1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-13 22:08:52 +01:00
Commit Graph

10300 Commits

Author SHA1 Message Date
Jakub Jelen
eadf12a52c sign: Construct valid AEAD packets.
* g10/sign.c (sign_symencrypt_file): Insert correct version and AEAD
  information into symkey packet.

--

GnuPG-bug-id: 5856
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-03-09 11:06:42 +09:00
NIIBE Yutaka
6c50834c09 sm: Fix parsing encrypted data.
* sm/minip12.c (cram_octet_string): Finish when N==0.
(parse_bag_encrypted_data): Support constructed data with multiple
octet strings.

--

GnuPG-bug-id: 5793
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-09 10:52:10 +09:00
Werner Koch
f8075257af
gpgsm: New option --require-compliance
* sm/gpgsm.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* sm/gpgsm.h (opt): Add field require_compliance.
(gpgsm_errors_seen): Declare.
* sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--
2022-03-08 19:28:16 +01:00
Werner Koch
ee013c5350
gpg: New option --require-compliance.
* g10/options.h (opt): Add field flags.require_compliance.
* g10/gpg.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant.
(check_sig_and_print): Ditto.
* g10/encrypt.c (encrypt_crypt): Ditto.
--

Note that in the --encrypt and --verify cased other checks may kick in
earlier than this new --require-compliance controlled one.
2022-03-08 19:26:01 +01:00
Jussi Kivilinna
49c6e58394 gpg: fix --enarmor with zero length source file
* common/iobuf.c (filter_flush): Remove "src_len == 0" check.
* g10/compress-bz2.c (do_compress): Exit early if flush not
forced and input length is zero.
* g10/compress.c (do_compress): Likewise.
--

Remove "(src_len == 0)" check in filter_flush which was
introduced to fix compress failure caused by zero length
flush from iobuf_close. However this check broke enarmoring
file with length of zero. Patch instead fixes zero length
flush problem in compress filters.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:03:08 +02:00
Jussi Kivilinna
b96eb6f08d iobuf: add zerocopy optimization for iobuf_write
* common/iobuf.c (filter_flush): Use 'iobuf->e_d' if configured.
(iobuf_write): Configure 'iobuf->e_d' for 'filter_flush' if
'iobuf->d.buf' is empty and external buffer is larger than threshold.
--

Zero-copy operation in iobuf_write() and filter_flush() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:03:03 +02:00
Jussi Kivilinna
15df88d135 iobuf: add zerocopy optimization for iobuf_read
* common/iobuf.h (iobuf_struct): Add 'e_d' substructure and members.
* common/iobuf.c (IOBUF_ZEROCOPY_THRESHOLD): New.
(iobuf_alloc): Clear 'iobuf->e_d'.
(underflow_target): Use 'iobuf->e_d' when configured to bypass copying
through 'iobuf->d.buf'.
(iobuf_read): Configure 'iobuf->e_d' for 'underflow' if 'iobuf->d.buf'
is empty and external buffer is larger than threshold.
--

Zero-copy operation in iobuf_read() and underflow() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Jussi Kivilinna
99e2c178c7 g10/cipher-aead: add fast path for avoid memcpy when AEAD encrypting
* g10/cipher-aead.c (do_hash): Add faster path for encrypting directly
from input buffer instead of memcpying then encrypting inplace.
--

When encrypting with AES256.OCB on AMD Ryzen 5800X, memcpy shows as
taking largest portion of computation time. Patch adds fast path for
AEAD encryption which largely eliminates need for memcpying when
doing AEAD encryption. AES256.OCB throughput increases from 2.2GB/s
to 4.2GB/s on said system (1.9x faster).

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Jussi Kivilinna
6c95d52a22 g10/decrypt-data: disable output estream buffering to reduce overhead
* g10/decrypt-data.c (decrypt_data): Disable estream buffering for
output file.
--

Here estream is filled with iobuf_copy which already uses large buffers
so additional buffering in estream was just adding memory copy overhead.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Jussi Kivilinna
583b664a07 g10/plaintext: disable estream buffering in binary mode
* g10/plaintext.c (handle_plaintext): Disable estream buffering in
binary modes.
--

Since in binary mode, large buffers are passed from source iobuf to
target estream, extra buffering in estream only causes extra memory
copying and overhead.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Jussi Kivilinna
f2322ff942 Use iobuf buffer size for temporary buffer size
* common/iobuf.c (iobuf_copy): Use iobuf buffer size for temporary
buffers.
* g10/plaintext.c (handle_plaintext, do_hash): Likewise.
* g10/sign.c (sign_file): Likewise.
--

As iobuf will have zerocopy operation for read/write, it is better to
use same size buffers as iobuf for temporary copy buffers.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Werner Koch
70b738f93f
gpgtar,w32: Support file names longer than MAX_PATH.
* tools/gpgtar.c: Replace assert by log_assert.
* tools/gpgtar-extract.c: Ditto.
(extract_regular): Create files with sysopen flag.
* tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar.
--

Note that for this change libgpg-error 1.45 is required for Windows.
2022-03-08 07:50:17 +01:00
Werner Koch
6afedbcd47
common,w32: Support file names longer than MAX_PATH in iobuf.
* common/iobuf.c (direct_open): Use gpgrt_fname_to_wchar.
(any8bitchar): Remove.
2022-03-08 07:50:14 +01:00
NIIBE Yutaka
14e13fb712 common: Fix confusion of get_pk_algo_from_key.
* common/ssh-utils.c (ssh_public_key_in_base64): Fix the constants.

--

Fixes-commit: 8e650dbd48
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-04 10:57:48 +09:00
NIIBE Yutaka
58e6990eaa scd: Fix PK_AUTH with --challenge-response option.
* scd/app.c (app_auth): It's only APPTYPE_OPENPGP which supports
the challenge response interaction.
* scd/command.c (cmd_pkauth): It only wants if it works or not.

--

GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-04 10:11:38 +09:00
NIIBE Yutaka
44621120a2 scd: Add --challenge-response option to PK_AUTH for OpenPGP card.
* scd/app-openpgp.c (rmd160_prefix, sha1_prefix, sha224_prefix)
(sha256_prefix, sha384_prefix, sha512_prefix): Move the scope up.
(gen_challenge): New.
(do_auth): Support challenge-response check if it signs correctly.
* scd/app.c (app_auth): Remove the check INDATA and INDATALEN.
* scd/command.c (cmd_pkauth): Support --challenge-response option.

--

GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-03 17:45:49 +09:00
Jussi Kivilinna
756c0bd5d8 g10/encrypt: use iobuf_copy instead of manual iobuf_read/iobuf_write
* g10/encrypt.c (encrypt_simple): Use 'iobuf_copy' for no-literal case.
--

GnuPG-bug-id: T5852
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-02 21:12:28 +02:00
Jussi Kivilinna
9c313321a8 g10/dearmor: use iobuf_copy
* g10/dearmor.c (dearmor_file, enarmor_file): Use 'iobuf_copy'.
--

GnuPG-bug-id: T5852
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-02 21:12:28 +02:00
NIIBE Yutaka
8e650dbd48 scd: Let READKEY support --format=ssh option.
* scd/command.c (do_readkey): Support --format=ssh option.
* common/ssh-utils.c (ssh_public_key_in_base64): New.
* common/ssh-utils.h (ssh_public_key_in_base64): New declaration.

--

Code duplication (agent/command-ssh.c) will be cleaned up later.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-02 14:07:46 +09:00
Jussi Kivilinna
f8943ce098 g10/sign: sign_file: use iobuf_read for higher detached signing speed
* g10/sign.c (sign_file): Use iobuf_read instead of iobuf_get for
reading data from detached file.
--

This patch reduces iobuf_read per byte processing overhead and speeds
up detached signing.

Detached signing speed on AMD Ryzen 5800X (4.3GiB file, SHA256):

         gpg process
         user time
 before: 3.951s
 after:  1.898s (2.0x faster)

GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-02-27 18:49:25 +02:00
Jussi Kivilinna
4e27b9defc g10/plaintext: do_hash: use iobuf_read for higher performance
* g10/plaintext.c (do_hash): Use iobuf_read instead of iobuf_get for
reading data; Use gcry_md_write instead of gcry_md_putc for hash data.
--

This patch reduces iobuf_read per byte processing overhead and speeds
up detached signature verifying.

Detached verifying speed on AMD Ryzen 5800X (4.3GiB file, SHA256):

         gpg process
         user time
 before: 9.410s
 after:  1.913s (4.9x faster)

GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-02-27 18:49:25 +02:00
Werner Koch
f03c871c9e
agent: Print the correct daemon name in presence of a --foo-program.
* agent/call-daemon.c (wait_child_thread): Print the correct name.
--

This makes sure that the log print the actual used name if for example
--pinentry-program was used.
2022-02-27 12:26:39 +01:00
Werner Koch
7c8c606061
agent: New flag "qual" for the trustlist.txt.
* agent/trustlist.c (struct trustitem_s): Add flag "qual".
(read_one_trustfile): Rename arg "allow_include" to "systrust" and
change callers.  Parse new flag "qual".
(istrusted_internal): Print all flags.
* sm/call-agent.c (istrusted_status_cb): Detect the "qual" flag.
* sm/gpgsm.h (struct rootca_flags_s): Add flag "qualified".
* sm/certchain.c (do_validate_chain): Take care of the qualified flag.
2022-02-27 12:26:38 +01:00
Werner Koch
b901e63b4d
dimngr: Do not check the self-signature of a root CA cert.
* dirmngr/validate.c (validate_cert_chain): Comment out that code.
2022-02-27 12:26:38 +01:00
Werner Koch
de87c8e1ea
dirmngr: Support ECDSA for CRLs
* dirmngr/crlcache.c (finish_sig_check): Support ECDSA.
* dirmngr/validate.c (check_cert_sig): Ditto.  Remove the never
used support for DSA.
2022-02-27 12:26:38 +01:00
Werner Koch
890e9849b5
dirmngr: Support ECDSA for OCSP.
* dirmngr/validate.c (pk_algo_from_sexp): Make public.  Support ECC.
* dirmngr/ocsp.c (check_signature): Remove hash preparation out to ...
(check_signature_core): here.  This changes the arg s_hash to md.
Support ECDSA.
--

The test was done with my qualified signature certificate from the
Telesec and their responder http://tqrca1.ocsp.telesec.de/ocspr .
See also libksba commit rK24992a4a7a61d93759e1dbd104b845903d4589bf
2022-02-27 12:26:38 +01:00
NIIBE Yutaka
335805e1d4 gpg: Clarify a call of ask_for_detached_datafile.
* g10/mainproc.c (proc_tree): Call ask_for_detached_datafile
with MD2=NULL.

--

Here, c->mfx.md2 is always NULL, in fact.  But, text-wise
(when searching the use of "mfx.md2"), before the change, it used
mfx.md2, which is irrelevant in the handling of PKT_ONEPASS_SIG.

Note that: One-Pass Signature is not available in PGP2.

This fix removes (text-wise) unmatch of the calls of functions
hash_datafile_by_fd hash_datafiles, and ask_for_detached_datafile.

Fixes-commit: 88a916cdd4
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-25 11:55:07 +09:00
NIIBE Yutaka
fb007d93de Fix the previous commit.
--

Fixes-commit: 903c5fe369
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-23 09:12:07 +09:00
NIIBE Yutaka
903c5fe369 gpg: Fix generating AEAD packet.
* g10/cipher-aead.c (do_free): Fix the condition of the last chunk.

--

GnuPG-bug-id: 5853
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-22 21:12:54 +09:00
Werner Koch
cff68fe359
scd,w32: Print code pages with --show-configs
* tools/gpgconf.c (show_configs): Do it.
2022-02-21 12:17:08 +01:00
Werner Koch
597253ca17
scd:p15: Used extended mode already for RSA 2048
* scd/app-p15.c (do_sign, do_decipher): Replace GT by GE.
--
2022-02-21 12:17:08 +01:00
NIIBE Yutaka
05fdaa1737 sm: Fix use of value NONE in gnupg_isotime_t type.
* common/gettime.h (GNUPG_ISOTIME_NONE): New.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it.
* sm/certlist.c (gpgsm_add_to_certlist): Likewise.
* sm/import.c (check_and_store): Likewise.
* sm/keylist.c (list_cert_colon, list_cert_raw): Likewise.
(list_cert_std): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-18 11:11:12 +09:00
Ingo Klöcker
da04811fe7 po: Fix gender of pronoun in German translation
--

The phrase refers to an insecure "passphrase" which is translated as
"(das) Passwort" (pronoun: "dieses") in German.
2022-02-16 10:50:46 +01:00
Jussi Kivilinna
ab177eed51 g10/mainproc: avoid extra hash contexts when decrypting MDC input
* g10/mainproc.c (mainproc_context): New member
'seen_pkt_encrypted_mdc'.
(release_list): Clear 'seen_pkt_encrypted_mdc'.
(proc_encrypted): Set 'seen_pkt_encrypted_mdc'.
(have_seen_pkt_encrypted_aead): Rename to...
(have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for
'seen_pkt_encrypted_mdc'.
(proc_plaintext): Do not enable extra hash contexts when decrypting
MDC input.
--

Avoiding extra hash contexts speeds up CFB/MDC decryption quite
a lot. For example, decrypting symmetric-key AES-256 encrypted
4 GiB file from RAM to /dev/null sees ~3.4x speed increase on
AMD Ryzen 5800X:

 AES256.CFB encryption: 783 MB/s
 AES256.CFB decryption: 386 MB/s (before)
 AES256.CFB encryption: 1.3 GB/s (after patch)

Note, AEAD is still significantly faster:

 AES256.OCB encryption: 2.2 GB/s
 AES256.OCB decryption: 3.0 GB/s

GnuPG-bug-id: T5820
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-02-08 19:21:18 +02:00
Werner Koch
e23dc755fa
sm: New option --ignore-cert-with-oid.
* sm/gpgsm.c (oIgnoreCertWithOID): New.
(opts): Add option.
(main): Store its value.
* sm/call-agent.c (learn_cb): Test against that list.
2022-02-03 14:17:10 +01:00
NIIBE Yutaka
b2cedc108d gpg: Fix for -Wformat when using uint64_t.
* g10/cipher-aead.c (do_flush): Use PRIu64.
* g10/decrypt-data.c (aead_underflow): Likewise.

--

Even among LP64 data model machines, uint64_t type may differ;
unsigned long or unsigned long long.
Only portable way is use of PRIu64.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-02 11:09:48 +09:00
Werner Koch
57d546674d
dirmngr: Avoid initial delay on the first keyserver access.
* dirmngr/dirmngr.c (dirmngr_never_use_tor_p): New.
* dirmngr/server.c (ensure_keyserver): Don't even test for the Tor
proxy in never-use-tor Mode.

* tools/gpgtar-create.c: Include unistd.h to avoid a warning on
Windows.
--

This delay of 2 or 3 seconds is in particular annoying on Windows.
This is now suppressed, as it should be, if --no-use-tor is used.

The second patch is unrelated
2022-02-01 16:03:06 +01:00
Werner Koch
623a427b0c
sm: Partly revert last commit.
* sm/gpgsm.c (set_debug): Remove doubled code.
--

It was already there; sorry.

Fixes-commit: 51edea995d
2022-02-01 15:20:29 +01:00
Werner Koch
51edea995d
gpg,sm: Set --verbose and clear --quiet in debug mode.
* g10/gpg.c (set_debug): Tweak options.
* sm/gpgsm.c (set_debug): Ditto.
2022-02-01 15:13:13 +01:00
Werner Koch
934a60de6b
ssh: Fix adding an ed25519 key with a zero length comment.
* agent/command-ssh.c (sexp_key_construct): Do not put an empty string
into an S-expression.
(stream_read_string): Do not not try to a read a zero length block.
--

Actually we could handles this different by not putting a comment tag
into the s-expression, however this requires more code and at other
places we already return "(none)" instead of an empty comment.

The second fix is more or less a cosmetic thing to get better error
messages in case the underlying read system call returns an error.

GnuPG-bug-id: 5794
2022-01-28 19:59:11 +01:00
Werner Koch
34ea19aff9
gpg: Allow --dearmor to decode all kinds of armor files.
* g10/filter.h (armor_filter_context_t): New fields dearmor_mode and
dearmor_state.
* g10/dearmor.c (dearmor_file): Set dearmor_mode.
* g10/armor.c (is_armor_header): Magic to switch to generic dearmor
mode.
(parse_header_line): Treat non OpenPGP armor in a special way.
(check_input): Ditto.
(radix64_read): Detect non OpenPGP armor END lines.
2022-01-28 12:09:34 +01:00
Werner Koch
f2d1187fcd
gpgsm: Retire the new --ldapserver.
* sm/gpgsm.c (oKeyServer_deprecated): New.
(opts): Assign "ldapserver" to the new option and mark it as obsolete.
--

We want to use "ldapserver" in dirmngr but need to keep using
"keyserver" in gpgsm for existant versions of Kleopatra etc.

GnuPG-bug-id: 5801
2022-01-27 15:23:42 +01:00
Werner Koch
ed798a97f5
gpgconf: Teach --show-config the legacy gpgconf.conf.
* tools/gpgconf.c (show_configs): Print gpgconf.conf and a warning.
2022-01-27 14:43:45 +01:00
Werner Koch
977b61ddab
gpgconf: Return again "keyserver" for gpgsm.
* tools/gpgconf-comp.c (known_options_gpgsm): Change "ldapserver" back
to "keyserver".
2022-01-27 14:40:53 +01:00
Werner Koch
8fb23094c2
gpgconf: Fix --list-options for forced options
* tools/gpgconf-comp.c (retrieve_options_from_program): Ignore to to
ignored options.  Add failsafe code to avoid calling percent_escape
with NULL.
--

Remember: When using ARGPARSE_FLAG_WITHATTR the ARGPARSE_OPT_IGNORE
flags in the returned type needs to be considered.

GnuPG-bug-id: 5800
2022-01-26 12:47:56 +01:00
Werner Koch
0b4fdbd5f4
gpgconf: Return --ldapserver and --keyserver from dirmngr.
* dirmngr/dirmngr.c: Reorder two option groups.
* tools/gpgconf-comp.c (known_options_gpgsm): Rename "keyserver" to
"ldapserver" and set level to invisible.
(known_options_dirmngr): Add "ldapserver" at the basic level.
* sm/gpgsm.c (opts): No more help text for "ldapserver".
--

GnuPG-bug-id: 5800
2022-01-25 20:24:25 +01:00
Werner Koch
1cf0c407bf
doc: Add comments on the legacy status of gpgconf.conf.
--
2022-01-25 10:10:53 +01:00
Werner Koch
b7e1afe9a4
doc: Minor typo fixes
--
2022-01-24 22:22:34 +01:00
James Bottomley via Gnupg-devel
af2fbd9b01
agent: always use hexgrip when storing key password
--
The current code uses the binary ctrl->keygrip, but all the passphrase
storage engines expect this to be a string, so convert the binary
keygrip to a hex one before passing it in as the keyid.  This fixes a
crash seen in some libsecret implementations where a non-ascii keyid
isn't well handled.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2022-01-24 22:22:05 +01:00
Werner Koch
38e100acb7
gpg: Print Yubikey version correctly.
* g10/call-agent.c (learn_status_cb): Parse APPVERSION.
* g10/call-agent.h (struct agent_card_info_s): Add field appversion.
* g10/card-util.c (print_a_version): New.
(current_card_status): Print version from appversion.
--

This is a regression due to the PIV support.  Note that the newer
gpg-card worked correctly.

GnuPG-bug-id: 5787
2022-01-18 08:03:27 +01:00