aboutsummaryrefslogtreecommitdiffstats
path: root/g10/gpg.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Add option --with-v5-fingerprintWerner Koch2023-09-041-0/+13
| | | | | | | | | | | | | | | | * g10/gpg.c (oWithV5Fingerprint): New. (opts): Add new option. (main): Set option. * g10/options.h (opt): Add with_v5_fingerprint. * g10/keyid.c (hash_public_key): Factor out to ... (do_hash_public_key): this. Add new arg to foce v5 style hashing. (v5_fingerprint_from_pk): New. (v5hexfingerprint): New. * g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys if the option is set. -- GnuPG-bug-id: 6705
* gpg,agent,kbx,sm,scd,tpm2d,g13: Use assuan_control.NIIBE Yutaka2023-08-031-0/+1
| | | | | | | | | | | | | | | * agent/gpg-agent.c (thread_init_once): Call assuan_control. * g10/gpg.c (main): Likewise. * g13/g13.c (main): Likewise. * kbx/keyboxd.c (thread_init_once): Likewise. * scd/scdaemon.c (main): Likewise. * sm/gpgsm.c (main): Likewise. * tpm2d/tpm2daemon.c (main): Likewise. -- GnuPG-bug-id: 6606 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent,dirmgr,gpg,g13,kbx,scd,sm,tmp2d: Remove ASSUAN_SYSTEM_NPTH.NIIBE Yutaka2023-08-031-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (initialize_modules): Don't call assuan_set_system_hooks. (main): Don't call assuan_sock_set_system_hooks. * dirmngr/dirmngr.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (thread_init): Don't call assuan_set_system_hooks. * g10/gpg.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (main): Don't call assuan_set_system_hooks. * g13/g13.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (main): Set the syscall clamp with gpgrt_set_syscall_clamp. Don't call assuan_set_system_hooks. * kbx/keyboxd.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (initialize_modules): Don't call assuan_set_system_hooks. (main): Don't call assuan_sock_set_system_hooks. * scd/scdaemon.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (main): Don't call assuan_set_system_hooks. * sm/gpgsm.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (main): Don't call assuan_set_system_hooks. * tpm2d/tpm2daemon.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove. (main): Don't call assuan_set_system_hooks. -- GnuPG-bug-id: 6606 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Add parallelized filter for hashing.NIIBE Yutaka2023-07-251-0/+1
| | | | | | | | | | | | | | | | | | | * g10/options.h (COMPAT_PARALLELIZED): New. * g10/filter.h (md_thd_filter_context_t): New type. (md_thd_filter_set_md, md_thd_filter): New. * g10/gpg.c (compatibility_flags): Update to support COMPAT_PARALLELIZED. * g10/mdfilter.c (struct md_thd_filter_context): New. (lock_md, unlock_md, get_buffer_to_hash, put_buffer_to_recv): New. (get_buffer_to_fill, put_buffer_to_send, md_thread): New. (md_thd_filter, md_thd_filter_set_md): New. * g10/sign.c (sign_file): Add support for md_thd_filter. (sign_symencrypt_file): Likewise. -- GnuPG-bug-id: 6570 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Use is_secured_filename before opening the file.NIIBE Yutaka2023-07-141-3/+3
| | | | | | | | | | * g10/gpg.c (print_mds): Check by is_secured_filename, earlier. * g10/tdbdump.c (import_ownertrust): Likewise. -- GnuPG-bug-id: 6508 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify.NIIBE Yutaka2023-07-051-2/+4
| | | | | | | | | | | | | | | * common/iobuf.h (iobuf_fdopen_nc): Use gnupg_t. * common/iobuf.c (iobuf_fdopen_nc): Use gnupg_t. * g10/main.h (encrypt_crypt, gpg_verify): Use gnupg_fd_t. * g10/encrypt.c (encrypt_crypt): Use gnupg_fd_t. (encrypt_crypt_files): Follow the change. * g10/gpg.c (main): Follow the change. * g10/verify.c (gpg_verify): Use gnupg_fd_t. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New option --no-compress as alias for -z0.Werner Koch2023-06-151-0/+7
|
* gpg: Make progress work for large files on Windows.Werner Koch2023-06-131-1/+7
| | | | | | | | | | | | | | | | | | * common/iobuf.c (iobuf_get_filelength): Change return type to uint64_t and remove the overflow args. For Windows always use GetFileSizeEx which is available since the long EOL-ed Windows XP. * g10/sign.c (write_plaintext_packet): Adjust for changed iobuf_get_filelength. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Ditto. * g10/photoid.c (generate_photo_id): Ditto. Also add an upper limit. * g10/filter.h (progress_filter_context_t): Change amount values to use uint64_t. * g10/progress.c (write_status_progress): Change accordingly. -- GnuPG-bug-id: 6534
* gpg: New option --debug-ignore-expiration to help with testing.Werner Koch2023-05-091-1/+7
| | | | | | | | | | | | | * g10/gpg.c (oDebugIgnoreExpiration): New. (opts): Add option. (main): Set flag. * g10/options.h (opt): Add field ignore_expiration. * g10/pkclist.c (do_we_trust): Handle the option. * g10/getkey.c (skip_unusable): Ditto. (finish_lookup): Ditto. -- GnuPG-bug-id: 2703
* kbx: Use custom estream bufferingWerner Koch2023-05-081-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-init.c (ll_buffer_size): New var intialized to 128k (stream_buffers): New var. (keybox_set_buffersize): New. (_keybox_ll_open, _keybox_ll_close): Implement buffering. * sm/gpgsm.c (oKbxBufferSize): New. (opts): Add option --kbx-buffer-size. (main): Call keybox_set_buffersize. * g10/gpg.c: Include keybox.h. * (oKbxBufferSize): New. (opts): Add option --kbx-buffer-size. (main): Call keybox_set_buffersize. -- Running a test on Windows using a pubring.kbx with Total number of blobs: 2098 openpgp: 1294 x509: 803 and a size of 42MiB with gpgsm -k --with-validation --disable-dirmngr --kbx-buffer-size N >nul gives these performance figures using procmon | N(k) | file events | time(s) | |------+-------------+---------| | 0 | 4900000 | 86 | | 16 | 2456000 | 58 | | 32 | 1233000 | 43 | | 64 | 622000 | 37 | | 128 | 317000 | 32 | | 256 | 164000 | 31 | | 512 | 88000 | 30 | Using _open instead of CreateFile give the same number of file events but increased the time slight by one second for the measured buffer size of 64k and 128k. Benchmarks for gpg have not been conducted.
* gpg: New option --assert-signer.Werner Koch2023-04-051-3/+21
| | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (enum cmd_and_opt_values): Add oAssertSigner. (opts): Add "assert-signer". (main): Set option. (assert_signer_true): New var. (g10_exit): Evaluate new var. * g10/main.h (assert_signer_true): Declare new var. * common/status.h (STATUS_ASSERT_SIGNER): New. * g10/options.h (opt): Add field assert_signer_list. * g10/verify.c (is_fingerprint): New. (check_assert_signer_list): New. * g10/mainproc.c (check_sig_and_print): Call that function. Clear assert_signer_true on a warning. * g10/gpgv.c: Add dummy function and vars. * g10/t-keydb-get-keyblock.c: Ditto. * g10/t-keydb.c: Ditto. * g10/t-stutter.c: Ditto. --
* Use the keyboxd for a fresh installWerner Koch2023-04-041-5/+15
| | | | | | | | | | | | * common/homedir.c (gnupg_maybe_make_homedir): Also create a common.conf. * g10/keydb.c: Include comopt.h. (maybe_create_keyring_or_box): Detect the creation of a common.conf. * g10/gpg.c (main): Avoid adding more resources in this case. * sm/keydb.c: Include comopt.h. (maybe_create_keybox): Detect the creation of a common.conf. * common/comopt.h (comopt): Remove the conditional "extern".
* gpg: New command --quick-add-adskWerner Koch2023-03-211-0/+15
| | | | | | | | | | | * g10/gpg.c (enum cmd_and_opt_values): Add aQuickAddADSK. (opts): Add --quick-add-adsk. (main): Call the actual function. * g10/keyedit.c (keyedit_quick_addadsk): New. (menu_addadsk): Add arg adskfpr and change caller. -- GnuPG-bug-id: 6395
* gpg,gpgsm: New option --log-timeWerner Koch2023-03-081-0/+9
| | | | | | | | | | | * g10/gpg.c (oLogTime): New. (opts): Add "log-time". (opt_log_time): New var. (main): Implement. * sm/gpgsm.c (oLogTime): New. (opts): Add "log-time". (opt_log_time): New var. (main): Implement.
* gpg: New option --add-desig-revokerWerner Koch2023-02-161-0/+9
| | | | | | | | | | | | * g10/gpg.c (oAddDesigRevoker): New. (opts): Add new option. * g10/options.h (opt): Add field desig_revokers. * g10/keygen.c (get_parameter_idx): New. (get_parameter): Make use of get_parameter_idx. (prepare_desig_revoker): New. (get_parameter_revkey): Add arg idx. (proc_parameter_file): Add designated revokers. (do_generate_keypair): Write all designated revokers.
* gpg: --gen-random code cleanup by using es_set_binary.Werner Koch2023-02-161-3/+1
| | | | | | | | | | | * g10/gpg.c (main): Replace setmode by es_set_binary and use only when needed. -- It is better to use our es_set_binary than to use a Windows specific method which still worked but is fragile because estream might be changed. We now set binary only when needed. Note that it does not harm to call es_set_binary more often than needed.
* gpg: New list-option --show-unusable-sigs.Werner Koch2023-02-071-0/+2
| | | | | | | | | | | | | | | | | | | * g10/options.h (LIST_SHOW_UNUSABLE_SIGS): New. * g10/gpg.c (parse_list_options): Add "show-unusable-sigs". * g10/keydb.h (keyid_eq): New. (pk_is_primary): New. * g10/keylist.c (list_signature_print): Early return for weak key signatures. Print "self-signature" instead of user-id. (list_keyblock_print): Simplify and always set self-sig node flag. -- This patch avoid the printing of often hundreds of "Invalid digest algorithm" notices during key signature listings if those key signatures were done with SHA1. The new option can be used to revert the behaviour. We now also print "[self-signature]" with --check-sigs or --list-sigs instead of the primary user id. This makes such listing easier to read.
* gpg: Make "--list-options show-sig-subpackets=n,m" work again.Werner Koch2023-01-311-4/+11
| | | | | | | | * g10/gpg.c (parse_list_options): Set value for show-sig-subpackets. -- Fixes-commit: 811cfa34cb3e7166f0cf1f94565504dee21cd9f5 and thus a regression in 2.4.0
* gpg: Replace --override-compliance-check by a real fix.Werner Koch2023-01-201-15/+1
| | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA. * g10/gpg.c (oOverrideComplianceCheck): Remove. (opts): Turn --override-compliance-check into a dummy option. * g10/options.h (opt): Remove override_compliance_check. * g10/sig-check.c (check_key_verify_compliance): Remove use of that option. -- The introduction of --override-compliance-check actually hid the real cause for the signature verification problem in de-vs mode for the Ed25519 key. The real fix is to handle the EdDSA algorithm in gnupg_pk_is_allowed. Fixes-commit: fb26e144adfd93051501d58f5d0d4f8826ddf436 GnuPG-bug-id: 5655
* gpg: Detect already compressed data also when using a pipe.Werner Koch2023-01-191-0/+1
| | | | | | | | | | | | | | | | | | | | | * common/iobuf.c (file_filter_ctx_t): Add fields for the peek feature. (file_filter): Implement peeking. (iobuf_ioctl): Add new IOBUF_IOCTL_PEEK. * common/iobuf.h (IOBUF_IOCTL_PEEK, IOBUFCTRL_PEEK): New. * common/miscellaneous.c (is_file_compressed): Rewrite. Detect PDF. * g10/encrypt.c (encrypt_simple): Peek before detecting compression. (encrypt_crypt): Ditto. * g10/sign.c (sign_file): Also detect already compressed data. * g10/options.h (opt): Add explicit_compress_option. * g10/gpg.c (main): Set opt.explicit_compress_option for -z. -- Note that this patch also introduces a compression check for signing which was never done in the past. GnuPG-bug-id: 6332
* gpg: New option --list-filterWerner Koch2022-11-251-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oListFilter): New. (opts): Add --list-filter. (main): Parse oListFilter. * g10/keylist.c: Include init.h and recsel.h. (struct list_filter_s, list_filter): New. (release_list_filter): New. (cleanup_keylist_globals): New. (parse_and_set_list_filter): New. (list_keyblock): Implement --list-filter type "select". * g10/import.c (impex_filter_getval): Add scope support and new property names "key-size", "algostr", "origin", "lastupd", and "url". -- This option is pretty useful to select keys based on their properties. The scope thing can be sued to limit a selection to just the primary key or to subkeys. For example: gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519' Lists all non-revoked keys with an ed25519 (signing)-subkey.
* gpg: New option --quick-update-pref.Werner Koch2022-11-041-1/+13
| | | | | | | | | | | | * g10/gpg.c (aQuickUpdatePref): New. (opts): Add --quick-update-pref. (main): Implement. * g10/keyedit.c (keyedit_quick_update_pref): New. (menu_set_preferences): Add arg 'unattended' and adjust caller. -- This new quick command is in particular useful to update existing keys so that they can be used with OCB mode.
* gpg: New list-options show-pref and show-pref-verbose.Werner Koch2022-11-041-0/+4
| | | | | | | | | * g10/options.h (LIST_SHOW_PREF): New. (LIST_SHOW_PREF_VERBOSE): New. * g10/gpg.c (parse_list_options): Add new options. * g10/keyedit.c (show_prefs): Factor code out to ... * g10/keylist.c (show_preferences): new. (list_keyblock_print): Call show_preferences.
* gpg: Merge --rfc4880bis features into --gnupgWerner Koch2022-10-311-32/+3
| | | | | | | | | | | | * g10/gpg.c (oRFC4880bis): Remove. (opts): Make --rfc4880bis a Noop. (compliance_options): Make rfc4880bis to gnupg. (set_compliance_option): Remove rfc4880bis stuff. (main): Ditto. Note that this now activates the --mimemode option. * g10/keygen.c (keygen_set_std_prefs): Remove rfc4880bis protection. (keygen_upd_std_prefs): Always announce support for v5 keys. (read_parameter_file): Activate the v4 and v5 keywords. --
* gpg: Allow only OCB for AEAD encryption.Werner Koch2022-10-311-63/+5
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): New option--force-ocb as alias for force-aead. Turn --aead-algo and --personal-aead-preferences into dummy options. (build_list_md_test_algo, build_list_aead_algo_name): Remove. (my_strusage): Remove output of AEAD algos. (main): Remove code from the --aead options. * g10/encrypt.c (encrypt_seskey): Make file local. (use_aead): Remove requirement for rfc4880bis. Always return AEAD_ALGO_OCB. * g10/main.h (DEFAULT_AEAD_ALGO): Removed unused macro. * g10/misc.c (default_aead_algo): Remove. * g10/pkclist.c (select_aead_from_pklist): Return AEAD_ALGO_OCB or 0. (select_algo_from_prefs): Remove personal AEAD algo setting. * g10/keygen.c (keygen_set_std_prefs): Remove AEAD preference option parsing. * g10/options.h (opt): Remove def_aead_algo and personal_aead_prefs. -- Due to the meanwhile expired patent on OCB there is no more reason for using EAX. Thus we forcefully use OCB if the AEAD feature flag is set on a key.
* gpg: New option --compatibility-flagsWerner Koch2022-10-311-0/+20
| | | | | | | | | | | * g10/gpg.c (oCompatibilityFlags): New. (opts): Add option. (compatibility_flags): New list. (main): Set flags and print help. * g10/options.h (opt): Add field compatibility_flags. -- No flags are yet defined but it is good to have the framework.
* common: New common option no-autostart.Werner Koch2022-08-221-0/+2
| | | | | | | | | | | | | | | | | | | | * common/comopt.c (opts): Add "no-autostart". (parse_comopt): Set it. * common/comopt.h (comopt): Add no_autostart. * g10/gpg.c (main): Take care of the new option. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (INCLUDED_BY_MAIN_MODULE): Add. (main): Parse common options and handle new option. * tools/gpg-card.c (main): Ditto. (cmd_yubikey): Fix minor error reporting issue. * common/util.h (GNUPG_MODULE_NAME_CARD): New const. * common/homedir.c (gnupg_module_name): Support it. -- Having a global option makes it easier to use disable autostart on a server which is required to use a remote gpg-agent reliable.
* agent: Do not consider --min-passphrase-len for the magic wand.Werner Koch2022-06-271-1/+23
| | | | | * agent/call-pinentry.c (generate_pin): Lock to exactly 30 octets. * g10/gpg.c (main) <aGenRandom>: Add Level 30.
* w32: Do no use Registry item DefaultLogFile for the main tools.Werner Koch2022-04-201-1/+1
| | | | | | | | | | | | | | | | * g10/gpg.c (main): Set LOG_NO_REGISTRY. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto. (show_other_registry_entries): Print "DefaultLogFile". -- The intention of this mostly forgotten registry entry was to allow for easy debugging of the tools. However, with the global config file common.conf things are anyway better. We disable the use for the commonly used tools so that it does not look like calling gpg on the command line seems to block with no output if the log server (e.g. tcp://1.2.3.4:11111) is not reachable.
* gpg: Remove EAX from the preference list.Werner Koch2022-03-281-6/+1
| | | | | | | | | | * g10/gpg.c (main): Remove note about rfc4880bis. * g10/keygen.c (keygen_set_std_prefs): Use only OCB in the AEAD preference list. -- It is more than unlikely that EAX will ever be used in practice and thus we remove it from the preference list.
* gpg: New option --require-compliance.Werner Koch2022-03-081-0/+6
| | | | | | | | | | | | | | * g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
* gpg,sm: Set --verbose and clear --quiet in debug mode.Werner Koch2022-02-011-0/+6
| | | | | * g10/gpg.c (set_debug): Tweak options. * sm/gpgsm.c (set_debug): Ditto.
* gpg: Add unfinished code for --export-secret-ssh-key.Werner Koch2021-12-201-0/+14
| | | | | | | | | | | | | | | | * g10/gpg.c (exportSecretSshKey): New. (opts): Add --export-secret-ssh-key. (main): Implement option. * g10/export.c (do_export_stream): Factor keywrap key code out to ... (get_keywrap_key): new. (mb_write_uint32, mb_write_uint8) (mb_write_data, mb_write_cstring) (mb_write_string, mb_write_mpi): New. (receive_raw_seckey_from_agent): New. (export_secret_ssh_key): New. -- Due to time constraints the code is not yet ready.
* gpg: New option --forbid-gen-key.Werner Koch2021-11-221-9/+40
| | | | | | | | | | | | * g10/gpg.c (oForbidGenKey, opts): New option. (mopt): New local struct (gen_key_forbidden): New. (main): Set and handle the option. -- In large system installation it is sometimes useful to make it a bit harder for users to generate their own keys. An example is a policy to not use on-disk keys.
* gpg,gpgsm: Add option --min-rsa-length.Werner Koch2021-11-181-0/+5
| | | | | | | | | | | | | | | * common/compliance.c (min_compliant_rsa_length): New. (gnupg_pk_is_compliant): Take in account. (gnupg_pk_is_allowed): Ditto. (gnupg_set_compliance_extra_info): New. * g10/gpg.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * g10/options.h (opt): Add field min_rsa_length. * sm/gpgsm.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * sm/gpgsm.h (opt): Add field min_rsa_length.
* gpg: Fix indentation of --print-mds and --print-md sha512.Werner Koch2021-11-041-4/+4
| | | | | | | * g10/gpg.c (print_hex): Fix indentation. -- GnuPG-bug-id: 5679
* gpg: New option --override-compliance-checkWerner Koch2021-10-131-1/+15
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oOverrideComplianceCheck): New. (opts): Add new option. (main): Set option and add check for batch mode. * g10/options.h (opt): Add flags.override_compliance_check. * g10/sig-check.c (check_signature2): Factor complaince checking out to ... (check_key_verify_compliance): this. Turn error into a warning in override mode. -- There is one important use case for this: For systems configured globally to use de-vs mode, Ed25519 and other key types are not allowed because they are not listred in the BSI algorithm catalog. Now, our release signing keys happen to be Ed25519 and thus we need to offer a way for users to check new versions even if the system is in de-vs mode. This does on purpose not work in --batch mode so that scripted solutions won't accidently pass a signature check. GnuPG-bug-id: 5655
* gpg: Print a note about the obsolete option --secret-keyring.Werner Koch2021-08-281-1/+1
| | | | | | -- GnuPG-bug-id: 2749
* gpg: Change default and max AEAD chunk size to 4 MiBWerner Koch2021-08-271-3/+3
| | | | | | | | | -- This is per OpenPGP WG design team decision from 2021-08-13 (raising a new wall after exactly 60 years ;-) Signed-off-by: Werner Koch <[email protected]>
* gpg: Let --fetch-key return an exit code on failure.Werner Koch2021-06-251-1/+3
| | | | | | | | * g10/keyserver.c (keyserver_fetch): Return an error code. * g10/gpg.c (main) <aFetchKeys>: Return 1 in case of no data. -- GnuPG-bug-id: 5376
* g10: Fix memory leaksJakub Jelen2021-05-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (change_pin): free answer on errors (ask_card_keyattr): free answer on error * g10/cpr.c (do_get_from_fd): free string * g10/gpg.c (check_permissions): free dir on weird error * g10/import.c (append_new_uid): release knode * g10/keyedit.c (menu_set_keyserver_url): free answer (menu_set_keyserver_url): free user * g10/keygen.c (print_status_key_not_created): move allocation after sanity check (ask_expire_interval): free answer (card_store_key_with_backup): goto leave instaed of return * g10/keyserver.c (parse_keyserver_uri): goto fail instead of return * g10/revoke.c (gen_desig_revoke): release kdbhd (gen_desig_revoke): free answer * g10/tofu.c (ask_about_binding): free sqerr and response * g10/trustdb.c (ask_ownertrust): free pk -- Signed-off-by: Jakub Jelen <[email protected]> Further changes: * g10/card-util.c (change_pin): Do not set answer to NULL. * g10/keyedit.c(menu_set_keyserver_url): Use !func() pattern. Signed-off-by: Werner Koch <[email protected]> GnuPG-bug-id: 5393
* gpg: Improve speed of secret key listing.Werner Koch2021-05-191-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | * agent/command.c (cmd_keyinfo): Factor some code out to ... (get_keyinfo_on_cards): ... new. (cmd_havekey): Add --list mode. * g10/gpg.h (struct server_control_s): Add new caching vars. * g10/gpg.c (gpg_deinit_default_ctrl): Release cache. * g10/call-agent.c (agent_probe_any_secret_key): Init and try to use the keygrip cache. (agent_genkey): Clear the cache. (agent_import_key): Ditto. * g10/keylist.c (list_all, list_one): Pass ctrl to agent_probe_any_secret_key. * g10/getkey.c (lookup): Ditto. -- With this change we first ask the agent for a list of all secret keygrips and use that list instead of asking the agent for each public key. Speeds up my "gpg -K" with a lot of secret and public keys by more than 25%. Signed-off-by: Werner Koch <[email protected]>
* gpg,sm: Ignore the log-file option from common.conf.Werner Koch2021-04-211-6/+0
| | | | | | | | | | | * g10/gpg.c (main): Don't use the default log file from common.conf. * sm/gpgsm.c (main): Ditto. -- That was acutally not intended and contradicts the description in doc/example/common.conf. Signed-off-by: Werner Koch <[email protected]>
* gpg,gpgsm: Move use-keyboxd to the new conf file common.confWerner Koch2021-04-191-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/comopt.c, common/comopt.h: New. * common/Makefile.am: Add them. * g10/gpg.c: Include comopt.h. (main): Also parse common.conf. * sm/gpgsm.c: Include comopt.h. (main): Set a flag for the --no-logfile option. Parse common.conf. * tools/gpgconf-comp.c (known_options_gpg): Remove "use-keyboxd", add pseudo option "use_keyboxd". (known_pseudo_options_gpg): Add pseudo option "use_keyboxd". (known_options_gpgsm): Remove "use-keyboxd". * tests/openpgp/defs.scm (create-gpghome): Create common.conf. * doc/examples/common.conf: New. -- Note that --use-keybox still works but prints a warning. We will eventually remove this option becuase it was marked as an experimental feature anyway. It would be too confusing if gpg and gpgsm use different key storages. Further, other components (e.g. dirmngr or gpg-wks-client) which call gpg or gpgsm need to be aware that the keyboxd is used and pass that option on the command line. Now that common.conf is always read (even if --no-options is used) those tools will work instantly.
* Release GnuPG 2.3.0gnupg-2.3.0Werner Koch2021-04-071-1/+1
|
* gpgconf: Return a new pseudo option compliance_de_vs.Werner Koch2021-04-011-0/+8
| | | | | | | | | | | | | * tools/gpgconf-comp.c (known_pseudo_options_gpg): Add "compliance_de_vs". * g10/gpg.c (gpgconf_list): Returh that pseudo option. -- Of course this will always return false for this version of gnupg. But as soon as this version has been approved we have everything ready for a runtime check. Signed-off-by: Werner Koch <[email protected]>
* gpg: No warning in quiet mode for S2K mode 0.Werner Koch2021-03-241-1/+2
| | | | --
* gpg: New option --no-auto-trust-new-key.Beta-2.3.0-beta1655Werner Koch2021-03-151-0/+4
| | | | | | | | | * g10/gpg.c (oNoAutoTrustNewKey): New. (opts): Add --no-auto-trust-new-key. (main): Set it. * g10/options.h (opt): Add flags.no_auto_trust_new_key. Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --force-sign-keyWerner Koch2021-03-111-1/+5
| | | | | | | | | | * g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key". (main): Set it. * g10/options.h (opt): New flag flags.force_sign_key. * g10/keyedit.c (sign_uids): Use new flag. -- GnuPG-bug-id: 4584
* w32: Always use Unicode for console input and output.Werner Koch2021-03-051-2/+12
| | | | | | | | | | | | | | | | | * common/init.c (_init_common_subsystems) [W32]: Set the codepage to UTF-8 for input and putput. Switch gettext to UTF-8. * tools/gpgconf.c (main): Display the input and output codepage if they differ. * g10/gpg.c (utf8_strings) [W32]: Make sure this is always set. -- With this patch the former patch to use ReadConsoleW and WriteConsoleW in ttyio.c are kind of superfluous because the ANSI version of these functions are also able to read/write UTF-8 directly given the console code page has been set correctly. However, this seems to work only with recent versions of Windows-10. GnuPG-bug-id: 4365
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 10:51:22 +0000