* g10/gpg.c (main): initialize opt.emit_version to 0
* doc/gpg.texi: document different default for --emit-version
--
The version of GnuPG in use is not particularly helpful. It is not
cryptographically verifiable, and it doesn't distinguish between
significant version differences like 2.0.x and 2.1.x.
Additionally, it leaks metadata that can be used to distinguish users
from one another, and can potentially be used to target specific
attacks if there are known behaviors that differ between major
versions.
It's probably better to take the more parsimonious approach to
metadata production by default.
(backport of master commit c9387e41db)
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/gpg.c (main): Call set_packet_list_mode after assignment of
opt.list_packets.
* g10/mainproc.c (do_proc_packets): Don't stop processing with
--list-packets as the comment says.
* g10/options.h (list_packets): Fix the comment.
* g10/parse-packet.c: Fix the condition for opt.list_packets.
--
(backport from 2.0 commit 4f336ed780
which is backport of master
commit 52f65281f9)
Debian-bug-id: 828109
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/options.h: Add weak_digests linked list to opts.
* g10/main.h: Declare weakhash linked list struct and
additional_weak_digest() function to insert newly-declared weak
digests into opts.
* g10/misc.c: (additional_weak_digest): New function.
(print_digest_algo_note): Check for deprecated digests.
* g10/sig-check.c: (do_check): Reject all weak digests.
* g10/gpg.c: Add --weak-digest option to gpg.
* doc/gpg.texi: Document gpg --weak-digest option.
* g10/gpgv.c: Add --weak-digest option to gpgv.
* doc/gpgv.texi: Document gpgv --weak-digest option.
--
gpg and gpgv treat signatures made over MD5 as unreliable, unless the
user supplies --allow-weak-digests to gpg. Signatures over any other
digest are considered acceptable.
Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC
4880, the collision-resistance of SHA-1 is weaker than anyone would
like it to be.
Some operators of high-value targets that depend on OpenPGP signatures
may wish to require their signers to use a stronger digest algorithm
than SHA1, even if the OpenPGP ecosystem at large cannot deprecate
SHA1 entirely today.
This changeset adds a new "--weak-digest DIGEST" option for both gpg
and gpgv, which makes it straightforward for anyone to treat any
signature or certification made over the specified digest as
unreliable.
This option can be supplied multiple times if the operator wishes to
deprecate multiple digest algorithms, and will be ignored completely
if the operator supplies --allow-weak-digests (as before).
MD5 is always considered weak, regardless of any further
--weak-digest options supplied.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
(this is a rough cherry-pick of applying the following commits to
STABLE-BRANCH-1-4:
76afaed65eb98939812a91015d021b
)
* g10/main.h (DEFAULT_CIPHER_ALGO): Change to AES or CAST5 or 3DES
depending on configure options.
* g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.
--
(cherry picked from commit 57df1121c1)
Signed-off-by: Werner Koch <wk@gnupg.org>
* cipher/rsa.c (rsa_sign): Verify after sign.
* g10/gpg.c (opts): Make --no-sig-create-check a NOP.
* g10/options.h (opt): Remove field "no_sig_create_check".
* g10/sign.c (do_sign): Do check only for DSA.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.
--
Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.
Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.
Debian-bug-id: 739424
Minor edits by wk.
GnuPG-bug-id: 1732
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark): Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--
This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used. It just does
not make sense to create a trustdb if there is no need for it.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 1a0eeaacd1)
Resolved conflicts:
g10/gpg.c
g10/tdbio.h
g10/trustdb.c
(indentation fixes)
* g10/gpg.c (build_list): Rewrite to cope with buffer overflow in
certain locales.
* util/membuf.c (put_membuf_str): New.
(get_membuf): Make LEN optional.
--
This fixes an obvious bug in locales where the translated string is
longer than the original. The bug could be exhibited by using
LANG=ru_RU.utf8 gpg -v --version.
En passant we also removed the trailing white space on continued
lines.
Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
* cipher/idea.c: New. Take from Libgcrypt master and adjust for
direct use in GnuPG.
* cipher/idea-stub.c: Remove.
* cipher/Makefile.am: Add idea.c and remove idea-stub.c rules.
* configure.ac: Remove idea-stub code.
* g10/gpg.c (check_permissions): Remove code path for ITEM==2.
(main): Make --load-extension a dummy option.
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove. Also remove all callers.
* g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA.
* g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA.
* g10/status.h (STATUS_RSA_OR_IDEA): Remove.
--
To keep the number of actually used algorithms low, we support IDEA
only in a basically read-only way (unless --pgp2 is used during key
generation). It does not make sense to suggest the use of this old 64
bit blocksize algorithm. However, there is old data available where
it might be helpful to have IDEA available.
* include/dotlock.h: New. From current gnupg master.
* util/dotlock.c: Ditto. Include util.h. The major changes done in
master are: Factor Unix and W32 specific code out into specific
functions. Define HAVE_POSIX_SYSTEM. Rearrange some functions.
(disable_dotlock): Rename to dotlock_disable.
(create_dotlock): Rename to dotlock_create and add a dummy arg.
(destroy_dotlock): Rename to dotlock_destroy.
(make_dotlock): Rename to dotlock_take.
(release_dotlock): Rename to dotlock_release.
(remove_lockfiles): Rename to dotlock_remove_lockfiles.
This problem was identified and solved by Steven M. Schweda.
Note that the vms specific code is not part of this repository.
See http://antinode.info/dec/sw/gnupg.html for the VMS port.
This does not mean we have any kind of ECC support now. It is merely
to avoid printing a question mark for the algorithm.
Trailing white space changes as usual.
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c. Card code is not yet finished.
* gpg.c (main): New variable default_configname. Use it if
save_configname is NULL (can happen if default configfile does
not exist). Move default configname determination to ...
(get_default_configname): ... this new function.
Enable --require-cross-certification by default. --openpgp
(--rfc4880) is the same as --rfc2440 except with "--enable-dsa2
--no-rfc2440-text --escape-from-lines".
--rfc4880, and make --openpgp an alias to it. --rfc2440 now stands
alone. For now, use the old 2440 defaults for 4880.
* keyedit.c (keyedit_menu): Use compliance_option_string() instead of
printing the compliance modes here.
keygen_add_std_prefs, proc_parameter_file): Add --default-keyserver-url to
specify a keyserver URL at key generation time, and "Keyserver:" keyword
for doing the same through a batch file.
called with them closed. This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds. Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
