1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-26 10:59:58 +01:00

130 Commits

Author SHA1 Message Date
David Shaw
f0bf8b4afc * main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
list_keyblock_print, list_keyblock_colon), status.h, status.c
(get_status_string): New --attribute-fd feature to dump the contents of
attribute subpackets for frontends.  If --status-fd is also used, then a
new status tag ATTRIBUTE is provided for each subpacket.

* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track of the
expiration time of a user ID, and while we're at it, use the expired flag
from the selfsig rather than reparsing the SIG_EXPIRE subpacket.

* photoid.c (generate_photo_id): When adding a new photo ID, showing the
photo for confirmation is not safe when noninteractive since the "user"
may not be able to dismiss a viewer window. Noted by Timo Schulz.
2002-06-03 20:48:36 +00:00
David Shaw
ee39ad5750 * sign.c (mk_notation_and_policy): Free unneeded buffer.
* hkp.c (parse_hkp_index): Properly handle the '&' character (i.e.
"&") in HKP responses.

* getkey.c (merge_selfsigs_main): Fix reversed expiration time check with
self-sigs.

* keyedit.c (sign_uids): When making a new self-sig on a v3 key, make a v3
self-sig unless it is currently a v3 self-sig being promoted to v4.
2002-06-01 04:10:16 +00:00
David Shaw
28ae0d878f * gpgv.c: Add stub for get_ownertrust().
* g10.c (main): --allow-freeform-uid should be implied by OpenPGP.  Add
--no-allow-freeform-uid.

* keyedit.c (sign_uids): Issue a warning when signing a non-selfsigned
uid.

* getkey.c (merge_selfsigs_main): If a key has no selfsigs, and
allow-non-selfsigned-uid is not set, still try and make the key valid by
checking all uids for a signature from an ultimately trusted key.
2002-05-17 18:49:30 +00:00
David Shaw
4dcdaa3b1b * main.h, keygen.c (keygen_add_revkey): Add revocation key subpackets to a
signature (callable by make_keysig_packet). (write_direct_sig): Write a 1F
direct key signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation key. (get_parameter_revkey,
do_generate_keypair): Call above functions when prompted from a batch key
generation file.

* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.

* keydb.h, getkey.c (get_seckey_byfprint): Same as get_pubkey_byfprint,
except for secret keys.  We only know the fingerprint of a revocation key,
so this is needed to retrieve the secret key needed to issue a revokation.

* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split revkey
parsing off into a new function that can be used to reparse after
manipulating the revkey list.

* sign.c (make_keysig_packet): Ability to make 1F direct key signatures.
2002-05-16 03:35:55 +00:00
David Shaw
fcfc223dbb * options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl as a
sample LDAP server instead.

* getkey.c (merge_selfsigs_main): Properly handle multiple revocation keys
in a single packet.  Properly handle revocation keys that are in
out-of-order packets.  Remove duplicates in revocation key list.
2002-05-15 13:15:27 +00:00
David Shaw
fecfcb6454 * packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Show assumed
prefs for hash and compression as well as the cipher pref. Show assumed
prefs if there are no prefs at all on a v4 self-signed key.

* options.h, g10.c (main), sign.c (make_keysig_packet): New
--cert-digest-algo function to override the default key signing hash
algorithm.
2002-05-10 15:27:20 +00:00
David Shaw
0c3ac11549 * getkey.c (merge_selfsigs_main): Make sure the revocation key list starts
clean as this function may be called more than once (e.g. from functions
in --edit).

* g10.c, encode.c (encode_crypt), sign.c (sign_file,
sign_symencrypt_file): Make --compress-algo work like the documentation
says.  It should be like --cipher-algo and --digest-algo in that it can
override the preferences calculation and impose the setting the user
wants.  No --compress-algo setting allows the usual preferences
calculation to take place.

* main.h, compress.c (compress_filter): use new DEFAULT_COMPRESS_ALGO
define, and add a sanity check for compress algo value.
2002-05-09 19:57:08 +00:00
David Shaw
7ee8e46500 * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c
(algo_available): --pgp7, identical to --pgp6 except that it permits a few
algorithms that PGP 7 added: AES128, AES192, AES256, and TWOFISH.  Any
more of these --pgpX flags, and it'll be time to start looking at a
generic --emulate-pgp X option.
2002-05-07 22:04:27 +00:00
David Shaw
2e56b988c8 * keyedit.c (sign_uids): If --expert it set, allow re-signing a uid to
promote a v3 self-sig to a v4 one.  This essentially deletes the old v3
self-sig and replaces it with a v4 one.
2002-05-07 04:27:40 +00:00
David Shaw
50c9a5bd25 * packet.h, parse-packet.c (parse_key), getkey.c (merge_keys_and_selfsig,
merge_selfsigs_main): a v3 key with a v4 self-sig must never let the v4
self-sig express a key expiration time that extends beyond the original v3
expiration time.
2002-05-07 04:05:03 +00:00
Stefan Bellon
158091ef9f fixed m_alloc(0) bug and added checks to revkey and numrevkeys 2002-05-04 14:45:34 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
3b97ac9ef8 * keygen.c (generate_subkeypair): 2440bis04 adds that creating subkeys on
v3 keys is a MUST NOT.

* getkey.c (finish_lookup): The --pgp6 "use the primary key" behavior
should only apply while data signing and not encryption. Noted by Roger
Sondermann.
2002-04-20 11:57:35 +00:00
David Shaw
c07113d265 * trustdb.c (mark_usable_uid_certs): Properly handle nonrevocable
signatures that can expire.  In short, the only thing that can override an
unexpired nonrevocable signature is another unexpired nonrevocable
signature.

* getkey.c (finish_lookup): Always use primary signing key for signatures
when --pgp6 is on since pgp6 and 7 do not understand signatures made by
signing subkeys.
2002-04-18 18:23:22 +00:00
Werner Koch
bf7cef8ebf * getkey.c (lookup): Advance the searchmode after a search FIRST. 2002-04-18 10:50:05 +00:00
Werner Koch
ad2bfad4cc * getkey.c (premerge_public_with_secret): Fixed 0x12345678! syntax
for use with secret keys.

* seckey-cert.c (do_check): Always calculate the old checksum for
use after unprotection.

* g10.c, options.skel: New option --no-escape-from.  Made
--escape-from and --force-v3-sigs the default and removed them
from the options skeleton.
2002-04-18 08:09:56 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
018f352294 * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
2002-04-11 04:04:41 +00:00
David Shaw
ff8460f20d Minor tweak to importing to allow more non-signed uids (now that
--allow-non-selfsigned-uid allows for completey unsigned uids).

Do not choose an attribute packet (i.e. photo) as primary uid.  This
prevents oddities like "Good signature from [image of size 2671]".  This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.

The algorithms list should include #110.

--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.

Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
2002-03-24 04:54:58 +00:00
David Shaw
b8858a3ef1 --openpgp implies --allow-non-selfsigned-uid
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid).  This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key.  Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust.  The key is *not* automatically trusted via
--allow-non-selfsigned-uid.

Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.

If the main key is not valid, then neither are the subkeys.

Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8.  Remove mark_non_selfsigned_uids_valid()

Show revocation key as UTF8.

Allow --not-dash-escaped to work with v3 keys.
2002-03-17 23:47:32 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
David Shaw
8ed6d59a6c If a key isn't valid (say, because of no self-signature), allow
--always-trust to force it valid so it can be trusted.
2002-02-27 14:27:18 +00:00
David Shaw
6deb95687d Treat key lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
2002-02-26 01:00:12 +00:00
David Shaw
1dbd67b96a Some compatibility polish for PGP2. Add a fake IDEA preference for v3
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys.  Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
2002-01-22 20:39:10 +00:00
David Shaw
7997bba7a9 fix off-by-one in building attribute subpackets
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
2002-01-06 03:52:14 +00:00
Werner Koch
ab430c4b24 * keyserver.c (keyserver_spawn): Removed some variables
declaration due to shadowing warnings.
* build-packet.c (build_attribute_subpkt): s/index/idx/ to avoid
compiler warnig due to index(3).
* getkey.c (get_ctx_handle): Use KEYDB_HANDLE as return value.
* keylist.c (list_one): Made resname const.
* keyedit.c (keyedit_menu): Allow "addphoto" only when --openpgp is
not used.
* options.skel: Changed one example photo viewer to qiv.
2001-12-22 13:04:24 +00:00
Werner Koch
ca1bc23ef2 * g10.c. options.h : New option --show-keyring
* getkey.c (get_ctx_handle): New.
* keylist.c (list_one): Implement option here.  By David Champion.
2001-12-21 20:08:51 +00:00
David Shaw
ebd148e553 Bug fix in "showpref"
Allow setting a no-compression preference
2001-12-07 00:57:50 +00:00
Werner Koch
ebf6b8a515 calculate time of next trustdb check 2001-09-28 17:00:00 +00:00
Werner Koch
52be6a8aef completed the new key validation code 2001-09-26 12:49:10 +00:00
Werner Koch
9a5c0fd75a made keylisting faster 2001-09-25 18:47:49 +00:00
Werner Koch
a3af543617 Revamped the trustDB 2001-09-24 16:03:14 +00:00
Werner Koch
cf477d0908 Bug fixes and Timo's patches 2001-09-19 14:25:05 +00:00
Werner Koch
d4cd7a3d4b more bug fixesand some warning cleanups 2001-09-09 16:09:19 +00:00
Werner Koch
2874670be9 Last changes before 1.0.6a snapshot release 2001-09-07 11:40:19 +00:00
Werner Koch
59334400a1 fixed a stupid C error 2001-09-07 07:57:51 +00:00
Werner Koch
ed17c7afd0 Revamped the keyring code 2001-09-06 17:10:00 +00:00
Werner Koch
bab40b52cd MDC feature support and other stuff 2001-08-30 16:39:23 +00:00
Werner Koch
dc718d704f Revamped preference handling 2001-08-10 14:04:32 +00:00
Werner Koch
aa9da2b07e reworked the way hased data is stored and added a "primary" command
DCVS: ----------------------------------------------------------------------
2001-08-09 09:34:25 +00:00
Werner Koch
dce4566802 Changed lsign behaviour, allow future subkeys, don't list revoked keys 2001-08-01 10:30:24 +00:00
Werner Koch
6732700743 migration to autoconf 2.52 and bugfixes 2001-07-26 09:37:47 +00:00
Werner Koch
ae78aed6b6 one debian bug fixed 2001-06-16 11:09:29 +00:00
Werner Koch
01fe1dd2a9 Fix for toupper('I') != 'i' 2001-06-12 18:42:40 +00:00
Werner Koch
e354b518d3 just released another snapshot 2001-05-28 12:46:28 +00:00
Werner Koch
7bf54c22e9 last hour fixes. 2001-04-28 10:43:25 +00:00
Werner Koch
feb2b1914d Fixed translation issue 2001-04-24 14:22:48 +00:00
Werner Koch
64ddc393e1 Estonian translation, .texi man pages. 2001-04-17 16:20:32 +00:00
Werner Koch
c9e908e734 Improved pipemode and tweaked handling of multiple signatures. 2001-04-05 12:21:43 +00:00
Werner Koch
355c76352a Made genkey work again. 2001-03-27 11:14:22 +00:00