diff --git a/NEWS b/NEWS index ec1d12f39..fc8dde431 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,8 @@ Noteworthy changes in version 2.3.0 (unreleased) * The gpg-wks-client tool is now installed under bin; a wrapper for its old location at libexec is also installed. + * tpm2d: New daemon to physically bind keys to the local machine. + * gpg: Switch to ed25519/cv25519 as default public key algorithms. * gpg: Verification results now depend on the --sender option and @@ -33,6 +35,10 @@ Noteworthy changes in version 2.3.0 (unreleased) * gpg: New option --full-timestrings to print date and time. + * gpg: New option --force-sign-key. [#4584] + + * gpg: New option --no-auto-trust-new-key. + * gpg: The legacy key discovery method PKA is no longer supported. The command --print-pka-records and the PKA related import and export options have been removed. @@ -58,6 +64,8 @@ Noteworthy changes in version 2.3.0 (unreleased) * scd: New option --application-priority. + * scd: New option --pcsc-shared; see man page for important notes. + * dirmngr: Support a gpgNtds parameter in LDAP keyserver URLs. * The symcryptrun tool, a wrapper for the now obsolete external diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 393ee91e9..538b4ddef 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -158,7 +158,7 @@ typedef gpg_error_t (*ssh_signature_encoder_t) (ssh_key_type_spec_t *spec, estream_t signature_blob, gcry_sexp_t sig); -/* Type, which is used for boundling all the algorithm specific +/* Type, which is used for bundling all the algorithm specific information together in a single object. */ struct ssh_key_type_spec { diff --git a/doc/gpg.texi b/doc/gpg.texi index 54455b4ac..bfcd61e22 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3587,6 +3587,12 @@ You need to consult the source code to learn the details. Note that the advanced key generation commands can always be used to specify a key algorithm directly. +@item --no-auto-trust-new-key +@opindex no-auto-trust-new-key +When creating a new key the ownertrust of the new key is set to +ultimate. This option disables this and the user needs to manually +assign an ownertrust value. + @item --force-sign-key @opindex force-sign-key This option modifies the behaviour of the commands diff --git a/g10/gpg.c b/g10/gpg.c index a11ea12f9..4ab5ba1b0 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -285,6 +285,7 @@ enum cmd_and_opt_values oAlwaysTrust, oTrustModel, oForceOwnertrust, + oNoAutoTrustNewKey, oSetFilename, oForYourEyesOnly, oNoForYourEyesOnly, @@ -692,6 +693,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"), ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"), ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"), + ARGPARSE_s_n (oNoAutoTrustNewKey, "no-auto-trust-new-key", "@"), #endif @@ -2969,6 +2971,8 @@ main (int argc, char **argv) } break; + case oNoAutoTrustNewKey: opt.flags.no_auto_trust_new_key = 1; break; + case oCompliance: { int compliance = gnupg_parse_compliance_option diff --git a/g10/keygen.c b/g10/keygen.c index 01eec57ac..bde0f3217 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -5568,9 +5568,10 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para, keyid_from_pk (pk, pk->main_keyid); register_trusted_keyid (pk->main_keyid); - update_ownertrust (ctrl, pk, - ((get_ownertrust (ctrl, pk) & ~TRUST_MASK) - | TRUST_ULTIMATE )); + if (!opt.flags.no_auto_trust_new_key) + update_ownertrust (ctrl, pk, + ((get_ownertrust (ctrl, pk) & ~TRUST_MASK) + | TRUST_ULTIMATE )); gen_standard_revoke (ctrl, pk, cache_nonce); diff --git a/g10/options.h b/g10/options.h index f502ace61..958d3fb87 100644 --- a/g10/options.h +++ b/g10/options.h @@ -254,6 +254,8 @@ struct unsigned int full_timestrings:1; /* Force signing keys even if a key signature already exists. */ unsigned int force_sign_key:1; + /* On key generation do not set the ownertrust. */ + unsigned int no_auto_trust_new_key:1; } flags; /* Linked list of ways to find a key if the key isn't on the local