aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* g10: Fix regexp sanitization.NIIBE Yutaka2017-12-041-1/+5
| | | | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (sanitize_regexp): Only escape operators. -- Backport from master commit: ccf3ba92087e79abdeaa0208795829b431c6f201 To sanitize a regular expression, quoting by backslash should be only done for defined characters. POSIX defines 12 characters including dot and backslash. Quoting other characters is wrong, in two ways; It may build an operator like: \b, \s, \w when using GNU library. Case ignored match doesn't work, because quoting lower letter means literally and no much to upper letter. GnuPG-bug-id: 2923 Co-authored-by: Damien Goutte-Gattat <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix export porting of zero length user ID packets.Werner Koch2017-03-301-2/+7
| | | | | | | | | | | | | | * g10/build-packet.c (do_user_id): Avoid indeterminate length header. -- We are able to import such user ids but when exporting them the exported data could not be imported again because the parser bails out on invalid keyrings. This is now fixed and should be backported. Note that in 2.0 this is only an issue for attribute packets. In 2.1 user IDs were also affected.a Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid publishing the GnuPG version by defaultDaniel Kahn Gillmor2016-08-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): initialize opt.emit_version to 0 * doc/gpg.texi: document different default for --emit-version -- The version of GnuPG in use is not particularly helpful. It is not cryptographically verifiable, and it doesn't distinguish between significant version differences like 2.0.x and 2.1.x. Additionally, it leaks metadata that can be used to distinguish users from one another, and can potentially be used to target specific attacks if there are known behaviors that differ between major versions. It's probably better to take the more parsimonious approach to metadata production by default. (backport of master commit c9387e41db7520d176edd3d6613b85875bdeb32c) Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: Fix checking key for signature validation.NIIBE Yutaka2016-08-041-2/+2
| | | | | | | | | | | | * g10/sig-check.c (signature_check2): Not only subkey, but also primary key should have flags.valid=1. -- (backport of master commit 6f284e6ed63f514b15fe610f490ffcefc87a2164) Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgv: Tweak default options for extra security.NIIBE Yutaka2016-07-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | * g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on cached status. Similarly, set opt.flags.require_cross_cert for backsig validation for subkey signature. -- (backport of master commit e32c575e0f3704e7563048eea6d26844bdfc494b) It is common that an organization distributes binary keyrings with signature cache (Tag 12, Trust Packet) and people use gpgv to validate signature with such keyrings. In such a use case, it is possible that the key validation itself is skipped. For the purpose of gpgv validation of signatures, we should not depend on signature cache in keyrings (if any), but we should validate the key by its self signature for primary key, and back signature for subkey. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix keysize with --expert.NIIBE Yutaka2016-07-061-2/+2
| | | | | | | | | | | | * g10/keygen.c (ask_keysize): It's 768 only for DSA. -- (forwardport of 1.4 commit ca1fc596267b42a894a3fc85c3733007c672ed1f) GnuPG-bug-id: 2238 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix --list-packets.NIIBE Yutaka2016-06-284-5/+4
| | | | | | | | | | | | | | | | | * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. -- (backport of master commit 52f65281f9743c42a48bf5a3354c9ab0ecdb681a) Debian-bug-id: 828109 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix card-edit/fetch to use keyserver_fetch.NIIBE Yutaka2016-06-241-17/+7
| | | | | | | | | | | | * g10/card-util.c (fetch_url): Call keyserver_fetch instead of keyserver_import_fprint. -- Signed-off-by: NIIBE Yutaka <[email protected]> GnuPG-bug-id: 1828 (backport of master commit 6f5ff1cfe449cf1f4cb7287bc57570eb794216b2)
* g10: Fix another race condition for trustdb access.Niibe Yutaka2016-06-141-2/+5
| | | | | | | | | | | | | | | | * g10/tdbio.c (create_version_record): Call create_hashtable to always make hashtable, together with the version record. (get_trusthashrec): Remove call to create_hashtable. -- GnuPG-bug-id: 1675 Thanks to Scott Moser to reproducible script and patience. Signed-off-by: NIIBE Yutaka <[email protected]> (backport from master commit 35a3ce2acf78a95fecbccfd8db0560cca24232df)
* gpg: Silence trustdb messages with --quiet.Werner Koch2016-03-311-6/+8
| | | | | | * g10/trustdb.c (validate_keys): Silence messages Signed-off-by: Werner Koch <[email protected]>
* g10: Make sure to have the directory for trustdb.NIIBE Yutaka2016-02-121-55/+63
| | | | | | | | | | | | | | | | * g10/tdbio.c (tdbio_set_dbname): Return earlier if !CREATE. Check the directory and create it if none before calling take_write_lock. -- Thanks to Marc Deslauriers for the bug report and his patch. GnuPG-bug-id: 2246 Signed-off-by: NIIBE Yutaka <[email protected]> (backport from master commit 2f3e42047d17313eeb38d354048f343158402a8d)
* gpg: Silence a compiler warning.Werner Koch2015-10-011-4/+4
| | | | | | | | | | * g10/parse-packet.c (enum_sig_subpkt): Replace hack. -- GCC 5 failure reported by Kevin Locke <[email protected]> (backport from master commit 6a0c3fa19cfcdd590b96691e8a8ffb48fb5e0ec4)
* gpg: Improve 'General key info' line of --card-status.NIIBE Yutaka2015-09-291-2/+4
| | | | | | | | | | | | | | * g10/keylist.c (print_pubkey_info): Print either "pub" or "sub". -- This now prints "sub" if the first used card key is actually a subkey. Signed-off-by: Werner Koch <[email protected]> GnuPG-bug-id: 2079 (backported from master 874ef16e70ab750db7b153f17a7e859a0db6a2f1)
* Release 2.0.29.gnupg-2.0.29Werner Koch2015-09-081-2/+3
| | | | Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a new FAILURE status after most commands.Werner Koch2015-09-083-14/+88
| | | | | | | | | | | | | | | | | | * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. (backported from master 9cdff09743c473a12359bfdb914578ede0e4e3e2) Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid cluttering stdout with trustdb info in verbose mode.Werner Koch2015-09-081-1/+1
| | | | | | | | | | | | | | | | * g10/trustdb.c (validate_keys): Call dump_key_array only in debug mode. -- I guess that is a left-over from an early attempt to output information on the trustdb for use by other tools. Maybe related to the former --list-trust-path command. Sending it to stdout is probably useful so we do this now only in debug mode. Signed-off-by: Werner Koch <[email protected]> Backported to STABLE-BRANCH-2-0 from b03a2647299a6c8764a2574590cbaccdff9e497d by dkg
* gpg: Obsolete --no-sig-create-check.Werner Koch2015-09-013-7/+11
| | | | | | | | * g10/gpg.c (opts): Make --no-sig-create-check a NOP. * g10/options.h (struct opt): Remove field "no_sig_create_check". * g10/sign.c (do_sign): Do not run the create check for Libgcrypt 1.7. Signed-off-by: Werner Koch <[email protected]>
* g10: fix --card-status creating stub.NIIBE Yutaka2015-08-121-0/+1
| | | | * g10/getkey.c (get_seckeyblock_byfprint): Require exact match.
* Don't segfault if the first 'auto-key-locate' option is 'clear'.Neal H. Walfield2015-07-161-0/+3
| | | | | | | | | | | | | * g10/getkey.c (free_akl): If AKL is NULL, just return. -- Backported from f2ee673c99825d5189631031ddec2dbf54dbd482. Note: unlike in 2.1, in 2.0 this bug is not (currently) triggered since parse_auto_key_locate doesn't recognize "clear". Signed-off-by: Neal H. Walfield <[email protected]>. Reported-by: Sami Farin. GnuPG-bug-id: 2045
* gpg: Print PGP-2 fingerprint instead of all zeroes.Werner Koch2015-06-172-1/+9
| | | | | | | | | | | | | | | | * g10/keyid.c (fingerprint_from_pk): Allow PGP-2 fingerprints. * g10/keylist.c (print_fingerprint): Print a warning after a PGP-2 fingerprint. -- Printing all zeroes for a PGP-2 (v3 key) fingerprint has the problem that frontends (or the user) may use that fingerprint to lookup a key and gpg will return all PGP2 keys. They may then show a different PGP-2 key than the one actually used for a signature. This is worse than displaying a weak fingerprint. GnuPG-bug-id: 2000 Signed-off-by: Werner Koch <[email protected]>
* g10: Fix a race condition initially creating trustdb.NIIBE Yutaka2015-06-151-65/+56
| | | | | | | | | | | | | | * g10/tdbio.c (take_write_lock, release_write_lock): New. (put_record_into_cache, tdbio_sync, tdbio_end_transaction): Use new lock functions. (tdbio_set_dbname): Fix the race. (open_db): Don't call create_dotlock. -- (backported from commit fe5c6edaed78839303d67e01e141cfc6b5de9aec) GnuPG-bug-id: 1675
* gpg: Consider that gcry_mpi_get_opaque may return NULL.Werner Koch2015-06-021-26/+35
| | | | | | | | | | | | * g10/seckey-cert.c (do_check): Handle a NULL opaque MPI. -- This patch extends b2d9d10 for secret keys. The problem is that we changed the semantics so that opaque MPIs may be NULL with a bit length. This patch is not required in GnuPG 2 because we do not use secret keys there. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix segv due to NULL value stored as opaque MPI (BRANCH 2.0)Daniel Kahn Gillmor2015-06-022-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/build-packet.c (do_secret_key): Check for NULL return from gcry_mpi_get_opaque. * g10/keyid.c (hash_public_key): Ditto. -- This is a backport of 76c8122adfed0f0f443cce7bda702ba2b39661b3 from master to the STABLE-BRANCH-2-0 On the STABLE-BRANCH-2-0, we may also want to patch g10/seckey-cert.c, but that has not been done in this patch. This fix extends commmit 0835d2f44ef62eab51fce6a927908f544e01cf8f. gpg2 --export --no-default-keyring --keyring TESTDATA With TESTDATA being below after unpacking. -----BEGIN PGP ARMORED FILE----- mBMEhdkMmS8BcX8F//8F5voEhQAQmBMEnAAAZwAAo4D/f/8EhQAAAIAEnP8EhQAQ iBMEnP8AAAAABf8jIID///8EhQYQmBMEnIUAEIgTBKT/AAAAAAUAACCA/f//BIUA EJgTBJx/AP8ABPPzBJx/AP8ABPPz =2yE0 -----END PGP ARMORED FILE----- Reported-by: Jodie Cunningham Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: detects public key encryption packet error properly.NIIBE Yutaka2015-05-191-3/+3
| | | | | | | | | g10/mainproc.c (proc_pubkey_enc): Only allow relevant algorithms for encryption. -- (backport from 2.1 commit c771963140cad7c1c25349bcde27e427effc0058)
* g10: Improve handling of no corresponding public key.NIIBE Yutaka2015-05-191-0/+12
| | | | | | | | | | | | | | | | | * g10/getkey.c (get_seckey): Return G10ERR_NO_PUBKEY when it's not exact match. -- (ported from 1.4 commit b3fd30451a5464b124b0296afbc341cb98b3977c) In the situation of corrupted .gnupg/ where only private subkey is available but no corresponding public key of the subkey, the code returned public primary key which caused mysterious error (for a user). This fix detects an error earlier. GnuPG-bug-id: 1422 Debian-Bug-Id: #638619
* g10: fix cmp_public_key and cmp_secret_keys.NIIBE Yutaka2015-04-301-9/+15
| | | | | | | | | | * g10/free-packet.c (cmp_public_keys, cmp_secret_keys): Compare opaque data at the first entry of the array when it's unknown algo. * configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.5.0. -- GnuPG-bug-id: 1962
* gpg: Emit status line NEWSIG before signature verification starts.Werner Koch2015-04-161-0/+2
| | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG. -- gpgsm does this for a long time but somehow it never made it into gpg. Signed-off-by: Werner Koch <[email protected]> (backported from 2.1 commit e7ddaad0fd2c8774a1d3367adfaa68014eaf65de)
* gpg: Fix DoS while parsing mangled secret key packets.Werner Koch2015-04-051-7/+43
| | | | | | | | | | | | | | | * g10/parse-packet.c (parse_key): Check PKTLEN before calling mpi_read et al. -- Due to the missing length checks PKTLEN may turn negative. Because PKTLEN is an unsigned int the malloc in read_rest would try to malloc a too large number and terminate the process with "error reading rest of packet: Cannot allocate memory". Reported-by: Hanno Böck. Signed-off-by: Werner Koch <[email protected]> (backported from 2.1 commit d901efcebaefaf6eae4a9b9aa8f0c2c055d3518a)
* gpg: New command --list-gcrypt-config.Werner Koch2015-03-111-0/+10
| | | | | | | * g10/gpg.c (aListGcryptConfig): New. (main): Implement command. Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove left-over debug message.Werner Koch2015-02-261-3/+0
| | | | * g10/armor.c (check_input): Remove log_debug.
* gpg: Remove an unused variable.Werner Koch2015-02-181-1/+0
| | | | * g10/import.c (import): Remove need_armor.
* gpg: Print better diagnostics for keyserver operations.Werner Koch2015-02-185-22/+122
| | | | | | | | | | | | | | | | | | | | | | | * g10/armor.c (parse_key_failed_line): New. (check_input): Watch out for gpgkeys_ error lines. * g10/filter.h (armor_filter_context_t): Add field key_failed_code. * g10/import.c (import): Add arg r_gpgkeys_err. (import_keys_internal): Ditto. (import_keys_stream): Ditto. * g10/keyserver.c (keyserver_errstr): New. (keyserver_spawn): Detect "KEY " lines while sending. Get gpgkeys_err while receiving keys. (keyserver_work): Add kludge for better error messages. -- GnuPG-bug-id: 1832 Note that these changes can be backported to 1.4 but they don't make sense for 2.1 due to the removal of the keyserver helpers. The error reporting could be improved even more but given that this is an old GnuPG branch it is not justified to put too much effort into it. Signed-off-by: Werner Koch <[email protected]>
* Use inline functions to convert buffer data to scalars.Werner Koch2015-02-129-81/+63
| | | | | | | | | | | | | | | | * include/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- This fixes sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. (back ported from commit 2183683bd633818dd031b090b5530951de76f392) Signed-off-by: Werner Koch <[email protected]>
* doc: Change remaining http links to gnupg.org to httpsWerner Koch2015-02-122-2/+2
| | | | | -- GnuPG-bug-id: 1830
* gpg: Prevent an invalid memory read using a garbled keyring.Werner Koch2015-02-121-3/+21
| | | | | | | | | | | | | | | | | | | | * g10/keyring.c (keyring_get_keyblock): Whitelist allowed packet types. -- The keyring DB code did not reject packets which don't belong into a keyring. If for example the keyblock contains a literal data packet it is expected that the processing code stops at the data packet and reads from the input stream which is referenced from the data packets. Obviously the keyring processing code does not and cannot do that. However, when exporting this messes up the IOBUF and leads to an invalid read of sizeof (int). We now skip all packets which are not allowed in a keyring. Reported-by: Hanno Böck <[email protected]> (back ported from commit f0f71a721ccd7ab9e40b8b6b028b59632c0cc648)
* gpg: Fix a NULL-deref in export due to invalid packet lengths.Werner Koch2015-02-121-1/+2
| | | | | | | | | | * g10/build-packet.c (write_fake_data): Take care of a NULL stored as opaque MPI. -- Reported-by: Hanno Böck <[email protected]> (back ported from commit 0835d2f44ef62eab51fce6a927908f544e01cf8f)
* gpg: Fix a NULL-deref due to empty ring trust packets.Werner Koch2015-02-121-3/+5
| | | | | | | | | | * g10/parse-packet.c (parse_trust): Always allocate a packet. -- Reported-by: Hanno Böck <[email protected]> Signed-off-by: Werner Koch <[email protected]> (back ported from commit 39978487863066e59bb657f5fe4e8baab510da7e)
* gpg: Limit the size of key packets to a sensible value.Werner Koch2015-02-121-3/+18
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (MAX_KEY_PACKET_LENGTH): New. (MAX_UID_PACKET_LENGTH): New. (MAX_COMMENT_PACKET_LENGTH): New. (MAX_ATTR_PACKET_LENGTH): New. (parse_key): Limit the size of a key packet to 256k. (parse_user_id): Use macro for the packet size limit. (parse_attribute): Ditto. (parse_comment): Ditto. -- Without that it is possible to force gpg to allocate large amounts of memory by using a bad encoded MPI. This would be an too easy DoS. Another way to mitigate would be to change the MPI read function to allocate memory dynamically while reading the MPI. However, that complicates and possibly slows down the code. A too large key packet is in any case a sign for broken data and thus gpg should not use it. Reported-by: Hanno Böck GnuPG-bug-id: 1823 Signed-off-by: Werner Koch <[email protected]> (back ported from commit 382ba4b137b42d5f25a7e256bb7c053ee5ac7b64)
* gpg: Allow predefined names as answer to the keygen.algo prompt.Werner Koch2015-01-281-10/+12
| | | | | | | | * g10/keygen.c (ask_algo): Add list of strings. -- Signed-off-by: Werner Koch <[email protected]> (backported from commit b1d5ed6ac842469afcb84868d0f6641dc286a6c7)
* gpg: Print a warning if the subkey expiration may not be what you want.Werner Koch2015-01-261-1/+59
| | | | | | | | | | | | * g10/keyedit.c (subkey_expire_warning): New. keyedit_menu): Call it when needed. -- GnuPG-bug-id: 1715 The heuristic to detect a problem is not very advanced but it should catch the most common cases. (backported from commit ae3d1bbb65b65cf3c57bb14886be120f5e31635d)
* gpg: Fix possible read of unallocated memoryWerner Koch2015-01-131-4/+7
| | | | | | | | | | | | | | | | | * g10/parse-packet.c (can_handle_critical): Check content length before calling can_handle_critical_notation. -- The problem was found by Jan Bee and gniibe proposed the used fix. Thanks. This bug can't be exploited: Only if the announced length of the notation is 21 or 32 a memcmp against fixed strings using that length would be done. The compared data is followed by the actual signature and thus it is highly likely that not even read of unallocated memory will happen. Nevertheless such a bug needs to be fixed. Signed-off-by: Werner Koch <[email protected]>
* gpg: release DEK soon after its use.NIIBE Yutaka2014-12-121-1/+1
| | | | | | | | | | | | | | | | * g10/keygen.c (generate_subkeypair): Release DEK soon. -- This fixes the out_of_core error in the test case of adding RSA-4096 subkey to RSA-4096 primary key with configuration: s2k-cipher-algo S10 Debian-bug-id: 772780 Cherry-picked da66ad5bba4215b9ddd0cb927a89aa75355632aa from STABLE-BRANCH-1-4 branch.
* gpg: Fix use of uninit.value in listing sig subpkts.Werner Koch2014-11-241-1/+5
| | | | | | | | | | | | | | | * g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket sanitized. -- We may not use "%s" to print an arbitrary buffer. At least "%.*s" should have been used. However, it is in general preferable to escape control characters while printf user data. Reported-by: Hanno Böck Signed-off-by: Werner Koch <[email protected]> (backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8)
* gpg: Fix off-by-one read in the attribute subpacket parser.Werner Koch2014-11-241-0/+8
| | | | | | | | | | | * g10/parse-packet.c (parse_attribute_subpkts): Check that the attribute packet is large enough for the subpacket type. -- Reported-by: Hanno Böck Signed-off-by: Werner Koch <[email protected]> (backported from commit 0988764397f99db4efef1eabcdb8072d6159af76)
* gpg: Fix a NULL-deref for invalid input data.Werner Koch2014-11-241-3/+9
| | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Take care of canceled passpharse entry. -- GnuPG-bug-id: 1761 Signed-off-by: Werner Koch <[email protected]> (backported from commit 32e85668b82f6fbcb824eea9548970804fb41d9e)
* gpg: Make the use of "--verify FILE" for detached sigs harder.Werner Koch2014-11-144-40/+116
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/openfile.c (open_sigfile): Factor some code out to ... (get_matching_datafile): new function. * g10/plaintext.c (hash_datafiles): Do not try to find matching file in batch mode. * g10/mainproc.c (check_sig_and_print): Print a warning if a possibly matching data file is not used by a standard signatures. -- Allowing to use the abbreviated form for detached signatures is a long standing bug which has only been noticed by the public with the release of 2.1.0. :-( What we do is to remove the ability to check detached signature in --batch using the one file abbreviated mode. This should exhibit problems in scripts which use this insecure practice. We also print a warning if a matching data file exists but was not considered because the detached signature was actually a standard signature: gpgv: Good signature from "Werner Koch (dist sig)" gpgv: WARNING: not a detached signature; \ file 'gnupg-2.1.0.tar.bz2' was NOT verified! We can only print a warning because it is possible that a standard signature is indeed to be verified but by coincidence a file with a matching name is stored alongside the standard signature. Reported-by: Simon Nicolussi (to gnupg-users on Nov 7) Signed-off-by: Werner Koch <[email protected]> (backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
* gpg: Add import option "keep-ownertrust".Werner Koch2014-11-122-2/+14
| | | | | | | | | | | | | | * g10/options.h (IMPORT_KEEP_OWNERTTRUST): New. * g10/import.c (parse_import_options): Add "keep-ownertrust". (import_one): Act upon new option. -- This option is in particular useful to convert from a pubring.gpg to the new pubring.kbx in GnuPG 2.1 or vice versa: gpg1 --export | gpg2 --import-options keep-ownertrust --import (cherry-picked from commit ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39)
* gpg: Show v3 key fingerprints as all zero.Werner Koch2014-10-111-1/+1
| | | | | | | | | | | * g10/keyid.c (fingerprint_from_pk): Show v3 fingerprints as all zero. -- MD5 is considered broken for a long time now. To make it easier for users to notice that a listing shows a v3 key, the fingerprint is now displayed as 16 zero bytes unless --allow-weak-digest-algos is active. Signed-off-by: Werner Koch <[email protected]>
* gpg: Avoid using cached MD5 signature status.Werner Koch2014-10-114-125/+145
| | | | | | | | | | | | | * g10/sig-check.c (check_key_signature2): Avoid using a cached MD5 signature status. * g10/keyring.c (keyring_get_keyblock): Ditto. (write_keyblock): Ditto. * g10/sig-check.c (do_check): Move reject warning to ... * g10/misc.c (print_md5_rejected_note): new. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Add build and runtime support for larger RSA keysDaniel Kahn Gillmor2014-10-033-3/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from STABLE-BRANCH-1-4 against STABLE-BRANCH-2-0 Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 18:25:34 +0000