* g10/sign.c (sign_file): Use iobuf_read instead of iobuf_get for
reading data from detached file.
--
This patch reduces iobuf_read per byte processing overhead and speeds
up detached signing.
Detached signing speed on AMD Ryzen 5800X (4.3GiB file, SHA256):
gpg process
user time
before: 3.951s
after: 1.898s (2.0x faster)
GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Backported-from-master: f8943ce098
Numbers above are given for the version in master but should be
similar for here (2.2).
* g10/plaintext.c (do_hash): Use iobuf_read instead of iobuf_get for
reading data; Use gcry_md_write instead of gcry_md_putc for hash data.
--
This patch reduces iobuf_read per byte processing overhead and speeds
up detached signature verifying.
Detached verifying speed on AMD Ryzen 5800X (4.3GiB file, SHA256):
gpg process
user time
before: 9.410s
after: 1.913s (4.9x faster)
GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit 4e27b9defc)
* g10/mainproc.c (proc_encrypted): Set complaince_de_vs also if
require-compliance is set.
--
Without this fix require-compliance would fail if no --status-fd was
used.
* g10/kbnode.c (new_kbnode2): New.
* g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store
misplaced revocations.
(import_revoke_cert): Allow to pass an entire list.
(import_one): Import revocations found by delete_inv_parts.
--
It might be useful to distribute revocations of old keys along with
new keys. This is in particicualrr useful for WKD stored keys. This
patch allows to put unrelated standalone revocations into a key. For
example they can simply appended to a keyblock. Right now it is a bit
inaesthetic to see diagnostics about misplaced or bad revocation
signatures.
Backported-from-master: 7aaedfb107
* g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD.
--
With this fix it is now possible to feed a vanilla packet of type 20
without first forcing gpg to assume binary mode.
* g10/gpg.c (oCompatibilityFlags): New.
(opts): Add option.
(compatibility_flags): New list.
(main): Set flags and print help.
* g10/options.h (opt): Add field compatibility_flags.
--
No flags are yet defined but it is good to have the framework.
* g10/pkclist.c (select_algo_from_prefs): Change implicit cipher
algorithm.
--
Although 3DES is still a compliant algorithm, some other software does
not consider it has compliant but also does not set preference
accordingly. Thus it is better to switch the implicit cipher algorithm
similar to what we already did with SHA-1.
Note that in GnuPG 2.3 3DES is already not anymore used here.
GnuPG-bug-id: 6063
* g10/mainproc.c (proc_encrypted): Change compliance logic.
--
For the description of the proplem see
https://dev.gnupg.org/T6205#163306
GnuPG-bug-id: 6205
* g10/misc.c (compliance_failure): Do not fallback to CO_GNUPG. Print
compliance failure error and status for CO_DE_VS.
* g10/mainproc.c (proc_encrypted): Call compliance_failure in the
require-compliance error case.
* g10/encrypt.c (check_encryption_compliance): Ditto.
* common/iobuf.c (iobuf_copy): Use log_assert. Explicitly cast error
return value.
* g10/build-packet.c (do_plaintext): Check for iobuf_copy error.
* g10/encrypt.c (encrypt_filter): Immediately set header_okay.
--
Fixes-commit: 8066f8a347
which caused the assertion failure on error.
The second fix avoids repeated error message about non-compliant keys.
GnuPG-bug-id: 6174
* g10/encrypt.c (encrypt_crypt, encrypt_filter): Factor common code
out to ...
(create_dek_with_warnings): new
(check_encryption_compliance): and new.
* g10/encrypt.c (encrypt_filter): Add the compliance check.
--
GnuPG-bug-id: 6174
* g10/decrypt-data.c (decrypt_data): Disable estream buffering for
output file.
--
Here estream is filled with iobuf_copy which already uses large buffers
so additional buffering in estream was just adding memory copy overhead.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* g10/card-util.c (get_info_for_key_operation): Get the APPTYPE before
testing for it.
* g10/card-util.c (current_card_status): Always try to update the
shadow keys.
* g10/call-agent.c (agent_scd_getattr): Handle $AUTHKEYID.
--
The first part fixed a regression introduced today.
GnuPG-bug-id: 5100
The second part is usually not required because our ssh-agent code
anyway looks for the OpenPGP.3 key. However, this helps to put the
Display S/N into the shadow key so that we get a better prompt to
insert the card.
* agent/command.c (cmd_readkey): Also allow for $AUTHKEYID in card
mode.
* g10/call-agent.c (agent_update_shadow_keys): new.
* g10/card-util.c (current_card_status): Call it.
* g10/card-util.c (get_info_for_key_operation): Use ->apptype to
determine card's APP.
(current_card_status): Even if its SERIALNO is not like OpenPGP card,
it's OpenPGP card when app says so.
--
GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Backported-from-master: 157f1de64e
* g10/mainproc.c (proc_encrypted): Make symmetric + pubkey encryption
de-vs compliant.
* g10/mainproc.c (struct symlist_item): New.
(struct mainproc_context): Add field symenc_list.
(release_list): Free that list.
(proc_symkey_enc): Record infos from symmetric session packet.
(proc_encrypted): Check symkey packet algos
--
The original check was too strong because it is in fact compliant to
encrypt with a symmetric key and and public key. Thus decryption
should issue a compliance status.
In addition we now check that the cipher algorithms used to
symmetrically encrypt the session key are all compliant. This is
similar to our check for all public key encrypted session key packets.
GnuPG-bug-id: 6119
Fixes-commit: b03fab09e1
* g10/keyedit.c (find_userid_by_namehash, find_userid): New.
(keyedit_quick_revuid): Use find_userid() instead of iterating over the
nodes of the keyblock.
* tests/openpgp/quick-key-manipulation.scm: Add test for revoking a
user ID specified by its hash.
--
This makes it possible to specify the user ID to revoke as UID hash when
calling --quick-revoke-uid.
GnuPG-bug-id: 5936
(cherry picked from commit 35b1755070)
* g10/keygen.c (ask_algo): Request keygrip via cpr_get.
* doc/help.txt (gpg.keygen.keygrip): New help text.
--
This change makes it possible to add an existing (sub)key to
another key via the status/command interface.
GnuPG-bug-id: 5771
(cherry picked from commit 19b1a28621)
* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
--
Depending on the escaping and line wrapping the computed remaining
buffer length could be wrong. Fixed by always using a break to
terminate the escape detection loop. Might have happened for all
status lines which may wrap.
GnuPG-bug-id: T6027
* g10/parse-packet.c (mpi_read_detect_0_removal): New.
(parse_key): Use mpi_read_detect_0_removal for PUBKEY_ALGO_EDDSA
to tweak the checksum.
--
GnuPG-bug-id: 5120
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/mainproc.c (proc_symkey_enc): Issue new error code.
(proc_encrypted): Ditto.
--
This allows GPGME to return a better error message than "bad session
key" to the user. Technically we could get run into these errors also
in other cases but this more unlikley. For the command line use we
don't do anything to not change the expected output of the command
line interface.
GnuPG-bug-id: 5943
* g10/gpg.c (main): Set LOG_NO_REGISTRY.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
(show_other_registry_entries): Print "DefaultLogFile".
--
The intention of this mostly forgotten registry entry was to allow for
easy debugging of the tools. However, with the global config
files (and in 2.3 with common.conf) things are anyway better. We
disable the use for the commonly used tools so that it does not look
like calling gpg on the command line seems to block with no output if
the log server (e.g. tcp://1.2.3.4:11111) is not reachable.
* g10/misc.c (openpgp_cipher_algo_mode_name): New.
* g10/decrypt-data.c (decrypt_data): Use function here.
--
With out this change we would see
gpg: cipher algorithm 'AES256' may not be used in
--compliance=de-vs mode
This is confusing because AES256 is compliant. Now we see
gpg: cipher algorithm 'AES256.OCB' may not be used in
--compliance=de-vs mode
which gives a hint on the problem.
* g10/decrypt-data.c (decrypt_data): Add arg compliance_error. Adjust
all callers. Fail on compliance error only in --require-compliance
mode. Make sure to return an error if the buffer is missing; actually
that should be an assert.
* g10/mainproc.c (proc_encrypted): Delay printing of the compliance
mode status. Consult the compliance error now returned by
decrypt_data.
--
The actual case here is that we fail hard if a message has been AEAD
encrypted with one AEAD capable key and also with one passphrase. In
general the preference system takes care of not using AEAD if one
recipient's key does not support it. However, if the sender uses her
own AEAD-capable key _and_ a passphrase the message will be AEAD
encrypted. This change allows to decrypt that anyway along with a
warning message.
Note that this does currently not work in 2.3 due to a non-compliant
libgcrypt. We will however, backport this to 2.2.
* g10/options.h (opt): Add field flags.require_compliance.
* g10/gpg.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant.
(check_sig_and_print): Ditto.
* g10/encrypt.c (encrypt_crypt): Ditto.
--
Note that in the --encrypt and --verify cased other checks may kick in
earlier than this new --require-compliance controlled one.
* g10/Makefile.am (AM_CFLAGS): Reorder.
--
The more specific CLFAGS should come first so these are picked up
first. We really should improve the build system to enforce this
rule. In particular /usr/local/include should come after any more
specific location.
* g10/mainproc.c (mainproc_context): New member
'seen_pkt_encrypted_mdc'.
(release_list): Clear 'seen_pkt_encrypted_mdc'.
(proc_encrypted): Set 'seen_pkt_encrypted_mdc'.
(have_seen_pkt_encrypted_aead): Rename to...
(have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for
'seen_pkt_encrypted_mdc'.
(proc_plaintext): Do not enable extra hash contexts when decrypting
MDC input.
--
Avoiding extra hash contexts speeds up CFB/MDC decryption quite
a lot. For example, decrypting symmetric-key AES-256 encrypted
4 GiB file from RAM to /dev/null sees ~3.4x speed increase on
AMD Ryzen 5800X:
AES256.CFB encryption: 783 MB/s
AES256.CFB decryption: 386 MB/s (before)
AES256.CFB encryption: 1.3 GB/s (after patch)
Note, AEAD is still significantly faster:
AES256.OCB encryption: 2.2 GB/s
AES256.OCB decryption: 3.0 GB/s
GnuPG-bug-id: T5820
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit ab177eed51)
Even 2.2 with the older Libgcrypt 1.8 gets a threefold speedup; see
https://dev.gnupg.org/T5820#155447 (AES-128 vs. AES-256 does not make
a substanial difference)
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c: Remove assert.h and replace all assert calls
by log_assert.
(known_options_gpg): Add "keyserver" as invisible. Remove "options".
(known_pseudo_options_gpg, known_pseudo_options_gpgsm): New.
(gc_component): Add field known_pseudo_options.
(struct read_line_wrapper_parm_s): New.
(read_line_wrapper): New.
(retrieve_options_from_program): Use read_line_wrapper to handle
pseudo options.
(retrieve_options_from_program): Ignore to be ignored options. Add
failsafe code to avoid calling percent_escape with NULL.
--
GnuPG-bug-id: 5341,5800
Due to reading the list of options from the argparser of the
component, we had no more information about the pseudo options and
thus could not emit them. Well, there is just one pseudo option right
now, but with this change we have a generalized concept for them:
Pseudo options are used to convey information from a component to
gpgconf; for example build-in values.
This is a combined backport of patches to master.
