2004-05-27  Timo Schulz  <twaoaday@freakmail.de>

	* sig-check.c (pk_check_sig): New argument to
	figure out if it is a self sig.

	(cdk_pk_check_sigs): New flag to find out if the
	has valid signers.

	* keydb.c: Changed all callers.

	* pubkey.c (cdk_pk_get_npkey): Set algo 16 to 20
	because libgcrypt returns '0' for algorithm 16.
	
	
2003-06-21  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_prefs_get_array): Renamed to..
	(cdk_userid_get_pref_array): this.
	* read-packet.c (check_s2k_mode): New macro.
	* opencdk.h: Add enums for the S2K modes.
	* keylist.c (cdk_sklist_write): Don't copy the md but use
	the returned pointer.
	(cdk_sklist_build): Place the returned list at the begin
	of the paramaters.
	* write-packet.c (write_secret_key): Support for the very
	old v2 keys which are similar to v3 keys in all respects.
	Do not try to calculate the mpi size when it is a encrypted
	v4 key. Likewise with the 20 extra bytes for the SHA-1 checksum.
	(write_public_key): Likewise.
	
2003-06-20  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (cdk_file_armor, cdk_file_dearmor): Check all
	return codes.
	* main.h: Changed all CDK_PACKET types to cdk_packet_t.
	* opencdk.h: Changed typedef of PKT_secret_key, PKT_public_key,
	PKT_user_id, PKT_signature and all other packets...
	* Renamed all PLAINTEXT typedefs to LITERAL to be closer
	to the OpenPGP draft. Same for function names.
	
2003-06-19  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c: Changed API to the internal crypto lib.
	* cipher.c (cdk_cipher_test_algo): It is used all over
	the place and not _cdk_cipher_test_algo any longer.
	* sym-cipher.c, cipher.h: New.
	
2003-06-17  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_build): Simplified a little.
	(cdk_keydb_open): Rewind the stream for all search modes
	except _NEXT.
	(classify_data): Be more liberal with the 0x prefix.

2003-06-15  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_search_new): Renamed to...
	(cdk_keydb_search_start): ..this. Now the search context
	is internal.
	(cdk_keydb_search_free): is not public any longer.
	(cdk_keydb_search_auto): Merged into..
	(cdk_keydb_search): ..this. Two new search modes implemented.
	
2003-06-15  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (is_compressed): Use a separate argument to
	return the compression algo.
	(check_armor): Likewise.
	(cdk_armor_filter_use): Set internal stream flag if the
	stream is compressed.
	(cdk_file_dearmor): Simplified the code.
	* opencdk.h (cdk_stream_fpopen): Is not public any longer.
	* new-packet.c (cdk_revoke_key_walk): renamed to..
	(cdk_key_desig_revoker_walk): this. Renamed the context.
	
2003-06-04  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (cdk_pkt_parse): Renamed to...
	(cdk_pkt_read): this.
	* write-packet.c (cdk_pkt_build): Renamed to...
	(cdk_pkt_write): this.	
	* new-packet.c (cdk_subpkt_set_buf): Renamed to...
	(cdk_subpkt_init): this.
	(cdk_subpkt_get_buf): Renamed to...
	(cdk_subpkt_get_data): this.
	
2003-05-30  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_new): slightly simplified.
	
2003-05-10  Timo Schulz  <twoaday@freakmail.de>

	* md.c, md.h: New.
	
2003-04-19  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (_cdk_subpkt_get_array): Correct size calculation
	for the 4-byte length.
	* sig-check.c (_cdk_pk_check_sig): Free hash context in the
	case of an error.
	
2003-04-05  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_peek): New.
	* verify.c (stream_peek): Now it is public.
	* sig-check.c (hash_mpi_array): Get the version directly from the key.
	
2003-04-04  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_symkey_enc): Check version of the packet.
	(write_pubkey_enc): Likewise.
	(write_head_old): Check return values.
	(calc_s2k_size): Corrected S2K for mode 1.
	* keylist.c (cdk_pklist_encrypt): Initialize packet version
	with 3.
	
2003-04-02  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (cdk_keygen_set_expire_date): Make sure the time
	is not in the past.
	
2003-03-27  Timo Schulz  <twoaday@freakmail.de>

	* keylist.c (cdk_pklist_build): Got rid of 'goto'.
	(cdk_sklist_build): Likewise.
	* sign.c (siglist_write_old): Removed.
	
2003-03-21  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_revoke_key_walk): New.
	(_free_signature): Release the revocation keys.
	* read-packet.c (read_signature): Parse revocation key
	subpackets.
	* keydb.c (cdk_keydb_get_keyblock): Initialize the rev key
	struct from the signature (0x1f) if present.
	
2003-03-15  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (read_header): Check return values for decryption.
	(write_header): Likewise.
	* keydb.c (cdk_keydb_pk_cache_sigs): New. Walk over all signatures
	and check them. The result is stored in the sig cache.
	(keydb_parse_allsigs): Add a key database handle so we can
	really check the signatures (if requested).
	* seskey.c (cdk_s2k_new): Make sure we only allow valid modes.
	* stream.c (stream_filter_read): Automatically reset the filter
	after use. See the comment in the code.
	* encrypt.c (set_reset): Removed, we don't need it any longer.
	* armor.c (cdk_file_armor): If the rc is zero, check if the
	stream errno is set and replace rc with it.
	(cdk_file_dearmor): Likewise.
	
2003-03-13  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Make sig sub packet constants public.
	* kbnode.c (cdk_kbnode_hash): High-level API to perform hash
	operations on key nodes.
	
2003-03-07  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_get_attr): Handle the case if the
	packet was not found.
	* keydb.c (cdk_listkey_next): Implement the other pattern mode.
	* seskey.c (_cdk_digest_encode_pkcs1): Use the gcry macro
	to get the ASN OID.
	* new-packet.c (cdk_subpkt_new): Make sure the size is >0.
	
2003-03-06  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_listkey_start): New.
	(cdk_listkey_close): New.
	(cdk_listkey_next): New.
	* kbnode.c (cdk_kbnode_get_attr): New.
	* opencdk.h: Context for listing keys.
	Add fingerprint to the public key context.
	
2003-02-08  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (write_pubkey_enc_list): Stricter check for the args.
	(_cdk_sig_complete): Ditto.
	(cdk_stream_sign): Ditto.
	* stream.h: Removed unused entries from the STREAM context.
	
2003-02-07  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h (cdk_pk_from_secret_key): New.
	(cdk_pk_gen_revoke): New.
	* stream.c (cdk_stream_mmap): New.
	
2003-02-05  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (finalize_mdc): Be paranoid and check the 
	hash algorithm and its length.
	* read-packet.c (read_plaintext): Allow partial bodies.
	Don't use the packet size for allocation but only the name
	length. This bug fix prevents denial of services because it's
	possible to allocate large memory blocks when the packet is
	very long.
	* verify.c: Changed all GCRY_ constants to CDK_ constants
	whenever possible.
	* cipher.c: Likewise.
	* stream.c (cdk_stream_set_literal_flag): Support for partial
	bodies.
	* plaintext.c (plaintext_decode): Implement the partial bodies
	here.
	
2003-01-30  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_idx_rebuild): Now it's public.
	(cdk_keydb_search_new): Check arguments.
	More comment header for the API docs.
	* stream.c: Use assert() to check the context in each
	static function.
	* sig-check.c (check_key_signature): Renamed to...
	(pk_check_one_sig): this.
	* pubkey.c (_cdk_fingerprint_get): Renamed to...
	(_cdk_pkt_get_fingerprint): this.
	
2003-01-28  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Use uniform parameter name to avoid confusion.
	
2003-01-23  Timo Schulz  <twoaday@freakmail.de>

	* sklist.c (cdk_sklist_write): If the retrieved digest algo
	is different than the used, set the algo to the one from the
	message digest context.
	(cdk_sklist_write_onepass): Add parameter for the
	digest algo. This is needed when we want to force a special
	digest algorithm.
	(cdk_sklist_build): Now we also need the session handle.
	* seskey.c (_cdk_sk_unprotect_auto): Add session handle as
	parameter.
	(cdk_dek_extract): Likewise.
	* encrypt.c (sym_stream_encrypt): Likewise.
	(handle_symkey_enc): Likewise.
	(rfc1991_get_sesskey): Likewise.
	* read-packet.c (read_symkey_enc): Fix if the S2K mode is zero.
	* main.c (cdk_handle_control): If a command uses more than one
	argument, put the values into static vars to avoid a reserved
	order.
	(cdk_handle_set_passphrase_cb): New.
	
	
2003-01-22  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Support for SHA256.
	* verify.c: Likewise.
	
2003-01-21  Timo Schulz  <twoaday@freakmail.de>

	* main.c (cdk_sec_free): New. Overwrite the memory block before
	it will be freed.
	(_cdk_passphrase_free): Use it here.
	* keygen.c (cdk_keygen_free): Likewise.
	(cdk_keygen_set_passphrase): Likewise.
	* encrypt.c (handle_symkey_enc): Likewise.
	(rfc1991_get_sesskey): Likewise.
	(cdk_data_transform): Support to import keys.
	* opencdk.h: New type for data transform.
	* keydb.c (_cdk_keydb_get_importres_as_xml): New.
	
2003-01-16  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_parse_allsigs): Mark all subkeys as invalid
	when the primary key has been revoked or it expired.
	(keydb_check_key): Special handling for secret keys.
	* opencdk.h (cdk_handle_set_armor): New. Shortcut.
	(cdk_handle_set_compress): Likewise.
	* verify.c (cdk_stream_verify): Filter reset.
	(cdk_file_verify): Likewise.
	* read-packet.c (read_encrypted): Do not push filters here.
	Under W32 the old code does not work.
	* sign.c (cdk_file_sign): Use right armor type when we create
	a detached sig.
	
2003-01-15  Timo Schulz  <twoaday@freakmail.de>
	
	* verify.c (cdk_sig_get_info_as_xml): New.
	* encrypt.c (cdk_data_transform): Now it supports all kind
	of operations.
	
2003-01-15  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_data_transform): New.
	(_cdk_proc_packets): Dual mode. One supports the output via a
	filename and the other via a stream handle.
	(handle_plaintext): Support this.
	(cdk_stream_decrypt): New.
	(cdk_data_transform): Support for decryption.
	* armor.c (armor_decode): Remove debug output.
	* keydb.c (cdk_keydb_export): Skip bogus public key algorithms
	in signatures and not only ELG-E (16).
	* sign.c (cdk_stream_sign): New. For the new data transform
	interface.
	(stream_clearsign): New.
	(write_plaintext): If the stream is a temp stream, use _CONSOLE
	for the name of the packet.
	(cdk_file_sign): Use it here.
	
2003-01-13  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (read_public_key): Make sure we know the algorithm
	to avoid problems later.
	(read_pubkey_enc): Likewise.
	(read_signature): Likewise.
	(read_secret_key): Likewise.
	
2003-01-09  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (_cdk_vasprintf_free): If the external vasprintf is
	used, we need free otherwise cdk_free. Due to this problem we
	use a special function which knows how to free the buffer.
	
2003-01-07  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (_cdk_keydb_get_pk_byname,
	(_cdk_keydb_get_sk_byname): Renamed to...
	(_cdk_keydb_get_pk_byusage,
	_cdk_keydb_get_sk_byusage): this.
	(keydb_find_byusage): Check the pubkey usage in the case we
	check a public key because req_usage was never set.
	Make sure the key is valid and not revoked or expired.
	* opencdk.h: Remove req_usage from the secret key context because
	we don't need it any longer.
	
2003-01-07  Timo Schulz  <twoaday@freakmail.de>

	* main.c (_cdk_passphrase_get): getpass uses a static buffer
	and it's not a good idea to free it ;-). Duplicate the buffer instead.
	(_cdk_passphrase_free): Always use cdk_free.
	* encrypt.c (get_seckey): New. Implement a cache.
	(handle_pubkey_enc): Support to cache the seckey for the session.
	* pubkey.c (cdk_sk_get_keyid): Set the keyid array in the seckey
	and not only the pubkey.
	
2003-01-03  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (is_selfsig): New.
	(keydb_merge_selfsig): Only parse signatures when the keyid
	is equal to the primary keyid. This fixes the bug where some
	keys had no preferences :-).
	(cdk_keydb_get_keyblock): If it is the last keyblock in the file, 
	rc was -1 and this prevented the signatures were passed. Fixed.
	* armor.c (armor_encode): Do not return file error when the
	end of file is reached.
	* encrypt.c (check_pubkey_enc_list): Set the reset flag for the
	filter. We add later other filters but the armor filter should
	not be used again.
	
2003-01-02  Timo Schulz  <twoaday@freakmail.de>

	* keyserver.c (keyserver_hkp): Get rid of snprintf and
	don't use 'buf' for recv().
	* seskey.c (passphrase_prompt): Likewise.
	* misc.c [W32] (vasprintf): New.
	* main.c (cdk_handle_control): New. This is a replacement
	for all the cdk_handle_set_xxx and cdk_handle_get_xxx functions
	which only use simple integers. With the CDK_CTL_XXX id's you
	can set or get the options.
	* opencdk.h: Include stdarg.h due to cdk_handle_control.
	Remove libgcrypt headerfile because no outer interface need
	it any longer.
	Add enumerations for cipher and digest algorithms.
	* stream.c: Make the code more robust due to argument checks.
	* keydb.c (cdk_keydb_import): Do not write signatures with the
	pubkey algo 16 (ELG-E).
	* sig-check.c (_cdk_signature_check): Renamed to..
	(_cdk_sig_check): this.
	
2003-01-01  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (mpi_encode): New. Encode a series of MPI's into
	a buffer. The PGP format is used.
	* verify.c (cdk_sig_get_data_attr): Support for CDK_ATTR_MPI.
	* main.c (cdk_salloc): Add clear flag.
	(cdk_scalloc): Removed.
	* sig-check.c (cdk_key_check_sigs): Renamed to..
	(cdk_pk_check_sigs): this.
	
2002-12-28  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (cipher_encrypt): Removed. It's only a performance brake.
	(gcry_cipher_new): Internal object which combines open, setkey
	and setiv.
	* encrypt.c (write_status): Now it depends on HAVE_VASPRINTF.
	* sig-check.c (_cdk_hash_pubkey): Correct bug when a v3 key
	has an expire date.
	
2002-12-27  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_file_verify): Return when the signature is
	in cleartext and do not proc the file again.
	* encrypt.c (_cdk_proc_signature_packets): Use a STREAM handle
	because it's possible the signature is in normal mode and we
	need to parse the plaintext packet then.
	Combine _cdk_proc_signature_packets and _cdk_proc_encryption
	into _cdk_proc_packets because they almost do the same.
	
2002-12-27  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (_cdk_proc_signature_packets): Removed out arg.
	(cdk_file_decrypt): Do not create the out stream at the begin.
	The main procedure will do it for us.
	(do_proc_packets): Return a new stream handle which is the output.
	* sign.c: Changed all callers for _cdk_proc_signature_packets.
	* opencdk.h: C++ support.
	* main.c (cdk_handle_get_keydb): New.
	* misc.c (_cdk_check_file): Corrected return values.
	* compress.c (decompress_data): Return EOF when fread returns
	no more bytes.
	
2002-12-26  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_file_clearsign): renamed to...
	(file_clearsign): make it static.
	Don't only check for MD2 but in general if the digest algo
	is available.
	* keydb.c (cdk_keydb_free): Close memory leak. Relase the cache.
	* cipher.c: Shorter handle names.
	* stream.c (cdk_stream_close): Only apply the filters if there
	was no previous error.
	
2002-12-24  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_signature): Check digest algo and
	set signature flags (if possible).
	(set_verify_result): Ditto.
	(handle_onepass_sig): Ditto.
	* verify.c (cdk_file_verify): Support for armored data.
	(cdk_sig_get_ulong_attr): Support for signature flags.
	* keydb.c (cdk_keydb_check_sk): Always use long keyid.
	* keygen.c (pk_create): Correct expire date handling.
	(check_pref_array): Return error for unknown pref types.
	(sig_subkey_create): Add expire dates for subkeys.
	
2002-12-21  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c: (cdk_kbnode_clear_flags): Removed.
	* packet.h: Removed 'flag' from KBNODE because it's unused.
	* verify.c: (cdk_sig_get_ulong_attr): New attrs.
	* encrypt.c (handle_signature): Set them here.
	(set_verify_result): New.
	
2002-12-18  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c (cipher_open): Add key and iv argument.
	* stream.c: Replaced all fxxx functions with stream functions.
	(stream_flush): New. Wrapper around fflush.
	(cdk_stream_create): New.
	(stream_filter_walk_read, stream_filter_walk_write): Renamed to..
	(stream_filter_read, stream_filter_write): this.
	* sesskey.c (cdk_dek_new): Remove the argument.
	(cdk_dek_set_cipher): New.
	(cdk_dek_set_mdc_flag): New.
	(cdk_dek_set_key): New.
	* encrypt.c (do_proc_packets): Care for marker packets.
	* new-packet.c (cdk_pkt_init): New.
	* keydb.c (cdk_keydb_check_sk): New. 
	* encrypt.c (check_pubkey_enc_list): New. Make sure we have
	at least one secret key before we start to parse any data.
	
2002-12-14  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c (cdk_sk_protect): New. From sk_protect.
	(cdk_seckey_unprotect): Renamed to..
	(cdk_sk_unprotect): New.
	* keyserver.c: Removed all support for LDAP.	
	* sign.c (sig_write_old): Support for v3 signatures.
	* encrypt.c (do_proc_packets): If no plaintext stream
	was set, do it now.
	* kbnode.c: Removed unused code.
	* keygen.c (check_pref_array): Make sure that only OpenPGP
	algos are included.
	
2002-12-13  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (calc_s2k_size): Include cipher byte.
	(write_secret_key): Write cipher byte and correct packet size.
	Support to encode keys with the SHA1-checksum.
	* keygen.c (sk_protect): Implemented and renamed from...
	(protect_sk).
	(cdk_keygen_save): Protect both keys if requested.
	(check_bits): New.
	* snprintf.c: Removed.
	
2002-12-09  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_pubkey_enc): Use cdk_keydb_get_sk
	instead of _cdk_keydb_get_skblock.
	* keydb.c (_cdk_keydb_get_skblock): Removed. Not used any longer.
	(_cdk_keydb_get_pkblock): Ditto.
	(_cdk_keydb_find_bykeyid): Renamed to...
	(keydb_find_bykeyid): static.
	* seskey.c (cdk_hash_passphrase): Renamed to...
	(hash_passphrase): static and const for the passphrase.	
	(cdk_dek_free): New.
	(cdk_s2k_free): New.
	* cipher.c (write_mdc_packet): New.
	(cipher_encode2): Renamed to...
	(cipher_encode_file): this.
	(cipher_decode2): Renamed to...
	(cipher_decode_file): this.
	(cipher_encrypt): New.
	(write_header): Force new CTB when block mode is enabled.
	(write_partial_block): New.
	* write-packet.c (pkt_encode_len): If the packet len is 0,
	we assume partial bodies are used.
	
2002-12-08  Timo Schulz  <twoaday@freakmail.de>

	* keyserer.c (cdk_keyserver_recv_key): const for the keyid.
	* keydb.c (keydb_parse_allsigs): Detect signatures which revoke
	earlier signatures but no userID's.

2002-12-07  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_build): Use _cdk_buftou32.
	(keydb_idx_rebuild): New.
	* cipher.c (cipher_decode2): Implemented block mode.
	(read_header): If block mode is used, decrement packet length
	due to the prefix data.
	* read-packet.c (read_pkt_len): Renamed to...
	(_cdk_pkt_read_len).
	(read_encrypted): Do not read the body but store a STREAM reference.
	Set the block mode when partial bodies are used.
	
2002-12-06  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Defined old key db types for compat reasons.
	Removed old key db prototypes.
	* keyid.c: Deleted.
	* pubkey.c: Merged with keyid.c contents.
	* read-packet.c (read_16, read_u32): Declare as static.
	(skip_packet): Speed up code.
	* verify.c (cdk_file_verify): Ability to handle cleartext
	signatures.
	(cdk_file_verify_clearsign): Removed.
	* main.c (cdk_set_keydb): Remove the secret parameter. There
	is an internal check to find this out.
	
2002-12-05  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Simplified context.
	(cdk_keygen_set_expire_date): New parameter for the key type.
	* keydb.c (cdk_keydb_import): Fix a problem with secret keys.
	* keylist.c: Add some argument checks and sanity checks all
	over the place.
	* encrypt.c (handle_signature): Use public db handle.
	
2002-12-03  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c: Begin to make the code reentrant. This breaks a lot of
	interface but we need this step sooner or later.
	(cdk_keydb_export): Add handle to the parameters.
	(_cdk_keydb_get_pk_byname): Now it is internal and with a handle.
	(_cdk_keydb_get_sk_byname): Ditto.
	For the outer interface there is cdk_keydb_get_{sk,pk}.
	(_cdk_keydb_get_xxblock): Use a db handle.
	(cdk_keydb_get_ctx): Removed.
	(cdk_keydb_get_name): Removed.
	(cdk_keydb_is_secret): Removed.
	(cdk_keydb_find_idx): Removed.
	(cdk_keydb_remove_resource): Removed.
	(cdk_keydb_add_resource): Removed.
	(cdk_keydb_new): Do not use strdup (!) or modify the parameter.
	* keyserver.c (cdk_keyserver_recv_key): Fix URL parsing.
	Kudos to Nikos who found this out.
	* keylist.c (keylist_get_pk): Removed.

2002-12-02  Timo Schulz  <twoaday@freakmail.de>

	* keyserver.c (cdk_keyserver_recv_key): Use byte * instead of
	u32 * and add a parameter for the keyid type. Suggested by Nikos
	to avoid problems with 64-bit systems.
	* kbnode.c (cdk_kbnode_write_to_mem): If buffer is NULL, just
	return the size of the kbnode.
	* keydb.c (cdk_keydb_open): Disable the index in some cases.
	(keydb_pos_from_cache): New. Add code to use the fingerprint.
	* main.c (cdk_strdup): Return char * not void *.
	
2002-12-01  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_mkname): New.
	(keydb_idx_build): New.
	(keydb_idx_parse): New.
	(keydb_idx_search): New.
        (cdk_keydb_search): When we search for the long keyid, use
	the index table to speed up operations when it was not found in	
	the cache. This solves the performance problem when we search for
	signature keys which are not in the keyring. Do not use the cache
	for secret keys.
	* snprintf.c: New. For systems which do not have it.
	* armor.c (armor_encode): Make the code 200% faster.
	
2002-11-30  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (read_header): Close handles in the case of an error.
	* write-packet.c: Changed all packet size fields to size_t to
	make sure it can carry a 32-bit length.
	* opencdk.h: Ditto.
	* keydb.c: Removed old offset code. Now we use a cache table
	which stores the keyid and the offset of the key inside the
	keyring. If a new search begins, first the cache is used. 
	When the item was found, the offset will be set. The key offset
	will be cache at the end inside the struct (when not already
	stored).
	(keydb_search_copy): New.
	(keydb_cache_free): New.
	(keydb_cache_find): New.
	(keydb_cache_add): New.
	(cdk_keydb_search_reset): Clear the cache so the key search
	will not use it.
	(cdk_keydb_close): New.
	* sig-check.c (check_key_signature): Do not reset the handle.
	
2002-11-28  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (is_armored): Use an integer.
	(cdk_armor_filter_use): Modified for the new code.
	* encrypt.c (cdk_file_decrypt): Push armor filter.
	* stream.c (cdk_stream_flush): Only flush if the file
	contains data.
	(mk_tmpnam): Create the temp file in /tmp.
	
2002-11-25  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (sig_calc_subpkt_size): New.
	(_cdk_sig_complete): Use it here.
	* keygen.c (sig_self_create): MDC support.
	(generate_subkey): New.
	(gcry_mpi_to_native): Support for subkeys.
	(sig_subkey_create): New.
	(keydb_merge_selfsig): Parse KEY_EXPIRE and KEY_FLAGS sub packets.
	* read-packet.c (read_public_key): Now we use 32-bit for
	the timestamp and the expire date.
	* write-packet.c (write_public_key): Ditto.
	* keydb.c (keydb_parse_allsigs): Ditto.
	
2002-11-24  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Add structures to the context.
	(cdk_keygen_save): Don't free any packets when they are still
	needed.
	* write-packet.c (write_secret_key): Set correct packet size ;-).
	* pubkey.c (_cdk_seckey_get_csum): New.
	* sig-check.c (_cdk_hash_userid): Not static any longer.
	* sign.c (_cdk_sig_complete): New.
	
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (cdk_keygen_set_prefs): New.
	(cdk_keygen_set_algo_info): New.
	(cdk_keygen_set_mdc_feature): New.
	(cdk_keygen_set_expire_date): New.
	(cdk_keygen_start): New.
	(cdk_keygen_save): New.
	(cdk_keygen_new): New.
	(cdk_keygen_free): New.
	(cdk_keygen_set_name): New.
	(pk_create): New.
	(sig_create): New.
	(uid_create): New.
	(sk_create): New.
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_from_mem): Use void * not byte *.
	* keydb.c (cdk_keydb_new): Ditto.
	(classify_data): New.
	(keyid_from_str): New.
	(fpr_from_str): New.
	(cdk_keydb_search_auto): Use classify to get the type to search for.
	Now we can figure out if it's a keyid (short?), a fingerprint
	or a sub string.
	(cdk_keydb_export): Use keydb_search_auto.
	(cdk_keydb_get_xxx_byname): Ditto.
	
2002-11-22  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_encrypted): Only assume it's a RFC1991
	packet when no session key packet was located.
	(handle_symkey_enc): Set session key flag.
	(handle_pubkey_enc): Ditto.
	* cipher.c (cdk_set_progress_handler): New.
	* misc.c (ascii_memistr): Renamed to...
	(_cdk_memistr): this.
	* Begin to write some debug code to make it easier to track
	down segv and other problems.
	* armor.c (_cdk_armor_get_lineend): New.
	* sign.c (cdk_file_clearsign): Use the OS dependent line endings.

2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_sighead): PGP2 workaround.
	* Finished RFC1991 encryption and signature support.
	* keydb.c (cdk_keydb_export): Use old headers for v3 keys.
	* write-packet.c (write_public_key): More PGP2 fixes.
	* encrypt.c (select_cipher_algo): New. If IDEA was not found,
	use CAST5. The result is not readable by PGP2 but we can use
	v3 keys without any problems.
	
2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (buffer_to_u32): Renamed to..
	(_cdk_buftou32): New.
	(u32_to_buffer): Renamed to..
	(_cdk_u32tobuf): New.
	* encrypt.c (rfc1991_get_sesskey): New.
	Write marker packets only when no PGP2 mode is enable.
	* main.c (_cdk_is_idea_available): Check if IDEA is available.
	Normally this is not the case because Libgcrypt is not delivered
	with any patended algorithms.
	(cdk_handle_set_compat): Support for PGP2.
	* write-packet.c: Support for old CTB.
	(write_head_new): Wrapper.
	* keylist.c (cdk_sklist_build): Set list type.

2002-11-19  Timo Schulz  <twoaday@freakmail.de>

	* main.c (cdk_handle_set_compress): '0' disables compression.
	(cdk_handle_set_cipher): Check if algorithm is available.
	(cdk_handle_set_digest): Ditto.
	* encrypt.c (free_mainproc): Free the handle itself.
	* stream.c (_cdk_stream_get_errno): New. Set internal
	error variable when it's not possible with the return value.
	
2002-11-18  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c: Enum type to make the code easier to read.
	* keylist.c: Try to free all memory in the case of an error.
	* cipher.c (cipher_decode2): Free the handles inside the context.
	(cipher_encode2): Ditto.
	(finalize_mdc): New.
	
2002-11-15  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_mpi_array): New.
	* read-packet.c: Check minimal packet size for packets
	where it makes sense.
	* encrypted.c (handle_pubkey_enc): Make bits of key
	congruent modulo 8.
	* armor (update_crc): Make sure it's just 24 bit.
	* Cleanups for the release.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* main.h (wipemem): From GPG.
	* Try to wipe out all buffers with sentensive data.
	* misc.c (cdk_utf8_encode): New.
	(cdk_utf8_decode): New.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (read_secret_key): Do not pre-alloc MPI
	structs for encrypted v4 keys. This costs too much secmem.
	Do it here...
	* pubkey.c (cdk_seckey_unprotect): ...instead. And with
	the correct size of the MPI.
	(cdk_pk_decrypt): Check that the seckey is really unprotected.
	(cdk_pk_sign): Likewise.
	* main.c (cdk_handle_set_callback): New.
	* encrypt.c (write_status): New.
	* keylist.c (cdk_pklist_encrypt): I forgot a calloc.
	* sign.c (cdk_file_sign): Avoid problems with streams.
	(cdk_file_sign_cleartext): Ditto.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (_cdk_hash_pubkey): Now we use two different
	modes for v3 keys. One for the fingerprint and one for the
	signature calculation.
	* encrypt.c (handle_encrypted): Error if there is no valid DEK.
	* main.c (cdk_salloc): Increase the size of the secmem due to
	the possibility there are more secret keys.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (stream_fp_replace): New.
	(stream_filter_walk_write): Use it here.
	(stream_filter_walk_read): Likewise.
	* keyserver.c (init_sockets): For non-POSIX systems.
	* read-packet.c (read_public_key): Corrected v3 key reading.
	* encrypt (cdk_stream_encrypt): Adjust the key length if needed.
	* pubkey.c (checksum_mpi): Forgot to check the last 2 octets.
	* keylist.c (cdk_sklist_build): Unprotect secret keys.
	* new-packet.c (_cdk_copy_seckey): Copy all elements.
	* main.h: Remove unused prototypes.
	* kbnode.c (_cdk_kbnode_clone): Modified for internal use.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_check_key): New.
	(keydb_find_byusage): Do not use revoked or expired keys.
	(keydb_set_expire): Corrected.
	* armor.c (armor_encode): Corrected CRC calculation.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_append): New.
	* keydb.c (cdk_keydb_import): Use append to make it easier.
	No key update is possible yet. Add a integer array as the result.
        * main.c (cdk_handle_set_compat): Set some other compatibility
	options.
	* read-packet.c (read_encrypted): Corrected reading for partial
	packet length.
	* compress.c (compress_decode): Set the inbuf pointer each
	call and not only once. This fixes a problem with larger files.
	(decompress_data): Some fixes.
	* seskey.c (passphrase_prompt): New.
	(cdk_passphrase_to_dek): Use it here.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_tmp_set_mode): For the filters the object
	needs to know if the request read or write filters. With this
	function we can set it.
	* keyserver.c (keyserver_handle_hkp): Use it here.
	* verify (cdk_file_verify_cleartext): Ditto.
	* sign (cdk_file_clearsign): Ditto.
	* main.c (cdk_handle_set_compat): New.
	* keylist.c (cdk_sklist_write): Support for signature version.
	* sign.c (cdk_file_sign): Ditto.
	(cdk_file_sign_cleartext): Ditto.
	* encrypt.c (write_marker_packet): New.
	(sym_stream_encrypt): Write a marker packet when in compat mode.
	(cdk_file_encrypt): Ditto.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_read_from_mem): New.
	(cdk_kbnode_write_to_mem): New.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (free_symkey_enc): Free the S2K struct.
	(_cdk_free_seckey): Ditto.
	* read-packet.c (read_s2k): Alloc S2K struct.
	* write-packet.c (write_symkey_enc): Ditto.
	(write_secret_key): Ditto.
	* S2K struct is now opaque.
	* seskey.c (cdk_s2k_new): New.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_file_encrypt): Use armor if requested.
	* sign.c (cdk_file_sign): Ditto for the encrypt & sign mode.
	(clearsign_filter): Removed. Now the STREAMS support encoding
	for read and write (temp) modes.
	* Check for header files when the target platform is not Posix.
	* stream.c (cdk_stream_flush): Premature filter flushing.	
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_file_sign_encrypt): Removed.
	(write_pubkey_enc_list): New.
	(cdk_file_sign): Merge encryption here.
	Check for invalid combinations.
	* opencdk.h (cdk_file_sign_encrypt): Bye bye.
	Now the file signing interface is complete but incompatible 
	to other versions :-(.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (_cdk_timestamp): Renamed from make_timestamp.
	* opencdk.h (cdk_file_sign): New.
	(cdk_file_encrypt_sign): New.
	* keydb.c (cdk_keydb_get_sk_byname): Find a secret keyring,
	not a public keyring.
	* sign.c (cdk_file_sign): Fixed the index for the opaque value.
	* write-packet (write_onepass_sig): Fixed base size 15 -> 13.	
	
2002-11-09  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_decrypt): Remove unused var.	
	
2002-11-08  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_encrypt): Use the new code.
	(sym_stream_encrypt): New.       
	
2002-11-05  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_import): New.
	
2002-11-04  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_find_packet): Return the node that was
	found, not the root node.
	* keyserver.c (keyserver_handle_hkp): Add '\r\n' to the request.
	
2002-11-03  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_public_key): Flag if we have a subkey.
	* read-packet.c (read_signature): Set the exportable flag
	independent of the signature version. And correct return code
	checking.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c (text_encode): New.
	(text_decode): New.
	* stream.c (cdk_stream_set_text_flag): New.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* seskey.c (cdk_passphrase_to_dek): Moved from seckey.c.
	* pubkey.c (cdk_seckey_unprotect): Moved from seckey.c
	(checksum_mpi): Ditto.
	* seckey.c: Deleted.
	* encrypt.c (handle_symkey_enc): For the case we've multiple of 
	these packages, ignore the next when we already have a valid DEK.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_subpkt_get_buf): New.
	* keydb.c (cdk_keydb_search_new): New.
	(cdk_keydb_search_free): New.
	* opencdk.h: CDK_DBSEARCH is now opaque.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_head2): New.
	(write_compressed): Use old header.
	* This fixed the EOF problem for the filter.
	
2002-10-31  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_cleartext): Fixed md calculation.
	Add an output parameter to store the plaintext.
	* opencdk.h: Use the cdk_file_xxx prefix for all file functions.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (hash_mpi_array): New.
	* plaintext.c (plaintext_decode): Sanity check to avoid segv.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_clearsign_file): New.
	(trim_string): New.
	* keylist.c (cdk_sklist_build): Replaced all calloc calls
	with cdk_calloc. Arrg.
	* stream.c (_cdk_stream_gets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_file): New.
	(cdk_verify_cleartext): New.
	(cdk_sig_get_ulong_attr): Support for all algorithms.
	* encrypt.c (proc_encryption_packets): New.
	(proc_signature_packets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c: Add a context for each file operation.
	* main.c (cdk_handle_new): New.
	(cdk_handle_free): New.
	(cdk_handle_set_compress): New.
	(cdk_handle_set_digest): New.
	(cdk_handle_set_cipher): New.
	* verify.c (cdk_sig_get_ulong_attr): New.
	(cdk_sig_get_data_attr): New.
	(_cdk_result_verify_new): New.
	(_cdk_result_verify_free): New.	
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (do_proc_packets): Modified so it will not
	depend on a fixed state. Now it's possible for decryption,
	verifying with one pass signatures with or without compression.
	(set_reset): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (_cdk_subpkt_hash): Now it's internal.
	* sig-check.c (_cdk_signature_check): Prefix with _cdk_.
	* encrypt.c (handle_onepass_sig, handle_signature): New.
	(do_proc_packets): Divide function in stages to handle
	nested packets.
	* stream.c (stream_filter_walk_write): Only unlink files
	when the temp flag is not set.
	
2002-10-28  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_seek): Remove EOF flag when possible.
	* keydb.c (cdk_keydb_new): New.
	* armor.c (cdk_armor_filter_use): Rewind the file after
	reading the first byte.
	
	
	