| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/card-util.c (do_change_keyattr): Replace gcry_pk_algo_name by
openpgp_pk_algo_name.
* g10/keyedit.c (show_key_with_all_names): Ditto.
--
For RSA and and DSA the Libgcrypt and the OpenPGP identifiers are the
same. But for ECC they are different and thus we need to use the
respective function to avoid printing a ? for example EdDSA designated
revocation keys.
Updates-commit: b7f8dec6325f1c80640f878ed3080bbc194fbc78
|
| |
|
|
|
| |
* kbx/kbx-client-util.c: New variable. Uncomment all log_debug and
control them by this variable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.h (opt): Add user_agent.
* dirmngr/dirmngr.c (oUserAgent): New.
(opts): Add "user-agent".
(parse_rereadable_options): Set option.
* dirmngr/ks-engine-hkp.c (send_request): Send User-Agent.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.
--
Note that the http_open_document function is not used by dirmngr. If
it ever gets used we may want to add a way to configure the http.c
module with a user-agent string, so that it is send by the
send_request function and we do not need to explictly do that in the
caller.
GnuPG-bug-id: 7715
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/openpgp-oid.c (oidtable): Don't include kem_algo.
(openpgp_oid_to_kem_algo): Remove.
--
The information is now retrieved by openpgp_oid_to_curve +
gnupg_get_ecc_params.
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/pkglue.c (do_encrypt_kem): From ECC_OID, determine the CURVE by
openpgp_oid_to_curve, and then use gnupg_get_ecc_params to get ECC
parameters.
(do_encrypt_ecdh): Likewise.
--
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/util.h (struct gnupg_ecc_params): Add is_weierstrauss.
* common/kem.c (ecc_table): Update. Also add secp256k1.
--
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (struct gnupg_ecc_params, gnupg_get_ecc_params): New.
(ECC_SCALAR_LEN_MAX, ECC_POINT_LEN_MAX, ECC_HASH_LEN_MAX): New.
* agent/pkdecrypt.c (ecc_extract_pk_from_key, ecc_extract_sk_from_key):
Follow the change of gnupg_get_ecc_params.
(ecc_raw_kem, ecc_pgp_kem_decap, composite_pgp_kem_decrypt): Likewise.
(ecc_kem_decrypt): Likewise.
(get_ecc_params): Move to...
* common/kem.c (gnupg_get_ecc_params): ... here
* g10/pkglue.c (ECC_POINT_LEN_MAX, ECC_HASH_LEN_MAX): Remove duplicates.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-ldap.c (my_ldap_return_with_check): New.
(my_ldap_parse_result): New.
(my_ldap_parse_page_control): New.
(search_and_parse): Use the wrappers.
--
Updates-commit: b3dc2305e1ca92dfd75c701cca2fb90832abf7e3
|
| |
|
|
|
|
|
|
| |
* dirmngr/ks-engine-ldap.c: when compiling with Windows/MinGW headers,
`ldap_parse_page_control` and `ldap_parse_result` expects `ULONG`.
This has become a hard error when using GCC 15.
Signed-off-by: Zhang Maiyun <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (ask_curve): Add a curve aparemter to no list a curbe in
the menu.
--
This is non-standard curve and thus has severe interop problems. To
avoid accidental selection of this curve, it may now only be given by
its name.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/import.c (get_revocation_reason): Fix setting of r_reason.
--
Note that gpgme has not yet support for parsing the revocation reason.
Due to the split of gpgme it was not tested with gpgmeqt which has its
own parser in its regression tests which kicked it when building
debian packages.
GnuPG-bug-id: 7083
Fixes-commit: 3f825b044b2f1db8773f27a96034c925177fe9f0
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* g10/keylist.c (list_keyblock_colon): Print the revocation reasons in
the pub record's comment field.
--
GnuPG-bug-id: 7083
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct revoke_info): Extend to carry the recocation
reason.
* g10/getkey.c (sig_to_revoke_info): Extend to strore the reason.
(merge_selfsigs): Extend to also store the reason in the public key.
* g10/keylist.c (list_signature_print): Factor some code out to ...
(print_revocation_reason_comment): new function.
(print_revocation_reason): New.
(print_key_line): Call new function to print the reason.
* g10/import.c (get_revocation_reason): Use
print_revocation_reason_comment and factor some code out to ...
(revocation_reason_code_to_str): new function.
* g10/gpgv.c (revocation_reason_code_to_str): Add stub.
* g10/test-stubs.c (revocation_reason_code_to_str): Ditto.
--
With this change the revocation reason of a revoked key (but not for a
revoked uid or subkey) is now displayed in "gpg -k" listing right
below the primary key fingerprint. Before that "gpg --checks-sigs"
was required to do show this info.
GnuPG-bug-id: 7083
|
| |
|
|
|
|
| |
* dirmngr/server.c (cmd_ks_fetch): Remove check for a keyserver.
--
GnuPG-bug-id: 7693
|
| |
|
|
|
|
|
|
|
|
| |
* agent/pkdecrypt.c (ECC_CURVE25519_INDEX): New.
(ecc_pgp_kem_decap): Handle the prefix 0x40 for Curve25519.
--
GnuPG-bug-id: 7676
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_auth): Check the length in the heuristic.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_auth): Don't exclude Ed25519 for removing
digest OID.
--
GnuPG-bug-id: 7589
Fixes-commit: 3132bd90dc8db9c7fd19ba201918e95891306dc5
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/Makefile.am (AM_CPPFLAGS): Add -DREGEXP_PREFIX=gnupg_
* regexp/Makefile.am (AM_CPPFLAGS): Likewise.
* regexp/jimregexp.h (ADD_PREFIX): New.
(regcomp, regexec, regerror, regfree): Use ADD_PREFIX.
--
GnuPG-bug-id: 7668
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/gpgtar-extract.c (gpgtar_extract): Initialize PROC as NULL,
and release at the end for the case of jumping to "leave:" label.
* tools/gpgtar-list.c (gpgtar_list): Release at the end.
--
Fixes-commit: 29bc14f56f6430294f225b6744012ab1f5df62e6
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
| |
--
Note that this also includes a minor fix in the wixlib description
which is actually part of gnupg-w32-2.5.7_20250602.wixlib.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* build-aux/speedo/w32/inst.nsi: Install the template files.
--
The help files are not very well known but we should at least install
some. We also install those for the wks-utils in case we will ever
support gpg-wks-server of gpg-mail-tube on Windows.
Release 2.5.7
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/helpfile.c (gnupg_get_template): Add arg locale_override and
adjust all callers.
* tools/wks-receive.c (struct receive_ctx_s): Add field ct_language.
(get_language): New.
(new_part): Call it.
(wks_receive): Pass language to the result callback.
* tools/gpg-wks-client.c (short_locale): New.
(main): Get and store the current locale.
(command_create): Fix a glitch for the Posteo hack. Insert the locale
into the confirmation request.
(send_confirmation_response): Ditto.
* tools/gpg-wks-server.c (struct server_ctx_s): Add field language.
(only_ascii): New.
(struct my_subst_vars_s, my_subst_vars_cb, my_subst_vars): New.
(send_confirmation_request): Use a template.
(send_congratulation_message): Ditto.
(check_and_publish): Pss ctx to send_congratulation_message.
(command_receive_cb): Add arg language.
* doc/wks-utils.txt, doc/wks-utils.de.txt: New.
* doc/Makefile.am (helpfiles): Add them.
--
GnuPG-bug-id: 7381
Note that the subject is not yet translated or templated due to a
missing header encoding function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-mail-tube.c: Include i18n.h.
(main): Call i18n.h
(only_ascii): New.
(mail_tube_encrypt): Use a template or fallback to the old version.
* doc/mail-tube.txt, doc/mail-tube.de.txt: Two standard templates.
* doc/Makefile.am (helpfiles): Add them.
--
GnuPG-bug-id: 7381
|
| |
|
|
|
|
|
| |
* tools/mime-maker.c (mime_maker_qp_encode): New.
* tools/t-mime-maker.c: New.
* tools/Makefile.am (TESTS): New.
(module_tests): Add the first test.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (GET_TEMPLATE_CURRENT_LOCALE): New.
(GET_TEMPLATE_SUBST_ENVVARS): New.
(GET_TEMPLATE_CRLF): New.
* common/helpfile.c (findkey_fname): Add arg flags and terminate line
with CRLF if requested.
(findkey_locale): Replace arg only_current_locale by flags and add arg
domain.
(gnupg_get_help_string): Factor all code out to ...
(gnupg_get_template): new. Add arg domain. Handle SUBST flags. Do
not trim tralins spaces with the CRLF flag.
* common/t-helpfile.c (main): Require domain name and add two options.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgtar-extract.c (gpgtar_extract): Do final process_release.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
--
Fixes-commit: 29bc14f56f6430294f225b6744012ab1f5df62e6
Running "make -C tests/openpgp check verbose=3" failed with
Creating configuration files
Executing: '/home/wk/b/gnupg/tools/gpgtar' '--extract' \
'--directory=.' \
'/tmp/gpgscm-20250530T121329-run-tests-vGAT4R/environment-cache'
make: *** [Makefile:998: xcheck] Terminated
for unknown reasons. Not calling the gpgrt_process_release fixes this
regression. The real cause needs to be investigated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app-piv.c (PIV_ALGORITHM_RSA): Rename to PIV_ALGORITHM_RSA_2048.
(PIV_ALGORITHM_RSA_3072): New.
(get_key_algorithm_by_dobj): Decide whether to use 3072 or 2048.
(do_sign): Support rsa3072.
(do_decipher): Ditto.
(do_genkey): Ditto.
--
Take care: Due to a lack of a PIV token capable of 3072, this has
not been tested at all.
|
| |
|
|
|
|
|
| |
* g10/keyedit.c (sign_uids): Add a case for this.
--
GnuPG-bug-id: 7663
|
| |
|
|
|
|
|
|
| |
--
Using the given command line for installation is almost always good,
so don't confuse the user with the first sentence. Also explain how
to disable systemd for keyboxd and dirmngr.
|
| |
|
|
|
|
|
| |
* dirmngr/Makefile.am (dist_pkgdata_DATA): Remove
sks-keyservers.netCA.pem.
Signed-off-by: Lucas Mulling <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* sm/minip12.c (p12_parse): Fix creating new TLV with old TLV.
* sm/t-minip12.c (one_file): Release RESULT.
* tests/gpgscm/ffi.c (do_process_wait): Call gpgrt_process_release.
* tools/gpgconf-comp.c (retrieve_options_from_program): Release PARGS.
* tools/gpgtar-extract.c (gpgtar_extract): Release PROC on leave.
* tools/gpgtar-list.c (gpgtar_list): Release PROC on leave.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (start_command_handler_ssh): Firther protect the
SOCKET cast.
--
Note that Cygwin is not supported, YMMV.
GnuPG-bug-id: 7667
|
| |
|
|
|
|
|
|
|
|
| |
* g10/pkglue.c (ECC_POINT_LEN_MAX): NIST P-521 is large.
--
GnuPG-bug-id: 7664
Reported-by: Collin Funk
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/sexputil.c (uncompress_ecc_q_in_canon_sexp): Only call memcmp
if the lengths are equal.
--
GnuPG-bug-id: 7662
Signed-off-by: Collin Funk <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (gnupg_ecc_kem_kdf): Change the last two args.
* common/kem.c (gnupg_ecc_kem_kdf): The last arguments are KDF_PARAMS
and its length.
* agent/pkdecrypt.c (composite_pgp_kem_decrypt): Follow the change.
* g10/pkglue.c (do_encrypt_kem): Follow the change.
* g10/ecdh.c (extract_secret_x, derive_kek): Remove.
(gnupg_ecc_6637_kdf): Remove.
(ecc_build_kdf_params): Rename from build_kdf_params, changing
arguments.
* g10/pkglue.c (do_encrypt_ecdh): Refactor by ecc_build_kdf_params and
gnupg_ecc_kem_kdf.
* g10/pkglue.h (pk_ecdh_decrypt, gnupg_ecc_6637_kdf): Remove.
(ecc_build_kdf_params): New.
* g10/pubkey-enc.c (ecdh_sexp_build): Use ecc_build_kdf_params.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/kem.c (gnupg_ecc_kem_kdf): Rename to kdf_params.
--
It's KDF parameters composed by OpenPGP layer.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (agent_pkdecrypt): Use --kem=PGP for
PUBKEY_ALGO_ECDH.
* g10/pubkey-enc.c (ecdh_sexp_build): New.
(get_it): Use ecdh_sexp_build for PUBKEY_ALGO_ECDH. And don't use
pk_ecdh_decrypt since it's done by agent.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/agent.h (agent_tpm2d_ecc_kem): New.
* agent/divert-tpm2.c (agent_tpm2d_ecc_kem): New.
* agent/pkdecrypt.c (ecc_pgp_kem_decap): Call agent_tpm2d_ecc_kem.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_pkdecrypt): ECC KEM PGP doesn't use OPTION.
* agent/pkdecrypt.c (ecc_table): Add NIST curves.
(ECC_SCALAR_LEN_MAX, ECC_POINT_LEN_MAX): Fix for NIST curves.
(composite_pgp_kem_decrypt): Take care of error by gcry_cipher_setkey.
(ecc_kem_decrypt): Fix un-wrapping the session key.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/kem.c (gnupg_ecc_kem_kdf): Support traditional KDF of RFC
6637.
* common/util.h (gnupg_ecc_kem_kdf): Add FIXED_INFO argument.
* g10/pkglue.c (do_encrypt_kem): Follow the change.
* agent/pkdecrypt.c (ecc_pgp_kem_decap): Return ECC parameters.
(composite_pgp_kem_decrypt): Follow the changes.
(ecc_kem_decrypt): New.
(agent_kem_decrypt): Support ECC KEM.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
--
A common problem with a self-build gnupg is that systemd starts
another version of a daemon while the self-build gnupg has a different
idea on the provided features of those daemons.
|
