1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

123 Commits

Author SHA1 Message Date
David Shaw
8273c72860 * packet.h, parse-packet.c (enum_sig_subpkt): Report back from
enum_sig_subpkt when a subpacket is critical and change all callers in
keylist.c (show_policy_url, show_notation), mainproc.c
(print_notation_data), and pkclist.c (do_show_revocation_reason).

* keylist.c (show_policy_url, show_notation): Display if the policy or
notation is critical.
2002-06-03 23:30:10 +00:00
David Shaw
f0bf8b4afc * main.h, g10.c (main), keylist.c (dump_attribs, set_attrib_fd,
list_keyblock_print, list_keyblock_colon), status.h, status.c
(get_status_string): New --attribute-fd feature to dump the contents of
attribute subpackets for frontends.  If --status-fd is also used, then a
new status tag ATTRIBUTE is provided for each subpacket.

* packet.h, getkey.c (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey), parse-packet.c (setup_user_id): Keep track of the
expiration time of a user ID, and while we're at it, use the expired flag
from the selfsig rather than reparsing the SIG_EXPIRE subpacket.

* photoid.c (generate_photo_id): When adding a new photo ID, showing the
photo for confirmation is not safe when noninteractive since the "user"
may not be able to dismiss a viewer window. Noted by Timo Schulz.
2002-06-03 20:48:36 +00:00
David Shaw
5f5c43ab26 * sign.c (write_signature_packets, sign_file, clearsign_file,
sign_symencrypt_file): Make a v4 signature if a policy URL or notation is
set, unless v3 sigs are forced via rfc1991 or force-v3-sigs.  Also remove
some doubled code and clarify an error message (we don't sign in PGP2
mode - just detach-sign).

* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any size"
section.
2002-05-30 22:58:19 +00:00
David Shaw
e4b2f8da41 * build-packet.c (build_sig_subpkt): Handle setting sig flags for certain
subpacket types (notation, policy url, exportable, revocable).  keyedit.c
(sign_mk_attrib): Flags no longer need to be set here.

* packet.h, parse-packet.c (parse_one_sig_subpkt), build-packet.c
(build_sig_subpkt): Call parse_one_sig_subpkt to sanity check buffer
lengths before building a sig subpacket.
2002-05-28 03:10:00 +00:00
David Shaw
4dcdaa3b1b * main.h, keygen.c (keygen_add_revkey): Add revocation key subpackets to a
signature (callable by make_keysig_packet). (write_direct_sig): Write a 1F
direct key signature. (parse_revocation_key): Parse a string in
algo:fpr:sensitive format into a revocation key. (get_parameter_revkey,
do_generate_keypair): Call above functions when prompted from a batch key
generation file.

* build-packet.c (build_sig_subpkt): Allow multiple revocation key
subpackets in a single sig.

* keydb.h, getkey.c (get_seckey_byfprint): Same as get_pubkey_byfprint,
except for secret keys.  We only know the fingerprint of a revocation key,
so this is needed to retrieve the secret key needed to issue a revokation.

* packet.h, parse-packet.c (parse_signature, parse_revkeys): Split revkey
parsing off into a new function that can be used to reparse after
manipulating the revkey list.

* sign.c (make_keysig_packet): Ability to make 1F direct key signatures.
2002-05-16 03:35:55 +00:00
David Shaw
d5d974536e * export.c (do_export_stream): Warn the user when exporting a secret key
if it or any of its secret subkeys are protected with SHA1 while
simple_sk_checksum is set.

* parse-packet.c (parse_key): Show when the SHA1 protection is used in
--list-packets.

* options.h, build-packet.c (do_comment), g10.c (main): Rename
--no-comment as --sk-comments/--no-sk-comments (--no-comment still works)
and make the default be --no-sk-comments.
2002-05-07 15:21:57 +00:00
David Shaw
50c9a5bd25 * packet.h, parse-packet.c (parse_key), getkey.c (merge_keys_and_selfsig,
merge_selfsigs_main): a v3 key with a v4 self-sig must never let the v4
self-sig express a key expiration time that extends beyond the original v3
expiration time.
2002-05-07 04:05:03 +00:00
David Shaw
6dc53d136a * photoid.h, photoid.c (parse_image_header, image_type_to_string): Useful
functions to return data about an image.

* packet.h, parse-packet.c (make_attribute_uidname,
parse_attribute_subpkts, parse_attribute), photoid.h, photoid.c
(show_photos): Handle multiple images in a single attribute packet.

* main.h, misc.c (pct_expando), sign.c (mk_notation_and_policy), photoid.c
(show_photos): Simpler expando code that does not require using
compile-time string sizes.  Call image_type_to_string to get image strings
(i.e. "jpg", "image/jpeg").  Change all callers.

* keyedit.c (menu_showphoto), keylist.c (list_keyblock_print): Allow
viewing multiple images within a single attribute packet.

* gpgv.c: Various stubs for link happiness.
2002-05-02 20:47:23 +00:00
Werner Koch
cd59cb1d64 Added a copyright year for files changed this year. 2002-04-29 14:42:34 +00:00
David Shaw
3b9a04844c * parse-packet.c (parse_plaintext), packet.h, plaintext.c
(handle_plaintext): Fix bug in handling literal packets with zero-length
data (no data was being confused with partial body length).

* misc.c (pct_expando), options.skel: %t means extension ("jpg"). %T means
MIME type ("image/jpeg").

* import.c (import_one): Only trigger trust update if the keyring is
actually changed.

* export.c (do_export_stream): Missing a m_free.
2002-04-23 02:48:44 +00:00
Werner Koch
60e0b2ad92 * parse-packet.c (parse_key): Support a SHA1 checksum as per
draft-rfc2440-bis04.
* packet.h (PKT_secret_key): Add field sha1chk.
* seckey-cert.c (do_check): Check the SHA1 checksum
(protect_secret_key): And create it.
* build-packet.c (do_secret_key): Mark it as sha-1 protected.
* g10.c, options.h: New option --simple-sk-checksum.
2002-04-17 16:00:03 +00:00
David Shaw
9ef1a80f8d * parse-packet.c (parse_signature): Minor fix - signatures should expire
at their expiration time and not one second later.

* keygen.c (proc_parameter_file): Allow specifying preferences string
(i.e. "s5 s2 z1 z2", etc) in a batchmode key generation file.

* keyedit.c (keyedit_menu): Print standard error message when signing a
revoked key (no new translation).

* getkey.c (merge_selfsigs): Get the default set of key prefs from the
real (not attribute) primary uid.
2002-04-14 01:27:11 +00:00
David Shaw
9d7b26c784 * pkclist.c (build_pk_list): Fix bug that allowed a key to be selected
twice in batch mode if one instance was the default recipient and the
other was an encrypt-to.  Noted by Stefan Bellon.

* parse-packet.c (dump_sig_subpkt): Show data in trust and regexp sig
subpackets.

* keyedit.c (keyedit_menu): Use new function real_uids_left to prevent
deleting the last real (i.e. non-attribute) uid.  Again, according to the
attribute draft. (menu_showphoto): Make another string translatable.
2002-04-13 04:32:03 +00:00
Werner Koch
b725d8ec27 Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of
the BTS data is available :-(
2002-04-08 15:10:51 +00:00
David Shaw
975e934a4c variable type tweak for RISC OS (from Stefan) 2002-03-04 03:18:07 +00:00
Werner Koch
6587b15a59 Solved conflict 2002-03-03 14:08:39 +00:00
David Shaw
fbc66185f8 This is the first half of revocation key / designated revoker
support.  That is, it handles all the data to mark a key as revoked if it
has been revoked by a designated revoker.  The second half (coming
later) will contain the code to make someones key your designated revoker
and to issue revocations for someone else.

Note that this is written so that a revoked revoker can still issue
revocations: i.e. If A revokes B, but A is revoked, B is still revoked.
I'm not completely convinced this is the proper behavior, but it matches
how PGP does it.  It does at least have the advantage of much simpler code
- my first version of this had lots of loop maintaining code so you could
chain revokers many levels deep and if D was revoked, C was not, which
meant that B was, and so on. It was sort of scary, actually.

This also changes importing to allow bringing in more revocation keys, and
exporting to not export revocation keys marked "sensitive".

The --edit menu information will show if a revocation key is present.
2002-02-28 21:01:25 +00:00
David Shaw
d560bdac18 Photo ID support (actually generic "attribute packet" support, but there
is only one attribute packet defined thus far, and it's a picture)
2001-12-21 23:06:02 +00:00
David Shaw
ca058399b0 Nonrevocable key signature support via "nrsign". These sigs can expire,
but cannot be revoked.  Any revocation certificates for them are ignored.
2001-12-21 21:02:05 +00:00
David Shaw
46efe28815 "sigclass" patch - adds key signature class levels, notation and policy-url
displays in key listings, and shows flags for signature features.
2001-12-06 22:04:08 +00:00
Werner Koch
1f4bdf4d26 Changed signature status cache 2001-09-25 15:20:59 +00:00
Werner Koch
e46ad749f9 Check for garbled packets 2001-09-18 09:40:31 +00:00
Werner Koch
d4cd7a3d4b more bug fixesand some warning cleanups 2001-09-09 16:09:19 +00:00
Werner Koch
ed17c7afd0 Revamped the keyring code 2001-09-06 17:10:00 +00:00
Werner Koch
3f465d5d7a bug fixes 2001-08-31 12:51:41 +00:00
Werner Koch
bab40b52cd MDC feature support and other stuff 2001-08-30 16:39:23 +00:00
Werner Koch
dc718d704f Revamped preference handling 2001-08-10 14:04:32 +00:00
Werner Koch
57c1dbc21d fixed silly allocation bug 2001-08-09 15:49:28 +00:00
Werner Koch
aa9da2b07e reworked the way hased data is stored and added a "primary" command
DCVS: ----------------------------------------------------------------------
2001-08-09 09:34:25 +00:00
Werner Koch
6732700743 migration to autoconf 2.52 and bugfixes 2001-07-26 09:37:47 +00:00
Werner Koch
c9e908e734 Improved pipemode and tweaked handling of multiple signatures. 2001-04-05 12:21:43 +00:00
Werner Koch
e2c88461fc Fixed a bugs; e.g. in --list-secret-keys 2001-03-27 09:23:14 +00:00
Werner Koch
5e79cb47e0 worked on solving some bugs 2001-03-12 20:21:50 +00:00
Werner Koch
be06120679 Changed and added copyright notices 2001-03-08 14:33:24 +00:00
Werner Koch
0bd4fc7359 Add self-signature verification caching 2001-03-05 13:59:16 +00:00
Werner Koch
4c316cb9b5 Fixed some bugs in the selection code 2001-02-08 20:59:58 +00:00
Werner Koch
2af87f8829 Backported getkey.c from 1.1 2001-02-08 16:28:28 +00:00
Werner Koch
9b12847f25 Add missing stub, fixed comment typos 2000-12-28 19:32:55 +00:00
Werner Koch
04beb81571 1.0.4c snapshot 2000-12-19 12:38:53 +00:00
Werner Koch
335dcec55b Pipemode now works for detached binary signatures. 2000-12-11 19:54:59 +00:00
Werner Koch
99e70f7ac7 Paul's LFS pacthes and started with pipemode 2000-11-11 17:17:52 +00:00
Werner Koch
2092d0f6ed Fixed serious bug related to multiple cleartext signatures. 2000-10-13 15:03:48 +00:00
Werner Koch
6dc268a8a1 See ChangeLog: Wed Oct 4 15:50:18 CEST 2000 Werner Koch 2000-10-04 13:51:27 +00:00
Werner Koch
0f10fea8da See ChangeLog: Thu Sep 14 17:45:11 CEST 2000 Werner Koch 2000-09-14 15:45:03 +00:00
Werner Koch
74b7fe6a7e See ChangeLog: Fri Aug 25 16:05:38 CEST 2000 Werner Koch 2000-08-25 14:00:15 +00:00
Werner Koch
6e4d721c93 See ChangeLog: Mon Jul 10 16:08:57 CEST 2000 Werner Koch 2000-07-10 14:06:27 +00:00
Werner Koch
b65f9a8b0d See ChangeLog: Mon Jun 5 12:37:43 CEST 2000 Werner Koch 2000-06-05 10:27:46 +00:00
Werner Koch
5f8fc31d9a See ChangeLog: Fri Apr 14 19:37:08 CEST 2000 Werner Koch 2000-04-14 17:34:30 +00:00
Werner Koch
c03e6ee0aa See ChangeLog: Thu Feb 17 13:39:32 CET 2000 Werner Koch 2000-02-17 12:41:58 +00:00
Werner Koch
932049cbe4 See ChangeLog: Fri Jan 14 18:32:01 CET 2000 Werner Koch 2000-01-14 17:26:00 +00:00