1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

10230 Commits

Author SHA1 Message Date
NIIBE Yutaka
64f5f7b74e
gpg,tools: Handle GPG_ERR_PIN_BLOCKED and GPG_ERR_NO_RESET_CODE.
* g10/card-util.c (write_sc_op_status): Emit 3 and 4 in status line.
* tools/card-call-scd.c (status_sc_op_failure): Likewise.

--

GnuPG-bug-id: 6425
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-08 13:41:16 +09:00
NIIBE Yutaka
65607fb81d
tools:gpg-card: Fix an error code for Reset Code.
* tools/gpg-card.c (cmd_unblock): Use GPG_ERR_NO_RESET_CODE.

--

GnuPG-bug-id: 6425
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-08 13:31:55 +09:00
NIIBE Yutaka
e6b3d53db3
scd: Return GPG_ERR_PIN_BLOCKED when it's blocked.
* scd/app-openpgp.c (build_enter_admin_pin_prompt): Fix to use
GPG_ERR_PIN_BLOCKED.
(check_pin): Likewise.

--

GnuPG-bug-id: 6425
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-08 11:44:06 +09:00
Werner Koch
387ee7dcbd
Merge branch 'STABLE-BRANCH-2-4'
* common/b64dec.c (b64decode): Move to ...
* common/miscellaneous.c: here.

* common/t-b64.c: Re-inroduce and keep only the b64decode test code.
2023-11-07 20:38:27 +01:00
NIIBE Yutaka
337de21f4b
doc: Use the em dash to mark a break in a sentence.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-07 13:55:29 +09:00
NIIBE Yutaka
00da0e9f93
doc: Remove stray .RE in doc/gpgsm.texi.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-06 14:47:21 +09:00
NIIBE Yutaka
c2812a9bbc
doc: Fix to avoid using en-dash for command options.
--

GnuPG-bug-id: 6746
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-02 15:05:19 +09:00
Andre Heinecke
05ef8c0cc0
g10: Fix uninitalized variable use in sign_file
* g10/sign.c (sign_file): Initialize gcry_md_hd_t to NULL.

--
There are several jumps to leave before gcry_md_open is called so
md should be initialized to NULL to avoid calling gcry_md_close
on an uninitalized variable.

GnuPG-Bug-Id: T6780
2023-10-28 14:20:31 +02:00
Werner Koch
678c819027
w32: Use utf8 for the asctimestamp function.
* common/gettime.c (asctimestamp) [W32]: Use ".UTF8" for the locale.
--

This has been suggested by the reporter of
GnuPG-bug-id: 6741
2023-10-27 14:22:10 +02:00
Werner Koch
95b9a31f81
gpg: Fix minor memory leak during certain smartcard operations.
* g10/keygen.c (card_store_key_with_backup): Fix memory leak on error.
2023-10-27 14:20:47 +02:00
Werner Koch
a4fe307b55
gpg: Allow expiration time after 2038-01-19 on 32 bit Windows.
* g10/keygen.c (parse_expire_string_with_ct): Use isotime2epoch_u64.
(parse_creation_string): Ditto.
--

GnuPG-bug-id: 6736
2023-10-26 12:45:50 +02:00
Werner Koch
164c687cb6
common: New functions timegm_u64, isotime2epoch_u64.
* common/mischelp.c (timegm): Move to ...
* common/gettime.c (timegm): here.  On Windows use timegm_u32.
(timegm_u32): New.
(isotime2epoch): Factor code out to ...
(isotime_make_tm): new helper.
(isotime2epoch_u64): New.
(_win32_timegm): Remove duplicated code.
(parse_timestamp): Use of timegm.
(scan_isodatestr): Fallback to isotime2epoch_u64.
--

This mainly helps on 32 bit Windows.  For Unix we assume everyone is
using 64 bit or shall wait until the libc hackers finally provide a
time64_t.

GnuPG-bug-id: 6736
2023-10-26 12:39:43 +02:00
Werner Koch
2c3c049fd8
sm: Flag Brainpool curves as compliant for all other operations.
* sm/fingerprint.c (gpgsm_get_key_algo_info2): Rename to
(gpgsm_get_key_algo_info): this.  Remove the old wrapper.  Adjust all
callers.
* sm/decrypt.c (gpgsm_decrypt): Pass the curve to the compliance
checker.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6253
2023-10-24 14:54:26 +02:00
Werner Koch
97708e2ac7
sm: Flag Brainpool curves as compliant.
* sm/keylist.c (print_compliance_flags): Add arg curve.
(list_cert_colon): Pass curve to the compliance check.
--

GnuPG-bug-id: 6253
2023-10-24 14:22:32 +02:00
Werner Koch
4448bc44f0
common: Provide API to parse BER/TLV encodings.
* sm/minip12.c: Factor parsing code out to ...
* common/tlv-parser.c: new.  Extend function names and provide a few
extra functions.
* common/Makefile.am (common_sources): Add new file.

* sm/minip12.c: Adjust to use the new parser API.
2023-10-24 13:25:10 +02:00
Werner Koch
7661d2fbc6
sm: Another partly rewrite of minip12.c
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize.
Remove pop_count.  Rename offset to length.
(dump_tag_info, _dump_tag_info): Rewrite.
(dump_tlv_ctx, _dump_tlv_ctx): Rewrite.
(tlv_new): Init origbuffer.
(_tlv_peek): Add arg ti.
(tlv_peek): New.
(tlv_peek_null): New.
(_tlv_push): Rewrite.
(_tlv_pop): Rewrite.
(tlv_next): New macro.  Move old code to ...
(_tlv_next): this.  Add arg lno.  Pop remaining end tags.
(tlv_popped): Remove.
(tlv_expect_object): Handle ndef.
(tlv_expect_octet_string): Ditto.
(parse_bag_encrypted_data): Use nesting level to control the inner
loop.
(parse_shrouded_key_bag): Likewise.
(parse_bag_data): Handle surplus octet strings.
(p12_parse): Ditto.

* sm/minip12.c (decrypt_block): Strip the padding.
(tlv_expect_top_sequence): Remove.  Replace callers by
tlv_expect_sequence.

* tests/cms/samplekeys/t6752-ov-user-ff.p12: New sample key.
* tests/cms/samplekeys/Description-p12: Add its description
--

This patch improves the BER parser by simplifying it.  Now tlv_next
pops off and thus closes all containers regardless on whether they are
length bounded or ndef.  tlv_set_pending is now always used to undo
the effect of a tlv_next in a loop condition which was terminated by a
nesting level change.

Instead of using the length as seen in the decrypted container we now
remove the padding and let the BER parser do its work.  This might
have a negative effect on pkcs#12 objects which are not correctly
padded but we don't have any example of such broken objects.

GnuPG-bug-id: 6752
2023-10-24 09:33:35 +02:00
Werner Koch
873b2b0da1
doc: Minor typo fixes.
--
2023-10-18 15:43:22 +02:00
Werner Koch
956b1e1c26
build: Extend autobuild diagnostics by the username
* m4/autobuild.m4 (AB_INIT): Add username.
--

The old autobuild diagnostics show up in build logs.  What they are
missing is an information on the user who triggered a build.  EMAIL is
a common thing to denote the actual user using a service account.
2023-10-16 16:31:08 +02:00
Werner Koch
606933dfb4
gpg: Allow to specify seconds since Epoch beyond 2038.
* g10/keygen.c (parse_expire_string_with_ct): Use new function
scan_secondsstr.
(parse_creation_string): Ditto.
--

Noet that we cap the seconds at the year 2106.

GnuPG-bug-id: 6736
2023-10-14 17:23:42 +02:00
Werner Koch
a17363e992
common: New function scan_secondsstr.
* common/gettime.c (scan_secondsstr): New.

* common/t-gettime.c (test_scan_secondsstr):
(main): Call it.
2023-10-14 17:14:22 +02:00
Werner Koch
5601f5db98
gpgsm: Improvements for NDEF in the pkcs#12 parser
* sm/minip12.c (_tlv_push): Handle NDEF more correctly.
(tlv_expect_octet_string): Do not bail out on NDEF.
(dump_tag_info): Print some more infos.
--

We do not have a complete test case for this.  We need to further
analyze T6752 to see what Mozilla is doing here.  In any case with
this patch we get a bit further and don't bail out at the ndef.

GnuPG-bug-id: 6536, 6752
2023-10-10 11:37:00 +02:00
Werner Koch
4963f13f8f
scd:openpgp: Return better error codes for the Reset Code.
* scd/app-openpgp.c (do_change_pin): Use GPG_ERR_BAD_RESET_CODE where
appropriate.
* common/util.h: Add error codes missing in gpgrt 1.46.

* agent/call-pinentry.c (unlock_pinentry): Handle
GPG_ERR_BAD_RESET_CODE.
(agent_askpin): Ditlo.  Also simply condition.
(agent_get_passphrase):  Ditto.
* g10/call-agent.c (status_sc_op_failure): Handle
GPG_ERR_BAD_RESET_CODE.
* g10/card-util.c (write_sc_op_status): Ditto.
* tools/card-call-scd.c (status_sc_op_failure): Ditto.
2023-10-06 12:15:10 +02:00
Werner Koch
24b3a5a579
sm: Support more HMAC algos in the pkcs#12 parser.
* sm/minip12.c (oid_hmacWithSHA1): New.  Also for the SHA-2 algos.
(digest_algo_from_oid): New.
(set_key_iv_pbes2): Add arg digest_algo.
(crypt_block): Ditto.
(decrypt_block): Ditto.
(parse_bag_encrypted_data): Parse the optional prf part and get the
hmac algorithm.
(parse_shrouded_key_bag): Ditto.
(p12_build): Pass SHA1 for digest_algo.

* sm/t-minip12.c (run_one_test): Print failed values in verbose mode.

* tests/cms/samplekeys/nistp256-openssl-self-signed.p12: New.
* tests/cms/samplekeys/Description-p12: Add this one.
* tests/cms/Makefile.am (EXTRA_DIST): Ditto.
--

This supports the modern algorithms, i.e. using SHA256 for the KDF
which is the default in openssl unless the -legacy option is used.

GnuPG-bug-id: 6536
2023-10-06 11:02:19 +02:00
NIIBE Yutaka
9353dc811a
tests:tpm2dtests: Modify tests with SWTPM and relax the condition.
* configure.ac (SWTPM_IOCTL): Remove.
(TEST_LIBTSS): Fix the condition.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Remove
SWTPM_IOCTL.
* tests/tpm2dtests/start_sw_tpm.sh: Add --flags to invoke SWTPM,
not requiring SWTPM_IOCTL and TSSSTARTUP any more.

--

Cherry-picked from master commit of:
	227b3b14f4be2f33ed721818c2186e7fca4cebdf

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:56:09 +09:00
NIIBE Yutaka
0e200f2187
tests:tpm2dtests: Fix tests with SWTPM.
* configure.ac (TEST_LIBTSS): Fix the condition with SWTPM.
* tests/tpm2dtests/start_sw_tpm.sh: Use --daemon and --pid
to run SWTPM.

--

Cherry-picked from master commit of:
	98dd6f7af6aa3dcce19f20c22e3f825676e6b184

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:55:36 +09:00
NIIBE Yutaka
0494ec8f4d
build: Simplify detecting a TPM emulator.
* configure.ac (TPMSERVER): Don't supply hard-coded path.
(SWTPM, SWTPM_IOCTL, TSSSTARTUP): Likewise.

--

Cherry-picked from master commit of:
	f2ca727978da5b1ed84f97bf37d604e8a4e60091

Having hard-coded path has bad side effect; It may not be detected
even if it's available with PATH.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:54:44 +09:00
NIIBE Yutaka
e783866f41
tools: Add TPM2DAEMON_SOCK_NAME for --remove-socketdir.
* tools/gpgconf.c (main): Care about tpm2d.  Emit correct ERR.

--

Cherry-picked from master commit of:
	25c84ffd1078e6619761aa731a82dbaf4175c02e

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:54:06 +09:00
NIIBE Yutaka
d17efdcd6f
tests:tpm2dtests: Fix tests with TPM2D.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Fix.
* tests/tpm2dtests/all-tests.scm: Follow the change of gpgscm.
* tests/tpm2dtests/run-tests.scm: Likewise.

--

Cherry-picked from master commit of:
	321f9c0a3f2873cb3007e2bc2a542bbd0b2cc974

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:53:31 +09:00
NIIBE Yutaka
8d0819346d
tpm2d: Check SWTPM environment variable for swtpm support.
* tpm2d/intel-tss.h (TSS_Create): Check SWTPM.

--

Cherry-picked from master commit of:
	1da40db03eba4aa056f7cdf8ef90292272a4147d

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-10-06 09:52:26 +09:00
NIIBE Yutaka
9909f622f6
agent: fix tpm2d keytotpm handling
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
agent_delete_key before agent_write_private_key.  Recover
from an error.

--

Cherry-picked from master commit of:
	eda3997b439e415f1bebaa3be20c8bdb43d3a1d0

Fixes-commit: a1015bf2fc07dabb1200eab5fa41f13e7bf98202
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-10-06 09:51:33 +09:00
NIIBE Yutaka
19caa5c267
agent: Initialize FP for the case of error return.
* agent/findkey.c (agent_write_private_key): Initialize FP.

--

Cherry-picked from master commit of:
	a8618fdccdab228a8bbe3efeb87223a68fa57219

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:50:12 +09:00
Werner Koch
b4449ffabc
gpg-card: Give a hint on how to get help for the "yubikey" command.
* tools/card-yubikey.c (yubikey_commands): Print a hint.
2023-10-05 11:07:16 +02:00
Werner Koch
c1f78634ec
sm: Improve the octet string cramming for pkcs#12
* sm/minip12.c (need_octet_string_cramming): New.
(tlv_expect_object, tlv_expect_octet_string): Run the test before
cramming.

* sm/minip12.c (ENABLE_DER_STRUCT_DUMPING): New but undefined macro
for debug purposes.
(bag_decrypted_data_p, bag_data_p): Use macro to allow dumping.
--

This bug was exhibited by importing a gpgsm exported EC certificate.

We use an extra test instead of retrying to allow retruning an error
from malloc failure.  And well, for easier reading of the code.

GnuPG-bug-id: 6536
2023-10-05 10:25:14 +02:00
NIIBE Yutaka
16b6b77532
Minor style fixes.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-05 14:00:46 +09:00
NIIBE Yutaka
227b3b14f4
tests:tpm2dtests: Modify tests with SWTPM and relax the condition.
* configure.ac (SWTPM_IOCTL): Remove.
(TEST_LIBTSS): Fix the condition.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Remove
SWTPM_IOCTL.
* tests/tpm2dtests/start_sw_tpm.sh: Add --flags to invoke SWTPM,
not requiring SWTPM_IOCTL and TSSSTARTUP any more.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-05 10:21:35 +09:00
NIIBE Yutaka
98dd6f7af6
tests:tpm2dtests: Fix tests with SWTPM.
* configure.ac (TEST_LIBTSS): Fix the condition with SWTPM.
* tests/tpm2dtests/start_sw_tpm.sh: Use --daemon and --pid
to run SWTPM.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 18:30:33 +09:00
NIIBE Yutaka
68b7aff9ce
agent: Fix agent_update_private_key.
* agent/findkey.c (agent_update_private_key): Check FNAME0.

--

Cherry-pick master commit of:
	08e529fa7cfa8f55256337dd525fe8724c78cd92

Fixes-commit: a216e9c028ee389c4bf0250b822d567ffe9ad85e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 10:27:01 +09:00
NIIBE Yutaka
08e529fa7c
agent: Fix agent_update_private_key.
* agent/findkey.c (agent_update_private_key): Check FNAME0.

--

Fixes-commit: a216e9c028ee389c4bf0250b822d567ffe9ad85e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 10:25:30 +09:00
NIIBE Yutaka
f2ca727978
build: Simplify detecting a TPM emulator.
* configure.ac (TPMSERVER): Don't supply hard-coded path.
(SWTPM, SWTPM_IOCTL, TSSSTARTUP): Likewise.

--

Having hard-coded path has bad side effect; It may not be detected
even if it's available with PATH.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 16:55:02 +09:00
NIIBE Yutaka
25c84ffd10
tools: Add TPM2DAEMON_SOCK_NAME for --remove-socketdir.
* tools/gpgconf.c (main): Care about tpm2d.  Emit correct ERR.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 16:54:19 +09:00
NIIBE Yutaka
321f9c0a3f
tests:tpm2dtests: Fix tests with TPM2D.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Fix.
* tests/tpm2dtests/all-tests.scm: Follow the change of gpgscm.
* tests/tpm2dtests/run-tests.scm: Likewise.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 11:53:00 +09:00
NIIBE Yutaka
4206d89003
tests:gpgscm: Fix process select loop.
* tests/gpgscm/ffi.c (do_process_spawn_io): Clear READ_FDSET in the
loop.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 11:44:11 +09:00
Werner Koch
9a3e41c151
common: Improve lock strategy for dotlock.
* common/dotlock.c (next_wait_interval): New.
(dotlock_take_unix): Use new function.
(dotlock_take_w32): Ditto.
--

In particular when using a dotlock file for protecting the spawning
and several processes try to spawn the agent or another component, we
often run into long delays.  The solution is to is to exponential
backoff and also to reduce the initial delay from 50ms to 4ms.  We
further limit the maximum wait period to about 2 seconds and then
repeat at intervals of 512, 1024 and 2048ms.  In the wait-forever case
we add a small random value to have different intervals per process.

GnuPG-bug-id: 3380

For testing this code snippet in the spawning function might be
useful:

          const char *s;
          if ((s=getenv("hold_gpg_file")))
            while (!gnupg_access (s, F_OK))
              gnupg_sleep (1);
2023-10-02 14:45:19 +02:00
Werner Koch
d7a1577a25
dirmngr: Add code to support the negotiation auth method.
* dirmngr/http.c (enum auth_negotiate_states): New.
(struct proxy_info_s): Add new fields.
(release_proxy_info): Free Windows stuff.
(proxy_get_token): New. Implemented only for Windows for now.
(run_proxy_connect): Add support for auth method Negotiation.
(store_header): Keep some header lines separate.
--

The code does something but I have not yet been able to test it due
to problems setting up Squid with AD authentication.  As of now it
will respond with a failure but that should not be worse than not to
implement Negotiation.

Supporting Negotiation using GSS for Unix should eventually also be
done.

GnuPG-bug-id: 6719
2023-10-02 13:10:13 +02:00
Werner Koch
53bdb7440c
dirmngr: Extended the http_get_header function.
* dirmngr/http.c (send_request): Add arg 'skip'.  Adjust all callers.
--

GnuPG-bug-id: 6719
2023-10-02 13:05:49 +02:00
Werner Koch
52b7a60cf9
common: Add new function b64decode.
* common/b64dec.c (b64decode): New.
* common/t-b64.c: Change license to LGPL.
(oops): New macro.
(hex2buffer): New.
(test_b64decode): New.
(main): Default to run the new test.
* common/Makefile.am (module_maint_tests): Move t-b64 to ...
(module_tests): here.
--

Sometimes we have a short base64 encoded string we need todecode.
This function makes it simpler.

License change of the test module justified because I am the single
author of the code.
2023-10-02 13:03:03 +02:00
NIIBE Yutaka
78afc209cc
tpm2d: Fix call to assuan_control.
* tpm2d/tpm2daemon.c (main): Use ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP.

--

Fixes-commit: 9e4d52223945d677c1ffcb0e20dae48299e9aae1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-02 10:32:04 +09:00
NIIBE Yutaka
1da40db03e
tpm2d: Check SWTPM environment variable for swtpm support.
* tpm2d/intel-tss.h (TSS_Create): Check SWTPM.

--

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-09-28 13:26:52 +09:00
NIIBE Yutaka
eda3997b43
agent: fix tpm2d keytotpm handling
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
agent_delete_key before agent_write_private_key.  Recover
from an error.

--

Fixes-commit: a1015bf2fc07dabb1200eab5fa41f13e7bf98202
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-09-28 11:59:14 +09:00
Werner Koch
a5e33618f4
dirmngr: Fix handling of the HTTP Content-Length
* dirmngr/http.c (cookie_s): Add fields pending, up_to_empty_line,
last_was_lf, and last_was_lfcr.
(http_context_s): Add field keep-alive.
(http_wait_response): Set up_to_empty_line.  Take care of keep_alive
flag.
(coookie_read): Implement detection of empty lines.
(cookie_write): Free the pending buffer.
--

The problem we fix here is that we already buffered stuff beyond the
empty line which marks the start of the content-length counting.  Thus
we tried to wait for more bytes despite that everything had already
been read.  This bug might have showed up more often in the real world
since the we changed the BUFSIZ on Windows from 512 byte to 8k.  It
also depends on the length of the headers and whether the server
closed the connection so that we ignored the Content-Length.

The bug was introduced earlier than 2010 and could have the effect
that a connection got stuck until the network layer timed out.

Note that the keep-alive parts of the patch are not yet used.
2023-09-26 14:19:26 +02:00