(not a copy) of the stub secret key for the secret key we just
generated on the card. (generate_card_subkeypair): Use it here so
that the signing key on the card can use the card to generate the 0x19
backsig on the primary key. Noted by Janko Heilgeist and Jonas Oberg.
This prevents a memory allocation attack with a very large user ID. A
very large packet length could even cause the allocation (a u32) to wrap
around to a small number. Noted by Evgeny Legerov on full-disclosure.
1024 when --enable-dsa2 is set). The size of q is set automatically based
on the key size. (ask_keysize, generate_keypair): Ask for DSA size when
--enable-dsa2 is set.
called with them closed. This is to protect our keyring/trustdb files
from corruption if they get attached to one of the standard fds. Print a
warning if possible that this has happened, and fail completely if we
cannot reopen (should never happen). (main): Call it here.
(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode,
merge_selfsigs_main, merge_selfsigs_subkey), keygen.c
(keygen_add_key_expire): Fix meaning of key expiration and sig
expiration subpackets - zero means "never expire" according to 2440,
not "expire instantly".
* configure.ac: Remove check for noexecstack and invoke
CL_AS_NOEXECSTACK instead.
m4/
2006-05-22 Marcus Brinkmann <marcus@g10code.de>
* noexecstack.m4: New file.
* keydb.c (keydb_insert_cert): Do not lock here, but only check if
it is locked.
(keydb_store_cert): Lock here.
* keydb.h (keydb_delete): Accept new argument UNLOCK.
* keydb.c (keydb_delete): Likewise. Only unlock if this is set.
* delete.c (delete_one): Add new argument to invocation of
keydb_delete.
to disable.
* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.
* sign.c (match_dsa_hash): New. Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set. q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
SHA-224.
* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...
* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.
* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
* app.c (select_application): Cover up a slot mismatch error in
case it happens (it shouldn't happen).
(release_application): Use APP->slot. Lock the reader.
(application_notify_card_removed): Lock the reader.