* g10/card-util.c (do_change_keyattr): Replace gcry_pk_algo_name by
openpgp_pk_algo_name.
* g10/keyedit.c (show_key_with_all_names): Ditto.
--
For RSA and and DSA the Libgcrypt and the OpenPGP identifiers are the
same. But for ECC they are different and thus we need to use the
respective function to avoid printing a ? for example EdDSA designated
revocation keys.
Updates-commit: b7f8dec632
* dirmngr/dirmngr.h (opt): Add user_agent.
* dirmngr/dirmngr.c (oUserAgent): New.
(opts): Add "user-agent".
(parse_rereadable_options): Set option.
* dirmngr/ks-engine-hkp.c (send_request): Send User-Agent.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.
--
Note that the http_open_document function is not used by dirmngr. If
it ever gets used we may want to add a way to configure the http.c
module with a user-agent string, so that it is send by the
send_request function and we do not need to explictly do that in the
caller.
GnuPG-bug-id: 7715
* common/openpgp-oid.c (oidtable): Don't include kem_algo.
(openpgp_oid_to_kem_algo): Remove.
--
The information is now retrieved by openpgp_oid_to_curve +
gnupg_get_ecc_params.
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/pkglue.c (do_encrypt_kem): From ECC_OID, determine the CURVE by
openpgp_oid_to_curve, and then use gnupg_get_ecc_params to get ECC
parameters.
(do_encrypt_ecdh): Likewise.
--
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/ks-engine-ldap.c: when compiling with Windows/MinGW headers,
`ldap_parse_page_control` and `ldap_parse_result` expects `ULONG`.
This has become a hard error when using GCC 15.
Signed-off-by: Zhang Maiyun <me@maiyun.me>
* g10/keygen.c (ask_curve): Add a curve aparemter to no list a curbe in
the menu.
--
This is non-standard curve and thus has severe interop problems. To
avoid accidental selection of this curve, it may now only be given by
its name.
* g10/import.c (get_revocation_reason): Fix setting of r_reason.
--
Note that gpgme has not yet support for parsing the revocation reason.
Due to the split of gpgme it was not tested with gpgmeqt which has its
own parser in its regression tests which kicked it when building
debian packages.
GnuPG-bug-id: 7083
Fixes-commit: 3f825b044b
* g10/packet.h (struct revoke_info): Extend to carry the recocation
reason.
* g10/getkey.c (sig_to_revoke_info): Extend to strore the reason.
(merge_selfsigs): Extend to also store the reason in the public key.
* g10/keylist.c (list_signature_print): Factor some code out to ...
(print_revocation_reason_comment): new function.
(print_revocation_reason): New.
(print_key_line): Call new function to print the reason.
* g10/import.c (get_revocation_reason): Use
print_revocation_reason_comment and factor some code out to ...
(revocation_reason_code_to_str): new function.
* g10/gpgv.c (revocation_reason_code_to_str): Add stub.
* g10/test-stubs.c (revocation_reason_code_to_str): Ditto.
--
With this change the revocation reason of a revoked key (but not for a
revoked uid or subkey) is now displayed in "gpg -k" listing right
below the primary key fingerprint. Before that "gpg --checks-sigs"
was required to do show this info.
GnuPG-bug-id: 7083
* tools/gpgtar-extract.c (gpgtar_extract): Initialize PROC as NULL,
and release at the end for the case of jumping to "leave:" label.
* tools/gpgtar-list.c (gpgtar_list): Release at the end.
--
Fixes-commit: 29bc14f56f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build-aux/speedo/w32/inst.nsi: Install the template files.
--
The help files are not very well known but we should at least install
some. We also install those for the wks-utils in case we will ever
support gpg-wks-server of gpg-mail-tube on Windows.
Release 2.5.7
* common/helpfile.c (gnupg_get_template): Add arg locale_override and
adjust all callers.
* tools/wks-receive.c (struct receive_ctx_s): Add field ct_language.
(get_language): New.
(new_part): Call it.
(wks_receive): Pass language to the result callback.
* tools/gpg-wks-client.c (short_locale): New.
(main): Get and store the current locale.
(command_create): Fix a glitch for the Posteo hack. Insert the locale
into the confirmation request.
(send_confirmation_response): Ditto.
* tools/gpg-wks-server.c (struct server_ctx_s): Add field language.
(only_ascii): New.
(struct my_subst_vars_s, my_subst_vars_cb, my_subst_vars): New.
(send_confirmation_request): Use a template.
(send_congratulation_message): Ditto.
(check_and_publish): Pss ctx to send_congratulation_message.
(command_receive_cb): Add arg language.
* doc/wks-utils.txt, doc/wks-utils.de.txt: New.
* doc/Makefile.am (helpfiles): Add them.
--
GnuPG-bug-id: 7381
Note that the subject is not yet translated or templated due to a
missing header encoding function.
* tools/gpg-mail-tube.c: Include i18n.h.
(main): Call i18n.h
(only_ascii): New.
(mail_tube_encrypt): Use a template or fallback to the old version.
* doc/mail-tube.txt, doc/mail-tube.de.txt: Two standard templates.
* doc/Makefile.am (helpfiles): Add them.
--
GnuPG-bug-id: 7381
* common/util.h (GET_TEMPLATE_CURRENT_LOCALE): New.
(GET_TEMPLATE_SUBST_ENVVARS): New.
(GET_TEMPLATE_CRLF): New.
* common/helpfile.c (findkey_fname): Add arg flags and terminate line
with CRLF if requested.
(findkey_locale): Replace arg only_current_locale by flags and add arg
domain.
(gnupg_get_help_string): Factor all code out to ...
(gnupg_get_template): new. Add arg domain. Handle SUBST flags. Do
not trim tralins spaces with the CRLF flag.
* common/t-helpfile.c (main): Require domain name and add two options.
* tools/gpgtar-extract.c (gpgtar_extract): Do final process_release.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
--
Fixes-commit: 29bc14f56f
Running "make -C tests/openpgp check verbose=3" failed with
Creating configuration files
Executing: '/home/wk/b/gnupg/tools/gpgtar' '--extract' \
'--directory=.' \
'/tmp/gpgscm-20250530T121329-run-tests-vGAT4R/environment-cache'
make: *** [Makefile:998: xcheck] Terminated
for unknown reasons. Not calling the gpgrt_process_release fixes this
regression. The real cause needs to be investigated.
* scd/app-piv.c (PIV_ALGORITHM_RSA): Rename to PIV_ALGORITHM_RSA_2048.
(PIV_ALGORITHM_RSA_3072): New.
(get_key_algorithm_by_dobj): Decide whether to use 3072 or 2048.
(do_sign): Support rsa3072.
(do_decipher): Ditto.
(do_genkey): Ditto.
--
Take care: Due to a lack of a PIV token capable of 3072, this has
not been tested at all.
--
Using the given command line for installation is almost always good,
so don't confuse the user with the first sentence. Also explain how
to disable systemd for keyboxd and dirmngr.
* common/sexputil.c (uncompress_ecc_q_in_canon_sexp): Only call memcmp
if the lengths are equal.
--
GnuPG-bug-id: 7662
Signed-off-by: Collin Funk <collin.funk1@gmail.com>
* g10/call-agent.c (agent_pkdecrypt): Use --kem=PGP for
PUBKEY_ALGO_ECDH.
* g10/pubkey-enc.c (ecdh_sexp_build): New.
(get_it): Use ecdh_sexp_build for PUBKEY_ALGO_ECDH. And don't use
pk_ecdh_decrypt since it's done by agent.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>