aboutsummaryrefslogtreecommitdiffstats
path: root/g10/gpg.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Add dummy option --with-subkey-fingerprint.Werner Koch2016-08-171-0/+5
| | | | | | * g10/gpg.c (opts): Add dummy option. Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid publishing the GnuPG version by defaultDaniel Kahn Gillmor2016-08-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): initialize opt.emit_version to 0 * doc/gpg.texi: document different default for --emit-version -- The version of GnuPG in use is not particularly helpful. It is not cryptographically verifiable, and it doesn't distinguish between significant version differences like 2.0.x and 2.1.x. Additionally, it leaks metadata that can be used to distinguish users from one another, and can potentially be used to target specific attacks if there are known behaviors that differ between major versions. It's probably better to take the more parsimonious approach to metadata production by default. (backport of master commit c9387e41db7520d176edd3d6613b85875bdeb32c) Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: Fix --list-packets.NIIBE Yutaka2016-06-281-2/+1
| | | | | | | | | | | | | | | | | | * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. -- (backport from 2.0 commit 4f336ed780cc2783395f3ff2b12b3ebb8e097f7b which is backport of master commit 52f65281f9743c42a48bf5a3354c9ab0ecdb681a) Debian-bug-id: 828109 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Add option --weak-digest to gpg and gpgv.Daniel Kahn Gillmor2015-12-191-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h: Add weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests. * g10/sig-check.c: (do_check): Reject all weak digests. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <[email protected]> (this is a rough cherry-pick of applying the following commits to STABLE-BRANCH-1-4: 76afaed65e3b0ddfa4923cb577ada43217dd4b18 b98939812abf6c643c752ce7c325f98039a1a9e2 91015d021b3dcbe21ad0e580a4f34c523abf9e72 )
* gpg: Reject signatures made with MD5.Werner Koch2015-12-191-0/+7
| | | | | | | | | | | | | | * g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/gpg.conf.tmpl: Add allow_weak_digest_algos. -- (cherry picked from commit f90cfe6b66269de0154d810c5cee1fe9a5af475c) Resolved conflicts: g10/gpg.c - adjust. tests/openpgp/defs.inc - no changes
* gpg: Change default cipher for --symmetric from CAST5 to AES-128.Werner Koch2015-12-171-5/+1
| | | | | | | | | | | * g10/main.h (DEFAULT_CIPHER_ALGO): Change to AES or CAST5 or 3DES depending on configure options. * g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO. -- (cherry picked from commit 57df1121c18b004dd763b35eabf7b51fc9e8ec38) Signed-off-by: Werner Koch <[email protected]>
* Obsolete option --no-sig-create-check.Werner Koch2015-09-011-3/+1
| | | | | | | | | * cipher/rsa.c (rsa_sign): Verify after sign. * g10/gpg.c (opts): Make --no-sig-create-check a NOP. * g10/options.h (opt): Remove field "no_sig_create_check". * g10/sign.c (do_sign): Do check only for DSA. Signed-off-by: Werner Koch <[email protected]>
* Release 1.4.19.gnupg-1.4.19Werner Koch2015-02-271-3/+2
|
* gpg: Add build and runtime support for larger RSA keysDaniel Kahn Gillmor2014-10-031-1/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
* Allow use of --debug-level=LEVEL without '='.Werner Koch2014-09-291-1/+1
| | | | * g10/gpg.c (opts): Fix "debug-level".
* Update config.{guess,sub} and some copyright notices.Werner Koch2013-12-101-0/+1
| | | | | | | * scripts/config.guess, scripts/config.sub: Update to version 2013-11-29. Signed-off-by: Werner Koch <[email protected]>
* gpg: Change armor Version header to emit only the major version.Werner Koch2013-11-271-2/+3
| | | | | | | | | | | | | | | | | | * g10/options.h (opt): Rename field no_version to emit_version. * g10/gpg.c (main): Init opt.emit_vesion to 1. Change --emit-version to bump up opt.emit_version. * g10/armor.c (armor_filter): Implement different --emit-version values. -- GnuPG-bug-id: 1572 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e951782e937ce290be0d89d83e84b3daea997587) Resolved conflicts: NEWS g10/armor.c g10/gpg.c
* gpg: Do not require a trustdb with --always-trust.Werner Koch2013-10-111-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE. * g10/trustdb.c (trustdb_args): Add field no_trustdb. (init_trustdb): Set that field. (revalidation_mark): Take care of a nonexistent trustdb file. (read_trust_options): Ditto. (get_ownertrust): Ditto. (get_min_ownertrust): Ditto. (update_ownertrust): Ditto. (update_min_ownertrust): Ditto. (clear_ownertrusts): Ditto. (cache_disabled_value): Ditto. (check_trustdb_stale): Ditto. (get_validity): Ditto. * g10/gpg.c (main): Do not create a trustdb with most commands for trust-model always. -- This slightly changes the semantics of most commands in that they won't create a trustdb if --trust-model=always is used. It just does not make sense to create a trustdb if there is no need for it. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e) Resolved conflicts: g10/gpg.c g10/tdbio.h g10/trustdb.c (indentation fixes)
* gpg: No need to create a trustdb when encrypting with --always-trust.Werner Koch2013-08-021-0/+6
| | | | | | | | | * g10/gpg.c (main): Special case setup_trustdb for --encrypt. -- (back ported from commit 498b9a95dc65c43240835d64cc92d8fb43014d53) Signed-off-by: Werner Koch <[email protected]>
* Fix potential heap corruption in "gpg -v --version"Werner Koch2012-12-151-43/+39
| | | | | | | | | | | | | | | | | * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. * util/membuf.c (put_membuf_str): New. (get_membuf): Make LEN optional. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
* Support the not anymore patented IDEA cipher algorithm.Werner Koch2012-11-081-50/+8
| | | | | | | | | | | | | | | | | | | | | | | | * cipher/idea.c: New. Take from Libgcrypt master and adjust for direct use in GnuPG. * cipher/idea-stub.c: Remove. * cipher/Makefile.am: Add idea.c and remove idea-stub.c rules. * configure.ac: Remove idea-stub code. * g10/gpg.c (check_permissions): Remove code path for ITEM==2. (main): Make --load-extension a dummy option. * g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2 compatibility mode. * g10/misc.c (idea_cipher_warn): Remove. Also remove all callers. * g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA. * g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA. * g10/status.h (STATUS_RSA_OR_IDEA): Remove. -- To keep the number of actually used algorithms low, we support IDEA only in a basically read-only way (unless --pgp2 is used during key generation). It does not make sense to suggest the use of this old 64 bit blocksize algorithm. However, there is old data available where it might be helpful to have IDEA available.
* Fix typos spotted during translationsWerner Koch2012-08-241-2/+2
| | | | | * g10/gpg.c: uppercase after Syntax * util/secmem.c (print_warn): Update URL.
* Replace file locking by the new portable dotlock code.Werner Koch2012-01-101-2/+2
| | | | | | | | | | | | | * include/dotlock.h: New. From current gnupg master. * util/dotlock.c: Ditto. Include util.h. The major changes done in master are: Factor Unix and W32 specific code out into specific functions. Define HAVE_POSIX_SYSTEM. Rearrange some functions. (disable_dotlock): Rename to dotlock_disable. (create_dotlock): Rename to dotlock_create and add a dummy arg. (destroy_dotlock): Rename to dotlock_destroy. (make_dotlock): Rename to dotlock_take. (release_dotlock): Rename to dotlock_release. (remove_lockfiles): Rename to dotlock_remove_lockfiles.
* Update copyright years.Werner Koch2012-01-101-1/+1
| | | | * util/argparse.c (default_strusage): Update printed copyright year.
* On VMS use --batch by default if in batch mode.Werner Koch2011-09-121-0/+12
| | | | | | This problem was identified and solved by Steven M. Schweda. Note that the vms specific code is not part of this repository. See http://antinode.info/dec/sw/gnupg.html for the VMS port.
* Add pubkey letters e and E for ECC.Werner Koch2011-07-011-39/+41
| | | | | | | This does not mean we have any kind of ECC support now. It is merely to avoid printing a question mark for the algorithm. Trailing white space changes as usual.
* * gpg.c (main): Do not provide a default forDavid Shaw2010-10-291-6/+1
| | | | | | --personal-digest-preferences. This allows the usual digest selection algorithm to pick a digest based on recipient keys.
* Ignore some GnuPG-2 only options.Werner Koch2010-06-011-1/+8
|
* * gpg.c (main): --pgp6 includes --disable-mdc.David Shaw2009-07-311-0/+1
|
* Parse EXTCAP lines from the card.Werner Koch2009-07-231-4/+2
| | | | | Change messages for a corrupt trustdb.
* First set of changes to backport the new card code from 2.0.Werner Koch2009-07-211-0/+1
| | | | | | | | For compatibility reasons a few new files had to be added. Also added estream-printf as this is now used in app-openpgp.c and provides a better and generic asprintf implementation than the hack we used for the W32 code in ttyio.c. Card code is not yet finished.
* Remove Camellia restriction.David Shaw2009-06-051-9/+1
|
* Fix bug#1044.Werner Koch2009-05-201-6/+14
|
* * gpg.c (main): Properly handle UTF8 usernames with --sign-key and --lsign-key.David Shaw2008-12-211-1/+1
|
* Revert that last stupid setuid detection fix.Werner Koch2008-07-171-1/+1
|
* 2008-02-09 Marcus Brinkmann <[email protected]>Marcus Brinkmann2008-02-091-44/+66
| | | | | | | | * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function.
* Fixed a regression in gpg_dermor.gnupg-1.4.8rc2Werner Koch2007-12-141-0/+3
|
* * gpg.c (print_algo_names): New. (list_config): Use it here for theDavid Shaw2007-11-281-1/+35
| | | | | | "ciphername" and "digestname" config items so we can get a script-parseable list of the names.
* Switched to GPLv3.Werner Koch2007-10-231-4/+2
| | | | | Updated gettext.
* * gpg.c (main): Add --require-cross-certification toDavid Shaw2007-10-231-2/+3
| | | | | --openpgp/--rfc4880 mode.
* * gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by default.David Shaw2007-10-231-9/+9
| | | | | | | Enable --require-cross-certification by default. --openpgp (--rfc4880) is the same as --rfc2440 except with "--enable-dsa2 --no-rfc2440-text --escape-from-lines".
* * options.h, gpg.c (main), misc.c (compliance_option_string): AddDavid Shaw2007-10-171-1/+24
| | | | | | | | | --rfc4880, and make --openpgp an alias to it. --rfc2440 now stands alone. For now, use the old 2440 defaults for 4880. * keyedit.c (keyedit_menu): Use compliance_option_string() instead of printing the compliance modes here.
* * gpg.c (main): Fix typo. Noted by John Clizbe.David Shaw2007-07-191-1/+1
|
* Add an extra warning for Camellia.Werner Koch2007-07-091-0/+8
| | | | | | Minor W32 fix Address change.
* * gpg.c, pkclist.c: #include <strings.h> for strcasecmp if it isDavid Shaw2007-04-161-2/+5
| | | | | | present. Note that autoconf protects us against a strings.h that cannot be used together with string.h.
* Preparing 1.4.7gnupg-1.4.7Werner Koch2007-03-051-4/+15
|
* * main.h, keygen.c (ask_expire_interval, parse_expire_string): Pass inDavid Shaw2007-02-011-2/+2
| | | | | | the time to use to calculate the expiration offset, rather than querying it internally. Change all callers.
* Removed references to removed g10defs.h file.Werner Koch2006-12-131-1/+0
|
* Removed the use of g10defs.h.Werner Koch2006-12-111-1/+1
| | | | | | This required some code cleanups and the introduction of a few accessor ducntions in mpi.
* * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): AddDavid Shaw2006-12-031-0/+4
| | | | | | | --passphrase-repeat option to control how many times gpg will re-prompt for a passphrase to ensure the user has typed it correctly. Defaults to 1.
* New command --gpgconf-test.Werner Koch2006-10-231-0/+6
|
* * parse-packet.c (parse_symkeyenc): Show the unpacked as well as theDavid Shaw2006-10-131-0/+32
| | | | | | | | | packed s2k iteration count. * main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c (hash_passphrase): Add --s2k-count option to specify the number of s2k hash iterations.
* do no use reopen_std under W32.Werner Koch2006-06-271-2/+2
|
* * options.h, gpg.c (main), keygen.c (keygen_upd_std_prefs,David Shaw2006-06-221-0/+15
| | | | | | | keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to specify a keyserver URL at key generation time, and "Keyserver:" keyword for doing the same through a batch file.
* * gpg.c (reopen_std): New function to reopen fd 0, 1, or 2 if we areDavid Shaw2006-05-231-0/+62
| | | | | | | | called with them closed. This is to protect our keyring/trustdb files from corruption if they get attached to one of the standard fds. Print a warning if possible that this has happened, and fail completely if we cannot reopen (should never happen). (main): Call it here.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 14:34:14 +0000