security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
3,963 Commits 100 Branches 301 Tags 232 MiB
Commit Graph

129 Commits

Author SHA1 Message Date
Werner Koch 28c157b55c Support X.509 certificate creation. 
Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file
is

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Name-Email: foo@example.org
    Name-Email: bar@exmaple.org
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.
 2011-03-01 14:42:56 +01:00
Werner Koch b008274afd Nuked almost all trailing white space. 
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
 2011-02-04 12:57:53 +01:00
Werner Koch 41a33e0c78 Remove superfluous parameter. 
Make self-check interval larger
 2010-11-26 09:42:56 +00:00
Werner Koch a78335c9ce Add new option --with-keygrip 2010-10-08 11:11:08 +00:00
Werner Koch 7e752a4208 Auto-start dirmngr. 2010-08-16 11:03:43 +00:00
Werner Koch 91056b1976 Implement export of pkcs#12 objects using a direct agent connection. 2010-06-21 10:01:24 +00:00
Werner Koch 006fd75aea Avoid using the protect-tool to import pkcs#12. 2010-06-17 15:44:44 +00:00
Werner Koch d8b1099d01 Merged jnlib into common. 2010-03-10 12:24:58 +00:00
Werner Koch 6216d33e8c Removed almost al dup calls. 2010-03-08 18:19:21 +00:00
Werner Koch 943aaf0cba Replace use stdio by estream functions. 2010-03-08 12:22:18 +00:00
Werner Koch a51675fabe Add option --cert-extension. 2009-12-10 13:00:30 +00:00
Werner Koch 2193992559 Impleemned gpgsm's IMPORT --re-import feature. 
Typo fix.
 2009-07-07 16:52:12 +00:00
Werner Koch f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch 81972ca7d5 Create a pkcs#10 request directly from a card. 
Deprecate gpgsm-gencert.sh script.
 2009-07-02 09:49:31 +00:00
Werner Koch 990585ad7d Signing using Netkey 3 cards does now work. 2009-03-26 19:27:04 +00:00
Werner Koch ceb42db4dd Print NO_SECKEY status line in gpgsm. 
This fixes bug#1020.
 2009-03-25 16:05:16 +00:00
Werner Koch a3b63ac1dc Add server option with-ephemeral-keys. 
Extend SCD LEARN command.
 2009-03-18 11:18:56 +00:00
Werner Koch a9c317a95c New gpg-agent command to list key information. 
Gpgsm does now print the S/N of cards.
Consider ephemeral keys during listing an export.
 2009-03-06 17:31:27 +00:00
Werner Koch 3f8e827f63 fixed a bug in the prompt formatter. 2008-10-28 11:41:52 +00:00
Werner Koch 12366d1e81 Help dirmngr to use supplied trust anchors. 2008-10-21 15:03:51 +00:00
Werner Koch 8381a43ca7 Add gpgsm server command GETINFO agent-check. 
Fix tests.
 2008-09-30 10:30:20 +00:00
Marcus Brinkmann 7d2cfee1df 2008-08-08 Marcus Brinkmann <marcus@g10code.de> 
* gpgsm.h (struct server_control_s): Remove member dirmngr_seen.
	* call-dirmngr.c (dirmngr2_ctx, dirmngr_ctx_locked)
	(dirmngr2_ctx_locked): New global variables.
	(prepare_dirmngr): Don't check dirmngr_seen anymore.
	(start_dirmngr): Move bunch of code to ...
	(start_dirmngr_ext): ... this new function.
	(release_dirmngr, start_dirmngr2, release_dirmngr2): New
	functions.
	(gpgsm_dirmngr_isvalid): Call release_dirmngr.
	(gpgsm_dirmngr_lookup): Call release_dirmngr.  If dirmngr_ctx is
	locked, use dirmngr2_locked.
	(gpgsm_dirmngr_run_command): Call release_dirmngr.
 2008-08-08 01:06:48 +00:00
Werner Koch a6a9181818 Start support of TCOS 3 cards. 
Support restriction attribute.
Fix utf-8 printing problems.
Use AES by default.
 2008-06-26 19:09:07 +00:00
Marcus Brinkmann 04e965c7fc sm/ 
2008-06-12  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.h (struct keyserver_spec): New struct.
	(opt): Add member keyserver.
	* gpgsm.c (keyserver_list_free, parse_keyserver_line): New functions.
	(main): Implement --keyserver option.
	* call-dirmngr.c (prepare_dirmngr): Send LDAPSERVER commands.

tools/
2008-06-12  Marcus Brinkmann  <marcus@g10code.de>

	* gpgconf-comp.c (gc_options_gpgsm): Add option keyserver.
 2008-06-12 14:24:46 +00:00
Werner Koch f13c5a48fc Improve certificate chain construction. 
Extend PKITS framework
 2008-02-19 10:33:35 +00:00
Werner Koch 30a97e770c Poems for AllowSetForegroundWindow (W32) 2008-02-14 19:50:10 +00:00
Werner Koch 0819c1e8ca Always search missing certifcates using a running Dirmngr's cache. 2008-02-13 16:47:14 +00:00
Werner Koch 9d66580cff Allow verification of some broken S-TRUST generated signatures. 2007-12-13 15:45:40 +00:00
Werner Koch bae4b256c7 Support DSA2. 
Support Camellia for testing.
More audit stuff.
 2007-12-12 10:28:30 +00:00
Werner Koch 55ba204bfa Started to implement the audit log feature. 
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
 2007-11-19 16:03:50 +00:00
Werner Koch 698ba5ae3c Add new features to kbxutil. 
Fixed bug 829 (can't encrypt if duplicated certs are in the keybox)
 2007-08-23 17:41:22 +00:00
Werner Koch f81f521a72 Updated estream. 
More changes for Windows.
 2007-08-22 10:55:07 +00:00
Werner Koch 74d344a521 Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
Werner Koch 93d3811abc Changed to GPLv3. 
Removed intl/.
 2007-07-04 19:49:40 +00:00
Werner Koch 0b66f30d66 Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under Windows. 2007-06-21 18:44:48 +00:00
Werner Koch fd628ffda1 Allow setting of the passphrase encoding of pkcs#12 files. 
New option --p12-charset.
 2007-03-20 10:00:55 +00:00
Werner Koch 9e95c2dff6 Allow export to work on systems without funopen/fopencookie. 2007-03-19 15:44:59 +00:00
Werner Koch 12b661166c Changes to let the key listing use estream to help systems without 
funopen.
 2007-03-19 14:35:04 +00:00
Werner Koch 650293c4f6 sm/ 
* server.c (skip_options): Skip leading spaces.
(has_option): Honor "--".
(cmd_export): Add option --data to do an inline export.  Skip all
options.

* certdump.c (gpgsm_fpr_and_name_for_status): New.
* verify.c (gpgsm_verify): Use it to print correct status messages.

doc/
* gpgsm.texi (GPGSM EXPORT): Document changes.
 2006-11-14 10:23:21 +00:00
Werner Koch 43825e9dae Allow pkcs#10 creation directkly from a smart card 2006-10-11 17:52:15 +00:00
Werner Koch 4b48bcacc9 Fix for bug 537 2006-10-02 11:54:35 +00:00
Werner Koch d94faf4a3d New "relax" option for trustlist.txt 2006-09-25 18:29:20 +00:00
Werner Koch eef036df23 The big Assuan error code removal. 2006-09-06 16:35:52 +00:00
Werner Koch 98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Werner Koch 6b19366e4e Add Kludge for RegTP sillyness. 2006-03-21 09:56:47 +00:00
Werner Koch b8795bb823 Print a note that the software has not been approved for qualified signatures. 2005-11-23 09:05:45 +00:00
Werner Koch b9633196f4 Added qualified signature features. 2005-11-13 19:07:06 +00:00
Werner Koch a2d1673d66 * findkey.c (agent_public_key_from_file): Fixed array assignment. 
This was the cause for random segvs.

* call-agent.c (gpgsm_agent_readkey): New.
 2005-07-25 14:35:04 +00:00
Werner Koch deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the 
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
 2005-06-16 08:12:03 +00:00