1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

10066 Commits

Author SHA1 Message Date
Werner Koch
f9ea5dc831
agent: Allow arguments to "scd serialno" in restricted mode.
* agent/command.c (cmd_scd): Allow it.
--

This is important because Scute uses "SCD SERIALNO --all".
2022-12-12 14:43:01 +01:00
Werner Koch
061efac03f
scd:p15: Skip deleted records.
* scd/app-p15.c (select_and_read_record): Special case deleted
records.  Support 3 byte TLVs.
(read_ef_prkdf): Skip deleted records.
(read_ef_pukdf): Ditto.
(read_ef_cdf): Ditto.
(read_ef_aodf): Ditto.
--

This fixes a problem with some CardOS 5 applications.
2022-12-09 08:49:28 +01:00
NIIBE Yutaka
f32d0c9c0f
build: Remove Windows CE support.
* agent/Makefile.am [HAVE_W32CE_SYSTEM]: Remove.
* am/cmacros.am [HAVE_W32CE_SYSTEM]: Remove.
* autogen.sh: Remove W32ce_ variables.
* configure.ac: Likewise.
* dirmngr/Makefile.am (extra_bin_ldflags): Remove.
* g10/Makefile.am [HAVE_W32CE_SYSTEM]: Remove.
* kbx/Makefile.am: Likewise.
* sm/Makefile.am (extra_bin_ldflags): Remove.
* tools/Makefile.am (extra_bin_ldflags): Remove.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-09 14:06:08 +09:00
Werner Koch
278f85d1bc
wkd: Do not send/install/mirror expired user ids.
* tools/gpg-wks.h (struct uidinfo_list_s): Add fields expired and
revoked.
* tools/wks-util.c (append_to_uidinfo_list): Add args expired and
revoked.
(set_expired_revoked): New.
(wks_list_key): Set expired and revoked.
(wks_cmd_install_key): Skip expired uids.
* tools/gpg-wks-client.c (command_check): Print flags.
(command_send): Ignore expired keys.
(mirror_one_key): Ditto.

* g10/export.c (do_export_stream): Silence warning.
--

GnuPG-bug-id: 6292
2022-12-06 09:23:16 +01:00
Werner Koch
58819c024a
gpgsm: Print the revocation time also with --verify.
* sm/certchain.c (is_cert_still_valid): Print revocation reason.
2022-12-05 17:48:24 +01:00
Werner Koch
1c2bdd80b1
gpgsm: Fix "problem re-searching certificate" case.
* sm/keydb.c (keydb_set_cert_flags): Fix error test.
2022-12-05 17:30:26 +01:00
Werner Koch
b6abaed2b5
gpgsm: Print revocation date and reason in cert listings.
* dirmngr/ocsp.c (ocsp_isvalid): Add args r_revoked_at and
r_revocation_reason.
* dirmngr/server.c (cmd_isvalid): Emit a new REVOCATIONINFO status.
(cmd_checkocsp): Ditto.

* sm/call-dirmngr.c (struct isvalid_status_parm_s): Add new fields.
(isvalid_status_cb): Parse REVOCATIONINFO.
(gpgsm_dirmngr_isvalid): Add args r_revoked_at and
r_revocation_reason.

* sm/gpgsm.h (struct server_control_s): Add fields revoked_art and
revocation_reason.
* sm/keylist.c (list_cert_raw): Print revocation date.
(list_cert_std): Ditto.
--

Note that for now we do this only for OCSP because it is an important
piece of information when using the chain model.  For a sample key see
commit 7fa1d3cc821dca1ea8e1c80a0bdd527177c185ee.
2022-12-05 16:42:08 +01:00
Werner Koch
4f1b9e3abb
gpgsm: Silence the "non-critical certificate policy not allowed".
* sm/certchain.c (check_cert_policy): Print non-critical policy
warning only in verbose mode.
2022-12-05 14:31:45 +01:00
Werner Koch
7fa1d3cc82
gpgsm: Always use the chain model if the root-CA requests this.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Do not use
option --force-default-responder.
* sm/certchain.c (is_cert_still_valid): Rename arg for clarity.
(gpgsm_validate_chain): Always switch to chain model.
--

The trustlist.txt may indicate that a root CA issues certificates
which shall be validated using the chain model.  This is for example
the case for qualified signatures.  Before this change we did this
only if the default shell model indicated that a certificate has
expired.  This optimization is technically okay but has one problem:
The chain model requires the use of OCSP but we switch to this only
when running the chain model validation.  To catch revoked
certificates using OCSP we need to always switch to the chain model
unless OCSP has been enabled anyway.

Note that the old --force-default-responder option is not anymore
used.

Test cases are certificates issued by

  # CN=TeleSec qualified Root CA 1
  # O=Deutsche Telekom AG
  # C=DE
  # 2.5.4.97=USt-IdNr. DE 123475223
  90:C6:13:6C:7D:EF:EF:E9:7C:C7:64:F9:D2:67:8E:AD:03:E5:52:96 \
    S cm qual relax

A sample revoked certificate is

-----BEGIN CERTIFICATE-----
MIIDTzCCAvSgAwIBAgIQIXfquQjq32B03CdaflIbiDAMBggqhkjOPQQDAgUAMHEx
CzAJBgNVBAYTAkRFMRwwGgYDVQQKDBNEZXV0c2NoZSBUZWxla29tIEFHMSMwIQYD
VQQDDBpUZWxlU2VjIFBLUyBlSURBUyBRRVMgQ0EgMTEfMB0GA1UEYQwWVVN0LUlk
TnIuIERFIDEyMzQ3NTIyMzAeFw0yMDA2MjIxMDQ1NDJaFw0yMzA2MjUyMzU5MDBa
MDAxCzAJBgNVBAYTAkRFMRUwEwYDVQQDDAxLb2NoLCBXZXJuZXIxCjAIBgNVBAUT
ATMwWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEbkEXUuXTriWOwqQhjlh11oCc
6Z8lQdQDz3zY/OEh8fMJS7AKBNo8zkpPKDJ2olPph18b1goEbLiqHQsPRPahDaOC
AaowggGmMB8GA1UdIwQYMBaAFP/0iep1rMXT0iQ0+WUqBvLM6bqBMB0GA1UdDgQW
BBQEI3xsIUDnoOx+gLYbG63v5/f9kjAOBgNVHQ8BAf8EBAMCBkAwDAYDVR0TAQH/
BAIwADAgBgNVHREEGTAXgRV3ZXJuZXIua29jaEBnbnVwZy5jb20wPQYDVR0gBDYw
NDAyBgcEAIvsQAECMCcwJQYIKwYBBQUHAgEWGWh0dHA6Ly9wa3MudGVsZXNlYy5k
ZS9jcHMwgYQGCCsGAQUFBwEBBHgwdjBLBggrBgEFBQcwAoY/aHR0cDovL3RxcmNh
MS5wa2kudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19QS1NfZUlEQVNfUUVTX0NBXzEu
Y3J0MCcGCCsGAQUFBzABhhtodHRwOi8vcGtzLnRlbGVzZWMuZGUvb2NzcHIwXgYI
KwYBBQUHAQMEUjBQMAgGBgQAjkYBATAIBgYEAI5GAQQwOgYGBACORgEFMDAwLhYo
aHR0cHM6Ly93d3cudGVsZXNlYy5kZS9zaWduYXR1cmthcnRlL2FnYhMCZW4wDAYI
KoZIzj0EAwIFAANHADBEAiAqgB8gyZyj05CRdHD5KJcpG68DzQECYnYP6ZPasUYK
AQIgI1GtRMJWvFTIKsZpgY+ty0pRb5/K09fbmvaSAKFpv/I=
-----END CERTIFICATE-----
2022-12-05 14:25:04 +01:00
Werner Koch
1a85ee9a43
gpg: New export option "mode1003".
* agent/command.c (cmd_export_key): Add option --mode1003.
(command_has_option): Ditto.
* g10/build-packet.c (do_key): Implement mode 1003.
* g10/parse-packet.c (parse_key): Ditto.
* g10/options.h (EXPORT_MODE1003): New.o
* g10/call-agent.c (agent_export_key): Add arg mode1003.
* g10/export.c (parse_export_options): Add "mode1003"
(secret_key_to_mode1003): New.
(receive_seckey_from_agent): Add arg mode1003.
(do_export_one_keyblock): Pass option down.
--

This option allows to export a secret key in GnuPG's native format.
Thus no re-encryption is required and further the public key parameters
are also authenticated if a protection passphrase has been used.

Note that --import is not yet able to handle this new mode.  Although
old version of GnuPG will bail out with "invalid packet" if a mode1003
exported secret key is seen.
2022-12-02 10:09:58 +01:00
Werner Koch
1d88e14de7
gpg: Remove a mostly duplicated function.
* g10/export.c (receive_seckey_from_agent): Add arg r_key.
(do_export_one_keyblock): Pass NULL for new arg.
(receive_raw_seckey_from_agent): Remove.
(export_secret_ssh_key): Use receive_seckey_from_agent.
* g10/keygen.c (card_store_key_with_backup): Pass NULL for new arg.
2022-12-02 10:09:58 +01:00
NIIBE Yutaka
0a93b5b96a
tests: Simplify fake-pinentry to use the option only.
* tests/openpgp/fake-pinentry.c (parse_pinentry_user_data): New.
(main): Don't use PINENTRY_USER_DATA env var.

--

Since environment variable is unreliable, use the option only.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-02 16:55:49 +09:00
NIIBE Yutaka
7c6b014d3b
tests: Fix fake-pinentry for Windows.
* tests/openpgp/fake-pinentry.c (main): Override PINENTRY_USER_DATA,
by the option.

--

In the Assuan implementation for Windows, spawn function doesn't call
the atfork callback.  Thus, the environment variable is not updated by
gpg-agent when it spawns pinentry.  Reliable way is the interaction
to override the option.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-02 16:16:07 +09:00
NIIBE Yutaka
7663fdd983
tests: Fix make check-all.
* Makefile.am (TESTS_ENVIRONMENT): Add GNUPG_IN_TEST_SUITE.

--

Fixes-commit: 50d12860ef21e8480474fd94a0b4465d0339086d
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-02 09:58:51 +09:00
Werner Koch
e094616cb7
agent: Fix import of protected v5 keys.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Take care of
version 5 keys.
--

GnuPG-bug-id: 6294
2022-12-01 10:12:21 +01:00
Werner Koch
2d8ac55d26
gpgsm: Change default algo to AES-256.
* sm/gpgsm.c (DEFAULT_CIPHER_ALGO): Change.
2022-12-01 10:12:21 +01:00
NIIBE Yutaka
1b434111a1
tests: Put a workaround for semihosted environment.
* tests/openpgp/defs.scm [*win32*]: Use --build-prefix option.

--

On the semihosted environment, output of simple gpgconf
--list-components includes drive name (like Z:), which results failure
of command invocation.  This is a workaround.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 17:11:32 +09:00
NIIBE Yutaka
594c3274d6
tests: More fix for semihosted environment.
* common/all-tests.scm: Conditionalize by *win32*.
* tests/cms/Makefile.am (GPGSM): Add missing GPGSM.
* tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Add EXEEXT.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 17:09:45 +09:00
NIIBE Yutaka
f182c284fb
tests: Support semihosted environment.
* Makefile.am (check-all): Add EXEEXT.
* agent/all-tests.scm: Append EXEEXT.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 13:59:06 +09:00
NIIBE Yutaka
a9a1ee8726
tests: Fix tests under cms.
* tests/cms/all-tests.scm: Remove merge mistake.

--

Fixes-commit: 1246e16432b4240ad81c0bd757d7458b609dfd96
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 10:33:20 +09:00
NIIBE Yutaka
e1e26a49bf
tests,w32: Fix for semihosted environment.
* tests/cms/Makefile.am (OLD_TESTS_ENVIRONMENT): Add EXEEXT.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 09:21:41 +09:00
NIIBE Yutaka
50c6515360
w32: Fix for tests on semihosted environment.
* Makefile.am (all-local): Make links with EXEEXT.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-30 16:50:10 +09:00
NIIBE Yutaka
8e8971403f
w32: Fix gnupg_unsetenv.
* common/sysutils.c (gnupg_unsetenv): Don't use nonstandard extension
of "NAME", but "NAME=".

--

Microsoft implementation of putenv works to remove an environment
variable by "NAME=".

POSIX doesn't say that putenv with "NAME=" has same effect.  GNU
implementation doesn't support this way for removal of environment
variable.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-30 15:56:03 +09:00
NIIBE Yutaka
de0c563f29
doc: Deprecate scd-event option of scdaemon.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-30 11:47:01 +09:00
Werner Koch
c3f9f2d497
wkd: New option --add-revocs and some fixes.
* tools/gpg-wks.h (opt): Add add_revocs.
* tools/wks-util.c (wks_get_key): Add arg 'binary'.
(wks_armor_key): New.
(wks_find_add_revocs): New.
(wks_cmd_install_key): Get key in binary mode and add revocations if
enabled.
* tools/gpg-wks-client.c (oAddRevocs): New.
(opts): Add --add-revocs.
(parse_arguments): Set option,
(command_send): Get key in binary mode, add revocations if enabled,
and explictly armor key.  Remove kludge to skip the Content-type line
in no_encrypt mode.

(mirror_one_keys_userid): Always filter the key to get rid of the
armor as received from dirmngr.  Add revocations from the local
keyring.
--

Note that this also fixes an oddity of the new mirror command which
used to store the keys armored as received from dirmngr.
2022-11-29 17:17:50 +01:00
Werner Koch
fbc52f5501
doc: Comment typo fix
--
2022-11-29 15:28:35 +01:00
Werner Koch
34fafa50f1
wkd: Make use of --debug extprog.
* tools/wks-util.c (debug_gpg_invocation): New.
(get_key_status_cb): Enable debug output.
(wks_get_key): Show gpg invocation.
(wks_list_key): Ditto.
(wks_filter_uid): Ditto.
2022-11-29 10:43:54 +01:00
Werner Koch
c985b52e71
gpg: New export-filter export-revocs
* g10/options.h (EXPORT_REVOCS): New.
* g10/export.c (export_select_filter): New.
(struct export_filter_attic_s): Add field.
(cleanup_export_globals): Cleanup.
(parse_export_options): Add option "export-revocs".
(parse_and_set_export_filter): Parse the select type.
(do_export_revocs): New.
(do_export_stream): Add a way to select things for export.
2022-11-28 12:44:02 +01:00
NIIBE Yutaka
a4698d0fb2
gpg: Fix double-free in gpg --card-edit.
* g10/card-util.c (change_name): Don't free ISONAME here.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-28 16:59:21 +09:00
Werner Koch
2aacd843ad
gpg: Make --require-compliance work with out --status-fd
* g10/mainproc.c (proc_encrypted): Set complaince_de_vs also if
require-compliance is set.
--

Without this fix require-compliance would fail if no --status-fd was
used.
2022-11-28 08:21:59 +01:00
Werner Koch
1324dc3490
gpg: New option --list-filter
* g10/gpg.c (oListFilter): New.
(opts): Add --list-filter.
(main): Parse oListFilter.
* g10/keylist.c: Include init.h and recsel.h.
(struct list_filter_s, list_filter): New.
(release_list_filter): New.
(cleanup_keylist_globals): New.
(parse_and_set_list_filter): New.
(list_keyblock): Implement --list-filter type "select".

* g10/import.c (impex_filter_getval): Add scope support and new
property names "key-size", "algostr", "origin", "lastupd", and "url".
--

This option is pretty useful to select keys based on their properties.
The scope thing can be sued to limit a selection to just the primary
key or to subkeys.  For example:

  gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519'

Lists all non-revoked keys with an ed25519 (signing)-subkey.
2022-11-25 16:04:54 +01:00
Werner Koch
d70779bdc6
dirmngr: Silence ocsp debug output.
* dirmngr/ocsp.c (check_signature_core): No debug output
--

Also typo and doc fixes.
2022-11-25 09:26:30 +01:00
NIIBE Yutaka
1246e16432
tests: Fix to support --enable-all-tests and variants.
* tests/gpgscm/tests.scm (test::scm): Add VARIANT argument.
(tests::new): Likewise.
(open-log-file, report): Support VARIANT.
* tests/gpgme/all-tests.scm (setup-c, setup-py): Follow the change.
* tests/cms/all-tests.scm: Likewise.
* tests/cms/run-tests.scm: Likewise.
* tests/migrations/all-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/all-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.

--

Forward port from 2.2 branch of:
	0fd7a902070ad9bdd835fa57dbadff25917bca42

Fixes-commit: 1c88104a3f00f7ca3790fbaab8f67b2b68cd6e18
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-24 15:57:25 +09:00
NIIBE Yutaka
7071f30762
tests:w32: Fix for non-dot file name for Windows.
* tests/migrations/from-classic.scm (assert-migrated): Handle the case
on Windows.

--

Forward port from 2.2 branch of:
	754175a46d3bc34e9ef8098dbd05abdfd61ada64

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-24 11:46:36 +09:00
NIIBE Yutaka
7fe524e182
tests:gpgscm:w32: Fix for GetTempPath.
* tests/gpgscm/ffi.c (do_get_temp_path): Remove the last backslash.

--

Forward port from 2.2 branch of:
	9a75460652d6055983930e80e022396f613ed6f7

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-24 11:45:46 +09:00
NIIBE Yutaka
1372b17731
tests: Keep .log files in objdir.
* tests/gpgscm/tests.scm (open-log-file): Keep the log file in objdir.

--

Forward port from 2.2 branch of:
	1c88104a3f00f7ca3790fbaab8f67b2b68cd6e18

Before the change, it is at ephemeral temp directory which is removed.
This is not useful at all.  Possibly, it was done before the introduce
of ephemeral temp directory for each test and not changed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-24 11:45:11 +09:00
NIIBE Yutaka
7ab2e4386f
tests: Use 233 for invalid value of FD.
* tests/openpgp/issue2941.scm: Use 233.

--

Forward port from 2.2 branch of:
	43722438a826e1a162723a23452018ccf1b640ec

On Windows machine (emulated by Wine), 23 may be valid value for
handle.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-24 11:43:44 +09:00
NIIBE Yutaka
ce5bed2800
w32: Fix gnupg_tmpfile for possible failure.
* common/sysutils.c (gnupg_tmpfile): Use different value for next
attempt.

--

The resolution of system timer is typically in the range of 10
milliseconds to 16 milliseconds.  Thus, before the change, it may
fail.  Actually, it failed with Wine emulation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-18 19:23:09 +09:00
Werner Koch
9f7ff43672
scd: Redact --debug cardio output of a VERIFY APDU.
* scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a
VERIFY.
(send_apdu_ccid): Ditto.
--

This should handle the most common case.
GnuPG-bug-id: 5085
2022-11-17 14:33:18 +01:00
NIIBE Yutaka
18a3ce1c9b
common: Remove Windows CE support in common.
* common/Makefile.am (HAVE_W32CE_SYSTEM): Remove conditional build.
(common_sources): Remove exechelp-w32ce.c.
* common/asshelp.c [HAVE_W32CE_SYSTEM]: Remove the support.
* common/common-defs.h [HAVE_W32CE_SYSTEM]: Likewise.
* common/dotlock.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-posix.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-w32.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/gettime.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-w32ce.c: Remove.
* po/POTFILES.in: Update to remove common/exechelp-w32ce.c.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-16 10:05:37 +09:00
Werner Koch
f5c3f13609
gpgsm: Fix colon outout of ECC encryption certificates
* sm/keylist.c (print_capabilities): Add arg algo and use it to check
for ECC capabilities.
(list_cert_colon): Call with algo.
--

This will mark certificates with only keyAgreement usage correctly in
the --with-colons listing.
2022-11-15 16:31:46 +01:00
Werner Koch
2c4757352d
scd:nks: Fix ECC signing if key not given by keygrip.
* scd/app-nks.c (keygripstr_from_pk_file): Set r_algo if not in cache.
2022-11-15 14:52:40 +01:00
Werner Koch
868dabb402
dirmngr: Fix verification of ECDSA signed CRLs.
* dirmngr/crlcache.c (finish_sig_check): Use raw value for the data.
--

This had the usual signed/unsigned problem.  By using the modern form
we enforce Libgcrypt internal parsing as unsigned integer.
2022-11-15 09:56:13 +01:00
Werner Koch
80ccded042
agent: Allow trustlist on Windows in Unicode homedirs.
* agent/trustlist.c (agent_marktrusted): Use gnupg_access.
2022-11-10 14:55:38 +01:00
Werner Koch
976e9d6083
gpg: Fix verification of cleartext signatures with overlong lines.
* g10/armor.c (fake_packet): Indicate truncated lines by inserting a
formfeed.
(armor_filter): Replace assert by log_assert.
--

Reported-by: Demi Marie Obenour
GnuPG-bug-id: T6272
2022-11-10 14:55:38 +01:00
NIIBE Yutaka
8afa9735a6
gpg: Move w32_system function.
* g10/exec.h (w32_system): Not exposed.
* g10/exec.c (w32_system): Move to ...
* g10/photoid.c: here.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-09 10:37:58 +09:00
Werner Koch
d40d23b233
gpg: New option --quick-update-pref.
* g10/gpg.c (aQuickUpdatePref): New.
(opts): Add --quick-update-pref.
(main): Implement.
* g10/keyedit.c (keyedit_quick_update_pref): New.
(menu_set_preferences): Add arg 'unattended' and adjust caller.
--

This new quick command is in particular useful to update existing keys
so that they can be used with OCB mode.
2022-11-04 15:26:15 +01:00
Werner Koch
811cfa34cb
gpg: New list-options show-pref and show-pref-verbose.
* g10/options.h (LIST_SHOW_PREF): New.
(LIST_SHOW_PREF_VERBOSE): New.
* g10/gpg.c (parse_list_options): Add new options.
* g10/keyedit.c (show_prefs): Factor code out to ...
* g10/keylist.c (show_preferences): new.
(list_keyblock_print): Call show_preferences.
2022-11-04 12:44:09 +01:00
Werner Koch
1be272d04e
tests: Add tests to check that OCB is only used for capable keys.
* tests/openpgp/samplekeys/ed25519-cv25519-sample-2.asc: New.
* tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc: Add AEAD
preference.
* tests/openpgp/defs.scm (tr:gpgstatus): New.
(create-legacy-gpghome): Also import .key private keys.
* tests/openpgp/encrypt.scm: Add OCB tests.
2022-11-04 11:13:40 +01:00
Werner Koch
82c4f26b67
gpg: Make --list-packets work w/o --no-armor for plain OCB packets.
* g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD.
--

With this fix it is now possible to feed a vanilla packet of type 20
without first forcing gpg to assume binary mode.
2022-11-02 17:10:59 +01:00