aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* * sign.c (write_signature_packets): Lost a digest_algo line.David Shaw2006-01-012-0/+3
|
* * sign.c (hash_for): Add code to detect if the sk lives on a smartDavid Shaw2006-01-013-19/+44
| | | | | | | | | | | | card. If it does, only allow 160-bit hashes, a la DSA. This involves passing the *sk in, so change all callers. This is correct for today, given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160 support in the openpgp card. It will almost certainly need changing down the road. * app-openpgp.c (do_sign): Give user error if hash algorithm is not supported by the card.
* * keyserver.c (keyserver_import_pka): New. Moved fromDavid Shaw2005-12-236-35/+161
| | | | | | | | | | | | | getkey.c:get_pubkey_byname which was getting crowded. * keyserver.c (keyserver_import_cert): Import a key found in DNS via CERT records. Can handle both the PGP (actual key) and IPGP (URL) CERT types. * getkey.c (get_pubkey_byname): Call them both here. * options.h, keyserver.c (parse_keyserver_options): Add "auto-cert-retrieve" option with optional max size argument.
* * gpgv.c: Stub.David Shaw2005-12-235-53/+123
| | | | | | | | | | * keyserver-internal.h, keyserver.c (keyserver_spawn, keyserver_work, keygerver_getname): New keyserver_getname function to fetch keys by name. * getkey.c (get_pubkey_byname): Call it here to enable locating keys by full mailbox from a keyserver a la PKA. Try PKA first, though, as it is likely to be faster.
* Finished PKA featureWerner Koch2005-12-2010-13/+94
|
* * getkey.c (merge_selfsigs_main): All primary keys can certify.David Shaw2005-12-192-1/+7
|
* * gpg.c (main): Restore convert-sk-to-pk as programs rely on it.David Shaw2005-12-193-6/+10
| | | | | | * keyid.c (usagestr_from_pk): Remove special PUBKEY_USAGE_CERT flag. It's no longer needed.
* * gpg.c (main): Don't default to import-options convert-sk-to-pk. ItDavid Shaw2005-12-142-1/+7
| | | | | | | causes confusing warning messages when importing a PGP-exported key that contains a secret key without selfsigs followed by the public key.
* * keyserver.c (keyserver_fetch): Switch on fast-import before weDavid Shaw2005-12-082-0/+18
| | | | | --fetch-keys so we don't rebuild the trustdb after each fetch.
* Made strings translatable. Minor fixes.Werner Koch2005-12-084-5/+12
|
* * options.h, keyserver.c (curl_cant_handle, keyserver_spawn,David Shaw2005-12-083-7/+36
| | | | | | | keyserver_fetch): Set a flag to indicate that we're doing a direct URI fetch so we can differentiate between a keyserver operation and a URI fetch for protocols like LDAP that can do either.
* * keyserver.c (keyserver_spawn): Don't print "searching for key 00000000"David Shaw2005-12-074-10/+73
| | | | | | | | | | when fetching a URI. * keyserver-internal.h, keyserver.c (keyserver_fetch): New. Fetch an arbitrary URI using the keyserver helpers. * gpg.c (main): Call it from here for --fetch-keys.
* Some cleanup so we don't build files that are completely ifdeffed out. David Shaw2005-12-061-1/+1
| | | | | | This causes a warning on Sun's cc. Do the internal regex code as well for consistency.
* * main.h, keylist.c (print_revokers): New. Print the "rvk" designatedDavid Shaw2005-11-204-20/+38
| | | | | | | | | revoker record. Moved from keyedit.c:show_key_with_all_names_colon. * keylist.c (list_keyblock_colon): Use it here ... * keyedit.c (show_key_with_all_names_colon): ... and here.
* * free-packet.c (copy_secret_key): Copy secret key into secure memoryDavid Shaw2005-11-195-8/+56
| | | | | | | | | since we may unprotect it. * main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user support so users can use -u with --desig-revoke. This bypasses the interactive walk over the revocation keys.
* * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to justDavid Shaw2005-11-187-136/+88
| | | | | | | | | | | | | | "clean", and add "minimize". * import.c (parse_import_options): Make help text match the export versions of the options. * options.h, export.c (parse_export_options, do_export_stream): Reduce clean options to two: clean and minimize. * trustdb.h, trustdb.c (clean_one_uid): New function that joins uid and sig cleaning into one for a simple API outside trustdb.
* * armor.c (parse_header_line): A fussy bit of 2440: header lines areDavid Shaw2005-11-132-4/+24
| | | | | | delimited with a colon-space pair. Therefore a line such as "Comment: " is actually legal, albeit not particularly useful.
* * trustdb.h, trustdb.c (clean_key): New function to handle keyDavid Shaw2005-11-126-67/+71
| | | | | | | | | | | cleaning from one convenient place. * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Reduce clean options to two: clean and minimize. * parse-packet.c (setup_user_id): Remove. (parse_user_id, parse_attribute): Just use xmalloc_clear instead.
* * trustdb.c (clean_uid_from_key, clean_uids_from_key): SignificantlyDavid Shaw2005-11-122-66/+54
| | | | | simpler implementation.
* * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize"David Shaw2005-11-103-10/+19
| | | | | command.
* * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.cDavid Shaw2005-11-104-20/+18
| | | | | | (clean_uids_from_key): Fix display bug where sigs cleaned for other reasons caused a uid to appear as if it had been compacted.
* * packet.h: Move some flags to a bitfield. Change all callers.David Shaw2005-11-106-37/+44
|
* * options.h, import.c (parse_import_options, clean_sigs_from_all_uids,David Shaw2005-11-104-7/+16
| | | | | | import_one): Add import-minimal option. Similar to export-minimal, except it works on the way in.
* * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove allDavid Shaw2005-11-106-24/+27
| | | | | | | | non-selfsigs from key during cleaning. Change all callers. * export.c (do_export_stream): Use it here so we don't need additional minimize code in the export path.
* * options.skel: Add a section for --encrypt-to. This is Debian bugDavid Shaw2005-11-062-0/+13
| | | | | 336211 by Javier Fernández-Sanguino Peña.
* * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. StrictlyDavid Shaw2005-11-064-4/+18
| | | | | | | | | | | speaking this should be only in gpg_CPPFLAGS, but then we have to compile everything twice for gpg and gpgv. * apdu.c (open_pcsc_reader): Fix double free. * gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X location. Suggested by Patty A. Hardy.
* * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys inDavid Shaw2005-11-022-5/+17
| | | | | the sigs that are cleaned. Suggested by Dirk Traulsen and many others.
* * import.c (import_one): Do collapse_uids() before we do any cleaningDavid Shaw2005-11-024-9/+28
| | | | | | | | | | | | | | | so keyserver mangled keys with doubled user IDs can be properly cleaned - possibly sigs on the different user IDs cancel each other out. * import.c (parse_import_options), export.c (parse_export_options): List "xxx-clean" before the longer options so we don't end up with a partial match on the longer options. * trustdb.c (clean_uids_from_key): Return proper number of cleaned user IDs. Don't count user IDs as cleaned unless we actually delete something.
* * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem withDavid Shaw2005-10-273-4/+13
| | | | | | adding a cert-only designated revoker. Code was looking for a key with sign ability, and not cert ability. Noted by Timo Schulz.
* cygwin fixesWerner Koch2005-10-274-40/+170
|
* * keygen.c (proc_parameter_file): Default key and subkey usage flags toDavid Shaw2005-10-262-7/+35
| | | | | | algo capabilities if parameter file doesn't specify them. Noted by Timo Schulz.
* Fixed minor card related bugs and enhanced status messagesWerner Koch2005-10-185-54/+123
|
* exported subkeys are now merged into one output keyblockWerner Koch2005-10-172-75/+186
|
* * keyedit.c (keyedit_menu, menu_backsign): New "backsign" command toDavid Shaw2005-10-146-5/+175
| | | | | | | | | add 0x19 backsigs to old keys that don't have them. * misc.c (parse_options): Fix build warning. * main.h, keygen.c (make_backsig): Make public.
* * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.cDavid Shaw2005-10-125-12/+33
| | | | | | (signature_check2): Add --require-backsigs and --no-require-backsigs. Currently defaults to --no-require-backsigs.
* * getkey.c (merge_selfsigs_subkey), sig-check.c (signature_check2),David Shaw2005-10-114-20/+25
| | | | | | | keygen.c (make_backsig): Did some backsig interop testing with the PGP folks. All is well, so I'm turning generation of backsigs on for new keys. Checking for backsigs on verification is still off.
* Yet another fix for the gpg.c renameWerner Koch2005-10-061-0/+15
|
* Fixes for the g10.c -> gpg.c renamedWerner Koch2005-10-051-5/+5
|
* Renamed g10.c to gpg.cWerner Koch2005-10-056-9/+32
| | | | Filelength fixes for W32.
* * mainproc.c (proc_symkey_enc): Take care of a canceled passphraseWerner Koch2005-09-202-1/+21
| | | | | prompt.
* * keylist.c (reorder_keyblock, do_reorder_keyblock): Reorder attributeDavid Shaw2005-09-203-4/+24
| | | | | | | | IDs as well as regular text IDs. * plaintext.c (ask_for_detached_datafile): Use make_filename() on filename so tilde expansion works.
* * main.h, misc.c (parse_options): Add the ability to have helpDavid Shaw2005-09-147-63/+130
| | | | | | | | | strings in xxx-options commands. * keyserver.c (keyserver_opts), import.c (parse_import_options), export.c (parse_export_options), g10.c (parse_list_options, main): Add help strings to xxx-options.
* * keyedit.c (show_names): Moved name display code out fromDavid Shaw2005-09-102-56/+80
| | | | | | | show_key_with_all_names. (keyedit_menu): Call it here for pref and showpref so they can show only the selected user ID. Suggested by Timo Schulz.
* Updated card stuff to support T=0 cards.Werner Koch2005-09-077-458/+393
|
* Add "help" sub option to --*-options.Werner Koch2005-09-074-1/+22
|
* * parse-packet.c (enum_sig_subpkt, parse_signature,David Shaw2005-09-022-12/+22
| | | | | | | parse_attribute_subpkts): Make a number of warnings verbose items. These fire on many slightly mangled keys in the field, so the warning is becoming burdensome.
* * photoid.h, photoid.c (generate_photo_id): Allow passing in aDavid Shaw2005-09-014-25/+52
| | | | | | | | suggested filename. * keyedit.c (keyedit_menu, menu_adduid): Call it here so "addphoto filename" works.
* * photoid.c (generate_photo_id): Enable readline completion and tildeDavid Shaw2005-08-312-3/+19
| | | | | expansion for the JPEG prompt.
* * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signingDavid Shaw2005-08-277-17/+58
| | | | | | | | | | | | | | | | | algorithms. * keyedit.c (sign_uids): Don't request a signing key to make a certification. * keygen.c (do_add_key_flags): Force the certify flag on for all primary keys, as the spec requires primary keys must be able to certify (if nothing else, which key is going to issue the user ID signature?) (print_key_flags): Show certify flag. (ask_key_flags, ask_algo): Don't allow setting the C flag for subkeys. * keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish between a sign/certify key and a certify-only key.
* * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode.David Shaw2005-08-272-9/+31
| | | | | Suggested by Michael Schierl.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 20:16:32 +0000