aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* scd: Use canonical curve name of libgcrypt.NIIBE Yutaka2016-10-242-10/+13
| | | | | | | | | | | | | | | | | | * scd/app-openpgp.c (send_key_attr): Use curve instead of OID. (ecdh_params): New. (ecc_read_pubkey): Use ecdh_params. Use curve name. (ecc_writekey): Likewise. (ecc_curve): Rename from ecc_oid. (parse_algorithm_attribute): Use ecc_curve. * g10/call-agent.c (learn_status_cb): Use openpgp_is_curve_supported to intern the curve name string. * g10/card-util.c (card_status): Conver curve name to alias for print. -- Now, sdcaemon answer for KEY-ATTR is in the canonical curve name instead of the alias. Since it is used of key generation for card encryption key with backup, it should be canonical name. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix card keygen for decryption.NIIBE Yutaka2016-10-231-2/+2
| | | | | | | | | * g10/keygen.c (do_generate_keypair): Fix arguments. -- Reported-by: Grumpy Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: More card key generation change.NIIBE Yutaka2016-10-211-39/+24
| | | | | | | | | | | | * g10/keygen.c (gen_card_key): Add back ALGO as the second argument. Don't get ALGO by KEY-ATTR by this function. It's caller to provide ALGO. Don't do that by both of caller and callee. (generate_keypair): Only put paramerters needed. Use parameters for ALGO to call gen_card_key. (generate_card_subkeypair): Get ALGO and call gen_card_key with it. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Write first keybox record in binary modeAndre Heinecke2016-10-211-1/+1
| | | | | | | | | * g10/keydb.c (maybe_create_keyring_or_box): Open in binary mode. -- This fixes keybox corruption on windows. Signed-off-by: Andre Heinecke <[email protected]>
* g10,scd: Fix ECC keygen.NIIBE Yutaka2016-10-212-10/+58
| | | | | | | | | | | | * g10/keygen.c (generate_keypair): For card key generation, fill parameters by KEY-ATTR. * scd/app-openpgp.c (ecc_read_pubkey): OID should be freed at last, after its reference by OIDBUF is finished. (ecc_writekey): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Don't ask keysize for for non-RSA card.NIIBE Yutaka2016-10-211-22/+28
| | | | | | | | | | | | * g10/card-util.c (card_status): Bug fix for keyno. (ask_card_rsa_keysize, do_change_rsa_keysize): Rename. (generate_card_keys): Only ask keysize when RSA. (card_generate_subkey): Likewise. -- Co-authored-by: Arnaud Fontaine <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Support ECC for gen_card_key.NIIBE Yutaka2016-10-211-15/+17
| | | | | | | | | | | * g10/keygen.c (gen_card_key): Remove the first argument of ALGO. (do_generate_keypair, generate_card_subkeypair): Follow the change. -- ALGO is determined by the key attribute of the card. Co-authored-by: Arnaud Fontaine <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix use cases of snprintf.NIIBE Yutaka2016-10-215-48/+32
| | | | | | | | | | | * agent/call-pinentry.c, agent/call-scd.c, agent/command.c, build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c, dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c, g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c, sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent, g10: Fix keygen.NIIBE Yutaka2016-10-201-1/+1
| | | | | | | | | * agent/command.c (cmd_readkey): Get length after card_readkey. * g10/keygen.c (gen_card_key): Fix off-by-one error. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: smartcard keygen change.NIIBE Yutaka2016-10-203-137/+45
| | | | | | | | | | | | | | | | | | | * g10/call-agent.c (scd_genkey_cb_append_savedbytes): Remove. (scd_genkey_cb): Only handle KEY-CREATED-AT and PROGRESS. (agent_scd_genkey): Remove INFO argument. CREATETIME is now in/out argument. (agent_readkey): Use READKEY --card instead of SCD READKEY. * g10/keygen.c (gen_card_key): Use READKEY --card command of the agent to retrieve public key information from card and let the agent make a file for private key with shadow info. -- This change removes gpg's KEY-DATA handling for SCD GENKEY. Information with KEY-DATA is simply not used. Instead, it is read by READKEY --card command of gpg-agent. This can consolidate public key handling in a single method by READKEY. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Be more careful when checking if a binding is signed by a UTK.Neal H. Walfield2016-10-131-2/+25
| | | | | | | | | | * g10/tofu.c (signed_by_utk): When checking if a key is signed by an ultimately trusted key, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Be more careful when checking cross signatures.Neal H. Walfield2016-10-131-2/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
* g10: Still check if the key is an UTK or cross signed in batch mode.Neal H. Walfield2016-10-131-18/+13
| | | | | | | | | * g10/tofu.c (get_trust): If POLICY is ask, but we can't ask, don't bail immediately. Instead, check if the key in question is an ultimately trusted key or cross signed. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: If an sqlite operation fails, map the error code to GPG_ERR_GENERALNeal H. Walfield2016-10-131-2/+17
| | | | | | | | | | | | | | * g10/tofu.c (get_policy): If an sqlite operation fails, map the error code to GPG_ERR_GENERAL. (ask_about_binding): Likewise. (build_conflict_set): Likewise. (get_trust): Likewise. (show_statistics): Likewise. (tofu_register_signature): Likewise. (tofu_register_encryption): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: When changing a TOFU binding's policy, update the conflict infoNeal H. Walfield2016-10-121-17/+16
| | | | | | | | * g10/tofu.c (record_binding): Take an additional argument, CONFLICT. Set the binding's conflict accordingly. Update callers. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Make a singular string singular.Neal H. Walfield2016-10-121-1/+1
| | | | | | | * g10/tofu.c (ask_about_binding): Make the singular string singular. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Correctly determine whether a binding has a conflict.Neal H. Walfield2016-10-121-1/+1
| | | | | | | | * g10/tofu.c (build_conflict_set): A binding has a conflict is conflict is *not* NULL, not if it is NULL. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Fix a column's type in TOFU DB.Neal H. Walfield2016-10-121-1/+1
| | | | | | | | | | | * g10/tofu.c (initdb): Change policy from a boolean to an integer. -- Signed-off-by: Neal H. Walfield <[email protected]> Reported-by: Daniel Kahn Gillmor <[email protected]> Note: sqlite ignores type information so this change has no real impact.
* Revert "g10: Fix singular term."Werner Koch2016-10-071-1/+1
| | | | | | | | | | | | | | -- This reverts commit b0d2526bc4e5c663eeffe04500420c70cee98712. The number of format elements may not change in ngettext. The entire construct is anyway wrong because ngettext is passed a different value than what is used in the printf. We need to rework the use of most strings in tofu.c. Signed-off-by: Werner Koch <[email protected]>
* gpg: Put extra parens around bit tests.Werner Koch2016-10-073-7/+8
| | | | | | | | * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix singular term.Justus Winter2016-10-061-1/+1
| | | | | | * g10/tofu.c (ask_about_binding): Fix singular message. Signed-off-by: Justus Winter <[email protected]>
* g10: Use appropriate variant of 'abs'.Justus Winter2016-10-061-6/+6
| | | | | | * g10/tofu.c (ask_about_binding): Use 'labs' instead of 'abs'. Signed-off-by: Justus Winter <[email protected]>
* g10: Fix testing for debug flag.Justus Winter2016-10-061-1/+1
| | | | | | | * g10/parse-packet.c (set_packet_list_mode): Fix testing for debug flag. Signed-off-by: Justus Winter <[email protected]>
* agent: Remove the warning for the GKR hijacking.Werner Koch2016-09-301-65/+0
| | | | | | | * g10/call-agent.c (check_hijacking): Remove. (start_agent): Remove call. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve WKD by importing only the requested UID.Werner Koch2016-09-281-5/+32
| | | | | | | | | | | | | * g10/keyserver.c: Include mbox-util.h. (keyserver_import_wkd): Do not use the global import options but employ an import filter. -- We also make sure that an mbox has been passed to keyserver_import_wkd so it may also be called with a complete user id (which is currently not the case). Signed-off-by: Werner Koch <[email protected]>
* gpg: Reject import if an import filter removed all user ids.Werner Koch2016-09-281-0/+27
| | | | | | | * g10/import.c (any_uid_left): New. (import_one): Check that a UID is left. Signed-off-by: Werner Koch <[email protected]>
* gpg: Make import filter data object more flexible.Werner Koch2016-09-282-15/+63
| | | | | | | | | | | | | * g10/main.h (import_filter_t): New. * g10/import.c (struct import_filter_s): Declare struct. (import_keep_uid, import_drop_sig): Replace by ... (import_filter): new. Adjust all users. (cleanup_import_globals): Move code to ... (release_import_filter): new. (save_and_clear_import_filter): New. (restore_import_filter): New. Signed-off-by: Werner Koch <[email protected]>
* gpg: Make sure that internal key import is done with a binary stream.Werner Koch2016-09-281-1/+1
| | | | | | * g10/import.c (import_keys_internal): Open stream in binary mode. Signed-off-by: Werner Koch <[email protected]>
* agent, sm: Set CTX after start_agent.NIIBE Yutaka2016-09-271-1/+1
| | | | | | | | | | | | | | | | * g10/call-agent.c (agent_keytocard): Assign parm.ctx after start_agent. * sm/call-agent.c (gpgsm_agent_pksign, gpgsm_scd_pksign) (gpgsm_agent_readkey, gpgsm_agent_scd_serialno) (gpgsm_agent_scd_keypairinfo, gpgsm_agent_marktrusted) (gpgsm_agent_passwd, gpgsm_agent_get_confirmation) (gpgsm_agent_ask_passphrase, gpgsm_agent_keywrap_key) (gpgsm_agent_export_key): Likewise. -- Reported-by: Rainer Perske GnuPG-bug-id: 2699 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: When adding a user id, make sure the keyblock has been prepared.Neal H. Walfield2016-09-221-0/+2
| | | | | | | | | | | | * g10/keyedit.c (keyedit_quick_adduid): Call merge_keys_and_selfsig on KEYBLOCK before adding the user id. * tests/openpgp/quick-key-manipulation.scm: Make sure that the key capabilities don't change when adding a user id. (key-data): New function. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2697
* gpg: Fix regression in fingerprint printing.Werner Koch2016-09-191-1/+1
| | | | | | | | | | * g10/keylist.c (list_keyblock_print): Do not depend calling print_fingerprint on opt.keyid_format. -- Regression-due-to: d757009a24eb856770fc3a3729e2f21f54d2a618 Debian-bug-id: 838153 Signed-off-by: Werner Koch <[email protected]>
* g10: Fix memory leak.Justus Winter2016-09-191-0/+1
| | | | | | * g10/tofu.c (build_conflict_set): Free 'kb_all'. Signed-off-by: Justus Winter <[email protected]>
* gpg: Avoid malloc failure due to no key signaturesWerner Koch2016-09-191-8/+19
| | | | | | | | | * g10/keyedit.c (check_all_keysigs): Check early for no key signatures. Use xtrycalloc. -- GnuPG-bug-id: 2690 Signed-off-by: Werner Koch <[email protected]>
* Fix more spellingDaniel Kahn Gillmor2016-09-176-7/+7
| | | | | | | | | | | | | | | | | | | * NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c, agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c, common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS, doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi, doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi, doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c, g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c, g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c, sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt, tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm, tests/openpgp/multisig.test, tests/openpgp/verify.scm, tests/pkits/README, tools/applygnupgdefaults, tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c: minor spelling cleanup. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: On failure, propagate the return code.Neal H. Walfield2016-09-161-0/+1
| | | | | | | * g10/tofu.c (tofu_register_encryption): If get_trust fails, set RC. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Improve some comments and a string.Neal H. Walfield2016-09-161-9/+13
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Don't ignore failure. On failure, rollback.Neal H. Walfield2016-09-161-3/+15
| | | | | | | | * g10/tofu.c (tofu_set_policy): If record_binding fails, fail. If the function fails, rollback the transaction. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Load the key block if the supplied user id list is NULL.Neal H. Walfield2016-09-161-1/+1
| | | | | | | | * g10/tofu.c (tofu_register_encryption): Load the key block if USER_ID_LIST is NULL. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Use the accessor functions for accessing and comparing key idsNeal H. Walfield2016-09-161-7/+8
| | | | | | | | | | * g10/tofu.c (get_trust): Use the pk_main_keyid accessor function. (tofu_register_signature): Likewise. (tofu_register_encryption): Likewise. (tofu_set_policy): Likewise and also use pk_keyid and keyid_cmp. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Add missing header.Justus Winter2016-09-151-0/+1
| | | | | | * g10/trustdb.c: Include 'mbox-util.h'. Signed-off-by: Justus Winter <[email protected]>
* g10: Only consider bindings matching the signer's user id.Neal H. Walfield2016-09-151-11/+29
| | | | | | | | * g10/trustdb.c (tdb_get_validity_core): If the signer's user id subpacket is present, only consider matching user ids. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Don't include the signature when printing a binding's validity.Neal H. Walfield2016-09-151-2/+2
| | | | | | | | * g10/mainproc.c (check_sig_and_print): When printing information about a binding don't include the current signature. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Fix whitespace.Neal H. Walfield2016-09-141-1/+1
| | | | | | | * g10/tofu.c (show_statistics): Fix whitespace. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Correctly compute the euclidean distance.Neal H. Walfield2016-09-141-8/+10
| | | | | | | | | * g10/tofu.c (write_stats_status): Correctly compute the euclidean distance. (show_statistics): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Change the default TOFU policy for UTKs to good.Neal H. Walfield2016-09-141-2/+2
| | | | | | | | * g10/tofu.c (get_trust): Change the default TOFU policy for UTKs to good. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Add missing static qualifier.Neal H. Walfield2016-09-141-1/+1
| | | | | | | * g10/tofu.c (cross_sigs): Add missing static qualifier. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Default to the "good" TOFU policy for keys signed by a UTK.Neal H. Walfield2016-09-141-0/+97
| | | | | | | | | * g10/tofu.c (signed_by_utk): New function. (get_trust): If a key is signed by an ultimately trusted key, then set any bindings to good. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Emit a new error status line in --quick-adduid.Werner Koch2016-09-141-1/+4
| | | | | | | * g10/keyedit.c (menu_adduid): Emit an ERROR status for an existsing user id. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow use of "default" algo for--quick-addkey.Werner Koch2016-09-141-0/+3
| | | | | | | * g10/keygen.c (quick_generate_keypair): Write a status error. (parse_algo_usage_expire): Set a default curve. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve usability of --quick-gen-key.Werner Koch2016-09-132-24/+64
| | | | | | | | | | | | | | | * g10/keygen.c (FUTURE_STD_): New constants. (parse_expire_string): Handle special keywords. (parse_algo_usage_expire): Allow "future-default". Simplify call to parse_expire_string. (quick_generate_keypair): Always allow an expiration date. Replace former "test-default" by "future-default". -- Using an expiration date is pretty common, thus we now allow the creation of a standard key with expiration date. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 03:14:10 +0000