1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

721 Commits

Author SHA1 Message Date
Werner Koch
a0a4744bd0
scd: New option to APDU command to return the ATR as data.
* scd/command.c (cmd_apdu): Add new option --data-atr.
* tools/gpg-card.c (cmd_apdu): Use that here.  Also fix the --exlen
option and do not print the statusword in atr mode.
* tools/card-call-scd.c (scd_apdu): Detect atr mode anddon't assume a
status word.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-27 11:55:37 +02:00
Werner Koch
ad1254b59d
gpgconf: Silence warnings from parsing the options files
* tools/gpgconf-comp.c (retrieve_options_from_program): Set verbose
flag for the arg parser only in --verbose mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 11:09:47 +02:00
Werner Koch
32021dfa5b
gpgconf,w32: New debug command --show-codepages.
* tools/gpgconf.c (aShowCodepages): New.
(opts): New command --show-codepages.
(main) [W32]: Implement
--

This is a Windows helper command to quickly check which code pages are
currently used.  Useful for debugging.  Has no effect on Unix.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 10:38:29 +02:00
Werner Koch
34e7703a96
gpgtar,w32: Handle Unicode file names.
* tools/gpgtar.c (oUtf8Strings): New.
(opts): Add option --utf8-strings.
(parse_arguments): Set option.
* tools/gpgtar.h (opt): Add field utf8strings.
* tools/gpgtar-create.c (name_to_utf8): New.
(fillup_entry_w32): Use that.
(scan_directory): Ditto.
(scan_directory) [W32]: Convert file name to utf8.
(gpgtar_create): Convert pattern.
--

Note that this works only with file names read from a file or if the
specified files on the command line are plain ascii.  When recursing
into a directory Unicode file names work again.  This limitation is
due to  main(int, char**) which can't get the wchar version.  We could
fix that but is needs a bit more work in our init code.

GnuPG-bug-id: 4083
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-21 21:28:28 +02:00
Werner Koch
ba873216ff
gpgtar: Add dummy option --tar
--
GnuPG-bug-id: 3772

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-20 16:11:58 +02:00
Werner Koch
e276f63e4a
gpgtar: Make --files-from and --null work as described.
* tools/gpgtar-create.c (gpgtar_create): Add args files_from and
null_names.  Improve reading from a file.
* tools/gpgtar.c: Make global vars static.
(main): Remove tests for --files-from and --null option combinations.
Pass option variables to gpgtar_create.
--

GnuPG-bug-id: 5027
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-20 15:50:50 +02:00
Werner Koch
6bcb609e1b
Add --chuid to gpg, gpg-card, and gpg-connect-agent.
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.  Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-14 12:19:11 +02:00
Werner Koch
d240b5ac27
tools: Install gpgsplit again
--

We will also set the gpgsplit from 1.4 to noninstall.

GnuPG-bug-id: 5023
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-13 11:00:23 +02:00
Werner Koch
d10f45184c
gpgconf: New option --chuid.
* tools/gpgconf.c (oChUid, opts): New option --chuid.
(main): Implement.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-06 16:03:57 +02:00
NIIBE Yutaka
d69f5570ee w32: Add link to $(NETLIB) for -lws2_32.
* dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS).
* sm/Makefile.am (gpgsm_LDADD): Ditto.
* tools/Makefile.am (gpg_wks_client_LDADD): Ditto.

--

GnuPG-bug-id: 4994
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-30 11:34:01 +09:00
NIIBE Yutaka
f484ac2b2d Use gpgrt's new option parser for symcryptrun.
* tools/symcryptrun.c: Follow API change of the new option parser.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-17 15:17:43 +09:00
NIIBE Yutaka
43000b0434 gpg-card: Fix type of historyname.
* tools/gpg-card.c (interactive_loop): Remove const qualifier.

--

Fixes-commit: d70b8769c8
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-17 09:05:26 +09:00
Werner Koch
d70b8769c8
Support a history file in gpg-card and gpg-connect-agent.
* common/gpgrlhelp.c (read_write_history): New.
(gnupg_rl_initialize): Register new function.
* common/ttyio.c (my_rl_rw_history): New var.
(tty_private_set_rl_hooks): Add arg read_write_history.
(tty_read_history): New.
(tty_write_history): New.
* tools/gpg-card.c (HISTORYNAME): New.
(oNoHistory): New enum value.
(opts): New option --no-history.
(cmd_history): New.
(cmds): New command "history".
(interactive_loop): Read and save the history.
* tools/gpg-connect-agent.c (HISTORYNAME): New.
(opts): New option --no-history.
(main): Read and save the history.  New command /history.
--

Yeah, finally we have stored history; I should have added this much
earlier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-02 15:48:55 +02:00
Werner Koch
fb10b6cba4
card: Better detect removed cards. Add TCOS PIN menu.
* tools/card-call-scd.c (scd_change_pin): Add arg 'nullpin'.
* tools/gpg-card.h (struct card_info_s): Add field 'card_removed'.
* tools/gpg-card.c (fixup_scd_errors): New.
(maybe_set_card_removed): New.
(list_one_kinfo): Change type of first arg to get access to INFO.  Set
card_removed flag.
(list_all_kinfo): Improve label alignment.
(cmd_list): Check that the current card is still available.
(cmd_passwd): Add option --nullpin and menu to chnage TCOS PINs.
(dispatch_command): Handle card_removed flag.
(interactive_loop): Ditto.
--

Note that that I was not able to change the NullPIN of the standard
PIN using a Signature V2 Brainpool test card.  Changing the NullPIN of
the QES PIN worked, though.  I checked the commands send to scdaemon
and they were correct - I used the very same command with
gpg-connect-agent last week to set a Pin for a production Brainpool
Signature card.  Thus this might be a problem with this specific test
card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-30 14:41:49 +02:00
Werner Koch
28c069db3b
card: Add password change menu for NKS cards.
* tools/gpg-card.c (cmd_passwd): Add menu for NKS.  Add option
--reset.
--

Note that the resetting does not yet work due to some bug in
app-scd.c
2020-06-25 11:24:35 +02:00
Werner Koch
2d8f060679
gpgconf: Fix regression in --launch and --kill from March
* tools/gpgconf.h (gc_component_id_t): Align order with gc_component
array.
--

Fixes-commit: b4f1159a5b
              gpgconf: Rewrite the gpgconf-comp module
              from 2020-03-12

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-24 12:33:26 +02:00
Werner Koch
4f6e0e12cb
card: Improve openpgp key writing in "writecert".
* tools/card-keys.c (struct export_key_status_parm_s): New.
(export_key_status_cb): New.
(get_minimal_openpgp_key): New.
* tools/gpg-card.c (cmd_writecert): Allow writing a keyblock directly
from an existing gpg key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-03 16:25:59 +02:00
Werner Koch
2d9592e78f
card: Allow to store and retrieve keyblocks in OpenPGP cards.
* tools/gpg-card.c: Include tlv.h.
(cmd_writecert): Add option --openpgp.
(cmd_readcert): Ditto.
--

We use the CERT object for this and encapsulate the key block in a CMS
object.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-28 15:55:54 +02:00
Werner Koch
ed0759f39b
card: New command "apdu"
* tools/card-call-scd.c (scd_apdu): Add optional arg 'options'.
* tools/gpg-card.c (cmd_apdu): New.
(enum cmdids): Add cmdAPDU.
(dispatch_command): Add command "apdu".
(interactive_loop): Ditto.
--

This command is hidden because it can be used to brick a card.  The
command is basically the same as sending "scd apdu" in
gpg-connect-agent but here we do full decoding and printing in hex.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-28 13:00:27 +02:00
Werner Koch
94d31660c6
card: Update card info after "generate".
* tools/gpg-card.c (cmd_generate): Re-read the card on success.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-27 13:48:20 +02:00
Werner Koch
08310849a2
card: Add command "bye"
* tools/gpg-card.c: Add command "bye" as alias for "quit".
* tools/gpg-connect-agent.c (main): Add "/quit" as alias for "/bye"
2020-05-27 11:43:14 +02:00
Werner Koch
46a3de4b5a
card: Take care of removed and re-inserted cards.
* tools/gpg-card.c (cmd_list): Take care of the need_sn_cmd flag.
(cmd_factoryreset): Clear that flag.
(dispatch_command): Set flag after a reset and after a
CARD_NOT_PRESENT error.
--
2020-05-27 11:27:32 +02:00
Werner Koch
c2a47475ba
card: Implement UID command and print capabilities.
* tools/card-call-scd.c (learn_status_cb): Return the full value for
UIF.  Add info about SM, MCL3, and PD.
* tools/gpg-card.h (struct card_info_s): Add corresponding fields.
* tools/gpg-card.c (list_openpgp): Print capabilities.  Print the
permanent flag for UIF.
(cmd_uif): Implement.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-26 16:24:12 +02:00
Werner Koch
9496634745
card: Allow listing of NKS cards.
* tools/card-call-scd.c (learn_status_cb): Always fill chvinfo.
* tools/gpg-card.h (struct card_info_s): Increase size of chvinfo and
chvmaxlen.
* tools/gpg-card.c (list_nks): New.
(print_a_version): Support single part version numbers.
(list_card): Call list_nks.
--

Note that chvmaxlen is not yet used with NKS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-07 19:47:07 +02:00
Werner Koch
5ec1f66793
doc: Typo fix in code comment.
--
2020-04-07 16:03:21 +02:00
NIIBE Yutaka
7ee2a9687d tools: Use internal regexp routines.
* tools/gpg-check-pattern.c: Use jimregexp.h.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-06 09:38:13 +09:00
Werner Koch
15352b0eac
gpg,card: Use the new MANUFACTURER attribute.
* tools/gpg-card.h (struct card_info_s): Add manufacturer fields.
* tools/card-call-scd.c (release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* tools/gpg-card.c (get_manufacturer): Remove.
(list_card): Use the new attribute.
* g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields.
* g10/call-agent.c (agent_release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* g10/card-util.c (get_manufacturer): Remove.
(current_card_status): Use new attribute.
--

This does away with the duplicated OpenPGP vendor tables; they are now
at a better place (app-openpgp.c).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 10:44:32 +02:00
NIIBE Yutaka
ba247a114c gpg: Add regular expression support.
* AUTHORS, COPYING.other: Update.
* Makefile.am (SUBDIRS): Add regexp sub directory.
* configure.ac (DISABLE_REGEX): Remove.
* g10/Makefile.am (needed_libs): Add libregexp.a.
* g10/trustdb.c: Remove DISABLE_REGEX support.
* regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h,
  regexp/utf8.c, regexp/utf8.h: New from Jim Tcl.
* regexp/UnicodeData.txt: New from Unicode.
* regexp/Makefile.am, regexp/parse-unidata.awk: New.
* tests/openpgp/Makefile.am: Remove DISABLE_REGEX support.
* tools/Makefile.am: Remove DISABLE_REGEX support.

GnuPG-bug-id: 4843
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-03 15:30:08 +09:00
Werner Koch
c1844ca752
gpgconf: Take care of --homedir when reading/updating options.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Remove unused var.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
(gc_component_check_options): Pass --homedir if needed.
(retrieve_options_from_program): Take care of --homedir.
--

This is related to bug 4882 but different due all the code changes.

GnuPG-bug-id: 4882
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-19 12:43:08 +01:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
6b306f45f4
gpg: New option --auto-key-import
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 18:04:47 +01:00
Werner Koch
b4f1159a5b
gpgconf: Rewrite the gpgconf-comp module.
* tools/gpgconf.h (gc_component_t): Change type to ...
(gc_component_id_t): this.
(GC_COMPONENT_ANY): New, so that we can use that in gpgconf-comp.c
directly.
* tools/gpgconf-comp.c: Major rework.
--

The primary reason for this rework is to support the global options.
A second reason is to clean up the code and simplify it so that we do
not anymore need to maintain a list of options in the components _and_
in gpgconf-comp.c.

What we do now is to

 1. Read the option tables directly from the components using
    the new generic --dump-option-table option.  This includes
    the header (group) descriptions.

 2. Read the default values from the components as before using
    --gpgconf-list and update gpgconf's internal tables with
    that info.

 3. Read the options using gpgrt_argparser in the same way as we do
    this in the components.

The changes also do away with the second level notion of backends;
they were only used for dirmngr's extra dirmngr_ldapservers.conf file.
We intend to remove that file and replace it with a regular option so
that it will be similar on how OpenPGP keyservers are specified.

The whole thing will currently be slower than before (in particular on
Windows) but we can optimize that by keeping a cached version of the
option tables and the default values in a per homedir cache file.

There is also some work planned to remove most of the data returned by
--gpgconf-list.  What can also be done is to replace the internal
tables, which list the gpgconf maintainable options, by a configuration
file so that admins are able to maintain the list of these options.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-12 10:16:56 +01:00
Werner Koch
41eb5108ce
gpg: Re-group the options in the --help output.
* g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to
use ARGPARSE_ignore and remove the code in the option switch.
--

This looks better and is also required for further simplifications of
gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 15:18:27 +01:00
Werner Koch
4423e9dcde
gpgconf: Support reading global options (part 2).
* tools/gpgconf-comp.c: Remove all regular option descriptions.  They
are now read in from the component.  Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--

This second part removes all regular option descriptions because they
can be read from the components.  A few were missing in the components
and thus moved to there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 10:09:26 +01:00
Werner Koch
d2425d1495
gpgconf: Support reading global options (part 1).
* tools/gpgconf.c (main): Set the coinfig directories.
* tools/gpgconf-comp.c (gc_backend): Change the name of the config
files.
(struct gc_option): Add new field 'attr'.
(retrieve_options_from_program): Rewrite to use gpgrt_argparser.
--

We need to do larger changes to gpgconf so that it is possible to get
also global config options and their attributes.  The old code worked
along its own list of option and used a generic option file parser.
This has no support for global config files.  We now use
gpgrt_argparser so that we to do exactly the same as the component
does and thus delivers the actual option values as seen by the
component.

This is just a first step and we need to change more things.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-05 16:23:52 +01:00
Werner Koch
178b3772ff
gpgconf: Always use xmalloc.
* tools/gpgconf-comp.c: Fix spelling of "cannot".  Use log_assert
instead of a plain assert.
(gc_percent_escape, percent_deescape): Fail on malloc error.
--

It does not make sense to use xtryalloc and failing then anyway.  We
also should use our wrappers and not a plain realloc.  Everywhere
elese we use the non-formal "can't" so it is better to do the same
here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-03 14:22:10 +01:00
Werner Koch
a94daa6549
card: Add yet another vendor.
--
2020-03-03 13:37:28 +01:00
Werner Koch
3c4ab531eb
card: Add new vendor.
--
2020-03-03 11:55:08 +01:00
Werner Koch
3bc004decd
Use gpgrt's new option parser for the tools.
* agent/preset-passphrase.c: Switch to the new option parser.
* agent/protect-tool.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
--

This is another part of changes.  A followup patch will address the
remaining daemons.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-21 20:28:47 +01:00
Werner Koch
0e8f6e2aa9
gpg: Use gpgrt's new option parser to provide a global conf file.
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h.  Do this also for all main modules which use our option
parser except for gpg.  Replace calls to strusage by calls to
gpgrt_strusage everywhere.

* g10/gpg.c (opts): Change type to gpgrt_opt_t.  Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t.  Rework the option
parser to make use of the new gpgrt_argparser.
--

This is not yet finished but a make check works.  gpg has the most
complex and oldest option handling and thus this is the first
migration target.  SE-Linux checks and version-ed config files are
missing and will be added later.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 11:13:32 +01:00
Werner Koch
ee911df979
card: New option --info for command list and select by s/n.
* tools/gpg-card.c (cmd_list): add option --info.  Factor soem code
out to ...
(print_card_list): new.
--

This change allows to use the printed s/n to sleect another card
instead of using the index.  For example:

  gpg/card> l --cards
  0* D276000124010200FFFE50FF6E060000
  1  D2760001240102000005000000370000

Now select the second card but do not print the entire listing, just
the card index, s/n and applications.  We also select by s/n:

  gpg/card> l --info D2760001240102000005000000370000
  1* D2760001240102000005000000370000

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-19 08:48:55 +01:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
e582d8f5b2
card: Fix openpgp subkey listing.
* tools/gpg-card.c (list_one_kinfo): Fix printing of the subkeys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:38:08 +01:00
Werner Koch
e63f8bee40
card: Take the key creation time from the KEYPAIRINFO
* tools/card-call-scd.c (learn_status_cb): Adjust for recent change.
--

This adjusts for the chnage in scdaemon.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 11:53:32 +01:00
Werner Koch
125c959677
card: Fix parsing of the received card_list.
* tools/card-call-scd.c (scd_cardlist): Allow for SERIALNO without any
apps.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-12 15:17:25 +01:00
Werner Koch
1abfce82bd
card: List more info for an OpenPGP key.
* tools/gpg-card.h (struct pubkey_s): Add field created.
* tools/card-keys.c (parse_key_record): Set that field.
* tools/gpg-card.c (print_shax_fpr): Print the fingerprint without
spaces for easier c+p.
(list_one_kinfo): Print the actual used fingerprint and creation date
from the keyblock.
--

A common problem with OpenPGP cards is that the fingerprint as stored
on the card does not match the actual fingerprint.  Print both values
to be able to investigate such issues.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-12 12:50:38 +01:00
Werner Koch
2c6092bc5d
card: New option --no-key-lookup.
* tools/gpg-card.h (opt): Add var no_key_lookup.
* tools/gpg-card.c (oNoKeyLookup): New const.
(opts): New option --no-key-lookup.
(list_one_kinfo): Add arg no_key_lookup and implement.
(list_all_kinfo): Add arg no_key_lookup.
(list_openpgp, list_piv, list_card): Ditto.
(cmd_list): New option --no-key-lookup.
--

Printing the OpenPGP and X.509 keys used for a specific card key can
be a lengthy operation.  The new command line option and option to
"list" allows to suppress that part of the output.
2020-02-12 11:16:41 +01:00
Werner Koch
6bc7318ef5
card: First code to actually create openpgp keys.
* tools/gpg-card.c (generate_all_openpgp_card_keys): Add demo key
generation.
(generate_key): Allow generatiing one OpenPGP key.
--

This does now allows to create a single OpenPGP key optioanlly with a
specified parameter.  For example to create an auth key:

  gpg-card generate --algo=ed25519 OPENPGP.3

Using option --force will overwrite and already existing key.
scdaemon does here take care of swicthing the key attributes before
generating the key.

TODO: We need to add some more stuff to app-openpgp so that the user
is not annoyed by beeing asked to enter the Admin-PIN twice (change
the key attributes clear the verification state).  gpg's key
generation also needs some tweaks for using an existing card key which
has no key stub in private-keys-v1.d.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-11 14:58:17 +01:00
Werner Koch
6aff8a1328
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87)

- Applied respective chnages also to gpg-card and keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:50:47 +01:00
Werner Koch
438b7881ba
card: Remove command "key-attr" and hack on "generate".
* tools/gpg-card.h (struct key_attr): Remove.
(struct key_info_s): Remove key_attr.  Add keyalgo and keyalgo_id.
* tools/card-call-scd.c (learn_status_cb): Rework the key-attr info.
* tools/gpg-card.c (list_one_kinfo): Always show the algorithm; if
there is no key show the key attributes instead.
(list_openpgp): Do not print the "Key attributes".
(generate_key): Factor the repalce key pormpt out to ...
(ask_replace_keys): new.
(generate_openpgp): Rename to generate_all_openpgp_card_keys and add
an algo parameter.
(generate_generic): Rename to generate_key.  Prepare generation of a
single OpenPGP key.
(cmd_generate): Revamp.
(ask_card_rsa_keysize): Remove.
(ask_card_keyattr): Remove.
(do_change_keyattr): Remove.
(cmd_keyattr): Remove.
(enum cmdids): Remove cmdKEYATTR.
(cmds): Ditto.
(dispatch_command): Ditto.
(interactive_loop): Ditto.
--

This change shows the key attributes of an OpenPGP card instead of the
key's algorithm if no key exists.  It also remove the key-attr command
because for uniformity it is better to do this directly in
scd/app-openpgp.c At least for this new gpg-card tool.

There a couple of other changes but to the generate command but they
are not yet ready.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 14:12:36 +01:00