* agent/command.c (hlp_genkey): update help text to suggest the use of
3072 bits.
* doc/wks.texi: Make example match default generation.
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to
rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment,
(gen_rsa, get_keysize_range): update default from 2048 to 3072).
* g10/keyid.c (pubkey_string): update comment so that first example
is the default 3072-bit RSA.
--
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
(cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c)
Gbp-Pq: Topic from-master
Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch
* g10/import.c (read_block): Make sure KEYID is availabale also on a
pending packet.
--
Reported-by: Phil Pennock
Fixes-commit: adb120e663fc5e78f714976c6e42ae233c1990b0
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/mainproc.c (check_sig_and_print): Print a hint on how to make
use of the preferred keyserver. Remove keyserver lookup just by the
keyid. Try a WKD lookup before a keyserver lookup.
--
The use of the the keyid for lookups does not make much sense anymore
since for quite some time we do have the fingerprint as part of the
signature.
GnuPG-bug-id: 4595
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 96bf8f477805bae58cfb77af8ceba418ff8aaad9)
* g10/gpg.c (main): Change default.
--
Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures. That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.
To revert to the old behavior add
keyserver-optiions no-self-sigs-only,no-import-clean
to gpg.conf.
GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 23c978640812d123eaffd4108744bdfcf48f7c93)
* g10/getkey.c (get_pubkey_byname): Add special traeatment for default
and skipped-local.
--
This change avoids error message like
gpg: error retrieving 'foo@example.org' via None: No public key
A 'None' mechanism is something internal.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 91a6ba32347a21c9029728eec96b8ff80f944629)
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname. Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto. Pass on to get_best_pubkey_byname.
--
This new command is a shortcut for
--auto-key-locate nodefault,clear,wkd,... --locate-key
and uses the default or configured AKL list but does so without local.
See also
GnuPG-bug-id: 4599
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d00c8024e58822e0623b3fad99248ce68a8b7725)
* g10/keydb.h (enum get_pubkey_modes): New.
* g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and
change all callers.
--
This change prepares the implementation of GET_PUBKEY_NO_LOCAL.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9980f81da765f88a65604ab083563bf15ccdb425)
* g10/import.c (import_one): Rename to ...
(import_one_real): this. Do not print and update stats on keyring
write errors.
(import_one): New. Add fallback code.
--
GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 3a403ab04eeb45f12b34f9d9c421dac93eaf2160)
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--
This option is intended to help against importing keys with many bogus
key-signatures. It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.
GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 15a425a1dfe60bd976b17671aa8e3d9aed12e1c0)
* g10/import.c: Change arg 'with_meta' to 'options'. Change callers.
--
This chnage allows to pass more options to read_block.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/tofu.c: Removed some translation markups which either make no
sense or are not possble.
--
Error message which are not helpful for the user but indicate a
problem of the installation or the code do not need a translation.
The translator may not understand them correctly and the use support
can't immediately locate the problem because it needs to be reverse
translated.
There is also one case where certain grammar constructs are
assumed (concatenating parts of a sentence at runtime). Better do not
translate that than getting weird sentences.
* common/userids.c (classify_user_id): Do not set the EXACT flag in
the default case.
* g10/export.c (exact_subkey_match_p): Make static,
* g10/delkey.c (do_delete_key): Implement subkey only deleting.
--
GnuPG-bug-id: 4457
* g10/keydb.c (parse_keyblock_image): Treat invalid packet special.
--
This is in particular useful to run --list-keys on a keyring with
corrupted packets. The extra flush is to keep the diagnostic close to
the regular --list-key output.
Signed-off-by: Werner Koch <wk@gnupg.org>
This is a backport from master with support for the unsupported v5 key
handling.
* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.
--
This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us. Test case is
gpg --batch --passphrase 'abc' -v \
--quick-gen-key $(yes 'a'| head -4000|tr -d '\n')
GnuPG-bug-id: 4532
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs.
Do not clear the ownertrust. Do not let the agent delete the key.
--
Co-authored-by: Matheus Afonso Martins Moreira
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (opt): Add flags.dummy_outfile.
* g10/decrypt.c (decrypt_message): Set this global flag instead of the
fucntion local flag.
* g10/plaintext.c (get_output_file): Ignore opt.output if that was
used as a dummy option aslong with --use-embedded-filename.
--
The problem here was that an explicit specified --decrypt, as
meanwhile suggested, did not work with that dangerous
--use-embedded-filename. In contrast it worked when gpg decrypted as
a side-effect of parsing the data.
GnuPG-bug-id: 4500
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/exec.c (w32_system): Add "!ShellExecute" special.
* g10/photoid.c (get_default_photo_command): Use the new ShellExecute
under Windows and fallbac to 'display' and 'xdg-open' in the Unix
case.
(show_photos): Flush stdout so that the output is shown before the
image pops up.
--
For Unix this basically syncs the code with what we have in gpg 1.4.
Note that xdg-open may not be used when running as root which we
support here.
For Windows we now use ShellExecute as this seems to be preferred over
"cmd /c start"; however this does not solve the actual problem we had
in the bug report. To solve that problem we resort to a wait
parameter which defaults to 400ms. This works on my Windows-10
virtualized test box. If we can figure out which simple viewers are
commonly installed on Windows we should enhance this patch to test for
them.
GnuPG-bug-id: 4334
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/export.c (cleartext_secret_key_to_openpgp): ignore trailing
sublists in private-key S-expression.
--
When gpg-agent learns about a private key from its ssh-agent
interface, it stores its S-expression with the comment attached. The
export mechanism for OpenPGP keys already in cleartext was too brittle
because it would choke on these comments. This change lets it ignore
any additional trailing sublists.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gnupg-Bug-Id: 4490
* g10/keyserver.c (keyserver_search): Remove a specialized error
message.
--
Dirmngr comes with a default keyserver and the suggestion to use
gpg --keyserver
is not good because that option is deprecated. An error message
"No keyserver available" is sufficient.
GnuPG-bug-id: 4512
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/sign.c (update_keysig_packet): Convert digest algo when needed.
--
Several gpg commands try to keep most properties of a key signature
when updating (i.e. creating a new version of a key signature). This
included the use of the current hash-algorithm. This patch changes
this so that SHA-1 or RMD160 are replaced by SHA-256 if
possible (i.e. for RSA signatures). Affected commands are for example
--quick-set-expire and --quick-set-primary-uid.
GnuPG-bug-id: 4508
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (parse_signature): Take only the addrspec from a
Signer's UID subpacket.
--
This is to address a problem in the currentr OpenKeychain which put
the entire UID into the subpacket. For example our Tofu code can only
use the addrspec and not the entire UID.
Reported-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (get_best_pubkey_byname): Set new.uid always
to NULL after use.
--
pubkey_cmp is not guranteed to set new.uid.
So if the diff < 0 case is reached best is set to new.
If then diff > 0 is reached without modifying new.uid
e.g. if the key has no matching mboxes. new.uid is
free'd even though the uid is still referenced in
best.
GnuPG-Bug-Id: T4462
(cherry picked from commit e57954ed278cb5e6e725005b1ecaf7ce70006ce0)
* g10/keyserver.c (keyserver_import_wkd): Clear NO_ARMOR.
--
We may even adjust the specs to allow that. It should not be a
problem for any OpenPGP implementation because armored keys are very
common and de-armoring code is de-facto a mandatory feature.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (import): Limit the number of considered keys to 5.
(import_one): Return the first fingerprint in case of WKD.
--
The Web Key Directory should carry only one key. However, some
providers like to put old or expired keys also into the WKD. I don't
thunk that this is a good idea but I heard claims that this is needed
for them to migrate existing key data bases.
This patch puts a limit on 5 on it (we had none right now) and also
fixes the issue that gpg could not work immediately with the requested
key because the code uses the fingerprint of the key to use the
imported key. Now the first key is used. On a second try (w/o
accessing the WKD) the regular key selection mechanism would be in
effect. I think this is the most conservative approach. Let's see
whether it helps.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
ECC strength 384, according to RFC-6637.
--
Reported-by: Trevor Bentley
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit af3efd149f555d36a455cb2ea311ff81caf5124c)
* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.
--
(cherry picked from commit 4324560b2c0bb76a1769535c383424a042e505ae)
This change matters when it is called from ask_card_keyattr.
Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION
instead of invalid packet.
* g10/keydb.c (parse_keyblock_image): Do not map the unknown version
error to invalid keyring.
(keydb_search): Skip unknown version errors simlar to legacy keys.
* g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown
versions.
* g10/import.c (read_block): Handle unknown version.
--
When using gpg 2.3 the local keyring may contain v5 keys. This patch
allows the use of such a keyring also with a 2.2 version which does
not support v5 keys. We will probably need some more tweaking here
but this covers the most common cases of listing keys and also
importing v5 keys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic. Change to take ownership of
arg keyblock. Implement extra secret key import logic. Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--
The PGP desktops exported secret keys are really stupid. And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):
[...] Implementations SHOULD include self-signatures on any user
IDs and subkeys, as this allows for a complete public key to be
automatically extracted from the transferable secret key.
Implementations MAY choose to omit the self-signatures, especially
if a transferable public key accompanies the transferable secret
key.
Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.
GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t. Return an
error code if sec_to_pub_keyblock failed. Resync secret keyblock.
--
When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway. This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key. After importing
the public key the secret keys suddenly showed up.
This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.
Caution: The ecc.scm test now fails because two of the sample keys
don't have binding signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f799e9728bcadb3d4148a47848c78c5647860ea4)
* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do
not print the first keyinfo in FROM_SK mode.
printing.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f64477db86568bdc28c313bfeb8b95d8edf05a3c)
* g10/cpr.c (write_status_printf): Escape CR and LF.
* g10/import.c (print_import_check): Simplify by using
write_status_printf and hexfingerprint.
Signed-off-by: Werner Koch <wk@gnupg.org>
Fixed one conlict in a comment.
* g10/keylist.c (print_key_line): Print a warning for invalid algos.
--
Non-OpenPGP compliant keys now show a warning flag on the sec or pub
line like in:
gpg: can't encode a 256 bit MD into a 88 bits frame, algo=8
sec cv25519 2019-01-30 [INVALID_ALGO]
4239F3D606A19258E7A88C3F9A3F4F909C5034C5
uid [ultimate] ffffff
Instead of showing the usage flags "[CE]". Without this patch only
the error message is printed and the reason for it was not immediately
obvious (cv25519 is encryption only but we always consider the primary
key as having the "C" flag).
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit db87132b10664718b7db6ec1dad584b54d1fb265)
* g10/gpgcompose.c (literal_name): Complain if passed zero arguments,
not one or fewer.
--
Cherry-picked master commit of:
1ed21eee79749b976b4a935f2279b162634e9c5e
Signed-off-by: Neal H. Walfield <neal@walfield.org>
* g10/misc.c (map_pk_gcry_to_openpgp): Add EdDSA mapping.
--
Due to this missing mapping a "gpg --export --full-gen-key" with
selection "13 - Existing key" did not worked for an ed25519 key.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 346a98fabe03adf2e202e36fc2aa24b1c2571154)
* g10/misc.c (openpgp_pk_test_algo2): Add extra check.
--
The problem is that --key-gen --batch with a parameter file didn't
detect that Elgamal is not capable of signing and so an error was only
triggered at the time the self-signature was created. See the code
comment for details.
GnuPG-bug-id: 4329
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f97dc55ff1b041071bc3cbe98aa761bf77bb7ac8)
* g10/keylist.c (print_pubkey_info): Reverse the condition.
--
This mistakes were introduced when replacing by estream.
It resulted 'gpg --card-status' from a process with no controlling
terminal fails.
Fixes-commit: fb2ba98963beea249474f5d6d7345cf9b4b7f570
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit e154fba30ba0d5f29040a33f5c1b5c25b441b69f)
* g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox".
* g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New.
* g10/keylist.c (list_keyblock_simple): New.
(list_keyblock): Call it.
(list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX
mode.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0e8bf204791ebfd0c9a8e4b49fbadf998ec62e49)
* g10/keylist.c (list_keyblock_simple): Remove optional arg from
mailbox_from_userid
* g10/mainproc.c (proc_plaintext): Do not enable hash contexts when
opt.skip_verify is set.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit 73e74de0e33bbb76300f96a4174024779047df06)
* g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit cd64af003d4b6b46b69dbd575f73d53359ae0bcc)