security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Documentaion updates. 

Support doe Dirmngr under W32.
Fixed a yat2m bug.
This commit is contained in:
Werner Koch 2007-08-14 16:50:27 +00:00
parent 74d344a521
commit d20d11a0ee
13 changed files with 226 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
NEWS
View File

@ -1,4 +1,4 @@
Noteworthy changes in version 2.0.6 Noteworthy changes in version 2.0.6 (2007-08-14)
------------------------------------------------ ------------------------------------------------
* GPGSM does now grok --default-key. * GPGSM does now grok --default-key.
@ -8,6 +8,10 @@ Noteworthy changes in version 2.0.6
* GPGSM does again correctly print the serial number as well the the * GPGSM does again correctly print the serial number as well the the
various keyids. This was broken since 2.0.4. various keyids. This was broken since 2.0.4.
* New option --validation-model and support for the chain-model.
* Imporved Windows support.
Noteworthy changes in version 2.0.5 (2007-07-05) Noteworthy changes in version 2.0.5 (2007-07-05)
------------------------------------------------ ------------------------------------------------

9
TODO
View File

@ -110,6 +110,7 @@
* Remove -sat PGP2 compatibility hack * Remove -sat PGP2 compatibility hack
* UTF-8 specific TODOs * UTF-8 specific TODOs
None.
* Pinpad Reader * Pinpad Reader
We do not yet support P15 applications. The trivial thing using We do not yet support P15 applications. The trivial thing using
@ -124,11 +125,7 @@
* Howtos * Howtos
** Migrate OpenPGP keys to another system ** Migrate OpenPGP keys to another system
* do_add_recipient
Prints wrong error message even when decrypting.
*Decrypt* does even not work in this case.
* Duplicate certifciates * Duplicate certifciates
This may happen and lead to an Ambiguous Name error. Solution is to This may happen and lead to an Ambiguous Name error. Solution is to
check the certs for identity beforethorwin this error. check the certs for identity before throwing this error.

4
common/ChangeLog
View File

@ -1,3 +1,7 @@
2007-08-14 Werner Koch <wk@g10code.com>
* homedir.c (dirmngr_socket_name): New.
2007-08-07 Werner Koch <wk@g10code.com> 2007-08-07 Werner Koch <wk@g10code.com>
* tlv.c, tlv.h: Move from ../scd/. * tlv.c, tlv.h: Move from ../scd/.

23
common/homedir.c
View File

@ -290,6 +290,29 @@ gnupg_datadir (void)
} }
/* Return the default socket name used by DirMngr. */
const char *
dirmngr_socket_name (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
{
const char *s1, *s2;
s1 = w32_rootdir ();
s2 = DIRSEP_S "S.dirmngr";
name = xmalloc (strlen (s1) + strlen (s2) + 1);
strcpy (stpcpy (name, s1), s2);
}
return name;
#else /*!HAVE_W32_SYSTEM*/
return "/var/run/dirmngr/socket";
#endif /*!HAVE_W32_SYSTEM*/
}
/* Return the file name of a helper tool. WHICH is one of the /* Return the file name of a helper tool. WHICH is one of the
GNUPG_MODULE_NAME_foo constants. */ GNUPG_MODULE_NAME_foo constants. */
const char * const char *

1
common/util.h
View File

@ -178,6 +178,7 @@ const char *gnupg_bindir (void);
const char *gnupg_libexecdir (void); const char *gnupg_libexecdir (void);
const char *gnupg_libdir (void); const char *gnupg_libdir (void);
const char *gnupg_datadir (void); const char *gnupg_datadir (void);
const char *dirmngr_socket_name (void);
#define GNUPG_MODULE_NAME_AGENT 1 #define GNUPG_MODULE_NAME_AGENT 1
#define GNUPG_MODULE_NAME_PINENTRY 2 #define GNUPG_MODULE_NAME_PINENTRY 2

12
doc/ChangeLog
View File

@ -1,3 +1,15 @@
2007-08-14 Werner Koch <wk@g10code.com>
* glossary.texi (Glossary): Add a more items.
2007-08-13 Werner Koch <wk@g10code.com>
* yat2m.c (proc_texi_cmd): Do not put @samp content between two
newlines.
* gpg-agent.texi (Agent Configuration): Explain the CM flag for
trustlist.txt.
2007-08-09 Werner Koch <wk@g10code.com> 2007-08-09 Werner Koch <wk@g10code.com>
* gpgsm.texi (Certificate Options): Describe --validation-model. * gpgsm.texi (Certificate Options): Describe --validation-model.

32
doc/glossary.texi
View File

@ -12,6 +12,21 @@
@acronym{CRL} but used for @acronym{CA}s and not for end user @acronym{CRL} but used for @acronym{CA}s and not for end user
certificates. certificates.
@item Chain model
Verification model for X.509 which uses the creation date of a
signature as the date the validation starts and in turn checks that each
certificate has been issued within the time frame, the issuing
certificate was valid. This allows the verification of signatures after
the the CA's certificate expired. The validation test also required an
online check of the certificate status. The chain model is required by
the German signature law. See also @emph{Shell model}.
@item CMS
The @emph{Cryptographic Message Standard} describes a message
format for encryption and digital signing. It is closely related to the
X.509 certificate format. @acronym{CMS} was formerly known under the
name @code{PKCS#7} and is described by @code{RFC3369}.
@item CRL @item CRL
The @emph{Certificate Revocation List} is a list containing The @emph{Certificate Revocation List} is a list containing
certificates revoked by the issuer. certificates revoked by the issuer.
@ -21,6 +36,12 @@ certificates revoked by the issuer.
ask them to issue a new certificate. The data format of such a signing ask them to issue a new certificate. The data format of such a signing
request is called PCKS#10. request is called PCKS#10.
@item OpenPGP
A data format used to build a PKI and to exchange encrypted or
signed messages. In contrast to X.509, OpenPGP also includes the
message format but does not explicilty demand a specific PKI. However
any kind of PKI may be build upon the OpenPGP protocol.
@item Keygrip @item Keygrip
This term is used by GnuPG to describe a 20 byte hash value used This term is used by GnuPG to describe a 20 byte hash value used
to identify a certain key without referencing to a concrete protocol. to identify a certain key without referencing to a concrete protocol.
@ -37,4 +58,15 @@ store private keys. This is either a smartcard or a collection of files
on a disk; the latter is often called a Soft-PSE. on a disk; the latter is often called a Soft-PSE.
@item Shell model
The standard model for validation of certificates under X.509. At the
time of the verification all certifciates must be valid and not expired.
See also @emph{Chain mode}.
@item X.509
Description of a PKI used with CMS. It is for example
defined by @code{RFC3280}.
@end table @end table

43
doc/gpg-agent.texi
View File

@ -493,31 +493,40 @@ This is however not as secure as maintaining this file manually. It is
even advisable to change the permissions to read-only so that this file even advisable to change the permissions to read-only so that this file
can't be changed inadvertently. can't be changed inadvertently.
It is possible to add further flags after the @code{S} for use by the
caller. The only flag currently defined is @code{relax} to relax
checking of some root certificate requirements.
As a special feature a line @code{include-default} will include a global As a special feature a line @code{include-default} will include a global
list of trusted certificates (e.g. @file{/etc/gnupg/trustlist.txt}). list of trusted certificates (e.g. @file{/etc/gnupg/trustlist.txt}).
This global list is also used if the local list is not available. This global list is also used if the local list is not available.
It is possible to add further flags after the @code{S} for use by the
caller:
@table @code
@item relax
Relax checking of some root certificate requirements.
@item cm
If validation of a certificate finally issued by a CA with this flag set
fails, try again using the chain validation model.
@end table
@item sshcontrol @item sshcontrol
This file is used when support for the secure shell agent protocol has This file is used when support for the secure shell agent protocol has
been enabled (@pxref{option --enable-ssh-support}). Only keys present in been enabled (@pxref{option --enable-ssh-support}). Only keys present
this file are used in the SSH protocol. The @command{ssh-add} tool y be in this file are used in the SSH protocol. The @command{ssh-add} tool
used to add new entries to this file; you may also add them manually. y be used to add new entries to this file; you may also add them
Comment lines, indicated by a leading hash mark, as well as empty lines manually. Comment lines, indicated by a leading hash mark, as well as
are ignored. An entry starts with optional white spaces, followed by empty lines are ignored. An entry starts with optional white spaces,
the keygrip of the key given as 40 hex digits, optionally followed by followed by the keygrip of the key given as 40 hex digits, optionally
the caching TTL in seconds and another optional field for arbitrary followed by the caching TTL in seconds and another optional field for
flags. A @code{!} may be prepended to the keygrip to disable this arbitrary flags. A @code{!} may be prepended to the keygrip to
entry. disable this entry.
The follwoing example lists exactly one key. Note that keys available The follwoing example lists exactly one key. Note that keys available
through a OpenPGP smartcard in the active smartcard reader are implictly through a OpenPGP smartcard in the active smartcard reader are
added to this list; i.e. there is no need to list them. implictly added to this list; i.e. there is no need to list them.
@example @example
# Key added on 2005-02-25 15:08:29 # Key added on 2005-02-25 15:08:29

3
doc/gpgsm.texi
View File

@ -339,7 +339,8 @@ a running dirmngr can't be connected.
@opindex prefer-system-dirmngr @opindex prefer-system-dirmngr
If a system wide @command{dirmngr} is running in daemon mode, first try If a system wide @command{dirmngr} is running in daemon mode, first try
to connect to this one. Fallback to a pipe based server if this does to connect to this one. Fallback to a pipe based server if this does
not work. not work. Under Windows this option is ignored because the system dirmngr is
always used.
@item --no-secmem-warning @item --no-secmem-warning
@opindex no-secmem-warning @opindex no-secmem-warning

2
doc/yat2m.c
View File

@ -449,7 +449,7 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len,
{ "code", 0, "\\fB", "\\fR" }, { "code", 0, "\\fB", "\\fR" },
{ "sc", 0, "\\fB", "\\fR" }, { "sc", 0, "\\fB", "\\fR" },
{ "var", 0, "\\fI", "\\fR" }, { "var", 0, "\\fI", "\\fR" },
{ "samp", 0, "\n'", "'\n" }, { "samp", 0, "'", "'" },
{ "file", 0, "`\\fI","\\fR'" }, { "file", 0, "`\\fI","\\fR'" },
{ "env", 0, "`\\fI","\\fR'" }, { "env", 0, "`\\fI","\\fR'" },
{ "acronym", 0 }, { "acronym", 0 },

16
sm/ChangeLog
View File

@ -1,3 +1,19 @@
2007-08-14 Werner Koch <wk@g10code.com>
* call-dirmngr.c (start_dirmngr): Use dirmngr_socket_name. change
the way infostr is xstrdupped.
* gpgsm.c (main) [W32]: Make --prefer-system-dirmngr a dummy under
Windows.
2007-08-13 Werner Koch <wk@g10code.com>
* gpgsm.c (do_add_recipient): Add RECP_REQUIRED and make error
message depend on that.
(main): Add avriable RECP_REQUIRED, set ift for encryption
commands and pass it to do_add_recipient.
(our_pk_test_algo, our_cipher_test_algo, our_md_test_algo): Implement.
2007-08-09 Werner Koch <wk@g10code.com> 2007-08-09 Werner Koch <wk@g10code.com>
* gpgsm.c (main) [W32]: Enable CRL check by default. * gpgsm.c (main) [W32]: Enable CRL check by default.

29
sm/call-dirmngr.c
View File

@ -34,8 +34,6 @@
#include "i18n.h" #include "i18n.h"
#include "keydb.h" #include "keydb.h"
/* The name of the socket for a system daemon. */
#define DEFAULT_SOCKET_NAME "/var/run/dirmngr/socket"
struct membuf { struct membuf {
size_t len; size_t len;
@ -155,14 +153,23 @@ start_dirmngr (void)
/* Note: if you change this to multiple connections, you also need /* Note: if you change this to multiple connections, you also need
to take care of the implicit option sending caching. */ to take care of the implicit option sending caching. */
#ifdef HAVE_W32_SYSTEM
infostr = NULL;
opt.prefer_system_dirmngr = 1;
#else
infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO");
if (opt.prefer_system_dirmngr && !force_pipe_server #endif /*HAVE_W32_SYSTEM*/
&&(!infostr || !*infostr)) if (infostr && !*infostr)
infostr = NULL;
else if (infostr)
infostr = xstrdup (infostr);
if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr)
{ {
infostr = DEFAULT_SOCKET_NAME; infostr = xstrdup (dirmngr_socket_name ());
try_default = 1; try_default = 1;
} }
if (!infostr || !*infostr) if (!infostr)
{ {
const char *pgmname; const char *pgmname;
const char *argv[3]; const char *argv[3];
@ -206,8 +213,7 @@ start_dirmngr (void)
int prot; int prot;
int pid; int pid;
infostr = xstrdup (infostr); if (!try_default)
if (!try_default && *infostr)
{ {
if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr)
{ {
@ -234,13 +240,20 @@ start_dirmngr (void)
pid = -1; pid = -1;
rc = assuan_socket_connect (&ctx, infostr, pid); rc = assuan_socket_connect (&ctx, infostr, pid);
#ifdef HAVE_W32_SYSTEM
if (rc)
log_debug ("connecting dirmngr at `%s' failed\n", infostr);
#endif
xfree (infostr); xfree (infostr);
#ifndef HAVE_W32_SYSTEM
if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED) if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED)
{ {
log_error (_("can't connect to the dirmngr - trying fall back\n")); log_error (_("can't connect to the dirmngr - trying fall back\n"));
force_pipe_server = 1; force_pipe_server = 1;
return start_dirmngr (); return start_dirmngr ();
} }
#endif /*!HAVE_W32_SYSTEM*/
} }
if (rc) if (rc)

91
sm/gpgsm.c
View File

@ -491,25 +491,65 @@ static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename); static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv); static void run_protect_tool (int argc, char **argv);
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
static int static int
our_pk_test_algo (int algo) our_pk_test_algo (int algo)
{ {
return 1; switch (algo)
{
case GCRY_PK_RSA:
case MY_GCRY_PK_ECDSA:
return gcry_pk_test_algo (algo);
default:
return 1;
}
} }
static int static int
our_cipher_test_algo (int algo) our_cipher_test_algo (int algo)
{ {
return 1; switch (algo)
{
case GCRY_CIPHER_3DES:
case GCRY_CIPHER_AES128:
case GCRY_CIPHER_AES192:
case GCRY_CIPHER_AES256:
case GCRY_CIPHER_SERPENT128:
case GCRY_CIPHER_SERPENT192:
case GCRY_CIPHER_SERPENT256:
case 309 /*GCRY_CIPHER_SEED*/:
case 310 /*GCRY_CIPHER_CAMELLIA128*/:
case 311 /*GCRY_CIPHER_CAMELLIA192*/:
case 312 /*GCRY_CIPHER_CAMELLIA256*/:
return gcry_cipher_test_algo (algo);
default:
return 1;
}
} }
static int static int
our_md_test_algo (int algo) our_md_test_algo (int algo)
{ {
return 1; switch (algo)
{
case GCRY_MD_MD5:
case GCRY_MD_SHA1:
case GCRY_MD_RMD160:
case GCRY_MD_SHA256:
case GCRY_MD_SHA384:
case GCRY_MD_SHA512:
case 305 /*GCRY_MD_WHIRLPOOL*/:
return gcry_md_test_algo (algo);
default:
return 1;
}
} }
static const char * static const char *
my_strusage( int level ) my_strusage( int level )
{ {
@ -571,12 +611,12 @@ build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */ gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
} }
for (i=1; i < 110; i++ ) for (i=1; i < 400; i++ )
if (!chkf(i)) if (!chkf(i))
n += strlen(mapf(i)) + 2; n += strlen(mapf(i)) + 2;
list = xmalloc (21 + n); list = xmalloc (21 + n);
*list = 0; *list = 0;
for (p=NULL, i=1; i < 110; i++) for (p=NULL, i=1; i < 400; i++)
{ {
if (!chkf(i)) if (!chkf(i))
{ {
@ -683,13 +723,15 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
/* Helper to add recipients to a list. */ /* Helper to add recipients to a list. */
static void static void
do_add_recipient (ctrl_t ctrl, const char *name, do_add_recipient (ctrl_t ctrl, const char *name,
certlist_t *recplist, int is_encrypt_to) certlist_t *recplist, int is_encrypt_to, int recp_required)
{ {
int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to); int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to);
if (rc) if (rc)
{ {
log_error (_("can't encrypt to `%s': %s\n"), name, gpg_strerror (rc)); if (recp_required)
gpgsm_status2 (ctrl, STATUS_INV_RECP, {
log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1": gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
@ -701,6 +743,10 @@ do_add_recipient (ctrl_t ctrl, const char *name,
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
"0", "0",
name, NULL); name, NULL);
}
else
log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"),
name, gpg_strerror (rc));
} }
} }
@ -747,6 +793,7 @@ main ( int argc, char **argv)
certlist_t recplist = NULL; certlist_t recplist = NULL;
certlist_t signerlist = NULL; certlist_t signerlist = NULL;
int do_not_setup_keys = 0; int do_not_setup_keys = 0;
int recp_required = 0;
/*mtrace();*/ /*mtrace();*/
@ -943,9 +990,13 @@ main ( int argc, char **argv)
set_cmd (&cmd, pargs.r_opt); set_cmd (&cmd, pargs.r_opt);
break; break;
case aEncr:
recp_required = 1;
set_cmd (&cmd, pargs.r_opt);
break;
case aSym: case aSym:
case aDecrypt: case aDecrypt:
case aEncr:
case aSign: case aSign:
case aClearsign: case aClearsign:
case aVerify: case aVerify:
@ -1295,6 +1346,22 @@ main ( int argc, char **argv)
opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2"; opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2";
else if (!strcmp (opt.def_cipher_algoid, "AES256") ) else if (!strcmp (opt.def_cipher_algoid, "AES256") )
opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42"; opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT")
|| !strcmp (opt.def_cipher_algoid, "SERPENT128") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
else if (!strcmp (opt.def_cipher_algoid, "SEED") )
opt.def_cipher_algoid = "1.2.410.200004.1.4";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
|| !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4";
if (cmd != aGPGConfList) if (cmd != aGPGConfList)
{ {
@ -1384,12 +1451,12 @@ main ( int argc, char **argv)
complain about no (regular) recipients. */ complain about no (regular) recipients. */
for (sl = remusr; sl; sl = sl->next) for (sl = remusr; sl; sl = sl->next)
if (!(sl->flags & 1)) if (!(sl->flags & 1))
do_add_recipient (&ctrl, sl->d, &recplist, 0); do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required);
if (!opt.no_encrypt_to) if (!opt.no_encrypt_to)
{ {
for (sl = remusr; sl; sl = sl->next) for (sl = remusr; sl; sl = sl->next)
if ((sl->flags & 1)) if ((sl->flags & 1))
do_add_recipient (&ctrl, sl->d, &recplist, 1); do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
} }
} }
@ -1428,8 +1495,10 @@ main ( int argc, char **argv)
GC_OPT_FLAG_NONE ); GC_OPT_FLAG_NONE );
printf ("auto-issuer-key-retrieve:%lu:\n", printf ("auto-issuer-key-retrieve:%lu:\n",
GC_OPT_FLAG_NONE ); GC_OPT_FLAG_NONE );
#ifndef HAVE_W32_SYSTEM
printf ("prefer-system-dirmngr:%lu:\n", printf ("prefer-system-dirmngr:%lu:\n",
GC_OPT_FLAG_NONE ); GC_OPT_FLAG_NONE );
#endif
printf ("cipher-algo:%lu:\"3DES:\n", printf ("cipher-algo:%lu:\"3DES:\n",
GC_OPT_FLAG_DEFAULT ); GC_OPT_FLAG_DEFAULT );
printf ("p12-charset:%lu:\n", printf ("p12-charset:%lu:\n",