aboutsummaryrefslogtreecommitdiffstats
path: root/agent/protect.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* agent: Add pin length field to the shadowed private key format.Werner Koch2012-02-071-1/+32
| | | | | | | | This is not yet fully implemented. It will eventually allow to support pinpad equipped readers which do not support variable length pin lengths. * agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and parse pinlen info. Change all callers to pass NULL for it.
* Added gpg-agent OPTION "s2k-count".Ben Kibbey2011-06-291-5/+9
| | | | When unset or 0, the calibrated count will be used.
* Fixed regression in OpenPGP secret key export.Werner Koch2011-04-261-1/+31
| | | | | | | | The protection used in the exported key used a different iteration count than given in the S2K field. Thus all OpenPGP keys exported from GnuPG 2.1-beta can't be imported again. Given that the actual secret key material is kept in private-keys-v1.d/ the can be re-exported with this fixed version.
* Make use of gcry_kdf_derive.Werner Koch2011-03-101-63/+6
| | | | | | Factoring common code out is always a Good Thing. Also added a configure test to print an error if gcry_kdf_derive is missing in Libgcrypt.
* Finished ECC integration.ECC-INTEGRATION-2-1Werner Koch2011-02-031-83/+82
| | | | | | | | | | | | Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo the cleanups I did in the last week. Adjusted my own ChangeLog entries to be consistent with that entry. Nuked quite some trailing spaces; again sorry for that, I will better take care of not saving them in the future. "git diff -b" is useful to read the actual changes ;-). The ECC-INTEGRATION-2-1 branch can be closed now.
* Reworked the ECC changes to better fit into the Libgcrypt API.Werner Koch2011-01-311-2/+3
| | | | | See ChangeLog for details. Key generation, signing and verification works. Encryption does not yet work. Requires latest Libgcrypt changes.
* Editorial changes and allow building with old libgcrypts.Werner Koch2011-01-211-27/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changed order of some conditional to make to put the special case into the true branch. Indentation changes. Minor other changes to make the ECC code more similar to the rest of our code. It builds but many sefltests still fail. Need to fix that before using it with an ECDH enabled libgcrypt. [/] 2011-01-21 Werner Koch <[email protected]> * configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP. (HAVE_GCRY_PK_ECDH): Add new test. [agent/] 2011-01-21 Werner Koch <[email protected]> * cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New. [include/] 2011-01-21 Werner Koch <[email protected]> * cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros because we now require libgcrypt 1.4.6. (GCRY_PK_ECDH): Add replacement.
* Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .Andrey Jivsov2011-01-061-8/+27
| | | | | | | | | | The following works: gpg2 --gen-key (ECC) gpg2 --list-keys gpg2 --list-packets ~/.gnupg/pubring.gpg gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys> ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-9/+18
| | | | | | A couple of forward ported changes. Doc updates.
* Import OpenPGP keys into the agent.Werner Koch2010-08-311-0/+15
|
* Avoid using the protect-tool to import pkcs#12.Werner Koch2010-06-171-1/+1
|
* Whole lot of changes to support CE.Werner Koch2010-04-141-0/+4
|
* Fixed a regression introduced with 2.0.14.Werner Koch2010-01-261-13/+19
|
* Do not use the VMC C reserved word readonly.Werner Koch2009-12-151-1/+1
|
* Implement dynamic S2K count computation.Werner Koch2009-12-141-4/+144
|
* Unification of the search descriptor usage.Werner Koch2009-12-081-0/+1
|
* Fixed a bunch of little bugs as reported by Fabian Keil.Werner Koch2009-06-241-2/+5
| | | | | Still one problem left; marked with a gcc #warning.
* New gpg-agent command to list key information.Werner Koch2009-03-061-1/+66
| | | | | | Gpgsm does now print the S/N of cards. Consider ephemeral keys during listing an export.
* Add more passphrase policy rules.Werner Koch2007-08-281-27/+114
| | | | | (--max-passphrase-days).
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Use estream_asprintf instead of the GNU asprintf.Werner Koch2007-05-151-9/+7
|
* Made some PIN pads work.Werner Koch2006-11-201-1/+1
| | | | | Some cleanups for 64 bit CPUs.
* Updated FSF's address.Werner Koch2006-06-201-1/+2
|
* gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch2005-06-161-11/+18
| | | | | | | char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
* * protect-tool.c: New option --canonical.Werner Koch2005-05-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | (show_file): Implement it. * keyformat.txt: Define the created-at attribute for keys. * ccid-driver.c: Replaced macro DEBUG_T1 by a new debug level. (parse_ccid_descriptor): Mark SCR335 firmware version 5.18 good. (ccid_transceive): Arghhh. The seqno is another bit in the R-block than in the I block, this was wrong at one place. * scdaemon.c: New options --debug-ccid-driver and --debug-disable-ticker. * app-openpgp.c (do_genkey, do_writekey): Factored code to check for existing key out into .. (does_key_exist): .. New function. * gpg-connect-agent.c (add_definq, show_definq, clear_definq) (handle_inquire): New. (read_and_print_response): Handle INQUIRE command. (main): Implement control commands.
* * findkey.c (modify_description): Keep invalid % escapes, so thatWerner Koch2005-02-251-2/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | %0A may pass through. * agent.h (server_control_s): New field USE_AUTH_CALL. * call-scd.c (agent_card_pksign): Make use of it. * command-ssh.c (data_sign): Set the flag. (ssh_send_key_public): New arg OVERRIDE_COMMENT. (card_key_available): Add new arg CARDSN. (ssh_handler_request_identities): Use the card s/n as comment. (sexp_key_extract): Use GCRYMPI_FMT_STD. (data_sign): Ditto. * learncard.c (make_shadow_info): Moved to .. * protect.c (make_shadow_info): .. here. Return NULL on malloc failure. Made global. * agent.h: Add prototype. * xasprintf.c (xtryasprintf): New. * app-openpgp.c (get_public_key): Make sure not to return negative numbers. (do_sign): Allow passing of indata with algorithm prefix. (do_auth): Allow OPENPGP.3 as an alternative ID. * app.c (app_getattr): Return just the S/N but not the timestamp. * no-libgcrypt.c (gcry_strdup): New.
* * command-ssh.c (get_passphrase): Removed.Werner Koch2005-02-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (ssh_identity_register): Partly rewritten. (open_control_file, search_control_file, add_control_entry): New. (ssh_handler_request_identities): Return only files listed in our control file. * findkey.c (unprotect): Check for allocation error. * agent.h (opt): Add fields to record the startup terminal settings. * gpg-agent.c (main): Record them and do not force keep display with --enable-ssh-support. * command-ssh.c (start_command_handler_ssh): Use them here. * gpg-agent.c: Renamed option --ssh-support to --enable-ssh-support. * command.c (cmd_readkey): New. (register_commands): Register new command "READKEY". * command-ssh.c (ssh_request_process): Improved logging. * findkey.c (agent_write_private_key): Always use plain open. Don't depend on an umask for permissions. (agent_key_from_file): Factored file reading code out to .. (read_key_file): .. new function. (agent_public_key_from_file): New.
* (agent_unprotect): Fixed wiping of CLEARTEXT. ThanksWerner Koch2004-09-281-1/+1
| | | | | to Moritz for pointing this out.
* * findkey.c (agent_key_from_file): Extra paranoid wipe.Werner Koch2004-02-031-7/+19
| | | | | | | | | | * protect.c (agent_unprotect): Ditto. (merge_lists): Ditto. Add arg RESULTLEN. * pkdecrypt.c (agent_pkdecrypt): Don't show the secret key even in debug mode. * protect.c: Add DSA and Elgamal description.
* * protect.c (do_encryption): Use gcry_create_nonce instad of theWerner Koch2003-12-161-4/+4
| | | | | obsolete WEAK_RANDOM.
* This commit was manufactured by cvs2svn to create branchRepo Admin2003-08-051-0/+971
| | | | 'GNUPG-1-9-BRANCH'.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-967/+0
| | | | 'GNUPG-1-9-BRANCH'.
* * pksign.c (agent_pksign): Detect whether a Smartcard is to beWerner Koch2002-03-041-74/+2
| | | | | | | | | | | | used and divert the operation in this case. * pkdecrypt.c (agent_pkdecrypt): Likewise * findkey.c (agent_key_from_file): Add optional arg shadow_info and have it return information about a shadowed key. * protect.c (agent_get_shadow_info): New. * protect.c (snext,sskip,smatch): Moved to * sexp-parse.h: new file. * divert-scd.c: New.
* Changes needed to support smartcards. Well, only _support_. There isWerner Koch2002-02-281-1/+152
| | | | | no real code yet.
* * cache.c: Add a few debug outputs.Werner Koch2002-02-011-0/+27
| | | | | | | | | | | | | | * protect.c (agent_private_key_type): New. * agent.h: Add PRIVATE_KEY_ enums. * findkey.c (agent_key_from_file): Use it to decide whether we have to unprotect a key. (unprotect): Cache the passphrase. * findkey.c (agent_key_from_file,agent_key_available): The key files do now require a ".key" suffix to make a script's life easier. * genkey.c (store_key): Ditto.
* * genkey.c (store_key): Protect the key.Werner Koch2002-01-311-0/+861
(agent_genkey): Ask for the passphrase. * findkey.c (unprotect): Actually unprotect the key. * query.c (agent_askpin): Add an optional start_err_text.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 00:46:14 +0000