| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Prompt for and create a trust signature with "tsign". This is functional,
but needs better UI text.
* build-packet.c (build_sig_subpkt): Able to build trust and regexp
subpackets.
* pkclist.c (do_edit_ownertrust): Comment.
|
| |
|
|
|
|
|
|
|
|
|
| |
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).
* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.
* main.h, misc.c (string_to_compress_algo): New.
|
| |
|
|
|
|
|
|
|
|
| |
* keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), pkclist.c
(build_pk_list): Add --hidden-recipient (-R) and --hidden-encrypt-to,
which do a single-user variation on --throw-keyid. The "hide this key"
flag is carried in bit 0 of the pk_list flags field.
* keyserver.c (parse_keyrec): Fix shadowing warning.
|
| | |
|
| |
|
|
|
|
|
| |
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
like "fully trusted", "marginally trusted", etc. (get_min_ownertrust):
New. Return minimum ownertrust. (update_min_ownertrust): New. Set
minimum ownertrust. (check_regexp): New. Check a regular epression
against a user ID. (ask_ownertrust): Allow specifying a minimum value.
(get_ownertrust_info): Follow the minimum ownertrust when returning a
letter. (clear_validity): Remove minimum ownertrust when a key becomes
invalid. (release_key_items): Release regexp along with the rest of the
info. (validate_one_keyblock, validate_keys): Build a trust sig chain
while validating. Call check_regexp for regexps. Use the minimum
ownertrust if the user does not specify a genuine ownertrust.
* pkclist.c (do_edit_ownertrust): Only allow user to select a trust level
greater than the minimum value.
* parse-packet.c (can_handle_critical): Can handle critical trust and
regexp subpackets.
* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key),
import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and
have it clear the min_ownertrust value as well.
* keylist.c (list_keyblock_print): Indent uid to match pub and sig.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
parse_import_options), g10.c (main): New import-option "convert-sk-to-pk"
to convert a secret key into a public key during import. It is on by
default.
|
| |
|
|
|
| |
has been assigned.
|
| |
|
|
|
|
|
|
|
| |
* keylist.c: (print_pubkey_info): New.
(print_seckey_info): New.
* main.h: Prototypes for the new functions.
* delkey.c (do_delete_key): Use it here.
* revoke.c (gen_desig_revoke): Ditto.
|
| |
|
|
|
|
| |
be enhanced to also show the current trust level. Suggested by
Florian Weimer.
|
| |
|
|
|
| |
before the options file is loaded.
|
| |
|
|
|
|
| |
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
|
| |
|
|
|
|
|
|
|
|
| |
show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of
the keyserver protocol. This is a better design, similar to
--with-colons, that allows for keys with multiple user IDs rather than
using multiple keys. It also matches the machine readable pksd format.
Also use a prettier --search-keys listing format that can fill different
size windows (currently set at 24 lines).
|
| |
|
|
|
|
| |
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
|
| |
|
|
|
|
| |
Also, do not allow appointing the same revoker twice, and report
ALREADY_SIGNED if the user tries it.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* keylist.c (print_capabilities): Properly indicate per-key capabilities
of sign&encrypt primary keys that have secret-parts-missing (i.e. no
capabilities at all)
* mainproc.c (symkey_decrypt_sesskey): Fix compiler warning.
|
| |
|
|
|
|
|
|
|
| |
function as they may not have all their fields filled in.
* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
|
| |
|
|
|
|
|
|
| |
warning.
* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping. Noted by Ingo Kl�cker.
|
| |
|
|
|
| |
log_warning severity level from info to error.
|
| |
|
|
|
|
|
|
|
| |
that fact in the capabilities, and only primary signing keys can certify
other keys.
* packet.h, parse_packet.c (parse_key): Add is_primary flag for public
keys (it already exists for secret keys).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cipher when importing a secret key.
* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.
* parse_packet.c (parse_key): Some comments.
* revoke.c (gen_revoke): Remove some debugging code.
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.
* seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
|
| |
|
|
|
| |
clean ownertrust.
|
| |
|
|
|
|
|
| |
(merge_selfsigs_main): Use it here to look for an ultimately
trusted key. Using the full get_pubkey might lead to an
infinitive recursion.
|
| |
|
|
|
| |
lowercase to be case-insensitive.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* export.c (do_export_stream): Comment.
* sig-check.c (check_key_signature2): Properly handle a
non-designated revocation import.
2002-09-26 Werner Koch <[email protected]>
* g10.c (set_homedir): New. Changed all direct assignments to use
this.
* gpgv.c (set_homedir): Ditto.
|
| |
|
|
|
|
| |
Remove the old NETLIBS variable since the keyserver stuff is no longer
internal.
|
| |
|
|
|
|
| |
* keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2),
import.c (import, chk_self_sigs): Minor language cleanups.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* keyserver.c (keyserver_spawn): Properly handle line truncation. Don't
leak memory (~10-20 bytes) on searches.
(keyserver_search_prompt): Cleanup.
* keylist.c (list_keyblock_colon): Show 1F direct key signatures in
--with-colons listing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* keyedit.c (menu_addrevoker): The direct key signature for revocation
keys must be at least v4 to carry the revocation key subpacket. Add a PGP
2.x warning for revocation keys.
* g10.c (check_permissions): Rearrange strings to make translating easier
(don't incorporate string parts).
* keyedit.c (sign_uids): Make strings translatable.
* sig-check.c (check_key_signature2): Make string translatable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2002-09-13 David Shaw <[email protected]>
* getkey.c (check_revocation_keys): Move....
* main.h, sig-check.c (check_revocation_keys): to here. Also
return the signature_check error code rather than 0/1 and cache
the sig result.
* sig-check.c (check_key_signature2): Divert to
check_revocation_keys if a revocation sig is made by someone other
than the pk owner.
* getkey.c (merge_selfsigs_main): Tidy.
2002-09-13 Werner Koch <[email protected]>
* g10.c (main) [__MINGW32__]: Activate oLoadExtension.
|
| |
|
|
|
| |
HKP support.
|
| |
|
|
|
| |
commands.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
|
| |
|
|
|
| |
(exec_write): Missed one tick.
|
| | |
|
| |
|
|
|
|
|
| |
Use a better error message for when no = is found.
* hkp.c (hkp_export): Use CRLF in headers.
|
| |
|
|
|
|
|
| |
printing the list of keys a message was encrypted to. This would make gpg
give a non-zero exit code even for completely valid messages if the
message was encrypted to more than one key that the user owned.
|
| |
|
|
|
|
|
|
|
| |
used one in verbosity level 3.
* gpgv.c (main): Try to set a default character set.
* status.c, status.h (STATUS_IMPORT_OK): New.
* import.c (import_one,import_secret_one): Print new status.
|
| |
|
|
|
|
| |
user. This (or a disabled key) fail with "unavailable pubkey"
(G10ERR_UNU_PUBKEY).
|
| |
|
|
|
|
|
|
|
| |
* options.skel: The PGP LDAP keyserver is back. Use MIT keyserver as a
sample rather than cryptnet as cryptnet does not support searching yet.
* keyedit.c (show_key_with_all_names): Fix error message (preferences are
userid/selfsig and not key specific).
|
