security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
3,963 Commits 100 Branches 301 Tags 232 MiB
Commit Graph

430 Commits

Author SHA1 Message Date
Werner Koch 81389383a3 Made the KILLAGENT and KILLSCD commands working again. 
This requires that GnuPG is build with a newer version of Libassuan
(2.0.3).
 2011-08-10 11:47:04 +02:00
Werner Koch d479906991 Support a confirm flag for ssh. 
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
 2011-07-20 20:49:41 +02:00
Werner Koch 37228cfa05 Allow generation of card keys up to 4096 bit. 
This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg.  This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.

Note: the card key generation in gpg is currently broken.  The keys
are generated but it is not possible to create the self-signature
because at that time the gpg-agent does not yet know about the new
keys and thus can't divert the sign request to the card.  We either
need to run the learn command right after calling agent_scd_genkey or
implement a way to sign using the currently inserted card.  Another
option would be to get rid of agent_scd_genkey and implement the
feature directly in agent_genkey.
 2011-06-16 14:27:33 +02:00
Werner Koch 817f07173c Fixed regression in OpenPGP secret key export. 
The protection used in the exported key used a different iteration
count than given in the S2K field.  Thus all OpenPGP keys exported
from GnuPG 2.1-beta can't be imported again.  Given that the actual
secret key material is kept in private-keys-v1.d/ the can be
re-exported with this fixed version.
 2011-04-26 20:39:09 +02:00
Werner Koch 87a6a1c3fe Post beta release updates 2011-03-08 14:00:04 +01:00
Werner Koch 444f2fe1cd Prepare for 1.5.0beta2 2011-03-08 12:56:45 +01:00
Werner Koch 28c157b55c Support X.509 certificate creation. 
Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file
is

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Name-Email: foo@example.org
    Name-Email: bar@exmaple.org
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.
 2011-03-01 14:42:56 +01:00
Werner Koch 0b5bcb40cf Finished ECC integration. 
Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.
 2011-02-03 16:35:33 +01:00
Werner Koch 2b933ae8f6 Fix for bug#1313. de.po update. 2011-01-20 15:11:25 +01:00
Werner Koch 2732f2ff3f Fix bug #1311. 2011-01-10 11:37:57 +01:00
Werner Koch 5fd7ff3488 Tweaks for gpgconf. 
Fixed dirmngr bug 1010.
 2010-12-14 19:17:58 +00:00
Werner Koch fcb5f7d08f s/AES/AES128/ in diagnostics and --list-config 2010-12-02 15:49:02 +00:00
Werner Koch b3f9e2130e Change stack size for Wince. 
Allow for a longer agent atartup under wince.
Print gpg output via estream.
 2010-11-23 18:46:41 +00:00
Werner Koch 2c982dcf86 Fix bug where scdaemon kills a non-daemon gpg-agent. 2010-11-11 15:07:37 +00:00
Werner Koch dc5150db78 Honor TMPDIR. 2010-10-27 07:37:52 +00:00
Werner Koch 0f721abddf Update scripts etc. 2010-10-26 12:25:47 +00:00
Werner Koch 54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch 002b30e75c Import fixes. 
new otion for watchgnupg
 2010-10-06 11:29:10 +00:00
Werner Koch bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported. 
A couple of forward ported changes.
Doc updates.
 2010-10-01 20:33:53 +00:00
Werner Koch daab9aff3a Merge secret keys during import 2010-09-02 15:11:51 +00:00
Werner Koch 87fac99112 Import OpenPGP keys into the agent. 2010-08-31 15:58:39 +00:00
Werner Koch 15330f36a7 Reworked the posix and w32 exechelpers. 2010-08-20 12:18:38 +00:00
Werner Koch 7e752a4208 Auto-start dirmngr. 2010-08-16 11:03:43 +00:00
Werner Koch a22c38baad Some work on the dirmngr 2010-07-23 16:16:14 +00:00
Werner Koch c3f08dcb72 Merged Dirmngr with GnuPG. 
A few code changes to support dirmngr.
 2010-06-09 16:53:51 +00:00
Werner Koch 51e2703abe Auto starting the agent does now work on CE. 2010-05-04 15:21:47 +00:00
Werner Koch 53c636c4c6 ./autogen.sh --build-w32ce does now succeed. 2010-04-14 14:39:16 +00:00
Werner Koch 2cf687cb3e First batch of changes to support W32CE. 
Note that jnlib/w32-reg.c is not yet ready.
 2010-02-26 18:44:36 +00:00
Werner Koch 4d693033ab Implement dynamic S2K count computation. 2009-12-14 20:12:56 +00:00
Werner Koch a51675fabe Add option --cert-extension. 2009-12-10 13:00:30 +00:00
Werner Koch 9a96043be4 Unification of the search descriptor usage. 2009-12-08 16:30:33 +00:00
Werner Koch 85d778b9f6 Use ADNS for PKA and SRV records if no other resolver is available. 2009-12-07 15:52:27 +00:00
Werner Koch 49b00ffd67 allow for default algorithms in a gpg parameter file 2009-12-04 19:47:54 +00:00
Werner Koch cb5491bfaf support numeric debug levels. 2009-12-03 18:04:40 +00:00
Werner Koch 9e83404751 More stuff for the audit-log. 2009-12-02 18:33:59 +00:00
Werner Koch 536b6ab09f Keep on hacking on g13. A simple --create and --mount does now work. 
A hacked up encfs is required.
 2009-10-13 19:17:24 +00:00
Werner Koch b46c353318 Start a new development branch. 
Translations are for now disabled.
 2009-09-21 18:26:52 +00:00
Werner Koch fd38b9227e Post release version bumb 2009-09-04 17:52:40 +00:00
Werner Koch 7d0f99aa91 preparae release 2009-09-04 13:38:16 +00:00
Werner Koch 25659d66f1 Ask to insert the right OpenPGP card. 2009-08-11 10:56:44 +00:00
Werner Koch 31084d6dc9 Support writing of existing keys with non-matching key sizes. 2009-07-09 14:54:18 +00:00
Werner Koch e50cac1d84 Changed default hash algorithm preferences 2009-07-09 08:52:31 +00:00
Werner Koch 2193992559 Impleemned gpgsm's IMPORT --re-import feature. 
Typo fix.
 2009-07-07 16:52:12 +00:00
Werner Koch f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch 81972ca7d5 Create a pkcs#10 request directly from a card. 
Deprecate gpgsm-gencert.sh script.
 2009-07-02 09:49:31 +00:00
Werner Koch 1925cb37f9 Alow batch ode for gpgsm --gen-key. 
Allow CSR generation using an existing key with gpgsm.
 2009-07-01 18:30:33 +00:00
Werner Koch e05aeca87b Post release updates 2009-06-17 11:57:24 +00:00
Werner Koch c998dd12a2 Preparing for 2.0.12. 2009-06-17 11:18:26 +00:00
Werner Koch 4fa261f8ec Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
Werner Koch 5e208460a1 Improved smartcard robustness. 2009-05-13 17:12:00 +00:00