aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * gpg: Fix export of ecc secret keys by adjusting check ordering.Kyle Butt2014-09-011-1/+5
| | | | | | | | | | | | * g10/export.c (transfer_format_to_openpgp): Move the check against PUBKEY_MAX_NSKEY to after the ECC code adjusts the number of parameters.
| * agent: Allow key unprotection using AES-256.Werner Koch2014-09-011-29/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/protect.c (PROT_CIPHER): Rename to GCRY_CIPHER_AES128 for clarity. (do_decryption): Add args prot_cipher and prot_cipher_keylen. USe them instead of the hardwired values. (agent_unprotect): Change to use a table of protection algorithms. Add AES-256 variant. -- This patch will make a possible future key protection algorithm changes smoother. AES-256 is also allowed although there is currently no way to encrypt using it.
| * speedo: Fix for non-Windows build of glib.Werner Koch2014-09-011-1/+2
| | | | | | | | --
| * gpg: Do not show "MD5" and triplicated "RSA" in --version.Werner Koch2014-08-281-0/+11
| | | | | | | | | | * g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases (build_list_md_test_algo): Ignore MD5.
| * gpg: Remove CAST5 from the default prefs and order SHA-1 last.Werner Koch2014-08-261-11/+4
| | | | | | | | * g10/keygen.c (keygen_set_std_prefs): Update prefs.
| * Switch to the libgpg-error provided estream.Werner Koch2014-08-2638-7134/+93
| | | | | | | | | | | | | | | | | | | | * configure.ac (NEED_GPG_ERROR_VERSION): Reguire 1.14. (GPGRT_ENABLE_ES_MACROS): Define. (estream_INIT): Remove. * m4/estream.m4: Remove. * common/estream-printf.c, common/estream-printf.h: Remove. * common/estream.c, common/estream.h: Remove. * common/init.c (_init_common_subsystems): Call gpgrt initialization.
* | gpg: Do not show "MD5" and triplicated "RSA" in --version.Werner Koch2014-08-281-0/+11
|/ | | | | * g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases (build_list_md_test_algo): Ignore MD5.
* gpg: Allow for positional parameters in the passphrase prompt.Werner Koch2014-08-261-23/+12
| | | | | | | | | * g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf. -- Without that at least the French translation does not always work because it requires positional parameters. Windows for example does not support them as they are not defined by C99 but by POSIX.
* gpg: Fix "can't handle public key algorithm" warning.Werner Koch2014-08-201-4/+21
| | | | | * g10/parse-packet.c (unknown_pubkey_warning): Check for encr/sign capabilities.
* speedo: Get version numbers from online database.Werner Koch2014-08-193-23/+165
| | | | | | | | | | | | | | | | | | * build-aux/getswdb.sh: New. * build-aux/speedo.mk: Get release version numbers from swdb.lst. -- This should make maintaining GnuPG installations easier. Running make -f /foo/gnupg/build-aux/speedo.mk TARGETOS=native WHAT=release downloads all GnuPG related packages and builds them. The gnupg directory may be a GIT checkout but in that case please run ./autogen.sh on it first. Note that currently swdb.lst is always downloaded from gnupg.org and thus monitoring the network or the gnupg machine reveal information on who is currently building GnuPG. If there is an easy way to detect that TOR is enabled this can be changed to directly download from the GnuPG hidden service.
* build: Create VERSION file via autoconf.Werner Koch2014-08-193-3/+3
| | | | | | * Makefile.am (dist-hook): Remove creation of VERSION. (EXTRA_DIST): Add VERSION. * configure.ac: Let autoconf create VERSION.
* gpg: Install the current release signing pubkey.Werner Koch2014-08-182-1/+4
| | | | | | | * g10/distsigkey.gpg: New. -- This might be useful to help installing updates.
* agent: Return NO_SECKEY instead of ENONET for PKSIGN and others.Werner Koch2014-08-184-7/+10
| | | | | | * agent/pksign.c (agent_pksign_do): Replace ENONET by NO_SECKEY. * agent/findkey.c (agent_key_from_file): No diagnostic for NO_SECKEY. * agent/pkdecrypt.c (agent_pkdecrypt): Replace checking for ENOENT.
* tests: Re-enable OpenPGP ecc test.Werner Koch2014-08-181-1/+1
| | | | --
* kbx: Make user id and signature data optional for OpenPGP.Werner Koch2014-08-181-11/+16
| | | | | | | | * kbx/keybox-blob.c (_keybox_create_openpgp_blob): Remove restriction. -- Although self-signature and key binding signatures are required by OpenPGP, we should not enforce that in the storage backend.
* gpg: Change default cipher for --symmetric from CAST5 to AES-128.Werner Koch2014-08-183-6/+26
| | | | | | * g10/main.h (DEFAULT_CIPHER_ALGO): Chhange to AES or CAST5 or 3DES depending on configure option. * g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.
* yat2m: Support @set and @value.Werner Koch2014-08-181-3/+93
| | | | | | | | | * doc/yat2m.c (variablelist): New. (set_variable): New. (macro_set_p): Also check the variables. (proc_texi_cmd): Support the @value command. (parse_file): Support the @set command. (top_parse_file): Release variablelist.
* yat2m: Support the $* command for man page rendering.Werner Koch2014-08-181-0/+6
|
* estream: Change license from GPL to LPGL.Werner Koch2014-08-174-24/+24
| | | | | | | | | | | | | * common/estream-printf.c, common/estream-printf.h: Change license. * common/estream.c, common/estream.h: Ditto. -- g10 Code is the sole copyright holder of Libestream and thus as CEO I have the rights to to change the license. This copy here in GnuPG is currently the most current one thus the change is recorded in this repository. This change is also deemed valid for all older versions. Signed-off-by: Werner Koch <[email protected]>
* Post beta release update.Werner Koch2014-08-142-2/+6
| | | | --
* Release 2.1.0-beta783gnupg-2.1.0-beta783Werner Koch2014-08-142-5/+29
|
* po: Update the German (de) translationWerner Koch2014-08-144-341/+630
|
* sm: Create homedir and lock empty keybox creation.Werner Koch2014-08-143-101/+223
| | | | | | | | | * sm/gpgsm.h (opt): Add field "no_homedir_creation". * sm/gpgsm.c (main): Set it if --no-options is used. * sm/keydb.c (try_make_homedir): New. Similar to the one from g10/openfile.c. (maybe_create_keybox): New. Similar to the one from g10/keydb.c. (keydb_add_resource): Replace some code by maybe_create_keybox.
* build: Yet another autogen.sh --find-version change.Werner Koch2014-08-141-2/+2
| | | | --
* gpg: Screen keyserver responses.Werner Koch2014-08-143-25/+143
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/main.h (import_screener_t): New. * g10/import.c (import): Add screener callbacks to param list. (import_one): Ditto. (import_secret_one): Ditto. (import_keys_internal): Ditto. (import_keys_stream): Ditto. * g10/keyserver.c (struct ks_retrieval_screener_arg_s): New. (keyserver_retrieval_screener): New. (keyserver_get): Pass screener to import_keys_es_stream(). -- These changes introduces import functions that apply a constraining filter to imported keys. These filters can verify the fingerprints of the keys returned before importing them into the keyring, ensuring that the keys fetched from the keyserver are in fact those selected by the user beforehand. Signed-off-by: Stefan Tomanek <[email protected]> This is an extended and fixed versions of Stefan's patch. In addition to the changes done in gnupg 2.0, namely the commits 5e933008beffbeae7255ece02383606481f9c169 044847a0e2013a2833605c1a9f80cfa6ef353309 088f82c0b5e39687f70e44d3ab719854e808eeb6 the symbol names have been changed to "screener" to void mixing them up with the iobuf filter feature and it has been changed to be used with the dirmngr based keyserver lookup. Signed-off-by: Werner Koch <[email protected]>
* scd: Minor changes to app-sc-hsm.Werner Koch2014-08-141-228/+269
| | | | | | | | | | | * scd/app-sc-hsm.c: Re-indendet some parts and set some vars to NULL after xfree for improbed robustness. (read_ef_prkd): Replace serial operator by blocks for better readability. (apply_PKCS_padding): Rewrite for easier auditing. (strip_PKCS15_padding): Ditto. Add stricter check on SRCLEN. Signed-off-by: Werner Koch <[email protected]>
* gpg: Disable an MD5 workaround for pgp2 by default.Werner Koch2014-08-144-22/+32
| | | | | | | * g10/sig-check.c (do_check): Move some code to ... * g10/misc.c (print_md5_rejected_note): new function. * g10/mainproc.c (proc_tree, proc_plaintext): Enable MD5 workaround only if option --allow-weak-digest-algos is used.
* gpg: Remove options --pgp2 and --rfc1991.Werner Koch2014-08-1414-249/+51
| | | | | | | | | | | | | | * g10/gpg.c (oRFC1991, oPGP2): Remove (opts): Remove --pgp2 and --rfc1991. * g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users. (RFC2440, PGP2): Remove. Remove all code only enabled by these conditions. * tests/openpgp/clearsig.test: Remove --rfc1991 test. -- The use of PGP 2.c is considered insecure for quite some time now (e.g. due to the use of MD5). Thus we remove all support for _creating_ PGP 2 compatible messages.
* build: Fix autogen.sh base version hack.Werner Koch2014-08-141-3/+4
| | | | * autogen.sh <find-version>: Fix.
* gpg: Remove --compress-keys and --compress-sigs feature.Werner Koch2014-08-144-18/+8
| | | | | | | | | | | | | * g10/gpg.c (oCompressKeys, oCompressSigs): Remove. (opts): Turn --compress-keys and --compress-signs in NOPs. * g10/options.h (opt): Remove fields compress_keys and compress_sigs. * g10/export.c (do_export): Remove compress_keys feature. * g10/sign.c (sign_file): Remove compress_sigs feature. -- These features are disabled in GnuPG since the very early days and they fulfill no real purpose. For now we keep the command line options as dummys.
* gpg: Add list-option "show-usage".Werner Koch2014-08-137-4/+22
| | | | | | | * g10/gpg.c (parse_list_options): Add "show-usage". * g10/options.h (LIST_SHOW_USAGE): New. * g10/keyid.c (usagestr_from_pk): Add arg FILL. Change caller. * g10/keylist.c (list_keyblock_print): Print usage info.
* po: Remove extra LF from ja.poWerner Koch2014-08-121-2/+2
| | | | --
* gpg: Make --with-colons work again for --search-keys.Werner Koch2014-08-121-2/+2
| | | | | * g10/keyserver.c (search_line_handler): Replace log_debug by es_printf.
* speedo: Comment typo fixWerner Koch2014-08-121-2/+2
| | | | --
* common: Fix typo in header inclusion protection macro.Werner Koch2014-08-111-1/+1
| | | | | -- GnuPG-bug-id: 1669
* po: Update Japanese translation.NIIBE Yutaka2014-08-081-273/+96
|
* scd: Minor and editorial changes to app-sc-hsm.cWerner Koch2014-07-251-149/+172
| | | | | | | | | | | | | * scd/app-sc-hsm.c (select_and_read_binary): Use SW_ macro. (parse_certid): Remove useless test. (send_certinfo, send_keypairinfo): Shrink malloc to the needed size. (do_getattr): Ditto. (verify_pin): Use SW_ macro. (do_decipher): Replace OFS variable and extend comment. -- Code parts which have not been audited are marked with a warning pragma.
* scd: Add a new status word code.Werner Koch2014-07-252-0/+2
| | | | | * scd/apdu.h (SW_REF_DATA_INV): New. * scd/apdu.c (apdu_strerror): Add string.
* scd: Comment typo fixes.Werner Koch2014-07-251-5/+5
| | | | --
* scd: Support for SmartCard-HSMAndreas Schwier2014-07-255-1/+2041
| | | | | | | | | | | | | | | | | | * scd/app-sc-hsm.c: New. * scd/app.c (select_application, get_supported_applications): Register new app. -- Add a read/only driver for scdaemon that provides access to keys and certificates on a SmartCard-HSM (www.smartcard-hsm.com). The driver supports RSA and ECC keys on SmartCard-HSM cards and USB-Sticks. The driver does not yet support the MicroSD edition. -- ChangeLog and FSF copyright year fix by wk.
* gpg: Switch to an EdDSA format with prefix byte.Werner Koch2014-07-251-8/+18
| | | | * g10/keygen.c (gen_ecc): USe "comp" for EdDSA.
* po: Update the German (de) translationWerner Koch2014-07-231-50/+67
| | | | --
* agent: Show just one warning with all failed passphrase constraints.Werner Koch2014-07-231-38/+74
| | | | | * agent/genkey.c (check_passphrase_constraints): Build a final warning after all checks.
* agent: Only one confirmation prompt for an empty passphrase.Werner Koch2014-07-231-21/+19
| | | | | * agent/genkey.c (check_passphrase_constraints): Moev empty passphrase check to the front.
* gpg: Add command --quick-gen-keyWerner Koch2014-07-235-3/+171
| | | | | | | | | | | * g10/gpg.c (aQuickKeygen): New. * g10/misc.c (is_valid_user_id): New stub. * g10/keygen.c (quickgen_set_para): New. (quick_generate_keypair): New. -- Note that the validation of the specified user id has not yet been implemented.
* common: Add cpr_get_answer_is_yes_def()Werner Koch2014-07-232-2/+10
| | | | | * g10/cpr.c (cpr_get_answer_is_yes): Factor code out to .... (cpr_get_answer_is_yes_def): ...new.
* gpg: Make --quick-sign-key promote local key signatures.Werner Koch2014-07-232-4/+4
| | | | * g10/keyedit.c (sign_uids): Promote local sigs in quick mode.
* Register DCO for Andreas SchwierWerner Koch2014-07-231-1/+3
| | | | --
* scd: Do not use the pcsc-wrapper.Werner Koch2014-07-223-10/+5
| | | | | | | | * scd/apdu.c (NEED_PCSC_WRAPPER): Do not define. * scd/Makefile.am (libexec_PROGRAMS): Remove gnupg-pcsc-wrapper (gnupg_pcsc_wrapper_SOURCES): Remove. (gnupg_pcsc_wrapper_LDADD): Remove. (gnupg_pcsc_wrapper_CFLAGS): Remove.
* gpg: Improve --list-packets output for faulty packets.Werner Koch2014-07-211-0/+50
| | | | * g10/parse-packet.c: Add list_mode output for certain failures.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 04:21:01 +0000