aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* scd:nks: Add support of KEYGRIP for do_readcert.NIIBE Yutaka2020-12-101-0/+18
| | | | | | | | | * scd/app-nks.c (do_readcert): Support KEYGRIP. -- GnuPG-bug-id: 5150 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:nks: Factor out iteration over filelist.NIIBE Yutaka2020-12-101-78/+114
| | | | | | | * scd/app-nks.c (iterate_over_filelist): New. (do_with_keygrip): Use iterate_over_filelist. Signed-off-by: NIIBE Yutaka <[email protected]>
* wks-client: Improve an error messageWerner Koch2020-12-091-1/+1
| | | | | | | | | | * tools/gpg-wks-client.c (read_confirmation_request): Print trust letter. -- The trust letter gives a hint on what's wrong with the key. Signed-off-by: Werner Koch <[email protected]>
* scd:ccid:spr532: Extend abort_cmd for initialization time.NIIBE Yutaka2020-12-091-11/+18
| | | | | | | | | * scd/ccid-driver.c (abort_cmd): Add INIT argument to support synchronize until success, even ignoring timeout. (bulk_in): Normal use case of abort_cmd. (ccid_vendor_specific_init): Initial use case of abort_cmd. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup.NIIBE Yutaka2020-12-091-0/+1
| | | | | | | | | | * scd/ccid-driver.c (ccid_vendor_specific_setup): Only for SPR532, call libusb_clear_halt. -- GnuPG-bug-id: 5167 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR.NIIBE Yutaka2020-12-091-1/+0
| | | | | | | | | * scd/ccid-driver.c (ccid_setup_intr): Don't call libusb_clear_halt. -- GnuPG-bug-id: 5167 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:yubikey: Fix support of Yubikey NEO.NIIBE Yutaka2020-12-081-0/+3
| | | | | | * scd/app-openpgp.c (get_public_key): Yubikey NEO also has this issue. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Allow decryption with card but no file.NIIBE Yutaka2020-12-081-2/+5
| | | | | | | | | | * agent/pkdecrypt.c (agent_pkdecrypt): Support decryption with card but without a stub key. -- GnuPG-bug-id: 5170 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Clean up the API of agent_pkdecrypt.NIIBE Yutaka2020-12-082-24/+24
| | | | | | | * agent/agent.h (agent_pkdecrypt): Use gpg_error_t type. * agent/pkdecrypt.c (agent_pkdecrypt): Use gpg_error_t type. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Allow pksign operation with card but no file.NIIBE Yutaka2020-12-081-2/+4
| | | | | | | | | * agent/pksign.c (agent_pksign_do): Add support with no file. -- GnuPG-bug-id: 5166 Signed-off-by: Ingo Klöcker <[email protected]>
* gpg: Make quick-gen-key with algo "card" work for keys without keytimeIngo Klöcker2020-12-071-6/+4
| | | | | | | | | | | | | | | * g10/keygen.c (quick_generate_keypair): Set pCARDKEY flag if algostr is "card" or "card/...". -- For keys stored on NetKey cards or PIV cards we do not necessarily know the creation time. Therefore set the cardkey flag if the generation of a key from the keys available on the currently inserted smartcard is requested with the special algo "card" or, in case of the extended unattended mode, with an algo like "card/sign". GnuPG-bug-id: 5141 Signed-off-by: Ingo Klöcker <[email protected]>
* gpg,card: Allow no version information of Yubikey.NIIBE Yutaka2020-12-072-2/+4
| | | | | | | | | | * g10/call-agent.c (learn_status_cb): Assume >= 2 when no version. * tools/card-call-scd.c (learn_status_cb): Likewise. -- GnuPG-bug-id: 5100 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:nks: Fix caching keygrip (more).NIIBE Yutaka2020-12-031-5/+7
| | | | | | | | | | * scd/app-nks.c (keygripstr_from_pk_file): Distinguish by APP_ID. -- GnuPG-bug-id: 5150, 5161 Fixes-commit: 920154370834ad8d947aed19c9d914a27dde6baa Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix KEYINFO command with --data option.NIIBE Yutaka2020-12-031-4/+3
| | | | | | * scd/command.c (cmd_keyinfo): Handle --data option correctly. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:openpgp: Fix writing ECC key to card.NIIBE Yutaka2020-12-031-6/+27
| | | | | | | | | | * scd/app-openpgp.c (build_privkey_template): Adding another argument of ecc_d_fixed_len to handle variable-size MPI. -- GnuPG-bug-id: 5163 Signed-off-by: NIIBE Yutaka <[email protected]>
* kbx: Better error message in case of a crippled Libgcrypt.Werner Koch2020-12-021-2/+10
| | | | * kbx/keybox-openpgp.c (keygrip_from_keyparm): Detect missing curve.
* doc: Add parameters for batch generation of ECC keys.Jens Meißner2020-12-011-0/+8
| | | | | | | | | | | * doc/gpg.texi: Add parameters for batch generation of ECC keys. -- There are parameters required for batch generation of ECC keys which weren't mentioned in the documentation. Signed-off-by: Jens Meißner <[email protected]>
* scd:nks: Minor additions to the basic IDLM application support.Werner Koch2020-11-301-15/+25
| | | | | | | | | | | | | * scd/app-nks.c (filelist): Use special value -1 for IDLM pubkeys. (keygripstr_from_pk_file): Handle special value. (do_readcert): Ditto. (do_writecert): Ditto. -- This allows to get information about the keys from the card. However the do_readkey still requires a fallback to readcert. This does not work because there are no certificates yet on the card. The fix is to fully implement do_readkey.
* card: Let the APDU command prints a description of the status word.Werner Koch2020-11-273-1/+43
| | | | | | | | * tools/card-call-scd.c (scd_apdu_strerror): New. * tools/gpg-card.c (cmd_apdu): Print a description. -- Pretty convenient to explore smartcards.
* scd: New getinfo sub-command apdu_strerror.Werner Koch2020-11-272-15/+28
| | | | | | | | | * scd/apdu.c (apdu_strerror): Add missing status codes. * scd/command.c (cmd_getinfo): New sub-command apdu_strerror. -- This is quite handy for gpg-card's APDU command and avoids that we need to duplicate the mapping table or put it into a shared file.
* card: Netkey improvement for passwd.Werner Koch2020-11-271-13/+22
| | | | | * tools/gpg-card.c (cmd_passwd) [Netkey]: No Standard/QES menu if the card does not support it. Print no error in cases the user canceled.
* scd:ccid-driver: Fix pinpad error handling for cancel/timeout.NIIBE Yutaka2020-11-274-2/+17
| | | | | | | | | | | | | | * scd/apdu.h (SW_HOST_UI_CANCELLED, SW_HOST_UI_TIMEOUT): New. * scd/ccid-driver.h (CCID_DRIVER_ERR_UI_CANCELLED): New. (CCID_DRIVER_ERR_UI_TIMEOUT): New. * scd/ccid-driver.c (bulk_in): Handle PIN input cancel/timeout error. * scd/iso7816.c (map_sw): Support SW_HOST_UI_CANCELLED and SW_HOST_UI_TIMEOUT. -- GnuPG-bug-id: 4614 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix YK s/n and prettify the request card prompt for YubikeysWerner Koch2020-11-263-38/+39
| | | | | | | | | | * agent/divert-scd.c (ask_for_card): Detect and re-format the Yubikey prompt. * scd/app.c (app_munge_serialno): Fix Yubikey s/n munging. (card_get_dispserialno): Ditto. * scd/app-openpgp.c (get_disp_serialno): Remove. (get_prompt_info): Use app_get_dispserialno.-- --
* scd: Do not try to use a non-enabled app after card switching.Werner Koch2020-11-261-2/+19
| | | | | | | | | | | | | * scd/app.c (app_dump_state): Also print the refcount. (maybe_switch_app): Make sure the app exists on the card. -- When switching the current card and the card does not support the same apps as the former, we now reset the app to the first one. Testcase is to use a standard OpenPGP card and a P15 card. Signed-off-by: Werner Koch <[email protected]>
* scd: Add special serialno compare for OpenPGP cards.Werner Koch2020-11-263-10/+45
| | | | | | | | | | | | | | | | | * scd/app.c (is_same_serialno): New. (check_application_conflict): Use this. (select_application): Ditto. (app_switch_current_card): Ditto. * scd/app-openpgp.c (check_keyidstr): Ignore the card version and also compare case insensitive. -- This is required because we change what we emit as serialno of OpenPGP cards but existing keys still use the old form of the serial number (i.e. with a firmware version). See-commit: 3a8250c02031080c6c8eebd5dea03f5f87f9ddd7 Signed-off-by: Werner Koch <[email protected]>
* gpg: Report an error for receiving key from agent.NIIBE Yutaka2020-11-261-0/+1
| | | | | | | | | * g10/export.c (do_export_one_keyblock): Report an error. -- GnuPG-bug-id: 5151 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd,nks: Fix caching keygrip.NIIBE Yutaka2020-11-261-3/+4
| | | | | | | | | | * scd/app-nks.c (keygripstr_from_pk_file): Identify by cfid if available. -- GnuPG-bug-id: 5150 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:p15: Print the internal card type.Werner Koch2020-11-251-0/+8
| | | | * scd/app-p15.c (read_ef_tokeninfo): Print the internal card type.
* scd:p15: Improve support for some CardOS based cards.Werner Koch2020-11-253-14/+68
| | | | | | | | | * scd/iso7816.c (iso7816_read_binary_ext): Add optional arg r_sw and change callers. (iso7816_read_record): Factor all code out to ... (iso7816_read_record_ext): new. * scd/app-p15.c (select_and_read_binary): Fallback to record reading. (read_ef_aodf): Clear EOF error.
* g13: Add missing headerWerner Koch2020-11-251-0/+1
| | | | --
* scd: Rework the handling of the displayed serial number.Werner Koch2020-11-255-119/+178
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app.c (app_new_register): Call app_munge_serialno for Yubikeys. (app_munge_serialno): Handle Yubikey serial numbers. (card_get_serialno): Remove special Yubikey treatment. Drop arg is_canonical. (app_get_serialno): Clear ERRNO on error. (card_get_dispserialno): New. Also change formatting of Yubikey and OpenPGP numbers to match those printed on the card. (app_get_dispserialno): New. * scd/app-openpgp.c (do_getattr): Use app_get_dispserialno. (yubikey_get_serialno): Remove. * scd/app-piv.c (get_dispserialno): Remove. (do_getattr): Use app_get_dispserialno. -- This patch gets us back to a unique serial number for cards and provides a stable serial number as printed for Yubikeys. Because we use a slightly different serial number now for Yubikeys and cards only supporting OpenPGP card we need to come up with another change so that the version number of OpenPGP serial numbers are ignored when comparing card serial numbers. This is so that existing stub keys of gpg-agent will continue to work. GnuPG-bug-id: 5100 Signed-off-by: Werner Koch <[email protected]>
* scd: Fix an error return for READKEY.NIIBE Yutaka2020-11-251-0/+3
| | | | | | | | | | * scd/command.c (cmd_readkey): Return when error. -- GnuPG-bug-id: 5150 Suggested-by: Ingo Klöcker Signed-off-by: NIIBE Yutaka <[email protected]>
* scd,nks: Fix SEGV for learn for older card.NIIBE Yutaka2020-11-251-0/+1
| | | | | | | | | | * scd/app-nks.c (keygripstr_from_pk_file): Set algostr. -- GnuPG-bug-id: 5144 Fixes-commit: 26da47ae53d51e16ae6867cd419ddbf124a94933 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Fix typosGavin L. Rebeiro2020-11-234-7/+7
| | | | | | | -- GnuPG-bug-id: 5071 Also fixed one in keyformat.txt [wk].
* gpg: Change API of agent_scd_serialno.NIIBE Yutaka2020-11-203-21/+13
| | | | | | | | | | * g10/call-agent.c (agent_scd_serialno): Extend API to allow with R_SERIALNO == NULL. * g10/card-util.c (card_status): Use NULL for agent_scd_serialno. (factory_reset): Likewise. * g10/skclist.c (build_sk_list): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix the previous comment changes help doc string.NIIBE Yutaka2020-11-203-3/+3
| | | | | | * scd/command.c (hlp_learn): Fix the doc string. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg,agent: Fix comments for KEYPAIRINFO status report.NIIBE Yutaka2020-11-202-2/+2
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgconf: Also print revision of libksba.Werner Koch2020-11-191-3/+4
| | | | | | | | | | | | * dirmngr/dirmngr.c (get_revision_from_blurb): Fix detection of empty string. (gpgconf_versions): Print ksba revision. -- The latest Libksba version support retrieving of the revision (commit) id. We now use that or print a question mark. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix creating shadow key on card key generation.NIIBE Yutaka2020-11-191-3/+3
| | | | | | | | | * agent/command.c (cmd_readkey): Fix handling --card option. -- Fixes-commit: 9c719c9c1ff34cc06a0fef2bfe29cfd7182753eb Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix --card-edit command.NIIBE Yutaka2020-11-191-1/+2
| | | | | | | | | * g10/card-util.c (get_info_for_key_operation): Revert the change. -- Fixes-commit: 157f1de64e437cecd75335e9f4077ba9835e3da0 Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Update to newer autoconf constructs.NIIBE Yutaka2020-11-1816-242/+264
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * acinclude.m4 (GNUPG_CHECK_ENDIAN): Use AC_COMPILE_IFELSE instead of AC_TRY_COMPILE. Use AC_RUN_IFELSE instead of AC_TRY_RUN. (GNUPG_BUILD_PROGRAM): Use AS_HELP_STRING instead of AC_HELP_STRING. * configure.ac: Use AC_USE_SYSTEM_EXTENSIONS instead of AC_GNU_SOURCE. Use AS_HELP_STRING instead of AC_HELP_STRING. (AC_ISC_POSIX): Replace by AC_SEARCH_LIBS. (AC_TYPE_SIGNAL): Remove. * m4/isc-posix.m4: Remove. * m4/codeset.m4: Update from gnulib. * m4/gettext.m4: Update from gnulib. * m4/lcmessage.m4: Update from gnulib. * m4/socklen.m4: Update from gnulib. * m4/ldap.m4: Use AS_HELP_STRING instead of AC_HELP_STRING. Use AC_LINK_IFELSE instead of AC_TRY_LINK. Use AC_RUN_IFELSE instead of AC_TRY_RUN. * m4/gpg-error.m4: Update from libgpg-error. * m4/readline.m4: Update from libgpg-error. * m4/npth.m4: Update from npth. * m4/libassuan.m4: Update from libassuan. * m4/libgcrypt.m4: Update from libgcrypt. * m4/ksba.m4: Update from libksba. * m4/ntbtls.m4: Update from ntbtls. * common/signal.c [!HAVE_DOSISH_SYSTEM] (init_one_signal): Replace RETSIGTYPE to void. [!HAVE_DOSISH_SYSTEM] (got_fatal_signal, got_usr_signal): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Use modern Autoconf check for types.NIIBE Yutaka2020-11-182-17/+12
| | | | | | | | * common/types.h: Use HAVE_TYPE_BYTE, HAVE_USHORT_TYPEDEF, HAVE_ULONG_TYPEDEF, HAVE_U16_TYPEDEF, and HAVE_TYPE_U32. * configure.ac (byte, ushort, ulong, u16, u32): Use AC_CHECK_TYPES. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix the encrypt+sign hash algo preference selection for ECDSA.Werner Koch2020-11-134-36/+59
| | | | | | | | | | | | | | | | | | | * g10/keydb.h (pref_hint): Change from union to struct and add field 'exact'. Adjust callers. * g10/pkclist.c (algo_available): Take care of the exact hint. * g10/sign.c (sign_file): Rework the hash detection from recipient prefs. -- This fixes a encrypt+sign case like: One recipient key has SHA512 as highest ranked hash preference but the the signing key is a 256 bit curve. Because we don't want to use a truncated hash with ECDSA, we need to have an exact match - this is in particular important for smartcard which check that the hash matches the curves. Signed-off-by: Werner Koch <[email protected]> Ported-from-stable: aeed0b93ff660fe271d8f98f8d5ce60aa5bf3ebe
* gpgconf: Yet another fix for --apply-profile.Werner Koch2020-11-121-4/+4
| | | | | | | | | * tools/gpgconf.c (main): Use gnupg_homedir instead of default_homedir. Check for existance of the directory. -- Fixes-commit: 7d95f2e7e7a09e3d433d449b117e3470f9dd38c7 Signed-off-by: Werner Koch <[email protected]>
* scd: Do not print reader status change with --debug cardio.Werner Koch2020-11-111-1/+1
| | | | | | | | | -- ... but use --debug reader for this. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit bd3b698d8ec427a02f2fa793777f2a88bc356f25)
* w32: Replace some fopen by es_fopen.Werner Koch2020-11-115-84/+43
| | | | | | | | | | | * agent/protect-tool.c (read_file): Replace fopen by es_fopen. * dirmngr/dirmngr-client.c (read_pem_certificate): Ditto. (read_certificate): Ditto. * g10/keydb.c (rt_from_file): Ditto. * kbx/kbxutil.c (read_file): Ditto. * g10/plaintext.c (get_output_file) [__riscos__]: Remove code. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix the previous commit.NIIBE Yutaka2020-11-111-1/+3
| | | | | | * g10/delkey.c (do_delete_key): Fix the condition for the error. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: In batch mode, delete-secret-key is not okay without --yes.NIIBE Yutaka2020-11-101-1/+6
| | | | | | | | | * g10/delkey.c (do_delete_key): Emit an error when not --yes. -- GnuPG-bug-id: 4667 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix agent_delete_key interaction.NIIBE Yutaka2020-11-101-0/+1
| | | | | | | | | * g10/call-agent.c (agent_delete_key): Set up CTX. -- Fixes-commit: 20acc7c0226550530085a674ef1bb41ebfa39408 Signed-off-by: NIIBE Yutaka <[email protected]>
* card: Run factory-reset in locked stated also in gpg-card.Werner Koch2020-11-094-12/+57
| | | | | | | | | | | | * tools/card-call-scd.c (scd_apdu): Add more pseudo APDUs. * tools/card-misc.c (send_apdu): Handle them. * tools/gpg-card.c (cmd_factoryreset): Use lock commands. -- This is port of the code used with gpg-card-edit. Note that the command "apdu" now also understands some extra keywords. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 11:56:37 +0000