aboutsummaryrefslogtreecommitdiffstats
path: root/g10/mainproc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: With --auto-key-retrieve prefer WKD over keyservers.Werner Koch2019-07-051-50/+63
| | | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Print a hint on how to make use of the preferred keyserver. Remove keyserver lookup just by the keyid. Try a WKD lookup before a keyserver lookup. -- The use of the the keyid for lookups does not make much sense anymore since for quite some time we do have the fingerprint as part of the signature. GnuPG-bug-id: 4595 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 96bf8f477805bae58cfb77af8ceba418ff8aaad9)
* g10/mainproc: disable hash contexts when --skip-verify is usedJussi Kivilinna2018-12-051-3/+8
| | | | | | | | | * g10/mainproc.c (proc_plaintext): Do not enable hash contexts when opt.skip_verify is set. -- Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 73e74de0e33bbb76300f96a4174024779047df06)
* gpg: Allow decryption using several passphrases in may cases.Werner Koch2018-07-061-0/+15
| | | | | | | | | | | | | * g10/mainproc.c (symkey_decrypt_seskey): Check for a valid algorithm. (proc_symkey_enc): Clear passpharse on error from above function. -- This does not work reliable as stated in bug 3795 but we can try to fix ~95% of all cases. The real fix is to use AEAD which will come with 2.3 GnuPG-bug-id: 3795, 4050 Signed-off-by: Werner Koch <[email protected]>
* gpg: Prepare for signatures with ISSUER_FPR but without ISSUER.Werner Koch2018-07-051-3/+3
| | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_for_sig): New. (get_pubkeyblock_for_sig): New. * g10/mainproc.c (issuer_fpr_raw): Give global scope. (check_sig_and_print): Use get_pubkeyblock_for_sig. * g10/pkclist.c (check_signatures_trust): Use get_pubkey_for_sig. * g10/sig-check.c (check_signature2): Ditto. (check_signature_over_key_or_uid): Ditto. -- GnuPG-bug-id: 4046 The whole getkey stuff is still a mess with way to much duplication and missing caching of already fetched data. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f7526c7bc754acf68bde0b79c785e875a9365d60)
* gpg: Allow building with older libgpg-error.Werner Koch2018-06-081-1/+1
| | | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Use constant from logging.h -- Because the log levels are enums I had to change there names in libgpg-error to avoid clashes. Master uses the new names but 2.2 needs to stick to the old names. Fixes-commit: 825909e9cd5f344ece6c0b0ea3a9475df1d643de Signed-off-by: Werner Koch <[email protected]>
* gpg: Sanitize diagnostic with the original file name.Werner Koch2018-06-081-1/+8
| | | | | | | | | | | | | | | * g10/mainproc.c (proc_plaintext): Sanitize verbose output. -- This fixes a forgotten sanitation of user supplied data in a verbose mode diagnostic. The mention CVE is about using this to inject status-fd lines into the stderr output. Other harm good as well be done. Note that GPGME based applications are not affected because GPGME does not fold status output into stderr. CVE-id: CVE-2018-12020 GnuPG-bug-id: 4012 (cherry picked from commit 13f135c7a252cc46cff96e75968d92b6dc8dce1b)
* gpg: Also detect a plaintext packet before an encrypted packet.Werner Koch2018-06-061-0/+12
| | | | | | | | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Print warning and later force an error. -- Note that when this error is triggered the plaintext from the literal data packet has already been outputted before the BEGIN_DECRYPTION status line. We fail only later to get more information. Callers need to check and act upon the decryption error code anyway. Thanks to Marcus for pointing out this case. GnuPG-bug-id: 4000 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 344b548dc71657d0285d93f78f17a2663b5e586f)
* gpg: Print a hint on how to decrypt a non-mdc message anyway.Werner Koch2018-05-311-2/+19
| | | | | | | | * g10/mainproc.c (proc_encrypted): Print a hint for legacy ciphers w/o MDC. Also print a dedicated status error code Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 874e391665405fc413a69f2ffacdb94bb08da7ff)
* gpg: Detect multiple literal plaintext packets more reliable.Werner Koch2018-05-311-2/+15
| | | | | | | | | * g10/mainproc.c (proc_encrypted): Bump LITERALS_SEEN. -- GnuPG-bug-id: 4000 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 97183b5c0fae05fcda942caa7df14ee6a133d846)
* gpg: Hard fail on a missing MDC even for legacy algorithms.Werner Koch2018-05-311-8/+5
| | | | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Require an MDC or AEAD * tests/openpgp/defs.scm (create-gpghome): Use --ignore-mdc-error to allow testing with the current files. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit d1431901f0143cdc7af8d1a23387e0c6b5bb613f) Resolved Conflicts: g10/mainproc.c - Remove AEAD stuff.
* gpg: Turn --no-mdc-warn into a NOP.Werner Koch2018-05-311-1/+1
| | | | | | | | | | | | | | | | * g10/gpg.c (oNoMDCWarn): Remove. (opts): Make --no-mdc-warn a NOP. (main): Don't set var. * g10/options.h (struct opt): Remove 'no_mdc_var'. * g10/cipher-cfb.c (write_header): Assume opt.no_mdc_warn is false. * g10/mainproc.c (proc_encrypted): Ditto. -- Users should not be allowed to suppress the warning that they are shooting into their foot. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 96350c5d5afcbc7f66c535e38b9fcc7355622855)
* g10: Fix memory leak in check_sig_and_print.NIIBE Yutaka2018-04-131-0/+1
| | | | | | | | | * g10/mainproc.c (check_sig_and_print): Free the public key. -- GnuPG-bug-id: 3900 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Extend the "sig" record in --list-mode.Werner Koch2018-04-121-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call callers. (get_user_id): Add arg R_NOUID. Change call callers. * g10/mainproc.c (issuer_fpr_string): Make global. * g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key also in --list-mode. Print the "issuer fpr" field also if there is an issuer fingerprint subpacket. -- Scripts used to rely on the "User ID not found" string even in the --with-colons listing. However, that is not a good idea because that string is subject to translations etc. Now we have an explicit way of telling that a key is missing. For example: gpg --list-sigs --with-colons | \ awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}' Prints all keyids or fingerprint of signing keys for which we do not have the key in our local keyring. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend the ERRSIG status line with a fingerprint.Werner Koch2018-04-121-19/+38
| | | | | | | | | | | | | | * g10/mainproc.c (issuer_fpr_raw): New. (issuer_fpr_string): Re-implement using issuer_fpr_rtaw. (check_sig_and_print): Don't free ISSUER_FPR. Use ISSUER_FPR_RAW. Use write_status_printf. Extend ERRSIG status. -- Modern OpenPGP implementations put the ISSUER_FPR into the signature to make it easier to discover the, public needed to check the signature. This is also useful in error messages and thus we add it. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print all keys with --decrypt --list-only.Werner Koch2018-01-081-4/+6
| | | | | | | | | | | | | * g10/mainproc.c (proc_pubkey_enc): Use dedicated error code for list-only and put the key into PKENC_LIST. (print_pkenc_list): Take care of the new error code. -- If the secret keys exist in --list-only mode it was not printed in --list-only mode. GnuPG-bug-id: 3718 Signed-off-by: Werner Koch <[email protected]>
* gpg: Tweak compliance checking for verificationWerner Koch2017-07-271-0/+10
| | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_allowed): Rework to always allow verification. * g10/mainproc.c (check_sig_and_print): Print a con-compliant warning. * g10/sig-check.c (check_signature2): Use log_error instead of log_info. -- We should be able to verify all signatures. So we only print a warning. That is the same beheavour as for untrusted keys etc. GnuPG-bug-id: 3311 Signed-off-by: Werner Koch <[email protected]>
* g10: Avoid caching passphrase for failed symmetric encryption.Marcus Brinkmann2017-07-211-1/+2
| | | | | | | | * g10/mainproc.c (proc_encrypted): If error code is GPG_ERR_CIPHER_ALGO, assume the symmetric passphrase was wrong and invalidate the cache. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2270
* gpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.Werner Koch2017-07-191-0/+4
| | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Track key server request via fingerprint. -- New signatures carry the fingerprint and thus --auto-key-retrieve tries to lookup the key by fingerprint. If that failed it used to also ask the same thing by KEYID - but the keyid is part of the fingerprint and thus it will either get no response or the wrong key back. We can easily avoid this. Signed-off-by: Werner Koch <[email protected]>
* gpg,gpgsm: Fix compliance check for DSA and avoid an assert.Werner Koch2017-06-191-6/+7
| | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA check. Explicitly check for allowed ECC algos. (gnupg_pk_is_allowed): Swap P and Q for DSA check. * g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check. Replace assert by debug message. -- Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0 condition is surprising because it leads to the assumption SYMKEYS could be negative. Better use a boolean test. The assert could have lead to a regression for no good reason. Not being compliant is better than breaking existing users. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix computation of compliance with CO_DE_VS.Justus Winter2017-06-081-3/+4
| | | | | | | | * g10/mainproc.c (proc_encrypted): Symmetric encryption is also in compliance with CO_DE_VS. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* common: Add cipher mode to compliance predicate.Justus Winter2017-06-071-1/+1
| | | | | | | | | | * common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter. * common/compliance.h (gnupg_cipher_is_compliant): Likewise. * g10/mainproc.c (proc_encrypted): Adapt callsite. * sm/decrypt.c (gpgsm_decrypt): Likewise. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* gpg: Report compliance with CO_DE_VS.Justus Winter2017-06-011-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain parameters. (gnupg_cipher_is_compliant): New function. (gnupg_digest_is_compliant): Likewise. * common/compliance.h (gnupg_cipher_is_compliant): New prototype. (gnupg_digest_is_compliant): Likewise. * common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status. (STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise. * doc/DETAILS: Document the new status lines. * g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS and report that using the new status line. (check_sig_and_print): Likewise. * sm/decrypt.c (gpgsm_decrypt): Likewise. * sm/verify.c (gpgsm_verify): Likewise. -- When decrypting data and verifying signatures, report whether the operations are in compliance with the criteria for data classified as VS-NfD. This information will be picked up by the frontend and presented to the user. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix typos.Justus Winter2017-05-301-2/+2
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* gpg: Pass CTRL to many more functions.Werner Koch2017-03-311-15/+15
| | | | | | | | | | -- For proper operations as a server we need to avoid global variables. Thus we need to pass the session state CTRL to most functions. Quite a lot of changes but fortunately straightforward to do. Signed-off-by: Werner Koch <[email protected]>
* gpg: Revamp reading and writing of ring trust packets.Werner Koch2017-03-301-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_trust): Rename to ... (parse_ring_trust): this. Change args and implement new ring trust packet format. (parse): Add special ring trust packet handling. * g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and KEYSRC. (PKT_public_key): Ditto. (RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts. (PKT_ring_trust): New. (struct packet_struct): Remove member RING_TRUST. (strcu parse_packet_ctx_s): Add field SKIP_META. (init_parse_packet): Init SKIPT_META. * g10/free-packet.c (release_public_key_parts): Free UDPATEURL. (free_user_id): Ditto. * g10/mainproc.c (list_node): Remove printing of non-documented "rtv" lines. * g10/build-packet.c (build_packet_and_meta): New. (do_ring_trust): New. * g10/export.c (write_keyblock_to_output): Use build_packet_and_meta in backup mode. (do_export_one_keyblock): Ditto. * g10/import.c (read_block): Add arg WITH_META. Skip ring trust packets if that ism not set. (import): Call read_block WITH_META in restore mode. * g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS) (KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants. They are not yet used, though. * g10/keydb.c (parse_keyblock_image): Allow ring trust packets. (build_keyblock_image): Ditto. Use build_packet_and_meta. * g10/keyring.c (keyring_get_keyblock): Remove specila treatment of ring trust packets. (write_keyblock): Use build_packet_and_meta. Remove special treatment of ring trust packets and initialization of the signature caches. -- This patch introduced the framework to store meta data for keys and user ids in the keyrings/keyboxes. Ring trust packets are implementation defined and have always been used in gpg to cache the signature verification status. Ring trust packets are only exported with the export option "backup" and only imported with the import option "restore". The new code uses a cleaner way to handle the ring trust packets: When the parser reads a ring trust packet and the previously read packet matches the type of that ring trust packet, the information is stored in that previously read packet (signature, user id, or primary key) and the next packet is read immediately. Thus only the parser sees the ring trust packets. Ring trust packets are written by using the new function build_packet_and_meta instead of build_packet. That function writes a ring trust packet when the needed information is available. As a side-effect of this patch the signature status cache works again and "gpg --check-sigs" is thus much faster. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend free_packet to handle a packet parser context.Werner Koch2017-03-291-8/+9
| | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and FREE_LAST_PKT. (init_parse_packet): Clear them. (deinit_parse_packet): New macro. Change all users if init_parse_packet to also call this macro. * g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow packet copies in the context. Change all callers. * g10/parse-packet.c (parse): Store certain packets in the parse context. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Change parse_packet to take a context.Werner Koch2017-03-291-1/+3
| | | | | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): New. (parse_packet_ctx_t): New type. (init_parse_packet): New macro. * g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take a parse context. Change all callers to provide a context instead of directly supplying the input stream. (search_packet, dbg_search_packet): Ditto. (copy_all_packets, dbg_copy_all_packets): Init an use a parse context. (copy_some_packets, dbg_copy_some_packets): Ditto. (skip_some_packets, dbg_skip_some_packets): Ditto. -- We will need this change to handle ring packets inside the parser. Signed-off-by: Werner Koch <[email protected]>
* g10: Move more flags into the flag bitfield.Justus Winter2017-03-081-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and 'is_expired' into the flags bitfield, and drop the prefix. * g10/call-dirmngr.c: Adapt accordingly. * g10/export.c: Likewise. * g10/getkey.c: Likewise. * g10/import.c: Likewise. * g10/kbnode.c: Likewise. * g10/keyedit.c: Likewise. * g10/keylist.c: Likewise. * g10/keyserver.c: Likewise. * g10/mainproc.c: Likewise. * g10/pkclist.c: Likewise. * g10/pubkey-enc.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. -- This patch has been created by applying the following semantic patch: @@ expression E; @@ -E->is_expired +E->flags.expired @@ expression E; @@ -E->is_primary +E->flags.primary @@ expression E; @@ -E->is_revoked +E->flags.revoked Signed-off-by: Justus Winter <[email protected]>
* Remove -I option to common.NIIBE Yutaka2017-03-071-5/+5
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not require a trustdb for decryption.Werner Koch2017-02-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE. Change to return an error code. Change all callers to to pass False for NO_CREATE. (tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test for a non-existing trustdb. Change all callers to to pass False for NO_CREATE. (tdb_get_min_ownertrust): Ditto. * g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call init_trustdb for a quick check. (get_ownertrust_info): Add arg NO_CREATE. (get_ownertrust_string): Ditto. * g10/gpgv.c (get_ownertrust_info): Adjust stub. * g10/test-stubs.c (get_ownertrust_info): Ditto. * g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE set. * g10/pubkey-enc.c (get_it): Ditto. -- Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to gnupg-devel 'test failure on git master with decrypt-session-key.scm (and: continuous integration?)' Signed-off-by: Werner Koch <[email protected]>
* Clean up word replication.Yuri Chornoivan2017-02-211-2/+2
| | | | | | | | | -- This fixes extra word repetitions (like "the the" or "is is") in the code and docs. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Fix error code arg in ERRSIG status line.Werner Koch2016-12-031-1/+1
| | | | | | | | | * g10/mainproc.c (check_sig_and_print): Use gpg_err_code to return an error code in ERRSIG. -- Debian-bug-id: 846834 Signed-off-by: Werner Koch <[email protected]>
* g10: Avoid gratuitously loading a keyblock when it is already availableNeal H. Walfield2016-11-231-5/+10
| | | | | | | | | | | * g10/trust.c (get_validity): Add new, optional parameter KB. Only load the keyblock if KB is NULL. Update callers. (get_validity): Likewise. * g10/trustdb.c (tdb_get_validity_core): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2812
* g10: Fix memory leak.Justus Winter2016-11-141-0/+2
| | | | | | | * g10/mainproc.c (check_sig_and_print): Free 'pk'. Fixes-commit: 37e3c897252babc203447be9d2f286a4507875ad Signed-off-by: Justus Winter <[email protected]>
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* gpg: Enable the Issuer Fingerprint from rfc4880bisWerner Koch2016-10-281-2/+1
| | | | | | | | | | | | | | | | * g10/build-packet.c (build_sig_subpkt_from_sig): Always write the new Issuer Fingerprint sub-packet. * g10/mainproc.c (check_sig_and_print): Always consider that sub-packet. -- The specs for this sub-packet have been pushed to the OpenPGP WG's repo today. See-also: https://mailarchive.ietf.org/arch/msg/\ openpgp/GvPo2eSL9GW9WcGhOocY7KBa9FY Signed-off-by: Werner Koch <[email protected]>
* gpg: Verify multiple detached signatures with different hash algos.Werner Koch2016-10-271-5/+23
| | | | | | * g10/mainproc.c (proc_tree): Loose check. Enable all algos. Signed-off-by: Werner Koch <[email protected]>
* Fix typos.Justus Winter2016-10-271-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* gpg: Convey --quick option to dirmngr for --auto-key-retrieve.Werner Koch2016-10-271-8/+7
| | | | | | | | | | | | | | | | | | * g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'. (gpg_dirmngr_wkd_get): Ditto. * g10/keyserver.c (keyserver_get): Add arg 'quick'. (keyserver_get_chunk): Add arg 'quick'. (keyserver_import_fprint): Ditto. Change callers to pass 0 for it. (keyserver_import_keyid): Ditto. (keyserver_import_wkd): Ditto. * g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with QUICK set. -- Note that this option has not yet been implemented by dirmngr. Dirmngr will simply ignore it for now. Signed-off-by: Werner Koch <[email protected]>
* Fix more spellingDaniel Kahn Gillmor2016-09-171-1/+1
| | | | | | | | | | | | | | | | | | | * NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c, agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c, common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS, doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi, doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi, doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c, g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c, g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c, sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt, tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm, tests/openpgp/multisig.test, tests/openpgp/verify.scm, tests/pkits/README, tools/applygnupgdefaults, tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c: minor spelling cleanup. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: Don't include the signature when printing a binding's validity.Neal H. Walfield2016-09-151-2/+2
| | | | | | | | * g10/mainproc.c (check_sig_and_print): When printing information about a binding don't include the current signature. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Make --output work with --verify.Werner Koch2016-09-071-1/+6
| | | | | | * g10/mainproc.c (proc_plaintext): Handle opt.output. Signed-off-by: Werner Koch <[email protected]>
* gpg: Simplify code to print VALIDSIG.Werner Koch2016-09-011-29/+20
| | | | | | | * g10/mainproc.c (check_sig_and_print): Use hexfingerprint and write_status_printf. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix printing of pubkey algo in --verbose signature verify.Werner Koch2016-09-011-57/+73
| | | | | | | | | | | | | | | | | | | * g10/sig-check.c (check_signature2): Replace arg PK by R_PK and change the semantics. Also clear the other R_ args on function entry, use gpg_error() and change retturn type to gpg_error_t. * g10/mainproc.c (do_check_sig): Add arg R_PK. (list_node): Pass NULL for new arg. (check_sig_and_print): Rework to make use of the returned PK. -- The output gpg: textmode signature, digest algorithm SHA256, key algorithm rsa2048 showed the pubkey algo of the primary key which was surprising. Changed to print the algo of the subkey used for verification. Signed-off-by: Werner Koch <[email protected]>
* gpg: Copy the correct digest for use by TOFU.Werner Koch2016-09-011-1/+1
| | | | | | | | | | * g10/mainproc.c (do_check_sig): Use the current digest algo. -- Note that the digest context may have several algos enabled, which is is case if keys with different hash preferences signed the data. Signed-off-by: Werner Koch <[email protected]>
* g10: When showing a user id's trust, pass the current signature.Neal H. Walfield2016-08-301-1/+1
| | | | | | | | * g10/mainproc.c (check_sig_and_print): Consistently pass SIG to get_validity. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Print the signer's UID during verification.Werner Koch2016-08-101-2/+30
| | | | | | | | | | | * g10/parse-packet.c (parse_signature): Sanitize the value stored in SIGNERS_UID. * g10/mainproc.c (issuer_fpr_string): New. (check_sig_and_print): Print the signers' UID. Print the issuer fingerprint in --rfc4880bis mode. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Cleanup of dek_to_passphrase function (part 2).Werner Koch2016-08-081-3/+3
| | | | | | | | | | | * g10/passphrase.c (passphrase_get): Remove arg KEYID. Change arg MODE to NOCACHE. (passphrase_to_dek): Remove args KEYID and PUBKEY_ALGO. Split arg MODE into CREATE and NOCACHE. Change all callers and adjust stubs. (passphrase_clear_cache): Remove args KEYID and ALGO. They are not used. Change caller. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix memory leak.Justus Winter2016-06-301-2/+0
| | | | | | | * g10/mainproc.c (release_list): Do not exit early if list is NULL, there are other resources that must be released. Signed-off-by: Justus Winter <[email protected]>
* g10: Fix --list-packets.NIIBE Yutaka2016-06-281-1/+1
| | | | | | | | | | | | | | * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. -- Debian-bug-id: 828109 Signed-off-by: NIIBE Yutaka <[email protected]>