1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

78 Commits

Author SHA1 Message Date
Werner Koch
3627123dc8 Use inline functions to convert buffer data to scalars.
* include/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

This fixes sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that almost all uses
of "<< 24" and "<< 8" are changed by this patch to use an inline
function from host2net.h.

(back ported from commit 2183683bd633818dd031b090b5530951de76f392)

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-12 20:34:44 +01:00
Werner Koch
d192ab790c doc: Change remaining http links to gnupg.org to https
--
GnuPG-bug-id: 1830
2015-02-12 19:32:19 +01:00
Werner Koch
9112fed78b gpg: Avoid using cached MD5 signature status.
* g10/sig-check.c (check_key_signature2): Avoid using a cached MD5
signature status.
* g10/keyring.c (keyring_get_keyblock): Ditto.
(write_keyblock): Ditto.

* g10/sig-check.c (do_check): Move reject warning to ...
* g10/misc.c (print_md5_rejected_note): new.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-11 19:41:51 +02:00
Daniel Kahn Gillmor
c76117f8b0 gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.

--

In gpg2, the following options are only relevant for scdaemon:

 reader-port
 ctapi-driver
 pcsc-driver
 disable-ccid

but in gpg1, they are options for gpg itself.

Some users of gpg1 might have these options in their
~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
config file.

gpg2 should not fail hard, though giving a warning (and suggesting a
move to scdaemon.conf) seems OK.

This patch does *not* reintroduce any documentation for these options
in gpg.texi, even to indicate that they are "dummy" options, since
scdaemon.texi contains the appropriate documentation.

Debian-bug-id: 762844

Program names factored out from obsolete_scdaemon_option to make
reuse without new translations easier. -wk

This is a backport of commit 371c2b14b0347209efd23b4e54e1981a12d7aeab
with parts of 20c6da50d4f6264d26d113d7de606971f719a0ca but without those
which would change existing translated strings. -wk
2014-09-25 22:28:36 +02:00
Werner Koch
d7750a15d5 gpg: New %U expando for the photo viewer.
* g10/photoid.c (show_photos): Set namehash.
* g10/misc.c (pct_expando): Add "%U" expando.
--

This makes is possible to extract all photos ids from a key to
different files.

(cherry picked from commit e184a11f94e2d41cd9266484542631bec23628b5)

Resolved conflicts:
	g10/photoid.c - whitespaces
2014-06-03 08:55:31 +02:00
Werner Koch
efecbb7a3f gpg: Fix use of deprecated RSA_E and RSA_E with newer libgcrypts.
* g10/misc.c (pubkey_get_npkey): Map RSA_E and RSA_S to RSA.
(pubkey_get_nskey): Ditto.
(pubkey_get_nsig): Ditto.
(pubkey_get_nenc): Ditto.
(pubkey_nbits): Take care of RSA_E and RSA_S.
--

The problem was that parse_key did not know about RSA_S and thus used
an opaque MPI which later crashed Libgcrypt. It is possible to fix
that also in Libgcrypt but we better do it here as well.

A test key using RSA_S is 0x98EEB6F7D87171CF.

Reported-by: Hanno Böck
2014-04-16 14:50:02 +02:00
Werner Koch
6286d01ba3 gpg: Fix --version output and explicitly disable ECC.
* g10/misc.c (openpgp_pk_algo_name): New.  Replace all calls in g10/
to gcry_pk_algo_name by a call to this function.
(map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG.
(openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of
GCRY_PK_ELG_E.  Return an error for ECC algos.
(openpgp_pk_test_algo2):  Return an error for ECC algos.
* g10/gpg.c (build_list): Avoid printing ECC two times.
* include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*.
--

Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg
--version" printed two question marks.  This patches fixes that and
also make sure that gpg does advertise any ECC features.  The patch in
build_list is not really needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-11 09:18:01 +02:00
Werner Koch
1f842011f6 gpg: Kludge not to bail out on ECC if build with Libgcrypt 1.6.
* g10/misc.c (print_pubkey_algo_note): Map the algo.
(openpgp_pk_test_algo, openpgp_pk_test_algo2): Ditto.
(pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig)
(pubkey_get_nenc): Return 0 for ECC algorithms.
--

Libgcrypt 1.6 features algorithm 18 (generic ECC).  Because of the
missing mapping and no real support for the OpenPGP ECC format, this
led to parsing errors of ECC packets.  We better better explicitly
tell gpg that we ECC is not supported.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 18:01:40 +02:00
Werner Koch
40ca0022a7 w32: Almost everywhere include winsock2.h before windows.h.
--

This is required by newer mingw toolchain versions which demand that
winsock2.h is included before windows.h.  Now, due to the use of
socket definitions in pth.h we need to include winsock2.h also in
pth.h, now pth.h is often included after an include of windows.h and
thus the compiler spits out a warning.  To avoid that we include
winsock2.h at all places the compiler complains about.
2013-04-23 18:06:46 +02:00
Werner Koch
978878b1be Fix printing of ECC algo names in hkp keyserver listings.
* g10/misc.c (map_pk_openpgp_to_gcry): New.
* g10/keyserver.c (print_keyrec): Map OpenPGP algorithm ids.
--

Although we don't have support for ECC, we want to print a proper
algorithm name in keyserver listings.  This will only work while using
a ECC enabled Libgcrypt.  Problem reported by Kristian Fiskerstrand.
2012-11-27 17:35:16 +01:00
Werner Koch
7ae15f0027 Fix bug 1091.
Doc fixes.
Replace assert by error message.
2009-07-20 11:02:20 +00:00
David Shaw
047d97e95e Add full Camellia support.
* configure.ac: Remove Camellia restriction.

* gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
restriction.

* misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_*
functions, but pass the algorithm number through
map_cipher_openpgp_to_gcry.  This is needed in case the gcry algorithm
number doesn't match the OpenPGP number (c.f. Camellia).

* encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c,
passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
2009-06-05 14:11:03 +00:00
Werner Koch
f8b4cd7650 Import/export of pkcs#12 now uses the gpg-agent directly.
Removed duplicated code (percent unescaping).
2009-04-01 10:51:53 +00:00
Werner Koch
7784e86a66 Add limited support for NetKey 3.0 cards. 2009-01-08 19:56:30 +00:00
Werner Koch
82ab848ea4 Update spanish translation.
Cleanups.
Allow utf-8 in email addresses.
2009-01-08 15:48:51 +00:00
Werner Koch
0a5f742466 Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
David Shaw
1b86ee9806 * main.h, mainproc.c (check_sig_and_print), keylist.c
(list_keyblock_print), pkclist.c (do_edit_ownertrust), keyedit.c
(menu_showphoto), photoid.c (generate_photo_id, show_photos), misc.c
(pct_expando): Add %v and %V expandos so that displaying photo IDs can
show the attribute validity tag (%v) and string (%V).  Originally by
Daniel Gillmor.
2008-10-03 20:00:46 +00:00
Werner Koch
4896f5f47c Adjust for the changed Camellia draft.
W32 gettext changes.
Comment and typo fixes.
2008-04-18 09:20:25 +00:00
Werner Koch
aeb5a65f7c Allow type 20 keys only with option --rfc2440. 2007-12-12 17:41:05 +00:00
Werner Koch
bae4b256c7 Support DSA2.
Support Camellia for testing.
More audit stuff.
2007-12-12 10:28:30 +00:00
Werner Koch
bc482052f8 Fix for bug 851.
Fixed auto generation of the stub key for the card.
Allow to encrypt toElgamal encryption keys of type 20.
2007-12-10 15:19:34 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Werner Koch
cd2d9288aa Ported changes from 1.4.
Add copyright notices.
2007-10-25 09:06:21 +00:00
Werner Koch
f81f521a72 Updated estream.
More changes for Windows.
2007-08-22 10:55:07 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
09cc0ee7be [w32] gpg-agent is now started automagically by gpgsm. 2007-06-20 11:16:42 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Werner Koch
7eec2efa66 Added LIBINTL to more Makefile targets.
doc/
	* com-certs.pem: Added the current root certifcates of D-Trust and
	S-Trust.

g10/
	* status.c (write_status_begin_signing): New.
	* sign.c (sign_file, sign_symencrypt_file): Call it.
	* textfilter.c (copy_clearsig_text): Call it.

	* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
	required.

	* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
	warning.  
	* misc.c (obsolete_option): New.
2007-01-30 20:16:28 +00:00
Werner Koch
e50c5f39cc No more warnings for AMD64 (at least when cross-compiling). Thus tehre is a
good chance that gpg2 will now work. 
Other cleanups.
Updated gettext.
2006-11-21 11:00:14 +00:00
Werner Koch
b744f963d7 With --enable-gpg the keyservers are now build and a first test using gpg2
shows no prblems.   Needs more testing of course.
2006-08-16 10:47:53 +00:00
Werner Koch
6c208fea32 A couple of fixes. gpg2's key generation does now work. 2006-06-30 09:42:08 +00:00
Werner Koch
b61df862a7 Still making gpg2 work.
At least the keyids are now correctly computed again.
2006-05-24 11:12:28 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Werner Koch
5e47c18612 Fix to let it compile. This is not required but avoids complaints
from folks not reading the documentation.
2005-07-20 16:08:15 +00:00
Werner Koch
deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
2005-06-16 08:12:03 +00:00
Werner Koch
dba40e5e45 Mainly changes to adjust for the changed KSBA API. 2003-11-12 15:17:44 +00:00
Werner Koch
4c66e94ff9 Merged most of David Shaw's changes in 1.3 since 2003-06-03. 2003-09-23 17:48:33 +00:00
Werner Koch
be034cf34c * configure.ac: Required newer versions of some libraries.
* misc.c (openpgp_pk_algo_usage): Allow AUTH where SIGN is allowed.

* keygen.c (ask_passphrase): No need to allocated S2K in secure
memory.

* scdaemon.c (main): --pcsc-driver again defaults to pcsclite.
David Corcoran was so kind to remove the GPL incompatible
advertisng clause from pcsclite.
* apdu.c (apdu_open_reader): Actually make pcsc-driver option work.
2003-09-06 13:23:48 +00:00
Werner Koch
979ed0ca26 Adjusted for use with current libgcrypt (1.1.42). 2003-07-28 08:59:18 +00:00
Werner Koch
b7bd5e8088 Fixes to the libgcrypt switch. Basically works now. 2003-06-23 15:16:12 +00:00
Werner Koch
c0c2c58054 Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
2003-06-18 19:56:13 +00:00
Repo Admin
7250331472 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-06-05 07:14:21 +00:00
Repo Admin
82a17c9fb3 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2002-10-19 07:55:27 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
David Shaw
fee7e35bae * keyedit.c (menu_revsig): Properly show a uid is revoked without
restarting gpg.  This is Debian bug 124219, though their supplied patch
will not do the right thing.

* main.h, tdbio.c (tdbio_set_dbname), misc.c (removed check_permissions),
keydb.c (keydb_add_resource), g10.c (main, check_permissions): Significant
reworking of the permission check mechanism.  The new behavior is to check
everything in the homedir by checking the homedir itself.  If the user
wants to put (possibly shared) keyrings outside the homedir, they are not
checked.  The options file and any extension files are checked wherever
they are, as well as their enclosing directories.  This is Debian bug
147760.
2002-08-07 15:53:15 +00:00
David Shaw
9ac6821b46 * exec.c, export.c, import.c, keyedit.c, keyserver.c, misc.c: "Warning" ->
"WARNING"
2002-07-25 18:08:09 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00