--allow-non-selfsigned-uid allows for completey unsigned uids).
Do not choose an attribute packet (i.e. photo) as primary uid. This
prevents oddities like "Good signature from [image of size 2671]". This
is still not perfect (one can still select an attribute packet as primary
in --edit), but is closer to the way the draft is going.
The algorithms list should include #110.
--pgp2 implies --no-ask-sig-expire and --no-ask-cert-expire as those would
cause a v4 sig/cert.
Be more lenient in what constitutes a valid armor header (i.e. -----BEGIN
blah blah-----) as some Windows programs seem to add spaces at the end.
--openpgp makes it strict again
If none of the uids are primary (because none are valid) then pick the
first to be primary (but still invalid). This is for cosmetics in case
some display needs to print a user ID from a non-selfsigned key. Also use
--allow-non-selfsigned-uid to make such a key valid and not
--always-trust. The key is *not* automatically trusted via
--allow-non-selfsigned-uid.
Make sure non-selfsigned uids print [uncertain] on verification even
though one is primary now.
If the main key is not valid, then neither are the subkeys.
Allow --allow-non-selfsigned-uid to work on completely unsigned keys.
Print the uids in UTF8. Remove mark_non_selfsigned_uids_valid()
Show revocation key as UTF8.
Allow --not-dash-escaped to work with v3 keys.
that has been revoked by designated revoker, but the designated revoker is
not present to verify the revocation (whew!). This applies to all ways to
get a key into the system: --import --recv-keys, and --search-keys. If
auto-key-retrieve is set, try and retrieve the revocation key.
Also, auto-key-retrieve is now a keyserver-option.
do not prompt for revocation reason for v3 revocations (unless
force-v4-certs is on) since they wouldn't be used anyway.
show the status of the sigs (exportable? revocable?) to the user before
prompting for which sig to revoke. Also, make sure that local signatures
get local revocations.
Add "exec-path" variable to override PATH for execing programs.
properly check return code from classify_user_id to catch unclassifiable
keys.
support. That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker. The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.
Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it. It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.
This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".
The --edit menu information will show if a revocation key is present.
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it). Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.
Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
keyservers).
Add KEYSERVER_NOT_SUPPORTED for unsupported actions (say, a keyserver that
has no way to search, or a readonly keyserver that has no way to add).
Also add a USE_EXTERNAL_HKP define to disable the internal HKP keyserver
code.
unknown and undefined trust. Removed the did_add cruft. Reported
by Janusz A. Urbanowicz.
* g10.c: New option --no-use-agent.
Hmmm, is this a a good name? --do-not-use-agent seems a bit to long.
is a cert. A sig has sigclass 0x00, 0x01, 0x02, or 0x40, and everything
else is a cert.
Add a "nrlsign" for nonrevocable and local key signatures.
Add a --no-force-mdc to undo --force-mdc.
Add a knob to force --disable-mdc/--no-disable-mdc. Off by default, of
course, but is used in --pgp2 and --pgp6 modes.
Allow specifying multiple users in the "Enter the user ID" loop. Enter a
blank line to stop. Show each key+id as it is added.
It is not illegal (though possibly silly) to have multiple policy URLs in
a given signature, so print all that are present.
More efficient implementation of URL-ifying code for --search on an HKP
keyserver.
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL. Use the new generic %-handler for the photo ID stuff as well.
Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
keyids as if they were v3. The workaround/hack is to fetch both the v4
(e.g. 99242560) and v3 (e.g. 68FDDBC7) keyids. This only happens for key
refresh while using the HKP scheme and the refresh-add-fake-v3-keyids
keyserver option must be set. This should stay off by default.
turns off force_mdc, turns on no_comment, escape_from, and force_v3_sigs,
and sets compression to 1. It also restricts the user to IDEA (if
present), 3DES, CAST5, MD5, SHA1, and RIPEMD160. See the comments above
algo_available() for lots of discussion on why you would want to do this.
When key signing with multiple keys at the same time, make sure each key
gets the sigclass prompt
Close the iobuf and FILE before trying to reap the child process to
encourage the child to exit
Disable cache-on-close of the fd iobuf (shouldn't all fd iobufs not be
cached?)
* passphrase.c (agent_open): Let it override the environment info.
* seckey-cert.c (check_secret_key): Always try 3 times when the
agent is enabled.
* options.skel: Describe --use-agent.
bits long (as RSA minimum is 1024)
Allow IDEA as a fake preference for v3 keys with v3 selfsigs when
verifying that a cipher is in preferences while decrypting
keys (this is in the RFC), so that they can be (sometimes) used along
OpenPGP keys. Do not force using IDEA on an OpenPGP key, as this may
violate its prefs.
Also, revise the help text for the sig class explanation.
used with the agent. Changed all callers.
(agent_get_passphrase): Likewise and send it to the agent
* seckey-cert.c (do_check): New arg tryagain_text.
(check_secret_key): Pass the string to do_check.
* keygen.c (ask_passphrase): Set the error text is required.
* keyedit.c (change_passphrase): Ditto.
* passphrase.c (agent_open): Disable opt.use_agent in case of a
problem with the agent.
(agent_get_passphrase): Ditto.
(passphrase_clear_cache): Ditto.
Remove get_temp_dir (it's in exec.c now)
Allow --delete-key (now --delete-keys, though --delete-key still works) to
delete multiple keys in one go. This applies to
--delete-secret-key(s) and --delete-secret-and-public-key(s) as well
change default compression to 1
add ask-sig-expire and ask-cert-expire (--expert was getting absurdly
overloaded)
permit v3 subkeys
use --expert to protect adding multiple photo ids and adding photos to a
v3 key
Warn with pgp2 and non-detached signatures
Use the actual filesize rather than partial length packets in
symmetric messages (see ChangeLog or NEWS for discussion).