aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * dirmngr: Fix proxy with TLS.NIIBE Yutaka2024-02-151-7/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.c (proxy_get_token, run_proxy_connect): Always available regardless of USE_TLS. (run_proxy_connect): Use log_debug_string. (send_request): Remove USE_TLS. -- Since the commit of 1009e4e5f71347a1fe194e59a9d88c8034a67016 Building with TLS library is mandatory. GnuPG-bug-id: 6997 Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Add option --assert-pubkey_algo.Werner Koch2024-02-1020-59/+425
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keyid.c (parse_one_algo_string): New. (compare_pubkey_string_part): New. (compare_pubkey_string): New. * g10/verify.c (check_assert_signer_list): New. * g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo. * g10/options.h (opt): Add field assert_pubkey_algos. * g10/gpg.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Reorder RC modifications. Check assert_pubkey_algo_false. * common/status.h (ASSERT_PUBKEY_ALGOS): new. * common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if this macro is set. * g10/gpgv.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Check assert_pubkey_algo_false. * g10/t-keyid.c: New. * g10/Makefile.am: Add t-keyid. * g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and remove from other tests. (check_assert_signer_list): Ditto. (check_assert_pubkey_algo): Ditto. -- GnuPG-bug-id: 6946
| * doc: Suggest the use of a fingerprint for --default-key.Werner Koch2024-02-051-18/+23
| | | | | | | | | | | | -- GnuPG-bug-id: 6975
| * doc: Improve warning for --use-embedded-filename.Werner Koch2024-02-051-1/+15
| | | | | | | | | | | | -- GnuPG-bug-id: 6972
| * gpgsm: Increase salt size in pkcs#12 parser.Werner Koch2024-02-051-1/+1
| | | | | | | | | | | | | | * sm/minip12.c (parse_bag_encrypted_data): Need 32 bytes. -- GnuPG-bug-id: 6757
| * gpgsm: cleanup on error pathsÁngel González2024-02-051-19/+22
| | | | | | | | | | | | | | | | | | | | * sm/minip12.c (p12_parse): set err on the different error paths -- GnuPG-bug-id: 6973 Fixes-commit: 101433dfb42b333e48427baf9dd58ac4787c9786 Signed-off-by: Ángel González <[email protected]>
| * scd:openpgp: Allow PIN length of 6 also with a reset code.Werner Koch2024-01-301-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-openpgp.c (do_change_pin): Fix PIN length check. Add "R" flag to the reset code prompt. -- When using the reset code it was not possible to set a PIN of length 6. The "R" flags fixes a funny prompt. Fixes-commit: efe325ffdf21205b90f888c8f0248bbd4f61404b scd:openpgp: Allow PIN length of 6 also with a reset code. * scd/app-openpgp.c (do_change_pin): Fix PIN length check. Add "R" flag to the reset code prompt. -- When using the reset code it was not possible to set a PIN of length 6. The "R" flags fixes a funny prompt. Fixes-commit: 2376cdff1318688d94c95fd01adc4b2139c4a8c7
| * w32, msi: Fix directory of gpg-card, add keyboxdAndre Heinecke2024-01-301-1/+4
| | | | | | | | | | * build-aux/speedo/w32/wixlib.wxs: Fix gpg-card directory id. Add keyboxd.
| * po: update Polish translationJakub Bogusz2024-01-291-548/+91
| |
| * gpg: Minor code cleanup for fingerprint computation.Werner Koch2024-01-291-9/+5
| | | | | | | | * g10/keyid.c (do_hash_public_key): Simplify code for clarity.
| * gpg: Hide --textmode from the help output.Werner Koch2024-01-291-1/+1
| | | | | | | | --
| * doc: Mark --textmode as legacy option.Werner Koch2024-01-292-18/+21
| | | | | | | | --
| * doc: Fix spelling errors found by lintian.Werner Koch2024-01-2920-36/+36
| | | | | | | | | | | | -- Reported-by: Andreas Metzler <[email protected]>
| * speedo: Improve parsing of the ~./.gnupg-autogen.rcWerner Koch2024-01-262-5/+7
| | | | | | | | | | | | -- We now allow spaces around the variable name and the value.
| * dirmngr: For CRL issuer verification trust the system's root CA.Werner Koch2024-01-261-0/+1
| | | | | | | | | | | | | | | | * dirmngr/crlcache.c (crl_parse_insert): Add VALIDATE_FLAG_TRUST_SYSTEM. -- GnuPG-bug-id: 6963
| * common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR.Werner Koch2024-01-261-1/+1
| | | | | | | | | | | | | | | | * common/exechelp-w32.c (gnupg_spawn_process): Fix macro. -- Fixes-commit: 6d6438a361d25f3b269f702e017f5e39fd1f5c38 GnuPG-bug-id: 6961
* | gpg: Fix a possible segv due to an uninitialized gcrypt context.Werner Koch2024-03-061-1/+1
| | | | | | | | | | | | | | | | | | * g10/sign.c (sign_symencrypt_file): Initialize MD for the error case. -- Reported-by: Falko Strenzke Fixes-commit: 1ddd69935da629188dcf9215cd9e7a8f68b34a97 in the not yet released master branch.
* | doc: Document the "grp" record in colon listings.Werner Koch2024-02-221-3/+8
| | | | | | | | --
* | common,dirmngr:w32: Add include files.NIIBE Yutaka2024-02-154-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/dynload.h: Include windows.h. Don't define RTLD_LAZY, if already defined. * common/init.c: Include wctype.h. * dirmngr/certcache.c: Include wincrypt.h. * dirmngr/dns-stuff.c: Include ws2tcpip.h. -- GnuPG-bug-id: 5894 Signed-off-by: NIIBE Yutaka <[email protected]>
* | dirmngr:w32: Add include files.NIIBE Yutaka2024-02-151-0/+2
| | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c: Include winldap.h and winber.h. -- Definition of ber_free is in winber.h. Signed-off-by: NIIBE Yutaka <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-4'Werner Koch2024-01-2688-1421/+2657
|\| | | | | | | | | | | | | | | -- Fixed conflicts: NEWS configure.ac doc/gpg.texi
| * Post release updatesWerner Koch2024-01-252-1/+8
| | | | | | | | --
| * Release 2.4.4gnupg-2.4.4Werner Koch2024-01-251-2/+9
| |
| * po: msgmergeWerner Koch2024-01-2524-256/+353
| | | | | | | | --
| * card: Tweak the checkcmds sub-command.Werner Koch2024-01-252-5/+42
| | | | | | | | * tools/gpg-card.c (cmd_checkkeys): Skip not found keys.
| * po: Update Japanese Translation.NIIBE Yutaka2024-01-251-2/+5
| | | | | | | | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Add sub-option ignore-attributes to --import-options.Werner Koch2024-01-243-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (IMPORT_IGNORE_ATTRIBUTES): New. * g10/import.c (parse_import_options): Add new sub-option. (read_block): Implement sub-option. -- Suggested-by: Robin H. Johnson Tested using the import-export feature: gpg --export KEY_WITH_PICTURE \ | gpg --import --import-options import-export,ignore-attributes \ | gpg --show-key
| * po: Update German translation.Werner Koch2024-01-241-16/+20
| | | | | | | | | | | | -- Just the new string for gpg-card's checkkeys.
| * speedo: Build zlib, bzip2 and sqlite also on Unix.Werner Koch2024-01-241-9/+4
| | | | | | | | | | | | | | | | | | -- This avoids extra build dependencies. Note that bzip2 is not necessary statically linked but an existing bzip2 SO might be used. We would need to fix the bzip2 SO building and also provide a gnupg configure option to build statically against bzip2.
| * card: flush stdout to get checkcmd's info messages in order.Werner Koch2024-01-241-0/+1
| | | | | | | | * tools/gpg-card.c (cmd_checkkeys): Insert an fflush.
| * speedo: Add a hint to run ldconfigWerner Koch2024-01-233-1/+4
| | | | | | | | --
| * tests: Add two more sample p12 filesWerner Koch2024-01-234-0/+14
| | | | | | | | | | -- GnuPG-bug-id: 6940
| * speedo: Minor fix to the install targetWerner Koch2024-01-232-7/+7
| | | | | | | | --
| * sm: Fix ECDH encryption with dhSinglePass-stdDH-sha384kdf-scheme.NIIBE Yutaka2024-01-231-1/+1
| | | | | | | | | | | | | | | | * sm/encrypt.c (ecdh_encrypt): Cipher is AES192 for id-aes192-wrap. -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Use ephemeral mode for generating card keys.Werner Koch2024-01-224-19/+104
| | | | | | | | | | | | | | | | | | | | * g10/call-agent.c (agent_set_ephemeral_mode): New. * g10/keyedit.c (keyedit_menu) <bkuptocard>: Switch to ephemeral mode. * g10/keygen.c (do_generate_keypair): Switch to ephemeral mode for card keys with backup. -- GnuPG-bug-id: 6944
| * agent: Add "ephemeral" Assuan option.Werner Koch2024-01-2211-207/+497
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/agent.h (struct ephemeral_private_key_s): New. (struct server_control_s): Add ephemeral_mode and ephemeral_keys. (GENKEY_FLAG_NO_PROTECTION, GENKEY_FLAG_PRESET): New. * agent/genkey.c (clear_ephemeral_keys): New. (store_key): Add arg ctrl and implement ephemeral_mode. Change all callers. (agent_genkey): Replace args no_protection and preset by a generic new flags arg. * agent/findkey.c (wipe_and_fclose): New. (agent_write_private_key): Add arg ctrl and implement ephemeral_mode. Change all callers. (agent_update_private_key): Ditto (read_key_file): Ditto. (agent_key_available): Ditto. * agent/command-ssh.c (card_key_available): Do not update display s/n in ephemeral mode. This is however enver triggred. * agent/gpg-agent.c (agent_deinit_default_ctrl): Cleanup ephemeral keys. * agent/command.c (cmd_genkey): Use the new flags instead of separate vars. (cmd_readkey): Create a shadow key only in non-ephemeral_mode. (cmd_getinfo): Add sub-command "ephemeral". (option_handler): Add option "ephemeral". -- The idea here that a session can be switched in an ephemeral mode which does not store or read keys from disk but keeps them local to the session. GnuPG-bug-id: 6944
| * doc: Fix description of gpg --unwrapWerner Koch2024-01-221-6/+5
| | | | | | | | --
| * gpg: Add a communication object to the key generation code.Werner Koch2024-01-221-22/+72
| | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (struct common_gen_cb_parm_s): New. (common_gen): Add args common_gen_cb and common_gen_cb_parm. Adjust all callers. (do_generate_keypair): Clarify the code by using a better var name. -- We may eventually also replace the long arg list with that object. The immediate reason for this change is the followup commit.
| * card: New subcommand "checkkeys".Werner Koch2024-01-224-11/+265
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/command.c (cmd_havekey): Add new option --info. * tools/card-call-scd.c (scd_readkey): Allow using without result arg. (struct havekey_status_parm_s): New. (havekey_status_cb): New. (scd_havekey_info): New. (scd_delete_key): New. * tools/gpg-card.c (print_keygrip): Add arg with_lf. (cmd_checkkeys): New. (cmdCHECKKEYS): New. (cmds): Add command "checkkeys". (dispatch_command, interactive_loop): Call cmd_checkkeys. -- GnuPG-bug-id: 6943
| * doc: Document Backup-info in keyformat.txtWerner Koch2024-01-221-0/+10
| | | | | | | | | | | | | | -- This name is used by Kleopatra for quite some time now but was missing a specification.
| * Pass PINENTRY_GEOM_HINT environment variable to pinentryTobias Fella2024-01-221-1/+2
| | | | | | | | | | | | | | | | * common/session-env.c: Add PINENTRY_GEOM_HINT to variables. -- GnuPG-Bug-ID: 6930
| * gpg: For v5 key generation for X448 also in parm file mode.Werner Koch2024-01-161-56/+114
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (curve_is_448): New. (do_create_from_keygrip): Pass arg keygen_flags byref so that it can be updated. Set v5 flag for X448. (gen_ecc): Ditto. (do_create): Change keygen_flags as above. For robustness change checking for Ed448. (do_generate_keypair): Change keygen_flags as above (generate_subkeypair): Ditto. (gen_card_key): Ditto. Support v5 keys. -- GnuPG-bug-id: 6942
| * gpg: When using a parm file w/o usage don't set the RENC usage.Werner Koch2024-01-161-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (proc_parameter_file): Don't include RENC in the default usage. -- Testplan: $ gpg --gen-key --batch <<EOF Key-Type: EDDSA Key-Curve: ed448 Key-Usage: cert Name-Real: Meh Muh Name-Email: [email protected] Expire-Date: 2025-01-01 Passphrase: abc subkey-type: ecdh Subkey-curve: cv448 EOF and check that the R flag does not show up in the usage.
| * doc: Describe the ssh-agent protocol options for Windows.Werner Koch2024-01-152-7/+18
| | | | | | | | | | | | -- Also fix a typo in a macro.
| * po: Update parts of the Polish translationJakub Bogusz2024-01-151-256/+139
| | | | | | | | | | | | | | | | -- Jakub provided the translation in October but at this time it did cleanly apply anymore due to string changes. Thus only parts of his changes are here. -wk
| * gpgsm: Allow parsing of PKCS#12 files with two private keys.Werner Koch2024-01-154-91/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/minip12.c (struct p12_parse_ctx_s): Add privatekey2. (parse_shrouded_key_bag): Handle a second private key. (p12_parse_free_kparms): New. * sm/import.c (parse_p12): Factor some code out to ... (p12_to_skey): this. (parse_p12): Use p12_parse_free_kparms. -- Take care: We allow parsing of a second private key but we are not yet able to import the second private key. The whole things is required to at least import the certificates of current pkcs#12 files as created by the German Elster tax system. No test data, sorry.
| * gpgsm: Improve the status line for --verify errors.Werner Koch2024-01-151-1/+6
| | | | | | | | | | | | | | * sm/verify.c (gpgsm_verify): Improve verify.leave status line. -- Suggested-by: Jakob Bohm
| * po: Fix indentation for key generation optionsMario Haustein2024-01-1520-101/+101
| | | | | | | | --
| * Prepare the NEWSWerner Koch2024-01-121-2/+93
| | | | | | | | --
| * speedo: Add install target for Unix.Werner Koch2024-01-122-13/+65
| | | | | | | | | | | | | | | | * build-aux/speedo.mk: Default to SELFCHECK=0. (install, install-speedo): New targets. -- GnuPG-bug-id: 6710
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 02:35:40 +0000