1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-30 19:58:44 +01:00
Commit Graph

9110 Commits

Author SHA1 Message Date
Werner Koch
d60f930d9b
scd: New debug flags "card".
* scd/scdaemon.c (debug_flags): Add "card".
* scd/scdaemon.h (DBG_CARD_VALUE, DBG_CARD): New.
--

Some information from parsing the card are often very helpful.
However, the card_io triggered APDU dumps are in most cases too heavy.
Thus this new debug flag.
2022-05-05 14:12:23 +02:00
Werner Koch
36a5509e11
gpg: Minor robustness fix.
* g10/parse-packet.c (mpi_read_detect_0_removal): Protect agains
failed gcry_mpi_scan.
--

Fixes-commit: 3fcef73714
2022-05-05 14:02:02 +02:00
NIIBE Yutaka
06e82e997a tests: Add a test for Ed25519 keys for non-protected secret.
* tests/openpgp/issue5120.scm: New.

--

Applied the master commit of:
	602c37ac06

GnuPG-bug-id: 5120, 5953
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-05-02 10:41:15 +09:00
NIIBE Yutaka
3fcef73714 gpg: Handle leading-zeros private key for Ed25519.
* g10/parse-packet.c (mpi_read_detect_0_removal): New.
(parse_key): Use mpi_read_detect_0_removal for PUBKEY_ALGO_EDDSA
to tweak the checksum.

--

GnuPG-bug-id: 5120
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-28 15:12:01 +09:00
NIIBE Yutaka
3192939a10 Revert "gpg: Accept Ed25519 private key in SOS which reserves leading zeros."
This reverts commit 14de7b1e59.
2022-04-28 11:09:44 +09:00
bobwxc
e5c6ead817 po: Update Simplified Chinese Translation.
--

Reviewed-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: bobwxc <bobwxc@yeah.net>
2022-04-28 09:49:38 +09:00
Werner Koch
740c02f33a
Post release updates
--

This also includes a speedo update for the Scute based authenticode
thing which has been manually added to speedo.mk at the end of the
release process of 2.2.35.
2022-04-25 19:05:15 +02:00
Werner Koch
f7bc6f5049
Release 2.2.35 2022-04-25 18:07:53 +02:00
Werner Koch
47ee0101dd
po: Fix a fuzzy in the German translation
--
2022-04-25 18:05:53 +02:00
Werner Koch
fd93b1a48f
po: Auto update
--
2022-04-25 18:04:21 +02:00
Werner Koch
86d84464ae
gpg: Avoid NULL ptr access due to corrupted packets.
* g10/parse-packet.c (parse_signature): Do not create an opaque MPI
with NULL and length > 0
(parse_key): Ditto.
--

GnuPG-bug-id: 5940, 5946
2022-04-25 15:29:11 +02:00
NIIBE Yutaka
9c0a24b4a5
agent: Not writing password into file.
* agent/genkey.c (do_check_passphrase_pattern): Use stream to invoke
pattern check program.

--

GnuPG-bug-id: 5917
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-25 11:45:12 +02:00
Werner Koch
f021ecd576
gpg: Emit an ERROR status as hint for a bad passphrase.
* g10/mainproc.c (proc_symkey_enc): Issue new error code.
(proc_encrypted): Ditto.
--

This allows GPGME to return a better error message than "bad session
key" to the user.  Technically we could get run into these errors also
in other cases but this more unlikley.  For the command line use we
don't do anything to not change the expected output of the command
line interface.

GnuPG-bug-id: 5943
2022-04-25 11:18:40 +02:00
Werner Koch
24ab4f933f
po: Update German translation
--
2022-04-20 09:26:32 +02:00
Werner Koch
a5faaf8bee
w32: Do no use Registry item DefaultLogFile for the main tools.
* g10/gpg.c (main): Set LOG_NO_REGISTRY.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
(show_other_registry_entries): Print "DefaultLogFile".
--

The intention of this mostly forgotten registry entry was to allow for
easy debugging of the tools.  However, with the global config
files (and in 2.3 with common.conf) things are anyway better.  We
disable the use for the commonly used tools so that it does not look
like calling gpg on the command line seems to block with no output if
the log server (e.g. tcp://1.2.3.4:11111) is not reachable.
2022-04-20 09:20:35 +02:00
Werner Koch
74f9e3e6c4
Prepare NEWS for the next release
--
2022-04-14 15:44:12 +02:00
Werner Koch
c8c71fc716
gpg: Replace an assert by a log_fatal.
* g10/build-packet.c (do_signature): Use log_fatal.
--
GnuPG-bug-id: 5809
2022-04-14 13:53:55 +02:00
Werner Koch
58532fe56c
scd: Minor code reorganization
* scd/ccid-driver.c: Move struct defines to the top.
(MAX_DEVICE): Rename to CCID_MAX_DEVICE.
2022-04-14 10:25:15 +02:00
Werner Koch
c4b14be48f
scd: Fix memory leak in ccid-driver.
* scd/ccid-driver.c (ccid_dev_scan): Use loop var and not the count.
--

Due to an assignment out of bounds this might lead to a crash if there
are more than 15 readers.  In any case it fixes a memory leak.
Kudos to the friendly auditor who found that bug.

Fixes-commit: 8a41e73c31
2022-04-14 10:17:28 +02:00
Werner Koch
e99670f944
scd:p15: Improve the PIN prompt for Genua cards.
* scd/app-p15.c (CARD_PRODUCT_GENUA): New.
(cardproduct2str): Add it.
(read_p15_info): Detect and set GENUA
(make_pin_prompt): Take holder string from the AODF.
2022-04-13 13:58:37 +02:00
Werner Koch
44ec383cde
scd:p15: Support for GeNUA cards.
* scd/app-p15.c (read_p15_info): Disable extended mode for Genua
cards.
2022-04-13 13:58:26 +02:00
Werner Koch
29fd805818
scd:p15: Prepare AODF parsing for other authentication types.
* scd/app-p15.c (auth_type_t): New.
(struct aodf_object_s): Add field auth_type.
(read_ef_aodf): Distinguish between pin and authkey types.  Include
the authtype in the verbose mode diags.
--

Note that the bulk of changes are just indentation changes.  There
should be no functional change.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e387cc97c8)
2022-04-13 13:56:58 +02:00
Werner Koch
80cf64c651
scd:p15: Add basic support for AET JCOP cards.
* scd/app-p15.c (CARD_TYPE_AET): New.
(cardtype2str): Add string.
(card_atr_list): Add corresponding ATR.
(app_local_s): New flag no_extended_mode.  Turn two other flags into
bit flags.
(select_ef_by_path): Hack to handle the 3FFF thing.
(readcert_by_cdf): Do not use extended mode for AET.
(app_select_p15): Set no_extended_mode.
---
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 544ec7872a)
2022-04-13 13:32:09 +02:00
NIIBE Yutaka
d9a8d3353a common,unix: Backport dotlock changes from GnuPG 2.3.
* common/dotlock.c (read_lockfile): Return FD in R_FD.
(dotlock_take_unix): Fix a race condition by new read_lockfile and
checking with fstat.  Describe one race condition in comment.
(dotlock_release_unix): Follow the change of read_lockfile.

--

GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-29 11:24:23 +09:00
Werner Koch
3b251c8366
dirmngr: Escape more characters in WKD requests.
* dirmngr/server.c (proc_wkd_get): Also escape '#' and '+'
--
GnuPG-bug-id: 5902
2022-03-28 16:13:52 +02:00
Werner Koch
ce69d55f70
gpgtar: New option --with-log
* tools/gpgtar.c: New option --with-log.
* tools/gpgtar.h (opt): Add field with_log.
* tools/gpgtar-extract.c (gpgtar_extract): Move directory string
building up.  Add option --log-file if needed.
* tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it
is used outside of its scope.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
2022-03-22 10:21:12 +01:00
Werner Koch
6d30fb6940
dirmngr: Make WKD_GET work even for servers not handling SRV RRs.
* dirmngr/server.c (proc_wkd_get): Take care of DNS server failures
--

Unfortunately there are resolver setups which don't handle SRV records
but return a server error.  We let a not found error pass, because
that merely means the domain does not exists.

GnuPG-bug-id: 4729
2022-03-21 22:41:09 +01:00
Werner Koch
d431feb307
gpgtar: Finally use a pipe for decryption.
* tools/gpgtar.h (opt): Add new flags.
* tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and
--require-compliance.
(main): Init signals.
* tools/gpgtar-create.c: Add new header files.
(gpgtar_create): Rework to use a pipe for encryption and signing.
* tools/gpgtar-list.c: Add new header files.
(gpgtar_list): Rework to use a pipe for decryption.
* tools/gpgtar-extract.c: Add new header files.
(gpgtar_extract): Rework to use a pipe for decryption.
--

Fixes-commit: 40dbee86f3
2022-03-21 13:08:04 +01:00
Werner Koch
15eda7ce78
gpg: Print info about the used AEAD algorithm.
* g10/misc.c (openpgp_cipher_algo_mode_name): New.
* g10/decrypt-data.c (decrypt_data): Use function here.
--

With out this change we would see

  gpg: cipher algorithm 'AES256' may not be used in
  --compliance=de-vs mode

This is confusing because AES256 is compliant.  Now we see

  gpg: cipher algorithm 'AES256.OCB' may not be used in
  --compliance=de-vs mode

which gives a hint on the problem.
2022-03-18 13:50:18 +01:00
Werner Koch
c145366549
common: New function map_static_strings
* common/mapstrings.c (struct intmapping_s): New.
(map_static_strings): New.
* common/stringhelp.c (do_strconcat): Rename to ...
(vstrconcat): this and make global.

* common/t-mapstrings.c (test_map_static_strings): New test.
2022-03-18 13:47:10 +01:00
Werner Koch
e081a601f7
gpg: Allow decryption of symencr even for non-compliant cipher.
* g10/decrypt-data.c (decrypt_data): Add arg compliance_error.  Adjust
all callers.  Fail on compliance error only in --require-compliance
mode.  Make sure to return an error if the buffer is missing; actually
that should be an assert.
* g10/mainproc.c (proc_encrypted): Delay printing of the compliance
mode status.  Consult the compliance error now returned by
decrypt_data.
--

The actual case here is that we fail hard if a message has been AEAD
encrypted with one AEAD capable key and also with one passphrase.  In
general the preference system takes care of not using AEAD if one
recipient's key does not support it.  However, if the sender uses her
own AEAD-capable key _and_ a passphrase the message will be AEAD
encrypted.  This change allows to decrypt that anyway along with a
warning message.

Note that this does currently not work in 2.3 due to a non-compliant
libgcrypt.  We will however, backport this to 2.2.
2022-03-18 11:55:17 +01:00
Werner Koch
7ba44d15ca
common: New flags for gnupg_spawn_process
* common/exechelp.h (GNUPG_SPAWN_KEEP_STDIN): New.
(GNUPG_SPAWN_KEEP_STDOUT): New.
(GNUPG_SPAWN_KEEP_STDERR): New.
* common/exechelp-posix.c (do_exec): Add arg flags and implement new
flags.
* common/exechelp-w32.c (gnupg_spawn_process): Implement new flags.
2022-03-15 09:47:45 +01:00
Werner Koch
e8b1ab1d2d
gpgconf: Silence warnings from parsing the options files
* tools/gpgconf-comp.c (retrieve_options_from_program): Set verbose
flag for the arg parser only in --verbose mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit ad1254b59d)

GnuPG-bug-id: 5874
2022-03-09 14:03:03 +01:00
NIIBE Yutaka
0c7dffe99d sm: Fix parsing encrypted data.
* sm/minip12.c (cram_octet_string): Finish when N==0.
(parse_bag_encrypted_data): Support constructed data with multiple
octet strings.

--

Backport master commit of:
	6c50834c09

GnuPG-bug-id: 5793
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-09 10:57:22 +09:00
Werner Koch
847d618454
gpgsm: New option --require-compliance
* sm/gpgsm.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* sm/gpgsm.h (opt): Add field require_compliance.
(gpgsm_errors_seen): Declare.
* sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
2022-03-08 19:06:30 +01:00
Werner Koch
17890d4318
gpg: New option --require-compliance.
* g10/options.h (opt): Add field flags.require_compliance.
* g10/gpg.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant.
(check_sig_and_print): Ditto.
* g10/encrypt.c (encrypt_crypt): Ditto.
--

Note that in the --encrypt and --verify cased other checks may kick in
earlier than this new --require-compliance controlled one.
2022-03-08 18:19:38 +01:00
Werner Koch
c11292fe73
gpg: Give Libgcrypt CFLAGS a higher priority than SQlite.
* g10/Makefile.am (AM_CFLAGS): Reorder.
--

The more specific CLFAGS should come first so these are picked up
first.  We really should improve the build system to enforce this
rule.  In particular /usr/local/include should come after any more
specific location.
2022-03-08 10:13:06 +01:00
Werner Koch
5492079def
gpgtar,w32: Support file names longer than MAX_PATH.
* tools/gpgtar.c: Replace assert by log_assert.
* tools/gpgtar-extract.c: Ditto.
(extract_regular): Create files with sysopen flag.
* tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar.
--

Note that for this change libgpg-error 1.45 is required for Windows.
2022-03-04 15:00:16 +01:00
Werner Koch
4122896a39
common,w32: Support file names longer than MAX_PATH in iobuf.
* common/iobuf.c (direct_open): Use gpgrt_fname_to_wchar.
(any8bitchar): Remove.
2022-03-04 14:54:26 +01:00
Jussi Kivilinna
9116fd1e9a
g10: Avoid extra hash contexts when decrypting MDC input
* g10/mainproc.c (mainproc_context): New member
'seen_pkt_encrypted_mdc'.
(release_list): Clear 'seen_pkt_encrypted_mdc'.
(proc_encrypted): Set 'seen_pkt_encrypted_mdc'.
(have_seen_pkt_encrypted_aead): Rename to...
(have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for
'seen_pkt_encrypted_mdc'.
(proc_plaintext): Do not enable extra hash contexts when decrypting
MDC input.
--

Avoiding extra hash contexts speeds up CFB/MDC decryption quite
a lot. For example, decrypting symmetric-key AES-256 encrypted
4 GiB file from RAM to /dev/null sees ~3.4x speed increase on
AMD Ryzen 5800X:

 AES256.CFB encryption: 783 MB/s
 AES256.CFB decryption: 386 MB/s (before)
 AES256.CFB encryption: 1.3 GB/s (after patch)

Note, AEAD is still significantly faster:

 AES256.OCB encryption: 2.2 GB/s
 AES256.OCB decryption: 3.0 GB/s

GnuPG-bug-id: T5820
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit ab177eed51)

Even 2.2 with the older Libgcrypt 1.8 gets a threefold speedup; see
https://dev.gnupg.org/T5820#155447 (AES-128 vs. AES-256 does not make
a substanial difference)

Signed-off-by: Werner Koch <wk@gnupg.org>
2022-02-24 14:14:48 +01:00
Werner Koch
a2db490de5
scd:p15: Used extended mode already for RSA 2048
* scd/app-p15.c (do_sign, do_decipher): Replace GT by GE.
--
2022-02-21 12:23:04 +01:00
Werner Koch
f7e13adb96
po: Fix typo in German translation
--
2022-02-21 12:22:50 +01:00
NIIBE Yutaka
f064d972e3 tests: Remove a test case with "quiet" option with gpgconf.
* tests/openpgp/gpgconf.scm: Remove "quiet" test.

--

Fixes-commit: 2f2130ff24
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-17 14:17:27 +09:00
NIIBE Yutaka
3c3765405d scd: Use lock_slot for apdu_send_direct.
* scd/apdu.c (apdu_send_direct): Use lock_slot.

--

Cherry-pick the master commit of:
	f808012ac2

With trylock_slot, it may return SW_HOST_BUSY.  This may occur when
apdu_get_status is called by scd_update_reader_status_file.

Simply using lock_slot is much easier for user of apdu_send_direct.

GnuPG-bug-id: 5831
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-02-17 14:05:01 +09:00
Werner Koch
2f2130ff24
gpgconf: Do not show "quiet" as option.
* tools/gpgconf-comp.c: Remove "quiet" and two unsupported options
--

The --quiet option is not intended for config files and thus should
not be displayed by config dialogs.
2022-02-09 20:08:58 +01:00
Werner Koch
5f3e857ef6
Post release updates
--
2022-02-07 21:44:36 +01:00
Werner Koch
04d40a680b
Release 2.2.34 2022-02-07 20:24:26 +01:00
Werner Koch
3c79ff34c4
dirmngr: Changes to the linking order.
* dirmngr/Makefile.am: Tweak library order.
2022-02-07 20:24:22 +01:00
Werner Koch
cd6a165d61
po: msgmerge introduced indenting for ja.po
--
2022-02-07 18:24:26 +01:00
Werner Koch
ce6e0b172e
Update copyright notices.
--

Note that for this LTS version we now print g10 Code as the first
copyright holder with --version.  This is to avoid confusion at our
customers, now that we also provide a Linux^WGNU/Linux version of
GnuPG VS-Desktop and the Windows version has always shown g10 Code.
2022-02-07 18:22:30 +01:00