| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* misc.c (openpgp_pk_algo_usage): Allow AUTH where SIGN is allowed.
* keygen.c (ask_passphrase): No need to allocated S2K in secure
memory.
* scdaemon.c (main): --pcsc-driver again defaults to pcsclite.
David Corcoran was so kind to remove the GPL incompatible
advertisng clause from pcsclite.
* apdu.c (apdu_open_reader): Actually make pcsc-driver option work.
|
|
(do_generate_keypair): Add support the proposed AUTH key flag.
* getkey.c (fixup_uidnode, merge_selfsigs_main)
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
* keylist.c (print_capabilities): Ditto.
|
|
* scdaemon.c, scdaemon.h: New option --pcsc-ccid.
* ccid-driver.c, ccid-driver.h: New but far from being useful.
* Makefile.am: Add above.
* apdu.c: Add support for that ccid driver.
|
|
* pkglue.c (mpi_from_sexp): New. Used to factor out
some common code.
|
|
|
|
* encode.c (encode_sesskey): Checked the code and removed
the warning since all compatibility checks with PGP succeeded.
* mainproc.c (symkey_decrypt_sesskey): Better check for the
algorithm and check the return values of some functions.
|
|
(pk_verify): Check for valid DATA array so that we don't segv in
Libgcrypt.
(pk_verify): Ditto.
|
|
|
|
(gpgsm_exit): Update the random seed file and enable debug output.
* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.
* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
|
|
|
|
* card-util.c (card_status): New.
* call-agent.c (learn_status_cb): Parse more information.
* keylist.c (print_pubkey_info): Add FP arg for optinal printing
to a stream. Changed all callers.
|
|
(do_generate_keypair): Abd generate the authkey.
(check_smartcard): Changed menu accordingly.
|
|
(export_seckeys,export_secsubkeys): Check sexp-format option.
(do_export): Ignore armor for sexp format.
(do_export_stream): Handle sexp-format.
(write_sexp_line,write_sexp_keyparm, build_sexp_seckey): New.
(build_sexp): New.
|
|
* seskey.c (encode_session_key): Debug output of the session key.
* pubkey-enc.c (get_it): Handle card case.
* call-agent.c (agent_scd_pkdecrypt): New.
* pkglue.c (pk_encrypt): Add RSA support.
* g10.c (main): Default to --use-agent.
* keygen.c (show_smartcard): Print info about the public key.
(check_smartcard): Check for existing key here.
(gen_card_key): And not anymore here.
(fpr_is_zero): New.
(generate_keypair): Generate both keys for a card.
(smartcard_change_url): Nw.
|
|
* keygen.c (gen_card_key): Obviously we should use the creation
date received from SCDAEMON, so that the fingerprints will match.
* sign.c (do_sign): Pass the serialno to the sign code.
* keyid.c (serialno_and_fpr_from_sk): New.
|
|
|
|
|
|
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types. Note, that not all changes are listed below becuause they are
too similar and done at far too many places. As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
|
|
(Sorry, it does not build currently - I need to check it in to avoid
duplicate work.)
|
|
'GNUPG-1-9-BRANCH'.
|
|
'GNUPG-1-9-BRANCH'.
|
|
be enhanced to also show the current trust level. Suggested by
Florian Weimer.
|
|
before the options file is loaded.
|
|
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
|
|
show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of
the keyserver protocol. This is a better design, similar to
--with-colons, that allows for keys with multiple user IDs rather than
using multiple keys. It also matches the machine readable pksd format.
Also use a prettier --search-keys listing format that can fill different
size windows (currently set at 24 lines).
|
|
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
|
|
Also, do not allow appointing the same revoker twice, and report
ALREADY_SIGNED if the user tries it.
|
|
|
|
function as they may not have all their fields filled in.
* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
|
|
warning.
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping. Noted by Ingo Kl�cker.
|
|
log_warning severity level from info to error.
|
|
that fact in the capabilities, and only primary signing keys can certify
other keys.
* packet.h, parse_packet.c (parse_key): Add is_primary flag for public
keys (it already exists for secret keys).
|
|
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
* seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
|
|
clean ownertrust.
|
|
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key. Using the full get_pubkey might lead to an
infinitive recursion.
|
|
lowercase to be case-insensitive.
|
|
* export.c (do_export_stream): Comment.
* sig-check.c (check_key_signature2): Properly handle a
non-designated revocation import.
2002-09-26 Werner Koch <[email protected]>
* g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
|
|
Remove the old NETLIBS variable since the keyserver stuff is no longer
internal.
|
|
* keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2),
import.c (import, chk_self_sigs): Minor language cleanups.
|
|
|
|
|
|
|
|
|
|
* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.
* keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.
|
|
* keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket. Add a PGP
2.x warning for revocation keys.
* g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).
* keyedit.c (sign_uids): Make strings translatable.
* sig-check.c (check_key_signature2): Make string translatable.
|
|
2002-09-13 David Shaw <[email protected]>
* getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here. Also
return the signature_check error code rather than 0/1 and cache
the sig result.
* sig-check.c (check_key_signature2): Divert to
check_revocation_keys if a revocation sig is made by someone other
than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 Werner Koch <[email protected]>
* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
|
|
HKP support.
|
|
commands.
|
|
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
|
|
(exec_write): Missed one tick.
|
