aboutsummaryrefslogtreecommitdiffstats
path: root/g10/keydb.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* g10: Remove unused function (get_pubkey_bynames).Neal H. Walfield2015-09-161-2/+0
| | | | | | | | * g10/keydb.h (get_pubkey_bynames): Remove prototype. * g10/getkey.c (get_pubkey_bynames): Remove function. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10: Improve interface documentation of the keydb API.Neal H. Walfield2015-08-311-1/+186
| | | | | | | | | * g10/keydb.c: Improve code comments and documentation of internal interfaces. Improve documentation of public APIs and move that to... * g10/keydb.h: ... this file. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10: Remove unused parameter.Neal H. Walfield2015-08-311-1/+1
| | | | | | | | * g10/keydb.h (keydb_locate_writable): Remove unused parameter reserved. Update users. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10: Simplify cache. Only include data that is actually used.Neal H. Walfield2015-08-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.c (struct kid_list_s): Rename from this... (struct kid_not_found_cache_bucket): ... to this. Update users. Remove field state. (kid_list_t): Remove type. (KID_NOT_FOUND_CACHE_BUCKETS): Define. Use this instead of a literal. (kid_found_table): Rename from this... (kid_not_found_cache_bucket): ... to this. Update users. (kid_found_table_count): Rename from this... (kid_not_found_cache_count): ... to this. Update users. (kid_not_found_p): Only return whether a key with the specified key id is definitely not in the database. (kid_not_found_insert): Remove parameter found. Update callers. (keydb_search): Only insert a key id in the not found cache if it is not found. Rename local variable once_found to already_in_cache. -- Signed-off-by: Neal H. Walfield <[email protected]>. Commit e0873a33 started tracking whether key ids where definitely in the database. This information is, however, never used and thus just unnecessarily inflates the cache. This patch effectively reverts that change (however, e0873a33 contains two separate changes and this only reverts that change).
* gpg: Allow gpgv to work with a trustedkeys.kbx file.Werner Koch2015-08-071-0/+1
| | | | | | | | | | * g10/keydb.h (KEYDB_RESOURCE_FLAG_GPGVDEF): New. * g10/keydb.c (keydb_add_resource): Take care of new flag. * g10/gpgv.c (main): Use new flag. -- GnuPG-bug-id: 2025 Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve speed of --check-sigs and --lish-sigs.Werner Koch2015-06-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.c (kid_list_t): New. (kid_not_found_table, n_kid_not_found_table): New. (kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New. (keydb_insert_keyblock): Flush the new cache. (keydb_delete_keyblock): Ditto. (keydb_update_keyblock): Ditto. (keydb_search): Use the new cache. (keydb_dump_stats): New. * g10/gpg.c (g10_exit): Dump keydb stats. -- What we do here is to keep track of key searches by long keyids (as stored in all signatures) so that we do not need to scan the keybox again after we already found that this keyid will result in not-found. As soon as we change gpg to run as a co-process we should store this table per session because other instances of gpg may have updated the keybox without us knowing. On a test ring with gpg: 94721 good signatures gpg: 6831 bad signatures gpg: 150703 signatures not checked due to missing keys gpg: 5 signatures not checked due to errors gpg: keydb: kid_not_found_table: total: 14132 this new cache speeds a --check-sigs listing up from 28 minutes to less than 3 minutes. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add push/pop found state feature to keydb.Werner Koch2015-05-081-0/+2
| | | | | | | | | | | | | | * g10/keydb.c (keydb_handle): Add field saved_found. (keydb_new): Init new field. (keydb_push_found_state, keydb_pop_found_state): New. * g10/keyring.c (kyring_handle): Add field saved_found. (keyring_push_found_state, keyring_pop_found_state): New. -- We have the same feature in gpgsm. It is very useful to check for an unambiguous user id with a follow up update of the keyblock. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve 'General key info' line of --card-status.Werner Koch2015-05-071-2/+2
| | | | | | | | | | | | | | | | | * g10/keylist.c (print_pubkey_info): Print either "pub" or "sub". * g10/getkey.c (get_pubkey_byfprint): Add optional arg R_KEYBLOCK. * g10/keyid.c (keyid_from_fingerprint): Adjust for change. * g10/revoke.c (gen_desig_revoke): Adjust for change. * g10/card-util.c (card_status): Simplify by using new arg. Align card-no string. * g10/card-util.c (card_status): Remove not used GnuPG-1 code. -- This now prints "sub" if the first used card key is actually a subkey. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix informative printing of user ids.Werner Koch2014-10-131-1/+3
| | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (keyid_list): Add field "fpr". (cache_user_id): Store fpr and check for dups only by fpr. (get_pubkey_byfpr): New. (get_user_id_string): Make static and use xasprintf. (get_long_user_id_string): Use xasprintf. (get_user_id_byfpr): New. (get_user_id_byfpr_native): New. * g10/keyid.c (fingerprint_from_pk): Make arg RET_LEN optional. * g10/import.c (import_one): Use get_user_id_byfpr_native. -- We now cache the userids using the fingerprint. This allows to print the correct user id for keys with a duplicated key id. We should eventually start to retire the use of all the old keyid based functions. However, at some places we only have the keyid and thus some of them will need to be kept (maybe changed with an indication to show that more than several user ids are matching). Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow importing keys with duplicated long key ids.Werner Koch2014-10-131-0/+1
| | | | | | | | | | | | | | | * g10/keydb.c (keydb_handle): Add field no_caching. (keyblock_cache): Repalce field kid by fpr. (keydb_disable_caching): New. (keydb_search): Use the fingerprint as cache index. * g10/import.c (import_one): Use the fingerprint and not the kid to lookup the key. Call keydb_disable_caching beofre re-searching for update. * tests/openpgp/import.test: Add a test case. Signed-off-by: Werner Koch <[email protected]>
* gpg: Skip overlong keys and a print a warning.Werner Koch2014-10-091-0/+1
| | | | | | | | | | | | | * kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too long blobs. * sm/keydb.c (keydb_search): Call keybox_search with a dummy param. * g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs. (keydb_search_reset): Reset that field. (keydb_search): Update that field. (keydb_get_skipped_counter): New. * g10/keylist.c (list_all): Print count of skipped keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add list-option "show-usage".Werner Koch2014-08-131-1/+1
| | | | | | | * g10/gpg.c (parse_list_options): Add "show-usage". * g10/options.h (LIST_SHOW_USAGE): New. * g10/keyid.c (usagestr_from_pk): Add arg FILL. Change caller. * g10/keylist.c (list_keyblock_print): Print usage info.
* gpg: Auto-create revocation certificates.Werner Koch2014-06-301-0/+1
| | | | | | | | | | | | | * configure.ac (GNUPG_OPENPGP_REVOC_DIR): New config define. * g10/revoke.c (create_revocation): Add arg "leadin". (gen_standard_revoke): New. * g10/openfile.c (get_openpgp_revocdir): New. (open_outfile): Add MODE value 3. * g10/keyid.c (hexfingerprint): New. * g10/keygen.c (do_generate_keypair): Call gen_standard_revoke. -- GnuPG-bug-id: 1042
* gpg: Re-enable secret key deletion.Werner Koch2014-04-151-1/+2
| | | | | | | * g10/call-agent.c (agent_delete_key): New. * g10/keydb.h (FORMAT_KEYDESC_DELKEY): New. * g10/passphrase.c (gpg_format_keydesc): Support new format. * g10/delkey.c (do_delete_key): Add secret key deletion.
* gpg: Change pinentry prompt to talk about "secret key".Werner Koch2014-04-151-0/+4
| | | | | | | | | * g10/passphrase.c (gpg_format_keydesc): Add mode 2. Change strings. * g10/keydb.h (FORMAT_KEYDESC_NORMAL, FORMAT_KEYDESC_IMPORT) (FORMAT_KEYDESC_EXPORT): New. Use them for clarity. -- The use of the term "certificate" was more confusing than helpful.
* gpg: Change format for the key size in --list-key and --edit-key.Werner Koch2014-02-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode. * g10/options.h (struct opt): Add field legacy_list_mode. * g10/keydb.h (PUBKEY_STRING_SIZE): New. * g10/keyid.c (pubkey_string): New. * g10/import.c (import_one, import_secret_one): Use pubkey_string. * g10/keylist.c (print_seckey_info): Ditto. (print_pubkey_info, print_card_key_info): Ditto. (list_keyblock_print): Ditto. * g10/mainproc.c (list_node): Ditto. * g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto. * g10/keyedit.c (show_key_with_all_names): Ditto. Also change the format. (show_basic_key_info): Ditto. * common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519". (openpgp_oid_to_curve): Downcase "ed25519" -- For ECC it seems to be better to show the name of the curve and not just the size of the prime field. The curve name does not anymore fit into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length format does not work either. Thus the new format uses "rsa2048" - RSA with 2048 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". unless --legacy-list-mode is given. In does not anymore line up nicely in columns thus I expect further changes to this new format. Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove cipher.h and put algo ids into a common file.Werner Koch2014-01-291-1/+0
| | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (cipher_algo_t, pubkey_algo_t, digest_algo_t) (compress_algo_t): New. * agent/gpg-agent.c: Remove ../g10/cipher.h. Add openpgpdefs.h. * g10/cipher.h (DEK): Move to ... * g10/dek.h: new file. * g10/cipher.h (is_RSA, is_ELGAMAL, is_DSA) (PUBKEY_MAX_NPKEY, PUBKEY_MAX_NSKEY, PUBKEY_MAX_NSIG, PUBKEY_MAX_NENC) (PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC, PUBKEY_USAGE_CERT) (PUBKEY_USAGE_AUTH, PUBKEY_USAGE_NONE): Move to * g10/packet.h: here. * g10/cipher.h: Remove. Remove from all files. * g10/filter.h, g10/packet.h: Include dek.h. * g10/Makefile.am (common_source): Remove cipher.h. Add dek.h. Signed-off-by: Werner Koch <[email protected]>
* Merge branch 'master' into key-storage-workWerner Koch2013-02-121-0/+3
|\
| * gpg: Add pinentry-mode feature.Werner Koch2013-02-071-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c: Include shareddefs.h. (main): Add option --pinentry-mode. * g10/options.h (struct opt): Add field pinentry_mode. * g10/passphrase.c: Include shareddefs.h. (have_static_passphrase): Take care of loopback pinentry_mode. (read_passphrase_from_fd): Ditto. (get_static_passphrase): New. (passphrase_to_dek_ext): Factor some code out to ... (emit_status_need_passphrase): new. * g10/call-agent.c (start_agent): Send the pinentry mode. (default_inq_cb): Take care of the PASSPHRASE inquiry. Return a proper error code. (agent_pksign): Add args keyid, mainkeyid and pubkey_algo. (agent_pkdecrypt): Ditto. * g10/pubkey-enc.c (get_it): Pass new args. * g10/sign.c (do_sign): Pass new args. * g10/call-agent.c (struct default_inq_parm_s): New. Change all similar structs to reference this one. Change all users and inquire callback to use this struct, instead of NULL or some undefined but not used structs. This change will help to eventually get rid of global variables. -- This new features allows to use gpg without a Pinentry. As a prerequisite the agent must be configured to allow the loopback pinentry mode (option --allow-loopback-pinentry). For example gpg2 --pinentry-mode=loopback FILE.gpg may be used to decrypt FILE.gpg while entering the passphrase on the tty. If batch is used, --passphrase et al. may be used, if --command-fd is used, the passphrase may be provided by another process. Note that there are no try-again prompts in case of a bad passphrase.
* | gpg: Remove a function wrapper.Werner Koch2013-01-081-3/+2
| | | | | | | | | | | | * g10/keydb.h (keydb_search): Remove macro. * g10/keydb.c (keydb_search2): Rename to keydb_search. Change all callers.
* | gpg: First patches to support a keybox storage backend.Werner Koch2012-12-271-5/+6
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-defs.h (_keybox_write_header_blob): Move prototype to .. * kbx/keybox.h: here. * kbx/keybox-init.c (keybox_lock): Add dummy function * g10/keydb.c: Include keybox.h. (KeydbResourceType): Add KEYDB_RESOURCE_TYPE_KEYBOX. (struct resource_item): Add field kb. (maybe_create_keyring_or_box): Add error descriptions to diagnostics. Add arg IS_BOX. Write a header for a new keybox file. (keydb_add_resource): No more need for the force flag. Rename the local variable "force" to "create". Add URL scheme "gnupg-kbx". Add magic test to detect a keybox file. Add basic support for keybox. (keydb_new, keydb_get_resource_name, keydb_delete_keyblock) (keydb_locate_writable, keydb_search_reset, keydb_search2): Add support for keybox. (lock_all, unlock_all): Ditto. * g10/Makefile.am (needed_libs): Add libkeybox.a. (gpg2_LDADD, gpgv2_LDADD): Add KSBA_LIBS as a workaround. * g10/keydb.h (KEYDB_RESOURCE_FLAG_PRIMARY) KEYDB_RESOURCE_FLAG_DEFAULT, KEYDB_RESOURCE_FLAG_READONLY): New. * g10/gpg.c, g10/gpgv.c (main): Use new constants. -- I did most of these changes back in 2011 and only cleaned them up now. More to follow soon.
* Re-indentation of keydb.c and error code changes.Werner Koch2011-04-291-14/+13
| | | | | | Returning -1 as an error code is not very clean given that gpg error has more descriptive error codes. Thus we now return GPG_ERR_NOT_FOUND for all search operations and adjusted all callers.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-4/+4
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* More agent support for gpg.Werner Koch2010-10-131-4/+1
|
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-3/+6
| | | | | | A couple of forward ported changes. Doc updates.
* Removed more secret key related code.Werner Koch2010-09-061-14/+3
| | | | | | It builds fine and passes some of the tests but there are quite some features which don't work yet.
* Import OpenPGP keys into the agent.Werner Koch2010-08-311-0/+5
|
* Provide a useful pinentry prompt.Werner Koch2010-04-271-0/+3
|
* Decryption and signi via agent is now implemented.Werner Koch2010-04-231-2/+2
|
* More changes on the way to remove secring.gpg.Werner Koch2010-04-211-15/+12
|
* Generating an OpenPGP key cia gpg-agent basically works.Werner Koch2010-04-201-0/+3
|
* Various changes to eventually support openpgp keys in pgp-agent.Werner Koch2010-02-021-8/+22
| | | | | | Comment fixes. Minor chnages in preparation of a W32CE port.
* Add dummu option --passwd for gpg.Werner Koch2010-01-081-0/+1
| | | | | Collected changes.
* Unification of the search descriptor usage.Werner Koch2009-12-081-30/+0
|
* Some changes to suport g13.Werner Koch2009-09-301-8/+14
|
* Made card key generate with backup key work for 2048 bit.Werner Koch2009-05-151-5/+5
| | | | | Improved card key generation prompts.
* --locate-key now returns several keys if they all match.Werner Koch2008-05-071-1/+1
|
* Enhanced --auto-key-locate.Werner Koch2008-04-081-1/+1
|
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Collected fixes.Werner Koch2006-11-051-0/+2
|
* Fix for bug 537Werner Koch2006-10-021-4/+4
|
* Migrated more stuff to doc/Werner Koch2006-08-211-0/+1
| | | | | | | | Migrated the gpg regression tests. Some changes tp the gpg code to fix bugs and for the use in testing. make distcheck works now with gpg enabled.
* With --enable-gpg the keyservers are now build and a first test using gpg2Werner Koch2006-08-161-0/+2
| | | | | shows no prblems. Needs more testing of course.
* Preparing a new releasegnupg-1.9.22Werner Koch2006-07-271-2/+11
|
* g10/ does build again.Werner Koch2006-05-231-0/+1
|
* Merged with gpg 1.4.3 code. Werner Koch2006-04-191-21/+41
| | | | | The gpg part does not yet build.
* * app-openpgp.c (store_fpr): Fixed fingerprint calculation.Werner Koch2003-07-011-1/+5
| | | | | | | | * keygen.c (gen_card_key): Obviously we should use the creation date received from SCDAEMON, so that the fingerprints will match. * sign.c (do_sign): Pass the serialno to the sign code. * keyid.c (serialno_and_fpr_from_sk): New.
* Finished the bulk of changes for gnupg 1.9. This included switchingWerner Koch2003-06-181-1/+2
| | | | | | | | | | | to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
* This commit was manufactured by cvs2svn to create branchRepo Admin2003-06-051-0/+278
| | | | 'GNUPG-1-9-BRANCH'.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-265/+0
| | | | 'GNUPG-1-9-BRANCH'.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-09 10:47:24 +0000