1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-05-24 16:43:28 +02:00

10829 Commits

Author SHA1 Message Date
Collin Funk via Gnupg-devel
01cb3ba62d
common: Fix read buffer over-read in uncompress_ecc_q_in_canon_sexp.
* common/sexputil.c (uncompress_ecc_q_in_canon_sexp): Only call memcmp
if the lengths are equal.

--

GnuPG-bug-id: 7662
Signed-off-by: Collin Funk <collin.funk1@gmail.com>
2025-05-24 13:31:24 +02:00
NIIBE Yutaka
681d754043
gpg,agent: Clean up around using ECC KEM.
* common/util.h (gnupg_ecc_kem_kdf): Change the last two args.
* common/kem.c (gnupg_ecc_kem_kdf): The last arguments are KDF_PARAMS
and its length.
* agent/pkdecrypt.c (composite_pgp_kem_decrypt): Follow the change.
* g10/pkglue.c (do_encrypt_kem): Follow the change.
* g10/ecdh.c (extract_secret_x, derive_kek): Remove.
(gnupg_ecc_6637_kdf): Remove.
(ecc_build_kdf_params): Rename from build_kdf_params, changing
arguments.
* g10/pkglue.c (do_encrypt_ecdh): Refactor by ecc_build_kdf_params and
gnupg_ecc_kem_kdf.
* g10/pkglue.h (pk_ecdh_decrypt, gnupg_ecc_6637_kdf): Remove.
(ecc_build_kdf_params): New.
* g10/pubkey-enc.c (ecdh_sexp_build): Use ecc_build_kdf_params.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-23 16:59:38 +09:00
NIIBE Yutaka
37bec0df7b
common: Fix argument name of gnupg_ecc_kem_kdf.
* common/kem.c (gnupg_ecc_kem_kdf): Rename to kdf_params.

--

It's KDF parameters composed by OpenPGP layer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-23 10:42:44 +09:00
NIIBE Yutaka
07e8ca2a9b
gpg: Use ECC KEM interface for decryption.
* g10/call-agent.c (agent_pkdecrypt): Use --kem=PGP for
PUBKEY_ALGO_ECDH.
* g10/pubkey-enc.c (ecdh_sexp_build): New.
(get_it): Use ecdh_sexp_build for PUBKEY_ALGO_ECDH.  And don't use
pk_ecdh_decrypt since it's done by agent.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-22 14:36:38 +09:00
NIIBE Yutaka
04782e7fd6
agent: Add support for TPM2 for ECC KEM.
* agent/agent.h (agent_tpm2d_ecc_kem): New.
* agent/divert-tpm2.c (agent_tpm2d_ecc_kem): New.
* agent/pkdecrypt.c (ecc_pgp_kem_decap): Call agent_tpm2d_ecc_kem.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-22 14:34:05 +09:00
NIIBE Yutaka
b956f47e2a
agent: Finish ECC KEM, adding support for NIST curves.
* agent/command.c (cmd_pkdecrypt): ECC KEM PGP doesn't use OPTION.
* agent/pkdecrypt.c (ecc_table): Add NIST curves.
(ECC_SCALAR_LEN_MAX, ECC_POINT_LEN_MAX): Fix for NIST curves.
(composite_pgp_kem_decrypt): Take care of error by gcry_cipher_setkey.
(ecc_kem_decrypt): Fix un-wrapping the session key.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-22 14:29:51 +09:00
NIIBE Yutaka
57a3d23925
agent: Support ECC KEM by PKDECRYPT --kem.
* common/kem.c (gnupg_ecc_kem_kdf): Support traditional KDF of RFC
6637.
* common/util.h (gnupg_ecc_kem_kdf): Add FIXED_INFO argument.
* g10/pkglue.c (do_encrypt_kem): Follow the change.
* agent/pkdecrypt.c (ecc_pgp_kem_decap): Return ECC parameters.
(composite_pgp_kem_decrypt): Follow the changes.
(ecc_kem_decrypt): New.
(agent_kem_decrypt): Support ECC KEM.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-21 14:49:56 +09:00
Werner Koch
2bbcbbcbe8
doc: Add a note to READ on how to disable the systemd activation.
--

A common problem with a self-build gnupg is that systemd starts
another version of a daemon while the self-build gnupg has a different
idea on the provided features of those daemons.
2025-05-20 10:22:40 +02:00
NIIBE Yutaka
eb9c39ac5b
agent: Refactor ECC KEM decap operation.
* agent/pkdecrypt.c (ecc_table): Don't include shared_len.
(ecc_pgp_kem_decap): Rename from ecc_pgp_kem_decrypt and
only do ECC KEM decap operation.
(composite_pgp_kem_decrypt): Move ECC KDF call here.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-20 16:27:36 +09:00
NIIBE Yutaka
d1c3bfda2a
gpg: Use the KEM API for ECC encryption.
* g10/ecdh.c (gnupg_ecc_6637_kdf): New.
(pk_ecdh_encrypt_with_shared_point, gen_k): Remove.
(pk_ecdh_generate_ephemeral_key): Remove.
* g10/pkglue.c (get_data_from_sexp): Remove.
(do_encrypt_ecdh): Use gcry_kem_encap of the KEM API,
gnupg_ecc_6637_kdf, and AESWRAP.
* g10/pkglue.h (gnupg_ecc_6637_kdf): New.
(pk_ecdh_encrypt_with_shared_point): Remove.
(pk_ecdh_generate_ephemeral_key, pk_ecdh_encrypt): Remove.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-19 14:57:19 +09:00
Werner Koch
fcac10357e
gpg: Remove unused variable.
* g10/export.c (do_export): Remove zfx.
2025-05-16 14:26:45 +02:00
Werner Koch
8e529f9221
gpg: Do not allow compressed key packets on import.
* g10/import.c (read_block): Bail out on compressed packets.
* g10/options.h (COMPAT_COMPR_KEYS): New.
* g10/gpg.c (compatibility_flags): Add "compr-keys".
* common/util.h: Remove replacement code not any longer needed.
(GPG_ERR_UNEXPECTED_PACKET): Add a new replacement code.
--

Compressed key packets do not make much sense but historically they
were supported.  Thus we also add a compatibility flag.

GnuPG-bug-id: 7014
2025-05-16 14:26:45 +02:00
Werner Koch
645cf7d8fc
Revert "w32: On socket nonce mismatch close the socket."
--

The commit was entirely bogus because the check_nonce function closes
the socket itself if it returns with true.  Thus closing the socket by
the caller in the true case was bogus.

The more likely cause for the hangs on Windows are in scdaemon:

  * scd: Fix posssible lockup on Windows due to a lost select
    result.  [rGa7ec3792c5]

GnuPG-bug-id: 7434
Fixes-commit: 73f6c2dd4d3e5b58faf69821726988ae984fad89.
2025-05-16 14:26:45 +02:00
NIIBE Yutaka
40cfa71281
common: Add KEM constants for NIST curves.
* common/openpgp-oid.c (oidtable): Fill the information for KEM
API for NIST curves.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-16 14:06:45 +09:00
NIIBE Yutaka
45a11327f3
agent: Support the use case of composite PQC for prompting.
* agent/findkey.c (agent_key_from_file): Take care of the case
where GRIP==CTRL->keygrip1.
* agent/pkdecrypt.c (composite_pgp_kem_decrypt): Use NULL for the
GRIP, it's for crypto operation where prompt is expected.

--

GnuPG-bug-id: 7648
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-14 11:41:31 +09:00
Werner Koch
d5a4a2dc89
gpg: Make combination of show-only-fpr-mbox and show-unusable-uid work.
* g10/keylist.c (list_keyblock_simple): Take care of
show-unusable-uids.
--

This allows to upload revoked keys to a WKD.

Suggested-by: Uwe Kleine-König
2025-05-13 15:46:41 +02:00
Werner Koch
e7a9bd3205
gpgsm: Just print a note for an empty subject during import.
* sm/certchain.c (gpgsm_walk_cert_chain): Handle an empty subject.
--

During import a certificate was imported but gpgsm used log_error when
trying to figure out whether this is a root cert.  This patch changes
this to just print a note.

GnuPG-bug-id: 7171
2025-05-13 15:18:39 +02:00
Werner Koch
7c2e7bcc41
agent: We should use a macro for the keygrip len in new code.
* agent/divert-scd.c (agent_card_ecc_kem): Use KEYGRIP_LEN constant.
2025-05-13 09:56:59 +02:00
NIIBE Yutaka
309cfb3a4c
agent: Fix ECC key on smartcard for composite KEM with PQC.
* agent/divert-scd.c (agent_card_ecc_kem): Convert binary keygrip to
HEXto call agent_card_pkdecrypt.  Handle the case with prefix.

--

GnuPG-bug-id: 7648
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-13 15:44:05 +09:00
NIIBE Yutaka
5fb338168e
agent: Recover the old behavior with max-cache-ttl=0.
* agent/cache.c (compute_expiration): Expire newly created entry when
max-cache-ttl is zero.

--

Fixes-commit: 92de0387f04b1e87a4a49ed063323624f25ac3ef
GnuPG-bug-id: 6681
Suggested-by: Lucas Mulling <lucas.mulling@suse.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-05-13 09:03:09 +09:00
Werner Koch
8833a34bf0
gpg: Fully implement the group key flag.
* g10/getkey.c (merge_selfsigs_main): Do not mask out the group bit.
(merge_selfsigs_subkey): Ditto/
* g10/keygen.c (ask_key_flags_with_mask): Ditto.
(proc_parameter_file): Ditto.
--

Updates-commit: 0988e49c45d0fb73d0b536aa027bd114f9dc65a7
2025-05-12 11:54:50 +02:00
Werner Koch
727e125a4d
Update distsigkey
--

Added Alexander.  Removed Andre.
2025-05-09 16:24:18 +02:00
Werner Koch
fe347b3881
Post release updates
--
2025-05-08 11:20:33 +02:00
Werner Koch
806b0080bb
Release 2.5.6 gnupg-2.5.6 2025-05-08 10:58:37 +02:00
Collin Funk via Gnupg-devel
598296b9fc
tests:gpgscm: Fix build error on AIX.
* tests/gpgscm/ffi.c (ffi_init): Undefine 'open' so it does not get
expanded to 'open64' in the ffi_define_function macro.

--
GnuPG-bug-id: 7632
Signed-off-by: Collin Funk <collin.funk1@gmail.com>
2025-05-08 10:23:27 +02:00
Collin Funk via Gnupg-devel
8ba33fffe9
common: Add Solaris support to get_signal_name.
* configure.ac: Check for _sys_siglist.
* common/signal.c (get_signal_name): Use _sys_siglist.

--

GnuPG-bug-id: 7638
Signed-off-by: Collin Funk <collin.funk1@gmail.com>
2025-05-08 10:22:47 +02:00
Mattia Narducci via Gnupg-devel
1fea386691
po: Fix misspelled italian translation for 'encrypted'
[[PGP Signed Part:No public key for 4893CA2AF4416CED created at 2025-04-16T23:13:02+0200 using EDDSA]]
--

Signed-off-by: Mattia Narducci <mattianarducci1@gmail.com>
2025-05-08 10:22:02 +02:00
Werner Koch
581d8bd087
Update NEWS
--
2025-05-06 16:16:11 +02:00
Werner Koch
9589da97e2
gpgsm: Always print info about certs-only message.
* sm/verify.c (gpgsm_verify): Always print info that a certs-only
message has been processed.
--

Prior to this patch the message was only printed if no data file has
been given.

Reported-by: Albrecht Dreß
2025-05-06 13:47:51 +02:00
Werner Koch
483f2ba02e
gpg: Fix another regression due to the T7547 fix.
* g10/getkey.c (get_pubkey_for_sig): Keep a requested
PUBKEY_USAGE_CERT.
(finish_lookup): For correctness in future use cases allow
PUBKEY_USAGE_CERT to also trigger verify mode.
--

The case here was that a cert-only primary key was removed with
export-clean.

GnuPG-bug-id: 7583
2025-05-02 12:05:36 +02:00
Werner Koch
8968e84903
common: Fix logic for certain recsel conditions.
* common/recsel.c (recsel_select): Change processing of NULL values.
* common/t-recsel.c (run_test_2): Adjust for this change.  Also a type
fix for s/"letter"/"letters"/.
--

The getval function may return NULL which indicates that there is no
useful value available.  For example because the propertyname is not
defined for some external context (e.g. in gpg the packet type).  This
also required to fix the test for boolean tests of a non existing
property name.

Reported-by: shniubobo at gnupg-users on 2025-04-18.
2025-04-30 15:13:11 +02:00
Werner Koch
a9445bbb1d
gpg: Add debug flag "recsel".
* g10/gpg.c: Include recsel.h.
(debug_flags): New flag "recsel".
(set_debug): Set it.
* g10/options.h (DBG_RECSEL_VALUE, DBG_RECSEL): New.
* g10/import.c (impex_filter_getval): Add debug diagnostics.
* g10/keylist.c (parse_and_set_list_filter): Dump the record filter.
* common/recsel.c (recsel_debug): New variable.
(recsel_set_debug): New function.
(recsel_select): Add debug output if requested.
2025-04-30 15:06:40 +02:00
Werner Koch
28591a9f3a
doc: Register DCO for Collin Funk
--
2025-04-30 10:40:27 +02:00
Collin Funk
3c5a143945
Fix access to the bintoasc mapping in the libksba support.
* common/ksba-io-support.c (has_only_base64): Use memchr since calling
strchr on a non-NUL terminated string is undefined behavior.

--

Signed-off-by: Collin Funk <collin.funk1@gmail.com>

This patch has been stripped from Colin's original patch because this
is not just about a warning but an actual bug.  That bug was
introduced in 2003 by me.  - wk
2025-04-30 10:36:18 +02:00
Werner Koch
d90b290f97
gpg: New command --quick-tsign-key.
* g10/gpg.c (aQuickTSignKey): New.
(opts): Add new command.
(main): Parse args for it.
* g10/keyedit.c: Include mbox-util.h.
(parse_trustsig_string): New.
(sign_uids): Add arg trustsig for use in quick mode.
(keyedit_quick_sign): Also add arg trustsig and print a diagnostic on
error.
2025-04-29 18:35:29 +02:00
Werner Koch
6d49e86bba
gpg: Make the internal sign_uids function easier to read.
* g10/keyedit.c (SIGN_UIDS_LOCAL): New.
(SIGN_UIDS_NONREVOCABLE): New.
(SIGN_UIDS_TRUSTSIG): New.
(SIGN_UIDS_INTERACTIVE): New.
(SIGN_UIDS_QUICK): New.
(sign_uids): Replace several boolean args by flags arg.
2025-04-29 16:28:00 +02:00
Werner Koch
41d6ae8f41
gpg: New list options "show-trustsig"
* g10/options.h (LIST_SHOW_TRUSTSIG): New.
* g10/gpg.c (parse_list_options): Add "show-trustsig".
* g10/keylist.c (parse_trust_name): New.
(list_signature_print): Print trust signature info.
2025-04-29 11:33:41 +02:00
Andreas Metzler
cfe7ad203a
doc: Add missing whitespace gnupg7 manpage.
--
2025-04-24 11:43:05 +02:00
Werner Koch
db25aa9887
scd:p15: Accept P15 cards with a zero-length label.
* scd/app-p15.c (read_ef_tokeninfo): Allow for a zero length label.
--

Some versions of the CardOS personalisation software seem to store a
missing labels as zero-length object instead of not storing the object
at all.

Due to a lack of such a card this patch has not been tested.
2025-04-24 11:23:08 +02:00
NIIBE Yutaka
97583cf81a
gpgscm: Fix initialization for fixed size chars.
* tests/gpgscm/opdefines.h: Change the order of arguments.
* tests/gpgscm/scheme-private.h (_OP_DEF): OP comes first, and use
variadic args for the macro.
* tests/gpgscm/scheme.c (_OP_DEF): Likewise.
(TST_*): Use integers.
(check_arguments): Follow the change of TST_LIST.

--

GnuPG-bug-id: 7623
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-04-22 14:45:41 +09:00
NIIBE Yutaka
0070c2e3b4
gpgscm: Fix for CHARNAMES.
* tests/gpgscm/scheme.c (charnames): It's an array of
strings, not fixed size characters.

--

GnuPG-bug-id: 7623
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-04-22 11:03:09 +09:00
Werner Koch
07dc08aa81
gpgconf: Show also stuff from the Registry emulation.
* tools/gpgconf.c (my_read_reg_string): New.  Use it for the registry
listing stuff.
(show_registry_entries_from_file): Use also on Unix.
2025-04-09 11:31:58 +02:00
NIIBE Yutaka
1ed8b0e7b4
dirmngr: Fix libdns with 127.0.0.1.
* dirmngr/dns.c (dns_so_check): Ifdef-out Linux specific code.  Remove
retrying udp_connect_retry when ECONNREFUSED.

--

Fixes-commit: bcdbf8b8ebe9d61160e0b007dabe1b6462ffbc93
GnuPG-bug-id: 4021
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-04-07 10:57:27 +09:00
Werner Koch
cfd597c603
gpg: New key generation parameter "User-Id".
* g10/keygen.c (read_parameter_file): Add keyword "User-Id".
2025-04-04 16:11:57 +02:00
NIIBE Yutaka
7fc5b0328f
keyboxd: Searching UpperCaseAddress.
* kbx/backend-sqlite.c (run_select_statement): Convert with
ascii_strlwr when the mode is KEYDB_SEARCH_MODE_MAIL.

--

GnuPG-bug-id: 7576
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-03-26 14:26:54 +09:00
Werner Koch
a762f69648
doc: Update NEWS
--
2025-03-25 09:39:33 +01:00
Werner Koch
2869de63b5
gpgsm: Simplify the expiration check.
* sm/certlist.c (gpgsm_add_to_certlist): Remove the on-demand setting
of the current time.
2025-03-18 12:21:57 +01:00
Ramón García
ad8bce774d
gpgsm: Fix error message if all selected certificates are expired.
* sm/certlist.c (gpgsm_add_to_certlist): Track expired error.  Make
the expired check easier to read by using if and case.
--

Original ChangeLog:
  If all selected certificates are expired, don't mislead the user
  saying that no certificate was found. Instead, return the error
  of the first certificate selected.

  * sm/certlist.c: if one expired certificate was found, don't return
    no certificate found, return instead the expiration error

I heavily changed Ramon's original patch and hope that I don't
introduced a regression to his patch. - wk@gnupg.org
2025-03-18 12:14:50 +01:00
Ramón García
53f5aad905
gpgsm: Avoid increasing error count when enumerating an expired cert.
* sm/certchain.c (check_validity_period_cm): Add arg no_log_expired to
avoid bumping of the error counter due to the do_list function.
* sm/certlist.c (gpgsm_add_to_certlist): Set no_log_expired when
checking the expiration.
--

I modified the original patch to make the patch smaller and the code
easier to read.  - wk@gnupg.org
2025-03-18 10:04:37 +01:00
Ramón García
029ac17b40
gpgsm: When selecting certs also skip certificates too young.
* sm/certlist.c (gpgsm_add_to_certlist): Also check for not yet valid
certs.
2025-03-18 09:48:07 +01:00