* agent/divert-scd.c (divert_pksign): Add arg 'grip'. Replace OPENPGP
key reference to keygrips.
(divert_pkdecrypt): Ditto.
* agent/protect.c (parse_shadow_info): Trim spaces.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass the keygrip.
* agent/pksign.c (agent_pksign_do): Ditto.
* g10/mainproc.c (print_pkenc_list): Print extra info for an invalid
id error.
* g10/sign.c (do_sign): Ditto.
--
Using the keygrip instead of the identifier works on OpenPGP cards and
thus we use that to make sure that we are working on the right card.
For other cards we better don't do that to avoid regressions. Those
other cards are also usually provided and do not allow to
self-generate the keys.
Note that old versions of the code (gpg 1.4) used the fingerprint as
additional check but that was eventually removed and now that we use
the keygrip all over the place, it is best to use this to identify a
key.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.h (pref_hint): Change from union to struct and add field
'exact'. Adjust callers.
* g10/pkclist.c (algo_available): Take care of the exact hint.
* g10/sign.c (sign_file): Fix indentation. Rework the hash from
recipient prefs.
--
This fixes a encrypt+sign case like: One recipient key has SHA512 as
highest ranked hash preference but the the signing key is a 256 bit
curve. Because we don't want to use a truncated hash with ECDSA, we
need to have an exact match - this is in particular important for
smartcard which check that the hash matches the curves.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed. Use
new function in most places where fopen is used.
--
The config files in 2.2 are still read using fopen - we need to change
this to allow Unicode directory names. There is also one case where
files are written using the old fopen. The new option parser in 2.3
does not have this problem but at some places fopen is also still used.
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--
This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.h (STATUS_CANCELED_BY_USER): New.
* g10/passphrase.c (passphrase_to_dek): Send STATUS_CANCELED_BY_USER
instead of STATUS_MISSING_PASSPHRASE when canceled is set.
--
This is to prevent further pinentry tries when the pinentry is canceled
by the user during symmetric decryption.
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
(cherry picked from commit 31e47dfad0)
* g10/misc.c (print_digest_rejected_note): Do not print in quiet mode.
(print_sha1_keysig_rejected_note): Ditto.
--
GnuPG-bug-id: 4893
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e08e1d62d0)
* g10/openfile.c (try_make_homedir): Move core of the code to ...
* common/homedir.c (gnupg_maybe_make_homedir): new.
* sm/keydb.c (try_make_homedir): Implement using new function.
* common/homedir.c: Include i18n.h.
* po/POTFILES.in: Add common/homedir.c.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--
Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm. With the default gnupg mode
that was already used. The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms. They are still possible but now
non-compliant algorithms will throw an error.
Manual testing can be done with commands like this:
gpg --no-options --compliance=de-vs \
--personal-cipher-preferences "S1 S7" \
--pinentry-mode loopback -v --passphrase abc -ac </etc/motd
Here the command fails due to IDEA (S1) being the preferred cipher
algorithm. Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d1f2a6d9f7)
* g10/misc.c (pct_expando): Catch special case of the empty string.
Also map a NULL to the empty string.
* g10/photoid.c (show_photos): Make an empty string used as command
fail.
--
This patch also fixes a segv when calling gpg wrongly like
gpg -N \-foo@example.org
GnuPG-bug-id: 5117
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--
If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient. This is so that all recipients are able to check the the
signature. However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.
Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.
Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 15746d60d4
* common/sysutils.c (gnupg_stat): New.
* common/sysutils.h: Include sys/stat.h.
--
Yet another wrapper for Unicode support on Windows.
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 18e5dd7b03)
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New. Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--
This is yet another step for full Unicode support on Windows.
GnuPG-bug-id: 5098
(cherry picked from commit 4dcef0e178)
--
We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change. At a
very few places we keep using stdio (for example due to the use of
popen).
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 390497ea11
* common/sysutils.c (gnupg_access): New. Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--
Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.
This is required to correctly handle non-ascii filenames on Windows.
GnuPG-bug-id: 5098
(cherry picked from commit c94ee1386e)
* g10/keygen.c (read_parameter_file): Initialize nline.
* g10/textfilter.c (copy_clearsig_text): Initialize bufsize.
--
In iobuf_read_line the parameter to pass and return the current buffer
length is controlled by the buffer parameter. Thus there should be no
problem because the assert call check s buffer first. For yet unknown
reasons when using the standard GNU libc assert valgrind complains
about an uninitialized variable. That does not happen with our
log_assert. Tested with gcc 8.3.0 and valgrind 3.14.0.
* g10/getkey.c (fixup_uidnode): Increase size of prefs array.
--
GnuPG-bug-id: 5050
Fixes-commit: ab7a0b0702
which introduced a feature to show the AEAD preferences of keys
created with rfc4880bis capable software (e.g. GnuPG 2.3-beta).
The same code in 2.3 is correct, though.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change.
(gen_rsa): Set fallback to 3072.
(get_keysize_range): Set default to 3072.
* doc/examples/vsnfd.prf: No more need for default-new-key-algo.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option.
(gpgsm_agent_import_key): Ditto.
* g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on.
(agent_import_key): Ditto.
* g10/import.c (transfer_secret_keys): Pass the creation date to the
agent.
* g10/keygen.c (common_gen): Ditto.
--
Having the creation time in the private key file makes it a lot easier
to re-create an OpenPGP public keyblock in case it was accidentally
lost.
Signed-off-by: Werner Koch <wk@gnupg.org>
Cherry-picked-from-master: 4031c42bfd
* g10/export.c (export_ssh_key): Do not close stdout.
--
stdout should never be closed; this fixes this minor bug.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
It is a bit surprising that nothing happens if no key is specified to
--delete-key et al. Although this is common Unix behaviour the use
might have expected that it behaves like --export and deletes all
keys. Sure we don't do the latter, so a short notice will help.
GnuPG-bug-id: 4959
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/genkey.c (agent_ask_new_passphrase): No qualitybar.
* g10/call-agent.c (agent_get_passphrase): Ditto.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--
The concept of a passphrase quality indicator is anyway questionable
because user are smart enough to trick them out and they also tend to
limit the actually used entropy.
Except for the red/green switching (to show whether constraints are
fulfilled) our qualitybar is pretty bad and thus worse than none.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/encrypt.c (setup_symkey): Use default_cipher_algo function
instead of the fallback s2k_cipher_algo. Fix error code.
(encrypt_simple): Use setup_symkey.
--
Aside of removing code duplication this patch fixes the flaw that the
S2K cipher algorithm was used when mixing public key and symmetric
encryption or signatures with symmetric encrypion. The
default_algorithm function should be used here so that the command
line option --cipher-algo and --personal-cipher-preferences have an
effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 6864bba78e
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS. Adjust all callers.
* common/util.c (pubkey_algo_to_string): New.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg. Add arg pkalgoflags. Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags. Pass algo flags along. Change some of the
info output to be more like current master.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
This backport from master
commit 969abcf40c
also includes some changes taken from
commit a759fa963a
(sm: Improve readability of the data verification output.)
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.c (log_printhex): Chnage order of args. Make it
printf alike. Change all callers.
* configure.ac: Add -Wno-format-zero-length
--
This makes it consistent with modern libgpgrt logging and thus eases
back porting from newer GnuPG versions which use libgpgrt logging.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (opts): Add it.
--
This got lost when backporting from master.
Fixes-commit: 95b42278ca
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/decrypt-data.c (decrypt_data): Move aead algo detection up.
--
Note that the AEAD modes are not yet approved for --compliance=de-vs
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/packet.h (preftype_t): Add PREFTYPE_AEAD.
* g10/keyedit.c (show_prefs): Print AEAD preferences.
* g10/getkey.c (fixup_uidnode): Set AEAD flags.
(merge_selfsigs): Ditto.
--
Although we are not able to create such keys we should be abale to
show them.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (aead_algo_t): New.
(pkttype_t): Add PKT_ENCRYPTED_AEAD.
* g10/decrypt-data.c (struct decode_filter_context_s): Add fields for
AEAD.
(aead_set_nonce_and_ad): New.
(aead_checktag): New.
(decrypt_data): Support AEAD.
(aead_underflow): New.
(aead_decode_filter): New.
* g10/dek.h (DEK): Add field use_aead. Turn use_mdc,
algo_info_printed, and symmetric into bit flags.
* g10/mainproc.c (struct mainproc_context): Add field
seen_pkt_encrypted_aead.
(release_list): Clear it.
(have_seen_pkt_encrypted_aead): New.
(symkey_decrypt_seskey): Support AEAD.
(proc_symkey_enc): Ditto.
(proc_encrypted): Ditto.
(proc_plaintext): Ditto.
* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_test_algo): New.
(openpgp_aead_algo_name): New.
(openpgp_aead_algo_info): New.
* g10/packet.h (PKT_symkey_enc): Add field use_aead.
(PKT_user_id): Add field flags.aead
(PKT_public_key): Ditto.
(PKT_encrypted): Add fields for AEAD.
* g10/parse-packet.c (parse): Handle PKT_ENCRYPTED_AEAD.
(parse_symkeyenc): Support AEAD.
(parse_encrypted): Ditto.
(dump_sig_subpkt): Dump AEAD preference packet.
(parse_encrypted_aead): New.
--
This patch allows to decrypt data encrypted using the new AEAD
mechanism as specified in rfc4880bis. Although preferences are used
to enable this new mode, it is useful to have at least a decryption
option in case a user switches between GnuPG 2.2 and newer versions.
The new AEAD mechanism is much faster than the current CFB+MDC and
thus 2.2 will allow faster decryption of symmetric only decryption.
This patch is based on the current master (2.3) code base and includes
a few other patches. In particular
commit 44be675b75
(gpg: More check for symmetric key encryption.)
is included.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/decrypt-data.c (mdc_decode_filter, decode_filter): Fatcor buffer
filling code out to ...
(fill_buffer): new.
--
This patch includes the master commit
d989373f1a46139ed0fbc4d4a91069b78617ad9
and
5d6c080522
Benchmarking on our usual X220 shows for a 1.3GiB non-compressed
non-armored AES encrypted file (ECDH encrypted but the symmetric
decryption takes the majority of the time, reading from stdin writing
to /dev/null):
| | before | after |
|------------+-----------+-----------|
| real | 0m15.006s | 0m11.849s |
| user | 0m14.304s | 0m11.259s |
| sys | 0m0.640s | 0m0.537s |
| throughput | 90 MiB/s | 115 MiB/s |
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/decrypt-data.c (struct decode_filter_context_s): Rename 'defer'
to 'holdback' and 'defer_filled' to 'holdbacklen'. Increase size of
holdback to allow for future AEAD decryption. Turn 'partial' and
'eof_seen' into bit fields.
(decrypt_data): Replace write_status_text by write_Status_printf.
Indent parts of the code.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields.
* g10/call-agent.c (agent_release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* g10/card-util.c (get_manufacturer): Remove.
(current_card_status): Use new attribute.
--
This does away with the duplicated OpenPGP vendor tables; they are now
at a better place (app-openpgp.c).
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master:
- Removed the gpg-card stuff.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/pubkey-enc.c (get_it): Remove check which mandates shorter
padding.
--
Cherry-picked master commit of:
fd79cadf7b
According to the section 8 of RFC 6637, the sender MAY use 21 bytes of
padding for AES-128 to provide 40-byte "m".
Reported-by: Metin Savignano
GnuPG-bug-id: 4908
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/delkey.c: Include shareddefs.h.
(delete_keys): Print a hint.
--
The option --yes has some side-effects so it is not desirable to use it
automatically. The code in master (2.3) has special treatment of
confirm messages and thus this patch is only for 2.2.
GnuPG-bug-id: 4667
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--
GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Fixed uses or return and kept the old string to avoid breaking
translations.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 810ea2cc68)
Remove the test for FPRLEN which we do not have in 2.2
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in
account.
--
Keys created at the Epoch have a creation time of 0; when figuring out
the latest signature with properties to apply to a key the usual
comparison A > B does not work if A is always 0. We now special case
this for the expiration and usage data.
Co-authored-by: gniibe@fsij.org
GnuPG-bug-id: 4670
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 161a098be6)
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--
Note that the --no variants of the options are intended for easy
disabling at the command line.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (read_key_from_file): Rename to ...
(read_key_from_file_or_buffer): this and add new parameters. Adjust
callers.
(import_included_key_block): New.
* g10/packet.h (PKT_signature): Add field flags.key_block.
* g10/parse-packet.c (parse_signature): Set that flags.
* g10/sig-check.c (check_signature2): Add parm forced_pk and change
all callers.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Try the included key block if no key is
available.
--
This is is the second part to support the new Key Block subpacket.
The idea is that after having received a signed mail, it is instantly
possible to reply encrypted - without the need for any centralized
infrastructure.
There is one case where this does not work: A signed mail is received
using a specified signer ID (e.g. using gpg --sender option) and the
key block with only that user ID is thus imported. The next time a
mail is received using the same key but with a different user ID; the
signatures checks out using the key imported the last time. However,
the new user id is not imported. Now when trying to reply to that
last mail, no key will be found. We need to see whether we can update
a key in such a case.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master
Signed-off-by: Werner Koch <wk@gnupg.org>
Werner Koch