aboutsummaryrefslogtreecommitdiffstats
path: root/sm/keylist.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add new option --with-secret.Werner Koch2014-06-031-5/+9
| | | | | | | | | | | | | | | | | | | * g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
* Change all quotes in strings and comments to the new GNU standard.Werner Koch2012-06-051-1/+1
| | | | | | | | | | | | | | | | | | | The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
* gpgsm: Add new validation model "steed".Werner Koch2011-12-071-9/+19
| | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED.
* gpgsm: Allow arbitrary extensions for cert creation.Werner Koch2011-12-061-0/+1
| | | | | | | | * sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New. (read_parameters): Add new keywords. (proc_parameters): Check values of new keywords. (create_request): Add SubjectKeyId and extensions. (parse_parameter_usage): Support "cert" and the encrypt alias "encr".
* Fix regression in gpg's mail address parsing.Werner Koch2011-04-251-1/+1
| | | | | | Since 2009-12-08 gpg was not able to find email addresses indicated by a leading '<'. This happened when I merged the user id classification code of gpgsm and gpg.
* Support X.509 certificate creation.Werner Koch2011-03-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Using "gpgsm --genkey" allows the creation of a self-signed certificate via a new prompt. Using "gpgsm --genkey --batch" should allow the creation of arbitrary certificates controlled by a parameter file. An example parameter file is Key-Type: RSA Key-Length: 1024 Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA Key-Usage: sign, encrypt Serial: random Name-DN: CN=some test key Name-Email: [email protected] Name-Email: [email protected] Hash-Algo: SHA384 not-after: 2038-01-16 12:44 This creates a self-signed X.509 certificate using the key given by the keygrip and using SHA-384 as hash algorithm. The keyword signing-key can be used to sign the certificate with a different key. See sm/certreggen.c for details.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-66/+66
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* Add new option --with-keygripWerner Koch2010-10-081-0/+10
|
* Various changes to eventually support openpgp keys in pgp-agent.Werner Koch2010-02-021-1/+1
| | | | | | Comment fixes. Minor chnages in preparation of a W32CE port.
* Unification of the search descriptor usage.Werner Koch2009-12-081-1/+1
|
* 2009-07-29 Marcus Brinkmann <[email protected]>Marcus Brinkmann2009-07-291-0/+2
| | | | | * keylist.c (print_capabilities): Print a trailing colon.
* Print the card's S/N in a secret key listing.Werner Koch2009-04-021-1/+9
|
* Print NO_SECKEY status line in gpgsm.Werner Koch2009-03-251-2/+2
| | | | | This fixes bug#1020.
* Fix keygrip computation for TCOS 3 cards.Werner Koch2009-03-201-0/+1
| | | | | Emit PROGRESS status lines during --learn-card.
* Add server option with-ephemeral-keys.Werner Koch2009-03-181-1/+1
| | | | | Extend SCD LEARN command.
* New gpg-agent command to list key information.Werner Koch2009-03-061-3/+38
| | | | | | Gpgsm does now print the S/N of cards. Consider ephemeral keys during listing an export.
* Minor fixesWerner Koch2009-01-121-1/+1
|
* Help dirmngr to use supplied trust anchors.Werner Koch2008-10-211-1/+1
|
* Marked all unused args on non-W32 platforms.Werner Koch2008-10-201-0/+6
|
* Print a 'f' for validated non-root certificates in gpgsm colon style listing.Werner Koch2008-08-131-0/+2
| | | | | Doc fixes.
* Minor fixes.Werner Koch2008-06-261-2/+2
|
* Start support of TCOS 3 cards.Werner Koch2008-06-261-15/+107
| | | | | | | Support restriction attribute. Fix utf-8 printing problems. Use AES by default.
* Fixed bug#907.Werner Koch2008-05-061-0/+3
| | | | | Fixed a segv in keybox and made it more robust.
* Fixed an email/DN bug.Werner Koch2008-03-131-2/+2
| | | | | Changed pinentry prompts.
* Always search missing certifcates using a running Dirmngr's cache.Werner Koch2008-02-131-3/+3
|
* 2008-01-29 Marcus Brinkmann <[email protected]>Marcus Brinkmann2008-01-301-2/+15
| | | | | | * keylist.c (list_internal_keys): New variable lastcert. Use it to suppress duplicates which immediately follow each other.
* Typo fixes.Werner Koch2008-01-261-2/+2
| | | | | | Portability fix for asschk.c
* Implemented the chain model for X.509 validation.Werner Koch2007-08-101-9/+27
|
* Changed to GPLv3.Werner Koch2007-07-041-26/+13
| | | | | Removed intl/.
* kbx/Werner Koch2007-03-201-1/+1
| | | | | | | | | | | | | | | | | | | | * keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL): New. * keybox-update.c (keybox_compress): Use it here instead of a magic constant. sm/ * fingerprint.c (gpgsm_get_fingerprint): Add caching. (gpgsm_get_fingerprint_string): Use bin2hexcolon(). (gpgsm_get_fingerprint_hexstring): Use bin2hex and allocate only as much memory as required. (gpgsm_get_keygrip_hexstring): Use bin2hex. * certchain.c (gpgsm_validate_chain): Keep track of the certificate chain and reset the ephemeral flags. * keydb.c (keydb_set_cert_flags): New args EPHEMERAL and MASK. Changed caller to use a mask of ~0. Return a proper error code if the certificate is not available.
* Changes to let the key listing use estream to help systems withoutWerner Koch2007-03-191-216/+222
| | | | | funopen.
* Preparing a releasegnupg-1.9.93Werner Koch2006-10-181-17/+35
|
* Fix for bug 537Werner Koch2006-10-021-4/+4
|
* New "relax" option for trustlist.txtWerner Koch2006-09-251-3/+5
|
* Take advantage of newer gpg-error features.Werner Koch2006-09-141-1/+1
|
* Various fixes and new features.Werner Koch2006-09-131-2/+2
| | | | | Enhanced gpg-connect-agent.
* The big Assuan error code removal.Werner Koch2006-09-061-2/+2
|
* Minor changes and typo fixes.Werner Koch2006-09-061-0/+8
|
* Various smaller changesWerner Koch2006-06-271-1/+1
|
* Updated FSF's address.Werner Koch2006-06-201-1/+6
|
* g10/ does build again.Werner Koch2006-05-231-1/+3
|
* Added qualified signature features.Werner Koch2005-11-131-0/+40
|
* * keylist.c (email_kludge): Reworked.Werner Koch2005-07-201-7/+19
| | | | | | | * certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf arg to unsigned. * call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto
* gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch2005-06-161-2/+2
| | | | | | | char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
* * configure.ac: Require libksba 0.9.11.Werner Koch2005-04-181-5/+30
| | | | | | | | | | | | sm/ * call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI. * certlist.c (gpgsm_find_cert): Add new arg KEYID and implement this filter. Changed all callers. * certchain.c (find_up_search_by_keyid): New helper. (find_up): Also try using the AKI.keyIdentifier. (find_up_external): Ditto.
* * maperror.c (map_assuan_err_with_source): Oops, args were swapped.Werner Koch2004-12-191-2/+2
| | | | | * w32-pth.c (pth_init): Enable debugging depending on env var.
* * de.po: Updated.Werner Koch2004-09-301-2/+5
| | | | | | | | | | | * POTFILES.in: Add more files. * app-openpgp.c (do_sign): Add the error string to the verify failed messages. * keylist.c (list_cert_colon): Make sure that the expired flag has a higher precedence than the invalid flag.
* * gpgsm.c: New option --with-ephemeral-keys.Werner Koch2004-08-061-8/+26
| | | | | | | * keylist.c (list_internal_keys): Set it here. (list_cert_raw): And indicate those keys. Changed all our callers to pass the new arg HD through.
* * trustlist.c (read_list): Allow colons in the fingerprint.Werner Koch2004-07-221-1/+5
| | | | | | | | | | | | | (headerblurb): Rephrased. * gpg-agent.c (handle_connections): Increase the stack size ot 256k. * de.po: Updated. * scdaemon.c (main): Bumbed thread stack size up to 512k. * keylist.c (list_cert_raw): Print the keygrip.
* * gpg-agent.c (handle_signal): Reload the trustlist on SIGHUP.Werner Koch2004-05-111-20/+45
| | | | | | | | | | | | | | | | (start_connection_thread): Hack to simulate a ticker. * trustlist.c (agent_trustlist_housekeeping) (agent_reload_trustlist): New. Protected all global functions here with a simple counter which is sufficient for Pth. * fingerprint.c (gpgsm_get_key_algo_info): New. * sign.c (gpgsm_sign): Don't assume RSA in the status line. * keylist.c (list_cert_colon): Really print the algorithm and key length. (list_cert_raw, list_cert_std): Ditto. (list_cert_colon): Reorganized to be able to tell whether a root certificate is trusted.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 15:05:59 +0000