aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Fix condition of string_to_aead_algo.NIIBE Yutaka2020-08-191-1/+1
| | | | | | * g10/misc.c (string_to_aead_algo): Only compare if not NULL. Signed-off-by: NIIBE Yutaka <[email protected]>
* dns: Fix memory use-after-free.NIIBE Yutaka2020-08-191-0/+6
| | | | | | | | | | * dirmngr/dns.c (dns_res_stub): Fix RESCONF usage. -- Note that this is dead code. It is for making a static analyzer happy. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix iobuf.c.NIIBE Yutaka2020-08-191-3/+3
| | | | | | | | * common/iobuf.c (iobuf_cancel): Initialize DUMMY. (do_iobuf_fdopen): Initialize LEN. (iobuf_read_line): Fix the loop condition. Signed-off-by: NIIBE Yutaka <[email protected]>
* Silence compiler warnings.NIIBE Yutaka2020-08-193-3/+3
| | | | | | | | | | * common/openpgp-oid.c (map_openpgp_pk_to_gcry): Use cast for enum conversion. * dirmngr/dns-stuff.c (get_dns_srv): Use explicit conversion from int to float. * sm/gpgsm.c (parse_keyserver_line): Initialize ERR. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix possible uninitialized variables.NIIBE Yutaka2020-08-192-8/+8
| | | | | | | | * scd/app-openpgp.c (do_change_pin): Initialize resultlen2. (do_change_pin): Don't call wipe_and_free on the error path. Initialize bufferlen2. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Allow to pass a timestamp to genkey and import.Werner Koch2020-08-178-38/+109
| | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --timestamp. (cmd_import_key): Ditto. * agent/genkey.c (store_key): Add arg timestamp and change callers. (agent_genkey): Ditto. * agent/findkey.c (write_extended_private_key): Add args timestamp and new key to write a Created line. (agent_write_private_key): Add arg timestamp. (agent_write_shadow_key): Ditto. agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. Signed-off-by: Werner Koch <[email protected]>
* Add --chuid to gpg, gpg-card, and gpg-connect-agent.Werner Koch2020-08-147-42/+108
| | | | | | | | | | | | | | | | | | | * g10/gpg.c (oChUid): New. (opts): Add --chuid. (main): Implement --chuid. Delay setting of homedir until the new chuid is done. * sm/gpgsm.c (main): Delay setting of homedir until the new chuid is done. * tools/gpg-card.c (oChUid): New. (opts): Add --chuid. (changeuser): New helper var. (main): Implement --chuid. * tools/gpg-connect-agent.c (oChUid): New. (opts): Add --chuid. (main): Implement --chuid. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Ignore personal_digest_prefs for ECDSA keys.Werner Koch2020-08-131-3/+7
| | | | | | | | * g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. -- GnuPG-bug-id: 5021 Signed-off-by: Werner Koch <[email protected]>
* doc: Add a list of RFCS to DETAIL.Werner Koch2020-08-132-1/+14
| | | | --
* tools: Install gpgsplit againWerner Koch2020-08-131-2/+2
| | | | | | | | | -- We will also set the gpgsplit from 1.4 to noninstall. GnuPG-bug-id: 5023 Signed-off-by: Werner Koch <[email protected]>
* scd: Log info about CCIDs with permission problems.Werner Koch2020-08-121-3/+13
| | | | | | | * scd/apdu.c (open_ccid_reader): Add arg r_cciderr. (apdu_open_reader): Print a note on EPERM of the USB device. Signed-off-by: Werner Koch <[email protected]>
* scd: Map some error codes from libusb to ccid-driver error codes.Werner Koch2020-08-125-12/+57
| | | | | | | | | | | | | | | * scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes. * scd/apdu.h: New SW_HOST error codes. * scd/apdu.c (host_sw_string): Print them * scd/ccid-driver.c (map_libusb_error): New. (ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes. * scd/iso7816.c (map_sw): Map new codes to gpg-error. -- This change will help to get low level error conditions from hipher application code. Signed-off-by: Werner Koch <[email protected]>
* common: Pass the WAYLAND_DISPLAY envvar alongWerner Koch2020-08-121-0/+1
| | | | | | | | * common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY. -- GnuPG-bug-id: 5016 Signed-off-by: Werner Koch <[email protected]>
* scd:piv: Allow signing using PSS.Werner Koch2020-08-101-1/+10
| | | | | | | | | * scd/app-piv.c (do_sign): Allow for PSS. -- This has been tested with Scute and Openvpn. Signed-off-by: Werner Koch <[email protected]>
* agent: Add option --pss to pksign to be used by smartcards.Werner Koch2020-08-105-8/+31
| | | | | | | | | | | | | | | * agent/command.c (cmd_sethash): Add option --pss and allow for --hash=null. * agent/agent.h (struct server_control_s): Add digest.is_pss and zero where needed. * agent/pksign.c (agent_pksign_do): Allow for PSS with cards. * scd/command.c (cmd_pksign): Add for --hash=none. -- This is not a full implementaion of PSS but allows scdaemon card drivers to detect already PSS formatted data. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix trustdb for v5key.NIIBE Yutaka2020-08-074-31/+89
| | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.h (fpr20_from_pk): New. * g10/keyid.c (fpr20_from_pk): New. * g10/tdbio.c (tdbio_search_trust_byfpr): Use fpr20_from_pk. * g10/trustdb.c (keyid_from_fpr20): New. (verify_own_keys): Use keyid_from_fpr20. (tdb_update_ownertrust): Use fpr20_from_pk. (update_min_ownertrust): Likewise. (update_validity): Likewise. -- For the compatibility of existing implementation, we keep the format of trustdb untouched. The format of trustdb uses 20-byte fingerprint for the trust record entry. To handle both of v4key (with 20-byte fingerprint) and v5 key (with 32-byte fingerprint), we introduce FPR20 fingerprint, internally. For v4key, FPR20 is as same as v4 fingerprint. For v5key, FPR20 is constructed from v5key fingerprint. GnuPG-bug-id: 5000 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix short key ID for v5key.NIIBE Yutaka2020-08-072-3/+8
| | | | | | | | | | * g10/keyid.c (keyid_from_pk): Return keyid[0] for v5key. * g10/keyring.c (keyring_search): Handle short key ID for v5key. -- GnuPG-bug-id: 5000 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: New option --chuid.Werner Koch2020-08-062-1/+23
| | | | | | | | | | * sm/gpgsm.c (oChUid, opts): New option --chuid. (main): Implement option. -- This option will at least be useful for Scute. Signed-off-by: Werner Koch <[email protected]>
* gpgconf: New option --chuid.Werner Koch2020-08-063-1/+19
| | | | | | | | * tools/gpgconf.c (oChUid, opts): New option --chuid. (main): Implement. -- Signed-off-by: Werner Koch <[email protected]>
* common: New helper function gnupg_chuid.Werner Koch2020-08-062-0/+99
| | | | | | | * common/sysutils.c (try_set_envvar): New. (gnupg_chuid): New. Signed-off-by: Werner Koch <[email protected]>
* kbx: Support v5key for short kid and long kid.NIIBE Yutaka2020-08-061-2/+32
| | | | | | | | * kbx/keybox-search.c (has_short_kid): Support v5key. (has_long_kid): Likewise. GnuPG-bug-id: 5000 Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Remove expired key of David Shaw from distsigkey.gpg.Werner Koch2020-08-061-0/+0
| | | | --
* gpg: Add level 16 to --gen-randomWerner Koch2020-08-051-32/+45
| | | | | | | | | | | * g10/gpg.c (main): Add that hack. -- This is an yet undocumented hack to allow printing hex encoded random number with gpg. The level is forced to be 1 which is is good for almost all uses. Note that --armor is ignored. Signed-off-by: Werner Koch <[email protected]>
* sm: Also show the SHA-256 fingerprint.Werner Koch2020-08-042-3/+16
| | | | | | | | * sm/keylist.c (list_cert_colon): Emit a new "fp2" record. (list_cert_raw): Print the SHA2 fingerprint. (list_cert_std): Ditto. Signed-off-by: Werner Koch <[email protected]>
* w32: Fix cast from intptr_t of _get_osfhandle.NIIBE Yutaka2020-08-031-1/+1
| | | | | | * common/exectool.c (gnupg_exec_tool_stream): Cast to unsigned long. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix coercion for pinentry_pid handling.NIIBE Yutaka2020-07-311-1/+1
| | | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): Don't use pid_t. -- When pid_t is 64-bit integer and unsigned long is 32-bit, it never matches, because left hand side does not fill upper 32-bit. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Silence compiler warning.NIIBE Yutaka2020-07-311-3/+3
| | | | | | * scd/app-openpgp.c (build_ecc_privkey_template): Fix allocation size. Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Add NETLIBS for sm/t-minip12.NIIBE Yutaka2020-07-301-1/+1
| | | | | | | | | * sm/Makefile.am (t_minip12_LDADD): Add NETLIBS. -- GnuPG-bug-id: 4944 Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: More adding NETLIBS.NIIBE Yutaka2020-07-301-1/+1
| | | | | | | | | * common/Makefile.am (t_common_ldadd): Add $(NETLIBS). -- GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Add link to $(NETLIB) for -lws2_32.NIIBE Yutaka2020-07-303-3/+3
| | | | | | | | | | | * dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS). * sm/Makefile.am (gpgsm_LDADD): Ditto. * tools/Makefile.am (gpg_wks_client_LDADD): Ditto. -- GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* Revert patches applied wrongly.NIIBE Yutaka2020-07-282-0/+21
| | | | | | | | | -- In the experiment for 4994, and patches were wrongly applied. Fixes-commit: 46d185f60397f68830bfdfb99627b29aea5016f1 Signed-off-by: NIIBE Yutaka <[email protected]>
* kbx: Fix short KID and long KID handling for FPR32.NIIBE Yutaka2020-07-271-1/+1
| | | | | | | * kbx/keybox-search.c (blob_cmp_fpr_part): For FPR32, it's the first part in the fingerprint. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix closing reader and reeleasing context in PC/SC.NIIBE Yutaka2020-07-171-0/+7
| | | | | | | | | | * scd/apdu.c (close_pcsc_reader): Unlock the reader_table_lock. (apdu_dev_list_finish): Release the context when no readers. -- Fixes-commit: 46d185f60397f68830bfdfb99627b29aea5016f1 Signed-off-by: NIIBE Yutaka <[email protected]>
* Use gpgrt's new option parser for symcryptrun.NIIBE Yutaka2020-07-171-79/+63
| | | | | | * tools/symcryptrun.c: Follow API change of the new option parser. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: PC/SC: Don't release the context when it's in use.NIIBE Yutaka2020-07-173-22/+1
| | | | | | | | | | * scd/apdu.c (close_pcsc_reader): Check if it's not in the loop. -- GnuPG-bug-id: 4998 Reported-by: Kevin Locke Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg-card: Fix type of historyname.NIIBE Yutaka2020-07-171-1/+1
| | | | | | | | | * tools/gpg-card.c (interactive_loop): Remove const qualifier. -- Fixes-commit: d70b8769c888f42896ae3ef4972bf82e9b5a0c32 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not close stdout after --export-ssh-keyWerner Koch2020-07-161-2/+3
| | | | | | | | | * g10/export.c (export_ssh_key): Do not close stdout. -- stdout should never be closed; this fixes this minor bug. Signed-off-by: Werner Koch <[email protected]>
* common: Avoid undefined behavior of left shift operator.NIIBE Yutaka2020-07-161-5/+11
| | | | | | | | | | | * common/iobuf.c (block_filter): Handle an error earlier. Make sure it's unsigned. -- GnuPG-bug-id: 4975 Suggested-by: lutianxiong <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* regexp: Import change from JimTcl.NIIBE Yutaka2020-07-152-4/+19
| | | | | | | | | | | | | | | | * regexp/jimregexp.h, regexp/jimregexp.c: Fix from JimTcl. -- Apply the change in JimTcl: commit ac35b8a6ec417f75b5ec86ca64ea1614a8170a38 Author: Steve Bennett <[email protected]> Date: Mon May 4 20:43:46 2020 +1000 regexp: Improved error message Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: Make rsaPSS a compliant scheme in de-vs mode.Werner Koch2020-07-141-8/+4
| | | | | | | -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <[email protected]>
* agent: Fix regression with --newsymkey in loopback mode.Werner Koch2020-07-141-2/+5
| | | | | | | | | | | | | | * agent/command.c (cmd_get_passphrase): Never repeat in loopback mode; same as with !OPT_NEWSYMKEY. -- In loopback mode there shall not be any repeat because the caller is expected to do any confirmation before passing a new passphrase to gpg. Fixes-commit: eace4bbe1ded8b01f9ad52ebc1871f2fd13c3a08 GnuPG-bug-id: 4991 Signed-off-by: Werner Koch <[email protected]>
* gpg: Reword warning about decryption w/o using a non-encrypt key.Werner Koch2020-07-141-2/+3
| | | | --
* dirmngr: Handle EAFNOSUPPORT at connect_server.NIIBE Yutaka2020-07-131-0/+9
| | | | | | | | | * dirmngr/http.c (connect_server): Skip server with EAFNOSUPPORT. -- GnuPG-bug-id: 4977 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: For decryption, support use of a key with no 'encrypt' usage.NIIBE Yutaka2020-07-101-5/+9
| | | | | | | | | | * g10/pubkey-enc.c (get_session_key): Don't skip at no PUBKEY_USAGE_ENC. Emit information the key has no 'encrypt' usage. -- GnuPG-bug-id: 4246 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Add news entries from the latest 2.2 releases.Werner Koch2020-07-091-0/+75
| | | | --
* gpg: Print a note if no args are given to --delete-keyWerner Koch2020-07-091-1/+4
| | | | | | | | | | | | -- It is a bit surprising that nothing happens if no key is specified to --delete-key et al. Although this is common Unix behaviour the use might have expected that it behaves like --export and deletes all keys. Sure we don't do the latter, so a short notice will help. GnuPG-bug-id: 4959 Signed-off-by: Werner Koch <[email protected]>
* Do not use the pinentry's qualitybarWerner Koch2020-07-083-3/+3
| | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): No qualitybar. * g10/call-agent.c (agent_get_passphrase): Ditto. * sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto. -- The concept of a passphrase quality indicator is anyway questionable because user are smart enough to trick them out and they also tend to limit the actually used entropy. Except for the red/green switching (to show whether constraints are fulfilled) our qualitybar is pretty bad and thus worse than none. Signed-off-by: Werner Koch <[email protected]>
* gpgsm: Replace all assert calls by log_assert.Werner Koch2020-07-0819-44/+29
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Use integrated passphrase repeat entry also for -c.Werner Koch2020-07-083-7/+33
| | | | | | | | * g10/call-agent.c (agent_get_passphrase): Add arg newsymkey. * g10/passphrase.c (passphrase_get): Add arg newsymkey. (passphrase_to_dek): Pass it on. Signed-off-by: Werner Koch <[email protected]>
* agent: New option --newsymkey for GET_PASSPHRASEWerner Koch2020-07-084-58/+322
| | | | | | | | | | | | | * agent/call-pinentry.c (agent_get_passphrase): Add arg pininfo. * agent/genkey.c (check_passphrase_constraints): New arg no_empty. * agent/command.c (reenter_passphrase_cmp_cb): New. (cmd_get_passphrase): Add option --newsymkey. -- This new option allows to present a passphrase with the usual repeat box as it is used by gpg-agent's internal key generation. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 21:06:22 +0000