1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

313 Commits

Author SHA1 Message Date
David Shaw
60fce379da * trustdb.c (validate_keys): Show trust parameters when building trustdb,
and make sure that the version record update was successful.
(init_trustdb): If the current parameters aren't what was used for
building the trustdb, the trustdb is invalid.

* tbio.c (tdbio_db_matches_options): Update to work with new trustdbs.
2002-12-04 06:06:56 +00:00
David Shaw
3b7ca1faa5 * tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store trust
model in the trustdb version record. (tdbio_update_version_record): New
function to update version record values during a trustdb check or update.
(tdbio_dump_record): Show trust model in dump.

* trustdb.c (validate_keys): Call tdbio_update_version_record on success
so that the correct options are stored in the trustdb.

* options.h: rearrange trust models so that CLASSIC is 0 and OPENPGP is 1.
2002-12-04 00:05:11 +00:00
David Shaw
e357092285 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 23:31:48 +00:00
David Shaw
db9195c10b * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:59:04 +00:00
Stefan Bellon
1289ab78e1 no RISC OS filetype needed for nooutput 2002-11-25 13:30:34 +00:00
David Shaw
0819797911 * main.h, misc.c (default_cipher_algo, default_compress_algo): New.
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.

* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.

* g10.c (main): Allow pref selection for compress algo with --openpgp.
2002-11-25 04:24:41 +00:00
David Shaw
bd23076c5e * mainproc.c (proc_encrypted): Use --s2k-digest-algo for passphrase
mangling rather than --digest-algo.
2002-11-25 04:11:02 +00:00
David Shaw
8b9e9d33c1 * sign.c (hash_for): If --digest-algo is not set, but
--personal-digest-preferences is, then use the first hash algorithm in the
personal list.  If the signing algorithm is DSA, then use the first
160-bit hash algorithm in the personal list. If --pgp2 is set and it's a
v3 RSA key, use MD5.
2002-11-25 04:06:04 +00:00
David Shaw
ce4ddd144c * g10.c (main), keydb.c (keydb_add_resource, keydb_locate_writable):
Rename --default-keyring as --primary-keyring.  Stefan wins the naming
contest.
2002-11-25 03:18:48 +00:00
David Shaw
a5b9770a8b * g10.c (add_notation_data): Disallow notation names that do not contain a
'@', unless --expert is set.  This is to help prevent people from
polluting the (as yet unused) IETF namespace.

* main.h: Comments about default algorithms.

* photoid.c (image_type_to_string): Comments about 3-letter file
extensions.
2002-11-24 01:49:32 +00:00
David Shaw
0cd879cd9c * encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
(sign_symencrypt_file): Use --s2k-digest-algo for passphrase mangling
rather than --digest-algo.
2002-11-24 00:50:14 +00:00
David Shaw
1c6bcef3ce * keygen.c (keygen_set_std_prefs): Properly handle an empty preference
string.

* misc.c (string_to_compress_algo): "none" is a bad choice since it
conflicts with the "none" in setpref.
2002-11-21 16:25:05 +00:00
David Shaw
cf163db505 * g10.c (main): Allow compression algorithm names as the argument to
--compress-algo.  The old algorithm names still work for backwards
compatibility.

* misc.c (string_to_compress_algo): Allow "none" as an alias for
"uncompressed".
2002-11-15 04:07:24 +00:00
Stefan Bellon
0907db4855 fixed type incompatibility 2002-11-13 21:49:57 +00:00
David Shaw
fbffa8209b * encode.c (encode_simple): Make sure that files larger than about 4G use
partial length encoding.  This is required because OpenPGP allows only for
32 bit length fields.  From Werner on stable branch.

* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New.  From Werner on stable
branch.

* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.

* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations.  This is required because getkey needs to know whether a a key
is ultimately trusted.  From Werner on stable branch.
2002-11-13 17:43:27 +00:00
David Shaw
7c3eee80ba * exec.c [__CYGWIN32__]: Keep cygwin separate from Mingw32; we don't need
it here as it behaves more like a Posix system. From Werner on stable
branch.

* passphrase.c (agent_get_passphrase): Ditto.  From Werner on stable
branch.

* tdbio.c (MY_O_BINARY): Need binary mode with Cygwin.  From Werner on
stable branch.

* g10.c, gpgv.c (main) [__CYGWIN32__]: Don't get the homedir from the
registry.  From Werner on stable branch.
2002-11-13 17:19:22 +00:00
David Shaw
365011c8f1 * keyedit.c (show_key_with_all_names_colon): Make --with-colons --edit
display match the validity and trust of --with-colons --list-keys.

* passphrase.c (agent_send_all_options): Fix compile warning.

* keylist.c (list_keyblock_colon): Validity for subkeys should match that
of the primary key, and not that of the last user ID.

* getkey.c (merge_selfsigs): Revoked/expired/invalid primary keys carry
these facts onto all their subkeys, but only after the subkey has a chance
to be marked valid.  This is to fix an incorrect "invalid public key"
error verifying a signature made by a revoked signing subkey, with a valid
unrevoked primary key.
2002-11-13 13:23:03 +00:00
Werner Koch
d219b061ac * passphrase.c (agent_send_all_options): Use tty_get_ttyname to
get the default ttyname.
2002-11-09 17:48:41 +00:00
David Shaw
7911a5ed86 * keyring.h, keyring.c (keyring_register_filename): Return the pointer if
a given keyring is registered twice.

* keydb.h, keydb.c (keydb_add_resource): Use flags to indicate a default
keyring. (keydb_locate_writable): Prefer the default keyring if possible.

* g10.c (main): Add --default-keyring option.
2002-11-08 03:31:21 +00:00
David Shaw
bf4a893586 * options.h, g10.c (main), trustdb.c (ask_ownertrust): Add
--force-ownertrust option for debugging purposes.  This allows setting a
whole keyring to a given trust during an --update-trustdb.  Not for normal
use - it's just easier than hitting "4" all the time to test a large
trustdb.
2002-11-07 04:37:27 +00:00
David Shaw
3cb4118b6c * pubkey-enc.c (get_session_key): With hidden recipients or try a given
passphrase against all secret keys rather than trying all secret keys in
turn.  Don't if --try-all-secrets or --status-fd is enabled.

* passphrase.c (passphrase_to_dek): Mode 1 means do a regular passphrase
query, but don't prompt with the key info.

* seckey-cert.c (do_check, check_secret_key): A negative ask count means
to enable passphrase mode 1.

* keydb.h, getkey.c (enum_secret_keys): Add flag to include
secret-parts-missing keys (or not) in the list.
2002-11-06 16:58:28 +00:00
David Shaw
6920513cb4 * keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
don't try and fit the search output to the screen size - just dump the
whole list.
2002-11-05 16:11:04 +00:00
David Shaw
47b4b7f5c3 * keyserver.c (keyserver_search_prompt): When --with-colons is enabled,
just dump the raw keyserver protocol to stdout and don't print the menu.
2002-11-05 04:28:40 +00:00
David Shaw
731ab598ad * trustdb.c (trust_model_string, check_trustdb, update_trustdb,
validate_one_keyblock): It's not clear what a trustdb rebuild or check
means with a trust model other than "classic" or "openpgp", so disallow
this.
2002-11-04 17:30:38 +00:00
David Shaw
91a8e4a6fb * options.h, g10.c (main): Add --trust-model option. Current models are
"openpgp" which is classic+trustsigs, "classic" which is classic only, and
"always" which is the same as the current option --always-trust (which
still works).  Default is "openpgp".

* trustdb.c (validate_one_keyblock): Use "openpgp" trust model to enable
trust sigs.

* gpgv.c (main), mainproc.c (check_sig_and_print), pkclist.c (do_we_trust,
do_we_trust_pre, check_signatures_trust): Use new --trust-model option in
place of --always-trust.
2002-11-03 20:18:56 +00:00
David Shaw
ae1d1288ee * keyedit.c (sign_mk_attrib, trustsig_prompt, sign_uids, keyedit_menu):
Prompt for and create a trust signature with "tsign".  This is functional,
but needs better UI text.

* build-packet.c (build_sig_subpkt): Able to build trust and regexp
subpackets.

* pkclist.c (do_edit_ownertrust): Comment.
2002-11-03 12:46:52 +00:00
David Shaw
39e659312e * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).

* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.

* main.h, misc.c (string_to_compress_algo): New.
2002-11-03 00:00:42 +00:00
David Shaw
bdf0e306df * g10.c (main): Add --no-throw-keyid.
* keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), pkclist.c
(build_pk_list): Add --hidden-recipient (-R) and --hidden-encrypt-to,
which do a single-user variation on --throw-keyid.  The "hide this key"
flag is carried in bit 0 of the pk_list flags field.

* keyserver.c (parse_keyrec): Fix shadowing warning.
2002-11-01 16:15:45 +00:00
Stefan Bellon
7dac918b6d added RISC OS module loading support 2002-10-31 16:58:47 +00:00
David Shaw
20c99d180a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:40:42 +00:00
David Shaw
179b8570c8 * trustdb.c (check_regexp): Modern regexps require REG_EXTENDED. 2002-10-30 23:40:05 +00:00
David Shaw
09158d1e99 * packet.h, trustdb.h, trustdb.c (trust_string): New. Return a string
like "fully trusted", "marginally trusted", etc. (get_min_ownertrust):
New.  Return minimum ownertrust. (update_min_ownertrust): New.  Set
minimum ownertrust. (check_regexp): New.  Check a regular epression
against a user ID. (ask_ownertrust): Allow specifying a minimum value.
(get_ownertrust_info): Follow the minimum ownertrust when returning a
letter. (clear_validity): Remove minimum ownertrust when a key becomes
invalid. (release_key_items): Release regexp along with the rest of the
info. (validate_one_keyblock, validate_keys): Build a trust sig chain
while validating.  Call check_regexp for regexps.  Use the minimum
ownertrust if the user does not specify a genuine ownertrust.

* pkclist.c (do_edit_ownertrust): Only allow user to select a trust level
greater than the minimum value.

* parse-packet.c (can_handle_critical): Can handle critical trust and
regexp subpackets.

* trustdb.h, trustdb.c (clear_ownertrusts), delkey.c (do_delete_key),
import.c (import_one): Rename clear_ownertrust to clear_ownertrusts and
have it clear the min_ownertrust value as well.

* keylist.c (list_keyblock_print): Indent uid to match pub and sig.
2002-10-30 03:11:57 +00:00
David Shaw
809b8b031a * keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.

* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.

* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 18:00:07 +00:00
Stefan Bellon
e4021a4c95 tidied RISC OS filetype support 2002-10-29 14:37:12 +00:00
Stefan Bellon
557f65836d filetype support for RISC OS 2002-10-28 13:26:44 +00:00
David Shaw
64291d81be * main.h, import.c (sec_to_pub_keyblock, import_secret_one,
parse_import_options), g10.c (main): New import-option "convert-sk-to-pk"
to convert a secret key into a public key during import.  It is on by
default.
2002-10-23 15:59:45 +00:00
Werner Koch
7e5f9547c5 * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
has been assigned.
2002-10-23 07:11:01 +00:00
Timo Schulz
aa853f1eb5 2002-10-18 Timo Schulz <ts@winpt.org>
* keylist.c: (print_pubkey_info): New.
        (print_seckey_info): New.
        * main.h: Prototypes for the new functions.
        * delkey.c (do_delete_key): Use it here.
        * revoke.c (gen_desig_revoke): Ditto.
2002-10-18 15:41:33 +00:00
Werner Koch
be9b626c1d * pkclist.c (do_edit_ownertrust): Show all user IDs. This should
be enhanced to also show the current trust level.  Suggested by
Florian Weimer.
2002-10-17 13:48:43 +00:00
David Shaw
e613304ae7 * g10.c (main): Handle --strict and --no-strict from the command line
before the options file is loaded.
2002-10-17 11:50:46 +00:00
David Shaw
73ccfeb606 * g10.c (main): Disable --textmode when encrypting (symmetric or pk) in
--pgp2 mode as PGP 2 can't handle the unknown length literal packet.
Reported by Michael Richardson.
2002-10-15 17:01:04 +00:00
David Shaw
da1c9e820c * keyserver-internal.h, keyserver.c (print_keyrec, parse_keyrec,
show_prompt, keyserver_search_prompt, keyserver_spawn): Go to version 1 of
the keyserver protocol.  This is a better design, similar to
--with-colons, that allows for keys with multiple user IDs rather than
using multiple keys.  It also matches the machine readable pksd format.
Also use a prettier --search-keys listing format that can fill different
size windows (currently set at 24 lines).
2002-10-14 18:50:28 +00:00
Werner Koch
e5f14f15da * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:47:40 +00:00
David Shaw
9fafaa7ef7 * keyedit.c (menu_addrevoker): Properly back out if the signature fails.
Also, do not allow appointing the same revoker twice, and report
ALREADY_SIGNED if the user tries it.
2002-10-11 21:07:03 +00:00
David Shaw
9e86063293 And changelog :) 2002-10-07 22:19:27 +00:00
David Shaw
1fed5c87f0 * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.
2002-10-04 22:12:09 +00:00
Werner Koch
d68fe4f73d * import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing
warning.

* passphrase.c (agent_get_passphrase): Fixed signed/unsigned char
problem in %-escaping.  Noted by Ingo Kl�cker.
2002-10-04 05:43:54 +00:00
David Shaw
8c48fbd0e2 * options.h, g10.c (main): Add --strict and --no-strict to switch the
log_warning severity level from info to error.
2002-10-03 22:13:04 +00:00
David Shaw
fcefffcb00 * keylist.c (print_capabilities): Secret-parts-missing keys should show
that fact in the capabilities, and only primary signing keys can certify
other keys.

* packet.h, parse_packet.c (parse_key): Add is_primary flag for public
keys (it already exists for secret keys).
2002-10-03 19:20:37 +00:00
David Shaw
58972f24c4 * import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key.

* keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing
key.

* parse_packet.c (parse_key): Some comments.

* revoke.c (gen_revoke): Remove some debugging code.

* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option
again.

* seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher
in question is in fact IDEA.
2002-10-02 22:01:29 +00:00