| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
* g10.c (main): enable opt.interactive.
* import.c (import_one): Ask the user if the key shall be
imported when the interactive mode is used. Useful to extract
selected keys from a file.
|
| | |
|
| |
|
|
|
|
|
|
| |
(agent_card_learn): Add args for certinfo cb.
* learncard.c (release_certinfo,certinfo_cb): New.
(send_cert_back): New. With factored out code from ..
(agent_handle_learn): here. Return certinfo stuff.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* card-common.h (struct p15_private_s): Forward declaration. Add
it to card_ctx_s.
* card.c (card_close): Make sure private data is released.
(card_enum_certs): New.
* card-p15.c (p15_release_private_data): New.
(init_private_data): New to work around an OpenSC weirdness.
(p15_enum_keypairs): Do an OpenSC get_objects only once.
(p15_enum_certs): New.
(card_p15_bind): Bind new function.
* command.c (cmd_learn): Return information about the certificates.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* certchain.c: this. Renamed all all other usages of "path" in the
context of certificates to "chain".
|
| |
|
|
|
| |
certificate is missing.
|
| |
|
|
|
|
|
|
|
| |
it to card_ctx_s.
* card.c (card_close): Make sure private data is released.
* card-p15.c (p15_release_private_data): New.
(init_private_data): New to work around an OpenSC weirdness.
(p15_enum_keypairs): Do an OpenSC get_objects only once.
|
| | |
|
| |
|
|
|
| |
with a bug in the mpi_get_secure_buffer.
|
| |
|
|
|
| |
length) in HKP searches.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
symmetric compressed files.
* encode.c (encode_simple, encode_crypt): If we are not using a MDC,
compress even if a file is already compressed. This is to help against
the chosen ciphertext attack.
* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug so the
request succeeds even if the requested algorithm is not the first found.
* cipher.c (write_header), encode.c (use_mdc, encode_simple, encode_crypt,
encrypt_filter), g10.c (main): Be more eager to use a MDC. We use a MDC
if the keys directly support it, if the keys list AES (any) or TWOFISH
anywhere in the prefs, or if the cipher chosen does not have a 64 bit
blocksize.
|
| | |
|
| |
|
|
|
| |
MPI is marked as protected.
|
| |
|
|
|
| |
is defined. It should only be defined for hard core debugging.
|
| | |
|
| |
|
|
|
|
|
|
| |
key ID field.
* fingerprint.c (gpgsm_get_short_fingerprint): New.
* verify.c (gpgsm_verify): Print more verbose info for a good
signature.
|
| |
|
|
|
| |
(has_short_kid, has_long_kid): Implemented.
|
| |
|
|
|
| |
unpkcsedone keys.
|
| |
|
|
|
| |
Done.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
(main): Initialize the signal handler.
* sign.c (gpgsm_sign): Reset the hash context for subsequent
signers and release it at the end.
|
| |
|
|
|
| |
number as a fallback. Add a special prefix for serial numbers.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
section for random gatherers.
* keyring.c (create_tmp_file, rename_tmp_file): Create tmp files with
user-only permissions, but restore the original permissions if the user
has something special set.
* openfile.c (copy_options_file): Create new options file (gpg.conf) with
user-only permissions.
* keydb.c (keydb_add_resource): Create new keyrings with user-only
permissions.
|
| |
|
|
|
| |
via configure.
|
| |
|
|
|
| |
* NEWS: Clarify new permission checks.
|
| |
|
|
|
| |
permissions.
|
| |
|
|
|
|
|
|
|
|
| |
* runtest, inittests: New.
* text-1.txt, text-2.txt, text-3.txt: New.
* text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New.
* text-2.osig.pem, text-2.osig-bad.pem: New.
* samplekeys : New directory
* sm-verify, sm-sign+verify: The first test scripts.
|
| |
|
|
|
|
|
| |
for the hash that the sig is expecting. This can happen if a onepass sig
header does not match the actual sig, and also if the clearsign "Hash:"
header is missing or does not match the actual sig.
|
| | |
|
| |
|
|
|
| |
for a given MD_HANDLE.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
restarting gpg. This is Debian bug 124219, though their supplied patch
will not do the right thing.
* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions),
keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant
reworking of the permission check mechanism. The new behavior is to check
everything in the homedir by checking the homedir itself. If the user
wants to put (possibly shared) keyrings outside the homedir, they are not
checked. The options file and any extension files are checked wherever
they are, as well as their enclosing directories. This is Debian bug
147760.
|
| |
|
|
|
|
| |
loading. Also fix backwards grammar of keyserver exec-path CHECKING
message.
|
| | |
|
| | |
|
| |
|
|
|
| |
option to turn a MDC check error into a warning.
|
| |
|
|
|
|
|
|
|
| |
clearsign_file): Use the same --pgpX warning string everywhere to ease
translations.
* encode.c (write_pubkey_enc_from_list): Warn when using --throw-keyid
with --pgpX. Noted by Vedaal Nistar.
|
| | |
|
| |
|
|
|
|
| |
minimal pk along with the revocation cert when in --pgpX mode so that PGP
can import it.
|
| |
|
|
|
|
| |
* gpg.sgml: Fixed doc regarding the name change of the option
file.
|
| | |
|
| |
|
|
|
| |
* openfile.c (copy_options_file): Changed name of created file.
|
| | |
|
| | |
|
