Sat Jan 24 19:01:01 1998  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* PGPlib.3: Added.  Modified all manual pages from u_quad_t to
	PGPKEYID.

Mon Jan 19 08:39:01 1998  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* src/keybase.c src/keymgmt.c src/misc.c src/pgplib.h src/pke.c
	src/pubdecrypt.c src/pubencrypt.c src/secencrypt.c
	applications/get_key.c applications/keyserver.c
	applications/p_decrypt.c applications/p_encrypt.c
	applications/parser.c applications/scan.c applications/shell.c
	applications/sign.c applications/verify.c 

	A large patch received from Tim Hudson <tjh@cryptsoft.com>
	affecting the above files.  

	He writes: 

	The base PGPlib 1.0C code has been altered in a number of ways:

	- the base type for PGP key ids is now abstracted out into a
	structure which	need not be a system type and routines for
	handling conversion to/from this type (PGPKEYID) are isolated in a
	set of macros and functions in pgplib.h and misc.c 

	- with the introduction of the PGPKEYID type as no longer being a
	built-in type a number of functions/macros for initialisation and
	comparision have been added along with a function for converting
	from a PGPKEYID into a printable format.  

	- the initial code *implements* the same long long support via
	casts onto a struct that contains 8 bytes - this is a "clean" way
	of testing to make sure the updated code behaves identically. The
	convert to ascii function also uses the %#.16llx printf format 

	- as part of introducing the PGPKEYID a number of functions have
	been renamed to make their purpose clearer

	- various bugs fixed
	- shell core dumped if you feed it a blank line
	- short key id lookups were not hooked into the find_shortid
	function 
	- the find_shortid function had a size test incorrect (which means
	it would never work which is probably why it wasn't hooked into
	shell) 
	- minor spelling mistakes and typographical errors fixed

	TODO
	- implement direct support for simply using SSLeay BN's - should
	be rather minor changes now that all the knowledge of PGPKEYIDs is
	abstracted  
	- build for WIN32


Thu Jan 15 08:20:29 1998  Per H. Myrvang <perm@stud.cs.uit.no>  

	* flio.c (flio_enlarge_buffer): Make sure we clear the "new"
	area. Otherwise we might end up with all sort of junk in the
	buffer. 
	
Fri Dec 12 15:10:59 1997  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* Makefile.in: Changed the conditional so it conforms to GNU make
	(which is shipped with Linux) rather than the BSD make.

Thu Dec 11 19:55:33 1997  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* Merged pgp_m.h into pgplib.h and created a new configuration
	file, pgplibconf.h as a replacement of conf.h.

Mon Dec  8 00:51:55 1997  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* man/is_compromised.3: added.

	* man/sec_decrypt_packet.3: added.

	* man/pub_encrypt_buffer.3: added  pub_encrypt_session_key().

	* man/keyring.3: The functions are named ...buf (not ...buffer).

	* man/uids_from_keyid.3: Renamed the file and function from
	uids_from_id(.3).

	* src/pgplib.h.in: uids_from_id declared twice (removed one).

	* man/compress.3: Added comment on decompress_file.

	* man/free_pubkey.3: Removed.
	

Sun Dec  7 14:40:30 1997  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* configure.in Makefile.in: Two missing -L and -I's.  Noted by
	Anders Andersen <AAndersen@acm.org>

Mon Nov 10 08:53:53 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* Updated most of the manual pages to conform to the actual
	interfaces they (are supposed to) document.

	* Merged armor_buffer.3 armor_file.3 dearmor_buffer.3
	dearmor_file.3 into armor.3, and updated mkling accordingly.

	* Merged make_sig.3 into signature.3.

Fri Nov  7 19:23:21 1997  Tage Stabell-Kuloe  <tage@dslab1.cs.uit.no>

	* keybase.c (store_uid): Changed a char* to unsigned char*.  Noted
	by Tom Grydeland (tom.grydeland@phys.uit.no).

	* keyserver.c: Merged all the strings.  Strings with embedded
	newline is OK according to GCC, not according to K&R.  The latter
	is Bible, so then what can I do?  Noted by
	Tom.Grydeland@phys.uit.no

	* armor.c: Removed a lot of old code from PGP.  Replaced it with
	the code that was donated to PGPlib by Peter Gutmann.

Fri Nov  7 10:34:57 1997  Thomas Roessler (added by Tage)

	* armor.c: Various bug fixes.

	* compress.c: Avoiding a segmentation fault which could
	  occur when zlib wants more memory than we expect.

	* conf.h: The maximum line length was a little bit too short.

	* flio.c: Cleanup.

	* keybase.c:

	  A new database has been added.  It contains the MD5
	  hashes of complete public key records as they occur
	  on the user's pubring.pgp.  This is used to minimize
	  the cost of key database rebuilding operations: When
	  going through the key ring, we only have to do the
	  expensive parsing and merging of different records if
	  there were any real changes.

	  To use this feature, the add_pubkey_rec() and
	  parse_pubring() functions have been introduced.  One
	  may argue that these functions should be moved to
	  keyring.c.

	  keys_from_function(), get_keycontents(),
	  getkeycontents_seq(), and keybuf_to_records() have
	  been introduced to ease the user's access to the
	  key database when, e.g., searching for keys by
	  certain properties.

	* keymgmnt.c: Avoiding dangling pointers (and segfaults).

	* keyring.c: Fixing memory leaks.

	* packet.c: Trying to handle pgp 5.0 packets by
	  skipping them.  I'm not sure if this really works.

	* pgplib.h: Prototypes.

	* pubdecrypt.c: Replacing an assertion by return 1.

	* pubencrypt: Cleaner handling of multiple public keys
	  when encrypting one message.

	* secencrypt: Correctly initialize the signature's length.

	* trust.c: remove a superfluous variable from purge_trust().


Mon Sep  8 17:44:49 1997  Thomas Roessler  <roessler@sobolev.rhein.de>

	* doc/COPYING: Removing the recursive reference in "my"
	copyright entry.
	
	* src/flio.c: An stdio-like set of functions to access
	dynamic memory buffers and stdio files.
	
	* src/pgplib.h: Adding structure definitions and
	prototypes for flio.c; adding prototypes for other changes.
	
	* src/armor.c: Use flios to get simplified back-end
	routines for armoring and dearmoring files and buffers.
	
Thu Aug 28 17:45:19 1997  Thomas Roessler  <roessler@sobolev.rhein.de>

	* trust.c: Adding a purge_trust() function to remove any keyring
 	trust packets from a pubkey - this is needed for im- and exporting
 	public keys from/to untrusted sources.

	* pgplib.h: Adding a prototype for purge_trust().

	* keybase.c, keyring.c: Fixing some misleading comments.
	
	* armor.c: Adding code to do "clearsign armor" in a pgp-compatible
	way.

Wed Aug 27 16:12:19 1997  Thomas Roessler  <roessler@sobolev.rhein.de>

	* pgplib.h: Changing the add_sig prototype; adding a prototype for
	is_compromised().

	* secencrypt.c: Verify key compromise certificates the right way.

	* pgp_m.h: Adding some more signature classifications.  Needed for
	the new add_sig().

	* keybase.c: Changing add_sig to produce properly formatted key
	packets in the database.  This implies a change to the interface:
	we need to pass a signature-userid pair to add a user id.

	* verify.c: Handling more signature types: Key compromise,
	different signature levels, ID/signature revocations.

	* add.c: Some changes to handle the new add_sig interface.
	

1997-08-20  Peter Simons  <simons@rhein.de>

	* src/pubencrypt.c:
	pub_encrypt_buffer() used NULL instead of he integer value zero.

	* src/keymgmnt.c:
	In case of an EINVAL error, copy_pubkey() returned NULL rather than -1.

	* configure.in:
	When a test for ar, pgp or perl fails, we will use defaults now.

	* src/keybase.c:
	Fixed two locations where NULL was accidently used instead of
	'\0' or (u_quad_t)0, respectively.

	* configure.in:
	Turned the tests for daemon(), strerror(), strsep() and strtouq() from
	AC_REPLACE_FUNCS into AC_CHECK_FUNCS. They won't be linked into the
	pgplib anymore (where they don't belong), but will be included by the
	applications that actually need them.

	* src/pgplib.h:
	Added include for ../config.h. This is required to define quad_t.

	* src/pgplib.h: Replaced include for <malloc.h> with <stdlib.h>.

	* src/keybase.c:
	Added config.h include (Reported by Thomas Roessler).
	Added ifdef-bracket around the include for <db.h>.

1997-08-18  Peter Simons  <simons@rhein.de>

	* zlib-1.0.4/Makefile.in, configure.in:
	Placed zlib's Makefile under autoconf control.

	* PGPlib:
	Re-wrote the Makefile and customized the sources accordingly. The
	new build process isn't as powerful as the old one, but it works
	on any platform so far. :-)

	* config.h.in:
	Removed this file from the repository, because it is generated
	automatically by the "autoheader" tool.

	* aclocal.m4, acconfig.h, configure.in:
	Changed various things in the autoconf mechanism: A test for "perl"
	has been added. Instead of looking for an "install" program, we will
	use the "install-sh" script included in the distribution now, removed
	various tests that were simply wrong (like checking for 'main' in
	various link libraries).

	* tools/pgpacket.pl.in, tools/Makefile.in, tools/.cvsignore:
	Removed the Makefile, as it is not used anyway. pgppacket.pl has been
	renamed to pgppacket.pl.in, as it is under autoconf control now, too,
	to determine the currect path to perl.

	* configure, .cvsignore:
	Removed the "configure" script from the repository, as it is generated
	with autoconf and configure.in.

	* mkinstalldirs:
	The script is not required. "./install-sh -d" does the same.

Thu Aug 14 02:34:20 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* applications/test.sh: Splittet the test for parser and literal.

	* src/compress.c (compress_buffer): After compression, the size of
	the output is 2 (CTB + algorithm byte) larger than the result from
	inflate.  The 2 was not added.  This means that we can get rid of
	the routines from PGP for compression !

Mon Aug  4 16:23:45 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* src/keybase.c (store_uid): The size of names being added to the
	reverse database was random (an extra & together with a cast that
	removed the warning was the cause).

Mon Jul 28 11:33:28 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* Added the error reporting system written by Thomas Roessler
	<roessler@guug.de>.  Found quite a few bugs along the road.

	* src/misc.c (ctb_llength): Changed from a macro to a routine;
	written by Thomas Roessler <roessler@guug.de>

Fri Jul 25 08:56:50 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* src/keymgmnt.c (decrypt_seckey): Changed the interface.  Now, a
	_new_ key is returned, fully armed.  This way you can re-arm you
	key many times.
	(decrypt_seckey): Plugged a memory leak.

	* src/secencrypt.c (make_sig): Added  RSA_PKCS1_PADDING to the
	calls to RSA_private_*

	* src/pubdecrypt.c: Added.

	* man/pke.3: Added.

	* COPYING: Added note on the copyright held by Thomas
	Roessler <roessler@guug.de> on the pke stuff.

Thu Jul 24 09:33:54 1997  Tage Stabell-Kulo  <tage@tagenb.cs.uit.no>

	* applications/test.sh.in: Added test for p_decrypt.

	* src/pubencrypt.c (pub_encrypt_buffer): Added code to be
	compatible with SSleay-0.8.0.  Mostly provided by Thomas Roessler
	<roessler@guug.de>.

	* src/literal_data.c (literal2buf): testing parameter buf for
	sanity inplies testing buf==NULL, not *buf==NULL.  Pointed out by
	Andy Dustman <andy@CCMSD.chem.uga.edu>.

	* src/secencrypt.c (make_sig): Calculated dmp1, dmq1 and iqmp to
	speed up usage of RSA.

	* src/pubencrypt.c (pub_encrypt_buffer): Ensure that rsa_info is
	zero'ed.

	* src/keyring.c (get_keyentry_from_file): A memory leak detected
	by Peter Brian Clements <peter@shylock.demon.co.uk>

	* src/keymgmnt.c (buf2seckey): When you load a new key, the memory
	is zero'ed before being filled in.  This ensures that free_key
	will work as expected.
	(buf2seckey): Only when the cipher byte is set is it followed by
	8 bytes of IV.  Pointed out by Andy Dustman <andy@CCMSD.chem.uga.edu>

	* src/pubencrypt.c (pub_encrypt_buffer): Added check to ensure
	that the session key is not 16 zero's.  Should be removed at some
	time.
	(pub_encrypt_session_key): Added after a suggestion made by Andy
	Dustman <andy@CCMSD.chem.uga.edu>.
	(pub_encrypt_buffer): Chaned assert(header_len == 2) into
	assert(header_len >= 2).  Pointed out by Andy Dustman
	<andy@CCMSD.chem.uga.edu> and Derek Atkins <warlord@mit.edu>.
	Should be changed into an if-statement.

Wed Jun  4 07:04:33 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* src/conventional.c (conventional_key_decrypt): Wrong value
	free'ed which provoked a core-dump in some instanses.  Noted by
	Andu Dustman <andy@CCMSD.chem.uga.edu>

	* src/misc.c (checksum): Fixed the checksum.  Due to the
	intentional overflow it is not true that addition is commutative.

	* applications/p_encrypt.c (main): fixed free(literal) into
	free_literal(literal) (noted by tzeruch@ceddec.com)

	* applications/test.sh (p_encrypt): Add test to check if foo is
	actually created by PGP.

	* src/keybase.c (add_user_id add_sig_to_keyid fetch_only_pubkey
	get_keycontents): Moved these routines from keymgmnt.c to avoid
	linking in db when the database isn't used.  After a suggestion
	made by tzeruch@ceddec.com.

1997-05-31  Peter Simons  <simons@rhein.de>

        * pgpzip/Makefile.in, src/Makefile.in, applications/Makefile.in:
        Moved all defines which are required for compiling into the CFLAGS
        define, because many makes do not honor CPPFLAGS and other names.

1997-05-30  Peter Simons  <simons@rhein.de>

        * configure.in, configure:
        The check whether the db.h include was found was wrong. Fixed that.

	* src/Makefile.in, pgpzip/Makefile.in, applications/Makefile.in:
        Most make implementations do not honor the COMPILE define. Hence,
        $(DEFS) was not used when compiling. I remedied this by adding the
        $(DEFS) define to $(CFLAGS) and removing it from $(COMPILE).

        * configure.in, configure, config.h.in, acconfig.h:
        Added various checks to the autoconf script:
         - Existance of errno.h and sys/errno.h is tested.
         - The socket- and nsl-library are linked to the binaries,
           when they're required.
         - Improved the way, the test for the db-library is done.
         - Bumped 'VERSION' variable to 0.2.
         - The 'autoheader' program is not called without path
           information anymore.

        * src/compress.c, src/armor.c:
        Added checks for errno.h and sys/errno.h, to avoid including a
        non-existand file.

        * src/strtouq.c:
        Removed the #if statement checking for u_quad_t. This is defined
        in the config.h file, created by autoconf. Also made the check
        for the existance of UQUAD_MAX independent from the platform we're
        compiling on.

Mon May 26 17:23:18 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* COPYING: The Copyright has been transferred to The University of
	Troms, Norway.  All files updated.

Mon May 26 15:27:47 1997  Magne Rasmussen  <magner@pasta0.cs.uit.no>

	* configure.in (AC_PATH_PROG): Added check for pgp program, which
	is needed in the applications/test.sh shell script.  Also added
	applications/test.sh.in in AC_OUTPUT.

	* src/literal_data.c (file2literal): Removed local 'literal' and
	changed parameter 'lit' to 'literal'.

	* src/trust.c: Added #include <config.h>  Any file under autoconf
	ought to include this file as the first #include.

	* src/Makefile.in (CFLAGS): Added -Wall non-conditionally. Also
	updated the DIST_EXTRA files (included compress.zlib).

	* Makefile.in (SUBDIRS): Changed from zlib-1.0.4 to pgpzip. Also
	updated the DIST_COMMON files.

	* configure.in (AC_OUTPUT): Changed from zlib-1.0.4 to pgpzip
	(zlib-1.0.4 does not work in memory yet.)

Sun May 25 02:06:09 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* src/pubencrypt.c (pub_encrypt_buffer): Inside a public key
	encrypted MPI, the 0 is followed by a 1 and then the DEK and the
	two bytes of checkusm.  That is, we must allocate 19 bytes.  Took
	me a full day (sigh).

Sat May 24 02:39:18 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* src/conventional.c (conventional_key_encrypt): When synching the
	iv after encryption the 10 bytes prefix, the offset into iv must
	be reset to 0.  An entire Saturday on a single bug.

	* Most manualpages updated for spelling errors.  Corrections
	supplied by  Andreas Kupries <a.kupries@westend.com>.

Fri May 23 08:18:49 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* applications/test.sh: Added script to check the programs in
	/applications.  You need to read REAME to make this script work.
	Suggested by tzeruch@ceddec.com.

	* src/compress.c (decompress_file): Added function.  It is sort of
	stupid to have this thing when we do (de)compression in memory.

	* src/trust.c (trust2buf): Added two routines to handle the new
	type of packets now known to us.

	* src/keyring.c (get_keyentry_from_buf): Added a new return type
	TRUSTBYTE.  This would avoid blocking if the buffer only contained
	a trust byte.  Reported by by tzeruch@ceddec.com.

	* Changed quite a few NULL into 0 where assigned to char or int.
	Also, in applications/armor.c the tmp-file was not properly
	reopened.  Reported by by tzeruch@ceddec.com.

Tue May 13 01:29:50 1997  Tage Stabell-Kulo  <tage@tage.iet.unipi.it>

	* src/armor.c: Incorporated armor-code donated to PGPlib by Peter
	Gutmann <pgut001@cs.auckland.ac.nz>.  The only thing taken
	verbatim from PGP is the CRC code.  Not much help to get from
	RFC1991 either.

	* Removed the huge Copyright statement in all files.  It is now
	(only) stored in COPYING.  The header in each file was created
	automatically by auto-header, written by Espen Skoglund
	(espensk@stud.cs.uit.no).

	* src/keymgmnt.c (pubkey_fingerprint): Print the PGP fingerprint
	into a buffer (50 char long).  Not mentioned in RFC1991.

	* COPYING: ispell found quite a few errors.

	* src/compress.c (compress_buffer): Ahhhh.  Assar Westerlund
	<assar@sics.se> told me about an undocumented value you can give
	to inflateInit2.  Voila, PGP compatible (de)compression in
	memory.  Need to write an application/ to test compression (and
	not only decompression as done by applications/parser).

	Give that man some flowers.

	* applications/armor.c: It didn't check it's parameters	properly;
	fixed.

	* doc/rfc1991.txt: Added.  However, this RFC seems to contain even
	less info than PGFORMAT.DOC.

	* src/keymgmnt.c (add_user_id): Added the function
	pubkey_fingerprint.

	* src/literal_data.c (parse_literal_buffer): The incorrect use of
	assert 	(below) was in addition wrong.  Fixed.

	* doc/pgplib.texi: Written documentation

	* Fixed errors in the use of assert in src/signature.c,
	src/pubencrypt.c and src/cponventional.c.  Reported by Adam Back
	<aba@dcs.ex.ac.uk>.

Mon May 12 10:11:19 1997  Magne Rasmussen  <magner@pasta0.cs.uit.no>

	* src/misc.c: Added conditional definition of NBBY. This is needed
	for Linux (at least).

Wed May  7 12:14:52 1997  Magne Rasmussen  <magner@pasta0.cs.uit.no>

	* Changed all references to index() and rindex() to strchr() and
	strrchr().

	* src/Makefile.in (libpgp.a): Had to add $(LIBADD) to include
	optional object files.

	* Added check for hstrerror in configure.in, and used this check
	in applications/keyserver.c.

	* src/keybase.gdbm.inc: Made up to sync with src/keybase.db.inc

	* Added #include <netinet/in.h> to several files. This omission
	provoked link errors on HPUX where htonl() etc. are #define's.

	* acconfig.h: Added define for u_quad_t.

	* configure.in: Added check for the u_quad_t typedef. Necessary
	for HPUX.

	* src/conf.h: Made definition of BSIZE conditional. This define
	created lots of warnings on HPUX.

	* Added declarations of daemon(), strerror(), strsep() and
	strtouq() to those files in applications/ which needed this. The
	declarations are only used if the system does not provide the
	function in question.

	* src/keyring.c (get_keyentry_from_buffer): Fixed logic in
	CTB_USERID_TYPE case: new check for return value from
	buf2userid(). Old version died when trying to add same signature
	as the key.

	* Removed conditional compilation of the function atoq() based on
	__FreeBSD__, because the need for this disappeared with the
	previous change.

	* Changed sources so that instead of scanf("%qx", ...) they use
	the function strtouq().  This function is provided in PGPlib if
	the system does not provide it.

	* Changed sources to take advantage of the check for print-prefix
	when printing key IDs.

	* Added macro to check for prefix to use when printing long long
	hex number.

Tue May  6 13:30:11 1997  Magne Rasmussen  <magner@pasta0.cs.uit.no>

	* PGPlib changed to use autoconf.

