aboutsummaryrefslogtreecommitdiffstats
path: root/doc/DETAILS (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpgsm: Add new validation model "steed".Werner Koch2011-12-071-0/+5
| | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED.
* gpgsm: Allow arbitrary extensions for cert creation.Werner Koch2011-12-061-0/+1
| | | | | | | | * sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New. (read_parameters): Add new keywords. (proc_parameters): Check values of new keywords. (create_request): Add SubjectKeyId and extensions. (parse_parameter_usage): Support "cert" and the encrypt alias "encr".
* Move parameter file description to the manual.Werner Koch2011-03-011-189/+2
|
* Support X.509 certificate creation.Werner Koch2011-03-011-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | Using "gpgsm --genkey" allows the creation of a self-signed certificate via a new prompt. Using "gpgsm --genkey --batch" should allow the creation of arbitrary certificates controlled by a parameter file. An example parameter file is Key-Type: RSA Key-Length: 1024 Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA Key-Usage: sign, encrypt Serial: random Name-DN: CN=some test key Name-Email: [email protected] Name-Email: [email protected] Hash-Algo: SHA384 not-after: 2038-01-16 12:44 This creates a self-signed X.509 certificate using the key given by the keygrip and using SHA-384 as hash algorithm. The keyword signing-key can be used to sign the certificate with a different key. See sm/certreggen.c for details.
* Removed deprecated SIGEXPIRED status line.Werner Koch2011-02-041-5/+10
|
* Add a DECRYPTION_INFO status.Werner Koch2011-02-031-33/+37
| | | | | | | DECRYPTION_INFO <mdc_method> <sym_algo> Print information about the symmetric encryption algorithm and the MDC method. This will be emitted even if the decryption fails.
* Smartcard related updatesWerner Koch2010-11-171-1/+2
|
* doc fixWerner Koch2010-10-181-1/+2
|
* All tests work are again workingWerner Koch2010-10-141-0/+13
|
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-1/+2
| | | | | | A couple of forward ported changes. Doc updates.
* More changes on the way to remove secring.gpg.Werner Koch2010-04-211-1/+1
|
* Finished the bulk of changes to use estream in most places instead ofWerner Koch2010-03-151-0/+6
| | | | | stdio.
* Add dummu option --passwd for gpg.Werner Koch2010-01-081-1/+3
| | | | | Collected changes.
* Implement --faked-systrem-time for gpg.Werner Koch2009-12-171-6/+7
| | | | | Typo and comment fixes.
* Use ADNS for PKA and SRV records if no other resolver is available.Werner Koch2009-12-071-1/+1
|
* allow for default algorithms in a gpg parameter fileWerner Koch2009-12-041-9/+32
|
* [scd] Memory leak fix.Werner Koch2009-10-281-0/+6
| | | | | [g13] Send MOUNTPOINT status line
* Improved detection of bad/invalid signer keys.Werner Koch2009-08-061-6/+14
|
* Print status of CRL checks in the audit log.Werner Koch2009-07-231-3/+3
|
* [g10]Werner Koch2009-07-131-0/+1
| | | | | | | | | | * exec.c: Fix function name indentation. (expand_args): Simplify by using membuf functions. (exec_write): Fix memory leak on error. (w32_system): Use DETACHED_PROCESS so that a new console is not created.
* Support writing of existing keys with non-matching key sizes.Werner Koch2009-07-091-2/+3
|
* Make soem omnikey readers work with extended length APDUs.Werner Koch2009-06-291-1/+6
|
* Print NO_SECKEY status line in gpgsm.Werner Koch2009-03-251-6/+6
| | | | | This fixes bug#1020.
* Fix keygrip computation for TCOS 3 cards.Werner Koch2009-03-201-1/+2
| | | | | Emit PROGRESS status lines during --learn-card.
* Cleanups. Fixes bug 956.Werner Koch2008-12-081-156/+59
|
* Add a warning nite to --throw-keyds.Werner Koch2008-08-281-2/+2
|
* Print a 'f' for validated non-root certificates in gpgsm colon style listing.Werner Koch2008-08-131-1/+5
| | | | | Doc fixes.
* Cehck for expire date overflows.Werner Koch2008-08-111-4/+10
|
* Do not run the setuid test if running under as root proper.Werner Koch2008-07-171-1/+5
| | | | | | Documentation fixes. Some enhancements for the new OpenPGP Card.
* Add controlo statement %ask-passphraseWerner Koch2008-06-161-0/+10
|
* Clarify descrition for field 10.Werner Koch2008-06-131-1/+1
|
* Made --fixed-list-mode obsolete.Werner Koch2008-06-111-2/+2
|
* Updated German translation.Werner Koch2008-05-091-1/+1
| | | | | Fix in gpgconf for W32.
* W32 fix for trustdb creation.Werner Koch2008-01-301-2/+2
|
* Document --auto-issuer-key-retrieve.Werner Koch2007-11-191-0/+1
|
* Implemented the chain model for X.509 validation.Werner Koch2007-08-101-11/+20
|
* Fixed card key generation of gpg2.Werner Koch2007-07-051-0/+7
| | | | | Reveal less information about timings while generating a key.
* Add new SVN only file README.maintWerner Koch2007-02-261-6/+6
| | | | | | | | | | | | | | | | doc/ * gpg.texi (GPG Configuration): Document envvar LANGUAGE. (GPG Configuration Options): Document show-primary-uid-only. g10/ * gpg.c (main): Add verify option show-primary-uid-only. * options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New. * mainproc.c (check_sig_and_print): Implement it. * encr-data.c (decrypt_data): Correctly test for unknown algorithm. * import.c (check_prefs): Ditto. * keyedit.c (show_prefs): Ditto. * mainproc.c (proc_symkey_enc): Ditto.
* Added LIBINTL to more Makefile targets.Werner Koch2007-01-301-1/+1
| | | | | | | | | | | | | | | | | | | | doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
* sm/Werner Koch2006-11-141-23/+40
| | | | | | | | | | | | | | * server.c (skip_options): Skip leading spaces. (has_option): Honor "--". (cmd_export): Add option --data to do an inline export. Skip all options. * certdump.c (gpgsm_fpr_and_name_for_status): New. * verify.c (gpgsm_verify): Use it to print correct status messages. doc/ * gpgsm.texi (GPGSM EXPORT): Document changes.
* .Werner Koch2006-11-111-7/+19
|
* Migrated more stuff to doc/Werner Koch2006-08-211-0/+1250
| | | | | | | | Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-990/+0
| | | | 'GNUPG-1-9-BRANCH'.
* * DETAILS (KEY_CREATED): Enhanced by fingerprint.Werner Koch2002-10-121-1/+3
|
* * DETAILS: s/XORed/ORed/.Werner Koch2002-09-201-1/+1
|
* * DETAILS: Fix batch key generation example.David Shaw2002-09-121-3/+3
|
* * gpg.sgml: Updated the charset option.Werner Koch2002-09-021-0/+11
| | | | | * DETAILS: Added status IMPORT_OK.
* * gpg.sgml: Document keyserver-option include-subkeys. Note thatDavid Shaw2002-08-301-0/+2
| | | | | | | honor-http-proxy is a keyserver-option now. * DETAILS: Add "Key not trusted" to INV_RECP status code.
* Include intl/ in the CVS again; otherwise we are not able toWerner Koch2002-08-231-1/+9
| | | | | | re-recreate a distribution from CVS. Some minor other fixes.
* * DETAILS: Clarify that trust letters 'q' and '-' can be treatedDavid Shaw2002-08-201-1/+4
| | | | | | | identically. * gpg.sgml: Document --ignore-mdc-error.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 08:57:29 +0000