aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Emit ERROR status for key signing failures.Werner Koch2015-08-251-0/+7
| | | | | | | | | | | | * g10/keyedit.c (sign_uids): Write an ERROR status for a signing failure. (menu_adduid, menu_addrevoker, menu_revsig): Ditto. (menu_revuid, menu_revkey, menu_revsubkey): Ditto. -- This change helps GPA to show better error messages. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a new FAILURE status after most commands.Werner Koch2015-08-254-23/+103
| | | | | | | | | | | | | | | | | | * common/status.h (STATUS_FAILURE): New. * g10/cpr.c (write_status_failure): New. * g10/gpg.c (main): Call write_status_failure for all commands which print an error message here. * g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't set the pinentry mode. -- This status line can be used similar to the error code returned by commands send over the Assuan interface in gpgsm. We don't emit them in gpgsm because there we already have that Assuan interface to return proper error code. This change helps GPGME to return better error codes. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix regression in packet parser from Aug 19.Werner Koch2015-08-231-15/+8
| | | | | | | | | * g10/parse-packet.c (parse): Use an int to compare to -1. Use buf32_to_ulong. -- Regression-due-to: 0add91ae1ca3718e8140af09294c595f47c958d3 Signed-off-by: Werner Koch <[email protected]>
* gpg: Show not found keys with --locate-key --verbose.Werner Koch2015-08-231-0/+3
| | | | | | * g10/keylist.c (locate_one): Print a diagnostic for a not-found key. Signed-off-by: Werner Koch <[email protected]>
* common: Don't incorrectly reject 4 GB - 1 sized packets.Neal H. Walfield2015-08-211-1/+8
| | | | | | | | | | | | | * g10/parse-packet.c (parse): Don't reject 4 GB - 1 sized packets. Add the constraint that the type must be 63. * kbx/keybox-openpgp.c (next_packet): Likewise. * tests/openpgp/4gb-packet.asc: New file. * tests/openpgp/4gb-packet.test: New file. * tests/openpgp/Makefile.am (TESTS): Add 4gb-packet.test. (TEST_FILES): Add 4gb-packet.asc. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't assume on-disk layout matches in-memory layout.Neal H. Walfield2015-08-216-20/+26
| | | | | | | | | | | * g10/packet.h (PKT_signature): Change revkey's type from a struct revocation_key ** to a struct revocation_key *. Update users. -- revkey was a pointer into the raw data. But, C doesn't guarantee that there is no padding. Thus, we copy the data. Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't incorrectly copy packets with partial lengths.Neal H. Walfield2015-08-211-0/+11
| | | | | | | | | * g10/parse-packet.c (parse): We don't handle copying packets with a partial body length to an output stream. If this occurs, log an error and abort. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Check parameters more rigorously.Neal H. Walfield2015-08-211-0/+8
| | | | | | | | | * g10/parse-packet.c (dbg_copy_all_packets): Check that OUT is not NULL. (copy_all_packets): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't continuing processing on error.Neal H. Walfield2015-08-211-4/+4
| | | | | | | | | | | * g10/parse-packet.c (dbg_parse_packet): Also return if parse returns an error. (parse_packet): Likewise. (dbg_search_packet): Likewise. (search_packet): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Better respect the packet's length when reading it.Neal H. Walfield2015-08-211-9/+27
| | | | | | | | | * g10/parse-packet.c (parse_signature): Make sure PKTLEN doesn't underflow. Be more careful that a read doesn't read more data than PKTLEN says is available. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c:parse: Try harder to not ignore an EOF.Neal H. Walfield2015-08-201-6/+25
| | | | | | | | * g10/parse-packet.c (parse): Be more robust: make sure to process any EOF. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c: Replace literal with symbolic expression.Neal H. Walfield2015-08-201-3/+3
| | | | | | | | * g10/parse-packet.c (dump_hex_line): Use sizeof rather than the buffer's size. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* Add documentation for g10/parse-packet.c.Neal H. Walfield2015-08-202-19/+223
| | | | | | | | | * g10/packet.h: Add documentation for functions defined in parse-packet.c. * g10/parse-packet.c: Improve comments for many functions. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/packet.h: Remove unused argument from enum_sig_subpkt.Neal H. Walfield2015-08-202-8/+6
| | | | | | | | | | | | | * g10/packet.h (enum_sig_subpkt): Remove argument RET_N. Update callers. * g10/parse-packet.c (enum_sig_subpkt): Remove argument RET_N. -- Remove the RET_N argument, because it is unused and because it is meaningless: it's not clear whether it is an offset into SIG->HASHED or SIG->UNHASHED. Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c:mpi_read: Detect EOF and correct boundary conditions.Neal H. Walfield2015-08-201-8/+21
| | | | | | | | | * g10/parse-packet.c (mpi_read): Improve documentation. Correctly handle an EOF. On overflow, correctly return the number of bytes read from the pipeline. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common/iobuf.h: Remove iobuf_open_fd_or_name.Neal H. Walfield2015-08-202-3/+6
| | | | | | | | * common/iobuf.h (iobuf_open_fd_or_name): Remove prototype. Replace use with either iobuf_open or iobuf_fdopen_nc, as appropriate. * common/iobuf.c (iobuf_open): Remove function. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* gpg: Avoid linking to LibksbaWerner Koch2015-08-171-8/+3
| | | | | | | | | | | | | | | | | | | | * kbx/keybox.h (KEYBOX_WITH_X509): Do not define. * sm/Makefile.am (AM_CPPFLAGS): Define it here. (common_libs): Change to libkeybox509.a * g10/Makefile.am (AM_CFLAGS): remove KSBA_CFLAGS. (gpg2_LDADD, gpgv2_LDADD): Remove KSBA_LIBS * kbx/Makefile.am (noinst_LIBRARIES): Add libkeybox509.a. (libkeybox509_a_SOURCES): New. (libkeybox_a_CFLAGS): New. (libkeybox509_a_CFLAGS): New. (kbxutil_CFLAGS): New. * kbx/keybox-search.c (has_keygrip) [!KEYBOX_WITH_X509]: Declare args as unused. -- There is no real need to link to Libksba in gpg. Signed-off-by: Werner Koch <[email protected]>
* Fix sending INQUIRE_MAXLEN for symmetric data.Ben Kibbey2015-08-161-0/+8
| | | | * g10/passphrase.c (passphrase_to_dek_ext): Write the status message.
* Inform a user about inquire length limit.Ben Kibbey2015-08-151-0/+4
| | | | | | | | | | * common/status.h (INQUIRE_MAXLEN): New. * g10/call-agent.c (default_inquire_cb): Send STATUS_INQUIRE_MAXLEN. client when inquiring a passphrase over pinentry-loopback. -- This is to inform a user about the maximum length of a passphrase. The limit is the same that gpg-agent uses.
* Allow --gen-key to inquire a passphrase.Ben Kibbey2015-08-151-3/+12
| | | | | | | * g10/gpg.c (main): test for --command-fd during --gen-key parse. When --command-fd is set then imply --batch to let gpg inquire a passphrase rather than requiring a pinentry.
* gpg: Allow gpgv to work with a trustedkeys.kbx file.Werner Koch2015-08-073-2/+22
| | | | | | | | | | * g10/keydb.h (KEYDB_RESOURCE_FLAG_GPGVDEF): New. * g10/keydb.c (keydb_add_resource): Take care of new flag. * g10/gpgv.c (main): Use new flag. -- GnuPG-bug-id: 2025 Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove duplicated printing of the curve name in "sub" lines.Werner Koch2015-08-061-12/+0
| | | | | | | | | | * g10/keylist.c (list_keyblock_print): Do not print extra curve name. -- This was cruft from the time before we changed to the new algo/size string. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add commands "fpr *" and "grip" to --edit-key.Werner Koch2015-08-062-6/+71
| | | | | | | | | | | | | * g10/keyedit.c (cmdGRIP): New. (cmds): Add command "grip". (keyedit_menu) <cmdFPR>: Print subkeys with argument "*". (keyedit_menu) <cmdGRIP>: Print keygrip. (show_key_and_fingerprint): Add arg "with_subkeys". (show_key_and_grip): New. * g10/keylist.c (print_fingerprint): Add mode 4. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Adjust UID line indentation for common key algos.Werner Koch2015-08-062-3/+6
| | | | | | | | | | | | | * g10/keylist.c (list_keyblock_print): Change UID line indentation * g10/mainproc.c (list_node): Ditto. -- Due to the new keyalgo/size format the UID was not anymore printed properly aligned to the creation date. Although we can't do that in any case, this change does it for common algos like "rsa2048", "dsa2048", and "ed25519". Signed-off-by: Werner Koch <[email protected]>
* Curve25519 support.NIIBE Yutaka2015-08-065-14/+36
| | | | | | | | | | | | | | | | | | | | | | | | * agent/cvt-openpgp.c (get_keygrip): Handle Curve25519. (convert_secret_key, convert_transfer_key): Ditto. * common/openpgp-oid.c (oidtable): Add Curve25519. (oid_crv25519, openpgp_oid_is_crv25519): New. * common/util.h (openpgp_oid_is_crv25519): New. * g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Handle the case with Montgomery curve which uses x-only coordinate. * g10/keygen.c (gen_ecc): Handle Curve25519. (ask_curve): Change the API and second arg is to return subkey algo. (generate_keypair, generate_subkeypair): Follow chage of ask_curve. * g10/keyid.c (keygrip_from_pk): Handle Curve25519. * g10/pkglue.c (pk_encrypt): Handle Curve25519. * g10/pubkey-enc.c (get_it): Handle the case with Montgomery curve. * scd/app-openpgp.c (ECC_FLAG_DJB_TWEAK): New. (send_key_attr): Work with general ECC, Ed25519, and Curve25519. (get_public_key): Likewise. (ecc_writekey): Handle flag_djb_tweak. -- When libgcrypt has Curve25519, GnuPG now supports Curve25519.
* common: extend API of openpgp_oid_to_curve for canonical name.NIIBE Yutaka2015-08-064-6/+6
| | | | | | | | | | | | | | | * common/openpgp-oid.c (openpgp_oid_to_curve): Add CANON argument. * common/util.h: Update. * g10/import.c (transfer_secret_keys): Follow the change. * g10/keyid.c (pubkey_string): Likewise. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Likewise. * parse-packet.c (parse_key): Likewise. * scd/app-openpgp.c (send_key_attr, get_public_key): Likewise. -- Change the function so that caller can select canonical name of curve or name for printing. Suggested by wk.
* gpg: Fix duplicate key import due to legacy key in keyring.Werner Koch2015-08-041-1/+8
| | | | | | | | | | * g10/keydb.c (keydb_search_fpr): Skip legacy keys. -- A test case for this problem can be found at GnuPG-bug-id: 2031 Signed-off-by: Werner Koch <[email protected]>
* gpg: Properly handle legacy keys while looking for a secret key.Werner Koch2015-08-041-1/+8
| | | | | | | | | | * g10/getkey.c (have_secret_key_with_kid): Skip legacy keys. -- This fixes GnuPG-bug-id: 2031 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix endless loop for expired keys given by fpr.Werner Koch2015-07-311-0/+5
| | | | | | | | | | * g10/getkey.c (lookup): Disable keydb caching when continuing a search. -- Caches are Fierce Creatures. Reported-by: Patrick Brunschwig
* gpg: Do not return "Legacy Key" from lookup if a key is expired.Werner Koch2015-07-291-1/+2
| | | | | | | | | | | | * g10/getkey.c (lookup): Map GPG_ERR_LEGACY_KEY. -- If an expired key is directly followed by a legacy key in the keyring, the lookup function incorrectly returned "legacy key" instead of "unusable key". We fix it by handling not found identical to a legacy key if the last finish lookup failed. Signed-off-by: Werner Koch <[email protected]>
* gpg: Indicate secret keys and cards in a key-edit listing.Werner Koch2015-07-291-25/+77
| | | | | | | | | | | | | | | | | * g10/keyedit.c (sign_uids): Add arg "ctrl". (show_key_with_all_names_colon): Ditto. (show_key_with_all_names): Ditto. * g10/keyedit.c (show_key_with_all_names): Print key record indicators by checking with gpg-agent. (show_key_with_all_names): Ditto. May now also print sec/sbb. -- This also fixes a problem in the --with-colons mode. Before this patch the --with-colons output of --edit-key always showed pub/sub regardless of the old toogle state. Now it also prints sec/sbb. Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove the edit-key toggle command.Werner Koch2015-07-281-13/+2
| | | | | | | | | | | | | | * g10/keyedit.c (cmds): Remove helptext from "toggle". (keyedit_menu): Remove "toggle" var and remove the sub/pub check against toggle. -- Because it is now easily possible to have only secret keys for some of the main/subkeys the current check on whether any secret is available is not really useful. A finer grained check should eventually be implemented. Signed-off-by: Werner Koch <[email protected]>
* Replace GNUPG_GCC_A_ macros by GPGRT_ATTR_ macros.Werner Koch2015-07-261-1/+1
| | | | | | | | | | | | | * common/util.h: Provide replacement for GPGRT_ATTR_ macros when using libgpg-error < 1.20. * common/mischelp.h: Ditto. * common/types.h: Ditto. -- Given that libgpg-error is a dependency of all GnuPG related libraries it is better to define such macros at only one place instead of having similar macros at a lot of places. For now we need repalcement macros, though.
* scd: support any curves defined by libgcrypt.NIIBE Yutaka2015-07-253-13/+39
| | | | | | | | | | | | | | * g10/call-agent.h (struct agent_card_info_s): Add curve field. * g10/call-agent.c (learn_status_cb): Use curve name. * g10/card-util.c (card_status): Show pubkey name. * scd/app-openpgp.c (struct app_local_s): Record OID and flags. (store_fpr): Use ALGO instead of key type. (send_key_attr): Use curve name instead of OID. (get_public_key): Clean up by OID to curve name. (ecc_writekey): Support any curves in libgcrypt. (do_genkey, do_auth, ): Follow the change. (ecc_oid): New. (parse_algorithm_attribute): Show OID here.
* scd: Format change to specify "rsa2048" for KEY-ATTR.NIIBE Yutaka2015-07-231-1/+1
| | | | | | | | | * g10/card-util.c (do_change_keysize): Put "rsa". * scd/app-openpgp.c (change_keyattr, change_keyattr_from_string): Change the command format. (rsa_writekey): Check key type. (do_writekey): Remove "ecdh" and "ecdsa" support which was available in experimental libgcrypt before 1.6.0.
* Don't segfault if the first 'auto-key-locate' option is 'clear'.Neal H. Walfield2015-07-161-0/+3
| | | | | | | | | * g10/getkey.c (free_akl): If AKL is NULL, just return. -- Signed-off-by: Neal H. Walfield <[email protected]>. Reported-by: Sami Farin. GnuPG-bug-id: 2045
* g10: Use canonical name for curve.NIIBE Yutaka2015-07-084-7/+9
| | | | | | | | * g10/import.c (transfer_secret_keys): Use canonical name. * common/openpgp-oid.c (openpgp_curve_to_oid): Return NULL on error. * g10/keyid.c (pubkey_string): Follow change of openpgp_curve_to_oid. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto. * g10/parse-packet.c (parse_key): Ditto.
* Remove obsolete file g10/comment.c.Werner Koch2015-06-301-108/+0
| | | | --
* doc: Updated HACKING.Werner Koch2015-06-302-2/+2
| | | | | | | -- Added used commit keywords. Add some comments to the list of files.
* gpg: Make show-sig-subpackets work again.Werner Koch2015-06-301-1/+1
| | | | | | | | | * g10/gpg.c (parse_list_options): Fix offset for subpackets. -- Regression-due-to: 7d0492075ea638607309b3ea6a792b0e95ea7d98 GnuPG-bug-id: 2008 Signed-off-by: Werner Koch <[email protected]>
* agent: Prepare for Libassuan with Cygwin support.Werner Koch2015-06-291-1/+0
| | | | | | | | * agent/gpg-agent.c (create_server_socket): Add arg "cygwin". Call assuan_sock_set_flag if Assuan version is recent enough. (main): Create ssh server socket with Cygwin flag set. Signed-off-by: Werner Koch <[email protected]>
* Improve the description of old packets with an indeterminate length.Neal H. Walfield2015-06-291-1/+1
| | | | | | | | | * g10/parse-packet.c (parse): Make the description more accurate when listing packets: old format packets don't support partial lengths, only indeterminate lengths (RFC 4880, Section 4.2). -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Allow debug flag names for --debug.Werner Koch2015-06-221-45/+35
| | | | | | | | | | * g10/gpg.c (opts): Change arg for oDebug to a string. (debug_flags): New; factored out from set_debug. (set_debug): Remove "--debug-level help". Use parse_debug_flag to print the used flags. (main): Use parse_debug_flag for oDebug. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix regression due to recent commit 6500f33Werner Koch2015-06-221-28/+59
| | | | | | | | | | | * g10/keydb.c (kid_list_s): Keep a state in the table. (kid_not_found_table): Rename to kid_found_table. (n_kid_not_found_table): Rename to kid_found_table_count. (kid_not_found_p): Return found state. (kid_not_found_insert): Add arg found. (keydb_search): Store found state in the table. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print number of good signatures with --check-sigs.Werner Koch2015-06-201-7/+15
| | | | | | | | | * g10/keylist.c (keylist_context): Add field good_sigs. (list_keyblock_print): Updated good_sigs. (print_signature_stats): Print number of good signatures and use log_info instead of tty_printf. Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve speed of --check-sigs and --lish-sigs.Werner Koch2015-06-203-0/+101
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.c (kid_list_t): New. (kid_not_found_table, n_kid_not_found_table): New. (kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New. (keydb_insert_keyblock): Flush the new cache. (keydb_delete_keyblock): Ditto. (keydb_update_keyblock): Ditto. (keydb_search): Use the new cache. (keydb_dump_stats): New. * g10/gpg.c (g10_exit): Dump keydb stats. -- What we do here is to keep track of key searches by long keyids (as stored in all signatures) so that we do not need to scan the keybox again after we already found that this keyid will result in not-found. As soon as we change gpg to run as a co-process we should store this table per session because other instances of gpg may have updated the keybox without us knowing. On a test ring with gpg: 94721 good signatures gpg: 6831 bad signatures gpg: 150703 signatures not checked due to missing keys gpg: 5 signatures not checked due to errors gpg: keydb: kid_not_found_table: total: 14132 this new cache speeds a --check-sigs listing up from 28 minutes to less than 3 minutes. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add more log_clock calls to keydb.cWerner Koch2015-06-191-0/+9
| | | | * g10/keydb.c (keydb_get_keyblock): Add log_clock calls.
* gpg: Print available debug flags using "--debug-level help".Werner Koch2015-06-191-18/+44
| | | | | | | * g10/gpg.c (set_debug): Add "help" option and use a table for the flags. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix export problem in case an old keyring has PGP-2 keys.Werner Koch2015-06-191-1/+8
| | | | | | * g10/export.c (do_export_stream): Skip legacy keys. Signed-off-by: Werner Koch <[email protected]>
* agent: Print a warning for obsolete options.Werner Koch2015-06-172-15/+0
| | | | | | | | | | | * g10/misc.c (obsolete_scdaemon_option): Move to * common/miscellaneous.c (obsolete_option): ... here. * agent/gpg-agent.c (main): Use obsolete_option for the 3 obsolete options. -- GnuPG-bug-id: 2016 Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 05:02:00 +0000