aboutsummaryrefslogtreecommitdiffstats
path: root/sm/gpgsm.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg,sm: Add STATUS_ERROR keydb_search and keydb_add-resource.Werner Koch2016-11-101-1/+4
| | | | | | | | | | | | | | | | * g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED file-global. Write a STATUS_ERROR. (maybe_create_keyring_or_box): Check for non-accessible but existant file. (keydb_search): Write a STATUS_ERROR if no keyring has been registered but continue to return NOT_FOUND. * sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED and make file-global. Write a STATUS_ERROR. (keydb_search): Write a STATUS_ERROR if no keyring has been registered but continue to return NOT_FOUND. Also add new arg CTRL and change all callers to pass it down. Signed-off-by: Werner Koch <[email protected]>
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* Replace use of opt.homedir by accessor functions.Werner Koch2016-06-071-1/+0
| | | | | | | | | | | | | | | | | | | * common/homedir.c (the_gnupg_homedir): New var. (gnupg_set_homedir): New. (gnupg_homedir): New. * g10/options.h (struct opt): Remove 'homedir' and replace all users by the new accessor functions. * g13/g13-common.h (struct opt): Ditto. * scd/scdaemon.h (struct opt): Ditto. * sm/gpgsm.h (struct opt): Ditto. * dirmngr/dirmngr.h (struct opt): Ditto. * agent/preset-passphrase.c (opt_homedir): Ditto. * agent/protect-tool.c (opt_homedir): Ditto. -- This will make detection of a non-default homedir easier. Signed-off-by: Werner Koch <[email protected]>
* sm: Implement pinentry loopback and reading passphrases from fd.Justus Winter2016-03-071-0/+2
| | | | | | | | | | | | | | | | | | * doc/gpgsm.texi: Document '--pinentry-mode' and '--passphrase-fd'. * sm/Makefile.am (gpgsm_SOURCES): Add new files * sm/call-agent.c (struct default_inq_parm_s): New definition. (start_agent): Pass in the pinentry mode. (default_inq_cb): Handle 'PASSPHRASE' and 'NEW_PASSPHRASE' inquiries. Adapt all call sites to the new callback cookie. * sm/gpgsm.c (cmd_and_opt_values): Add new values. (opts): Add new options. (main): Handle new options. * sm/gpgsm.h (struct opt): Add field 'pinentry_mode'. * sm/passphrase.c: New file. * sm/passphrase.h: Likewise. GnuPG-bug-id: 1970 Signed-off-by: Justus Winter <[email protected]>
* sm: Remove unused argument '--fixed-passphrase'.Justus Winter2016-03-071-1/+0
| | | | | | | | | | * doc/gpgsm.texi: Drop description. * sm/gpgsm.c (cmd_and_opt_values): Drop enum value. (opts): Drop argument. (main): Drop argument handling. * sm/gpgsm.h (struct opt): Drop field 'fixed_passphrase'. Signed-off-by: Justus Winter <[email protected]>
* Replace GNUPG_GCC_A_ macros by GPGRT_ATTR_ macros.Werner Koch2015-07-261-1/+1
| | | | | | | | | | | | | * common/util.h: Provide replacement for GPGRT_ATTR_ macros when using libgpg-error < 1.20. * common/mischelp.h: Ditto. * common/types.h: Ditto. -- Given that libgpg-error is a dependency of all GnuPG related libraries it is better to define such macros at only one place instead of having similar macros at a lot of places. For now we need repalcement macros, though.
* gpgsm: Add command option "offline".Werner Koch2015-06-291-0/+1
| | | | | | | | | | | | | | | | | * sm/server.c (option_handler): Add "offline". (cmd_getinfo): Ditto. * sm/certchain.c (is_cert_still_valid): (do_validate_chain): * sm/gpgsm.c (gpgsm_init_default_ctrl): Default "offline" to the value of --disable-dirmngr. * sm/call-dirmngr.c (start_dirmngr_ext): Better also check for ctrl->offline. -- Adding this option makes it easier to implement the corresponding feature in gpgme. Signed-off-by: Werner Koch <[email protected]>
* Rename DBG_ASSUAN to DBG_IPC and add separate DBG_EXTPROG.Werner Koch2015-04-061-2/+2
| | | | * g10/options.h (DBG_EXTPROG_VALUE): Separate from DBG_IPC_VALUE.
* Add option --no-autostart.Werner Koch2014-11-281-0/+1
| | | | | | | | | | | | | | * g10/gpg.c: Add option --no-autostart. * sm/gpgsm.c: Ditto. * g10/options.h (opt): Add field autostart. * sm/gpgsm.h (opt): Ditto. * g10/call-agent.c (start_agent): Print note if agent was not autostarted. * sm/call-agent.c (start_agent): Ditto. * g10/call-dirmngr.c (create_context): Likewise. * sm/call-dirmngr.c (start_dirmngr_ext): Ditto. Signed-off-by: Werner Koch <[email protected]>
* sm: Create homedir and lock empty keybox creation.Werner Koch2014-08-141-0/+1
| | | | | | | | | * sm/gpgsm.h (opt): Add field "no_homedir_creation". * sm/gpgsm.c (main): Set it if --no-options is used. * sm/keydb.c (try_make_homedir): New. Similar to the one from g10/openfile.c. (maybe_create_keybox): New. Similar to the one from g10/keydb.c. (keydb_add_resource): Replace some code by maybe_create_keybox.
* Add new option --with-secret.Werner Koch2014-06-031-0/+1
| | | | | | | | | | | | | | | | | | | * g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
* gpgsm: New commands --export-secret-key-{p8,raw}Werner Koch2014-06-031-1/+2
| | | | | | | | | * sm/gpgsm.c: Add new commands. * sm/minip12.c (build_key_sequence): Add arg mode. (p12_raw_build): New. * sm/export.c (export_p12): Add arg rawmode. Call p12_raw_build. (gpgsm_p12_export): Ditto. (print_short_info): Print the keygrip.
* gpgsm: Add new validation model "steed".Werner Koch2011-12-071-2/+5
| | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED.
* Support X.509 certificate creation.Werner Koch2011-03-011-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | Using "gpgsm --genkey" allows the creation of a self-signed certificate via a new prompt. Using "gpgsm --genkey --batch" should allow the creation of arbitrary certificates controlled by a parameter file. An example parameter file is Key-Type: RSA Key-Length: 1024 Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA Key-Usage: sign, encrypt Serial: random Name-DN: CN=some test key Name-Email: [email protected] Name-Email: [email protected] Hash-Algo: SHA384 not-after: 2038-01-16 12:44 This creates a self-signed X.509 certificate using the key given by the keygrip and using SHA-384 as hash algorithm. The keyword signing-key can be used to sign the certificate with a different key. See sm/certreggen.c for details.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-7/+7
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* Remove superfluous parameter.Werner Koch2010-11-261-1/+1
| | | | | Make self-check interval larger
* Add new option --with-keygripWerner Koch2010-10-081-0/+2
|
* Auto-start dirmngr.Werner Koch2010-08-161-1/+0
|
* Implement export of pkcs#12 objects using a direct agent connection.Werner Koch2010-06-211-2/+6
|
* Avoid using the protect-tool to import pkcs#12.Werner Koch2010-06-171-0/+6
|
* Merged jnlib into common.Werner Koch2010-03-101-1/+0
|
* Removed almost al dup calls.Werner Koch2010-03-081-3/+3
|
* Replace use stdio by estream functions.Werner Koch2010-03-081-6/+8
|
* Add option --cert-extension.Werner Koch2009-12-101-1/+6
|
* Impleemned gpgsm's IMPORT --re-import feature.Werner Koch2009-07-071-1/+1
| | | | | Typo fix.
* Reworked passing of envars to Pinentry.Werner Koch2009-07-071-6/+5
|
* Create a pkcs#10 request directly from a card.Werner Koch2009-07-021-0/+2
| | | | | Deprecate gpgsm-gencert.sh script.
* Signing using Netkey 3 cards does now work.Werner Koch2009-03-261-2/+3
|
* Print NO_SECKEY status line in gpgsm.Werner Koch2009-03-251-2/+3
| | | | | This fixes bug#1020.
* Add server option with-ephemeral-keys.Werner Koch2009-03-181-3/+2
| | | | | Extend SCD LEARN command.
* New gpg-agent command to list key information.Werner Koch2009-03-061-0/+2
| | | | | | Gpgsm does now print the S/N of cards. Consider ephemeral keys during listing an export.
* fixed a bug in the prompt formatter.Werner Koch2008-10-281-0/+1
|
* Help dirmngr to use supplied trust anchors.Werner Koch2008-10-211-1/+1
|
* Add gpgsm server command GETINFO agent-check.Werner Koch2008-09-301-0/+1
| | | | | Fix tests.
* 2008-08-08 Marcus Brinkmann <[email protected]>Marcus Brinkmann2008-08-081-2/+0
| | | | | | | | | | | | | | | | * gpgsm.h (struct server_control_s): Remove member dirmngr_seen. * call-dirmngr.c (dirmngr2_ctx, dirmngr_ctx_locked) (dirmngr2_ctx_locked): New global variables. (prepare_dirmngr): Don't check dirmngr_seen anymore. (start_dirmngr): Move bunch of code to ... (start_dirmngr_ext): ... this new function. (release_dirmngr, start_dirmngr2, release_dirmngr2): New functions. (gpgsm_dirmngr_isvalid): Call release_dirmngr. (gpgsm_dirmngr_lookup): Call release_dirmngr. If dirmngr_ctx is locked, use dirmngr2_locked. (gpgsm_dirmngr_run_command): Call release_dirmngr.
* Start support of TCOS 3 cards.Werner Koch2008-06-261-0/+2
| | | | | | | Support restriction attribute. Fix utf-8 printing problems. Use AES by default.
* sm/Marcus Brinkmann2008-06-121-0/+14
| | | | | | | | | | | | | | | | 2008-06-12 Marcus Brinkmann <[email protected]> * gpgsm.h (struct keyserver_spec): New struct. (opt): Add member keyserver. * gpgsm.c (keyserver_list_free, parse_keyserver_line): New functions. (main): Implement --keyserver option. * call-dirmngr.c (prepare_dirmngr): Send LDAPSERVER commands. tools/ 2008-06-12 Marcus Brinkmann <[email protected]> * gpgconf-comp.c (gc_options_gpgsm): Add option keyserver.
* Improve certificate chain construction.Werner Koch2008-02-191-0/+1
| | | | | Extend PKITS framework
* Poems for AllowSetForegroundWindow (W32)Werner Koch2008-02-141-0/+2
|
* Always search missing certifcates using a running Dirmngr's cache.Werner Koch2008-02-131-3/+4
|
* Allow verification of some broken S-TRUST generated signatures.Werner Koch2007-12-131-0/+3
|
* Support DSA2.Werner Koch2007-12-121-0/+4
| | | | | | Support Camellia for testing. More audit stuff.
* Started to implement the audit log feature.Werner Koch2007-11-191-1/+8
| | | | | | | | Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes.
* Add new features to kbxutil.Werner Koch2007-08-231-1/+2
| | | | | Fixed bug 829 (can't encrypt if duplicated certs are in the keybox)
* Updated estream.Werner Koch2007-08-221-1/+1
| | | | | More changes for Windows.
* Implemented the chain model for X.509 validation.Werner Koch2007-08-101-3/+14
|
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under ↵Werner Koch2007-06-211-2/+5
| | | | Windows.
* Allow setting of the passphrase encoding of pkcs#12 files.Werner Koch2007-03-201-0/+4
| | | | New option --p12-charset.
* Allow export to work on systems without funopen/fopencookie.Werner Koch2007-03-191-2/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 21:03:36 +0000