1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Commit Graph

3626 Commits

Author SHA1 Message Date
Marcus Brinkmann
e8cf79c977 2003-08-20 Marcus Brinkmann <marcus@g10code.de>
* encrypt.c (encode_session_key): Allocate enough space.  Cast key
	byte to unsigned char to prevent sign extension.
	(encrypt_dek): Check return value before error.
2003-08-20 16:53:40 +00:00
Werner Koch
e3cdba8386 * scdaemon.c, scdaemon.h: New option --pcsc-driver.
* apdu.c (apdu_open_reader): Use that option here instead of a
hardcoded one.
2003-08-19 09:36:48 +00:00
Marcus Brinkmann
5e380eb635 2003-08-19 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (AM_PATH_GPG_ERROR): Add missing comma in
	invocation.
2003-08-19 02:25:25 +00:00
Timo Schulz
f9867edfb8 * mdc.c (use_mdc): Simplified. 2003-08-18 21:32:19 +00:00
Timo Schulz
73b5da4c7d 2003-08-18 Timo Schulz <twoaday@freakmail.de>
* encode.c (encode_sesskey): Checked the code and removed
        the warning since all compatibility checks with PGP succeeded.
        * mainproc.c (symkey_decrypt_sesskey): Better check for the
        algorithm and check the return values of some functions.
2003-08-18 21:25:03 +00:00
Werner Koch
4eb5165019 * scdaemon.c, scdaemon.h: New option --disable-opensc.
* card.c (card_open): Implement it.
* apdu.c (open_osc_reader, osc_send_apdu): New.
(apdu_open_reader) [HAVE_OPENSC]: Use the opensc driver if not
disabled.
(error_string) [HAVE_OPENSC]: Use sc_strerror.
(send_apdu) [HAVE_OPENSC]: Call osc_apdu_send.

* card-p15.c (p15_enum_keypairs, p15_prepare_key): Adjusted for
libgpg-error.
2003-08-18 17:34:51 +00:00
Werner Koch
0506e4ebec * Makefile.am: Add OPENSC_LIBS to all programs.
* scdaemon.c, scdaemon.h: New option --disable-opensc.
* card.c (card_open): Implement it.
* apdu.c (open_osc_reader, osc_send_apdu): New.
(apdu_open_reader) [HAVE_OPENSC]: Use the opensc driver if not
disabled.
(error_string) [HAVE_OPENSC]: Use sc_strerror.
(send_apdu) [HAVE_OPENSC]: Call osc_apdu_send.
2003-08-18 17:34:28 +00:00
Timo Schulz
6bdd855d11 Add 'dynload.h' to Makefile.am. 2003-08-14 19:58:03 +00:00
Timo Schulz
81a0683e21 2003-08-14 Timo Schulz <twoaday@freakmail.de>
* encrypt.c (encode_session_key): Use new Libgcrypt interface.
2003-08-14 19:39:30 +00:00
Timo Schulz
aa6e3f7d28 Forgot to remove the unsued variable. 2003-08-14 19:10:12 +00:00
Timo Schulz
7abac1ad8e 2003-08-14 Timo Schulz <twoaday@freakmail.de>
* pksign.c: do_encode_md: Due to the fact pkcs#1 padding
        is now in Libgcrypt, use the new interface.
2003-08-14 19:06:46 +00:00
Timo Schulz
abbb66e037 * Always use 'dynload.h' instead of 'dlfcn.h'. 2003-08-14 12:20:08 +00:00
Timo Schulz
f099ed75b8 *** empty log message *** 2003-08-14 12:16:58 +00:00
Timo Schulz
2bf665e188 2003-08-14 Timo Schulz <twoaday@freakmail.de>
* dlfcn.h. New. W32 wrapper around the dynload mechanism.
2003-08-14 12:06:43 +00:00
David Shaw
a2cf3caa98 * packet.h, sig-check.c (signature_check2, do_check, do_check_messages):
Provide a signing-key-is-revoked flag.  Change all callers.

* status.h, status.c (get_status_string): New REVKEYSIG status tag for a
good signature from a revoked key.

* mainproc.c (do_check_sig, check_sig_and_print): Use it here.

* import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare actual
signatures on import rather than using keyid or class matching.  This does
not change actual behavior with a key, but does mean that all sigs are
imported whether they will be used or not.

* parse-packet.c (parse_signature): Don't give "signature packet without
xxxx" warnings for experimental pk algorithms.  An experimental algorithm
may not have a notion of (for example) a keyid (i.e. PGP's x.509 stuff).
2003-08-13 03:31:36 +00:00
Werner Koch
dbb7f4c89c (pk_sign): Fix last change.
(pk_verify): Check for valid DATA array so that we don't segv in
Libgcrypt.
(pk_verify): Ditto.
2003-08-07 07:05:38 +00:00
Werner Koch
4140c3d447 Bumbed version number 2003-08-05 18:55:40 +00:00
Werner Koch
7500f070ba About to release the first 1.9 version. 2003-08-05 17:20:18 +00:00
Werner Koch
c9c4192763 About to release the first 1.9 version. 2003-08-05 17:20:18 +00:00
Werner Koch
f2c38b89a7 Cleanups, fixes and PC/SC support 2003-08-05 17:11:04 +00:00
Werner Koch
1bcf8ef9de Cleanups, fixes and PC/SC support 2003-08-05 17:11:04 +00:00
Repo Admin
9ca4830a5b This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-08-05 17:11:04 +00:00
David Shaw
752e3459ab * options.h, g10.c (main), keylist.c (list_keyblock_print), keyedit.c
(print_and_check_one_sig): New "show-sig-expire" list-option to show
signature expiration dates (if any).
2003-08-03 02:37:48 +00:00
Werner Koch
eba8c18657 minor changes to make make distcheck happy 2003-07-31 15:45:11 +00:00
Werner Koch
7921516e85 minor changes to make make distcheck happy 2003-07-31 15:45:11 +00:00
Werner Koch
2100b5dfa3 Remove leftover cruft 2003-07-29 14:10:02 +00:00
Werner Koch
2d7d9dc190 *** empty log message *** 2003-07-29 14:07:28 +00:00
Werner Koch
6f7ed05900 * gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
2003-07-29 08:53:19 +00:00
Werner Koch
97d3ea897f * gpgsm.c (main): Add secmem features and set the random seed file.
(gpgsm_exit): Update the random seed file and enable debug output.

* g10.c (main): Add secmem features and set the random seed file.
(g10_exit): Update the random seed file.

* parse-packet.c (parse_signature,read_protected_v3_mpi)
(parse_key): Fixed use of mpi_set_opaque.
* keygen.c (gen_card_key): Ditto.
2003-07-29 08:53:19 +00:00
Werner Koch
979ed0ca26 Adjusted for use with current libgcrypt (1.1.42). 2003-07-28 08:59:18 +00:00
Werner Koch
860f56b089 Adjusted for use with current libgcrypt (1.1.42). 2003-07-28 08:59:18 +00:00
David Shaw
e4a9d14aad * options.h, g10.c (main, add_keyserver_url): Add
--sig-preferred-keyserver to implant a "where to get my key" subpacket
into a signature.

* sign.c (mk_notation_and_policy): Rename to mk_notation_policy_etc and
add preferred keyserver support for signatures.
2003-07-24 19:28:12 +00:00
Werner Koch
0fe6a1287f * g10.c: New command --card-status.
* card-util.c (card_status): New.
* call-agent.c (learn_status_cb): Parse more information.

* keylist.c (print_pubkey_info): Add FP arg for optinal printing
to a stream.  Changed all callers.
2003-07-24 09:06:43 +00:00
Werner Koch
ba188097c0 * app-openpgp.c (do_learn_status): Print more status information.
(app_select_openpgp): Store the card version.
(store_fpr): Add argument card_version and fix DOs for old cards.
(app_openpgp_storekey): Likewise.
2003-07-24 09:06:13 +00:00
Werner Koch
b8becef1cf * command.c (cmd_pkauth): New.
(cmd_setdata): Check whether data was given at all to avoid
passing 0 to malloc.

* app.c (app_auth): New.
* app-openpgp.c (do_auth): New.
2003-07-23 07:13:05 +00:00
Werner Koch
44f4303bcf * keygen.c (generate_keypair): Create an AUTHKEYTYPE entry for cards.
(do_generate_keypair): Abd generate the authkey.
(check_smartcard): Changed menu accordingly.
2003-07-23 07:11:06 +00:00
David Shaw
fbdee01db9 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.
2003-07-21 23:19:15 +00:00
David Shaw
fa0cc6602b * keyedit.c (show_key_with_all_names): Use list-option show-validity in
--edit-key interface as well.
2003-07-20 17:09:43 +00:00
David Shaw
726b36b647 * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.
2003-07-20 02:09:06 +00:00
David Shaw
06442ab0da * packet.h, main.h, sig-check.c (signature_check2, check_key_signature2,
do_check): If ret_pk is set, fill in the pk used to verify the signature.
Change all callers in getkey.c, mainproc.c, and sig-check.c.

* keylist.c (list_keyblock_colon): Use the ret_pk from above to put the
fingerprint of the signing key in "sig" records during a --with-colons
--check-sigs.  This requires --no-sig-cache as well since we don't cache
fingerprints.
2003-07-20 00:10:13 +00:00
Werner Koch
fa2faef48f * Makefile.am: Add sc-copykeys program.
* sc-copykeys.c: New.
* app-openpgp.c (app_openpgp_storekey): New.
(app_openpgp_cardinfo): New.
(count_bits): New.
(store_fpr): And use it here to get the actual length in bit.
2003-07-16 13:47:14 +00:00
Werner Koch
4622a2180d * export.c (parse_export_options): New option sexp-format.
(export_seckeys,export_secsubkeys): Check sexp-format option.
(do_export): Ignore armor for sexp format.
(do_export_stream): Handle sexp-format.
(write_sexp_line,write_sexp_keyparm, build_sexp_seckey): New.
(build_sexp): New.
2003-07-16 13:45:15 +00:00
Werner Koch
270ba1bc96 * simple-pwquery.c, simple-pwquery.h: New; moved from ../agent.
* Makefile.am (libsimple_pwquery_a_LIBADD): New.
2003-07-16 13:44:43 +00:00
Werner Koch
59e5fb16f6 * simple-pwquery.c, simple-pwquery.h: Moved to ../common.
* Makefile.am (gpg_protect_tool_LDADD): Add simple-pwquery.o.
Removed it from xx_SOURCES.
2003-07-16 13:44:03 +00:00
David Shaw
f0fddbd613 * Makefile.am: Add --no-permission-warning to avoid spurious warning when
importing demo keys.
2003-07-10 15:10:02 +00:00
David Shaw
a88cb47d55 * configure.ac: configure.ac: Check for sigset_t and struct sigaction.
This is for Forte c89 on Solaris which seems to define only the function
call half of the two pairs by default.
2003-07-10 15:03:55 +00:00
David Shaw
f4617d97b8 * parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Makefile.am: Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.
2003-07-10 14:30:07 +00:00
David Shaw
3bc9e79103 * DETAILS: Document the --attribute-fd data.
* gpg.sgml: Document --set-notation.  Explain why it is not possible to
disable permission warnings in the gpg.conf file about the homedir.  Add
pointer in --ignore-time-conflict to see --ignore-valid from, and vice
versa.  Warning not to try and parse --list-keys in scripts. Document the
signature flags (1-3/L/R/P/N/X), Document expandos %g and %p.  Note the
default --personal-digest-preferences are "H2".
2003-07-10 12:42:49 +00:00
David Shaw
df79db51f1 * Makefile.am: Use W32LIBS where appropriate. 2003-07-10 12:32:57 +00:00
David Shaw
654276143b * iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
2003-07-10 12:26:42 +00:00