diff --git a/NEWS b/NEWS index 755e2cfba..40351234e 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes in version 2.0.6 +Noteworthy changes in version 2.0.6 (2007-08-14) ------------------------------------------------ * GPGSM does now grok --default-key. @@ -8,6 +8,10 @@ Noteworthy changes in version 2.0.6 * GPGSM does again correctly print the serial number as well the the various keyids. This was broken since 2.0.4. + * New option --validation-model and support for the chain-model. + + * Imporved Windows support. + Noteworthy changes in version 2.0.5 (2007-07-05) ------------------------------------------------ diff --git a/TODO b/TODO index 7b1c1cfd6..7cffa2446 100644 --- a/TODO +++ b/TODO @@ -110,6 +110,7 @@ * Remove -sat PGP2 compatibility hack * UTF-8 specific TODOs + None. * Pinpad Reader We do not yet support P15 applications. The trivial thing using @@ -124,11 +125,7 @@ * Howtos ** Migrate OpenPGP keys to another system - -* do_add_recipient - Prints wrong error message even when decrypting. - *Decrypt* does even not work in this case. - * Duplicate certifciates This may happen and lead to an Ambiguous Name error. Solution is to - check the certs for identity beforethorwin this error. + check the certs for identity before throwing this error. + diff --git a/common/ChangeLog b/common/ChangeLog index f963e5282..3a54c8683 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,7 @@ +2007-08-14 Werner Koch + + * homedir.c (dirmngr_socket_name): New. + 2007-08-07 Werner Koch * tlv.c, tlv.h: Move from ../scd/. diff --git a/common/homedir.c b/common/homedir.c index 212c3509d..52206191e 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -290,6 +290,29 @@ gnupg_datadir (void) } +/* Return the default socket name used by DirMngr. */ +const char * +dirmngr_socket_name (void) +{ +#ifdef HAVE_W32_SYSTEM + static char *name; + + if (!name) + { + const char *s1, *s2; + s1 = w32_rootdir (); + s2 = DIRSEP_S "S.dirmngr"; + name = xmalloc (strlen (s1) + strlen (s2) + 1); + strcpy (stpcpy (name, s1), s2); + } + return name; +#else /*!HAVE_W32_SYSTEM*/ + return "/var/run/dirmngr/socket"; +#endif /*!HAVE_W32_SYSTEM*/ +} + + + /* Return the file name of a helper tool. WHICH is one of the GNUPG_MODULE_NAME_foo constants. */ const char * diff --git a/common/util.h b/common/util.h index 9821d6ab6..ad398ac97 100644 --- a/common/util.h +++ b/common/util.h @@ -178,6 +178,7 @@ const char *gnupg_bindir (void); const char *gnupg_libexecdir (void); const char *gnupg_libdir (void); const char *gnupg_datadir (void); +const char *dirmngr_socket_name (void); #define GNUPG_MODULE_NAME_AGENT 1 #define GNUPG_MODULE_NAME_PINENTRY 2 diff --git a/doc/ChangeLog b/doc/ChangeLog index 69f028c3c..07c497cc7 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,15 @@ +2007-08-14 Werner Koch + + * glossary.texi (Glossary): Add a more items. + +2007-08-13 Werner Koch + + * yat2m.c (proc_texi_cmd): Do not put @samp content between two + newlines. + + * gpg-agent.texi (Agent Configuration): Explain the CM flag for + trustlist.txt. + 2007-08-09 Werner Koch * gpgsm.texi (Certificate Options): Describe --validation-model. diff --git a/doc/glossary.texi b/doc/glossary.texi index 22bd7adc5..ff68f9d42 100644 --- a/doc/glossary.texi +++ b/doc/glossary.texi @@ -12,6 +12,21 @@ @acronym{CRL} but used for @acronym{CA}s and not for end user certificates. +@item Chain model + Verification model for X.509 which uses the creation date of a +signature as the date the validation starts and in turn checks that each +certificate has been issued within the time frame, the issuing +certificate was valid. This allows the verification of signatures after +the the CA's certificate expired. The validation test also required an +online check of the certificate status. The chain model is required by +the German signature law. See also @emph{Shell model}. + +@item CMS + The @emph{Cryptographic Message Standard} describes a message +format for encryption and digital signing. It is closely related to the +X.509 certificate format. @acronym{CMS} was formerly known under the +name @code{PKCS#7} and is described by @code{RFC3369}. + @item CRL The @emph{Certificate Revocation List} is a list containing certificates revoked by the issuer. @@ -21,6 +36,12 @@ certificates revoked by the issuer. ask them to issue a new certificate. The data format of such a signing request is called PCKS#10. +@item OpenPGP + A data format used to build a PKI and to exchange encrypted or +signed messages. In contrast to X.509, OpenPGP also includes the +message format but does not explicilty demand a specific PKI. However +any kind of PKI may be build upon the OpenPGP protocol. + @item Keygrip This term is used by GnuPG to describe a 20 byte hash value used to identify a certain key without referencing to a concrete protocol. @@ -37,4 +58,15 @@ store private keys. This is either a smartcard or a collection of files on a disk; the latter is often called a Soft-PSE. +@item Shell model +The standard model for validation of certificates under X.509. At the +time of the verification all certifciates must be valid and not expired. +See also @emph{Chain mode}. + + +@item X.509 +Description of a PKI used with CMS. It is for example +defined by @code{RFC3280}. + + @end table diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index e9ef3a9e9..829530bd8 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -493,31 +493,40 @@ This is however not as secure as maintaining this file manually. It is even advisable to change the permissions to read-only so that this file can't be changed inadvertently. -It is possible to add further flags after the @code{S} for use by the -caller. The only flag currently defined is @code{relax} to relax -checking of some root certificate requirements. - As a special feature a line @code{include-default} will include a global list of trusted certificates (e.g. @file{/etc/gnupg/trustlist.txt}). This global list is also used if the local list is not available. +It is possible to add further flags after the @code{S} for use by the +caller: + +@table @code +@item relax +Relax checking of some root certificate requirements. + +@item cm +If validation of a certificate finally issued by a CA with this flag set +fails, try again using the chain validation model. + +@end table + @item sshcontrol - This file is used when support for the secure shell agent protocol has - been enabled (@pxref{option --enable-ssh-support}). Only keys present in - this file are used in the SSH protocol. The @command{ssh-add} tool y be - used to add new entries to this file; you may also add them manually. - Comment lines, indicated by a leading hash mark, as well as empty lines - are ignored. An entry starts with optional white spaces, followed by - the keygrip of the key given as 40 hex digits, optionally followed by - the caching TTL in seconds and another optional field for arbitrary - flags. A @code{!} may be prepended to the keygrip to disable this - entry. +This file is used when support for the secure shell agent protocol has +been enabled (@pxref{option --enable-ssh-support}). Only keys present +in this file are used in the SSH protocol. The @command{ssh-add} tool +y be used to add new entries to this file; you may also add them +manually. Comment lines, indicated by a leading hash mark, as well as +empty lines are ignored. An entry starts with optional white spaces, +followed by the keygrip of the key given as 40 hex digits, optionally +followed by the caching TTL in seconds and another optional field for +arbitrary flags. A @code{!} may be prepended to the keygrip to +disable this entry. - The follwoing example lists exactly one key. Note that keys available - through a OpenPGP smartcard in the active smartcard reader are implictly - added to this list; i.e. there is no need to list them. +The follwoing example lists exactly one key. Note that keys available +through a OpenPGP smartcard in the active smartcard reader are +implictly added to this list; i.e. there is no need to list them. @example # Key added on 2005-02-25 15:08:29 diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 38b35364c..e98de1512 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -339,7 +339,8 @@ a running dirmngr can't be connected. @opindex prefer-system-dirmngr If a system wide @command{dirmngr} is running in daemon mode, first try to connect to this one. Fallback to a pipe based server if this does -not work. +not work. Under Windows this option is ignored because the system dirmngr is +always used. @item --no-secmem-warning @opindex no-secmem-warning diff --git a/doc/yat2m.c b/doc/yat2m.c index dbb198b82..9411e3419 100644 --- a/doc/yat2m.c +++ b/doc/yat2m.c @@ -449,7 +449,7 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, { "code", 0, "\\fB", "\\fR" }, { "sc", 0, "\\fB", "\\fR" }, { "var", 0, "\\fI", "\\fR" }, - { "samp", 0, "\n'", "'\n" }, + { "samp", 0, "'", "'" }, { "file", 0, "`\\fI","\\fR'" }, { "env", 0, "`\\fI","\\fR'" }, { "acronym", 0 }, diff --git a/sm/ChangeLog b/sm/ChangeLog index 5e51dae7a..eb7d50057 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,19 @@ +2007-08-14 Werner Koch + + * call-dirmngr.c (start_dirmngr): Use dirmngr_socket_name. change + the way infostr is xstrdupped. + + * gpgsm.c (main) [W32]: Make --prefer-system-dirmngr a dummy under + Windows. + +2007-08-13 Werner Koch + + * gpgsm.c (do_add_recipient): Add RECP_REQUIRED and make error + message depend on that. + (main): Add avriable RECP_REQUIRED, set ift for encryption + commands and pass it to do_add_recipient. + (our_pk_test_algo, our_cipher_test_algo, our_md_test_algo): Implement. + 2007-08-09 Werner Koch * gpgsm.c (main) [W32]: Enable CRL check by default. diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c index 3beb57799..a35e93cde 100644 --- a/sm/call-dirmngr.c +++ b/sm/call-dirmngr.c @@ -34,8 +34,6 @@ #include "i18n.h" #include "keydb.h" -/* The name of the socket for a system daemon. */ -#define DEFAULT_SOCKET_NAME "/var/run/dirmngr/socket" struct membuf { size_t len; @@ -155,14 +153,23 @@ start_dirmngr (void) /* Note: if you change this to multiple connections, you also need to take care of the implicit option sending caching. */ +#ifdef HAVE_W32_SYSTEM + infostr = NULL; + opt.prefer_system_dirmngr = 1; +#else infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); - if (opt.prefer_system_dirmngr && !force_pipe_server - &&(!infostr || !*infostr)) +#endif /*HAVE_W32_SYSTEM*/ + if (infostr && !*infostr) + infostr = NULL; + else if (infostr) + infostr = xstrdup (infostr); + + if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr) { - infostr = DEFAULT_SOCKET_NAME; + infostr = xstrdup (dirmngr_socket_name ()); try_default = 1; } - if (!infostr || !*infostr) + if (!infostr) { const char *pgmname; const char *argv[3]; @@ -206,8 +213,7 @@ start_dirmngr (void) int prot; int pid; - infostr = xstrdup (infostr); - if (!try_default && *infostr) + if (!try_default) { if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) { @@ -234,13 +240,20 @@ start_dirmngr (void) pid = -1; rc = assuan_socket_connect (&ctx, infostr, pid); +#ifdef HAVE_W32_SYSTEM + if (rc) + log_debug ("connecting dirmngr at `%s' failed\n", infostr); +#endif + xfree (infostr); +#ifndef HAVE_W32_SYSTEM if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED) { log_error (_("can't connect to the dirmngr - trying fall back\n")); force_pipe_server = 1; return start_dirmngr (); } +#endif /*!HAVE_W32_SYSTEM*/ } if (rc) diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 69f1532fd..c51eabd6d 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -491,25 +491,65 @@ static FILE *open_fwrite (const char *filename); static estream_t open_es_fwrite (const char *filename); static void run_protect_tool (int argc, char **argv); +/* Remove this if libgcrypt 1.3.0 is required. */ +#define MY_GCRY_PK_ECDSA 301 + static int our_pk_test_algo (int algo) { - return 1; + switch (algo) + { + case GCRY_PK_RSA: + case MY_GCRY_PK_ECDSA: + return gcry_pk_test_algo (algo); + default: + return 1; + } } static int our_cipher_test_algo (int algo) { - return 1; + switch (algo) + { + case GCRY_CIPHER_3DES: + case GCRY_CIPHER_AES128: + case GCRY_CIPHER_AES192: + case GCRY_CIPHER_AES256: + case GCRY_CIPHER_SERPENT128: + case GCRY_CIPHER_SERPENT192: + case GCRY_CIPHER_SERPENT256: + case 309 /*GCRY_CIPHER_SEED*/: + case 310 /*GCRY_CIPHER_CAMELLIA128*/: + case 311 /*GCRY_CIPHER_CAMELLIA192*/: + case 312 /*GCRY_CIPHER_CAMELLIA256*/: + return gcry_cipher_test_algo (algo); + default: + return 1; + } } + static int our_md_test_algo (int algo) { - return 1; + switch (algo) + { + case GCRY_MD_MD5: + case GCRY_MD_SHA1: + case GCRY_MD_RMD160: + case GCRY_MD_SHA256: + case GCRY_MD_SHA384: + case GCRY_MD_SHA512: + case 305 /*GCRY_MD_WHIRLPOOL*/: + return gcry_md_test_algo (algo); + default: + return 1; + } } + static const char * my_strusage( int level ) { @@ -571,12 +611,12 @@ build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int)) gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */ } - for (i=1; i < 110; i++ ) + for (i=1; i < 400; i++ ) if (!chkf(i)) n += strlen(mapf(i)) + 2; list = xmalloc (21 + n); *list = 0; - for (p=NULL, i=1; i < 110; i++) + for (p=NULL, i=1; i < 400; i++) { if (!chkf(i)) { @@ -683,13 +723,15 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd) /* Helper to add recipients to a list. */ static void do_add_recipient (ctrl_t ctrl, const char *name, - certlist_t *recplist, int is_encrypt_to) + certlist_t *recplist, int is_encrypt_to, int recp_required) { int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to); if (rc) { - log_error (_("can't encrypt to `%s': %s\n"), name, gpg_strerror (rc)); - gpgsm_status2 (ctrl, STATUS_INV_RECP, + if (recp_required) + { + log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc)); + gpgsm_status2 (ctrl, STATUS_INV_RECP, gpg_err_code (rc) == -1? "1": gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": @@ -701,6 +743,10 @@ do_add_recipient (ctrl_t ctrl, const char *name, gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": "0", name, NULL); + } + else + log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"), + name, gpg_strerror (rc)); } } @@ -747,6 +793,7 @@ main ( int argc, char **argv) certlist_t recplist = NULL; certlist_t signerlist = NULL; int do_not_setup_keys = 0; + int recp_required = 0; /*mtrace();*/ @@ -943,9 +990,13 @@ main ( int argc, char **argv) set_cmd (&cmd, pargs.r_opt); break; + case aEncr: + recp_required = 1; + set_cmd (&cmd, pargs.r_opt); + break; + case aSym: case aDecrypt: - case aEncr: case aSign: case aClearsign: case aVerify: @@ -1295,6 +1346,22 @@ main ( int argc, char **argv) opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2"; else if (!strcmp (opt.def_cipher_algoid, "AES256") ) opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42"; + else if (!strcmp (opt.def_cipher_algoid, "SERPENT") + || !strcmp (opt.def_cipher_algoid, "SERPENT128") ) + opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2"; + else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") ) + opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22"; + else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") ) + opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42"; + else if (!strcmp (opt.def_cipher_algoid, "SEED") ) + opt.def_cipher_algoid = "1.2.410.200004.1.4"; + else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA") + || !strcmp (opt.def_cipher_algoid, "CAMELLIA128") ) + opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2"; + else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") ) + opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3"; + else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") ) + opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4"; if (cmd != aGPGConfList) { @@ -1384,12 +1451,12 @@ main ( int argc, char **argv) complain about no (regular) recipients. */ for (sl = remusr; sl; sl = sl->next) if (!(sl->flags & 1)) - do_add_recipient (&ctrl, sl->d, &recplist, 0); + do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required); if (!opt.no_encrypt_to) { for (sl = remusr; sl; sl = sl->next) if ((sl->flags & 1)) - do_add_recipient (&ctrl, sl->d, &recplist, 1); + do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required); } } @@ -1428,8 +1495,10 @@ main ( int argc, char **argv) GC_OPT_FLAG_NONE ); printf ("auto-issuer-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE ); +#ifndef HAVE_W32_SYSTEM printf ("prefer-system-dirmngr:%lu:\n", GC_OPT_FLAG_NONE ); +#endif printf ("cipher-algo:%lu:\"3DES:\n", GC_OPT_FLAG_DEFAULT ); printf ("p12-charset:%lu:\n",