| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* tools/gpg-card.c: Include ctype.h.
* sm/Makefile.am (t_common_ldadd): Add LIBICONV.
--
GnuPG-bug-id: 5400
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/comopt.c, common/comopt.h: New.
* common/Makefile.am: Add them.
* g10/gpg.c: Include comopt.h.
(main): Also parse common.conf.
* sm/gpgsm.c: Include comopt.h.
(main): Set a flag for the --no-logfile option. Parse common.conf.
* tools/gpgconf-comp.c (known_options_gpg): Remove "use-keyboxd", add
pseudo option "use_keyboxd".
(known_pseudo_options_gpg): Add pseudo option "use_keyboxd".
(known_options_gpgsm): Remove "use-keyboxd".
* tests/openpgp/defs.scm (create-gpghome): Create common.conf.
* doc/examples/common.conf: New.
--
Note that --use-keybox still works but prints a warning. We will
eventually remove this option becuase it was marked as an experimental
feature anyway.
It would be too confusing if gpg and gpgsm use different key storages.
Further, other components (e.g. dirmngr or gpg-wks-client) which call
gpg or gpgsm need to be aware that the keyboxd is used and pass that
option on the command line. Now that common.conf is always read (even
if --no-options is used) those tools will work instantly.
|
|
--
|
|
* sm/gpgsm.c: Include npth.h.
(main): Init nPth.
--
Actually we currently do not use extra threads but we need to link to
the npth version of the common functions because there is an option to
use threads. Now, without initialized npth, we could experience a
crash in gnupg_sleep, which uses npth_usleep in the npth based common
functions.
Fixes-commit: 046f419f806036248c058c4bd44368f8596287b7
|
|
* sm/certchain.c (find_up_dirmngr): Print one diagnostic only in
verbose mode. Do not print issuer not found diags in quiet mode.
* sm/minip12.c (parse_bag_data): Add missing verbose condition.
--
GnuPG-bug-id: 4757
|
|
* sm/certchain.c (find_up): Get rid of the legacy return code -1 and
chnage var name rc to err.
(gpgsm_walk_cert_chain): Change var name rc to err.
(do_validate_chain): Get rid of the legacy return code -1.
--
This was detected while fixing
GnuPG-bug-id: 4757
|
|
* sm/encrypt.c (gpgsm_encrypt): Take care of --quiet.
* sm/gpgsm.c: Include minip12.h.
(set_debug): Call p12_set_verbosity.
* sm/import.c (parse_p12): Dump keygrip only in debug mode.
* sm/minip12.c (opt_verbose, p12_set_verbosity): New.
(parse_bag_encrypted_data): Print info messages only in verbose mode.
--
GnuPG-bug-id: 4757
|
|
* sm/keylist.c (oidtranstbl): Add a couple of OIDs and mark them for
key usage.
|
|
* configure.ac (NEED_GPG_ERROR_VERSION): Rename to NEED_GPGRT_VERSION
and set to 1.41.
* common/sysutils.c (gnupg_access): Remove code for older gpgrt
versions.
* kbx/backend-sqlite.c: Ditto.
* sm/gpgsm.c (main): Ditto.
--
We already have a requirement for a newer Libgcrypt and thus we can
also require a more recent libgpgrt (aka libgpg-error) which was
released before Libgcrypt.
|
|
* sm/keylist.c (OID_FLAG_KP): New.
(key_purpose_map): Merge into ...
(oidtranstbl): this.
(get_oid_desc): New arg 'matchflag'. Use function in place of direct
access to key_purpose_map.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/compliance.c (gnupg_gcrypt_is_compliant): New.
(gnupg_rng_is_compliant): Also check library version.
* g10/mainproc.c (proc_encrypted): Use new function.
(check_sig_and_print): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/verify.c (gpgsm_verify): Ditto
--
This will eventually allow us to declare Libgcrypt 1.9 to be de-vs
compliant. GnuPG can use this information then for its own checks.
As of now GnuPG tests the version of the used library but that is a
bit cumbersome to maintain.
Signed-off-by: Werner Koch <[email protected]>
|
|
* configure.ac: Require at least Libgcrypt 1.9.0. Remove all
GCRYPT_VERSION_NUMBER dependent code.
--
Only Libgcrypt 1.9 implements EAX which is a mandatory algorithm in
RFC4880bis.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/openfile.c (try_make_homedir): Move core of the code to ...
* common/homedir.c (gnupg_maybe_make_homedir): new.
* sm/keydb.c (try_make_homedir): Implement using new function.
* common/homedir.c: Include i18n.h.
* po/POTFILES.in: Add common/homedir.c.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New. Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--
This is yet another step for full Unicode support on Windows.
GnuPG-bug-id: 5098
|
|
--
We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change. At a
very few places we keep using stdio (for example due to the use of
popen).
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/sysutils.c (gnupg_access): New. Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--
Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.
This is required to correctly handle non-ascii filenames on Windows.
GnuPG-bug-id: 5098
|
|
* sm/keydb.c (warn_version_mismatch): Add arg ctrl and pass on.
(create_new_context): Pass ctrl to warn function.
|
|
* sm/keydb.c (search_status_cb): Skip over the ubid.
|
|
* sm/keydb.c (keydb_delete): Implement keyboxd mode.
(keydb_update_cert): Disable unused function.
* kbx/backend-sqlite.c (be_sqlite_delete): Delete from issuer.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.h (MAX_FINGERPRINT_LEN): New.
* sm/keydb.c (struct keydb_local_s): Change definition of
search_result.
(keydb_get_cert): Implement keyboxd mode.
(keydb_get_flags): Temporary hack for keyboxd mode. Needs to be
fixed.
(struct store_parm_s, store_inq_cb): New.
(keydb_insert_cert): Implement keyboxd mode.
(keydb_locate_writable): Make static.
(keydb_search_reset): Implement keyboxd mode.
(search_status_cb): New.
(keydb_search): Implement keyboxd mode. Replace return code -1 by
GPG_ERR_NOT_FOUND.
(keydb_set_cert_flags): Replace return code -1 by GPG_ERR_NOT_FOUND.
* sm/keylist.c (list_cert_colon): Adjust for replacement of -1 by
GPG_ERR_NOT_FOUND.
(list_internal_keys): Ditto.
* sm/sign.c (add_certificate_list): Ditto.
* sm/certchain.c (find_up_search_by_keyid): Ditto.
(find_up_external, find_up, find_up_dirmngr): Ditto.
(gpgsm_walk_cert_chain): Ditto.
(get_regtp_ca_info): Ditto.
* sm/certlist.c (gpgsm_add_to_certlist): Ditto.
(gpgsm_find_cert): Ditto.
* sm/delete.c (delete_one): Ditto.
* sm/export.c (gpgsm_export): Ditto.
(gpgsm_p12_export): Ditto.
* sm/import.c (gpgsm_import_files): Ditto.
--
Note that keyboxd is not yet able to handle the ephemeral flag. This
needs fixing here and in keyboxd. Delete et al. is also not yet
implemented. A basic key listing works, though.
Signed-off-by: Werner Koch <[email protected]>
|
|
* kbx/kbx-client-util.c (kbx_client_data_new): Add arg 'dlines'.
* g10/call-keyboxd.c (open_context): Set DLINES to true.
* sm/keydb.c (open_context): Ditto.
--
This allows to compile time switch between the D-line and the
fd-passing data communication between gpg/gpgsm and keyboxd. A quick
test with about 3000 OpenPGP keys showed that D-lines are only 10%
slower than the fd-passing based implementation. Given that the
thread adds extra complexity we go for now with the D-line approach.
Signed-off-by: Werner Koch <[email protected]>
|
|
* kbx/keybox-search-desc.h (struct keydb_search_desc): Do not overload
SNLLEN with a hex flag. Add SNHEX.
* kbx/keybox-search.c (keybox_search): Adjust.
* common/userids.c (classify_user_id): Adjust.
* sm/keydb.c (keydb_search_desc_dump): Adjust.
* g10/keydb.c (keydb_search_desc_dump): Adjust.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/Makefile.am (AM_CFLAGS): Add npth flags.
(common_libs): Use npth version of the lib.
(gpgsm_LDADD): Add npth libs.
* sm/gpgsm.c (oUseKeyboxd, oKeyboxdProgram): New.
(opts): New options --use-keyboxd and --keyboxd-program.
(main): Set them.
(gpgsm_deinit_default_ctrl): New.
(main): Call it.
* sm/server.c (gpgsm_server): Ditto.
* sm/gpgsm.h (opt): Add fields use_keyboxd and keyboxd_program.
(keydb_local_s): New type.
(struct server_control_s): Add field keybd_local.
* sm/keydb.c: Include assuan.h, asshelp.h, and kbx-client-util.h.
(struct keydb_local_s): New.
(struct keydb_handle): Add fields for keyboxd use.
(gpgsm_keydb_deinit_session_data): New.
(warn_version_mismatch): New.
(create_new_context): New.
(open_context): New.
(keydb_new): Implement keyboxd mode.
(keydb_release): Ditto.
(keydb_get_resource_name): Ditto.
* sm/keydb.c: Add stub support for all other functions.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/keydb.c (keydb_new): Add arg and change all callers.
--
This will be used later.
|
|
* common/asshelp.c (warn_server_version_mismatch): New. Actually a
slightly modified version of warn_version_mismatch found in other
modules.
* common/status.c (gnupg_status_strings): New.
* g10/cpr.c (write_status_strings2): New.
* g10/call-agent.c (warn_version_mismatch): Use the new unified
warn_server_version_mismatch function.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* g10/call-keyboxd.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
* tools/card-call-scd.c (warn_version_mismatch): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certdump.c (parse_dn_part): Fix parser flaw.
--
This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory. However, it is harmless because the rfc2253
strings have been constructed by libksba.
GnuPG-bug-id: 5037
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.c (main): No default keyring for gpgconf mode.
--
GnuPG-bug-id: 4867
Signed-off-by: Werner Koch <[email protected]>
|
|
* configure.ac: Add option --disable-tests. Print warnings in the
summary.
(DISABLE_TESTS): New am_conditional.
--
GnuPG-bug-id: 4960
|
|
* sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option.
(gpgsm_agent_import_key): Ditto.
* g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on.
(agent_import_key): Ditto.
* g10/import.c (transfer_secret_keys): Pass the creation date to the
agent.
* g10/keygen.c (common_gen): Ditto.
--
Having the creation time in the private key file makes it a lot easier
to re-create an OpenPGP public keyblock in case it was accidentally
lost.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/openpgp-oid.c (map_openpgp_pk_to_gcry): Use cast for enum
conversion.
* dirmngr/dns-stuff.c (get_dns_srv): Use explicit conversion from
int to float.
* sm/gpgsm.c (parse_keyserver_line): Initialize ERR.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid. Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.c (oChUid, opts): New option --chuid.
(main): Implement option.
--
This option will at least be useful for Scute.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/keylist.c (list_cert_colon): Emit a new "fp2" record.
(list_cert_raw): Print the SHA2 fingerprint.
(list_cert_std): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/Makefile.am (t_minip12_LDADD): Add NETLIBS.
--
GnuPG-bug-id: 4944
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS).
* sm/Makefile.am (gpgsm_LDADD): Ditto.
* tools/Makefile.am (gpg_wks_client_LDADD): Ditto.
--
GnuPG-bug-id: 4994
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* agent/genkey.c (agent_ask_new_passphrase): No qualitybar.
* g10/call-agent.c (agent_get_passphrase): Ditto.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--
The concept of a passphrase quality indicator is anyway questionable
because user are smart enough to trick them out and they also tend to
limit the actually used entropy.
Except for the red/green switching (to show whether constraints are
fulfilled) our qualitybar is pretty bad and thus worse than none.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS. Adjust all callers.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg. Add arg pkalgoflags. Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags. Pass algo flags along.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.c (main): Set ERR also for encrypt.
--
Fixes-commit: ccbb0cfeefed096a9841b6557d10eef12d55b721
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.c (main) <aSign,aEncr>: Uses gpgrt_fcancel on error.
--
When creating a signature or encrypting and the respective key is not
available or the user canceled the PIN entry gpgsm prints the initial
part of the message due to internal buffering in gpgrt. By using
gpgrt_fcancel we can avoid this at least as long as the data is less
than the standard buffer size (which is currently 8k). If is not a
complete solution but the best we can do easily. Outputting to the
tty is anyway more of a testing aid than for real use.
This makes use of the new gpgrt_fcancel API.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certdump.c: Include membuf.h.
(gpgsm_print_serial_decimal): New.
* sm/keylist.c (list_cert_raw): Print s/n also in decimal
(list_cert_std): Ditto.
--
Many CA's print the serial number in decimal on their cards.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certcheck.c (do_encode_md): Fix obvious bug.
--
Fixes-commit: 596212e71abf33b30608348b782c093dace83110
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certcheck.c (do_encode_md): Take care of nistp521.
--
That curve is a bit odd in that it does not match a common hash digest
length. We fix that here for just this case instead of writing more
general code to support all allowed cases (i.e. hash shorter than Q).
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certreqgen.c (create_request): Also set SIGKEYLEN.
--
Fixes-commit: 44676819f2873705b78849e7b2fd22214b691642
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certreqgen.c (create_request): Create AKI and SKI by default.
--
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/misc.c (transform_sigval): Support EdDSA.
* sm/certreqgen.c (create_request): Support EdDSA cert creation.
* sm/certcheck.c (gpgsm_check_cert_sig): Map some ECC algo OIDs to
hash algos.
* sm/call-agent.c (struct sethash_inq_parm_s): New.
(sethash_inq_cb): New.
(gpgsm_agent_pksign): Add mode to pass plain data for EdDSA.
--
Tested using a parameter file
Key-Type: EdDSA
Key-Length: 1024
Key-Grip: 09D9AE3D494F7888C93BE5106AD8A734A87617F0
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test ed25519
where the keygrip is from a gpg generated Ed25519 key. ECDSA was
tested using
Key-Type: ECDSA
Key-Length: 1024
Key-Grip: 8E06A180EFFE4C65B812150CAF19BF30C0689A4C
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test nistp256
and RSA using
Key-Type: RSA
Key-Length: 2048
Key-Grip: C6A6390E9388CDBAD71EAEA698233FE5E04F001E
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test rsa
The command used in all cases is
gpgsm -v --gen-key --batch a.parm >a.crt
gpgsm -v --import <a.crt
More support, in particular in the user interface, is required and
will follow soon.
GnuPG-bug-id: 4888
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/certdump.c (gpgsm_get_serial): New.
* sm/certcheck.c (gpgsm_check_cert_sig): Support EdDSA signatures.
--
Note that this does not work with the self-signed RFC-8410 sample
certificate; see the code for comments.
The Ed488 case has not been tested due to a lack of support in
Libgcrypt.
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.h (struct certlist_s): Add helper field pk_algo.
* sm/sign.c (gpgsm_sign): Store the public key algo. Take the hash
algo from the curve. Improve diagnostic output in verbose mode.
--
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/decrypt.c (ecdh_decrypt): Support
dhSinglePass-stdDH-sha1kdf-scheme. Factor key derive code out to ...
(ecdh_derive_kek): new global function. Allow for hashs shorter than
the key.
(hash_ecc_cms_shared_info): Make file-only.
* sm/encrypt.c (ecdh_encrypt): Replace derive code by a call to the
new ecdh_derive_kek. Add test code to create data using
dhSinglePass-stdDH-sha1kdf-scheme.
* sm/gpgsm.h (opt): Add member force_ecdh_sha1kdf.
* sm/gpgsm.c: Add option --debug-force-ecdh-sha1kdf.
--
I did some test against
Governikus_Signer: 2.9.2.0
MCard security Provider: 2.4.0
Algorithm catalog from: 05.12.2019
using a Signature Card v2.0 and a nistp256 certificate. Encrypting
with Governikus used the stdDH-sha1kdf scheme which we can now
decrypt. Encrypting with GPGSM uses for that curve the recommended
scheme sha256kdf but Governikus was not able to decrypt this (no
usable error message). Encrypting using stdDH-sha1kdf with GPGSM by
using the new --debug-force-ecdh-sha1kdf option showed that
Governikus was able to decrypt this.
FWIW: RFC5753 (Use of Elliptic Curve Cryptography (ECC) Algorithms)
has this requirement:
Implementations that support EnvelopedData with the
ephemeral-static ECDH standard primitive:
- MUST support the dhSinglePass-stdDH-sha256kdf-scheme key
agreement algorithm, the id-aes128-wrap key wrap algorithm, and
the id-aes128-cbc content encryption algorithm; and
which Governikus seems not to fulfill.
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <[email protected]>
|
