1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

639 Commits

Author SHA1 Message Date
NIIBE Yutaka
7253093add scd: Rename 'keypad' to 'pinpad'.
* NEWS: Mention scd changes.

* agent/divert-scd.c (getpin_cb): Change message.

* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.

* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/iso7816.h (iso7816_check_pinpad): Rename.

* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.

* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.

* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.

* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.

* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.

* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:06:39 +09:00
Werner Koch
21feecd48f gpg: Add pinentry-mode feature.
* g10/gpg.c: Include shareddefs.h.
(main): Add option --pinentry-mode.
* g10/options.h (struct opt): Add field pinentry_mode.
* g10/passphrase.c: Include shareddefs.h.
(have_static_passphrase): Take care of loopback pinentry_mode.
(read_passphrase_from_fd): Ditto.
(get_static_passphrase): New.
(passphrase_to_dek_ext): Factor some code out to ...
(emit_status_need_passphrase): new.
* g10/call-agent.c (start_agent): Send the pinentry mode.
(default_inq_cb): Take care of the PASSPHRASE inquiry.  Return a
proper error code.
(agent_pksign): Add args keyid, mainkeyid and pubkey_algo.
(agent_pkdecrypt): Ditto.
* g10/pubkey-enc.c (get_it): Pass new args.
* g10/sign.c (do_sign): Pass new args.

* g10/call-agent.c (struct default_inq_parm_s): New.  Change all
similar structs to reference this one.  Change all users and inquire
callback to use this struct, instead of NULL or some undefined but not
used structs.  This change will help to eventually get rid of global
variables.
--

This new features allows to use gpg without a Pinentry.  As a
prerequisite the agent must be configured to allow the loopback
pinentry mode (option --allow-loopback-pinentry).  For example

  gpg2 --pinentry-mode=loopback FILE.gpg

may be used to decrypt FILE.gpg while entering the passphrase on the
tty.  If batch is used, --passphrase et al. may be used, if
--command-fd is used, the passphrase may be provided by another
process.  Note that there are no try-again prompts in case of a bad
passphrase.
2013-02-07 20:37:58 +01:00
Werner Koch
fc00d3fcb2 Print the hash algorithm in colon mode key listing.
* g10/keylist.c (list_keyblock_colon): Print digest_algo.
2012-05-24 10:13:39 +02:00
Werner Koch
508ffb4e02 Add an item to NEWS.
--
2012-02-07 10:20:12 +01:00
Werner Koch
001352077c nPth is now a hard requirement for GnuPG.
* configure.ac: Remove cruft to allow building without npth.
--

Previous versions of GnuPG allowed to build a subset of it without
support of Pth.  Meanwhile gpg-agent is a requirement even for gpg and
thus it does not make any sense to allow such a restricted build.
2012-01-25 15:51:08 +01:00
Werner Koch
372fb4fc06 gpg: Allow use of a standard space separated fingerprint.
* common/userids.c (classify_user_id): Check for space separated GPG
fingerprint.
2012-01-06 13:36:47 +01:00
Werner Koch
97d1c884e6 Post-release version number update 2011-12-20 17:10:28 +01:00
Werner Koch
8e47f1e576 Prepare for the beta3 release. 2011-12-20 15:55:43 +01:00
Werner Koch
45cf9de341 agent: Pass comment lines from scd verbatim thru gpg-agent.
* agent/call-scd.c (pass_status_thru): Pass comment lines verbatim.
* tools/gpg-connect-agent.c (help_cmd_p): New.
(main): Treat an "SCD HELP" the same as "HELP".
2011-12-14 15:42:28 +01:00
Werner Koch
81389383a3 Made the KILLAGENT and KILLSCD commands working again.
This requires that GnuPG is build with a newer version of Libassuan
(2.0.3).
2011-08-10 11:47:04 +02:00
Werner Koch
d479906991 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-07-20 20:49:41 +02:00
Werner Koch
37228cfa05 Allow generation of card keys up to 4096 bit.
This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg.  This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.

Note: the card key generation in gpg is currently broken.  The keys
are generated but it is not possible to create the self-signature
because at that time the gpg-agent does not yet know about the new
keys and thus can't divert the sign request to the card.  We either
need to run the learn command right after calling agent_scd_genkey or
implement a way to sign using the currently inserted card.  Another
option would be to get rid of agent_scd_genkey and implement the
feature directly in agent_genkey.
2011-06-16 14:27:33 +02:00
Werner Koch
817f07173c Fixed regression in OpenPGP secret key export.
The protection used in the exported key used a different iteration
count than given in the S2K field.  Thus all OpenPGP keys exported
from GnuPG 2.1-beta can't be imported again.  Given that the actual
secret key material is kept in private-keys-v1.d/ the can be
re-exported with this fixed version.
2011-04-26 20:39:09 +02:00
Werner Koch
87a6a1c3fe Post beta release updates 2011-03-08 14:00:04 +01:00
Werner Koch
444f2fe1cd Prepare for 1.5.0beta2 2011-03-08 12:56:45 +01:00
Werner Koch
28c157b55c Support X.509 certificate creation.
Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file
is

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Name-Email: foo@example.org
    Name-Email: bar@exmaple.org
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.
2011-03-01 14:42:56 +01:00
Werner Koch
0b5bcb40cf Finished ECC integration.
Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.
2011-02-03 16:35:33 +01:00
Werner Koch
2b933ae8f6 Fix for bug#1313. de.po update. 2011-01-20 15:11:25 +01:00
Werner Koch
2732f2ff3f Fix bug #1311. 2011-01-10 11:37:57 +01:00
Werner Koch
5fd7ff3488 Tweaks for gpgconf.
Fixed dirmngr bug 1010.
2010-12-14 19:17:58 +00:00
Werner Koch
fcb5f7d08f s/AES/AES128/ in diagnostics and --list-config 2010-12-02 15:49:02 +00:00
Werner Koch
b3f9e2130e Change stack size for Wince.
Allow for a longer agent atartup under wince.
Print gpg output via estream.
2010-11-23 18:46:41 +00:00
Werner Koch
2c982dcf86 Fix bug where scdaemon kills a non-daemon gpg-agent. 2010-11-11 15:07:37 +00:00
Werner Koch
dc5150db78 Honor TMPDIR. 2010-10-27 07:37:52 +00:00
Werner Koch
0f721abddf Update scripts etc. 2010-10-26 12:25:47 +00:00
Werner Koch
54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch
002b30e75c Import fixes.
new otion for watchgnupg
2010-10-06 11:29:10 +00:00
Werner Koch
bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
daab9aff3a Merge secret keys during import 2010-09-02 15:11:51 +00:00
Werner Koch
87fac99112 Import OpenPGP keys into the agent. 2010-08-31 15:58:39 +00:00
Werner Koch
15330f36a7 Reworked the posix and w32 exechelpers. 2010-08-20 12:18:38 +00:00
Werner Koch
7e752a4208 Auto-start dirmngr. 2010-08-16 11:03:43 +00:00
Werner Koch
a22c38baad Some work on the dirmngr 2010-07-23 16:16:14 +00:00
Werner Koch
c3f08dcb72 Merged Dirmngr with GnuPG.
A few code changes to support dirmngr.
2010-06-09 16:53:51 +00:00
Werner Koch
51e2703abe Auto starting the agent does now work on CE. 2010-05-04 15:21:47 +00:00
Werner Koch
53c636c4c6 ./autogen.sh --build-w32ce does now succeed. 2010-04-14 14:39:16 +00:00
Werner Koch
2cf687cb3e First batch of changes to support W32CE.
Note that jnlib/w32-reg.c is not yet ready.
2010-02-26 18:44:36 +00:00
Werner Koch
4d693033ab Implement dynamic S2K count computation. 2009-12-14 20:12:56 +00:00
Werner Koch
a51675fabe Add option --cert-extension. 2009-12-10 13:00:30 +00:00
Werner Koch
9a96043be4 Unification of the search descriptor usage. 2009-12-08 16:30:33 +00:00
Werner Koch
85d778b9f6 Use ADNS for PKA and SRV records if no other resolver is available. 2009-12-07 15:52:27 +00:00
Werner Koch
49b00ffd67 allow for default algorithms in a gpg parameter file 2009-12-04 19:47:54 +00:00
Werner Koch
cb5491bfaf support numeric debug levels. 2009-12-03 18:04:40 +00:00
Werner Koch
9e83404751 More stuff for the audit-log. 2009-12-02 18:33:59 +00:00
Werner Koch
536b6ab09f Keep on hacking on g13. A simple --create and --mount does now work.
A hacked up encfs is required.
2009-10-13 19:17:24 +00:00
Werner Koch
b46c353318 Start a new development branch.
Translations are for now disabled.
2009-09-21 18:26:52 +00:00
Werner Koch
fd38b9227e Post release version bumb 2009-09-04 17:52:40 +00:00
Werner Koch
7d0f99aa91 preparae release 2009-09-04 13:38:16 +00:00
Werner Koch
25659d66f1 Ask to insert the right OpenPGP card. 2009-08-11 10:56:44 +00:00
Werner Koch
31084d6dc9 Support writing of existing keys with non-matching key sizes. 2009-07-09 14:54:18 +00:00
Werner Koch
e50cac1d84 Changed default hash algorithm preferences 2009-07-09 08:52:31 +00:00
Werner Koch
2193992559 Impleemned gpgsm's IMPORT --re-import feature.
Typo fix.
2009-07-07 16:52:12 +00:00
Werner Koch
f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch
81972ca7d5 Create a pkcs#10 request directly from a card.
Deprecate gpgsm-gencert.sh script.
2009-07-02 09:49:31 +00:00
Werner Koch
1925cb37f9 Alow batch ode for gpgsm --gen-key.
Allow CSR generation using an existing key with gpgsm.
2009-07-01 18:30:33 +00:00
Werner Koch
e05aeca87b Post release updates 2009-06-17 11:57:24 +00:00
Werner Koch
c998dd12a2 Preparing for 2.0.12. 2009-06-17 11:18:26 +00:00
Werner Koch
4fa261f8ec Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
Werner Koch
5e208460a1 Improved smartcard robustness. 2009-05-13 17:12:00 +00:00
Werner Koch
f8b4cd7650 Import/export of pkcs#12 now uses the gpg-agent directly.
Removed duplicated code (percent unescaping).
2009-04-01 10:51:53 +00:00
Werner Koch
990585ad7d Signing using Netkey 3 cards does now work. 2009-03-26 19:27:04 +00:00
Werner Koch
458cd4a976 Preparing a snapshot. 2009-03-24 18:52:24 +00:00
Werner Koch
f07e762d68 Better syncronization of several smartcard sessions. 2009-03-24 11:40:57 +00:00
Werner Koch
c2c3cf4be1 Changed order of the confirmation questions for root certificates
and stores negative answers in trustlist.txt.
2009-03-19 10:21:51 +00:00
Werner Koch
588a7c34bb Make sure not to leak file descriptors if running gpg-agent with a
command.  Restore the signal mask to solve a problem in Mono.
2009-03-19 07:09:31 +00:00
Werner Koch
a9c317a95c New gpg-agent command to list key information.
Gpgsm does now print the S/N of cards.
Consider ephemeral keys during listing an export.
2009-03-06 17:31:27 +00:00
Werner Koch
59d7a54e72 New PIN Callback attributes in gpg-agent.
Common prompts for keypad and simple card reader.
More support for Netkey cards;  PIN management works now.
2009-03-05 19:19:37 +00:00
Werner Koch
c20b3db108 Add --reload command to gpgconf.
Fix a problem in exechelp.c
Get ready for a release.
2009-03-03 09:02:58 +00:00
Werner Koch
ec4a3eb3c5 Fix a gpg2 problem with removed cards.
Allow runtime conf change for scdaemon.
New commands for scdaemon.
2009-02-27 14:36:59 +00:00
Werner Koch
943f783de7 New scd getinfo subcommand deny_admin 2009-02-12 17:45:40 +00:00
Werner Koch
d1c2e66fbc Change default gpgsm cipher back to 3DES.
Typo fixes.
2009-02-09 10:25:41 +00:00
Werner Koch
b8ffa0d947 Make --allow-admin the default. 2009-01-28 14:18:40 +00:00
Werner Koch
367281480a Post release updates 2009-01-12 10:56:52 +00:00
Werner Koch
4adb5c03e7 preparing a release 2009-01-12 09:18:27 +00:00
Werner Koch
82ab848ea4 Update spanish translation.
Cleanups.
Allow utf-8 in email addresses.
2009-01-08 15:48:51 +00:00
Werner Koch
6558568912 Make gpg not depend on the RIPE-MD160 implementaion in Libgcrypt.
Fix SIG_ID computation.
2008-12-11 17:44:52 +00:00
Werner Koch
382d2f8efb Minor fixes. 2008-12-09 08:58:02 +00:00
Werner Koch
b7ff1109f9 Fixed a temporary file name collision between gpg and gpgsm under Windows. 2008-11-20 16:26:40 +00:00
Werner Koch
aec79fc731 Minor cleanups. 2008-11-11 08:22:06 +00:00
Werner Koch
8997c155e3 Check that the socket is well and served by us. 2008-10-29 17:24:27 +00:00
Werner Koch
b519a52cea Made scdaemon more robust on Windows. 2008-10-15 13:23:10 +00:00
Werner Koch
7d63aa42e5 Remove hacks which are not anymore needed since we now require Libgcrypt 1.4 2008-09-29 15:02:55 +00:00
Werner Koch
96f16f736e Finished support for v2 cards with the exception of secure messaging. 2008-09-25 10:06:02 +00:00
Werner Koch
5a8bf0bec6 Fix gpg-preset-passphrase bug.
Cleanups
2008-09-03 09:37:32 +00:00
Werner Koch
a6a9181818 Start support of TCOS 3 cards.
Support restriction attribute.
Fix utf-8 printing problems.
Use AES by default.
2008-06-26 19:09:07 +00:00
Werner Koch
aa68a60301 Add controlo statement %ask-passphrase 2008-06-16 15:48:33 +00:00
Werner Koch
8e37ee4099 [W32] Change location of /etc. 2008-06-16 13:55:01 +00:00
Werner Koch
035c838f71 Made --fixed-list-mode obsolete. 2008-06-11 08:07:54 +00:00
Werner Koch
138bf2dc15 Fixed segv in gpg-agent (command marktrusted).
Replaced almost all free by xfree.
Translation fixes.
2008-05-27 12:03:50 +00:00
Werner Koch
69ae16636c Add command --locate-key.
Fix auto-key-locate processing of "nodefault".
2008-05-07 15:40:36 +00:00
Werner Koch
08a612f26e W32 related keyserver fixes. 2008-04-21 19:13:36 +00:00
Werner Koch
97ec9aac2b Enhanced --auto-key-locate. 2008-04-08 11:04:16 +00:00
Werner Koch
df4e131786 Add CVE number. 2008-03-28 09:21:59 +00:00
Werner Koch
20e5cf7cb6 Post release update 2008-03-26 11:01:06 +00:00
Werner Koch
a2ede07293 Preparing a release. 2008-03-26 09:20:40 +00:00
Werner Koch
9a8ee6e6be Changed the way i18n files are located under Windows. The setting of the
Registry key is not anymore required.  Helpfiles are not properly located.
2008-03-25 19:41:11 +00:00
Werner Koch
d7f0b3bd89 Fix bug 894.
Change default keyserver.
Allow key protection with Camellia.
2008-03-25 08:33:31 +00:00
Werner Koch
c2a8254be7 Fix a bug in the ambigious name detection.
Minor cleanups.
2008-03-20 15:31:43 +00:00
Werner Koch
f13c5a48fc Improve certificate chain construction.
Extend PKITS framework
2008-02-19 10:33:35 +00:00
Werner Koch
57d9ea99d9 Preparing a test release 2008-02-15 09:58:01 +00:00
Werner Koch
0819c1e8ca Always search missing certifcates using a running Dirmngr's cache. 2008-02-13 16:47:14 +00:00
Werner Koch
c3b9005ec3 Typo fixes.
Portability fix for asschk.c
2008-01-26 22:12:23 +00:00
Werner Koch
157d4479aa Preparing a release. 2007-12-20 08:52:40 +00:00
Werner Koch
9d66580cff Allow verification of some broken S-TRUST generated signatures. 2007-12-13 15:45:40 +00:00
Werner Koch
aeb5a65f7c Allow type 20 keys only with option --rfc2440. 2007-12-12 17:41:05 +00:00
Werner Koch
bae4b256c7 Support DSA2.
Support Camellia for testing.
More audit stuff.
2007-12-12 10:28:30 +00:00
Werner Koch
89671cdd64 More code for the audit log. 2007-12-06 15:55:03 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Werner Koch
fca02368da New option --list-config for gpgconf. 2007-10-23 18:13:27 +00:00
Werner Koch
259a40c830 Enhanced gpg-conect-agent scripting.
Typo fixes in comments.
2007-10-19 14:51:39 +00:00
Werner Koch
31c19d1d68 Use Assuan socket wrapper calls.
Made socket servers secure under Windows.
2007-10-01 14:48:39 +00:00
Werner Koch
c1adbec2a3 post release version bump 2007-09-10 16:38:04 +00:00
Werner Koch
782e1bc00b Preparing 2.0.7 2007-09-10 15:40:29 +00:00
Werner Koch
b13587ef16 New command --check-programs for gpgconf. 2007-08-29 09:51:37 +00:00
Werner Koch
f268889b8f Add more passphrase policy rules.
(--max-passphrase-days).
2007-08-28 17:48:13 +00:00
Werner Koch
15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies.
New tool gpg-check-pattern.
2007-08-27 18:10:27 +00:00
Werner Koch
503f91e0ae tryu harder to ignore duplicate specified keyrings and -boxes.
Documentation updates.
2007-08-24 09:34:39 +00:00
Werner Koch
a5743d1017 Post release version number bump 2007-08-16 10:57:35 +00:00
Werner Koch
ed801e3771 About to do a release 2007-08-16 10:42:06 +00:00
Werner Koch
d20d11a0ee Documentaion updates.
Support doe Dirmngr under W32.
Fixed a yat2m bug.
2007-08-14 16:50:27 +00:00
Werner Koch
74d344a521 Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
Werner Koch
11573b09c4 Typo fixes.
Made --default-key work for gpgsm
Add --default-key and --encrypt-to to gpgconf.
2007-07-17 18:11:24 +00:00
Werner Koch
e6c6a66450 Post release updates 2007-07-05 20:29:14 +00:00
Werner Koch
d0d7c3f053 Prearing a release 2007-07-05 18:59:50 +00:00
Werner Koch
4631bc8ddf Fixed card key generation of gpg2.
Reveal less information about timings while generating a key.
2007-07-05 16:58:19 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
0b66f30d66 Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under Windows. 2007-06-21 18:44:48 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
Werner Koch
c2b08ff908 Print passphrase encoding info only in PEM mode. 2007-05-29 20:11:17 +00:00
Werner Koch
5f3bca9682 Use estream_asprintf instead of the GNU asprintf. 2007-05-15 16:10:48 +00:00
Werner Koch
edb3dc99e9 Preparing 2.0.4 2007-05-09 11:01:33 +00:00
Werner Koch
b89d98e335 Improved logging for error orginating from libgcrypt. 2007-04-20 16:59:37 +00:00
Werner Koch
fd628ffda1 Allow setting of the passphrase encoding of pkcs#12 files.
New option --p12-charset.
2007-03-20 10:00:55 +00:00
Werner Koch
083010a53d * PKCS#12 import now tries several encodings in case the passphrase
was not utf-8 encoded.
2007-03-19 18:54:34 +00:00
Werner Koch
12b661166c Changes to let the key listing use estream to help systems without
funopen.
2007-03-19 14:35:04 +00:00
Werner Koch
95b41996eb Post release version number bump 2007-03-08 14:54:33 +00:00
Werner Koch
e0bbbb8a7f Preparing the 2.0.3 release 2007-03-08 14:16:15 +00:00
Werner Koch
634b4c31d2 The Cherry XX44 keyboard's PINpad does now work.
DINSIG and NKS card applications are now also PIN pad aware.
2007-03-07 20:55:14 +00:00
Werner Koch
ed84b0f787 Support for a global gpgconf configuration file. 2007-03-06 20:44:41 +00:00
Werner Koch
9491ab44c5 Ported multiple-messages protection. 2007-03-05 14:56:31 +00:00
Werner Koch
f6243073a8 Add new SVN only file README.maint
doc/
	* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
	(GPG Configuration Options): Document show-primary-uid-only.
g10/
	* gpg.c (main): Add verify option show-primary-uid-only.
	* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
	* mainproc.c (check_sig_and_print): Implement it.

	* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
	* import.c (check_prefs): Ditto.
	* keyedit.c (show_prefs): Ditto.
	* mainproc.c (proc_symkey_enc): Ditto.
2007-02-26 20:24:29 +00:00
Werner Koch
fedae25efd doc/
* gpg.texi (GPG Esoteric Options): No card reader options for gpg2. 
scd/
	* scdaemon.c (DEFAULT_PCSC_DRIVER): Add a default for OS X.
2007-02-18 13:48:03 +00:00
Werner Koch
b861561e47 Included LIBICONV in all Makefiles.
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
2007-01-31 14:24:41 +00:00
Werner Koch
7eec2efa66 Added LIBINTL to more Makefile targets.
doc/
	* com-certs.pem: Added the current root certifcates of D-Trust and
	S-Trust.

g10/
	* status.c (write_status_begin_signing): New.
	* sign.c (sign_file, sign_symencrypt_file): Call it.
	* textfilter.c (copy_clearsig_text): Call it.

	* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
	required.

	* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
	warning.  
	* misc.c (obsolete_option): New.
2007-01-30 20:16:28 +00:00
Werner Koch
6cee3e66c2 agent/
* protect-tool.c (get_passphrase): New arg OPT_CHECK.
	(get_new_passphrase): Enable OTP_CHECK on the first call.
	* command.c (cmd_get_passphrase): Implement option --check.

	* gpg-agent.c (MIN_PASSPHRASE_LEN): New
	(parse_rereadable_options): New option 	--min-passphrase-len.
	* genkey.c (check_passphrase_constraints): New.
	(agent_genkey, agent_protect_and_store): Call new function.  Fix
	memory leak.

	* call-pinentry.c (agent_askpin): Allow translation of the displayed
	error message.
	(agent_popup_message_start): Remove arg CANCEL_BTN.
	(popup_message_thread): Use --one-button option.

	* command.c (cmd_passwd): Now that we don't distinguish between
	assuan and regular error codes we can jump to the end on error.

common/
	* simple-pwquery.c (simple_pwquery): New arg OPT_CHECK.
2007-01-25 08:30:47 +00:00
Werner Koch
0173cd5a98 Fixes for CVE-2006-6235 2006-12-06 10:16:50 +00:00
Werner Koch
252b668814 Preparing 2.0.1 2006-11-28 16:36:02 +00:00
Werner Koch
218380395e Preparing 2.0.1rc1 2006-11-23 09:53:17 +00:00
Werner Koch
5885142c83 Made some PIN pads work.
Some cleanups for 64 bit CPUs.
2006-11-20 16:49:41 +00:00
Werner Koch
f48d38e7df Post release update 2006-11-11 14:41:22 +00:00
Werner Koch
b5a8d7d268 . 2006-11-11 14:17:09 +00:00
Werner Koch
fac4babd9d post release updates 2006-11-06 10:26:55 +00:00
Werner Koch
3608141f33 Preparing another release 2006-11-06 09:44:28 +00:00
Werner Koch
1e9f026d29 Post release update 2006-10-24 15:01:23 +00:00
Werner Koch
a2786169f2 Preparing another release 2006-10-24 14:45:34 +00:00
Werner Koch
7b8ea82ab6 . 2006-10-23 14:02:13 +00:00
Werner Koch
58785c880d Allow to select X.509 certificates using the keygrip. 2006-10-20 11:38:48 +00:00
Werner Koch
df52700f5c Fixes 2006-10-19 14:22:06 +00:00
Werner Koch
0f49adb44e Preparing a release 2006-10-18 17:19:08 +00:00
Werner Koch
be410be660 Pth tweaks and improved estream.c 2006-10-17 14:34:42 +00:00
Werner Koch
43825e9dae Allow pkcs#10 creation directkly from a smart card 2006-10-11 17:52:15 +00:00
Werner Koch
e0edd19f95 Preparing a release 2006-10-11 10:05:03 +00:00
Werner Koch
158a69aff7 bug fixes 2006-10-05 11:06:42 +00:00
Werner Koch
ecf7ad43f6 Preparing a new release 2006-10-04 10:22:56 +00:00
Werner Koch
1f380299e5 Finished implementation of the "relax" flag. 2006-09-26 10:00:12 +00:00
Werner Koch
d94faf4a3d New "relax" option for trustlist.txt 2006-09-25 18:29:20 +00:00
Werner Koch
f9ff194bc2 Preparing a new release 2006-09-25 07:59:34 +00:00
Werner Koch
2db8df0ba3 Added iconv support and doc cleanups. 2006-09-22 18:15:18 +00:00
Werner Koch
70b9abadee Post release updates 2006-09-18 14:08:27 +00:00
Werner Koch
f132e66f49 Ready for another release 2006-09-18 13:23:18 +00:00
Werner Koch
e6f8654d03 Added common certificates. 2006-09-18 09:28:58 +00:00
Werner Koch
7f42987b07 Allow for a global trustlist. 2006-09-15 18:53:37 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
9577dd45ab Various fixes and new features.
Enhanced gpg-connect-agent.
2006-09-13 15:57:30 +00:00
Werner Koch
6374763c98 Let scdaemon call a script on status changes 2006-09-07 15:13:33 +00:00
Werner Koch
d8602648b8 See ChangeLogs 2006-08-29 16:18:30 +00:00
Werner Koch
368170215f More man pages. Added include files for 2 common paragraphs. 2006-08-18 13:05:39 +00:00
Werner Koch
5436df281a post release preparations 2006-07-27 14:45:11 +00:00
Werner Koch
de5070caf0 Preparing a new release 2006-07-27 14:18:55 +00:00
Werner Koch
b37c1ce1b9 Create bag attributes so that Mozilla will accept these files.
Tested with using a CAcert generated certificate.
2006-07-24 11:20:33 +00:00
Werner Koch
d035d2a52e Support import from TrustedMIME (i.e. from simple keyBags) 2006-07-21 09:41:11 +00:00
Werner Koch
98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch
91a4be3126 Preparing a new release 2006-06-20 18:52:43 +00:00
Werner Koch
f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Werner Koch
79f749fec9 Allo RMD160 signatures 2006-03-21 12:48:51 +00:00
Werner Koch
6b19366e4e Add Kludge for RegTP sillyness. 2006-03-21 09:56:47 +00:00
Werner Koch
4472efd12c PIN caching of cards does now work. 2006-02-09 18:29:31 +00:00
Werner Koch
ee3f99f4e4 . 2006-02-06 18:31:27 +00:00
Werner Koch
dfaee3d480 post release preparations 2005-12-20 11:12:16 +00:00
Werner Koch
a56dc7e7af Preparing a released 2005-12-20 10:26:32 +00:00
Werner Koch
38e7c4c50a Fixed importing certs created by newer versions of Mozilla. 2005-12-16 15:52:48 +00:00
Werner Koch
6a13cf2c3d Preparing an interim release 2005-11-28 11:52:25 +00:00
Werner Koch
cc999f61a7 About to release 1.9.19 2005-09-12 08:23:33 +00:00
Werner Koch
6f90f05cb2 Bug fixes and ssh support for the BELPIC. 2005-09-09 11:18:08 +00:00
Werner Koch
d9d2d3da91 The BELPIC card does now work. 2005-09-06 18:42:13 +00:00
Werner Koch
0a09a6316e Use a default argument for --write-env-file. 2005-08-16 09:15:09 +00:00
Werner Koch
3919421a4f About to release 1.9.18 2005-08-01 16:54:54 +00:00
Werner Koch
a2d1673d66 * findkey.c (agent_public_key_from_file): Fixed array assignment.
This was the cause for random segvs.

* call-agent.c (gpgsm_agent_readkey): New.
2005-07-25 14:35:04 +00:00
Werner Koch
717eb552c1 post release version number update 2005-06-20 17:52:13 +00:00
Werner Koch
96fdf4cf10 Preparing 1.9.17 2005-06-20 17:32:44 +00:00
Werner Koch
3370164182 New debugging optionhs, updates to the manual. 2005-06-07 19:09:18 +00:00
Werner Koch
f1dac8851d * command.c (cmd_updatestartuptty): New.
* gpg-agent.c: New option --write-env-file.

* gpg-agent.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.

* estream.c: Use HAVE_CONFIG_H and not USE_CONFIG_H!
(es_func_fd_read, es_func_fd_write): Protect against EINTR.

* gpg-agent.texi (Agent UPDATESTARTUPTTY): New.

* scdaemon.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.
(handle_connections): Include the file descriptor into the name of
the thread.
2005-06-03 13:57:24 +00:00
Werner Koch
05e1dc22f0 * call-scd.c (start_scd): Don't test for an alive scdaemon here.
(agent_scd_check_aliveness): New.
* gpg-agent.c (handle_tick): Test for an alive scdaemon.
(handle_signal): Print thread info on SIGUSR1.

* scdaemon.c (handle_signal): Print thread info on SIGUSR1.
2005-05-21 18:49:00 +00:00
Werner Koch
4237a9cc7f Changed the scdaemon to handle concurrent sessions. Adjusted
gpg-agent accordingly. Code cleanups.
2005-05-18 10:48:06 +00:00
Werner Koch
a22750dc1e * configure.ac: Removed OpenSC detection and options.
* acinclude.m4: Ditto.

* scdaemon.texi: Removed OpenSC specific options.

* app-p15.c: New.  Basic support for pkcs15 cards without OpenSC.
There are quite a couple of things missing but at least I can use
my old TCOS cards from the Aegypten-1 development for signing.
* app.c (select_application): Detect pkcs15 applications.
* Makefile.am (scdaemon_SOURCES): Removed card.c, card-common.h
and card-p15.c because they are now obsolete. Added app-p15.c.
Removed all OpenSC stuff.
* command.c (do_reset, open_card, cmd_serialno, cmd_learn)
(cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkdecrypt): Removed
all special cases for the old card.c based mechanisms.
* scdaemon.c, apdu.c: Removed all special cases for OpenSC.
2005-04-27 12:09:21 +00:00
Werner Koch
a832ff3de0 post release version number update 2005-04-21 14:59:18 +00:00
Werner Koch
ec51140af0 Preparing a release 2005-04-21 14:39:00 +00:00
Werner Koch
eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
Werner Koch
6cb495ca5c post release updates 2005-01-13 19:03:37 +00:00
Werner Koch
444c93043d * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test
program to see whether the installation is sane.

* certreqgen.c (proc_parameters): Cast printf arg.
2005-01-13 18:00:46 +00:00
Werner Koch
b85cf46a42 Post release updates 2004-12-22 19:07:46 +00:00
Werner Koch
de6f6d2015 (set_binary): New.
(main, open_read, open_fwrite): Use it.
2004-12-22 17:55:28 +00:00
Werner Koch
581f5ddb17 * configure.ac: Add PATHSEP_C and PATHSEP_S. For W32 let all
directories default to c:/gnupg.  Require libassuan 0.6.9.

* gpg-agent.c (main) [W32]: Now that Mutexes work we can remove
the pth_init kludge.
(main): Add new options --[no-]use-standard-socket.
(check_for_running_agent): Check whether it is running on the
standard socket.

* sysutils.h [W32]: Define sleep.
* util.h: Add prototype for mkdtemp.

* call-agent.c (start_agent): Before starting a pipe server start
to connect to a server on the standard socket.  Use PATHSEP
* call-dirmngr.c (start_dirmngr): Use PATHSEP.

* import.c: Include unistd.h for dup and close.
2004-12-20 16:17:25 +00:00
Werner Koch
8f620c8c2c * configure.ac (have_w32_system): New. Disable Pth checks for W32.
Link jnlib/w32-pth.h to pth.h.

* Makefile.am (pkglib_PROGRAMS): Build only for W32.

* keydb.c: Don't define DIRSEP_S here.
2004-12-06 13:49:14 +00:00
Werner Koch
52efac06d7 post release version number updates 2004-12-03 19:43:11 +00:00
Werner Koch
d45e223fdc Preparing 1.9.13 2004-12-03 17:44:57 +00:00
Werner Koch
a2ecb6285e Post release preparations 2004-10-22 19:57:03 +00:00
Werner Koch
8dee43cc0b Releasing 1.9.12 2004-10-22 19:48:12 +00:00
Werner Koch
17c2c40601 Compile fixes. 2004-10-22 16:03:04 +00:00
Werner Koch
d33703e5fe * sc-investigate: Removed.
* Makefile.am (sc_investigate): Removed.

* pcsc-wrapper.c (load_pcsc_driver): Load get_status_change func.
(handle_open): Succeed even without a present card.
(handle_status, handle_reset): New.

* apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
(pcsc_get_status): Implemented.
(reset_pcsc_reader): Implemented.
(open_pcsc_reader): Succeed even with no card inserted.
(open_ccid_reader): Set LAST_STATUS.

* iso7816.c (iso7816_select_application): Always use 0 for P1.
2004-10-20 08:54:45 +00:00
Werner Koch
837c74f7e4 Fixed copyright years 2004-10-15 16:10:50 +00:00
Werner Koch
9fff2719b6 post release preparations 2004-10-01 13:31:46 +00:00
Werner Koch
88458e8679 *** empty log message *** 2004-10-01 12:54:53 +00:00
Werner Koch
048635bede * gpgv.c (i18n_init): Always use LC_ALL.
* kbxutil.c (i18n_init): Always use LC_ALL.

* gpgsm.c (i18n_init): Always use LC_ALL.

* certdump.c (gpgsm_format_name): Factored code out to ..
(gpgsm_format_name2): .. new.
(gpgsm_print_name): Factored code out to ..
(gpgsm_print_name2): .. new.
(print_dn_part): New arg TRANSLATE.  Changed all callers.
(print_dn_parts): Ditto.
(gpgsm_format_keydesc): Do not translate the SUBJECT; we require
it to stay UTF-8 but we still want to filter out bad control
characters.

* gpgconf.c (i18n_init): Always use LC_ALL.
2004-09-30 21:37:11 +00:00
Werner Koch
0cb56ad4ac (check_for_running_agent): New.
(main): The default action is now to check for an already running
agent.
(parse_rereadable_options): Set logfile only on reread.
(main): Do not print the "is development version" note.
2004-09-09 07:27:57 +00:00
Werner Koch
066352a6a5 * import.c (check_and_store): Do a full validation if
--with-validation is set.

* certchain.c (gpgsm_basic_cert_check): Print more detailed error
messages.

* certcheck.c (do_encode_md): Partly support DSA.  Add new arg
PKALGO. Changed all callers to pass it.
(pk_algo_from_sexp): New.

tests/pkits: New directory
2004-08-17 15:26:22 +00:00
Werner Koch
8e237f5b09 post-release version number bump 2004-07-22 11:40:17 +00:00
Werner Koch
d9147773b4 * trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
2004-07-22 09:37:36 +00:00
Werner Koch
5836ea925a post release version bump 2004-06-08 19:25:06 +00:00
Werner Koch
89da78cdf3 about to release 1.9.9 2004-06-08 19:10:32 +00:00
Werner Koch
f289f433b6 * configure.ac: Require libksba 0.9.7.
* certreqgen.c (get_parameter_uint, create_request): Create
an extension for key usage when requested.

* gpgsm.c (main): Install emergency_cleanup also as an atexit
handler.

* verify.c (gpgsm_verify): Removed the separate error code
handling for KSBA.  We use shared error codes anyway.

* export.c (export_p12): Removed debugging code.

* encrypt.c (gpgsm_encrypt): Put the session key in to secure memory.
2004-06-06 13:00:59 +00:00
Werner Koch
d3184ce584 * gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.
* server.c (gpgsm_server): Print some additional information with
the hello in verbose mode.
2004-05-11 09:15:56 +00:00
Werner Koch
cb76c9bc77 post release version bump 2004-04-29 18:16:44 +00:00
Werner Koch
77c4506425 About to release 1.9.8 2004-04-29 17:32:02 +00:00
Werner Koch
6aaceac7fe The keybox gets now compressed after 3 hours and ephemeral
stored certificates are deleted after about a day.
2004-04-26 08:09:25 +00:00
Werner Koch
78f797d11d * command.c (scd_update_reader_status_file): Write status files.
* app-help.c (app_help_read_length_of_cert): Fixed calculation of
R_CERTOFF.

* pcsc-wrapper.c: New.
* Makefile.am (pkglib_PROGRAMS): Install it here.
* apdu.c (writen, readn): New.
(open_pcsc_reader, pcsc_send_apdu, close_pcsc_reader): Use the
pcsc-wrapper if we are using Pth.
(apdu_send_le): Reinitialize RESULTLEN.  Handle SW_EOF_REACHED
like SW_SUCCESS.
2004-04-20 16:42:55 +00:00
Werner Koch
e9857ca1e3 post release re-versioning 2004-04-06 14:15:47 +00:00
Werner Koch
b361a6addc About to release 1.9.7 2004-04-06 11:40:28 +00:00
Werner Koch
d84d632583 * configure.ac: Require libgcrypt 1.1.94.
Introduce PACKAGE_GT and set it to gnupg2.

* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.

* Makevars (DOMAIN): Init from PACKAGE_GT
2004-04-06 10:01:04 +00:00
Werner Koch
8c03a61f94 Require libgcrypt 1.1.94. 2004-04-06 07:36:25 +00:00
Werner Koch
1cd35d8551 *** empty log message *** 2004-03-16 19:00:00 +00:00
Werner Koch
f3553d844d post release development preparations 2004-03-06 20:42:14 +00:00
Werner Koch
884483282f Preparing for a release 2004-03-06 20:11:19 +00:00
Werner Koch
48b0cdef7c post release version bumb 2004-02-21 13:35:42 +00:00
Werner Koch
b67d7c4073 About to release 1.9.5 2004-02-21 13:13:35 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
Werner Koch
bda3467067 * protect-tool.c (main): Setup the used character set.
* gpg-agent.c (main): Ditto.

* gpg-agent.c (set_debug): New.  New option --debug-level.
(main): New option --gpgconf-list.
2004-02-18 16:57:38 +00:00
Werner Koch
cbff0b05e5 * command.c (cmd_setkeydesc): New.
(register_commands): Add command SETKEYDESC.
(cmd_pksign, cmd_pkdecrypt): Use the key description.
(reset_notify): Reset the description.
* findkey.c (unprotect): Add arg DESC_TEXT.
(agent_key_from_file): Ditto.
* pksign.c (agent_pksign): Ditto.
* pkdecrypt.c (agent_pkdecrypt): Ditto. Made CIPHERTEXT an
unsigned char*.
2004-02-13 17:06:34 +00:00
Werner Koch
e98b7a9b21 Require libksba 0.9.4 and libgcrypt 1.1.92. 2004-02-13 12:40:54 +00:00