| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
except the root cert".
* sign.c (add_certificate_list): Implement it here.
* certpath.c (gpgsm_is_root_cert): New.
|
| |
|
|
|
|
|
|
| |
(gpgsm_validate_path): And call it from here.
* gpgsm.c (main): New options --policy-file,
--disable-policy-checks and --enable-policy-checks.
* gpgsm.h (opt): Added policy_file, no_policy_checks.
|
| |
|
|
|
|
|
|
|
|
|
| |
* keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs"
when we know that the secret key is available.
(gpgsm_list_keys): New arg MODE, check whether a secret key is
available. Changed all callers.
* gpgsm.c (main): New command --list-secret-keys.
* server.c (cmd_listsecretkeys): New.
(cmd_listkeys): Return secret keys with "crs" record.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* sign.c (add_certificate_list): New.
(gpgsm_sign): Add the certificates to the CMS object.
* certpath.c (gpgsm_walk_cert_chain): New.
* gpgsm.h (server_control_s): Add included_certs.
* gpgsm.c: Add option --include-certs.
(gpgsm_init_default_ctrl): New.
(main): Call it.
* server.c (gpgsm_server): Ditto.
(option_handler): Support --include-certs.
|
| |
|
|
|
|
| |
* certdump.c (gpgsm_dump_string): New.
(print_dn): Replaced by above.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
storing it.
* certpath.c (gpgsm_basic_cert_check): New.
* keydb.c (keydb_store_cert): New.
* import.c (store_cert): Removed and change all caller to use
the new function.
* verify.c (store_cert): Ditto.
* certlist.c (gpgsm_add_to_certlist): Validate the path
* certpath.c (gpgsm_validate_path): Check the trust list.
* call-agent.c (gpgsm_agent_istrusted): New.
|
| |
|
|
|
|
|
|
|
| |
* certlist.c (gpgsm_find_cert): New.
DirMngr should now work. Remember that there is a --disable-crl-check
option in gpgsm to be used when there is a problem with the dirmngr
communication or you want to do faster tests.
|
| |
|
|
|
|
|
| |
* certpath.c (gpgsm_validate_path): Check the CRL here.
* fingerprint.c (gpgsm_get_certid): New.
* gpgsm.c: New options --dirmngr-program and --disable-crl-checks.
|
| |
|
|
|
|
|
|
| |
* server.c (cmd_genkey): New.
* certreqgen.c: New. The parameter handling code has been taken
from gnupg/g10/keygen.c version 1.0.6.
* call-agent.c (gpgsm_agent_genkey): New.
|
| |
|
|
|
|
|
| |
verification. Add OUT_FP arg, initialize a writer and changed all
callers.
* server.c (cmd_verify): Pass an out_fp if one has been set.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* certdump.c (print_sexp): Renamed to gpgsm_dump_serial, made
global.
(print_time): Renamed to gpgsm_dump_time, made global.
(gpgsm_dump_serial): Take a real S-Expression as argument and
print the first item.
* keylist.c (list_cert_colon): Ditto.
* keydb.c (keydb_search_issuer_sn): Ditto.
* decrypt.c (print_integer_sexp): Removed and made callers
use gpgsm_dump_serial.
* verify.c (print_time): Removed, made callers use gpgsm_dump_time.
|
| |
|
|
|
| |
libgcrypt-1.1.5 is required (cvs or tarball)
|
| |
|
|
|
|
| |
Allow to specify a recipient on the commandline
There is still a default hardwired recipient if none has been set.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
of direct creation of ksba_reader/writer.
* gpgsm.c (main): Set ctrl.auto_encoding unless --no-armor is used.
This way we can feed PEM encoded stuff to --verify.
|
| |
|
|
|
|
| |
* call-agent.c (start_agent): Allow to override the default path
to the agent.
|
| |
|
|
|
|
| |
~/.gnupg-test/private-keys-v1.d/<keygrip-as-20-byte-hex-number>. I
will post a sample key to gpa-dev.
|
| | |
|
| |
|
|
|
|
| |
numbers between gpg, gpgsm and gpg-agent. Move some files and code to
there.
|
| |
|
|
|
|
| |
should set GPGSM_FAKE_KEY=1 before you try to verify a signature
created by gpgsm --sign or the SIGN server command.
|
| |
|
|
|
| |
exhibits a bug in --verify.
|
| |
|
|
|
| |
New Assuan command LISTKEYS.
|
| | |
|
| |
|
|
|
| |
--enable-special-filenames option.
|
| | |
|
| |
|
|
|
| |
check the certification path.
|
| | |
|
| |
|
