aboutsummaryrefslogtreecommitdiffstats
path: root/sm/certcheck.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2008-09-29Remove hacks which are not anymore needed since we now require Libgcrypt 1.4Werner Koch1-7/+3
2007-08-10Implemented the chain model for X.509 validation.Werner Koch1-3/+9
2007-07-04Changed to GPLv3.Werner Koch1-4/+2
Removed intl/.
2007-05-07Upgraded gettext.Werner Koch1-3/+8
Fixed accidental dependency on libgcrypt 1.3.0.
2007-04-20 * certcheck.c (do_encode_md): Add arg PKEY. Add support for DSA2Werner Koch1-12/+74
and all ECDSA sizes. (get_dsa_qbits): New. (pk_algo_from_sexp): A key will never contain ecdsa as algorithm, so remove that.
2007-04-18sm/Werner Koch1-1/+7
* certcheck.c (do_encode_md): Support 160 bit ECDSA.
2006-10-05bug fixesWerner Koch1-0/+2
2006-09-06The big Assuan error code removal.Werner Koch1-2/+2
2006-06-20Updated FSF's address.Werner Koch1-1/+2
2005-11-13Added qualified signature features.Werner Koch1-0/+4
2005-07-27Removed directories which are only used by the 1.9 branchWerner Koch1-300/+0
2005-06-16gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch1-6/+8
char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
2005-03-17* certcheck.c: Fixed use of DBG_CRYPTO and DBG_X509.Werner Koch1-5/+5
* certchain.c (gpgsm_basic_cert_check): Dump certificates after a failed gcry_pk_verify. (find_up): Do an external lookup also for an authorityKeyIdentifier lookup. Factored external lookup code out to .. (find_up_external): .. new.
2004-08-17* import.c (check_and_store): Do a full validation ifWerner Koch1-42/+96
--with-validation is set. * certchain.c (gpgsm_basic_cert_check): Print more detailed error messages. * certcheck.c (do_encode_md): Partly support DSA. Add new arg PKALGO. Changed all callers to pass it. (pk_algo_from_sexp): New. tests/pkits: New directory
2004-04-26* call-agent.c (gpgsm_agent_pksign, gpgsm_agent_pkdecrypt)Werner Koch1-3/+3
(gpgsm_agent_genkey, gpgsm_agent_istrusted) (gpgsm_agent_marktrusted, gpgsm_agent_havekey) (gpgsm_agent_passwd): Add new arg CTRL and changed all callers. (start_agent): New arg CTRL. Send progress item when starting a new agent. * sign.c (gpgsm_get_default_cert, get_default_signer): New arg CTRL to be passed down to the agent function. * decrypt.c (prepare_decryption): Ditto. * certreqgen.c (proc_parameters, read_parameters): Ditto. * certcheck.c (gpgsm_create_cms_signature): Ditto.
2004-02-17* gpgsm.c: New option --with-md5-fingerprint.Werner Koch1-1/+1
* keylist.c (list_cert_std): Print MD5 fpr. * gpgsm.c: New options --with-validation. * server.c (option_handler): New option "with-validation". * keylist.c (list_cert_std, list_internal_keys): New args CTRL and WITH_VALIDATION. Changed callers to set it. (list_external_cb, list_external_keys): Pass CTRL to the callback. (list_cert_colon): Add arg CTRL. Check validation if requested. * certchain.c (unknown_criticals, allowed_ca, check_cert_policy) (gpgsm_validate_chain): New args LISTMODE and FP. (do_list): New helper for info output. (find_up): New arg FIND_NEXT. (gpgsm_validate_chain): After a bad signature try again with other CA certificates. * import.c (print_imported_status): New arg NEW_CERT. Print additional STATUS_IMPORT_OK becuase that is what gpgme expects. (check_and_store): Always call above function after import. * server.c (get_status_string): Added STATUS_IMPORT_OK.
2004-02-13* certcheck.c (gpgsm_create_cms_signature): Format a descriptionWerner Koch1-2/+5
for use by the pinentry. * decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP. * certdump.c (format_name_cookie, format_name_writer) (gpgsm_format_name): New. (gpgsm_format_serial): New. (gpgsm_format_keydesc): New. * call-agent.c (gpgsm_agent_pksign): New arg DESC. (gpgsm_agent_pkdecrypt): Ditto.
2003-12-17Replaced deprecated type names.Werner Koch1-5/+5
* certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul. (gpgsm_dump_serial): Ditto. * decrypt.c (gpgsm_decrypt): Replaced ERR by RC.
2003-11-12Mainly changes to adjust for the changed KSBA API.Werner Koch1-2/+2
2003-08-05This commit was manufactured by cvs2svn to create branchRepo Admin1-0/+300
'GNUPG-1-9-BRANCH'.
2003-07-28Adjusted for use with current libgcrypt (1.1.42).Werner Koch1-1/+1
2003-06-27Key generation and signing using the OpenPGP card does rudimentary work.Werner Koch1-26/+26
2003-06-03Make use of libgpg-errorWerner Koch1-11/+11
2003-01-09Updated from latest NewPG projectWerner Koch1-2/+1
2002-10-19This commit was manufactured by cvs2svn to create branchRepo Admin1-301/+0
'GNUPG-1-9-BRANCH'.
2002-09-19* certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging.NEWPG-0-9-2Werner Koch1-0/+12
* certchain.c (find_up): Print info when the cert was not found by the autorithyKeyIdentifier.
2002-08-09* gpgsm.c (emergency_cleanup): New.Werner Koch1-4/+30
(main): Initialize the signal handler. * sign.c (gpgsm_sign): Reset the hash context for subsequent signers and release it at the end.
2002-03-18Doc fixes, moved some fizmes to TODO, fixed minor bugs.Werner Koch1-4/+0
2002-03-05* gpgsm.c, gpgsm.h: Add local_user.Werner Koch1-3/+4
* sign.c (gpgsm_get_default_cert): New. (get_default_signer): Use the new function if local_user is not set otherwise used that value. * encrypt.c (get_default_recipient): Removed. (gpgsm_encrypt): Use gpgsm_get_default_cert. * verify.c (gpgsm_verify): Better error text for a bad signature found by comparing the hashs.
2002-02-25* server.c (option_handler): Allow to use -2 for "send all certsWerner Koch1-0/+1
except the root cert". * sign.c (add_certificate_list): Implement it here. * certpath.c (gpgsm_is_root_cert): New.
2002-02-07* certlist.c (gpgsm_add_to_certlist): Check that the specifiedWerner Koch1-1/+1
name identifies a certificate unambiguously. (gpgsm_find_cert): Ditto. * server.c (cmd_listkeys): Check that the data stream is available. (cmd_listsecretkeys): Ditto. (has_option): New. (cmd_sign): Fix ambiguousity in option recognition. * gpgsm.c (main): Enable --logger-fd. * encrypt.c (gpgsm_encrypt): Increased buffer size for better performance. * call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from the agent. * keylist.c (list_cert_colon): Filter out control characters.
2001-12-18Changes to be used with the new libksba interface.Werner Koch1-111/+36
libgcrypt-1.1.5 is required (cvs or tarball)
2001-11-25The agent does now work and read the secret keys from the directoryWerner Koch1-1/+22
~/.gnupg-test/private-keys-v1.d/<keygrip-as-20-byte-hex-number>. I will post a sample key to gpa-dev.
2001-11-24Added new directory common to enable sharing of some code and errorWerner Koch1-5/+5
numbers between gpg, gpgsm and gpg-agent. Move some files and code to there.
2001-11-24Signing does now work. There is no secret key management yet, so youWerner Koch1-4/+103
should set GPGSM_FAKE_KEY=1 before you try to verify a signature created by gpgsm --sign or the SIGN server command.
2001-11-20Map Libksba's OIDs to Libgcrypt digest algo numbers.Werner Koch1-1/+7
The latest Libgcrypt CVS version is needed.
2001-11-16Base code for gpgsm --verify does workWerner Koch1-16/+74
2001-11-13We have reached a state where we are able to import certs andWerner Koch1-0/+156
check the certification path.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 21:06:45 +0000