1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

8370 Commits

Author SHA1 Message Date
NIIBE Yutaka
585cfca0a6 scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR.
* scd/ccid-driver.c (ccid_setup_intr): Don't call libusb_clear_halt.

--

Backport master commit of:

	ffabc29d5eadfe81b9f62b7d4fe6e858b191354d

GnuPG-bug-id: 5167
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-16 10:15:11 +09:00
NIIBE Yutaka
5a03bf6130 scd:openpgp: Fix writing ECC key to card.
* scd/app-openpgp.c (build_privkey_template): Adding another argument
of ecc_d_fixed_len to handle variable-size MPI.

--

Backport from master commit of:
	a25c99b156ca9acaa7712e9c09a6df0a7a23c833

GnuPG-bug-id: 5163
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-07 10:06:52 +09:00
Werner Koch
acafa695e1
kbx: Better error message in case of a crippled Libgcrypt.
* kbx/keybox-openpgp.c (keygrip_from_keyparm): Detect missing curve.
2020-12-02 11:11:47 +01:00
Jens Meißner
a3f95a29b9
doc: Add parameters for batch generation of ECC keys.
* doc/gpg.texi: Add parameters for batch generation of ECC keys.

--

There are parameters required for batch generation of ECC keys which
weren't mentioned in the documentation.

Signed-off-by: Jens Meißner <meissner@b1-systems.de>
2020-12-01 09:58:32 +01:00
NIIBE Yutaka
7d7a50ba72
common: Fix fallback handling to utf-8.
* common/utf8conv.c (handle_iconv_error): Set NO_TRANSLATION.

--

GnuPG-bug-id: 5038
Fixes-commit: 99c9bf7defd6c1ac9cc49c84e6c78eeb886a6952
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 393dcdd61c3b2da00a97176c647d9bd1c908ceba)
2020-11-27 17:46:29 +01:00
Werner Koch
abd9aeecfb
Post release updates
--
2020-11-23 18:40:55 +01:00
Werner Koch
40f75823d2
Release 2.2.25 gnupg-2.2.25 2020-11-23 14:08:11 +01:00
Gavin L. Rebeiro
563db31467
doc: Fix typos
--
GnuPG-bug-id: 5071

Also fixed one in keyformat.txt [wk].

(cherry picked from commit 572bcacc287d24d0a2cc56442f9fb6a9ac49e12d)
2020-11-23 12:13:52 +01:00
Werner Koch
6594dc31f5
gpgconf: Also print revision of libksba.
* dirmngr/dirmngr.c (get_revision_from_blurb): Fix detection of empty
string.
(gpgconf_versions): Print ksba revision.
--

The latest Libksba version support retrieving of the revision (commit)
id.  We now use that or print a question mark.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 4070f302e4decc8d54d1305cbd30f6dab052ef7e)
2020-11-19 09:12:04 +01:00
Jakub Bogusz
f7cbf68fdd
po: Update Polish translation 2020-11-19 08:34:28 +01:00
NIIBE Yutaka
84020385be scd:openpgp: Public keys should be available for check_keyidstr.
* scd/app-openpgp.c (check_keyidstr): Call get_public_key.

--

GnuPG-bug-id: 5065
Fixes-commit: 1049f06c6d2e1a833af4c73ea67a05417bbd0967
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-19 13:49:08 +09:00
Werner Koch
126fa09f8b
Post release updates
--
2020-11-17 10:51:01 +01:00
Werner Koch
5751c48035
Release 2.2.24 gnupg-2.2.24 2020-11-17 09:17:18 +01:00
Werner Koch
46f373e1a0
po: Auto update
--
2020-11-16 17:09:41 +01:00
Werner Koch
3274eb4637
scd:openpgp: Drop support for GnuPG 1.
--

It does not make sense to keep support form GnuPG 1 here given that we
don't intend to ever backport any of the current stuff to the legacy
version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-16 17:09:39 +01:00
Werner Koch
1049f06c6d
scd:openpgp: Allow keygrip to be used to reference a key
* scd/app-openpgp.c (struct app_local_s): Add keygrip_str.
(store_keygrip): New.
(read_public_key): Store the keygrip.
(get_public_key): Sitto.
(send_keypair_info): USe the stored keygrip.
(check_keyidstr): New.  Factored out from other functions and
extended.
(do_sign): Use check_keyidstr.
(do_auth): Ditto.
(do_decipher): Ditto.
(do_check_pin): Ditto.
--

This code is a backport of commits:

b0f0791e4ade845b2a0e2a94dbda4f3bf1ceb039
cd: Factor out a function to check keyidstr.

4c4999b8185ace55eb5f3a6fa7d3dc0a77267b63
scd:openpgp: Allow PKSIGN with keygrip also for OPENPGP.3.

e769609cd3c12d2e26955538399172016f78d2d4
scd: Allow KEYGRIP as KEYIDSTR.

Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-16 17:09:37 +01:00
Werner Koch
5d98f95aa9
gpg: Provide better diagnostic for replaced card keys.
* agent/divert-scd.c (divert_pksign): Add arg 'grip'.  Replace OPENPGP
key reference to keygrips.
(divert_pkdecrypt): Ditto.
* agent/protect.c (parse_shadow_info): Trim spaces.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass the keygrip.
* agent/pksign.c (agent_pksign_do): Ditto.

* g10/mainproc.c (print_pkenc_list): Print extra info for an invalid
id error.
* g10/sign.c (do_sign): Ditto.
--

Using the keygrip instead of the identifier works on OpenPGP cards and
thus we use that to make sure that we are working on the right card.
For other cards we better don't do that to avoid regressions.  Those
other cards are also usually provided and do not allow to
self-generate the keys.

Note that old versions of the code (gpg 1.4) used the fingerprint as
additional check but that was eventually removed and now that we use
the keygrip all over the place, it is best to use this to identify a
key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-13 16:06:59 +01:00
Werner Koch
aeed0b93ff
gpg: Fix the encrypt+sign hash algo preference selection for ECDSA.
* g10/keydb.h (pref_hint): Change from union to struct and add field
'exact'.  Adjust callers.
* g10/pkclist.c (algo_available): Take care of the exact hint.
* g10/sign.c (sign_file): Fix indentation.  Rework the hash from
recipient prefs.
--

This fixes a encrypt+sign case like: One recipient key has SHA512 as
highest ranked hash preference but the the signing key is a 256 bit
curve.  Because we don't want to use a truncated hash with ECDSA, we
need to have an exact match - this is in particular important for
smartcard which check that the hash matches the curves.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-13 16:02:00 +01:00
Werner Koch
f400ff4e7d
gpgconf: Yet another fix for --apply-profile.
* tools/gpgconf.c (main): Use gnupg_homedir instead of
default_homedir.  Check for existance of the directory.
--

Fixes-commit: 1fbf085bc8b4a92772d1da8bfea507f4f97434b1
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-12 13:11:03 +01:00
Werner Koch
7076f6cafb
scd: Skip unknown options in command SERIALNO
* scd/command.c (cmd_serialno): Skip options.
--

SERIALNO --all
works only in 2.3 and thus naive use with 2.2 vesions would conserer
"--all" as the reqyested applications.  Fix is easy and should be done
anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-12 12:44:57 +01:00
NIIBE Yutaka
2b2f21445c po: Update Japanese Translations.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-12 12:59:57 +09:00
Werner Koch
c4603bcd1f
po: Update the German translation
--
2020-11-11 14:58:21 +01:00
Werner Koch
966fe1e9d9
gpg: Support brainpool keygen with "key from card".
* g10/keygen.c (ask_algo): Add brainpool hack in the same as for Nist
curves.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-11 14:52:32 +01:00
Werner Koch
bd3b698d8e
scd: Do not print reader status change with --debug cardio.
--

... but use --debug reader for this.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-11 14:50:49 +01:00
Werner Koch
e2dfaf1b2b
w32: Revert use of one gnupg_fopen in a test tool
--
2020-11-10 12:11:33 +01:00
Werner Koch
163e4ff195
w32: Support Unicode also for config files etc.
* common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed.   Use
new function in most places where fopen is used.
--

The config files in 2.2 are still read using fopen - we need to change
this to allow Unicode directory names.  There is also one case where
files are written using the old fopen.  The new option parser in 2.3
does not have this problem but at some places fopen is also still used.

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-10 12:09:11 +01:00
Werner Koch
9188a3c6b7
w32: Support utf8 for getcwd even if build with gpgrt < 1.40.
* common/sysutils.c (gnupg_getcwd) [W32]: Use Unicode version.
--

gpgrt 1.40 has not yet been released, so to make getcwd work properly
on Windows we need to have the code here as well.

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-10 10:11:11 +01:00
Werner Koch
0ca0a30bd6
Prepare NEWS for the next release.
--
2020-11-09 13:37:23 +01:00
NIIBE Yutaka
8e206c1721
scd: Internal CCID driver: Fix a race condition on close.
* scd/ccid-driver.c (ccid_require_get_status): For VENDOR_SCM reader,
return 0 only at the initial call.
(bulk_in): Don't detect an error for VENDOR_SCM reader, just kicking
the loop, to invoke scd_update_reader_status_file, which calls
ccid_slot_status again.
(ccid_slot_status): Move the call of ccid_vendor_specific_setup to...
(ccid_get_atr): ... here.

--

For readers with interrupt transfer support, it is only intr_cb which
sets handle->powered_off to 1.  Keeping this condition makes no race.
The function ccid_slot_status can also detect a communication error,
which causes apdu_close_reader (but not setting ->powered_off).

GnuPG-bug-id: 5121
Fixes-commit: 920f258eb6018ecec1d63bad6a0fb0772f72affa
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 484bafda4dbf5ffe9e7c41ef24fbc5bd791a3b32)
2020-11-09 13:26:40 +01:00
Werner Koch
7f765a98fd
card: Run factory-reset in locked stated.
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--

This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 13:04:38 +01:00
Werner Koch
21d5323f5d
gpg: Fix recent commit for weak digest algos and smartcards.
* g10/sign.c (sign_file): Fix condition.
--

Fixes-commit: 4c181d51a6f1fd05b7f190a18769ba5e9f892f6a
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:21:27 +01:00
Werner Koch
549dc8cfe9
Require libksba 1.3.5
* configure.ac (NEED_KSBA_VERSION): Set to 1.3.5.
--

Minor update to make sure that important fixes are used.  That version
was release in 2016 and thus before the new requirement for Libgcrypt
1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:16:42 +01:00
Werner Koch
fc01ae5071
Require Libgpg-error 1.27
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.27
* common/util.h: Remove compatibility macros.
--

This is just a minor change to align with the need for Libgcrypt 1.8.
The latter was first released in summer 2017 while Libgpg-error 1.27
was released earlier in spring that year.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:10:48 +01:00
Werner Koch
99ab3aed15
Require Libgcrypt 1.8
* configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.8.
* tools/gpgconf.c (show_version_libgcrypt): Remove conditional case
for Libgcrypt < 1.8.
* common/compliance.c (gnupg_rng_is_compliant): Ditto.
* agent/pksign.c: Ditto.
* agent/gpg-agent.c (thread_init_once): Ditto.
(agent_libgcrypt_progress_cb): Ditto.
* agent/command.c (cmd_getinfo): Ditto.
--

Libgcrypt 1.7 reached end-of-life more than a year ago.  Thus there is
no reason to keep backward support for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:03:19 +01:00
Ben Kibbey
f05d1772c4
gpg: Add canceled status message.
* common/status.h (STATUS_CANCELED_BY_USER): New.
* g10/passphrase.c (passphrase_to_dek): Send STATUS_CANCELED_BY_USER
instead of STATUS_MISSING_PASSPHRASE when canceled is set.
--

This is to prevent further pinentry tries when the pinentry is canceled
by the user during symmetric decryption.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
(cherry picked from commit 31e47dfad0f40e31e8b3113b933696e8e4105136)
2020-11-09 11:53:33 +01:00
Werner Koch
c373735e79
gpg: Do not print rejected digest algo notes with --quiet.
* g10/misc.c (print_digest_rejected_note): Do not print in quiet mode.
(print_sha1_keysig_rejected_note): Ditto.
--

GnuPG-bug-id: 4893
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e08e1d62d089a154ec5d7c80cd58e8e3b18d2d6b)
2020-11-09 08:34:24 +01:00
Werner Koch
a4fa4b5d4b
speedo,w32: Install gpg-check-pattern and example profiles.
* doc/examples/vsnfd.prf: Rename to VS-NfD.prf.
* doc/examples/Automatic.prf: New.
* doc/Makefile.am (examples): Adjust.
* build-aux/speedo/w32/inst.nsi: Install gpg-check-pattern.exe and 3
example files.
* build-aux/speedo/w32/wixlib.wxs: Add new files.
--

Note that we renamed the existing example profile so that kleopatra
shows a nicer name.  In fact the gpg4win installer just copies of
theses file but it is better to maintain them here.

gpg-check-pattern.exe can no be installed because we meanwhile have a
regex lib which works also on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 18:15:37 +01:00
Werner Koch
d4089b04a5
g13: Include a now missing header file.
* g13/create.c: Include sysutuls.h
* g13/sh-dmcrypt.c: Ditto.
--

This is needed due to the recent switch from stat to gnupg_stat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:32:16 +01:00
Werner Koch
1fbf085bc8
gpgconf: Make sure the homedir exists for --apply-profile.
* tools/gpgconf.c (main) <aApplyDefaults, aApplyProfile>: Create the
standard home directory.
--

This fixes a regression due to the fix for
GnuPG-bug-id: 4867
Before that change gpgsm implictly created the homedir while options
were collected.  It is important to have this so that a login script
can create config files for new users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:26:27 +01:00
Werner Koch
6fe5c8c06e
common: Fix duplicate implementation of try_make_homedir.
* g10/openfile.c (try_make_homedir): Move core of the code to ...
* common/homedir.c (gnupg_maybe_make_homedir): new.
* sm/keydb.c (try_make_homedir): Implement using new function.

* common/homedir.c: Include i18n.h.
* po/POTFILES.in: Add common/homedir.c.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:25:57 +01:00
Andre Heinecke
b4cb91d5fb
w32: Add another pinentry search path
* common/homedir.c (get_default_pinentry_name): Try ../bin/pinentry.exe

--
In an installation layout where GnuPG is installed as a component
of another software it might be useful to have pinentry placed
in a different bin directory without the forced folder name of
Gpg4win.
2020-11-04 13:48:18 +01:00
Andre Heinecke
c366e04958
w32: Add windows subsystem variant of gpgconf
* tools/Makefile.am (gpgconf-w32): New target. Builds gpgconf with
subsystem windows.
* build-aux/speedo/w32/wixlib.wxs: Package it.

--
This allows us to create scripts that call gpgconf without opening
a console. Using subsystem windows is better then to just close
the console after start as it avoids the console flashing up.
2020-11-04 13:41:22 +01:00
Werner Koch
d633e92233
w32: Fix strftime problem on Windows.
* common/gettime.c: Include locale.h.
(asctimestamp): Increase buffer.  On Windows use setlocale.
--

GnuPG-bug-id: 5073
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-03 19:31:12 +01:00
Werner Koch
166e779634
gpg: Switch to AES256 for symmetric encryption in de-vs mode.
* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--

Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm.  With the default gnupg mode
that was already used.  The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms.  They are still possible but now
non-compliant algorithms will throw an error.

Manual testing can be done with commands like this:

  gpg --no-options --compliance=de-vs \
   --personal-cipher-preferences "S1 S7" \
   --pinentry-mode loopback -v --passphrase abc -ac </etc/motd

Here the command fails due to IDEA (S1) being the preferred cipher
algorithm.  Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d1f2a6d9f71cf50318f4891c84aeedb975553896)
2020-11-03 15:42:59 +01:00
Andre Heinecke
ccecdc1f34
po: Major update of italian translation
* po/it.po: Update to a recent 2.2 version.

--
Thanks to Denis Renzi, who also translated some Gpg4win
parts to italian for this translation.
2020-11-03 12:36:26 +01:00
Werner Koch
f007d79533
gpg: Allow setting notations with the empty string as value.
* g10/misc.c (pct_expando): Catch special case of the empty string.
Also map a NULL to the empty string.
* g10/photoid.c (show_photos): Make an empty string used as command
fail.
--

This patch also fixes a segv when calling gpg wrongly like

  gpg -N \-foo@example.org

GnuPG-bug-id: 5117
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-02 17:48:39 +01:00
Werner Koch
4c181d51a6
gpg: Do not use weak digest algos if selected by recipient prefs.
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--

If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient.  This is so that all recipients are able to check the the
signature.  However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.

Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.

Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 15746d60d492f5792e4a179ab0a08801b4049695
2020-11-02 17:48:02 +01:00
Ingo Klöcker
8a94142808 gpg: Fix iteration over signatures
* g10/keyedit.c (keyedit_quick_revsig): Take signature of correct node
--

GnuPG-bug-id: 5093
(cherry picked from commit db3854f55c91ca9c34cf6a306081c3709798db3d)
2020-10-30 15:52:16 +01:00
NIIBE Yutaka
ba321b60bc agent: Fix secret key import for Ed25519.
* agent/cvt-openpgp.c (convert_secret_key): Avoid adding 0x00 at the
beginning of MPI.

--

In master, we handle it as opaque MPI, but in 2.2, we use standard MPI
here.

GnuPG-bug-id: 5114
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-30 09:23:35 +09:00
Werner Koch
7ec56b0336
gpg: New command --quick-revoke-sig
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig.
(opts): Add --quick-revoke-sig.
(main): Implement.
* g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and
adjust all callers.
(keyedit_quick_revsig): new.
* g10/revoke.c (get_default_sig_revocation_reason): New.
* g10/keylist.c (cmp_signodes): New.
--

GnuPG-bug-id: 5093
Backported-from-master: 243f9176e799b2328f2e5bed93099bfc474fdc5a
2020-10-28 18:10:01 +01:00