aboutsummaryrefslogtreecommitdiffstats
path: root/doc/DETAILS (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Disallow the use of v3 keys.disallow-v3-keysWerner Koch2012-06-251-1/+1
| | | | | | | | | | | | | | | | | | | * g10/gpg.c: Add options --allow-v3-keys and --no-allow-v3-keys. (main): Enable --allow-v3-keys in --pgp2 mode. * g10/options.h (opt): Add field allow_v3_keys. * g10/import.c (delete_v3_subkeys): New. (import_one): Skip v3 keys and delete v3 subkeys. (import_print_stats): Print stats on v3 keys and subkeys. * g10/getkey.c (finish_lookup): Skip v3 keys. -- This is a first take on disabling v3 keys. We may need to add some tweaks to make decryption using an existing v3 key easier. There is no need to disallow decryption. Thanks to Georgi Guninski to put some pressure on us to finally do what PGP 2 folks will probably don’t like. See the discussion on gnupg-devel starting 2012-06-22.
* Print the hash algorithm in colon mode key listing.Werner Koch2012-05-241-2/+6
| | | | * g10/keylist.c (list_keyblock_colon): Print digest_algo.
* Add tweaks for the not anymore patented IDEA algorithm.Werner Koch2012-05-081-5/+3
| | | | | | | | | | | | | | | * g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2 compatibility mode. * g10/misc.c (idea_cipher_warn): Remove. Also remove all callers. * common/status.h (STATUS_RSA_OR_IDEA): Remove. Do not emit this status anymore. -- To keep the number of actually used algorithms low, we want to support IDEA only in a basically read-only way (unless --pgp2 is used during key generation). It does not make sense to suggest the use of this old 64 bit blocksize algorithm. However, there is old data available where it might be helpful to have IDEA available.
* gpgsm: Add new validation model "steed".Werner Koch2011-12-071-0/+5
| | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED.
* gpgsm: Allow arbitrary extensions for cert creation.Werner Koch2011-12-061-0/+1
| | | | | | | | * sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New. (read_parameters): Add new keywords. (proc_parameters): Check values of new keywords. (create_request): Add SubjectKeyId and extensions. (parse_parameter_usage): Support "cert" and the encrypt alias "encr".
* Move parameter file description to the manual.Werner Koch2011-03-011-189/+2
|
* Support X.509 certificate creation.Werner Koch2011-03-011-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | Using "gpgsm --genkey" allows the creation of a self-signed certificate via a new prompt. Using "gpgsm --genkey --batch" should allow the creation of arbitrary certificates controlled by a parameter file. An example parameter file is Key-Type: RSA Key-Length: 1024 Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA Key-Usage: sign, encrypt Serial: random Name-DN: CN=some test key Name-Email: [email protected] Name-Email: [email protected] Hash-Algo: SHA384 not-after: 2038-01-16 12:44 This creates a self-signed X.509 certificate using the key given by the keygrip and using SHA-384 as hash algorithm. The keyword signing-key can be used to sign the certificate with a different key. See sm/certreggen.c for details.
* Removed deprecated SIGEXPIRED status line.Werner Koch2011-02-041-5/+10
|
* Add a DECRYPTION_INFO status.Werner Koch2011-02-031-33/+37
| | | | | | | DECRYPTION_INFO <mdc_method> <sym_algo> Print information about the symmetric encryption algorithm and the MDC method. This will be emitted even if the decryption fails.
* Smartcard related updatesWerner Koch2010-11-171-1/+2
|
* doc fixWerner Koch2010-10-181-1/+2
|
* All tests work are again workingWerner Koch2010-10-141-0/+13
|
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-1/+2
| | | | | | A couple of forward ported changes. Doc updates.
* More changes on the way to remove secring.gpg.Werner Koch2010-04-211-1/+1
|
* Finished the bulk of changes to use estream in most places instead ofWerner Koch2010-03-151-0/+6
| | | | | stdio.
* Add dummu option --passwd for gpg.Werner Koch2010-01-081-1/+3
| | | | | Collected changes.
* Implement --faked-systrem-time for gpg.Werner Koch2009-12-171-6/+7
| | | | | Typo and comment fixes.
* Use ADNS for PKA and SRV records if no other resolver is available.Werner Koch2009-12-071-1/+1
|
* allow for default algorithms in a gpg parameter fileWerner Koch2009-12-041-9/+32
|
* [scd] Memory leak fix.Werner Koch2009-10-281-0/+6
| | | | | [g13] Send MOUNTPOINT status line
* Improved detection of bad/invalid signer keys.Werner Koch2009-08-061-6/+14
|
* Print status of CRL checks in the audit log.Werner Koch2009-07-231-3/+3
|
* [g10]Werner Koch2009-07-131-0/+1
| | | | | | | | | | * exec.c: Fix function name indentation. (expand_args): Simplify by using membuf functions. (exec_write): Fix memory leak on error. (w32_system): Use DETACHED_PROCESS so that a new console is not created.
* Support writing of existing keys with non-matching key sizes.Werner Koch2009-07-091-2/+3
|
* Make soem omnikey readers work with extended length APDUs.Werner Koch2009-06-291-1/+6
|
* Print NO_SECKEY status line in gpgsm.Werner Koch2009-03-251-6/+6
| | | | | This fixes bug#1020.
* Fix keygrip computation for TCOS 3 cards.Werner Koch2009-03-201-1/+2
| | | | | Emit PROGRESS status lines during --learn-card.
* Cleanups. Fixes bug 956.Werner Koch2008-12-081-156/+59
|
* Add a warning nite to --throw-keyds.Werner Koch2008-08-281-2/+2
|
* Print a 'f' for validated non-root certificates in gpgsm colon style listing.Werner Koch2008-08-131-1/+5
| | | | | Doc fixes.
* Cehck for expire date overflows.Werner Koch2008-08-111-4/+10
|
* Do not run the setuid test if running under as root proper.Werner Koch2008-07-171-1/+5
| | | | | | Documentation fixes. Some enhancements for the new OpenPGP Card.
* Add controlo statement %ask-passphraseWerner Koch2008-06-161-0/+10
|
* Clarify descrition for field 10.Werner Koch2008-06-131-1/+1
|
* Made --fixed-list-mode obsolete.Werner Koch2008-06-111-2/+2
|
* Updated German translation.Werner Koch2008-05-091-1/+1
| | | | | Fix in gpgconf for W32.
* W32 fix for trustdb creation.Werner Koch2008-01-301-2/+2
|
* Document --auto-issuer-key-retrieve.Werner Koch2007-11-191-0/+1
|
* Implemented the chain model for X.509 validation.Werner Koch2007-08-101-11/+20
|
* Fixed card key generation of gpg2.Werner Koch2007-07-051-0/+7
| | | | | Reveal less information about timings while generating a key.
* Add new SVN only file README.maintWerner Koch2007-02-261-6/+6
| | | | | | | | | | | | | | | | doc/ * gpg.texi (GPG Configuration): Document envvar LANGUAGE. (GPG Configuration Options): Document show-primary-uid-only. g10/ * gpg.c (main): Add verify option show-primary-uid-only. * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. * mainproc.c (check_sig_and_print): Implement it. * encr-data.c (decrypt_data): Correctly test for unknown algorithm. * import.c (check_prefs): Ditto. * keyedit.c (show_prefs): Ditto. * mainproc.c (proc_symkey_enc): Ditto.
* Added LIBINTL to more Makefile targets.Werner Koch2007-01-301-1/+1
| | | | | | | | | | | | | | | | | | | | doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
* sm/Werner Koch2006-11-141-23/+40
| | | | | | | | | | | | | | * server.c (skip_options): Skip leading spaces. (has_option): Honor "--". (cmd_export): Add option --data to do an inline export. Skip all options. * certdump.c (gpgsm_fpr_and_name_for_status): New. * verify.c (gpgsm_verify): Use it to print correct status messages. doc/ * gpgsm.texi (GPGSM EXPORT): Document changes.
* .Werner Koch2006-11-111-7/+19
|
* Migrated more stuff to doc/Werner Koch2006-08-211-0/+1250
| | | | | | | | Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-990/+0
| | | | 'GNUPG-1-9-BRANCH'.
* * DETAILS (KEY_CREATED): Enhanced by fingerprint.Werner Koch2002-10-121-1/+3
|
* * DETAILS: s/XORed/ORed/.Werner Koch2002-09-201-1/+1
|
* * DETAILS: Fix batch key generation example.David Shaw2002-09-121-3/+3
|
* * gpg.sgml: Updated the charset option.Werner Koch2002-09-021-0/+11
| | | | | * DETAILS: Added status IMPORT_OK.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 13:32:46 +0000