* tests/cms/samplemsgs/: Add sample messages.
* sm/gpgsm.c (main): Use gpgrt_fcancel on decryption error.
* sm/decrypt.c (decrypt_gcm_filter): New.
(gpgsm_decrypt): Use this filter if requested. Check authtag.
--
Note that the sample message pwri-sample.gcm.p7m is broken: The
authtag is duplicated to the authEncryptedContentInfo. I used a
temporary code during testing hack to that test message out.
* g10/gpg.c (main): Don't use the default log file from common.conf.
* sm/gpgsm.c (main): Ditto.
--
That was acutally not intended and contradicts the description in
doc/example/common.conf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/keylist.c (do_show_certs): New.
(gpgsm_show_certs): New.
* sm/gpgsm.c (aShowCerts): New.
(opts): Add --show-certs.
(main): Call gpgsm_show_certs.
--
I have been using libksba test programs for countless times to look at
certificates and I always wanted to add such a feature to gpgsm. This
is simply much more convenient.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/comopt.c, common/comopt.h: New.
* common/Makefile.am: Add them.
* g10/gpg.c: Include comopt.h.
(main): Also parse common.conf.
* sm/gpgsm.c: Include comopt.h.
(main): Set a flag for the --no-logfile option. Parse common.conf.
* tools/gpgconf-comp.c (known_options_gpg): Remove "use-keyboxd", add
pseudo option "use_keyboxd".
(known_pseudo_options_gpg): Add pseudo option "use_keyboxd".
(known_options_gpgsm): Remove "use-keyboxd".
* tests/openpgp/defs.scm (create-gpghome): Create common.conf.
* doc/examples/common.conf: New.
--
Note that --use-keybox still works but prints a warning. We will
eventually remove this option becuase it was marked as an experimental
feature anyway.
It would be too confusing if gpg and gpgsm use different key storages.
Further, other components (e.g. dirmngr or gpg-wks-client) which call
gpg or gpgsm need to be aware that the keyboxd is used and pass that
option on the command line. Now that common.conf is always read (even
if --no-options is used) those tools will work instantly.
* sm/gpgsm.c: Include npth.h.
(main): Init nPth.
--
Actually we currently do not use extra threads but we need to link to
the npth version of the common functions because there is an option to
use threads. Now, without initialized npth, we could experience a
crash in gnupg_sleep, which uses npth_usleep in the npth based common
functions.
Fixes-commit: 046f419f80
* sm/encrypt.c (gpgsm_encrypt): Take care of --quiet.
* sm/gpgsm.c: Include minip12.h.
(set_debug): Call p12_set_verbosity.
* sm/import.c (parse_p12): Dump keygrip only in debug mode.
* sm/minip12.c (opt_verbose, p12_set_verbosity): New.
(parse_bag_encrypted_data): Print info messages only in verbose mode.
--
GnuPG-bug-id: 4757
* configure.ac (NEED_GPG_ERROR_VERSION): Rename to NEED_GPGRT_VERSION
and set to 1.41.
* common/sysutils.c (gnupg_access): Remove code for older gpgrt
versions.
* kbx/backend-sqlite.c: Ditto.
* sm/gpgsm.c (main): Ditto.
--
We already have a requirement for a newer Libgcrypt and thus we can
also require a more recent libgpgrt (aka libgpg-error) which was
released before Libgcrypt.
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New. Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--
This is yet another step for full Unicode support on Windows.
GnuPG-bug-id: 5098
* common/sysutils.c (gnupg_access): New. Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--
Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.
This is required to correctly handle non-ascii filenames on Windows.
GnuPG-bug-id: 5098
* common/openpgp-oid.c (map_openpgp_pk_to_gcry): Use cast for enum
conversion.
* dirmngr/dns-stuff.c (get_dns_srv): Use explicit conversion from
int to float.
* sm/gpgsm.c (parse_keyserver_line): Initialize ERR.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid. Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (oChUid, opts): New option --chuid.
(main): Implement option.
--
This option will at least be useful for Scute.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main) <aSign,aEncr>: Uses gpgrt_fcancel on error.
--
When creating a signature or encrypting and the respective key is not
available or the user canceled the PIN entry gpgsm prints the initial
part of the message due to internal buffering in gpgrt. By using
gpgrt_fcancel we can avoid this at least as long as the data is less
than the standard buffer size (which is currently 8k). If is not a
complete solution but the best we can do easily. Outputting to the
tty is anyway more of a testing aid than for real use.
This makes use of the new gpgrt_fcancel API.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/decrypt.c (ecdh_decrypt): Support
dhSinglePass-stdDH-sha1kdf-scheme. Factor key derive code out to ...
(ecdh_derive_kek): new global function. Allow for hashs shorter than
the key.
(hash_ecc_cms_shared_info): Make file-only.
* sm/encrypt.c (ecdh_encrypt): Replace derive code by a call to the
new ecdh_derive_kek. Add test code to create data using
dhSinglePass-stdDH-sha1kdf-scheme.
* sm/gpgsm.h (opt): Add member force_ecdh_sha1kdf.
* sm/gpgsm.c: Add option --debug-force-ecdh-sha1kdf.
--
I did some test against
Governikus_Signer: 2.9.2.0
MCard security Provider: 2.4.0
Algorithm catalog from: 05.12.2019
using a Signature Card v2.0 and a nistp256 certificate. Encrypting
with Governikus used the stdDH-sha1kdf scheme which we can now
decrypt. Encrypting with GPGSM uses for that curve the recommended
scheme sha256kdf but Governikus was not able to decrypt this (no
usable error message). Encrypting using stdDH-sha1kdf with GPGSM by
using the new --debug-force-ecdh-sha1kdf option showed that
Governikus was able to decrypt this.
FWIW: RFC5753 (Use of Elliptic Curve Cryptography (ECC) Algorithms)
has this requirement:
Implementations that support EnvelopedData with the
ephemeral-static ECDH standard primitive:
- MUST support the dhSinglePass-stdDH-sha256kdf-scheme key
agreement algorithm, the id-aes128-wrap key wrap algorithm, and
the id-aes128-cbc content encryption algorithm; and
which Governikus seems not to fulfill.
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sexputil.c (pubkey_algo_to_string): New.
* sm/certcheck.c (do_encode_md): Replace GCRY_PK_ECDSA by GCRY_PK_ECC.
* sm/certreqgen-ui.c (check_keygrip): Add all ECC algorithms.
* sm/gpgsm.c (our_pk_test_algo): Also allow EdDSA.
* sm/verify.c (gpgsm_verify): Map ECC algo to ECDSA. Use new pubkey
algo name function
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--
If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks. The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list. Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--
There is no need to read the list of options from the components
unless they convey a default value. It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed. Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c: Remove all regular option descriptions. They
are now read in from the component. Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--
This second part removes all regular option descriptions because they
can be read from the components. A few were missing in the components
and thus moved to there.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpgv.c: Use new option parser.
* sm/gpgsm.c: Ditto.
* agent/gpg-agent.c: Ditto.
(opts): Add option --no-options.
--
This is the next part of changes. The latest libgpg-error is required
so that that re-reading options (SIGHUP) works.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h. Do this also for all main modules which use our option
parser except for gpg. Replace calls to strusage by calls to
gpgrt_strusage everywhere.
* g10/gpg.c (opts): Change type to gpgrt_opt_t. Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t. Rework the option
parser to make use of the new gpgrt_argparser.
--
This is not yet finished but a make check works. gpg has the most
complex and oldest option handling and thus this is the first
migration target. SE-Linux checks and version-ed config files are
missing and will be added later.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C. Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.
* g10/main.h: Put util.h before the local header files.
--
This change is required for use with gcc/ld's LTO feature which does
not allow common blocks. Further gcc 10 will make -fno-common the
default and thus this chnage is always needed. What a pitty.
Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87)
- Applied respective chnages also to gpg-card and keyboxd.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.h (struct keyserver_spec): Add field use_ldaps.
* sm/gpgsm.c (parse_keyserver_line): Parse flags.
* sm/call-dirmngr.c (prepare_dirmngr): Send ldaps flag to the dirmngr.
* dirmngr/dirmngr.h (struct ldap_server_s): Add field use_ldaps.
* dirmngr/ldapserver.c (ldapserver_parse_one): Parse flags.
* dirmngr/ldap.c (start_cert_fetch_ldap): Call wrapper with --tls.
* dirmngr/dirmngr_ldap.c: New option --tls.
(fetch_ldap): Make use of that option.
--
There was no way to specify an LDAPS server in
dirmngr_ldapserver.socnf or with gpgsm's --keyserver option. This
patch fixes this. Eventually we should allow to replace host and port
by a partial URI in the same way ldap_initialize does it. For backward
compatibility we do not yet do that.
Although the dirmngr code accepts an URL (eg. taken from a
certificate), I can't see how the scheme was ever used. Thus the
patch also detects an ldaps scheme and uses this. That part has not
been tested, though.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (opts): New options --authenticode and --attribute.
* sm/gpgsm.h (opt): Add vars authenticode and attribute_list.
* sm/sign.c (add_signed_attribute): New but inactive.
(gpgsm_sign): Use new options.
--
Because libksba 1.4 is not yet ready the new code is not yet active.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
mode.
--
The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
a decryption command. With that patch the errors are printed but
decryption continues and the process returns success unless other
errors occur.
GnuPG-bug-id: 4431
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main): Call translate_sys2libc_fd_int to
convert the FDs.
--
This is required to actually pass gpgsm an fd on windows
and not a windows handle.
For the passphrase-fd this was already done.
* g10/cpr.c (write_status_failure): Make it print only once.
* g10/gpg.c (wrong_args): Bump error counter.
(g10_exit): Print a FAILURE status if we ever did a log_error etc.
(main): Use log_error instead of log_fatal at one place. Print a
FAILURE status for a bad option. Ditto for certain exit points so
that we can see different error locations.
--
This makes it easier to detect errors by tools which have no way to
get the exit code (e.g. due to double forking).
GnuPG-bug-id: 3872
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-util.c (keybox_set_malloc_hooks): Remove.
(_keybox_malloc, _keybox_calloc, keybox_realloc)
(_keybox_free): Remove.
(keybox_file_rename): Remove. Was not used.
* sm/gpgsm.c (main): Remove call to keybox_set_malloc_hooks.
* kbx/kbxutil.c (main): Ditto.
* kbx/keybox-defs.h: Remove all separate includes. Include util.h.
remove convenience macros.
* common/logging.h (return_if_fail): New. Originally from
keybox-defs.h but now using log_debug.
(return_null_if_fail): Ditto.
(return_val_if_fail): Ditto.
(never_reached): Ditto.
--
Originally the KBX code was written to allow standalone use. However
this required lot of ugliness like separate memory allocators and
such. It also precludes the use of some standard functions from
common due to their use of the common gnupg malloc functions.
Dropping all that makes things easier. Minor disadvantages: the kbx
call done for gpg will now use gcry malloc fucntions and not the
standard malloc functions. This might be a bit slower but removing
them even fixes a possible bug in keybox_tmp_names which is used in
gpg and uses gpg's xfree which is actually gcry_free.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main): Allow setting of the default compliance.
* tools/gpgconf-comp.c (gc_options_gpgsm): Add "compliance".
--
This is required so that we can use this option in in gpgconf.conf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/certlist.c (gpgsm_find_cert): Add arg allow_ambiguous and use it.
* sm/call-dirmngr.c (inq_certificate): Pass true to ALLOW_AMBIGUOUS
(run_command_inq_cb): Ditto.
* sm/gpgsm.c (main): Pass false.
* sm/server.c (cmd_passwd): Pass false.
--
As described in my report T1644, it is possible that multiple
certificates exist with the same Distinguished Name and the same key.
In this case, verifying S/MIME signatures and other actions fail with
"certificate not found: Ambiguous name". For details see the bug
report.
To circumvent the problem, I am patching GnuPG since 2014 so that in
this case the newest of the ambiguous certificates is used.
This is not an ultimate solution of the problem: You should try every
certificate with the same DN until verification succeeds or until all
certificates fail, and if multiple certificates of a chain are
ambiguous you even have to check every combination. You may even
consider checking the keyUsage attributes of the ambiguous certificates
to reduce the number of combinations.
But in the existing case of the certificates in the German Research
Network (DFN) PKI where the newest one is the valid one and all
ambiguous certificates have the same keyUsage attributes, this patch
has proven to be sufficient over the last three years.
With every GnuPG update, I have adapted the patch, luckily I never
needed to change anything except line numbers.
GnuPG-bug-id: 1644
ChangeLog log written by wk, comment taken from mail. Signed-off line
was missing in the plain diff. However the mail with the patch and
the DCO posted as reply to that mail were both signed.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/pkscreening.c: New.
* common/pkscreening.h: New.
* common/Makefile.am (common_sources): Add them.
* g10/gpg.c (opts): New option --with-key-screening.
* g10/options.h (struct opt): New field with_key_screening.
* g10/keylist.c: Include pkscreening.h.
(print_pk_screening): New.
(list_keyblock_print): Call it.
(print_compliance_flags): Call it.
* sm/gpgsm.c (opts): New option --with-key-screening.
* sm/gpgsm.h (scruct opt): New field with_key_screening.
* sm/keylist.c: Include pkscreening.h.
(print_pk_screening): New.
(print_compliance_flags): Call it. Add new arg cert.
(list_cert_colon): Pass arg cert
(list_cert_std): Call print_pk_screening.
* sm/fingerprint.c (gpgsm_get_rsa_modulus): New.
--
This new option can be used to detect ROCA affected keys. To scan an
entire keyring and print the affected fingerprints use this:
gpg -k --with-key-screening --with-colons | gawk -F: \
'$1~/pub|sub|sec|ssb|crt/ && $18~/\<6001\>/ {found=1;next};
$1=="fpr" && found {print $10}; {found=0}'
The same works for gpgsm. Note that we need gawk due to the "\<" in
the r.e.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
default to 3072 bits.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
3072 bits.
* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
* sm/gpgsm.c (main): print correct default_pubkey_algo.
--
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gbp-Pq: Topic update-defaults
Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
Werner Koch