| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/asshelp.c (start_new_service) [HAVE_W32_SYSTEM]: Remove the
socket before starting the daemon.
--
Forward port of the 2.2 commit:
7e2133bc16f86e6d8230688f500e95fd3bdbd28c
GnuPG-bug-id: 7829
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/sysutils.c (gnupg_rename_file): Factor out the wait function
to ...
(w32_wait_when_sharing_violation): New.
(w32_remove): New.
(gnupg_remove_ext): New.
(gnupg_remove): Now a wrapper arounf gnupg_remove_ext.
(gnupg_rename_file) [W32]: Use 32_remove with indefinite wait for
sharing violation.
--
Forward port of 2.2 commits:
7e3050547314f8c1625f2a1d9e116ff0b534a2bf
8491117f091ae9db1c1df2e6b9199ccde82a7d0a
This is based on a suggestion by Gniibe in
GnuPG-bug-id: 7829
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (NEED_GPGRT_VERSION): Require 1.56.
* g13/g13.c (main): Remove support of old gpgrt.
* sm/gpgsm.c (main): Likewise.
* tools/gpg-wks-client.c (wrong_args, main): Likewise.
* tools/gpgconf.c (my_read_reg_string): Likewise.
* common/util.h (GPG_ERR_UNEXPECTED_PACKET): Likewise.
* common/mapstrings.c (map_static_macro_string): Likewise.
--
GnuPG-bug-id: 7855
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/init.c [HAVE_W32_SYSTEM] (windows_semihosted_by_wine): New.
(_init_common_subsystems): Initialize the variable.
* common/stringhelp.c (change_slashes): Don't change slashes
under semi-hosted environment.
* common/util.h [HAVE_W32_SYSTEM] (windows_semihosted_by_wine): New.
* dirmngr/dns-stuff.c [HAVE_W32_SYSTEM] (check_inet_support): Disable
the check by "..localmachine" under semi-hosted environment.
--
GnuPG-bug-id: 7138
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/add-recipient.scm (add-recipient): Use temporary file
REFERENCE, instead of hard-coded "reference".
(change-recipient): Likewise.
--
Fixes-commit: 60f5b901178b476447d8a2ece0945bd3696e5ec3
Fixes-commit: fde7315e33e797443f8bdb2b5d103a952cceb5fc
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/pkglue.c (do_encrypt_ecdh): Prepend the prefix when needed.
--
Fixes-commit: d1c3bfda2a8c032165ad41dc750f31d92369cd37
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/pkdecrypt.c (ecc_kem_decap): Rename from ecc_pgp_kem_decap,
since it also handles the CMS case.
(composite_pgp_kem_decrypt, ecc_kem_decrypt): Follow the change.
--
GnuPG-bug-id: 7811
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* sm/encrypt.c (ecdh_encrypt): Use gcry_kem_encap of KEM API to get
the ephemeral key and the shared secret.
--
GnuPG-bug-id: 7845
Reviewed-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* sm/decrypt.c (hash_ecc_cms_shared_info): Remove.
(ecdh_derive_kek): Simply use build_shared_info and gnupg_ecc_kem_kdf.
--
GnuPG-bug-id: 7845
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sm/call-agent.c (gpgsm_agent_pkdecrypt): Add USE_KEM argument.
* sm/decrypt.c (ecdh_decrypt): Remove.
(determine_wrap_cipher, determine_hashalgo): New.
(build_shared_info, ecc_kem_pkdecrypt): New.
(prepare_decryption): Remove NBITS argument.
Call ecc_kem_pkdecrypt, when it's ECC.
(gpgsm_decrypt): Follow the removal of NBITS argument.
* sm/gpgsm.h (gpgsm_agent_pkdecrypt): Add USE_KEM argument.
--
GnuPG-bug-id: 7811
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* sm/decrypt.c (prepare_decryption): Sort out different cases.
--
GnuPG-bug-id: 7811
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/agent.h (agent_kem_decrypt): Remove OPTION argument.
* agent/command.c (cmd_pkdecrypt): No option is needed.
* agent/pkdecrypt.c (composite_pgp_kem_decrypt): Use
gnupg_ecc_kem_simple_kdf.
(ecc_kem_decrypt): Support the S/MIME case too. Follow the change of
gnupg_ecc_kem_kdf.
(agent_kem_decrypt): Remove OPTION argument. Also support the S/MIME
case.
* common/kem.c (gnupg_ecc_kem_kdf): Support the S/MIME case too.
Don't support simple ECC part for combined KEM.
(gnupg_ecc_kem_simple_kdf): New.
* common/util.h (gnupg_ecc_kem_kdf): Support the S/MIME case too.
(gnupg_ecc_kem_simple_kdf): New.
* g10/pkglue.c (do_encrypt_kem): Use gnupg_ecc_kem_simple_kdf.
Use gnupg_ecc_kem_kdf with IS_GPG=1.
--
GnuPG-bug-id: 7811
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr_ldap.c (set_timeout): Fix bogus error diagnostic.
--
The error check was simply wrong. No other effect because the
log_get_errorcount bases exit(2) is only used before setting the
timeout.
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_change_pin): Verify the PIN before sending the
Change_Reference_Data APDU.
--
Without this it was possible to enter a longer old PIN and the new PIN
had the surplus PIN digits as its prefix.
GnuPG-bug-id: 7840
|
| |
|
|
|
|
|
|
| |
* g10/packet.h (PKT_symkey_enc): Allocate the session key so that we
have a fixed length for this struct.
* g10/free-packet.c (free_symkey_enc): Adjust for this change
* g10/parse-packet.c (parse_symkeyenc): Ditto.
* g10/encrypt.c (encrypt_simple, write_symkey_enc): Ditto.
|
| |
|
|
|
|
| |
* g10/packet.h (struct pubkey_enc_list): Rename to ...
(struct seskey_enc_list): ... this and change all users. Also change
all names pkenc_list to sesenc_list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct pubkey_enc_list): Change to use a union to also
store symkey_enc data. Adjust all users accordingly.
(struct pubkey_enc_info_item): New.
* g10/free-packet.c (free_pubkey_enc_list): New.
* g10/mainproc.c (release_list): Use it here.
* g10/decrypt.c (decrypt_message): and here.
* g10/encrypt.c (reencrypt_to_new_recipients): Record the used
pubkey_enc packets and pass them to write_pubkey_enc_from_list.
(write_pubkey_enc_from_list): Add arg restrict_pk_list and use it to
skip recipients already used.
--
GnuPG-bug-id: 1825
Note that we here already prepare to better handle symkey_enc packets.
|
| |
|
|
|
|
|
|
|
| |
* common/homedir.c [HAVE_W32_SYSTEM] (gnupg_isatty): New.
* common/util.h (gnupg_isatty): Make it available on Windows.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* configure.ac: Fix quotation error.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* build-aux/potomo: Avoid using -a and -o for test(1).
* configure.ac: Likewise.
* tests/pkits/common.sh: Likewise.
* tests/tpm2dtests/Makefile.am: Likewise.
* tools/applygnupgdefaults: Likewise.
* tools/gpg-authcode-sign.sh: Likewise.
* tools/mail-signed-keys: Likewise.
--
GnuPG-bug-id: 7807
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-ldap.c (ks_ldap_put): Chnage to use a string than
a memory buffer for INFO.
--
This avoids assertion failures for certain lengths of the INFO buffer
with the key listing. And the new code is much cleaner.
|
| |
|
|
| |
* tests/openpgp/add-recipient.scm: Added checks for change-recipients
|
| |
|
|
|
|
| |
* tests/opengpg/add-recipient.scm: New
* tests/openpgp/Makefile.am (XTESTS): Add new test
* tests/gpgscm/tests.scm (tr:unlink): New
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/mainproc.c (struct symlist_item): Change flag cfb_mode to a
general cipher_mode variable.
(proc_symkey_enc): Set this variable to the used mode.
(proc_encrypted): Check the symmetric encrypted session keys now also
with support for OCB.
--
GnuPG-bug-id: 7804
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/compliance.c (gnupg_cipher_is_compliant): Support OCB for
gpg.
(gnupg_cipher_is_allowed): Ditto.
* g10/mainproc.c (proc_encrypted): Determine cipher mode and pass it
for the is_compliant test.
--
This patch also switches from just assuming CFB mode to passing the
correct mode to gnupg_cipher_is_compliant. Except for the legacy EAX
mode we only have these two modes and thus it does not really matter.
But correcting this is more future proof.
This was found while fixing
GnuPG-bug-id: 7804
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (putty_message_proc): Don't call xfree with
MAPSID. It's a reference to an object inside PSD.
--
GnuPG-bug-id: 7799
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/crlfetch.c (fetch_cert_by_url): Use es_free.
* g10/revoke.c (gen_standard_revoke): Likewise.
* g10/tofu.c (ask_about_binding): Likewise.
* scd/command.c (cmd_readkey): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.
* tools/gpg-wks-client.c (command_create): Likewise.
* tools/call-dirmngr.c (wkd_get_policy_flags): Clean up no use of
BUFFER.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (sexp_key_construct): Use es_free to release
memory allocated by es_fclose_snatch.
(data_sign): Likewise.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_menu): Factor some code out ...
(maybe_upload_key): New.
(keyedit_quick_adduid): Call it here.
(keyedit_quick_revuid): Ditto.
(keyedit_quick_set_primary): Ditto.
(keyedit_quick_update_pref): Ditto.
(keyedit_quick_sign): Ditto.
(keyedit_quick_revsig): Ditto.
(keyedit_quick_addkey): Ditto.
(keyedit_quick_addadsk): Ditto.
(keyedit_quick_set_expire): Ditto.
--
This should be the final part of
GnuPG-bug-id: 7333
|
| |
|
|
|
|
| |
* g10/gpg.c (oNoAutoKeyUpload): New.
(opts): Add "no-auto-key-upload".
(main): Clear the flag.
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_menu): Add an upload flag and set it as
needed. On save upload to the keyserver.
--
That is the second part of
GnuPG-bug-id: 7333
and the next part will be to implement this for the quick commands.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (opt.flags): Add member auto_key_upload.
(EXPORT_NO_STATUS): New.
(KEYSERVER_LDAP_ONLY): New.
(KEYSERVER_WARN_ONLY): New.
* g10/gpg.c (oAutoKeyUpload): New.
(opts): New option --auto-key-upload.
(main): Set option.
* g10/keyserver.c (keyserver_export_pubkey): New.
(keyserver_put): Take care of the WARN_ONLY and LDAP_ONLY options.
Delay printing of the EXPORTED status.
* g10/keygen.c (do_generate_keypair): Export new key if option is set.
* g10/export.c (do_export_one_keyblock): Take care of the NO_STATUS
option.
(print_status_exported): Move function to ...
* g10/cpr.c (write_status_warning): here and make public.
--
This change also fixes a bug with --send-key which used to emit an
EXPORTED line before actually sending the key to the dirmngr. Thus if
the upload failed a EXPORTED status has already been emitted.
GnuPG-bug-id: 7333
This is the first part which handles the new key case. We also need
to implement an upload after key modifications.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (append_adsk_to_key): Add arg sigtimestamp and pass
that as signing time to make_keysig_packet.
* g10/keygen.c (append_all_default_adsks): Likewise.
(do_generate_keypair): Likewise.
--
For not anymore known reasons or maybe because I mixed up creation and
binding time the creation date of the ADSK was also used as the time
for the key binding signature. This works but is a bit surprising.
Now we use either the current time or, on key creation, the time
creation time of the primary key as we also do with the other
self-signatures.
GnuPG-bug-id: 6882
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (append_adsk_to_key): Add arg cache_nonce and pass on
to make_keysig_packet.
* g10/keygen.c (do_generate_keypair): Pass cache_nonce to
append_adsk_to_key.
--
GnuPG-bug-id: 7491
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/trustlist.c (read_one_trustfile): Enabled the relax flag be
default. Add new keyword "norelax".
--
In any real world settings the "relax" flag is always set. Thus it is
better to make it the default and provide a way to disable it. In
fact, it is questionable whether this flag make sense at all. It is
some kind of legacy thing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/trustlist.c (struct trustitem_s): Add flag "noconsent".
(read_one_trustfile): Set flag.
(istrusted_internal): Emit flag value.
* sm/call-agent.c (istrusted_status_cb): Parse flag.
* sm/certchain.c (do_validate_chain): Handle flag by using a different
true value for an existing variable.
* sm/sign.c (gpgsm_sign): Consult the new flag.
* sm/gpgsm.c (enum cmd_and_opt_values): Add oNoQESNote.
(opts): Add option --no-qes-note.
* sm/gpgsm.h (opt): Add field no_qes_note.
(struct rootca_flags_s): Add flag noconsent.
* sm/sign.c (gpgsm_sign): Take care of the noconsent flag.
* sm/qualified.c (gpgsm_qualified_consent): Take care of no_qes_note.
* sm/verify.c (gpgsm_verify): Ditto.
--
GnuPG-bug-id: 7713
|
| |
|
|
|
| |
* sm/gpgsm.c (set_debug): Do not set the IPC debug flag when using
some debug-levels.
|
| |
|
|
|
|
|
| |
* g10/keygen.c (generate_subkeypair): Ask for Kyber variant.
--
GnuPG-bug-id: 7792
|
| |
|
|
| |
* common/sysutils.c (output_debug_string): New.
|
| |
|
|
|
|
|
| |
* g10/keygen.c (ask_algo): Do not show algo 16 in addmode.
--
GnuPG-bug-id: 7788
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
- change po/pt.po and AUTHORS files
Signed-off-by: Daniel Cerqueira <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpg-auth.c: Replace most usage of "struct foo" by a typedef
"foo_t". Add comments. Use KEYGRIP_LEN instead of the number 20.
(struct learn_parm_s): Remove this unused struct.
--
GnuPG-bug-id: 5862
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (map_supervised_sockets): Fix spelling of
--deprecated-supervised.
* g10/gpg.c (main): Fix spelling of --quick-set-expire.
* scd/command.c (hlp_checkpin): Fix spelling of modifying.
* g10/decrypt.c (decrypt_message): Fix spelling of mutually.
--
Signed-off-by: Collin Funk <[email protected]>
|
| |
|
|
|
|
|
| |
* dirmngr/dirmngr.h (DBG_LDAP_VALUE, DBG_LDAP): New value and macro.
* dirmngr/dirmngr.c (debug_flags): Add "ldap".
* dirmngr/ks-engine-ldap.c: Improve debug output and use the new debug
flag instead of any debug value.
|
