- _pkg_min_version=0.9.0
+ _pkg_min_version=0.25
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5
$as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
@@ -16459,6 +16459,7 @@ $as_echo "no" >&6; }
fi
fi
+
pkg_failed=no
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for CRYPTOPP" >&5
$as_echo_n "checking for CRYPTOPP... " >&6; }
@@ -16586,6 +16587,73 @@ else
fi
+#check for readpassphrase. If none is found, we use getpass (with a warning)
+ac_fn_c_check_header_mongrel "$LINENO" "readpassphrase.h" "ac_cv_header_readpassphrase_h" "$ac_includes_default"
+if test "x$ac_cv_header_readpassphrase_h" = xyes; then :
+ READPASSPHRASE=native
+else
+ ac_fn_c_check_header_mongrel "$LINENO" "bsd/readpassphrase.h" "ac_cv_header_bsd_readpassphrase_h" "$ac_includes_default"
+if test "x$ac_cv_header_bsd_readpassphrase_h" = xyes; then :
+ READPASSPHRASE=bsd
+fi
+
+
+fi
+
+
+
+if test "$READPASSPHRASE" = "native"; then
+ $as_echo "#define HAVE_READPASSPHRASE 1" >>confdefs.h
+
+fi
+if test "$READPASSPHRASE" = "bsd"; then
+ $as_echo "#define HAVE_BSDREADPASSPHRASE 1" >>confdefs.h
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for readpassphrase in -lbsd" >&5
+$as_echo_n "checking for readpassphrase in -lbsd... " >&6; }
+if ${ac_cv_lib_bsd_readpassphrase+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lbsd $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char readpassphrase ();
+int
+main ()
+{
+return readpassphrase ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_lib_bsd_readpassphrase=yes
+else
+ ac_cv_lib_bsd_readpassphrase=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_readpassphrase" >&5
+$as_echo "$ac_cv_lib_bsd_readpassphrase" >&6; }
+if test "x$ac_cv_lib_bsd_readpassphrase" = xyes; then :
+ LIBS="-lbsd $LIBS"
+else
+ #is there a better version of this?
+ as_fn_error $? "library for bsd/readpassphrase.h not found" "$LINENO" 5
+fi
+
+fi
+
#check for standard functions
for ac_func in memset mkdir
do :
@@ -16760,6 +16828,17 @@ _ACEOF
fi
+ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default"
+if test "x$ac_cv_type_ssize_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define ssize_t int
+_ACEOF
+
+fi
+
ac_fn_c_find_uintX_t "$LINENO" "32" "ac_cv_c_uint32_t"
case $ac_cv_c_uint32_t in #(
no|yes) ;; #(
@@ -17375,7 +17454,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by codecrypt $as_me 1.7.6, which was
+This file was extended by codecrypt $as_me 1.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -17432,7 +17511,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-codecrypt config.status 1.7.6
+codecrypt config.status 1.8
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index 3c65d13..e2c1e5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,11 +1,11 @@
AC_PREREQ(2.6)
-AC_INIT([codecrypt], [1.7.6])
+AC_INIT([codecrypt], [1.8])
AC_CONFIG_AUX_DIR(.) # because of libtoolize
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE()
-m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES])
+m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
CFLAGS="$CFLAGS"
CXXFLAGS="$CXXFLAGS"
@@ -35,6 +35,8 @@ AC_ARG_WITH([cryptopp],
#and check crypto++
if test "$WITH_CRYPTOPP" = "yes"; then
+ PKG_PROG_PKG_CONFIG([0.25])
+
PKG_CHECK_MODULES([CRYPTOPP],[libcrypto++])
#crypto++ headers are either in include/crypto++ or include/cryptopp,
@@ -53,6 +55,22 @@ else
AC_DEFINE([HAVE_CRYPTOPP], [0])
fi
+#check for readpassphrase. If none is found, we use getpass (with a warning)
+AC_CHECK_HEADER([readpassphrase.h],
+ [READPASSPHRASE=native],
+ AC_CHECK_HEADER([bsd/readpassphrase.h],
+ [READPASSPHRASE=bsd], ))
+
+if test "$READPASSPHRASE" = "native"; then
+ AC_DEFINE([HAVE_READPASSPHRASE], [1])
+fi
+if test "$READPASSPHRASE" = "bsd"; then
+ AC_DEFINE([HAVE_BSDREADPASSPHRASE], [1])
+ AC_CHECK_LIB([bsd], [readpassphrase],
+ [LIBS="-lbsd $LIBS"], #is there a better version of this?
+ AC_MSG_ERROR([library for bsd/readpassphrase.h not found]))
+fi
+
#check for standard functions
AC_CHECK_FUNCS([memset mkdir], , AC_MSG_ERROR([Required function missing]))
@@ -63,6 +81,7 @@ AC_CHECK_HEADERS([fcntl.h inttypes.h stddef.h stdlib.h string.h sys/file.h unist
AC_CHECK_HEADER_STDBOOL
AC_C_INLINE
AC_TYPE_SIZE_T
+AC_TYPE_SSIZE_T
AC_TYPE_UINT32_T
AC_TYPE_UINT64_T
AC_TYPE_UINT8_T
diff --git a/depcomp b/depcomp
index fc98710..b39f98f 100755
--- a/depcomp
+++ b/depcomp
@@ -1,9 +1,9 @@
#! /bin/sh
# depcomp - compile a program generating dependencies as side-effects
-scriptversion=2013-05-30.07; # UTC
+scriptversion=2016-01-11.22; # UTC
-# Copyright (C) 1999-2014 Free Software Foundation, Inc.
+# Copyright (C) 1999-2017 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -786,6 +786,6 @@ exit 0
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-time-zone: "UTC"
+# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:
diff --git a/man/ccr.1 b/man/ccr.1
index e602022..0689af9 100644
--- a/man/ccr.1
+++ b/man/ccr.1
@@ -1,4 +1,4 @@
-.TH CCR 1 2016-01-12 "ccr" "Codecrypt"
+.TH CCR 1 2017-10-23 "ccr" "Codecrypt"
.SH NAME
.B ccr
\- The post-quantum cryptography encryption and signing tool
@@ -94,7 +94,8 @@ decrypt it.
.TP
\fB\-u\fR, \fB\-\-user\fR <\fIkeyspec\fR>
-Specify a private key to use for signing the message.
+Specify a private key to use for signing the message. If this option is empty,
+it is defaulted from CCR_USER environment variable.
.TP
\fB\-C\fR, \fB\-\-cleartext\fR
@@ -227,6 +228,12 @@ Rename matching public keys. Use "-N" to specify a new name.
\fB\-M\fR, \fB\-\-rename\-secret\fR <\fIkeyspec\fR>
Rename matching private keys.
+.TP
+\fB\-w\fR, \fB\-\-with-lock\fR <\fIfile\fR>
+When loading the secret part of the keyring, decrypt the file using the
+specified shared key. If that file looks encrypted and \fB-w\fR is not
+specified, asking for the password interactively (i.e. "-w @") will be assumed.
+
.SH FILES
Codecrypt stores user data in a directory specified by environment variable
@@ -300,6 +307,40 @@ idealized case and very roughly) halves the bit security (although the attack
remains exponential). Users who are aware of large quantum computers being
built are advised to use 2^192 or 2^256 bit security keys.
+.SH PASSWORD-DERIVED SYMMETRIC KEYS AND PASSWORD-PROTECTED SECRETS
+
+Symmetric keys can be specified using a filename, or expanded from a password
+(which is convenient e.g. for protecting private keys): If the filename for
+\fB-S\fR starts with "@", program will first check the rest of the filename to
+find a symmetric cipher algorithm specification, as in \fB-g\fR. If nothing is
+specified, it will check CCR_SYMMETRIC_ALGORITHM environment variable, and if
+that is still unspecified, it will default to "SYM,SHORTBLOCK". The reason for
+defaulting the short blocks is that the functionality focuses on tiny keys.
+
+After the symmetric algorithm is chosen, program will try to get the password
+from environment variable CCR_SYMMETRIC_PASSWORD. If that variable is not set,
+it will ask the user for the password interactively.
+
+The password will be expanded to internally form a symmetric key for the
+specified algorithm, which will in turn be used for the requested action.
+
+Symmetric and private keys may be encrypted by a password or a symmetric key.
+Parameter \fB-w\fR accepts the same arguments as \fB-S\fR, with the exception
+that the resulting loaded or internally generated symmetric key will be used to
+encrypt or decrypt symmetric and private keys when required:
+
+Actions \fB-L\fR and \fB-U\fR can be used to lock, resp. unlock private keys
+(specific keys to be modified can be selected using \fB--filter\fR) or
+symmetric keys (if used together with \fB-S\fR). Action \fB-g\fR can be
+modified by \fB-L\fR in the same way.
+
+The environment variables used for automatically-specifying the password in
+this case are separate from the previous ones: CCR_KEYRING_PASSWORD and
+CCR_KEYRING_ALGORITHM for locking/unlocking private keys, respectively
+CCR_SYMKEY_PASSWORD and CCR_SYMKEY_ALGORITHM for specifying symmetric key used
+to unlock other symmetric keys (even the ones that are themselves used for
+locking other keys).
+
.SH WARNINGS AND CAVEATS
.SS General advice
@@ -369,6 +410,14 @@ Codecrypt.
If the seed source of your system can not be trusted, fix the system instead.
+.SH Password-derived symmetric keys
+
+Passwords are weak and, if times did not change and humanoids are still
+humanoids, you are prone to $5 wrench attacks.
+
+Combination of \fB-L\fR and \fB-S\fR options can be exploited to output a
+password-expanded key to a file. Doing that for any real purpose is a bad idea.
+
.SH Troubleshooting/FAQ
Q: I can't read/verify messages from versions 1.3.1 and older!
@@ -450,6 +499,15 @@ ccr -eaS symkey.asc -R big_data.iso -o big_data_encrypted.iso
#decrypt a large file
ccr -daS symkey.asc <big_data_encrypted.iso >big_data.iso
+
+#password-protect all your private keys
+ccr -L
+
+#protect a symmetric key using another symmetric key
+ccr -L -S symkey1 -w symkey2
+
+#password-protect symkey2 with a custom cipher
+ccr -L -S symkey2 -w @xsynd,cube512
.fi
.SH DISCLAIMER
diff --git a/src/actions.cpp b/src/actions.cpp
index 49c015f..1cd439b 100644
--- a/src/actions.cpp
+++ b/src/actions.cpp
@@ -41,7 +41,6 @@
#define ENVELOPE_CLEARSIGN "clearsigned"
#define ENVELOPE_DETACHSIGN "detachsign"
#define ENVELOPE_HASHFILE "hashfile"
-#define ENVELOPE_SYMKEY "symkey"
#define MSG_CLEARTEXT "MESSAGE-IN-CLEARTEXT"
#define MSG_DETACHED "MESSAGE-DETACHED"
@@ -59,8 +58,10 @@ inline bool open_keyring (keyring&KR)
#define PREPARE_KEYRING if(!open_keyring(KR)) return 1
-int action_gen_symkey (const std::string&algspec,
- const std::string&symmetric, bool armor)
+static int action_gen_symkey (const std::string&algspec,
+ const std::string&symmetric,
+ const std::string&withlock,
+ bool armor, bool force_lock)
{
symkey sk;
ccr_rng r;
@@ -71,42 +72,13 @@ int action_gen_symkey (const std::string&algspec,
return 1;
}
- sencode*SK = sk.serialize();
- std::string data = SK->encode();
- sencode_destroy (SK);
-
- std::ofstream sk_out;
- sk_out.open (symmetric == "-" ? "/dev/stdout" : symmetric.c_str(),
- std::ios::out | std::ios::binary);
- if (!sk_out) {
- err ("error: can't open symkey file for writing");
- return 1;
- }
-
- if (armor) {
- std::vector<std::string> parts;
- parts.resize (1);
- base64_encode (data, parts[0]);
- data = envelope_format (ENVELOPE_SYMKEY, parts, r);
- }
-
- sk_out << data;
- if (!sk_out.good()) {
- err ("error: can't write to symkey file");
- return 1;
- }
-
- sk_out.close();
- if (!sk_out.good()) {
- err ("error: couldn't close symkey file");
- return 1;
- }
+ if (!sk.save (symmetric, "", armor, force_lock, r)) return 1;
return 0;
}
typedef std::map<std::string, std::string> algspectable_t;
-algspectable_t& algspectable()
+static algspectable_t& algspectable()
{
static algspectable_t table;
static bool init = false;
@@ -119,11 +91,10 @@ algspectable_t& algspectable()
table["SIG-192"] = "FMTSEQ192C-CUBE384-CUBE192";
table["SIG-256"] = "FMTSEQ256C-CUBE512-CUBE256";
+ table["SYM"] = "CHACHA20,CUBE512";
#if HAVE_CRYPTOPP==1
- table["SYM"] = "CHACHA20,SHA256";
table["SYM-COMBINED"] = "CHACHA20,XSYND,ARCFOUR,CUBE512,SHA512";
#else
- table["SYM"] = "CHACHA20,CUBE512";
table["SYM-COMBINED"] = "CHACHA20,XSYND,ARCFOUR,CUBE512";
#endif
@@ -134,7 +105,8 @@ algspectable_t& algspectable()
}
int action_gen_key (const std::string& p_algspec, const std::string&name,
- const std::string&symmetric, bool armor,
+ const std::string&symmetric, const std::string&withlock,
+ bool armor, bool force_lock,
keyring&KR, algorithm_suite&AS)
{
std::string algspec = to_unicase (p_algspec);
@@ -186,7 +158,8 @@ int action_gen_key (const std::string& p_algspec, const std::string&name,
//handle symmetric operation
if (symmetric.length())
- return action_gen_symkey (algspec, symmetric, armor);
+ return action_gen_symkey (algspec, symmetric, withlock,
+ armor, force_lock);
algorithm*alg = NULL;
std::string algname;
@@ -237,8 +210,10 @@ int action_gen_key (const std::string& p_algspec, const std::string&name,
* that has a colliding KeyID with anyone else. This is highly
* improbable, so apologize nicely in that case.
*/
- if (!KR.store_keypair (keyring::get_keyid (pub),
- name, algname, pub, priv)) {
+ keyring::keypair_entry*
+ kp = KR.store_keypair (keyring::get_keyid (pub),
+ name, algname, pub, priv);
+ if (!kp) {
err ("error: new key cannot be saved into the keyring.");
err ("notice: produced KeyID @" << keyring::get_keyid (pub)
@@ -249,7 +224,12 @@ int action_gen_key (const std::string& p_algspec, const std::string&name,
}
//note that pub&priv sencode data will get destroyed along with keyring
- if (!KR.save()) {
+ if (force_lock && !kp->lock (withlock)) {
+ err ("error: locking the key failed");
+ return 1;
+ }
+
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -261,57 +241,11 @@ int action_gen_key (const std::string& p_algspec, const std::string&name,
* signatures/encryptions
*/
-int action_sym_encrypt (const std::string&symmetric, bool armor)
+static int action_sym_encrypt (const std::string&symmetric,
+ const std::string&withlock, bool armor)
{
- //read the symmetric key first
- std::ifstream sk_in;
- sk_in.open (symmetric == "-" ? "/dev/stdin" : symmetric.c_str(),
- std::ios::in | std::ios::binary);
-
- if (!sk_in) {
- err ("error: can't open symkey file");
- return 1;
- }
-
- std::string sk_data;
- if (!read_all_input (sk_data, sk_in)) {
- err ("error: can't read symkey");
- return 1;
- }
- sk_in.close();
-
- if (armor) {
- std::vector<std::string> parts;
- std::string type;
- if (!envelope_read (sk_data, 0, type, parts)) {
- err ("error: no data envelope found");
- return 1;
- }
-
- if (type != ENVELOPE_SYMKEY || parts.size() != 1) {
- err ("error: wrong envelope format");
- return 1;
- }
-
- if (!base64_decode (parts[0], sk_data)) {
- err ("error: malformed data");
- return 1;
- }
- }
-
- sencode*SK = sencode_decode (sk_data);
- if (!SK) {
- err ("error: could not parse input sencode");
- return 1;
- }
-
symkey sk;
- if (!sk.unserialize (SK)) {
- err ("error: could not parse input structure");
- return 1;
- }
-
- sencode_destroy (SK);
+ if (!sk.load (symmetric, withlock, true, armor)) return 1;
ccr_rng r;
if (!r.seed (256)) SEED_FAILED;
@@ -326,10 +260,11 @@ int action_sym_encrypt (const std::string&symmetric, bool armor)
int action_encrypt (const std::string&recipient, bool armor,
const std::string&symmetric,
+ const std::string&withlock,
keyring&KR, algorithm_suite&AS)
{
if (symmetric.length())
- return action_sym_encrypt (symmetric, armor);
+ return action_sym_encrypt (symmetric, withlock, armor);
//first, read plaintext
std::string data;
@@ -403,56 +338,11 @@ int action_encrypt (const std::string&recipient, bool armor,
}
-int action_sym_decrypt (const std::string&symmetric, bool armor)
+static int action_sym_decrypt (const std::string&symmetric,
+ const std::string&withlock, bool armor)
{
- std::ifstream sk_in;
- sk_in.open (symmetric == "-" ? "/dev/stdin" : symmetric.c_str(),
- std::ios::in | std::ios::binary);
-
- if (!sk_in) {
- err ("error: can't open symkey file");
- return 1;
- }
-
- std::string sk_data;
- if (!read_all_input (sk_data, sk_in)) {
- err ("error: can't read symkey");
- return 1;
- }
- sk_in.close();
-
- if (armor) {
- std::vector<std::string> parts;
- std::string type;
- if (!envelope_read (sk_data, 0, type, parts)) {
- err ("error: no data envelope found");
- return 1;
- }
-
- if (type != ENVELOPE_SYMKEY || parts.size() != 1) {
- err ("error: wrong envelope format");
- return 1;
- }
-
- if (!base64_decode (parts[0], sk_data)) {
- err ("error: malformed data");
- return 1;
- }
- }
-
- sencode*SK = sencode_decode (sk_data);
- if (!SK) {
- err ("error: could not parse input sencode");
- return 1;
- }
-
symkey sk;
- if (!sk.unserialize (SK)) {
- err ("error: could not parse input structure");
- return 1;
- }
-
- sencode_destroy (SK);
+ if (!sk.load (symmetric, withlock, false, armor)) return 1;
int ret = sk.decrypt (std::cin, std::cout);
@@ -461,10 +351,11 @@ int action_sym_decrypt (const std::string&symmetric, bool armor)
}
int action_decrypt (bool armor, const std::string&symmetric,
+ const std::string&withlock,
keyring&KR, algorithm_suite&AS)
{
if (symmetric.length())
- return action_sym_decrypt (symmetric, armor);
+ return action_sym_decrypt (symmetric, withlock, armor);
std::string data;
read_all_input (data);
@@ -516,6 +407,11 @@ int action_decrypt (bool armor, const std::string&symmetric,
return 2; //missing key flag
}
+ if (!kpe->decode_privkey (withlock)) {
+ err ("error: could not decrypt required private key");
+ return 1;
+ }
+
//and the algorithm
if ( (!AS.count (msg.alg_id))
|| (!AS[msg.alg_id]->provides_encryption())) {
@@ -566,7 +462,7 @@ int action_decrypt (bool armor, const std::string&symmetric,
return 0;
}
-int action_hash_sign (bool armor, const std::string&symmetric)
+static int action_hash_sign (bool armor, const std::string&symmetric)
{
hashfile hf;
if (!hf.create (std::cin)) {
@@ -612,6 +508,7 @@ int action_hash_sign (bool armor, const std::string&symmetric)
int action_sign (const std::string&user, bool armor, const std::string&detach,
bool clearsign, const std::string&symmetric,
+ const std::string&withlock,
keyring&KR, algorithm_suite&AS)
{
//symmetric processing has its own function
@@ -678,6 +575,12 @@ int action_sign (const std::string&user, bool armor, const std::string&detach,
return 1;
}
+ //decode it for message.h
+ if (!u->decode_privkey (withlock)) {
+ err ("error: could not decrypt required private key");
+ return 1;
+ }
+
//signature production part
signed_msg msg;
ccr_rng r;
@@ -748,7 +651,7 @@ int action_sign (const std::string&user, bool armor, const std::string&detach,
return 0;
}
-int action_hash_verify (bool armor, const std::string&symmetric)
+static int action_hash_verify (bool armor, const std::string&symmetric)
{
// first, input the hashfile
std::ifstream hf_in;
@@ -807,6 +710,7 @@ int action_hash_verify (bool armor, const std::string&symmetric)
int action_verify (bool armor, const std::string&detach,
bool clearsign, bool yes, const std::string&symmetric,
+ const std::string&withlock,
keyring&KR, algorithm_suite&AS)
{
//symmetric processing has its own function
@@ -1048,6 +952,7 @@ int action_verify (bool armor, const std::string&detach,
*/
int action_sign_encrypt (const std::string&user, const std::string&recipient,
+ const std::string&withlock,
bool armor, keyring&KR, algorithm_suite&AS)
{
/*
@@ -1119,6 +1024,12 @@ int action_sign_encrypt (const std::string&user, const std::string&recipient,
return 1;
}
+ //decode the signing key for message.h
+ if (!u->decode_privkey (withlock)) {
+ err ("error: could not decrypt required private key");
+ return 1;
+ }
+
//make a signature
signed_msg smsg;
ccr_rng r;
@@ -1161,6 +1072,7 @@ int action_sign_encrypt (const std::string&user, const std::string&recipient,
int action_decrypt_verify (bool armor, bool yes,
+ const std::string&withlock,
keyring&KR, algorithm_suite&AS)
{
std::string data;
@@ -1213,6 +1125,11 @@ int action_decrypt_verify (bool armor, bool yes,
return 2; //missing key flag
}
+ if (!kpe->decode_privkey (withlock)) {
+ err ("error: could not decrypt required private key");
+ return 1;
+ }
+
if ( (!AS.count (emsg.alg_id))
|| (!AS[emsg.alg_id]->provides_encryption())) {
err ("error: decryption algorithm unsupported");
@@ -1326,7 +1243,7 @@ static void output_key (bool fp,
{
if (!fp)
out (ident << '\t' << escape_output (alg) << '\t'
- << '@' << keyid.substr (0, 22) << "...\t"
+ << '@' << keyid.substr (0, 10) << "...\t"
<< escape_output (name));
else {
out (longid << " with algorithm " << escape_output (alg)
@@ -1471,7 +1388,9 @@ int action_import (bool armor, bool no_action, bool yes, bool fp,
}
}
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -1562,7 +1481,9 @@ int action_delete (bool yes, const std::string & filter, keyring & KR)
i = todel.begin(), e = todel.end(); i != e; ++i)
KR.remove_pubkey (*i);
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -1609,7 +1530,9 @@ int action_rename (bool yes,
i->second.name = name;
}
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -1727,11 +1650,13 @@ int action_import_sec (bool armor, bool no_action, bool yes, bool fp,
name.length() ?
name : i->second.pub.name,
i->second.pub.alg,
- i->second.pub.key, i->second.privkey);
+ i->second.pub.key, i->second.privkey_raw);
}
}
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -1769,7 +1694,9 @@ int action_export_sec (bool armor, bool yes,
if (!okay) return 0;
}
- sencode*S = keyring::serialize_keypairs (s);
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ sencode*S = keyring::serialize_keypairs (s, r);
if (!S) return 1; //weird.
std::string data = S->encode();
sencode_destroy (S);
@@ -1778,8 +1705,6 @@ int action_export_sec (bool armor, bool yes,
std::vector<std::string> parts;
parts.resize (1);
base64_encode (data, parts[0]);
- ccr_rng r;
- if (!r.seed (256)) SEED_FAILED;
data = envelope_format (ENVELOPE_SECRETS, parts, r);
}
@@ -1819,7 +1744,9 @@ int action_delete_sec (bool yes, const std::string & filter, keyring & KR)
i = todel.begin(), e = todel.end(); i != e; ++i)
KR.remove_keypair (*i);
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
@@ -1866,7 +1793,135 @@ int action_rename_sec (bool yes,
i->second.pub.name = name;
}
- if (!KR.save()) {
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
+ err ("error: couldn't save keyring");
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * locking/unlocking
+ */
+
+static int action_lock_symkey (const std::string&symmetric,
+ const std::string&withlock,
+ bool armor)
+{
+ symkey sk;
+ if (!sk.load (symmetric, "", true, armor)) return 1;
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!sk.save (symmetric, withlock, armor, true, r)) return 1;
+ return 0;
+}
+
+int action_lock_sec (bool yes,
+ const std::string&filter,
+ const std::string&symmetric,
+ const std::string&withlock,
+ bool armor,
+ keyring&KR)
+{
+ if (!symmetric.empty())
+ return action_lock_symkey (symmetric, withlock, armor);
+
+ PREPARE_KEYRING;
+
+ int kc = 0;
+ for (keyring::keypair_storage::iterator
+ i = KR.pairs.begin(), e = KR.pairs.end();
+ i != e; ++i) {
+ if (keyspec_matches (filter, i->second.pub.name, i->first))
+ ++kc;
+ }
+ if (!kc) {
+ err ("error: no such key");
+ return 0;
+ }
+ if (!yes) {
+ bool okay = false;
+ ask_for_yes (okay, "This will protect " << kc
+ << " secrets from your keyring. Continue?");
+ if (!okay) return 0;
+ }
+
+ for (keyring::keypair_storage::iterator
+ i = KR.pairs.begin(), e = KR.pairs.end();
+ i != e; ++i) {
+ if (keyspec_matches (filter, i->second.pub.name, i->first))
+ if (!i->second.lock (withlock)) {
+ err ("error: key locking failed");
+ return false;
+ }
+ }
+
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
+ err ("error: couldn't save keyring");
+ return 1;
+ }
+ return 0;
+}
+
+static int action_unlock_symkey (const std::string&symmetric,
+ const std::string&withlock,
+ bool armor)
+{
+ symkey sk;
+ if (!sk.load (symmetric, withlock, false, armor)) return 1;
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!sk.save (symmetric, "", armor, false, r)) return 1;
+ return 0;
+}
+
+int action_unlock_sec (bool yes,
+ const std::string&filter,
+ const std::string&symmetric,
+ const std::string&withlock,
+ bool armor,
+ keyring&KR)
+{
+ if (!symmetric.empty())
+ return action_unlock_symkey (symmetric, withlock, armor);
+
+ PREPARE_KEYRING;
+
+ int kc = 0;
+ for (keyring::keypair_storage::iterator
+ i = KR.pairs.begin(), e = KR.pairs.end();
+ i != e; ++i) {
+ if (keyspec_matches (filter, i->second.pub.name, i->first))
+ ++kc;
+ }
+ if (!kc) {
+ err ("error: no such key");
+ return 0;
+ }
+ if (!yes) {
+ bool okay = false;
+ ask_for_yes (okay, "This will remove protection from " << kc
+ << " secrets from your keyring. Continue?");
+ if (!okay) return 0;
+ }
+
+ for (keyring::keypair_storage::iterator
+ i = KR.pairs.begin(), e = KR.pairs.end();
+ i != e; ++i) {
+ if (keyspec_matches (filter, i->second.pub.name, i->first))
+ if (!i->second.unlock (withlock)) {
+ err ("error: key unlocking failed");
+ return false;
+ }
+ }
+
+ ccr_rng r;
+ if (!r.seed (256)) SEED_FAILED;
+ if (!KR.save (r)) {
err ("error: couldn't save keyring");
return 1;
}
diff --git a/src/actions.h b/src/actions.h
index 76d8512..4afdbed 100644
--- a/src/actions.h
+++ b/src/actions.h
@@ -29,7 +29,8 @@
#include "algorithm.h"
int action_gen_key (const std::string& algspec, const std::string&name,
- const std::string&symmetric, bool armor,
+ const std::string&symmetric, const std::string&withlock,
+ bool armor, bool force_lock,
keyring&, algorithm_suite&);
/*
@@ -37,24 +38,25 @@ int action_gen_key (const std::string& algspec, const std::string&name,
*/
int action_encrypt (const std::string&recipient, bool armor,
- const std::string&symmetric,
+ const std::string&symmetric, const std::string&withlock,
keyring&, algorithm_suite&);
int action_decrypt (bool armor, const std::string&symmetric,
- keyring&, algorithm_suite&);
+ const std::string&withlock, keyring&, algorithm_suite&);
int action_sign (const std::string&user, bool armor, const std::string&detach,
bool clearsign, const std::string&symmetric,
- keyring&, algorithm_suite&);
+ const std::string&withlock, keyring&, algorithm_suite&);
int action_verify (bool armor, const std::string&detach,
bool clearsign, bool yes, const std::string&symmetric,
- keyring&, algorithm_suite&);
+ const std::string&withlock, keyring&, algorithm_suite&);
int action_sign_encrypt (const std::string&user, const std::string&recipient,
- bool armor, keyring&, algorithm_suite&);
+ const std::string&withlock, bool armor,
+ keyring&, algorithm_suite&);
-int action_decrypt_verify (bool armor, bool yes,
+int action_decrypt_verify (bool armor, bool yes, const std::string&withlock,
keyring&, algorithm_suite&);
/*
@@ -96,5 +98,18 @@ int action_rename_sec (bool yes,
const std::string&filter, const std::string&name,
keyring&);
+int action_lock_sec (bool yes,
+ const std::string&filter,
+ const std::string&symmetric,
+ const std::string&withlock,
+ bool armor,
+ keyring&);
+
+int action_unlock_sec (bool yes,
+ const std::string&filter,
+ const std::string&symmetric,
+ const std::string&withlock,
+ bool armor,
+ keyring&);
#endif
diff --git a/src/arcfour.h b/src/arcfour.h
index b17641e..5d42a4d 100644
--- a/src/arcfour.h
+++ b/src/arcfour.h
@@ -37,7 +37,7 @@ public:
I = J = 0;
S.resize (Ssize);
mask = ~ (inttype) 0;
- if ( (inttype) (1 << bits)) mask %= 1 << bits;
+ if ( (inttype) (1 << bits) != 0) mask %= 1 << bits;
for (size_t i = 0; i < Ssize; ++i) S[i] = i;
}
@@ -45,7 +45,31 @@ public:
init();
}
- void load_key (const inttype*begin, const inttype*end) {
+ //ugly byte padding with zeroes for streamcipher compatibility
+ void load_key (const byte*begin, const byte*end) {
+ inttype j, t;
+ size_t i;
+ const byte *keypos;
+
+ //eat whole key iteratively, even if longer than permutation
+ for (; begin < end; begin += mask + 1) {
+ j = 0;
+ for (i = 0, keypos = begin;
+ i <= mask;
+ ++i, ++keypos) {
+ if (keypos >= end) keypos = begin; //rotate
+ j = (j + S[i] + (*keypos)) & mask;
+ t = S[j];
+ S[j] = S[i];
+ S[i] = t;
+ }
+ }
+
+ discard (disc_bytes);
+ }
+
+ //this works on wide keys
+ void load_wkey (const inttype*begin, const inttype*end) {
inttype j, t;
size_t i;
const inttype *keypos;
@@ -67,7 +91,11 @@ public:
discard (disc_bytes);
}
- inttype gen() {
+ inline byte gen() {
+ return genw();
+ }
+
+ inttype genw() {
I = (I + 1) & mask;
J = (J + S[I]) & mask;
@@ -79,13 +107,20 @@ public:
return S[ (S[I] + S[J]) & mask];
}
- void gen (size_t n, inttype*out) {
+ void gen (size_t n, byte*out) {
if (out)
for (size_t i = 0; i < n; ++i) out[i] = gen();
else
for (size_t i = 0; i < n; ++i) gen();
}
+ void genw (size_t n, inttype*out) {
+ if (out)
+ for (size_t i = 0; i < n; ++i) out[i] = genw();
+ else
+ for (size_t i = 0; i < n; ++i) genw();
+ }
+
void gen (size_t n, std::vector<inttype>&out) {
out.resize (n);
gen (n, & (out[0]));
diff --git a/src/generator.h b/src/generator.h
index 27c7c33..d45c921 100644
--- a/src/generator.h
+++ b/src/generator.h
@@ -25,11 +25,12 @@
#include "prng.h"
#include <stdint.h>
-#define randmax_type uint64_t
class ccr_rng : public prng
{
public:
+ typedef uint64_t randmax_t;
+
chacha20 r;
ccr_rng() {
@@ -43,8 +44,8 @@ public:
bool seed (uint bits, bool quick = true);
uint random (uint n) {
- randmax_type i;
- r.gen (sizeof (randmax_type), (byte*) &i);
+ randmax_t i;
+ r.gen (sizeof (randmax_t), (byte*) &i);
return i % n;
}
};
diff --git a/src/keyring.cpp b/src/keyring.cpp
index 5047fdc..de0d30c 100644
--- a/src/keyring.cpp
+++ b/src/keyring.cpp
@@ -104,7 +104,8 @@ void keyring::clear_keypairs (keypair_storage&pairs)
for (std::map<std::string, keypair_entry>::iterator
i = pairs.begin(), e = pairs.end(); i != e; ++i) {
sencode_destroy (i->second.pub.key);
- sencode_destroy (i->second.privkey);
+ if (i->second.privkey)
+ sencode_destroy (i->second.privkey);
}
pairs.clear();
}
@@ -149,19 +150,13 @@ bool keyring::parse_keypairs (sencode*keypairs, keypair_storage&pairs)
if (! (ident && alg && privkey && pubkey)) goto failure;
std::string keyid = get_keyid (pubkey->b);
- sencode *priv, *pub;
-
- priv = sencode_decode (privkey->b);
- if (!priv) goto failure;
+ sencode *pub;
pub = sencode_decode (pubkey->b);
- if (!pub) {
- sencode_destroy (priv);
- goto failure;
- }
+ if (!pub) goto failure;
pairs[keyid] = keypair_entry (keyid, ident->b, alg->b,
- pub, priv);
+ pub, privkey->b);
}
return true;
@@ -170,8 +165,12 @@ failure:
return false;
}
-sencode* keyring::serialize_keypairs (const keypair_storage&pairs)
+sencode* keyring::serialize_keypairs (keypair_storage&pairs, prng&rng)
{
+ for (std::map<std::string, keypair_entry>::iterator
+ i = pairs.begin(), e = pairs.end(); i != e; ++i)
+ if (!i->second.fix_dirty (rng)) return NULL;
+
sencode_list*L = new sencode_list();
L->items.push_back (new sencode_bytes (KEYPAIRS_ID));
@@ -182,7 +181,7 @@ sencode* keyring::serialize_keypairs (const keypair_storage&pairs)
a->items.resize (4);
a->items[0] = new sencode_bytes (i->second.pub.name);
a->items[1] = new sencode_bytes (i->second.pub.alg);
- a->items[2] = new sencode_bytes (i->second.privkey->encode());
+ a->items[2] = new sencode_bytes (i->second.privkey_raw);
a->items[3] = new sencode_bytes (i->second.pub.key->encode());
L->items.push_back (a);
}
@@ -284,6 +283,8 @@ static std::string get_user_dir()
return "." CCR_CONFDIR; //fallback for absolutely desolate systems
}
+#include "privfile.h"
+#include <fstream>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/file.h>
@@ -291,8 +292,6 @@ static std::string get_user_dir()
#include <unistd.h>
#include <errno.h>
-#include <fstream>
-
/*
* prepares the user directory with empty files and similar stuff.
*
@@ -303,33 +302,12 @@ static std::string get_user_dir()
static bool ensure_empty_sencode_file (const std::string&fn,
const std::string&ident)
{
- struct stat st;
- if (stat (fn.c_str(), &st)) {
- if (errno != ENOENT)
- return false;
-
- //if it simply doesn't exist, create it
- sencode_list l;
- sencode_bytes b (ident);
- l.items.push_back (&b);
- std::string emptyfile = l.encode();
-
- int fd;
- fd = creat (fn.c_str(), S_IRUSR | S_IWUSR);
- if (fd < 0) return false;
- ssize_t res = write (fd, emptyfile.c_str(),
- emptyfile.length());
- if (close (fd)) return false;
- if ( (size_t) res != emptyfile.length()) return false;
+ sencode_list l;
+ sencode_bytes b (ident);
+ l.items.push_back (&b);
+ std::string emptyfile = l.encode();
- } else {
- if (!S_ISREG (st.st_mode))
- return false;
- }
-
- if (access (fn.c_str(), R_OK | W_OK)) return false;
-
- return true;
+ return put_private_file (fn, emptyfile, true);
}
static bool prepare_user_dir (const std::string&dir)
@@ -443,7 +421,7 @@ static void ignore_term_signals (bool ignore)
}
#endif
-bool keyring::save()
+bool keyring::save (prng&rng)
{
std::string dir, fn, bfn;
sencode*S;
@@ -466,7 +444,9 @@ bool keyring::save()
/*
* keypairs
*/
- S = serialize_keypairs (pairs);
+ S = serialize_keypairs (pairs, rng);
+ if (!S) return false;
+
fn = dir + SECRETS_FILENAME;
bfn = fn + BAK_SUFFIX;
res = file_put_sencode_with_backup (fn, S, bfn, backup_pairs);
@@ -559,3 +539,82 @@ bool keyring::close()
return true;
}
+
+/*
+ * keypair_entry loads the privkeys lazily so that it's not necessary to have
+ * all the secrets all the time
+ */
+
+#include "seclock.h"
+#include "iohelpers.h"
+
+bool keyring::keypair_entry::lock (const std::string&withlock)
+{
+ //withlock here is useful for just re-encrypting,
+ //possibly with different password
+ if (!decode_privkey (withlock)) return false;
+ err ("notice: locking key @" + pub.keyid);
+ if (!load_lock_secret (sk, withlock,
+ "protecting key `"
+ + escape_output (pub.name)
+ + "'",
+ "KEYRING", true))
+ return false;
+
+ dirty = true;
+ locked = true;
+ return true;
+}
+
+bool keyring::keypair_entry::unlock (const std::string&withlock)
+{
+ if (!decode_privkey (withlock)) return false;
+ if (locked) {
+ locked = false;
+ dirty = true;
+ }
+ return true;
+}
+
+bool keyring::keypair_entry::decode_privkey (const std::string&withlock)
+{
+ if (privkey) return true; //already done
+ std::string encoded;
+ if (looks_like_locked_secret (privkey_raw)) {
+ err ("notice: unlocking key @" + pub.keyid);
+ if (!unlock_secret_sk (privkey_raw, encoded,
+ withlock,
+ "loading key `"
+ + escape_output (pub.name)
+ + "'",
+ "KEYRING", sk))
+ return false;
+ locked = true;
+ } else {
+ encoded = privkey_raw;
+ locked = false;
+ }
+
+ privkey = sencode_decode (encoded);
+ if (!privkey)
+ return false;
+
+ dirty = false;
+ return true;
+}
+
+#include <sstream>
+
+bool keyring::keypair_entry::fix_dirty (prng&rng)
+{
+ if (!privkey || !dirty) return true; //nothing to do!
+ if (locked) {
+ std::string encoded = privkey->encode();
+ if (!lock_secret_sk (encoded, privkey_raw, sk, rng))
+ return false;
+ } else {
+ privkey_raw = privkey->encode();
+ }
+ dirty = false;
+ return true;
+}
diff --git a/src/keyring.h b/src/keyring.h
index 18dea91..df7a6ef 100644
--- a/src/keyring.h
+++ b/src/keyring.h
@@ -25,6 +25,7 @@
#include <map>
#include "sencode.h"
+#include "symkey.h"
class keyring
{
@@ -50,10 +51,22 @@ public:
struct keypair_entry {
pubkey_entry pub;
+
sencode *privkey;
+ bool locked; //store encrypted
+ symkey sk;
+ bool dirty; //privkey_raw needs to be updated
+
+ std::string privkey_raw;
+
+ bool decode_privkey (const std::string&withlock);
+ bool lock (const std::string&withlock);
+ bool unlock (const std::string&withlock);
+ bool fix_dirty (prng&rng);
keypair_entry() {
privkey = NULL;
+ dirty = false;
}
keypair_entry (const std::string&KID,
@@ -61,7 +74,22 @@ public:
const std::string& A,
sencode*PubK,
sencode*PrivK)
- : pub (KID, N, A, PubK), privkey (PrivK) {}
+ : pub (KID, N, A, PubK),
+ privkey (PrivK),
+ locked (false),
+ dirty (true)
+ {}
+
+ keypair_entry (const std::string&KID,
+ const std::string& N,
+ const std::string& A,
+ sencode*PubK,
+ const std::string&PrivK_raw)
+ : pub (KID, N, A, PubK),
+ privkey (NULL),
+ dirty (false),
+ privkey_raw (PrivK_raw)
+ {}
};
typedef std::map<std::string, pubkey_entry> pubkey_storage;
@@ -84,7 +112,7 @@ public:
bool open();
bool close();
- bool save();
+ bool save (prng&rng);
static std::string get_keyid (const std::string& pubkey);
@@ -96,7 +124,7 @@ public:
static void clear_pubkeys (pubkey_storage&);
static bool parse_keypairs (sencode*, keypair_storage&);
- static sencode* serialize_keypairs (const keypair_storage&);
+ static sencode* serialize_keypairs (keypair_storage&, prng&rng);
static bool parse_pubkeys (sencode*, pubkey_storage&);
static sencode* serialize_pubkeys (const pubkey_storage&);
@@ -107,15 +135,14 @@ public:
return NULL;
}
- bool store_pubkey (const std::string&keyid,
- const std::string&name,
- const std::string&alg,
- sencode*key) {
+ pubkey_entry* store_pubkey (const std::string&keyid,
+ const std::string&name,
+ const std::string&alg,
+ sencode*key) {
- if (pairs.count (keyid)) return false;
- if (pubs.count (keyid)) return false;
- pubs[keyid] = pubkey_entry (keyid, name, alg, key);
- return true;
+ if (pairs.count (keyid)) return NULL;
+ if (pubs.count (keyid)) return NULL;
+ return & (pubs[keyid] = pubkey_entry (keyid, name, alg, key));
}
void remove_pubkey (const std::string&keyid) {
@@ -130,22 +157,34 @@ public:
return NULL;
}
- bool store_keypair (const std::string&keyid,
- const std::string&name,
- const std::string&alg,
- sencode*pubkey, sencode*privkey) {
+ keypair_entry* store_keypair (const std::string&keyid,
+ const std::string&name,
+ const std::string&alg,
+ sencode*pubkey, sencode*privkey) {
+
+ if (pairs.count (keyid)) return NULL;
+ if (pubs.count (keyid)) return NULL;
+ return & (pairs[keyid] = keypair_entry (keyid, name, alg,
+ pubkey, privkey));
+ }
+
+ keypair_entry* store_keypair (const std::string&keyid,
+ const std::string&name,
+ const std::string&alg,
+ sencode*pubkey,
+ const std::string&privkey_raw) {
- if (pairs.count (keyid)) return false;
- if (pubs.count (keyid)) return false;
- pairs[keyid] = keypair_entry (keyid, name, alg,
- pubkey, privkey);
- return true;
+ if (pairs.count (keyid)) return NULL;
+ if (pubs.count (keyid)) return NULL;
+ return & (pairs[keyid] = keypair_entry (keyid, name, alg,
+ pubkey, privkey_raw));
}
void remove_keypair (const std::string&keyid) {
if (pairs.count (keyid)) {
sencode_destroy (pairs[keyid].pub.key);
- sencode_destroy (pairs[keyid].privkey);
+ if (pairs[keyid].privkey)
+ sencode_destroy (pairs[keyid].privkey);
pairs.erase (keyid);
}
}
diff --git a/src/main.cpp b/src/main.cpp
index dd41dfb..ae38e1a 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -42,8 +42,8 @@ void print_help (char*pname)
out (" -T, --test perform (probably nonexistent) testing/debugging stuff");
outeol;
out ("Global options:");
- out (" -R, --in input file, default is stdin");
- out (" -o, --out output file, default is stdout");
+ out (" -R, --in set input file, default is stdin");
+ out (" -o, --out set output file, default is stdout");
out (" -E, --err the same for stderr");
out (" -a, --armor use ascii-armored I/O");
out (" -y, --yes assume that answer is `yes' everytime");
@@ -76,12 +76,20 @@ void print_help (char*pname)
out (" -X, --delete-secret");
out (" -m, --rename rename matching keys");
out (" -M, --rename-secret");
+ out (" -L, --lock lock secrets");
+ out (" -U, --unlock unlock secrets");
outeol;
out ("Key management options:");
- out (" -n, --no-action on import, only show what would be imported");
- out (" -N, --name specify a new name for renaming or importing");
out (" -F, --filter only work with keys with matching names");
out (" -f, --fingerprint format full key IDs nicely for human eyes");
+ out (" -N, --name specify a new name for renaming or importing");
+ out (" -n, --no-action on import, only show what would be imported");
+ out (" -w, --with-lock specify the symmetric key for (un)locking the secrets");
+ out (" -w @SPEC ask for password and expand it to a symmetric key");
+ out(" of type SPEC for (un)locking the secret");
+ outeol;
+ out (" With -S and -w, using `@' as the key file name will cause the program to");
+ out (" interactively ask for a password and derive the symmetric key from it.");
outeol;
out ("Codecrypt eats data. Use it with caution.");
outeol;
@@ -106,6 +114,7 @@ void test()
*/
#include <getopt.h>
+#include <stdlib.h>
#include "actions.h"
#include "algo_suite.h"
@@ -126,6 +135,7 @@ int main (int argc, char**argv)
std::string recipient, user,
input, output, err_output,
name, filter,
+ withlock,
action_param,
detach_sign,
symmetric;
@@ -163,6 +173,9 @@ int main (int argc, char**argv)
{"delete-secret", 1, 0, 'X' },
{"rename-secret", 1, 0, 'M' },
+ {"lock", 0, 0, 'L' },
+ {"unlock", 0, 0, 'U' },
+
{"gen-key", 1, 0, 'g' },
{"name", 1, 0, 'N' },
@@ -171,6 +184,8 @@ int main (int argc, char**argv)
{"fingerprint", 0, 0, 'f' },
{"no-action", 0, 0, 'n' },
+ {"with-lock", 1, 0, 'w' },
+
//actions
{"sign", 0, 0, 's' },
{"verify", 0, 0, 'v' },
@@ -188,7 +203,7 @@ int main (int argc, char**argv)
option_index = -1;
c = getopt_long
(argc, argv,
- "hVTayr:u:R:o:E:kipx:m:KIPX:M:g:N:F:fnsvedCb:S:",
+ "hVTayr:u:R:o:E:kipx:m:KIPX:M:LUg:N:F:fnw:svedCb:S:",
long_opts, &option_index);
if (c == -1) break;
@@ -251,26 +266,32 @@ int main (int argc, char**argv)
read_action ('X')
read_action ('M')
- read_action ('g')
+ read_action ('U')
read_single_opt ('N', name,
- "please specify single name")
+ "specify a single name")
read_single_opt ('F', filter,
- "please specify single filter string")
+ "specify a single filter string")
read_flag ('f', opt_fingerprint)
read_flag ('n', opt_import_no_action)
+ read_single_opt ('w', withlock,
+ "specify a single key lock")
+
/*
* combinations of s+e and d+v are possible. result is
- * 'E' = "big encrypt with sig" and 'D' "big decrypt
- * with verify".
+ * 'E' = "big encrypt with sig", 'D' "big decrypt
+ * with verify" and 'G' = "generate and lock"
*/
read_action_comb ('s', 'e', 'E')
- read_action_comb ('v', 'd', 'D')
read_action_comb ('e', 's', 'E')
+ read_action_comb ('v', 'd', 'D')
read_action_comb ('d', 'v', 'D')
+ read_action_comb ('g', 'L', 'G')
+ read_action_comb ('L', 'g', 'G')
+
read_flag ('C', opt_clearsign)
read_single_opt ('b', detach_sign,
"specify only one detach-sign file")
@@ -312,6 +333,12 @@ int main (int argc, char**argv)
//register all available algorithms
fill_algorithm_suite (AS);
+ //default local user key from environment
+ if(user.empty()) {
+ const char*u=getenv("CCR_USER");
+ if(u) user=u;
+ }
+
/*
* cin/cout redirection
*/
@@ -352,14 +379,18 @@ int main (int argc, char**argv)
}
if (symmetric.length()) switch (action) {
- case 'd':
case 'e':
- case 'g':
+ case 'd':
case 's':
case 'v':
+ case 'g':
+ case 'G':
+ case 'L':
+ case 'U':
break;
default:
- progerr ("specified action doesn't support symmetric operation");
+ progerr ("specified action doesn't support"
+ " symmetric operation");
exitval = 1;
goto exit;
}
@@ -367,36 +398,45 @@ int main (int argc, char**argv)
switch (action) {
case 'g':
exitval = action_gen_key (action_param, name,
- symmetric, opt_armor,
+ symmetric, withlock,
+ opt_armor, false,
+ KR, AS);
+ break;
+
+ case 'G':
+ exitval = action_gen_key (action_param, name,
+ symmetric, withlock,
+ opt_armor, true,
KR, AS);
break;
case 'e':
exitval = action_encrypt (recipient, opt_armor, symmetric,
- KR, AS);
+ withlock, KR, AS);
break;
case 'd':
- exitval = action_decrypt (opt_armor, symmetric, KR, AS);
+ exitval = action_decrypt (opt_armor, symmetric, withlock,
+ KR, AS);
break;
case 's':
exitval = action_sign (user, opt_armor, detach_sign,
- opt_clearsign, symmetric, KR, AS);
+ opt_clearsign, symmetric, withlock, KR, AS);
break;
case 'v':
exitval = action_verify (opt_armor, detach_sign, opt_clearsign,
- opt_yes, symmetric, KR, AS);
+ opt_yes, symmetric, withlock, KR, AS);
break;
case 'E':
- exitval = action_sign_encrypt (user, recipient, opt_armor,
- KR, AS);
+ exitval = action_sign_encrypt (user, recipient, withlock,
+ opt_armor, KR, AS);
break;
case 'D':
- exitval = action_decrypt_verify (opt_armor, opt_yes,
+ exitval = action_decrypt_verify (opt_armor, opt_yes, withlock,
KR, AS);
break;
@@ -445,6 +485,18 @@ int main (int argc, char**argv)
exitval = action_rename_sec (opt_yes, action_param, name, KR);
break;
+ case 'L':
+ exitval = action_lock_sec (opt_yes, filter,
+ symmetric, withlock,
+ opt_armor, KR);
+ break;
+
+ case 'U':
+ exitval = action_unlock_sec (opt_yes, filter,
+ symmetric, withlock,
+ opt_armor, KR);
+ break;
+
default:
progerr ("no action specified, use `--help'");
exitval = 1;
diff --git a/src/message.cpp b/src/message.cpp
index a66d6cc..f95a87e 100644
--- a/src/message.cpp
+++ b/src/message.cpp
@@ -84,19 +84,18 @@ int signed_msg::sign (const bvector&msg,
keyring::keypair_entry *k = kr.get_keypair (key_id);
if (!k) return 2;
+ //note that someone has to prepare the k->privkey in advance!
if (k->pub.alg != alg_id) return 3;
- bool privkey_dirty = false;
int r;
-
- r = alg->sign (message, signature, & (k->privkey), privkey_dirty, rng);
+ r = alg->sign (message, signature, & (k->privkey), k->dirty, rng);
if (r) return r;
- if (privkey_dirty) {
+ if (k->dirty) {
//we can't output a signature without storing privkey changes!
- if (!kr.save()) return 4;
+ if (!kr.save (rng)) return 4;
}
return 0;
diff --git a/src/privfile.cpp b/src/privfile.cpp
new file mode 100644
index 0000000..670598a
--- /dev/null
+++ b/src/privfile.cpp
@@ -0,0 +1,61 @@
+
+/*
+ * This file is part of Codecrypt.
+ *
+ * Copyright (C) 2013-2016 Mirek Kratochvil <exa.exa at gmail.com>
+ *
+ * Codecrypt is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * Codecrypt is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "privfile.h"
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/file.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+
+bool put_private_file (const std::string&fn,
+ const std::string&contents, bool force_perms)
+{
+ struct stat st;
+ if (stat (fn.c_str(), &st)) {
+ if (errno != ENOENT)
+ return false;
+
+ //if it simply doesn't exist, create it
+ int fd;
+ fd = creat (fn.c_str(), S_IRUSR | S_IWUSR);
+ if (fd < 0) return false;
+ ssize_t res = write (fd, contents.c_str(),
+ contents.length());
+ if (close (fd)) return false;
+ if ( (size_t) res != contents.length()) return false;
+
+ } else {
+ if (!S_ISREG (st.st_mode))
+ return false;
+
+ //remove others' read/write. group r/w is untouched.
+ if (force_perms && (st.st_mode & 07)) {
+ if (chmod (fn.c_str(), st.st_mode & ~07))
+ return false;
+ }
+ }
+
+ if (access (fn.c_str(), R_OK | W_OK)) return false;
+
+ return true;
+}
diff --git a/src/symkey.h b/src/privfile.h
similarity index 61%
copy from src/symkey.h
copy to src/privfile.h
index 22718e9..41d5979 100644
--- a/src/symkey.h
+++ b/src/privfile.h
@@ -18,36 +18,13 @@
* along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef _ccr_symkey_h_
-#define _ccr_symkey_h_
+#ifndef _ccr_privfile_h_
+#define _ccr_privfile_h_
-#include <iostream>
#include <string>
-#include <list>
-#include <set>
-#include <vector>
-#include "types.h"
-#include "generator.h"
-#include "sencode.h"
-
-class symkey
-{
-public:
- std::set<std::string> ciphers, hashes;
-
- uint blocksize;
-
- std::vector<byte> key;
-
- sencode* serialize();
- bool unserialize (sencode*);
-
- bool encrypt (std::istream&, std::ostream&, prng&);
- int decrypt (std::istream&, std::ostream&);
-
- bool is_valid();
- bool create (const std::string&, prng&);
-};
+bool put_private_file (const std::string&fn,
+ const std::string&contents,
+ bool force_permissions);
#endif
diff --git a/src/pwrng.cpp b/src/pwrng.cpp
new file mode 100644
index 0000000..e6ea49a
--- /dev/null
+++ b/src/pwrng.cpp
@@ -0,0 +1,99 @@
+
+/*
+ * This file is part of Codecrypt.
+ *
+ * Copyright (C) 2013-2017 Mirek Kratochvil <exa.exa at gmail.com>
+ *
+ * Codecrypt is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * Codecrypt is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "pwrng.h"
+
+#include "iohelpers.h"
+#include <stdlib.h>
+
+#if (HAVE_READPASSPHRASE == 1)
+#include <readpassphrase.h>
+#elif (HAVE_BSDREADPASSPHRASE == 1)
+#include <bsd/readpassphrase.h>
+#else
+#warning "Falling back to getpass(3), which is marked obsolete!"
+/* If you see this, you might as well want to take the readpassphrase()
+ * implementation from e.g. openssh's openbsd-compat and put it here. */
+#include <unistd.h>
+#endif
+
+#define MAX_PW_LEN 1024 //like if someone enjoyed typing that.
+
+static bool read_password (const std::string&prompt, std::string&pw)
+{
+#if (HAVE_READPASSPHRASE == 1 || HAVE_BSDREADPASSPHRASE==1)
+ /* readpassphrase reads at most bufsiz-1 bytes and gets the terminating
+ * zero just right */
+ std::vector<char> pwbuf;
+ pwbuf.resize (MAX_PW_LEN, 0);
+ if (!readpassphrase (prompt.c_str(), pwbuf.data(), MAX_PW_LEN,
+ RPP_REQUIRE_TTY))
+ return false;
+
+ pw = pwbuf.data();
+ return true;
+#else
+ char* pass = getpass (prompt.c_str());
+ if (!pass) return false;
+ pw = pass;
+ return true;
+#endif
+}
+
+bool pw_rng::seed_from_user_password (const std::string&reason,
+ const std::string&env_var,
+ bool verify)
+{
+
+ std::string pw;
+
+ const char*env = getenv (env_var.c_str());
+ if (env) {
+ pw = env;
+ err ("Password for "
+ << reason
+ << " successfully read from environment "
+ << env_var);
+ } else {
+ if (!read_password
+ ("Enter password for " + reason + ": ", pw)) {
+ err ("pwrng: interactive password reading failed");
+ return false;
+ }
+
+ if (verify) {
+ std::string pw2;
+ if (!read_password
+ ("Same password again for verification: ",
+ pw2)) {
+ err ("pwrng: password verification failed");
+ return false;
+ }
+ if (pw != pw2) {
+ err ("Passwords do not match!");
+ return false;
+ }
+ }
+ }
+
+ r.load_key ( (byte*) pw.data(),
+ (byte*) (pw.data() + pw.length()));
+ return true;
+}
diff --git a/src/pwrng.h b/src/pwrng.h
new file mode 100644
index 0000000..e505957
--- /dev/null
+++ b/src/pwrng.h
@@ -0,0 +1,90 @@
+
+/*
+ * This file is part of Codecrypt.
+ *
+ * Copyright (C) 2013-2016 Mirek Kratochvil <exa.exa at gmail.com>
+ *
+ * Codecrypt is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * Codecrypt is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _ccr_pwrng_h_
+#define _ccr_pwrng_h_
+
+#include "arcfour.h"
+#include "prng.h"
+
+#include <stdint.h>
+
+class pw_rng : public prng
+{
+public:
+ /*
+ * Using wide arcfour for this purpose might seem weird, but:
+ *
+ * - it has large memory requirements
+ * (1Mbit, with possible ~0.95Mbit of entropy)
+ *
+ * - it takes some (very easily parametrizable) amount of time to seed,
+ * touching the above memory more or less randomly in the process
+ *
+ * - "retry rate" is constrained by how many passwords the human user
+ * can enter per time unit, which (together with the fact that the
+ * output of this thing is not supposed to get broadcasted directly)
+ * mostly disables all the known statistical attacks on arcfour
+ *
+ * - it's a highly nonstandard variant of a well-understood concept
+ * (therefore a good candidate for codecrypt right?)
+ *
+ * - arcfour is fast, but notably immune to vectorization and similar
+ * speedups.
+ *
+ * The other variant would be scrypt, which we don't implement for two
+ * reasons:
+ *
+ * - there's currently an scrypt-based cryptocoin, which provides
+ * insane amount of available inversion power against scrypt, which, if
+ * slightly abused, would invert any password-based key in seconds
+ *
+ * - admit it, arcfour is nicer
+ *
+ * Discarding 1M of output is very probably good for most uses (it
+ * permutes well and takes just around 50ms to run on current
+ * mainstream hardware) but YMMV.
+ *
+ * Please report any reasonable cases against this parameter choice.
+ */
+
+ arcfour<uint16_t, 16, 1024 * 1024> r;
+
+ void init () {
+ r.init();
+ }
+
+ void clear() {
+ r.clear();
+ }
+
+ bool seed_from_user_password (const std::string& reason,
+ const std::string& env_var,
+ bool verify);
+
+ typedef uint64_t randmax_t;
+ uint random (uint n) {
+ randmax_t i;
+ r.gen (sizeof (randmax_t), (byte*) &i);
+ return i % n;
+ }
+};
+
+#endif
diff --git a/src/seclock.cpp b/src/seclock.cpp
new file mode 100644
index 0000000..bad38ca
--- /dev/null
+++ b/src/seclock.cpp
@@ -0,0 +1,135 @@
+
+/*
+ * This file is part of Codecrypt.
+ *
+ * Copyright (C) 2013-2017 Mirek Kratochvil <exa.exa at gmail.com>
+ *
+ * Codecrypt is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * Codecrypt is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "seclock.h"
+
+#include "pwrng.h"
+#include "iohelpers.h"
+
+#include <sstream>
+#include <string>
+
+#include <stdlib.h>
+
+#define LOCKED_PREFIX "ccr_lock"
+#define LOCKED_PREFIX_LEN 8
+
+bool looks_like_locked_secret (const std::string&s)
+{
+ std::string prefix = LOCKED_PREFIX;
+ /*
+ * unlocked version of this thing is always some kind of sencode, which
+ * will never start with 'ccr_lock'. Abusing it right here.
+ */
+ return s.length() > LOCKED_PREFIX_LEN
+ && s.substr (0, LOCKED_PREFIX_LEN) == LOCKED_PREFIX;
+}
+
+bool load_lock_secret (symkey&sk,
+ std::string withlock,
+ const std::string &reason,
+ const std::string &secret_type,
+ bool for_locking)
+{
+ if (withlock == "") withlock = "@"; //default for password
+ if (withlock[0] == '@') {
+ //ask the user and generate a symmetric key
+ pw_rng r;
+ r.init();
+ if (!r.seed_from_user_password
+ ( (for_locking ? "locking " : "unlocking ") + reason,
+ "CCR_" + secret_type + "_PASSWORD",
+ for_locking))
+ return false;
+
+ withlock.erase (0, 1); //delete the @
+ if (withlock.empty()) {
+ std::string alg = "CCR_" + secret_type + "_ALGORITHM";
+ const char* algorithm = getenv (alg.c_str());
+ if (algorithm) withlock = algorithm;
+ else withlock = "CHACHA20,CUBE512,SHORTBLOCK";
+ //TODO make sure this is synced with synonyms
+ }
+ return sk.create (withlock, r);
+ } else {
+ return sk.load (withlock, "", false, false);
+ }
+}
+
+bool lock_secret (const std::string &secret, std::string &locked,
+ const std::string &withlock,
+ const std::string &reason,
+ const std::string &secret_type,
+ prng&rng)
+{
+
+ symkey sk;
+ if (!load_lock_secret (sk, withlock, reason, secret_type, true))
+ return false;
+
+ return lock_secret_sk (secret, locked, sk, rng);
+}
+
+bool lock_secret_sk (const std::string &secret, std::string &locked,
+ symkey&sk, prng&rng)
+{
+ std::istringstream i (secret);
+ std::ostringstream o;
+ o << LOCKED_PREFIX;
+ bool ret = sk.encrypt (i, o, rng);
+ locked = o.str();
+ return ret;
+}
+
+
+bool unlock_secret_sk (const std::string &locked, std::string &secret,
+ const std::string &withlock,
+ const std::string &reason,
+ const std::string &secret_type,
+ symkey&sk)
+{
+ if (!looks_like_locked_secret (locked)) {
+ err ("seclock: malformed locked secret");
+ return false;
+ }
+
+ if (!load_lock_secret (sk, withlock, reason, secret_type, false))
+ return false;
+
+
+ std::istringstream i (locked);
+ i.ignore (LOCKED_PREFIX_LEN);
+ std::ostringstream o;
+ bool ret = !sk.decrypt (i, o); //returns int!
+ secret = o.str();
+ if (!ret) err ("error: unlocking a secret failed,"
+ " double check you password/symkey");
+ return ret;
+}
+
+bool unlock_secret (const std::string &locked, std::string &secret,
+ const std::string &withlock,
+ const std::string &reason,
+ const std::string &secret_type)
+{
+ symkey sk;
+ return unlock_secret_sk (locked, secret, withlock,
+ reason, secret_type, sk);
+}
diff --git a/src/seclock.h b/src/seclock.h
new file mode 100644
index 0000000..1d5c008
--- /dev/null
+++ b/src/seclock.h
@@ -0,0 +1,52 @@
+
+/*
+ * This file is part of Codecrypt.
+ *
+ * Copyright (C) 2013-2016 Mirek Kratochvil <exa.exa at gmail.com>
+ *
+ * Codecrypt is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * Codecrypt is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Codecrypt. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _ccr_seclock_h_
+#define _ccr_seclock_h_
+
+#include <string>
+
+#include "prng.h"
+#include "symkey.h"
+
+bool looks_like_locked_secret (const std::string&);
+bool load_lock_secret (symkey&sk,
+ std::string withlock,
+ const std::string &reason,
+ const std::string &secret_type,
+ bool for_locking);
+bool lock_secret (const std::string&secret, std::string&locked,
+ const std::string&withlock,
+ const std::string&reason,
+ const std::string&secret_type,
+ prng&rng);
+bool lock_secret_sk (const std::string&secret, std::string&locked,
+ symkey&sk, prng&rng);
+bool unlock_secret (const std::string&locked, std::string&secret,
+ const std::string&withlock,
+ const std::string&reason,
+ const std::string&secret_type);
+bool unlock_secret_sk (const std::string&locked, std::string&secret,
+ const std::string&withlock,
+ const std::string&reason,
+ const std::string&secret_type,
+ symkey&sk);
+
+#endif
diff --git a/src/symkey.cpp b/src/symkey.cpp
index e04c3dd..3675c9e 100644
--- a/src/symkey.cpp
+++ b/src/symkey.cpp
@@ -20,10 +20,11 @@
#include "symkey.h"
-#include "sc.h"
#include "hash.h"
-#include "str_match.h"
#include "iohelpers.h"
+#include "privfile.h"
+#include "sc.h"
+#include "str_match.h"
#include <sstream>
@@ -84,6 +85,115 @@ bool symkey::create (const std::string&in, prng&rng)
return true;
}
+/*
+ * loading/saving
+ */
+
+#include "envelope.h"
+#include "base64.h"
+#include "seclock.h"
+
+#define ENVELOPE_SYMKEY "symkey"
+
+bool symkey::load (const std::string&fn, const std::string&withlock,
+ bool for_encryption, bool armor)
+{
+ if (fn.length() && fn[0] == '@') {
+ //shared-secret password is requested
+ return load_lock_secret (*this, fn, "expanding shared secret",
+ "SYMMETRIC", for_encryption);
+ }
+
+ std::ifstream sk_in;
+ sk_in.open (fn == "-" ? "/dev/stdin" : fn.c_str(),
+ std::ios::in | std::ios::binary);
+
+ if (!sk_in) {
+ err ("error: can't open symkey file");
+ return false;
+ }
+
+ std::string sk_data;
+ if (!read_all_input (sk_data, sk_in)) {
+ err ("error: can't read symkey");
+ return false;
+ }
+ sk_in.close();
+
+ if (armor) {
+ std::vector<std::string> parts;
+ std::string type;
+ if (!envelope_read (sk_data, 0, type, parts)) {
+ err ("error: no data envelope found");
+ return false;
+ }
+
+ if (type != ENVELOPE_SYMKEY || parts.size() != 1) {
+ err ("error: wrong envelope format");
+ return false;
+ }
+
+ if (!base64_decode (parts[0], sk_data)) {
+ err ("error: malformed data");
+ return false;
+ }
+ }
+
+ if (looks_like_locked_secret (sk_data)) {
+ std::string tmp;
+ if (!unlock_secret (sk_data, tmp,
+ withlock, fn, "SYMKEY")) return false;
+ sk_data = tmp;
+ }
+
+ sencode*SK = sencode_decode (sk_data);
+ if (!SK) {
+ err ("error: could not parse input sencode");
+ return false;
+ }
+
+ if (!unserialize (SK)) {
+ err ("error: could not parse input structure");
+ sencode_destroy (SK);
+ return false;
+ }
+
+ sencode_destroy (SK);
+
+ return true;
+}
+
+bool symkey::save (const std::string&fn, const std::string&withlock,
+ bool armor, bool force_lock, prng&r)
+{
+ sencode*SK = serialize();
+ std::string data = SK->encode();
+ sencode_destroy (SK);
+
+ if (force_lock) {
+ std::string tmp;
+ if (!lock_secret (data, tmp, withlock, fn, "SYMKEY", r))
+ return false;
+ data = tmp;
+ }
+
+ if (armor) {
+ std::vector<std::string> parts;
+ parts.resize (1);
+ base64_encode (data, parts[0]);
+ data = envelope_format (ENVELOPE_SYMKEY, parts, r);
+ }
+
+ bool to_stdout = (fn == "-");
+ if (!put_private_file (to_stdout ? "/dev/stdout" : fn,
+ data, !to_stdout)) {
+ err ("error: can't write to symkey file");
+ return false;
+ }
+
+ return true;
+}
+
typedef std::list<instanceof<streamcipher> > scs_t;
typedef std::list<instanceof<hash_proc> > hashes_t;
diff --git a/src/symkey.h b/src/symkey.h
index 22718e9..6c9c41e 100644
--- a/src/symkey.h
+++ b/src/symkey.h
@@ -28,7 +28,7 @@
#include <vector>
#include "types.h"
-#include "generator.h"
+#include "prng.h"
#include "sencode.h"
class symkey
@@ -48,6 +48,11 @@ public:
bool is_valid();
bool create (const std::string&, prng&);
+
+ bool load (const std::string&fn, const std::string&withlock,
+ bool for_encryption, bool armor);
+ bool save (const std::string&fn, const std::string&withlock,
+ bool armor, bool force_lock, prng&r);
};
#endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/codecrypt.git
More information about the Pkg-privacy-commits
mailing list