aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Use macros to check the signature class.Werner Koch2017-07-211-24/+24
| | | | | | * g10/import.c: Use the extistin macros for better readability. Signed-off-by: Werner Koch <[email protected]>
* g10: Clean keyblock on initial commit.Marcus Brinkmann2017-07-211-0/+5
| | | | | | | | * g10/import.c (import_one): If option import-clean is set, also clean on initial import, not only for merge. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2401
* g10: Don't limit at the frontend side for card capability.NIIBE Yutaka2017-07-211-37/+12
| | | | | | | | | | | | | * g10/card-util.c (MAX_GET_DATA_FROM_FILE): New. (get_data_from_file): Use MAX_GET_DATA_FROM_FILE. (change_url, change_login, change_private_do): Don't limit. -- V3.3 card support longer data for URL, Login and Private DOs. It's scdaemon which knows that. Signed-off-by: NIIBE Yutaka <[email protected]>
* indent: Improve readability of some comments in getkey.cWerner Koch2017-07-201-165/+168
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --with-key-origin.Werner Koch2017-07-205-10/+82
| | | | | | | | | | | | * g10/getkey.c (parse_key_origin): Factor list out as ... (key_origin_list): new struct. (key_origin_string): New. * g10/gpg.c (oWithKeyOrigin): New const. (opts): New option --with-key-origin. (main): Implement option. * g10/options.h (struct opt): New flag with_key_origin. * g10/keylist.c (list_keyblock_print): Print key origin info. (list_keyblock_colon): Ditto.
* doc: Comment fixes and one trailing comma fix.Werner Koch2017-07-203-6/+6
| | | | --
* gpg: Make function mk_datestr public.Werner Koch2017-07-202-22/+25
| | | | | | | | | | | | | | | | | | | * g10/keydb.h (MK_DATESTR_SIZE): New. * g10/keyid.c (mk_datestr): Make public. Add arg bufsize and use snprintf. Change arg atime to u32. (datestr_from_pk): Simplify. (datestr_from_sig): Ditto. (expirestr_from_pk): Ditto. (expirestr_from_sig): Ditto. (revokestr_from_pk): Ditto. -- Note that this also reduces the size of the static buffers from 16 to 11 which is sufficient for the string. In the past we added the 5 extra bytes to cope for bugs in gmtime which is now handles by snprintf. Signed-off-by: Werner Koch <[email protected]>
* g10: Return proper error when gpg-agent fails to start during probe.Marcus Brinkmann2017-07-201-2/+8
| | | | | | | | * g10/getkey.c (lookup): Return immediately on any other error than GPG_ERR_NO_SECKEY from agent_probe_any_secret_key. Signed-off-by: Marcus Brinkmann <[email protected]> GnuPG-bug-id: 2204
* gpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.Werner Koch2017-07-191-0/+4
| | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Track key server request via fingerprint. -- New signatures carry the fingerprint and thus --auto-key-retrieve tries to lookup the key by fingerprint. If that failed it used to also ask the same thing by KEYID - but the keyid is part of the fingerprint and thus it will either get no response or the wrong key back. We can easily avoid this. Signed-off-by: Werner Koch <[email protected]>
* gpg,sm: Check compliance of the RNG.Werner Koch2017-07-173-0/+48
| | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_rng_is_compliant): New. * g10/call-agent.c (start_agent) [W32]: Check rng compliance. * sm/call-agent.c (start_agent) [W32]: Ditto. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is compliant. * sm/encrypt.c (gpgsm_encrypt): Ditto. * g10/sign.c (do_sign): Ditto. * sm/sign.c (gpgsm_sign): Ditto. -- Under Windows we need to check that the Jitter RNG is active in de-vs mode. Under Linux this is not necessary because /dev/random can be scrutinized and is believed to provide enough entropy. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix importing keys.Justus Winter2017-07-141-3/+6
| | | | | | | * g10/import.c (import_one): Fix error handling. Fixes-commit: 330212efb927c119bb5135856f8582c0e4e2e6b7 Signed-off-by: Justus Winter <[email protected]>
* gpg: Pass key origin values to import functions.Werner Koch2017-07-136-37/+55
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (import_keys_stream): Remove this unused function. (import_keys_internal): Add arg origin. (import_keys): Ditto. (import_keys_es_stream): Ditto. (import): Ditto. (import_one): Ditto. (apply_meta_data): New stub. (import_secret_one): Pass 0 for ORIGIN. * g10/keyserver.c (keyserver_get_chunk): For now pass 0 for ORIGIN. (keyserver_fetch): Add arg origin. (keyserver_import_cert): Pass KEYORG_DANE for ORIGIN. (keyserver_import_wkd): Pass KEYORG_WKD for ORIGIN. * g10/gpg.c (main): Pass OPT.KEY_ORIGIN to import_keys and keyserver_fetch. * g10/card-util.c (fetch_url): Pass KEYORG_URL for ORIGIN. -- This is just the framework; applying the meta data will be done in another commit. GnuPG-bug-id: 3252 Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --key-origin.Werner Koch2017-07-138-21/+70
| | | | | | | | | | | | | | | * g10/keydb.h (KEYORG_): Rename to KEYORG_. * g10/packet.h (PKT_user_id): Rename field keysrc to keyorg. Adjust users. (PKT_public_key): Ditto. (PKT_ring_trust): Ditto. * g10/options.h (struct opt): Add field key_origin. * g10/getkey.c (parse_key_origin): New. * g10/gpg.c (oKeyOrigin): New. (opts): Add "keys-origin". (main): Set option. Signed-off-by: Werner Koch <[email protected]>
* tofu: Compare squares instead of square roots.Marcus Brinkmann2017-07-104-269/+9
| | | | | | | | | | | | | * g10/Makefile.am (tofu_source) [USE_TOFU]: Remove sqrtu32.h and sqrtu32.c. * g10/sqrtu32.h, g10/sqrtu32.c: Removed files. * g10/tofu.c: Compare squares instead of square roots. -- The original code is a factor 11.5 slower than using libm's sqrt(), which in turn is a factor 3.5 slower than using one multiplication on the other side of the comparison. Also, it's much simpler now. Signed-off-by: Marcus Brinkmann <[email protected]>
* gpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.Werner Koch2017-06-231-3/+20
| | | | | | | | | | | | * common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New. * g10/encrypt.c (encrypt_crypt): Emit new status code. * sm/encrypt.c (gpgsm_encrypt): Ditto. -- This status code allows to report whether an encryption operation was compliant to de-vs. Signed-off-by: Werner Koch <[email protected]>
* indent,i18n: Make some new strings translatable. Wrap too long lines.Werner Koch2017-06-234-13/+20
| | | | --
* gpg: Close cached keydb handle in gpgv.Justus Winter2017-06-211-0/+1
| | | | | | | * g10/gpgv.c (main): Close cached handle. Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix printing keyserver URLs and notation data.Justus Winter2017-06-211-2/+2
| | | | | | | | | | | | * g10/keylist.c (show_keyserver_url): Print to 'fp', not to 'stdout'. (show_notation): Likewise. -- Fixes the fact that if mode == -1, all text except for the labels is written to the tty, but the label is written to stdout, which is buffered. Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix error handling.Justus Winter2017-06-201-0/+2
| | | | | | | | | | | | | | * g10/keygen.c (generate_subkeypair): Handle errors from pinentry. -- Previously, when generating a subkey, gpg would ask for the passphrase of the primary key. If that dialog is canceled, gpg would ask a second time for a passphrase to protect the new subkey. Fix this by handling the error. GnuPG-bug-id: 3212 Signed-off-by: Justus Winter <[email protected]>
* gpg,gpgsm: Fix compliance check for DSA and avoid an assert.Werner Koch2017-06-191-6/+7
| | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA check. Explicitly check for allowed ECC algos. (gnupg_pk_is_allowed): Swap P and Q for DSA check. * g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check. Replace assert by debug message. -- Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0 condition is surprising because it leads to the assumption SYMKEYS could be negative. Better use a boolean test. The assert could have lead to a regression for no good reason. Not being compliant is better than breaking existing users. Signed-off-by: Werner Koch <[email protected]>
* indent: Always use "_(" and not "_ (" to mark translatable strings.Werner Koch2017-06-195-12/+12
| | | | | | | | -- This makes greping much easier and we have done that since ever. Signed-off-by: Werner Koch <[email protected]>
* gpg: Check and fix keys on import.Justus Winter2017-06-143-2/+11
| | | | | | | | | | | * doc/gpg.texi: Document the new import option. * g10/gpg.c (main): Make the new option default to yes. * g10/import.c (parse_import_options): Parse the new option. (import_one): Act on the new option. * g10/options.h (IMPORT_REPAIR_KEYS): New macro. GnuPG-bug-id: 2236 Signed-off-by: Justus Winter <[email protected]>
* gpg: Refactor key checking and fixing.Justus Winter2017-06-145-614/+693
| | | | | | | | | | | | | | * g10/Makefile.am (gpg_sources): Add new files. * g10/gpgcompose.c (keyedit_print_one_sig): New stub. * g10/keyedit.c (sig_comparison): Move to new module. (check_all_keysigs): Likewise. (fix_keyblock): Adapt callsite. (keyedit_menu): Likewise. * g10/key-check.c: New file. * g10/key-check.h: Likewise. GnuPG-bug-id: 2236 Signed-off-by: Justus Winter <[email protected]>
* gpg: Refactor keyedit module.Justus Winter2017-06-134-39/+70
| | | | | | | | | | | | | * g10/Makefile.am (gpg_SOURCES): Add new file. * g10/keyedit.c (NODFLG_*): Move flags to the new header file. (print_one_sig): Export symbol and rename accordingly. (print_and_check_one_sig): Adapt accordingly. (check_all_keysigs): Likewise. * g10/keyedit.h: New file. * g10/main.h: Drop declarations, include new header. GnuPG-bug-id: 2236 Signed-off-by: Justus Winter <[email protected]>
* gpg: Disable keydb handle caching only for W32Werner Koch2017-06-131-10/+17
| | | | | | | | | | | * g10/getkey.c (getkey_end) [!W32]: Re-enable caching. -- This change limits of the effects of commit d3d640b9cc98dd0d06b49a2e4d46eb67af96fe29 to W32 system. GnuPG-bug-id: 3097 Signed-off-by: Werner Koch <[email protected]>
* po: Make a string translatable.Werner Koch2017-06-131-3/+6
| | | | --
* gpg: Send gpgcompose --help output to stdout, not stderr.Neal H. Walfield2017-06-111-7/+7
| | | | | | | * g10/gpgcompose.c (show_help): Send gpgcompose --help output to stdout, not stderr. Reported-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Improve some output of gpgcompose.Neal H. Walfield2017-06-111-2/+5
|
* gpg: Support 'gpgcompose --encrypted-pop --help'Neal H. Walfield2017-06-111-3/+21
| | | | | | | * g10/gpgcompose.c (encrypted_pop_options): New variable. (encrypted_pop): Support the --help option. Reported-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Remove dead code.Neal H. Walfield2017-06-111-7/+1
| | | | | | * g10/gpgcompose.c (filter_pop): F->PKTTYPE will never be PKT_ENCRYPTED_MDC. (encrypted_pop): Likewise and there is no option --encrypted-mdc-pop.
* common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.Justus Winter2017-06-086-1/+147
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_allowed): New function. (gnupg_cipher_is_allowed): Likewise. (gnupg_digest_is_allowed): Likewise. * common/compliance.h (enum pk_use_case): New definition. (gnupg_pk_is_allowed): New prototype. (gnupg_cipher_is_allowed): Likewise. (gnupg_digest_is_allowed): Likewise. * g10/decrypt-data.c (decrypt_data): Restrict use of algorithms using the new predicates. * g10/encrypt.c (encrypt_crypt): Likewise. * g10/gpg.c (main): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sig-check.c (check_signature2): Likewise. * g10/sign.c (do_sign): Likewise. * sm/decrypt.c (gpgsm_decrypt): Likewise. * sm/encrypt.c (gpgsm_encrypt): Likewise. * sm/gpgsm.c (main): Likewise. * sm/sign.c (gpgsm_sign): Likewise. * sm/verify.c (gpgsm_verify): Likewise. -- With this change, policies can effectively restrict what algorithms are used for different purposes. The algorithm policy for CO_DE_VS is implemented. GnuPG-bug-id: 3191 Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix computation of compliance with CO_DE_VS.Justus Winter2017-06-081-3/+4
| | | | | | | | * g10/mainproc.c (proc_encrypted): Symmetric encryption is also in compliance with CO_DE_VS. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* gpg: Avoid failure exit when scdaemon is disabled but not needed.Werner Koch2017-06-081-2/+4
| | | | | | | | | | | | * g10/call-agent.c (warn_version_mismatch): Use log_info if error is "not supported". -- This fix may make the fix for GnuPG-bug-id: 3192 even more robust. Signed-off-by: Werner Koch <[email protected]>
* common: Add cipher mode to compliance predicate.Justus Winter2017-06-071-1/+1
| | | | | | | | | | * common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter. * common/compliance.h (gnupg_cipher_is_compliant): Likewise. * g10/mainproc.c (proc_encrypted): Adapt callsite. * sm/decrypt.c (gpgsm_decrypt): Likewise. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* common,gpg,sm: Initialize compliance module.Justus Winter2017-06-071-0/+3
| | | | | | | | | | * common/compliance.c (gnupg_initialize_compliance): New function. * common/compliance.h (gnupg_initialize_compliance): New prototype. * g10/gpg.c (main): Use the new function. * sm/gpgsm.c (main): Likewise. GnuPG-bug-id: 3191 Signed-off-by: Justus Winter <[email protected]>
* common,gpg: Move the compliance option printer.Justus Winter2017-06-076-28/+11
| | | | | | | | | | | | | | * common/compliance.c (gnupg_compliance_option_string): New function. * common/compliance.h (gnupg_compliance_option_string): New prototype. * g10/encrypt.c (write_pubkey_enc_from_list): Update callsite. * g10/gpg.c (main): Likewise. * g10/keyedit.c (keyedit_menu): Likewise. * g10/pkclist.c (build_pk_list): Likewise. * g10/main.h (compliance_option_string): Remove prototype. * g10/misc.c (compliance_option_string): Remove function. GnuPG-bug-id: 3191 Signed-off-by: Justus Winter <[email protected]>
* common,gpg,sm: Move the compliance option parser.Justus Winter2017-06-071-26/+11
| | | | | | | | | | | | | | * common/compliance.c (gnupg_parse_compliance_option): New function. * common/compliance.h (struct gnupg_compliance_option): New type. (gnupg_parse_compliance_option): New prototype. * g10/gpg.c (parse_compliance_option): Remove function. (compliance_options): New variable. (main): Adapt callsite. * sm/gpgsm.c (main): Use the new common function. * sm/gpgsm.h (opt): New field 'compliance'. GnuPG-bug-id: 3191 Signed-off-by: Justus Winter <[email protected]>
* gpg: Improve compliance with CO_DE_VS.Justus Winter2017-06-071-0/+1
| | | | | | | | * g10/gpg.c (set_compliance_option): The specification, section 4.1.1, forbids the use of encryption without integrity protection. GnuPG-bug-id: 3191 Signed-off-by: Justus Winter <[email protected]>
* common,g10: Fix typos.Justus Winter2017-06-061-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* gpg: Report compliance with CO_DE_VS.Justus Winter2017-06-011-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain parameters. (gnupg_cipher_is_compliant): New function. (gnupg_digest_is_compliant): Likewise. * common/compliance.h (gnupg_cipher_is_compliant): New prototype. (gnupg_digest_is_compliant): Likewise. * common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status. (STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise. * doc/DETAILS: Document the new status lines. * g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS and report that using the new status line. (check_sig_and_print): Likewise. * sm/decrypt.c (gpgsm_decrypt): Likewise. * sm/verify.c (gpgsm_verify): Likewise. -- When decrypting data and verifying signatures, report whether the operations are in compliance with the criteria for data classified as VS-NfD. This information will be picked up by the frontend and presented to the user. GnuPG-bug-id: 3059 Signed-off-by: Justus Winter <[email protected]>
* gpg,common: Move the compliance framework.Justus Winter2017-06-014-99/+11
| | | | | | | | | | | | | | * common/Makefile.am (common_sources): Add new files. * common/compliance.c: New file. Move 'gnupg_pk_is_compliant' here, and tweak it to not rely on types private to gpg. * common/compliance.h: New file. Move the compliance enum here. * g10/keylist.c (print_compliance_flags): Adapt callsite. * g10/main.h (gnupg_pk_is_compliant): Remove prototype. * g10/misc.c (gnupg_pk_is_compliant): Remove function. * g10/options.h (opt): Use the new compliance enum. * sm/keylist.c (print_compliance_flags): Use the common functions. Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix compliance computation.Justus Winter2017-05-311-1/+1
| | | | | | | | * g10/misc.c (gnupg_pk_is_compliant): Compare against CO_RFC2440, not RFC2440 which is actually a predicate. Fixes-commit: fe0b37e123ded51cc5f4cb5e3547fdfbce37a43e Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix typos.Justus Winter2017-05-302-3/+3
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* gpg: Disable keydb handle cachingAndre Heinecke2017-05-301-1/+11
| | | | | | | | | | | | | | | | | | * g10/getkey.c (getkey_end): Disable caching of the open keydb handle. -- This created a big regression for Windows because the keyring is only released after the global ctrl is released. So if an operation does a getkey and then tries to modify the keyring it will fail on Windows with a sharing violation. We need to modify all keyring write operations to also take the ctrl and close the cached_getkey_kdb handle to make writing work. See: https://dev.gnupg.org/T3097 GnuPG-Bug-Id: T3097 Signed-off-by: Andre Heinecke <[email protected]>
* g10: Fix default-key selection for signing, possibly by card.NIIBE Yutaka2017-05-224-16/+62
| | | | | | | | | | | | | | | * g10/call-agent.c (warn_version_mismatch): Revert. (start_agent): Suppress version mismatch if relevant. * g10/getkey.c (get_seckey_default_or_card): New. * g10/skclist.c (build_sk_list): Use get_seckey_default_or_card. -- The change of 97a2394, which prefers available card than default key specified is too strong. Fixes-commit: 97a2394ecafaa6f58e4a1f70ecfd04408dc15606 Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix gpgcompose.c.NIIBE Yutaka2017-05-171-1/+1
| | | | | | | | | * g10/gpgcompose.c (show_help): Check return value. -- Fixes-commit: 00b7767bc6fe309aa20375c859ebf708cfc7b9ea Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Suppress error for card availability check.NIIBE Yutaka2017-05-171-6/+9
| | | | | | | | | | | | | | * g10/call-agent.c (start_agent): Add semantics for card; Suppress error for card check. (warn_version_mismatch): Ignore an error for scdaemon. (agent_scd_serialno): Call start_agent with FLAG_FOR_CARD_SUPPRESS_ERRORS. -- GnuPG-bug-id: 3165 Fixes-commit: 97a2394ecafaa6f58e4a1f70ecfd04408dc15606 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not mark ", " translatable.Werner Koch2017-05-151-2/+2
| | | | | | | | | | * g10/tofu.c (ask_about_binding): Remove useless translation markers. -- Translation and in particular punctuation marks can only be translated with context. Thus making a sole comma translatable is useless. Signed-off-by: Werner Koch <[email protected]>
* common: Let format_text return an error.Werner Koch2017-05-152-2/+14
| | | | | | | | | | | | | | | * common/stringhelp.c (format_text): Return NULL on error. * common/t-stringhelp.c (test_format_text): Adjust for change. * g10/gpgcompose.c (show_help): Abort on out of core. * g10/tofu.c (ask_about_binding): Abort on format_text error. (show_statistics): Ditto. (show_warning): Ditto. -- For better re-usability function in common/ shot better not use xmalloc functions. Signed-off-by: Werner Koch <[email protected]>
* tests: Make it possible to run all tests using our infrastructure.Justus Winter2017-05-112-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Makefile.am (TESTS_ENVIRONMENT): New variable. (check-all): New phony target to run all tests. * tests/gpgme/gpgme-defs.scm (have-gpgme?): New function that tests whether the GPGME test suite is available instead of exiting the process. * tests/gpgscm/init.scm (export): New macro. * tests/gpgscm/tests.scm (run-tests): New function. (load-tests): Likewise. * tests/gpgme/run-tests.scm: Simplify and move the parsing of the list of tests to 'all-tests.scm'. * tests/gpgsm/run-tests.scm: Likewise. * tests/migrations/run-tests.scm: Likewise. * tests/openpgp/run-tests.scm: Likewise. * tests/gpgme/Makefile.am: To select the tests to run, use the variable 'TESTS'. This harmonizes the interface with the automake test suite. * tests/gpgsm/Makefile.am: Likewise. * tests/migrations/Makefile.am: Likewise. * tests/openpgp/Makefile.am: Likewise. * tests/openpgp/README: Likewise. * agent/all-tests.scm: New file. * common/all-tests.scm: Likewise. * g10/all-tests.scm: Likewise. * g13/all-tests.scm: Likewise. * tests/gpgme/all-tests.scm: Likewise. * tests/gpgsm/all-tests.scm: Likewise. * tests/migrations/all-tests.scm: Likewise. * tests/openpgp/all-tests.scm: Likewise. * tests/run-tests.scm: Likewise. -- This change allows us to run all tests in parallel and write one XML report capturing the results of every test. It also lays the foundation to parametrize test suites. Signed-off-by: Justus Winter <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 22:59:47 +0000