* g10/misc.c (map_pk_gcry_to_openpgp): Move to ...
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): here and rename.
Change all 4 callers.
(map_openpgp_pk_to_gcry): New.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/call-scd.c (handle_pincache_put): Do not decrypt.
(handle_pincache_get): New.
(inq_needpin): Call it.
* scd/command.c (set_key_for_pincache): New.
(pincache_put): Restructure and set key.
(pincache_get): Ditto.
--
This change does away with encrypting and decrypting the cached PIN in
the agent. There is no need for this we can simply cache the
cryptogram and let scdaemon decrypt after retrieving it from the
agent. This way we do not need to share a key between gpg-agent and
scdaemon and further the cached content is invalid after the scdaemon
process has been replaced.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h (UBID_LEN): New. Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.
* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.
* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new. Change all callers.
* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the
ubid. Take care of the mode.
--
It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob. In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash. Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference. Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/convert.c (hex2fixedbuf): New.
--
This function is useful for converting hex strings received via assuan
if they have a known length. For example keygrips or the new UBID.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
Resolved Conflicts:
* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/Makefile.am: Add nPth flags.
* g10/gpg.c: Include npth.h.
(gpg_deinit_default_ctrl): Deinit call-keyboxd local data.
(main): Init nPth.
* g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and
remove the search result and the assuan context.
* g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields.
(lock_datastream, unlock_datastream): New.
(gpg_keyboxd_deinit_session_data): Adjust for changed data structures.
(prepare_data_pipe): New.
(open_context): Return kbl instead of an Assuan context. Init mutexes
etc.
(close_context): Merge into ...
(keydb_release): here. Adjust for changed data structures.
(datastream_thread): New.
(keydb_get_keyblock): Implement datastream stuff.
(keydb_search): Ditto.
* common/asshelp.c (wait_for_sock): Add arg connect_flags.
(start_new_service): Set FDPASSING flag for the keyboxd.
--
This code as a lot of rough edges, in particular it relies on a well
behaving keyboxd. We need to add code to shutdown the datastream
reader thread in case of errors and to properly get it up again. We
also need to make really sure that both threads run in lockstep so
that the datastream thread is only active while we are sending a
command to the keyboxd.
We should also see whether we can depend nPth initialization on the
--use-keyboxd option to avoid any problems with nPth.
And we need to test on Windows.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (SIGSUBPKT_ATTST_SIGS): New.
* g10/keydb.h (IS_ATTST_SIGS): New.
(IS_CERT): Include the new one.
* g10/sign.c (mk_notation_policy_etc): Do not put notations into
attestation key signatures.
* g10/parse-packet.c (dump_sig_subpkt): Add new arg digest_algo.
Print the attestation sigs.
(parse_one_sig_subpkt): Support SIGSUBPKT_ATTST_SIGS.
(can_handle_critical): Ditto.
(enum_sig_subpkt): Pass digest algo to dump_sig_subpkt.
--
This change allows to list the new subpacket with --list-packets.
Example output:
:signature packet: algo 22, keyid C694723A1370EAB1
version 4, created 1567097576, md5len 0, sigclass 0x16
digest algo 8, begin of digest ff 0c
hashed subpkt 2 len 4 (sig created 2019-08-29)
hashed subpkt 37 len 32 (attst-sigs: 1
A794C6E9CCFE2F34C67E07[...])
hashed subpkt 33 len 21 (issuer fpr v4 156A3872[...])
subpkt 16 len 8 (issuer key ID C694723A1370EAB1)
data: [256 bits]
data: [256 bits]
GnuPG-bug-id: 4694
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: New option --keyboxd-pgm.
(KEYBOXD_NAME, KEYBOXD_DISP_NAME): New ac_defines.
* common/util.h: Add substitutes for new error codes.
(GNUPG_MODULE_NAME_KEYBOXD): New.
* common/homedir.c (gnupg_module_name): Support
GNUPG_MODULE_NAME_KEYBOXD.
* common/asshelp.c (SECS_TO_WAIT_FOR_KEYBOXD): New.
(wait_for_sock): Support keyboxd.
(start_new_service): Ditto.
(start_new_keyboxd): New.
* tools/gpg-connect-agent.c: New options --keyboxd and
--keyboxd-program.
(start_agent): Implement new option.
--
This change allows us to test the new keyboxd using our standard
helper. It also provides the necessary code to start keyboxd on the
fly.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (gpg_agent_socket_name): New.
* common/asshelp.c (start_new_service): New. Based on
start_new_gpg_agent.
(start_new_gpg_agent): Divert to start_new_service.
(start_new_dirmngr): Ditto.
--
This prepares for adding yet another service starting function.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp2.c (status_printf): Rename to status_no_printf.
(status_printf): New.
--
Using the the status identifier from status.h is a good idea for the
external API but for some inter-component status line a keyword is a
better way.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/userids.c (classify_user_id): Do not set the EXACT flag in
the default case.
* g10/export.c (exact_subkey_match_p): Make static,
* g10/delkey.c (do_delete_key): Implement subkey only deleting.
--
GnuPG-bug-id: 4457
* common/name-value.c (nvc_write): Take care of Key. Factor some code
out to ...
(write_one_entry): new.
--
The key item is in general not manual editable thus we put it at the
end of a file.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-w32.c (gnupg_spawn_process_detached): Add
CREATE_BREAKAWAY_FROM_JOB creation flag if required.
--
When the gpg process is assigned to a W32 "Job" the
child processes are killed once the Job is finished.
As we want our detached processes to linger e.g.
gpg-agent the breakaway flag is required in
that case.
GnuPG-Bug-Id: T4333
Thanks to Jan Echternach for reporting this and providing
a patch.
Signed-off-by: Andre Heinecke <aheinecke@gnupg.org>
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16)
(KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove. Switch
all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value.
--
These search modes were added over time and there has until recently
be no incentive to remove the cruft. With the change for v5 keys I
finally went over all places and allowed the generic fingerprint mode
along with a given length of the fingerprint at all places.
Consequently the other modes can now be removed.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/userids.c (classify_user_id): Support 32 byte fingerprints.
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR32): New.
(struct keydb_search_desc): Add field fprlen.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field
version and increase size of fpr to 32.
* kbx/keybox-blob.c: Define new version 2 for PGP and X509 blobs.
(struct keyboxblob_key): Add field fprlen and increase size of fpr.
(pgp_create_key_part_single): Allow larger fingerprints.
(create_blob_header): Implement blob version 2 and add arg want_fpr32.
(_keybox_create_openpgp_blob): Detect the need for blob version 2.
* kbx/keybox-search.c (blob_get_first_keyid): Support 32 byte
fingerprints.
(blob_cmp_fpr): Ditto.
(blob_cmp_fpr_part): Ditto.
(has_fingerprint): Add arg fprlen and pass on.
(keybox_search): Support KEYDB_SEARCH_MODE_FPR32 and adjust for
changed has_fingerprint.
* kbx/keybox-openpgp.c (parse_key): Support version 5 keys.
* kbx/keybox-dump.c (_keybox_dump_blob): Support blob version 2.
* g10/delkey.c (do_delete_key): Support KEYDB_SEARCH_MODE_FPR32.
* g10/export.c (exact_subkey_match_p): Ditto.
* g10/gpg.c (main): Ditto.
* g10/getkey.c (get_pubkey_byfprint): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
* g10/keydb.c (keydb_search_desc_dump): Support
KEYDB_SEARCH_MODE_FPR32 and adjust for changed KEYDB_SEARCH_MODE_FPR.
(keydb_search): Add new arg fprlen and change all callers.
* g10/keyedit.c (find_by_primary_fpr): Ditto.
* g10/keyid.c (keystr_from_desc): Ditto.
* g10/keyring.c (keyring_search): Ditto.
* g10/keyserver.c (print_keyrec): Ditto.
(parse_keyrec): Ditto.
(keyserver_export): Ditto.
(keyserver_retrieval_screener): Ditto.
(keyserver_import): Ditto.
(keyserver_import_fprint): Ditto.
(keyidlist): Ditto.
(keyserver_get_chunk): Ditto.
* g10/keydb.c (keydb_search): Add new arg fprlen and change all
callers.
* sm/keydb.c (keydb_search_fpr): Adjust for changed
KEYDB_SEARCH_MODE_FPR.
--
This prepares the support for OpenPGP v5 keys. The new version 2 blob
format is needed for the longer fingerprints and we also use this
opportunity to prepare for storing the keygrip in the blob for faster
lookup by keygrip. Right now this is not yet functional.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/ttyio.c (do_get): Re-indent and remove the checking for char
values larger than 0xa0. Use explicy control character checking.
--
The code is really old (mid 1998) and with the checking for 0xa0 it
has an implicit assumption of utf-8 or latin-1. Worse, the check was
for c > 0xa0 and not c == 0xa0 so it never worked as intended.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-misc.c (pubkey_algo_string): Move to ...
* common/sexputil.c (pubkey_algo_string): here.
--
The new gpg format for public key algorithms is useful at other places
as well. Thus we make this new function available. Note that the
code we use in gpg is not based on s-expressions and thus a new
function was required.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.c (read_and_log_buffer_t): Take care of a --quiet
argument.
(gnupg_exec_tool_stream): Ditto.
--
If we pass --quiet to a program it should really shutup and the parent
should be quite as well.
* common/miscellaneous.c (decode_c_string): New.
--
This is basically a copy from the code we use in gpgme and gpa.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgp-oid.c (openpgp_oidbuf_to_str): Factor most code out
to ...
(openpgp_oidbuf_to_str): new.
(openpgp_oidbuf_is_ed25519): New.
(openpgp_oidbuf_is_cv25519): New.
--
At some places it is more convenient (and faster) to directly work on
buffers and avoid the way via opaque MPIs. These 3 new functions
allow for that.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/passphrase.c (encode_s2k_iterations): Move function to ...
* common/openpgp-s2k.c: new file. Remove default intialization code.
* common/openpgpdefs.h (S2K_DECODE_COUNT): New to keep only one copy.
* g10/call-agent.c (agent_get_s2k_count): Change to return the count
and print an error.
* agent/protect.c: Include openpgpdefs.h
* g10/card-util.c (gen_kdf_data): Adjust for changes
* g10/gpgcompose.c: Include call-agent.h.
(sk_esk): Adjust for changes.
* g10/passphrase (passphrase_to_dek): Adjust for changes.
* g10/main.h (S2K_DECODE_COUNT): Remove macro.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/percent.c (percent_data_escape): Add new args prefix and
plus_escape.
* agent/command.c (cmd_put_secret): Adjust for changed function
* common/t-percent.c (test_percent_data_escape): Extend test for the
prefix.
(test_percent_data_escape_plus): new test for the plus escaping.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.c (gnupg_set_status_fd): New.
(gnupg_status_printf): New.
* po/Makevars (XGETTEXT_OPTIONS): Add gnupg-status_printf.
--
Some of the extra tools take a --status-fd option to print certain
status messages. A generic printf style print function thus makes
sense.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/iobuf.c (iobuf_copy): Wipe used area of buffer instead of
first sizeof(char*) bytes.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero'.
--
In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.
If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement. Change all callers to pass false for it.
* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--
Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it. After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.
To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command
t-mbox-util --verbose --filter
can be used; to output w/o sub-addresses add --no-sub.
GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/iobuf.c (iobuf_read_line): Add fast path for finding '\n'
character in buffer.
--
This patch reduce per byte overhead in iobuf_read_line by avoiding
using iobuf_get when possible and use memchr to find '\n'. This
speeds armored decryption.
Benchmark results below, tested on Intel Core i7-4790K (turbo off).
Encrypted 2 GiB through pipe to ramfs file using AES128. Decrypt
ramfs file out through pipe to /dev/null.
before patch-set
----------------
gpg process
armor: user time pipe transfer rate
encrypt-aead: 13.8 140 MB/s
decrypt-aead: 30.6 68 MB/s
encrypt-cfb: 17.4 114 MB/s
decrypt-cfb: 32.6 64 MB/s
after (decrypt+iobuf opt)
-------------------------
gpg process
armor: user time pipe transfer rate
decrypt-aead: 22.5 92 MB/s
decrypt-cfb: 24.4 85 MB/s
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
* common/sysutils.c (gnupg_reopen_std): Use fcntl instead of fstat.
--
When gpg was invoked by a Perl web application on FreeBSD, fstat in
gnupg_reopen_std failed with EBADF. Using fcntl, which is considered
lighter than fstat, it works fine. Since uur purpose is to check if
file descriptor is valid or not, lighter operation is better.
Reported-by: Marcin Gryszkalis <mg@fork.pl>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/iobuf.c (block_filter): Use iobuf_get_noeof.
--
When singed integer has negative value, left shift computation is
undefined in C.
GnuPG-bug-id: 4093
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/asshelp2.c (set_assuan_context_func): New.
(status_printf): New.
* po/Makevars (XGETTEXT_OPTIONS): Add status_printf
--
This is a first patch to unify the status printing functions.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (AC_CHECK_FUNCS): Fold most calls into one.
--
A few functions were tested two times which slightly increases the size
of the configure script. Also put the functions in sorted order into
the macro.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c: Make --pgp6 an alias for --pgp7.
* common/compliance.h (gnupg_compliance_mode): Remove CO_PGP6.
* g10/options.h (PGP6): Remove. Adjust all users.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/miscellaneous.c (is_file_compressed): Don't cache the file.
--
This seems to be a pretty old bug. The fix is easy and also reveals
that -z0 can be used as a workaround.
GnuPG-bug-id: 3951
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-w32.c (gnupg_spawn_process): Use SW_HIDE
instead of SW_MINIMIZE.
--
Spawning minimized shows icons in the task bar so users
see that background processes are started, which is unusual.
I'm pretty sure that the intention of the code was to hide
the window if not in spawn debug mode. This is also what
GPGME does.
This fixes dirmngr_ldap process windows and other
spurious reports about e.g. a gpgv console window from
loadswdb.
GnuPG-Bug-Id: T3937
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* common/homedir.c (copy_dir_with_fixup): New.
(default_homedir): Use here.
(gnupg_set_homedir): And here .
--
This actually fixes a couple of cases for Windows. Both --home-dir
and GNUPGHOME. The interpretation of "c:" -> "c:/" might not be the
correct one but because we need an absolute dir anyway it is the less
surprising one. Note that this does not include a full syntax check
and fixup and thus it is very well possible that the result is not an
absolute directory.
GnuPG-bug-id: 3720
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/shareddefs.h (request_origin_t): New.
* common/agent-opt.c (parse_request_origin): New.
(str_request_origin): New.
* agent/command.c (option_handler): Implement new option.
--
This allows to pretend that a request originated from the extra or
browser socket.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/argparse.c, common/argparse.h: Change license
--
On 2011-09-30 the license of these two files were changed from
LGPLv2.1 to LGPLv3+/GPLv2+. This was part of a general change from
files with either GPLv3+ or LGPv2.1+ to this combination so to allow
the use of these files with GPLv2only code.
Since then the code was only modified by employees of g10 Code GmbH
under my direction and myself. The following changes
commit 7249ab0f95d1f6cb8ee61eefedc79801bb56398f
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
AuthorDate: Tue Jan 10 15:59:36 2017 -0500
commit eed16ccebf8fd1fdf9709affbd5c831f6957b8ae
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
AuthorDate: Fri Nov 21 17:04:42 2014 -0500
and a few typo fixes are minor and thus not copyright-able.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp2.c (vprint_assuan_status_strings): New.
(print_assuan_status_strings): New.
* agent/command.c (agent_write_status): Replace by call to new
function.
* dirmngr/server.c (dirmngr_status): Ditto.
* g13/server.c (g13_status): Ditto.
* g13/sh-cmd.c (g13_status): Ditto.
* sm/server.c (gpgsm_status2): Ditto.
* scd/command.c (send_status_info): Bump up N.
--
This fixes a potential overflow if LFs are passed to the status
string functions. This is actually not the case and would be wrong
because neither the truncating in libassuan or our escaping is not the
Right Thing. In any case the functions need to be more robust and
comply to the promised interface. Thus the code has been factored out
to a helper function and N has been bumped up correctly and checked in
all cases.
For some uses this changes the behaviour in the error case (i.e. CR or
LF passed): It will now always be C-escaped and not passed to
libassuan which would truncate the line at the first LF.
Reported-by: private_pers
* g10/gpg.c (opts): Add new option.
(opt_set_iobuf_size): New var.
(set_debug): Set the option.
* tests/openpgp/armor.scm: Use this option to revert the buffer size
to the one which used to exhibit the tested bugs.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/iobuf.c (IOBUF_BUFFER_SIZE): Rename to
DEFAULT_IOBUF_BUFFER_SIZE and increase to 64k.
(iobuf_buffer_size): New var. Always use this instead of the macro.
(iobuf_set_buffer_size): New.
(struct file_filter_ctx_t): Add field delayed_rc.
(file_filter) [!W32]: Try to fill the supplied buffer.
--
I did some test to see whether this has an effect. A test program
piped 100 million random bytes to gpg to symmetric encryption only w/0
compression. Single read means the old behaviour, multi read the new
behaviour which fills up the buffer when the read(2) returned only 4k
in once call.
8k buffer single read
User time (seconds): 0.09
System time (seconds): 0.04
Percent of CPU this job got: 6%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.04
8k buffer multi read
User time (seconds): 0.08
System time (seconds): 0.05
Percent of CPU this job got: 6%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.04
64k buffer single read
User time (seconds): 0.09
System time (seconds): 0.06
Percent of CPU this job got: 6%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.20
64k buffer multi read
User time (seconds): 0.11
System time (seconds): 0.06
Percent of CPU this job got: 8%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.01
128k buffer single read
User time (seconds): 0.09
System time (seconds): 0.05
Percent of CPU this job got: 7%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.05
128k buffer multi read
User time (seconds): 0.11
System time (seconds): 0.05
Percent of CPU this job got: 8%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.01
512k buffer single read:
User time (seconds): 0.08
System time (seconds): 0.08
Percent of CPU this job got: 7%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.21
512k buffer multi read:
User time (seconds): 0.10
System time (seconds): 0.06
Percent of CPU this job got: 7%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:02.05
Does not make much of a difference :-(. Maybe it changes depending on
the type of used filters.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const.
* g10/dek.h (DEK): Increase size of use_aead to 4 bits.
* g10/filter.h (cipher_filter_context_t): Add new fields for AEAD.
* g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and
chunkbyte.
* g10/build-packet.c (do_encrypted_aead): New.
(build_packet): Call it.
* g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD.
(parse_one_sig_subpkt, can_handle_critical): Ditto.
(parse_encrypted): Clear new PKT_ENCRYPTED fields.
(parse_encrypted_aead): New.
(parse): Call it.
* g10/gpg.c (main): Take care of --rfc4880bis option when checking
compliance.
* g10/cipher-aead.c: Replace the stub by real code.
* g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with
AEAD.
(aead_set_nonce): New.
(aead_set_ad): New.
(decrypt_data): Support AEAD.
(aead_underflow): New.
(aead_decode_filter): New.
* g10/encrypt.c (use_aead): Make that new fucntion work.
(encrypt_simple): Use default_aead_algo() instead of EAX.
* g10/mainproc.c (proc_encrypted): Support AEAD.
(do_proc_packets): Support PKT_ENCRYPTED_AEAD.
--
This code has seen only a very few manual tests. Encrypting always
uses a 64k chunks and decryption has not been tested with larger
chunks. Those small chunks make debugging much faster.
Tests can be done using:
gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \
--force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \
-v -z 0 --status-fd 2 -c <INFILE >OUTFILE
and
gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \
--status-fd 2 -v -d <INFILE >OUTFILE
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-util.c (keybox_set_malloc_hooks): Remove.
(_keybox_malloc, _keybox_calloc, keybox_realloc)
(_keybox_free): Remove.
(keybox_file_rename): Remove. Was not used.
* sm/gpgsm.c (main): Remove call to keybox_set_malloc_hooks.
* kbx/kbxutil.c (main): Ditto.
* kbx/keybox-defs.h: Remove all separate includes. Include util.h.
remove convenience macros.
* common/logging.h (return_if_fail): New. Originally from
keybox-defs.h but now using log_debug.
(return_null_if_fail): Ditto.
(return_val_if_fail): Ditto.
(never_reached): Ditto.
--
Originally the KBX code was written to allow standalone use. However
this required lot of ugliness like separate memory allocators and
such. It also precludes the use of some standard functions from
common due to their use of the common gnupg malloc functions.
Dropping all that makes things easier. Minor disadvantages: the kbx
call done for gpg will now use gcry malloc fucntions and not the
standard malloc functions. This might be a bit slower but removing
them even fixes a possible bug in keybox_tmp_names which is used in
gpg and uses gpg's xfree which is actually gcry_free.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (_gnupg_socketdir_internal): Enlarge PREFIX by 6
bytes for "/gnupg".
--
The temporary buffer was to short for the extra "/gnupg". However the
20 bytes for the UID is large enough for all 32 bit UIDs and would
only fail (detected) if a 64 bit UID is used.
Fixes-commit: 17efcd2a2acdc3b7f00711272aa51e5be2476921
Reported-by: Rainer Perske.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: (USE_RUN_GNUPG_USER_SOCKET): New ac_define.
* common/homedir.c (_gnupg_socketdir_internal): Add extra directories.
--
This allows to build GnuPG with an extra socketdir below /run. See
https://lists.gnupg.org/pipermail/gnupg-devel/2017-November/033250.html
for a longer explanation why this is sometimes useful.
Suggested-by: Rainer Perske
Signed-off-by: Werner Koch <wk@gnupg.org>
---
This reverts commit 2fedf8583bcc493f587c90bc9632d25dfd10bd10.
We better solve this on the libgpg-error side.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.h [GPGRT_LOG_WITH_PREFIX]: Do not define the log
constants.
--
logging.h uses constants we plan to use for future versions of
libgpg-error. My dev version already has the logging functions and
thus I run into a conflict. This patch protects against this and make
the GnuPG work with later libgpg-error versions.
It was not the best idea to use constants from a planned libgpg-error
in the first place. The actual problem are the enums, the macros
won't harm.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.c: Do not build any code if we can use the gpgrt_log
functions.
(log_logv_with_prefix): Rename to log_logv_prefix and change order of
args so that this function matches its printf like counterpart
gpgrt_logv_prefix. Change all callers.
(log_debug_with_string): Rename to log_debug_string. Change all
callers.
(log_printhex): Move first arg to end so that this function matches
its printf like counterpart gpgrt_log_printhex. Change all callers.
* common/logging.h: Divert to gpgrt/libgpg-error if we can use the
gpgrt_log functions.
(bug_at): Add inline versions if we can use the gpgrt_log functions.
* configure.ac (GPGRT_ENABLE_LOG_MACROS): Add to AH_BOTTOM.
(mycflags): Add -Wno-format-zero-length.
--
This patch enables the use of the log function from libgpgrt (aka
libgpg-error). Instead of checking a version number, we enable them
depending on macros set by recent gpg-error versions. Eventually the
whole divert stuff can be removed.
The -Wno-format-zero-length is required because log_printhex can be
called with an empty format string. Note that this is fully specified
standard C behaviour.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (wait_for_sock): Round SECSLEFT.
* dirmngr/dirmngr.c (main): Take care of --debug-wait also in dameon
mode.
* common/sysutils.c (gnupg_usleep) [HAVE_NANOSLEEP]: Fix nanosleep use.
--
Without the rounding we saw in verbose mose
[...]to come up ... (5s)
[...]to come up ... (4s)
immediately without the expected one second delay. Waiting for the
next seconds did not work if nanosleep was used due to improper passed
parameters in gnupg_usleep.
Adding --debug-wait for dirmngr in daemon mode is required to test
this change.
GnuPG-bug-id: 3490
Fixes-commit: 149041b0b917f4298239fe18b5ebd5ead71584a6
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (wait_for_sock): Replace NAME by WHICH and adjust
caller. Revert to use the former strings.
--
Note that the second of these strings
"waiting for the agent to come up ... (%ds)\n"
"connection to agent established\n"
does not use a proper article. This should be fixed but would
introduce a string change so that it is better done in a separate
commit.
Fixes-commit: 0471ff9d3bf8d6b9a359f3c426d70d0935066907
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (wait_for_sock): instead of checking the socket
every second, we check 10 times in the first second (with exponential
decay).
--
This cuts the wall clock time for the standard test suite roughly by
half.
GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/asshelp.c (wait_for_sock): New function, collecting
codepaths from...
(start_new_gpg_agent) here and...
(start_new_dirmngr) here.
--
This has no functional change, but makes it easier to make this
function more efficient.
GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/gettime.c (isotime_p): Accept the Z suffix.
--
The intention is use for human interface.
GnuPG-bug-id: 3278
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit ba8afc4966cca1f6aaf9b2a9bfc3220782306c2b)
* common/pkscreening.c: New.
* common/pkscreening.h: New.
* common/Makefile.am (common_sources): Add them.
* g10/gpg.c (opts): New option --with-key-screening.
* g10/options.h (struct opt): New field with_key_screening.
* g10/keylist.c: Include pkscreening.h.
(print_pk_screening): New.
(list_keyblock_print): Call it.
(print_compliance_flags): Call it.
* sm/gpgsm.c (opts): New option --with-key-screening.
* sm/gpgsm.h (scruct opt): New field with_key_screening.
* sm/keylist.c: Include pkscreening.h.
(print_pk_screening): New.
(print_compliance_flags): Call it. Add new arg cert.
(list_cert_colon): Pass arg cert
(list_cert_std): Call print_pk_screening.
* sm/fingerprint.c (gpgsm_get_rsa_modulus): New.
--
This new option can be used to detect ROCA affected keys. To scan an
entire keyring and print the affected fingerprints use this:
gpg -k --with-key-screening --with-colons | gawk -F: \
'$1~/pub|sub|sec|ssb|crt/ && $18~/\<6001\>/ {found=1;next};
$1=="fpr" && found {print $10}; {found=0}'
The same works for gpgsm. Note that we need gawk due to the "\<" in
the r.e.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (ENABLE_LOG_CLOCK): New ac_define and option.
* common/logging.c (log_clock): Use ENABLE_LOG_CLOCK to enable
timestamp printing.
* g10/call-agent.c (agent_pksign): Time signing.
* g10/sig-check.c (check_signature_end_simple): Time verification.
--
Timing for verification is limited to data signatures because this is
the most common thing to evaluate. We should consider to change
log_clock to printf style so that we could print the signature class
and other info.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gettime.c (isotime_p): Accept the Z suffix.
--
The intention is use for human interface.
GnuPG-bug-id: 3278
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/exechelp-posix.c (gnupg_wait_processes): Loop for r_exitcodes
even if we already see an error.
--
The value stored by waitpid for exit code is encoded; It requires
decoded by WEXITSTATUS macro, regardless of an error.
For example, when one of processes is already exited and another is
still running, it resulted wrong value of in r_exitcodes[n].
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>