2002-12-08  Timo Schulz  <twoaday@freakmail.de>

	* keyserer.c (cdk_keyserver_recv_key): const for the keyid.
	* keydb.c (keydb_parse_allsigs): Detect signatures which revoke
	earlier signatures but no userID's.

2002-12-07  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_build): Use _cdk_buftou32.
	(keydb_idx_rebuild): New.
	* cipher.c (cipher_decode2): Implemented block mode.
	(read_header): If block mode is used, decrement packet length
	due to the prefix data.
	* read-packet.c (read_pkt_len): Renamed to...
	(_cdk_pkt_read_len).
	(read_encrypted): Do not read the body but store a STREAM reference.
	Set the block mode when partial bodies are used.
	
2002-12-06  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Defined old key db types for compat reasons.
	Removed old key db prototypes.
	* keyid.c: Deleted.
	* pubkey.c: Merged with keyid.c contents.
	* read-packet.c (read_16, read_u32): Declare as static.
	(skip_packet): Speed up code.
	* verify.c (cdk_file_verify): Ability to handle cleartext
	signatures.
	(cdk_file_verify_clearsign): Removed.
	* main.c (cdk_set_keydb): Remove the secret parameter. There
	is an internal check to find this out.
	
2002-12-05  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Simplified context.
	(cdk_keygen_set_expire_date): New parameter for the key type.
	* keydb.c (cdk_keydb_import): Fix a problem with secret keys.
	* keylist.c: Add some argument checks and sanity checks all
	over the place.
	* encrypt.c (handle_signature): Use public db handle.
	
2002-12-03  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c: Begin to make the code reentrant. This breaks a lot of
	interface but we need this step sooner or later.
	(cdk_keydb_export): Add handle to the parameters.
	(_cdk_keydb_get_pk_byname): Now it is internal and with a handle.
	(_cdk_keydb_get_sk_byname): Ditto.
	For the outer interface there is cdk_keydb_get_{sk,pk}.
	(_cdk_keydb_get_xxblock): Use a db handle.
	(cdk_keydb_get_ctx): Removed.
	(cdk_keydb_get_name): Removed.
	(cdk_keydb_is_secret): Removed.
	(cdk_keydb_find_idx): Removed.
	(cdk_keydb_remove_resource): Removed.
	(cdk_keydb_add_resource): Removed.
	(cdk_keydb_new): Do not use strdup (!) or modify the parameter.
	* keyserver.c (cdk_keyserver_recv_key): Fix URL parsing.
	Kudos to Nikos who found this out.
	* keylist.c (keylist_get_pk): Removed.

2002-12-02  Timo Schulz  <twoaday@freakmail.de>

	* keyserver.c (cdk_keyserver_recv_key): Use byte * instead of
	u32 * and add a parameter for the keyid type. Suggested by Nikos
	to avoid problems with 64-bit systems.
	* kbnode.c (cdk_kbnode_write_to_mem): If buffer is NULL, just
	return the size of the kbnode.
	* keydb.c (cdk_keydb_open): Disable the index in some cases.
	(keydb_pos_from_cache): New. Add code to use the fingerprint.
	* main.c (cdk_strdup): Return char * not void *.
	
2002-12-01  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_mkname): New.
	(keydb_idx_build): New.
	(keydb_idx_parse): New.
	(keydb_idx_search): New.
        (cdk_keydb_search): When we search for the long keyid, use
	the index table to speed up operations when it was not found in	
	the cache. This solves the performance problem when we search for
	signature keys which are not in the keyring. Do not use the cache
	for secret keys.
	* snprintf.c: New. For systems which do not have it.
	* armor.c (armor_encode): Make the code 200% faster.
	
2002-11-30  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (read_header): Close handles in the case of an error.
	* write-packet.c: Changed all packet size fields to size_t to
	make sure it can carry a 32-bit length.
	* opencdk.h: Ditto.
	* keydb.c: Removed old offset code. Now we use a cache table
	which stores the keyid and the offset of the key inside the
	keyring. If a new search begins, first the cache is used. 
	When the item was found, the offset will be set. The key offset
	will be cache at the end inside the struct (when not already
	stored).
	(keydb_search_copy): New.
	(keydb_cache_free): New.
	(keydb_cache_find): New.
	(keydb_cache_add): New.
	(cdk_keydb_search_reset): Clear the cache so the key search
	will not use it.
	(cdk_keydb_close): New.
	* sig-check.c (check_key_signature): Do not reset the handle.
	
2002-11-28  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (is_armored): Use an integer.
	(cdk_armor_filter_use): Modified for the new code.
	* encrypt.c (cdk_file_decrypt): Push armor filter.
	* stream.c (cdk_stream_flush): Only flush if the file
	contains data.
	(mk_tmpnam): Create the temp file in /tmp.
	
2002-11-25  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (sig_calc_subpkt_size): New.
	(_cdk_sig_complete): Use it here.
	* keygen.c (sig_self_create): MDC support.
	(generate_subkey): New.
	(gcry_mpi_to_native): Support for subkeys.
	(sig_subkey_create): New.
	(keydb_merge_selfsig): Parse KEY_EXPIRE and KEY_FLAGS sub packets.
	* read-packet.c (read_public_key): Now we use 32-bit for
	the timestamp and the expire date.
	* write-packet.c (write_public_key): Ditto.
	* keydb.c (keydb_parse_allsigs): Ditto.
	
2002-11-24  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Add structures to the context.
	(cdk_keygen_save): Don't free any packets when they are still
	needed.
	* write-packet.c (write_secret_key): Set correct packet size ;-).
	* pubkey.c (_cdk_seckey_get_csum): New.
	* sig-check.c (_cdk_hash_userid): Not static any longer.
	* sign.c (_cdk_sig_complete): New.
	
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (cdk_keygen_set_prefs): New.
	(cdk_keygen_set_algo_info): New.
	(cdk_keygen_set_mdc_feature): New.
	(cdk_keygen_set_expire_date): New.
	(cdk_keygen_start): New.
	(cdk_keygen_save): New.
	(cdk_keygen_new): New.
	(cdk_keygen_free): New.
	(cdk_keygen_set_name): New.
	(pk_create): New.
	(sig_create): New.
	(uid_create): New.
	(sk_create): New.
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_from_mem): Use void * not byte *.
	* keydb.c (cdk_keydb_new): Ditto.
	(classify_data): New.
	(keyid_from_str): New.
	(fpr_from_str): New.
	(cdk_keydb_search_auto): Use classify to get the type to search for.
	Now we can figure out if it's a keyid (short?), a fingerprint
	or a sub string.
	(cdk_keydb_export): Use keydb_search_auto.
	(cdk_keydb_get_xxx_byname): Ditto.
	
2002-11-22  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_encrypted): Only assume it's a RFC1991
	packet when no session key packet was located.
	(handle_symkey_enc): Set session key flag.
	(handle_pubkey_enc): Ditto.
	* cipher.c (cdk_set_progress_handler): New.
	* misc.c (ascii_memistr): Renamed to...
	(_cdk_memistr): this.
	* Begin to write some debug code to make it easier to track
	down segv and other problems.
	* armor.c (_cdk_armor_get_lineend): New.
	* sign.c (cdk_file_clearsign): Use the OS dependent line endings.

2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_sighead): PGP2 workaround.
	* Finished RFC1991 encryption and signature support.
	* keydb.c (cdk_keydb_export): Use old headers for v3 keys.
	* write-packet.c (write_public_key): More PGP2 fixes.
	* encrypt.c (select_cipher_algo): New. If IDEA was not found,
	use CAST5. The result is not readable by PGP2 but we can use
	v3 keys without any problems.
	
2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (buffer_to_u32): Renamed to..
	(_cdk_buftou32): New.
	(u32_to_buffer): Renamed to..
	(_cdk_u32tobuf): New.
	* encrypt.c (rfc1991_get_sesskey): New.
	Write marker packets only when no PGP2 mode is enable.
	* main.c (_cdk_is_idea_available): Check if IDEA is available.
	Normally this is not the case because Libgcrypt is not delivered
	with any patended algorithms.
	(cdk_handle_set_compat): Support for PGP2.
	* write-packet.c: Support for old CTB.
	(write_head_new): Wrapper.
	* keylist.c (cdk_sklist_build): Set list type.

2002-11-19  Timo Schulz  <twoaday@freakmail.de>

	* main.c (cdk_handle_set_compress): '0' disables compression.
	(cdk_handle_set_cipher): Check if algorithm is available.
	(cdk_handle_set_digest): Ditto.
	* encrypt.c (free_mainproc): Free the handle itself.
	* stream.c (_cdk_stream_get_errno): New. Set internal
	error variable when it's not possible with the return value.
	
2002-11-18  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c: Enum type to make the code easier to read.
	* keylist.c: Try to free all memory in the case of an error.
	* cipher.c (cipher_decode2): Free the handles inside the context.
	(cipher_encode2): Ditto.
	(finalize_mdc): New.
	
2002-11-15  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_mpi_array): New.
	* read-packet.c: Check minimal packet size for packets
	where it makes sense.
	* encrypted.c (handle_pubkey_enc): Make bits of key
	congruent modulo 8.
	* armor (update_crc): Make sure it's just 24 bit.
	* Cleanups for the release.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* main.h (wipemem): From GPG.
	* Try to wipe out all buffers with sentensive data.
	* misc.c (cdk_utf8_encode): New.
	(cdk_utf8_decode): New.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (read_secret_key): Do not pre-alloc MPI
	structs for encrypted v4 keys. This costs too much secmem.
	Do it here...
	* pubkey.c (cdk_seckey_unprotect): ...instead. And with
	the correct size of the MPI.
	(cdk_pk_decrypt): Check that the seckey is really unprotected.
	(cdk_pk_sign): Likewise.
	* main.c (cdk_handle_set_callback): New.
	* encrypt.c (write_status): New.
	* keylist.c (cdk_pklist_encrypt): I forgot a calloc.
	* sign.c (cdk_file_sign): Avoid problems with streams.
	(cdk_file_sign_cleartext): Ditto.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (_cdk_hash_pubkey): Now we use two different
	modes for v3 keys. One for the fingerprint and one for the
	signature calculation.
	* encrypt.c (handle_encrypted): Error if there is no valid DEK.
	* main.c (cdk_salloc): Increase the size of the secmem due to
	the possibility there are more secret keys.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (stream_fp_replace): New.
	(stream_filter_walk_write): Use it here.
	(stream_filter_walk_read): Likewise.
	* keyserver.c (init_sockets): For non-POSIX systems.
	* read-packet.c (read_public_key): Corrected v3 key reading.
	* encrypt (cdk_stream_encrypt): Adjust the key length if needed.
	* pubkey.c (checksum_mpi): Forgot to check the last 2 octets.
	* keylist.c (cdk_sklist_build): Unprotect secret keys.
	* new-packet.c (_cdk_copy_seckey): Copy all elements.
	* main.h: Remove unused prototypes.
	* kbnode.c (_cdk_kbnode_clone): Modified for internal use.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_check_key): New.
	(keydb_find_byusage): Do not use revoked or expired keys.
	(keydb_set_expire): Corrected.
	* armor.c (armor_encode): Corrected CRC calculation.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_append): New.
	* keydb.c (cdk_keydb_import): Use append to make it easier.
	No key update is possible yet. Add a integer array as the result.
        * main.c (cdk_handle_set_compat): Set some other compatibility
	options.
	* read-packet.c (read_encrypted): Corrected reading for partial
	packet length.
	* compress.c (compress_decode): Set the inbuf pointer each
	call and not only once. This fixes a problem with larger files.
	(decompress_data): Some fixes.
	* seskey.c (passphrase_prompt): New.
	(cdk_passphrase_to_dek): Use it here.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_tmp_set_mode): For the filters the object
	needs to know if the request read or write filters. With this
	function we can set it.
	* keyserver.c (keyserver_handle_hkp): Use it here.
	* verify (cdk_file_verify_cleartext): Ditto.
	* sign (cdk_file_clearsign): Ditto.
	* main.c (cdk_handle_set_compat): New.
	* keylist.c (cdk_sklist_write): Support for signature version.
	* sign.c (cdk_file_sign): Ditto.
	(cdk_file_sign_cleartext): Ditto.
	* encrypt.c (write_marker_packet): New.
	(sym_stream_encrypt): Write a marker packet when in compat mode.
	(cdk_file_encrypt): Ditto.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_read_from_mem): New.
	(cdk_kbnode_write_to_mem): New.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (free_symkey_enc): Free the S2K struct.
	(_cdk_free_seckey): Ditto.
	* read-packet.c (read_s2k): Alloc S2K struct.
	* write-packet.c (write_symkey_enc): Ditto.
	(write_secret_key): Ditto.
	* S2K struct is now opaque.
	* seskey.c (cdk_s2k_new): New.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_file_encrypt): Use armor if requested.
	* sign.c (cdk_file_sign): Ditto for the encrypt & sign mode.
	(clearsign_filter): Removed. Now the STREAMS support encoding
	for read and write (temp) modes.
	* Check for header files when the target platform is not Posix.
	* stream.c (cdk_stream_flush): Premature filter flushing.	
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_file_sign_encrypt): Removed.
	(write_pubkey_enc_list): New.
	(cdk_file_sign): Merge encryption here.
	Check for invalid combinations.
	* opencdk.h (cdk_file_sign_encrypt): Bye bye.
	Now the file signing interface is complete but incompatible 
	to other versions :-(.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (_cdk_timestamp): Renamed from make_timestamp.
	* opencdk.h (cdk_file_sign): New.
	(cdk_file_encrypt_sign): New.
	* keydb.c (cdk_keydb_get_sk_byname): Find a secret keyring,
	not a public keyring.
	* sign.c (cdk_file_sign): Fixed the index for the opaque value.
	* write-packet (write_onepass_sig): Fixed base size 15 -> 13.	
	
2002-11-09  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_decrypt): Remove unused var.	
	
2002-11-08  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_encrypt): Use the new code.
	(sym_stream_encrypt): New.       
	
2002-11-05  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_import): New.
	
2002-11-04  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_find_packet): Return the node that was
	found, not the root node.
	* keyserver.c (keyserver_handle_hkp): Add '\r\n' to the request.
	
2002-11-03  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_public_key): Flag if we have a subkey.
	* read-packet.c (read_signature): Set the exportable flag
	independent of the signature version. And correct return code
	checking.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c (text_encode): New.
	(text_decode): New.
	* stream.c (cdk_stream_set_text_flag): New.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* seskey.c (cdk_passphrase_to_dek): Moved from seckey.c.
	* pubkey.c (cdk_seckey_unprotect): Moved from seckey.c
	(checksum_mpi): Ditto.
	* seckey.c: Deleted.
	* encrypt.c (handle_symkey_enc): For the case we've multiple of 
	these packages, ignore the next when we already have a valid DEK.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_subpkt_get_buf): New.
	* keydb.c (cdk_keydb_search_new): New.
	(cdk_keydb_search_free): New.
	* opencdk.h: CDK_DBSEARCH is now opaque.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_head2): New.
	(write_compressed): Use old header.
	* This fixed the EOF problem for the filter.
	
2002-10-31  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_cleartext): Fixed md calculation.
	Add an output parameter to store the plaintext.
	* opencdk.h: Use the cdk_file_xxx prefix for all file functions.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (hash_mpi_array): New.
	* plaintext.c (plaintext_decode): Sanity check to avoid segv.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_clearsign_file): New.
	(trim_string): New.
	* keylist.c (cdk_sklist_build): Replaced all calloc calls
	with cdk_calloc. Arrg.
	* stream.c (_cdk_stream_gets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_file): New.
	(cdk_verify_cleartext): New.
	(cdk_sig_get_ulong_attr): Support for all algorithms.
	* encrypt.c (proc_encryption_packets): New.
	(proc_signature_packets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c: Add a context for each file operation.
	* main.c (cdk_handle_new): New.
	(cdk_handle_free): New.
	(cdk_handle_set_compress): New.
	(cdk_handle_set_digest): New.
	(cdk_handle_set_cipher): New.
	* verify.c (cdk_sig_get_ulong_attr): New.
	(cdk_sig_get_data_attr): New.
	(_cdk_result_verify_new): New.
	(_cdk_result_verify_free): New.	
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (do_proc_packets): Modified so it will not
	depend on a fixed state. Now it's possible for decryption,
	verifying with one pass signatures with or without compression.
	(set_reset): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (_cdk_subpkt_hash): Now it's internal.
	* sig-check.c (_cdk_signature_check): Prefix with _cdk_.
	* encrypt.c (handle_onepass_sig, handle_signature): New.
	(do_proc_packets): Divide function in stages to handle
	nested packets.
	* stream.c (stream_filter_walk_write): Only unlink files
	when the temp flag is not set.
	
2002-10-28  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_seek): Remove EOF flag when possible.
	* keydb.c (cdk_keydb_new): New.
	* armor.c (cdk_armor_filter_use): Rewind the file after
	reading the first byte.
	
	
	