1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

2850 Commits

Author SHA1 Message Date
Ben Kibbey
31e47dfad0 gpg: Add canceled status message.
* common/status.h (STATUS_CANCELED_BY_USER): New.
* g10/passphrase.c (passphrase_to_dek): Send STATUS_CANCELED_BY_USER
instead of STATUS_MISSING_PASSPHRASE when canceled is set.
--

This is to prevent further pinentry tries when the pinentry is canceled
by the user during symmetric decryption.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2020-11-05 11:19:15 -08:00
Werner Koch
dabc314b71
common: Fix duplicate implementation of try_make_homedir.
* g10/openfile.c (try_make_homedir): Move core of the code to ...
* common/homedir.c (gnupg_maybe_make_homedir): new.
* sm/keydb.c (try_make_homedir): Implement using new function.

* common/homedir.c: Include i18n.h.
* po/POTFILES.in: Add common/homedir.c.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:13:04 +01:00
Werner Koch
d1f2a6d9f7
gpg: Switch to AES256 for symmetric encryption in de-vs mode.
* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--

Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm.  With the default gnupg mode
that was already used.  The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms.  They are still possible but now
non-compliant algorithms will throw an error.

Manual testing can be done with commands like this:

  gpg --no-options --compliance=de-vs \
   --personal-cipher-preferences "S1 S7" \
   --pinentry-mode loopback -v --passphrase abc -ac </etc/motd

Here the command fails due to IDEA (S1) being the preferred cipher
algorithm.  Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-03 15:37:40 +01:00
Werner Koch
e1bafa3574
gpg: Allow setting notations with the empty string as value.
* g10/misc.c (pct_expando): Catch special case of the empty string.
Also map a NULL to the empty string.
* g10/photoid.c (show_photos): Make an empty string used as command
fail.
--

This patch also fixes a segv when calling gpg wrongly like

  gpg -N \-foo@example.org

GnuPG-bug-id: 5117
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-02 17:34:29 +01:00
Werner Koch
15746d60d4
gpg: Do not use weak digest algos if selected by recipient prefs.
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--

If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient.  This is so that all recipients are able to check the the
signature.  However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.

Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.

Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-02 13:45:19 +01:00
Ingo Klöcker
b004701adc gpg: Fix iteration over signatures
* g10/keyedit.c (keyedit_quick_revsig): Take signature of correct node
--

GnuPG-bug-id: 5093
2020-11-02 09:14:03 +01:00
NIIBE Yutaka
90c3d623ce gpg: Fix debug output for key_check_all_keysigs with opaque MPI.
* g10/key-check.c (key_check_all_keysigs): Handle opaque MPI.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-02 11:32:27 +09:00
NIIBE Yutaka
029ba6dc96 gpg: Fix check_signature2 for opaque MPI.
* g10/sig-check.c (check_signature2): Handle the case of opaque MPI.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-02 11:27:26 +09:00
NIIBE Yutaka
21d8927f79 gpg: Change the API for checksum to use const qualifier.
* g10/main.h (checksum): Use const.
* g10/misc.c (checksum): Use const.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-02 11:26:09 +09:00
NIIBE Yutaka
3151210e45 gpg: Fix counting buffer size in check_signature2.
* g10/sig-check.c (check_signature2): Use GCRYMPI_FMT_PGP.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-02 11:14:56 +09:00
NIIBE Yutaka
813e24108a gpg: Fix SOS handling with libgcrypt version <= 1.8.
* g10/misc.c (checksum_mpi): Don't depend new feature
of gcry_mpi_print which supports opaque MPI.

--

GnuPG-bug-id: 5116
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-30 17:03:22 +09:00
NIIBE Yutaka
dd4fb1c8f6 gpg: Fix first zero-byte case for SOS handling.
* g10/export.c (transfer_format_to_openpgp): Check the first byte.
* g10/pkglue.c (sexp_extract_param_sos): Likewise.

--

GnuPG-bug-id: 5116
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-30 15:21:20 +09:00
Werner Koch
243f9176e7
gpg: New command --quick-revoke-sig
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig.
(opts): Add --quick-revoke-sig.
(main): Implement.
* g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and
adjust all callers.
(keyedit_quick_revsig): new.
* g10/revoke.c (get_default_sig_revocation_reason): New.
* g10/keylist.c (cmp_signodes): Make global.
--

GnuPG-bug-id: 5093
2020-10-28 17:06:27 +01:00
Werner Koch
742e2729f4
gpg: Sort the signatures in standard key listings.
* g10/gpg.c (parse_list_options): Add "sort-sigs".
(main): Make it the default.
* g10/options.h (LIST_SORT_SIGS): New.
* g10/keylist.c (cmp_signodes): New.
(list_keyblock_print): Sort signatures and factor signature printing
code out to ...
(list_signature_print): new.
--

In particular together with --full-timestamps this makes it easier to
see the history of key signatures and their revocations.  The
self-signatures are also printed first.  To disable this

  --list-options no-sort-sigs

can be used.

Also don't print the annoying "no recocation reason specified"
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-27 17:21:19 +01:00
Werner Koch
0f780b1aeb
g10: Make call to agent_scd_serialno more robust.
* g10/call-agent.c (agent_scd_serialno): Make sure that NULL is stored
on error at r_serialno.
* g10/card-util.c (card_status): Simplify freeing of seriaono.
(factory_reset): Ditto.
--

This pattern is what we use with other functions returning an
allocated string and thus less surprising.
2020-10-26 12:50:30 +01:00
Werner Koch
cf4b8a27c3
g10,sm: Use gnupg_access at two more places
--
2020-10-26 12:50:13 +01:00
NIIBE Yutaka
a153d0f769 gpg: Fix double free on error.
* g10/card-util.c (card_status): Check an error return.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-26 14:00:26 +09:00
NIIBE Yutaka
157f1de64e gpg,tools: Fix detecting OpenPGP card by serialno.
* tools/gpg-card.c (list_openpgp): Use ->apptype to determine card's
APP.
* g10/card-util.c (get_info_for_key_operation): Likewise.
(current_card_status): Even if its SERIALNO is not like OpenPGP card,
it's OpenPGP card when app says so.

--

GnuPG-bug-id: 5100
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-26 13:49:23 +09:00
Werner Koch
18e5dd7b03
Replace all calls to stat by gnupg_stat.
* common/sysutils.c (gnupg_stat): New.
* common/sysutils.h: Include sys/stat.h.
--

Yet another wrapper for Unicode support on Windows.

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-20 16:38:06 +02:00
Werner Koch
4dcef0e178
Replace most calls to open by a new wrapper.
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New.  Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--

This is yet another step for full Unicode support on Windows.

GnuPG-bug-id: 5098
2020-10-20 14:08:35 +02:00
Werner Koch
390497ea11
Replace most of the remaining stdio calls by estream calls.
--

We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change.  At a
very few places we keep using stdio (for example due to the use of
popen).

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-20 12:15:56 +02:00
Werner Koch
c94ee1386e
Replace all calls to access by gnupg_access
* common/sysutils.c (gnupg_access): New.  Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--

Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.

This is required to correctly handle non-ascii filenames on Windows.

GnuPG-bug-id: 5098
2020-10-20 12:15:55 +02:00
NIIBE Yutaka
228836f79f gpg,ecc: Fix SOS handling when receiving from agent.
* g10/export.c (transfer_format_to_openpgp): It's not simple opaque
MPI, but SOS.

--

Fixes-commit: f5bc94555458123f93d8b07816a68fb7485421e1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-09 13:57:35 +09:00
Werner Koch
ff31dde456
gpg: Switch to ed25519+cv25519 as default algo.
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change to former future
default ago.
(ask_algo): Change default and also the way we indicate the default
algo in the list of algos.
(ask_curve): Indicate the default curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-05 14:21:31 +02:00
Werner Koch
e824e27d36
gpg: Fix parameter parsing form ed448.
* g10/keygen.c (parse_key_parameter_part): Set algo also for 448.
--
Fixes-commit: a763bb2580b0d586a80b8ccd3654f41e49604f4f
2020-10-02 12:29:20 +02:00
Werner Koch
d49a945b12
gpg: New experimental import option "bulk-import"
* g10/options.h (IMPORT_BULK): New.
* g10/import.c (parse_import_options): Add "bulk-import".
* g10/call-keyboxd.c (in_transaction): New var.
(gpg_keyboxd_deinit_session_data): Run a commit if in bulk import
mode.
(create_new_context): Run a begin transaction if in bulk import mode.
--

Initial tests with this option are not very promising.  Importing
about 3000 real world keys with --use-keyboxd and full logging took:

   real    33m31.724s
   user    19m54.265s
   sys     2m49.662s

With bulk-import this saves a mere 12%:

   real    29m36.542s
   user    19m3.391s
   sys     2m46.728s

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-24 16:47:10 +02:00
Werner Koch
25ad3c22d7
keyboxd: Implement multiple search descriptions.
* kbx/kbx-client-util.c (kbx_client_data_simple): New.
* kbx/backend-sqlite.c (struct be_sqlite_local_s): Add field descidx.
(be_sqlite_search): Use that.
* g10/call-keyboxd.c (keydb_search): Implement multi mode.
--

With that change the keyboxd is at par with the keybox code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-24 10:37:42 +02:00
Werner Koch
1835097561
gpg: Set the found-by flags in the keyblock in keyboxd mode.
* g10/keydb-private.h (struct keydb_handle_s): Add fields to return
the ordinals of the last found blob.
* g10/call-keyboxd.c (keydb_get_keyblock): Pass them to the keyblock
parser.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-22 16:20:41 +02:00
Werner Koch
babd87f2da
doc: Some documentation updates.
--

Also fixed some typos and documented soon to be used OIDs
2020-09-21 09:20:47 +02:00
NIIBE Yutaka
dfdcf14738 common,agent,dirmngr,g10,tools: Fix split_fields API.
* common/stringhelp.h (split_fields): Use const * for the strings in
the ARRAY.
(split_fields_colon): Likewise.
* common/stringhelp.c (split_fields, split_fields_colon): Fix
the implementation.
* agent/call-scd.c, agent/command.c: Follow the change.
* common/t-stringhelp.c, dirmngr/loadswdb.c: Likewise.
* g10/call-agent.c, tools/card-call-scd.c: Likewise.
* tools/card-yubikey.c, tools/gpg-card.c: Likewise.
* tools/gpg-card.h, tools/gpg-wks-client.c: Likewise.
* tools/gpgconf-comp.c, tools/gpgconf.c: Likewise.
* tools/wks-util.c: Likewise.

--

The strings in the ARRAY don't need to be released by caller, as those
are references.  It's easier to follow the code when it's explicitly
const *.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-18 10:20:23 +09:00
NIIBE Yutaka
8dfd0ebfd8 gpg,scd: Fix handling of KDF feature.
* g10/card-util.c (kdf_setup): Fix the default value.
* scd/app-openpgp.c (do_setattr): Support kdf-setup "off" by
Zeitcontrol.  Make sure Gnuk and Yubikey work well.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-16 12:49:20 +09:00
Werner Koch
6fcc263c18
keyboxd: Use D-lines instead of a separate thread.
* kbx/kbx-client-util.c (kbx_client_data_new): Add arg 'dlines'.
* g10/call-keyboxd.c (open_context): Set DLINES to true.
* sm/keydb.c (open_context): Ditto.
--

This allows to compile time switch between the D-line and the
fd-passing data communication between gpg/gpgsm and keyboxd. A quick
test with about 3000 OpenPGP keys showed that D-lines are only 10%
slower than the fd-passing based implementation.  Given that the
thread adds extra complexity we go for now with the D-line approach.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:14:02 +02:00
Werner Koch
29977e21d1
keyboxd: Add options --openpgp and --x509 to SEARCH.
* kbx/keyboxd.h (struct server_control_s): Replace the two request
objects by just one.  Add filter flags.
* kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509.
(cmd_killkeyboxd): Do not return GPG_ERR_EOF.
* kbx/frontend.c (kbxd_release_session_info): Adjust for the new
request object.
(kbxd_search, kbxd_store, kbxd_delete): Ditto.
* kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags.
(run_sql_prepare): Add optional arg 'extra'.  Change callers.
(run_sql_bind_ntext): New.
(run_sql_bind_text): Just call run_sql_bind_ntext.
(run_select_statement): Add ctrl arg.  Implement the filter flags.

* g10/call-keyboxd.c (keydb_search): Use the --openpgp option.
--

As soon as we implement X.509 we need to have a way to return only
openpgp or x.509 certificates.  Gpg/gpgsm will then use the respective
flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:08:48 +02:00
Werner Koch
adec6a84f6
kbx: Change X.509 S/N search definition.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Do not overload
SNLLEN with a hex flag.  Add SNHEX.
* kbx/keybox-search.c (keybox_search): Adjust.
* common/userids.c (classify_user_id): Adjust.
* sm/keydb.c (keydb_search_desc_dump): Adjust.
* g10/keydb.c (keydb_search_desc_dump): Adjust.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-09 20:34:59 +02:00
NIIBE Yutaka
2bc1ec2944 gpg,tools: Add handling of supported algorithms by a card.
* g10/call-agent.h (struct agent_card_info_s): Add supported_keyalgo.
* g10/call-agent.c (learn_status_cb): Parse KEY-ATTR-INFO.
(agent_release_card_info): Release supported_keyalgo.
* tools/gpg-card.h (struct card_info_s): Add supported_keyalgo.
* tools/card-call-scd.c (learn_status_cb): Parse KEY-ATTR-INFO.
(release_card_info): Release supported_keyalgo.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-08 15:34:42 +09:00
Werner Koch
65eb156980
gpg: Initialize a parameter to silence valgrind.
* g10/keygen.c (read_parameter_file): Initialize nline.
* g10/textfilter.c (copy_clearsig_text): Initialize bufsize.
--

In iobuf_read_line the parameter to pass and return the current buffer
length is controlled by the buffer parameter.  Thus there should be no
problem because the assert call check s buffer first.  For yet unknown
reasons when using the standard GNU libc assert valgrind complains
about an uninitialized variable.  That does not happen with our
log_assert.

Tested with gnupg 2.2.23 with gcc 8.3.0 and valgrind 3.14.0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-04 11:32:47 +02:00
Werner Koch
8ec9573e57
gpg: Fix segv importing certain keys.
* g10/key-check.c (key_check_all_keysigs): Initialize issuer.
--

Fixes-commit: 404fa8211b6188a0abe83ef43a4b44d528c0b035
from 2017

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-02 15:30:44 +02:00
Werner Koch
497db0b5bc
keyboxd: Restructure client access code.
* kbx/kbx-client-util.c: New.
* kbx/kbx-client-util.h: New.
* kbx/Makefile.am (client_sources): New.
* g10/keydb.c (parse_keyblock_image): Rename to keydb_parse_keyblock
and make global.
* g10/call-keyboxd.c: Include kbx-client-util.h.
(struct keyboxd_local_s): Remove struct datastream.  Add field kcd.
Remove per_session_init_done.
(lock_datastream, unlock_datastream): Remove.
(prepare_data_pipe, datastream_thread): Remove.
(keydb_get_keyblock_do_parse): Remove.
(gpg_keyboxd_deinit_session_data): Release the KCD object.
(open_context): Use of kbx_client_data_new.
(keydb_get_keyblock): Simplify.
(keydb_search): Use kbx_client_data_cmd and _wait.
--

The data specific part of the code has been moved from gpg to a new
module in kbx/ so that it can also be used by gpgsm.  The OpenPGP
parsing while reading the data has been replaced by storing the data
in memory and parse it later.  That makes a nice interface and
abstracts the fd-passing/D-lines handling away.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-02 15:16:29 +02:00
Werner Koch
2cd8bae23d
Use only one copy of the warn_server_mismatch function.
* common/asshelp.c (warn_server_version_mismatch): New.  Actually a
slightly modified version of warn_version_mismatch found in other
modules.
* common/status.c (gnupg_status_strings): New.
* g10/cpr.c (write_status_strings2): New.
* g10/call-agent.c (warn_version_mismatch): Use the new unified
warn_server_version_mismatch function.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* g10/call-keyboxd.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
* tools/card-call-scd.c (warn_version_mismatch): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-01 20:43:57 +02:00
Werner Koch
fc1a185755
gpg: Remove left over debug output from recent change.
* g10/import.c (collapse_subkeys): Remove debug out.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 15:20:28 +02:00
Werner Koch
633c1fea5f
gpg: Collapse duplicate subkeys.
* g10/options.h (IMPORT_COLLAPSE_UIDS): New.
(IMPORT_COLLAPSE_SUBKEYS): New.
* g10/gpg.c (main): Make them the default.
* g10/import.c (parse_import_options): New import options
"no-collapse-uids" and "no-collapse_subkeys".
(collapse_subkeys): New.
(import_one_real): Collapse subkeys and allow disabling the collapsing
using the new options.
(read_key_from_file_or_buffer): Always collapse subkeys.
* g10/keyedit.c (fix_keyblock): Call collapse_subkeys.
--

GnuPG-bug-id: 4421
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 10:33:57 +02:00
Werner Koch
96e15051ba
Add a new dist signing key
--

This is

  pub   ed25519 2020-08-24 [SC] [expires: 2030-06-30]
        6DAA 6E64 A76D 2840 571B  4902 5288 97B8 2640 3ADA
  uid                      Werner Koch (dist signing 2020)
2020-08-24 19:47:26 +02:00
Werner Koch
32aac55875
build: New configure option --disable-tests
* configure.ac: Add option --disable-tests.  Print warnings in the
summary.
(DISABLE_TESTS): New am_conditional.
--
GnuPG-bug-id: 4960
2020-08-20 10:54:17 +02:00
Werner Koch
4031c42bfd
gpg,gpgsm: Record the creation time of a private key.
* sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option.
(gpgsm_agent_import_key): Ditto.
* g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on.
(agent_import_key): Ditto.
* g10/import.c (transfer_secret_keys): Pass the creation date to the
agent.
* g10/keygen.c (common_gen): Ditto.
--

Having the creation time in the private key file makes it a lot easier
to re-create an OpenPGP public keyblock in case it was accidentally
lost.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-19 13:43:16 +02:00
NIIBE Yutaka
1d66b518ca gpg: Fix condition of string_to_aead_algo.
* g10/misc.c (string_to_aead_algo): Only compare if not NULL.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-19 15:18:42 +09:00
Werner Koch
6bcb609e1b
Add --chuid to gpg, gpg-card, and gpg-connect-agent.
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.  Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-14 12:19:11 +02:00
Werner Koch
53d84f9815
gpg: Ignore personal_digest_prefs for ECDSA keys.
* g10/sign.c (hash_for): Simplify hash algo selection for ECDSA.
--

GnuPG-bug-id: 5021
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-13 11:19:22 +02:00
NIIBE Yutaka
373c975859 gpg: Fix trustdb for v5key.
* g10/keydb.h (fpr20_from_pk): New.
* g10/keyid.c (fpr20_from_pk): New.
* g10/tdbio.c (tdbio_search_trust_byfpr): Use fpr20_from_pk.
* g10/trustdb.c (keyid_from_fpr20): New.
(verify_own_keys): Use keyid_from_fpr20.
(tdb_update_ownertrust): Use fpr20_from_pk.
(update_min_ownertrust): Likewise.
(update_validity): Likewise.

--

For the compatibility of existing implementation, we keep the format
of trustdb untouched.  The format of trustdb uses 20-byte fingerprint
for the trust record entry.  To handle both of v4key (with 20-byte
fingerprint) and v5 key (with 32-byte fingerprint), we introduce FPR20
fingerprint, internally.  For v4key, FPR20 is as same as v4
fingerprint.  For v5key, FPR20 is constructed from v5key fingerprint.

GnuPG-bug-id: 5000
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-07 13:02:47 +09:00
NIIBE Yutaka
20982bbd75 gpg: Fix short key ID for v5key.
* g10/keyid.c (keyid_from_pk): Return keyid[0] for v5key.
* g10/keyring.c (keyring_search): Handle short key ID for v5key.

--

GnuPG-bug-id: 5000
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-07 13:02:40 +09:00
Werner Koch
0774482257
build: Remove expired key of David Shaw from distsigkey.gpg.
--
2020-08-06 11:26:57 +02:00
Werner Koch
d847f0651a
gpg: Add level 16 to --gen-random
* g10/gpg.c (main): Add that hack.
--

This is an yet undocumented hack to allow printing hex encoded random
number with gpg.  The level is forced to be 1 which is is good for
almost all uses.  Note that --armor is ignored.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-05 16:53:34 +02:00
Werner Koch
5c514a274c
gpg: Do not close stdout after --export-ssh-key
* g10/export.c (export_ssh_key): Do not close stdout.
--

stdout should never be closed; this fixes this minor bug.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 11:31:13 +02:00
Werner Koch
3e730c55e7
gpg: Reword warning about decryption w/o using a non-encrypt key.
--
2020-07-14 11:01:45 +02:00
NIIBE Yutaka
31ae0718ba gpg: For decryption, support use of a key with no 'encrypt' usage.
* g10/pubkey-enc.c (get_session_key): Don't skip at no PUBKEY_USAGE_ENC.
Emit information the key has no 'encrypt' usage.

--

GnuPG-bug-id: 4246
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-10 10:00:00 +09:00
Werner Koch
212f9b20b5
gpg: Print a note if no args are given to --delete-key
--

It is a bit surprising that nothing happens if no key is specified to
--delete-key et al.  Although this is common Unix behaviour the use
might have expected that it behaves like --export and deletes all
keys.  Sure we don't do the latter, so a short notice will help.

GnuPG-bug-id: 4959
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-09 11:24:54 +02:00
Werner Koch
999d25d47d
Do not use the pinentry's qualitybar
* agent/genkey.c (agent_ask_new_passphrase): No qualitybar.
* g10/call-agent.c (agent_get_passphrase): Ditto.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--

The concept of a passphrase quality indicator is anyway questionable
because user are smart enough to trick them out and they also tend to
limit the actually used entropy.

Except for the red/green switching (to show whether constraints are
fulfilled) our qualitybar is pretty bad and thus worse than none.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-08 14:54:10 +02:00
Werner Koch
a6a4bbf6de
gpg: Use integrated passphrase repeat entry also for -c.
* g10/call-agent.c (agent_get_passphrase): Add arg newsymkey.
* g10/passphrase.c (passphrase_get): Add arg newsymkey.
(passphrase_to_dek): Pass it on.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-08 14:33:25 +02:00
Werner Koch
6864bba78e
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
* g10/encrypt.c (setup_symkey): Use default_cipher_algo function
instead of the fallback s2k_cipher_algo.  Fix error code.
(encrypt_simple): Use setup_symkey.
--

Aside of removing code duplication this patch fixes the flaw that the
S2K cipher algorithm was used when mixing public key and symmetric
encryption or signatures with symmetric encrypion.  The
default_algorithm function should be used here so that the command
line option --cipher-algo and --personal-cipher-preferences have an
effect.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-07 12:58:29 +02:00
Werner Koch
969abcf40c
sm: Exclude rsaPSS from de-vs compliance mode.
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS.  Adjust all callers.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg.  Add arg pkalgoflags.  Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags.  Pass algo flags along.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-03 16:15:29 +02:00
NIIBE Yutaka
45398518fb ecc: Support Ed448/X448 key generation.
* g10/keygen.c (ask_curve): Support Ed448/X448 keys.
(generate_keypair): Support switch to X448 key.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-30 14:20:31 +09:00
NIIBE Yutaka
a763bb2580 gpg,agent: Support Ed448 signing.
* agent/pksign.c (do_encode_eddsa): First argument is NBITs,
so that it can support Ed448, as well as Ed25519.
(agent_pksign_do): Follow the change.
* agent/sexp-secret.c (fixup_when_ecc_private_key): No fix-up needed
for Ed448, it's only for classic curves.
* common/openpgp-oid.c (oidtable): Add Ed448.
* common/sexputil.c (get_pk_algo_from_key): Ed448 is only for EdDSA.
* g10/export.c (match_curve_skey_pk): Ed448 is for EdDSA.
* g10/keygen.c (gen_ecc): Support Ed448 with the name of "ed448".
(ask_algo, parse_key_parameter_part): Handle "ed448".
* g10/pkglue.c (pk_verify): Support Ed448.
(pk_check_secret_key): Support Ed448.
* g10/sign.c (hash_for): Defaults to SHA512 for Ed448.
(make_keysig_packet): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-24 10:05:03 +09:00
NIIBE Yutaka
c94eea15d6 ecc: Use "cv448" to specify key using X448.
* common/openpgp-oid.c (oidtable): Use "cv448".
(oid_cv448): Rename from oid_x448.
(openpgp_oidbuf_is_cv448, openpgp_oid_is_cv448): Likewise.
* common/util.h (openpgp_oid_is_cv448): Follow the change.
* g10/ecdh.c (pk_ecdh_generate_ephemeral_key): Likewise.
* g10/keygen.c (gen_ecc, ask_algo): Use "cv448".
(parse_key_parameter_part): Likewise.
* g10/pkglue.c (get_data_from_sexp): Fix for debug output.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-23 10:10:29 +09:00
Werner Koch
eeb599c9e2
gpg: Fix for new SOS changes when used with Libgcrypt < 1.8.6.
* g10/free-packet.c (is_mpi_copy_broken): New.
(my_mpi_copy): Mix gcry_mpi_copy.
--

Note that in this case it is better to do a runtime check.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-09 18:16:44 +02:00
Werner Koch
96f1ed5468
gpg: Extend the TRUST_ status lines.
* g10/pkclist.c (write_trust_status): Add arg mbox.
(check_signatures_trust): Appenmd mbox to the status lines.
--

GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-09 11:00:16 +02:00
NIIBE Yutaka
da5e0bc31b gpg: Use bytes for ECDH.
* g10/ecdh.c (extract_secret_x): Use byte * instead of MPI.
(prepare_ecdh_with_shared_point): Use char * instead of MPI.
(pk_ecdh_encrypt_with_shared_point): Likewise.
(pk_ecdh_decrypt): Likewise.
* g10/pkglue.h (pk_ecdh_encrypt_with_shared_point, pk_ecdh_decrypt):
Change declaration.
* g10/pkglue.c (get_data_from_sexp): New.
(pk_encrypt): Use get_data_from_sexp instead of get_mpi_from_sexp.
Follow the change of pk_ecdh_encrypt_with_shared_point.
* g10/pubkey-enc.c (get_it): Follow the change of pk_ecdh_decrypt.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-09 15:45:51 +09:00
NIIBE Yutaka
e9760eb9e7 gpg: Add X448 support.
* common/openpgp-oid.c (oidtable): Add X448.
(oid_x448,openpgp_oidbuf_is_x448,openpgp_oid_is_x448): New.
* common/util.h (openpgp_oid_is_x448): New.
* g10/ecdh.c (gen_k): Add handling of opaque MPI and support
endianness.
(pk_ecdh_generate_ephemeral_key): X448 requires opaque MPI.
* g10/keygen.c (gen_ecc): Add support for X448.
(ask_algo, parse_key_parameter_part): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-09 14:56:50 +09:00
NIIBE Yutaka
f5bc945554 gpg,ecc: Handle external representation as SOS with opaque MPI.
* g10/pkglue.h (sexp_extract_param_sos): New.
* g10/build-packet.c (sos_write): New.
(do_key, do_pubkey_enc, do_signature): Use sos_write for ECC.
* g10/export.c (cleartext_secret_key_to_openpgp): Use
sexp_extract_param_sos.
(transfer_format_to_openpgp): Use opaque MPI for ECC.
* g10/keygen.c (ecckey_from_sexp): Use sexp_extract_param_sos.
* g10/keyid.c (hash_public_key): Handle opaque MPI for SOS.
* g10/parse-packet.c (sos_read): New.
(parse_pubkeyenc,parse_signature,parse_key): Use sos_read for ECC.
* g10/pkglue.c (sexp_extract_param_sos): New.
(pk_verify): Handle opaque MPI for SOS.
(pk_encrypt): Use sexp_extract_param_sos.
* g10/seskey.c (encode_session_key): Use opaque MPI.
* g10/sign.c (do_sign): Use sexp_extract_param_sos.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-09 10:32:47 +09:00
Werner Koch
5c2080f467
gpg: If possible TRUST values now depend on signer's UID or --sender.
* g10/mainproc.c (check_sig_and_print): Add failsafe check for PK.
Pass KEYBLOCK down do check_signatures_trust.  Protect existsing error
ocde in case the signature expired.
* g10/pkclist.c (is_in_sender_list): New.
(check_signatures_trust): Add args keyblock and pk.  Add new uid based
checking code.
* g10/test-stubs.c, g10/gpgv.c: Adjust stubs.
--

GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-08 20:13:25 +02:00
Werner Koch
c1c607a51c
doc: Minor code comment fixes.
--
2020-06-08 15:22:58 +02:00
Werner Koch
48251cf9a7
gpg: Improve generation of keys stored on card (brainpool,cv25519).
* g10/keygen.c (ask_key_flags_with_mask): Allow more than ECDH for
legacy curves.
(ask_algo): Tweak mapping of ECC to OpenPGP algos
(parse_key_parameter_part): Ditto.
(generate_subkeypair): Create the subkey with the time stored on the
card.
--

This fixes two problems with generating keys from a card:

1. The key usage is now set correctly for brainpool curves.

2. The add-key and --quick-add-key commands now also take the creation
   time from the time stored on the card.  Without that we would need
   to update the creation time and fingerprint already stored on the
   card which is a no-go if another key has already been created using
   that on-card key.

Note: To create a key on a card without an OpenPGP keyblock use
gpg-card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-03 16:22:42 +02:00
NIIBE Yutaka
510bda7d37 gpg: Clean up ECDH code path (5).
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Now, it's only for
encrytion.
(pk_ecdh_decrypt): Use prepare_ecdh_with_shared_point and move decrypt
code path in original pk_ecdh_encrypt_with_shared_point here.
* g10/pkglue.h (pk_ecdh_encrypt_with_shared_point): Change API.
* g10/pkglue.c (pk_encrypt): Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-22 11:58:21 +09:00
NIIBE Yutaka
64d93271bf gpg: Clean up ECDH code path (4).
* g10/ecdh.c (prepare_ecdh_with_shared_point): New.
(pk_ecdh_encrypt_with_shared_point): Fixing error paths for closing
the cipher handle, use prepare_ecdh_with_shared_point.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-22 11:44:36 +09:00
NIIBE Yutaka
80c02d13d9 gpg: Clean up ECDH code path (3).
* g10/ecdh.c (derive_kek): New.
(pk_ecdh_encrypt_with_shared_point): Use derive_kek.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-22 11:24:38 +09:00
NIIBE Yutaka
a973d91138 gpg: Clean up ECDH code path (2).
* g10/ecdh.c (build_kdf_params): New.
(pk_ecdh_encrypt_with_shared_point): Use build_kdf_params, and check
things before extract_secret_x.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-22 10:40:47 +09:00
NIIBE Yutaka
960d37644c gpg: Clean up ECDH code path (1).
* g10/ecdh.c (extract_secret_x): New.
(pk_ecdh_encrypt_with_shared_point): Use extract_secret_x.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-22 10:04:35 +09:00
Werner Koch
9bc9d0818b
doc: Typo fixes in code comments
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-04 14:55:34 +02:00
Werner Koch
cec397e002
gpg: Make AEAD modes subject to compliance checks.
* g10/decrypt-data.c (decrypt_data): Move aead algo detection up.
--

Note that the AEAD modes are not yet approved for --compliance=de-vs

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-16 08:52:29 +02:00
Werner Koch
5c47e7825b
indent: Some typo and indentation changes for gpg.
--
2020-04-15 22:23:10 +02:00
Werner Koch
df0edaf91a
gpg: Fix broken setting of AEAD algo.
* g10/main.h (DEFAULT_AEAD_ALGO): Set to OCB.
--

With the old code and using libgcrypt 1.9 would have switched from the
high performance OCB to the ugly EAX mode.  We are free software, we
are OCB.
2020-04-15 22:21:46 +02:00
NIIBE Yutaka
fd79cadf7b gpg: ECDH: Accept longer padding.
* g10/pubkey-enc.c (get_it): Remove check which mandates shorter
padding.

--

According to the section 8 of RFC 6637, the sender MAY use 21 bytes of
padding for AES-128 to provide 40-byte "m".

Reported-by: Metin Savignano
GnuPG-bug-id: 4908
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-08 09:29:43 +09:00
Werner Koch
15352b0eac
gpg,card: Use the new MANUFACTURER attribute.
* tools/gpg-card.h (struct card_info_s): Add manufacturer fields.
* tools/card-call-scd.c (release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* tools/gpg-card.c (get_manufacturer): Remove.
(list_card): Use the new attribute.
* g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields.
* g10/call-agent.c (agent_release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* g10/card-util.c (get_manufacturer): Remove.
(current_card_status): Use new attribute.
--

This does away with the duplicated OpenPGP vendor tables; they are now
at a better place (app-openpgp.c).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 10:44:32 +02:00
NIIBE Yutaka
ba247a114c gpg: Add regular expression support.
* AUTHORS, COPYING.other: Update.
* Makefile.am (SUBDIRS): Add regexp sub directory.
* configure.ac (DISABLE_REGEX): Remove.
* g10/Makefile.am (needed_libs): Add libregexp.a.
* g10/trustdb.c: Remove DISABLE_REGEX support.
* regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h,
  regexp/utf8.c, regexp/utf8.h: New from Jim Tcl.
* regexp/UnicodeData.txt: New from Unicode.
* regexp/Makefile.am, regexp/parse-unidata.awk: New.
* tests/openpgp/Makefile.am: Remove DISABLE_REGEX support.
* tools/Makefile.am: Remove DISABLE_REGEX support.

GnuPG-bug-id: 4843
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-03 15:30:08 +09:00
Werner Koch
4287f89557
gpg: Also allow a v5 fingerprint for --trusted-key.
* g10/trustdb.c (tdb_register_trusted_key): Add case for 32 octet
fingerprints.
--
GnuPG-bug-id: 4855

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:56:43 +01:00
Daniel Kahn Gillmor
810ea2cc68
gpg: Update --trusted-key to accept fingerprint as well as long key id.
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--

GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Fixed uses or return and kept the old string to avoid breaking
translations.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:50:52 +01:00
Werner Koch
161a098be6
gpg: Fix key expiration and usage for keys created at the Epoch.
* g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in
account.
--

Keys created at the Epoch have a creation time of 0; when figuring out
the latest signature with properties to apply to a key the usual
comparison A > B does not work if A is always 0.  We now special case
this for the expiration and usage data.

Co-authored-by: gniibe@fsij.org
GnuPG-bug-id: 4670
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 12:30:06 +01:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
6b306f45f4
gpg: New option --auto-key-import
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 18:04:47 +01:00
Werner Koch
6a4443c842
gpg: Make use of the included key block in a signature.
* g10/import.c (read_key_from_file): Rename to ...
(read_key_from_file_or_buffer): this and add new parameters.  Adjust
callers.
(import_included_key_block): New.
* g10/packet.h (PKT_signature): Add field flags.key_block.
* g10/parse-packet.c (parse_signature): Set that flags.
* g10/sig-check.c (check_signature2): Add parm forced_pk and change
all callers.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Try the included key block if no key is
available.
--

This is is the second part to support the new Key Block subpacket.
The idea is that after having received a signed mail, it is instantly
possible to reply encrypted - without the need for any centralized
infrastructure.

There is one case where this does not work: A signed mail is received
using a specified signer ID (e.g. using gpg --sender option) and the
key block with only that user ID is thus imported.  The next time a
mail is received using the same key but with a different user ID; the
signatures checks out using the key imported the last time.  However,
the new user id is not imported.  Now when trying to reply to that
last mail, no key will be found.  We need to see whether we can update
a key in such a case.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 17:14:34 +01:00
Werner Koch
865d485180
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--

This patch adds support for a to be proposed OpenPGP ferature:

  Introduce the Key Block subpacket to align OpenPGP with CMS.

  This new subpacket may be used similar to the CertificateSet of
  CMS (RFC-5652) and thus allows to start encrypted communication
  after having received a signed message.  In practice a stripped down
  version of the key should be including having only the key material
  and the self-signatures which are really useful and shall be used by
  the recipient to reply encrypted.

  #### Key Block

  (1 octet with value 0, N octets of key data)

  This subpacket MAY be used to convey key data along with a signature
  of class 0x00, 0x01, or 0x02.  It MUST contain the key used to create
  the signature; either as the primary key or as a subkey.  The key
  SHOULD contain a primary or subkey capable of encryption and the
  entire key must be a valid OpenPGP key including at least one User ID
  packet and the corresponding self-signatures.

  Implementations MUST ignore this subpacket if the first octet does not
  have a value of zero or if the key data does not represent a valid
  transferable public key.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:34:49 +01:00
Werner Koch
32493ce50a
gpg: Add property "fpr" for use by --export-filter.
* g10/export.c (push_export_filters): New.
(pop_export_filters): New.
(export_pubkey_buffer): Add args prefix and prefixlen.  Adjust
callers.
* g10/import.c (impex_filter_getval): Add property "fpr".
* g10/main.h (struct impex_filter_parm_s): Add field hexfpr.
--

The push and pop feature will help us to use the export filter
internally in gpg.  Same for the export_pubkey_buffer change.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:19:31 +01:00
Werner Koch
90fb4a69d2
doc: Add a comment to explain the signature postscript.
--

Hal Finney explained this on January 22, 2004 on a question from Peter
Gutmann on the WG list.
2020-03-12 11:05:37 +01:00
Werner Koch
41eb5108ce
gpg: Re-group the options in the --help output.
* g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to
use ARGPARSE_ignore and remove the code in the option switch.
--

This looks better and is also required for further simplifications of
gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 15:18:27 +01:00
Werner Koch
4423e9dcde
gpgconf: Support reading global options (part 2).
* tools/gpgconf-comp.c: Remove all regular option descriptions.  They
are now read in from the component.  Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--

This second part removes all regular option descriptions because they
can be read from the components.  A few were missing in the components
and thus moved to there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 10:09:26 +01:00
Werner Koch
a94daa6549
card: Add yet another vendor.
--
2020-03-03 13:37:28 +01:00
Werner Koch
3c4ab531eb
card: Add new vendor.
--
2020-03-03 11:55:08 +01:00
Werner Koch
79f2318aa5
gpg: Re-enable versioned config files
* g10/gpg.c (main): Use ARGPARSE_FLAG_USERVERS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-25 15:18:55 +01:00
Werner Koch
7e8f28653c
gpg: Re-add checking of config file permissions.
* g10/gpg.c (main): Re-add permission checking of the user config
file.  Re-add code to check against the SE-Linux secured file list.
(get_default_configname): Remove unused func.
* configure.ac (SAFE_VERSION, SAFE_VERSION_DOT)
(SAFE_VERSION_DASH): Remove.
--

Die to the switch to the new option parser, the permissions were not
anymore checked.  This patch fixes this.  Note that there there is no
checking for the global config file because that file is not expected
to be user modifiable.

This patch also adds checking against the list of SE-linux secured
files.  However, like in the old code the checking does not work in
practise because the to be checked files are added to the the list
only after option parsing.  Tested using temporary debug code.

The SAFE_VERSION macros were used for RISC OS, which is not anymore
supported, and only in the now removed get_default_configname.  There
purpose was that a RISC OS could use a modified config.h here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-25 14:09:46 +01:00
Werner Koch
2c823bd878
Use gpgrt's new option parser for gpgc, gpgsm, and gpg-agent.
* g10/gpgv.c: Use new option parser.
* sm/gpgsm.c: Ditto.
* agent/gpg-agent.c: Ditto.
(opts): Add option --no-options.
--

This is the next part of changes.  The latest libgpg-error is required
so that that re-reading options (SIGHUP) works.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 14:59:58 +01:00
Werner Koch
0e8f6e2aa9
gpg: Use gpgrt's new option parser to provide a global conf file.
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h.  Do this also for all main modules which use our option
parser except for gpg.  Replace calls to strusage by calls to
gpgrt_strusage everywhere.

* g10/gpg.c (opts): Change type to gpgrt_opt_t.  Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t.  Rework the option
parser to make use of the new gpgrt_argparser.
--

This is not yet finished but a make check works.  gpg has the most
complex and oldest option handling and thus this is the first
migration target.  SE-Linux checks and version-ed config files are
missing and will be added later.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 11:13:32 +01:00
NIIBE Yutaka
41913d76f7 gpg: Fix default-key selection when card is available.
* g10/getkey.c (get_seckey_default_or_card): Handle the case
when card key is not suitable for requested usage.

--

Cherry-pick stable commit of:
	1cdd9e57f701f0d99d118d32adffe5216a94b0b2

GnuPG-bug-id: 4850
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-02-19 11:05:25 +09:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
86312b920a
gpg: New option --full-timestrings.
* g10/options.h (opt): Add flags.full_timestrings.
* g10/gpg.c (oFullTimestrings): New.
(opts): New option.
(main): Set new flag.
* g10/keyid.c (dateonlystr_from_pk): New.
(dateonlystr_from_sig): New.
(datestr_from_pk): Divert to isotimestamp if requested.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
* g10/import.c (impex_filter_getval): Use dateonlystr_from_sig and
dateonlystr_from_pk.
--

Quite helpful for debugging keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:09 +01:00
Werner Koch
14ac350f86
gpg: Changes to allow direct key generation from an OpenPGP card.
* g10/call-agent.h (struct keypair_info_s): Add fields keytime and
usage.
* g10/call-agent.c (struct keypairinfo_cb_parm_s): New.
(scd_keypairinfo_status_cb): Rework to store parsed KEYPAIRINFO data.
(agent_scd_keypairinfo): Change accordingly.
(agent_scd_readkey): Add arg ctrl and change callers.  Change return
arg from an strlist_t to a keypair_info_t.
(readkey_status_cb): Use KEYPAIRINFO instead of KEY-TIME.
* g10/keygen.c (pSUBKEYCREATIONDATE): New.
(pAUTHKEYCREATIONDATE): New.
(get_parameter_u32): Allow for new parameters.
(do_create_from_keygrip): For card keys use direct scd call which does
not create a stub file.
(ask_algo): Rework to use the new keypair_info_t as return from
agent_scd_keypairinfo.
(parse_key_parameter_part): Likewise.  Also get and return the key
creation time using a arg.
(parse_key_parameter_string): New args r_keytime and r_subkeytime.
(parse_algo_usage_expire): New arg r_keytime.
(proc_parameter_file): Ignore the explict pCREATIONDATE for card keys.
(quickgen_set_para): New arg keytime.
(quick_generate_keypair): Get the keytimes and set the pCARDKEY flag.
(generate_keypair): Likewise.
(do_generate_keypair): Implement the cardkey with keytime thingy.
(generate_subkeypair): Use the keytime parameters.
* g10/keygen.c (pAUTHKEYCREATIONDATE): New.  Not yet set but may come
handy later.
(get_parameter_u32): Take care of that.
(do_generate_keypair): For cardkeys sign with the current time.
--

Key generation direct from the card used to work for all cards except
the OpenPGP cards. The key generation from card using an OpenPGP card
is special because the fingerprint is stored on the card and we must
make sure that the newly created key has the same fingerprint.  This
requires that we take the key creation date as stored on the card into
account.

Along with the recent change in gpg-agent this change also fixes a
problem with existing stub files.

Note that with a key take from a card the self-signature are created
with the current time and not the creation time.  This allows to
better distinguish keys created using the same card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:04 +01:00
Werner Koch
8c63430d1a
gpg: Rename the struct card_key_info_s.
* g10/call-agent.h (struct card_key_info_s): Rename to ...
(struct keypair_info_s): this.
(keypair_info_t): New.  Use this everywhere instead of
card_key_info_s.
* g10/call-agent.c (agent_scd_free_keyinfo): Rename to ..
(free_keypair_info): this.  Change all callers.
--

The struct is also useful to store the data from KEYPAIRINFO status
lines.  Thus renaming it makes sense.  A future patch will extend the
struct.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-12 17:29:51 +01:00
Werner Koch
9c719c9c1f
gpg: Improve key creation direct from the card.
* g10/call-agent.c (readkey_status_cb): New.
(agent_scd_readkey): Add new arg r_keytime and allow NULL for
r_result.  Change all callers.
(agent_readkey): Minor code reformatting.
* g10/keygen.c (pCARDKEY): New.
(struct para_data_s): Add u.bool.
(get_parameter_bool): New.
(do_create_from_keygrip): Add arg cardkey and make use of it.
(ask_algo): Add args r_cardkey and r_keytime.  Read the keytime of the
selected card key and return it.
(generate_keypair): Store CARDKEY and KEYTIME.
(do_generate_keypair): Pass CARDKEY to do_create_from_keygrip.
(generate_subkeypair): Ditto.
--

This allows to first create keys on the card (e.g. using gpg-card)
even without having any public key for OpenPGP.  Then the key
generation option 14 (cardkey) can be used to create a primary OpenPGP
key from the key on the card.

There are still a couple of problems related to the agent which
creates the stub key and may run into problems if creating a second
key from the card.  This will be fixed in a future patch.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-11 20:51:33 +01:00
Werner Koch
24095101a5
common: Extend the openpgp_curve_to_oid function.
* common/openpgp-oid.c (openpgp_curve_to_oid): Add optional arg R_NBITS.
Change all callers.
--

In particular for ed25519 and cv25519 it is quite useful to have an
ability to get the required algorithm.
2020-02-11 14:40:54 +01:00
Werner Koch
6aff8a1328
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7)

- Applied respective chnages also to gpg-card and keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:50:47 +01:00
Werner Koch
5681b8eaa4
gpg: Make really sure that --verify-files always returns an error.
* g10/verify.c (verify_files): Track the first error code.
--

It seems to be possible to play tricks with packet structures so that
log_error is not used for a bad input data.  By actually checking the
return code and let the main driver in gpg call log_error, we can fix
this case.

Note that using gpg --verify-files and relying solely on gpg's return
code is at best a questionable strategy.  It is for example impossible
to tell which data has been signed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 15:32:55 +01:00
Werner Koch
fb6ff7ead7
scd:openpgp: Let the genkey function also accept a full keyref.
* scd/app-openpgp.c (send_key_attr): Use log_assert.
(do_genkey): Allow prefix.
--

It is more uniform to always use full keyref (e.g. "OPENPGP.1")
instead of just the key number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 00:33:51 +01:00
Werner Koch
3a1fa13eed
common: New function get_keyalgo_string.
* common/openpgp-oid.c (struct keyalgo_string_s): New.
(keyalgo_strings): New.
(keyalgo_strings_size, keyalgo_strings_used): New.
(get_keyalgo_string): New.
--

This function is intended as a more general version of gpg's
pubkey_string function.  It has the advantage to avoid mallocs and
uses static table of algorithm strings instead.  There should be only
a few dozen of such strings (if at all) and thus all those allocations
we do internally in gpg's pubkey_string and the static buffers all
over the place are not too nice.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 21:26:35 +01:00
Werner Koch
49c891a9bf
common: Add OpenPGP<->Gcrypt pubkey id mapping functions.
* g10/misc.c (map_pk_gcry_to_openpgp): Move to ...
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): here and rename.
Change all 4 callers.
(map_openpgp_pk_to_gcry): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 14:04:18 +01:00
Werner Koch
8bbc4f0d2c
card: Add new OpenPGP card vendor.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-28 15:49:18 +01:00
Werner Koch
bf931299e8
gpg: Fix printing of keyring name (regression in master)
* g10/keydb.c (keydb_get_resource_name):
--

Fixes-commit: aba82684fe14289cf62b4694bc398f3a274b4762
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-21 11:17:18 +01:00
Werner Koch
da2ccfdbeb
card: Add new OpenPGP card vendor
--
2020-01-21 11:15:47 +01:00
Werner Koch
cff5facc7f
build: Require libgpg-error 1.37
--
2020-01-21 08:56:34 +01:00
NIIBE Yutaka
8748c50bfa gpg: Prefer card key on use in multiple subkeys situation.
* g10/call-agent.c (keyinfo_status_cb): Parse more fields.
(agent_probe_secret_key): Use KEYINFO and returns bigger value
representing the preference.
* g10/getkey.c (finish_lookup): For subkeys, select one
by using value of agent_probe_secret_key.

--

GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-17 16:09:01 +09:00
NIIBE Yutaka
853d5b7677 gpg: Prepare enhancement of agent_probe_secret_key.
* g10/call-agent.c (agent_probe_secret_key): Change semantics of
return value.
* g10/call-agent.h (agent_probe_secret_key): Change comment.
* g10/delkey.c (do_delete_key): Follow the change.
* g10/getkey.c (get_seckey, parse_def_secret_key): Likewise.
(finish_lookup, have_secret_key_with_kid): Likewise.
* g10/gpgv.c (agent_probe_secret_key): Likewise.
* g10/keyedit.c (keyedit_menu, quick_find_keyblock): Likewise.
(show_key_with_all_names_colon): Likewise.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Likewise
* g10/test-stubs.c (agent_probe_secret_key): Likewise.

--

GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-17 16:09:01 +09:00
Werner Koch
3ccad75d76
gpg: Print better debug info in case of broken sig subpackets.
* g10/parse-packet.c (enum_sig_subpkt): Print a hexdump.
--

A test key for this is 02DF08F5FD356BF27F5F7B838921B5DCCD15A883 .
A key listing in verbose mode will now yield

  gpg: DBG: buffer shorter than subpacket (10/9/25);\
       dump: 19100d87e54973647cff

The error here is that the packet length is 0x19 but what follows is a
long keyid (subpacket 16) which is shorter.  The debug output might be
helpful to better analyze broken signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-16 14:44:28 +01:00
NIIBE Yutaka
8edd4b8b8c gpg: Use "SCD KEYINFO" to get available card keys.
* g10/skclist.c (enum_secret_keys): Don't use agent_scd_cardlist and
agent_scd_serialno, but agent_scd_keyinfo.

--

When there are multiple cards/tokens, this change can avoid switching
card of foreground access.

GnuPG-bug-id: 4784
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 13:05:27 +09:00
NIIBE Yutaka
8240a70c31 gpg: Add agent_scd_keyinfo to retrieve available card keys.
* g10/call-agent.c (card_keyinfo_cb, agent_scd_free_keyinfo)
(agent_scd_keyinfo): New.
* g10/call-agent.h: Define new functions.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 13:01:46 +09:00
NIIBE Yutaka
1aa2a0a46d gpg: default-key: Simply don't limit by capability.
* g10/getkey.c (parse_def_secret_key): Remove the check.

--

GnuPG-bug-id: 4810
Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 10:28:15 +09:00
NIIBE Yutaka
9287f9e87b gpg: Cert only key should be usable with --default-key.
* g10/getkey.c (parse_def_secret_key): Allow cert-only key.

--

GnuPG-bug-id: 4810
Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-15 14:27:36 +09:00
Werner Koch
14aa797bb8
gpg,sm: Avoid useless ASFW diagnostic in loopback mode.
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 15:20:49 +01:00
Werner Koch
c0625c15c1
scd: Minor fix for readibility.
* scd/command.c (open_card_with_request): Use NULL instead of
APPTYPE_NULL.
--

Using the enum is wrong because a string is expected.  However it did
harm anything because the value of the enum is 0 and thus equivalent
to NULL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-03 11:43:55 +01:00
Werner Koch
a230bac339
Update wk's signing key
--
The expiration time of that smartcard based key has been prolonged
by 2 years.
2020-01-01 19:05:16 +01:00
Werner Koch
59d49e4a0a
gpg: Fix output of --with-secret if a pattern is given.
* g10/keylist.c (list_one): Probe for a secret key in --with-secret
mode.
--

In contrast to list_all(), list_one() did not tests for a secret key
and took MARK_TRUSTED verbatim as an indication for "secret key
available".

GnuPG-bug: 4061
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-23 12:40:44 +01:00
Werner Koch
8a6ecc6ff5
dirmngr: Tell gpg about WKD looks resulting from a cache.
* dirmngr/server.c (proc_wkd_get): Print new NOTE status
"wkd_cached_result".
* g10/call-dirmngr.c (ks_status_cb): Detect this and print a not ein
verbose mode.
--

This little patch is helpful to see why a WKD change still does not
work after it has been updated on the server.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-06 20:04:56 +01:00
Werner Koch
1abb39fdaf
gpg: Use AKL for angle bracketed mail address with -r.
* g10/getkey.c (get_pubkey_byname): Extend is_mbox checking.
(get_best_pubkey_byname): Ditto.
--

With this patch it is now possible to use

  gpg -e -r '<foo@example.org>'

and auto key locate will find the key.  Without that a plain mail
address; i.e.

  gpg -e -r 'foo@example.org'

was required.

GnuPG-bug-id: 4726
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-04 14:39:42 +01:00
Werner Koch
d2ff62dbdf
gpg: Change the way v5 fingerprints are printed.
* g10/gpg.h (MAX_FORMATTED_FINGERPRINT_LEN): Increase by one.
* g10/keyid.c (format_hexfingerprint): Change v5 key formatting.
--

The new format are groups of 5 letters to resemble the CW speed
measurement rules.  Many hams are used to such blocks from their CW
lessons.  Note that there is no double blank in the middle as with the
v4 keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 12:05:32 +01:00
Werner Koch
7244666926
gpg: Implement insert, update, and delete via keyboxd.
* g10/call-keyboxd.c (struct store_parm_s): New.
(store_inq_cb): New.
(keydb_update_keyblock): Implement the keyboxd part.
(keydb_insert_keyblock): Ditto.
(keydb_delete_keyblock): Ditto.
(keydb_search_reset): Clear ubid flag.  Also use the correct union
member for building the search string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:23:32 +01:00
Werner Koch
915297705a
kbx: Redefine the UBID which is now the primary fingerprint.
* common/util.h (UBID_LEN): New.  Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.

* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.

* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new.  Change all callers.

* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'.  Seek using the
ubid.  Take care of the mode.
--

It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob.  In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash.  Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference.  Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:16:13 +01:00
Werner Koch
61f41cdce5
gpg: Move a keydb function to another file.
* g10/keydb.c (build_keyblock_image): Move to ...
* g10/build-packet.c (build_keyblock_image): here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-27 11:58:47 +01:00
Werner Koch
d9c7935188
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
* doc/DETAILS: Specify new status code "NOTE".
* dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a
bad TLS certificate.
* g10/call-dirmngr.c (ks_status_cb): Detect this status.
--

For example a

  gpg -v --locate-external-keys dd9jn@posteo.net

now yields

  gpg: Note: server uses an invalid certificate
  gpg: (further info: bad cert for 'posteo.net': \
                      Hostname does not match the certificate)
  gpg: error retrieving 'dd9jn@posteo.net' via WKD: Wrong name
  gpg: error reading key: Wrong name

(without -v the "further info" line is not shown).  Note that even
after years Posteo is not able to provide a valid certificate for
their .net addresses.  Anyway, this help to show the feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-18 18:26:55 +01:00
Werner Koch
ae9acb8745
dirmngr: Forward http redirect warnings to gpg.
* dirmngr/http.c: Include dirmngr-status.h
(http_prepare_redirect): Emit WARNING status lines for redirection
problems.
* dirmngr/http.h: Include fwddecl.h.
(struct http_redir_info_s): Add field ctrl.
* dirmngr/ks-engine-hkp.c (send_request): Set it.
* dirmngr/ks-engine-http.c (ks_http_fetch): Set it.
* g10/call-dirmngr.c (ks_status_cb): Detect the two new warnings.
--

This should make it easier to diagnose problems with bad WKD servers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-18 18:24:02 +01:00
Werner Koch
dd18be979e
gpg: Forbid the creation of SHA-1 third-party key signatures.
* g10/sign.c (SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): New.
(do_sign): Add arg signhints and inhibit SHA-1 signatures.  Change
callers to pass 0.
(complete_sig): Add arg signhints and pass on.
(make_keysig_packet, update_keysig_packet): Set signhints.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-11 11:41:00 +01:00
Werner Koch
6701a38f8e
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
* g10/import.c (import_one_real): Don't do the final clean in the
merge case.
--

This fixes a regression introduced with self-sigs-only.

GnuPG-bug-id: 4628
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 15:07:25 +01:00
Werner Koch
e624c41dba
gpg: Add option --allow-weak-key-signatures.
* g10/gpg.c (oAllowWeakKeySignatures): New.
(opts): Add --allow-weak-key-signatures.
(main): Set it.
* g10/options.h (struct opt): Add flags.allow_weak_key_signatures.
* g10/misc.c (print_sha1_keysig_rejected_note): New.
* g10/sig-check.c (check_signature_over_key_or_uid): Print note and
act on new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 10:36:17 +01:00
Werner Koch
f4047f5605
gpg: Print rfc4880bis note only in verbose mode.
* g10/gpg.c (main): Change condition for an info diagnostic.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 09:24:38 +01:00
Werner Koch
a1f8ca7eee
doc: Make clear that by default RFC-4880bis features are used.
--
2019-11-07 09:07:30 +01:00
Werner Koch
fd88b8847a
gpg: Remove an unused variable.
* g10/delkey.c (do_delete_key): here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:47:29 +01:00
Werner Koch
584b65ad7e
gpg: Do not require --batch when using --log-file.
* g10/gpg.c (main): Remove a long standing FIXME.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:44:50 +01:00
NIIBE Yutaka
e2c2b0fb2d gpg: More fix of get_best_pubkey_byname.
* g10/getkey.c (get_best_pubkey_byname): Remove useless req_usage
setting of CTX.

Fixes-commit: f2734381ae1431e395a0bed16df2f4d5d13aa2c5
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-17 10:46:34 +09:00
NIIBE Yutaka
286d4c6075 gpg: Fix two other cases in get_best_pubkey_byname.
* g10/getkey.c (pubkey_cmp): Handle a primary key with
PUBKEY_USAGE_ENC, and make sure new key is for encryption.
(get_best_pubkey_byname): Add comment for ranking.

GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-17 09:23:26 +09:00
NIIBE Yutaka
f2734381ae gpg: Fix get_best_pubkey_byname to consider the first match.
* g10/getkey.c (get_best_pubkey_byname): Always use PK0 to search
by get_pubkey_byname.  Add initial call to pubkey_cmp to fill
BEST at first before the loop.

--

Fixes-commit: 44604209c1cfe18532d13eda63d8c1f86a6e12ec
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-16 15:58:26 +09:00
Werner Koch
d1bc12d1b6
gpg: Also delete key-binding signature when deleting a subkey.
* g10/delkey.c (do_delete_key): Simplify and correct subkey deletion.
--

GnuPG-bug-id: 4665, 4457
Fixes-commit: cc6069ac6ecd57dcbb808f28d54fd9f89dc55014
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-15 14:30:57 +02:00
NIIBE Yutaka
44604209c1 gpg: Put the first key in candidates correctly.
* g10/getkey.c (get_best_pubkey_byname): After the call of
get_pubkey_byname, set up CTX with KEYDB_SEARCH_MODE_LONG_KID to enter
the loop.

--

Fixes-commit: 7535f1d47a35e30f736f0e842844555f7a4a9841
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-15 19:18:26 +09:00
NIIBE Yutaka
7535f1d47a gpg: The first key should be in candidates.
* g10/getkey.c (get_best_pubkey_byname): Handle the first key
as the initial candidate for the selection.

--

GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-09 09:45:11 +09:00
NIIBE Yutaka
e28572116f gpg: Fix a memory leak in get_best_pubkey_byname.
* g10/getkey.c (get_best_pubkey_byname): Free the public key parts.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-07 10:41:01 +09:00
Werner Koch
7d9aad63c4
gpg: Ignore all SHA-1 signatures in 3rd party key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): No cut-off date
and remove debug output.
--

With 2.2 we do not not support SHA-1 key signatures anymore even if
that means that the WoT shrinks.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-03 18:20:59 +02:00
Werner Koch
c4f2d9e3e1
gpg: Be prepared for chosen-prefix SHA-1 collisions in key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): Reject cewrtain
SHA-1 based signatures.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-03 17:43:26 +02:00
Werner Koch
63dbc817e7
gpg: Read the UBID from the keybox and detect wrong blob type.
* g10/keydb-private.h (struct keydb_handle_s): Add fields for UBID.
* g10/call-keyboxd.c (search_status_cb): New.
(keydb_search): Set new UBID fields.
--

The UBID is not yet used but may come handy later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:11:54 +02:00
Werner Koch
a605dbb430
gpg: Fix --recv-key in case of a given fingerprint.
* g10/keyserver.c (keyserver_retrieval_screener): Compare against
actual length.
--

This was a long standing and annoying regression due to changes
for v5 keys.  Really simple to fix :-).

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-30 18:03:31 +02:00
Werner Koch
ec81c437e7
gpg: Fix expand GPG groups when resolving a key
* g10/expand-group.c (expand_group): Add arg prepend_input.
* g10/pkclist.c (build_pk_list): Adjust for it.
* g10/getkey.c (key_byname): Keep the expanded names in the CTX and
don't premature free them.
(get_pubkey_byname): Append the namelist to the extra_list.
--

The original patch didn't kept the expanded list in the context and
also would duplicate names which are not group names.  The latter does
not really harm but the former lead to a use after free.  Original
patch was applied just a few weeks ago.

Fixes-commit: e825aea2ba3529c333d7ec2c76e63998cb83d999
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-30 14:08:13 +02:00
Werner Koch
b966a7c142
gpg: Fix a recently introduced printf format buglet.
* g10/parse-packet.c (dump_sig_subpkt): Fix format error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:57:52 +02:00
Werner Koch
9698761933
Merge branch 'switch-to-gpgk' into master
--
Resolved Conflicts:

* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:44:23 +02:00
Werner Koch
4be79b5abe
kbx,gpg: Allow lookup using a UBID.
* common/userids.c (classify_user_id): Detect UBIDs.
* kbx/backend-cache.c (blob_table_put): Store the public key type.
(be_cache_search): Add search mode for UBIDs.
* kbx/backend.h (struct db_request_part_s): Add cache.seqno_ubid.
* g10/keydb.c (keydb_search_desc_dump): Fix printing of keygrip.  Add
ubid printing.
* g10/call-keyboxd.c (keydb_search): Support search by UBID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 10:05:07 +02:00
Werner Koch
d38f877bd8
doc: Minor doc updates and a typo fix.
--
2019-09-25 16:21:30 +02:00
Werner Koch
ce9906b008
gpg: First rough implementation of keyboxd access for key lookup.
* g10/Makefile.am: Add nPth flags.
* g10/gpg.c: Include npth.h.
(gpg_deinit_default_ctrl): Deinit call-keyboxd local data.
(main): Init nPth.
* g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and
remove the search result and the assuan context.
* g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields.
(lock_datastream, unlock_datastream): New.
(gpg_keyboxd_deinit_session_data): Adjust for changed data structures.
(prepare_data_pipe): New.
(open_context): Return kbl instead of an Assuan context.  Init mutexes
etc.
(close_context): Merge into ...
(keydb_release): here.  Adjust for changed data structures.
(datastream_thread): New.
(keydb_get_keyblock): Implement datastream stuff.
(keydb_search): Ditto.

* common/asshelp.c (wait_for_sock): Add arg connect_flags.
(start_new_service): Set FDPASSING flag for the keyboxd.
--

This code as a lot of rough edges, in particular it relies on a well
behaving keyboxd.  We need to add code to shutdown the datastream
reader thread in case of errors and to properly get it up again.  We
also need to make really sure that both threads run in lockstep so
that the datastream thread is only active while we are sending a
command to the keyboxd.

We should also see whether we can depend nPth initialization on the
--use-keyboxd option to avoid any problems with nPth.

And we need to test on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 16:05:54 +02:00
Werner Koch
2f0fdab8aa
common: Allow a readlimit for iobuf_esopen.
* common/iobuf.c (file_es_filter_ctx_t): Add fields use_readlimit and
readlimit.
(file_es_filter): Implement them.
(iobuf_esopen): Add new arg readlimit.
* g10/decrypt-data.c (decrypt_data): Adjust for change.
* g10/import.c (import_keys_es_stream): Ditto.
--

This comes handy for (length,datablob) style streams.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 15:45:58 +02:00
Werner Koch
aba82684fe
gpg: New option --use-keyboxd.
* g10/gpg.c (oUseKeyboxd,oKeyboxdProgram): New consts.
(opts): New options --use-keyboxd and --keyboxd-program.
(main): Implement them.
* g10/keydb.c: Move some defs out to ...
* g10/keydb-private.h: new file.
* g10/keydb.c: prefix function names with "internal" and move original
functions to ...
* g10/call-keyboxd.c: new file.  Divert to the internal fucntion if
--use-keyboxd is used.  Add a CTRL arg to most fucntions and change
all callers.
* g10/Makefile.am (common_source): Add new files.
(noinst_PROGRAMS): Do bot build gpgcompose.
--

Note that this is just the framework with only a basic implementation
of searching via keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-09 15:01:47 +02:00
Stephan Mueller
e825aea2ba
gpg: expand GPG groups when resolving a key
* g10/expand-group.c: New
* g10/pkclist.c: Extract expand_group and expand_id into expand-group.c.
* g10/keydb.h: Add prototypes of expand_id and expand_group.
* g10/getkey.c: Use expand_group before resolving key references.
* g10/Makefile.am: Compile expand-group.c.
--

When searching a key by its name, try to expand the provided name in
case it is a GPG group reference. This GPG group resolution is performed
before the individual keys are verified.

This allows key listing using a GPG group reference. In particular, this
modification fixes the encryption to group support in KDE's Kmail which
is broken since version 18.04.

Signed-off-by: Stephan Mueller <stephan.mueller@atsec.com>

- Changed new filename to use a dash instead of an underscore.
- Indendation changes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-06 17:12:38 +02:00
Werner Koch
d9c4c3776b
gpg: Make --quiet work on --send-keys.
* g10/keyserver.c (keyserver_put): Act upon --quiet.
--

Suggested-by: Robin H. Johnson <robbat2@gentoo.org>
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-06 16:48:53 +02:00
Werner Koch
209caaff66
gpg: Prepare parser for the new attestation certificates.
* common/openpgpdefs.h (SIGSUBPKT_ATTST_SIGS): New.
* g10/keydb.h (IS_ATTST_SIGS): New.
(IS_CERT): Include the new one.
* g10/sign.c (mk_notation_policy_etc): Do not put notations into
attestation key signatures.
* g10/parse-packet.c (dump_sig_subpkt): Add new arg digest_algo.
Print the attestation sigs.
(parse_one_sig_subpkt): Support SIGSUBPKT_ATTST_SIGS.
(can_handle_critical): Ditto.
(enum_sig_subpkt): Pass digest algo to dump_sig_subpkt.
--

This change allows to list the new subpacket with --list-packets.
Example output:

  :signature packet: algo 22, keyid C694723A1370EAB1
          version 4, created 1567097576, md5len 0, sigclass 0x16
          digest algo 8, begin of digest ff 0c
          hashed subpkt 2 len 4 (sig created 2019-08-29)
          hashed subpkt 37 len 32 (attst-sigs: 1
                                   A794C6E9CCFE2F34C67E07[...])
          hashed subpkt 33 len 21 (issuer fpr v4 156A3872[...])
          subpkt 16 len 8 (issuer key ID C694723A1370EAB1)
          data: [256 bits]
          data: [256 bits]

GnuPG-bug-id: 4694
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 21:27:13 +02:00
Werner Koch
e1d9be730c
gpg: Rework the signature subpacket iteration function.
* g10/parse-packet.c (enum_sig_subpkt): Replace first arg by two args
so that the entire signature packet is available.  Change all callers.
(parse_sig_subpkt): Ditto.
--

This patch is a prerequisite to support the new attestation key
signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 20:38:23 +02:00
Werner Koch
e64f0dfd72
gpg,sm: Implement keybox compression run and release lock in gpgsm
* g10/keydb.c (keydb_add_resource): Call keybox_compress.
* sm/keydb.c (keydb_add_resource): Release the lock after a compress.
--

Note that in gpgsm we already did the compress run but we didn't
released the lock on the file.  This might have been a reason for some
strange hangs.

GnuPG-bug-id: 4644
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 15:51:43 +02:00
Werner Koch
d058d80ed0
gpg: Allow --locate-external-key even with --no-auto-key-locate.
* g10/getkey.c (akl_empty_or_only_local): New.
* g10/gpg.c (DEFAULT_AKL_LIST): New.
(main): Use it here.
(main) <aLocateExtKeys>: Set default AKL if none is set.
--

This better matches the expectations of the user.  The used list in
this case is the default list ("local,wkd") with local ignored by the
command anyway.

GnuPG-bug-id: 4662
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 13:22:15 +02:00
Werner Koch
d7aca1bef6
gpg: Silence some warning messages during -Kv.
* g10/options.h (glo_ctrl): Add flag silence_parse_warnings.
* g10/keylist.c (list_all): Set that during secret key listsings.
* g10/parse-packet.c (unknown_pubkey_warning): If new flag is set do
 not print info message normally emitted inh verbose mode.
(can_handle_critical_notation, enum_sig_subpkt): Ditto.
(parse_signature, parse_key, parse_attribute_subpkts): Ditto.
--

Those messages are annoying because they might be emitted due to
parsing public keys which are latter not shows because the secret part
is missing.  No functional regressions are expected because --verbose
should not change anything.

Note that this suppression is only done if no arguments are given to
the command; that is if a listing of the entire keyring is requested.
Thus to see the earnings anyway, a listing of a single or group of
keys can be requested.

GnuPG-bug-id: 4627
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 12:50:41 +02:00
Werner Koch
f14ddeb89c
gpg: Do not show two informational diagnostics with quiet.
* g10/trustdb.c (verify_own_keys): Silence informational diagnostic.
--

This silences these notes with --quiet
  gpg: Note: RFC4880bis features are enabled.
  gpg: key EE65E8C75D41FD1D marked as ultimately trusted

GnuPG-bug-id: 4634
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 11:45:49 +02:00
Werner Koch
d3f5d8544f
gpg: Extend --quick-gen-key for creating keys from a card.
* g10/keygen.c (parse_key_parameter_part): Add arg R_KEYGRIP and
support the special algo "card".
(parse_key_parameter_string): Add args R_KEYGRIP and R_SUBKEYGRIP.
Handle the "card" algo.  Adjust callers.
(parse_algo_usage_expire): Add arg R_KEYGRIP.
(quickgen_set_para): Add arg KEYGRIP and put it into the parameter
list.
(quick_generate_keypair): Handle algo "card".
(generate_keypair): Also handle the keygrips as returned by
parse_key_parameter_string.
(ask_algo): Support ed25519 from a card.
--

Note that this allows to create a new OpenPGP key from an initialized
OpenPGP card or from any other supported cards.  It has been tested
with the TCOS Netkey card.  Right now a stub file for the cards might
be needed; this can be achieved by running "gpgsm --learn" with the
card plugged in.

Example:

  gpg --quick-gen-key foo@example.org card

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-22 16:38:27 +02:00
Werner Koch
b3226d91d0
gpg: Use modern spelling for the female salutation.
--
GnuPG-bug-id: 4682

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-22 10:24:16 +02:00
NIIBE Yutaka
6f760e6eb0 gpg: Factor export_ssh_key.
* g10/export.c (export_one_ssh_key): Factor out.
(export_ssh_key): Use export_one_ssh_key.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-22 14:18:05 +09:00
Werner Koch
ce403c74db
gpg: In a list of card keys show the standard keys.
* g10/keygen.c (ask_algo): Identify the standard keys.
--

The asterisks mark the usages of a key as retruned by scd via the
$AUTHKEYID et al. attributes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-21 15:26:34 +02:00
Werner Koch
c97c2e578d
gpg: New option --use-only-openpgp-card
* g10/gpg.c (opts): Add option.
(main): Set flag.
* g10/options.h: Add flags.use_only_openpgp_card.
* g10/call-agent.c (start_agent): Implement option.
--

With the previous patch we switch to autoselect an application
instead of requesting an openpgp card.  This option allows to revert
this in case of use use cases which expected the former behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c185f6dfbd1bfd809369da789239a371e9d1610e)
This was first added to the 2.2 branch.
2019-08-21 14:13:51 +02:00
Werner Koch
1f980d23af
kbx: Allow writing using a estream.
* kbx/keybox-file.c (_keybox_write_header_blob): New optional arg
stream.  Change callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 15:01:21 +02:00
NIIBE Yutaka
d8a49bbcd1 gpg: Don't report NO_SECKEY for valid key.
* g10/mainproc.c (proc_encrypted): Report status of STATUS_NO_SECKEY
only when some error occurred.

--

Fixes-commit: 6cc4119ec03be61c78189a0bec99372035289b91
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-06 11:12:07 +09:00
Daniel Kahn Gillmor
3ba091ab8c gpg,gpgsm: Handle pkdecrypt responses with/without NUL terminators.
* g10/call-agent.c (agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.
* sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.

GnuPG-bug-id: 4652
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-07-26 09:53:33 +09:00
NIIBE Yutaka
fd9e6ae22e gpg: photoid: Use standard spawn API.
* g10/photoid.c (exec_write, exec_read, exec_finish): Remove.
(setup_input_file): Rename from make_tempdir.
(expand_args): Drop support of 'o' and 'O'.
(fill_command_argv, run_with_pipe, create_temp_file) New.
(show_photo): New with gnupg_spawn_process_fd and gnupg_wait_process.
(show_photos): Call show_photo.

GnuPG-bug-id: 4362
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-25 11:41:37 +09:00
NIIBE Yutaka
c57c5004ec gpg: photoid: Move functions from exec.c.
* g10/exec.c (w32_system): Expose to public.
(exec_write, exec_read, exec_finish, make_tempdir, expand_args): Move
to photoid.c.
* g10/exec.h: Likewise.
* g10/photoid.c (exec_write, exec_read, exec_finish, make_tempdir)
(expand_args): Move here.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-25 11:21:58 +09:00
NIIBE Yutaka
7bfbb9fa7e gpg: A little clean up.
* g10/keyserver.c: Don't include exec.h.
* g10/photoid.c (image_type_to_string): It's constant.
* g10/photoid.h (image_type_to_string): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-23 12:04:21 +09:00
NIIBE Yutaka
fcd766719a gpg: The option --passphrase= can be empty.
* g10/gpg.c (opts): Use ARGPARSE_o_s for oPassphrase to allow
empty string.

GnuPG-bug-id: 4633
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-19 17:17:15 +09:00
NIIBE Yutaka
98f4eff7ff card: Fix showing KDF object attribute.
* g10/call-agent.c (learn_status_cb): Parse the KDF DO.
* g10/card-util.c (current_card_status): Show it correctly.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-19 13:26:49 +09:00
NIIBE Yutaka
9c0cd9d075 card: Support disabling KDF functionality.
* g10/card-util.c (kdf_setup): Can be "off".

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-19 13:23:54 +09:00
NIIBE Yutaka
44be675b75 gpg: More check for symmetric key encryption.
* g10/dek.h (DEK): Use debugger friendly type of unsigned int.
* g10/mainproc.c (symkey_decrypt_seskey): Add another check.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-18 11:02:34 +09:00
NIIBE Yutaka
89303b9998 gpg: Don't try decryption by session key when NULL.
* g10/mainproc.c (proc_encrypted): Only call get_session_key when
PKENC_LIST is not NULL.
Return GPG_ERR_BAD_KEY, instead of GPG_ERR_NO_SECKEY, when
it's encrypted only by symmetric key.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-12 09:26:00 +09:00
NIIBE Yutaka
29c7fb4053 gpg: Fix getting User ID.
* g10/getkey.c (user_id_db): Remove, as no use anymore.
(get_user_id_string): Use cache_get_uid_bykid.
(get_user_id_byfpr): Use cache_get_uid_byfpr.
* g10/objcache.c (cache_get_uid_byfpr): New.
* g10/objcache.h (cache_get_uid_byfpr): New.

Fixes-commit: 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-11 12:32:44 +09:00
NIIBE Yutaka
33c17a8008 gpg: Improve import slowness.
* g10/import.c (read_block): Avoid O(N^2) append.
(sec_to_pub_keyblock): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-10 15:42:07 +09:00
NIIBE Yutaka
a7a043e825 gpg: Fix keyring retrieval.
* g10/keyring.c (keyring_get_keyblock): Avoid O(N^2) append.

GnuPG-bug-id: 4592
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-10 15:06:54 +09:00
Werner Koch
a29156d5a6
gpg: Do not try the import fallback if the options are already used.
* g10/import.c (import_one): Check options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-09 11:13:51 +02:00
Werner Koch
eec150eca7
gpg: Fix regression in option "self-sigs-only".
* g10/import.c (read_block): Make sure KEYID is availabale also on a
pending packet.
--

Reported-by: Phil Pennock
Fixes-commit: 2e349bb6173789e0e9e42c32873d89c7bc36cea4
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-09 11:12:20 +02:00
Werner Koch
96bf8f4778
gpg: With --auto-key-retrieve prefer WKD over keyservers.
* g10/mainproc.c (check_sig_and_print): Print a hint on how to make
use of the preferred keyserver.  Remove keyserver lookup just by the
keyid.  Try a WKD lookup before a keyserver lookup.
--

The use of the the keyid for lookups does not make much sense anymore
since for quite some time we do have the fingerprint as part of the
signature.

GnuPG-bug-id: 4595
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-05 10:33:13 +02:00
NIIBE Yutaka
6cc4119ec0 gpg: Return the last error for pubkey decryption.
* g10/mainproc.c (proc_encrypted): Check ->result against -1.
When c->dek == NULL, put GPG_ERR_NO_SECKEY only when not set.
* g10/pubkey-enc.c (get_session_key): Set k->result by the result of
get_it.
When no secret key is available for some reasons, return the last
specific error, if any.

GnuPG-bug-id: 4561
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-05 15:16:08 +09:00
Werner Koch
23c9786408
gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
* g10/gpg.c (main): Change default.
--

Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures.  That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.

To revert to the old behavior add

  keyserver-optiions  no-self-sigs-only,no-import-clean

to gpg.conf.

GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:45:39 +02:00
Werner Koch
91a6ba3234
gpg: Avoid printing false AKL error message.
* g10/getkey.c (get_pubkey_byname): Add special traeatment for default
and skipped-local.
--

This change avoids error message like

  gpg: error retrieving 'foo@example.org' via None: No public key

A 'None' mechanism is something internal.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:21:39 +02:00
Werner Koch
d00c8024e5
gpg: New command --locate-external-key.
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname.  Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto.  Pass on to get_best_pubkey_byname.
--

This new command is a shortcut for

  --auto-key-locate nodefault,clear,wkd,... --locate-key

and uses the default or configured AKL list but does so without local.

See also
GnuPG-bug-id: 4599

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:13:26 +02:00
Werner Koch
9980f81da7
gpg: Make the get_pubkey_byname interface easier to understand.
* g10/keydb.h (enum get_pubkey_modes): New.
* g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and
change all callers.
--

This change prepares the implementation of GET_PUBKEY_NO_LOCAL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 10:42:48 +02:00
Werner Koch
3a403ab04e
gpg: Fallback to import with self-sigs-only on too large keyblocks.
* g10/import.c (import_one): Rename to ...
(import_one_real): this.  Do not print and update stats on keyring
write errors.
(import_one): New.  Add fallback code.
--

GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 21:53:55 +02:00
Werner Koch
2e349bb617
gpg: New import and keyserver option "self-sigs-only"
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--

This option is intended to help against importing keys with many bogus
key-signatures.  It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.

GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 15:15:30 +02:00
Werner Koch
894b72d796
gpg: Make read_block in import.c more flexible.
* g10/import.c: Change arg 'with_meta' to 'options'.  Change callers.
--

This chnage allows to pass more options to read_block.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 15:15:29 +02:00
Daniel Kahn Gillmor
d7d1ff4557 spelling: Fix "synchronize"
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-06-23 20:21:02 -04:00
Werner Koch
4256e9f0f1
gpg: Very minor code cleanup.
* g10/decrypt-data.c (decrypt_data): Remove superfluous test.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-21 11:42:59 +02:00
NIIBE Yutaka
537fbe13af g10: Block signals in g10_exit.
* g10/gpg.c (g10_exit): Block all signals before calling
emergency_cleanup.

--

There is a race condition here which results crash of the process.
When a signal is delivered in emergency_cleanup, it is called again.
This change fixes the problem.

GnuPG-bug-id: 2747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 13:39:46 +09:00
NIIBE Yutaka
20acc7c022 g10,agent: Support CONFIRM for --delete-key.
* agent/call-pinentry.c (agent_get_confirmation): Add call of
pinentry_loopback_confirm.
(agent_popup_message_start): Likewise.
(agent_popup_message_stop): Return if it's loopback mode.
* agent/command.c (pinentry_loopback_confirm): New.

* g10/call-agent.c (default_inq_cb): Support "CONFIRM" inquery
when PINENTRY_MODE_LOOPBACK mode.
(confirm_status_cb): New.
(agent_delete_key): Supply confirm_status_cb to set the description
string for confirmation.

--

In the Assuan communication, we introduce new interaction:

    [gpg]                            [gpg-agent]
            --- CMD: PKDECRYPT -->
            <-- STATUS: SETDESC "..."
            <-- STATUS: SETOK "..."
            <-- STATUS: SETNOTOK "..."
            <-- INQUERY: CONFIRM 0/1 (0 for display, 1 for user query)
	    --- INQUERY-result: -->
	    <-- RESULT: ...

GnuPG-bug-id: 3465
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 09:17:21 +09:00
Werner Koch
b6289af973
gpg: Fixed i18n markup of some strings.
* g10/tofu.c: Removed some translation markups which either make no
sense or are not possble.
--

Error message which are not helpful for the user but indicate a
problem of the installation or the code do not need a translation.
The translator may not understand them correctly and the use support
can't immediately locate the problem because it needs to be reverse
translated.

There is also one case where certain grammar constructs are
assumed (concatenating parts of a sentence at runtime).  Better do not
translate that than getting weird sentences.
2019-05-27 12:55:06 +02:00
Werner Koch
cc6069ac6e
gpg: Allow deletion of subkeys with --delete-[secret-]key.
* common/userids.c (classify_user_id): Do not set the EXACT flag in
the default case.
* g10/export.c (exact_subkey_match_p): Make static,
* g10/delkey.c (do_delete_key): Implement subkey only deleting.
--

GnuPG-bug-id: 4457
2019-05-27 10:40:38 +02:00
NIIBE Yutaka
265e6d6706 g10: Copy expiredate from primary key when marked expired.
* g10/getkey.c (merge_selfsigs): Update ->expiredate of subkey.

--

GnuPG-bug-id: 3343
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-23 09:40:01 +09:00
Werner Koch
4c7d63cd5b
gpg: Do not bail on an invalid packet in the local keyring.
* g10/keydb.c (parse_keyblock_image): Treat invalid packet special.
--

This is in particular useful to run --list-keys on a keyring with
corrupted packets.  The extra flush is to keep the diagnostic close to
the regular --list-key output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-21 17:27:42 +02:00
Werner Koch
156788a43c
gpg: Do not allow creation of user ids larger than our parser allows.
* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.
--

This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us.  Test case is

  gpg --batch --passphrase 'abc' -v  \
      --quick-gen-key $(yes 'a'| head -4000|tr -d '\n')

GnuPG-bug-id: 4532
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-21 16:25:56 +02:00
Werner Koch
126caa34bb
gpg: Unify the the use of the print_pubkey_info functions.
* g10/keylist.c (format_seckey_info): Remove.
(print_pubkey_info, print_seckey_info): Remove.
(format_key_info): New.
(print_key_info): New.
(print_key_info_log): New.
* g10/card-util.c (current_card_status): Use print_key_info and remove
the useless condition on KEYBLOCK.
* g10/delkey.c (do_delete_key): Replace print_pubkey_info and
print_seckey_info by print_key_info.
* g10/keyedit.c (menu_addrevoker): Replace print_pubkey_info by
print_key_info.
* g10/pkclist.c (do_we_trust_pre): Ditto.
* g10/revoke.c (gen_desig_revoke): Ditto.
(gen_revoke): Ditto.  Also use print_key_info_log instead of separate
functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-21 13:02:32 +02:00
Werner Koch
110a455017
gpg: Do not delete any keys if --dry-run is passed.
* g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs.
Do not clear the ownertrust.  Do not let the agent delete the key.
--

Co-authored-by: Matheus Afonso Martins Moreira
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-20 12:31:55 +02:00
Werner Koch
386bacd974
gpg: Fix using --decrypt along with --use-embedded-filename.
* g10/options.h (opt): Add flags.dummy_outfile.
* g10/decrypt.c (decrypt_message): Set this global flag instead of the
fucntion local flag.
* g10/plaintext.c (get_output_file): Ignore opt.output if that was
used as a dummy option aslong with --use-embedded-filename.
--

The problem here was that an explicit specified --decrypt, as
meanwhile suggested, did not work with that dangerous
--use-embedded-filename.  In contrast it worked when gpg decrypted as
a side-effect of parsing the data.

GnuPG-bug-id: 4500
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-17 13:40:24 +02:00
Werner Koch
7e5847da0f
gpg: Improve the photo image viewer selection.
* g10/exec.c (w32_system): Add "!ShellExecute" special.
* g10/photoid.c (get_default_photo_command): Use the new ShellExecute
under Windows and fallbac to 'display' and 'xdg-open' in the Unix
case.
(show_photos): Flush stdout so that the output is shown before the
image pops up.
--

For Unix this basically syncs the code with what we have in gpg 1.4.
Note that xdg-open may not be used when running as root which we
support here.

For Windows we now use ShellExecute as this seems to be preferred over
"cmd /c start"; however this does not solve the actual problem we had
in the bug report.  To solve that problem we resort to a wait
parameter which defaults to 400ms.  This works on my Windows-10
virtualized test box.  If we can figure out which simple viewers are
commonly installed on Windows we should enhance this patch to test for
them.

GnuPG-bug-id: 4334
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-17 12:47:13 +02:00
Daniel Kahn Gillmor
392e59a3d4
gpg: enable OpenPGP export of cleartext keys with comments
* g10/export.c (cleartext_secret_key_to_openpgp): ignore trailing
sublists in private-key S-expression.

--

When gpg-agent learns about a private key from its ssh-agent
interface, it stores its S-expression with the comment attached.  The
export mechanism for OpenPGP keys already in cleartext was too brittle
because it would choke on these comments.  This change lets it ignore
any additional trailing sublists.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gnupg-Bug-Id: 4490
2019-05-15 09:02:31 +02:00
Werner Koch
22e274f839
sm: Change keydb code to use the keybox locking.
* kbx/keybox-init.c (keybox_lock): New arg TIMEOUT.  Change all
callers to pass -1 when locking.
* sm/keydb.c (struct resource_item): Remove LOCKANDLE.
(struct keydb_handle): Add KEEP_LOCK.
(keydb_add_resource): Use keybox locking instead of a separate dotlock
for testing whether we can run a compress.
(keydb_release): Reset KEEP_LOCK.
(keydb_lock): Set KEEP_LOCK.
(unlock_all): Take care of KEEP_LOCK.
(lock_all): Use keybox_lock instead of dotlock fucntions.
(keydb_delete): Remove arg UNLOCK.
* sm/delete.c (delete_one): Adjust keydb_delete.  Due to the KEEP_LOCK
the keydb_release takes care of unlocking.
--

This aligns the code more with g10/keydb.c and avoids the separate
calls to dotlock_take.

GnuPG-bug-id: 4505
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-14 13:36:08 +02:00
Werner Koch
7102d9b798
gpg: Do not print a hint to use the deprecated --keyserver option.
* g10/keyserver.c (keyserver_search): Remove a specialized error
message.
--

Dirmngr comes with a default keyserver and the suggestion to use
gpg --keyserver
is not good because that option is deprecated.  An error message
"No keyserver available" is sufficient.

GnuPG-bug-id: 4512
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-14 07:56:10 +02:00
NIIBE Yutaka
802a2aa300 g10: Fix possible null dereference.
* g10/armor.c (armor_filter): Access ->d in the internal loop.

--

GnuPG-bug-id: 4494
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-05-14 11:20:07 +09:00
Werner Koch
484d6ba589
gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
* g10/sign.c (update_keysig_packet): Convert digest algo when needed.
--

Several gpg commands try to keep most properties of a key signature
when updating (i.e. creating a new version of a key signature).  This
included the use of the current hash-algorithm.  This patch changes
this so that SHA-1 or RMD160 are replaced by SHA-256 if
possible (i.e. for RSA signatures).  Affected commands are for example
--quick-set-expire and --quick-set-primary-uid.

GnuPG-bug-id: 4508
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-13 19:01:28 +02:00
Werner Koch
d07666412d
gpg: Cleanup use of make_keysig_packet.
* g10/sign.c (make_keysig_packet): Remove obsolete arg diegst_algo
which was always passed as 0.  Change all callers.

* g10/gpgcompose.c (signature): Warn when trying to set a digest algo.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-13 12:39:17 +02:00
Werner Koch
bd6ecbb8f8
gpg: Use just the addrspec from the Signer's UID.
* g10/parse-packet.c (parse_signature): Take only rthe addrspec from a
Signer's UID subpacket.
--

This is to address a problem in the currentr OpenKeychain which put
the entire UID into the subpacket.  For example our Tofu code can only
use the addrspec and not the entire UID.

Reported-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-03 10:54:31 +02:00
Werner Koch
5f3864fb64
sm: Add yet inactive options to support authenticode
* sm/gpgsm.c (opts): New options --authenticode and --attribute.
* sm/gpgsm.h (opt): Add vars authenticode and attribute_list.
* sm/sign.c (add_signed_attribute): New but inactive.
(gpgsm_sign): Use new options.
--

Because libksba 1.4 is not yet ready the new code is not yet active.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-30 08:28:54 +02:00
Andre Heinecke
e57954ed27 g10: Fix double free when locating by mbox
* g10/getkey.c (get_best_pubkey_byname): Set new.uid always
to NULL after use.

--
pubkey_cmp is not guranteed to set new.uid.
So if the diff < 0 case is reached best is set to new.

If then diff > 0 is reached without modifying new.uid
e.g. if the key has no matching mboxes. new.uid is
free'd even though the uid is still referenced in
best.

GnuPG-Bug-Id: T4462
2019-04-18 14:24:58 +02:00
NIIBE Yutaka
a861f9343d g10: Fix a memory leak.
* g10/import.c (import): Care PNDING_PKT on error.

--

GnuPG-bug-id: 4461
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-17 09:58:07 +09:00
Werner Koch
64a5fd3727
gpg: New caching functions.
* g10/objcache.c: New.
* g10/objcache.h: New.
* g10/Makefile.am (common_source): Add them.
* g10/gpg.c: Include objcache.h.
(g10_exit): Call objcache_dump_stats.
* g10/getkey.c: Include objcache.h.
(get_primary_uid, release_keyid_list): Remove.
(cache_user_id): Remove.
(finish_lookup): Call the new cache_put_keyblock instead of
cache_user_id.
(get_user_id_string): Remove code for mode 2.
(get_user_id): Implement using cache_get_uid_bykid.
--

This generic caching module is better than the ad-hoc code we used in
getkey.c.  More cleanup in getkey is still required but it is a
start.  There is also a small performance increase with the new cache:

With a large keyring and --list-sigs I get these numbers:

|      | before     | after      |
|------+------------+------------|
| real | 14m1.028s  | 12m16.186s |
| user |  2m18.484s |  1m36.040s |
| sys  | 11m42.420s | 10m40.044s |

Note the speedup in the user time which is due to the improved cache
algorithm.  This is obvious, because the old cache was just a long
linked list; the new cache are two hash tables.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-13 11:48:58 +02:00
Werner Koch
60f3845921
gpg: Cache a once computed fingerprint in PKT_public_key.
* g10/packet.h (PKT_public_key): Add fields fpr and fprlen.
* g10/keyid.c (do_fingerprint_md): Remove.
(compute_fingerprint): New.
(keyid_from_pk): Simplify.
(fingerprint_from_pk): Simplify.
(hexfingerprint): Avoid using extra array.
--

This is similar to what we are doing with the keyid for a long time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-12 11:11:09 +02:00
Werner Koch
1b1f649dea
gpg: Accept also armored data from the WKD.
* g10/keyserver.c (keyserver_import_wkd): Clear NO_ARMOR.
--

We may even adjust the specs to allow that.  It should not be a
problem for any OpenPGP implementation because armored keys are very
common and de-armoring code is de-facto a mandatory feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-11 09:55:27 +02:00
Werner Koch
40595b5793
gpg: Set a limit of 5 to the number of keys imported from the WKD.
* g10/import.c (import): Limit the number of considered keys to 5.
(import_one): Return the first fingerprint in case of WKD.
--

The Web Key Directory should carry only one key.  However, some
providers like to put old or expired keys also into the WKD.  I don't
thunk that this is a good idea but I heard claims that this is needed
for them to migrate existing key data bases.

This patch puts a limit on 5 on it (we had none right now) and also
fixes the issue that gpg could not work immediately with the requested
key because the code uses the fingerprint of the key to use the
imported key.  Now the first key is used.  On a second try (w/o
accessing the WKD) the regular key selection mechanism would be in
effect.  I think this is the most conservative approach.  Let's see
whether it helps.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-11 09:55:27 +02:00
Werner Koch
ea32842d5c
gpg: Fix printing of the user id during import.
* g10/getkey.c (struct keyid_list): Add field fprlen.
(cache_user_id): Set and test it.
(get_user_id_byfpr): Make static, add arg fprlen and use it.
(get_user_id_byfpr_native): Add arg fprlen and change all callers.
--

This was a regression in the 2.3 base.
GnuPG-bug-id: 3801

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-05 17:02:43 +02:00
Werner Koch
2c9b68f28d
gpg: Improve the code to decrypt using PIV cards.
* g10/call-agent.c (agent_scd_keypairinfo): Add arg 'keyref'.
* g10/keygen.c (ask_algo): Adjust.
* g10/skclist.c (enum_secret_keys): Request the keyref directly.
--

This improves commit ec6a6779236a89d4784a6bb7de0def9cc0f9e8a4 to avoid
looping over all keypairinfos.  This way scdaemon does not need to
compute all the keypairinfos for all keys of a card.  This patch is
possible due the enhanced READKEY command in scdaemon.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 17:45:35 +02:00
Werner Koch
ec6a677923
gpg: Allow decryption using PIV cards.
* g10/call-agent.c (struct getattr_one_parm_s): New.
(getattr_one_status_cb): New.
(agent_scd_getattr_one): New.
* g10/pubkey-enc.c (get_it): Allow the standard leading zero byte from
pkcs#1.
* g10/skclist.c (enum_secret_keys): Handle non-OpenPGP cards.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 15:30:10 +02:00
Werner Koch
2b1135cf92
scd: New standard attributes $ENCRKEYID and $SIGNKEYID.
* g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo.
* sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto.
* scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and
"$SIGNKEYID".
* scd/app-piv.c (do_getattr): Ditto.
--

We already have $AUTHKEYID to locate the keyref of the key to be used
with ssh.  It will also be useful to have default keyref for
encryption and signing.  For example, this will allow us to repalce
the use of "OPENPGP.2" by a app type specific keyref.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 13:16:22 +02:00
Werner Koch
1f688e0d1d
gpg: Avoid endless loop if a card's serial number can't be read.
* g10/skclist.c (enum_secret_keys): Move list forward on error.
--

The error is not easy to reproduce but may occur if a card is removed
at the wrong time.  Tested by changing the code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-03 11:26:14 +02:00
Werner Koch
2d3392c147
gpg: Print modern style key info for non-decryptable keys.
* g10/mainproc.c (print_pkenc_list): Simplify.
--

This changes the output from

# ------------------------ >8 ------------------------
  gpg: encrypted with 2048-bit RSA key, ID D20073D46DF6C97D, created 2019-04-02
        "Test with PIV card"

to

  gpg: encrypted with rsa2048 key, ID D20073D46DF6C97D, created 2019-04-02
        "Test with PIV card"

Signed-off-by: Werner Koch <wk@gnupg.org>
# ------------------------ 8< ------------------------
2019-04-03 09:04:49 +02:00
Werner Koch
a480182f9d
gpg: Allow direct key generation from card with --full-gen-key.
* g10/call-agent.c (agent_scd_readkey): New.
* g10/keygen.c (ask_key_flags): Factor code out to ..
(ask_key_flags_with_mask): new.
(ask_algo): New mode 14.
--

Note that this new menu 14 is always displayed.  The usage flags can
be changed only in --expert mode, though.  Creating and using signing
keys works but decryption does not yet work; we will need to tweak a
couple of other places for that.  Tested with a Yubikey's PIV app.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-02 18:57:09 +02:00
Werner Koch
9ed1aa56c4
sm: Show the usage flags when generating a key from a card.
* g10/call-agent.c (scd_keypairinfo_status_cb): Also store the usage
flags.
* sm/call-agent.c (scd_keypairinfo_status_cb): Ditto.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Print the usage flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-01 19:58:33 +02:00
Werner Koch
e47524c34a
gpg: Prepare card code to allow other than OpenPGP cards.
* g10/call-agent.c (start_agent): Use card app auto selection.
* g10/card-util.c (current_card_status): Print the Application type.
(card_status): Put empty line between card listings.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-01 19:24:33 +02:00
Werner Koch
0fad61de15
gpg: New card function agent_scd_keypairinfo.
* g10/call-agent.c (scd_keypairinfo_status_cb)
(agent_scd_keypairinfo): New.  Taken from gpgsm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-01 18:37:02 +02:00
Werner Koch
334b16b868
gpg: Remove two unused card related functions.
* g10/call-agent.c (inq_writekey_parms): Remove.
(agent_scd_writekey): Remove.
(agent_clear_pin_cache): Remove this stub.
2019-04-01 18:34:19 +02:00
Werner Koch
3a4534d826
gpg: Remove unused arg in a card related function.
* g10/call-agent.c (agent_scd_setattr): Remove unused arg serialno.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-01 18:13:43 +02:00
Trevor Bentley
4324560b2c gpg: Don't use EdDSA algo ID for ECDSA curves.
* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.

--

This change matters when it is called from ask_card_keyattr.

Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
2019-03-27 11:03:58 +09:00
Werner Koch
5205512fc0
gpg: Allow import of PGP desktop exported secret keys.
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic.  Change to take ownership of
arg keyblock.  Implement extra secret key import logic.  Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--

The PGP desktops exported secret keys are really stupid.  And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):

  [...]  Implementations SHOULD include self-signatures on any user
  IDs and subkeys, as this allows for a complete public key to be
  automatically extracted from the transferable secret key.
  Implementations MAY choose to omit the self-signatures, especially
  if a transferable public key accompanies the transferable secret
  key.

Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.

GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-18 13:07:14 +01:00
Werner Koch
f799e9728b
gpg: Avoid importing secret keys if the keyblock is not valid.
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t.   Return an
error code if sec_to_pub_keyblock failed.  Resync secret keyblock.
--

When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway.  This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key.  After importing
the public key the secret keys suddenly showed up.

This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.

Caution: The ecc.scm test now fails because two of the sample keys
         don't have binding signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 20:41:38 +01:00
Werner Koch
f64477db86
gpg: During secret key import print "sec" instead of "pub".
* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'.  Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info.  Do
not print the first  keyinfo in FROM_SK mode.
printing.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 19:14:34 +01:00
Werner Koch
f06b6fe47f
gpg: Simplify an interactive import status line.
* g10/cpr.c (write_status_printf): Escape CR and LF.
* g10/import.c (print_import_check): Simplify by using
write_status_printf and hexfingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 13:03:34 +01:00
Werner Koch
3e1f3df618
gpg: Fix recently introduced use after free.
* g10/mainproc.c (proc_plaintext): Do not use freed memory.
--

GnuPG-bug-id: 4407
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 08:55:06 +01:00
Werner Koch
bdda31a26b
kbx: Unify the fingerprint search modes.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16)
(KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove.  Switch
all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value.
--

These search modes were added over time and there has until recently
be no incentive to remove the cruft.  With the change for v5 keys I
finally went over all places and allowed the generic fingerprint mode
along with a given length of the fingerprint at all places.
Consequently the other modes can now be removed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 14:55:06 +01:00
Werner Koch
caf4b3fc16
gpg: Make rfc4880bis the default.
* g10/gpg.c (set_compliance_option, main): Change CO_GNUPG to include
rfc4880bis features.
(main): Change rfc4880bis warning to a note.
--

Note that the default is CO_GNUPG and not CO_OPENPGP.  CO_OPENPGP does
not include rfc4880bis yet and has a couple of things we don't like,
like --allow-non-selfsigned-uids.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
01c87d4ce2
gpg: Implement v5 keys and v5 signatures.
* g10/build-packet.c (gpg_mpi_write): New optional arg
R_NWRITTEN.  Allow NULL for OUT.  Change all callers.
(do_key): Support v5 keys.
(build_sig_subpkt_from_sig): Support 32 byte fingerprints.
* g10/parse-packet.c (parse_signature): First try to set the keyid
from the issuer fingerprint.
(parse_key): Support v5 keys.
(create_gpg_control): Better make sure to always allocate the static
size of the struct in case future compilers print warnings.
* g10/keyid.c (hash_public_key): Add v5 support.
(keyid_from_pk): Ditto.
(keyid_from_fingerprint): Ditto.
(fingerprint_from_pk): Ditto.
* g10/keygen.c (KEYGEN_FLAG_CREATE_V5_KEY): New.
(pVERSION, pSUBVERSION): New.
(add_feature_v5): New.
(keygen_upd_std_prefs): Call it.
(do_create_from_keygrip): Add arg keygen_flags and support the v5
flag.
(common_gen): Support the v5 flag.
(parse_key_parameter_part): New flags v4 and v5.
(parse_key_parameter_string): Add args for version and subversion.
(read_parameter_file): New keywords "Key-Version" and
"Subkey-Version".
(quickgen_set_para): Add arg 'version'.
(quick_generate_keypair, generate_keypair): Support version parms.
(do_generate_keypair): Support v5 key flag.
(generate_subkeypair): Ditto.
(generate_card_subkeypair): Preparse for keyflags.
(gen_card_key): Ditto.
* g10/sig-check.c (check_signature2): Add args extrahash and
extrahashlen.
(check_signature_end): Ditto.
(check_signature_end_simple): Ditto.  Use them.
* g10/mainproc.c (proc_plaintext): Put extra hash infor into the
control packet.
(do_check_sig): Add args extrahas and extrahashlen and pass them on.
(issuer_fpr_raw): Support 32 byte fingerprint.
(check_sig_and_print): get extra hash data and pass it on.
--

Note that this is only basic support and requires more fine
tuning/fixing.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
f40e9d6a52
kbx: Add support for 32 byte fingerprints.
* common/userids.c (classify_user_id): Support 32 byte fingerprints.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR32): New.
(struct keydb_search_desc): Add field fprlen.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field
version and increase size of fpr to 32.
* kbx/keybox-blob.c: Define new version 2 for PGP and X509 blobs.
(struct keyboxblob_key): Add field fprlen and increase size of fpr.
(pgp_create_key_part_single): Allow larger fingerprints.
(create_blob_header): Implement blob version 2 and add arg want_fpr32.
(_keybox_create_openpgp_blob): Detect the need for blob version 2.
* kbx/keybox-search.c (blob_get_first_keyid): Support 32 byte
fingerprints.
(blob_cmp_fpr): Ditto.
(blob_cmp_fpr_part): Ditto.
(has_fingerprint): Add arg fprlen and pass on.
(keybox_search): Support KEYDB_SEARCH_MODE_FPR32 and adjust for
changed has_fingerprint.
* kbx/keybox-openpgp.c (parse_key): Support version 5 keys.
* kbx/keybox-dump.c (_keybox_dump_blob): Support blob version 2.

* g10/delkey.c (do_delete_key): Support KEYDB_SEARCH_MODE_FPR32.
* g10/export.c (exact_subkey_match_p): Ditto.
* g10/gpg.c (main): Ditto.
* g10/getkey.c (get_pubkey_byfprint): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
* g10/keydb.c (keydb_search_desc_dump): Support
KEYDB_SEARCH_MODE_FPR32 and adjust for changed KEYDB_SEARCH_MODE_FPR.
(keydb_search): Add new arg fprlen and change all callers.
* g10/keyedit.c (find_by_primary_fpr): Ditto.
* g10/keyid.c (keystr_from_desc): Ditto.
* g10/keyring.c (keyring_search): Ditto.
* g10/keyserver.c (print_keyrec): Ditto.
(parse_keyrec): Ditto.
(keyserver_export): Ditto.
(keyserver_retrieval_screener): Ditto.
(keyserver_import): Ditto.
(keyserver_import_fprint): Ditto.
(keyidlist): Ditto.
(keyserver_get_chunk): Ditto.

* g10/keydb.c (keydb_search): Add new arg fprlen and change all
callers.

* sm/keydb.c (keydb_search_fpr): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
--

This prepares the support for OpenPGP v5 keys.  The new version 2 blob
format is needed for the longer fingerprints and we also use this
opportunity to prepare for storing the keygrip in the blob for faster
lookup by keygrip.  Right now this is not yet functional.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
a21ca3a1ef
gpg: Implemented latest rfc4880bis version 5 packet hashing.
* configure.ac (AC_CHECK_SIZEOF): Test size_t.
* g10/sig-check.c (check_signature_end_simple): Support v5 signatures
as per current rfc4880bis.  For correctness also allow for N > 2^32.
* g10/sign.c (pt_extra_hash_data_t): New.
(hash_sigversion_to_magic): New arg EXTRAHASH.
(write_plaintext_packet): New arg R_EXTRAHASH.
(write_signature_packets): Pass EXTRAHASH.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
--

Take care: The code path for v5 sigs has not yet been tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
NIIBE Yutaka
f199b627ce Fix the previous commit.
* g10/ecdh.c (kek_params_table): Revert the change.
* scd/app-openpgp.c (ecdh_params): Use CIPHER_ALGO_AES256
for 384-bit key.

--

Avoiding CIPHER_ALGO_AES192 is intentional here.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-03-14 08:23:38 +09:00
NIIBE Yutaka
af3efd149f g10: Fix symmetric cipher algo constant for ECDH.
* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
ECC strength 384, according to RFC-6637.

--

Reported-by: Trevor Bentley
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-03-13 09:12:14 +09:00
Werner Koch
db87132b10
gpg: Make invalid primary key algos obvious in key listings.
* g10/keylist.c (print_key_line): Print a warning for invalid algos.
--

Non-OpenPGP compliant keys now show a warning flag on the sec or pub
line like in:

  gpg: can't encode a 256 bit MD into a 88 bits frame, algo=8
  sec   cv25519 2019-01-30 [INVALID_ALGO]
        4239F3D606A19258E7A88C3F9A3F4F909C5034C5
  uid           [ultimate] ffffff

Instead of showing the usage flags "[CE]".  Without this patch only
the error message is printed and the reason for it was not immediately
obvious (cv25519 is encryption only but we always consider the primary
key as having the "C" flag).

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-05 12:39:11 +01:00
Werner Koch
140fda8c61
gpg: Emit an ERROR status if no key was found with --list-keys.
* g10/keylist.c (list_one): Emit status line.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-30 14:40:26 +01:00
Werner Koch
346a98fabe
gpg: Allow generating Ed25519 key from an existing key.
* g10/misc.c (map_pk_gcry_to_openpgp): Add EdDSA mapping.
--

Due to this missing mapping a "gpg --export --full-gen-key" with
selection "13 - Existing key" did not worked for an ed25519 key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-30 11:28:14 +01:00
Werner Koch
f382984966
common: Provide some convenient OpenPGP related constants.
* common/openpgpdefs.h (OPENPGP_MAX_NPKEY): New.
(OPENPGP_MAX_NSKEY): New.
(OPENPGP_MAX_NSIG): New.
(OPENPGP_MAX_NENC): New.
* g10/packet.h: Define PUBKEY_MAX using the new consts.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-29 18:20:34 +01:00
Werner Koch
54f88afba4
gpg: Fix just changed agent_get_s2k_count.
* g10/call-agent.c (agent_get_s2k_count): Actually return the count.
--

The previous push was definitely a bit to hasty.
Fixes-Commit: ec13b1c562e34c0fcbc7b848ab6dc187b79cf2c1

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-26 23:17:54 +01:00
Werner Koch
ec13b1c562
gpg: Move S2K encoding function to a shared file.
* g10/passphrase.c (encode_s2k_iterations): Move function to ...
* common/openpgp-s2k.c: new file.  Remove default intialization code.
* common/openpgpdefs.h (S2K_DECODE_COUNT): New to keep only one copy.
* g10/call-agent.c (agent_get_s2k_count): Change to return the count
and print an error.
* agent/protect.c: Include openpgpdefs.h
* g10/card-util.c (gen_kdf_data): Adjust for changes
* g10/gpgcompose.c: Include call-agent.h.
(sk_esk): Adjust for changes.
* g10/passphrase (passphrase_to_dek): Adjust for changes.
* g10/main.h (S2K_DECODE_COUNT): Remove macro.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-26 23:10:38 +01:00
Werner Koch
f97dc55ff1
gpg: Stop early when trying to create a primary Elgamal key.
* g10/misc.c (openpgp_pk_test_algo2): Add extra check.
--

The problem is that --key-gen --batch with a parameter file didn't
detect that Elgamal is not capable of signing and so an error was only
triggered at the time the self-signature was created.  See the code
comment for details.

GnuPG-bug-id: 4329
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-22 10:06:15 +01:00
NIIBE Yutaka
dafffa95b2 gpg: Report STATUS_NO_SECKEY when it is examined.
* g10/packet.h (struct pubkey_enc_list): Add result.
* g10/mainproc.c (proc_pubkey_enc): Initialize ->result.
(proc_encrypted): Report STATUS_NO_SECKEY status.
* g10/pubkey-enc.c (get_session_key): Set ->result.

--

This change is for GPGME compatibility.  Before this change,
gpgme/tests/json/t-json failed with t-decrypt-verify.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-01-16 10:27:21 +09:00
NIIBE Yutaka
ebf775eb16 card: Suppress error message by agent_scd_cardlist.
* g10/call-agent.c (agent_scd_cardlist): Add
FLAG_FOR_CARD_SUPPRESS_ERRORS.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-12-12 10:28:51 +09:00
Werner Koch
e7252ae57f
gpg: In search-keys return "Not found" instead of "No Data".
* g10/keyserver.c (keyserver_search): Check for NO_DATA.
--

GnuPG-bug-id: 3830
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-11 12:29:58 +01:00
NIIBE Yutaka
e154fba30b g10: Fix print_pubkey_info new line output.
* g10/keylist.c (print_pubkey_info): Reverse the condition.

--

This mistakes were introduced when replacing by estream.

It resulted 'gpg --card-status' from a process with no controlling
terminal fails.

Fixes-commit: fb2ba98963beea249474f5d6d7345cf9b4b7f570
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-12-05 16:44:59 +09:00
Werner Koch
c6e2ee0207
gpg: Prepare revocation keys for use with v5 keys.
* g10/packet.h (struct revocation_key): Add field 'fprlen'.
* g10/parse-packet.c (parse_revkeys): Set fprlen and allow for v5
keys.  Also fix reading of unitialized data at place where
MAX_FINGERPRINT_LEN is used.
* g10/revoke.c (gen_desig_revoke): Allow for v5 keys and use fprlen.
Do an explicit compare to avoid reading unitialized data.
* g10/sig-check.c (check_revocation_keys): Use the fprlen.
* g10/getkey.c (merge_selfsigs_main): Do an explicit copy to avoid
reading unitialized data.
* g10/import.c (revocation_present): Use fprlen.
* g10/keyedit.c (show_key_with_all_names): Use fprlen.
(menu_addrevoker): Use fprlen.  Allow for v5 keys.
* g10/keygen.c (keygen_add_revkey): Use fprlen.
(parse_revocation_key): Allow for v5 keys.
* g10/keyid.c (keyid_from_fingerprint): Allow for v5 keys.  Print a
better error message in case of bogus fingerprints.
* g10/keylist.c (print_revokers): Use fprlen.
--

The reading of uninitialized data is harmless but we better fix it to
make valgrind happy.  More serious was that we always passed
MAX_FINGERPRINT_LEN but we will need to support 20 and 32 octet
fingerprints and MAX_FINGERPRINT_LEN would be too large for a v4.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-04 15:43:19 +01:00
Werner Koch
0e8bf20479
gpg: New list-option "show-only-fpr-mbox".
* g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox".
* g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New.
* g10/keylist.c (list_keyblock_simple): New.
(list_keyblock): Call it.
(list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX
mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-04 15:31:41 +01:00
Jussi Kivilinna
73e74de0e3 g10/mainproc: disable hash contexts when --skip-verify is used
* g10/mainproc.c (proc_plaintext): Do not enable hash contexts when
opt.skip_verify is set.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-12-01 13:43:10 +02:00
Werner Koch
cd64af003d
gpg: Improve error message about failed keygrip computation.
* g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-30 12:36:40 +01:00
Werner Koch
e5c3a6999a
doc: Clarify use of clear and nodefault in the AKL.
--
2018-11-21 09:20:56 +01:00
Werner Koch
1e700961dd
gpg: Start using OCB mode by default with Libgcrypt 1.9.
* g10/main.h (GCRYPT_VERSION_NUMBER): Fix type in condition.
--

GnuPG-bug-id: 4259
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 09:19:10 +01:00
NIIBE Yutaka
e955ca245e card: Display UIF setting.
* g10/call-agent.h (agent_card_info_s): Add UIF fields.
* g10/call-agent.c (learn_status_cb): Put UIF DOs info.
* g10/card-util.c (current_card_status): Output for UIF.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-15 13:57:31 +09:00
NIIBE Yutaka
05d163aebc scd: Make "learn" report about KDF data object.
* scd/app-openpgp.c (do_learn_status): Report KDF attr.
* g10/card-util.c (current_card_status): Output KDF for with_colons.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-15 13:56:27 +09:00
NIIBE Yutaka
a5542a4a70 card: Display if KDF is enabled or not.
* g10/call-agent.h (kdf_do_enabled): New field.
* g10/call-agent.c (learn_status_cb): Set kdf_do_enabled if available.
* g10/card-util.c (current_card_status): Inform the availability.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-15 12:31:11 +09:00
Werner Koch
6b9f772914
common: Prepare for parsing mail sub-addresses.
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement.  Change all callers to pass false for it.

* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--

Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it.  After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.

To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command

   t-mbox-util --verbose --filter

can be used; to output w/o sub-addresses add --no-sub.

GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-12 07:44:33 +01:00
Werner Koch
bbed4746ed
gpg: Fix format string in gpgcompose.c
--

For size_t  use "%zu"
For ssize_t use "%zd"

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-11 12:20:34 +01:00
Jussi Kivilinna
b46382dd47 g10/mainproc: avoid extra hash contexts when decrypting AEAD input
* g10/mainproc.c (mainproc_context): New member
'seen_pkt_encrypted_aead'.
(release_list): Clear 'seen_pkt_encrypted_aead'.
(proc_encrypted): Set 'seen_pkt_encrypted_aead'.
(have_seen_pkt_encrypted_aead): New.
(proc_plaintext): Do not enable extra hash contexts when decryption
AEAD input.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-09 18:07:18 +02:00
Jussi Kivilinna
643ec7c642 g10/armor: optimize radix64 to binary conversion
* g10/armor.c (asctobin): Larger look-up table for fast path.
(initialize): Update 'asctobin' initialization.
(radix64_read): Add fast path for radix64 to binary conversion.
--

This patch adds fast path for radix64 to binary conversion in
armored decryption.

Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.

before patch-set
----------------
               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  13.8         140 MB/s
 decrypt-aead:  30.6         68 MB/s
 encrypt-cfb:   17.4         114 MB/s
 decrypt-cfb:   32.6         64 MB/s

after (decrypt+iobuf+crc+radix64 opt)
-------------------------------------
               gpg process
armor:         user time    pipe transfer rate
 decrypt-aead:  9.8          200 MB/s
 decrypt-cfb:   11.9         168 MB/s

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
e8142cc69a g10/armor: optimize binary to radix64 conversion
* g10/armor.c (bintoasc): Change to read-only.
(initialize): Use const pointer for 'bintoasc'.
(armor_output_buf_as_radix64): New function for faster binary to
radix64 conversion.
(armor_filter): Use new conversion function.
--

This patch adds faster binary to radix64 conversion to speed up
armored encryption.

Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.

before patch-set
----------------
               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  13.8         140 MB/s
 decrypt-aead:  30.6         68 MB/s
 encrypt-cfb:   17.4         114 MB/s
 decrypt-cfb:   32.6         64 MB/s

after (decrypt+iobuf+crc+radix64 opt)
-------------------------------------
               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  2.7          523 MB/s
 encrypt-cfb:   6.7          264 MB/s

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
e486d4f025 g10/armor: use libgcrypt's CRC24 implementation
* g10/armor.c (CRCINIT, CRCPOLY, CRCUPDATE, crc_table): Remove.
(new_armor_context): Open libgcrypt CRC24 context.
(release_armor_context): Close CRC24 context.
(initialize): Remove CRC table generation.
(get_afx_crc): New.
(check_input, fake_packet, radix64_read, armor_filter): Update to use
CRC24 context.
* g10/filter.h (armor_filter_context_t): Replace crc intermediate value
with libgcrypt md context pointer.
--

This patch changes armor filter to use optimized CRC24 implementation
from libgcrypt to speed up encryption and decryption.

Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.

before patch-set
----------------
               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  13.8         140 MB/s
 decrypt-aead:  30.6         68 MB/s
 encrypt-cfb:   17.4         114 MB/s
 decrypt-cfb:   32.6         64 MB/s

after (decrypt+iobuf+crc opt)
-----------------------------
               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  8.7          211 MB/s
 decrypt-aead:  17.6         116 MB/s
 encrypt-cfb:   12.6         153 MB/s
 decrypt-cfb:   19.6         105 MB/s

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
47424881b2 g10/armor: remove unused unarmor_pump code
* g10/armor.c (unarmor_state_e, unarmor_pump_s, unarmor_pump_new)
(unarmor_pump_release, unarmor_pump): Remove.
* g10/filter.h (UnarmorPump, unarmor_pump_new, unarmor_pump_release)
(unarmor_pump): Remove.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
a571bb8df5 g10/armor: fix eof checks in radix64_read
* g10/armor.c (radix64_read): Check EOF with '!afx->buffer_len' instead
of 'c == -1', as 'c' is never set to this value.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
5d6c080522 g10/decrypt-data: use iobuf_read for higher performance
* g10/decrypt-data.c (fill_buffer): Use iobuf_read instead of iobuf_get
for reading data.
--

This patch reduces iobuf_read per byte processing overhead and speeds
up decryption.

Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.

before patch-set
----------------
	       gpg process
no-armor:      user time    pipe transfer rate
 encrypt-aead:  1.02         1.0 GB/s
 decrypt-aead:  10.8         185 MB/s
 encrypt-cfb:   4.8          342 MB/s
 decrypt-cfb:   12.7         157 MB/s

               gpg process
armor:         user time    pipe transfer rate
 encrypt-aead:  13.8         140 MB/s
 decrypt-aead:  30.6         68 MB/s
 encrypt-cfb:   17.4         114 MB/s
 decrypt-cfb:   32.6         64 MB/s

after (decrypt opt)
-------------------
               gpg process
no-armor:      user time    pipe transfer rate
 decrypt-aead:  7.3          263 MB/s
 decrypt-cfb:   9.3          211 MB/s

               gpg process
armor:         user time    pipe transfer rate
 decrypt-aead:  27.0         77 MB/s
 decrypt-cfb:   29.0         72 MB/s

Note: decryption results are much slower than encryption because of
extra SHA1 & RIPEMD160 hashing.

GnuPG-bug-id: 3786
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
Jussi Kivilinna
e2b9095de3 g10/decrypt-data: use fill_buffer in more places
* g10/decrypt-data.c (mdc_decode_filter, decode_filter): Use
fill_buffer.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-11-08 21:31:12 +02:00
NIIBE Yutaka
69930f6884 gpgcompose: Fix --sk-esk.
* g10/gpgcompose.c (sk_esk): Copy the result content correctly.
Don't forget to free the result.

--

Fixes-commit: 0131d4369a81a51bf7bb328cc81a3bb082ed1a94
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-08 20:52:38 +09:00
NIIBE Yutaka
7fc3decc2e g10: Fix log_debug formatting.
* g10/cipher-aead.c (do_flush): No cast is correct.
* g10/decrypt-data.c (aead_underflow): No cast needed.
Use "%j" for uint64_t for chunklen.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-08 12:14:23 +09:00
NIIBE Yutaka
01b77ebbb7 g10: Fix print_keygrip for smartcard.
* g10/card-util.c (print_keygrip): Use tty_fprintf.

--

Reported-by: Joey Pabalinas <joeypabalinas@gmail.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-11-06 15:37:04 +09:00
Daniel Kahn Gillmor
a7c5d65eb5 all: fix more spelling errors 2018-10-25 16:53:05 -04:00
Daniel Kahn Gillmor
b39ece7d35 headers: fix spelling
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-25 16:53:05 -04:00
NIIBE Yutaka
0240345728 g10,scd: Improve UIF support.
* g10/call-agent.c (learn_status_cb): Parse "bt" flag.
* g10/call-agent.h: New member field "bt".
* g10/card-util.c (uif): Limit its access only when it is supported.
* scd/app-openpgp.c (do_setattr): Allow access to UIF objects only
when there is a button.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-10-25 16:20:20 +09:00
Daniel Kahn Gillmor
54eb375ff1 all: fix spelling and typos
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-24 15:56:18 -04:00
Werner Koch
64a1e86fc0
gpg: Unfinished support for v5 signatures.
* g10/parse-packet.c (parse_signature): Allow for v5 signatures.
* g10/sig-check.c (check_signature_end_simple): Support the 64bit v5
byte count.
* g10/sign.c (hash_sigversion_to_magic): Ditto.
(write_signature_packets): Request v5 sig for v5 keys.  Remove useless
condition.
(make_keysig_packet): Request v5 sig for v5 keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-24 16:18:27 +02:00
Werner Koch
3b88bceb4d
indent: Modernize g10/sign.c
--
2018-10-24 16:00:20 +02:00
Werner Koch
150a33df41
gpg: Don't take the a TOFU trust model from the trustdb,
* g10/tdbio.c (tdbio_update_version_record): Never store a TOFU model.
(create_version_record): Don't init as TOFU.
(tdbio_db_matches_options): Don't indicate a change in case TOFU is
stored in an old trustdb file.
--

This change allows to switch between a tofu and pgp or tofu+pgp trust
model without an auto rebuild of the trustdb.  This also requires that
the tofu trust model is requested on the command line.  If TOFU will
ever be the default we need to tweak the model detection via TM_AUTO
by also looking into the TOFU data base,

GnuPG-bug-id: 4134
2018-10-10 11:46:16 +02:00
Werner Koch
b6275f3bda
gpg: Fix extra check for sign usage of a data signature.
* g10/sig-check.c (check_signature_end_simple):
--

Obviously we should not ignore a back signature here.

Fixes-commit: 214b0077264e35c079e854a8b6374704aea45cd5
GnuPG-bug-id: 4014
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-08 16:14:17 +02:00
Werner Koch
79f165d7a8
gpg: Make --skip-hidden-recipients work again.
* g10/pubkey-enc.c (get_session_key): Take care of
opt.skip_hidden_recipients.
--
This was lost due to
Fixes-commit: ce2f71760155b71a71418fe145a557c99bd52290
GnuPG-bug-id: 4169

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-08 15:38:37 +02:00
Werner Koch
3c2ffd27f3
gpg: Add new card vendor
--
2018-10-04 09:57:03 +02:00
Werner Koch
8e83493dae
gpg: New options import-drop-uids and export-drop-uids.
* g10/options.h (IMPORT_DROP_UIDS): New.
(EXPORT_DROP_UIDS): New.
* g10/import.c (parse_import_options): Add option "import-drop-uids".
(import_one): Don't bail out with that options and no uids found.
Also remove all uids.
(remove_all_uids): New.
* g10/export.c (parse_export_options): Add option "export-drop-uids".
(do_export_one_keyblock): Implement option.
--

These options are required for experiments with changes to the
keyserver infrastructure.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-02 11:03:27 +02:00
NIIBE Yutaka
0cb65564e0 g10,scd: Support UIF changing command.
* g10/card-util.c (uif, cmdUIF): New.
(card_edit): Add call to uif by cmdUIF.
* scd/app-openpgp.c (do_getattr): Support UIF-1, UIF-2, and UIF-3.
(do_setattr): Likewise.
(do_learn_status): Learn UIF-1, UIF-2, and UIF-3.

--

GnuPG-bug-id: 4158
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-27 16:45:27 +09:00
NIIBE Yutaka
fe8b633954 g10: Fix memory leak for --card-status.
* g10/card-util.c (card_status): Release memory of serial number.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-18 09:34:00 +09:00
NIIBE Yutaka
60c880bda5 g10: Fix another memory leak.
* g10/skclist.c (enum_secret_keys): Use SK_LIST instead of pubkey_t.

--

The use of pubkey_t was wrong.  The use is just a list of keys, not
with keyblock.  With SK_LIST, release_sk_list releases memory by
free_public_key.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-14 08:11:45 +09:00
NIIBE Yutaka
2eb481e8cc g10: Fix memory leak (more).
* g10/skclist.c (enum_secret_keys): Free SERIALNO on update.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-14 08:02:16 +09:00
NIIBE Yutaka
64c5c45e2a g10: Fix memory leak in enum_secret_keys.
* g10/skclist.c (enum_secret_keys): Don't forget to call
free_public_key in the error return paths.

--

Reported-by: Philippe Antoine
GnuPG-bug-id: 4140
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-14 07:55:20 +09:00
Werner Koch
bee65edfbc
dirmngr: Emit SOURCE status also on NO_DATA.
* dirmngr/ks-engine-hkp.c (ks_hkp_search): Send SOURCE status also on
NO DATA error.
(ks_hkp_get): Ditto.
* g10/call-dirmngr.c (gpg_dirmngr_ks_search): Print "data source" info
also on error.
(gpg_dirmngr_ks_get): Ditto.
--

If a keyserver does not return any data it can be useful to know which
keyserver out of the pool answered.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-09-07 11:48:18 +02:00
NIIBE Yutaka
7c96cc67e1 g10: Fix memory leak.
* g10/import.c (read_block): Call free_packet to skip the packet.

--

Reported-by: Philippe Antoine
GnuPG-bug-id: 3916
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-07 13:01:52 +09:00
NIIBE Yutaka
625ced6e67 Fix use of strncpy, which is actually good to use memcpy.
* common/ssh-utils.c (get_fingerprint): Use memcpy.
* g10/build-packet.c (string_to_notation): Use memcpy.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-06 11:41:13 +09:00
Werner Koch
1bfe766bcf
gpg: Explain error message in key generation with --batch
* g10/keygen.c (generate_keypair): Show more info.
--

GnuPG-bug-id: 3912
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-29 15:14:29 +02:00
Werner Koch
ed8fe21e66
gpg: Remove unused function get_pubkeys.
* g10/getkey.c (get_pubkeys): Remove.
(pubkey_free): Remove and use code directly ...
(pubkeys_free): ... here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-29 11:53:59 +02:00
Werner Koch
3da835713f
gpg: New option --known-notation.
* g10/gpg.c (oKnownNotation): New const.
(opts): Add option --known-notation.
(main): Set option.
* g10/parse-packet.c (known_notations_list): New local var.
(register_known_notation): New.
(can_handle_critical_notation): Rewrite to handle the new feature.
Also print the name of unknown notations in verbose mode.
--

GnuPG-bug-id: 4060
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-29 09:36:09 +02:00
Werner Koch
7f172404bf
gpg: Refresh expired keys originating from the WKD.
* g10/getkey.c (getkey_ctx_s): New field found_via_akl.
(get_pubkey_byname): Set it.
(only_expired_enc_subkeys): New.
(get_best_pubkey_byname): Add support to refresh expired keys from the
WKD.
--

A little drawback of that code is that if the WKD has no update for an
expired key each access of the key will trigger a WKD lookup (unless
cached by the dirmngr).  To avoid this we need to record the last time
we have checked for an update but that would in turn require that we
update the keyring for each check.  We defer this until we have a
better key database which allows for fast updates of meta data.

Testing the code is currently a bit cumbersome because it requires to
update a key in the WKD several times.  Eventually we we need a
network emulation layer to provide sample data for the regression
tests.

GnuPG-bug-id: 2917
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-28 15:22:35 +02:00
Werner Koch
db67ccb759
gpg: Remove unused arg from a function.
* g10/getkey.c (get_best_pubkey_byname): Remove unused arg 'no_akl'.
Change both callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-28 15:16:19 +02:00
Werner Koch
108702ccae
gpg: Prepare for longer card fingerprints.
* g10/call-agent.h (agent_card_info_s): Rename the "*valid" fields to
"*len".
* g10/call-agent.c (unhexify_fpr): Change to take a FPRLEN and to
return the actual length.
(agent_release_card_info): Adjust for these changes.
* g10/card-util.c (print_sha1_fpr): Rename to print_shax_fpr and add
arg FPRLEN.  Change all callers to pass the length.
(print_sha1_fpr_colon): Rename to print_shax_fpr_colon and add arg
FPRLEN.  Change all callers to pass the length.
(fpr_is_zero): Add arg FPRLEN.
(fpr_is_ff): Ditto.
(show_card_key_info): Use the new functions.
* g10/skclist.c (enum_secret_keys): Use MAX_FINGERPRINT_LEN.
--

This is not needed right now but we should get rid of all hard coded
fingerprint lengths.  Thus this change.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-27 16:57:04 +02:00
NIIBE Yutaka
b823788d20 g10: Fix enum_secret_keys for card keys.
* g10/skclist.c (enum_secret_keys): Since "KEY-FPR" returns
fingerprint in binary, change it to hex string.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 16:25:05 +09:00
NIIBE Yutaka
84cc55880a g10: Prefer to available card keys for decryption.
* g10/skclist.c (enum_secret_keys): Add logic to prefer
decryption keys on cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 16:24:45 +09:00
NIIBE Yutaka
03a8de7def g10: Move enum_secret_keys to skclist.c.
* g10/getkey.c (enum_secret_keys): Move to...
* g10/skclist.c (enum_secret_keys): ... here.

--

The function enum_secret_keys is not used by gpgv.c, but it is in
getkey.c.  Extending enum_secret_keys will require change of gpgv.c,
so moving the function to the file for gpg is better.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 16:24:27 +09:00
NIIBE Yutaka
6bb93fc295 g10: Fix comment of enum_secret_keys.
* g10/getkey.c (enum_secret_keys): Fix comment for usage of
enum_secret_keys, following the previous change.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 16:24:11 +09:00
NIIBE Yutaka
30153c65f0 g10: Enumerated keys for decryption should be unique.
* g10/getkey.c (enum_secret_keys): Collecting keys in the context,
check duplicate to make sure returning only unique keys.
* g10/pubkey-enc.c (get_session_key): Now, it's the responsibility of
enum_secret_keys to free keys.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 16:24:00 +09:00
NIIBE Yutaka
ce2f717601 g10: Change decryption key selection for public key encryption.
* g10/mainproc.c (struct mainproc_context): It's now pubkey_enc_list.
(do_proc_packets): Remove the first arg CTRL.  Fix call of
proc_pubkey_enc.
(release_list): Handle pubkey_enc_list.
(proc_pubkey_enc): Remove the first arg CTRL.  Simply put the packet
to pubkey_enc_list.
(print_pkenc_list): Remove the last arg FAILED.
(proc_encrypted): Only call print_pkenc_list once.
Handle DEK here.
(proc_packets, proc_signature_packets, proc_signature_packets_by_fd)
(proc_encryption_packets): Fix call of do_proc_packets.
* g10/packet.h (struct pubkey_enc_list): Define.
* g10/pubkey-enc.c (get_it): Change the second argument K.
(get_session_key): Select session key by LIST, using enum_secret_keys.
* g10/gpgv.c (get_session_key): Change the second argument K.
* g10/test-stubs.c (get_session_key): Likewise.

--

Collect all PKT_PUBKEY_ENC packets, and then, process the
PKT_ENCRYPTED* packet.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-27 13:12:31 +09:00
NIIBE Yutaka
1b309d9f61 g10: Fix undefined behavior when EOF in parsing packet for S2K.
* g10/parse-packet.c (parse_symkeyenc): Use iobuf_get_noeof.
(parse_key): Likewise.

--

When EOF comes at parsing s2k.count, it is possible the value will
be (unsigned long)-1.  Then, the result of S2K_DECODE_COUNT will be
undefined.  This patch fixes undefined behavior.

Reported-by: Philippe Antoine
GnuPG-bug-id: 4093
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-08-10 15:29:06 +09:00
Werner Koch
e88f56f193
gpg: Set a limit for a WKD import of 256 KiB.
* g10/call-dirmngr.c (MAX_WKD_RESULT_LENGTH): New.
(gpg_dirmngr_wkd_get): Use it.
--

WKD should return only a single key with just one UID.  For key
rollover 2 keys may be send.  A total of 256 KiB seems to be a
generous limit here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-27 17:48:18 +02:00
Werner Koch
bd4048c533
dirmngr: Print a WARNING status for DNS config problems.
* dirmngr/dirmngr-status.h: New.
* dirmngr/dirmngr.h: Include dirmngr-status.h and move some prototypes
to that file.
* dirmngr/t-support.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add dirmngr-status.h.
(t_common_src): Add t-support.c.
* dirmngr/server.c (dirmngr_status_printf): Bypass if CTRL is NULL.
* dirmngr/dns-stuff.c: Include dirmngr-status.h.
(libdns_init): Print WARNING status line.  Change call callers to take
and pass a CTRL argument.
* g10/call-dirmngr.c (ks_status_cb): Print info for new WARNING
status.
--

To test this you can change RESOLV_CONF_NAME in dns-stuff.c and run
gpg --recv-key -v SOMETHING.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-25 14:35:04 +02:00
Werner Koch
9aa1b368ef
gpg: Use 128 MiB as default AEAD chunk size.
* g10/gpg.c (oDebugAllowLargeChunks): New.
(opts): New option --debug-allow-large-chunks.
(main): Implement that option.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-24 09:58:02 +02:00
Werner Koch
76989d5bd8
gpg: Remove multiple subkey bindings during export-clean.
* g10/key-clean.c (clean_one_subkey_dupsigs): New.
(clean_all_subkeys): Call it.
--

GnuPG-bug-id: 3804
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-09 12:01:02 +02:00
Werner Koch
c2fd65ec84
gpg: Let export-clean remove expired subkeys.
* g10/key-clean.h (KEY_CLEAN_NONE, KEY_CLEAN_INVALID)
(KEY_CLEAN_ENCR, KEY_CLEAN_AUTHENCR, KEY_CLEAN_ALL): New.
* g10/key-clean.c (clean_one_subkey): New.
(clean_all_subkeys): Add arg CLEAN_LEVEL.
* g10/import.c (import_one): Call clean_all_subkeys with
KEY_CLEAN_NONE.
* g10/export.c (do_export_stream): Call clean_all_subkeys depedning on
the export clean options.
--

GnuPG-bug-id: 3622
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-09 09:49:21 +02:00
Werner Koch
6c3567196f
gpg: Split key cleaning function for clarity.
* g10/key-clean.c (clean_key): Rename to clean_all_uids and split
subkey cleaning into ...
(clean_all_subkeys): new.  Call that always after the former clean_key
invocations.
--

Note that the clean_all_subkeys function will later be extended.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-09 08:15:50 +02:00
Werner Koch
135e46ea48
gpg: Move key cleaning functions to a separate file.
* g10/trust.c (mark_usable_uid_certs, clean_sigs_from_uid)
(clean_uid_from_key, clean_one_uid, clean_key): Move to ...
* g10/key-clean.c: new file.
* g10/key-clean.h: New.
* g10/Makefile.am (gpg_sources): Add new files.
* g10/export.c, g10/import.c, g10/keyedit.c, g10/trustdb.c: Include
new header.
* g10/trustdb.h (struct key_item, is_in_klist): Move to ...
* g10/keydb.h: here.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-06 11:40:16 +02:00
Werner Koch
f7526c7bc7
gpg: Prepare for signatures with ISSUER_FPR but without ISSUER.
* g10/getkey.c (get_pubkey_for_sig): New.
(get_pubkeyblock_for_sig): New.
* g10/mainproc.c (issuer_fpr_raw): Give global scope.
(check_sig_and_print): Use get_pubkeyblock_for_sig.
* g10/pkclist.c (check_signatures_trust): Use get_pubkey_for_sig.
* g10/sig-check.c (check_signature2): Ditto.
(check_signature_over_key_or_uid): Ditto.
--

GnuPG-bug-id: 4046

The whole getkey stuff is still a mess with way to much duplication
and missing caching of already fetched data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-05 20:55:32 +02:00
Werner Koch
9ea9b9db7e
doc: Typo fix in a comment.
--
2018-07-05 09:42:06 +02:00
Werner Koch
01cd66f9fa
gpg: Ignore too large user ids during import.
* g10/import.c (read_block): Add special treatment for bad user ids
and comment packets.
--

See
GnuPG-bug-id: 4022
for an example of a bogus user id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-04 09:58:05 +02:00
Werner Koch
60e7e102a1
indent: Fix indentation of read_block in g10/import.c
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-04 09:45:52 +02:00
Werner Koch
214b007726
gpg: Extra check for sign usage when verifying a data signature.
* g10/sig-check.c (check_signature_end_simple): Check sign usage.
--

Without this patch the signature verification fails only due to the
missing back signature.  This check better explains what went wrong.

GnuPG-bug-id: 4014
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-04 09:01:10 +02:00
NIIBE Yutaka
996febbab2 g10: Fix memory leak for PKT_signature.
* g10/getkey.c (buf_to_sig): Free by free_seckey_enc.
* g10/gpgcompose.c (signature): Likewise.
* g10/sign.c (write_signature_packets): Likewise.

--

Reported-by: Philippe Antoine
GnuPG-bug-id: 4047
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-07-03 09:07:03 +09:00
Werner Koch
592deeddb9
gpg: Print revocation reason for "rev" records.
* g10/main.h: Add prototype.
* g10/keylist.c (list_keyblock_print): Print revocation info.
(list_keyblock_colon): Ditto.

* g10/test-stubs.c (get_revocation_reason): New stub.
* g10/gpgv.c (get_revocation_reason): New stub.
--

GnuPG-bug-id: 1173
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-21 20:28:51 +02:00
Werner Koch
b7cd2c2093
gpg: Print revocation reason for "rvs" records.
* g10/import.c (get_revocation_reason): New.
(list_standalone_revocation): Extend function.
--

Note that this function extends the "rvs" field signature-class (field
11) with the revocation reason.  GPGME does not yet parse this but it
can be expected that the comma delimiter does not break other parsers.

A new field is added to the "rvs" (and in future also the "rev")
record to carry a record specific comment.  Hopefully all parsers
meanwhile learned the lesson from other new fields and don't bail out
on more fields than they know about.

This is partial solution to
GnuPG-bug-id: 1173

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-21 20:03:44 +02:00
Werner Koch
386b9c4f25
gpg: Let --show-keys print revocation certificates.
* g10/import.c (list_standalone_revocation): New.
(import_revoke_cert): Call new function.
--

GnuPG-bug-id: 4018
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-21 15:06:40 +02:00
Werner Koch
cb52eb76b3
Some preparations to eventuallt use gpgrt_argparse.
* configure.ac (GNUPG_DEF_COPYRIGHT_LINE: New.
* tools/watchgnupg.c (print_version): USe this macro.
* common/init.c (_init_common_subsystems): Register argparse
functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-12 16:11:19 +02:00
Werner Koch
fe621cc64b
gpg: Do not import revocations with --show-keys.
* g10/import.c (import_revoke_cert): Add arg 'options'.  Take care of
IMPORT_DRY_RUN.
--

GnuPG-bug-id: 4017
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-12 09:07:16 +02:00
NIIBE Yutaka
8f99299a54 card: Fix memory leak for fetch-url sub command.
* g10/card-util.c (fetch_url): Release INFO.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-06-12 15:54:18 +09:00
Daniel Kahn Gillmor
2ddfb5bef9
gpg: Add new usage option for drop-subkey filters.
* g10/import.c (impex_filter_getval): Add new "usage" property for
drop-subkey filter.
--

For example, this permits extraction of only encryption-capable
subkeys like so:

    gpg --export-filter 'drop-subkey=usage !~ e' --export $FPR

GnuPG-Bug-id: 4019
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-06-12 08:19:19 +02:00
Werner Koch
d2bc66f241
gpg: Set some list options with --show-keys
* g10/gpg.c (main): Set some list options.
--

The new command --show-keys is commonly used to check the content of a
file with keys.  In this case it can be expected that all included
subkeys and uids are of interested, even when they are already expired
or have been revoked.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-11 08:48:21 +02:00
Werner Koch
13f135c7a2
gpg: Sanitize diagnostic with the original file name.
* g10/mainproc.c (proc_plaintext): Sanitize verbose output.
--

This fixes a forgotten sanitation of user supplied data in a verbose
mode diagnostic.  The mention CVE is about using this to inject
status-fd lines into the stderr output.  Other harm good as well be
done.  Note that GPGME based applications are not affected because
GPGME does not fold status output into stderr.

CVE-id: CVE-2018-12020
GnuPG-bug-id: 4012
2018-06-08 10:45:21 +02:00
Werner Koch
26746fe65d
gpg: Improve import's repair-key duplicate signature detection.
* g10/key-check.c (key_check_all_keysigs): Factor some code out to ...
(remove_duplicate_sigs): new.
(key_check_all_keysigs): Call remove_duplicate_sigs again after
reordering.
--

This is a follupup for commit 26bce2f01d2029ea2b8a8dbbe36118e3c83c5cba
to cleanup the code and to add a second de-duplicate step when needed.

GnuPG-bug-id: 3994
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-07 18:41:17 +02:00
Werner Koch
26bce2f01d
gpg: Fix import's repair-key duplicate signature detection.
* g10/packet.h (PKG_siganture): Add field 'help_counter'.
* g10/key-check.c (sig_comparison): Take care of HELP_COUNTER.
(key_check_all_keysigs): De-duplicate on a per-block base.
--

The key_check_all_keysigs first does a detection of duplicate
signature.  This is done over all signatures at once.  The problem
here is for example:

   key
   uid_1
     sig_uid_1.1
     sig_uid_1.2
   subkey_1
     sig_sub_1.1
   subkey_2
     sig_sub_2.1
     sig_sub_2.2  (duplicate of sig_sub_1.1)

Now the de-duplication deletes the first signature and keeps the
second.  That works in most cases for foreign signature on userids but
in the above constellation the code simply removes sig_sub_1.1 so that
subkey_1 has no binding signature anymore.  In a later step during
import the missing binding is detected and subkey_1 is removed because
it is not anymore valid.  The sig_sub_2.2 will also be removed later
because it does not check out for subkey_2 (that is as expected).

The fix is to let the de-duplication work only on blocks (ie. within
the signatures of a user id or a subkey).  This will not detect all
duplicates but that does not harm because later steps will detect and
remove them.

In the above case (with this patch applied) the second phase of
key_check_all_keysigs will reorder key signatures and move the
duplicate sig_sub_2.2 directly after sig_sub_1.1.  This duplicates the
signature and for cleanness we should kick the de-duplication process
again.  This will be done with a followup patch.

GnuPG-bug-id: 3994
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-07 17:22:58 +02:00
Werner Koch
1bc6b51742
gpg: Improve verbose output during import.
* g10/import.c (chk_self_sigs): Print the subkeyid in addition to the
keyid.
(delete_inv_parts): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-07 10:30:07 +02:00
Werner Koch
344b548dc7
gpg: Also detect a plaintext packet before an encrypted packet.
* g10/mainproc.c (proc_encrypted): Print warning and later force an
error.
--

Note that when this error is triggered the plaintext from the literal
data packet has already been outputted before the BEGIN_DECRYPTION
status line.  We fail only later to get more information.  Callers
need to check and act upon the decryption error code anyway.

Thanks to Marcus for pointing out this case.

GnuPG-bug-id: 4000
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-06 15:46:34 +02:00
Werner Koch
257661d6ae
gpg: New command --show-keys.
* g10/gpg.c (aShowKeys): New const.
(opts): New command --show-keys.
(main): Implement command.
* g10/import.c (import_keys_internal): Don't print stats in show-only
mode.
(import_one): Be silent in show-only mode.
--

Using

  --import --import-options show-only

to look at a key is too cumbersome.  Provide this shortcut and also
remove some diagnostic cruft in this case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-06 11:57:34 +02:00
NIIBE Yutaka
d2e6b3ea1d g10: Remove bogus comment.
* g10/mainproc.c (proc_pubkey_enc): Remove a comment.

--

GnuPG always uses the OpenPGP algo number in its status report.
We can find a function in GPGME, it's _gpgme_map_pk_algo.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-06-05 11:22:10 +09:00
Werner Koch
874e391665
gpg: Print a hint on how to decrypt a non-mdc message anyway.
* g10/mainproc.c (proc_encrypted): Print a hint for legacy ciphers w/o
MDC.  Also print a dedicated status error code

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-31 12:59:40 +02:00
Werner Koch
d3d41146b3
gpg: Ignore the multiple message override options.
* g10/gpg.c (oAllowMultisigVerification)
(oAllowMultipleMessages, oNoAllowMultipleMessages): Remove.
(opts): Turn --allow-multisig-verification, --allow-multiple-messages
and --no-allow-multiple-messages into NOPs
* g10/options.h (struct opt): Remove flags.allow_multiple_messages.
* g10/mainproc.c (proc_plaintext): Assume allow_multiple_messages is
false.
--

These options are very old compatibility hacks and should not be used
anymore.  We keep them as dummy options in case someone has them in
the conf file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-30 22:05:57 +02:00
Werner Koch
97183b5c0f
gpg: Detect multiple literal plaintext packets more reliable.
* g10/mainproc.c (proc_encrypted): Bump LITERALS_SEEN.
--

GnuPG-bug-id: 4000
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-30 21:45:37 +02:00
Werner Koch
b2c05d6912
gpg: Remove PGP6 compliance mode.
* g10/gpg.c: Make --pgp6 an alias for --pgp7.
* common/compliance.h (gnupg_compliance_mode): Remove CO_PGP6.
* g10/options.h (PGP6): Remove.  Adjust all users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-29 13:01:12 +02:00
Werner Koch
253e8bdd90
gpg: Remove MDC options
* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc
and --no-disable-mdc into NOPs.
* g10/encrypt.c (use_mdc): Simplify.  MDC is now almost always used.
(use_aead): Ignore MDC options. Print warning for missing MDC feature
flags.
* g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ...
(warn_missing_aead_from_pklist): this and adjust.
--

The MDC is now always used except with --rfc2440 which will lead to a
a big fat warning.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-29 12:42:52 +02:00
Werner Koch
af4a5dbe57
gpg: Fix detection of the AEAD feature flag.
* g10/getkey.c (fixup_uidnode): Use bitmask 0x02.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-29 12:24:19 +02:00
Werner Koch
d1431901f0
gpg: Hard fail on a missing MDC even for legacy algorithms.
* g10/mainproc.c (proc_encrypted): Require an MDC or AEAD
* tests/openpgp/defs.scm (create-gpghome): Use --ignore-mdc-error to
allow testing with the current files.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-15 12:38:17 +02:00
Werner Koch
96350c5d5a
gpg: Turn --no-mdc-warn into a NOP.
* g10/gpg.c (oNoMDCWarn): Remove.
(opts): Make --no-mdc-warn a NOP.
(main): Don't set var.
* g10/options.h (struct opt): Remove 'no_mdc_var'.
* g10/cipher-cfb.c (write_header): Assume opt.no_mdc_warn is false.
* g10/mainproc.c (proc_encrypted): Ditto.
--

Users should not be allowed to suppress the warning that they are
shooting into their foot.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-15 12:20:04 +02:00
Werner Koch
7b7576637d
Merge branch 'STABLE-BRANCH-2-2' into master
--

Resolved Conflicts:
	NEWS  - removed
	configure.ac - removed

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-13 13:29:40 +02:00
Werner Koch
d26363e4f1
gpg: Fix minor memory leak in the compress filter.
* g10/compress.c (push_compress_filter2): Return an error if no filter
was pushed.
(push_compress_filter): Ditto.
(handle_compressed): Free CFX if no filter was pushed.
* g10/import.c (read_block): Ditto.
--

GnuPG-bug-id: 3898, 3930
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-02 20:15:10 +02:00
NIIBE Yutaka
71903eee89 g10: Fix printing the keygrip with --card-status.
* g10/card-util.c (current_card_status): Keygrip for Auth is 3.

--

Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-04-25 09:37:21 +09:00
NIIBE Yutaka
f747b8f073 g10: Fix memory leak in check_sig_and_print.
* g10/mainproc.c (check_sig_and_print): Free the public key.

--

GnuPG-bug-id: 3900
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-04-13 16:42:34 +09:00
NIIBE Yutaka
c31abf8465 g10: Push compress filter only if compressed.
* g10/compress.c (handle_compressed): Fix memory leak.

--

All other calls of push_compress_filter checks ALGO,
so, do it here, too.

GnuPG-bug-id: 3898
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-04-13 10:09:02 +09:00
Werner Koch
69c3e7acb7
gpg: Extend the "sig" record in --list-mode.
* g10/getkey.c (get_user_id_string): Add arg R_NOUID.  Change call
callers.
(get_user_id): Add arg R_NOUID.  Change call callers.
* g10/mainproc.c (issuer_fpr_string): Make global.
* g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key
also in --list-mode.  Print the "issuer fpr" field also if there is an
issuer fingerprint subpacket.
--

Scripts used to rely on the "User ID not found" string even in the
--with-colons listing.  However, that is not a good idea because that
string is subject to translations etc.  Now we have an explicit way of
telling that a key is missing.  For example:

  gpg --list-sigs --with-colons | \
    awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}'

Prints all keyids or fingerprint of signing keys for which we do not
have the key in our local keyring.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 17:53:17 +02:00
Werner Koch
23a714598c
gpg: Extend the ERRSIG status line with a fingerprint.
* g10/mainproc.c (issuer_fpr_raw): New.
(issuer_fpr_string): Re-implement using issuer_fpr_rtaw.
(check_sig_and_print): Don't free ISSUER_FPR.  Use ISSUER_FPR_RAW.
Use write_status_printf.  Extend ERRSIG status.
--

Modern OpenPGP implementations put the ISSUER_FPR into the signature
to make it easier to discover the, public needed to check the
signature.  This is also useful in error messages and thus we add it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 16:41:18 +02:00
Werner Koch
e2bd152a92
gpg: Relax printing of STATUS_FAILURE.
* g10/gpg.c (g10_exit): Print STATUS_FAILURE only based on passed
return code and not on the presence of any call to log_error.
--

This fixes an actual regression in GPGME where FAILURE is considered
for example by a signature verify operation.  The operation will simply
fail and not just record that that a signature could not be verified.
In particular for files with more than one signature a log_error if
often called to show that a pubkey is missing for one of the
signatures.  Using that log_error is correct in that case.

Fixes-commit: 0336e5d1a7b9d46e06c838e6a98aecfcc9542882
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 11:49:36 +02:00
Werner Koch
789d240cb4
gpg: New option --no-symkey-cache.
* g10/gpg.c (oNoSymkeyCache): New.
(opts): Add that option.
(main): Set var.
* g10/options.h (struct opt): New field no_symkey_cache.
* g10/passphrase.c (passphrase_to_dek): Implement that feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-11 20:35:40 +02:00
Werner Koch
36373798c0
Merge branch 'STABLE-BRANCH-2-2' into master
--
Fixed conflicts:
  NEWS            - keep master
  configure.ac    - merge
  g10/card-util.c - mostly 2.2
  g10/sig-check.c - 2.2
2018-04-10 10:14:30 +02:00
Werner Koch
a4e26f2ee8
doc: Document --key-edit:change-usage
* g10/keyedit.c (menu_changeusage): Make strings translatable.
--

GnuPG-bug-id: 3816
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-09 10:36:26 +02:00
Werner Koch
1a5d95e731
gpg: Check that a key may do certifications.
* g10/sig-check.c (check_signature_end_simple): Check key usage for
certifications.
(check_signature_over_key_or_uid): Request usage certification.
--

GnuPG-bug-id: 3844
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-06 17:32:27 +02:00
Werner Koch
0336e5d1a7
gpg: Emit FAILURE stati now in almost all cases.
* g10/cpr.c (write_status_failure): Make it print only once.
* g10/gpg.c (wrong_args): Bump error counter.
(g10_exit): Print a FAILURE status if we ever did a log_error etc.
(main): Use log_error instead of log_fatal at one place.  Print a
FAILURE status for a bad option.  Ditto for certain exit points so
that we can see different error locations.
--

This makes it easier to detect errors by tools which have no way to
get the exit code (e.g. due to double forking).

GnuPG-bug-id: 3872
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-06 17:32:25 +02:00
Werner Koch
cfd0779808
doc: Add a code comment about back signatures.
--
2018-04-06 11:01:46 +02:00
Werner Koch
5ba74a134d
gpg: Re-indent sig-check.c and use signature class macros.
* g10/keydb.h (IS_BACK_SIG): New.
* g10/sig-check.c: Re-indent and use macros.
--

This makes the code easier to understand.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-06 10:18:53 +02:00
Werner Koch
d27417d3a5
gpg: Add new OpenPGP card vendor.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-05 15:25:13 +02:00
NIIBE Yutaka
870527df0d g10: Let card-edit/key-attr show message when change.
* g10/card-util.c (ask_card_rsa_keysize): Don't show message here.
(ask_card_keyattr): Show message when change, also for ECC.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-04-05 10:37:23 +09:00
NIIBE Yutaka
a17d2d1f69 g10: Fix filtering by PK->REQ_USAGE.
* g10/getkey.c (get_pubkey_byfprint): Filter by PK->REQ_USAGE.

--

GnuPG-bug-id: 3844
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-04-02 17:44:54 +09:00
NIIBE Yutaka
130ad98240 g10: Fix card-edit/kdf-setup for single salt.
* g10/card-util.c (gen_kdf_data): Use SALT_USER.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-30 16:55:01 +09:00
NIIBE Yutaka
0c097575a9 g10,scd: Support single salt for KDF data object.
* g10/card-util.c (gen_kdf_data): Support single salt.
(kdf_setup): Can have argument for single salt.
* scd/app-openpgp.c (pin2hash_if_kdf): Support single salt.

--

Gnuk has "admin-less" mode.  To support "admin-less" mode with KDF
feature, salt should be same for user and admin.  Thus, I introduce a
valid use of single salt.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-30 12:48:04 +09:00
NIIBE Yutaka
820380335a g10: Add "key-attr" command for --card-edit.
* g10/card-util.c (key_attr): New explicit command.
(generate_card_keys, card_generate_subkey): Don't ask key attr change.
(card_edit): Add for cmdKEYATTR.

--

GnuPG-bug-id: 3781
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-30 10:59:10 +09:00
NIIBE Yutaka
a1515b3bbc g10: Support key attribute change at --card-edit/generate.
* g10/card-util.c (ask_card_rsa_keysize): Drop support for magic
number 25519 for ed25519/cv25519.  Rename from ask_card_keyattr.
(ask_card_keyattr): Support ECC, as well as RSA.
(do_change_keyattr): Support ECC dropping magical number 25519.
* g10/keygen.c (ask_curve): Allow call from outside, adding last arg
of CURRENT.
(generate_keypair): Follow the change of ask_curve.
(generate_subkeypair): Likewise.

--

GnuPG-bug-id: 3781
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-29 11:56:02 +09:00
NIIBE Yutaka
02d7bb819f g10: check_pin_for_key_operation should be just before genkey.
* g10/card-util.c (generate_card_keys): Check PIN later.
(card_generate_subkey): Likewise.

--

Changing key attribute resets PIN authentication status.  So, CHECKPIN
should be after that, before key generation.  Note that CHECKPIN is
done for binding signature.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-29 10:48:37 +09:00
NIIBE Yutaka
e610d51f0d g10: Change ask_curve so that it can be used outside.
* g10/call-agent.h (struct key_attr): New.
* g10/keygen.c (ask_curve): Return const char *.  No allocation.
(quick_generate_keypair): Follow the change.
(generate_keypair, generate_subkeypair): Likewise.
(parse_algo_usage_expire): Return const char *.

--

This change is intended for using ask_curve from card-util.c.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-28 18:44:45 +09:00
Werner Koch
d4dc4245bf
Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
Werner Koch
eb68c2d3d1
gpg: Auto-fix a broken trustdb with just the version record.
* g10/tdbio.c (get_trusthashrec): Create hashtable on error.

GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-26 18:20:16 +02:00
Werner Koch
a750ebebf3
gpg: Pass CTRL arg to get_trusthashrec.
* g10/tdbio.c (get_trusthashrec): Add arg CTRL.
(tdbio_search_trust_byfpr): Ditto.
(tdbio_search_trust_bypk): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-26 18:06:43 +02:00
Werner Koch
403aa70c52
gpg: Return better error codes in case of a too short trustdb.
* g10/tdbio.c (tdbio_read_record): Return GPG_ERR_EOF.
(tdbio_new_recnum): Never return on error.
(lookup_hashtable): Print a more descriptive error in case of !TABLE.
--

Also: tdbio_new_recnum had a bug in that it returned an error code and
not a record number in the error case.  The function is expected to
always return a valid new record number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-26 17:55:03 +02:00
Werner Koch
456a3a8e93
gpg: Fix trustdb updates without lock held.
* g10/tdbio.c (is_locked): Turn into a counter.
(take_write_lock, release_write_lock): Implement recursive locks.
--

On trustdb creation we have this call sequence:

  init_trustdb                 -> takes lock
    tdbio_set_dbname
      create_version_record
       tdbio_write_record
         put_record_into_cache -> takes lock
         put_record_into_cache -> releases lock
  init_trustdb                 -> releases lock

The second take lock does noting but the first release lock has
already released the lock and the second release lock is a thus a NOP.
This is likely the cause for the corrupted trustdb as reported in

GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-26 16:57:04 +02:00
Werner Koch
5f00531463
gpg: Disable unused code parts in tdbio.c
* g10/tdbio.c (in_transaction): Comment this var.
(put_record_into_cache): Comment the transaction code.
(tdbio_sync): Ditto

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-26 16:26:46 +02:00
Werner Koch
2cd35df5db
gpg,sm: New option --request-origin.
* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 09:06:20 +01:00
Werner Koch
165bc38cef
gpg: Implement --dry-run for --passwd.
* g10/keyedit.c (change_passphrase): Take care of --dry-run.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-22 10:23:35 +01:00
NIIBE Yutaka
0152ba7c98 scd: Support KDF DO setup.
* g10/call-agent.c (learn_status_cb): Parse the capability for KDF.
* g10/card-util.c (gen_kdf_data, kdf_setup): New.
(card_edit): New admin command cmdKDFSETUP to call kdf_setup.
* scd/app-openpgp.c (do_getattr): Emit KDF capability.

--

GnuPG-bug-id: 3823
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-22 15:50:31 +09:00
Werner Koch
34ec012561
doc: Typo fix in comment.
--
2018-03-21 19:45:31 +01:00
Werner Koch
983f7b2acb
gpg: Fix out-of-bound read in subpacket enumeration
* g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading
the type octet.  Print diagnostic.
--

If the final subpacket has only a length header evaluating to zero and
missing the type octet, a read could happen right behind the buffer.
Valgrind detected this.  Fix is obvious.  Note that the further
parsing of the subpacket is still okay because it always checks the
length.  Note further that --list-packets uses a different code path
and already reported an error.

Reported-by: Philippe Antoine

He provided a test file copied below.  Running "gpg -v --verify" on it
triggered the bug.

-----BEGIN PGP ARMORED FILE-----
Comment: Use "gpg --dearmor" for unpacking

kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0
LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj
MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs
IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg
MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl
bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg
ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp
XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/
Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF
qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn
hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr
8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae
Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP
q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B
wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL
WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw
WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR
eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa
eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX
=qYZP
-----END PGP ARMORED FILE-----

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-21 19:43:33 +01:00
NIIBE Yutaka
2c85e202bc scd: Better user interaction for factory-reset.
* g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte.
Connect the card again at the last step.

--

Before the change, a user has to quit the session to continue.  Now,
it is possible to type RET in the session and see if it's really done.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-16 11:27:33 +09:00
NIIBE Yutaka
334b948981 gpg: Fix build on Windows.
--

WIN32_LEAN_AND_MEAN is required to avoid definitions of grp1, grp2,
and grp3 in dlgs.h, which is included by windows.h.

Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-08 14:08:51 +09:00
Werner Koch
f574aabeeb
Merge branch 'STABLE-BRANCH-2-2' into wk-master 2018-03-06 16:26:26 +01:00
Werner Koch
bf43b39c05
gpg: Fix regression in last --card-status patch
--

Sorry, I accidentally pushed the last commit without having amended it
with this fix.

Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-01 19:10:10 +01:00
Werner Koch
fd595c9d36
gpg: Print the keygrip with --card-status
* g10/call-agent.h (agent_card_info_s): Add fields grp1, grp2 and
grp3.
* g10/call-agent.c (unhexify_fpr): Allow for space as delimiter.
(learn_status_cb): Parse KEYPARIINFO int the grpX fields.
* g10/card-util.c (print_keygrip): New.
(current_card_status): Print "grp:" records or with --with-keygrip a
human readable keygrip.
--

Suggested-by: Peter Lebbing <peter@digitalbrains.com>
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-01 19:03:23 +01:00
Werner Koch
f2c09203b9
gpg: Avoid writing a zero length last chunk in AEAD mode.
* g10/cipher-aead.c (write_header): Do not call set_nonce_and_ad.
(write_final_chunk): Do not increase chunkindex.
(do_flush): Call set_nonce_and_ad immediately before the first
encryption of a chunk.  Bump up the chunkindex after writing the tag.
(do_free): Do not insert a zero length last chunk.
* g10/decrypt-data.c (aead_underflow): Fix the corresponding bug.
--

This fixes a bug in writing a zero length last chunk right before the
final chunk (which has by design a zero length).  We also need to
adjust the decryption part because that assumed this zero length last
chunk.

Note that we use the term "last chunk" for the chunk which directly
precedes the "final chunk" which ends the entire encryption.

GnuPG-bug-id: 3774
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-28 09:39:57 +01:00
Werner Koch
047506a03d
gpg: Merge two functions in cipher-aead.c
* g10/cipher-aead.c (set_nonce, set_additional_data): Merge into ...
(set_nonce_and_ad): new function.
(write_auth_tag): Print error message here.
(do_flush): Rename var newchunk to finalize.
--

There is no need to have separate functions here.  We should also
print a error message for writing the final tag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-28 08:48:48 +01:00
Werner Koch
618b86325f
gpg: Simplify the AEAD decryption function.
* g10/decrypt-data.c (aead_set_nonce, aead_set_ad): Merge into ...
(aead_set_nonce_and_ad): new single function.  Change callers.
(decrypt_data): Do not set the nonce and ad here.
(aead_underflow): Get rid of the LAST_CHUNK_DONE hack.
--

The main change here is that we now re-init the context only right
before we decrypt and not after a checktag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-27 21:11:34 +01:00
Werner Koch
ad989373f1
gpg: Factor common code out of the AEAD decryption function.
* g10/decrypt-data.c (aead_underflow): Factor reading and checking
code code out to ...
(fill_buffer, aead_checktag): new functions.
--

Here is a simple test script to check against a set of encrypted files
with naming convention like "symenc-aead-eax-c6-56.asc"

# ------------------------ >8 ------------------------
set -e
GPG=../g10/gpg
for file in "$@"; do
  echo "${file##*/}" | ( IFS=- read dummy1 dummy2 mode cbyte len rest
  len="${len%.*}"
  cbyte="${cbyte#c}"
  [ "$dummy1" != "symenc" -o "$dummy2" != "aead" ] && continue
  echo "checking mode=$mode chunkbyte=$cbyte length=$len"
  if ! $GPG --no-options --rfc4880bis --batch --passphrase "abc" \
             -d < $file >tmp.plain 2>/dev/null; then
      echo "Decryption failed for $file" >&2
      exit 2
  fi
  plainlen=$(wc -c <tmp.plain)
  if [ $plainlen -ne $len ]; then
      echo "Plaintext length mismatch for $file (want=$len have=$plainlen)" >&2
      exit 2
  fi

  )
done
echo "all files are okay" >&2
# ------------------------ 8< ------------------------

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-27 20:19:32 +01:00
Werner Koch
b703ba725d
gpg: Rename cipher.c to cipher-cfb.c
* g10/cipher.c: Rename to ...
* g10/cipher-cfb.c: this.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-27 13:57:57 +01:00
Werner Koch
ebb0fcf6e0
gpg: Fix corner cases in AEAD encryption.
* g10/cipher-aead.c (write_final_chunk): Do not bump up the chunk
index if the previous chunk was empty.
* g10/decrypt-data.c (aead_underflow): Likewise.  Also handle a other
corner cases.  Add more debug output.
--

GnuPG-bug-id: 3774

This fixes the reported case when the encrypted data is a multiple of
the chunk size.  Then the chunk index for the final chunk was wrongly
incremented by 2.  The actual fix makes use of the fact that the
current dfx->CHUNKLEN is 0 in this case.  There is also some other
reorganizing to help with debugging.  The thing seems to work now but
the code is not very clean - should be reworked.  Creating test files
can be done with this script:

--8<---------------cut here---------------start------------->8---
csize=6
for len in 0 55 56 57; do
   awk </dev/null -v i=$len 'BEGIN{while(i){i--;printf"~"}}' \
     | gpg --no-options -v --rfc4880bis --batch --passphrase "abc" \
           --s2k-count 1025 --s2k-digest-algo sha256 -z0 \
           --force-aead --aead-algo eax --cipher aes -a \
           --chunk-size $csize -c >symenc-aead-eax-c$csize-$len.asc
done
--8<---------------cut here---------------end--------------->8---

A LEN of 56 triggered the bug which can be seen by looking at the
"authdata:" line in the --debug=crypt,filter output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-27 13:53:52 +01:00
Werner Koch
cbc7bacf2f
gpg: Try to mitigate the problem of wrong CFB symkey passphrases.
* g10/mainproc.c (symkey_decrypt_seskey): Check for a valid algo.
--

GnuPG-bug-id: 3795
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-23 10:49:19 +01:00
Werner Koch
20539ea5ca
Merge branch 'STABLE-BRANCH-2-2' 2018-02-22 16:19:56 +01:00
Werner Koch
b375d50ee4
gpg: Don't let gpg return failure on an invalid packet in a keyblock.
* g10/keydb.c (parse_keyblock_image): Use log_info instead of
log_error for skipped packets.
* g10/keyring.c (keyring_get_keyblock): Ditto.
--

log_info should be sufficient and makes this more robust.  Some
tools (e.g. Enigmail) are too picky on return codes from gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-22 14:23:01 +01:00
NIIBE Yutaka
88e766d391
g10: Select a secret key by checking availability under gpg-agent.
* g10/getkey.c (finish_lookup): Add WANT_SECRET argument to confirm
by agent_probe_secret_key.
(get_pubkey_fromfile, lookup): Supply WANT_SECRET argument.

--

GnuPG-bug-id: 1967
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 0a76611294998ae34b9d9ebde484ef8ad3a9a3a6)
2018-02-22 10:42:42 +01:00
NIIBE Yutaka
ca138d5bf3 gpg: Fix reversed messages for --only-sign-text-ids.
* g10/keyedit.c (keyedit_menu): Fix messages.

--

GnuPG-bug-id: 3787
Fixes-commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-02-15 14:22:06 +09:00
Werner Koch
8305739fe8
gpg: Fix packet length checking in symkeyenc parser.
* g10/parse-packet.c (parse_symkeyenc): Move error printing to the
end.  Add additional check to cope for the 0je extra bytes needed for
AEAD.
--

Fixes-commit: 9aab9167bca38323973e853845ca95ae8e9b6871
GnuPG-bug-id: 3780
2018-02-06 17:37:27 +01:00
Werner Koch
f98e193c84
gpg: Update list of card vendors from master
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-01 12:05:19 +01:00
Werner Koch
26c900a8f0
Add a new OpenPGP card vendor.
--
2018-02-01 12:02:13 +01:00
Werner Koch
303310d05e
gpg: Rename a misnomed arg in open_outfile.
* g10/openfile.c (open_outfile): Rename inp_fd to out_fd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-28 18:59:18 +01:00
Werner Koch
149369a92b
Merge branch 'STABLE-BRANCH-2-2' into master
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-25 16:58:29 +01:00
Werner Koch
db7661b5a2
gpg: New maintainer option --debug-set-iobuf-size.
* g10/gpg.c (opts): Add new option.
(opt_set_iobuf_size): New var.
(set_debug): Set the option.
* tests/openpgp/armor.scm: Use this option to revert the buffer size
to the one which used to exhibit the tested bugs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-24 18:38:20 +01:00
Werner Koch
ff1bdc23d9
gpg: Fix AEAD encryption for chunk sizes other than 64 KiB.
* g10/cipher-aead.c (do_flush): Init ERR.  Fix remaining chunklen
computation.
(do_free): Add dummy encryption.  Close the cipher handle.
* g10/decrypt-data.c (aead_underflow): Rewrite.
--

Until we have integrated test into the test suite extensive tests can
also be done with a script like this:

--8<---------------cut here---------------start------------->8---
#!/bin/sh

set -e
GPG="../g10/gpg --rfc4880bis --pinentry-mode=loopback"
GPG="$GPG --passphrase abc --batch"
MKTDATA="$HOME/b/gnupg-2.0/tools/mk-tdata"

for chunksize in 6 7 12 13 14 30; do
for count in $(seq 1 200) $(seq 8100 8200) \
             $(seq 16350 16400) $(seq 20000 20100); do
  if [ ! -f "testfile-$count" ]; then
    $MKTDATA $count >"testfile-$count"
  fi
  echo "testing chunk size 2^$chunksize with $count bytes"
  $GPG --force-aead --aead-algo ocb --s2k-mode 0 --cipher AES -v -z 0 \
      -c --chunk-size $chunksize \
       <"testfile-$count" >"testfile-$count.gpg" 2>/dev/null
  $GPG -vd <"testfile-$count.gpg" >"testfile-$count.out" 2>/dev/null
  if ! cmp "testfile-$count" "testfile-$count.out"; then
    echo "FAILED comparing count $count" >&2
    exit 1
  fi
done
done
echo All good
--8<---------------cut here---------------end--------------->8---

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-24 13:45:05 +01:00
Werner Koch
83a15fa88e
gpg: Rename a variable in decrypt-data for clarity.
* g10/decrypt-data.c (decode_filter_context_s): Rename field 'defer'
to 'holdback' and replace 'defer_filled' flag into 'holdbacklen'.
Change all users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-24 08:59:06 +01:00
Werner Koch
f3ef8b0dca
gpg: New option --chunk-size.
* g10/gpg.c (opts): New option --chunk-size.
(oChunkSize): New const.
(build_list_aead_test_algo, build_list_aead_algo_name): New.
(my_strusage): List AEAD algos.
(main): Implement --chunk-size..
* g10/options.h (struct opt): Add field 'chunk_size'.
(DBG_IPC): Remove duplicated macro.
* g10/main.h (DEFAULT_AEAD_ALGO): Depend on Libgcrypt version.
* g10/misc.c (openpgp_aead_test_algo): Ditto.

* g10/cipher-aead.c: Silence if not in debug mode.
* g10/decrypt-data.c: Ditto.
--

And that new option immediatley revealed bugs in our chunking code :-(.
2018-01-23 19:08:16 +01:00
Werner Koch
112e02ee89
gpg: Copy the AEAD prefs to the user ID struct.
* g10/getkey.c (fixup_uidnode): Copy the AEAD prefs.
--

With this patch AEAD preferences are now properly created and
displayed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-23 12:51:38 +01:00
Werner Koch
278d874656
gpg: Clear the symmetric passphrase cache for encrypted session keys.
* g10/mainproc.c (proc_symkey_enc): Clear the symmetric key cache on
error.
(proc_encrypted): Need to take are of the checksum error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-23 12:08:02 +01:00
Werner Koch
9aab9167bc
gpg: Implement AEAD for SKESK packets.
* g10/packet.h (PKT_symkey_enc): Add field aead_algo.
* g10/build-packet.c (do_symkey_enc): Support version 5 packets.
* g10/parse-packet.c (parse_symkeyenc): Ditto.
* g10/encrypt.c (encrypt_symmetric): Force using a random session
key in AEAD mode.
(encrypt_seskey): Add and support arg aead_algo.
(write_symkey_enc): Ditto.
(encrypt_simple): Adjust accordingly.
(encrypt_filter): Ditto.
* g10/gpgcompose.c (sk_esk): For now call encrypt_seskey without AEAD
support.
* g10/mainproc.c (symkey_decrypt_seskey): Support AEAD.  Nver call BUG
but return an error.
(proc_symkey_enc): Call symkey_decrypt_seskey in a bug compatible way.

* g10/import.c (check_prefs): Check AEAD preferences.
* g10/keyedit.c (show_prefs): Print AEAD preferences.
--

For easier debugging this patch also changes some diagnostics to also
print the encryption mode with the cipher algorithm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-23 12:07:57 +01:00
Werner Koch
da3015e3c0
gpg: Unify AEAD parameter retrieval.
* g10/pkclist.c (select_aead_from_pklist): Return the AEAD_algo.
* g10/encrypt.c (use_aead): Return the AEAD algo.
(encrypt_simple): Adjust for this change.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.

* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_algo_info): New.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(write_header): Use new fucntion.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(decrypt_data): Use new function.  Also allow for chunkbytes other
than 10.
--

Note that other chunk bytes than 10 and in particular 0 (64 byte
chunks) have not yet been tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-22 16:50:21 +01:00
Werner Koch
0131d4369a
gpg: Refactor function encrypt_seskey.
* g10/encrypt.c (encrypt_seskey): Allocate the buffer for the
encrypted key and returns that buffer and its length.
(encrypt_simple): Adjust for above change.
(write_symkey_enc): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-22 15:50:24 +01:00
Werner Koch
7356d6ec50
gpg: Support EAX if for latest Libgcrypt.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): New.
(write_header): Use it.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): New.
(decrypt_data): Use it.
* g10/misc.c (openpgp_aead_test_algo): Allow EAX.
--

This allows the use of EAX when the latest Libgcrypt master is used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-21 17:00:27 +01:00
Werner Koch
3f4ca85cb0
gpg: First take on PKT_ENCRYPTED_AEAD.
* common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const.
* g10/dek.h (DEK): Increase size of use_aead to 4 bits.
* g10/filter.h (cipher_filter_context_t):  Add new fields for AEAD.
* g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and
chunkbyte.
* g10/build-packet.c (do_encrypted_aead): New.
(build_packet): Call it.
* g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD.
(parse_one_sig_subpkt, can_handle_critical): Ditto.
(parse_encrypted): Clear new PKT_ENCRYPTED fields.
(parse_encrypted_aead): New.
(parse): Call it.
* g10/gpg.c (main): Take care of --rfc4880bis option when checking
compliance.
* g10/cipher-aead.c: Replace the stub by real code.
* g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with
AEAD.
(aead_set_nonce): New.
(aead_set_ad): New.
(decrypt_data): Support AEAD.
(aead_underflow): New.
(aead_decode_filter): New.
* g10/encrypt.c (use_aead): Make that new fucntion work.
(encrypt_simple): Use default_aead_algo() instead of EAX.
* g10/mainproc.c (proc_encrypted): Support AEAD.
(do_proc_packets): Support PKT_ENCRYPTED_AEAD.
--

This code has seen only a very few manual tests.  Encrypting always
uses a 64k chunks and decryption has not been tested with larger
chunks.  Those small chunks make debugging much faster.

Tests can be done using:

  gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \
      --force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \
      -v -z 0 --status-fd 2 -c <INFILE >OUTFILE

and

  gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \
      --status-fd 2 -v -d <INFILE >OUTFILE

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-21 16:30:53 +01:00
Werner Koch
e1e35db510
gpg: Fix the use of future-default with --quick-add-key.
* g10/keygen.c (parse_key_parameter_part): Add arg clear_cert.
(parse_key_parameter_string): Add arg suggested_use and implement
fallback.  Change callers to pass 0 for new arg.
(parse_algo_usage_expire): Pass the parsed USAGESTR to
parse_key_parameter_string so that it can use it in case a subkey is
to be created.
--

The problem here was that future-default gives the primary and subkey
algorithm.  However, when using future-default for adding a key, the
second part was always used which is for encryption.  If the caller
now wanted to create a signing subkey using the future-default
parameters this did not worked.

  gpg --batch --passphrase "" --quick-add-key FPR future-default encr

aready worked as did

  gpg --batch --passphrase "" --quick-add-key FPR ed25519 sign

but

  gpg --batch --passphrase "" --quick-add-key FPR future-default sign

does only work with this fix.

GnuPG-bug-id: 3747
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-18 13:39:19 +01:00
Werner Koch
81d71818d0
gpg: Add stub function for encrypting AEAD.
* g10/cipher.c (cipher_filter): Rename to cipher_filter_cfb.
* g10/cipher-aead.c: New.  Right now only with a stub function.
* g10/Makefile.am (gpg_sources): Add file.
* g10/encrypt.c (encrypt_simple): Push either cipher_filter_cfb or
cipher_filter_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-10 17:33:50 +01:00
Werner Koch
4e2ba546cd
gpg: New option --force-aead
* g10/dek.h (DEK): Turn fields use_mdc, algo_printed and symmetric
into single bit vars.  Make sure they are always set to 1 or 0.
(DEK): New field use_aead.
* g10/options.h (struct opt): New field force_aead.
* g10/pkclist.c (select_aead_from_pklist): New.
* g10/gpg.c (oForceAEAD): New const.
(opts): New options "--force-aead".
(main): Set new option.
* g10/encrypt.c (use_aead): New.
(encrypt_simple): Implement new flags DEK.use_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
--

This patch should be enough to detect whether AEAD can be used.
Not tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-10 17:07:11 +01:00
Werner Koch
8217cd4936
gpg: Add option and preference framework for AEAD.
* common/openpgpdefs.h (aead_algo_t): New.
(SIGSUBPKT_PREF_AEAD): New.
* g10/gpg.c (oAEADAlgo, oPersonalAEADPreferences): New.
(opts): New options --aead-algo and --personal-aead-preferences.
(set_compliance_option): Clar aead algo.
(main): Parse and check the new options
* g10/options.h (struct opt): Add fields def_aead_algo and
personal_aead_prefs.
* g10/packet.h (PREFTYPE_AEAD): New enum value.
(PKT_user_id): Add field flags.aead.
(PKT_public_key): Add field flags.aead.
* g10/pkclist.c (select_algo_from_prefs): Support PREFTYPE_AEAD.
* g10/getkey.c (fixup_uidnode): Set AEAD flag.
(merge_selfsigs): Ditto.
* g10/kbnode.c (dump_kbnode): Show aead flag.
* g10/keyedit.c (show_prefs): Ditto.
(show_key_with_all_names_colon): Ditto.
* g10/keygen.c (aead_presf, n_aead_prefs): New vars.
(set_one_pref): Suppport PREFTYPE_AEAD.
(keygen_set_std_prefs): Parse AEAD preferences.
(keygen_get_std_prefs): Ditto.
(add_feature_aead): New.
(keygen_upd_std_prefs): Call that and build AEAD pref  packet.
* g10/main.h (DEFAULT_AEAD_ALGO): New const.
* g10/misc.c (openpgp_aead_test_algo): New.
(openpgp_aead_algo_name): New.
(string_to_aead_algo): New.
(default_aead_algo): New.
--

This is only used in --rfc4880bis mode and not really tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-10 11:51:03 +01:00
Werner Koch
339b3301ee
gpg: Print all keys with --decrypt --list-only.
* g10/mainproc.c (proc_pubkey_enc): Use dedicated error code for
list-only and put the key into PKENC_LIST.
(print_pkenc_list): Take care of the new error code.
--

If the secret keys exist in --list-only mode it was not printed in
--list-only mode.

GnuPG-bug-id: 3718
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-08 09:30:31 +01:00
Werner Koch
4d3c500f47
gpg: Allow "futuredefault" as alias for "future-default".
* g10/keygen.c (parse_key_parameter_string): Allow "futuredefault" and
use case-insensitive matching
(quick_generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--

The man page is sometimes rendered in a way that the hyphen may be
not be considered as part of the string.  And while at it we also
allow case-insensitivity.

GnuPG-bug-id: 3655
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-01 14:59:30 +01:00
Werner Koch
412bb7a801
gpg: Allow the use of "cv25519" and "ed25519" in the keygen parms.
* g10/keygen.c (gen_ecc): Map curve names.
--

See
https://lists.gnupg.org/pipermail/gnupg-users/2017-December/059619.html

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-29 20:18:20 +01:00
Werner Koch
c817e75028
Merge branch 'STABLE-BRANCH-2-2' into master
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-18 16:42:59 +01:00
Werner Koch
416cf9e9be
gpg: Print a warning for too much data encrypted with 3DES et al.
* g10/filter.h (cipher_filter_context_t): Remove unused filed
'create_mdc'.  Turn field 'header' into a bit field.  Add new fields
'short_blklen_warn' and 'short_blklen_count'.
* g10/cipher.c (write_header): Print a warning if MDC is not used.
(cipher_filter): Print a warning for long messages encrypted with a
short block length algorithm.
--

Note that to test this warning in a reliable way compression needs to
be disabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-13 13:02:34 +01:00
Werner Koch
b5333e13cb
gpg: Simplify cipher:write_header.
* g10/cipher.c (write_header): Use write_status_printf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-13 12:15:40 +01:00
Werner Koch
067e62fe55
indent: Re-indent g10/cipher.c
--
2017-12-13 12:14:52 +01:00
Werner Koch
9f641430dc
gpg: Simplify default_recipient().
* g10/pkclist.c (default_recipient): Use hexfingerprint.
--

Note that on malloc failure this function now returns NULL instead of
terminating the process.  However, under memory pressure any function
called latter will very likely fail as well.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-13 11:03:06 +01:00
Werner Koch
cd26c5482b
gpg: Return an error from hexfingerprint on malloc error.
* g10/keyid.c (hexfingerprint): Return NULL on malloc failure.  Chnage
all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-13 10:52:34 +01:00
Werner Koch
29119a6492
gpg: Remove some xmallocs.
* g10/getkey.c (get_pubkeys): Do not use xmalloc.
--

We eventually need to get rid of all xmallocs so that gpg won't fail
easily when we make more use of the s server mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-13 10:07:30 +01:00
Werner Koch
8602b980df
indent: Re-indent get_pubkeys.
--
2017-12-13 10:07:28 +01:00
Daniel Kahn Gillmor
8ede3ae29a
gpg: default-preference-list: prefer SHA512.
* g10/keygen.c (keygen_set_std_prefs): when producing default internal
personal-digest-preferences, keep the same order.  When publishing
external preferences, state preference for SHA512 first.

--

SHA-512 has a wider security margin than SHA-256.  It is also slightly
faster on most of the architectures on which GnuPG runs today.  New
keys should publish defaults that indicate we prefer the stronger,
more performant digest.

Specifically, this changes --default-preference-list from:

   SHA256 SHA384 SHA512 SHA224

to:

   SHA512 SHA384 SHA256 SHA224

This patch deliberately avoids touching --personal-digest-preferences
(which itself would affect the default of --digest-algo and
--cert-digest-algo), so that public-facing cleartext signatures and
identity certifications will continue to be made with SHA256 by
default.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-12-12 15:07:43 +01:00
Werner Koch
b38ca59bdb
Merge branch 'STABLE-BRANCH-2-2' into master 2017-12-11 10:42:38 +01:00
Werner Koch
34defc9bce
Adjust for changed macro names in libgpg-error master.
* common/logging.h (GPGRT_LOGLVL_): New replacement macros for older
libgpg-error versions.

--

Updates-commit: b56dfdfc1865ceb7c3c025d79996e049faee7fdf
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-11 10:42:23 +01:00
NIIBE Yutaka
0d0b9eb0d4 g10: Fix regexp sanitization.
* g10/trustdb.c (sanitize_regexp): Only escape operators.

--

Backport from master commit:
	ccf3ba92087e79abdeaa0208795829b431c6f201

To sanitize a regular expression, quoting by backslash should be only
done for defined characters.  POSIX defines 12 characters including
dot and backslash.

Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library.  Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.

GnuPG-bug-id: 2923
Co-authored-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-12-04 19:26:49 +09:00
Werner Koch
b56dfdfc18
Use the gpgrt log functions if possible.
* common/logging.c: Do not build any code if we can use the gpgrt_log
functions.
(log_logv_with_prefix): Rename to log_logv_prefix and change order of
args so that this function matches its printf like counterpart
gpgrt_logv_prefix.  Change all callers.
(log_debug_with_string): Rename to log_debug_string. Change all
callers.
(log_printhex): Move first arg to end so that this function matches
its printf like counterpart gpgrt_log_printhex.  Change all callers.
* common/logging.h: Divert to gpgrt/libgpg-error if we can use the
gpgrt_log functions.
(bug_at): Add inline versions if we can use the gpgrt_log functions.
* configure.ac (GPGRT_ENABLE_LOG_MACROS): Add to AH_BOTTOM.
(mycflags): Add -Wno-format-zero-length.
--

This patch enables the use of the log function from libgpgrt (aka
libgpg-error).  Instead of checking a version number, we enable them
depending on macros set by recent gpg-error versions.  Eventually the
whole divert stuff can be removed.

The -Wno-format-zero-length is required because log_printhex can be
called with an empty format string.  Note that this is fully specified
standard C behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-27 15:00:25 +01:00
Werner Koch
4cf3cc6e3d
gpg: Do not read from uninitialized memory with --list-packets.
* g10/parse-packet.c (parse_plaintext): Fill up the allocated NAME.
--

This actually does not harm because we merely display a buffer
allocated by ourselves.  However, we better tell Valgrind about it so
that we don't need to track this thing down ever again.

Test using a corrupted literal data packet:

  echo cb 0a 75 ff 59 ae 90 d5  74 65 73 74 | \
    undump |\
    valgrind gpg --list-packets >/dev/null

Reported-by: Sebastian Schinzel
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-26 18:33:49 +01:00
Werner Koch
fe96ca8d86
Merge branch 'STABLE-BRANCH-2-2'
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-23 15:12:45 +01:00
Werner Koch
531182b7f8
build: Update distsigkey.gpg
--
2017-11-22 20:54:47 +01:00
Werner Koch
ea28ea18f3
gpg: Fix memory leaking for long inputs via --command-fd.
* g10/cpr.c (do_get_from_fd): Free the old buffer.
--

If the received input is longer than 200 characters we used to leak
the previous allocated buffer.

GnuPG-bug-id: 3528
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-22 20:54:47 +01:00
Werner Koch
166f3f9ec4
gpg: Repurpose the ISO defined DO "sex" to "salutation".
* g10/card-util.c (current_card_status): String changes.
(change_sex): Description change.
(cmds): Add "salutation"; keep "sex" as an alias.
--

Note that we can't change the used values or tags but at least the UI
should show reflect the real purpose of the field.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 11:34:30 +01:00
Werner Koch
091c4af645
Merge branch 'STABLE-BRANCH-2-2'
--
Kept our AUTHORS and README
2017-11-15 11:01:10 +01:00
Werner Koch
b062ea5bc2
gpg: Print AKL info only in verbose mode.
* g10/getkey.c (get_pubkey_byname): Print info only in verbose mode.
--

GnuPG-bug-id: 3504
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 08:47:41 +01:00
NIIBE Yutaka
ccf3ba9208 g10: Fix regexp sanitization.
* g10/trustdb.c (sanitize_regexp): Only escape operators.

--

To sanitize a regular expression, quoting by backslash should be only
done for defined characters.  POSIX defines 12 characters including
dot and backslash.

Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library.  Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.

GnuPG-bug-id: 2923
Co-authored-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-11-09 14:03:22 +09:00
NIIBE Yutaka
680161647a
g10: Unattended key generation "Key-Grip" and "Subkey-Grip".
* g10/keygen.c (pSUBKEYGRIP): New.
(read_parameter_file): Add "Key-Grip" and "Subkey-Grip".
(do_generate_keypair): Support pSUBKEYGRIP.

--

In the manual, it says "Key-Grip".  gpgsm also supports "Key-Grip".
Adding "Subkey-Grip" now, adding "Key-Grip" makes sense.

GnuPG-bug-id: 3478
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 6c63a04569c07c9c2817c7c530a92ccfa58155cc)
2017-11-06 12:10:09 +01:00
NIIBE Yutaka
f183b9768b
g10: Simplify "factory-reset" procedure.
* g10/card-util.c (factory_reset): Simplify.

--

In this summer, I got report about old code before this change didn't
work with newer Yubikey.  I got another report test version of OpenPGP
card V3.3 implementation didn't work, either.  Then, I confirmed that
according to the OpenPGP card specification, the procedure of old code
is not expected by its author.

This change simplify "factory-reset" as simple.

Only versions of Gnuk 1.2.2, 1.2.3, 1.2.4, won't work with this
change.  That's because the factory-reset feature of Gnuk was
introduced by reading the implementation of GnuPG, instead of reading
the specification.  Gnuk 1.2.5 and later works well.  All OpenPGPcard
implementations I have work well (2.0, 2.1, 2.2, test version of 3).

GnuPG-bug-id: 3286
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit d63b7966cdd72548c60466c620de5cd6104a779e)
2017-11-06 12:09:37 +01:00
Werner Koch
acb3005434
gpg: Introduce magic value 25519 to switch a card to ECC.
* g10/card-util.c (ask_card_keyattr): Handle special value 25519.
(do_change_keyattr): Allow changing to cv25519/ed25519.
(generate_card_keys): Ditto.
(card_generate_subkey): Ditto.
--

This is kludge to make it easier for gnuk to be switched into ECC
mode.  This is basically the same change as
commit ea09b6cded9d31a8ebd91878553c3eaa2b76e817
but without the string change in show_keysize_warning.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-02 17:31:57 +01:00
Werner Koch
de3a740c2e
gpg: Rename two card related functions in card-util.
* g10/card-util.c (ask_card_rsa_keysize): Rename to ask_card_keyattr.
(do_change_rsa_keysize): Rename to do_change_keyattr.
--

We want to support other algos than RSA and thus we need a better name
for the functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f795f4529d8ab5a05db1cc1960abd34390bfae1b)
2017-11-02 17:22:59 +01:00