aboutsummaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* doc: Minor enhancement for reproducibility.Werner Koch2020-06-031-0/+2
| | | | | | | | * doc/Makefile.am (defsincdate): In no repo mode and with SOURCE_DATE_EPOCH set, use that instead of blanking the date. -- GnuPG-bug-id: 4947
* sm: Always allow authorityInfoAccess lookup if CRLs are also enabled.Werner Koch2020-04-161-3/+8
| | | | | | | | | * sm/certchain.c (find_up): Disable external lookups in offline mode. Always allow AKI lookup if CRLs are also enabled. -- GnuPG-bug-id: 4898 Signed-off-by: Werner Koch <[email protected]>
* gpg: Support decryption of the new AEAD packetWerner Koch2020-04-161-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (aead_algo_t): New. (pkttype_t): Add PKT_ENCRYPTED_AEAD. * g10/decrypt-data.c (struct decode_filter_context_s): Add fields for AEAD. (aead_set_nonce_and_ad): New. (aead_checktag): New. (decrypt_data): Support AEAD. (aead_underflow): New. (aead_decode_filter): New. * g10/dek.h (DEK): Add field use_aead. Turn use_mdc, algo_info_printed, and symmetric into bit flags. * g10/mainproc.c (struct mainproc_context): Add field seen_pkt_encrypted_aead. (release_list): Clear it. (have_seen_pkt_encrypted_aead): New. (symkey_decrypt_seskey): Support AEAD. (proc_symkey_enc): Ditto. (proc_encrypted): Ditto. (proc_plaintext): Ditto. * g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New. (openpgp_aead_test_algo): New. (openpgp_aead_algo_name): New. (openpgp_aead_algo_info): New. * g10/packet.h (PKT_symkey_enc): Add field use_aead. (PKT_user_id): Add field flags.aead (PKT_public_key): Ditto. (PKT_encrypted): Add fields for AEAD. * g10/parse-packet.c (parse): Handle PKT_ENCRYPTED_AEAD. (parse_symkeyenc): Support AEAD. (parse_encrypted): Ditto. (dump_sig_subpkt): Dump AEAD preference packet. (parse_encrypted_aead): New. -- This patch allows to decrypt data encrypted using the new AEAD mechanism as specified in rfc4880bis. Although preferences are used to enable this new mode, it is useful to have at least a decryption option in case a user switches between GnuPG 2.2 and newer versions. The new AEAD mechanism is much faster than the current CFB+MDC and thus 2.2 will allow faster decryption of symmetric only decryption. This patch is based on the current master (2.3) code base and includes a few other patches. In particular commit 44be675b759d27bac310c2de8bae1b7882a26b65 (gpg: More check for symmetric key encryption.) is included. Signed-off-by: Werner Koch <[email protected]>
* scd: Factor common PIN status check out.Werner Koch2020-04-151-1/+1
| | | | | | | | | | | | | | | | | | * scd/iso7816.h (ISO7816_VERIFY_ERROR): New. (ISO7816_VERIFY_NO_PIN): New. (ISO7816_VERIFY_BLOCKED): New. (ISO7816_VERIFY_NULLPIN): New. (ISO7816_VERIFY_NOT_NEEDED): New. * scd/iso7816.c (iso7816_verify_status): New. * scd/app-nks.c (get_chv_status): Use new function. -- Signed-off-by: Werner Koch <[email protected]> Backported from master: - Removed the non-existant app-piv.c patches. Signed-off-by: Werner Koch <[email protected]>
* scd:openpgp: New attribute "MANUFACTURER".Werner Koch2020-04-151-0/+32
| | | | | | | | | | | | | | | | | | * scd/app-openpgp.c (get_manufacturer): New.. (do_getattr): Add new attribute "MANUFACTURER". (do_learn_status): Always print it. -- This will make it easy to maintain the list of OpenPGP vendors at just one place. Signed-off-by: Werner Koch <[email protected]> Backported from master: .. or well in master and 2.2 Signed-off-by: Werner Koch <[email protected]>
* sm: Consider certificates w/o CRL DP as valid.Werner Koch2020-03-271-0/+8
| | | | | | | | | | | | | | | | | | | | | * sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP. * common/audit.c (proc_type_verify): Print "n/a" if a cert has no distribution point. * sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check. * sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New. (opts): Add option --enable-issuer-based-crl-check. (main): Set option. -- If the issuer does not provide a DP and the user wants such an issuer, we expect that a certificate does not need revocation checks. The new option --enable-issuer-based-crl-check can be used to revert to the old behaviour which requires that a suitable LDAP server has been configured to lookup a CRL by issuer. Signed-off-by: Werner Koch <[email protected]> (cherry picked from master)
* gpg: Update --trusted-key to accept fingerprint as well as long key id.Daniel Kahn Gillmor2020-03-181-2/+2
| | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well as long key ID. * doc/gpg.texi: document that --trusted-key can accept a fingerprint. -- GnuPG-bug-id: 4855 Signed-off-by: Daniel Kahn Gillmor <[email protected]> Fixed uses or return and kept the old string to avoid breaking translations. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 810ea2cc684480c6aadceb2a10dd00f3fa67f2fb) Remove the test for FPRLEN which we do not have in 2.2 Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --auto-key-importWerner Koch2020-03-141-4/+22
| | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): New options --auto-key-import, --no-auto-key-import, and --no-include-key-block. (gpgconf_list): Add them. * g10/options.h (opt): Add field flags.auto_key_import. * g10/mainproc.c (check_sig_and_print): Use flag to enable that feature. * tools/gpgconf-comp.c: Give the new options a Basic config level. -- Note that the --no variants of the options are intended for easy disabling at the command line. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --include-key-block.Werner Koch2020-03-141-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New. * g10/gpg.c (oIncludeKeyBlock): New. (opts): New option --include-key-block. (main): Implement. * g10/options.h (opt): New flag include_key_block. * g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK. (parse_one_sig_subpkt): Ditto. (can_handle_critical): Ditto. * g10/sign.c (mk_sig_subpkt_key_block): New. (write_signature_packets): Call it for data signatures. -- This patch adds support for a to be proposed OpenPGP ferature: Introduce the Key Block subpacket to align OpenPGP with CMS. This new subpacket may be used similar to the CertificateSet of CMS (RFC-5652) and thus allows to start encrypted communication after having received a signed message. In practice a stripped down version of the key should be including having only the key material and the self-signatures which are really useful and shall be used by the recipient to reply encrypted. #### Key Block (1 octet with value 0, N octets of key data) This subpacket MAY be used to convey key data along with a signature of class 0x00, 0x01, or 0x02. It MUST contain the key used to create the signature; either as the primary key or as a subkey. The key SHOULD contain a primary or subkey capable of encryption and the entire key must be a valid OpenPGP key including at least one User ID packet and the corresponding self-signatures. Implementations MUST ignore this subpacket if the first octet does not have a value of zero or if the key data does not represent a valid transferable public key. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]> Backported from master. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add property "fpr" for use by --export-filter.Werner Koch2020-03-141-0/+4
| | | | | | | | | | | | | | | | * g10/export.c (push_export_filters): New. (pop_export_filters): New. (export_pubkey_buffer): Add args prefix and prefixlen. Adjust callers. * g10/import.c (impex_filter_getval): Add property "fpr". * g10/main.h (struct impex_filter_parm_s): Add field hexfpr. -- The push and pop feature will help us to use the export filter internally in gpg. Same for the export_pubkey_buffer change. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]>
* doc: Correction of typo in documentation of KEY_CONSIDEREDNick Piper2020-02-181-1/+1
| | | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]> (cherry picked from commit 0e1cbabc0ad4fe2ca9644fffb5cf27b1a8a1509f)
* doc: Improve the warning section of the gpg man page.Werner Koch2020-02-101-11/+17
| | | | | | | * doc/gpg.texi: Update return value and warning sections. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 113a8288b85725f7726bb2952431deea745997d8)
* doc: Removed the footnote that OpenPGP is not used with the keyboxWerner Koch2020-01-081-5/+1
| | | | | -- GnuPG-bug-id: 4799
* doc,dirmngr: Clarify --standard-resolver.Werner Koch2019-11-231-1/+2
| | | | | | | | -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit c21267e1c7aab332ebcd26f27f7f9724839a8e3a) GnuPG-bug-id: 4547
* doc: Clarify how to use --log-file in gpg.Werner Koch2019-11-181-1/+3
| | | | | | -- Note that in 2.3 --batch is not anymore required.
* dirmngr,gpg: Better diagnostic in case of bad TLS certificates.Werner Koch2019-11-181-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | * doc/DETAILS: Specify new status code "NOTE". * dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a bad TLS certificate. * g10/call-dirmngr.c (ks_status_cb): Detect this status. -- For example a gpg -v --locate-external-keys [email protected] now yields gpg: Note: server uses an invalid certificate gpg: (further info: bad cert for 'posteo.net': \ Hostname does not match the certificate) gpg: error retrieving '[email protected]' via WKD: Wrong name gpg: error reading key: Wrong name (without -v the "further info" line is not shown). Note that even after years Posteo is not able to provide a valid certificate for their .net addresses. Anyway, this help to show the feature. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add option --allow-weak-key-signatures.Werner Koch2019-11-111-3/+12
| | | | | | | | | | | | | | * g10/gpg.c (oAllowWeakKeySignatures): New. (opts): Add --allow-weak-key-signatures. (main): Set it. * g10/options.h (struct opt): Add flags.allow_weak_key_signatures. * g10/misc.c (print_sha1_keysig_rejected_note): New. * g10/sig-check.c (check_signature_over_key_or_uid): Print note and act on new option. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e624c41dbafd33af82c1153188d14de72fcc7cd8)
* doc: Improved description of status PLAINTEXT_LENGTH.Werner Koch2019-11-071-1/+4
| | | | | | -- GnuPG-bug-id: 4741
* gpg: Fix a potential loss of key sigs during import with self-sigs-only.Werner Koch2019-11-071-6/+8
| | | | | | | | | | | | * g10/import.c (import_one_real): Don't do the final clean in the merge case. -- This fixes a regression introduced with self-sigs-only. GnuPG-bug-id: 4628 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 6701a38f8e4a35ba715ad37743b8505bfd089541)
* doc: Typo fix for gpg.texi in desc of --local-sigs.Werner Koch2019-10-171-1/+1
| | | | | | -- (Already fixed in master in January)
* gpg: Extend --quick-gen-key for creating keys from a card.Werner Koch2019-10-151-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (parse_key_parameter_part): Add arg R_KEYGRIP and support the special algo "card". (parse_key_parameter_string): Add args R_KEYGRIP and R_SUBKEYGRIP. Handle the "card" algo. Adjust callers. (parse_algo_usage_expire): Add arg R_KEYGRIP. (quickgen_set_para): Add arg KEYGRIP and put it into the parameter list. (quick_generate_keypair): Handle algo "card". (generate_keypair): Also handle the keygrips as returned by parse_key_parameter_string. (ask_algo): Support ed25519 from a card. -- Note that this allows to create a new OpenPGP key from an initialized OpenPGP card or from any other supported cards. It has been tested with the TCOS Netkey card. Right now a stub file for the cards might be needed; this can be achieved by running "gpgsm --learn" with the card plugged in. Example: gpg --quick-gen-key [email protected] card Signed-off-by: Werner Koch <[email protected]> Backported from master d3f5d8544fdb43082ff34b106122bbf0619a0ead which required to remove the extra key version args. GnuPG-bug-id: 4681 Signed-off-by: Werner Koch <[email protected]>
* doc: Fix c+p bug in the examples for --import-filter.Werner Koch2019-10-121-5/+5
| | | | | | | -- Reported-by: Steve McIntyre Signed-off-by: Werner Koch <[email protected]>
* doc: Fix grammar error.Werner Koch2019-08-301-1/+1
| | | | | -- GnuPG-bug-id: 4691
* gpg: Allow direct key generation from card with --full-gen-key.Werner Koch2019-08-211-0/+1
| | | | | | | | | | | | | | | | | * g10/call-agent.c (agent_scd_readkey): New. * g10/keygen.c (ask_key_flags): Factor code out to .. (ask_key_flags_with_mask): new. (ask_algo): New mode 14. -- Note that this new menu 14 is always displayed. The usage flags can be changed only in --expert mode, though. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit a480182f9d7ec316648cb64248f7a0cc8f681bc3) Removed stuff from gpg-card which does not exists in 2.2. No tests yet done for this backport.
* doc: fix spellingDaniel Kahn Gillmor2019-07-121-3/+3
| | | | | | * doc/tools.texi: fix a handful of minor spelling errors. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: With --auto-key-retrieve prefer WKD over keyservers.Werner Koch2019-07-051-4/+20
| | | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Print a hint on how to make use of the preferred keyserver. Remove keyserver lookup just by the keyid. Try a WKD lookup before a keyserver lookup. -- The use of the the keyid for lookups does not make much sense anymore since for quite some time we do have the fingerprint as part of the signature. GnuPG-bug-id: 4595 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 96bf8f477805bae58cfb77af8ceba418ff8aaad9)
* gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.Werner Koch2019-07-041-0/+5
| | | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): Change default. -- Due to the DoS attack on the keyeservers we do not anymore default to import key signatures. That makes the keyserver unsuable for getting keys for the WoT but it still allows to retriev keys - even if that takes long to download the large keyblocks. To revert to the old behavior add keyserver-optiions no-self-sigs-only,no-import-clean to gpg.conf. GnuPG-bug-id: 4607 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 23c978640812d123eaffd4108744bdfcf48f7c93)
* gpg: New command --locate-external-key.Werner Koch2019-07-041-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (aLocateExtKeys): New. (opts): Add --locate-external-keys. (main): Implement that. * g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL. (get_best_pubkey_byname): Add arg 'mode' and pass on to get_pubkey_byname. Change callers. * g10/keylist.c (public_key_list): Add arg 'no_local'. (locate_one): Ditto. Pass on to get_best_pubkey_byname. -- This new command is a shortcut for --auto-key-locate nodefault,clear,wkd,... --locate-key and uses the default or configured AKL list but does so without local. See also GnuPG-bug-id: 4599 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit d00c8024e58822e0623b3fad99248ce68a8b7725)
* Mention --sender in documentationPeter Lebbing2019-07-031-5/+5
|
* gpg: New import and keyserver option "self-sigs-only"Werner Koch2019-07-011-0/+8
| | | | | | | | | | | | | | | | | * g10/options.h (IMPORT_SELF_SIGS_ONLY): New. * g10/import.c (parse_import_options): Add option "self-sigs-only". (read_block): Handle that option. -- This option is intended to help against importing keys with many bogus key-signatures. It has obvious drawbacks and is not a bullet-proof solution because a self-signature can also be faked and would be detected only later. GnuPG-bug-id: 4591 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 15a425a1dfe60bd976b17671aa8e3d9aed12e1c0)
* doc/wks.texi: fix typoDaniel Kahn Gillmor2019-05-291-1/+1
| | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Allow deletion of subkeys with --delete-[secret-]key.Werner Koch2019-05-271-2/+8
| | | | | | | | | | * common/userids.c (classify_user_id): Do not set the EXACT flag in the default case. * g10/export.c (exact_subkey_match_p): Make static, * g10/delkey.c (do_delete_key): Implement subkey only deleting. -- GnuPG-bug-id: 4457
* gpg: Fix using --decrypt along with --use-embedded-filename.Werner Koch2019-05-171-1/+2
| | | | | | | | | | | | | | | | | * g10/options.h (opt): Add flags.dummy_outfile. * g10/decrypt.c (decrypt_message): Set this global flag instead of the fucntion local flag. * g10/plaintext.c (get_output_file): Ignore opt.output if that was used as a dummy option aslong with --use-embedded-filename. -- The problem here was that an explicit specified --decrypt, as meanwhile suggested, did not work with that dangerous --use-embedded-filename. In contrast it worked when gpg decrypted as a side-effect of parsing the data. GnuPG-bug-id: 4500 Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve the photo image viewer selection.Werner Koch2019-05-171-9/+14
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/exec.c (w32_system): Add "!ShellExecute" special. * g10/photoid.c (get_default_photo_command): Use the new ShellExecute under Windows and fallbac to 'display' and 'xdg-open' in the Unix case. (show_photos): Flush stdout so that the output is shown before the image pops up. -- For Unix this basically syncs the code with what we have in gpg 1.4. Note that xdg-open may not be used when running as root which we support here. For Windows we now use ShellExecute as this seems to be preferred over "cmd /c start"; however this does not solve the actual problem we had in the bug report. To solve that problem we resort to a wait parameter which defaults to 400ms. This works on my Windows-10 virtualized test box. If we can figure out which simple viewers are commonly installed on Windows we should enhance this patch to test for them. GnuPG-bug-id: 4334 Signed-off-by: Werner Koch <[email protected]>
* doc: Do not mention gpg's deprecated --keyserver option.Werner Koch2019-05-151-19/+15
| | | | | -- GnuPG-bug-id: 4466
* gpgconf: Support --homedir for --launch.Werner Koch2019-05-151-0/+2
| | | | | | | | | | | | * tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because gnupg_homedir already returns abd absolute name. (scdaemon_runtime_change): Ditto. (dirmngr_runtime_change): Ditto. (gc_component_launch): Support --homedir. -- GnuPG-bug-id: 4496 Signed-off-by: Werner Koch <[email protected]>
* doc: Minor edit for a gpg option.Werner Koch2019-05-141-2/+2
| | | | | -- GnuPG-bug-id: 4507
* doc: correct documentation for gpgconf --killDaniel Kahn Gillmor2019-05-101-5/+6
| | | | | | | * doc/tools.texi(gpgconf): Correct documentation for gpgconf --kill. Signed-off-by: Daniel Kahn Gillmor <[email protected]> (cherry picked from commit 9662538be6afc8beee0f2654f9a8f234c5dac016)
* doc: Minor doc fix to dirmngr.Werner Koch2019-05-031-3/+1
| | | | | | -- Reported-by: dkg
* wkd: New command --print-wkd-url for gpg-wks-client.Werner Koch2019-03-251-2/+6
| | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDURL): New. (opts): Add option. (main): Implement. * tools/wks-util.c (wks_cmd_print_wkd_url): New. Signed-off-by: Werner Koch <[email protected]>
* doc: Clarify option --no-keyring.Werner Koch2019-03-251-1/+2
| | | | | | | -- GnuPG-bug-id: 4424 Signed-off-by: Werner Koch <[email protected]>
* wkd: New command --print-wkd-hash for gpg-wks-client.Werner Koch2019-03-251-0/+4
| | | | | | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDHash): New. (opts) : Add "--print-wkd-hash". (main): Implement that command. (proc_userid_from_stdin): New. * tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY. (wks_cmd_print_wkd_hash): New. -- GnuPG-bug-id: 4418 Signed-off-by: Werner Koch <[email protected]>
* doc: fix formatting errorDaniel Kahn Gillmor2019-03-221-1/+2
| | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpgtar: Make option -C work for archive creation.Werner Koch2019-03-071-4/+5
| | | | | | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory. -- The -C option is pretty useful given that pattern are always relative to the current directory. In contrast to GNU tar, the switching is done only once. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit b3a7a5140784b5a015107b5c5c73b15ae44e71dc)
* gpgv: Improve documentation for keyring choicesDaniel Kahn Gillmor2019-03-071-7/+8
| | | | | | | | | | | | | * doc/gpgv.texi: Improve documentation for keyring choices -- From the existing documentation, it's not clear whether the default keyring will always be mixed into the set of keyrings, or whether it will be skipped if a --keyring is present. The updated text here attempts to describe the keyring selection logic more completely. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpgsm: default to 3072-bit keys.Daniel Kahn Gillmor2019-02-282-8/+8
| | | | | | | | | | | | | | | | | | | | * doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update default to 3072 bits. * sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to 3072 bits. * sm/certreqgen.c (proc_parameters): update default to 3072 bits. * sm/gpgsm.c (main): print correct default_pubkey_algo. -- 3072-bit RSA is widely considered to be 128-bit-equivalent security. This is a sensible default in 2017. Signed-off-by: Daniel Kahn Gillmor <[email protected]> Gbp-Pq: Topic update-defaults Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch (cherry picked from commit 7955262151a5c755814dd23414e6804f79125355)
* scd: Allow standard keyref scheme for app-openpgp.Werner Koch2019-02-111-1/+1
| | | | | | | | | | | | | * scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with "OPENPGP." -- The generic keyref allows for better error detection in case a keyref is send to a wrong card. This has been taken from master commit 3231ecdafd71ac47b734469b07170756979ede72 which has additional changed for gpg-card-tool, which is only available there. Signed-off-by: Werner Koch <[email protected]>
* gpg: Implement searching keys via keygrip.Werner Koch2019-01-291-4/+1
| | | | | | | | | | | | | | | | | | | | * kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field grip. * kbx/keybox-openpgp.c (struct keyparm_s): New. (keygrip_from_keyparm): New. (parse_key): Compute keygrip. * kbx/keybox-search.c (blob_openpgp_has_grip): New. (has_keygrip): Call it. -- This has been marked for too long as not yet working. However, it is a pretty useful feature and will come pretty handy when looking for all keys matching one keygrip. Can be optimized a lot by storing the keygrip in the meta data. This will be done along with the upgrade of KBX for v5 fingerprints. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit c128667b3cba749dd14262e032d4c260a2b0acd3)
* doc: Mark keyserver-options timeout and http-proxy as obsolete.Werner Koch2019-01-221-25/+5
| | | | | | -- (cherry picked from commit 6c000d4b78b836686e5a2789cc88a41e465e4400)
* agent: Make the S2K calibration time runtime configurable.Werner Koch2018-12-111-2/+9
| | | | | | | | | | | | | | | | | | | * agent/protect.c (s2k_calibration_time): New file global var. (calibrate_s2k_count): Use it here. (get_calibrated_s2k_count): Replace function static var by ... (s2k_calibrated_count): new file global var. (set_s2k_calibration_time): New function. * agent/gpg-agent.c (oS2KCalibration): New const. (opts): New option --s2k-calibration. (parse_rereadable_options): Parse that option. -- Note that using an unrelistic high value (like 60000) takes quite some time for calibration. GnuPG-bug-id: 3399 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit cbcc8c19541fe8407f3b6588fce1535c64cf6b25)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 17:02:19 +0000