* common/mischelp.c (timegm): Move to ...
* common/gettime.c (timegm): here. On Windows use timegm_u32.
(timegm_u32): New.
(isotime2epoch): Factor code out to ...
(isotime_make_tm): new helper.
(isotime2epoch_u64): New.
(_win32_timegm): Remove duplicated code.
(parse_timestamp): Use of timegm.
(scan_isodatestr): Fallback to isotime2epoch_u64.
--
This mainly helps on 32 bit Windows. For Unix we assume everyone is
using 64 bit or shall wait until the libc hackers finally provide a
time64_t.
GnuPG-bug-id: 6736
* sm/minip12.c: Factor parsing code out to ...
* common/tlv-parser.c: new. Extend function names and provide a few
extra functions.
* common/Makefile.am (common_sources): Add new file.
* sm/minip12.c: Adjust to use the new parser API.
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize.
Remove pop_count. Rename offset to length.
(dump_tag_info, _dump_tag_info): Rewrite.
(dump_tlv_ctx, _dump_tlv_ctx): Rewrite.
(tlv_new): Init origbuffer.
(_tlv_peek): Add arg ti.
(tlv_peek): New.
(tlv_peek_null): New.
(_tlv_push): Rewrite.
(_tlv_pop): Rewrite.
(tlv_next): New macro. Move old code to ...
(_tlv_next): this. Add arg lno. Pop remaining end tags.
(tlv_popped): Remove.
(tlv_expect_object): Handle ndef.
(tlv_expect_octet_string): Ditto.
(parse_bag_encrypted_data): Use nesting level to control the inner
loop.
(parse_shrouded_key_bag): Likewise.
(parse_bag_data): Handle surplus octet strings.
(p12_parse): Ditto.
* sm/minip12.c (decrypt_block): Strip the padding.
(tlv_expect_top_sequence): Remove. Replace callers by
tlv_expect_sequence.
* tests/cms/samplekeys/t6752-ov-user-ff.p12: New sample key.
* tests/cms/samplekeys/Description-p12: Add its description
--
This patch improves the BER parser by simplifying it. Now tlv_next
pops off and thus closes all containers regardless on whether they are
length bounded or ndef. tlv_set_pending is now always used to undo
the effect of a tlv_next in a loop condition which was terminated by a
nesting level change.
Instead of using the length as seen in the decrypted container we now
remove the padding and let the BER parser do its work. This might
have a negative effect on pkcs#12 objects which are not correctly
padded but we don't have any example of such broken objects.
GnuPG-bug-id: 6752
* m4/autobuild.m4 (AB_INIT): Add username.
--
The old autobuild diagnostics show up in build logs. What they are
missing is an information on the user who triggered a build. EMAIL is
a common thing to denote the actual user using a service account.
* g10/keygen.c (parse_expire_string_with_ct): Use new function
scan_secondsstr.
(parse_creation_string): Ditto.
--
Noet that we cap the seconds at the year 2106.
GnuPG-bug-id: 6736
* sm/minip12.c (_tlv_push): Handle NDEF more correctly.
(tlv_expect_octet_string): Do not bail out on NDEF.
(dump_tag_info): Print some more infos.
--
We do not have a complete test case for this. We need to further
analyze T6752 to see what Mozilla is doing here. In any case with
this patch we get a bit further and don't bail out at the ndef.
GnuPG-bug-id: 6536, 6752
* sm/minip12.c (oid_hmacWithSHA1): New. Also for the SHA-2 algos.
(digest_algo_from_oid): New.
(set_key_iv_pbes2): Add arg digest_algo.
(crypt_block): Ditto.
(decrypt_block): Ditto.
(parse_bag_encrypted_data): Parse the optional prf part and get the
hmac algorithm.
(parse_shrouded_key_bag): Ditto.
(p12_build): Pass SHA1 for digest_algo.
* sm/t-minip12.c (run_one_test): Print failed values in verbose mode.
* tests/cms/samplekeys/nistp256-openssl-self-signed.p12: New.
* tests/cms/samplekeys/Description-p12: Add this one.
* tests/cms/Makefile.am (EXTRA_DIST): Ditto.
--
This supports the modern algorithms, i.e. using SHA256 for the KDF
which is the default in openssl unless the -legacy option is used.
GnuPG-bug-id: 6536
* configure.ac (TEST_LIBTSS): Fix the condition with SWTPM.
* tests/tpm2dtests/start_sw_tpm.sh: Use --daemon and --pid
to run SWTPM.
--
Cherry-picked from master commit of:
98dd6f7af6
GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* configure.ac (TPMSERVER): Don't supply hard-coded path.
(SWTPM, SWTPM_IOCTL, TSSSTARTUP): Likewise.
--
Cherry-picked from master commit of:
f2ca727978
Having hard-coded path has bad side effect; It may not be detected
even if it's available with PATH.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
agent_delete_key before agent_write_private_key. Recover
from an error.
--
Cherry-picked from master commit of:
eda3997b43
Fixes-commit: a1015bf2fc
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
* sm/minip12.c (need_octet_string_cramming): New.
(tlv_expect_object, tlv_expect_octet_string): Run the test before
cramming.
* sm/minip12.c (ENABLE_DER_STRUCT_DUMPING): New but undefined macro
for debug purposes.
(bag_decrypted_data_p, bag_data_p): Use macro to allow dumping.
--
This bug was exhibited by importing a gpgsm exported EC certificate.
We use an extra test instead of retrying to allow retruning an error
from malloc failure. And well, for easier reading of the code.
GnuPG-bug-id: 6536
* common/dotlock.c (next_wait_interval): New.
(dotlock_take_unix): Use new function.
(dotlock_take_w32): Ditto.
--
In particular when using a dotlock file for protecting the spawning
and several processes try to spawn the agent or another component, we
often run into long delays. The solution is to is to exponential
backoff and also to reduce the initial delay from 50ms to 4ms. We
further limit the maximum wait period to about 2 seconds and then
repeat at intervals of 512, 1024 and 2048ms. In the wait-forever case
we add a small random value to have different intervals per process.
GnuPG-bug-id: 3380
For testing this code snippet in the spawning function might be
useful:
const char *s;
if ((s=getenv("hold_gpg_file")))
while (!gnupg_access (s, F_OK))
gnupg_sleep (1);
* dirmngr/http.c (enum auth_negotiate_states): New.
(struct proxy_info_s): Add new fields.
(release_proxy_info): Free Windows stuff.
(proxy_get_token): New. Implemented only for Windows for now.
(run_proxy_connect): Add support for auth method Negotiation.
(store_header): Keep some header lines separate.
--
The code does something but I have not yet been able to test it due
to problems setting up Squid with AD authentication. As of now it
will respond with a failure but that should not be worse than not to
implement Negotiation.
Supporting Negotiation using GSS for Unix should eventually also be
done.
GnuPG-bug-id: 6719
* common/b64dec.c (b64decode): New.
* common/t-b64.c: Change license to LGPL.
(oops): New macro.
(hex2buffer): New.
(test_b64decode): New.
(main): Default to run the new test.
* common/Makefile.am (module_maint_tests): Move t-b64 to ...
(module_tests): here.
--
Sometimes we have a short base64 encoded string we need todecode.
This function makes it simpler.
License change of the test module justified because I am the single
author of the code.
* dirmngr/http.c (cookie_s): Add fields pending, up_to_empty_line,
last_was_lf, and last_was_lfcr.
(http_context_s): Add field keep-alive.
(http_wait_response): Set up_to_empty_line. Take care of keep_alive
flag.
(coookie_read): Implement detection of empty lines.
(cookie_write): Free the pending buffer.
--
The problem we fix here is that we already buffered stuff beyond the
empty line which marks the start of the content-length counting. Thus
we tried to wait for more bytes despite that everything had already
been read. This bug might have showed up more often in the real world
since the we changed the BUFSIZ on Windows from 512 byte to 8k. It
also depends on the length of the headers and whether the server
closed the connection so that we ignored the Content-Length.
The bug was introduced earlier than 2010 and could have the effect
that a connection got stuck until the network layer timed out.
Note that the keep-alive parts of the patch are not yet used.
* dirmngr/http.c: Remove gnutls version specific code.
(send_request): Factor some code out to ...
(run_proxy_connect): new.
(mk_proxy_request): new.
(mk_std_request): new.
* configure.ac (NEED_GNUTLS_VERSION): Require 3.2.
--
This patch is to factor out some code and also to remove support for
legacy gnutls versions. Note that gnutls 3.2 was released 10 years
ago.
* configure.ac (NEED_NTBTLS_VERSION): Require at least 0.2.0 so that
we can remove a conditional compilation.
* dirmngr/http.c (struct proxy_info_s): New.
(release_proxy_info): New to keep proxy information in one object.
(send_request): Factor some code out to ...
(get_proxy_for_url): this,
(send_request_basic_checks): this,
(send_request_set_sni): this,
(run_ntbtls_handshake): this,
(run_gnutls_handshake): and this.
--
Note that this also removes some never used code. For example the
NTBTLS handshake has code taken from GNUTLS which was never used due
to the different ways on how the certificates are checked.
The proxy code has been factored out to make to prepare further
authentication methods. The proxy_info_t was introduced for the same
reason.
Tested against gnutls and ntbtls builds. No proxy tests yet done,
because we need more sophisticated tests anyway.
GnuPG-bug-id: 5768
Modelled after key_expires/key_expires_d.
This should be useful to detect upcoming certification expiry, so the
certifications can be renewed in advance of the expiry.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* dirmngr/server.c (cmd_keyserver): Ignore also hkps://none.
(ensure_keyserver): Better ignore also "none" with a hkp or hpks
scheme.
--
GnuPG-bug-id: 6708
* g10/trustdb.c (tdb_clear_ownertrusts): Detect stale validity
records.
--
GnuPG-bug-id: 6399
This problem was introduced by an actually very useful patch
2002-12-13 David Shaw <dshaw@jabberwocky.com>
[...]
* import.c (import_keys_internal): Used here so we don't rebuild
the trustdb if it is still clean.
(import_one, chk_self_sigs): Only mark trustdb dirty if the key
that is being imported has any sigs other than self-sigs.
Suggested by Adrian von Bidder.
[the last part]
The bug exhibited itself only after signing a key, deleting that key
and then re-importing the original non-signed key.
* dirmngr/ldap-misc.c (rfc4517toisotime): Correct index.
--
Obviously the parser assumes the standard ISO format with the 'T'
before the hour. That is not correct here. We need this parser for
the modifyTimestamp thingy.
* g10/keygen.c (parse_expire_string_with_ct): New function, optionally
supply the creation time.
(parse_expire_string): Use parse_expire_string_with_ct with no
creation time.
(proc_parameter_file): Use parse_expire_string_with_ct possibly with
the creation time.
--
Cherry-pick from master commit of:
b07b5144ff
GnuPG-bug-id: 5252
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* build-aux/speedo.mk (AUTHENTICODE_FILES): Add keyboxd.exe
--
This should prevent that keyboxd.exe is blocked on systems that
only allow signed executables.
* dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime.
(oFakedSystemTime): Use similar conversion as gpgsm has.
* dirmngr/dirmngr.texi (faked-system-time): Document it.
--
For testing X509 certificates this is usually required and
then confusing that the example from the gpgsm man page
does not work for dirmngr.