aboutsummaryrefslogtreecommitdiffstats
path: root/sm/fingerprint.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-10-24sm: Flag Brainpool curves as compliant for all other operations.Werner Koch1-9/+2
* sm/fingerprint.c (gpgsm_get_key_algo_info2): Rename to (gpgsm_get_key_algo_info): this. Remove the old wrapper. Adjust all callers. * sm/decrypt.c (gpgsm_decrypt): Pass the curve to the compliance checker. * sm/encrypt.c (gpgsm_encrypt): Ditto. * sm/sign.c (gpgsm_sign): Ditto. * sm/verify.c (gpgsm_verify): Ditto. -- GnuPG-bug-id: 6253
2022-10-28gpgsm: Allow ECC encryption keys with just keyAgreement specified.Werner Koch1-2/+10
* sm/certlist.c (cert_usage_p): Allow keyAgreement for ECC. * sm/fingerprint.c (gpgsm_is_ecc_key): New. -- For ECC encryption keys keyAgreement is the keyUsage we want. GnuPG-bug-id: 6253
2022-10-20gpgsm: Print the key types as standard key algorithm strings.Werner Koch1-4/+34
* sm/fingerprint.c (gpgsm_get_key_algo_info): Factor code out to ... (gpgsm_get_key_algo_info2): new. * sm/keylist.c (list_cert_colon): Put curve into field 17 (list_cert_raw): Print the unified key algotithm string instead of the algo and size. (list_cert_std): Ditto. -- It is important to known whether a 256 bit ECC uses a NIST or a Brainpool curve. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 5c29d25e6c7c0a5a63ab4c46d4624217307adb78 GnuPG-bug-id: 6253
2020-07-03sm: Exclude rsaPSS from de-vs compliance mode.Werner Koch1-0/+35
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New. * common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and test rsaPSS. Adjust all callers. * common/util.c (pubkey_algo_to_string): New. (gnupg_pk_is_allowed): Ditto. * sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function. (gpgsm_get_hash_algo_from_sigval): New. * sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval arg. Add arg pkalgoflags. Use the PK_ALGO_FLAG_RSAPSS. * sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to also get the algo flags. Pass algo flags along. Change some of the info output to be more like current master. -- Signed-off-by: Werner Koch <[email protected]> This backport from master commit 969abcf40cdfc65f3ee859c5e62889e1a8ccde91 also includes some changes taken from commit a759fa963a42e0652134130029217270b6d5d00b (sm: Improve readability of the data verification output.) Signed-off-by: Werner Koch <[email protected]>
2020-05-12common: Change argument order of log_printhex.Werner Koch1-1/+1
* common/logging.c (log_printhex): Chnage order of args. Make it printf alike. Change all callers. * configure.ac: Add -Wno-format-zero-length -- This makes it consistent with modern libgpgrt logging and thus eases back porting from newer GnuPG versions which use libgpgrt logging. Signed-off-by: Werner Koch <[email protected]>
2017-03-07Remove -I option to common.NIIBE Yutaka1-1/+1
* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
2016-11-05Change all http://www.gnu.org in license notices to https://Werner Koch1-1/+1
--
2016-01-07sm: Avoid warnings about useless assignments.Werner Koch1-1/+0
* sm/call-dirmngr.c (prepare_dirmngr): Remove setting of ERR. (unhexify_fpr): Remove useless computation on N. * sm/certchain.c (do_validate_chain): Remove clearing of RC. Remove useless setting of RC. * sm/fingerprint.c (gpgsm_get_keygrip): Remove setting of RC. * sm/gpgsm.c (build_list): Replace final stpcpy by strcpy. * sm/keydb.c (keydb_clear_some_cert_flags): Remove clearing of RC. * sm/server.c (cmd_getauditlog): Comment unused skip_options. Signed-off-by: Werner Koch <[email protected]>
2015-02-11Use inline functions to convert buffer data to scalars.Werner Koch1-8/+5
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to avoid all sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that once and for all almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. Signed-off-by: Werner Koch <[email protected]>
2014-11-05Avoid sign extension when shifting the MSB.Werner Koch1-2/+8
* sm/fingerprint.c (gpgsm_get_short_fingerprint): Cast MSB before shifting. * g10/build-packet.c (delete_sig_subpkt): Ditto. Signed-off-by: Werner Koch <[email protected]>
2011-02-04Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch1-12/+8
We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2009-03-25Print NO_SECKEY status line in gpgsm.Werner Koch1-2/+5
This fixes bug#1020.
2009-03-06New gpg-agent command to list key information.Werner Koch1-2/+2
Gpgsm does now print the S/N of cards. Consider ephemeral keys during listing an export.
2009-01-08Fix error detectionWerner Koch1-6/+8
2007-07-04Changed to GPLv3.Werner Koch1-4/+2
Removed intl/.
2007-03-20kbx/Werner Koch1-14/+26
* keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL): New. * keybox-update.c (keybox_compress): Use it here instead of a magic constant. sm/ * fingerprint.c (gpgsm_get_fingerprint): Add caching. (gpgsm_get_fingerprint_string): Use bin2hexcolon(). (gpgsm_get_fingerprint_hexstring): Use bin2hex and allocate only as much memory as required. (gpgsm_get_keygrip_hexstring): Use bin2hex. * certchain.c (gpgsm_validate_chain): Keep track of the certificate chain and reset the ephemeral flags. * keydb.c (keydb_set_cert_flags): New args EPHEMERAL and MASK. Changed caller to use a mask of ~0. Return a proper error code if the certificate is not available.
2006-12-182006-12-18 Marcus Brinkmann <[email protected]>Marcus Brinkmann1-0/+1
* fingerprint.c (gpgsm_get_fingerprint): Close MD.
2006-06-20Updated FSF's address.Werner Koch1-1/+2
2005-07-27Removed directories which are only used by the 1.9 branchWerner Koch1-271/+0
2005-07-19(gpgsm_get_certid): Cast printf arg to unsigned.Werner Koch1-3/+1
Bug accidently introduced while solving the #$%^& gcc signed/unsigned char* warnings.
2005-06-16gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch1-8/+9
char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
2004-05-11* sign.c (gpgsm_sign): Include the error source in the final errorWerner Koch1-0/+60
message. * decrypt.c (gpgsm_decrypt): Ditto. * fingerprint.c (gpgsm_get_key_algo_info): New. * sign.c (gpgsm_sign): Don't assume RSA in the status line. * keylist.c (list_cert_colon): Really print the algorithm and key length. (list_cert_raw, list_cert_std): Ditto. * gpgsm.h (opt): Add member CONFIG_FILENAME. * gpgsm.c (main): Use it here instead of the local var.
2004-04-07* gpgsm.c: New option --force-crl-refresh.Werner Koch1-1/+1
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Pass option to dirmngr.
2003-12-17Replaced deprecated type names.Werner Koch1-9/+9
* certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul. (gpgsm_dump_serial): Ditto. * decrypt.c (gpgsm_decrypt): Replaced ERR by RC.
2003-11-12Mainly changes to adjust for the changed KSBA API.Werner Koch1-2/+2
2003-08-05This commit was manufactured by cvs2svn to create branchRepo Admin1-0/+271
'GNUPG-1-9-BRANCH'.
2003-06-27Key generation and signing using the OpenPGP card does rudimentary work.Werner Koch1-8/+8
2003-06-03Make use of libgpg-errorWerner Koch1-1/+1
2002-10-19This commit was manufactured by cvs2svn to create branchRepo Admin1-271/+0
'GNUPG-1-9-BRANCH'.
2002-08-10* keylist.c (list_cert_colon): Print the short fingerprint in theWerner Koch1-1/+12
key ID field. * fingerprint.c (gpgsm_get_short_fingerprint): New. * verify.c (gpgsm_verify): Print more verbose info for a good signature.
2002-07-22* delete.c: New.Werner Koch1-1/+1
* gpgsm.c: Made --delete-key work. * server.c (cmd_delkeys): New. (register_commands): New command DELKEYS. * decrypt.c (gpgsm_decrypt): Print a convenience note when RC2 is used and a STATUS_ERROR with the algorithm oid.
2002-01-13* fingerprint.c (gpgsm_get_certid): Print the serialand not theWerner Koch1-1/+1
hash after the dot.
2002-01-11* call-dirmngr.c: New.Werner Koch1-0/+67
* certpath.c (gpgsm_validate_path): Check the CRL here. * fingerprint.c (gpgsm_get_certid): New. * gpgsm.c: New options --dirmngr-program and --disable-crl-checks.
2002-01-10* base64.c (gpgsm_create_writer): Allow to set the object nameWerner Koch1-0/+4
* server.c (cmd_genkey): New. * certreqgen.c: New. The parameter handling code has been taken from gnupg/g10/keygen.c version 1.0.6. * call-agent.c (gpgsm_agent_genkey): New.
2001-12-18Changes to be used with the new libksba interface.Werner Koch1-16/+19
libgcrypt-1.1.5 is required (cvs or tarball)
2001-12-15* decrypt.c (gpgsm_decrypt): Write STATUS_DECRYPTION_*.Werner Koch1-1/+1
* sign.c (gpgsm_sign): Write a STATUS_SIG_CREATED.
2001-12-05Started with decryption stuffWerner Koch1-1/+3
2001-11-24Introduced the keygripWerner Koch1-0/+57
2001-11-19Added basic code for keylisting.Werner Koch1-1/+1
New Assuan command LISTKEYS.
2001-11-19Write status output, make verify work in server mode.Werner Koch1-0/+23
2001-11-13We have reached a state where we are able to import certs andWerner Koch1-0/+104
check the certification path.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 17:55:23 +0000