aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Reformat parts of decrypt-data.cWerner Koch2020-04-151-101/+125
| | | | | | | | | | | | * g10/decrypt-data.c (struct decode_filter_context_s): Rename 'defer' to 'holdback' and 'defer_filled' to 'holdbacklen'. Increase size of holdback to allow for future AEAD decryption. Turn 'partial' and 'eof_seen' into bit fields. (decrypt_data): Replace write_status_text by write_Status_printf. Indent parts of the code. -- Signed-off-by: Werner Koch <[email protected]>
* sm,dirmngr: Restrict allowed parameters used with rsaPSS.Werner Koch2020-04-153-2/+87
| | | | | | | | | | | | | | | * sm/certcheck.c (extract_pss_params): Check the used PSS params. * dirmngr/crlcache.c (finish_sig_check): Ditto. * dirmngr/validate.c (check_cert_sig): Ditto. -- GnuPG-bug-id: 4538 # ------------------------ >8 ------------------------ See https://www.metzdowd.com/pipermail/cryptography/2019-November/035449.html Signed-off-by: Werner Koch <[email protected]>
* sm: Support rsaPSS verification also for CMS signatures.Werner Koch2020-04-153-41/+113
| | | | | | | | | * sm/certcheck.c (gpgsm_check_cert_sig): Factor PSS parsing out to ... (extract_pss_params): new. (gpgsm_check_cms_signature): Implement PSS. -- GnuPG-bug-id: 4538
* dirmngr: Support rsaPSS also in the general validate module.Werner Koch2020-04-152-45/+132
| | | | | | | | | | | | | | | | | | * dirmngr/validate.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (check_cert_sig): Support rsaPSS. * sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on error. -- Yes, I know that there is a lot of code duplication. In fact some of the code is ugly and it would be better if we enhance Libgcrypt to guarantee that returned memory buffers via gcry_sexp_extract_param are allways Nul terminated and we should also enhance that function to directly extract into an unsigned int or char *. GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <[email protected]>
* sm,dirmngr: Support rsaPSS signature verification.Werner Koch2020-04-152-60/+307
| | | | | | | | | | | | | | | | * sm/certcheck.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (gpgsm_check_cert_sig): Handle PSS. * dirmngr/crlcache.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (start_sig_check): Detect PSS and extract hash algo. New arg to return a PSS flag. (finish_sig_check): New arg use_pss. Extract PSS args and use them. (crl_parse_insert): Pass use_pss flag along. -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <[email protected]>
* common: New function to map hash algo names.Werner Koch2020-04-152-0/+42
| | | | | | | | | * common/sexputil.c (hash_algo_to_string): New. -- Libgcrypt expects lowercase names and it is cumbersome to downcase those retrieved via gcry_md_algo_name. It is easier and also faster to use a dedicated map function.
* scd:p15: Return a display S/N via Assuan.Werner Koch2020-04-151-21/+54
| | | | | | | | * scd/app-p15.c (make_pin_prompt): Factor some code out to ... (get_dispserialno): this. (do_getattr): Use new fucntion for a $DISPSERIALNO. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Show a pretty PIN prompt.Werner Koch2020-04-151-10/+200
| | | | | | | | | | | | | | | | | | | | | | | | * scd/app-p15.c (struct prkdf_object_s): New fields common_name and serial_number. (release_prkdflist): Free them. (keygrip_from_prkdf): Parse cert and set them. (any_control_or_space): New. (make_pin_prompt): New. (verify_pin): Construct a pretty PIN prompt. (do_sign): Remove debug output. -- The D-Trust card has the SerialNumber part of the Subject printed on the front matter, we assume this is also possible with other cards and thus we show this as serial number. The holder of the card is also extracted from the card's subject. Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* scd: Return GPG_ERR_BAD_PIN on 0x63Cn status word.Werner Koch2020-04-152-0/+3
| | | | | | | | | | | * scd/iso7816.c (map_sw): Detect 0x63Cn status code. -- I really wonder when that got lost and we ended up with a simple card error. Signed-off-by: Werner Koch <[email protected]> Backported from master.
* scd: Factor common PIN status check out.Werner Koch2020-04-154-42/+49
| | | | | | | | | | | | | | | | | | * scd/iso7816.h (ISO7816_VERIFY_ERROR): New. (ISO7816_VERIFY_NO_PIN): New. (ISO7816_VERIFY_BLOCKED): New. (ISO7816_VERIFY_NULLPIN): New. (ISO7816_VERIFY_NOT_NEEDED): New. * scd/iso7816.c (iso7816_verify_status): New. * scd/app-nks.c (get_chv_status): Use new function. -- Signed-off-by: Werner Koch <[email protected]> Backported from master: - Removed the non-existant app-piv.c patches. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Fix decrypt followed by sign problem for D-Trust cards.Werner Koch2020-04-155-14/+197
| | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/iso7816.c (iso7816_select_mf): New. * scd/app-p15.c (card_product_t): New. (struct app_local_s): Add field 'card_product'. (read_ef_tokeninfo): Detect D-Trust card. (prepare_verify_pin): Switch to D-Trust AID. (do_decipher): Restore a SE for D-TRust cards. Change the padding indicator to 0x81. * common/percent.c (percent_data_escape): new. Taken from master. -- Using what I learned from a USB trace running the Governikus Signer Software on Windows this fixes the left over problem with the new D-Trust card support. Signed-off-by: Werner Koch <[email protected]> Backported from master. This required to add the percent_data_escape function we introduced in master on 2018-07-02: commit 58baf40af641f8cbf597e508a292e85ae94688f1 common: New function percent_data_escape. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Emit MANUFACTURER, $ENCRKEYID, $SIGNKEYID.Werner Koch2020-04-151-19/+62
| | | | | | | | | | | | | * scd/app-p15.c (read_ef_tokeninfo): Store manufacturer_id. (do_getattr): Implement MANUFACTURER, $ENCRKEYID and $SIGNKEYID. (send_keypairinfo): Also print usage flags. -- Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* gpg: Use the new MANUFACTURER attribute.Werner Koch2020-04-153-43/+20
| | | | | | | | | | | | | | | | | | | * g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields. * g10/call-agent.c (agent_release_card_info): Release them. (learn_status_cb): Parse MANUFACTURER attribute. * g10/card-util.c (get_manufacturer): Remove. (current_card_status): Use new attribute. -- This does away with the duplicated OpenPGP vendor tables; they are now at a better place (app-openpgp.c). Signed-off-by: Werner Koch <[email protected]> Backported from master: - Removed the gpg-card stuff. Signed-off-by: Werner Koch <[email protected]>
* scd:openpgp: New attribute "MANUFACTURER".Werner Koch2020-04-152-0/+82
| | | | | | | | | | | | | | | | | | * scd/app-openpgp.c (get_manufacturer): New.. (do_getattr): Add new attribute "MANUFACTURER". (do_learn_status): Always print it. -- This will make it easy to maintain the list of OpenPGP vendors at just one place. Signed-off-by: Werner Koch <[email protected]> Backported from master: .. or well in master and 2.2 Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Rename some variables and functions for clarity.Werner Koch2020-04-151-20/+20
| | | | | | | | | | | * scd/app-p15.c: Rename keyinfo to prkdf. Signed-off-by: Werner Koch <[email protected]> Backported from master. Removed the do_with_keygrip related parts because that function is not available. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Cache the PIN.Werner Koch2020-04-151-0/+8
| | | | | | | | | | | * scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified. (verify_pin): Make use of it. -- Theee is still a problem with the APDUs we send: Switching between signing and decryption does work but not in the other way. Signed-off-by: Werner Koch <[email protected]>
* gpg: ECDH: Accept longer padding.NIIBE Yutaka2020-04-081-4/+1
| | | | | | | | | | | | | | | | | * g10/pubkey-enc.c (get_it): Remove check which mandates shorter padding. -- Cherry-picked master commit of: fd79cadf7ba5ce45dfb5e266975f58bf5c7ce145 According to the section 8 of RFC 6637, the sender MAY use 21 bytes of padding for AES-128 to provide 40-byte "m". Reported-by: Metin Savignano GnuPG-bug-id: 4908 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:p15: Add missing keygrip retrieval for decryption.Werner Koch2020-04-011-0/+8
| | | | | | | | | | * scd/app-p15.c (do_decipher): Get the keygrip. -- This was lost during the backport. Fixes-commit: 4af38ea5e450b3eb79af98b9876b2b968110a459 Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Support decryption with CardOS 5 cards.Werner Koch2020-04-011-2/+99
| | | | | | | | | | | | | | | * scd/app-p15.c (do_decipher): New. -- tested using the D-TRUSt card and a SCR3310 reader. The Kobil KAAN Advanced, I used for the signing tests could not be used because it supports only Short APDU Level exchange. Signed-off-by: Werner Koch <[email protected]> Back ported from master. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Factor PIN verification out to a new function.Werner Koch2020-04-011-189/+224
| | | | | | | | | | | | * scd/app-p15.c (do_sign): Factor code out to ... (prepare_verify_pin, verify_pin): new functions. -- Signed-off-by: Werner Koch <[email protected]> Bakc ported from master Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Support signing with CardOS 5 cards.Werner Koch2020-04-016-101/+290
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg r_pkey and change all callers. (app_help_get_keygrip_string): Ditto. * scd/app-p15.c (struct cdf_object_s): Use bit flags (struct aodf_object_s): Ditto. Add field 'fid'. (struct prkdf_object_s): Ditto. Add fields keygrip, keyalgo, and keynbits. (parse_certid): Allow a keygrip instead of a certid aka keyref. (read_ef_aodf): Store the FID. (keygripstr_from_prkdf): Rename to ... (keygrip_from_prkdf): this. Remove arg r_gripstr and implement cache. Change callers to directly use the values from the object. Also store the algo and length of the key ion the object. (keyref_from_keyinfo): New. Factored out code. (do_sign): Support SHA-256 and >2048 bit RSA keys. common/scd:p15: Support signing with CardOS 5 cards. * common/util.h (KEYGRIP_LEN): New. -- This has been tested with a D-Trust card featuring 3072 bit keys. Note that non-repudiation key for a qualified signature does not yet work because we do not yet support rsaPSS padding. Thus a gpgsm --learn shows a couple of Bad Signature errors for this key. Signed-off-by: Werner Koch <[email protected]> Back ported from master: - Removed do_with_keygrip - Added KEYGRIP_LEN - app_help_get_keygrip_string_pk actually added. - Move keygrip_from_prkdf in do_sign before the verification. It used to work in master only because there it is implictly called prior to signing by do_with_keygrip Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Read certificates in extended mode.Werner Koch2020-04-012-1/+17
| | | | | | | | | | | | * scd/app-p15.c (readcert_by_cdf): Allow reading in extended mode. * scd/app-common.h (app_get_slot): New. -- Signed-off-by: Werner Koch <[email protected]> (Back ported from master) Added app_get_slot.
* scd: Add function for binary read in extended mode.Werner Koch2020-04-012-4/+17
| | | | | | | * scd/iso7816.c (iso7816_read_binary): Factor code out to ... (iso7816_read_binary_ext): new function. Add arg extended_mode. Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Improve diagnosticsWerner Koch2020-04-011-164/+202
| | | | | | | | | | | | -- This removes almost all log_debug calls and uses opt.verbose and log_info to show card information. Also avoid too long and thus harder to read lines. Signed-off-by: Werner Koch <[email protected]> (back ported from master)
* scd:p15: Detect CardOS 5 cards and print some basic infos.Werner Koch2020-04-011-15/+150
| | | | | | | | | | | | | | | | | | | | | | * scd/app-p15.c (read_ef_odf): Detect the home_DF on the fly. Silence the garbage warning for null bytes. (print_tokeninfo_tokenflags): New. (read_ef_tokeninfo): Print manufacturer, label, and flags. (app_select_p15): No need to use the app_get_slot macro. (CARD_TYPE_CARDOS_50): New const. (card_atr_list): Detect CardOS 5.0 -- The card under test is a "Test-Signaturkarte D-TRUST Card 3.1" for a mere 49 Euro and no specs available. D-Trust is a branch of the German Bundesdruckerei. Compare that to Telesec and Yubikey who have always been nice enough to send bunches of sample cards without a need to wade through lots of forms and not even asking for money. Guess which cards I prefer. Signed-off-by: Werner Koch <[email protected]> (backported from master)
* wks: Take name of sendmail from configure.Werner Koch2020-03-302-1/+3
| | | | | | | | | | | | | | * configure.ac (NAME_OF_SENDMAIL): New ac_define. * tools/send-mail.c (run_sendmail): Use it. -- We used to ac_subst the SENDMAIL in the old keyserver via mail script. We can reuse this to avoid a fixed name for sendmail in the send-mail.c helper. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 08147f8bbdca40c98c2a094fa48fab15b8339c80) GnuPG-bug-id: 4886
* agent: Print an error if gpg-protect reads the extended key format.Werner Koch2020-03-301-0/+5
| | | | | | | | | | * agent/protect-tool.c (read_key): Detect simple extended key format. -- This is a quick hack to get a useful error messages. The real fix is to replace the protect tool by a more useful new tool. Signed-off-by: Werner Koch <[email protected]>
* sm: Fix possible NULL deref in error messages of --gen-key.Werner Koch2020-03-301-19/+22
| | | | | | | | * sm/certreqgen.c: Protect printing the line numbers in case of !R. -- GnuPG-bug-id: 4895 Signed-off-by: Werner Koch <[email protected]>
* sm: Consider certificates w/o CRL DP as valid.Werner Koch2020-03-275-0/+34
| | | | | | | | | | | | | | | | | | | | | * sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP. * common/audit.c (proc_type_verify): Print "n/a" if a cert has no distribution point. * sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check. * sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New. (opts): Add option --enable-issuer-based-crl-check. (main): Set option. -- If the issuer does not provide a DP and the user wants such an issuer, we expect that a certificate does not need revocation checks. The new option --enable-issuer-based-crl-check can be used to revert to the old behaviour which requires that a suitable LDAP server has been configured to lookup a CRL by issuer. Signed-off-by: Werner Koch <[email protected]> (cherry picked from master)
* Post release updatesWerner Koch2020-03-202-1/+5
| | | | --
* Release 2.2.20gnupg-2.2.20Werner Koch2020-03-202-3/+31
| | | | * build-aux/speedo.mk (sign-installer): Fix syntax error.
* po: Auto-updateWerner Koch2020-03-2024-0/+230
| | | | --
* Copyright notice updates et al.Werner Koch2020-03-194-13/+15
| | | | --
* po: Update German translationWerner Koch2020-03-191-1/+7
| | | | --
* gpgconf: Take care of --homedir when reading/updating options.Werner Koch2020-03-191-4/+22
| | | | | | | | | | | | * tools/gpgconf-comp.c (gc_component_check_options): Take care of --homedir. (retrieve_options_from_program): Ditto. -- Note that due to the large changes in master we could not backport the patch from there. GnuPG-bug-id: 4882
* po: Update Japanese Translation.NIIBE Yutaka2020-03-191-1/+9
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix pinpad handling when KDF enabled.NIIBE Yutaka2020-03-181-0/+2
| | | | | | | | | | * scd/app-openpgp.c (do_getattr): Send the KDF DO information. -- Fixes-commit: 95c7498b76231d3297541172d878f6a26702539b Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 11da441016222337284c519ff56aca34e3042373)
* scd: Disable pinpad if it's impossible by KDF DO.NIIBE Yutaka2020-03-181-6/+29
| | | | | | | | | | | | | | * scd/app-openpgp.c (struct app_local_s): Add pinpad.disabled field. (do_getattr): Set pinpad.disabled field. (check_pinpad_request): Use the pinpad.disabled field. (do_setattr): Update pinpad.disabled field. -- GnuPG-bug-id: 4832 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 95c7498b76231d3297541172d878f6a26702539b) Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a hint for --batch mode and --delete-secret-key.Werner Koch2020-03-181-0/+6
| | | | | | | | | | | | | * g10/delkey.c: Include shareddefs.h. (delete_keys): Print a hint. -- The option --yes has some side-effects so it is not desirable to use it automatically. The code in master (2.3) has special treatment of confirm messages and thus this patch is only for 2.2. GnuPG-bug-id: 4667 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Improve finding OCSP cert.Werner Koch2020-03-181-1/+35
| | | | | | | | | | | | | | | | | * dirmngr/certcache.c (find_cert_bysubject): Add better debug output and try to locate by keyid. -- This change was suggested in T4536 but we do not have any test cases for this. GnuPG-bug-id: 4536 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 4699e294cc9e59f35262adca26ca291927acca9e) The bug report meanwhile has a test description but I have not done the testing yet. I port this back to 2.2 anyway given that no regression have been reported for master in nearly a year.
* gpg: Update --trusted-key to accept fingerprint as well as long key id.Daniel Kahn Gillmor2020-03-182-8/+20
| | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well as long key ID. * doc/gpg.texi: document that --trusted-key can accept a fingerprint. -- GnuPG-bug-id: 4855 Signed-off-by: Daniel Kahn Gillmor <[email protected]> Fixed uses or return and kept the old string to avoid breaking translations. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 810ea2cc684480c6aadceb2a10dd00f3fa67f2fb) Remove the test for FPRLEN which we do not have in 2.2 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix key expiration and usage for keys created at the Epoch.Werner Koch2020-03-181-12/+16
| | | | | | | | | | | | | | | | * g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in account. -- Keys created at the Epoch have a creation time of 0; when figuring out the latest signature with properties to apply to a key the usual comparison A > B does not work if A is always 0. We now special case this for the expiration and usage data. Co-authored-by: [email protected] GnuPG-bug-id: 4670 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 161a098be6f9d50fb5f7e120baee81e75d6eb5ad)
* gpg: New option --auto-key-importWerner Koch2020-03-145-11/+44
| | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): New options --auto-key-import, --no-auto-key-import, and --no-include-key-block. (gpgconf_list): Add them. * g10/options.h (opt): Add field flags.auto_key_import. * g10/mainproc.c (check_sig_and_print): Use flag to enable that feature. * tools/gpgconf-comp.c: Give the new options a Basic config level. -- Note that the --no variants of the options are intended for easy disabling at the command line. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* gpg: Make use of the included key block in a signature.Werner Koch2020-03-1411-53/+251
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (read_key_from_file): Rename to ... (read_key_from_file_or_buffer): this and add new parameters. Adjust callers. (import_included_key_block): New. * g10/packet.h (PKT_signature): Add field flags.key_block. * g10/parse-packet.c (parse_signature): Set that flags. * g10/sig-check.c (check_signature2): Add parm forced_pk and change all callers. * g10/mainproc.c (do_check_sig): Ditto. (check_sig_and_print): Try the included key block if no key is available. -- This is is the second part to support the new Key Block subpacket. The idea is that after having received a signed mail, it is instantly possible to reply encrypted - without the need for any centralized infrastructure. There is one case where this does not work: A signed mail is received using a specified signer ID (e.g. using gpg --sender option) and the key block with only that user ID is thus imported. The next time a mail is received using the same key but with a different user ID; the signatures checks out using the key imported the last time. However, the new user id is not imported. Now when trying to reply to that last mail, no key will be found. We need to see whether we can update a key in such a case. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]> Backported from master Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --include-key-block.Werner Koch2020-03-146-11/+147
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New. * g10/gpg.c (oIncludeKeyBlock): New. (opts): New option --include-key-block. (main): Implement. * g10/options.h (opt): New flag include_key_block. * g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK. (parse_one_sig_subpkt): Ditto. (can_handle_critical): Ditto. * g10/sign.c (mk_sig_subpkt_key_block): New. (write_signature_packets): Call it for data signatures. -- This patch adds support for a to be proposed OpenPGP ferature: Introduce the Key Block subpacket to align OpenPGP with CMS. This new subpacket may be used similar to the CertificateSet of CMS (RFC-5652) and thus allows to start encrypted communication after having received a signed message. In practice a stripped down version of the key should be including having only the key material and the self-signatures which are really useful and shall be used by the recipient to reply encrypted. #### Key Block (1 octet with value 0, N octets of key data) This subpacket MAY be used to convey key data along with a signature of class 0x00, 0x01, or 0x02. It MUST contain the key used to create the signature; either as the primary key or as a subkey. The key SHOULD contain a primary or subkey capable of encryption and the entire key must be a valid OpenPGP key including at least one User ID packet and the corresponding self-signatures. Implementations MUST ignore this subpacket if the first octet does not have a value of zero or if the key data does not represent a valid transferable public key. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add property "fpr" for use by --export-filter.Werner Koch2020-03-147-2/+71
| | | | | | | | | | | | | | | | * g10/export.c (push_export_filters): New. (pop_export_filters): New. (export_pubkey_buffer): Add args prefix and prefixlen. Adjust callers. * g10/import.c (impex_filter_getval): Add property "fpr". * g10/main.h (struct impex_filter_parm_s): Add field hexfpr. -- The push and pop feature will help us to use the export filter internally in gpg. Same for the export_pubkey_buffer change. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]>
* gpg: Add a new OpenPGP card vendor.Werner Koch2020-03-142-0/+5
| | | | --
* gpg: Add new card vendorWerner Koch2020-03-031-0/+1
| | | | --
* gpg: Fix default-key selection when card is available.NIIBE Yutaka2020-02-191-1/+9
| | | | | | | | | | * g10/getkey.c (get_seckey_default_or_card): Handle the case when card key is not suitable for requested usage. -- GnuPG-bug-id: 4850 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Correction of typo in documentation of KEY_CONSIDEREDNick Piper2020-02-181-1/+1
| | | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]> (cherry picked from commit 0e1cbabc0ad4fe2ca9644fffb5cf27b1a8a1509f)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 12:33:42 +0000