aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-04-1010-522/+684
|\| | | | | | | | | | | | | | | | | -- Fixed conflicts: NEWS - keep master configure.ac - merge g10/card-util.c - mostly 2.2 g10/sig-check.c - 2.2
| * doc: Document --key-edit:change-usageWerner Koch2018-04-091-3/+5
| | | | | | | | | | | | | | | | * g10/keyedit.c (menu_changeusage): Make strings translatable. -- GnuPG-bug-id: 3816 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Check that a key may do certifications.Werner Koch2018-04-061-0/+21
| | | | | | | | | | | | | | | | | | | | * g10/sig-check.c (check_signature_end_simple): Check key usage for certifications. (check_signature_over_key_or_uid): Request usage certification. -- GnuPG-bug-id: 3844 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Emit FAILURE stati now in almost all cases.Werner Koch2018-04-062-8/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/cpr.c (write_status_failure): Make it print only once. * g10/gpg.c (wrong_args): Bump error counter. (g10_exit): Print a FAILURE status if we ever did a log_error etc. (main): Use log_error instead of log_fatal at one place. Print a FAILURE status for a bad option. Ditto for certain exit points so that we can see different error locations. -- This makes it easier to detect errors by tools which have no way to get the exit code (e.g. due to double forking). GnuPG-bug-id: 3872 Signed-off-by: Werner Koch <[email protected]>
| * doc: Add a code comment about back signatures.Werner Koch2018-04-061-1/+3
| | | | | | | | --
| * gpg: Re-indent sig-check.c and use signature class macros.Werner Koch2018-04-062-387/+372
| | | | | | | | | | | | | | | | | | | | * g10/keydb.h (IS_BACK_SIG): New. * g10/sig-check.c: Re-indent and use macros. -- This makes the code easier to understand. Signed-off-by: Werner Koch <[email protected]>
| * gpg: Add new OpenPGP card vendor.Werner Koch2018-04-051-0/+1
| | | | | | | | | | | | -- Signed-off-by: Werner Koch <[email protected]>
| * g10: Let card-edit/key-attr show message when change.NIIBE Yutaka2018-04-051-8/+14
| | | | | | | | | | | | | | * g10/card-util.c (ask_card_rsa_keysize): Don't show message here. (ask_card_keyattr): Show message when change, also for ECC. Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: Fix filtering by PK->REQ_USAGE.NIIBE Yutaka2018-04-021-0/+2
| | | | | | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_byfprint): Filter by PK->REQ_USAGE. -- GnuPG-bug-id: 3844 Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: Fix card-edit/kdf-setup for single salt.NIIBE Yutaka2018-03-301-1/+3
| | | | | | | | | | | | * g10/card-util.c (gen_kdf_data): Use SALT_USER. Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10,scd: Support single salt for KDF data object.NIIBE Yutaka2018-03-301-16/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (gen_kdf_data): Support single salt. (kdf_setup): Can have argument for single salt. * scd/app-openpgp.c (pin2hash_if_kdf): Support single salt. -- Gnuk has "admin-less" mode. To support "admin-less" mode with KDF feature, salt should be same for user and admin. Thus, I introduce a valid use of single salt. Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: Add "key-attr" command for --card-edit.NIIBE Yutaka2018-03-301-53/+52
| | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (key_attr): New explicit command. (generate_card_keys, card_generate_subkey): Don't ask key attr change. (card_edit): Add for cmdKEYATTR. -- GnuPG-bug-id: 3781 Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: Support key attribute change at --card-edit/generate.NIIBE Yutaka2018-03-293-77/+169
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (ask_card_rsa_keysize): Drop support for magic number 25519 for ed25519/cv25519. Rename from ask_card_keyattr. (ask_card_keyattr): Support ECC, as well as RSA. (do_change_keyattr): Support ECC dropping magical number 25519. * g10/keygen.c (ask_curve): Allow call from outside, adding last arg of CURRENT. (generate_keypair): Follow the change of ask_curve. (generate_subkeypair): Likewise. -- GnuPG-bug-id: 3781 Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: check_pin_for_key_operation should be just before genkey.NIIBE Yutaka2018-03-291-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (generate_card_keys): Check PIN later. (card_generate_subkey): Likewise. -- Changing key attribute resets PIN authentication status. So, CHECKPIN should be after that, before key generation. Note that CHECKPIN is done for binding signature. Signed-off-by: NIIBE Yutaka <[email protected]>
| * g10: Change ask_curve so that it can be used outside.NIIBE Yutaka2018-03-282-30/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/call-agent.h (struct key_attr): New. * g10/keygen.c (ask_curve): Return const char *. No allocation. (quick_generate_keypair): Follow the change. (generate_keypair, generate_subkeypair): Likewise. (parse_algo_usage_expire): Return const char *. -- This change is intended for using ask_curve from card-util.c. Signed-off-by: NIIBE Yutaka <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-03-2713-51/+256
|\|
| * gpg: Auto-fix a broken trustdb with just the version record.Werner Koch2018-03-261-0/+14
| | | | | | | | | | | | | | * g10/tdbio.c (get_trusthashrec): Create hashtable on error. GnuPG-bug-id: 3839 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Pass CTRL arg to get_trusthashrec.Werner Koch2018-03-264-11/+15
| | | | | | | | | | | | | | | | * g10/tdbio.c (get_trusthashrec): Add arg CTRL. (tdbio_search_trust_byfpr): Ditto. (tdbio_search_trust_bypk): Ditto. Signed-off-by: Werner Koch <[email protected]>
| * gpg: Return better error codes in case of a too short trustdb.Werner Koch2018-03-261-15/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tdbio.c (tdbio_read_record): Return GPG_ERR_EOF. (tdbio_new_recnum): Never return on error. (lookup_hashtable): Print a more descriptive error in case of !TABLE. -- Also: tdbio_new_recnum had a bug in that it returned an error code and not a record number in the error case. The function is expected to always return a valid new record number. Signed-off-by: Werner Koch <[email protected]>
| * gpg: Fix trustdb updates without lock held.Werner Koch2018-03-261-10/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tdbio.c (is_locked): Turn into a counter. (take_write_lock, release_write_lock): Implement recursive locks. -- On trustdb creation we have this call sequence: init_trustdb -> takes lock tdbio_set_dbname create_version_record tdbio_write_record put_record_into_cache -> takes lock put_record_into_cache -> releases lock init_trustdb -> releases lock The second take lock does noting but the first release lock has already released the lock and the second release lock is a thus a NOP. This is likely the cause for the corrupted trustdb as reported in GnuPG-bug-id: 3839 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Disable unused code parts in tdbio.cWerner Koch2018-03-261-3/+7
| | | | | | | | | | | | | | | | * g10/tdbio.c (in_transaction): Comment this var. (put_record_into_cache): Comment the transaction code. (tdbio_sync): Ditto Signed-off-by: Werner Koch <[email protected]>
| * gpg,sm: New option --request-origin.Werner Koch2018-03-233-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * g10/options.h (struct opt): Add field request_origin. * g10/call-agent.c (start_agent): Send option to the agent. * sm/gpgsm.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * sm/gpgsm.h (struct opt): Add field request_origin. * sm/call-agent.c (start_agent): Send option to the agent. Signed-off-by: Werner Koch <[email protected]>
| * gpg: Implement --dry-run for --passwd.Werner Koch2018-03-221-1/+3
| | | | | | | | | | | | * g10/keyedit.c (change_passphrase): Take care of --dry-run. Signed-off-by: Werner Koch <[email protected]>
| * scd: Support KDF DO setup.NIIBE Yutaka2018-03-223-1/+107
| | | | | | | | | | | | | | | | | | | | | | | | * g10/call-agent.c (learn_status_cb): Parse the capability for KDF. * g10/card-util.c (gen_kdf_data, kdf_setup): New. (card_edit): New admin command cmdKDFSETUP to call kdf_setup. * scd/app-openpgp.c (do_getattr): Emit KDF capability. -- GnuPG-bug-id: 3823 Signed-off-by: NIIBE Yutaka <[email protected]>
| * doc: Typo fix in comment.Werner Koch2018-03-211-4/+4
| | | | | | | | --
| * gpg: Fix out-of-bound read in subpacket enumerationWerner Koch2018-03-211-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading the type octet. Print diagnostic. -- If the final subpacket has only a length header evaluating to zero and missing the type octet, a read could happen right behind the buffer. Valgrind detected this. Fix is obvious. Note that the further parsing of the subpacket is still okay because it always checks the length. Note further that --list-packets uses a different code path and already reported an error. Reported-by: Philippe Antoine He provided a test file copied below. Running "gpg -v --verify" on it triggered the bug. -----BEGIN PGP ARMORED FILE----- Comment: Use "gpg --dearmor" for unpacking kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0 LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/ Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr 8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX =qYZP -----END PGP ARMORED FILE----- Signed-off-by: Werner Koch <[email protected]>
| * scd: Better user interaction for factory-reset.NIIBE Yutaka2018-03-161-6/+21
| | | | | | | | | | | | | | | | | | | | | | | | * g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte. Connect the card again at the last step. -- Before the change, a user has to quit the session to continue. Now, it is possible to type RET in the session and see if it's really done. Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Fix build on Windows.NIIBE Yutaka2018-03-082-0/+5
| | | | | | | | | | | | | | | | | | | | -- WIN32_LEAN_AND_MEAN is required to avoid definitions of grp1, grp2, and grp3 in dlgs.h, which is included by windows.h. Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94 Signed-off-by: NIIBE Yutaka <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-2' into wk-masterWerner Koch2018-03-063-8/+59
|\|
| * gpg: Fix regression in last --card-status patchWerner Koch2018-03-011-1/+1
| | | | | | | | | | | | | | | | | | | | -- Sorry, I accidentally pushed the last commit without having amended it with this fix. Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Print the keygrip with --card-statusWerner Koch2018-03-013-7/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/call-agent.h (agent_card_info_s): Add fields grp1, grp2 and grp3. * g10/call-agent.c (unhexify_fpr): Allow for space as delimiter. (learn_status_cb): Parse KEYPARIINFO int the grpX fields. * g10/card-util.c (print_keygrip): New. (current_card_status): Print "grp:" records or with --with-keygrip a human readable keygrip. -- Suggested-by: Peter Lebbing <[email protected]> Signed-off-by: Werner Koch <[email protected]>
* | gpg: Avoid writing a zero length last chunk in AEAD mode.Werner Koch2018-02-282-42/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/cipher-aead.c (write_header): Do not call set_nonce_and_ad. (write_final_chunk): Do not increase chunkindex. (do_flush): Call set_nonce_and_ad immediately before the first encryption of a chunk. Bump up the chunkindex after writing the tag. (do_free): Do not insert a zero length last chunk. * g10/decrypt-data.c (aead_underflow): Fix the corresponding bug. -- This fixes a bug in writing a zero length last chunk right before the final chunk (which has by design a zero length). We also need to adjust the decryption part because that assumed this zero length last chunk. Note that we use the term "last chunk" for the chunk which directly precedes the "final chunk" which ends the entire encryption. GnuPG-bug-id: 3774 Signed-off-by: Werner Koch <[email protected]>
* | gpg: Merge two functions in cipher-aead.cWerner Koch2018-02-281-75/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/cipher-aead.c (set_nonce, set_additional_data): Merge into ... (set_nonce_and_ad): new function. (write_auth_tag): Print error message here. (do_flush): Rename var newchunk to finalize. -- There is no need to have separate functions here. We should also print a error message for writing the final tag. Signed-off-by: Werner Koch <[email protected]>
* | gpg: Simplify the AEAD decryption function.Werner Koch2018-02-271-51/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/decrypt-data.c (aead_set_nonce, aead_set_ad): Merge into ... (aead_set_nonce_and_ad): new single function. Change callers. (decrypt_data): Do not set the nonce and ad here. (aead_underflow): Get rid of the LAST_CHUNK_DONE hack. -- The main change here is that we now re-init the context only right before we decrypt and not after a checktag. Signed-off-by: Werner Koch <[email protected]>
* | gpg: Factor common code out of the AEAD decryption function.Werner Koch2018-02-271-96/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/decrypt-data.c (aead_underflow): Factor reading and checking code code out to ... (fill_buffer, aead_checktag): new functions. -- Here is a simple test script to check against a set of encrypted files with naming convention like "symenc-aead-eax-c6-56.asc" # ------------------------ >8 ------------------------ set -e GPG=../g10/gpg for file in "$@"; do echo "${file##*/}" | ( IFS=- read dummy1 dummy2 mode cbyte len rest len="${len%.*}" cbyte="${cbyte#c}" [ "$dummy1" != "symenc" -o "$dummy2" != "aead" ] && continue echo "checking mode=$mode chunkbyte=$cbyte length=$len" if ! $GPG --no-options --rfc4880bis --batch --passphrase "abc" \ -d < $file >tmp.plain 2>/dev/null; then echo "Decryption failed for $file" >&2 exit 2 fi plainlen=$(wc -c <tmp.plain) if [ $plainlen -ne $len ]; then echo "Plaintext length mismatch for $file (want=$len have=$plainlen)" >&2 exit 2 fi ) done echo "all files are okay" >&2 # ------------------------ 8< ------------------------ Signed-off-by: Werner Koch <[email protected]>
* | gpg: Rename cipher.c to cipher-cfb.cWerner Koch2018-02-272-2/+2
| | | | | | | | | | | | | | | | * g10/cipher.c: Rename to ... * g10/cipher-cfb.c: this. -- Signed-off-by: Werner Koch <[email protected]>
* | gpg: Fix corner cases in AEAD encryption.Werner Koch2018-02-272-69/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/cipher-aead.c (write_final_chunk): Do not bump up the chunk index if the previous chunk was empty. * g10/decrypt-data.c (aead_underflow): Likewise. Also handle a other corner cases. Add more debug output. -- GnuPG-bug-id: 3774 This fixes the reported case when the encrypted data is a multiple of the chunk size. Then the chunk index for the final chunk was wrongly incremented by 2. The actual fix makes use of the fact that the current dfx->CHUNKLEN is 0 in this case. There is also some other reorganizing to help with debugging. The thing seems to work now but the code is not very clean - should be reworked. Creating test files can be done with this script: --8<---------------cut here---------------start------------->8--- csize=6 for len in 0 55 56 57; do awk </dev/null -v i=$len 'BEGIN{while(i){i--;printf"~"}}' \ | gpg --no-options -v --rfc4880bis --batch --passphrase "abc" \ --s2k-count 1025 --s2k-digest-algo sha256 -z0 \ --force-aead --aead-algo eax --cipher aes -a \ --chunk-size $csize -c >symenc-aead-eax-c$csize-$len.asc done --8<---------------cut here---------------end--------------->8--- A LEN of 56 triggered the bug which can be seen by looking at the "authdata:" line in the --debug=crypt,filter output. Signed-off-by: Werner Koch <[email protected]>
* | gpg: Try to mitigate the problem of wrong CFB symkey passphrases.Werner Koch2018-02-231-0/+15
| | | | | | | | | | | | | | | | * g10/mainproc.c (symkey_decrypt_seskey): Check for a valid algo. -- GnuPG-bug-id: 3795 Signed-off-by: Werner Koch <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-2'Werner Koch2018-02-223-8/+5
|\|
| * gpg: Don't let gpg return failure on an invalid packet in a keyblock.Werner Koch2018-02-222-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.c (parse_keyblock_image): Use log_info instead of log_error for skipped packets. * g10/keyring.c (keyring_get_keyblock): Ditto. -- log_info should be sufficient and makes this more robust. Some tools (e.g. Enigmail) are too picky on return codes from gpg. Signed-off-by: Werner Koch <[email protected]>
| * g10: Select a secret key by checking availability under gpg-agent.NIIBE Yutaka2018-02-221-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (finish_lookup): Add WANT_SECRET argument to confirm by agent_probe_secret_key. (get_pubkey_fromfile, lookup): Supply WANT_SECRET argument. -- GnuPG-bug-id: 1967 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0a76611294998ae34b9d9ebde484ef8ad3a9a3a6)
| * gpg: Fix reversed messages for --only-sign-text-ids.NIIBE Yutaka2018-02-151-2/+2
| | | | | | | | | | | | | | | | | | | | * g10/keyedit.c (keyedit_menu): Fix messages. -- GnuPG-bug-id: 3787 Fixes-commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Update list of card vendors from masterWerner Koch2018-02-011-0/+2
| | | | | | | | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* | gpg: Fix packet length checking in symkeyenc parser.Werner Koch2018-02-061-7/+10
| | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_symkeyenc): Move error printing to the end. Add additional check to cope for the 0je extra bytes needed for AEAD. -- Fixes-commit: 9aab9167bca38323973e853845ca95ae8e9b6871 GnuPG-bug-id: 3780
* | Add a new OpenPGP card vendor.Werner Koch2018-02-011-0/+1
| | | | | | | | --
* | gpg: Rename a misnomed arg in open_outfile.Werner Koch2018-01-282-11/+13
| | | | | | | | | | | | * g10/openfile.c (open_outfile): Rename inp_fd to out_fd. Signed-off-by: Werner Koch <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-01-252-22/+55
|\| | | | | | | Signed-off-by: Werner Koch <[email protected]>
| * gpg: Fix the use of future-default with --quick-add-key.Werner Koch2018-01-181-12/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (parse_key_parameter_part): Add arg clear_cert. (parse_key_parameter_string): Add arg suggested_use and implement fallback. Change callers to pass 0 for new arg. (parse_algo_usage_expire): Pass the parsed USAGESTR to parse_key_parameter_string so that it can use it in case a subkey is to be created. -- The problem here was that future-default gives the primary and subkey algorithm. However, when using future-default for adding a key, the second part was always used which is for encryption. If the caller now wanted to create a signing subkey using the future-default parameters this did not worked. gpg --batch --passphrase "" --quick-add-key FPR future-default encr aready worked as did gpg --batch --passphrase "" --quick-add-key FPR ed25519 sign but gpg --batch --passphrase "" --quick-add-key FPR future-default sign does only work with this fix. GnuPG-bug-id: 3747 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Print all keys with --decrypt --list-only.Werner Koch2018-01-081-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | * g10/mainproc.c (proc_pubkey_enc): Use dedicated error code for list-only and put the key into PKENC_LIST. (print_pkenc_list): Take care of the new error code. -- If the secret keys exist in --list-only mode it was not printed in --list-only mode. GnuPG-bug-id: 3718 Signed-off-by: Werner Koch <[email protected]>
| * gpg: Allow "futuredefault" as alias for "future-default".Werner Koch2018-01-011-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (parse_key_parameter_string): Allow "futuredefault" and use case-insensitive matching (quick_generate_keypair): Ditto. (parse_algo_usage_expire): Ditto. -- The man page is sometimes rendered in a way that the hyphen may be not be considered as part of the string. And while at it we also allow case-insensitivity. GnuPG-bug-id: 3655 Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 10:00:12 +0000