* agent/command.c (cmd_keytocard): Timestamp at "Created:" field is
only used when time is not specified.
--
Fixes-commit: c795be79c1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/ldap.c (url_fetch_ldap): Detect and replace.
--
The actual URL causing this is
ldap://ldap.dgnservice.de:389/CN=CRL-1,O=DGN%20Service%20GmbH,\
C=DE?certificateRevocationList?base?objectClass=cRLDistributionPoint
It is actually not very helpful because I had problems finding the
issuer cert:
CN=dgnservice CRL2101 13:PN,O=DGN Deutsches Gesundheitsnetz \
Service GmbH,C=DE
* kbx/keybox-search.c (blob_cmp_fpr_part): Don't change FPROFF, since
it's caller which tweaks the offset.
(has_short_kid, has_long_kid): Examine the key flags to determine if
fingerprint 32 or 20.
--
GnuPG-bug-id: 5888
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpgtar.c: New option --with-log.
* tools/gpgtar.h (opt): Add field with_log.
* tools/gpgtar-extract.c (gpgtar_extract): Move directory string
building up. Add option --log-file if needed.
* tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it
is used outside of its scope.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
* dirmngr/server.c (proc_wkd_get): Take care of DNS server failures
--
Unfortunately there are resolver setups which don't handle SRV records
but return a server error. We let a not found error pass, because
that merely means the domain does not exists.
GnuPG-bug-id: 4729
* tools/gpgtar.h (opt): Add new flags.
* tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and
--require-compliance.
(main): Init signals.
* tools/gpgtar-create.c: Add new header files.
(gpgtar_create): Rework to use a pipe for encryption and signing.
* tools/gpgtar-list.c: Add new header files.
(gpgtar_list): Rework to use a pipe for decryption.
* tools/gpgtar-extract.c: Add new header files.
(gpgtar_extract): Rework to use a pipe for decryption.
--
Fixes-commit: 40dbee86f3
* common/dotlock.c (dotlock_take_unix): Do same when same PID
process detects stale lockfile. Add comment.
--
GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/misc.c (openpgp_cipher_algo_mode_name): New.
* g10/decrypt-data.c (decrypt_data): Use function here.
--
Note that openpgp_cipher_algo_mode_name is different from the version
2.2 becuase we append ".CFB" here.
Without this change we would see
gpg: cipher algorithm 'AES256' may not be used in
--compliance=de-vs mode
This is confusing because AES256 is compliant. Now we see
gpg: cipher algorithm 'AES256.OCB' may not be used in
--compliance=de-vs mode
which gives a hint on the problem.
* common/mapstrings.c (struct intmapping_s): New.
(map_static_strings): New.
* common/stringhelp.c (do_strconcat): Rename to ...
(vstrconcat): this and make global.
* common/t-mapstrings.c (test_map_static_strings): New test.
* g10/decrypt-data.c (decrypt_data): Add arg compliance_error. Adjust
all callers. Fail on compliance error only in --require-compliance
mode. Make sure to return an error if the buffer is missing; actually
that should be an assert.
* g10/mainproc.c (proc_encrypted): Delay printing of the compliance
mode status. Consult the compliance error now returned by
decrypt_data.
--
The actual case here is that we fail hard if a message has been AEAD
encrypted with one AEAD capable key and also with one passphrase. In
general the preference system takes care of not using AEAD if one
recipient's key does not support it. However, if the sender uses her
own AEAD-capable key _and_ a passphrase the message will be AEAD
encrypted. This change allows to decrypt that anyway along with a
warning message.
Note that this does currently not work in 2.3 due to a non-compliant
libgcrypt. We will however, backport this to 2.2.
* common/dotlock.c (read_lockfile): Return the file descriptor when
R_FD is available.
(dotlock_take_unix): Check the case the lockfile was already removed.
--
GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/t-dotlock.c (lock_and_unlock): Use usleep and faster.
Loop at least once. Use getrandom for random time.
(main): Add new option --one-shot to run lock/unlock once.
--
GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/sign.c (sign_symencrypt_file): Insert correct version and AEAD
information into symkey packet.
--
GnuPG-bug-id: 5856
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* g10/options.h (opt): Add field flags.require_compliance.
* g10/gpg.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant.
(check_sig_and_print): Ditto.
* g10/encrypt.c (encrypt_crypt): Ditto.
--
Note that in the --encrypt and --verify cased other checks may kick in
earlier than this new --require-compliance controlled one.
* common/iobuf.c (filter_flush): Remove "src_len == 0" check.
* g10/compress-bz2.c (do_compress): Exit early if flush not
forced and input length is zero.
* g10/compress.c (do_compress): Likewise.
--
Remove "(src_len == 0)" check in filter_flush which was
introduced to fix compress failure caused by zero length
flush from iobuf_close. However this check broke enarmoring
file with length of zero. Patch instead fixes zero length
flush problem in compress filters.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/iobuf.c (filter_flush): Use 'iobuf->e_d' if configured.
(iobuf_write): Configure 'iobuf->e_d' for 'filter_flush' if
'iobuf->d.buf' is empty and external buffer is larger than threshold.
--
Zero-copy operation in iobuf_write() and filter_flush() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/iobuf.h (iobuf_struct): Add 'e_d' substructure and members.
* common/iobuf.c (IOBUF_ZEROCOPY_THRESHOLD): New.
(iobuf_alloc): Clear 'iobuf->e_d'.
(underflow_target): Use 'iobuf->e_d' when configured to bypass copying
through 'iobuf->d.buf'.
(iobuf_read): Configure 'iobuf->e_d' for 'underflow' if 'iobuf->d.buf'
is empty and external buffer is larger than threshold.
--
Zero-copy operation in iobuf_read() and underflow() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* g10/cipher-aead.c (do_hash): Add faster path for encrypting directly
from input buffer instead of memcpying then encrypting inplace.
--
When encrypting with AES256.OCB on AMD Ryzen 5800X, memcpy shows as
taking largest portion of computation time. Patch adds fast path for
AEAD encryption which largely eliminates need for memcpying when
doing AEAD encryption. AES256.OCB throughput increases from 2.2GB/s
to 4.2GB/s on said system (1.9x faster).
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* g10/decrypt-data.c (decrypt_data): Disable estream buffering for
output file.
--
Here estream is filled with iobuf_copy which already uses large buffers
so additional buffering in estream was just adding memory copy overhead.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* g10/plaintext.c (handle_plaintext): Disable estream buffering in
binary modes.
--
Since in binary mode, large buffers are passed from source iobuf to
target estream, extra buffering in estream only causes extra memory
copying and overhead.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/iobuf.c (iobuf_copy): Use iobuf buffer size for temporary
buffers.
* g10/plaintext.c (handle_plaintext, do_hash): Likewise.
* g10/sign.c (sign_file): Likewise.
--
As iobuf will have zerocopy operation for read/write, it is better to
use same size buffers as iobuf for temporary copy buffers.
GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* tools/gpgtar.c: Replace assert by log_assert.
* tools/gpgtar-extract.c: Ditto.
(extract_regular): Create files with sysopen flag.
* tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar.
--
Note that for this change libgpg-error 1.45 is required for Windows.
* scd/app.c (app_auth): It's only APPTYPE_OPENPGP which supports
the challenge response interaction.
* scd/command.c (cmd_pkauth): It only wants if it works or not.
--
GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/sign.c (sign_file): Use iobuf_read instead of iobuf_get for
reading data from detached file.
--
This patch reduces iobuf_read per byte processing overhead and speeds
up detached signing.
Detached signing speed on AMD Ryzen 5800X (4.3GiB file, SHA256):
gpg process
user time
before: 3.951s
after: 1.898s (2.0x faster)
GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* g10/plaintext.c (do_hash): Use iobuf_read instead of iobuf_get for
reading data; Use gcry_md_write instead of gcry_md_putc for hash data.
--
This patch reduces iobuf_read per byte processing overhead and speeds
up detached signature verifying.
Detached verifying speed on AMD Ryzen 5800X (4.3GiB file, SHA256):
gpg process
user time
before: 9.410s
after: 1.913s (4.9x faster)
GnuPG-bug-id: T5826
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* agent/call-daemon.c (wait_child_thread): Print the correct name.
--
This makes sure that the log print the actual used name if for example
--pinentry-program was used.
* agent/trustlist.c (struct trustitem_s): Add flag "qual".
(read_one_trustfile): Rename arg "allow_include" to "systrust" and
change callers. Parse new flag "qual".
(istrusted_internal): Print all flags.
* sm/call-agent.c (istrusted_status_cb): Detect the "qual" flag.
* sm/gpgsm.h (struct rootca_flags_s): Add flag "qualified".
* sm/certchain.c (do_validate_chain): Take care of the qualified flag.
* dirmngr/validate.c (pk_algo_from_sexp): Make public. Support ECC.
* dirmngr/ocsp.c (check_signature): Remove hash preparation out to ...
(check_signature_core): here. This changes the arg s_hash to md.
Support ECDSA.
--
The test was done with my qualified signature certificate from the
Telesec and their responder http://tqrca1.ocsp.telesec.de/ocspr .
See also libksba commit rK24992a4a7a61d93759e1dbd104b845903d4589bf
* g10/mainproc.c (proc_tree): Call ask_for_detached_datafile
with MD2=NULL.
--
Here, c->mfx.md2 is always NULL, in fact. But, text-wise
(when searching the use of "mfx.md2"), before the change, it used
mfx.md2, which is irrelevant in the handling of PKT_ONEPASS_SIG.
Note that: One-Pass Signature is not available in PGP2.
This fix removes (text-wise) unmatch of the calls of functions
hash_datafile_by_fd hash_datafiles, and ask_for_detached_datafile.
Fixes-commit: 88a916cdd4
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>