aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* experiment: Handle S=0 in EdDSA by SOS("0").gniibe/v5/448NIIBE Yutaka2021-12-222-15/+33
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix for signature R+S in OpenPGP R part.NIIBE Yutaka2021-12-142-7/+14
| | | | | | | | | This fix also allows having only OpenPGP R part, and OpenPGP S part == NULL. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Rename the names of functions.NIIBE Yutaka2021-11-259-32/+34
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment:agent: Allow importing v5 secret key.NIIBE Yutaka2021-10-291-2/+3
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix exporting protecte secret key for new448.NIIBE Yutaka2021-10-281-0/+21
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix importing new448 secret key.NIIBE Yutaka2021-10-273-7/+8
| | | | | | | | | -- Because secret key may be encrypted one, it can be only fixed up (removing the prefix) at gpg-agent side. Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Support exporting new 448 key (public/secret).NIIBE Yutaka2021-10-225-16/+32
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Support importing new 448 secret keys.NIIBE Yutaka2021-10-221-2/+11
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix keygrip and signature for 448.NIIBE Yutaka2021-10-212-5/+6
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix for 448 pubkey.NIIBE Yutaka2021-10-211-1/+1
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Also support new ECDH encryption with 448.NIIBE Yutaka2021-10-214-42/+53
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix ECC key handling.NIIBE Yutaka2021-10-216-44/+24
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Support keygen for new Ed448/X448 keys.NIIBE Yutaka2021-10-211-0/+49
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Generate new Ed448 signature.NIIBE Yutaka2021-10-211-2/+69
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Add copyright notice.NIIBE Yutaka2021-10-111-3/+19
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Fix keygrip computation for new 448 key on gpg-agent.NIIBE Yutaka2021-10-084-24/+37
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Add forgotten open-misc.c.NIIBE Yutaka2021-10-081-0/+61
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Support MPI(0) by sos_read and mpi_print.NIIBE Yutaka2021-10-082-2/+5
| | | | | | | | | * g10/misc.c (mpi_print): Handle the case for MPI(0). * g10/parse-packet.c (sos_read): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* experiment: Try to support new 448 key and signature.NIIBE Yutaka2021-10-086-11/+83
| | | | | | | | -- Keygrip computation is still wrong, need to fix soon. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Respect gpgconf.ctl when looking up translationsIngo Klöcker2021-10-062-4/+4
| | | | | | | | | | | | | * common/i18n.c (i18n_init): Use gnupg_localedir() instead of LOCALEDIR. (i18n_localegettext): Ditto. * tools/gpgconf-comp.c (my_dgettext): Ditto. -- On Unix, gnupg_localedir() returns the locale directory relative to the root directory of the gnupg installation if specified in the gpgconf.ctl. Otherwise, it returns the built-in LOCALEDIR. GnuPG-bug-id: 5999
* dirmngr: New option --ignore-certWerner Koch2021-10-065-7/+98
| | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (struct fingerprint_list_s): Add field binlen. (opt): Add field ignored_certs. * dirmngr/dirmngr.c: Add option --ignore-cert (parse_rereadable_options): Handle that option. (parse_ocsp_signer): Rename to ... (parse_fingerprint_item): this and add two args. * dirmngr/certcache.c (put_cert): Ignore all to be igored certs. Change callers to handle the new error return. -- This option is useful as a workaround in case we ill run into other chain validation errors like what we fixed in GnuPG-bug-id: 5639
* dirmngr: Fix Let's Encrypt certificate chain validation.Werner Koch2021-10-061-8/+31
| | | | | | | | | | | | * dirmngr/certcache.c (find_cert_bysubject): Return the first trusted certififcate if any. -- This is basically the same as using OpenSSL with ist X509_V_FLAG_TRUSTED_FIRST flag. See https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ GnuPG-bug-id: 5639
* agent,dirmngr,kbx,scd,tpm2d: Use gnupg_sleep.NIIBE Yutaka2021-10-059-13/+13
| | | | | | | | | | | | | | | | * agent/findkey.c (unprotect): Use gnupg_sleep. * agent/gpg-agent.c (handle_connections): Likewise. * dirmngr/crlfetch.c (handle_connections): Likewise. * kbx/keyboxd.c (handle_connections): Likewise. * tpm2d/tpm3daemon.c (handle_connections): Likewise. * scd/scdaemon.c (handle_connections): Likewise. * scd/command.c (cmd_lock): Likewise. * dirmngr/ldap-wrapper.c (ldap_reaper_thread): Likewise. (ldap_wrapper_wait_connections): Use gnupg_usleep. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix calibrate_get_time use of clock_gettime.NIIBE Yutaka2021-10-051-1/+22
| | | | | | | | | | | * agent/protect.c (USE_CLOCK_GETTIME): New macro. (calibrate_get_time): Only use clock_gettime if USE_CLOCK_GETTIME. -- GnuPG-bug-id: 5623 Fixes-commit: 380bce13d94ff03c96e39ac1d834f382c5c730a1 Signed-off-by: NIIBE Yutaka <[email protected]>
* tests: Use the new gpgconf.ctl based method.Werner Koch2021-10-013-46/+33
| | | | | | | | | | | | | * tests/openpgp/defs.scm: We expect that stuff is now installed. (tools): Fix the names. (intsalled?, bin-prefix): Remove. (tool-hardcoded): Simplify. (gpg-conf'): Simplify. (GNUPG_BUILDDIR): Do not anymore set this envvar. * tests/tpm2dtests/defs.scm: Ditto. -- This simplifies things a bit.
* build: Prepare for using installed versions for tests.Werner Koch2021-10-018-3/+51
| | | | | | | | | | | | | | | | | | | | | | | * tests/gpgconf.ctl.in: New. * tests/Makefile.am (EXTRA_DIST): Add new file. (TESTINST_DIRS): New. (clean-local): New. (clean-local-testinst): New. (check-recursive): New hook. (bin/gpgconf.ctl): Run a test install. * tests/cms/Makefile.am (TESTS_ENVIRONMENT): Set new envvar GNUPG_BUILD_ROOT. * tests/gpgme/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Ditto. -- Right now this helps only with the global configuraion dir which is now not set and thus the build host'ss own /etc/gnupg does not anymore affect the build. Signed-off-by: Werner Koch <[email protected]>
* common: Support gpgconf.ctl also for BSDs.Werner Koch2021-10-012-10/+31
| | | | | | | | | | * common/homedir.c (MYPROC_SELF_EXE): New. (unix_rootdir): Use it here. Also support GNUPG_BUILD_ROOT as fallback. -- In addition this adds a fallback method for AIX etc which do not have an easy way to get the info.
* common: Add keyword sysconfdir to the optional gpgconf.ctl file.Werner Koch2021-10-011-18/+69
| | | | | | | | | | * common/homedir.c (unix_rootdir): Add arg want_sysconfdir. (gnupg_sysconfdir): Return it. -- Our regression test suite has the problem that we can't disable the use of the global config files or test them using the regualr binaries. This new keyword will allow us to overcome the problem.
* kbx: Let it include keybox.h to avoid multiple typedefs.NIIBE Yutaka2021-09-301-6/+1
| | | | | | | | | * kbx/backend.h: Include keybox.h. -- GnuPG-bug-id: 5630 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Handle backsig for v5 signature.NIIBE Yutaka2021-09-291-6/+8
| | | | | | | | | * g10/getkey.c (merge_selfsigs_subkey): Check v5 signature correctly. -- GnuPG-bug-id: 5628 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Ed448 and X448 are only for v5 (for subkey).NIIBE Yutaka2021-09-291-1/+6
| | | | | | | | | | | | * g10/keygen.c (generate_subkeypair): Specify KEYGEN_FLAG_CREATE_V5_KEY for Ed448 or X448 key. -- Reported-by: William Holmes Fixes-commit: 36355394d865f5760075e62267d70f7a7d5dd671 GnuPG-bug-id: 5609 Signed-off-by: NIIBE Yutaka <[email protected]>
* kbx: A 20 byte fingerprint is right filled in version 2 blob.NIIBE Yutaka2021-09-281-0/+2
| | | | | | | | | | * kbx/keybox-blob.c (create_blob_header): Fix creating FPR20 key in blob with 32-byte fingerprint. -- GnuPG-bug-id: 5609 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Skip the packet when not used for AEAD.NIIBE Yutaka2021-09-281-0/+1
| | | | | | | | | | * g10/free-packet.c (free_packet): Add the case for case PKT_ENCRYPTED_AEAD. -- GnuPG-bug-id: 5464 Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Fix several "include file not found" problemsIngo Klöcker2021-09-203-7/+8
| | | | | | | | | | | | | * dirmngr/Makefile.am (t_ldap_parse_uri_CFLAGS): Add KSBA_CFLAGS. * kbx/Makefile.am (libkeybox_a_CFLAGS, libkeybox509_a_CFLAGS): Add NPTH_CFLAGS. * tools/Makefile.am (gpgtar_CFLAGS, gpg_wks_server_CFLAGS, gpg_wks_client_CFLAGS, gpg_pair_tool_CFLAGS): Add LIBGCRYPT_CFLAGS. -- The tools include gcrypt.h via common/util.h. GnuPG-bug-id: 5592
* po: Fixed Italian translation for key expirationgiomba2021-09-201-1/+1
| | | | | | | | | | | * po/it.po: Fix italian translation. -- In English, "too" has two different meanings (eg. "too much" vs "change it too"). Italian translation used wrong meaning, and the sentence made no sense. Signed-off-by: Andre Heinecke <[email protected]>
* common: Support a gpgconf.ctl file under Unix.Werner Koch2021-09-171-17/+252
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/homedir.c (unix_rootdir): New. (gnupg_bindir): Use it. (gnupg_libexecdir): Use it. (gnupg_libdir): Use it. (gnupg_datadir): Use it. (gnupg_localedir): Use it. -- This feature is useful for building and using an AppImage version of gnupg and probably also for some other use cases. GnuPG-bug-id: 5999 Here is a sample gpgconf.ctl file --8<---------------cut here---------------start------------->8--- # gpgconf.ctl # # This file is used to change the directories where the gpg components # are installed. It does not change the configuration directories. # The file is expected in the same directory as gpgconf. The physical # installation directories are evaluated and no symlinks. Blank lines # and lines starting with pound signed are ignored. No errors are # printed for unknown keywords or commands. The only defined key for # now is "rootdir" which must be followed by one optional space, an # equal sign, and the value for the root directory. Environment # variables are substituted in standard shell manner, the final value # must start with a slash, trailing slashed are stripped. rootdir = $APPDIR/gnupg --8<---------------cut here---------------end--------------->8---
* common: New function substitute_envvars.Werner Koch2021-09-173-0/+206
| | | | | | | | | | * common/stringhelp.c (substitute_envvars): New. Based on code in gpg-connect-agent. * common/t-stringhelp.c: Include sysutils.h. (test_substitute_envvars): New. -- GnuPG-bug-id: 5599
* doc: Clarify some gpg keyring optionsWerner Koch2021-09-141-22/+28
| | | | | -- GnuPG-bug-id: 5594
* gpg: Print a warning when importing a bad cv25519 secret key.Werner Koch2021-09-141-1/+17
| | | | | | | | * g10/import.c (transfer_secret_keys): Add simple check. -- Note that the requirement for a set high bit is not yet checked. GnuPG-bug-id: 5464
* Update release signing keys.Werner Koch2021-09-141-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -- These are now # ------------------------ >8 ------------------------ pub rsa3072 2017-03-17 [SC] [expires: 2027-03-15] 5B80C5754298F0CB55D8ED6ABCEF7E294B092E28 sig R BCEF7E294B092E28 2017-03-17 Andre Heinecke (Release Signing Key) uid Andre Heinecke (Release Signing Key) sig 3 BCEF7E294B092E28 2017-03-17 Andre Heinecke (Release Signing Key) sig 1FDF723CF462B6B1 2017-03-17 Andre Heinecke <[email protected]> pub ed25519 2020-08-24 [SC] [expires: 2030-06-30] 6DAA6E64A76D2840571B4902528897B826403ADA uid Werner Koch (dist signing 2020) sig 3 528897B826403ADA 2020-08-24 Werner Koch (dist signing 2020) sig 249B39D24F25E3B6 2020-08-24 Werner Koch (dist sig) sig 63113AE866587D0A 2020-08-24 [email protected] sig E3FDFF218E45B72B 2020-08-24 Werner Koch (wheatstone commit signing) sig F2AD85AC1E42B367 2020-08-24 Werner Koch <[email protected]> pub ed25519 2021-05-19 [SC] [expires: 2027-04-04] AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD uid Niibe Yutaka (GnuPG Release Key) sig 3 E98E9B2D19C6C8BD 2021-05-19 Niibe Yutaka (GnuPG Release Key) sig 00B45EBD4CA7BABE 2021-09-14 NIIBE Yutaka <[email protected]> sig E267B052364F028D 2021-09-14 NIIBE Yutaka <[email protected]>
* common: New envvar GNUPG_EXEC_DEBUG_FLAGS.Werner Koch2021-09-131-4/+16
| | | | | * common/exechelp-w32.c (gnupg_spawn_process_detached): Silence breakaway messages and turn them again into debug messages.
* doc: Minor update of the AD schema.Werner Koch2021-09-093-39/+45
| | | | --
* sm: Add LotW support to the key listingWerner Koch2021-09-093-3/+11
| | | | | | | | | | * sm/certdump.c (parse_dn_part): Translate OID to "Callsign" * sm/keylist.c (oidtranstbl): Some more OIDs. -- This is Ham thingy to make it easier to read LotW certificates. Signed-off-by: Werner Koch <[email protected]>
* build: Fix "ksba.h not found" problemIngo Klöcker2021-09-081-1/+1
| | | | | | | * sm/Makefile.am (t_minip12_CFLAGS): Add KSBA_CFLAGS. -- GnuPG-bug-id: 5592
* agent: Fix segv in GET_PASSPHRASE (regression)Werner Koch2021-09-071-1/+1
| | | | | | | | | * agent/command.c (cmd_get_passphrase): Do not deref PI. PI is always NULL. -- Fixes-commit: b89b1f35c29ceaebe39b31444936aa66c9297f2c GnuPG-bug-id: 5577
* gpg: Print a note about the obsolete option --secret-keyring.Werner Koch2021-08-282-2/+2
| | | | | | -- GnuPG-bug-id: 2749
* gpg: Change default and max AEAD chunk size to 4 MiBWerner Koch2021-08-272-4/+4
| | | | | | | | | -- This is per OpenPGP WG design team decision from 2021-08-13 (raising a new wall after exactly 60 years ;-) Signed-off-by: Werner Koch <[email protected]>
* kbx: Fix checksum computation for no UBID entry on disk.NIIBE Yutaka2021-08-271-2/+2
| | | | | | | | | | | | * kbx/keybox-blob.c (create_blob_header): Fix the flag to match no UBID entry, (create_blob_finish): Fix the length of data to be hashed. -- GnuPG-bug-id: 5573 Fixes-commit: 915297705af6f1db74dacf0d6665b83eb0a58459 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix put_membuf.NIIBE Yutaka2021-08-271-1/+4
| | | | | | | | | | * common/membuf.c (put_membuf): Allow NULL for the second arg. -- There has been such a use case in keybox-blob.c. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix get_signal_name for GNU/Linux.NIIBE Yutaka2021-08-262-1/+4
| | | | | | | | | | * common/signal.c (get_signal_name): Use sigdescr_np if available. * configure.ac: Check the function. -- GnuPG-bug-id: 5568 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 21:27:25 +0000