1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-08 21:18:51 +01:00
Commit Graph

260 Commits

Author SHA1 Message Date
Werner Koch
dbfb7f809b
gpg: Print a warning when importing a bad cv25519 secret key.
* g10/import.c (transfer_secret_keys): Add simple check.
--

Note that the requirement for a set high bit is not yet checked.
GnuPG-bug-id: 5464
2021-09-14 13:00:40 +02:00
Jakub Jelen
2af7bb2295
g10: Fix memory leaks
* g10/card-util.c (change_pin): free answer on errors
  (ask_card_keyattr): free answer on error
* g10/cpr.c (do_get_from_fd): free string
* g10/gpg.c (check_permissions): free dir on weird error
* g10/import.c (append_new_uid): release knode
* g10/keyedit.c (menu_set_keyserver_url): free answer
  (menu_set_keyserver_url): free user
* g10/keygen.c (print_status_key_not_created): move allocation after
  sanity check
  (ask_expire_interval): free answer
  (card_store_key_with_backup): goto leave instaed of return
* g10/keyserver.c (parse_keyserver_uri): goto fail instead of return
* g10/revoke.c (gen_desig_revoke): release kdbhd
  (gen_desig_revoke): free answer
* g10/tofu.c (ask_about_binding): free sqerr and response
* g10/trustdb.c (ask_ownertrust): free pk

--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Further changes:

* g10/card-util.c (change_pin): Do not set answer to NULL.
* g10/keyedit.c(menu_set_keyserver_url): Use !func() pattern.

Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 5393
2021-05-20 13:38:39 +02:00
Werner Koch
99db4b0c7f
gpg: Do not use import-clean for LDAP keyserver imports.
* g10/options.h (opts): New field expl_import_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--

I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are.  Thus we
don't clean the key anymore so that key certifications are kept even
if the public key has not yet been imported.

See-commit: 6c26e593df
GnuPG-bug-id: 5387
2021-04-26 14:15:21 +02:00
Werner Koch
6c26e593df
gpg: Do not use self-sigs-only for LDAP keyserver imports.
* dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status.
* g10/options.h (opts): New field expl_import_self_sigs_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--

I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are.  Thus we
can allow the import of key signature from LDAP keyservers by default.

GnuPG-bug-id: 5387
2021-04-13 14:33:50 +02:00
Werner Koch
3491faa3bb
gpg: Remove experimental feature to export w/o user-ids.
* g10/options.h (IMPORT_DROP_UIDS, EXPORT_DROP_UIDS): Remove.
* g10/import.c (parse_import_options): Remove option import-drop-uids.
(import_one_real): Remove drop uids code.
(remove_all_uids): Remove function.
* g10/export.c (parse_export_options): Remove option export-drop-uids.
(do_export_one_keyblock): Remove drop uids code.
2021-02-02 12:57:00 +01:00
Werner Koch
d49a945b12
gpg: New experimental import option "bulk-import"
* g10/options.h (IMPORT_BULK): New.
* g10/import.c (parse_import_options): Add "bulk-import".
* g10/call-keyboxd.c (in_transaction): New var.
(gpg_keyboxd_deinit_session_data): Run a commit if in bulk import
mode.
(create_new_context): Run a begin transaction if in bulk import mode.
--

Initial tests with this option are not very promising.  Importing
about 3000 real world keys with --use-keyboxd and full logging took:

   real    33m31.724s
   user    19m54.265s
   sys     2m49.662s

With bulk-import this saves a mere 12%:

   real    29m36.542s
   user    19m3.391s
   sys     2m46.728s

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-24 16:47:10 +02:00
Werner Koch
fc1a185755
gpg: Remove left over debug output from recent change.
* g10/import.c (collapse_subkeys): Remove debug out.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 15:20:28 +02:00
Werner Koch
633c1fea5f
gpg: Collapse duplicate subkeys.
* g10/options.h (IMPORT_COLLAPSE_UIDS): New.
(IMPORT_COLLAPSE_SUBKEYS): New.
* g10/gpg.c (main): Make them the default.
* g10/import.c (parse_import_options): New import options
"no-collapse-uids" and "no-collapse_subkeys".
(collapse_subkeys): New.
(import_one_real): Collapse subkeys and allow disabling the collapsing
using the new options.
(read_key_from_file_or_buffer): Always collapse subkeys.
* g10/keyedit.c (fix_keyblock): Call collapse_subkeys.
--

GnuPG-bug-id: 4421
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 10:33:57 +02:00
Werner Koch
4031c42bfd
gpg,gpgsm: Record the creation time of a private key.
* sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option.
(gpgsm_agent_import_key): Ditto.
* g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on.
(agent_import_key): Ditto.
* g10/import.c (transfer_secret_keys): Pass the creation date to the
agent.
* g10/keygen.c (common_gen): Ditto.
--

Having the creation time in the private key file makes it a lot easier
to re-create an OpenPGP public keyblock in case it was accidentally
lost.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-19 13:43:16 +02:00
Werner Koch
6a4443c842
gpg: Make use of the included key block in a signature.
* g10/import.c (read_key_from_file): Rename to ...
(read_key_from_file_or_buffer): this and add new parameters.  Adjust
callers.
(import_included_key_block): New.
* g10/packet.h (PKT_signature): Add field flags.key_block.
* g10/parse-packet.c (parse_signature): Set that flags.
* g10/sig-check.c (check_signature2): Add parm forced_pk and change
all callers.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Try the included key block if no key is
available.
--

This is is the second part to support the new Key Block subpacket.
The idea is that after having received a signed mail, it is instantly
possible to reply encrypted - without the need for any centralized
infrastructure.

There is one case where this does not work: A signed mail is received
using a specified signer ID (e.g. using gpg --sender option) and the
key block with only that user ID is thus imported.  The next time a
mail is received using the same key but with a different user ID; the
signatures checks out using the key imported the last time.  However,
the new user id is not imported.  Now when trying to reply to that
last mail, no key will be found.  We need to see whether we can update
a key in such a case.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 17:14:34 +01:00
Werner Koch
32493ce50a
gpg: Add property "fpr" for use by --export-filter.
* g10/export.c (push_export_filters): New.
(pop_export_filters): New.
(export_pubkey_buffer): Add args prefix and prefixlen.  Adjust
callers.
* g10/import.c (impex_filter_getval): Add property "fpr".
* g10/main.h (struct impex_filter_parm_s): Add field hexfpr.
--

The push and pop feature will help us to use the export filter
internally in gpg.  Same for the export_pubkey_buffer change.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:19:31 +01:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
86312b920a
gpg: New option --full-timestrings.
* g10/options.h (opt): Add flags.full_timestrings.
* g10/gpg.c (oFullTimestrings): New.
(opts): New option.
(main): Set new flag.
* g10/keyid.c (dateonlystr_from_pk): New.
(dateonlystr_from_sig): New.
(datestr_from_pk): Divert to isotimestamp if requested.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
* g10/import.c (impex_filter_getval): Use dateonlystr_from_sig and
dateonlystr_from_pk.
--

Quite helpful for debugging keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:09 +01:00
Werner Koch
6701a38f8e
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
* g10/import.c (import_one_real): Don't do the final clean in the
merge case.
--

This fixes a regression introduced with self-sigs-only.

GnuPG-bug-id: 4628
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 15:07:25 +01:00
Werner Koch
9698761933
Merge branch 'switch-to-gpgk' into master
--
Resolved Conflicts:

* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:44:23 +02:00
Werner Koch
2f0fdab8aa
common: Allow a readlimit for iobuf_esopen.
* common/iobuf.c (file_es_filter_ctx_t): Add fields use_readlimit and
readlimit.
(file_es_filter): Implement them.
(iobuf_esopen): Add new arg readlimit.
* g10/decrypt-data.c (decrypt_data): Adjust for change.
* g10/import.c (import_keys_es_stream): Ditto.
--

This comes handy for (length,datablob) style streams.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 15:45:58 +02:00
Werner Koch
aba82684fe
gpg: New option --use-keyboxd.
* g10/gpg.c (oUseKeyboxd,oKeyboxdProgram): New consts.
(opts): New options --use-keyboxd and --keyboxd-program.
(main): Implement them.
* g10/keydb.c: Move some defs out to ...
* g10/keydb-private.h: new file.
* g10/keydb.c: prefix function names with "internal" and move original
functions to ...
* g10/call-keyboxd.c: new file.  Divert to the internal fucntion if
--use-keyboxd is used.  Add a CTRL arg to most fucntions and change
all callers.
* g10/Makefile.am (common_source): Add new files.
(noinst_PROGRAMS): Do bot build gpgcompose.
--

Note that this is just the framework with only a basic implementation
of searching via keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-09 15:01:47 +02:00
Werner Koch
e1d9be730c
gpg: Rework the signature subpacket iteration function.
* g10/parse-packet.c (enum_sig_subpkt): Replace first arg by two args
so that the entire signature packet is available.  Change all callers.
(parse_sig_subpkt): Ditto.
--

This patch is a prerequisite to support the new attestation key
signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 20:38:23 +02:00
NIIBE Yutaka
33c17a8008 gpg: Improve import slowness.
* g10/import.c (read_block): Avoid O(N^2) append.
(sec_to_pub_keyblock): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-10 15:42:07 +09:00
Werner Koch
a29156d5a6
gpg: Do not try the import fallback if the options are already used.
* g10/import.c (import_one): Check options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-09 11:13:51 +02:00
Werner Koch
eec150eca7
gpg: Fix regression in option "self-sigs-only".
* g10/import.c (read_block): Make sure KEYID is availabale also on a
pending packet.
--

Reported-by: Phil Pennock
Fixes-commit: 2e349bb617
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-09 11:12:20 +02:00
Werner Koch
3a403ab04e
gpg: Fallback to import with self-sigs-only on too large keyblocks.
* g10/import.c (import_one): Rename to ...
(import_one_real): this.  Do not print and update stats on keyring
write errors.
(import_one): New.  Add fallback code.
--

GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 21:53:55 +02:00
Werner Koch
2e349bb617
gpg: New import and keyserver option "self-sigs-only"
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--

This option is intended to help against importing keys with many bogus
key-signatures.  It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.

GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 15:15:30 +02:00
Werner Koch
894b72d796
gpg: Make read_block in import.c more flexible.
* g10/import.c: Change arg 'with_meta' to 'options'.  Change callers.
--

This chnage allows to pass more options to read_block.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 15:15:29 +02:00
NIIBE Yutaka
a861f9343d g10: Fix a memory leak.
* g10/import.c (import): Care PNDING_PKT on error.

--

GnuPG-bug-id: 4461
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-17 09:58:07 +09:00
Werner Koch
40595b5793
gpg: Set a limit of 5 to the number of keys imported from the WKD.
* g10/import.c (import): Limit the number of considered keys to 5.
(import_one): Return the first fingerprint in case of WKD.
--

The Web Key Directory should carry only one key.  However, some
providers like to put old or expired keys also into the WKD.  I don't
thunk that this is a good idea but I heard claims that this is needed
for them to migrate existing key data bases.

This patch puts a limit on 5 on it (we had none right now) and also
fixes the issue that gpg could not work immediately with the requested
key because the code uses the fingerprint of the key to use the
imported key.  Now the first key is used.  On a second try (w/o
accessing the WKD) the regular key selection mechanism would be in
effect.  I think this is the most conservative approach.  Let's see
whether it helps.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-11 09:55:27 +02:00
Werner Koch
ea32842d5c
gpg: Fix printing of the user id during import.
* g10/getkey.c (struct keyid_list): Add field fprlen.
(cache_user_id): Set and test it.
(get_user_id_byfpr): Make static, add arg fprlen and use it.
(get_user_id_byfpr_native): Add arg fprlen and change all callers.
--

This was a regression in the 2.3 base.
GnuPG-bug-id: 3801

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-05 17:02:43 +02:00
Werner Koch
5205512fc0
gpg: Allow import of PGP desktop exported secret keys.
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic.  Change to take ownership of
arg keyblock.  Implement extra secret key import logic.  Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--

The PGP desktops exported secret keys are really stupid.  And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):

  [...]  Implementations SHOULD include self-signatures on any user
  IDs and subkeys, as this allows for a complete public key to be
  automatically extracted from the transferable secret key.
  Implementations MAY choose to omit the self-signatures, especially
  if a transferable public key accompanies the transferable secret
  key.

Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.

GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-18 13:07:14 +01:00
Werner Koch
f799e9728b
gpg: Avoid importing secret keys if the keyblock is not valid.
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t.   Return an
error code if sec_to_pub_keyblock failed.  Resync secret keyblock.
--

When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway.  This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key.  After importing
the public key the secret keys suddenly showed up.

This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.

Caution: The ecc.scm test now fails because two of the sample keys
         don't have binding signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 20:41:38 +01:00
Werner Koch
f64477db86
gpg: During secret key import print "sec" instead of "pub".
* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'.  Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info.  Do
not print the first  keyinfo in FROM_SK mode.
printing.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 19:14:34 +01:00
Werner Koch
f06b6fe47f
gpg: Simplify an interactive import status line.
* g10/cpr.c (write_status_printf): Escape CR and LF.
* g10/import.c (print_import_check): Simplify by using
write_status_printf and hexfingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-15 13:03:34 +01:00
Werner Koch
f40e9d6a52
kbx: Add support for 32 byte fingerprints.
* common/userids.c (classify_user_id): Support 32 byte fingerprints.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR32): New.
(struct keydb_search_desc): Add field fprlen.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field
version and increase size of fpr to 32.
* kbx/keybox-blob.c: Define new version 2 for PGP and X509 blobs.
(struct keyboxblob_key): Add field fprlen and increase size of fpr.
(pgp_create_key_part_single): Allow larger fingerprints.
(create_blob_header): Implement blob version 2 and add arg want_fpr32.
(_keybox_create_openpgp_blob): Detect the need for blob version 2.
* kbx/keybox-search.c (blob_get_first_keyid): Support 32 byte
fingerprints.
(blob_cmp_fpr): Ditto.
(blob_cmp_fpr_part): Ditto.
(has_fingerprint): Add arg fprlen and pass on.
(keybox_search): Support KEYDB_SEARCH_MODE_FPR32 and adjust for
changed has_fingerprint.
* kbx/keybox-openpgp.c (parse_key): Support version 5 keys.
* kbx/keybox-dump.c (_keybox_dump_blob): Support blob version 2.

* g10/delkey.c (do_delete_key): Support KEYDB_SEARCH_MODE_FPR32.
* g10/export.c (exact_subkey_match_p): Ditto.
* g10/gpg.c (main): Ditto.
* g10/getkey.c (get_pubkey_byfprint): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
* g10/keydb.c (keydb_search_desc_dump): Support
KEYDB_SEARCH_MODE_FPR32 and adjust for changed KEYDB_SEARCH_MODE_FPR.
(keydb_search): Add new arg fprlen and change all callers.
* g10/keyedit.c (find_by_primary_fpr): Ditto.
* g10/keyid.c (keystr_from_desc): Ditto.
* g10/keyring.c (keyring_search): Ditto.
* g10/keyserver.c (print_keyrec): Ditto.
(parse_keyrec): Ditto.
(keyserver_export): Ditto.
(keyserver_retrieval_screener): Ditto.
(keyserver_import): Ditto.
(keyserver_import_fprint): Ditto.
(keyidlist): Ditto.
(keyserver_get_chunk): Ditto.

* g10/keydb.c (keydb_search): Add new arg fprlen and change all
callers.

* sm/keydb.c (keydb_search_fpr): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
--

This prepares the support for OpenPGP v5 keys.  The new version 2 blob
format is needed for the longer fingerprints and we also use this
opportunity to prepare for storing the keygrip in the blob for faster
lookup by keygrip.  Right now this is not yet functional.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
c6e2ee0207
gpg: Prepare revocation keys for use with v5 keys.
* g10/packet.h (struct revocation_key): Add field 'fprlen'.
* g10/parse-packet.c (parse_revkeys): Set fprlen and allow for v5
keys.  Also fix reading of unitialized data at place where
MAX_FINGERPRINT_LEN is used.
* g10/revoke.c (gen_desig_revoke): Allow for v5 keys and use fprlen.
Do an explicit compare to avoid reading unitialized data.
* g10/sig-check.c (check_revocation_keys): Use the fprlen.
* g10/getkey.c (merge_selfsigs_main): Do an explicit copy to avoid
reading unitialized data.
* g10/import.c (revocation_present): Use fprlen.
* g10/keyedit.c (show_key_with_all_names): Use fprlen.
(menu_addrevoker): Use fprlen.  Allow for v5 keys.
* g10/keygen.c (keygen_add_revkey): Use fprlen.
(parse_revocation_key): Allow for v5 keys.
* g10/keyid.c (keyid_from_fingerprint): Allow for v5 keys.  Print a
better error message in case of bogus fingerprints.
* g10/keylist.c (print_revokers): Use fprlen.
--

The reading of uninitialized data is harmless but we better fix it to
make valgrind happy.  More serious was that we always passed
MAX_FINGERPRINT_LEN but we will need to support 20 and 32 octet
fingerprints and MAX_FINGERPRINT_LEN would be too large for a v4.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-04 15:43:19 +01:00
Werner Koch
6b9f772914
common: Prepare for parsing mail sub-addresses.
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement.  Change all callers to pass false for it.

* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--

Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it.  After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.

To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command

   t-mbox-util --verbose --filter

can be used; to output w/o sub-addresses add --no-sub.

GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-12 07:44:33 +01:00
Daniel Kahn Gillmor
a7c5d65eb5 all: fix more spelling errors 2018-10-25 16:53:05 -04:00
Daniel Kahn Gillmor
54eb375ff1 all: fix spelling and typos
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-24 15:56:18 -04:00
Werner Koch
8e83493dae
gpg: New options import-drop-uids and export-drop-uids.
* g10/options.h (IMPORT_DROP_UIDS): New.
(EXPORT_DROP_UIDS): New.
* g10/import.c (parse_import_options): Add option "import-drop-uids".
(import_one): Don't bail out with that options and no uids found.
Also remove all uids.
(remove_all_uids): New.
* g10/export.c (parse_export_options): Add option "export-drop-uids".
(do_export_one_keyblock): Implement option.
--

These options are required for experiments with changes to the
keyserver infrastructure.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-02 11:03:27 +02:00
NIIBE Yutaka
7c96cc67e1 g10: Fix memory leak.
* g10/import.c (read_block): Call free_packet to skip the packet.

--

Reported-by: Philippe Antoine
GnuPG-bug-id: 3916
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-09-07 13:01:52 +09:00
Werner Koch
7f172404bf
gpg: Refresh expired keys originating from the WKD.
* g10/getkey.c (getkey_ctx_s): New field found_via_akl.
(get_pubkey_byname): Set it.
(only_expired_enc_subkeys): New.
(get_best_pubkey_byname): Add support to refresh expired keys from the
WKD.
--

A little drawback of that code is that if the WKD has no update for an
expired key each access of the key will trigger a WKD lookup (unless
cached by the dirmngr).  To avoid this we need to record the last time
we have checked for an update but that would in turn require that we
update the keyring for each check.  We defer this until we have a
better key database which allows for fast updates of meta data.

Testing the code is currently a bit cumbersome because it requires to
update a key in the WKD several times.  Eventually we we need a
network emulation layer to provide sample data for the regression
tests.

GnuPG-bug-id: 2917
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-28 15:22:35 +02:00
Werner Koch
c2fd65ec84
gpg: Let export-clean remove expired subkeys.
* g10/key-clean.h (KEY_CLEAN_NONE, KEY_CLEAN_INVALID)
(KEY_CLEAN_ENCR, KEY_CLEAN_AUTHENCR, KEY_CLEAN_ALL): New.
* g10/key-clean.c (clean_one_subkey): New.
(clean_all_subkeys): Add arg CLEAN_LEVEL.
* g10/import.c (import_one): Call clean_all_subkeys with
KEY_CLEAN_NONE.
* g10/export.c (do_export_stream): Call clean_all_subkeys depedning on
the export clean options.
--

GnuPG-bug-id: 3622
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-09 09:49:21 +02:00
Werner Koch
6c3567196f
gpg: Split key cleaning function for clarity.
* g10/key-clean.c (clean_key): Rename to clean_all_uids and split
subkey cleaning into ...
(clean_all_subkeys): new.  Call that always after the former clean_key
invocations.
--

Note that the clean_all_subkeys function will later be extended.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-09 08:15:50 +02:00
Werner Koch
135e46ea48
gpg: Move key cleaning functions to a separate file.
* g10/trust.c (mark_usable_uid_certs, clean_sigs_from_uid)
(clean_uid_from_key, clean_one_uid, clean_key): Move to ...
* g10/key-clean.c: new file.
* g10/key-clean.h: New.
* g10/Makefile.am (gpg_sources): Add new files.
* g10/export.c, g10/import.c, g10/keyedit.c, g10/trustdb.c: Include
new header.
* g10/trustdb.h (struct key_item, is_in_klist): Move to ...
* g10/keydb.h: here.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-06 11:40:16 +02:00
Werner Koch
01cd66f9fa
gpg: Ignore too large user ids during import.
* g10/import.c (read_block): Add special treatment for bad user ids
and comment packets.
--

See
GnuPG-bug-id: 4022
for an example of a bogus user id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-04 09:58:05 +02:00
Werner Koch
60e7e102a1
indent: Fix indentation of read_block in g10/import.c
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-04 09:45:52 +02:00
Werner Koch
b7cd2c2093
gpg: Print revocation reason for "rvs" records.
* g10/import.c (get_revocation_reason): New.
(list_standalone_revocation): Extend function.
--

Note that this function extends the "rvs" field signature-class (field
11) with the revocation reason.  GPGME does not yet parse this but it
can be expected that the comma delimiter does not break other parsers.

A new field is added to the "rvs" (and in future also the "rev")
record to carry a record specific comment.  Hopefully all parsers
meanwhile learned the lesson from other new fields and don't bail out
on more fields than they know about.

This is partial solution to
GnuPG-bug-id: 1173

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-21 20:03:44 +02:00
Werner Koch
386b9c4f25
gpg: Let --show-keys print revocation certificates.
* g10/import.c (list_standalone_revocation): New.
(import_revoke_cert): Call new function.
--

GnuPG-bug-id: 4018
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-21 15:06:40 +02:00
Werner Koch
fe621cc64b
gpg: Do not import revocations with --show-keys.
* g10/import.c (import_revoke_cert): Add arg 'options'.  Take care of
IMPORT_DRY_RUN.
--

GnuPG-bug-id: 4017
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-12 09:07:16 +02:00
Daniel Kahn Gillmor
2ddfb5bef9
gpg: Add new usage option for drop-subkey filters.
* g10/import.c (impex_filter_getval): Add new "usage" property for
drop-subkey filter.
--

For example, this permits extraction of only encryption-capable
subkeys like so:

    gpg --export-filter 'drop-subkey=usage !~ e' --export $FPR

GnuPG-Bug-id: 4019
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-06-12 08:19:19 +02:00
Werner Koch
1bc6b51742
gpg: Improve verbose output during import.
* g10/import.c (chk_self_sigs): Print the subkeyid in addition to the
keyid.
(delete_inv_parts): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-07 10:30:07 +02:00
Werner Koch
257661d6ae
gpg: New command --show-keys.
* g10/gpg.c (aShowKeys): New const.
(opts): New command --show-keys.
(main): Implement command.
* g10/import.c (import_keys_internal): Don't print stats in show-only
mode.
(import_one): Be silent in show-only mode.
--

Using

  --import --import-options show-only

to look at a key is too cumbersome.  Provide this shortcut and also
remove some diagnostic cruft in this case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-06 11:57:34 +02:00