1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

2341 Commits

Author SHA1 Message Date
Werner Koch
3a1fa13eed
common: New function get_keyalgo_string.
* common/openpgp-oid.c (struct keyalgo_string_s): New.
(keyalgo_strings): New.
(keyalgo_strings_size, keyalgo_strings_used): New.
(get_keyalgo_string): New.
--

This function is intended as a more general version of gpg's
pubkey_string function.  It has the advantage to avoid mallocs and
uses static table of algorithm strings instead.  There should be only
a few dozen of such strings (if at all) and thus all those allocations
we do internally in gpg's pubkey_string and the static buffers all
over the place are not too nice.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 21:26:35 +01:00
Werner Koch
49c891a9bf
common: Add OpenPGP<->Gcrypt pubkey id mapping functions.
* g10/misc.c (map_pk_gcry_to_openpgp): Move to ...
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): here and rename.
Change all 4 callers.
(map_openpgp_pk_to_gcry): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 14:04:18 +01:00
Werner Koch
8bbc4f0d2c
card: Add new OpenPGP card vendor.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-28 15:49:18 +01:00
Werner Koch
bf931299e8
gpg: Fix printing of keyring name (regression in master)
* g10/keydb.c (keydb_get_resource_name):
--

Fixes-commit: aba82684fe14289cf62b4694bc398f3a274b4762
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-21 11:17:18 +01:00
Werner Koch
da2ccfdbeb
card: Add new OpenPGP card vendor
--
2020-01-21 11:15:47 +01:00
Werner Koch
cff5facc7f
build: Require libgpg-error 1.37
--
2020-01-21 08:56:34 +01:00
NIIBE Yutaka
8748c50bfa gpg: Prefer card key on use in multiple subkeys situation.
* g10/call-agent.c (keyinfo_status_cb): Parse more fields.
(agent_probe_secret_key): Use KEYINFO and returns bigger value
representing the preference.
* g10/getkey.c (finish_lookup): For subkeys, select one
by using value of agent_probe_secret_key.

--

GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-17 16:09:01 +09:00
NIIBE Yutaka
853d5b7677 gpg: Prepare enhancement of agent_probe_secret_key.
* g10/call-agent.c (agent_probe_secret_key): Change semantics of
return value.
* g10/call-agent.h (agent_probe_secret_key): Change comment.
* g10/delkey.c (do_delete_key): Follow the change.
* g10/getkey.c (get_seckey, parse_def_secret_key): Likewise.
(finish_lookup, have_secret_key_with_kid): Likewise.
* g10/gpgv.c (agent_probe_secret_key): Likewise.
* g10/keyedit.c (keyedit_menu, quick_find_keyblock): Likewise.
(show_key_with_all_names_colon): Likewise.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Likewise
* g10/test-stubs.c (agent_probe_secret_key): Likewise.

--

GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-17 16:09:01 +09:00
Werner Koch
3ccad75d76
gpg: Print better debug info in case of broken sig subpackets.
* g10/parse-packet.c (enum_sig_subpkt): Print a hexdump.
--

A test key for this is 02DF08F5FD356BF27F5F7B838921B5DCCD15A883 .
A key listing in verbose mode will now yield

  gpg: DBG: buffer shorter than subpacket (10/9/25);\
       dump: 19100d87e54973647cff

The error here is that the packet length is 0x19 but what follows is a
long keyid (subpacket 16) which is shorter.  The debug output might be
helpful to better analyze broken signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-16 14:44:28 +01:00
NIIBE Yutaka
8edd4b8b8c gpg: Use "SCD KEYINFO" to get available card keys.
* g10/skclist.c (enum_secret_keys): Don't use agent_scd_cardlist and
agent_scd_serialno, but agent_scd_keyinfo.

--

When there are multiple cards/tokens, this change can avoid switching
card of foreground access.

GnuPG-bug-id: 4784
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 13:05:27 +09:00
NIIBE Yutaka
8240a70c31 gpg: Add agent_scd_keyinfo to retrieve available card keys.
* g10/call-agent.c (card_keyinfo_cb, agent_scd_free_keyinfo)
(agent_scd_keyinfo): New.
* g10/call-agent.h: Define new functions.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 13:01:46 +09:00
NIIBE Yutaka
1aa2a0a46d gpg: default-key: Simply don't limit by capability.
* g10/getkey.c (parse_def_secret_key): Remove the check.

--

GnuPG-bug-id: 4810
Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-16 10:28:15 +09:00
NIIBE Yutaka
9287f9e87b gpg: Cert only key should be usable with --default-key.
* g10/getkey.c (parse_def_secret_key): Allow cert-only key.

--

GnuPG-bug-id: 4810
Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-01-15 14:27:36 +09:00
Werner Koch
14aa797bb8
gpg,sm: Avoid useless ASFW diagnostic in loopback mode.
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 15:20:49 +01:00
Werner Koch
c0625c15c1
scd: Minor fix for readibility.
* scd/command.c (open_card_with_request): Use NULL instead of
APPTYPE_NULL.
--

Using the enum is wrong because a string is expected.  However it did
harm anything because the value of the enum is 0 and thus equivalent
to NULL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-03 11:43:55 +01:00
Werner Koch
a230bac339
Update wk's signing key
--
The expiration time of that smartcard based key has been prolonged
by 2 years.
2020-01-01 19:05:16 +01:00
Werner Koch
59d49e4a0a
gpg: Fix output of --with-secret if a pattern is given.
* g10/keylist.c (list_one): Probe for a secret key in --with-secret
mode.
--

In contrast to list_all(), list_one() did not tests for a secret key
and took MARK_TRUSTED verbatim as an indication for "secret key
available".

GnuPG-bug: 4061
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-23 12:40:44 +01:00
Werner Koch
8a6ecc6ff5
dirmngr: Tell gpg about WKD looks resulting from a cache.
* dirmngr/server.c (proc_wkd_get): Print new NOTE status
"wkd_cached_result".
* g10/call-dirmngr.c (ks_status_cb): Detect this and print a not ein
verbose mode.
--

This little patch is helpful to see why a WKD change still does not
work after it has been updated on the server.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-06 20:04:56 +01:00
Werner Koch
1abb39fdaf
gpg: Use AKL for angle bracketed mail address with -r.
* g10/getkey.c (get_pubkey_byname): Extend is_mbox checking.
(get_best_pubkey_byname): Ditto.
--

With this patch it is now possible to use

  gpg -e -r '<foo@example.org>'

and auto key locate will find the key.  Without that a plain mail
address; i.e.

  gpg -e -r 'foo@example.org'

was required.

GnuPG-bug-id: 4726
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-04 14:39:42 +01:00
Werner Koch
d2ff62dbdf
gpg: Change the way v5 fingerprints are printed.
* g10/gpg.h (MAX_FORMATTED_FINGERPRINT_LEN): Increase by one.
* g10/keyid.c (format_hexfingerprint): Change v5 key formatting.
--

The new format are groups of 5 letters to resemble the CW speed
measurement rules.  Many hams are used to such blocks from their CW
lessons.  Note that there is no double blank in the middle as with the
v4 keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 12:05:32 +01:00
Werner Koch
7244666926
gpg: Implement insert, update, and delete via keyboxd.
* g10/call-keyboxd.c (struct store_parm_s): New.
(store_inq_cb): New.
(keydb_update_keyblock): Implement the keyboxd part.
(keydb_insert_keyblock): Ditto.
(keydb_delete_keyblock): Ditto.
(keydb_search_reset): Clear ubid flag.  Also use the correct union
member for building the search string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:23:32 +01:00
Werner Koch
915297705a
kbx: Redefine the UBID which is now the primary fingerprint.
* common/util.h (UBID_LEN): New.  Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.

* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.

* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new.  Change all callers.

* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'.  Seek using the
ubid.  Take care of the mode.
--

It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob.  In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash.  Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference.  Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:16:13 +01:00
Werner Koch
61f41cdce5
gpg: Move a keydb function to another file.
* g10/keydb.c (build_keyblock_image): Move to ...
* g10/build-packet.c (build_keyblock_image): here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-27 11:58:47 +01:00
Werner Koch
d9c7935188
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
* doc/DETAILS: Specify new status code "NOTE".
* dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a
bad TLS certificate.
* g10/call-dirmngr.c (ks_status_cb): Detect this status.
--

For example a

  gpg -v --locate-external-keys dd9jn@posteo.net

now yields

  gpg: Note: server uses an invalid certificate
  gpg: (further info: bad cert for 'posteo.net': \
                      Hostname does not match the certificate)
  gpg: error retrieving 'dd9jn@posteo.net' via WKD: Wrong name
  gpg: error reading key: Wrong name

(without -v the "further info" line is not shown).  Note that even
after years Posteo is not able to provide a valid certificate for
their .net addresses.  Anyway, this help to show the feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-18 18:26:55 +01:00
Werner Koch
ae9acb8745
dirmngr: Forward http redirect warnings to gpg.
* dirmngr/http.c: Include dirmngr-status.h
(http_prepare_redirect): Emit WARNING status lines for redirection
problems.
* dirmngr/http.h: Include fwddecl.h.
(struct http_redir_info_s): Add field ctrl.
* dirmngr/ks-engine-hkp.c (send_request): Set it.
* dirmngr/ks-engine-http.c (ks_http_fetch): Set it.
* g10/call-dirmngr.c (ks_status_cb): Detect the two new warnings.
--

This should make it easier to diagnose problems with bad WKD servers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-18 18:24:02 +01:00
Werner Koch
dd18be979e
gpg: Forbid the creation of SHA-1 third-party key signatures.
* g10/sign.c (SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): New.
(do_sign): Add arg signhints and inhibit SHA-1 signatures.  Change
callers to pass 0.
(complete_sig): Add arg signhints and pass on.
(make_keysig_packet, update_keysig_packet): Set signhints.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-11 11:41:00 +01:00
Werner Koch
6701a38f8e
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
* g10/import.c (import_one_real): Don't do the final clean in the
merge case.
--

This fixes a regression introduced with self-sigs-only.

GnuPG-bug-id: 4628
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 15:07:25 +01:00
Werner Koch
e624c41dba
gpg: Add option --allow-weak-key-signatures.
* g10/gpg.c (oAllowWeakKeySignatures): New.
(opts): Add --allow-weak-key-signatures.
(main): Set it.
* g10/options.h (struct opt): Add flags.allow_weak_key_signatures.
* g10/misc.c (print_sha1_keysig_rejected_note): New.
* g10/sig-check.c (check_signature_over_key_or_uid): Print note and
act on new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 10:36:17 +01:00
Werner Koch
f4047f5605
gpg: Print rfc4880bis note only in verbose mode.
* g10/gpg.c (main): Change condition for an info diagnostic.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 09:24:38 +01:00
Werner Koch
a1f8ca7eee
doc: Make clear that by default RFC-4880bis features are used.
--
2019-11-07 09:07:30 +01:00
Werner Koch
fd88b8847a
gpg: Remove an unused variable.
* g10/delkey.c (do_delete_key): here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:47:29 +01:00
Werner Koch
584b65ad7e
gpg: Do not require --batch when using --log-file.
* g10/gpg.c (main): Remove a long standing FIXME.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:44:50 +01:00
NIIBE Yutaka
e2c2b0fb2d gpg: More fix of get_best_pubkey_byname.
* g10/getkey.c (get_best_pubkey_byname): Remove useless req_usage
setting of CTX.

Fixes-commit: f2734381ae1431e395a0bed16df2f4d5d13aa2c5
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-17 10:46:34 +09:00
NIIBE Yutaka
286d4c6075 gpg: Fix two other cases in get_best_pubkey_byname.
* g10/getkey.c (pubkey_cmp): Handle a primary key with
PUBKEY_USAGE_ENC, and make sure new key is for encryption.
(get_best_pubkey_byname): Add comment for ranking.

GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-17 09:23:26 +09:00
NIIBE Yutaka
f2734381ae gpg: Fix get_best_pubkey_byname to consider the first match.
* g10/getkey.c (get_best_pubkey_byname): Always use PK0 to search
by get_pubkey_byname.  Add initial call to pubkey_cmp to fill
BEST at first before the loop.

--

Fixes-commit: 44604209c1cfe18532d13eda63d8c1f86a6e12ec
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-16 15:58:26 +09:00
Werner Koch
d1bc12d1b6
gpg: Also delete key-binding signature when deleting a subkey.
* g10/delkey.c (do_delete_key): Simplify and correct subkey deletion.
--

GnuPG-bug-id: 4665, 4457
Fixes-commit: cc6069ac6ecd57dcbb808f28d54fd9f89dc55014
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-15 14:30:57 +02:00
NIIBE Yutaka
44604209c1 gpg: Put the first key in candidates correctly.
* g10/getkey.c (get_best_pubkey_byname): After the call of
get_pubkey_byname, set up CTX with KEYDB_SEARCH_MODE_LONG_KID to enter
the loop.

--

Fixes-commit: 7535f1d47a35e30f736f0e842844555f7a4a9841
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-15 19:18:26 +09:00
NIIBE Yutaka
7535f1d47a gpg: The first key should be in candidates.
* g10/getkey.c (get_best_pubkey_byname): Handle the first key
as the initial candidate for the selection.

--

GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-09 09:45:11 +09:00
NIIBE Yutaka
e28572116f gpg: Fix a memory leak in get_best_pubkey_byname.
* g10/getkey.c (get_best_pubkey_byname): Free the public key parts.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-07 10:41:01 +09:00
Werner Koch
7d9aad63c4
gpg: Ignore all SHA-1 signatures in 3rd party key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): No cut-off date
and remove debug output.
--

With 2.2 we do not not support SHA-1 key signatures anymore even if
that means that the WoT shrinks.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-03 18:20:59 +02:00
Werner Koch
c4f2d9e3e1
gpg: Be prepared for chosen-prefix SHA-1 collisions in key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): Reject cewrtain
SHA-1 based signatures.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-03 17:43:26 +02:00
Werner Koch
63dbc817e7
gpg: Read the UBID from the keybox and detect wrong blob type.
* g10/keydb-private.h (struct keydb_handle_s): Add fields for UBID.
* g10/call-keyboxd.c (search_status_cb): New.
(keydb_search): Set new UBID fields.
--

The UBID is not yet used but may come handy later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:11:54 +02:00
Werner Koch
a605dbb430
gpg: Fix --recv-key in case of a given fingerprint.
* g10/keyserver.c (keyserver_retrieval_screener): Compare against
actual length.
--

This was a long standing and annoying regression due to changes
for v5 keys.  Really simple to fix :-).

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-30 18:03:31 +02:00
Werner Koch
ec81c437e7
gpg: Fix expand GPG groups when resolving a key
* g10/expand-group.c (expand_group): Add arg prepend_input.
* g10/pkclist.c (build_pk_list): Adjust for it.
* g10/getkey.c (key_byname): Keep the expanded names in the CTX and
don't premature free them.
(get_pubkey_byname): Append the namelist to the extra_list.
--

The original patch didn't kept the expanded list in the context and
also would duplicate names which are not group names.  The latter does
not really harm but the former lead to a use after free.  Original
patch was applied just a few weeks ago.

Fixes-commit: e825aea2ba3529c333d7ec2c76e63998cb83d999
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-30 14:08:13 +02:00
Werner Koch
b966a7c142
gpg: Fix a recently introduced printf format buglet.
* g10/parse-packet.c (dump_sig_subpkt): Fix format error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:57:52 +02:00
Werner Koch
9698761933
Merge branch 'switch-to-gpgk' into master
--
Resolved Conflicts:

* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:44:23 +02:00
Werner Koch
4be79b5abe
kbx,gpg: Allow lookup using a UBID.
* common/userids.c (classify_user_id): Detect UBIDs.
* kbx/backend-cache.c (blob_table_put): Store the public key type.
(be_cache_search): Add search mode for UBIDs.
* kbx/backend.h (struct db_request_part_s): Add cache.seqno_ubid.
* g10/keydb.c (keydb_search_desc_dump): Fix printing of keygrip.  Add
ubid printing.
* g10/call-keyboxd.c (keydb_search): Support search by UBID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 10:05:07 +02:00
Werner Koch
d38f877bd8
doc: Minor doc updates and a typo fix.
--
2019-09-25 16:21:30 +02:00
Werner Koch
ce9906b008
gpg: First rough implementation of keyboxd access for key lookup.
* g10/Makefile.am: Add nPth flags.
* g10/gpg.c: Include npth.h.
(gpg_deinit_default_ctrl): Deinit call-keyboxd local data.
(main): Init nPth.
* g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and
remove the search result and the assuan context.
* g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields.
(lock_datastream, unlock_datastream): New.
(gpg_keyboxd_deinit_session_data): Adjust for changed data structures.
(prepare_data_pipe): New.
(open_context): Return kbl instead of an Assuan context.  Init mutexes
etc.
(close_context): Merge into ...
(keydb_release): here.  Adjust for changed data structures.
(datastream_thread): New.
(keydb_get_keyblock): Implement datastream stuff.
(keydb_search): Ditto.

* common/asshelp.c (wait_for_sock): Add arg connect_flags.
(start_new_service): Set FDPASSING flag for the keyboxd.
--

This code as a lot of rough edges, in particular it relies on a well
behaving keyboxd.  We need to add code to shutdown the datastream
reader thread in case of errors and to properly get it up again.  We
also need to make really sure that both threads run in lockstep so
that the datastream thread is only active while we are sending a
command to the keyboxd.

We should also see whether we can depend nPth initialization on the
--use-keyboxd option to avoid any problems with nPth.

And we need to test on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 16:05:54 +02:00
Werner Koch
2f0fdab8aa
common: Allow a readlimit for iobuf_esopen.
* common/iobuf.c (file_es_filter_ctx_t): Add fields use_readlimit and
readlimit.
(file_es_filter): Implement them.
(iobuf_esopen): Add new arg readlimit.
* g10/decrypt-data.c (decrypt_data): Adjust for change.
* g10/import.c (import_keys_es_stream): Ditto.
--

This comes handy for (length,datablob) style streams.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 15:45:58 +02:00