* misc.c (get_signature_count): New. Get the signature count from a
smartcard. (pct_expando): Call it here so the %c expando becomes the
number of signatures issued. This allows for notations or the like with
an automatic signature count.
* ccid-driver.c (usb_get_string_simple): Replacement function to work with
older libusb.
* ccid-driver.c (read_device_info): Removed.
(make_reader_id, scan_or_find_devices): New.
(ccid_open_reader): Simplified by make use of the new functions.
(ccid_set_debug_level): New. Changed the macros to make use of
it. It has turned out that it is often useful to enable debugging
at runtime so I added this option.
Print a spk record for each request subpacket. (list_keyblock_colon): Call
them here.
* g10.c (parse_subpacket_list, parse_list_options): New. Make the list of
subpackets we are going to print. (main): Call them here.
card to fetch an updated copy. Works with either straight URLs or HKP or
LDAP keyservers.
* keyserver-internal.h, keyserver.c (keyserver_import_fprint), import.c
(revocation_present): Use a keyserver_spec so the caller can pass in
whatever keyserver they like.
* configure.ac: Check for readline. Make enable-card-support the
default. New option --without-readline. Allow the use of either
the development or the stable libusb.
* cardglue.h: Add members for CA fingerprints.
* cardglue.c (agent_release_card_info): Invalid them.
(learn_status_cb): Store them.
* app-common.h, app-openpgp.c, iso7816.c, iso7816.h
* apdu.c, apdu.h, ccid-driver.c, ccid-driver.h
* card-util.c: Updated from current gnupg-1.9.
* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.
* apdu.c (my_rapdu_get_status): Implemented.
* apdu.c: Include <signal.h>.
* apdu.c (reader_table_s): Add function pointers for the backends.
(apdu_close_reader, apdu_get_status, apdu_activate)
(send_apdu): Make use of them.
(new_reader_slot): Intialize them to NULL.
(dump_ccid_reader_status, ct_dump_reader_status): New.
(dump_pcsc_reader_status): New.
(open_ct_reader, open_pcsc_reader, open_ccid_reader)
(open_osc_reader, open_rapdu_reader): Intialize function pointers.
(ct_activate_card, ct_send_apdu, pcsc_send_apdu, osc_send_apdu)
(error_string): Removed. Replaced by apdu_strerror.
(get_ccid_error_string): Removed.
(ct_activate_card): Remove the unused loop.
(reset_ct_reader): Implemented.
(ct_send_apdu): Activate the card if not yet done.
(pcsc_send_apdu): Ditto.
* ccid-driver.h: Add error codes.
* ccid-driver.c: Implement more or less proper error codes all
over the place.
* apdu.c (apdu_send_direct): New.
(get_ccid_error_string): Add some error code mappings.
(send_apdu): Pass error codes along for drivers already supporting
them.
(host_sw_string): New.
(get_ccid_error_string): Use above.
(send_apdu_ccid): Reset the reader if it has not yet been done.
(open_ccid_reader): Don't care if the ATR can't be read.
(apdu_activate_card): New.
(apdu_strerror): New.
(dump_reader_status): Only enable it with opt.VERBOSE.
* iso7816.c (map_sw): Add mappings for the new error codes.
* apdu.c (open_ct_reader, open_pcsc_reader, open_ccid_reader)
(reset_ccid_reader, open_osc_reader): Call dump_reader_status only
in verbose mode.
* app-openpgp.c (do_getattr): Fix for sending CA-FPR.
* app-openpgp.c (app_openpgp_readkey): Fixed check for valid
exponent.
* app-openpgp.c (do_setattr): Sync FORCE_CHV1.
* card-util.c (change_login): Kludge to allow reading data from a
file.
(card_edit): Pass ARG_STRING to change_login.
(card_status): Print CA fingerprints.
(change_cafpr): New.
(card_edit): New command CAFPR.
* errors.h (G10ERR_NO_CARD, G10ERR_CANCELED): New error codes.
* errors.c (g10_errstr): New error codes G10ERR_NO_CARD,
G10ERR_CANCELED.
* signal.c (got_fatal_signal): Do readline cleanup. Print signal
number if we can't print the name. Use new autoconf macro
HAVE_DECL_SYS_SIGLIST.
(get_signal_name): Removed.
* ttyio.c (tty_get): Add readline support.
* parse-packet.c (skip_rest): Removed. Changed all callers to use
the new iobuf_skip_reset. Orginal patch by Florian Weimer.
* iobuf.c (iobuf_skip_rest): New. Orginal patch by Florian
Weimer. Added new argument PARTIAL.
we are taking.
* keyid.c (keystr): If printing a keyid that lacks the high 4 bytes, print
the low 4 alone. (keystr_from_desc): Handle short keyids and warn on v3
fingerprints.
* g10.c (main): New alias --throw-keyid for --throw-keyids, so that it
continues to work in old configuration files. Noted by Jens Adam.
* pkclist.c (algo_available): --pgp8 now allows blowfish, zlib, and bzip2.
* status.c (do_get_from_fd): Flush stdout if status isn't flushing it for
us. This guarantees that any menus that were displayed before the prompt
don't get stuck in a buffer. Noted by Peter Palfrader. This is Debian
bug #254072.
* sign.c (update_keysig_packet): Revert change of 2004-05-18. It is not
appropriate to strip policy and notations when remaking a sig. That
should only happen when specifically requested by the user.
uids are always on a line for themselves. Mark expired secret keys as
expired.
* options.h, g10.c (main): Rename list show-validity to show-uid-validity
as it only shows for uids.
* armor.c (armor_filter): Do not use padding to get us to 8 bytes of
header. Rather, use 2+4 as two different chunks. This avoids a fake
filename of "is".
expired user IDs. Also, once we've established that a given uid cannot or
will not be signed, don't continue to ask about each sig.
* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K
hash algorithm before we try to generate a passphrase using it. This
prevents hitting BUG() when generating a passphrase using a hash that we
don't have.
* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
--symmetric messages.
continuing confusion and make room for possible changes in devel.
* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.
* keygen.c (make_backsig): Make sure that the backsig was built
successfully before we try and use it.
* status.h, status.c (get_status_string), plaintext.c (handle_plaintext):
New status tags PLAINTEXT and PLAINTEXT_LENGTH.
which we hashed them when issuing the signature. Noted by Nicholas Cole.
* pkclist.c (do_edit_ownertrust): Fix a kbnode leak and do another
keyid-format conversion.
keyservers, and auto-key-retrieve is set, try and get a missing key from
the preferred keyserver subpacket when we verify the sig.
* gpgv.c (parse_preferred_keyserver, free_keyserver_spec): Stubs.
* keyserver.c (keyidlist): Use new parse_preferred_keyserver function.
(keyserver_work): Use the passed-in keyserver spec rather than the options
global one.
* keyserver-internal.h, keyserver.c (parse_preferred_keyserver): New
function to take a sig and return a split out keyserver_spec.
(keyserver_import_keyid): Now takes a keyserver_spec.
merge selfsigs if we have to for honor-keyserver-url. (keyserver_refresh):
Keyserver URL handler moved here. (calculate_keyid_fpr): Removed.
* keydb.h, keyid.c (keystr_from_desc): Calculate a key string from a
KEYDB_SEARCH_DESC.
keyserver to happen even if there is no global keyserver set.
* sig-check.c (do_check_messages): No need to check for Elgamal signatures
any longer. (do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.
* pkclist.c (show_paths, edit_ownertrust): Remove some unused code.
* mainproc.c (check_sig_and_print): track whether we are retrieving a key.
* status.c (status_currently_allowed): New. (write_status_text,
write_status_text_and_buffer): Use it here.
* g10.c: New command --gpgconf-list. (gpgconf_list): New. From Werner on
stable branch.
Improved URI parser that keeps track of the path information and doesn't
modify the input string. (keyserver_spawn): Tell keyserver plugins about
the path.
(list_one): Use const char* for i18n string helpers.
* keygen.c (do_generate_keypair, read_parameter_file): Really
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions. Noted by Atom Smasher.
preferred keyserver on "keyserver" command line. Sanity check keyserver
URL before accepting it.
* keyserver-internal.h, g10.c (main), keyserver.c (parse_keyserver_uri):
Add an option to require the scheme:// and change all callers.
(free_keyserver_spec): Make public.
show. Don't allow a not-shown notation to prevent us from issuing the
proper --status-fd message.
* options.h, g10.c (main): Add show-std/standard-notations and
show-user-notations. show-notations is both. Default is to show standard
notations only during verify. Change all callers.
using key_byname to do the heavy lifting. Note that this also fixes an
old problem when the first key on the secret keyring has an unusable stub
primary, but is still chosen.
backsigs.
* getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs
and verify they are valid. If DO_BACKSIGS is not defined, fake this as
always valid.
* packet.h, parse-packet.c (parse_signature): Make parse_signature
non-static so we can parse 0x19s in self-sigs.
* main.h, sig-check.c (check_backsig): Check a 0x19 signature.
(signature_check2): Give a backsig warning if there is no or a bad 0x19
with signatures from a subkey.
parse_keyserver_options now returns a success code.
* keyserver.c (parse_keyserver_options): Return error on failure to parse.
Currently there is no way to fail as any unrecognized options get saved to
be sent to the keyserver plugins later. Check length of keyserver option
tokens since with =arguments we must only match the prefix.
(free_keyserver_spec): Moved code from parse_keyserver_url.
(keyserver_work, keyserver_spawn): Pass in a struct keyserver_spec rather
than using the global keyserver option. (calculate_keyid_fpr): New.
Fills in a KEYDB_SEARCH_DESC for a key. (keyidlist): New implementation
using get_pubkey_bynames rather than searching the keydb directly. If
honor-keyserver-url is set, make up a keyserver_spec and try and fetch
that key directly. Do not include it in the returned keyidlist in that
case.
requires end of line conversion. This is being considered for a UTF8 text
packet. If this doesn't take place, no major harm done. If it does take
place, we'll get a jump on starting the changeover.
* g10.c (main): --no-use-embedded-filename.
* build-packet.c (calc_plaintext, do_plaintext): Do not create illegal
(packet header indicates a size larger than the actual packet) encrypted
data packets when not compressing and using a filename longer than 255
characters.
* keyedit.c (no_primary_warning): Cleanup. (menu_expire): Don't give
primary warning for subkey expiration changes. These cannot reorder
primaries.
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
and properly handle a partial match against an option with an argument.
* keyserver-internal.h, keyserver.c (parse_keyserver_options): Use new
optsep and argsplit functions.
which self-sig we actually chose.
* keyedit.c (menu_expire, menu_set_primary_uid, menu_set_preferences): Use
it here to avoid updating non-used self-sigs and possibly promoting an old
self-sig into consideration again.
keyserver.c (parse_keyserver_uri): Parse keyserver URI into a structure.
Cleanup for new "guess my keyserver" functionality, as well as refreshing
via a preferred keyserver subpacket.
functions in log_debug.
* import.c (import_one): Try and collapse user IDs when importing a key
for the first time.
* keyedit.c (menu_addrevoker): Allow appointing a subkey as a designated
revoker if the user forces it via keyid!, so long as the subkey can
certify. Also use the proper date string when prompting for confirmation.
* g10.c (main): Maintain ordering of multiple Comment lines. Requested by
Peter Hyman.
and a little better text. (import_one, import_secret_one,
import_revoke_cert, chk_self_sigs, delete_inv_parts, merge_blocks): Still
more --keyid-format conversions.
conversion. (list_keyblock_print): 0xshort should not push us into the new
list format since it is not much longer than regular 8-character short
keyids.
a key string from a key in one step. This isn't faster than before, but
makes for neater code.
* keylist.c (list_keyblock_print): Use keystr_from_xx here.
(print_key_data): No need to pass a keyid in.
support their pk algorithm. This allows for early (during get_*)
rejection of a subkey, and selection of another.
* passphrase.c (passphrase_to_dek): Give a little more information when we
have room to do so.
(passphrase_to_dek), keyserver.c (print_keyrec): A few more places to use
--keyid-format.
* options.h, g10.c (main), export.c (parse_export_options,
do_export_stream): Remove --export-all and the "include-non-rfc"
export-option as they are no longer meaningful with the removal of v3
Elgamal keys.
length mode and change all callers. (do_plaintext): Turn off partial
length encoding now that we're done writing the packet. (do_comment,
do_user_id): Try for a headerlen of 2 since that's the smallest and most
likely encoding for these packets.
* parse-packet.c (parse): Remove call to start old gpg partial length
mode.
replace the list-option (and eventually verify-option) show-long-keyids.
The format can be short, long, 0xshort, and 0xlong.
* keydb.h, keyid.c (keystr, keystrlen): New functions to generate a
printable keyid.
* keyedit.c (print_and_check_one_sig, show_key_with_all_names), keylist.c
(list_keyblock_print): Use new keystr() function here to print keyids.
(copy_packet, skip_packet, skip_rest, read_rest, parse_plaintext,
parse_encrypted, parse_gpg_control): Use a flag to indicate partial or
indeterminate encoding. This is the first step in some minor surgery to
remove the old gpg partial length encoding.
present if --expert is set.
* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.
* encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c
(ask_algo), sig-check.c (do_check_messages), skclist.c (build_sk_list):
Rename "ElGamal" to "Elgamal" as that is the proper spelling nowadays.
Suggested by Jon Callas.
* encode.c (encode_simple): Show cipher with --verbose.
* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level. If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.
* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
header lines, and include "sig:" records for the benefit of people who
store their keys in LDAP servers. It makes it easy to do queries for
things like "all keys signed by Isabella".
* Makefile.am: We get mkdtemp.c from libutil.a now, so don't link with
@LIBOBJS@.
* keyserver.c (keyserver_spawn): Pass the scheme to the keyserver helper.
along with a zero length, interpret this as an actual zero length packet
and not as an indeterminate length packet. (do_comment, do_user_id): Use
it here as these packets might be naturally zero length.
* parse-packet.c (parse): Show packet type when failing due to an
indeterminate length packet.
* misc.c (parse_options): Only provide args for the true (i.e. not
"no-xxx") form of options.
* main.h, misc.c (parse_options), export.c (parse_export_options),
import.c (parse_import_options), g10.c (main): Use it here to allow for
options with optional arguments. Change all callers.
key to ensure that it does not advertise any that we cannot fulfill. Use
the keyedit command list function to optionally rewrite the prefs.
(import_one, import_secret_one): Use it here when importing a public key
that we have the secret half of, or when importing a secret key that we
have the public half of.
general command list functionality to replace it.
* g10.c (main): Use the general command functionality to implement
--sign-key, --lsign-key, --nrsign-key, and --nrlsign-key.
key, a revocation key set in a direct key signature, and a revocation from
that revocation key, all arrive piecemeal. Needless to say, this is pretty
obscure.
