mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-02 12:01:32 +01:00
See ChangeLogs
This commit is contained in:
parent
6870dcf05d
commit
d8602648b8
3
NEWS
3
NEWS
@ -9,6 +9,9 @@ Noteworthy changes in version 1.9.23
|
|||||||
gpg part. For production use of OpenPGP the gpg version 1.4.5 is
|
gpg part. For production use of OpenPGP the gpg version 1.4.5 is
|
||||||
still recommended.
|
still recommended.
|
||||||
|
|
||||||
|
* API change in gpg-agent's pkdecrypt command. Thus an older gpgsm
|
||||||
|
may not be used with the current gpg-agent.
|
||||||
|
|
||||||
|
|
||||||
Noteworthy changes in version 1.9.22 (2006-07-27)
|
Noteworthy changes in version 1.9.22 (2006-07-27)
|
||||||
-------------------------------------------------
|
-------------------------------------------------
|
||||||
|
7
TODO
7
TODO
@ -6,8 +6,6 @@ Currently we don't cope with overlong lines in the best way.
|
|||||||
** Check that we really release the ksba reader/writer objects.
|
** Check that we really release the ksba reader/writer objects.
|
||||||
|
|
||||||
* sm/call-agent.c
|
* sm/call-agent.c
|
||||||
** The protocol uses an incomplete S-expression
|
|
||||||
We should always use valid S-Exp and not just parts.
|
|
||||||
** Some code should go into import.c
|
** Some code should go into import.c
|
||||||
** When we allow concurrent service request in gpgsm, we
|
** When we allow concurrent service request in gpgsm, we
|
||||||
might want to have an agent context for each service request
|
might want to have an agent context for each service request
|
||||||
@ -23,7 +21,6 @@ might want to have an agent context for each service request
|
|||||||
** replace leading zero in integer hack by a cleaner solution
|
** replace leading zero in integer hack by a cleaner solution
|
||||||
|
|
||||||
* sm/gpgsm.c
|
* sm/gpgsm.c
|
||||||
** Support --output for all commands
|
|
||||||
** mark all unimplemented commands and options.
|
** mark all unimplemented commands and options.
|
||||||
** Implement --default-key
|
** Implement --default-key
|
||||||
** support the anyPolicy semantic
|
** support the anyPolicy semantic
|
||||||
@ -109,10 +106,8 @@ might want to have an agent context for each service request
|
|||||||
** issue a NO_SECKEY xxxx if a -u key was not found.
|
** issue a NO_SECKEY xxxx if a -u key was not found.
|
||||||
** Replace DIGEST_ALGO_SHA224
|
** Replace DIGEST_ALGO_SHA224
|
||||||
We can't do that right now because it is only defined by newer
|
We can't do that right now because it is only defined by newer
|
||||||
versions of libgcrypt. Changes this if we require libgcrypt 1.3
|
versions of libgcrypt. Change this if we require libgcrypt 1.3
|
||||||
anyway.
|
anyway.
|
||||||
** skclist.c:random_is_faked
|
|
||||||
Remove the whole stuff?
|
|
||||||
** qbits
|
** qbits
|
||||||
We pass a new qbit parameter to genkey - implement this in libgcrypt.
|
We pass a new qbit parameter to genkey - implement this in libgcrypt.
|
||||||
** skclist.c
|
** skclist.c
|
||||||
|
@ -90,15 +90,14 @@ agent_pkdecrypt (CTRL ctrl, const char *desc_text,
|
|||||||
log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));
|
log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
/* FIXME: Change the protocol to return a complete S-expression
|
|
||||||
and not just a part. */
|
|
||||||
{
|
|
||||||
char tmpbuf[50];
|
|
||||||
|
|
||||||
sprintf (tmpbuf, "%u:", (unsigned int)len);
|
{
|
||||||
|
char tmpbuf[60];
|
||||||
|
|
||||||
|
sprintf (tmpbuf, "(5:value%u:", (unsigned int)len);
|
||||||
put_membuf (outbuf, tmpbuf, strlen (tmpbuf));
|
put_membuf (outbuf, tmpbuf, strlen (tmpbuf));
|
||||||
put_membuf (outbuf, buf, len);
|
put_membuf (outbuf, buf, len);
|
||||||
put_membuf (outbuf, "", 1);
|
put_membuf (outbuf, ")", 2);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -126,7 +125,16 @@ agent_pkdecrypt (CTRL ctrl, const char *desc_text,
|
|||||||
buf = xmalloc (len);
|
buf = xmalloc (len);
|
||||||
len = gcry_sexp_sprint (s_plain, GCRYSEXP_FMT_CANON, buf, len);
|
len = gcry_sexp_sprint (s_plain, GCRYSEXP_FMT_CANON, buf, len);
|
||||||
assert (len);
|
assert (len);
|
||||||
|
if (*buf == '(')
|
||||||
put_membuf (outbuf, buf, len);
|
put_membuf (outbuf, buf, len);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* Old style libgcrypt: This is only an S-expression
|
||||||
|
part. Turn it into a complete S-expression. */
|
||||||
|
put_membuf (outbuf, "(5:value", 8);
|
||||||
|
put_membuf (outbuf, buf, len);
|
||||||
|
put_membuf (outbuf, ")", 2);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -701,7 +701,7 @@ Here is an example session:
|
|||||||
C: D (b 3F444677CA)))
|
C: D (b 3F444677CA)))
|
||||||
C: END
|
C: END
|
||||||
S: # session key follows
|
S: # session key follows
|
||||||
S: D 1234567890ABCDEF0
|
S: D (value 1234567890ABCDEF0)
|
||||||
S: OK descryption successful
|
S: OK descryption successful
|
||||||
@end example
|
@end example
|
||||||
|
|
||||||
|
@ -428,6 +428,12 @@ Assume the input data is binary encoded.
|
|||||||
Set the user(s) to be used for signing. The default is the first
|
Set the user(s) to be used for signing. The default is the first
|
||||||
secret key found in the database.
|
secret key found in the database.
|
||||||
|
|
||||||
|
@item --output @var{file}
|
||||||
|
@itemx -o @var{file}
|
||||||
|
@opindex output
|
||||||
|
Write output to @var{file}. The default is to write it to stdout.
|
||||||
|
|
||||||
|
|
||||||
@item --with-key-data
|
@item --with-key-data
|
||||||
@opindex with-key-data
|
@opindex with-key-data
|
||||||
Displays extra information with the @code{--list-keys} commands. Especially
|
Displays extra information with the @code{--list-keys} commands. Especially
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2006-08-22 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* mainproc.c (proc_plaintext): Fixed a #warning
|
||||||
|
|
||||||
2006-08-21 Werner Koch <wk@g10code.com>
|
2006-08-21 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* skclist.c (random_is_faked): Implemented.
|
* skclist.c (random_is_faked): Implemented.
|
||||||
|
@ -681,13 +681,10 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
}
|
}
|
||||||
|
|
||||||
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
|
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
|
||||||
if (rc)
|
if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
|
||||||
log_debug ("handle_plaintext failed: err=%d\n", rc);
|
|
||||||
if( gpg_err_code (rc) == GPG_ERR_ENOENT && !c->sigs_only)
|
|
||||||
{
|
{
|
||||||
#warning We need to change the test for the error code
|
/* Can't write output but we hash it anyway to check the
|
||||||
/* Can't write output but we hash it anyway to
|
signature. */
|
||||||
* Check the signature. */
|
|
||||||
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
|
rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
2006-08-29 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* logging.c (do_logv): Emit a missing LF for fatal errors.
|
||||||
|
|
||||||
2006-06-28 Werner Koch <wk@g10code.com>
|
2006-06-28 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* dotlock.c (make_dotlock, release_dotlock, read_lockfile)
|
* dotlock.c (make_dotlock, release_dotlock, read_lockfile)
|
||||||
|
@ -486,10 +486,18 @@ do_logv (int level, const char *fmt, va_list arg_ptr)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (level == JNLIB_LOG_FATAL)
|
if (level == JNLIB_LOG_FATAL)
|
||||||
|
{
|
||||||
|
if (missing_lf)
|
||||||
|
putc('\n', logstream );
|
||||||
exit(2);
|
exit(2);
|
||||||
|
}
|
||||||
if (level == JNLIB_LOG_BUG)
|
if (level == JNLIB_LOG_BUG)
|
||||||
|
{
|
||||||
|
if (missing_lf)
|
||||||
|
putc('\n', logstream );
|
||||||
abort();
|
abort();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
do_log( int level, const char *fmt, ... )
|
do_log( int level, const char *fmt, ... )
|
||||||
|
@ -1,3 +1,11 @@
|
|||||||
|
2006-08-29 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* call-agent.c (gpgsm_agent_pkdecrypt): Allow decryption using
|
||||||
|
complete S-expressions as implemented by the current gpg-agent.
|
||||||
|
|
||||||
|
* gpgsm.c (main): Implement --output for encrypt, decrypt, sign
|
||||||
|
and export.
|
||||||
|
|
||||||
2006-07-03 Werner Koch <wk@g10code.com>
|
2006-07-03 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* certreqgen.c (proc_parameters): Print the component label of a
|
* certreqgen.c (proc_parameters): Print the component label of a
|
||||||
|
@ -300,7 +300,7 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
|
|||||||
membuf_t data;
|
membuf_t data;
|
||||||
struct cipher_parm_s cipher_parm;
|
struct cipher_parm_s cipher_parm;
|
||||||
size_t n, len;
|
size_t n, len;
|
||||||
char *buf, *endp;
|
char *p, *buf, *endp;
|
||||||
size_t ciphertextlen;
|
size_t ciphertextlen;
|
||||||
|
|
||||||
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
|
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
|
||||||
@ -349,21 +349,36 @@ gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
|
|||||||
return map_assuan_err (rc);
|
return map_assuan_err (rc);
|
||||||
}
|
}
|
||||||
|
|
||||||
put_membuf (&data, "", 1); /* make sure it is 0 terminated */
|
put_membuf (&data, "", 1); /* Make sure it is 0 terminated. */
|
||||||
buf = get_membuf (&data, &len);
|
buf = get_membuf (&data, &len);
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return gpg_error (GPG_ERR_ENOMEM);
|
return gpg_error (GPG_ERR_ENOMEM);
|
||||||
/* FIXME: We would better a return a full S-exp and not just a part */
|
assert (len); /* (we forced Nul termination.) */
|
||||||
assert (len);
|
|
||||||
len--; /* remove the terminating 0 */
|
if (*buf == '(')
|
||||||
n = strtoul (buf, &endp, 10);
|
{
|
||||||
|
if (len < 13 || memcmp (buf, "(5:value", 8) ) /* "(5:valueN:D)\0" */
|
||||||
|
return gpg_error (GPG_ERR_INV_SEXP);
|
||||||
|
len -= 11; /* Count only the data of the second part. */
|
||||||
|
p = buf + 8; /* Skip leading parenthesis and the value tag. */
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* For compatibility with older gpg-agents handle the old style
|
||||||
|
incomplete S-exps. */
|
||||||
|
len--; /* Do not count the Nul. */
|
||||||
|
p = buf;
|
||||||
|
}
|
||||||
|
|
||||||
|
n = strtoul (p, &endp, 10);
|
||||||
if (!n || *endp != ':')
|
if (!n || *endp != ':')
|
||||||
return gpg_error (GPG_ERR_INV_SEXP);
|
return gpg_error (GPG_ERR_INV_SEXP);
|
||||||
endp++;
|
endp++;
|
||||||
if (endp-buf+n > len)
|
if (endp-p+n > len)
|
||||||
return gpg_error (GPG_ERR_INV_SEXP); /* oops len does not
|
return gpg_error (GPG_ERR_INV_SEXP); /* Oops: Inconsistent S-Exp. */
|
||||||
match internal len*/
|
|
||||||
memmove (buf, endp, n);
|
memmove (buf, endp, n);
|
||||||
|
|
||||||
*r_buflen = n;
|
*r_buflen = n;
|
||||||
*r_buf = buf;
|
*r_buf = buf;
|
||||||
return 0;
|
return 0;
|
||||||
|
70
sm/gpgsm.c
70
sm/gpgsm.c
@ -1420,31 +1420,42 @@ main ( int argc, char **argv)
|
|||||||
run_protect_tool (argc, argv);
|
run_protect_tool (argc, argv);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aEncr: /* encrypt the given file */
|
case aEncr: /* Encrypt the given file. */
|
||||||
|
{
|
||||||
|
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
|
||||||
|
|
||||||
set_binary (stdin);
|
set_binary (stdin);
|
||||||
set_binary (stdout);
|
|
||||||
if (!argc)
|
if (!argc) /* Source is stdin. */
|
||||||
gpgsm_encrypt (&ctrl, recplist, 0, stdout); /* from stdin */
|
gpgsm_encrypt (&ctrl, recplist, 0, fp);
|
||||||
else if (argc == 1)
|
else if (argc == 1) /* Source is the given file. */
|
||||||
gpgsm_encrypt (&ctrl, recplist, open_read (*argv), stdout); /* from file */
|
gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
|
||||||
else
|
else
|
||||||
wrong_args ("--encrypt [datafile]");
|
wrong_args ("--encrypt [datafile]");
|
||||||
|
|
||||||
|
if (fp != stdout)
|
||||||
|
fclose (fp);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aSign: /* sign the given file */
|
case aSign: /* Sign the given file. */
|
||||||
/* FIXME: We don't handle --output yet. We should also allow
|
{
|
||||||
to concatenate multiple files for signing because that is
|
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
|
||||||
what gpg does.*/
|
|
||||||
|
/* Fixme: We should also allow to concatenate multiple files for
|
||||||
|
signing because that is what gpg does.*/
|
||||||
set_binary (stdin);
|
set_binary (stdin);
|
||||||
set_binary (stdout);
|
if (!argc) /* Create from stdin. */
|
||||||
if (!argc)
|
gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
|
||||||
|
else if (argc == 1) /* From file. */
|
||||||
gpgsm_sign (&ctrl, signerlist,
|
gpgsm_sign (&ctrl, signerlist,
|
||||||
0, detached_sig, stdout); /* create from stdin */
|
open_read (*argv), detached_sig, fp);
|
||||||
else if (argc == 1)
|
|
||||||
gpgsm_sign (&ctrl, signerlist,
|
|
||||||
open_read (*argv), detached_sig, stdout); /* from file */
|
|
||||||
else
|
else
|
||||||
wrong_args ("--sign [datafile]");
|
wrong_args ("--sign [datafile]");
|
||||||
|
|
||||||
|
if (fp != stdout)
|
||||||
|
fclose (fp);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aSignEncr: /* sign and encrypt the given file */
|
case aSignEncr: /* sign and encrypt the given file */
|
||||||
@ -1484,14 +1495,19 @@ main ( int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case aDecrypt:
|
case aDecrypt:
|
||||||
|
{
|
||||||
|
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
|
||||||
|
|
||||||
set_binary (stdin);
|
set_binary (stdin);
|
||||||
set_binary (stdout);
|
|
||||||
if (!argc)
|
if (!argc)
|
||||||
gpgsm_decrypt (&ctrl, 0, stdout); /* from stdin */
|
gpgsm_decrypt (&ctrl, 0, fp); /* from stdin */
|
||||||
else if (argc == 1)
|
else if (argc == 1)
|
||||||
gpgsm_decrypt (&ctrl, open_read (*argv), stdout); /* from file */
|
gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
|
||||||
else
|
else
|
||||||
wrong_args ("--decrypt [filename]");
|
wrong_args ("--decrypt [filename]");
|
||||||
|
if (fp != stdout)
|
||||||
|
fclose (fp);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aDeleteKey:
|
case aDeleteKey:
|
||||||
@ -1556,19 +1572,29 @@ main ( int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case aExport:
|
case aExport:
|
||||||
set_binary (stdout);
|
{
|
||||||
|
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
|
||||||
|
|
||||||
for (sl=NULL; argc; argc--, argv++)
|
for (sl=NULL; argc; argc--, argv++)
|
||||||
add_to_strlist (&sl, *argv);
|
add_to_strlist (&sl, *argv);
|
||||||
gpgsm_export (&ctrl, sl, stdout);
|
gpgsm_export (&ctrl, sl, fp);
|
||||||
free_strlist(sl);
|
free_strlist(sl);
|
||||||
|
if (fp != stdout)
|
||||||
|
fclose (fp);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aExportSecretKeyP12:
|
case aExportSecretKeyP12:
|
||||||
set_binary (stdout);
|
{
|
||||||
|
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
|
||||||
|
|
||||||
if (argc == 1)
|
if (argc == 1)
|
||||||
gpgsm_p12_export (&ctrl, *argv, stdout);
|
gpgsm_p12_export (&ctrl, *argv, stdout);
|
||||||
else
|
else
|
||||||
wrong_args ("--export-secret-key-p12 KEY-ID");
|
wrong_args ("--export-secret-key-p12 KEY-ID");
|
||||||
|
if (fp != stdout)
|
||||||
|
fclose (fp);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case aSendKeys:
|
case aSendKeys:
|
||||||
|
Loading…
x
Reference in New Issue
Block a user