1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

427 Commits

Author SHA1 Message Date
David Shaw
869c6bb7e4 * misc.c (compress_algo_to_string, string_to_compress_algo,
check_compress_algo): Add bzip2.

* compress.c (compress_filter): Make static to help force the use of
push_compress_filter.  Remove default algorithm setting since that is done
in push_compress_filter now.

* main.h: Use named algorithm.

* filter.h, compress.c (push_compress_filter, push_compress_filter2): New.
Figure out which is the appropriate compression filter to use, and push it
into place.

* compress.c (handle_compressed), encode.c (encode_simple, encode_crypt),
sign.c (sign_file, sign_symencrypt_file), import.c (read_block), export.c
(do_export): Use push_compress_filter instead of pushing the compression
filter ourselves.

* compress-bz2.c: New.  Bzlib versions of the compression filter routines.

* Makefile.am: Include compress-bz2.c if bz2lib is available.
2003-10-31 05:39:02 +00:00
Werner Koch
06865e7164 (close_ct_reader, close_pcsc_reader): Implemented.
(get_ccid_error_string): New.  Not very useful messages, though.
2003-10-30 09:30:20 +00:00
Werner Koch
fcc72f915b * cardglue.c (open_card): Ask for card insertion.
(check_card_serialno): New.
(agent_scd_pksign, agent_scd_pkdecrypt): Use it here.
* cardglue.c (open_card): Issue insertion status message.
* status.h, status.c (STATUS_CARDCTRL): New.

* status.c (cpr_get_answer_okay_cancel): New.

* miscutil.c (answer_is_okay_cancel): New.
2003-10-29 10:07:44 +00:00
Werner Koch
be239a058a * DETAILS: Add the 'a' value for field 12 and the new field 15.
* keylist.c (list_keyblock_print): Denote secrets keys stored on a
card with an '>'. Print the '#' also for subkeys.
(list_keyblock_colon): Introduce new field 15 for sec/ssb to print
the serial number.
2003-10-28 09:25:06 +00:00
David Shaw
ce4c9b6b5f * g10.c (main): Enhance the version-specific config file code to try for
more specific matches before giving up (e.g. 1.3.3-cvs, 1.3.3, 1.3, 1).
2003-10-26 15:49:44 +00:00
David Shaw
bb7986e9a6 * g10.c (main): Add --symmetric --encrypt command. This generates a
message that can be decrypted via a passphrase or public key system.

* main.h, encode.c (encode_seskey): Allow passing in an already-created
session key dek. (encode_simple): Use the actual symmetric cipher when
encrypting a session key for a symmetric message. (encode_crypt): Add a
flag to trigger a hybrid mode that can be decrypted via a passphrase or a
pk.  Change all callers.

* mainproc.c (symkey_decrypt_sesskey): There is no way to tell the
difference here between a bad passphrase and a cipher algorithm that we
don't have, so use a error message that makes that clear. Use the actual
list of ciphers when checking whether a cipher is invalid.  Return error
if the decrypted cipher algorithm is invalid. (proc_symkey_enc): In a
mixed passphrase/pk message, if a valid dek already exists from decrypting
via pk, do not try to process the passphrase. (proc_symkey_enc): Indicate
when we're decrypting a session key as opposed to decrypting data.  If a
passphrase is invalid, discard the dek so we'll keep trying.
2003-10-26 03:26:14 +00:00
Werner Koch
e62874f1d1 * ccid-driver.c (ccid_open_reader): Return an error if no USB
devices are found.

* Makefile.am: Replaced INTLLIBS by LIBINTL.
2003-10-25 16:26:29 +00:00
Werner Koch
bc45e6e065 * g10.c (main) [ENABLE_CARD_SUPPORT]: Add a default for
--pcsc-driver.

* cardglue.c (learn_status_cb): Fixed faulty use of !space.
2003-10-25 14:17:24 +00:00
Werner Koch
624612b991 (apdu_open_reader): Hacks for PC/SC under Windows. 2003-10-24 20:50:38 +00:00
Werner Koch
441aeb85f2 * passphrase.c (ask_passphrase): Add optional promptid arg.
Changed all callers.
* cardglue.c (pin_cb): Use it here, so the machine interface can
tell whether the Admin PIN is requested.

* cardglue.c (agent_scd_checkpin): New.

* misc.c (openpgp_pk_algo_usage): Added AUTH usage.

* app-openpgp.c (check_against_given_fingerprint): New. Factored
out that code elsewhere.
(do_check_pin): New.
* card-util.c (card_edit): New command "passwd".  Add logic to
check the PIN in advance.
(card_status): Add new args to return the serial number.  Changed
all callers.
2003-10-21 18:22:21 +00:00
David Shaw
6ad91b2b3a * import.c (import_one): Show the keyid when giving the Elgamal slow
import warning.

* g10.c (main): Older versions used --comment "" to indicate no comment.
Don't add an empty comment.
2003-10-14 23:30:14 +00:00
David Shaw
837df305c6 * keyedit.c (show_key_with_all_names): Ownertrust is only meaningful for
the PGP or classic trust models.  Both validity and ownertrust are not
meaningful for the always trust model.
2003-10-14 00:05:44 +00:00
Werner Koch
bc14a878e2 Always enable the gen_card_key prototype. 2003-10-11 16:32:03 +00:00
Werner Koch
8b36b03074 (card_close): New.
(agent_scd_change_pin): Implemented.
2003-10-10 15:45:11 +00:00
Werner Koch
5a0fbad9b3 * cardglue.c (card_close): New.
* ccid-driver.c (ccid_close_reader): New.
* apdu.c (close_ccid_reader, close_ct_reader, close_csc_reader)
(close_osc_reader, apdu_close_reader): New.  Not all are properly
implemented yet.
* g10.c (g10_exit): Use close_card.
2003-10-10 15:12:02 +00:00
David Shaw
40db05fb99 * g10.c (main): Give a deprecated option warning for --show-keyring,
--show-photos, --show-policy-url, --show-notation, and their respective
no- forms.

* options.skel: Remove show-photos and replace with list/verify-options
show-photos.  Remove no-mangle-dos-filenames.

* misc.c (parse_options): Allow for incomplete (but unambiguous) options.
2003-10-10 03:05:05 +00:00
Werner Koch
f633ef17dc * ccid-driver.c (ccid_transceive): Add T=1 chaining for sending.
* sign.c (do_sign) [!ENABLE_CARD_SUPPORT]: Return an error for
card keys.

* cardglue.c (agent_scd_pkdecrypt): Implemented.
* pubkey-enc.c (get_it) [ENABLE_CARD_SUPPORT]: Divert decryption
to card
2003-10-09 15:08:12 +00:00
Werner Koch
72c648c035 * cardglue.c (pin_cb): Detect whether an admin or regular PIN is
requested.
(genkey_status_cb): New.
(agent_scd_genkey): Implemented.

* keygen.c (generate_keypair): New arg CARD_SERIALNO and prepare
parameters for on card key generation. Changed all callers.
(do_generate_keypair): Add new arg card and merged casrd specific
changes from 1.9.
(proc_parameter_file): New arg card, apss it down to
do_generate_keypair and changed all callers.
(gen_card_key): New.

* g10.c: Include cardclue.h.
(main): s/app_set_default_reader_port/card_set_reader_port/.
* cardglue.c (card_set_reader_port): New to address include file
issues.
2003-10-08 15:21:20 +00:00
Werner Koch
99cabff03f * cardglue.c (learn_status_cb): Release values before assignment
so that it can be used by getattr to update the structure.
(agent_scd_getattr): New.

* keylist.c (print_pubkey_info): Add FP arg for optional printing
to a stream.  Changed all callers.
2003-10-02 10:20:12 +00:00
David Shaw
b0fe35f60e * g10.c (main): Add --no-groups to zero --group list.
* encode.c (encode_simple): Allow for 32 bytes (256 bits) of symmetrically
encrypted session key.  Use --s2k-cipher-algo to choose cipher, rather
than the default cipher.

* parse-packet.c (parse_subkeyenc): Give a warning if an symmetrically
encrypted session key is seen without salt.  Show in --list-packets if a
symetrically encrypted session key is present.

* pubkey-enc.c (get_it): Always show cipher-not-in-prefs warning unless
--quiet is set.  Use text name of cipher in warning.
2003-10-01 15:15:58 +00:00
David Shaw
cb772decc4 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
--verify-option show-unusable-uids.
2003-09-30 21:16:36 +00:00
David Shaw
52100b459a * gpgv.c (check_trustdb_stale): Stub.
* trustdb.c (get_validity): Move the up-to-date check to
check_trustdb_stale (new), so that it can be called before validity is
checked.

* keylist.c (list_keyblock_print): Disable the overall key validity
display until it can be thought about more.  Use check_trustdb_stale here
to avoid putting the check warning in the middle of a listed key.

* trustdb.c (init_trustdb): Only verify_own_keys() for those trust models
that it applies to (i.e. classic and OpenPGP).
2003-09-30 15:30:39 +00:00
Werner Koch
8062cb418a * keygen.c (do_add_key_flags, parse_parameter_usage): Add support
the proposed AUTH key flag.
* getkey.c (fixup_uidnode, merge_selfsigs_main)
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
* keylist.c (print_capabilities): Ditto.

* parse-packet.c (parse_key): Allow to parse the divert-to-card
S2K mode.
* build-packet.c (do_secret_key): Handle divert-to-card S2K
* seckey-cert.c (is_secret_key_protected): Ditto.
(check_secret_key): Ditto.

* keygen.c (do_ask_passphrase): Renamed from ask_passphrase.
* passphrase.c (ask_passphrase): New.
2003-09-30 08:00:08 +00:00
Werner Koch
e369270a65 * g10.c (main): New commands --card-edit, --card-status and
--change-pin.  New options --ctapi-driver, --pcsc-driver and
--disable-ccid
* options.h (DBG_CARD_IO): New.
* cardglue.c, cardclue.h: Enhanced.
* card-util.c: New. Taken from current the gnupg 1.9 branch.
* app-common.h, app-openpgp.c, iso7816.c, iso7816.h, apdu.c
* apdu.h, ccid-driver.c, ccid-driver.h: New.  Takem from the current
gnupg 1.9 branch withy minor changes to include directives.
* Makefile.am: Added these files.
2003-09-28 13:41:58 +00:00
Werner Koch
20ed53942a First bits of a card support backport from 1.9. It is not enabled by
default and tehre is not yet much more than a new configure option.

* configure.ac (LIBUSB_LIBS,HAVE_LIBUSB): Check for Libusb.
(--enable-card-support): New.

* sign.c (do_sign) [ENABLE_CARD_SUPPORT]: Divert to card.
* cardglue.c, cardglue.h: New.
* Makefile.am (gpg_LDADD): Added.
(card_support_sources): New.

* memory.h (xmalloc): Define xmalloc macros in terms of m_alloc.
2003-09-27 19:37:53 +00:00
David Shaw
e70e41612f * options.h, g10.c (main), keylist.c (list_keyblock_print): Add
"show-unusable-uids" list-option to show revoked and/or expired user IDs.
2003-09-25 04:03:11 +00:00
David Shaw
0d8bd2eace * keyedit.c (show_key_with_all_names): Show names a little neater by
putting the [revoked] or [expired] in the space used for the [validity].
There is also no point in showing "[unknown] [revoked]".
2003-09-24 12:11:17 +00:00
David Shaw
97dcb84cce * sign.c (mk_notation_policy_etc): Capitalize "URL".
* trustdb.c (validate_keys): Give a little more information while
rebuilding trustdb.

* pkclist.c (do_edit_ownertrust): Clarify "don't know".

* g10.c (main): Default to --no-mangle-dos-filenames.
2003-09-24 03:48:55 +00:00
David Shaw
4ccd51cb50 * keydb.h, keyring.c (keyring_search), trustdb.c (search_skipfnc): Expand
the skipfnc to include a pointer to the user ID that matched.

* getkey.c (skip_disabled): Rename to skip_unusable, and add checks for
expired or revoked user IDs.
2003-09-23 23:14:03 +00:00
David Shaw
b224756fbe * g10.c (main): Deprecate --default-comment in favor of --no-comments.
* options.h, g10.c (main), armor.c (armor_filter): Allow using --comment
multiple times to get multiple Comment: header lines. --no-comments resets
list.
2003-09-23 03:52:55 +00:00
David Shaw
eb18893c8c * g10.c (main): Trim --help to commonly used options. Remove -f. 2003-09-12 03:29:00 +00:00
David Shaw
405d9dfc59 * g10.c (main): Error out if --multifile is used with the commands that
don't support it yet (--sign, --clearsign, --detach-sign, --symmetric, and
--store).

* g10.c (main): Add --multifile as an alias to turn --encrypt into
--encrypt-files (plus --verify-files, --decrypt-files).

* encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 directly to
check for MDC usability.  Do not set the force_mdc or disable_mdc flags
since there is no point any longer.
2003-09-09 00:25:53 +00:00
David Shaw
fe0de7bcaa * armor.c (parse_hash_header, armor_filter), g10.c (print_hex, print_mds),
pkclist.c (algo_available): Drop TIGER/192 support.
2003-09-04 12:03:04 +00:00
David Shaw
ff4b6613a9 * keyedit.c (show_key_with_all_names): Fix assertion failure when using
toggle to see a secret key.  Reported by Maxim Britov.
2003-09-03 23:24:03 +00:00
David Shaw
858a0a511e * g10.c (add_keyserver_url), keyedit.c (keyedit_menu), sign.c
(mk_notation_policy_etc): Clarify a few strings.  It's a "preferred
keyserver URL".

* g10.c (main): Use "keyserver-url" instead of "preferred-keyserver" for
the sake of short and simple commands.
2003-08-31 23:49:07 +00:00
David Shaw
653da12d2c * main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
adding a keyserver URL.

* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to set
preferred keyserver to specified (or all) user IDs.

* build-packet.c (build_sig_subpkt): Set preferred keyserver flag while
building a preferred keyserver subpacket.

* keylist.c (show_policy_url): Policy URLs might be UTF8.

* keyedit.c (menu_addrevoker): Fix leaking a few bytes.
2003-08-31 03:45:41 +00:00
David Shaw
7c352dc29e * keyedit.c (show_key_with_all_names): Use list-option show-long-keyid in
main --edit-key display.
2003-08-30 01:08:08 +00:00
David Shaw
b9c223f86a * keyedit.c (print_and_check_one_sig): Use list-option show-long-keyid in
--edit-key "check" function.
2003-08-30 00:40:56 +00:00
David Shaw
17e67cd29b * passphrase.c (agent_send_all_options): Make use of $GPG_TTY.
* g10.c (main): Disable use-agent if passphrase-fd is given later.
Suggested by Kurt Garloff.

* exec.c, g10.c, gpgv.c, passphrase.c, photoid.c: s/__MINGW32__/_WIN32/ to
help building on native Windows compilers.  Requested by Brian Gladman.
From Werner on stable branch.
2003-08-29 00:14:42 +00:00
David Shaw
2d682ddc00 * options.h, g10.c (main): Add list-option list-preferred-keyserver.
* keyedit.c (change_passphrase): When responding 'no' to the blank
passphrase question, re-prompt for a new passphrase.  This is bug #202.
2003-08-26 04:07:52 +00:00
David Shaw
68aa60e79c * mainproc.c (check_sig_and_print): Use two different preferred keyserver
displays - one if the key is not present (to tell the user where to get
the key), the other if it is present (to tell the user where the key can
be refreshed).

* packet.h, parse-packet.c (parse_signature): Set flag if a preferred
keyserver is present.

* keylist.c (list_keyblock_print): Show keyserver url in listings with
list-option show-keyserver-url.
2003-08-26 03:56:47 +00:00
David Shaw
5707b80e59 * Makefile.am: Use NETLIBS instead of EGDLIBS. 2003-08-25 03:37:06 +00:00
David Shaw
03c12b5a5b * mainproc.c (check_sig_and_print): Get the uid validity before printing
any sig results to avoid munging the output with trustdb warnings.

* g10.c (main): Don't include --show-keyring in --help as it is
deprecated.
2003-08-24 23:01:26 +00:00
David Shaw
d8273544e1 * gpgv.c: Remove extra semicolon (typo).
* options.skel: Note that keyserver.pgp.com isn't synchronized, and
explain the roundrobin a bit better.

* sig-check.c (check_key_signature2), import.c (import_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids,
merge_blocks): Make much quieter during import of slightly munged, but
recoverable, keys. Use log_error for unrecoverable import failures.

* keyring.c (keyring_rebuild_cache): Comment.

* sign.c (mk_notation_and_policy): Making a v3 signature with notations or
policy urls is an error, not an info (i.e. increment the errorcount).
Don't print the notation or policy url to stdout since it can be mixed
into the output stream when piping and munge the stream.
2003-08-21 23:20:58 +00:00
David Shaw
a2cf3caa98 * packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.

* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
2003-08-13 03:31:36 +00:00
David Shaw
752e3459ab * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).
2003-08-03 02:37:48 +00:00
David Shaw
e4a9d14aad * options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.
2003-07-24 19:28:12 +00:00
David Shaw
fbdee01db9 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.
2003-07-21 23:19:15 +00:00
David Shaw
fa0cc6602b * keyedit.c (show_key_with_all_names): Use list-option show-validity in
--edit-key interface as well.
2003-07-20 17:09:43 +00:00
David Shaw
726b36b647 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.
2003-07-20 02:09:06 +00:00