* g10/import.c (import): Skip too large keys.
* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 2MB to 5MB.
--
The key which triggered the problem was 0x57930DAB0B86B067. With this
patch it can be imported. Keys larger than the now increased limit of
5MB will are skipped and the already existing not_imported counter is
bumped up.
Signed-off-by: Werner Koch <wk@gnupg.org>
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.
* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"
* common/t-timestuff.c: Use putenv if setenv is not available.
--
gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X. This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.
In part two we will address the functions
mkdtemp
setenv
unsetenv
strpbrk
which may bot be implemented on all platforms. They are not required
on a libc based system.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox.h (keybox_blobtype_t): New.
* kbx/keybox-defs.h (BLOBTYPE_*): Replace by KEYBOX_BLOBTYPE_*.
* kbx/keybox-search.c (keybox_search): Add arg want_blobtype and skip
non-matching blobs.
* sm/keydb.c (keydb_search): Pass KEYBOX_BLOBTYPE_X509 to keybox_search.
* g10/keydb.c (keydb_search): Pass KEYBOX_BLOBTYPE_PGP to keybox_search.
--
Without this fix a listing of all keys would fail because the wrong
blob type would be returned for the gpg or gpgsm.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too
long blobs.
* sm/keydb.c (keydb_search): Call keybox_search with a dummy param.
* g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs.
(keydb_search_reset): Reset that field.
(keydb_search): Update that field.
(keydb_get_skipped_counter): New.
* g10/keylist.c (list_all): Print count of skipped keys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 10^6 to 2MiB.
(_keybox_read_blob2): Skip too long record records.
(_keybox_write_blob): Do not accept too long record.
* kbx/keybox-dump.c (file_stats_s): Add field skipped_long_blobs.
(_keybox_dump_file): Print new counter.
(_keybox_dump_file): Skip too long records.
----
To test this feature you may set the limit back to 1MiB and use key
F7F0E70F307D56ED which is in my local copy close to 2MiB. Without
this patch it was possible to import the key but access to that key
and all keys stored after it was not possible.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-defs.h (struct keybox_handle): Add field for_openpgp.
* kbx/keybox-file.c (_keybox_write_header_blob): Set openpgp header
flag.
* kbx/keybox-blob.c (_keybox_update_header_blob): Add arg for_openpgp
and set header flag.
* kbx/keybox-init.c (keybox_new): Rename to do_keybox_new, make static
and add arg for_openpgp.
(keybox_new_openpgp, keybox_new_x509): New. Use them instead of the
former keybox_new.
* kbx/keybox-update.c (blob_filecopy): Add arg for_openpgp and set the
openpgp header flags.
* g10/keydb.c (rt_from_file): New. Factored out and extended from
keydb_add_resource.
(keydb_add_resource): Switch to the kbx file if it has the openpgp
flag set.
* kbx/keybox-dump.c (dump_header_blob): Print header flags.
--
The problem was reported by dkg on gnupg-devel (2014-10-07):
I just discovered a new problem, though, which will affect people on
systems that have gpg and gpg2 coinstalled:
0) create a new keyring with gpg2, and use it exclusively with gpg2
for a while.
1) somehow (accidentally?) use gpg (1.4.x) again -- this creates
~/.gnupg/pubring.gpg
2) future runs of gpg2 now only look at pubring.gpg and ignore
pubring.kbx -- the keys you had accumulated in the keybox are no
longer listed in the output of gpg2 --list-keys
Note that gpgsm has always used pubring.kbx and thus this file might
already be there but without gpg ever inserted a key. The new flag in
the KBX header gives us an indication whether a KBX file has ever been
written by gpg >= 2.1. If that is the case we will use it instead of
the default pubring.gpg.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-blob.c (_keybox_create_openpgp_blob): Remove restriction.
--
Although self-signature and key binding signatures are required by
OpenPGP, we should not enforce that in the storage backend.
* kbx/keybox-search.c (keybox_search): Add arg R_DESCINDEX. Chnage
both callers.
* g10/keydb.c (keydb_search): Always set DESCINDEX.
--
This only affects the new keybox for OpenPGP keys in 2.1. The bug
exhibited itself by running GPA's backup command on Windows.
* common/estream.c (es_freopen): Remove useless check for STREAM.
* kbx/keybox-blob.c (_keybox_create_x509_blob): Remove useless check
for BLOB.
* tools/sockprox.c (run_proxy): Do not fclose(NULL).
--
Found by Hans-Christoph Steiner with cppcheck.
Replace hardwired strings at many places with new macros from config.h
and use the new strusage macro replacement feature.
* common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn
sentinels.
* agent/command.c (cmd_import_key): Use asprintf to create the prompt.
* kbx/keybox-update.c (keybox_update_keyblock): Implement.
* kbx/keybox-search.c (get_blob_flags): Move to ...
* kbx/keybox-defs.h (blob_get_type): here.
* kbx/keybox-file.c (_keybox_read_blob2): Fix calling without R_BLOB.
* g10/keydb.c (build_keyblock_image): Allow calling without
R_SIGSTATUS.
(keydb_update_keyblock): Implement for keybox.
* kbx/keybox-dump.c (_keybox_dump_blob): Fix printing of the unhashed
size. Print "does not expire" also on 64 bit platforms.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-update.c (FILECOPY_INSERT)
(FILECOPY_DELETE, FILECOPY_UPDATE): New macros. Replace numbers by
them.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (AM_INIT_AUTOMAKE): Replace 2 argument form by the
option form. Add options from the top Makefile.
(AM_CONFIG_HEADER): Rename to AC_CONFIG_HEADER.
* Makefile.am (AUTOMAKE_OPTIONS): Remove.
* kbx/Makefile.am: Remove INCLUDES. Include cmacros.am. FActor some
AM_CPPFLAGS options to AM_CFLAGS.
* kbx/keybox-blob.c (put_membuf): Use a NULL buf to store zero bytes.
(create_blob_finish): Write just the needed space.
(create_blob_finish): Switch to SHA-1.
* kbx/keybox-dump.c (print_checksum): New.
(_keybox_dump_blob): Print the checksum and the verification status.
--
The checksum was never used in the past. Due to fast SHA-1
computations in modern CPUs we now use SHA-1. Eventually we will
support a First blob flag to enable the use of a secret or public
HMAC-SHA1. The first may be used for authentication of keyblocks and
the latter to mitigate collission attacks on SHA-1. It is not clear
whether this will be useful at all.
* g10/keydb.c (parse_keyblock_image): Add args PK_NO and UID_NO and
set the note flags accordingly.
(keydb_get_keyblock): Transfer PK_NO and UID_NO to parse_keyblock_image.
* kbx/keybox-search.c (blob_cmp_fpr, blob_cmp_fpr_part)
(blob_cmp_name, blob_cmp_mail): Return the key/user number.
(keybox_search): Set the key and user number into the found struct.
(keybox_get_keyblock): Add args R_PK_NO and R_UID_NO and set them from
the found struct.
--
getkey.c needs to know whether the correct subkey was found. Thus we
need to set the node flags the same way we did it with the keyring
storage.
* g10/keydb.c (parse_keyblock_image): Add arg SIGSTATUS.
(keydb_get_keyblock): Handle it.
(build_keyblock_image): Add arg SIGSTATUS.
(keydb_insert_keyblock): Handle it.
* kbx/keybox-blob.c (pgp_create_sig_part): Add arg SIGSTATUS.
(_keybox_create_openpgp_blob): Ditto.
* kbx/kbxutil.c (import_openpgp): Adjust for above change.
* kbx/keybox.h (KEYBOX_FLAG_SIG_INFO): New.
* kbx/keybox-search.c (_keybox_get_flag_location): Handle new flag.
(keybox_get_keyblock): Add arg R_SIGSTATUS.
* kbx/keybox-update.c (keybox_insert_keyblock): Add arg SIGSTATUS.
--
With this change a key listing using the keybox format is now double
as fast as using a keyring. The memory use dropped as well. Measured
with about 1500 keys.
* g10/getkey.c (get_pubkey_fast): Improve the assertion.
* kbx/keybox.h: Include iobuf.h.
* kbx/keybox-blob.c (keyboxblob_uid): Add field OFF.
(KEYBOX_WITH_OPENPGP): Remove use of this macro.
(pgp_create_key_part_single): New.
(pgp_temp_store_kid): Change to use the keybox-openpgp parser.
(pgp_create_key_part): Ditto.
(pgp_create_uid_part): Ditto.
(pgp_create_sig_part): Ditto.
(pgp_create_blob_keyblock): Ditto.
(_keybox_create_openpgp_blob): Ditto.
* kbx/keybox-search.c (keybox_get_keyblock): New.
* kbx/keybox-update.c (keybox_insert_keyblock): New.
* g10/keydb.c (parse_keyblock_image):
(keydb_get_keyblock): Support keybox.
(build_keyblock_image): New.
(keydb_insert_keyblock): Support keybox.
* kbx/kbxutil.c (import_openpgp, main): Add option --dry-run and print
a kbx file to stdout.
* kbx/keybox-file.c (_keybox_read_blob2): Allow keyblocks up to 10^6
bytes.
--
Import and key listing does now work with the keybox format. It is
still quite slow and signature caching is completely missing.
Increasing the maximum allowed length for a keyblock was required due
to a 700k keyblock which inhibited kbxutil to list the file.
kbxutil's option name --import-openpgp is not quite appropriate
because it only creates KBX blobs from OpenPGP data.
* kbx/keybox-defs.h (_keybox_openpgp_key_info): Add field ALGO.
* kbx/keybox-openpgp.c (parse_key): Store algo.
* kbx/kbxutil.c (dump_openpgp_key): Print algo number.
* kbx/keybox-dump.c (_keybox_dump_blob): Print identical Sig-Expire
value lines with a range of indices.
* kbx/keybox-defs.h (_keybox_write_header_blob): Move prototype to ..
* kbx/keybox.h: here.
* kbx/keybox-init.c (keybox_lock): Add dummy function
* g10/keydb.c: Include keybox.h.
(KeydbResourceType): Add KEYDB_RESOURCE_TYPE_KEYBOX.
(struct resource_item): Add field kb.
(maybe_create_keyring_or_box): Add error descriptions to diagnostics.
Add arg IS_BOX. Write a header for a new keybox file.
(keydb_add_resource): No more need for the force flag. Rename the
local variable "force" to "create". Add URL scheme "gnupg-kbx". Add
magic test to detect a keybox file. Add basic support for keybox.
(keydb_new, keydb_get_resource_name, keydb_delete_keyblock)
(keydb_locate_writable, keydb_search_reset, keydb_search2): Add
support for keybox.
(lock_all, unlock_all): Ditto.
* g10/Makefile.am (needed_libs): Add libkeybox.a.
(gpg2_LDADD, gpgv2_LDADD): Add KSBA_LIBS as a workaround.
* g10/keydb.h (KEYDB_RESOURCE_FLAG_PRIMARY)
KEYDB_RESOURCE_FLAG_DEFAULT, KEYDB_RESOURCE_FLAG_READONLY): New.
* g10/gpg.c, g10/gpgv.c (main): Use new constants.
--
I did most of these changes back in 2011 and only cleaned them up
now. More to follow soon.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems. We now use two \x27 characters ('...').
The proper solution would be to use the correct Unicode symmetric
quotes here. However this has the disadvantage that the system
requires Unicode support. We don't want that today. If Unicode is
available a generated po file can be used to output proper quotes. A
simple sed script like the one used for en@quote is sufficient to
change them.
The changes have been done by applying
sed -i "s/\`\([^'\`]*\)'/'\1'/g"
to most files and fixing obvious problems by hand. The msgid strings in
the po files were fixed with a similar command.
For the shared code parts it is cumbersome to pass an error sourse
variable to each function. Its value is always a constant for a given
binary and thus a global variable makes things a lot easier than the
former macro stuff.
* common/init.c (default_errsource): New global var.
(init_common_subsystems): Rename to _init_common_subsystems. Set
DEFAULT_ERRSOURCE.
* common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT.
(init_common_subsystems): New macro.
* common/util.h (default_errsource): Add declaration.
* kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.
* scripts/gitlog-to-changelog: New script. Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.
Rename all ChangeLog files to ChangeLog-2011.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
Changed order of some conditional to make to put the special case into
the true branch. Indentation changes. Minor other changes to make the
ECC code more similar to the rest of our code.
It builds but many sefltests still fail. Need to fix that before
using it with an ECDH enabled libgcrypt.
[/]
2011-01-21 Werner Koch <wk@g10code.com>
* configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP.
(HAVE_GCRY_PK_ECDH): Add new test.
[agent/]
2011-01-21 Werner Koch <wk@g10code.com>
* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.
[include/]
2011-01-21 Werner Koch <wk@g10code.com>
* cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros
because we now require libgcrypt 1.4.6.
(GCRY_PK_ECDH): Add replacement.
The following works:
gpg2 --gen-key (ECC)
gpg2 --list-keys
gpg2 --list-packets ~/.gnupg/pubring.gpg
gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>
ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
2010-04-20 Marcus Brinkmann <marcus@g10code.de>
* logging.c (do_log_ignore_arg): New helper function.
(log_string): Use it to remove ugly volatile hack that causes gcc
warning.
(log_flush): Likewise.
* sysutils.c (gnupg_unsetenv) [!HAVE_W32CE_SYSTEM]: Return something.
(gnupg_setenv) [!HAVE_W32CE_SYSTEM]: Likewise.
* pka.c (get_pka_info): Solve strict aliasing rule violation.
* t-exechelp.c (test_close_all_fds): Use dummy variables to
silence gcc warning.
kbx/
2010-04-20 Marcus Brinkmann <marcus@g10code.de>
* keybox-update.c [!HAVE_DOSISH_SYSTEM]: Include
../common/sysutils.h even then to silence gcc warning about
missing declaration of gnupg_remove.
tools/
2010-04-20 Marcus Brinkmann <marcus@g10code.de>
* gpgconf-comp.c (option_check_validity): Use dummy variables to
silence gcc warning.
* keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL):
New.
* keybox-update.c (keybox_compress): Use it here instead of a
magic constant.
sm/
* fingerprint.c (gpgsm_get_fingerprint): Add caching.
(gpgsm_get_fingerprint_string): Use bin2hexcolon().
(gpgsm_get_fingerprint_hexstring): Use bin2hex and allocate only
as much memory as required.
(gpgsm_get_keygrip_hexstring): Use bin2hex.
* certchain.c (gpgsm_validate_chain): Keep track of the
certificate chain and reset the ephemeral flags.
* keydb.c (keydb_set_cert_flags): New args EPHEMERAL and MASK.
Changed caller to use a mask of ~0. Return a proper error code if
the certificate is not available.
g10/
* passphrase.c (passphrase_get): Set the cancel flag on all error
from the agent. Fixes a bug reported by Tom Duerbusch.
sm/
* gpgsm.c (main): Let --gen-key print a more informative error
message.
doc/
* com-certs.pem: Added the current root certifcates of D-Trust and
S-Trust.
g10/
* status.c (write_status_begin_signing): New.
* sign.c (sign_file, sign_symencrypt_file): Call it.
* textfilter.c (copy_clearsig_text): Call it.
* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
required.
* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
warning.
* misc.c (obsolete_option): New.
char * vs. unsigned char * warnings. The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
* kbxutil.c (i18n_init): Always use LC_ALL.
* gpgsm.c (i18n_init): Always use LC_ALL.
* certdump.c (gpgsm_format_name): Factored code out to ..
(gpgsm_format_name2): .. new.
(gpgsm_print_name): Factored code out to ..
(gpgsm_print_name2): .. new.
(print_dn_part): New arg TRANSLATE. Changed all callers.
(print_dn_parts): Ditto.
(gpgsm_format_keydesc): Do not translate the SUBJECT; we require
it to stay UTF-8 but we still want to filter out bad control
characters.
* gpgconf.c (i18n_init): Always use LC_ALL.
Introduce PACKAGE_GT and set it to gnupg2.
* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.
* Makevars (DOMAIN): Init from PACKAGE_GT
* keybox-search.c (get_flag_from_image, keybox_get_flags): New.
(_keybox_get_flag_location): New.
* certchain.c (gpgsm_validate_chain): Mark revoked certs in the
keybox.
* keylist.c (list_cert_colon): New arg VALIDITY; use it to print a
revoked flag.
(list_internal_keys): Retrieve validity flag.
(list_external_cb): Pass 0 as validity flag.
* keydb.c (keydb_get_flags, keydb_set_flags): New.
(keydb_set_cert_flags): New.
(lock_all): Return a proper error code.
(keydb_lock): New.
(keydb_delete): Don't lock but check that it has been locked.
(keydb_update_keyblock): Ditto.
* delete.c (delete_one): Take a lock.