aboutsummaryrefslogtreecommitdiffstats
path: root/sm/certcheck.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove -I option to common.NIIBE Yutaka2017-03-071-1/+1
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* Change all quotes in strings and comments to the new GNU standard.Werner Koch2012-06-051-1/+1
| | | | | | | | | | | | | | | | | | | The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
* Replace gcry_md_start_debug by gcry_md_debug.Werner Koch2011-09-201-1/+1
| | | | | This is to allow building with Libgcrypt master (1.6) which has some cleanups in the API/ABI.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-12/+9
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* Remove hacks which are not anymore needed since we now require Libgcrypt 1.4Werner Koch2008-09-291-7/+3
|
* Implemented the chain model for X.509 validation.Werner Koch2007-08-101-3/+9
|
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Upgraded gettext.Werner Koch2007-05-071-3/+8
| | | | | Fixed accidental dependency on libgcrypt 1.3.0.
* * certcheck.c (do_encode_md): Add arg PKEY. Add support for DSA2Werner Koch2007-04-201-12/+74
| | | | | | | | | and all ECDSA sizes. (get_dsa_qbits): New. (pk_algo_from_sexp): A key will never contain ecdsa as algorithm, so remove that.
* sm/Werner Koch2007-04-181-1/+7
| | | | | | * certcheck.c (do_encode_md): Support 160 bit ECDSA.
* bug fixesWerner Koch2006-10-051-0/+2
|
* The big Assuan error code removal.Werner Koch2006-09-061-2/+2
|
* Updated FSF's address.Werner Koch2006-06-201-1/+2
|
* Added qualified signature features.Werner Koch2005-11-131-0/+4
|
* gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch2005-06-161-6/+8
| | | | | | | char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
* * certcheck.c: Fixed use of DBG_CRYPTO and DBG_X509.Werner Koch2005-03-171-5/+5
| | | | | | | | | * certchain.c (gpgsm_basic_cert_check): Dump certificates after a failed gcry_pk_verify. (find_up): Do an external lookup also for an authorityKeyIdentifier lookup. Factored external lookup code out to .. (find_up_external): .. new.
* * import.c (check_and_store): Do a full validation ifWerner Koch2004-08-171-42/+96
| | | | | | | | | | | | | | --with-validation is set. * certchain.c (gpgsm_basic_cert_check): Print more detailed error messages. * certcheck.c (do_encode_md): Partly support DSA. Add new arg PKALGO. Changed all callers to pass it. (pk_algo_from_sexp): New. tests/pkits: New directory
* * call-agent.c (gpgsm_agent_pksign, gpgsm_agent_pkdecrypt)Werner Koch2004-04-261-3/+3
| | | | | | | | | | | | | | (gpgsm_agent_genkey, gpgsm_agent_istrusted) (gpgsm_agent_marktrusted, gpgsm_agent_havekey) (gpgsm_agent_passwd): Add new arg CTRL and changed all callers. (start_agent): New arg CTRL. Send progress item when starting a new agent. * sign.c (gpgsm_get_default_cert, get_default_signer): New arg CTRL to be passed down to the agent function. * decrypt.c (prepare_decryption): Ditto. * certreqgen.c (proc_parameters, read_parameters): Ditto. * certcheck.c (gpgsm_create_cms_signature): Ditto.
* * gpgsm.c: New option --with-md5-fingerprint.Werner Koch2004-02-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | * keylist.c (list_cert_std): Print MD5 fpr. * gpgsm.c: New options --with-validation. * server.c (option_handler): New option "with-validation". * keylist.c (list_cert_std, list_internal_keys): New args CTRL and WITH_VALIDATION. Changed callers to set it. (list_external_cb, list_external_keys): Pass CTRL to the callback. (list_cert_colon): Add arg CTRL. Check validation if requested. * certchain.c (unknown_criticals, allowed_ca, check_cert_policy) (gpgsm_validate_chain): New args LISTMODE and FP. (do_list): New helper for info output. (find_up): New arg FIND_NEXT. (gpgsm_validate_chain): After a bad signature try again with other CA certificates. * import.c (print_imported_status): New arg NEW_CERT. Print additional STATUS_IMPORT_OK becuase that is what gpgme expects. (check_and_store): Always call above function after import. * server.c (get_status_string): Added STATUS_IMPORT_OK.
* * certcheck.c (gpgsm_create_cms_signature): Format a descriptionWerner Koch2004-02-131-2/+5
| | | | | | | | | | | | for use by the pinentry. * decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP. * certdump.c (format_name_cookie, format_name_writer) (gpgsm_format_name): New. (gpgsm_format_serial): New. (gpgsm_format_keydesc): New. * call-agent.c (gpgsm_agent_pksign): New arg DESC. (gpgsm_agent_pkdecrypt): Ditto.
* Replaced deprecated type names.Werner Koch2003-12-171-5/+5
| | | | | | | | * certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul. (gpgsm_dump_serial): Ditto. * decrypt.c (gpgsm_decrypt): Replaced ERR by RC.
* Mainly changes to adjust for the changed KSBA API.Werner Koch2003-11-121-2/+2
|
* This commit was manufactured by cvs2svn to create branchRepo Admin2003-08-051-0/+300
| | | | 'GNUPG-1-9-BRANCH'.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-301/+0
| | | | 'GNUPG-1-9-BRANCH'.
* * certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging.NEWPG-0-9-2Werner Koch2002-09-191-0/+12
| | | | | | * certchain.c (find_up): Print info when the cert was not found by the autorithyKeyIdentifier.
* * gpgsm.c (emergency_cleanup): New.Werner Koch2002-08-091-4/+30
| | | | | | | | (main): Initialize the signal handler. * sign.c (gpgsm_sign): Reset the hash context for subsequent signers and release it at the end.
* Doc fixes, moved some fizmes to TODO, fixed minor bugs.Werner Koch2002-03-181-4/+0
|
* * gpgsm.c, gpgsm.h: Add local_user.Werner Koch2002-03-051-3/+4
| | | | | | | | | | | * sign.c (gpgsm_get_default_cert): New. (get_default_signer): Use the new function if local_user is not set otherwise used that value. * encrypt.c (get_default_recipient): Removed. (gpgsm_encrypt): Use gpgsm_get_default_cert. * verify.c (gpgsm_verify): Better error text for a bad signature found by comparing the hashs.
* * server.c (option_handler): Allow to use -2 for "send all certsWerner Koch2002-02-251-0/+1
| | | | | | | except the root cert". * sign.c (add_certificate_list): Implement it here. * certpath.c (gpgsm_is_root_cert): New.
* * certlist.c (gpgsm_add_to_certlist): Check that the specifiedWerner Koch2002-02-071-1/+1
| | | | | | | | | | | | | | | | name identifies a certificate unambiguously. (gpgsm_find_cert): Ditto. * server.c (cmd_listkeys): Check that the data stream is available. (cmd_listsecretkeys): Ditto. (has_option): New. (cmd_sign): Fix ambiguousity in option recognition. * gpgsm.c (main): Enable --logger-fd. * encrypt.c (gpgsm_encrypt): Increased buffer size for better performance. * call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from the agent. * keylist.c (list_cert_colon): Filter out control characters.
* Changes to be used with the new libksba interface.Werner Koch2001-12-181-111/+36
| | | | | libgcrypt-1.1.5 is required (cvs or tarball)
* The agent does now work and read the secret keys from the directoryWerner Koch2001-11-251-1/+22
| | | | | | ~/.gnupg-test/private-keys-v1.d/<keygrip-as-20-byte-hex-number>. I will post a sample key to gpa-dev.
* Added new directory common to enable sharing of some code and errorWerner Koch2001-11-241-5/+5
| | | | | | numbers between gpg, gpgsm and gpg-agent. Move some files and code to there.
* Signing does now work. There is no secret key management yet, so youWerner Koch2001-11-241-4/+103
| | | | | | should set GPGSM_FAKE_KEY=1 before you try to verify a signature created by gpgsm --sign or the SIGN server command.
* Map Libksba's OIDs to Libgcrypt digest algo numbers.Werner Koch2001-11-201-1/+7
| | | | | The latest Libgcrypt CVS version is needed.
* Base code for gpgsm --verify does workWerner Koch2001-11-161-16/+74
|
* We have reached a state where we are able to import certs andWerner Koch2001-11-131-0/+156
check the certification path.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 20:11:09 +0000