1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00

110 Commits

Author SHA1 Message Date
Werner Koch
7777e68d04 Implement unattended OpenPGP secret key import.
* agent/command.c (cmd_import_key): Add option --unattended.
* agent/cvt-openpgp.c (convert_transfer_key): New.
(do_unprotect): Factor some code out to ...
(prepare_unprotect): new function.
(convert_from_openpgp): Factor all code out to ...
(convert_from_openpgp_main): this.  Add arg 'passphrase'.  Implement
openpgp-native protection modes.
(convert_from_openpgp_native): New.
* agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion
* agent/protect-tool.c (convert_from_openpgp_native): Ditto.
* agent/protect.c (agent_unprotect): Add arg CTRL.  Adjust all
callers.  Support openpgp-native protection.
* g10/call-agent.c (agent_import_key): Add arg 'unattended'.
* g10/import.c (transfer_secret_keys): Use unattended in batch mode.
--

With the gpg-agent taking care of the secret keys, the user needs to
migrate existing keys from secring.gpg to the agent.  This and also
the standard import of secret keys required the user to unprotect the
secret keys first, so that gpg-agent was able to re-protected them
using its own scheme.  With many secret keys this is quite some
usability hurdle.  In particular if a passphrase is not instantly
available.

To make this migration smoother, this patch implements an unattended
key import/migration which delays the conversion to the gpg-agent
format until the key is actually used.  For example:

   gpg2 --batch --import mysecretkey.gpg

works without any user interaction due to the use of --batch.  Now if
a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent
has to ask for the passphrase anyway, converts the key from the
openpgp format to the internal format, signs, re-encrypts the key and
tries to store it in the gpg-agent format to the disk.  The next time,
the internal format of the key is used.

This patch has only been tested with the old demo keys, more tests
with other protection formats and no protection are needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 10:14:57 +02:00
Werner Koch
327af90594 Require libgcrypt 1.5
Without Libgcrypt 1.5 is was not possible to use ECC keys.  ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.

Also fixed a few missing prototypes.
2011-03-08 12:23:59 +01:00
Werner Koch
d9bd013a1f Update copyright year
Nuked some trailing spaces.
2011-02-03 16:50:01 +01:00
Werner Koch
0f721abddf Update scripts etc. 2010-10-26 12:25:47 +00:00
Werner Koch
15330f36a7 Reworked the posix and w32 exechelpers. 2010-08-20 12:18:38 +00:00
Werner Koch
b46c353318 Start a new development branch.
Translations are for now disabled.
2009-09-21 18:26:52 +00:00
Werner Koch
4adb5c03e7 preparing a release 2009-01-12 09:18:27 +00:00
Werner Koch
de9cc953af Preparing a release candidate. 2008-12-09 11:54:40 +00:00
Werner Koch
898a341f50 Fixed release creation. 2008-02-19 12:58:34 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
edb3dc99e9 Preparing 2.0.4 2007-05-09 11:01:33 +00:00
Werner Koch
e0bbbb8a7f Preparing the 2.0.3 release 2007-03-08 14:16:15 +00:00
Werner Koch
b5a8d7d268 . 2006-11-11 14:17:09 +00:00
Werner Koch
fac4babd9d post release updates 2006-11-06 10:26:55 +00:00
Werner Koch
ecf7ad43f6 Preparing a new release 2006-10-04 10:22:56 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
90af581b08 doc fixes 2006-09-08 17:02:06 +00:00
Werner Koch
368170215f More man pages. Added include files for 2 common paragraphs. 2006-08-18 13:05:39 +00:00
Marcus Brinkmann
d816b37fdb 2006-07-29 Marcus Brinkmann <marcus@g10code.de>
* README: Spelling fixes.
2006-07-29 00:22:16 +00:00
Werner Koch
de5070caf0 Preparing a new release 2006-07-27 14:18:55 +00:00
Werner Koch
96fdf4cf10 Preparing 1.9.17 2005-06-20 17:32:44 +00:00
Werner Koch
3ff9a743bf * configure.ac: Do not build gpg by default.
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.

* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
2005-04-21 09:33:07 +00:00
Werner Koch
eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
Werner Koch
d33703e5fe * sc-investigate: Removed.
* Makefile.am (sc_investigate): Removed.

* pcsc-wrapper.c (load_pcsc_driver): Load get_status_change func.
(handle_open): Succeed even without a present card.
(handle_status, handle_reset): New.

* apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
(pcsc_get_status): Implemented.
(reset_pcsc_reader): Implemented.
(open_pcsc_reader): Succeed even with no card inserted.
(open_ccid_reader): Set LAST_STATUS.

* iso7816.c (iso7816_select_application): Always use 0 for P1.
2004-10-20 08:54:45 +00:00
Werner Koch
335b5e4ac4 Preparing a new release. Updated gettext 2004-09-30 14:34:34 +00:00
Werner Koch
d9147773b4 * trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
2004-07-22 09:37:36 +00:00
Werner Koch
e98b7a9b21 Require libksba 0.9.4 and libgcrypt 1.1.92. 2004-02-13 12:40:54 +00:00
Werner Koch
e4587ba874 * README: Updated. 2004-01-29 20:16:59 +00:00
Werner Koch
b001af10ac (parse_dn_part): Map common OIDs to human readable
labels.  Make sure that a value won't get truncated if it includes
a Nul.
2004-01-29 07:41:55 +00:00
Werner Koch
eb24d8b751 Some minor bug fixes, new test utilities and started support for other
smartcard applications.
2004-01-27 16:40:42 +00:00
Werner Koch
c25ac44a7e * README-alpha: Removed.
* configure.ac, Makefile.am: Add the tests and tools directories.
2003-12-23 11:05:19 +00:00
Werner Koch
30342b06ef * call-agent.c (agent_scd_getattr): Don't clear the passed info
structure, so that it can indeed be updated.

* card-util.c (fpr_is_zero): New.
(generate_card_keys): New.
(card_edit): New command "generate".
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
to check_smartcard.
(check_smartcard,show_smartcard): Removed.
(show_sha1_fpr,fpr_is_zero): Removed.

* app-openpgp.c (do_getattr): Support SERIALNO and AID.
2003-10-08 10:46:58 +00:00
Werner Koch
1bcf8ef9de Cleanups, fixes and PC/SC support 2003-08-05 17:11:04 +00:00
Werner Koch
a3d4ac6f3e Make use of libgpg-error 2003-06-03 19:55:50 +00:00
Werner Koch
8cdc83cdb5 * configure.ac (ALL_LINUGAS): Removed.
* Makefile.am (ACLOCAL_AMFLAGS): New.
* configure.ac (AM_GNU_GETTEXT_VERSION): New.  Set to 0.11.5.
2003-04-29 10:37:24 +00:00
Werner Koch
3051135e16 Updated from latest NewPG project 2003-01-09 13:15:07 +00:00
Werner Koch
d3b880b74c * configure.ac: Bumped version number to 1.9.0-cvs. 2002-10-19 09:27:39 +00:00
Werner Koch
9214e1b282 Merged Top directory of NewPG with GnuPG. 2002-10-19 07:55:27 +00:00
David Shaw
bc75f901ac * README: Some typo fixes from Florian Weimer, and bump version number. 2002-10-16 13:44:07 +00:00
Werner Koch
3605051728 * configure.ac (random_modules): The default random module for
system lacking a /dev/random is now auto selected at runtime.
2002-09-11 07:31:06 +00:00
Werner Koch
be5f6f7150 typo fixes and new credits. 2002-09-10 08:42:25 +00:00
Werner Koch
59e61f1fa2 * gnupg.7: New mini man page.
* README: Removed the note about a development version so that we
later don't forget this.  Minor other changes.
2002-09-02 13:50:05 +00:00
Werner Koch
2b95cb78b5 * configure.ac (random_modules): Reworked the code to select the
random module.  Define USE_ALL_RANDOM_MODULES for value all.
2002-08-30 16:36:08 +00:00
Werner Koch
67faf234a3 minor doc fixes. 2002-08-06 13:30:28 +00:00
Werner Koch
85aa3e18c2 The big extension module removal. 2002-08-03 10:50:53 +00:00
David Shaw
1f703dadd1 * README, configure.ac: --with-exec-path is now clarified into
--disable-keyserver-path
2002-07-30 16:04:18 +00:00
David Shaw
107e4a3f58 * README: Document --disable-exec, --disable-photo-viewers,
--disable-keyserver-helpers, --enable-exec-path, and --with-photo-viewer.

* configure.ac: Add --with-photo-viewer to lock the viewer at compile time
and --disable-keyserver-helpers and --disable-photo-viewers to allow
disabling one without disabling the other.
2002-07-04 13:35:42 +00:00
Werner Koch
20828012b8 * INSTALL: Replaced by generic install file.
* README: Marked as development version and moved most stuff of
the old INSTALL file to here.
2002-07-01 09:44:56 +00:00
David Shaw
0ed6228293 Update head to match stable 1.0 2002-06-29 14:15:02 +00:00
Werner Koch
e4a1c76763 Add more warnings 2001-07-04 09:42:04 +00:00