security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity
10,712 Commits 102 Branches 310 Tags 76 MiB
Commit Graph

641 Commits

Author SHA1 Message Date
Werner Koch
a04c936096
doc: One typo fix. 
--
GnuPG-bug-id: 7479
 2025-01-08 17:26:17 +01:00
Werner Koch
faa2d3a2e7
Update README and copyright years. 
--
 2025-01-08 15:39:02 +01:00
Werner Koch
7b2748c6d8
gpg: Silence expired trusted-key diagnostics in quiet mode. 
* g10/trustdb.c (validate_keys): Take care of --quiet.
--

GnuPG-bug-id: 7351
 2024-12-05 16:32:25 +01:00
Werner Koch
0f76dd905d
Post release updates 
--
 2024-12-05 11:30:56 +01:00
Werner Koch
84e1781201
Release 2.5.2 2024-12-05 11:13:14 +01:00
Werner Koch
7e066f614a
gpg: For composite algos add the algo string to the colons listings. 
* g10/keylist.c (list_keyblock_colon): Put the algo string into the
curve field for Kyber.
--

GnuPG-bug-id: 6638
 2024-11-14 14:04:50 +01:00
Werner Koch
6b02292d31
gpg: Add option to create Kyber with --full-gen-key. 
* g10/keygen.c (PQC_STD_KEY_PARAM_PRI, PQC_STD_KEY_PARAM_SUB): New.
(PQC_STD_KEY_PARAM): Construct from above.
(gen_kyber): Allow short curve names.
(ask_algo): Add Entry for ecc+kyber.
(ask_kyber_variant): New.
(generate_keypair): Generate ECC primary and Kyber sub.
--

GnuPG-bug-id: 6638
 2024-11-13 16:13:43 +01:00
Werner Koch
f8b1b7b4df
dirmngr: Print a brief list of URLs with LISTCRLS. 
* dirmngr/crlcache.c (crl_cache_list): Print a summary of URLs.

* sm/call-dirmngr.c (gpgsm_dirmngr_run_command): Print a notice to
stdout if the dirmngr has been disabled.
--

GnuPG-bug-id: 7337
 2024-10-14 16:48:37 +02:00
Werner Koch
ff63ffa606
Post release updates 
--
 2024-09-12 12:08:19 +02:00
Werner Koch
72ef316aab
Release 2.5.1 2024-09-12 11:26:44 +02:00
Werner Koch
33e571a74a
gpgsm: New option --assert-signer 
* sm/gpgsm.c (oAssertSigner, oNoop): New.
(opts): Add option --assert-signer.
(assert_signer_true): New var.
(main): Set new option.
(gpgsm_exit): Handle assert_signer_true.
* sm/gpgsm.h (opt): Add field assert_signer_list.
* sm/verify.c (is_x509_fingerprint): New.
(check_assert_signer_list): New.
(gpgsm_verify): Handle option.
--

GnuPG-bug-id: 7286
 2024-09-11 14:30:40 +02:00
Werner Koch
1eb382fb1f
gpg: New option --proc-all-sigs 
* g10/options.h (flags): Add proc_all_sigs.
* g10/mainproc.c (proc_tree): Do not stop signature checking if this
new option is used.
* g10/gpg.c (oProcAllSigs): New.
(opts): Add "proc-all-sigs".
(main): Set it.
--

GnuPG-bug-id: 7261
 2024-08-23 11:28:30 +02:00
Werner Koch
c333e9dad6
speedo: Set PREFIX for bzip2 build also for Unix. 
--

bzip2 is a make-only package and thus we can't set the prefix with
configure.  We need to set PREFIX here so that the install target:

  if ( test ! -d $(PREFIX)/lib ) ; then mkdir -p $(PREFIX)/lib;fi
  [...]

does not try to install to the default PREFIX /usr/local/lib.
 2024-07-08 10:59:06 +02:00
Werner Koch
8828a5fe54
Post release updates 
--
 2024-07-05 17:28:09 +02:00
Werner Koch
4668fb1a70
Release 2.5.0 2024-07-05 14:45:16 +02:00
Werner Koch
6a40cfa6c0
gpg: Print a warning if the (draft) Kyber algorithm is used. 
* g10/keygen.c (do_generate_keypair): Check for draf Kyber stuff.
 2024-07-05 11:12:12 +02:00
Werner Koch
287e717b55
Merge branch 'STABLE-BRANCH-2-4' into master 
--
Fixed conflicts in:
	NEWS
	g10/call-agent.c
	g10/options.h
	kbx/kbxutil.c
	tools/gpgconf.c
 2024-05-16 09:46:36 +02:00
Werner Koch
3bbfcab606
Update NEWS 
--
 2024-05-15 12:31:33 +02:00
Werner Koch
4485930f9f
Merge branch 'STABLE-BRANCH-2-4' 
--
Resolved conflicts:
	NEWS
	common/exechelp-w32.c
	configure.ac
 2024-03-12 16:00:55 +01:00
Werner Koch
609b1ec0c6
Post release updates 
--
 2024-03-07 15:10:47 +01:00
Werner Koch
cbff323b3b
Release 2.4.5 2024-03-07 14:03:25 +01:00
Werner Koch
2ed1f68b48
doc: Fix spelling errors found by lintian. 
--

Reported-by: Andreas Metzler <ametzler@debian.org>
 2024-01-29 09:16:21 +01:00
Werner Koch
dfa60c09f5
Merge branch 'STABLE-BRANCH-2-4' 
--
Fixed conflicts:
	NEWS
	configure.ac
	doc/gpg.texi
 2024-01-26 09:41:00 +01:00
Werner Koch
367ae86019
Post release updates 
--
 2024-01-25 11:30:37 +01:00
Werner Koch
a43271cc08
Release 2.4.4 2024-01-25 11:06:01 +01:00
Werner Koch
b97a36f52d
Prepare the NEWS 
--
 2024-01-12 16:53:53 +01:00
Werner Koch
45f6357881
common,w32: Remove duplicated backslashes when setting the homedir. 
* common/homedir.c (copy_dir_with_fixup) [W32]: Fold double
backslashes.
--

This is in general no problem but when we hash or compare the directory
to test whether tit is the standard home directory, we may use a
different socket file and thus a second instance of a daemon.

GnuPG-bug-id: 6833
 2024-01-09 10:13:54 +01:00
Werner Koch
2764ee309a
Merge branch 'STABLE-BRANCH-2-4' 
--

Fixed conflicts in
        NEWS
	g10/encrypt.c
	sm/encrypt.c
	sm/sign.c
 2023-12-22 13:45:02 +01:00
Werner Koch
3572b19fbd
gpgsm: Support ECDSA in de-vs mode. 
* common/compliance.h (PK_ALGO_FLAG_ECC18): New.
* common/compliance.c (gnupg_pk_is_allowed): Implement.
* sm/decrypt.c (gpgsm_decrypt): Pass new flag.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6802
 2023-11-08 17:09:22 +01:00
Werner Koch
387ee7dcbd
Merge branch 'STABLE-BRANCH-2-4' 
* common/b64dec.c (b64decode): Move to ...
* common/miscellaneous.c: here.

* common/t-b64.c: Re-inroduce and keep only the b64decode test code.
 2023-11-07 20:38:27 +01:00
Werner Koch
678c819027
w32: Use utf8 for the asctimestamp function. 
* common/gettime.c (asctimestamp) [W32]: Use ".UTF8" for the locale.
--

This has been suggested by the reporter of
GnuPG-bug-id: 6741
 2023-10-27 14:22:10 +02:00
Werner Koch
0aa32e2429
dirmngr: Allow conf files to disable default keyservers. 
* dirmngr/server.c (ensure_keyserver): Detect special value "none"
(cmd_keyserver): Ignore "none" and "hkp://none".
--

GnuPG-bug-id: 6708
 2023-09-06 09:50:28 +02:00
Werner Koch
334f5d95c8
Merge branch 'STABLE-BRANCH-2-4' into master 2023-07-04 17:37:54 +02:00
Werner Koch
2378ccf97c
Post release updates 
--
 2023-07-04 16:44:01 +02:00
Werner Koch
d073f26d81
Release 2.4.3 2023-07-04 16:06:59 +02:00
Werner Koch
5377226ec0
Prepare NEWS for the next release 
--
 2023-06-30 10:59:06 +02:00
Werner Koch
6ed61d98a0
Add release dates of 2.4 versions to NEWS 
--
 2023-05-31 09:38:17 +02:00
Werner Koch
3c97dc2714
Post release updates 
--
 2023-05-30 16:44:00 +02:00
Werner Koch
9e86dac84f
Release 2.4.2 2023-05-30 13:53:01 +02:00
Werner Koch
f953d67446
Prepare the NEWS for the next release 
--
 2023-05-26 15:53:52 +02:00
Werner Koch
1e41878bf2
Prepare new development cycle 
--
 2023-05-10 10:23:59 +02:00
Werner Koch
625bd92410
Post release updates 
--
 2023-04-28 14:16:52 +02:00
Werner Koch
b331ae1c3f
Release 2.4.1 2023-04-28 11:16:29 +02:00
Werner Koch
fa4f716917
gpg: Make sure that we are not accidently working with the PIV app. 
* g10/call-agent.c (agent_scd_switchapp): New.
* g10/card-util.c (get_info_for_key_operation): Call it.
--

It may happen that the active card was last used for PIV and in that
case certain commands will fail because they assume the OpenPGP app.
Fortunately we have a pretty central place to assure that the right
app has been selected.

The bug can be easily noticed on Windows.

GnuPG-bug-id: 6378
 2023-04-18 17:07:04 +02:00
Werner Koch
98b8c518fa
ssh: Allow to prefer on-disk keys over active card keys. 
* agent/command-ssh.c (ssh_send_available_keys): Redefine the order of
keys.
--

GnuPG-bug-id: 6212
 2023-04-18 09:04:27 +02:00
Werner Koch
c9e95b8dee
gpg: New option --assert-signer. 
* g10/gpg.c (enum cmd_and_opt_values): Add oAssertSigner.
(opts): Add "assert-signer".
(main): Set option.
(assert_signer_true): New var.
(g10_exit): Evaluate new var.
* g10/main.h (assert_signer_true): Declare new var.
* common/status.h (STATUS_ASSERT_SIGNER): New.
* g10/options.h (opt): Add field assert_signer_list.
* g10/verify.c (is_fingerprint): New.
(check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call that function.  Clear
assert_signer_true on a warning.

* g10/gpgv.c: Add dummy function and vars.
* g10/t-keydb-get-keyblock.c: Ditto.
* g10/t-keydb.c: Ditto.
* g10/t-stutter.c: Ditto.
--
 2023-04-05 21:32:23 +02:00
Werner Koch
d9e7488b17
Use the keyboxd for a fresh install 
* common/homedir.c (gnupg_maybe_make_homedir): Also create a
common.conf.
* g10/keydb.c: Include comopt.h.
(maybe_create_keyring_or_box): Detect the creation of a common.conf.
* g10/gpg.c (main): Avoid adding more resources in this case.
* sm/keydb.c:  Include comopt.h.
(maybe_create_keybox): Detect the creation of a common.conf.

* common/comopt.h (comopt): Remove the conditional "extern".
 2023-04-04 16:39:59 +02:00
Werner Koch
7bf57a794b
gpg: Set the default digest algo for S2K to SHA256. 
* g10/main.h (DEFAULT_S2K_DIGEST_ALGO): Alias to DEFAULT_DIGEST_ALGO.
--

GnuPG-bug-id: 6367
 2023-04-04 09:20:26 +02:00
Werner Koch
8996b0b655
gpgsm: Create binary detached sigs with definite form length octets. 
* sm/sign.c: Include tlv.h.
(write_detached_signature): New,
(gpgsm_sign): Fixup binary detached signatures.
--

This helps some other software to verify detached signatures.
 2023-04-03 12:01:37 +02:00
Werner Koch
3d094e2bcf
gpg: New option --add-desig-revoker 
* g10/gpg.c (oAddDesigRevoker): New.
(opts): Add new option.
* g10/options.h (opt): Add field desig_revokers.
* g10/keygen.c (get_parameter_idx): New.
(get_parameter): Make use of get_parameter_idx.
(prepare_desig_revoker): New.
(get_parameter_revkey): Add arg idx.
(proc_parameter_file): Add designated revokers.
(do_generate_keypair): Write all designated revokers.
 2023-02-16 18:10:03 +01:00