Werner Koch
0f0e0559f9
agent: Fix length detection of canonical formatted openpgp keys.
...
* agent/command.c (cmd_import_key): Pass 0 instead of KEYLEN to
gcry_sexp_canon_len.
--
We used to pass KEYLEN to the gcry_sexp_canon_len for no good reason:
convert_from_openpgp is guaranteed to return a valid canonical
S-expression and KEYLEN would thus act only as an upper limit. This
is not a problem because usually the original input key is longer than
the returned unprotected key. A future patch may change this
assertion and thus we better fix this bug now.
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:30 +02:00
NIIBE Yutaka
3c3648e720
agent: fix two bugs.
...
* agent/command.c (cmd_keytocard): Decrement KEYDATALEN.
* agent/findkey.c (agent_public_key_from_file): Increment for ELEMS.
--
For ECDSA and ECDH, there are 6 elements.
2013-02-22 12:55:11 +09:00
NIIBE Yutaka
30f8a3c873
agent: Add KEYTOCARD command.
...
* agent/agent.h (divert_writekey, agent_card_writekey): New.
* agent/call-scd.c (inq_writekey_parms, agent_card_writekey): New.
* agent/command.c (cmd_keytocard, hlp_keytocard): New.
(register_commands): Add cmd_keytocard.
* agent/divert-scd.c (divert_writekey): New.
2013-02-12 14:19:12 +09:00
Werner Koch
8b2b8dfe5c
agent: Move a typedef to common and provide parse_pinentry_mode.
...
* common/agent-opt.c: New.
* common/shareddefs.h: New.
* common/Makefile.am: Add new files.
* agent/agent.h: Include shareddefs.h.
(pinentry_mode_t): Factor out to shareddefs.h.
* agent/command.c (option_handler): Use parse_pinentry_mode.
2013-02-06 12:56:19 +01:00
Werner Koch
9f0e9ea80c
agent: Use wipememory instead of memset in one place.
...
* agent/command.c (clear_outbuf): Use wipememory. Suggested by Ben
Kibbey.
2012-11-06 18:51:47 +01:00
Werner Koch
b817ae7df9
agent: Add pin length field to the shadowed private key format.
...
This is not yet fully implemented. It will eventually allow to
support pinpad equipped readers which do not support variable length
pin lengths.
* agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and
parse pinlen info. Change all callers to pass NULL for it.
2012-02-07 14:17:33 +01:00
Werner Koch
12ea5c904c
Use new status printing functions.
...
* agent/command.c (cmd_geteventcounter): Get rid of static buffers.
* scd/command.c (cmd_serialno, cmd_learn): Simplify by using
print_assuan_status.
2012-02-07 13:52:31 +01:00
Werner Koch
e78585cd0f
agent: New function agent_print_status.
...
* common/asshelp2.c (vprint_assuan_status): New.
(print_assuan_status): Re-implement using above func.
* agent/command.c (agent_print_status): New.
2012-02-07 12:46:32 +01:00
Werner Koch
7981cdd134
agent: Simplify printing of INQUIRE_MAXLEN.
...
* agent/command.c: Include asshelp.h.
(cmd_pkdecrypt, cmd_genkey, cmd_preset_passphrase)
(pinentry_loopback): Use print_assuan_status for INQUIRE_MAXLEN.
2012-02-06 21:04:22 +01:00
Ben Kibbey
ecda65498a
Also let GENKEY and PKDECRYPT send the INQUIRE_MAXLEN status message.
...
* agent/command.c (cmd_pkdecrypt): Send the INQUIRE_MAXLEN status
message before doing the inquire.
(cmd_genkey): Ditto.
2012-02-03 17:50:22 -05:00
Ben Kibbey
3f7788f2e0
Inform the client of the preset passphrase length.
...
* agent/command.c (cmd_preset_passphrase): Send the INQUIRE_MAXLEN
status message before inquiring the passphrase.
2012-02-01 21:38:13 -05:00
Ben Kibbey
ae981dd8f4
Add the INQUIRE_MAXLEN status message.
...
This status message is used to inform the client of the maximum length
of an inquired passphrase and is used in pinentry-mode=loopback.
* agent/command.c (pinentry_loopback): Send the INQUIRE_MAXLEN status
message before doing the inquire.
2012-01-17 19:49:10 -05:00
Werner Koch
366512abe4
Require Libassuan 2.0.3
...
* configure.ac: Require Libassuan 2.0.3.
* agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement.
* agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove
dependency.
(cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto.
* scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20 11:12:21 +01:00
Werner Koch
9274d4d182
Fix last change.
...
* agent/command.c (start_command_handler): Remove use of removed var.
2011-12-05 15:14:47 +01:00
Werner Koch
477360e8cd
Amend the agent code with more comments.
...
* agent/command.c (server_local_s): Remove unused field MESSAGE_FD.
2011-12-05 15:05:57 +01:00
Ben Kibbey
fb1cdd7b0e
Handle pinentry-mode=loopback.
...
When this mode is set an inquire will be sent to the client to retrieve
the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the
GENKEY and PASSWD commands use when generating a new key.
2011-09-12 09:54:16 +02:00
Ben Kibbey
28eac436bb
Update option s2k-count to match the documentation.
...
The option would previously return an error if its value was < 65536.
2011-08-10 12:46:06 +02:00
Werner Koch
81389383a3
Made the KILLAGENT and KILLSCD commands working again.
...
This requires that GnuPG is build with a newer version of Libassuan
(2.0.3).
2011-08-10 11:47:04 +02:00
Werner Koch
093ed70fbf
Allow listing of ssh fingerprint with the agent's KEYINFO command.
2011-07-20 21:13:24 +02:00
Ben Kibbey
137e3a0fbc
Added gpg-agent OPTION "s2k-count".
...
When unset or 0, the calibrated count will be used.
2011-06-29 13:17:25 +02:00
Werner Koch
4caa768f1d
Add OPTION:cache-ttl-opt-preset to gpg-agent.
...
This option may be used to change the default ttl values use with the
--preset option of GENKEY and PASSWD.
2011-04-21 15:40:48 +02:00
Marcus Brinkmann
70b871abbc
Fix gpg-agent secure memory leak in OpenPGP private key import.
...
2011-04-20 Marcus Brinkmann <mb@g10code.com>
* command.c (cmd_import_key): Release key from failed import
before converting openpgp private key in the openpgp-private-key
case.
2011-04-20 11:33:09 +02:00
Ben Kibbey
b5f585f7d7
Another PASSWD --preset fix.
...
Check for an error before presetting the passphrase.
2011-04-18 10:20:36 +02:00
Ben Kibbey
b3c71eb26b
Fixed PASSWD --preset.
...
The previous patch required that the keygrip be cached before adding the
new passphrase to the cache. No more.
2011-04-13 14:15:21 +02:00
Werner Koch
f8c5395fbd
Use macros for the 120 and 900s cache TTLs.
2011-04-12 18:20:46 +02:00
Ben Kibbey
a9edbfb3a3
Added PASSWD --preset.
2011-04-12 18:04:53 +02:00
Ben Kibbey
944bf8f5b5
Added GENKEY --preset to add the passphrase of the generated key to the cache.
2011-04-12 18:00:59 +02:00
Ben Kibbey
893b455a3d
Added KEYINFO field to show the protection type of a key. This differs from the second field which shows the location of the key.
2011-04-12 17:59:27 +02:00
Ben Kibbey
3582e2efa4
Added option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will be truncated to the first encountered null byte.
2011-03-04 09:39:39 +01:00
Werner Koch
b786f0e12b
New agent option pinentry-mode.
...
This provides the framework and implements the ask, cancel and error.
loopback will be implemented later.
2011-03-03 18:35:08 +01:00
Werner Koch
b7f74f5b46
Add comment to last patch.
2011-03-02 09:54:18 +01:00
Ben Kibbey
cb803a4b27
Added option --data to KEYINFO to return the result with a data response.
2011-03-02 09:45:31 +01:00
Ben Kibbey
fa58a834ff
Let KEYINFO show the cached status of a key grip.
2011-03-02 09:32:35 +01:00
Werner Koch
528d77a0cc
Rename Ben's new option.
2011-03-02 09:11:40 +01:00
Ben Kibbey
0706511b6d
Added CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with a mode of CACHE_MODE_NORMAL. These cache modes are created with PKDECRYPT.
2011-03-02 09:08:00 +01:00
Werner Koch
b008274afd
Nuked almost all trailing white space.
...
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
02e4c3cb7e
Re-implemented GPG's --passwd command and improved it.
2010-10-26 09:10:29 +00:00
Werner Koch
764e88d4df
All tests work are again working
2010-10-14 16:34:31 +00:00
Werner Koch
54591341a4
More agent support for gpg.
2010-10-13 15:57:08 +00:00
Werner Koch
bfbd80feb9
Exporting secret keys via gpg-agent is now basically supported.
...
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
90a4599c5e
Obscure the cached passphrases.
2010-09-02 10:46:23 +00:00
Werner Koch
31bc3c8edd
s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.
...
Prepare for more use cases of the cache nonce.
2010-09-01 11:07:16 +00:00
Werner Koch
9a9b3da58f
Use passphrase caching for import and genkey.
2010-09-01 09:48:35 +00:00
Werner Koch
87fac99112
Import OpenPGP keys into the agent.
2010-08-31 15:58:39 +00:00
Werner Koch
91056b1976
Implement export of pkcs#12 objects using a direct agent connection.
2010-06-21 10:01:24 +00:00
Werner Koch
006fd75aea
Avoid using the protect-tool to import pkcs#12.
2010-06-17 15:44:44 +00:00
Werner Koch
f5551672fb
Update tests.
2010-05-11 18:00:31 +00:00
Werner Koch
a1412b05de
More changes on the way to remove secring.gpg.
2010-04-21 16:26:17 +00:00
Werner Koch
be45bf3d54
Add dummu option --passwd for gpg.
...
Collected changes.
2010-01-08 19:18:49 +00:00
Marcus Brinkmann
e1172f00be
2009-11-27 Marcus Brinkmann <marcus@g10code.de>
...
* command.c (start_command_handler): Do not call
assuan_set_log_stream anymore.
* gpg-agent.c (main): But call assuan_set_assuan_log_stream here.
2009-11-27 19:13:02 +00:00