aboutsummaryrefslogtreecommitdiffstats
path: root/g10/getkey.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* doc: Some documentation updates.Werner Koch2020-09-211-1/+1
| | | | | | -- Also fixed some typos and documented soon to be used OIDs
* doc: Minor code comment fixes.Werner Koch2020-06-081-2/+2
| | | | --
* gpg: Fix key expiration and usage for keys created at the Epoch.Werner Koch2020-03-181-12/+16
| | | | | | | | | | | | | | | * g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in account. -- Keys created at the Epoch have a creation time of 0; when figuring out the latest signature with properties to apply to a key the usual comparison A > B does not work if A is always 0. We now special case this for the expiration and usage data. Co-authored-by: [email protected] GnuPG-bug-id: 4670 Signed-off-by: Werner Koch <[email protected]>
* gpg: Make use of the included key block in a signature.Werner Koch2020-03-131-3/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (read_key_from_file): Rename to ... (read_key_from_file_or_buffer): this and add new parameters. Adjust callers. (import_included_key_block): New. * g10/packet.h (PKT_signature): Add field flags.key_block. * g10/parse-packet.c (parse_signature): Set that flags. * g10/sig-check.c (check_signature2): Add parm forced_pk and change all callers. * g10/mainproc.c (do_check_sig): Ditto. (check_sig_and_print): Try the included key block if no key is available. -- This is is the second part to support the new Key Block subpacket. The idea is that after having received a signed mail, it is instantly possible to reply encrypted - without the need for any centralized infrastructure. There is one case where this does not work: A signed mail is received using a specified signer ID (e.g. using gpg --sender option) and the key block with only that user ID is thus imported. The next time a mail is received using the same key but with a different user ID; the signatures checks out using the key imported the last time. However, the new user id is not imported. Now when trying to reply to that last mail, no key will be found. We need to see whether we can update a key in such a case. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix default-key selection when card is available.NIIBE Yutaka2020-02-191-1/+9
| | | | | | | | | | | | | * g10/getkey.c (get_seckey_default_or_card): Handle the case when card key is not suitable for requested usage. -- Cherry-pick stable commit of: 1cdd9e57f701f0d99d118d32adffe5216a94b0b2 GnuPG-bug-id: 4850 Signed-off-by: NIIBE Yutaka <[email protected]>
* Spelling cleanup.Daniel Kahn Gillmor2020-02-181-2/+2
| | | | | | | | | | | | | | | | No functional changes, just fixing minor spelling issues. --- Most of these were identified from the command line by running: codespell \ --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \ --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \ doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \ NEWS README README.maint TODO Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Prefer card key on use in multiple subkeys situation.NIIBE Yutaka2020-01-171-4/+17
| | | | | | | | | | | | | * g10/call-agent.c (keyinfo_status_cb): Parse more fields. (agent_probe_secret_key): Use KEYINFO and returns bigger value representing the preference. * g10/getkey.c (finish_lookup): For subkeys, select one by using value of agent_probe_secret_key. -- GnuPG-bug-id: 3416 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Prepare enhancement of agent_probe_secret_key.NIIBE Yutaka2020-01-171-9/+13
| | | | | | | | | | | | | | | | | | | * g10/call-agent.c (agent_probe_secret_key): Change semantics of return value. * g10/call-agent.h (agent_probe_secret_key): Change comment. * g10/delkey.c (do_delete_key): Follow the change. * g10/getkey.c (get_seckey, parse_def_secret_key): Likewise. (finish_lookup, have_secret_key_with_kid): Likewise. * g10/gpgv.c (agent_probe_secret_key): Likewise. * g10/keyedit.c (keyedit_menu, quick_find_keyblock): Likewise. (show_key_with_all_names_colon): Likewise. * g10/revoke.c (gen_desig_revoke, gen_revoke): Likewise * g10/test-stubs.c (agent_probe_secret_key): Likewise. -- GnuPG-bug-id: 3416 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: default-key: Simply don't limit by capability.NIIBE Yutaka2020-01-161-5/+0
| | | | | | | | | | * g10/getkey.c (parse_def_secret_key): Remove the check. -- GnuPG-bug-id: 4810 Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Cert only key should be usable with --default-key.NIIBE Yutaka2020-01-151-1/+2
| | | | | | | | | | * g10/getkey.c (parse_def_secret_key): Allow cert-only key. -- GnuPG-bug-id: 4810 Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Use AKL for angle bracketed mail address with -r.Werner Koch2019-12-041-6/+31
| | | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_byname): Extend is_mbox checking. (get_best_pubkey_byname): Ditto. -- With this patch it is now possible to use gpg -e -r '<[email protected]>' and auto key locate will find the key. Without that a plain mail address; i.e. gpg -e -r '[email protected]' was required. GnuPG-bug-id: 4726 Signed-off-by: Werner Koch <[email protected]>
* gpg: More fix of get_best_pubkey_byname.NIIBE Yutaka2019-10-171-1/+0
| | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Remove useless req_usage setting of CTX. Fixes-commit: f2734381ae1431e395a0bed16df2f4d5d13aa2c5 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix two other cases in get_best_pubkey_byname.NIIBE Yutaka2019-10-171-29/+34
| | | | | | | | | * g10/getkey.c (pubkey_cmp): Handle a primary key with PUBKEY_USAGE_ENC, and make sure new key is for encryption. (get_best_pubkey_byname): Add comment for ranking. GnuPG-bug-id: 4713 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix get_best_pubkey_byname to consider the first match.NIIBE Yutaka2019-10-161-19/+39
| | | | | | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Always use PK0 to search by get_pubkey_byname. Add initial call to pubkey_cmp to fill BEST at first before the loop. -- Fixes-commit: 44604209c1cfe18532d13eda63d8c1f86a6e12ec GnuPG-bug-id: 4713 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Put the first key in candidates correctly.NIIBE Yutaka2019-10-151-19/+18
| | | | | | | | | | | | * g10/getkey.c (get_best_pubkey_byname): After the call of get_pubkey_byname, set up CTX with KEYDB_SEARCH_MODE_LONG_KID to enter the loop. -- Fixes-commit: 7535f1d47a35e30f736f0e842844555f7a4a9841 GnuPG-bug-id: 4713 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: The first key should be in candidates.NIIBE Yutaka2019-10-091-1/+8
| | | | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Handle the first key as the initial candidate for the selection. -- GnuPG-bug-id: 4713 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix a memory leak in get_best_pubkey_byname.NIIBE Yutaka2019-10-071-1/+4
| | | | | | * g10/getkey.c (get_best_pubkey_byname): Free the public key parts. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix expand GPG groups when resolving a keyWerner Koch2019-09-301-22/+29
| | | | | | | | | | | | | | | | | * g10/expand-group.c (expand_group): Add arg prepend_input. * g10/pkclist.c (build_pk_list): Adjust for it. * g10/getkey.c (key_byname): Keep the expanded names in the CTX and don't premature free them. (get_pubkey_byname): Append the namelist to the extra_list. -- The original patch didn't kept the expanded list in the context and also would duplicate names which are not group names. The latter does not really harm but the former lead to a use after free. Original patch was applied just a few weeks ago. Fixes-commit: e825aea2ba3529c333d7ec2c76e63998cb83d999 Signed-off-by: Werner Koch <[email protected]>
* Merge branch 'switch-to-gpgk' into masterWerner Koch2019-09-271-16/+18
|\ | | | | | | | | | | | | | | | | | | | | | | -- Resolved Conflicts: * common/asshelp.c: Keep the new code in master for spawing under Windows. * g10/Makefile.am: Keep all new file. * g10/photoid.c: Pass CTRL to pct_expando. Signed-off-by: Werner Koch <[email protected]>
| * gpg: New option --use-keyboxd.Werner Koch2019-09-091-16/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oUseKeyboxd,oKeyboxdProgram): New consts. (opts): New options --use-keyboxd and --keyboxd-program. (main): Implement them. * g10/keydb.c: Move some defs out to ... * g10/keydb-private.h: new file. * g10/keydb.c: prefix function names with "internal" and move original functions to ... * g10/call-keyboxd.c: new file. Divert to the internal fucntion if --use-keyboxd is used. Add a CTRL arg to most fucntions and change all callers. * g10/Makefile.am (common_source): Add new files. (noinst_PROGRAMS): Do bot build gpgcompose. -- Note that this is just the framework with only a basic implementation of searching via keyboxd. Signed-off-by: Werner Koch <[email protected]>
* | gpg: expand GPG groups when resolving a keyStephan Mueller2019-09-061-3/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/expand-group.c: New * g10/pkclist.c: Extract expand_group and expand_id into expand-group.c. * g10/keydb.h: Add prototypes of expand_id and expand_group. * g10/getkey.c: Use expand_group before resolving key references. * g10/Makefile.am: Compile expand-group.c. -- When searching a key by its name, try to expand the provided name in case it is a GPG group reference. This GPG group resolution is performed before the individual keys are verified. This allows key listing using a GPG group reference. In particular, this modification fixes the encryption to group support in KDE's Kmail which is broken since version 18.04. Signed-off-by: Stephan Mueller <[email protected]> - Changed new filename to use a dash instead of an underscore. - Indendation changes. Signed-off-by: Werner Koch <[email protected]>
* | gpg: Rework the signature subpacket iteration function.Werner Koch2019-09-051-16/+15
| | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (enum_sig_subpkt): Replace first arg by two args so that the entire signature packet is available. Change all callers. (parse_sig_subpkt): Ditto. -- This patch is a prerequisite to support the new attestation key signatures. Signed-off-by: Werner Koch <[email protected]>
* | gpg: Allow --locate-external-key even with --no-auto-key-locate.Werner Koch2019-08-231-0/+20
|/ | | | | | | | | | | | | | | * g10/getkey.c (akl_empty_or_only_local): New. * g10/gpg.c (DEFAULT_AKL_LIST): New. (main): Use it here. (main) <aLocateExtKeys>: Set default AKL if none is set. -- This better matches the expectations of the user. The used list in this case is the default list ("local,wkd") with local ignored by the command anyway. GnuPG-bug-id: 4662 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix getting User ID.NIIBE Yutaka2019-07-111-83/+40
| | | | | | | | | | | * g10/getkey.c (user_id_db): Remove, as no use anymore. (get_user_id_string): Use cache_get_uid_bykid. (get_user_id_byfpr): Use cache_get_uid_byfpr. * g10/objcache.c (cache_get_uid_byfpr): New. * g10/objcache.h (cache_get_uid_byfpr): New. Fixes-commit: 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Avoid printing false AKL error message.Werner Koch2019-07-041-4/+4
| | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_byname): Add special traeatment for default and skipped-local. -- This change avoids error message like gpg: error retrieving '[email protected]' via None: No public key A 'None' mechanism is something internal. Signed-off-by: Werner Koch <[email protected]>
* gpg: New command --locate-external-key.Werner Koch2019-07-041-16/+32
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (aLocateExtKeys): New. (opts): Add --locate-external-keys. (main): Implement that. * g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL. (get_best_pubkey_byname): Add arg 'mode' and pass on to get_pubkey_byname. Change callers. * g10/keylist.c (public_key_list): Add arg 'no_local'. (locate_one): Ditto. Pass on to get_best_pubkey_byname. -- This new command is a shortcut for --auto-key-locate nodefault,clear,wkd,... --locate-key and uses the default or configured AKL list but does so without local. See also GnuPG-bug-id: 4599 Signed-off-by: Werner Koch <[email protected]>
* gpg: Make the get_pubkey_byname interface easier to understand.Werner Koch2019-07-041-16/+25
| | | | | | | | | | | * g10/keydb.h (enum get_pubkey_modes): New. * g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and change all callers. -- This change prepares the implementation of GET_PUBKEY_NO_LOCAL. Signed-off-by: Werner Koch <[email protected]>
* g10: Copy expiredate from primary key when marked expired.NIIBE Yutaka2019-05-231-1/+5
| | | | | | | | | * g10/getkey.c (merge_selfsigs): Update ->expiredate of subkey. -- GnuPG-bug-id: 3343 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix double free when locating by mboxAndre Heinecke2019-04-181-2/+1
| | | | | | | | | | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Set new.uid always to NULL after use. -- pubkey_cmp is not guranteed to set new.uid. So if the diff < 0 case is reached best is set to new. If then diff > 0 is reached without modifying new.uid e.g. if the key has no matching mboxes. new.uid is free'd even though the uid is still referenced in best. GnuPG-Bug-Id: T4462
* gpg: New caching functions.Werner Koch2019-04-131-119/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/objcache.c: New. * g10/objcache.h: New. * g10/Makefile.am (common_source): Add them. * g10/gpg.c: Include objcache.h. (g10_exit): Call objcache_dump_stats. * g10/getkey.c: Include objcache.h. (get_primary_uid, release_keyid_list): Remove. (cache_user_id): Remove. (finish_lookup): Call the new cache_put_keyblock instead of cache_user_id. (get_user_id_string): Remove code for mode 2. (get_user_id): Implement using cache_get_uid_bykid. -- This generic caching module is better than the ad-hoc code we used in getkey.c. More cleanup in getkey is still required but it is a start. There is also a small performance increase with the new cache: With a large keyring and --list-sigs I get these numbers: | | before | after | |------+------------+------------| | real | 14m1.028s | 12m16.186s | | user | 2m18.484s | 1m36.040s | | sys | 11m42.420s | 10m40.044s | Note the speedup in the user time which is due to the improved cache algorithm. This is obvious, because the old cache was just a long linked list; the new cache are two hash tables. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix printing of the user id during import.Werner Koch2019-04-051-9/+13
| | | | | | | | | | | | | * g10/getkey.c (struct keyid_list): Add field fprlen. (cache_user_id): Set and test it. (get_user_id_byfpr): Make static, add arg fprlen and use it. (get_user_id_byfpr_native): Add arg fprlen and change all callers. -- This was a regression in the 2.3 base. GnuPG-bug-id: 3801 Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove unused arg in a card related function.Werner Koch2019-04-011-1/+1
| | | | | | * g10/call-agent.c (agent_scd_setattr): Remove unused arg serialno. Signed-off-by: Werner Koch <[email protected]>
* kbx: Unify the fingerprint search modes.Werner Koch2019-03-141-3/+0
| | | | | | | | | | | | | | | * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16) (KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove. Switch all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value. -- These search modes were added over time and there has until recently be no incentive to remove the cruft. With the change for v5 keys I finally went over all places and allowed the generic fingerprint mode along with a given length of the fingerprint at all places. Consequently the other modes can now be removed. Signed-off-by: Werner Koch <[email protected]>
* kbx: Add support for 32 byte fingerprints.Werner Koch2019-03-141-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/userids.c (classify_user_id): Support 32 byte fingerprints. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR32): New. (struct keydb_search_desc): Add field fprlen. * kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field version and increase size of fpr to 32. * kbx/keybox-blob.c: Define new version 2 for PGP and X509 blobs. (struct keyboxblob_key): Add field fprlen and increase size of fpr. (pgp_create_key_part_single): Allow larger fingerprints. (create_blob_header): Implement blob version 2 and add arg want_fpr32. (_keybox_create_openpgp_blob): Detect the need for blob version 2. * kbx/keybox-search.c (blob_get_first_keyid): Support 32 byte fingerprints. (blob_cmp_fpr): Ditto. (blob_cmp_fpr_part): Ditto. (has_fingerprint): Add arg fprlen and pass on. (keybox_search): Support KEYDB_SEARCH_MODE_FPR32 and adjust for changed has_fingerprint. * kbx/keybox-openpgp.c (parse_key): Support version 5 keys. * kbx/keybox-dump.c (_keybox_dump_blob): Support blob version 2. * g10/delkey.c (do_delete_key): Support KEYDB_SEARCH_MODE_FPR32. * g10/export.c (exact_subkey_match_p): Ditto. * g10/gpg.c (main): Ditto. * g10/getkey.c (get_pubkey_byfprint): Adjust for changed KEYDB_SEARCH_MODE_FPR. * g10/keydb.c (keydb_search_desc_dump): Support KEYDB_SEARCH_MODE_FPR32 and adjust for changed KEYDB_SEARCH_MODE_FPR. (keydb_search): Add new arg fprlen and change all callers. * g10/keyedit.c (find_by_primary_fpr): Ditto. * g10/keyid.c (keystr_from_desc): Ditto. * g10/keyring.c (keyring_search): Ditto. * g10/keyserver.c (print_keyrec): Ditto. (parse_keyrec): Ditto. (keyserver_export): Ditto. (keyserver_retrieval_screener): Ditto. (keyserver_import): Ditto. (keyserver_import_fprint): Ditto. (keyidlist): Ditto. (keyserver_get_chunk): Ditto. * g10/keydb.c (keydb_search): Add new arg fprlen and change all callers. * sm/keydb.c (keydb_search_fpr): Adjust for changed KEYDB_SEARCH_MODE_FPR. -- This prepares the support for OpenPGP v5 keys. The new version 2 blob format is needed for the longer fingerprints and we also use this opportunity to prepare for storing the keygrip in the blob for faster lookup by keygrip. Right now this is not yet functional. Signed-off-by: Werner Koch <[email protected]>
* gpg: Prepare revocation keys for use with v5 keys.Werner Koch2018-12-041-4/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (struct revocation_key): Add field 'fprlen'. * g10/parse-packet.c (parse_revkeys): Set fprlen and allow for v5 keys. Also fix reading of unitialized data at place where MAX_FINGERPRINT_LEN is used. * g10/revoke.c (gen_desig_revoke): Allow for v5 keys and use fprlen. Do an explicit compare to avoid reading unitialized data. * g10/sig-check.c (check_revocation_keys): Use the fprlen. * g10/getkey.c (merge_selfsigs_main): Do an explicit copy to avoid reading unitialized data. * g10/import.c (revocation_present): Use fprlen. * g10/keyedit.c (show_key_with_all_names): Use fprlen. (menu_addrevoker): Use fprlen. Allow for v5 keys. * g10/keygen.c (keygen_add_revkey): Use fprlen. (parse_revocation_key): Allow for v5 keys. * g10/keyid.c (keyid_from_fingerprint): Allow for v5 keys. Print a better error message in case of bogus fingerprints. * g10/keylist.c (print_revokers): Use fprlen. -- The reading of uninitialized data is harmless but we better fix it to make valgrind happy. More serious was that we always passed MAX_FINGERPRINT_LEN but we will need to support 20 and 32 octet fingerprints and MAX_FINGERPRINT_LEN would be too large for a v4. Signed-off-by: Werner Koch <[email protected]>
* common: Prepare for parsing mail sub-addresses.Werner Koch2018-11-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | * common/mbox-util.c (mailbox_from_userid): Add arg subaddress and implement. Change all callers to pass false for it. * common/t-mbox-util.c (run_mbox_no_sub_test): New. (run_filter): Add arg no_sub. (main): Call new test and add option --no-sub. -- Some stats: In the about 5300000 keys on the SKS servers we found 3055 unique mailboxes with a '+' in it. After removing leading and trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz") 2697 were left which seem to be valid sub-addresses. To filter mailboxes out from a line delimited list with user-ids (e.g. an SQL output), the command t-mbox-util --verbose --filter can be used; to output w/o sub-addresses add --no-sub. GnuPG-bug-id: 4200 Signed-off-by: Werner Koch <[email protected]>
* all: fix spelling and typosDaniel Kahn Gillmor2018-10-241-2/+2
| | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Remove unused function get_pubkeys.Werner Koch2018-08-291-263/+4
| | | | | | | | * g10/getkey.c (get_pubkeys): Remove. (pubkey_free): Remove and use code directly ... (pubkeys_free): ... here. Signed-off-by: Werner Koch <[email protected]>
* gpg: Refresh expired keys originating from the WKD.Werner Koch2018-08-281-15/+94
| | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (getkey_ctx_s): New field found_via_akl. (get_pubkey_byname): Set it. (only_expired_enc_subkeys): New. (get_best_pubkey_byname): Add support to refresh expired keys from the WKD. -- A little drawback of that code is that if the WKD has no update for an expired key each access of the key will trigger a WKD lookup (unless cached by the dirmngr). To avoid this we need to record the last time we have checked for an update but that would in turn require that we update the keyring for each check. We defer this until we have a better key database which allows for fast updates of meta data. Testing the code is currently a bit cumbersome because it requires to update a key in the WKD several times. Eventually we we need a network emulation layer to provide sample data for the regression tests. GnuPG-bug-id: 2917 Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove unused arg from a function.Werner Koch2018-08-281-2/+2
| | | | | | | * g10/getkey.c (get_best_pubkey_byname): Remove unused arg 'no_akl'. Change both callers. Signed-off-by: Werner Koch <[email protected]>
* g10: Move enum_secret_keys to skclist.c.NIIBE Yutaka2018-08-271-197/+0
| | | | | | | | | | | | | * g10/getkey.c (enum_secret_keys): Move to... * g10/skclist.c (enum_secret_keys): ... here. -- The function enum_secret_keys is not used by gpgv.c, but it is in getkey.c. Extending enum_secret_keys will require change of gpgv.c, so moving the function to the file for gpg is better. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix comment of enum_secret_keys.NIIBE Yutaka2018-08-271-2/+0
| | | | | | | | | * g10/getkey.c (enum_secret_keys): Fix comment for usage of enum_secret_keys, following the previous change. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Enumerated keys for decryption should be unique.NIIBE Yutaka2018-08-271-0/+25
| | | | | | | | | | | * g10/getkey.c (enum_secret_keys): Collecting keys in the context, check duplicate to make sure returning only unique keys. * g10/pubkey-enc.c (get_session_key): Now, it's the responsibility of enum_secret_keys to free keys. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Prepare for signatures with ISSUER_FPR but without ISSUER.Werner Koch2018-07-051-2/+45
| | | | | | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_for_sig): New. (get_pubkeyblock_for_sig): New. * g10/mainproc.c (issuer_fpr_raw): Give global scope. (check_sig_and_print): Use get_pubkeyblock_for_sig. * g10/pkclist.c (check_signatures_trust): Use get_pubkey_for_sig. * g10/sig-check.c (check_signature2): Ditto. (check_signature_over_key_or_uid): Ditto. -- GnuPG-bug-id: 4046 The whole getkey stuff is still a mess with way to much duplication and missing caching of already fetched data. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix memory leak for PKT_signature.NIIBE Yutaka2018-07-031-1/+1
| | | | | | | | | | | | * g10/getkey.c (buf_to_sig): Free by free_seckey_enc. * g10/gpgcompose.c (signature): Likewise. * g10/sign.c (write_signature_packets): Likewise. -- Reported-by: Philippe Antoine GnuPG-bug-id: 4047 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Remove PGP6 compliance mode.Werner Koch2018-05-291-3/+3
| | | | | | | | * g10/gpg.c: Make --pgp6 an alias for --pgp7. * common/compliance.h (gnupg_compliance_mode): Remove CO_PGP6. * g10/options.h (PGP6): Remove. Adjust all users. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix detection of the AEAD feature flag.Werner Koch2018-05-291-1/+1
| | | | | | * g10/getkey.c (fixup_uidnode): Use bitmask 0x02. Signed-off-by: Werner Koch <[email protected]>
* Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-05-131-7/+14
|\ | | | | | | | | | | | | | | | | | | -- Resolved Conflicts: NEWS - removed configure.ac - removed Signed-off-by: Werner Koch <[email protected]>
| * gpg: Extend the "sig" record in --list-mode.Werner Koch2018-04-121-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call callers. (get_user_id): Add arg R_NOUID. Change call callers. * g10/mainproc.c (issuer_fpr_string): Make global. * g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key also in --list-mode. Print the "issuer fpr" field also if there is an issuer fingerprint subpacket. -- Scripts used to rely on the "User ID not found" string even in the --with-colons listing. However, that is not a good idea because that string is subject to translations etc. Now we have an explicit way of telling that a key is missing. For example: gpg --list-sigs --with-colons | \ awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}' Prints all keyids or fingerprint of signing keys for which we do not have the key in our local keyring. Signed-off-by: Werner Koch <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-04-101-0/+2
|\| | | | | | | | | | | | | | | | | -- Fixed conflicts: NEWS - keep master configure.ac - merge g10/card-util.c - mostly 2.2 g10/sig-check.c - 2.2