| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/protect.c (s2k_calibration_time): New file global var.
(calibrate_s2k_count): Use it here.
(get_calibrated_s2k_count): Replace function static var by ...
(s2k_calibrated_count): new file global var.
(set_s2k_calibration_time): New function.
* agent/gpg-agent.c (oS2KCalibration): New const.
(opts): New option --s2k-calibration.
(parse_rereadable_options): Parse that option.
--
Note that using an unrelistic high value (like 60000) takes quite some
time for calibration.
GnuPG-bug-id: 3399
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-hkp.c (handle_send_request_error): Add arg
http_status and handle it.
(ks_hkp_search): Get http_status froms end_request and pass on to
handle_send_request_error.
(ks_hkp_get): Ditto.
(ks_hkp_put): Ditto.
--
GnuPG-bug-id: 4175
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/http.c (http_status2string): New.
--
Right now only the standard 5xx codes.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/keyserver.c (keyserver_search): Check for NO_DATA.
--
GnuPG-bug-id: 3830
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
* tools/addgnupghome (filelist): Remove bashism.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keylist.c (print_pubkey_info): Reverse the condition.
--
This mistakes were introduced when replacing by estream.
It resulted 'gpg --card-status' from a process with no controlling
terminal fails.
Fixes-commit: fb2ba98963beea249474f5d6d7345cf9b4b7f570
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/wks-util.c (wks_get_key, wks_filter_uid): The filter
expression needs a space before the value.
(install_key_from_spec_file): Replace es_getline by es_read_line and
remove debug output.
--
A value of starting with '<' was considered an invalid operator due to
our tokenization method.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct revocation_key): Add field 'fprlen'.
* g10/parse-packet.c (parse_revkeys): Set fprlen and allow for v5
keys. Also fix reading of unitialized data at place where
MAX_FINGERPRINT_LEN is used.
* g10/revoke.c (gen_desig_revoke): Allow for v5 keys and use fprlen.
Do an explicit compare to avoid reading unitialized data.
* g10/sig-check.c (check_revocation_keys): Use the fprlen.
* g10/getkey.c (merge_selfsigs_main): Do an explicit copy to avoid
reading unitialized data.
* g10/import.c (revocation_present): Use fprlen.
* g10/keyedit.c (show_key_with_all_names): Use fprlen.
(menu_addrevoker): Use fprlen. Allow for v5 keys.
* g10/keygen.c (keygen_add_revkey): Use fprlen.
(parse_revocation_key): Allow for v5 keys.
* g10/keyid.c (keyid_from_fingerprint): Allow for v5 keys. Print a
better error message in case of bogus fingerprints.
* g10/keylist.c (print_revokers): Use fprlen.
--
The reading of uninitialized data is harmless but we better fix it to
make valgrind happy. More serious was that we always passed
MAX_FINGERPRINT_LEN but we will need to support 20 and 32 octet
fingerprints and MAX_FINGERPRINT_LEN would be too large for a v4.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/wks-util.c (install_key_from_spec_file): New.
(wks_cmd_install_key): Call it.
* tools/gpg-wks-client.c (main): Allow --install-key w/o arguments.
* tools/gpg-wks-server.c (main): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox".
* g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New.
* g10/keylist.c (list_keyblock_simple): New.
(list_keyblock): Call it.
(list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX
mode.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/wks-util.c (wks_compute_hu_fname): Stat and create directory
if needed.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New.
(opts): Add "--install-key", "--remove-key" and "-C".
(parse_arguments): Parse them.
(main): Check that the given directory exists. Implement the new
commands.
--
These commands maybe useful to prepare a WKD directory on a non-Unix
box using the standard wks client.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-server.c (write_to_file): Move to ...
* tools/wks-util.c: here.
* tools/gpg-wks-server.c (compute_hu_fname): Move to ...
* tools/wks-util.c (wks_compute_hu_fname): here.
* tools/gpg-wks-server.c (fname_from_userid): Move to ...
* tools/wks-util.c (wks_fname_from_userid): here.
* tools/gpg-wks-server.c (command_install_key): Move to ...
* tools/wks-util.c (wks_cmd_install_key): here and change caller.
* tools/gpg-wks-server.c (command_remove_key): Move to ...
* tools/wks-util.c (wks_cmd_remove_key): here and change callers.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* autogen.rc (configure_opts): Remove --with-*-prefix.
--
It seems that we haven't done cross-build for amd64 for a while,
we now use nPth instead of Pth.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/mainproc.c (proc_plaintext): Do not enable hash contexts when
opt.skip_verify is set.
--
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| |
|
|
|
|
|
|
| |
* common/iobuf.c (iobuf_copy): Wipe used area of buffer instead of
first sizeof(char*) bytes.
--
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero'.
--
In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.
If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| |
|
|
|
|
| |
* agent/call-scd.c (wait_child_thread): Add %s.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app.c (app_new_register): Don't lock APP_LIST_LOCK here.
(select_application): Lock with APP_LIST_LOCK earlier.
--
What we want to do here is to serialize the call of
select_application. In the old code, it was possible
that a call of select_application was blocked internally,
and then another call of select_application entered.
We can have a dedicated lock for call of select_application,
but it is easier to re-use APP_LIST_LOCK.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/call-scd.c (unlock_scd): Move lock before accessing IN_USE.
(wait_child_thread): Add log_info for Windows, and fixed log_error
message.
--
The old code is still valid with cooperate threads, but this is
better.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/Makefile.am (gpg_pair_tool_LDADD): Add W32SOCKLIBS.
--
This is required because parts of libcommon depend on ws2_32.
|
| |
|
|
|
|
|
|
| |
* agent/call-scd.c (wait_child_thread): New.
(start_scd): Create a thread for wait_child_thread.
(agent_scd_check_aliveness): Remove.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/call-scd.c (struct scd_local_s): Remove LOCK, introduce IN_USE
and INVALID flags.
(unlock_scd): Call assuan_release when CTX is invalid.
(start_scd): Set IN_USE.
(agent_scd_check_aliveness): Don't call assuan_release when it's in use.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* agent/call-scd.c (struct scd_local_s): Remove ctrl_backlink.
(start_scd): Don't assign to the field.
(agent_scd_check_aliveness): Fix typo in comment.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/http.h (parsed_uri_s): Add fields off_host and off_path.
(http_redir_info_t): New.
* dirmngr/http.c (do_parse_uri): Set new fields.
(same_host_p): New.
(http_prepare_redirect): New.
* dirmngr/t-http-basic.c: New test.
* dirmngr/ks-engine-hkp.c (send_request): Use http_prepare_redirect
instead of the open code.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
--
With this change a http query will not follow a redirect unless the
Location header gives the same host. If the host is different only
the host and port is taken from the Location header and the original
path and query parts are kept.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* g10/main.h (GCRYPT_VERSION_NUMBER): Fix type in condition.
--
GnuPG-bug-id: 4259
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* g10/call-agent.h (agent_card_info_s): Add UIF fields.
* g10/call-agent.c (learn_status_cb): Put UIF DOs info.
* g10/card-util.c (current_card_status): Output for UIF.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
| |
* scd/app-openpgp.c (do_learn_status): Report KDF attr.
* g10/card-util.c (current_card_status): Output KDF for with_colons.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/call-agent.h (kdf_do_enabled): New field.
* g10/call-agent.c (learn_status_cb): Set kdf_do_enabled if available.
* g10/card-util.c (current_card_status): Inform the availability.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |\
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* configure.ac (GNUPG_CACHE_DIR): New const.
* tools/Makefile.am (libexec_PROGRAMS): Add gpg-pair-tool.
(gpg_pair_tool_SOURCES, gpg_pair_tool_CFLAGS)
(gpg_pair_tool_LDADD): New.
* tools/gpg-pair-tool.c: New.
--
This is a first try on a protocol to pair two devices so that they can
agree on a shared secret to exchange secret keys. The idea is that if
you want to sync your secret keys to another machine (e.g. from
desktop to mobile) you have physical access to both devices and thus a
pairing protocol allows to authenitcate the connection using a short
string. See the source for a protocol description.
How to test:
$ gpg-pair-tool -va --homedir . --initiate >msg.commit
$ gpg-pair-tool -va --homedir 2ndhome --respond \
<msg.commit >msg.dhpart1
$ gpg-pair-tool -va --homedir . --respond \
<msg.dhpart1 >msg.dhpart2
$ gpg-pair-tool -va --homedir 2ndhome --respond \
<msg.dhpart2 >msg.confirm
Now set the SAS as printed by the responder into SAS and run
$ gpg-pair-tool -va --homedir . --respond --sas $SAS <msg.confirm
Storing the secret on disk is obviously not the right thing to do.
With the new PUT_SECRET and GET_SECRET commands of gpg-agent we can
change this to store it all in gpg-agent instead. This will make it
also easier for gpg to access the secret and we won't need an option
to return it from gpg-pair-tool. Thus gpg-pair-tool can be dedicated
to run the protocol and maybe to popup info dialogs.
Adding a second expiration time for running the protocol in addition
to the expiration of the secret is probably a better idea than just
that simple catch-all TTL.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* tools/gpg-zip.in: Remove.
* m4/tar-ustar.m4: Remove.
--
Note that the script was even not anymore installed. See also
GnuPG-bug-id: 4252
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/call-pinentry.c (agent_popup_message_stop): Just kill it.
--
By checking if it's alive or not, we can lower a risk of sending
SIGINT to a wrong process on unusual condition when PID is re-used to
a different process.
That's true, however, since it's alive usually, simply sending SIGINT
is enough here.
Note that here is a race condition for detecting if process is active
or not; A process can die just after being detected alive.
Moreover, when the process of pinentry accidentally died already, it
should have caused return of assuan_transact and the thread of
popup_message_thread likely already set popup_finished=1.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| | |
* dirmngr/server.c (proc_wkd_get): Implement new openpgpkey subdomain
method.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| | |
* m4/libgcrypt.m4: Update from master.
* m4/ntbtls.m4: Update from master.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Summary:
* dirmngr/crlcache.c (crl_cache_flush): Also deinit the cache.
* dirmngr/server.c (hlp_flushcrls, cmd_flushcrls): New.
(register_commands): Add FLUSHCRLS.
--
This allows it to flush the CRL cache of a running dirmngr
server. This can be useful to debug / analyze CRL issues.
GnuPG-Bug-Id: T3967
Differential Revision: https://dev.gnupg.org/D469
Signed-off-by: Andre Heinecke <[email protected]>
(cherry picked from commit 00321a025f90990a71b60b4689ede1f38fbde347)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement. Change all callers to pass false for it.
* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--
Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it. After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.
To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command
t-mbox-util --verbose --filter
can be used; to output w/o sub-addresses add --no-sub.
GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
--
For size_t use "%zu"
For ssize_t use "%zd"
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| | |
* common/t-mbox-util.c (run_filter): New.
(main): Add option parser.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/mainproc.c (mainproc_context): New member
'seen_pkt_encrypted_aead'.
(release_list): Clear 'seen_pkt_encrypted_aead'.
(proc_encrypted): Set 'seen_pkt_encrypted_aead'.
(have_seen_pkt_encrypted_aead): New.
(proc_plaintext): Do not enable extra hash contexts when decryption
AEAD input.
--
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/armor.c (asctobin): Larger look-up table for fast path.
(initialize): Update 'asctobin' initialization.
(radix64_read): Add fast path for radix64 to binary conversion.
--
This patch adds fast path for radix64 to binary conversion in
armored decryption.
Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.
before patch-set
----------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 13.8 140 MB/s
decrypt-aead: 30.6 68 MB/s
encrypt-cfb: 17.4 114 MB/s
decrypt-cfb: 32.6 64 MB/s
after (decrypt+iobuf+crc+radix64 opt)
-------------------------------------
gpg process
armor: user time pipe transfer rate
decrypt-aead: 9.8 200 MB/s
decrypt-cfb: 11.9 168 MB/s
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/armor.c (bintoasc): Change to read-only.
(initialize): Use const pointer for 'bintoasc'.
(armor_output_buf_as_radix64): New function for faster binary to
radix64 conversion.
(armor_filter): Use new conversion function.
--
This patch adds faster binary to radix64 conversion to speed up
armored encryption.
Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.
before patch-set
----------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 13.8 140 MB/s
decrypt-aead: 30.6 68 MB/s
encrypt-cfb: 17.4 114 MB/s
decrypt-cfb: 32.6 64 MB/s
after (decrypt+iobuf+crc+radix64 opt)
-------------------------------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 2.7 523 MB/s
encrypt-cfb: 6.7 264 MB/s
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/armor.c (CRCINIT, CRCPOLY, CRCUPDATE, crc_table): Remove.
(new_armor_context): Open libgcrypt CRC24 context.
(release_armor_context): Close CRC24 context.
(initialize): Remove CRC table generation.
(get_afx_crc): New.
(check_input, fake_packet, radix64_read, armor_filter): Update to use
CRC24 context.
* g10/filter.h (armor_filter_context_t): Replace crc intermediate value
with libgcrypt md context pointer.
--
This patch changes armor filter to use optimized CRC24 implementation
from libgcrypt to speed up encryption and decryption.
Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.
before patch-set
----------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 13.8 140 MB/s
decrypt-aead: 30.6 68 MB/s
encrypt-cfb: 17.4 114 MB/s
decrypt-cfb: 32.6 64 MB/s
after (decrypt+iobuf+crc opt)
-----------------------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 8.7 211 MB/s
decrypt-aead: 17.6 116 MB/s
encrypt-cfb: 12.6 153 MB/s
decrypt-cfb: 19.6 105 MB/s
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/iobuf.c (iobuf_read_line): Add fast path for finding '\n'
character in buffer.
--
This patch reduce per byte overhead in iobuf_read_line by avoiding
using iobuf_get when possible and use memchr to find '\n'. This
speeds armored decryption.
Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.
before patch-set
----------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 13.8 140 MB/s
decrypt-aead: 30.6 68 MB/s
encrypt-cfb: 17.4 114 MB/s
decrypt-cfb: 32.6 64 MB/s
after (decrypt+iobuf opt)
-------------------------
gpg process
armor: user time pipe transfer rate
decrypt-aead: 22.5 92 MB/s
decrypt-cfb: 24.4 85 MB/s
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/armor.c (unarmor_state_e, unarmor_pump_s, unarmor_pump_new)
(unarmor_pump_release, unarmor_pump): Remove.
* g10/filter.h (UnarmorPump, unarmor_pump_new, unarmor_pump_release)
(unarmor_pump): Remove.
--
Signed-off-by: Jussi Kivilinna <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/armor.c (radix64_read): Check EOF with '!afx->buffer_len' instead
of 'c == -1', as 'c' is never set to this value.
--
Signed-off-by: Jussi Kivilinna <[email protected]>
|
