mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-21 14:47:03 +01:00
Require libgcrypt 1.5
Without Libgcrypt 1.5 is was not possible to use ECC keys. ECC is major new feature and thus it does not make sense to allow building with an older Libgcrypt without supporting ECC. Also fixed a few missing prototypes.
This commit is contained in:
parent
3582e2efa4
commit
327af90594
@ -1,3 +1,9 @@
|
|||||||
|
2011-03-08 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* configure.ac: Require libgcrypt 1.5.0.
|
||||||
|
(HAVE_GCRY_PK_ECDH, HAVE_GCRY_PK_GET_CURVE): Remove.
|
||||||
|
(utmp.h): Check for header.
|
||||||
|
|
||||||
2011-02-25 Werner Koch <wk@g10code.com>
|
2011-02-25 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* configure.ac: Require libksba 1.2.
|
* configure.ac: Require libksba 1.2.
|
||||||
|
13
README
13
README
@ -30,7 +30,7 @@ OpenPGP-only version.
|
|||||||
BUILD INSTRUCTIONS
|
BUILD INSTRUCTIONS
|
||||||
==================
|
==================
|
||||||
|
|
||||||
GnuPG 2.0 depends on the following packages:
|
GnuPG 2.1 depends on the following packages:
|
||||||
|
|
||||||
libgpg-error (ftp://ftp.gnupg.org/gcrypt/libgpg-error/)
|
libgpg-error (ftp://ftp.gnupg.org/gcrypt/libgpg-error/)
|
||||||
libgcrypt (ftp://ftp.gnupg.org/gcrypt/libgcrypt/)
|
libgcrypt (ftp://ftp.gnupg.org/gcrypt/libgcrypt/)
|
||||||
@ -76,8 +76,8 @@ You may run
|
|||||||
to view the default directories used by GnuPG.
|
to view the default directories used by GnuPG.
|
||||||
|
|
||||||
|
|
||||||
MIGRATION FROM 1.4 or 2.0
|
MIGRATION FROM 1.4 or 2.0 to 2.1
|
||||||
=========================
|
================================
|
||||||
|
|
||||||
The major change in 2.1 is that gpg-agent now takes care of the
|
The major change in 2.1 is that gpg-agent now takes care of the
|
||||||
OpenPGP secret keys (those managed by GPG). The former secring.gpg
|
OpenPGP secret keys (those managed by GPG). The former secring.gpg
|
||||||
@ -100,9 +100,10 @@ will start the gpg-agent as needed. In general there is no more need
|
|||||||
to set the GPG_AGENT_INFO environment variable. The SSH_AUTH_SOCK
|
to set the GPG_AGENT_INFO environment variable. The SSH_AUTH_SOCK
|
||||||
environment variable should be set to a fixed value.
|
environment variable should be set to a fixed value.
|
||||||
|
|
||||||
GPG's smartcard commands --card-edit and --card-status as well as the
|
GPG's smartcard commands --card-edit and --card-status as well as some
|
||||||
card related sub-commands of --edit-key are not yet supported.
|
of the card related sub-commands of --edit-key are not yet fully
|
||||||
However, signing and decryption with a smartcard does work.
|
supported. However, signing and decryption with a smartcard does
|
||||||
|
work.
|
||||||
|
|
||||||
The Dirmngr is now part of GnuPG proper. Thus there is no more need
|
The Dirmngr is now part of GnuPG proper. Thus there is no more need
|
||||||
to install the separate dirmngr package. The directroy layout of
|
to install the separate dirmngr package. The directroy layout of
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2011-03-08 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: Remove.
|
||||||
|
|
||||||
2011-03-03 Ben Kibbey <bjk@luxsci.net>
|
2011-03-03 Ben Kibbey <bjk@luxsci.net>
|
||||||
|
|
||||||
* command.c (cmd_preset_passphrase): Add option --inquire.
|
* command.c (cmd_preset_passphrase): Add option --inquire.
|
||||||
|
@ -28,13 +28,6 @@
|
|||||||
#include "i18n.h"
|
#include "i18n.h"
|
||||||
#include "cvt-openpgp.h"
|
#include "cvt-openpgp.h"
|
||||||
|
|
||||||
/* Macros for compatibility with older libgcrypt versions. */
|
|
||||||
#ifndef HAVE_GCRY_PK_ECDSA
|
|
||||||
# define GCRY_PK_ECDH 302
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Helper to pass data via the callback to do_unprotect. */
|
/* Helper to pass data via the callback to do_unprotect. */
|
||||||
struct try_do_unprotect_arg_s
|
struct try_do_unprotect_arg_s
|
||||||
|
40
configure.ac
40
configure.ac
@ -43,7 +43,7 @@ development_version=no
|
|||||||
NEED_GPG_ERROR_VERSION=1.8
|
NEED_GPG_ERROR_VERSION=1.8
|
||||||
|
|
||||||
NEED_LIBGCRYPT_API=1
|
NEED_LIBGCRYPT_API=1
|
||||||
NEED_LIBGCRYPT_VERSION=1.4.6
|
NEED_LIBGCRYPT_VERSION=1.5.0
|
||||||
|
|
||||||
NEED_LIBASSUAN_API=2
|
NEED_LIBASSUAN_API=2
|
||||||
NEED_LIBASSUAN_VERSION=2.0.0
|
NEED_LIBASSUAN_VERSION=2.0.0
|
||||||
@ -742,40 +742,6 @@ AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION",
|
|||||||
AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_API:$NEED_LIBGCRYPT_VERSION",
|
AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_API:$NEED_LIBGCRYPT_VERSION",
|
||||||
have_libgcrypt=yes,have_libgcrypt=no)
|
have_libgcrypt=yes,have_libgcrypt=no)
|
||||||
|
|
||||||
# fixme: We can remove the next two checks if we require libgcrypt 1.5.
|
|
||||||
AC_CACHE_CHECK([whether Libgcrypt support ECDH], gnupg_cv_gcry_pk_ecdh,
|
|
||||||
[ _gnupg_gcry_save_cflags=$CFLAGS
|
|
||||||
CFLAGS="$CFLAGS $LIBGCRYPT_CFLAGS"
|
|
||||||
AC_TRY_COMPILE(
|
|
||||||
[#include <gcrypt.h>],
|
|
||||||
[ return GCRY_PK_ECDH; ],
|
|
||||||
gnupg_cv_gcry_pk_ecdh=yes,
|
|
||||||
gnupg_cv_gcry_pk_ecdh=no)
|
|
||||||
CFLAGS=$_gnupg_gcry_save_cflags])
|
|
||||||
if test "$gnupg_cv_gcry_pk_ecdh" = yes; then
|
|
||||||
AC_DEFINE([HAVE_GCRY_PK_ECDH], 1,
|
|
||||||
[Define if gcrypt.h has the enum value for ECDH.])
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_CACHE_CHECK([whether Libgcrypt has gcry_pk_get_curve],
|
|
||||||
gnupg_cv_gcry_pk_get_curve,
|
|
||||||
[ _gnupg_gcry_save_cflags=$CFLAGS
|
|
||||||
_gnupg_gcry_save_libs=$LIBS
|
|
||||||
CFLAGS="$CFLAGS $LIBGCRYPT_CFLAGS"
|
|
||||||
LIBS="$LIBS $LIBGCRYPT_LIBS"
|
|
||||||
AC_TRY_LINK(
|
|
||||||
[#include <gcrypt.h>],
|
|
||||||
[ return gcry_pk_get_curve (NULL, 0, NULL); ],
|
|
||||||
gnupg_cv_gcry_pk_get_curve=yes,
|
|
||||||
gnupg_cv_gcry_pk_get_curve=no)
|
|
||||||
LIBS=$_gnupg_gcry_save_libs
|
|
||||||
CFLAGS=$_gnupg_gcry_save_cflags])
|
|
||||||
if test "$gnupg_cv_gcry_pk_get_curve" = yes; then
|
|
||||||
AC_DEFINE([HAVE_GCRY_PK_GET_CURVE], 1,
|
|
||||||
[Define if gcrypt.h has gcry_pk_get_curve.])
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# libassuan is used for IPC
|
# libassuan is used for IPC
|
||||||
#
|
#
|
||||||
@ -1172,7 +1138,7 @@ fi
|
|||||||
AC_MSG_NOTICE([checking for header files])
|
AC_MSG_NOTICE([checking for header files])
|
||||||
AC_HEADER_STDC
|
AC_HEADER_STDC
|
||||||
AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
|
AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
|
||||||
pty.h pwd.h inttypes.h signal.h])
|
pty.h utmp.h pwd.h inttypes.h signal.h])
|
||||||
AC_HEADER_TIME
|
AC_HEADER_TIME
|
||||||
|
|
||||||
|
|
||||||
@ -1636,7 +1602,7 @@ if test "$have_libgcrypt" = "no"; then
|
|||||||
***
|
***
|
||||||
*** You need libgcrypt to build this program.
|
*** You need libgcrypt to build this program.
|
||||||
** This library is for example available at
|
** This library is for example available at
|
||||||
*** ftp://ftp.gnupg.org/gcrypt/libgcrypt/
|
*** ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/
|
||||||
*** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API is required.)
|
*** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API is required.)
|
||||||
***]])
|
***]])
|
||||||
fi
|
fi
|
||||||
|
@ -25,6 +25,8 @@ gpg_error_t gpg_dirmngr_ks_search (ctrl_t ctrl, const char *searchstr,
|
|||||||
gpg_error_t (*cb)(void*, char *),
|
gpg_error_t (*cb)(void*, char *),
|
||||||
void *cb_value);
|
void *cb_value);
|
||||||
gpg_error_t gpg_dirmngr_ks_get (ctrl_t ctrl, char *pattern[], estream_t *r_fp);
|
gpg_error_t gpg_dirmngr_ks_get (ctrl_t ctrl, char *pattern[], estream_t *r_fp);
|
||||||
|
gpg_error_t gpg_dirmngr_ks_fetch (ctrl_t ctrl,
|
||||||
|
const char *url, estream_t *r_fp);
|
||||||
gpg_error_t gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen,
|
gpg_error_t gpg_dirmngr_ks_put (ctrl_t ctrl, void *data, size_t datalen,
|
||||||
kbnode_t keyblock);
|
kbnode_t keyblock);
|
||||||
|
|
||||||
|
17
g10/export.c
17
g10/export.c
@ -581,11 +581,7 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
|
|||||||
skey[0], skey[1], skey[2], skey[3], skey[4]);
|
skey[0], skey[1], skey[2], skey[3], skey[4]);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
#ifdef HAVE_GCRY_PK_GET_CURVE
|
|
||||||
curvename = gcry_pk_get_curve (s_pubkey, 0, NULL);
|
curvename = gcry_pk_get_curve (s_pubkey, 0, NULL);
|
||||||
#else
|
|
||||||
curvename = "?";
|
|
||||||
#endif
|
|
||||||
gcry_sexp_release (s_pubkey);
|
gcry_sexp_release (s_pubkey);
|
||||||
curveoidstr = gpg_curve_to_oid (curvename, NULL);
|
curveoidstr = gpg_curve_to_oid (curvename, NULL);
|
||||||
if (!curveoidstr)
|
if (!curveoidstr)
|
||||||
@ -649,17 +645,10 @@ transfer_format_to_openpgp (gcry_sexp_t s_pgp, PKT_public_key *pk)
|
|||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
/* Check that the public key parameters match. Since Libgcrypt 1.5
|
/* Check that the public key parameters match. Note that since
|
||||||
and the gcry_pk_get_curve function, gcry_mpi_cmp handles opaque
|
Libgcrypt 1.5 gcry_mpi_cmp handles opaque MPI correctly. */
|
||||||
MPI correctly and thus we don't need to to do the extra
|
|
||||||
opaqueness checks. */
|
|
||||||
for (idx=0; idx < npkey; idx++)
|
for (idx=0; idx < npkey; idx++)
|
||||||
if (0
|
if (gcry_mpi_cmp (pk->pkey[idx], skey[idx]))
|
||||||
#ifndef HAVE_GCRY_PK_GET_CURVE
|
|
||||||
|| gcry_mpi_get_flag (pk->pkey[idx], GCRYMPI_FLAG_OPAQUE)
|
|
||||||
|| gcry_mpi_get_flag (skey[idx], GCRYMPI_FLAG_OPAQUE)
|
|
||||||
#endif
|
|
||||||
|| gcry_mpi_cmp (pk->pkey[idx], skey[idx]))
|
|
||||||
{
|
{
|
||||||
err = gpg_error (GPG_ERR_BAD_PUBKEY);
|
err = gpg_error (GPG_ERR_BAD_PUBKEY);
|
||||||
goto leave;
|
goto leave;
|
||||||
|
@ -1253,11 +1253,8 @@ transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock)
|
|||||||
err = gpg_error_from_syserror ();
|
err = gpg_error_from_syserror ();
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
#ifdef HAVE_GCRY_PK_GET_CURVE /* Also ensures availability of get_param. */
|
|
||||||
gcry_sexp_t cparam = gcry_pk_get_param (GCRY_PK_ECDSA, curve);
|
gcry_sexp_t cparam = gcry_pk_get_param (GCRY_PK_ECDSA, curve);
|
||||||
#else
|
|
||||||
gcry_sexp_t cparam = NULL;
|
|
||||||
#endif
|
|
||||||
xfree (curve);
|
xfree (curve);
|
||||||
if (!cparam)
|
if (!cparam)
|
||||||
err = gpg_error (GPG_ERR_UNKNOWN_CURVE);
|
err = gpg_error (GPG_ERR_UNKNOWN_CURVE);
|
||||||
|
@ -22,12 +22,6 @@
|
|||||||
|
|
||||||
#include <gcrypt.h>
|
#include <gcrypt.h>
|
||||||
|
|
||||||
/* Macros for compatibility with older libgcrypt versions. */
|
|
||||||
#ifndef HAVE_GCRY_PK_ECDH
|
|
||||||
# define GCRY_PK_ECDH 302
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
/* Constants for OpenPGP. */
|
/* Constants for OpenPGP. */
|
||||||
|
|
||||||
#define CIPHER_ALGO_NONE /* 0 */ GCRY_CIPHER_NONE
|
#define CIPHER_ALGO_NONE /* 0 */ GCRY_CIPHER_NONE
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2011-03-08 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* symcryptrun.c [HAVE_UTMP_H]: Include utmp.h.
|
||||||
|
|
||||||
2011-02-23 Werner Koch <wk@g10code.com>
|
2011-02-23 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* gpgconf.c: Add command --kill.
|
* gpgconf.c: Add command --kill.
|
||||||
|
@ -74,6 +74,9 @@
|
|||||||
#ifdef HAVE_PTY_H
|
#ifdef HAVE_PTY_H
|
||||||
#include <pty.h>
|
#include <pty.h>
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef HAVE_UTMP_H
|
||||||
|
#include <utmp.h>
|
||||||
|
#endif
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#ifdef HAVE_LOCALE_H
|
#ifdef HAVE_LOCALE_H
|
||||||
#include <locale.h>
|
#include <locale.h>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user