1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-29 11:21:32 +01:00

3646 Commits

Author SHA1 Message Date
David Shaw
0f1c0a9f28 * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults
to disable.

* pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to
truncate hashes to fit DSA keys.

* sign.c (match_dsa_hash): New.  Return the best match hash for a given q
size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it
has q==160, assume it is an old DSA key and don't allow truncation unless
--enable-dsa2 is also set.  q!=160 always allows truncation since they
must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a
--cert-digest-algo, use match_dsa_hash to pick the best hash for key
signatures.
2006-04-20 21:32:42 +00:00
David Shaw
b625a6d1a9 (generate): Tweak to allow keys larger than 1024 bits. Enforce that the q
size doesn't end between byte boundaries.
2006-04-20 21:11:56 +00:00
David Shaw
2f94329422 The plumbing necessary to create DSA keys with variable sized q.
Not yet used (q==160).
2006-04-20 18:40:37 +00:00
David Shaw
99b1f3e1da * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add
SHA-224.

* sign.c (write_plaintext_packet), encode.c (encode_simple): Factor
common literal packet setup code from here, to...

* main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the
literal packet filename field is UTF-8 encoded.

* options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded
and note when filenames are already UTF-8.
2006-04-20 02:36:05 +00:00
David Shaw
ebdd458f82 * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512. 2006-04-20 02:12:34 +00:00
David Shaw
f0902a6aef Add SHA-224 support 2006-04-20 02:05:32 +00:00
Werner Koch
d0907e64f4 Continued with merging.
Still does not build.
2006-04-19 13:24:36 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
David Shaw
36ce455f15 * keyedit.c (menu_backsign): Give some more verbose errors when we
have no need to backsign.
2006-04-19 04:29:31 +00:00
David Shaw
0b33740f4e * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and
--compress-algo should be avoided.
2006-04-19 03:56:23 +00:00
David Shaw
45c1414a2f * miscutil.c (make_printable_string): Fix bug where some control
characters lose part of their ASCII representation.
2006-04-17 20:54:15 +00:00
Marcus Brinkmann
751a3aeea7 2006-04-14 Marcus Brinkmann <marcus@g10code.de>
* app.c (select_application): Cover up a slot mismatch error in
	case it happens (it shouldn't happen).
	(release_application): Use APP->slot.  Lock the reader.
	(application_notify_card_removed): Lock the reader.
2006-04-14 20:40:00 +00:00
Werner Koch
b2f4b15b7c use minimal posix sed 2006-04-12 10:36:23 +00:00
David Shaw
8df71cf868 * memory.c (realloc): Revert m_guard fix and stick an #error in there to
inform people not to use it.
2006-04-11 19:45:44 +00:00
David Shaw
27bb89d687 * options.skel, photoid.c (get_default_photo_command): Find an image
viewer at runtime.  Seems FC5 doesn't have xloadimage.
2006-04-11 19:20:08 +00:00
Werner Koch
c664309a0a Added command APDU 2006-04-11 13:53:21 +00:00
Werner Koch
2830e83246 . 2006-04-11 07:50:34 +00:00
Werner Koch
168583e596 Add new regression test 2006-04-11 07:49:25 +00:00
David Shaw
ed776a913f * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
directly into place rather than mallocing temporary buffers.
2006-04-11 03:25:25 +00:00
David Shaw
af0a0ae6ee * gpgkeys_ldap.c (get_name): Build strings with strcat rather than
using sprintf which is harder to read and modify.
2006-04-11 03:13:46 +00:00
David Shaw
3011a39284 * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT
and KS_SEARCH_KEYID_LONG to search for a key ID.

* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
searches to pgpKeyID or pgpCertID.
2006-04-11 03:00:50 +00:00
David Shaw
1bf02666fb * gpg.sgml: Some typo fixes. This is Debian 361324. 2006-04-09 23:22:24 +00:00
Moritz Schulte
76cb368202 2006-04-09 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
	possible DoS attack.
2006-04-09 11:31:37 +00:00
David Shaw
51e88a5fdb * getkey.c (parse_auto_key_locate): Fix dupe-removal code.
* keyedit.c (menu_backsign): Allow backsigning even if the secret
subkey doesn't have a binding signature.

* armor.c (radix64_read): Don't report EOF when reading only a pad (=)
character.  The EOF actually starts after the pad.

* gpg.c (main): Make --export, --send-keys, --recv-keys,
--refresh-keys, and --fetch-keys follow their arguments from left to
right.  Suggested by Peter Palfrader.
2006-04-09 03:34:09 +00:00
Werner Koch
4fdc6387c3 Fixed segv 2006-04-08 01:23:23 +00:00
Werner Koch
e5a03c84f7 See ChangeLog 2006-04-08 00:36:51 +00:00
David Shaw
4af2725d32 * memory.c (realloc): Fix compile problem with --enable-m-guard. 2006-04-06 17:58:13 +00:00
Werner Koch
f3c5360ca1 Renamed 2006-04-05 17:00:13 +00:00
David Shaw
1f6fba7c52 * make-dns-cert.c: Some changes from Peter Palfrader to send errors to
stderr and allow spaces in a fingerprint.  Also warn when a key is
over 16k (as that is the default max-cert-size) and fail when a key is
over 64k as that is the DNS limit in many places.
2006-04-05 14:25:40 +00:00
David Shaw
d855bd31ab * make-dns-cert.c: New program to generate properly formatted CERT records
so people don't have to do it manually.
2006-04-04 22:19:13 +00:00
Werner Koch
91497480aa post release updates 2006-04-03 11:16:19 +00:00
Werner Koch
256f67675f About to release 1.4.3 gnupg-1.4.3 2006-04-03 10:13:23 +00:00
Moritz Schulte
4a31738bd1 2006-04-01 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
	instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
	byte - KEY_GRIP_RAW is a raw binary string anyway.
2006-04-01 11:04:14 +00:00
David Shaw
4afa4eb10e * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock.
Fix strings to not start with a capital letter as per convention.
2006-04-01 02:47:53 +00:00
David Shaw
66965ccc29 Update copyright 2006-03-30 23:55:45 +00:00
David Shaw
92e1528bf2 * main.h, seskey.c (encode_md_value): Modify to allow a q size greater
than 160 bits as per DSA2.  This will allow us to verify and issue DSA2
signatures for some backwards compatibility once we start generating DSA2
keys.
* sign.c (do_sign), sig-check.c (do_check): Change all callers.

* sign.c (do_sign): Enforce the 160-bit check for new signatures here
since encode_md_value can handle non-160-bit digests now. This will need
to come out once the standard for DSA2 is firmed up.
2006-03-30 19:20:59 +00:00
David Shaw
a43c1bc874 * README: Some more notes about building fat binaries. 2006-03-30 14:19:08 +00:00
David Shaw
f99dec9e53 * cert.c (main): Fix test program build warning on OSX. 2006-03-30 14:13:35 +00:00
David Shaw
0ea95fd80f * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so they use
the regular old API that is compatible with other LDAP libraries.
2006-03-27 19:06:46 +00:00
David Shaw
025aabfd8e * README: Missing some instructions on building a fat binary. 2006-03-25 03:05:30 +00:00
David Shaw
97b0606a95 * getkey.c (parse_auto_key_locate): Silently strip out duplicates rather
than causing an error.
2006-03-22 23:05:32 +00:00
Werner Koch
ac46433052 Changed URLs 2006-03-22 16:43:59 +00:00
David Shaw
5531da1cfc * mainproc.c (get_pka_address): Fix bug introduced as part of
sig_to_notation conversion.  Noted by Peter Palfradrer.
2006-03-22 14:37:53 +00:00
Werner Koch
7f99c71839 Allow for rmd160 signatures when using gpg-agent. 2006-03-21 13:01:45 +00:00
Werner Koch
79f749fec9 Allo RMD160 signatures 2006-03-21 12:48:51 +00:00
Werner Koch
6b19366e4e Add Kludge for RegTP sillyness. 2006-03-21 09:56:47 +00:00
David Shaw
70f1c32ffd * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert previous
change.  It's now all done in configure.
2006-03-20 16:40:28 +00:00
David Shaw
ca766728f4 * configure.ac: Improved --disable-endian-check that doesn't involve
changing #ifdefs in the rest of the code.
2006-03-20 16:13:52 +00:00
David Shaw
7fcba082c9 * configure.ac: Add --disable-endian-check for building fat binaries
on OSX.

* README: Add note on how to build a fat binary on OSX.
2006-03-20 00:57:33 +00:00
David Shaw
0f4f660d5f * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Use '#if'
rather than '#ifdef' BIG_ENDIAN_HOST.  Harmless as we explicitly
define BIG_ENDIAN_HOST to 1 when we need it, but needed for OSX fat
builds when we define BIG_ENDIAN_HOST to another macro.
2006-03-20 00:39:44 +00:00