aboutsummaryrefslogtreecommitdiffstats
path: root/g10/main.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Print better diagnostics for keyserver operations.Werner Koch2015-02-181-1/+3
| | | | | | | | | | | | | | | | | | | | | | | * g10/armor.c (parse_key_failed_line): New. (check_input): Watch out for gpgkeys_ error lines. * g10/filter.h (armor_filter_context_t): Add field key_failed_code. * g10/import.c (import): Add arg r_gpgkeys_err. (import_keys_internal): Ditto. (import_keys_stream): Ditto. * g10/keyserver.c (keyserver_errstr): New. (keyserver_spawn): Detect "KEY " lines while sending. Get gpgkeys_err while receiving keys. (keyserver_work): Add kludge for better error messages. -- GnuPG-bug-id: 1832 Note that these changes can be backported to 1.4 but they don't make sense for 2.1 due to the removal of the keyserver helpers. The error reporting could be improved even more but given that this is an old GnuPG branch it is not justified to put too much effort into it. Signed-off-by: Werner Koch <[email protected]>
* Use inline functions to convert buffer data to scalars.Werner Koch2015-02-121-1/+0
| | | | | | | | | | | | | | | | * include/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- This fixes sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. (back ported from commit 2183683bd633818dd031b090b5530951de76f392) Signed-off-by: Werner Koch <[email protected]>
* gpg: Make the use of "--verify FILE" for detached sigs harder.Werner Koch2014-11-141-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/openfile.c (open_sigfile): Factor some code out to ... (get_matching_datafile): new function. * g10/plaintext.c (hash_datafiles): Do not try to find matching file in batch mode. * g10/mainproc.c (check_sig_and_print): Print a warning if a possibly matching data file is not used by a standard signatures. -- Allowing to use the abbreviated form for detached signatures is a long standing bug which has only been noticed by the public with the release of 2.1.0. :-( What we do is to remove the ability to check detached signature in --batch using the one file abbreviated mode. This should exhibit problems in scripts which use this insecure practice. We also print a warning if a matching data file exists but was not considered because the detached signature was actually a standard signature: gpgv: Good signature from "Werner Koch (dist sig)" gpgv: WARNING: not a detached signature; \ file 'gnupg-2.1.0.tar.bz2' was NOT verified! We can only print a warning because it is possible that a standard signature is indeed to be verified but by coincidence a file with a matching name is stored alongside the standard signature. Reported-by: Simon Nicolussi (to gnupg-users on Nov 7) Signed-off-by: Werner Koch <[email protected]> (backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
* gpg: Avoid using cached MD5 signature status.Werner Koch2014-10-111-3/+4
| | | | | | | | | | | | | * g10/sig-check.c (check_key_signature2): Avoid using a cached MD5 signature status. * g10/keyring.c (keyring_get_keyblock): Ditto. (write_keyblock): Ditto. * g10/sig-check.c (do_check): Move reject warning to ... * g10/misc.c (print_md5_rejected_note): new. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Default to SHA-256 for all signature types on RSA keys.Werner Koch2014-09-271-1/+1
| | | | | | | | | | * g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in strict RFC or PGP modes. * g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for RSA key signatures. -- (Backported from commit d33246700578cddd1cb8ed8164cfbba50aba4ef3)
* gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.Daniel Kahn Gillmor2014-09-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c: Add config options that should belong in scdaemon.conf * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New. -- In gpg2, the following options are only relevant for scdaemon: reader-port ctapi-driver pcsc-driver disable-ccid but in gpg1, they are options for gpg itself. Some users of gpg1 might have these options in their ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that config file. gpg2 should not fail hard, though giving a warning (and suggesting a move to scdaemon.conf) seems OK. This patch does *not* reintroduce any documentation for these options in gpg.texi, even to indicate that they are "dummy" options, since scdaemon.texi contains the appropriate documentation. Debian-bug-id: 762844 Program names factored out from obsolete_scdaemon_option to make reuse without new translations easier. -wk This is a backport of commit 371c2b14b0347209efd23b4e54e1981a12d7aeab with parts of 20c6da50d4f6264d26d113d7de606971f719a0ca but without those which would change existing translated strings. -wk
* gpg: Fix regression due to the keyserver import filter.Werner Koch2014-08-061-2/+1
| | | | | | | | | | * g10/keyserver.c (keyserver_retrieval_filter): Change args. Rewrite to take subpakets in account. * g10/import.c (import_one, import_secret_one): Pass keyblock to filter. -- GnuPG-bug-id: 1680
* gpg: Screen keyserver responses.Stefan Tomanek2014-06-241-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/main.h (import_filter_t): New. * g10/import.c (import): Add filter callbacks to param list. (import_one): Ditto. (import_secret_one): Ditto. (import_keys_internal): Ditto. (import_keys_stream): Ditto. * g10/keyserver.c (keyserver_retrieval_filter): New. (keyserver_spawn): Pass filter to import_keys_stream() -- These changes introduces import functions that apply a constraining filter to imported keys. These filters can verify the fingerprints of the keys returned before importing them into the keyring, ensuring that the keys fetched from the keyserver are in fact those selected by the user beforehand. Signed-off-by: Stefan Tomanek <[email protected]> Re-indention and minor changes by wk. Resolved conflicts: g10/import.c g10/keyserver.c g10/main.h
* gpg: New %U expando for the photo viewer.Werner Koch2014-06-031-0/+1
| | | | | | | | | | | | | | * g10/photoid.c (show_photos): Set namehash. * g10/misc.c (pct_expando): Add "%U" expando. -- This makes is possible to extract all photos ids from a key to different files. (cherry picked from commit e184a11f94e2d41cd9266484542631bec23628b5) Resolved conflicts: g10/photoid.c - whitespaces
* gpg: Change --show-session-key to print the session key earlier.Werner Koch2013-12-111-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | * g10/cpr.c (write_status_strings): New. (write_status_text): Replace code by a call to write_status_strings. * g10/mainproc.c (proc_encrypted): Remove show_session_key code. * g10/decrypt-data.c (decrypt_data): Add new show_session_key code. -- This feature can be used to return the session key for just a part of a file. For example to downloading just the first 32k of a huge file, decrypting that incomplete part and while ignoring all the errors break out the session key. The session key may then be used on the server to decrypt the entire file without the need to have the private key on the server. GnuPG-bug-id: 1389 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 101a54add351ff62793cbfbf3877787c4791f833) Resolved Conflicts: doc/DETAILS - removed g10/cpr.c - replace estream fucntion by stdio. g10/mainproc.c - Adjust for changed calling convention.
* gpg: Fix --version output and explicitly disable ECC.Werner Koch2013-10-111-0/+1
| | | | | | | | | | | | | | | | | | | * g10/misc.c (openpgp_pk_algo_name): New. Replace all calls in g10/ to gcry_pk_algo_name by a call to this function. (map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG. (openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of GCRY_PK_ELG_E. Return an error for ECC algos. (openpgp_pk_test_algo2): Return an error for ECC algos. * g10/gpg.c (build_list): Avoid printing ECC two times. * include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*. -- Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg --version" printed two question marks. This patches fixes that and also make sure that gpg does advertise any ECC features. The patch in build_list is not really needed. Signed-off-by: Werner Koch <[email protected]>
* Fix printing of ECC algo names in hkp keyserver listings.Werner Koch2012-11-271-2/+3
| | | | | | | | | | * g10/misc.c (map_pk_openpgp_to_gcry): New. * g10/keyserver.c (print_keyrec): Map OpenPGP algorithm ids. -- Although we don't have support for ECC, we want to print a proper algorithm name in keyserver listings. This will only work while using a ECC enabled Libgcrypt. Problem reported by Kristian Fiskerstrand.
* Implement command --passwd for GPG.Werner Koch2010-01-111-0/+1
|
* Add full Camellia support.David Shaw2009-06-051-1/+5
| | | | | | | | | | | | | | | | | | * configure.ac: Remove Camellia restriction. * gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia restriction. * misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_* functions, but pass the algorithm number through map_cipher_openpgp_to_gcry. This is needed in case the gcry algorithm number doesn't match the OpenPGP number (c.f. Camellia). * encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c, passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
* Import/export of pkcs#12 now uses the gpg-agent directly.Werner Koch2009-04-011-1/+0
| | | | | Removed duplicated code (percent unescaping).
* Add rmd160.c.Werner Koch2008-12-121-0/+1
| | | | | Emit anotehr error code status line.
* Make gpg not depend on the RIPE-MD160 implementaion in Libgcrypt.Werner Koch2008-12-111-1/+0
| | | | | Fix SIG_ID computation.
* Use more warning options with modern GCCs.Werner Koch2008-10-171-1/+1
| | | | | Other minor changes.
* * main.h, mainproc.c (check_sig_and_print), keylist.cDavid Shaw2008-10-031-2/+4
| | | | | | | | | (list_keyblock_print), pkclist.c (do_edit_ownertrust), keyedit.c (menu_showphoto), photoid.c (generate_photo_id, show_photos), misc.c (pct_expando): Add %v and %V expandos so that displaying photo IDs can show the attribute validity tag (%v) and string (%V). Originally by Daniel Gillmor.
* Add command --locate-key.Werner Koch2008-05-071-1/+1
| | | | | Fix auto-key-locate processing of "nodefault".
* Adjust for the changed Camellia draft.Werner Koch2008-04-181-0/+1
| | | | | | W32 gettext changes. Comment and typo fixes.
* Support DSA2.Werner Koch2007-12-121-0/+1
| | | | | | Support Camellia for testing. More audit stuff.
* Started to implement the audit log feature.Werner Koch2007-11-191-0/+24
| | | | | | | | Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes.
* Fixed card key generation of gpg2.Werner Koch2007-07-051-1/+2
| | | | | Reveal less information about timings while generating a key.
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under ↵Werner Koch2007-06-211-1/+6
| | | | Windows.
* Added LIBINTL to more Makefile targets.Werner Koch2007-01-301-0/+2
| | | | | | | | | | | | | | | | | | | | doc/ * com-certs.pem: Added the current root certifcates of D-Trust and S-Trust. g10/ * status.c (write_status_begin_signing): New. * sign.c (sign_file, sign_symencrypt_file): Call it. * textfilter.c (copy_clearsig_text): Call it. * call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if required. * gpg.c (main): Let --no-use-agent and --gpg-agent-info print a warning. * misc.c (obsolete_option): New.
* Started to code a --server mode. Werner Koch2006-12-211-0/+3
| | | | | It is far from being ready!
* * parse-packet.c (parse_symkeyenc): Show the unpacked as well as theDavid Shaw2006-10-131-0/+2
| | | | | | | | | packed s2k iteration count. * main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c (hash_passphrase): Add --s2k-count option to specify the number of s2k hash iterations.
* Fix for bug 537Werner Koch2006-10-021-19/+19
|
* Still making gpg2 work.Werner Koch2006-05-241-0/+3
| | | | | At least the keyids are now correctly computed again.
* g10/ does build again.Werner Koch2006-05-231-0/+1
|
* Merged recent changes from 1.4Werner Koch2006-04-281-0/+1
|
* Merged with gpg 1.4.3 code. Werner Koch2006-04-191-61/+91
| | | | | The gpg part does not yet build.
* Compile fixes.Werner Koch2004-10-221-1/+1
|
* * card-util.c (card_edit): New command "passwd". Add logic toWerner Koch2003-10-211-1/+1
| | | | | | | | check the PIN in advance. (card_status): Add new args to return the serial number. Changed all callers. * call-agent.c (agent_scd_checkpin): New.
* * call-agent.c (agent_scd_getattr): Don't clear the passed infoWerner Koch2003-10-081-1/+1
| | | | | | | | | | | | | | | structure, so that it can indeed be updated. * card-util.c (fpr_is_zero): New. (generate_card_keys): New. (card_edit): New command "generate". * keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call to check_smartcard. (check_smartcard,show_smartcard): Removed. (show_sha1_fpr,fpr_is_zero): Removed. * app-openpgp.c (do_getattr): Support SERIALNO and AID.
* Merged most of David Shaw's changes in 1.3 since 2003-06-03.Werner Koch2003-09-231-1/+4
|
* * g10.c: New command --card-edit.Werner Koch2003-09-181-1/+1
| | | | | | | | | | | | * card-util.c (card_status): Use tty_fprintf for all output. (print_sha1_fpr, print_isoname): Ditto. (get_one_name,change_name, change_url, change_login,change_lang) (change_sex): New; taken from keygen.c. * keygen.c (smartcard_get_one_name, smartcard_change_name) (smartcard_change_url, smartcard_change_login_data) (smartcard_change_lang, smartcard_change_sex): Removed. (check_smartcard): Removed most menu items.
* * gpgsm.c (main): Add secmem features and set the random seed file.Werner Koch2003-07-291-0/+1
| | | | | | | | | | | | (gpgsm_exit): Update the random seed file and enable debug output. * g10.c (main): Add secmem features and set the random seed file. (g10_exit): Update the random seed file. * parse-packet.c (parse_signature,read_protected_v3_mpi) (parse_key): Fixed use of mpi_set_opaque. * keygen.c (gen_card_key): Ditto.
* * g10.c: New command --card-status.Werner Koch2003-07-241-1/+3
| | | | | | | | | * card-util.c (card_status): New. * call-agent.c (learn_status_cb): Parse more information. * keylist.c (print_pubkey_info): Add FP arg for optinal printing to a stream. Changed all callers.
* * keygen.c (generate_keypair): Create an AUTHKEYTYPE entry for cards.Werner Koch2003-07-231-0/+3
| | | | | | (do_generate_keypair): Abd generate the authkey. (check_smartcard): Changed menu accordingly.
* * export.c (parse_export_options): New option sexp-format.Werner Koch2003-07-161-1/+1
| | | | | | | | | (export_seckeys,export_secsubkeys): Check sexp-format option. (do_export): Ignore armor for sexp format. (do_export_stream): Handle sexp-format. (write_sexp_line,write_sexp_keyparm, build_sexp_seckey): New. (build_sexp): New.
* Finished the bulk of changes for gnupg 1.9. This included switchingWerner Koch2003-06-181-10/+32
| | | | | | | | | | | to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
* This commit was manufactured by cvs2svn to create branchRepo Admin2003-06-051-0/+241
| | | | 'GNUPG-1-9-BRANCH'.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-224/+0
| | | | 'GNUPG-1-9-BRANCH'.
* added fast-import to import-optionsStefan Bellon2002-09-231-2/+3
|
* Import from stable branch.David Shaw2002-09-131-0/+1
| | | | | | | | | | | | | | | | | | | | 2002-09-13 David Shaw <[email protected]> * getkey.c (check_revocation_keys): Move.... * main.h, sig-check.c (check_revocation_keys): to here. Also return the signature_check error code rather than 0/1 and cache the sig result. * sig-check.c (check_key_signature2): Divert to check_revocation_keys if a revocation sig is made by someone other than the pk owner. * getkey.c (merge_selfsigs_main): Tidy. 2002-09-13 Werner Koch <[email protected]> * g10.c (main) [__MINGW32__]: Activate oLoadExtension.
* * g10.c, options.h: Removed option --emulate-checksum-bug.Werner Koch2002-09-111-1/+0
| | | | | | | | | | | | | | | * misc.c (checksum_u16_nobug): Removed. (checksum_u16): Removed the bug emulation. (checksum_mpi): Ditto. (checksum_mpi_counted_nbits): Removed and replaced all calls with checksum_mpi. * parse-packet.c (read_protected_v3_mpi): New. (parse_key): Use it here to store it as an opaque MPI. * seckey-cert.c (do_check): Changed the v3 unprotection to the new why to store these keys. (protect_secret_key): Likewise. * build-packet.c (do_secret_key): And changed the writing.
* * getkey.c (get_user_id_native): Renamed to ..Werner Koch2002-08-191-0/+1
| | | | | | | | | | | | (get_user_id_printable): this. Filter out all dangerous characters. Checked all usages. (get_user_id_string_native): Renamed to.. (get_user_id_string_printable): this. Filter out all dangerous characters. Checked all usages. * keyedit.c (show_basic_key_info): New. * keylist.c (print_fingerprint): New mode 3. * import.c (import_one): Use new function to display the user ID.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 19:07:40 +0000