| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
* g10/keyedit.c (menu_adduid): Don't copy 'sig'.
--
Fixes-commit: 809d67e74014cb563efd965744fd11f87bbae743
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance. Factor out code for compliance
setting to ...
(set_compliance_option): new.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/keyedit.c (menu_adduid): Deallocate 'sig'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/mainproc.c (check_sig_and_print): Free 'pk'.
Fixes-commit: 37e3c897252babc203447be9d2f286a4507875ad
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED
file-global. Write a STATUS_ERROR.
(maybe_create_keyring_or_box): Check for non-accessible but existant
file.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND.
* sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED
and make file-global. Write a STATUS_ERROR.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND. Also add new arg CTRL and change
all callers to pass it down.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keygen.c (parse_algo_usage_expire): Use a different error
message for an unknown algorithm name.
--
GnuPG-bug-id: 2832
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (get_best_pubkey_byname): If 'get_pubkey_byname' does
not return a getkey context, then it can return at most one key,
therefore there is nothing to rank. Also, always initialize '*retctx'
to be on the safe side.
GnuPG-bug-id: 2828
Fixes: ab89164be02012f1bf159c971853b8610e966301
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--
This fixes a few
if (foo)
/* A comment
with several
lines. */
{
}
Which has the problem that the block is visually not related to the
"if" and might thus falsely be considered a standalone block.
Also adds a asterisk on the left side of longer comments.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* agent/call-pinentry.c (start_pinentry): Get flavor and version and
pass it to agent_inq_pinentry_launched.
* agent/command.c (agent_inq_pinentry_launched): Add arg EXTRA.
* g10/server.c (gpg_proxy_pinentry_notify): Print a new diagnostic.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (struct pubkey_cmp_cookie): New type.
(key_is_ok, uid_is_ok, subkey_is_ok): New functions.
(pubkey_cmp): Likewise.
(get_best_pubkey_byname): Likewise.
* g10/keydb.h (get_best_pubkey_byname): New prototype.
* g10/keylist.c (locate_one): Use the new function.
* g10/pkclist.c (find_and_check_key): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
(TEST_FILES): Add new files.
* tests/openpgp/key-selection.scm: New file.
* tests/openpgp/key-selection/0.asc: Likewise.
* tests/openpgp/key-selection/1.asc: Likewise.
* tests/openpgp/key-selection/2.asc: Likewise.
* tests/openpgp/key-selection/3.asc: Likewise.
* tests/openpgp/key-selection/4.asc: Likewise.
--
When a name resembling a mail address is given to either --locate-keys
or --recipient, rank the search results and use only the most relevant
key.
This also lets us query which key will be used for encryption using
--locate-keys. However, note that --locate-keys may also return keys
incapable of encryption, though it will prefer keys that have an
encryption subkey.
GnuPG-bug-id: 2359
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/stringhelp.c: Include limits.h.
(compare_version_strings): Change semantics to behave like strcmp.
Include the patch lebel in the comparison. Allow checking a single
version string.
* common/t-stringhelp.c (test_compare_version_strings): Adjust test
vectors and a few new vectors.
* g10/call-agent.c (warn_version_mismatch): Adjust to new sematics.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
There were several different variant spellings of "passphrase". This
should fix them all for all English text.
I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
| |
* g10/tofu.c (begin_transaction): Use the new 'gnupg_usleep'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c: Include <time.h>, <utime.h>, <fcntl.h> and <unistd.h>.
(tofu_dbs_s): Add fields want_lock_file and want_lock_file_ctime.
(begin_transaction): Only yield if DBS->WANT_LOCK_FILE_CTIME has
changed since we took the lock. Don't use gpgrt_yield to yield, but
sleep for 100ms. After taking the batch lock, update
DBS->WANT_LOCK_FILE_CTIME. Also take the batch lock the first time we
take the real lock. When taking the real lock, use immediate not
deferred mode to avoid gratuitious aborts.
(end_transaction): When dropping the outermost real lock, drop the
batch lock.
(busy_handler): New function.
(opendbs): Set the busy handler to it when opening the DB. Initialize
CTRL->TOFU.DBS->WANT_LOCK_FILE.
(tofu_closedbs): Free DBS->WANT_LOCK_FILE.
--
Signed-off-by: Neal H. Walfield <[email protected]>
By default, SQLite defers transactions until they are actually needed.
A consequence of this is that if we have two readers and both decide
to do a write, then one has to abort. To avoid this problem, we can
make the outermost transaction an immediate transaction. This has the
disadvantage that we only allow a single reader at a time, but at
least we don't have gratuitous aborts anymore.
A second problem is that SQLite apparently doesn't actually create a
queue of waiters. The result is that doing a sched_yield between
dropping and retaking the batch transaction is not enough to allow the
other process to make progress. Instead, we need to wait a
while (emperically: 100ms seems reasonable). To avoid waiting when
there is no contention, we use a new file's timestamp to signal that
there is a waiter.
|
| |
|
|
|
|
|
|
|
| |
* g10/tofu.c (build_conflict_set): If CONFLICT_SET contains a single
element, don't bother to check for cross sigs. Add parameter PK.
Update callers.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/tofu.c (build_conflict_set): Fix bit setting.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Fixes-commit: 1f1f56e606c1cb28eec68c60bd8bcb7ab30805de
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/build-packet.c (build_sig_subpkt_from_sig): Always write the new
Issuer Fingerprint sub-packet.
* g10/mainproc.c (check_sig_and_print): Always consider that
sub-packet.
--
The specs for this sub-packet have been pushed to the OpenPGP WG's
repo today.
See-also: https://mailarchive.ietf.org/arch/msg/\
openpgp/GvPo2eSL9GW9WcGhOocY7KBa9FY
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/mainproc.c (proc_tree): Loose check. Enable all algos.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/getkey.c (getkey_next): Return the public key in PK even if
RET_KEYBLOCK is NULL.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* g10/getkey.c (get_pubkey_byname): Assert preconditions.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-dirmngr.c (gpg_dirmngr_ks_get): Add arg 'quick'.
(gpg_dirmngr_wkd_get): Ditto.
* g10/keyserver.c (keyserver_get): Add arg 'quick'.
(keyserver_get_chunk): Add arg 'quick'.
(keyserver_import_fprint): Ditto. Change callers to pass 0 for it.
(keyserver_import_keyid): Ditto.
(keyserver_import_wkd): Ditto.
* g10/mainproc.c (check_sig_and_print): Call the 3 fucntions with
QUICK set.
--
Note that this option has not yet been implemented by dirmngr.
Dirmngr will simply ignore it for now.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Returns error when
it's short. Clarify the format. Handle other prefixes correctly.
--
With the scdaemon's change, there is no case NBYTES < SECRET_X_SIZE.
This fixes the break of ECDH with X25519.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Improve handling of
ECDH shared point format.
--
This handles the case where the result comes from scdaemon.
Signed-off-by: Arnaud Fontaine <arnaud.fontaine at ssi.gouv.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (print_status_key_created): Use snprintf for now.
(ask_expire_interval): Replace xmalloc and sprintf by xasprintf.
--
Future updates: Replace code like
r = xcalloc (1, sizeof *r + 20 );
r->key = pKEYLENGTH;
sprintf( r->u.value, "%u", info.key_attr[0].nbits);
by something like
r = new_r_with_value ("%u", info.key_attr[0].nbits);
r->key = pKEYLENGTH;
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (send_key_attr): Use curve instead of OID.
(ecdh_params): New.
(ecc_read_pubkey): Use ecdh_params. Use curve name.
(ecc_writekey): Likewise.
(ecc_curve): Rename from ecc_oid.
(parse_algorithm_attribute): Use ecc_curve.
* g10/call-agent.c (learn_status_cb): Use openpgp_is_curve_supported to
intern the curve name string.
* g10/card-util.c (card_status): Conver curve name to alias for print.
--
Now, sdcaemon answer for KEY-ATTR is in the canonical curve name
instead of the alias. Since it is used of key generation for
card encryption key with backup, it should be canonical name.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keygen.c (do_generate_keypair): Fix arguments.
--
Reported-by: Grumpy
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (gen_card_key): Add back ALGO as the second argument.
Don't get ALGO by KEY-ATTR by this function. It's caller to provide
ALGO. Don't do that by both of caller and callee.
(generate_keypair): Only put paramerters needed. Use parameters
for ALGO to call gen_card_key.
(generate_card_subkeypair): Get ALGO and call gen_card_key with it.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/keydb.c (maybe_create_keyring_or_box): Open in binary mode.
--
This fixes keybox corruption on windows.
Signed-off-by: Andre Heinecke <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (generate_keypair): For card key generation, fill
parameters by KEY-ATTR.
* scd/app-openpgp.c (ecc_read_pubkey): OID should be freed at last,
after its reference by OIDBUF is finished.
(ecc_writekey): Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/card-util.c (card_status): Bug fix for keyno.
(ask_card_rsa_keysize, do_change_rsa_keysize): Rename.
(generate_card_keys): Only ask keysize when RSA.
(card_generate_subkey): Likewise.
--
Co-authored-by: Arnaud Fontaine <[email protected]>
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (gen_card_key): Remove the first argument of ALGO.
(do_generate_keypair, generate_card_subkeypair): Follow the change.
--
ALGO is determined by the key attribute of the card.
Co-authored-by: Arnaud Fontaine <[email protected]>
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_readkey): Get length after card_readkey.
* g10/keygen.c (gen_card_key): Fix off-by-one error.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (scd_genkey_cb_append_savedbytes): Remove.
(scd_genkey_cb): Only handle KEY-CREATED-AT and PROGRESS.
(agent_scd_genkey): Remove INFO argument. CREATETIME is now in/out
argument.
(agent_readkey): Use READKEY --card instead of SCD READKEY.
* g10/keygen.c (gen_card_key): Use READKEY --card command of the agent
to retrieve public key information from card and let the agent make
a file for private key with shadow info.
--
This change removes gpg's KEY-DATA handling for SCD GENKEY. Information
with KEY-DATA is simply not used. Instead, it is read by READKEY --card
command of gpg-agent. This can consolidate public key handling in a
single method by READKEY.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (signed_by_utk): When checking if a key is signed by an
ultimately trusted key, only consider the signatures on the specified
user id.
* tests/openpgp/tofu.scm: Add test for the above.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (cross_sigs): When checking cross signatures, only
consider the signatures on the specified user id.
* tests/openpgp/tofu.scm: Add test for the above.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg:
New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/README: New file.
--
Signed-off-by: Neal H. Walfield
|
| |
|
|
|
|
|
|
|
| |
* g10/tofu.c (get_trust): If POLICY is ask, but we can't ask, don't
bail immediately. Instead, check if the key in question is an
ultimately trusted key or cross signed.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (get_policy): If an sqlite operation fails, map the error
code to GPG_ERR_GENERAL.
(ask_about_binding): Likewise.
(build_conflict_set): Likewise.
(get_trust): Likewise.
(show_statistics): Likewise.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/tofu.c (record_binding): Take an additional argument, CONFLICT.
Set the binding's conflict accordingly. Update callers.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/tofu.c (ask_about_binding): Make the singular string singular.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/tofu.c (build_conflict_set): A binding has a conflict is
conflict is *not* NULL, not if it is NULL.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (initdb): Change policy from a boolean to an integer.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Reported-by: Daniel Kahn Gillmor <[email protected]>
Note: sqlite ignores type information so this change has no real
impact.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
--
This reverts commit b0d2526bc4e5c663eeffe04500420c70cee98712.
The number of format elements may not change in ngettext. The entire
construct is anyway wrong because ngettext is passed a different value
than what is used in the printf.
We need to rework the use of most strings in tofu.c.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/options.h (DBG_MPI): New.
* g10/gpg.c (set_debug): Use macro or extra parens for binary operator.
* g10/parse-packet.c (set_packet_list_mode): Use dbg macro.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* g10/tofu.c (ask_about_binding): Fix singular message.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* g10/tofu.c (ask_about_binding): Use 'labs' instead of 'abs'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/parse-packet.c (set_packet_list_mode): Fix testing for debug
flag.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/call-agent.c (check_hijacking): Remove.
(start_agent): Remove call.
Signed-off-by: Werner Koch <[email protected]>
|
