1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

164 Commits

Author SHA1 Message Date
David Shaw
492f05f5b9 * keyedit.c (show_key_with_all_names), keylist.c (list_keyblock_print):
Show "[expired]" before expired uids.

* keyedit.c (show_key_with_all_names_colon), mainproc.c (list_node),
keylist.c (list_keyblock_colon): Use "uat" for user attribute packets
instead of "uid".  Also use '<count> <length>' rather than the fake user
id string.
2002-06-15 12:25:54 +00:00
Timo Schulz
fa73dd2052 2002-06-05 Timo Schulz <ts@winpt.org>
* encode.c (encode_simple): Ignore the new mode for RFC1991.
        * mainproc.c (symkey_sesskey_decrypt): Better check for weird
        keysizes.
2002-06-05 13:48:41 +00:00
Timo Schulz
8bd4025def 2002-06-05 Timo Schulz <ts@winpt.org>
* encode.c (encode_sesskey): New.
        (encode_simple): Use it here. But by default we use the compat
        mode which supress to generate encrypted session keys.
2002-06-05 12:19:44 +00:00
Timo Schulz
fade87da08 *** empty log message *** 2002-06-05 11:47:18 +00:00
Timo Schulz
3b6a0c36a2 2002-06-05 Timo Schulz <ts@winpt.org>
* mainproc.c (symkey_decrypt_sesskey): New.
        (proc_symkey_enc): Support for encrypted session keys.
2002-06-05 10:31:08 +00:00
David Shaw
8273c72860 * packet.h, parse-packet.c (enum_sig_subpkt): Report back from
enum_sig_subpkt when a subpacket is critical and change all callers in
keylist.c (show_policy_url, show_notation), mainproc.c
(print_notation_data), and pkclist.c (do_show_revocation_reason).

* keylist.c (show_policy_url, show_notation): Display if the policy or
notation is critical.
2002-06-03 23:30:10 +00:00
Werner Koch
0a66b9aaae * mainproc.c (proc_symkey_enc): Avoid segv in case the parser
encountered an invalid packet.
2002-05-11 16:54:43 +00:00
Timo Schulz
f6ccde9f14 2002-05-04 Timo Schulz <ts@winpt.org>
* mainproc.c (proc_symkey_enc): Don't ask for a passphrase
        in the list only mode.
2002-05-05 15:50:44 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
018f352294 * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
2002-04-11 04:04:41 +00:00
David Shaw
d367d40e47 Add KEYEXPIRED, EXPSIG, and EXPKEYSIG. Add
"deprecated-use-keyexpired-instead" to SIGEXPIRED.

Start transition from SIGEXPIRED to KEYEXPIRED, since the actual event is
signature verification by an expired key and not an expired signature.
Rename do_signature_check as signature_check2, make public, and change all
callers.

Use status EXPSIG for an expired, but good, signature.  Add the expiration
time (or 0) to the VALIDSIG status line.  Use status KEYEXPSIG for a good
signature from an expired key.

Remove checks for no arguments now that argparse does it.
2002-04-10 04:21:26 +00:00
David Shaw
b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid).  This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key.  Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust.  The key is *not* automatically trusted via
--allow-non-selfsigned-uid.

Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.

If the main key is not valid, then neither are the subkeys.

Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8.  Remove mark_non_selfsigned_uids_valid()

Show revocation key as UTF8.

Allow --not-dash-escaped to work with v3 keys.
2002-03-17 23:47:32 +00:00
David Shaw
f8f52d8ffe Some minor fixes for revocation keys: print a warning if a key is imported
that has been revoked by designated revoker, but the designated revoker is
not present to verify the revocation (whew!).  This applies to all ways to
get a key into the system: --import --recv-keys, and --search-keys.  If
auto-key-retrieve is set, try and retrieve the revocation key.

Also, auto-key-retrieve is now a keyserver-option.
2002-03-07 19:44:57 +00:00
David Shaw
22f32c9472 For --sig-policy-url and --cert-policy-url, clarify what is a sig and what
is a cert.  A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.

Add a "nrlsign" for nonrevocable and local key signatures.

Add a --no-force-mdc to undo --force-mdc.

Add a knob to force --disable-mdc/--no-disable-mdc.  Off by default, of
course, but is used in --pgp2 and --pgp6 modes.

Allow specifying multiple users in the "Enter the user ID" loop.  Enter a
blank line to stop.  Show each key+id as it is added.

It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.

More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
2002-02-10 00:18:54 +00:00
David Shaw
a6f19f40d9 Only check preferences against keys with v4 self sigs as v3 sigs have no
prefs
Only put in the fake IDEA preference with --pgp2 mode
Print "Expired" for expired but good signatures.
2002-01-24 23:54:36 +00:00
Werner Koch
5a92c6052f * passphrase.c (passphrase_to_dek): Add tryagain_text arg to be
used with the agent.  Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
2002-01-20 18:33:04 +00:00
David Shaw
aa2e2392da Add an outofband indicator to the keyserver protocol.
Use signature flags for exportability check rather than re-parsing the
subpacket.
2001-12-28 16:34:01 +00:00
Werner Koch
ca1bc23ef2 * g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here.  By David Champion.
2001-12-21 20:08:51 +00:00
David Shaw
e8936126af Much stricter checking of the keyserver URI
IDEA warning for pk messages encrypted with IDEA (symmetric is already done)
Print IDEA warning for each occurance except for secret key protection and
unknown cipher from an encrypted message.
2001-12-18 23:10:46 +00:00
David Shaw
0335a5f458 Fix capitalization issues 2001-12-17 22:48:52 +00:00
David Shaw
1ccd578910 Sig expiration code
Offer to expire a key signature when the key the user is signing expires
Expired sigs cause an error return
If --expert is set, prompt for sig duration
2001-12-07 01:14:15 +00:00
David Shaw
b7a4656965 Generic keyserver API code 2001-12-06 21:43:04 +00:00
Werner Koch
0a036b6b03 Tweaked v3 -c decryption, let --force-v4-certs use SHA-1 for all RSA keys. 2001-11-08 16:24:04 +00:00
Werner Koch
a3af543617 Revamped the trustDB 2001-09-24 16:03:14 +00:00
Werner Koch
abdd248af9 Code cleanups 2001-09-20 07:12:52 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
e46ad749f9 Check for garbled packets 2001-09-18 09:40:31 +00:00
Werner Koch
ed17c7afd0 Revamped the keyring code 2001-09-06 17:10:00 +00:00
Werner Koch
3f465d5d7a bug fixes 2001-08-31 12:51:41 +00:00
Werner Koch
98a8843e28 Implemented -cs and some fixes to the rfc1991 symmetric only mode 2001-08-20 19:10:34 +00:00
Werner Koch
aa9da2b07e reworked the way hased data is stored and added a "primary" command
DCVS: ----------------------------------------------------------------------
2001-08-09 09:34:25 +00:00
Werner Koch
6732700743 migration to autoconf 2.52 and bugfixes 2001-07-26 09:37:47 +00:00
Werner Koch
e354b518d3 just released another snapshot 2001-05-28 12:46:28 +00:00
Werner Koch
397a73b685 Fixes for W32 2001-04-19 11:40:45 +00:00
Werner Koch
c9e908e734 Improved pipemode and tweaked handling of multiple signatures. 2001-04-05 12:21:43 +00:00
Werner Koch
ec742b7f58 Fixed nasty Hash bug 2001-03-28 21:20:39 +00:00
Werner Koch
e2c88461fc Fixed a bugs; e.g. in --list-secret-keys 2001-03-27 09:23:14 +00:00
Werner Koch
3b866e74a8 Verify created signatures. 2001-03-24 16:29:31 +00:00
Werner Koch
aaabc72ec0 Keyserver access is now supported under W32 2001-03-13 13:00:10 +00:00
Werner Koch
5e79cb47e0 worked on solving some bugs 2001-03-12 20:21:50 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
fbbcb797c5 Fixed the new key selection code 2001-03-03 16:17:55 +00:00
Werner Koch
227d0f17de Changes for MingW32/CPD 0.3 and some bug fixes 2001-01-18 09:02:35 +00:00
Werner Koch
9b12847f25 Add missing stub, fixed comment typos 2000-12-28 19:32:55 +00:00
Werner Koch
04beb81571 1.0.4c snapshot 2000-12-19 12:38:53 +00:00
Werner Koch
335dcec55b Pipemode now works for detached binary signatures. 2000-12-11 19:54:59 +00:00
Werner Koch
41913b7f01 Fixed the detached signature bug.
Minor modifications for W32.
2000-11-30 12:08:36 +00:00
Werner Koch
d0af3b25d2 Some new features for use with gpgme 2000-11-15 21:22:49 +00:00
Werner Koch
0ad18f3cc4 Debian updates, minor fixes. 2000-10-17 12:41:51 +00:00
Werner Koch
c9c435d91f More multiple signature fixes 2000-10-16 09:25:36 +00:00