aboutsummaryrefslogtreecommitdiffstats
path: root/agent/command.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* agent: Fix two compiler warnings.Werner Koch2013-08-281-2/+2
| | | | | | | | | | | | | | * agent/command.c (cmd_preset_passphrase, pinentry_loopback): Use %zu in format string. * scd/ccid-driver.c (ccid_get_atr): Ditto. * agent/command-ssh.c (stream_read_string): Init arg STRING_SIZE to avoid maybe_unitialized warning. -- Actually the first one might have been a problem on big endian machines. Signed-off-by: Werner Koch <[email protected]>
* agent: Extend cmd KEYINFO to return data from sshcontrol.Werner Koch2013-08-081-25/+122
| | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (struct control_file_s): Rename to ssh_control_file_s. (ssh_open_control_file, ssh_close_control_file) (ssh_read_control_file, ssh_search_control_file): New. (control_file_t): Rename and move to ... * agent/agent.h (ssh_control_file_t): here. * agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled, and confirm. Rename unknown keytype indicator from '-' to 'X'. Extend output. (cmd_keyinfo): Add options --ssh-list and --with-ssh. -- This extension allows the development of frontends to manage the sshcontrol file. Signed-off-by: Werner Koch <[email protected]>
* Implement unattended OpenPGP secret key import.Werner Koch2013-05-221-4/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/command.c (cmd_import_key): Add option --unattended. * agent/cvt-openpgp.c (convert_transfer_key): New. (do_unprotect): Factor some code out to ... (prepare_unprotect): new function. (convert_from_openpgp): Factor all code out to ... (convert_from_openpgp_main): this. Add arg 'passphrase'. Implement openpgp-native protection modes. (convert_from_openpgp_native): New. * agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion * agent/protect-tool.c (convert_from_openpgp_native): Ditto. * agent/protect.c (agent_unprotect): Add arg CTRL. Adjust all callers. Support openpgp-native protection. * g10/call-agent.c (agent_import_key): Add arg 'unattended'. * g10/import.c (transfer_secret_keys): Use unattended in batch mode. -- With the gpg-agent taking care of the secret keys, the user needs to migrate existing keys from secring.gpg to the agent. This and also the standard import of secret keys required the user to unprotect the secret keys first, so that gpg-agent was able to re-protected them using its own scheme. With many secret keys this is quite some usability hurdle. In particular if a passphrase is not instantly available. To make this migration smoother, this patch implements an unattended key import/migration which delays the conversion to the gpg-agent format until the key is actually used. For example: gpg2 --batch --import mysecretkey.gpg works without any user interaction due to the use of --batch. Now if a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent has to ask for the passphrase anyway, converts the key from the openpgp format to the internal format, signs, re-encrypts the key and tries to store it in the gpg-agent format to the disk. The next time, the internal format of the key is used. This patch has only been tested with the old demo keys, more tests with other protection formats and no protection are needed. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix length detection of canonical formatted openpgp keys.Werner Koch2013-05-221-1/+1
| | | | | | | | | | | | | | | * agent/command.c (cmd_import_key): Pass 0 instead of KEYLEN to gcry_sexp_canon_len. -- We used to pass KEYLEN to the gcry_sexp_canon_len for no good reason: convert_from_openpgp is guaranteed to return a valid canonical S-expression and KEYLEN would thus act only as an upper limit. This is not a problem because usually the original input key is longer than the returned unprotected key. A future patch may change this assertion and thus we better fix this bug now. Signed-off-by: Werner Koch <[email protected]>
* agent: fix two bugs.NIIBE Yutaka2013-02-221-0/+1
| | | | | | | | * agent/command.c (cmd_keytocard): Decrement KEYDATALEN. * agent/findkey.c (agent_public_key_from_file): Increment for ELEMS. -- For ECDSA and ECDH, there are 6 elements.
* agent: Add KEYTOCARD command.NIIBE Yutaka2013-02-121-0/+125
| | | | | | | | * agent/agent.h (divert_writekey, agent_card_writekey): New. * agent/call-scd.c (inq_writekey_parms, agent_card_writekey): New. * agent/command.c (cmd_keytocard, hlp_keytocard): New. (register_commands): Add cmd_keytocard. * agent/divert-scd.c (divert_writekey): New.
* agent: Move a typedef to common and provide parse_pinentry_mode.Werner Koch2013-02-061-14/+6
| | | | | | | | | * common/agent-opt.c: New. * common/shareddefs.h: New. * common/Makefile.am: Add new files. * agent/agent.h: Include shareddefs.h. (pinentry_mode_t): Factor out to shareddefs.h. * agent/command.c (option_handler): Use parse_pinentry_mode.
* agent: Use wipememory instead of memset in one place.Werner Koch2012-11-061-1/+1
| | | | | * agent/command.c (clear_outbuf): Use wipememory. Suggested by Ben Kibbey.
* agent: Add pin length field to the shadowed private key format.Werner Koch2012-02-071-1/+1
| | | | | | | | This is not yet fully implemented. It will eventually allow to support pinpad equipped readers which do not support variable length pin lengths. * agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and parse pinlen info. Change all callers to pass NULL for it.
* Use new status printing functions.Werner Koch2012-02-071-12/+4
| | | | | | * agent/command.c (cmd_geteventcounter): Get rid of static buffers. * scd/command.c (cmd_serialno, cmd_learn): Simplify by using print_assuan_status.
* agent: New function agent_print_status.Werner Koch2012-02-071-0/+16
| | | | | | * common/asshelp2.c (vprint_assuan_status): New. (print_assuan_status): Re-implement using above func. * agent/command.c (agent_print_status): New.
* agent: Simplify printing of INQUIRE_MAXLEN.Werner Koch2012-02-061-12/+5
| | | | | | * agent/command.c: Include asshelp.h. (cmd_pkdecrypt, cmd_genkey, cmd_preset_passphrase) (pinentry_loopback): Use print_assuan_status for INQUIRE_MAXLEN.
* Also let GENKEY and PKDECRYPT send the INQUIRE_MAXLEN status message.Ben Kibbey2012-02-031-3/+11
| | | | | | * agent/command.c (cmd_pkdecrypt): Send the INQUIRE_MAXLEN status message before doing the inquire. (cmd_genkey): Ditto.
* Inform the client of the preset passphrase length.Ben Kibbey2012-02-021-1/+7
| | | | | * agent/command.c (cmd_preset_passphrase): Send the INQUIRE_MAXLEN status message before inquiring the passphrase.
* Add the INQUIRE_MAXLEN status message.Ben Kibbey2012-01-181-0/+6
| | | | | | | | This status message is used to inform the client of the maximum length of an inquired passphrase and is used in pinentry-mode=loopback. * agent/command.c (pinentry_loopback): Send the INQUIRE_MAXLEN status message before doing the inquire.
* Require Libassuan 2.0.3Werner Koch2011-12-201-4/+0
| | | | | | | | | * configure.ac: Require Libassuan 2.0.3. * agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement. * agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove dependency. (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto. * scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
* Fix last change.Werner Koch2011-12-051-1/+0
| | | | * agent/command.c (start_command_handler): Remove use of removed var.
* Amend the agent code with more comments.Werner Koch2011-12-051-23/+79
| | | | * agent/command.c (server_local_s): Remove unused field MESSAGE_FD.
* Handle pinentry-mode=loopback.Ben Kibbey2011-09-121-0/+15
| | | | | | When this mode is set an inquire will be sent to the client to retrieve the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the GENKEY and PASSWD commands use when generating a new key.
* Update option s2k-count to match the documentation.Ben Kibbey2011-08-101-3/+3
| | | | The option would previously return an error if its value was < 65536.
* Made the KILLAGENT and KILLSCD commands working again.Werner Koch2011-08-101-0/+5
| | | | | This requires that GnuPG is build with a newer version of Libassuan (2.0.3).
* Allow listing of ssh fingerprint with the agent's KEYINFO command.Werner Koch2011-07-201-8/+30
|
* Added gpg-agent OPTION "s2k-count".Ben Kibbey2011-06-291-1/+10
| | | | When unset or 0, the calibrated count will be used.
* Add OPTION:cache-ttl-opt-preset to gpg-agent.Werner Koch2011-04-211-3/+7
| | | | | This option may be used to change the default ttl values use with the --preset option of GENKEY and PASSWD.
* Fix gpg-agent secure memory leak in OpenPGP private key import.Marcus Brinkmann2011-04-201-0/+2
| | | | | | | | 2011-04-20 Marcus Brinkmann <[email protected]> * command.c (cmd_import_key): Release key from failed import before converting openpgp private key in the openpgp-private-key case.
* Another PASSWD --preset fix.Ben Kibbey2011-04-181-1/+1
| | | | Check for an error before presetting the passphrase.
* Fixed PASSWD --preset.Ben Kibbey2011-04-131-7/+7
| | | | | The previous patch required that the keygrip be cached before adding the new passphrase to the cache. No more.
* Use macros for the 120 and 900s cache TTLs.Werner Koch2011-04-121-5/+6
|
* Added PASSWD --preset.Ben Kibbey2011-04-121-2/+11
|
* Added GENKEY --preset to add the passphrase of the generated key to the cache.Ben Kibbey2011-04-121-2/+7
|
* Added KEYINFO field to show the protection type of a key. This differs from ↵Ben Kibbey2011-04-121-10/+21
| | | | the second field which shows the location of the key.
* Added option --inquire to PRESET_PASSPHRASE. Note that the inquired ↵Ben Kibbey2011-03-041-4/+26
| | | | passphrase will be truncated to the first encountered null byte.
* New agent option pinentry-mode.Werner Koch2011-03-031-0/+18
| | | | | This provides the framework and implements the ask, cancel and error. loopback will be implemented later.
* Add comment to last patch.Werner Koch2011-03-021-13/+20
|
* Added option --data to KEYINFO to return the result with a data response.Ben Kibbey2011-03-021-12/+27
|
* Let KEYINFO show the cached status of a key grip.Ben Kibbey2011-03-021-1/+11
|
* Rename Ben's new option.Werner Koch2011-03-021-7/+7
|
* Added CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with ↵Ben Kibbey2011-03-021-3/+10
| | | | a mode of CACHE_MODE_NORMAL. These cache modes are created with PKDECRYPT.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-84/+83
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* Re-implemented GPG's --passwd command and improved it.Werner Koch2010-10-261-11/+131
|
* All tests work are again workingWerner Koch2010-10-141-2/+7
|
* More agent support for gpg.Werner Koch2010-10-131-19/+23
|
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-37/+114
| | | | | | A couple of forward ported changes. Doc updates.
* Obscure the cached passphrases.Werner Koch2010-09-021-5/+3
|
* s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.Werner Koch2010-09-011-7/+18
| | | | | Prepare for more use cases of the cache nonce.
* Use passphrase caching for import and genkey.Werner Koch2010-09-011-8/+37
|
* Import OpenPGP keys into the agent.Werner Koch2010-08-311-16/+64
|
* Implement export of pkcs#12 objects using a direct agent connection.Werner Koch2010-06-211-9/+93
|
* Avoid using the protect-tool to import pkcs#12.Werner Koch2010-06-171-48/+230
|
* Update tests.Werner Koch2010-05-111-12/+38
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 17:12:24 +0000