2007-11-13  Timo Schulz  <twoaday@gmx.net>
	
	* cipher.c (num2bits): __inline__ breaks SUN cc, thus it is
	changed to inline. Patch my Simon.

2007-11-08  Timo Schulz  <twoaday@gmx.net>

	* stream.c (stream_flush): Ignore the return code of
	fflush because it might be undefined. Reported by 
	Thomas Klausner, patch from Matthias Drochner.

2007-10-16  Timo Schulz  <twoaday@gmx.net>

	* keydb.c (keydb_find_bykeyid): Fix control flow.
	(is_selfsig): Correct identification of self sig.
	(_cdk_keydb_get_pk_byusage): Correct self signature code.
	(_cdk_keydb_get_sk_byusage): Likewise.

2007-10-14  Timo Schulz  <twoaday@gmx.net>

	* sig-check.c (cdk_pk_check_sigs): Slightly change the 
	semantic. Thanks to Nikos for reporting the inconsistence.

2007-06-06  Timo Schulz  <twoaday@gmx.net>

	* opencdk-config.in: Remove unused reference.
	Thanks to Thomas Klausner.
	* misc.c (_cdk_check_args): Correct compare logic.
	* keydb.c (cdk_keydb_import): Be more strict.

2007-06-01  Timo Schulz  <twoaday@gmx.net>

	* seskey.c (cdk_dek_get_cipher, cdk_dek_get_mdc_flag): New.

2007-05-24  Timo Schulz  <twoaday@gmx.net>

	* main.c: (_secmem_init): Change gcrypt init code.

2007-05-23  Timo Schulz  <twoaday@gmx.net>

	* pubkey.c (cdk_pk_to_fingerprint): Replacement for
	cdk_pk_get_fingerprint to avoid possible overflows.
	* opencdk.def: Add function to export table.

2007-05-18  Timo Schulz  <twoaday@gmx.net>

	* libopencdk.vers: Bump version number. Thanks to Andres.

2007-05-15  Timo Schulz  <twoaday@gmx.net>

	* stream.c (cdk_stream_set_literal_flag): Change param type of
	mode to force the use of the new enum type.
	* literal.c (literal_encode): Support for the 'u' mode.

2007-05-14  Timo Schulz  <twoaday@gmx.net>

	* keygen.c (cdk_keygen_free): fix memory leak.
	(read_mpibuf_from_sexp): New param.
	(cdk_keygen_start): Adjust code and fix mem leak.
	* new-packet.c (_cdk_pkt_detach_free): New.
	* keydb.c (cdk_keydb_get_pk): Release the outer packet.
	(cdk_keydb_get_sk): Likewise.
	(_cdk_keydb_get_sk_byusage): Likewise.

2007-05-11  Timo Schulz  <twoaday@gmx.net>

	* stream.c (cdk_stream_peek): Do not use the stream gets
	but directly the read function.
	* seskey.c (cdk_dek_set_key): Close the cipher handle
	for the case that no key could be generated.
	* armor.c (check_armor): Revert last change.
	* proc-packet.c (handle_onepass_sig): Set a flag to
	indicate the md handle needs to be closed.
	(free_mainproc): Take care of the md flag and do not
	close references to md handles.
	* keydb.c (_cdk_keydb_is_secret): New.
	* proc-packet.c (do_proc_packets): Correct code to detect
	invalid packets.

2007-05-08  Timo Schulz  <twoaday@gmx.net>

	* cipher.c (write_header): Correct partial body mode support.
	(write_partial_body): Likewise.

2007-05-05  Timo Schulz  <twoaday@gmx.net>

	* proc-packet.c (handle_literal): Use the file name
	from the literal data packet if possible for the 
	output file name.
	(do_proc_packets): Do not free the context in case of errors.
	* literal.c (literal_decode): Handle the various cases
	to get the output file.
	(dup_trim_filename): New.
	* stream.c (_cdk_stream_get_fname): Handle temp streams.

2007-05-04  Timo Schulz  <twoaday@gmx.net>

	* misc.c (my_tmpfile): New. Klugde for wine and tmpfile().
	* stream.c (cdk_stream_new): Use new tempfile() function.

2007-04-30  Timo Schulz  <twoaday@gmx.net>

	* proc-packet.c (do_proc_packets): Stricter parsing rules.
	* armor.c (cdk_armor_encode_buffer): Additional sanity checks.
	* stream.c (cdk_stream_seek): Also set the EOF flag if needed.

2007-04-27  Timo Schulz  <twoaday@gmx.net>

	* read-packet.c (read_symkey_enc): Fix EOF detection.
	* proc-packet.c (handle_pubkey_enc): Rewrote secret key
	'caching'.

2007-04-22  Timo Schulz  <twoaday@gmx.net>

	* sign.c (_cdk_trim_string): Move to..
	* misc.c: ..this file.
	* main.c (handle_set_compat): Deleted.
	* read-packet.c (read_attribute): Corrected parsing.
	* write-packet.c (write_user_id): Ditto.

2007-04-20  Timo Schulz  <twoaday@gmx.net>

	* new-packet.c (cdk_pk_release): New.
	(cdk_sk_release): New.
	(cdk_subpkt_find_next): New. Can be used for enum.
	* cipher.c (cipher_decode_file): Correct buffer size
	when we reached the EOF and the MDC packet.
	* proc-packet.c (handle_signature): Avoid possible mem leak.

2007-04-19  Timo Schulz  <twoaday@gmx.net>

	* sig-check.c (cdk_pk_check_sigs): Immediately return an
	error for bad self sigs.
	* pubkey.c (mpi_to_buffer): Use pgp mpi format.
	* keydb.c (keydb_merge_selfsig): Corrected code.

2007-04-18  Timo Schulz  <twoaday@gmx.net>

	* keydb.c (cdk_keydb_new_from_mem): Push the armor filter
	if needed.
	(cdk_keydb_search): Return appropriate error code.
	(cdk_keydb_free): Change the code how to figure out whether
	to close the stream.
	* sig-check.c (cdk_pk_check_self_sig): New.

2007-04-16  Timo Schulz  <twoaday@gmx.net>

	* main.c (init_sockets): Provide socket startup for OS
	which need such a step.
	(cdk_lib_startup): Call the init_sockets function to make sure
	we are capable of using inet functions.
	* stream-socket.c (cdk_stream_sockopen): New.
	* stream.c (cdk_stream_write): Fix possible segv.

2003-07-15  Timo Schulz  <twoaday@gmx.net>

	* kbnode.c (cdk_kbnode_write_to_mem_alloc): New.
	(cdk_kbnode_write_to_mem): Return 0 if buffer is NULL
	to calculate the required length.
	proc-packet.c (is_openpgp_ext): Case insentensive search.
	(hash_data_file): Return No_Data error when appropriate.
	* verify.c (cdk_stream_verify): New argument for detached sigs.
	Change all callers.
	(cdk_file_verify): Likewise.
	* stream.c (cdk_stream_is_compressed): New.
	(cdk_stream_control): Remove.

2003-07-14  Timo Schulz  <twoaday@gmx.net>

	* opencdk.def [W32]: New. List with all DLL exports.
	* keydb.c (cdk_keydb_check_sk): Free packet contents after
	each iteration.
	* keydb.c (cdk_keydb_get_keyblock): Correct EOF handling.
	and release packet structure when the next key starts.
	(keydb_find_bykeyid): New param. Change all callers.
	* proc-packet.c: Factored out code from encrypt.c
	* seskey.c (cdk_dek_extract): Release MPI skey.
	* packet.c (cdk_packet_ref): Removed.
	* pubkey.c (cdk_sk_protect): Fixed logic.
	* keygen.c (gcry_mpi_to_native): Rewritten.
	(cdk_keygen_set_algo_info): New argument. Change all callers.

2003-07-13  Timo Schulz  <twoaday@gmx.net>

	* new-packet.c (cdk_key_desig_revoker_walk): Rename 'class'
	item to 'r_class' to avoid CPP problems.
	* keydb.c (keydb_find_byusage): Rewritten. Fixed a segv.

2003-07-12  Timo Schulz  <twoaday@gmx.net>

	* stream.c (cdk_stream_write): The semantic was wrong.
	Return -1 on errors and set the internal errno. Otherwise
	return how much bytes were written.
	(stream_filter_write): Use error flag to avoid infinite
	loops on filters.
	* armor.c (armor_decode): Fix possible seg fault.

2003-07-09  Timo Schulz  <twoaday@gmx.net>

	* keylist.c (cdk_pklist_encrypt): Simplified.
	(cdk_sklist_write_onepass): Likewise.
	(cdk_sklist_write): Likewise.
	* stream.c (cdk_stream_flush): Simplified handling for
	read-only streams.
	* keydb.c (cdk_keydb_open): Disable index for smaller keyrings.

2003-07-06  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (put_hash_line): Don't write '\n' but the pre-defined
	line ending string.
	(file_clearsign): Simplified.
	* compress.c (skip_pktheader): Removed. Whenever a compressed
	packet header appear it's a bug and we need to fix the problem
	at the root.
	* context.h: Use typedef's for integers.
	* keydb.c (keydb_find_byusage): Return the key with the newest
	timestamp.
	
2003-07-02  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (cdk_pkt_write2): New. Allows to write 
	packet structs directly.
	* keygen.c (cdk_keygen_save): Use it here.
	* md.c: Due to the fact that all md algos use the same
	context struct, there is no need to allocate it.
	(cdk_md_open, cdk_md_copy): Do not return the context directly.
	* cipher.c (cdk_cipher_new, cdk_cipher_open): Likewise.
	* Indent all case statements to enhance the readability.
	* keygen.c: Simplified context.
	
2003-07-01  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (check_pref_array): Simplified.
	(read_mpibuf_from_sexp): Likewise. Changed all callers.
	(pk_genkey): New.
	(generate_subkey): Removed. Merged into cdk_keygen_start.
	(cdk_keygen_set_keyserver_flags): With return code now.
	* opencdk.h: Made MD library interface public.
	Made CIPHER library interface public.
	
2003-06-28  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (_cdk_hash_pubkey): Remove md_putc concept
	and use one buffer to avoid all the function calls.
	(_cdk_hash_sig_data): Likewise.
	* cipher.c (write_mdc_packet): use md_write, not md_putc
	to spare one function call.
	* keydb.c (cdk_keydb_idx_rebuild): Set handle to null
	after it was closed.
	* sym-cipher.c (cdk_cipher_get_algo_keylen): TWOFISH
	hash 256-bit not 128-bit.
	
2003-06-26  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h (cdk_pkt_user_id_t): Removed 'created' because
	it was never used. Add self signature packet.
	* new-packet.c (_cdk_copy_signature): Corrected code.
	(_cdk_copy_userid): Copy also the signature.
	* keydb.c (find_selfsig_node): New.
	(_cdk_keydb_get_sk_byusage): Copy selfsig to user-id.
	(_cdk_keydb_get_pk_byusage): Likewise.
	* sign.c (_cdk_sig_create): Add an "preferred keyserver"
	packet if the user-id contains a self signature and the
	sub packet is part of the hashed subpacket area.
	* write-packet.c (write_secret_key): Fixed size calculation.
	Considered as harmful, next release will be scheduled!
	
2003-06-25  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (sig_subkey_create): set sub packet key flags
	if needed.
	(correct_subkey_algo): Correct obsolete algorithms and return
	key flags instead.
	* sign.c (_cdk_sig_complete): Use a pointer to the digest
	instead an hardcoded buffer.
	* armor.c (armor_decode): set crcbuf to byte not char. Wonder
	why it worked before...
	* encrypt.c (store_verify_result): Add notation and policy URL.
	* misc.c (vasprintf): use malloc to avoid problems with systems
	who has vasprintf and thus free should be used.
	* new-packet.c (_cdk_subpkt_hash): Free buffer.
	* stream.c (cdk_stream_set_cache): renamed to..
	(cdk_stream_switch_cache): this. set cache does not indicate
	what the function is for.
	* write-packet (write_public_key): Make sure we never write
	an unknown pubkey algo.
	
2003-06-24  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (_cdk_keydb_get_sk_byusage): Copy the user-id to the 
	secret key struct to allow to use the CDK_SIGSUBPKT_SIGNERS_UID.
	(_cdk_keydb_check_userid): Check if the given user-id really
	belongs to the keyid specified by @keyid. Thanks to David who
	reminded me of this possible security risk.
	(cdk_keydb_import): skip non-exportable signatures.
	* sign.c (_cdk_sig_create): If pk->uid is set, add the described
	signature subpacket above.
	* encrypt.c (store_verify_result): Try to extract the signers
	user-id from the signature subpackets.
	(cdk_stream_encrypt): Enable blockmode if requested.
	(sym_stream_encrypt): Likewise.
	* cipher.c (write_partial_block): Finished the code, but it
	needs testings.
	(write_header): Corrected calculation for the blockmode.
	
2003-06-22  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c, pubkey.c, seskey.c: Changed all gcry random stuff
	to the internal random stuff.
	* cipher.h: Add stuff for the public key ciphers.
	
2003-06-21  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_prefs_get_array): Renamed to..
	(cdk_userid_get_pref_array): this.
	* read-packet.c (check_s2k_mode): New macro.
	* opencdk.h: Add enums for the S2K modes.
	* keylist.c (cdk_sklist_write): Don't copy the md but use
	the returned pointer.
	(cdk_sklist_build): Place the returned list at the begin
	of the paramaters.
	* write-packet.c (write_secret_key): Support for the very
	old v2 keys which are similar to v3 keys in all respects.
	Do not try to calculate the mpi size when it is a encrypted
	v4 key. Likewise with the 20 extra bytes for the SHA-1 checksum.
	(write_public_key): Likewise.
	
2003-06-20  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (cdk_file_armor, cdk_file_dearmor): Check all
	return codes.
	* main.h: Changed all CDK_PACKET types to cdk_packet_t.
	* opencdk.h: Changed typedef of PKT_secret_key, PKT_public_key,
	PKT_user_id, PKT_signature and all other packets...
	* Renamed all PLAINTEXT typedefs to LITERAL to be closer
	to the OpenPGP draft. Same for function names.
	
2003-06-19  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c: Changed API to the internal crypto lib.
	* cipher.c (cdk_cipher_test_algo): It is used all over
	the place and not _cdk_cipher_test_algo any longer.
	* sym-cipher.c, cipher.h: New.
	
2003-06-17  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_build): Simplified a little.
	(cdk_keydb_open): Rewind the stream for all search modes
	except _NEXT.
	(classify_data): Be more liberal with the 0x prefix.

2003-06-15  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_search_new): Renamed to...
	(cdk_keydb_search_start): ..this. Now the search context
	is internal.
	(cdk_keydb_search_free): is not public any longer.
	(cdk_keydb_search_auto): Merged into..
	(cdk_keydb_search): ..this. Two new search modes implemented.
	
2003-06-15  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (is_compressed): Use a separate argument to
	return the compression algo.
	(check_armor): Likewise.
	(cdk_armor_filter_use): Set internal stream flag if the
	stream is compressed.
	(cdk_file_dearmor): Simplified the code.
	* opencdk.h (cdk_stream_fpopen): Is not public any longer.
	* new-packet.c (cdk_revoke_key_walk): renamed to..
	(cdk_key_desig_revoker_walk): this. Renamed the context.
	
2003-06-04  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (cdk_pkt_parse): Renamed to...
	(cdk_pkt_read): this.
	* write-packet.c (cdk_pkt_build): Renamed to...
	(cdk_pkt_write): this.	
	* new-packet.c (cdk_subpkt_set_buf): Renamed to...
	(cdk_subpkt_init): this.
	(cdk_subpkt_get_buf): Renamed to...
	(cdk_subpkt_get_data): this.
	
2003-05-30  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_new): slightly simplified.
	
2003-05-10  Timo Schulz  <twoaday@freakmail.de>

	* md.c, md.h: New.
	
2003-04-19  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (_cdk_subpkt_get_array): Correct size calculation
	for the 4-byte length.
	* sig-check.c (_cdk_pk_check_sig): Free hash context in the
	case of an error.
	
2003-04-05  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_peek): New.
	* verify.c (stream_peek): Now it is public.
	* sig-check.c (hash_mpi_array): Get the version directly from the key.
	
2003-04-04  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_symkey_enc): Check version of the packet.
	(write_pubkey_enc): Likewise.
	(write_head_old): Check return values.
	(calc_s2k_size): Corrected S2K for mode 1.
	* keylist.c (cdk_pklist_encrypt): Initialize packet version
	with 3.
	
2003-04-02  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (cdk_keygen_set_expire_date): Make sure the time
	is not in the past.
	
2003-03-27  Timo Schulz  <twoaday@freakmail.de>

	* keylist.c (cdk_pklist_build): Got rid of 'goto'.
	(cdk_sklist_build): Likewise.
	* sign.c (siglist_write_old): Removed.
	
2003-03-21  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_revoke_key_walk): New.
	(_free_signature): Release the revocation keys.
	* read-packet.c (read_signature): Parse revocation key
	subpackets.
	* keydb.c (cdk_keydb_get_keyblock): Initialize the rev key
	struct from the signature (0x1f) if present.
	
2003-03-15  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (read_header): Check return values for decryption.
	(write_header): Likewise.
	* keydb.c (cdk_keydb_pk_cache_sigs): New. Walk over all signatures
	and check them. The result is stored in the sig cache.
	(keydb_parse_allsigs): Add a key database handle so we can
	really check the signatures (if requested).
	* seskey.c (cdk_s2k_new): Make sure we only allow valid modes.
	* stream.c (stream_filter_read): Automatically reset the filter
	after use. See the comment in the code.
	* encrypt.c (set_reset): Removed, we don't need it any longer.
	* armor.c (cdk_file_armor): If the rc is zero, check if the
	stream errno is set and replace rc with it.
	(cdk_file_dearmor): Likewise.
	
2003-03-13  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Make sig sub packet constants public.
	* kbnode.c (cdk_kbnode_hash): High-level API to perform hash
	operations on key nodes.
	
2003-03-07  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_get_attr): Handle the case if the
	packet was not found.
	* keydb.c (cdk_listkey_next): Implement the other pattern mode.
	* seskey.c (_cdk_digest_encode_pkcs1): Use the gcry macro
	to get the ASN OID.
	* new-packet.c (cdk_subpkt_new): Make sure the size is >0.
	
2003-03-06  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_listkey_start): New.
	(cdk_listkey_close): New.
	(cdk_listkey_next): New.
	* kbnode.c (cdk_kbnode_get_attr): New.
	* opencdk.h: Context for listing keys.
	Add fingerprint to the public key context.
	
2003-02-08  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (write_pubkey_enc_list): Stricter check for the args.
	(_cdk_sig_complete): Ditto.
	(cdk_stream_sign): Ditto.
	* stream.h: Removed unused entries from the STREAM context.
	
2003-02-07  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h (cdk_pk_from_secret_key): New.
	(cdk_pk_gen_revoke): New.
	* stream.c (cdk_stream_mmap): New.
	
2003-02-05  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (finalize_mdc): Be paranoid and check the 
	hash algorithm and its length.
	* read-packet.c (read_plaintext): Allow partial bodies.
	Don't use the packet size for allocation but only the name
	length. This bug fix prevents denial of services because it's
	possible to allocate large memory blocks when the packet is
	very long.
	* verify.c: Changed all GCRY_ constants to CDK_ constants
	whenever possible.
	* cipher.c: Likewise.
	* stream.c (cdk_stream_set_literal_flag): Support for partial
	bodies.
	* plaintext.c (plaintext_decode): Implement the partial bodies
	here.
	
2003-01-30  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_idx_rebuild): Now it's public.
	(cdk_keydb_search_new): Check arguments.
	More comment header for the API docs.
	* stream.c: Use assert() to check the context in each
	static function.
	* sig-check.c (check_key_signature): Renamed to...
	(pk_check_one_sig): this.
	* pubkey.c (_cdk_fingerprint_get): Renamed to...
	(_cdk_pkt_get_fingerprint): this.
	
2003-01-28  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Use uniform parameter name to avoid confusion.
	
2003-01-23  Timo Schulz  <twoaday@freakmail.de>

	* sklist.c (cdk_sklist_write): If the retrieved digest algo
	is different than the used, set the algo to the one from the
	message digest context.
	(cdk_sklist_write_onepass): Add parameter for the
	digest algo. This is needed when we want to force a special
	digest algorithm.
	(cdk_sklist_build): Now we also need the session handle.
	* seskey.c (_cdk_sk_unprotect_auto): Add session handle as
	parameter.
	(cdk_dek_extract): Likewise.
	* encrypt.c (sym_stream_encrypt): Likewise.
	(handle_symkey_enc): Likewise.
	(rfc1991_get_sesskey): Likewise.
	* read-packet.c (read_symkey_enc): Fix if the S2K mode is zero.
	* main.c (cdk_handle_control): If a command uses more than one
	argument, put the values into static vars to avoid a reserved
	order.
	(cdk_handle_set_passphrase_cb): New.
	
	
2003-01-22  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Support for SHA256.
	* verify.c: Likewise.
	
2003-01-21  Timo Schulz  <twoaday@freakmail.de>

	* main.c (cdk_sec_free): New. Overwrite the memory block before
	it will be freed.
	(_cdk_passphrase_free): Use it here.
	* keygen.c (cdk_keygen_free): Likewise.
	(cdk_keygen_set_passphrase): Likewise.
	* encrypt.c (handle_symkey_enc): Likewise.
	(rfc1991_get_sesskey): Likewise.
	(cdk_data_transform): Support to import keys.
	* opencdk.h: New type for data transform.
	* keydb.c (_cdk_keydb_get_importres_as_xml): New.
	
2003-01-16  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_parse_allsigs): Mark all subkeys as invalid
	when the primary key has been revoked or it expired.
	(keydb_check_key): Special handling for secret keys.
	* opencdk.h (cdk_handle_set_armor): New. Shortcut.
	(cdk_handle_set_compress): Likewise.
	* verify.c (cdk_stream_verify): Filter reset.
	(cdk_file_verify): Likewise.
	* read-packet.c (read_encrypted): Do not push filters here.
	Under W32 the old code does not work.
	* sign.c (cdk_file_sign): Use right armor type when we create
	a detached sig.
	
2003-01-15  Timo Schulz  <twoaday@freakmail.de>
	
	* verify.c (cdk_sig_get_info_as_xml): New.
	* encrypt.c (cdk_data_transform): Now it supports all kind
	of operations.
	
2003-01-15  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_data_transform): New.
	(_cdk_proc_packets): Dual mode. One supports the output via a
	filename and the other via a stream handle.
	(handle_plaintext): Support this.
	(cdk_stream_decrypt): New.
	(cdk_data_transform): Support for decryption.
	* armor.c (armor_decode): Remove debug output.
	* keydb.c (cdk_keydb_export): Skip bogus public key algorithms
	in signatures and not only ELG-E (16).
	* sign.c (cdk_stream_sign): New. For the new data transform
	interface.
	(stream_clearsign): New.
	(write_plaintext): If the stream is a temp stream, use _CONSOLE
	for the name of the packet.
	(cdk_file_sign): Use it here.
	
2003-01-13  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (read_public_key): Make sure we know the algorithm
	to avoid problems later.
	(read_pubkey_enc): Likewise.
	(read_signature): Likewise.
	(read_secret_key): Likewise.
	
2003-01-09  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (_cdk_vasprintf_free): If the external vasprintf is
	used, we need free otherwise cdk_free. Due to this problem we
	use a special function which knows how to free the buffer.
	
2003-01-07  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (_cdk_keydb_get_pk_byname,
	(_cdk_keydb_get_sk_byname): Renamed to...
	(_cdk_keydb_get_pk_byusage,
	_cdk_keydb_get_sk_byusage): this.
	(keydb_find_byusage): Check the pubkey usage in the case we
	check a public key because req_usage was never set.
	Make sure the key is valid and not revoked or expired.
	* opencdk.h: Remove req_usage from the secret key context because
	we don't need it any longer.
	
2003-01-07  Timo Schulz  <twoaday@freakmail.de>

	* main.c (_cdk_passphrase_get): getpass uses a static buffer
	and it's not a good idea to free it ;-). Duplicate the buffer instead.
	(_cdk_passphrase_free): Always use cdk_free.
	* encrypt.c (get_seckey): New. Implement a cache.
	(handle_pubkey_enc): Support to cache the seckey for the session.
	* pubkey.c (cdk_sk_get_keyid): Set the keyid array in the seckey
	and not only the pubkey.
	
2003-01-03  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (is_selfsig): New.
	(keydb_merge_selfsig): Only parse signatures when the keyid
	is equal to the primary keyid. This fixes the bug where some
	keys had no preferences :-).
	(cdk_keydb_get_keyblock): If it is the last keyblock in the file, 
	rc was -1 and this prevented the signatures were passed. Fixed.
	* armor.c (armor_encode): Do not return file error when the
	end of file is reached.
	* encrypt.c (check_pubkey_enc_list): Set the reset flag for the
	filter. We add later other filters but the armor filter should
	not be used again.
	
2003-01-02  Timo Schulz  <twoaday@freakmail.de>

	* keyserver.c (keyserver_hkp): Get rid of snprintf and
	don't use 'buf' for recv().
	* seskey.c (passphrase_prompt): Likewise.
	* misc.c [W32] (vasprintf): New.
	* main.c (cdk_handle_control): New. This is a replacement
	for all the cdk_handle_set_xxx and cdk_handle_get_xxx functions
	which only use simple integers. With the CDK_CTL_XXX id's you
	can set or get the options.
	* opencdk.h: Include stdarg.h due to cdk_handle_control.
	Remove libgcrypt headerfile because no outer interface need
	it any longer.
	Add enumerations for cipher and digest algorithms.
	* stream.c: Make the code more robust due to argument checks.
	* keydb.c (cdk_keydb_import): Do not write signatures with the
	pubkey algo 16 (ELG-E).
	* sig-check.c (_cdk_signature_check): Renamed to..
	(_cdk_sig_check): this.
	
2003-01-01  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (mpi_encode): New. Encode a series of MPI's into
	a buffer. The PGP format is used.
	* verify.c (cdk_sig_get_data_attr): Support for CDK_ATTR_MPI.
	* main.c (cdk_salloc): Add clear flag.
	(cdk_scalloc): Removed.
	* sig-check.c (cdk_key_check_sigs): Renamed to..
	(cdk_pk_check_sigs): this.
	
2002-12-28  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (cipher_encrypt): Removed. It's only a performance brake.
	(gcry_cipher_new): Internal object which combines open, setkey
	and setiv.
	* encrypt.c (write_status): Now it depends on HAVE_VASPRINTF.
	* sig-check.c (_cdk_hash_pubkey): Correct bug when a v3 key
	has an expire date.
	
2002-12-27  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_file_verify): Return when the signature is
	in cleartext and do not proc the file again.
	* encrypt.c (_cdk_proc_signature_packets): Use a STREAM handle
	because it's possible the signature is in normal mode and we
	need to parse the plaintext packet then.
	Combine _cdk_proc_signature_packets and _cdk_proc_encryption
	into _cdk_proc_packets because they almost do the same.
	
2002-12-27  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (_cdk_proc_signature_packets): Removed out arg.
	(cdk_file_decrypt): Do not create the out stream at the begin.
	The main procedure will do it for us.
	(do_proc_packets): Return a new stream handle which is the output.
	* sign.c: Changed all callers for _cdk_proc_signature_packets.
	* opencdk.h: C++ support.
	* main.c (cdk_handle_get_keydb): New.
	* misc.c (_cdk_check_file): Corrected return values.
	* compress.c (decompress_data): Return EOF when fread returns
	no more bytes.
	
2002-12-26  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_file_clearsign): renamed to...
	(file_clearsign): make it static.
	Don't only check for MD2 but in general if the digest algo
	is available.
	* keydb.c (cdk_keydb_free): Close memory leak. Relase the cache.
	* cipher.c: Shorter handle names.
	* stream.c (cdk_stream_close): Only apply the filters if there
	was no previous error.
	
2002-12-24  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_signature): Check digest algo and
	set signature flags (if possible).
	(set_verify_result): Ditto.
	(handle_onepass_sig): Ditto.
	* verify.c (cdk_file_verify): Support for armored data.
	(cdk_sig_get_ulong_attr): Support for signature flags.
	* keydb.c (cdk_keydb_check_sk): Always use long keyid.
	* keygen.c (pk_create): Correct expire date handling.
	(check_pref_array): Return error for unknown pref types.
	(sig_subkey_create): Add expire dates for subkeys.
	
2002-12-21  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c: (cdk_kbnode_clear_flags): Removed.
	* packet.h: Removed 'flag' from KBNODE because it's unused.
	* verify.c: (cdk_sig_get_ulong_attr): New attrs.
	* encrypt.c (handle_signature): Set them here.
	(set_verify_result): New.
	
2002-12-18  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c (cipher_open): Add key and iv argument.
	* stream.c: Replaced all fxxx functions with stream functions.
	(stream_flush): New. Wrapper around fflush.
	(cdk_stream_create): New.
	(stream_filter_walk_read, stream_filter_walk_write): Renamed to..
	(stream_filter_read, stream_filter_write): this.
	* sesskey.c (cdk_dek_new): Remove the argument.
	(cdk_dek_set_cipher): New.
	(cdk_dek_set_mdc_flag): New.
	(cdk_dek_set_key): New.
	* encrypt.c (do_proc_packets): Care for marker packets.
	* new-packet.c (cdk_pkt_init): New.
	* keydb.c (cdk_keydb_check_sk): New. 
	* encrypt.c (check_pubkey_enc_list): New. Make sure we have
	at least one secret key before we start to parse any data.
	
2002-12-14  Timo Schulz  <twoaday@freakmail.de>

	* pubkey.c (cdk_sk_protect): New. From sk_protect.
	(cdk_seckey_unprotect): Renamed to..
	(cdk_sk_unprotect): New.
	* keyserver.c: Removed all support for LDAP.	
	* sign.c (sig_write_old): Support for v3 signatures.
	* encrypt.c (do_proc_packets): If no plaintext stream
	was set, do it now.
	* kbnode.c: Removed unused code.
	* keygen.c (check_pref_array): Make sure that only OpenPGP
	algos are included.
	
2002-12-13  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (calc_s2k_size): Include cipher byte.
	(write_secret_key): Write cipher byte and correct packet size.
	Support to encode keys with the SHA1-checksum.
	* keygen.c (sk_protect): Implemented and renamed from...
	(protect_sk).
	(cdk_keygen_save): Protect both keys if requested.
	(check_bits): New.
	* snprintf.c: Removed.
	
2002-12-09  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_pubkey_enc): Use cdk_keydb_get_sk
	instead of _cdk_keydb_get_skblock.
	* keydb.c (_cdk_keydb_get_skblock): Removed. Not used any longer.
	(_cdk_keydb_get_pkblock): Ditto.
	(_cdk_keydb_find_bykeyid): Renamed to...
	(keydb_find_bykeyid): static.
	* seskey.c (cdk_hash_passphrase): Renamed to...
	(hash_passphrase): static and const for the passphrase.	
	(cdk_dek_free): New.
	(cdk_s2k_free): New.
	* cipher.c (write_mdc_packet): New.
	(cipher_encode2): Renamed to...
	(cipher_encode_file): this.
	(cipher_decode2): Renamed to...
	(cipher_decode_file): this.
	(cipher_encrypt): New.
	(write_header): Force new CTB when block mode is enabled.
	(write_partial_block): New.
	* write-packet.c (pkt_encode_len): If the packet len is 0,
	we assume partial bodies are used.
	
2002-12-08  Timo Schulz  <twoaday@freakmail.de>

	* keyserer.c (cdk_keyserver_recv_key): const for the keyid.
	* keydb.c (keydb_parse_allsigs): Detect signatures which revoke
	earlier signatures but no userID's.

2002-12-07  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_build): Use _cdk_buftou32.
	(keydb_idx_rebuild): New.
	* cipher.c (cipher_decode2): Implemented block mode.
	(read_header): If block mode is used, decrement packet length
	due to the prefix data.
	* read-packet.c (read_pkt_len): Renamed to...
	(_cdk_pkt_read_len).
	(read_encrypted): Do not read the body but store a STREAM reference.
	Set the block mode when partial bodies are used.
	
2002-12-06  Timo Schulz  <twoaday@freakmail.de>

	* opencdk.h: Defined old key db types for compat reasons.
	Removed old key db prototypes.
	* keyid.c: Deleted.
	* pubkey.c: Merged with keyid.c contents.
	* read-packet.c (read_16, read_u32): Declare as static.
	(skip_packet): Speed up code.
	* verify.c (cdk_file_verify): Ability to handle cleartext
	signatures.
	(cdk_file_verify_clearsign): Removed.
	* main.c (cdk_set_keydb): Remove the secret parameter. There
	is an internal check to find this out.
	
2002-12-05  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Simplified context.
	(cdk_keygen_set_expire_date): New parameter for the key type.
	* keydb.c (cdk_keydb_import): Fix a problem with secret keys.
	* keylist.c: Add some argument checks and sanity checks all
	over the place.
	* encrypt.c (handle_signature): Use public db handle.
	
2002-12-03  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c: Begin to make the code reentrant. This breaks a lot of
	interface but we need this step sooner or later.
	(cdk_keydb_export): Add handle to the parameters.
	(_cdk_keydb_get_pk_byname): Now it is internal and with a handle.
	(_cdk_keydb_get_sk_byname): Ditto.
	For the outer interface there is cdk_keydb_get_{sk,pk}.
	(_cdk_keydb_get_xxblock): Use a db handle.
	(cdk_keydb_get_ctx): Removed.
	(cdk_keydb_get_name): Removed.
	(cdk_keydb_is_secret): Removed.
	(cdk_keydb_find_idx): Removed.
	(cdk_keydb_remove_resource): Removed.
	(cdk_keydb_add_resource): Removed.
	(cdk_keydb_new): Do not use strdup (!) or modify the parameter.
	* keyserver.c (cdk_keyserver_recv_key): Fix URL parsing.
	Kudos to Nikos who found this out.
	* keylist.c (keylist_get_pk): Removed.

2002-12-02  Timo Schulz  <twoaday@freakmail.de>

	* keyserver.c (cdk_keyserver_recv_key): Use byte * instead of
	u32 * and add a parameter for the keyid type. Suggested by Nikos
	to avoid problems with 64-bit systems.
	* kbnode.c (cdk_kbnode_write_to_mem): If buffer is NULL, just
	return the size of the kbnode.
	* keydb.c (cdk_keydb_open): Disable the index in some cases.
	(keydb_pos_from_cache): New. Add code to use the fingerprint.
	* main.c (cdk_strdup): Return char * not void *.
	
2002-12-01  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_idx_mkname): New.
	(keydb_idx_build): New.
	(keydb_idx_parse): New.
	(keydb_idx_search): New.
        (cdk_keydb_search): When we search for the long keyid, use
	the index table to speed up operations when it was not found in	
	the cache. This solves the performance problem when we search for
	signature keys which are not in the keyring. Do not use the cache
	for secret keys.
	* snprintf.c: New. For systems which do not have it.
	* armor.c (armor_encode): Make the code 200% faster.
	
2002-11-30  Timo Schulz  <twoaday@freakmail.de>

	* cipher.c (read_header): Close handles in the case of an error.
	* write-packet.c: Changed all packet size fields to size_t to
	make sure it can carry a 32-bit length.
	* opencdk.h: Ditto.
	* keydb.c: Removed old offset code. Now we use a cache table
	which stores the keyid and the offset of the key inside the
	keyring. If a new search begins, first the cache is used. 
	When the item was found, the offset will be set. The key offset
	will be cache at the end inside the struct (when not already
	stored).
	(keydb_search_copy): New.
	(keydb_cache_free): New.
	(keydb_cache_find): New.
	(keydb_cache_add): New.
	(cdk_keydb_search_reset): Clear the cache so the key search
	will not use it.
	(cdk_keydb_close): New.
	* sig-check.c (check_key_signature): Do not reset the handle.
	
2002-11-28  Timo Schulz  <twoaday@freakmail.de>

	* armor.c (is_armored): Use an integer.
	(cdk_armor_filter_use): Modified for the new code.
	* encrypt.c (cdk_file_decrypt): Push armor filter.
	* stream.c (cdk_stream_flush): Only flush if the file
	contains data.
	(mk_tmpnam): Create the temp file in /tmp.
	
2002-11-25  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (sig_calc_subpkt_size): New.
	(_cdk_sig_complete): Use it here.
	* keygen.c (sig_self_create): MDC support.
	(generate_subkey): New.
	(gcry_mpi_to_native): Support for subkeys.
	(sig_subkey_create): New.
	(keydb_merge_selfsig): Parse KEY_EXPIRE and KEY_FLAGS sub packets.
	* read-packet.c (read_public_key): Now we use 32-bit for
	the timestamp and the expire date.
	* write-packet.c (write_public_key): Ditto.
	* keydb.c (keydb_parse_allsigs): Ditto.
	
2002-11-24  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c: Add structures to the context.
	(cdk_keygen_save): Don't free any packets when they are still
	needed.
	* write-packet.c (write_secret_key): Set correct packet size ;-).
	* pubkey.c (_cdk_seckey_get_csum): New.
	* sig-check.c (_cdk_hash_userid): Not static any longer.
	* sign.c (_cdk_sig_complete): New.
	
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* keygen.c (cdk_keygen_set_prefs): New.
	(cdk_keygen_set_algo_info): New.
	(cdk_keygen_set_mdc_feature): New.
	(cdk_keygen_set_expire_date): New.
	(cdk_keygen_start): New.
	(cdk_keygen_save): New.
	(cdk_keygen_new): New.
	(cdk_keygen_free): New.
	(cdk_keygen_set_name): New.
	(pk_create): New.
	(sig_create): New.
	(uid_create): New.
	(sk_create): New.
	
2002-11-23  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_from_mem): Use void * not byte *.
	* keydb.c (cdk_keydb_new): Ditto.
	(classify_data): New.
	(keyid_from_str): New.
	(fpr_from_str): New.
	(cdk_keydb_search_auto): Use classify to get the type to search for.
	Now we can figure out if it's a keyid (short?), a fingerprint
	or a sub string.
	(cdk_keydb_export): Use keydb_search_auto.
	(cdk_keydb_get_xxx_byname): Ditto.
	
2002-11-22  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (handle_encrypted): Only assume it's a RFC1991
	packet when no session key packet was located.
	(handle_symkey_enc): Set session key flag.
	(handle_pubkey_enc): Ditto.
	* cipher.c (cdk_set_progress_handler): New.
	* misc.c (ascii_memistr): Renamed to...
	(_cdk_memistr): this.
	* Begin to write some debug code to make it easier to track
	down segv and other problems.
	* armor.c (_cdk_armor_get_lineend): New.
	* sign.c (cdk_file_clearsign): Use the OS dependent line endings.

2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_sighead): PGP2 workaround.
	* Finished RFC1991 encryption and signature support.
	* keydb.c (cdk_keydb_export): Use old headers for v3 keys.
	* write-packet.c (write_public_key): More PGP2 fixes.
	* encrypt.c (select_cipher_algo): New. If IDEA was not found,
	use CAST5. The result is not readable by PGP2 but we can use
	v3 keys without any problems.
	
2002-11-20  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (buffer_to_u32): Renamed to..
	(_cdk_buftou32): New.
	(u32_to_buffer): Renamed to..
	(_cdk_u32tobuf): New.
	* encrypt.c (rfc1991_get_sesskey): New.
	Write marker packets only when no PGP2 mode is enable.
	* main.c (_cdk_is_idea_available): Check if IDEA is available.
	Normally this is not the case because Libgcrypt is not delivered
	with any patended algorithms.
	(cdk_handle_set_compat): Support for PGP2.
	* write-packet.c: Support for old CTB.
	(write_head_new): Wrapper.
	* keylist.c (cdk_sklist_build): Set list type.

2002-11-19  Timo Schulz  <twoaday@freakmail.de>

	* main.c (cdk_handle_set_compress): '0' disables compression.
	(cdk_handle_set_cipher): Check if algorithm is available.
	(cdk_handle_set_digest): Ditto.
	* encrypt.c (free_mainproc): Free the handle itself.
	* stream.c (_cdk_stream_get_errno): New. Set internal
	error variable when it's not possible with the return value.
	
2002-11-18  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c: Enum type to make the code easier to read.
	* keylist.c: Try to free all memory in the case of an error.
	* cipher.c (cipher_decode2): Free the handles inside the context.
	(cipher_encode2): Ditto.
	(finalize_mdc): New.
	
2002-11-15  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_mpi_array): New.
	* read-packet.c: Check minimal packet size for packets
	where it makes sense.
	* encrypted.c (handle_pubkey_enc): Make bits of key
	congruent modulo 8.
	* armor (update_crc): Make sure it's just 24 bit.
	* Cleanups for the release.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* main.h (wipemem): From GPG.
	* Try to wipe out all buffers with sentensive data.
	* misc.c (cdk_utf8_encode): New.
	(cdk_utf8_decode): New.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* read-packet.c (read_secret_key): Do not pre-alloc MPI
	structs for encrypted v4 keys. This costs too much secmem.
	Do it here...
	* pubkey.c (cdk_seckey_unprotect): ...instead. And with
	the correct size of the MPI.
	(cdk_pk_decrypt): Check that the seckey is really unprotected.
	(cdk_pk_sign): Likewise.
	* main.c (cdk_handle_set_callback): New.
	* encrypt.c (write_status): New.
	* keylist.c (cdk_pklist_encrypt): I forgot a calloc.
	* sign.c (cdk_file_sign): Avoid problems with streams.
	(cdk_file_sign_cleartext): Ditto.
	
2002-11-14  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (_cdk_hash_pubkey): Now we use two different
	modes for v3 keys. One for the fingerprint and one for the
	signature calculation.
	* encrypt.c (handle_encrypted): Error if there is no valid DEK.
	* main.c (cdk_salloc): Increase the size of the secmem due to
	the possibility there are more secret keys.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (stream_fp_replace): New.
	(stream_filter_walk_write): Use it here.
	(stream_filter_walk_read): Likewise.
	* keyserver.c (init_sockets): For non-POSIX systems.
	* read-packet.c (read_public_key): Corrected v3 key reading.
	* encrypt (cdk_stream_encrypt): Adjust the key length if needed.
	* pubkey.c (checksum_mpi): Forgot to check the last 2 octets.
	* keylist.c (cdk_sklist_build): Unprotect secret keys.
	* new-packet.c (_cdk_copy_seckey): Copy all elements.
	* main.h: Remove unused prototypes.
	* kbnode.c (_cdk_kbnode_clone): Modified for internal use.
	
2002-11-13  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (keydb_check_key): New.
	(keydb_find_byusage): Do not use revoked or expired keys.
	(keydb_set_expire): Corrected.
	* armor.c (armor_encode): Corrected CRC calculation.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_append): New.
	* keydb.c (cdk_keydb_import): Use append to make it easier.
	No key update is possible yet. Add a integer array as the result.
        * main.c (cdk_handle_set_compat): Set some other compatibility
	options.
	* read-packet.c (read_encrypted): Corrected reading for partial
	packet length.
	* compress.c (compress_decode): Set the inbuf pointer each
	call and not only once. This fixes a problem with larger files.
	(decompress_data): Some fixes.
	* seskey.c (passphrase_prompt): New.
	(cdk_passphrase_to_dek): Use it here.
	
2002-11-12  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_tmp_set_mode): For the filters the object
	needs to know if the request read or write filters. With this
	function we can set it.
	* keyserver.c (keyserver_handle_hkp): Use it here.
	* verify (cdk_file_verify_cleartext): Ditto.
	* sign (cdk_file_clearsign): Ditto.
	* main.c (cdk_handle_set_compat): New.
	* keylist.c (cdk_sklist_write): Support for signature version.
	* sign.c (cdk_file_sign): Ditto.
	(cdk_file_sign_cleartext): Ditto.
	* encrypt.c (write_marker_packet): New.
	(sym_stream_encrypt): Write a marker packet when in compat mode.
	(cdk_file_encrypt): Ditto.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_read_from_mem): New.
	(cdk_kbnode_write_to_mem): New.
	
2002-11-11  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (free_symkey_enc): Free the S2K struct.
	(_cdk_free_seckey): Ditto.
	* read-packet.c (read_s2k): Alloc S2K struct.
	* write-packet.c (write_symkey_enc): Ditto.
	(write_secret_key): Ditto.
	* S2K struct is now opaque.
	* seskey.c (cdk_s2k_new): New.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_file_encrypt): Use armor if requested.
	* sign.c (cdk_file_sign): Ditto for the encrypt & sign mode.
	(clearsign_filter): Removed. Now the STREAMS support encoding
	for read and write (temp) modes.
	* Check for header files when the target platform is not Posix.
	* stream.c (cdk_stream_flush): Premature filter flushing.	
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_file_sign_encrypt): Removed.
	(write_pubkey_enc_list): New.
	(cdk_file_sign): Merge encryption here.
	Check for invalid combinations.
	* opencdk.h (cdk_file_sign_encrypt): Bye bye.
	Now the file signing interface is complete but incompatible 
	to other versions :-(.
	
2002-11-10  Timo Schulz  <twoaday@freakmail.de>

	* misc.c (_cdk_timestamp): Renamed from make_timestamp.
	* opencdk.h (cdk_file_sign): New.
	(cdk_file_encrypt_sign): New.
	* keydb.c (cdk_keydb_get_sk_byname): Find a secret keyring,
	not a public keyring.
	* sign.c (cdk_file_sign): Fixed the index for the opaque value.
	* write-packet (write_onepass_sig): Fixed base size 15 -> 13.	
	
2002-11-09  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_decrypt): Remove unused var.	
	
2002-11-08  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (cdk_stream_encrypt): New.
	(cdk_file_encrypt): Use the new code.
	(sym_stream_encrypt): New.       
	
2002-11-05  Timo Schulz  <twoaday@freakmail.de>

	* keydb.c (cdk_keydb_import): New.
	
2002-11-04  Timo Schulz  <twoaday@freakmail.de>

	* kbnode.c (cdk_kbnode_find_packet): Return the node that was
	found, not the root node.
	* keyserver.c (keyserver_handle_hkp): Add '\r\n' to the request.
	
2002-11-03  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (write_public_key): Flag if we have a subkey.
	* read-packet.c (read_signature): Set the exportable flag
	independent of the signature version. And correct return code
	checking.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* plaintext.c (text_encode): New.
	(text_decode): New.
	* stream.c (cdk_stream_set_text_flag): New.
	
2002-11-02  Timo Schulz  <twoaday@freakmail.de>

	* seskey.c (cdk_passphrase_to_dek): Moved from seckey.c.
	* pubkey.c (cdk_seckey_unprotect): Moved from seckey.c
	(checksum_mpi): Ditto.
	* seckey.c: Deleted.
	* encrypt.c (handle_symkey_enc): For the case we've multiple of 
	these packages, ignore the next when we already have a valid DEK.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (cdk_subpkt_get_buf): New.
	* keydb.c (cdk_keydb_search_new): New.
	(cdk_keydb_search_free): New.
	* opencdk.h: CDK_DBSEARCH is now opaque.
	
2002-11-01  Timo Schulz  <twoaday@freakmail.de>

	* write-packet.c (pkt_write_head2): New.
	(write_compressed): Use old header.
	* This fixed the EOF problem for the filter.
	
2002-10-31  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_cleartext): Fixed md calculation.
	Add an output parameter to store the plaintext.
	* opencdk.h: Use the cdk_file_xxx prefix for all file functions.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sig-check.c (hash_mpi_array): New.
	* plaintext.c (plaintext_decode): Sanity check to avoid segv.
	
2002-10-30  Timo Schulz  <twoaday@freakmail.de>

	* sign.c (cdk_clearsign_file): New.
	(trim_string): New.
	* keylist.c (cdk_sklist_build): Replaced all calloc calls
	with cdk_calloc. Arrg.
	* stream.c (_cdk_stream_gets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* verify.c (cdk_verify_file): New.
	(cdk_verify_cleartext): New.
	(cdk_sig_get_ulong_attr): Support for all algorithms.
	* encrypt.c (proc_encryption_packets): New.
	(proc_signature_packets): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c: Add a context for each file operation.
	* main.c (cdk_handle_new): New.
	(cdk_handle_free): New.
	(cdk_handle_set_compress): New.
	(cdk_handle_set_digest): New.
	(cdk_handle_set_cipher): New.
	* verify.c (cdk_sig_get_ulong_attr): New.
	(cdk_sig_get_data_attr): New.
	(_cdk_result_verify_new): New.
	(_cdk_result_verify_free): New.	
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* encrypt.c (do_proc_packets): Modified so it will not
	depend on a fixed state. Now it's possible for decryption,
	verifying with one pass signatures with or without compression.
	(set_reset): New.
	
2002-10-29  Timo Schulz  <twoaday@freakmail.de>

	* new-packet.c (_cdk_subpkt_hash): Now it's internal.
	* sig-check.c (_cdk_signature_check): Prefix with _cdk_.
	* encrypt.c (handle_onepass_sig, handle_signature): New.
	(do_proc_packets): Divide function in stages to handle
	nested packets.
	* stream.c (stream_filter_walk_write): Only unlink files
	when the temp flag is not set.
	
2002-10-28  Timo Schulz  <twoaday@freakmail.de>

	* stream.c (cdk_stream_seek): Remove EOF flag when possible.
	* keydb.c (cdk_keydb_new): New.
	* armor.c (cdk_armor_filter_use): Rewind the file after
	reading the first byte.
	
	
	