diff --git a/doc/ChangeLog b/doc/ChangeLog index e7a8ba2da..2344c8f67 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2009-11-18 Werner Koch + + * gpg.texi (GPG Key related Options): Describe + --skip-hidden-recipients. + 2009-10-19 David Shaw * gpg.texi (GPG Configuration Options): Clarify that ca-cert-file diff --git a/doc/gpg.texi b/doc/gpg.texi index 82cdef17d..8ec755648 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1761,14 +1761,24 @@ Use @var{name} as the key to sign with. Note that this option overrides @option{--default-key}. @item --try-all-secrets +@opindex try-all-secrets Don't look at the key ID as stored in the message but try all secret keys in turn to find the right decryption key. This option forces the behaviour as used by anonymous recipients (created by using @option{--throw-keyids}) and might come handy in case where an encrypted message contains a bogus key ID. - - +@item --skip-hidden-recipients +@itemx --no-skip-hidden-recipients +@opindex skip-hidden-recipients +@opindex no-skip-hidden-recipients +During decryption skip all anonymous recipients. This option helps in +the case that people use the hidden recipients feature to hide there +own encrypt-to key from others. If oneself has many secret keys this +may lead to a major annoyance because all keys are tried in turn to +decrypt soemthing which was not really intended for it. The drawback +of this option is that it is currently not possible to decrypt a +message which includes real anonymous recipients. @end table diff --git a/g10/ChangeLog b/g10/ChangeLog index 55048f200..944326579 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,13 @@ +2009-11-23 Werner Koch + + * gpg.c (gpgconf_list): Add key "default_pubkey_algo". + +2009-11-18 Werner Koch + + * gpg.c: Add option --skip-hidden-recipients and no- variant. + * options.h (struct opt): Add field SKIP_HIDDEN_RECIPIENTS. + * pubkey-enc.c (get_session_key): Implement that option. + 2009-11-04 Werner Koch * server.c (register_commands): Add NULL arg to diff --git a/g10/gpg.c b/g10/gpg.c index 5b70e4fc3..720c9f4d8 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -233,6 +233,8 @@ enum cmd_and_opt_values oWithSigList, oWithSigCheck, oSkipVerify, + oSkipHiddenRecipients, + oNoSkipHiddenRecipients, oCompressKeys, oCompressSigs, oAlwaysTrust, @@ -626,6 +628,8 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (aListSigs, "list-sig", "@"), /* alias */ ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */ ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), + ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), + ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), ARGPARSE_s_n (oCompressKeys, "compress-keys", "@"), ARGPARSE_s_n (oCompressSigs, "compress-sigs", "@"), ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */ @@ -1586,6 +1590,11 @@ gpgconf_list (const char *configfile) printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); printf ("group:%lu:\n", GC_OPT_FLAG_NONE); + /* The next one is an info only item and should match what + keygen:ask_keysize actually implements. */ + printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, + "RSA-2048"); + xfree (configfile_esc); } @@ -2315,6 +2324,10 @@ main (int argc, char **argv) case oWithSigList: opt.list_sigs = 1; break; case oSkipVerify: opt.skip_verify=1; break; + + case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break; + case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break; + case oCompressKeys: opt.compress_keys = 1; break; case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break; /* There are many programs (like mutt) that call gpg with diff --git a/g10/keygen.c b/g10/keygen.c index 3abc19bd0..04775615c 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1765,6 +1765,8 @@ ask_algo (int addmode, int *r_subkey_algo, unsigned int *r_usage) static unsigned ask_keysize (int algo, unsigned int primary_keysize) { + /* NOTE: If you change the default key size/algo, remember to change + it also in gpgconf.c:gpgconf_list. */ unsigned int nbits, min, def=2048, max=4096; int for_subkey = !!primary_keysize; int autocomp = 0; diff --git a/g10/options.h b/g10/options.h index b6e7e55b8..40dee3780 100644 --- a/g10/options.h +++ b/g10/options.h @@ -94,6 +94,7 @@ struct char *lc_messages; int skip_verify; + int skip_hidden_recipients; int compress_keys; int compress_sigs; /* TM_CLASSIC must be zero to accomodate trustdbs generated before diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index c0167b12e..fedf4d9a9 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -85,6 +85,8 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek ) if( !(rc = get_seckey( sk, k->keyid )) ) rc = get_it( k, dek, sk, k->keyid ); } + else if (opt.skip_hidden_recipients) + rc = gpg_error (GPG_ERR_NO_SECKEY); else { /* anonymous receiver: Try all available secret keys */ void *enum_context = NULL; u32 keyid[2]; diff --git a/sm/ChangeLog b/sm/ChangeLog index 40a5eb3c5..f5d8da515 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,7 @@ +2009-11-23 Werner Koch + + * gpgsm.c (main) : Add key "default_pubkey_algo". + 2009-11-10 Marcus Brinkmann * server.c (cmd_getauditlog): Don't dup FD for es_fdopen_nc as diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 49b2b9208..7026a303f 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -475,7 +475,8 @@ proc_parameters (ctrl_t ctrl, return gpg_error (GPG_ERR_INV_PARAMETER); } - /* Check the keylength. */ + /* Check the keylength. NOTE: If you change this make sure that it + macthes the gpgconflist item in gpgsm.c */ if (!get_parameter (para, pKEYLENGTH, 0)) nbits = 2048; else diff --git a/sm/gpgsm.c b/sm/gpgsm.c index adfe6cdbf..2d262b707 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1634,6 +1634,11 @@ main ( int argc, char **argv) printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT); printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE); + /* The next one is an info only item and should match what + proc_parameters actually implements. */ + printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, + "RSA-2048"); + } break; case aGPGConfTest: diff --git a/tools/ChangeLog b/tools/ChangeLog index 5ce91bd6c..eaa60bb99 100644 --- a/tools/ChangeLog +++ b/tools/ChangeLog @@ -1,3 +1,7 @@ +2009-11-23 Werner Koch + + * gpgconf-comp.c (gc_options_gpg): Add default_pubkey_algo. + 2009-11-05 Marcus Brinkmann * gpg-connect-agent.c (start_agent): Update use of diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 7ba526f69..f8de9d650 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -667,6 +667,11 @@ static gc_option_t gc_options_gpg[] = { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT, "gnupg", "|FILE|read options from FILE", GC_ARG_TYPE_FILENAME, GC_BACKEND_GPG }, + { "default_pubkey_algo", + (GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE, + NULL, NULL, + GC_ARG_TYPE_STRING, GC_BACKEND_GPG }, + { "Debug", GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED, @@ -695,6 +700,8 @@ static gc_option_t gc_options_gpg[] = GC_ARG_TYPE_STRING, GC_BACKEND_GPG }, + + GC_OPTION_NULL }; @@ -744,6 +751,10 @@ static gc_option_t gc_options_gpgsm[] = { "keyserver", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC, "gnupg", N_("|SPEC|use this keyserver to lookup keys"), GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_GPGSM }, + { "default_pubkey_algo", + (GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE, + NULL, NULL, + GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM }, { "Debug", GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,