1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

406 Commits

Author SHA1 Message Date
Werner Koch
1523b5f76f
gpg: New option --no-auto-trust-new-key.
* g10/gpg.c (oNoAutoTrustNewKey): New.
(opts): Add --no-auto-trust-new-key.
(main): Set it.
* g10/options.h (opt): Add flags.no_auto_trust_new_key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-15 10:47:19 +01:00
Werner Koch
fe02ef0450
gpg: New option --force-sign-key
* g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key".
(main): Set it.
* g10/options.h (opt): New flag flags.force_sign_key.
* g10/keyedit.c (sign_uids): Use new flag.
--

GnuPG-bug-id: 4584
2021-03-11 11:27:07 +01:00
Werner Koch
8c41b8aac3
w32: Always use Unicode for console input and output.
* common/init.c (_init_common_subsystems) [W32]: Set the codepage to
UTF-8 for input and putput.  Switch gettext to UTF-8.
* tools/gpgconf.c (main): Display the input and output codepage if
they differ.
* g10/gpg.c (utf8_strings) [W32]: Make sure this is always set.
--

With this patch the former patch to use ReadConsoleW and WriteConsoleW
in ttyio.c are kind of superfluous because the ANSI version of these
functions are also able to read/write UTF-8 directly given the console
code page has been set correctly.  However, this seems to work only
with recent versions of Windows-10.

GnuPG-bug-id: 4365
2021-03-05 15:33:40 +01:00
Werner Koch
8e15506d66
gpg: Prepare for globing with UTF-8.
* g10/gpg.c (_dowildcard): Remove.
(my_strusage): Enable wildcards using our new system.
--

This patch actually removes the current globing using a mingw
feature.  We are not able to use this because it does not handle
Unicode filenames.  The plan is to implement this in init.c.  This
patch merely configures gpg to request globing.

GnuPG-bug-id: 4398
2021-03-04 10:43:46 +01:00
Werner Koch
825dd7220f
gpg: Do not allow old cipher algorithms for encryption.
* g10/gpg.c: New option --allow-old-cipher-algos.
(set_compliance_option): Set --rfc4880bis explictly to SHA256 and
AES256.  Allow old cipher algos for OpenPGP, rfc4880, and rfc2440.
* g10/options.h (opt): Add flags.allow_old_cipher_algos.
* g10/misc.c (print_sha1_keysig_rejected_note): Always print the note
unless in --quiet mode.
* g10/encrypt.c (setup_symkey): Disallow by default algos with a
blocklengt < 128.
(encrypt_crypt): Ditto.  Fallback by default to AES instead of 3DES.
* g10/pkclist.c (algo_available): Take care of old cipher also.
(select_algo_from_prefs): Use AES as implicit algorithm by default.

* tests/openpgp/defs.scm (create-gpghome): Set allow-old-cipher-algos.
--

GnuPG-bug-id: 3415
2021-02-10 14:40:02 +01:00
Werner Koch
7f3ce66ec5
gpg: Remove support for PKA.
* g10/gpg.c (oPrintPKARecords): Remove.
(opts): Remove --print-pka-records.
(main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff.
* g10/options.h (EXPORT_DANE_FORMAT): Remove.
(VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove.
(KEYSERVER_HONOR_PKA_RECORD): Remove.
* g10/packet.h (pka_info_t): Remove.
(PKT_signature): Remove flags.pka_tried and pka_info.
* g10/parse-packet.c (register_known_notation): Remove
"pka-address@gnupg.org".
* g10/pkclist.c (check_signatures_trust): Remove PKA stuff.
* g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove.
* g10/export.c (parse_export_options): Remove "export-pka".
(do_export): Adjust for this.
(write_keyblock_to_output): Ditto.
(do_export_stream): Ditto.
(print_pka_or_dane_records): Rename to ...
(print_dane_records): this and remove two args. Remove PKA printing.
* g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed
pka_info field.
* g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy.
* g10/keyserver.c: Remove "honor-pka-record".
(keyserver_import_pka): Remove.
* g10/mainproc.c (get_pka_address): Remove.
(pka_uri_from_sig): Remove.
(check_sig_and_print): Remove code for PKA.
--

PKA (Public Key Association) was a DNS based key discovery method
which looked up fingerprint by mail addresses in the DNS.  This goes
back to the conference where DKIM was suggested to show that we
already had a better method for this available with PGP/MIME.  PKA was
was later superseded by an experimental DANE method and is today not
anymore relevant.  It is anyway doubtful whether PKA was ever widely
used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-02-02 19:53:21 +01:00
Werner Koch
d1f2a6d9f7
gpg: Switch to AES256 for symmetric encryption in de-vs mode.
* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--

Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm.  With the default gnupg mode
that was already used.  The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms.  They are still possible but now
non-compliant algorithms will throw an error.

Manual testing can be done with commands like this:

  gpg --no-options --compliance=de-vs \
   --personal-cipher-preferences "S1 S7" \
   --pinentry-mode loopback -v --passphrase abc -ac </etc/motd

Here the command fails due to IDEA (S1) being the preferred cipher
algorithm.  Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-03 15:37:40 +01:00
Werner Koch
243f9176e7
gpg: New command --quick-revoke-sig
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig.
(opts): Add --quick-revoke-sig.
(main): Implement.
* g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and
adjust all callers.
(keyedit_quick_revsig): new.
* g10/revoke.c (get_default_sig_revocation_reason): New.
* g10/keylist.c (cmp_signodes): Make global.
--

GnuPG-bug-id: 5093
2020-10-28 17:06:27 +01:00
Werner Koch
742e2729f4
gpg: Sort the signatures in standard key listings.
* g10/gpg.c (parse_list_options): Add "sort-sigs".
(main): Make it the default.
* g10/options.h (LIST_SORT_SIGS): New.
* g10/keylist.c (cmp_signodes): New.
(list_keyblock_print): Sort signatures and factor signature printing
code out to ...
(list_signature_print): new.
--

In particular together with --full-timestamps this makes it easier to
see the history of key signatures and their revocations.  The
self-signatures are also printed first.  To disable this

  --list-options no-sort-sigs

can be used.

Also don't print the annoying "no recocation reason specified"
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-27 17:21:19 +01:00
Werner Koch
18e5dd7b03
Replace all calls to stat by gnupg_stat.
* common/sysutils.c (gnupg_stat): New.
* common/sysutils.h: Include sys/stat.h.
--

Yet another wrapper for Unicode support on Windows.

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-20 16:38:06 +02:00
Werner Koch
4dcef0e178
Replace most calls to open by a new wrapper.
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New.  Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--

This is yet another step for full Unicode support on Windows.

GnuPG-bug-id: 5098
2020-10-20 14:08:35 +02:00
Werner Koch
c94ee1386e
Replace all calls to access by gnupg_access
* common/sysutils.c (gnupg_access): New.  Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--

Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.

This is required to correctly handle non-ascii filenames on Windows.

GnuPG-bug-id: 5098
2020-10-20 12:15:55 +02:00
Werner Koch
633c1fea5f
gpg: Collapse duplicate subkeys.
* g10/options.h (IMPORT_COLLAPSE_UIDS): New.
(IMPORT_COLLAPSE_SUBKEYS): New.
* g10/gpg.c (main): Make them the default.
* g10/import.c (parse_import_options): New import options
"no-collapse-uids" and "no-collapse_subkeys".
(collapse_subkeys): New.
(import_one_real): Collapse subkeys and allow disabling the collapsing
using the new options.
(read_key_from_file_or_buffer): Always collapse subkeys.
* g10/keyedit.c (fix_keyblock): Call collapse_subkeys.
--

GnuPG-bug-id: 4421
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 10:33:57 +02:00
Werner Koch
6bcb609e1b
Add --chuid to gpg, gpg-card, and gpg-connect-agent.
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.  Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-14 12:19:11 +02:00
Werner Koch
d847f0651a
gpg: Add level 16 to --gen-random
* g10/gpg.c (main): Add that hack.
--

This is an yet undocumented hack to allow printing hex encoded random
number with gpg.  The level is forced to be 1 which is is good for
almost all uses.  Note that --armor is ignored.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-05 16:53:34 +02:00
Werner Koch
212f9b20b5
gpg: Print a note if no args are given to --delete-key
--

It is a bit surprising that nothing happens if no key is specified to
--delete-key et al.  Although this is common Unix behaviour the use
might have expected that it behaves like --export and deletes all
keys.  Sure we don't do the latter, so a short notice will help.

GnuPG-bug-id: 4959
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-09 11:24:54 +02:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
6b306f45f4
gpg: New option --auto-key-import
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 18:04:47 +01:00
Werner Koch
865d485180
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--

This patch adds support for a to be proposed OpenPGP ferature:

  Introduce the Key Block subpacket to align OpenPGP with CMS.

  This new subpacket may be used similar to the CertificateSet of
  CMS (RFC-5652) and thus allows to start encrypted communication
  after having received a signed message.  In practice a stripped down
  version of the key should be including having only the key material
  and the self-signatures which are really useful and shall be used by
  the recipient to reply encrypted.

  #### Key Block

  (1 octet with value 0, N octets of key data)

  This subpacket MAY be used to convey key data along with a signature
  of class 0x00, 0x01, or 0x02.  It MUST contain the key used to create
  the signature; either as the primary key or as a subkey.  The key
  SHOULD contain a primary or subkey capable of encryption and the
  entire key must be a valid OpenPGP key including at least one User ID
  packet and the corresponding self-signatures.

  Implementations MUST ignore this subpacket if the first octet does not
  have a value of zero or if the key data does not represent a valid
  transferable public key.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:34:49 +01:00
Werner Koch
41eb5108ce
gpg: Re-group the options in the --help output.
* g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to
use ARGPARSE_ignore and remove the code in the option switch.
--

This looks better and is also required for further simplifications of
gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 15:18:27 +01:00
Werner Koch
4423e9dcde
gpgconf: Support reading global options (part 2).
* tools/gpgconf-comp.c: Remove all regular option descriptions.  They
are now read in from the component.  Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--

This second part removes all regular option descriptions because they
can be read from the components.  A few were missing in the components
and thus moved to there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-06 10:09:26 +01:00
Werner Koch
79f2318aa5
gpg: Re-enable versioned config files
* g10/gpg.c (main): Use ARGPARSE_FLAG_USERVERS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-25 15:18:55 +01:00
Werner Koch
7e8f28653c
gpg: Re-add checking of config file permissions.
* g10/gpg.c (main): Re-add permission checking of the user config
file.  Re-add code to check against the SE-Linux secured file list.
(get_default_configname): Remove unused func.
* configure.ac (SAFE_VERSION, SAFE_VERSION_DOT)
(SAFE_VERSION_DASH): Remove.
--

Die to the switch to the new option parser, the permissions were not
anymore checked.  This patch fixes this.  Note that there there is no
checking for the global config file because that file is not expected
to be user modifiable.

This patch also adds checking against the list of SE-linux secured
files.  However, like in the old code the checking does not work in
practise because the to be checked files are added to the the list
only after option parsing.  Tested using temporary debug code.

The SAFE_VERSION macros were used for RISC OS, which is not anymore
supported, and only in the now removed get_default_configname.  There
purpose was that a RISC OS could use a modified config.h here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-25 14:09:46 +01:00
Werner Koch
0e8f6e2aa9
gpg: Use gpgrt's new option parser to provide a global conf file.
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h.  Do this also for all main modules which use our option
parser except for gpg.  Replace calls to strusage by calls to
gpgrt_strusage everywhere.

* g10/gpg.c (opts): Change type to gpgrt_opt_t.  Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t.  Rework the option
parser to make use of the new gpgrt_argparser.
--

This is not yet finished but a make check works.  gpg has the most
complex and oldest option handling and thus this is the first
migration target.  SE-Linux checks and version-ed config files are
missing and will be added later.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 11:13:32 +01:00
Werner Koch
86312b920a
gpg: New option --full-timestrings.
* g10/options.h (opt): Add flags.full_timestrings.
* g10/gpg.c (oFullTimestrings): New.
(opts): New option.
(main): Set new flag.
* g10/keyid.c (dateonlystr_from_pk): New.
(dateonlystr_from_sig): New.
(datestr_from_pk): Divert to isotimestamp if requested.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
* g10/import.c (impex_filter_getval): Use dateonlystr_from_sig and
dateonlystr_from_pk.
--

Quite helpful for debugging keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:09 +01:00
Werner Koch
24095101a5
common: Extend the openpgp_curve_to_oid function.
* common/openpgp-oid.c (openpgp_curve_to_oid): Add optional arg R_NBITS.
Change all callers.
--

In particular for ed25519 and cv25519 it is quite useful to have an
ability to get the required algorithm.
2020-02-11 14:40:54 +01:00
Werner Koch
fb6ff7ead7
scd:openpgp: Let the genkey function also accept a full keyref.
* scd/app-openpgp.c (send_key_attr): Use log_assert.
(do_genkey): Allow prefix.
--

It is more uniform to always use full keyref (e.g. "OPENPGP.1")
instead of just the key number.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 00:33:51 +01:00
Werner Koch
14aa797bb8
gpg,sm: Avoid useless ASFW diagnostic in loopback mode.
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 15:20:49 +01:00
Werner Koch
e624c41dba
gpg: Add option --allow-weak-key-signatures.
* g10/gpg.c (oAllowWeakKeySignatures): New.
(opts): Add --allow-weak-key-signatures.
(main): Set it.
* g10/options.h (struct opt): Add flags.allow_weak_key_signatures.
* g10/misc.c (print_sha1_keysig_rejected_note): New.
* g10/sig-check.c (check_signature_over_key_or_uid): Print note and
act on new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 10:36:17 +01:00
Werner Koch
f4047f5605
gpg: Print rfc4880bis note only in verbose mode.
* g10/gpg.c (main): Change condition for an info diagnostic.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 09:24:38 +01:00
Werner Koch
584b65ad7e
gpg: Do not require --batch when using --log-file.
* g10/gpg.c (main): Remove a long standing FIXME.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:44:50 +01:00
Werner Koch
9698761933
Merge branch 'switch-to-gpgk' into master
--
Resolved Conflicts:

* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:44:23 +02:00
Werner Koch
ce9906b008
gpg: First rough implementation of keyboxd access for key lookup.
* g10/Makefile.am: Add nPth flags.
* g10/gpg.c: Include npth.h.
(gpg_deinit_default_ctrl): Deinit call-keyboxd local data.
(main): Init nPth.
* g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and
remove the search result and the assuan context.
* g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields.
(lock_datastream, unlock_datastream): New.
(gpg_keyboxd_deinit_session_data): Adjust for changed data structures.
(prepare_data_pipe): New.
(open_context): Return kbl instead of an Assuan context.  Init mutexes
etc.
(close_context): Merge into ...
(keydb_release): here.  Adjust for changed data structures.
(datastream_thread): New.
(keydb_get_keyblock): Implement datastream stuff.
(keydb_search): Ditto.

* common/asshelp.c (wait_for_sock): Add arg connect_flags.
(start_new_service): Set FDPASSING flag for the keyboxd.
--

This code as a lot of rough edges, in particular it relies on a well
behaving keyboxd.  We need to add code to shutdown the datastream
reader thread in case of errors and to properly get it up again.  We
also need to make really sure that both threads run in lockstep so
that the datastream thread is only active while we are sending a
command to the keyboxd.

We should also see whether we can depend nPth initialization on the
--use-keyboxd option to avoid any problems with nPth.

And we need to test on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-10 16:05:54 +02:00
Werner Koch
aba82684fe
gpg: New option --use-keyboxd.
* g10/gpg.c (oUseKeyboxd,oKeyboxdProgram): New consts.
(opts): New options --use-keyboxd and --keyboxd-program.
(main): Implement them.
* g10/keydb.c: Move some defs out to ...
* g10/keydb-private.h: new file.
* g10/keydb.c: prefix function names with "internal" and move original
functions to ...
* g10/call-keyboxd.c: new file.  Divert to the internal fucntion if
--use-keyboxd is used.  Add a CTRL arg to most fucntions and change
all callers.
* g10/Makefile.am (common_source): Add new files.
(noinst_PROGRAMS): Do bot build gpgcompose.
--

Note that this is just the framework with only a basic implementation
of searching via keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-09 15:01:47 +02:00
Werner Koch
d058d80ed0
gpg: Allow --locate-external-key even with --no-auto-key-locate.
* g10/getkey.c (akl_empty_or_only_local): New.
* g10/gpg.c (DEFAULT_AKL_LIST): New.
(main): Use it here.
(main) <aLocateExtKeys>: Set default AKL if none is set.
--

This better matches the expectations of the user.  The used list in
this case is the default list ("local,wkd") with local ignored by the
command anyway.

GnuPG-bug-id: 4662
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 13:22:15 +02:00
Werner Koch
f14ddeb89c
gpg: Do not show two informational diagnostics with quiet.
* g10/trustdb.c (verify_own_keys): Silence informational diagnostic.
--

This silences these notes with --quiet
  gpg: Note: RFC4880bis features are enabled.
  gpg: key EE65E8C75D41FD1D marked as ultimately trusted

GnuPG-bug-id: 4634
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-23 11:45:49 +02:00
Werner Koch
c97c2e578d
gpg: New option --use-only-openpgp-card
* g10/gpg.c (opts): Add option.
(main): Set flag.
* g10/options.h: Add flags.use_only_openpgp_card.
* g10/call-agent.c (start_agent): Implement option.
--

With the previous patch we switch to autoselect an application
instead of requesting an openpgp card.  This option allows to revert
this in case of use use cases which expected the former behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c185f6dfbd1bfd809369da789239a371e9d1610e)
This was first added to the 2.2 branch.
2019-08-21 14:13:51 +02:00
NIIBE Yutaka
fcd766719a gpg: The option --passphrase= can be empty.
* g10/gpg.c (opts): Use ARGPARSE_o_s for oPassphrase to allow
empty string.

GnuPG-bug-id: 4633
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-19 17:17:15 +09:00
Werner Koch
23c9786408
gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
* g10/gpg.c (main): Change default.
--

Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures.  That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.

To revert to the old behavior add

  keyserver-optiions  no-self-sigs-only,no-import-clean

to gpg.conf.

GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:45:39 +02:00
Werner Koch
d00c8024e5
gpg: New command --locate-external-key.
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname.  Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto.  Pass on to get_best_pubkey_byname.
--

This new command is a shortcut for

  --auto-key-locate nodefault,clear,wkd,... --locate-key

and uses the default or configured AKL list but does so without local.

See also
GnuPG-bug-id: 4599

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:13:26 +02:00
NIIBE Yutaka
537fbe13af g10: Block signals in g10_exit.
* g10/gpg.c (g10_exit): Block all signals before calling
emergency_cleanup.

--

There is a race condition here which results crash of the process.
When a signal is delivered in emergency_cleanup, it is called again.
This change fixes the problem.

GnuPG-bug-id: 2747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 13:39:46 +09:00
Werner Koch
64a5fd3727
gpg: New caching functions.
* g10/objcache.c: New.
* g10/objcache.h: New.
* g10/Makefile.am (common_source): Add them.
* g10/gpg.c: Include objcache.h.
(g10_exit): Call objcache_dump_stats.
* g10/getkey.c: Include objcache.h.
(get_primary_uid, release_keyid_list): Remove.
(cache_user_id): Remove.
(finish_lookup): Call the new cache_put_keyblock instead of
cache_user_id.
(get_user_id_string): Remove code for mode 2.
(get_user_id): Implement using cache_get_uid_bykid.
--

This generic caching module is better than the ad-hoc code we used in
getkey.c.  More cleanup in getkey is still required but it is a
start.  There is also a small performance increase with the new cache:

With a large keyring and --list-sigs I get these numbers:

|      | before     | after      |
|------+------------+------------|
| real | 14m1.028s  | 12m16.186s |
| user |  2m18.484s |  1m36.040s |
| sys  | 11m42.420s | 10m40.044s |

Note the speedup in the user time which is due to the improved cache
algorithm.  This is obvious, because the old cache was just a long
linked list; the new cache are two hash tables.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-13 11:48:58 +02:00
Werner Koch
bdda31a26b
kbx: Unify the fingerprint search modes.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16)
(KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove.  Switch
all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value.
--

These search modes were added over time and there has until recently
be no incentive to remove the cruft.  With the change for v5 keys I
finally went over all places and allowed the generic fingerprint mode
along with a given length of the fingerprint at all places.
Consequently the other modes can now be removed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 14:55:06 +01:00
Werner Koch
caf4b3fc16
gpg: Make rfc4880bis the default.
* g10/gpg.c (set_compliance_option, main): Change CO_GNUPG to include
rfc4880bis features.
(main): Change rfc4880bis warning to a note.
--

Note that the default is CO_GNUPG and not CO_OPENPGP.  CO_OPENPGP does
not include rfc4880bis yet and has a couple of things we don't like,
like --allow-non-selfsigned-uids.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
f40e9d6a52
kbx: Add support for 32 byte fingerprints.
* common/userids.c (classify_user_id): Support 32 byte fingerprints.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR32): New.
(struct keydb_search_desc): Add field fprlen.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field
version and increase size of fpr to 32.
* kbx/keybox-blob.c: Define new version 2 for PGP and X509 blobs.
(struct keyboxblob_key): Add field fprlen and increase size of fpr.
(pgp_create_key_part_single): Allow larger fingerprints.
(create_blob_header): Implement blob version 2 and add arg want_fpr32.
(_keybox_create_openpgp_blob): Detect the need for blob version 2.
* kbx/keybox-search.c (blob_get_first_keyid): Support 32 byte
fingerprints.
(blob_cmp_fpr): Ditto.
(blob_cmp_fpr_part): Ditto.
(has_fingerprint): Add arg fprlen and pass on.
(keybox_search): Support KEYDB_SEARCH_MODE_FPR32 and adjust for
changed has_fingerprint.
* kbx/keybox-openpgp.c (parse_key): Support version 5 keys.
* kbx/keybox-dump.c (_keybox_dump_blob): Support blob version 2.

* g10/delkey.c (do_delete_key): Support KEYDB_SEARCH_MODE_FPR32.
* g10/export.c (exact_subkey_match_p): Ditto.
* g10/gpg.c (main): Ditto.
* g10/getkey.c (get_pubkey_byfprint): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
* g10/keydb.c (keydb_search_desc_dump): Support
KEYDB_SEARCH_MODE_FPR32 and adjust for changed KEYDB_SEARCH_MODE_FPR.
(keydb_search): Add new arg fprlen and change all callers.
* g10/keyedit.c (find_by_primary_fpr): Ditto.
* g10/keyid.c (keystr_from_desc): Ditto.
* g10/keyring.c (keyring_search): Ditto.
* g10/keyserver.c (print_keyrec): Ditto.
(parse_keyrec): Ditto.
(keyserver_export): Ditto.
(keyserver_retrieval_screener): Ditto.
(keyserver_import): Ditto.
(keyserver_import_fprint): Ditto.
(keyidlist): Ditto.
(keyserver_get_chunk): Ditto.

* g10/keydb.c (keydb_search): Add new arg fprlen and change all
callers.

* sm/keydb.c (keydb_search_fpr): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
--

This prepares the support for OpenPGP v5 keys.  The new version 2 blob
format is needed for the longer fingerprints and we also use this
opportunity to prepare for storing the keygrip in the blob for faster
lookup by keygrip.  Right now this is not yet functional.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-14 11:26:54 +01:00
Werner Koch
0e8bf20479
gpg: New list-option "show-only-fpr-mbox".
* g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox".
* g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New.
* g10/keylist.c (list_keyblock_simple): New.
(list_keyblock): Call it.
(list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX
mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-04 15:31:41 +01:00
Werner Koch
e5c3a6999a
doc: Clarify use of clear and nodefault in the AKL.
--
2018-11-21 09:20:56 +01:00
Werner Koch
6b9f772914
common: Prepare for parsing mail sub-addresses.
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement.  Change all callers to pass false for it.

* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--

Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it.  After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.

To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command

   t-mbox-util --verbose --filter

can be used; to output w/o sub-addresses add --no-sub.

GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-12 07:44:33 +01:00
Daniel Kahn Gillmor
54eb375ff1 all: fix spelling and typos
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-24 15:56:18 -04:00
Werner Koch
3da835713f
gpg: New option --known-notation.
* g10/gpg.c (oKnownNotation): New const.
(opts): Add option --known-notation.
(main): Set option.
* g10/parse-packet.c (known_notations_list): New local var.
(register_known_notation): New.
(can_handle_critical_notation): Rewrite to handle the new feature.
Also print the name of unknown notations in verbose mode.
--

GnuPG-bug-id: 4060
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-29 09:36:09 +02:00