* scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a
VERIFY.
(send_apdu_ccid): Ditto.
--
This should handle the most common case.
GnuPG-bug-id: 5085
* g10/kbnode.c (new_kbnode2): New.
* g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store
misplaced revocations.
(import_revoke_cert): Allow to pass an entire list.
(import_one): Import revocations found by delete_inv_parts.
--
It might be useful to distribute revocations of old keys along with
new keys. This is in particicualrr useful for WKD stored keys. This
patch allows to put unrelated standalone revocations into a key. For
example they can simply appended to a keyblock. Right now it is a bit
inaesthetic to see diagnostics about misplaced or bad revocation
signatures.
Backported-from-master: 7aaedfb10767c74f3e6868dd1563cbbf1282ab2f
* g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD.
--
With this fix it is now possible to feed a vanilla packet of type 20
without first forcing gpg to assume binary mode.
* g10/gpg.c (oCompatibilityFlags): New.
(opts): Add option.
(compatibility_flags): New list.
(main): Set flags and print help.
* g10/options.h (opt): Add field compatibility_flags.
--
No flags are yet defined but it is good to have the framework.
* scd/app-nks.c (do_learn_status_core): Use new flag.
* scd/app-sc-hsm.c (do_learn_status): Ditto.
--
The flag was already backported to some apps but not to these.
* tests/gpgscm/tests.scm (open-log-file): Keep the log file in objdir.
--
Before the change, it is at ephemeral temp directory which is removed.
This is not useful at all. Possibly, it was done before the introduce
of ephemeral temp directory for each test and not changed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests/openpgp/issue2941.scm: Use 233.
--
On Windows machine (emulated by Wine), 23 may be valid value for
handle.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/t-session-env.c [HAVE_W32_SYSTEM] (test_all): HOME is not
defined, so, exclude the tests.
--
Backport master commit of:
b47a23f5fac551727d24f65765e21485ed2bb02c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a
VERIFY.
(send_apdu_ccid): Ditto.
--
This should handle the most common case.
GnuPG-bug-id: 5085
* g10/gpg.c (aQuickUpdatePref): New.
(opts): Add --quick-update-pref.
(main): Implement.
* g10/keyedit.c (keyedit_quick_update_pref): New.
(menu_set_preferences): Add arg 'unattended' and adjust caller.
--
This new quick command is in particular useful to update existing keys
so that they can be used with OCB mode.
(cherry picked from commit d40d23b233f0b2e6fc25937f1632ac5b9d4f61e5)
* sm/keylist.c (print_capabilities): Add arg algo and use it to check
for ECC capabilities.
(list_cert_colon): Call with algo.
--
This will mark certificates with only keyAgreement usage correctly in
the --with-colons listing.
(cherry picked from commit f5c3f13609361dfeb03722161b1fc93f5a33dcae)
* dirmngr/crlcache.c (finish_sig_check): Use raw value for the data.
--
This had the usual signed/unsigned problem. By using the modern form
we enforce Libgcrypt internal parsing as unsigned integer.
(cherry picked from commit 868dabb4027a03f4ce39be3c143b480bccde1a63)
* dirmngr/validate.c (pk_algo_from_sexp): Make public. Support ECC.
* dirmngr/ocsp.c (check_signature): Remove hash preparation out to ...
(check_signature_core): here. This changes the arg s_hash to md.
Support ECDSA.
--
The test was done with my qualified signature certificate from the
Telesec and their responder http://tqrca1.ocsp.telesec.de/ocspr .
See also libksba commit rK24992a4a7a61d93759e1dbd104b845903d4589bf
(cherry picked from commit 890e9849b58e91fb7e0ad8d3b11d19363fca2d8a)
* dirmngr/crlcache.c (finish_sig_check): Support ECDSA.
* dirmngr/validate.c (check_cert_sig): Ditto. Remove the never
used support for DSA.
(cherry picked from commit de87c8e1ead72ea67789ffa4375f9dd3e4f9e2fa)
* sm/gpgsm.h (struct certlist_s): Add helper field pk_algo.
* sm/sign.c (gpgsm_sign): Store the public key algo. Take the hash
algo from the curve. Improve diagnostic output in verbose mode.
--
GnuPG-bug-id: 4098, 6253
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: f44d395bdfec464b1e2a0a1aef39561e6e48a45c
* sm/certcheck.c (do_encode_md): Take care of nistp521.
--
This curve is a bit odd in that it does not match a common hash digest
length. We fix that here for just this case instead of writing more
general code to support all allowed cases (i.e. hash shorter than Q).
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 596212e71abf33b30608348b782c093dace83110
* common/sexputil.c (pubkey_algo_to_string): New.
* sm/certcheck.c (do_encode_md): Replace GCRY_PK_ECDSA by GCRY_PK_ECC.
* sm/certreqgen-ui.c (check_keygrip): Add all ECC algorithms.
* sm/gpgsm.c (our_pk_test_algo): Also allow EdDSA.
* sm/verify.c (gpgsm_verify): Map ECC algo to ECDSA. Use new pubkey
algo name function
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 34b628db4618a8712536aea695f934b0286e7b18)
* g10/kbnode.c (new_kbnode2): New.
* g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store
misplaced revocations.
(import_revoke_cert): Allow to pass an entire list.
(import_one): Import revocations found by delete_inv_parts.
--
It might be useful to distribute revocations of old keys along with
new keys. This is in particicualrr useful for WKD stored keys. This
patch allows to put unrelated standalone revocations into a key. For
example they can simply appended to a keyblock. Right now it is a bit
inaesthetic to see diagnostics about misplaced or bad revocation
signatures.
Backported-from-master: 7aaedfb10767c74f3e6868dd1563cbbf1282ab2f
* g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD.
--
With this fix it is now possible to feed a vanilla packet of type 20
without first forcing gpg to assume binary mode.
* common/compliance.h (enum gnupg_co_extra_infos): New.
* common/compliance.c (vsd_allow_ocb): New.
(gnupg_cipher_is_compliant): Allow OCB if flag is set.
(gnupg_cipher_is_allowed): Ditto.
(gnupg_set_compliance_extra_info): Change to take two args. Adjust
callers.
* g10/gpg.c (compatibility_flags): Add "vsd-allow-ocb".
(main): And set it.
* g10/options.h (COMPAT_VSD_ALLOW_OCB): NEw.
--
This is a temporary flag until the new mode has been evaluated and can
always be enabled.
GnuPG-bug-id: 6263
* g10/gpg.c (oCompatibilityFlags): New.
(opts): Add option.
(compatibility_flags): New list.
(main): Set flags and print help.
* g10/options.h (opt): Add field compatibility_flags.
--
No flags are yet defined but it is good to have the framework.
* g10/build-packet.c (do_encrypted_aead): New.
(do_symkey_enc): Handle version 5.
(build_packet): Support the ENCRYPTED_AEAD packet.
* g10/cipher.c (MIN_PARTIAL_SIZE): Remove unused macro.
(AEAD_ENC_BUFFER_SIZE): New macro.
(my_iobuf_write): New.
(write_header): Rename to write_cfb_header. Adjust caller.
(set_ocb_nonce_and_ad): New.
(write_ocb_header): New.
(write_ocb_auth_tag): New.
(write_ocb_final_chunk): New.
(do_ocb_flush): New.
(do_ocb_free): New.
(cipher_filter_ocb): New.
* g10/filter.h (cipher_filter_context_t): Add fields for AEAD.
* g10/encrypt.c (encrypt_symmetric): For the use of a session key in
OCB mode.
(encrypt_seskey): Revamp to support OCB.
(use_aead): New.
(encrypt_simple): Support OCB.
(write_symkey_enc): Ditto.
(encrypt_crypt): Ditto.
(encrypt_filter): Handle OCB.
* g10/options.h (opt): Add field force_ocb.
* g10/gpg.c (oForceOCB): New.
(opts): New option "--force-ocb".
(main): Set force_ocb option.
* g10/gpgcompose.c (encrypt_seskey): New.
* g10/keygen.c (aead_available): New global var.
(keygen_set_std_prefs): Set AEAD feature by default in GNUPG mode. Add
parings of aead feature flag.
(keygen_get_std_prefs): Set aead flag.
(add_feature_aead): New.
(keygen_upd_std_prefs): Set OCB as preference if AEAD is enabled.
* g10/pkclist.c (select_aead_from_pklist): New.
(warn_missing_aead_from_pklist): New.
(select_mdc_from_pklist): Remove this unused function.
--
This extends the long available OCB and EAX decryption feature. Due
to the meanwhile expired patent on OCB there is no more reason for
using EAX. Thus we forcefully use OCB if the AEAD feature flag is set
on a key.
In GNUPG mode new keys are now created with the AEAD feature flag set.
Option --rfc4880 is one way to disable this.
GnuPG-bug-id: 6263
* sm/gpgsm.h (COMPAT_ALLOW_ECC_ENCR): New.
* sm/gpgsm.c (compatibility_flags): Add new flag.
* sm/encrypt.c (encrypt_dek): Allw ECC only if flag is set.
--
ECC encryption was not part of the original VS evaluation. Until this
has been re-evaluated we hide this feature behind this flag.
GnuPG-bug-id: 6253
* sm/decrypt.c (hash_ecc_cms_shared_info): Make global.
* sm/encrypt.c (ecdh_encrypt): New.
(encrypt_dek): Add arg PK_ALGO and support ECDH.
(gpgsm_encrypt): Pass PK_ALGO.
--
Note: This has only been tested with a messages created and decrypted
by GnuPG.
GnuPG-bug-id: 4098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: d5051e31a8fc07c339253c6b82426e0d0115a20a
GnuPG-bug-id: 6253
* sm/certlist.c (cert_usage_p): Allow keyAgreement for ECC.
* sm/fingerprint.c (gpgsm_is_ecc_key): New.
--
For ECC encryption keys keyAgreement is the keyUsage we want.
GnuPG-bug-id: 6253