1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

2626 Commits

Author SHA1 Message Date
Werner Koch
25bef01e7a
doc: Typo fixes
--

Reported-by: Andreas Metzler
GnuPG-bug-id: 6309
2022-12-16 11:01:23 +01:00
NIIBE Yutaka
f32d0c9c0f
build: Remove Windows CE support.
* agent/Makefile.am [HAVE_W32CE_SYSTEM]: Remove.
* am/cmacros.am [HAVE_W32CE_SYSTEM]: Remove.
* autogen.sh: Remove W32ce_ variables.
* configure.ac: Likewise.
* dirmngr/Makefile.am (extra_bin_ldflags): Remove.
* g10/Makefile.am [HAVE_W32CE_SYSTEM]: Remove.
* kbx/Makefile.am: Likewise.
* sm/Makefile.am (extra_bin_ldflags): Remove.
* tools/Makefile.am (extra_bin_ldflags): Remove.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-09 14:06:08 +09:00
Werner Koch
278f85d1bc
wkd: Do not send/install/mirror expired user ids.
* tools/gpg-wks.h (struct uidinfo_list_s): Add fields expired and
revoked.
* tools/wks-util.c (append_to_uidinfo_list): Add args expired and
revoked.
(set_expired_revoked): New.
(wks_list_key): Set expired and revoked.
(wks_cmd_install_key): Skip expired uids.
* tools/gpg-wks-client.c (command_check): Print flags.
(command_send): Ignore expired keys.
(mirror_one_key): Ditto.

* g10/export.c (do_export_stream): Silence warning.
--

GnuPG-bug-id: 6292
2022-12-06 09:23:16 +01:00
Werner Koch
1a85ee9a43
gpg: New export option "mode1003".
* agent/command.c (cmd_export_key): Add option --mode1003.
(command_has_option): Ditto.
* g10/build-packet.c (do_key): Implement mode 1003.
* g10/parse-packet.c (parse_key): Ditto.
* g10/options.h (EXPORT_MODE1003): New.o
* g10/call-agent.c (agent_export_key): Add arg mode1003.
* g10/export.c (parse_export_options): Add "mode1003"
(secret_key_to_mode1003): New.
(receive_seckey_from_agent): Add arg mode1003.
(do_export_one_keyblock): Pass option down.
--

This option allows to export a secret key in GnuPG's native format.
Thus no re-encryption is required and further the public key parameters
are also authenticated if a protection passphrase has been used.

Note that --import is not yet able to handle this new mode.  Although
old version of GnuPG will bail out with "invalid packet" if a mode1003
exported secret key is seen.
2022-12-02 10:09:58 +01:00
Werner Koch
1d88e14de7
gpg: Remove a mostly duplicated function.
* g10/export.c (receive_seckey_from_agent): Add arg r_key.
(do_export_one_keyblock): Pass NULL for new arg.
(receive_raw_seckey_from_agent): Remove.
(export_secret_ssh_key): Use receive_seckey_from_agent.
* g10/keygen.c (card_store_key_with_backup): Pass NULL for new arg.
2022-12-02 10:09:58 +01:00
NIIBE Yutaka
f182c284fb
tests: Support semihosted environment.
* Makefile.am (check-all): Add EXEEXT.
* agent/all-tests.scm: Append EXEEXT.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 13:59:06 +09:00
Werner Koch
c985b52e71
gpg: New export-filter export-revocs
* g10/options.h (EXPORT_REVOCS): New.
* g10/export.c (export_select_filter): New.
(struct export_filter_attic_s): Add field.
(cleanup_export_globals): Cleanup.
(parse_export_options): Add option "export-revocs".
(parse_and_set_export_filter): Parse the select type.
(do_export_revocs): New.
(do_export_stream): Add a way to select things for export.
2022-11-28 12:44:02 +01:00
NIIBE Yutaka
a4698d0fb2
gpg: Fix double-free in gpg --card-edit.
* g10/card-util.c (change_name): Don't free ISONAME here.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-28 16:59:21 +09:00
Werner Koch
2aacd843ad
gpg: Make --require-compliance work with out --status-fd
* g10/mainproc.c (proc_encrypted): Set complaince_de_vs also if
require-compliance is set.
--

Without this fix require-compliance would fail if no --status-fd was
used.
2022-11-28 08:21:59 +01:00
Werner Koch
1324dc3490
gpg: New option --list-filter
* g10/gpg.c (oListFilter): New.
(opts): Add --list-filter.
(main): Parse oListFilter.
* g10/keylist.c: Include init.h and recsel.h.
(struct list_filter_s, list_filter): New.
(release_list_filter): New.
(cleanup_keylist_globals): New.
(parse_and_set_list_filter): New.
(list_keyblock): Implement --list-filter type "select".

* g10/import.c (impex_filter_getval): Add scope support and new
property names "key-size", "algostr", "origin", "lastupd", and "url".
--

This option is pretty useful to select keys based on their properties.
The scope thing can be sued to limit a selection to just the primary
key or to subkeys.  For example:

  gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519'

Lists all non-revoked keys with an ed25519 (signing)-subkey.
2022-11-25 16:04:54 +01:00
Werner Koch
976e9d6083
gpg: Fix verification of cleartext signatures with overlong lines.
* g10/armor.c (fake_packet): Indicate truncated lines by inserting a
formfeed.
(armor_filter): Replace assert by log_assert.
--

Reported-by: Demi Marie Obenour
GnuPG-bug-id: T6272
2022-11-10 14:55:38 +01:00
NIIBE Yutaka
8afa9735a6
gpg: Move w32_system function.
* g10/exec.h (w32_system): Not exposed.
* g10/exec.c (w32_system): Move to ...
* g10/photoid.c: here.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-09 10:37:58 +09:00
Werner Koch
d40d23b233
gpg: New option --quick-update-pref.
* g10/gpg.c (aQuickUpdatePref): New.
(opts): Add --quick-update-pref.
(main): Implement.
* g10/keyedit.c (keyedit_quick_update_pref): New.
(menu_set_preferences): Add arg 'unattended' and adjust caller.
--

This new quick command is in particular useful to update existing keys
so that they can be used with OCB mode.
2022-11-04 15:26:15 +01:00
Werner Koch
811cfa34cb
gpg: New list-options show-pref and show-pref-verbose.
* g10/options.h (LIST_SHOW_PREF): New.
(LIST_SHOW_PREF_VERBOSE): New.
* g10/gpg.c (parse_list_options): Add new options.
* g10/keyedit.c (show_prefs): Factor code out to ...
* g10/keylist.c (show_preferences): new.
(list_keyblock_print): Call show_preferences.
2022-11-04 12:44:09 +01:00
Werner Koch
82c4f26b67
gpg: Make --list-packets work w/o --no-armor for plain OCB packets.
* g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD.
--

With this fix it is now possible to feed a vanilla packet of type 20
without first forcing gpg to assume binary mode.
2022-11-02 17:10:59 +01:00
Werner Koch
4583f4fe2e
gpg: Merge --rfc4880bis features into --gnupg
* g10/gpg.c (oRFC4880bis): Remove.
(opts): Make --rfc4880bis a Noop.
(compliance_options): Make rfc4880bis to gnupg.
(set_compliance_option): Remove rfc4880bis stuff.
(main): Ditto.  Note that this now activates the --mimemode option.
* g10/keygen.c (keygen_set_std_prefs): Remove rfc4880bis protection.
(keygen_upd_std_prefs): Always announce support for v5 keys.
(read_parameter_file): Activate the v4 and v5 keywords.
--
2022-10-31 16:14:18 +01:00
Werner Koch
5a2cef801d
gpg: Allow only OCB for AEAD encryption.
* g10/gpg.c (opts): New option--force-ocb as alias for force-aead.
Turn --aead-algo and --personal-aead-preferences into dummy options.
(build_list_md_test_algo, build_list_aead_algo_name): Remove.
(my_strusage): Remove output of AEAD algos.
(main): Remove code from the --aead options.
* g10/encrypt.c (encrypt_seskey): Make file local.
(use_aead): Remove requirement for rfc4880bis.  Always return
AEAD_ALGO_OCB.
* g10/main.h (DEFAULT_AEAD_ALGO): Removed unused macro.
* g10/misc.c (default_aead_algo): Remove.
* g10/pkclist.c (select_aead_from_pklist): Return AEAD_ALGO_OCB or 0.
(select_algo_from_prefs): Remove personal AEAD algo setting.
* g10/keygen.c (keygen_set_std_prefs): Remove AEAD preference option
parsing.
* g10/options.h (opt): Remove def_aead_algo and personal_aead_prefs.
--

Due to the meanwhile expired patent on OCB there is no more reason for
using EAX.  Thus we forcefully use OCB if the AEAD feature flag is set
on a key.
2022-10-31 15:51:21 +01:00
Werner Koch
03f04dfb9a
gpg: New option --compatibility-flags
* g10/gpg.c (oCompatibilityFlags): New.
(opts): Add option.
(compatibility_flags): New list.
(main): Set flags and print help.
* g10/options.h (opt): Add field compatibility_flags.
--

No flags are yet defined but it is good to have the framework.
2022-10-31 15:01:24 +01:00
Werner Koch
0ef54e644f
gpg: Fix trusted introducer for user-ids with only the mbox.
* g10/trustdb.c (check_regexp): Kludge to match user-ids with only an
mbox.
--
(Also re-indented the function)
GnuPG-bug-id: 6238
2022-10-28 11:20:04 +02:00
Werner Koch
7aaedfb107
gpg: Import stray revocation certificates.
* g10/kbnode.c (new_kbnode2): New.
* g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store
misplaced revocations.
(import_revoke_cert): Allow to pass an entire list.
(import_one): Import revocations found by delete_inv_parts.
--

It might be useful to distribute revocations of old keys along with
new keys.  This is in particicualrr useful for WKD stored keys.  This
patch allows to put unrelated standalone revocations into a key.  For
example they can simply appended to a keyblock.  Right now it is a bit
inaesthetic to see diagnostics about misplaced or bad revocation
signatures.
2022-10-28 09:30:49 +02:00
NIIBE Yutaka
0f13ccd0e0
gpg: Move NETLIBS after GPG_ERROR_LIBS.
* g10/Makefile.am (LDADD): Remove NETLIBS.
(gpg_LDADD, gpgv_LDADD): Add NETLIBS after GPG_ERROR_LIBS.
((t_keydb_LDADD, t_keydb_get_keyblock_LDADD): Likewise.
(t_stutter_LDADD): Likewise.

--

Forward port 2.2 commit of:
	b26bb03ed9

GnuPG-bug-id: 6244
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-18 10:28:42 +09:00
NIIBE Yutaka
cf2d52cfc3
gpg: Use GCRY_KDF_ONESTEP_KDF with newer libgcrypt in future.
* g10/ecdh.c (derive_kek): Use GCRY_KDF_ONESTEP_KDF.

--

This change is not yet enabled.  We will be able to use the code when
we update NEED_LIBGCRYPT_VERSION to 1.11.0.  Before the update, gpg
compiled with libgcrypt 1.11.0 can't work with older libgcrypt
runtime.

GnuPG-bug-id: 5964
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-14 14:49:37 +09:00
NIIBE Yutaka
d68a803c47
gpg: Fix wrong use of FD2INT with iobuf_fdopen_nc.
* g10/decrypt.c (decrypt_message_fd): Use INPUT_FD directly.
* g10/encrypt.c (encrypt_crypt): Use FILEFD directly.

--

Before 8402815d, original code was with iobuf_open_fd_or_name, which
used gnupg_fd_t for the file descriptor (FD2INT was relevant at that
time).  After the change, because it's not gnupg_fd_t but int, use of
FD2INT is irrelevant.

Fixes-commit: 8402815d8e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-07 11:16:55 +09:00
Werner Koch
3390951ffd
gpg: Show just keyserver and port with --send-keys.
* g10/call-dirmngr.c (ks_status_cb): Mangle the keyserver url
2022-09-30 16:40:31 +02:00
Werner Koch
2e22184ba5
gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant.
* g10/encrypt.c (check_encryption_compliance): Check gcrypt compliance
before emitting an ENCRYPTION_COMPLIANCE_MODE status.
--

GnuPG-bug-id: 6221
Ported-from: 07c6743148
2022-09-29 15:16:35 +02:00
Werner Koch
46f9b0071f
gpg: Fix assertion failure due to errors in encrypt_filter.
* common/iobuf.c (iobuf_copy): Use log_assert.  Explicitly cast error
return value.
* g10/build-packet.c (do_plaintext): Check for iobuf_copy error.

* g10/encrypt.c (encrypt_filter): Immediately set header_okay.
--

The second fix avoids repeated error message about non-compliant keys.

Updates-commit: a51067a21f
Ported-from: aa0c942521
GnuPG-bug-id: 6174
2022-09-29 15:09:56 +02:00
Werner Koch
a51067a21f
gpg: Make --require-compliance work for -se
* g10/encrypt.c (encrypt_crypt, encrypt_filter): Factor common code
out to ...
(create_dek_with_warnings): new
(check_encryption_compliance): and new.

* g10/encrypt.c (encrypt_filter): Add the compliance check.
--

GnuPG-bug-id: 6174
Ported-from: f88cb12f8e
2022-09-29 15:03:26 +02:00
Werner Koch
1b0c17dfab
gpg: Silence some diagnostics.
* g10/parse-packet.c (enum_sig_subpkt): Show "buffer shorter than
subpacket" only in debug mode.
(parse_signature): Show "signature packet without timestamp / keyid"
only in souble verbose mode.

* g10/sig-check.c (check_signature_metadata_validity): Use ISO
timestamp in UTC for the signature expired note.
--

I have seen to many of these diagnostics and in particular the first
one seems to be a connected to the others.  Thus it does not make
sense to show them in standard verbose mode.

The ISO timestamp is much easier to read than than the localized
timestamp and switching from localtime to UTC should not harm.
2022-09-28 11:14:26 +02:00
Werner Koch
1b2ac21c4c
gpg: Don't consider unknown keys as non-compliant while decrypting.
* g10/mainproc.c (proc_encrypted):  Change compliance logic.
--

For the description of the proplem see
  https://dev.gnupg.org/T6205#163306

GnuPG-bug-id: 6205
2022-09-26 14:40:34 +02:00
NIIBE Yutaka
d5e29991c0
dirmngr:dns,doc,gpg: Fix for noreturn for C11.
* dirmngr/dns.c: Use __noreturn__.
* doc/yat2m.c: Likewise.
* g10/main.h: Likewise.

--

GnuPG-bug-id: 4002
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-16 14:33:50 +09:00
NIIBE Yutaka
3d7dbf1661
agent,dirmngr,gpg,scd: Clean up for modern compiler.
* agent/protect.c (agent_get_shadow_info_type): It's a write only
variable, useful for debugging.
* g10/key-check.c (key_check_all_keysigs): Likewise.
* g10/keyedit.c (show_basic_key_info, menu_expire): Likewise.
* scd/app-sc-hsm.c (read_ef_prkd): Likewise.
* dirmngr/crlfetch.c (fetch_next_ksba_cert): Initialize the vars.
* dirmngr/ks-action.c (ks_action_help): Remove unused variables.
* dirmngr/server.c (make_keyserver_item): Likewise.
* dirmngr/validate.c (check_cert_sig): Initialize the variable.
* scd/app-p15.c (select_and_read_record): Likewise.
* tests/gpgscm/scheme.c (scheme_init_new): A function with no args.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-14 12:08:58 +09:00
NIIBE Yutaka
87d4338ed1
gpg,common,scd,sm: Function prototype fixes for modern compiler.
* common/gettime.c (gnupg_get_time): It has no arguments.
* common/signal.c (gnupg_block_all_signals): Likewise.
(gnupg_unblock_all_signals): Likewise.
* common/utf8conv.c (get_native_charset): Likewise.
* g10/cpr.c (is_status_enabled, cpr_enabled): Likewise.
* g10/getkey.c (getkey_disable_caches): Likewise.
* g10/keygen.c (ask_expiredate): Likewise.
* g10/passphrase.c (have_static_passphrase): Likewise.
(get_last_passphrase): Likewise.
* g10/tdbio.c (tdbio_is_dirty, tdbio_sync): Likewise.
(tdbio_get_dbname, open_db, tdbio_db_matches_options): Likewise.
(tdbio_read_nextcheck): Likewise.
* g10/trustdb.c (how_to_fix_the_trustdb): Likewise.
* scd/scdaemon.c (scd_get_socket_name): Likewise.
* sm/passphrase.c (have_static_passphrase): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-13 16:34:00 +09:00
Werner Koch
0988e49c45
gpg: Support key flags for RENC, TIME, and GROUP.
* g10/packet.h (PUBKEY_USAGE_RENC): New.
(PUBKEY_USAGE_TIME): New.
(PUBKEY_USAGE_GROUP): New.
* g10/getkey.c (parse_key_usage): Set the new key flags.
* g10/keyedit.c (show_key_with_all_names_colon): Show the new key
flags.
* g10/keyid.c (usagestr_from_pk): Ditto
* g10/keylist.c (print_capabilities): Ditto.
* g10/keygen.c (parse_usagestr): Parse line and set new flags.
(quickgen_set_para): Show flags.
--

See draft-koch-openpgp-2015-rfc4880bis-00 for the current version.
Actually these flags have been in the draft for years now.  This patch
is a first step to make use of them.
2022-09-07 11:54:23 +02:00
Werner Koch
203dcc19eb
common: New common option no-autostart.
* common/comopt.c (opts): Add "no-autostart".
(parse_comopt): Set it.
* common/comopt.h (comopt): Add no_autostart.

* g10/gpg.c (main): Take care of the new option.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (INCLUDED_BY_MAIN_MODULE): Add.
(main): Parse common options and handle new option.
* tools/gpg-card.c (main): Ditto.
(cmd_yubikey): Fix minor error reporting issue.

* common/util.h (GNUPG_MODULE_NAME_CARD): New const.
* common/homedir.c (gnupg_module_name): Support it.
--

Having a global option makes it easier to use disable autostart on a
server which is required to use a remote gpg-agent reliable.
2022-08-22 12:05:02 +02:00
Werner Koch
287597cb22
gpg: Fix --card-status to handle lowercase APPTYPEs
* g10/card-util.c (current_card_status): Use ascii_strcasecmp.
2022-08-16 12:34:00 +02:00
Werner Koch
1908fa8b83
gpg: Improve --edit-key setpref.
* g10/keygen.c (keygen_set_std_prefs): Allow extra spaces before
preference elements.  Detect the bracketed versions of the strings.
Ignore "aead".
--

This allows to c+p the list shown by pref with out remove the
brackets.
2022-08-12 11:46:30 +02:00
Ingo Klöcker
2cbb5760d7 gpg: Emit an ERROR status if --quick-set-primary-uid fails
* g10/keyedit.c (keyedit_quick_set_primary): Issue a status error.
--

This allows GpgME to detect and report a failure if setting the primary
user ID of a key failed.

GnuPG-bug-id: 6126
2022-08-09 12:02:28 +02:00
Ingo Klöcker
82c53efd63 gpg: Look up user ID to mark as primary by UID hash
* g10/keyedit.c (find_userid_by_namehash, find_userid): Add argument
want_valid. Skip invalid user IDs if valid is wanted.
(keyedit_quick_revuid): Ask find_userid() for any matching user ID.
(keyedit_quick_set_primary): Use find_userid() to find the user ID to
mark as primary.
* tests/openpgp/quick-key-manipulation.scm: Change second call of the
quick-set-primary-uid test to specify the user ID by its hash.
--

This makes it possible to specify the user ID to mark as primary via its
UID hash when calling --quick-set-primary-uid.

GnuPG-bug-id: 6126
2022-08-08 12:31:15 +02:00
Werner Koch
189102ac17
gpg: Fix wrong error message for keytocard.
* g10/call-agent.c (agent_keytocard): Emit SC_OP_FAILURE.
--

GnuPG-bug-id: 6122
2022-08-04 12:41:33 +02:00
Werner Koch
e542c4af18
gpg: Make symmetric + pubkey encryption de-vs compliant.
* g10/mainproc.c (proc_encrypted): Make symmetric + pubkey encryption
de-vs compliant.

* g10/mainproc.c (struct symlist_item): New.
(struct mainproc_context): Add field symenc_list.
(release_list): Free that list.
(proc_symkey_enc): Record infos from symmetric session packet.
(proc_encrypted): Check symkey packet algos
--

The original check was too strong because it is in fact compliant to
encrypt with a symmetric key and and public key.  Thus decryption
should issue a compliance status.

In addition we now check that the cipher algorithms used to
symmetrically encrypt the session key are all compliant.  This is
similar to our check for all public key encrypted session key packets.

GnuPG-bug-id: 6119
Fixes-commit: b03fab09e1

Backported from 2.2

Signed-off-by: Werner Koch <wk@gnupg.org>
2022-08-02 18:41:23 +02:00
Werner Koch
eb675fbc4e
gpg: For de-vs use SHA-256 instead of SHA-1 as implicit preference.
* g10/pkclist.c (select_algo_from_prefs): Change implicit hash
algorithm.
--

GnuPG-bug-id: 6043
2022-07-28 10:41:02 +02:00
NIIBE Yutaka
424aa3543d gpg,build: Fix message for newer gettext.
* g10/keyserver.c (keyserver_refresh): Use ngettext.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-07-05 13:27:41 +09:00
Werner Koch
ae2f1f0785
agent: Do not consider --min-passphrase-len for the magic wand.
* agent/call-pinentry.c (generate_pin): Lock to exactly 30 octets.
* g10/gpg.c (main) <aGenRandom>: Add Level 30.
2022-06-27 18:06:40 +02:00
Werner Koch
34c649b360
g10: Fix garbled status messages in NOTATION_DATA
* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
--

Depending on the escaping and line wrapping the computed remaining
buffer length could be wrong.  Fixed by always using a break to
terminate the escape detection loop.  Might have happened for all
status lines which may wrap.

GnuPG-bug-id: T6027
2022-06-14 11:34:17 +02:00
Jakub Jelen
4dbef2addc keygen: Fix reading AEAD preference
* g10/keygen.c (keygen_set_std_prefs): Use the right variable when
  reading AEAD preference string
--

GnuPG-bug-id: 6019
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-06-14 15:37:15 +09:00
Werner Koch
d2d7a2b128
Remove remaining support for WindowsCE
--
2022-06-03 10:08:21 +02:00
Werner Koch
7aabd94b81
gpg: Setup the 'usage' filter property for export.
* g10/export.c (do_export_stream): Merge the key to get the properties
ready.
--

This makes

  gpg --export --export-filter 'drop-subkey=usage=~a'

(Export all subkeys but those with the auth usage)
work without using the workaound of adding
--export-options export-clean
2022-05-28 17:38:13 +02:00
Ingo Klöcker
35b1755070 gpg: Look up user ID to revoke by UID hash
* g10/keyedit.c (find_userid_by_namehash, find_userid): New.
(keyedit_quick_revuid): Use find_userid() instead of iterating over the
nodes of the keyblock.
* tests/openpgp/quick-key-manipulation.scm: Add test for revoking a
user ID specified by its hash.
--

This makes it possible to specify the user ID to revoke as UID hash when
calling --quick-revoke-uid.

GnuPG-bug-id: 5936
2022-04-26 11:48:47 +02:00
Werner Koch
f6caf5b173
gpg: Avoid NULL ptr access due to corrupted packets.
* g10/parse-packet.c (parse_signature): Do not create an opaque MPI
with NULL and length > 0
(parse_key): Ditto.
--

GnuPG-bug-id: 5940, 5946
2022-04-25 15:21:05 +02:00
Werner Koch
0f8623d518
gpg: Emit an ERROR status as hint for a bad passphrase.
* g10/mainproc.c (proc_symkey_enc): Issue new error code.
(proc_encrypted): Ditto.
--

This allows GPGME to return a better error message than "bad session
key" to the user.  Technically we could get run into these errors also
in other cases but this more unlikley.  For the command line use we
don't do anything to not change the expected output of the command
line interface.

GnuPG-bug-id: 5943
2022-04-25 11:24:14 +02:00