* agent/command.c (cmd_genkey): Add option --passwd-nonce.
(cmd_passwd): Return a PASSWD_NONCE in verify mode.
* g10/call-agent.c (agent_genkey): Add arg 'passwd_nonce_addr' and do
not send a RESET if given.
(agent_passwd): Add arg 'verify'.
* g10/keygen.c (common_gen): Add optional arg 'passwd_nonce_addr'.
(gen_elg, gen_dsa, gen_ecc, gen_rsa, do_create): Ditto.
(generate_subkeypair): Use sepeare hexgrip var for the to be created
for hexgrip feature. Verify primary key first. Make use of the
passwd nonce. Allow for a static passphrase.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_delete_key): Make the --force option depend on
--disallow-loopback-passphrase.
* g10/call-agent.c (agent_delete_key): Add arg FORCE.
* g10/delkey.c (do_delete_key): Pass opt.answer_yes to
agent_delete_key.
--
Unless the agent has been configured with
--disallow-loopback-passpharse an unattended deletion of a secret key
is now possible with gpg by using --batch _and_ --yes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oNoAllowLoopbackPinentry): New.
(opts): Add --no-allow-loopback-pinentry. Hide
description of --allow-loopback-pinentry.
(parse_rereadable_options): Set opt.allow_loopback_pinentry by
default.
(main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry
in the gpgconf list.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto.
--
Given that a user can anyway change that options in the gpg-agent.conf
file and that gpg needs to be invoked with --pinentry-mode=loopback
the former default does not make much sense - in that option is useful
at all. There was a discussion of this topic on gnupg-devel in April
without a clear result. So we try this new default and just in case
real problems are found for the majority of installations, we can
revert that. The new default is also aligned with GnuPG's policy to
make its use easier and only require users with very high security
standards to tweak certain options (those users have anyway modeled
their threat model and configured their software according to this).
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.
--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings. The new
format stores name,value-pairs using the common mail and http header
convention.
This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.
GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/protect.c (do_encryption): Fix CBC hashing.
--
The buggy code included an extra closing parenthesis before
the (protected-at) term in the CBC hashing. We now do it by
explicitly hashing the protected stuff and append the rest of the
expression instead of a fixed closing parenthesis. Note that the OCB
hashing only differs that it does no include the protected part.
Fixes-commit: 4159567f7e
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/protect-tool.c (read_and_unprotect): Add arg ctrl and pass to
agent_unprotect.
(main): Allocate a simple CTRL object and pass it to
read_and_unprotect.
(convert_from_openpgp_native): Remove stub.
(agent_key_available, agent_get_cache): New stubs.
(agent_askpin): New emulation for the one in call-pinentry.c.
(agent_write_private_key): New to dump key.
* agent/Makefile.am (gpg_protect_tool_SOURCES): Add cvt-openpgp.c
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/protect.c (agent_protect): Add arg use_ocb. Change all caller
to pass -1 for default.
* agent/protect-tool.c: New option --debug-use-ocb.
(oDebugUseOCB): New.
(opt_debug_use_ocb): New.
(main): Set option.
(read_and_protect): Implement option.
* agent/protect.c (OCB_MODE_SUPPORTED): New macro.
(PROT_DEFAULT_TO_OCB): New macro.
(do_encryption): Add args use_ocb, hashbegin, hashlen, timestamp_exp,
and timestamp_exp_len. Implement OCB.
(agent_protect): Change to support OCB.
(do_decryption): Add new args is_ocb, aadhole_begin, and aadhole_len.
Implement OCB.
(merge_lists): Allow NULL for sha1hash.
(agent_unprotect): Change to support OCB.
(agent_private_key_type): Remove debug output.
--
Instead of using the old OpenPGP way of appending a hash of the
plaintext and encrypt that along with the plaintext, the new scheme
uses a proper authenticated encryption mode. See keyformat.txt for a
description. Libgcrypt 1.7 is required.
This mode is not yet enabled because there would be no way to return
to an older GnuPG version. To test the new scheme use
gpg-protect-tool:
./gpg-protect-tool -av -P abc -p --debug-use-ocb <plain.key >prot.key
./gpg-protect-tool -av -P abc -u <prot.key
Any key from the private key storage should work.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command-ssh.c (SPEC_FLAG_WITH_CERT): New.
(ssh_key_types): Add OpenSSH cert types.
(stream_read_string): Allow a dummy read.
(ssh_receive_mpint_list): Pass SPEC by reference.
(ssh_receive_mpint_list): New arg CERT and use it.
(ssh_receive_key): Read certificate into an estream object and modify
parser to make use of that object.
--
This is a first step to support certificate via the agent. The only
effect of this change is the removal of an error message parsing the
certificate. Note that ssh-add sends the private key anyway first and
only then follows with the certificate+private key.
What we need to implement next is a way to store the certificate in
the agent and return it on request.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
of shadowed key.
--
Reported-by: Justus Winter
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/cvt-openpgp.c (convert_from_openpgp_main): Add an option not
to check existing key.
(convert_from_openpgp): Ditto.
(convert_from_openpgp_native): Call convert_from_openpgp_main with
dontcare_exist=0.
* agent/command.c (cmd_import_key): Call with dontcare_exist=force.
* common/stringhelp.c (utf8_charcount): Take additional parameter,
len. Process at most LEN bytes.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* agent/trustlist.c (istrusted_internal): Initialize 'err'.
--
There is a plausible path of execution so that a branch condition uses
the uninitialized value.
Found using the Clang Static Analyzer.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/pksign.c (agent_pksign_do): Use public key smartcard.
--
Since gcry_pk_verify can't handle shadowed private key, public
key SEXP should be prepared for smartcard.
* agent/genkey.c (agent_ask_new_passphrase): Use a separate malloc for
PI2. Check return value of the malloc function.
* agent/command-ssh.c (ssh_identity_register): Use a separate malloc
for PI2. Wipe PI2.
--
For whatever stupid reasons I once allocated only one memory area and
split that into PI and PI2. This is actually a common pattern with
malloc but here we used a made up object size and do not take the
extra alignment required into account. One of these not yet hit by
a (sig)bus PC/VAX hacker bugs.
Instead of trying to fix the alignment, it is better to use a second
calloc for the second struct.
GnuPG-bug-id: 2112
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/sign.c (do_sign): Let verify signature by gpg-agent.
* agent/pksign.c (agent_pksign_do): Call gcry_pk_verify for RSA.
--
RSA signature verification should be done to prevent attacks against
RSA CRT implementations and not to return invalid signature to
adversary. Newer libgcrypt does so. For older libgcrypt and
smartcards, gpg-agent does signature verification.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Only encrypted
parameters are stored as opaque.
(apply_protection): ARRAY members are all normal, non-opaque MPI.
(extract_private_key): Get public key as normal, non-opaque MPI.
Remove support of ECC key with '(flags param)'.
Remove support of "ecdsa" and "ecdh" keys of our experiment.
* agent/command.c (cmd_get_passphrase): Don't repeat passphrase for
pinentry loopback mode.
* agent/genkey.c (check_passphrase_constraints): Immediately return when
pinentry mode is loopback.
--
Fixes endless loop when inquiring a passphrase with
pinentry-mode=loopback that may not satisfy passphrase contraints.
* agent/cvt-openpgp.c (get_keygrip): Handle Curve25519.
(convert_secret_key, convert_transfer_key): Ditto.
* common/openpgp-oid.c (oidtable): Add Curve25519.
(oid_crv25519, openpgp_oid_is_crv25519): New.
* common/util.h (openpgp_oid_is_crv25519): New.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Handle the case
with Montgomery curve which uses x-only coordinate.
* g10/keygen.c (gen_ecc): Handle Curve25519.
(ask_curve): Change the API and second arg is to return subkey algo.
(generate_keypair, generate_subkeypair): Follow chage of ask_curve.
* g10/keyid.c (keygrip_from_pk): Handle Curve25519.
* g10/pkglue.c (pk_encrypt): Handle Curve25519.
* g10/pubkey-enc.c (get_it): Handle the case with Montgomery curve.
* scd/app-openpgp.c (ECC_FLAG_DJB_TWEAK): New.
(send_key_attr): Work with general ECC, Ed25519, and Curve25519.
(get_public_key): Likewise.
(ecc_writekey): Handle flag_djb_tweak.
--
When libgcrypt has Curve25519, GnuPG now supports Curve25519.
* common/util.h: Provide replacement for GPGRT_ATTR_ macros when using
libgpg-error < 1.20.
* common/mischelp.h: Ditto.
* common/types.h: Ditto.
--
Given that libgpg-error is a dependency of all GnuPG related libraries
it is better to define such macros at only one place instead of having
similar macros at a lot of places. For now we need repalcement
macros, though.
* agent/gpg-agent.c (main): Unset INSIDE_EMACS envvar.
--
The variable is set only temporarily when gpg is called from Emacs,
keeping it during the session makes no sense.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
* agent/agent.h (LunderscorePROTO): New.
* common/util.h (GNUPG_GCC_ATTR_FORMAT_ARG): New.
* common/i18n.h (GNUPG_GCC_ATTR_FORMAT_ARG): New. Use for
i18n_localegettext. Expand LunderscorePROTO.
* agent/genkey.c (check_passphrase_constraints): Use xtryasprintf
again to keep the old translations.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* po/Makevars (XGETTEXT_OPTIONS): Add keyword "L_".
* common/i18n.c (i18n_localegettext): New stub.
* common/i18n.h: Expand the LunderscoreIMPL macro.
* agent/agent.h (L_): New.
(LunderscoreIMPL): New.
* agent/call-pinentry.c (setup_qualitybar): Add arg ctrl anc change
caller.
* agent/findkey.c (try_unprotect_cb): Add local var ctrl.
* agent/genkey.c (check_passphrase_constraints): Replace xtryasprintf
by xtrystrdup to avoid gcc warning. Unfortinately this changes the
string.
(agent_ask_new_passphrase): Cleanup the use of initial_errtext.
--
Static strings in gpg-agent need to be translated according to the
locale set by the caller. This is required so that a gpg-agent can be
started in one locale and a gpg can be run in another. If we don't do
this the static strings (prompt, buttons) are not or in the wrong
locale translated while dynamic strings (e.g. key description) uses
the locale of gpg.
This is only the first part of the change the actual local switching
still needs to be implemented.
Debian-bug-id: 788983
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (create_server_socket): Add arg "cygwin". Call
assuan_sock_set_flag if Assuan version is recent enough.
(main): Create ssh server socket with Cygwin flag set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (check_passphrase_constraints): Add parameter
failed_constraint and remove parameter silent. Update callers.
* agent/genkey.c (check_passphrase_constraints): Add parameter
failed_constraint and remove parameter silent. If FAILED_CONSTRAINT
is not NULL and OPT.ENFORCE_PASSPHRASE_CONSTRAINTS is FALSE, save the
error text in *FAILED_CONSTRAINT and don't call take_this_one_anyway
or take_this_one_anyway2. If FAILED_CONSTRAINT is NULL, act as if
SILENT was set.
(agent_ask_new_passphrase): Change initial_errtext's type from a const
char * to a char *. Pass it to check_passphrase_constraints. If it
contains malloc's memory, free it.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Based on a patch provided by Watson Yuuma Sato <yuuma.sato@gmail.com>
in issue 2018.
* agent/gpg-agent.c (finalize_rereadable_options): Don't raise
max-cache-ttl to default-cache-ttl. Likewise for max-cache-ttl-ssh
and default-cache-ttl-ssh.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
This closes issue #2009.
* agent/agent.h (opt): Remove field ssh_support.
* agent/gpg-agent.c (ssh_support): New. Replace all opt.ssh_support
by this.
(main): Do not set ssh_support along with setting putty_support.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g13/g13.c: Make use of debug_parse_flag.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto
* agent/gpg-agent.c: Ditto. But do not terminate on "help"
* dirmngr/dirmngr.c: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (start_connection_thread): Rename to ...
(do_start_connection_thread): this. Factor nonce checking out to ...
(start_connection_thread_std): this,
(start_connection_thread_extra): this,
(start_connection_thread_browser): and this.
--
Although not tested, the code did not worked on Windows becuase we
were checning the wrong nonce.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (opt): Add field "browser_socket".
* agent/command.c (cmd_setkeydesc): Use a different message for
restricted==2.
* agent/gpg-agent.c (oBrowserSocket): New.
(opts): Add --browser-socket.
(socket_name_browser, redir_socket_name_browser): New.
(socket_nonce_browser): New.
(cleanup): Cleanup browser socket.
(main): Implement option.
(start_connection_thread_browser): New.
(handle_connections): Add arg listen_fd_browser and use it.
--
This is very similar to --extra-socket but intended to be used by a web
browser session. AS of now it only displays a different "Note: in
the Pinentry than --extra-socket but it may eventually be tweaked for
the use by browser extensions making use of gpg-agent.
It is marked experimental and and thus may be removed in later
versions.
To better support the different "client classes", it would be useful
to add corresponsing cache classes so that each class has its own
cache.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (opt): Add field allow_emacs_pinentry.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oAllowEmacsPinentry): New.
(opts): Add option --allow-emacs-pinentry.
(parse_rereadable_options): Set this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add new option.
--
gpgconf-comp and manual entry added by wk.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_getinfo): Add new sub-command.
--
The current output is:
> getinfo std_env_names
D GPG_TTY
D TERM
D DISPLAY
D XAUTHORITY
D XMODIFIERS
D GTK_IM_MODULE
D QT_IM_MODULE
D PINENTRY_USER_DATA
OK
Note that there is an invisible \x00 at the end of each line.
* agent/command.c (cmd_get_passphrase): Read from the user cache.
--
We used to read the passphrase with mode CACHE_MODE_NORMAL but we put
it into the cache with CACHE_MODE_USER. However, agent_get_cache does
not yet distinguish between them and thus this does not change
anything.
* agent/agent.h (agent_get_passphrase): Add arguments keyinfo and
cache_mode. Update callers.
* agent/call-pinentry.c (agent_get_passphrase): Add arguments keyinfo
and cache_mode. If KEYINFO and CACHE_MODE describe a cachable key,
then send SETKEYINFO to the pinentry.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* agent/agent.h (opt): Add field allow_external_cache.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oNoAllowExternalCache): New.
(opts): Add option --no-allow-external-cache.
(parse_rereadable_options): Set this option.
--
Pinentry 0.9.2 may be build with libsecret support and thus an extra
checkbox is displayed to allow the user to get passwords out of an
libsecret maintained cache. Security aware user may want to avoid
this feature and may do this at runtime by enabling this option.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/call-pinentry.c (start_pinentry): Add more strings.
--
We do this so that translations of these strings will be available at
the time a pinentry implements features which require these strings.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oDebugPinentry): New.
(opts): Add --debug-pinentry.
(parse_rereadable_options): Set that option.
* agent/call-pinentry.c (start_pinentry): Pass option to
assuan_set_flag.
--
This option is quite useful to see the IPC between gpg-agent and
Pinentry. Note that "debug 1024" is also required.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/call-pinentry.c (PINENTRY_STATUS_PASSWORD_FROM_CACHE): New
constant.
(pinentry_status_cb): Add it to *FLAGS if PASSWORD_FROM_CACHE was
provided.
(agent_askpin): Pass "OPTION allow-external-password-cache" to the
pinentry. Always pass SETKEYINFO to the pinentry. If there is no
stable identifier, then use "--clear". If the password is incorrect
and PINENTRY_STATUS_PASSWORD_FROM_CACHE is set in *PINENTRY_STATUS,
then decrement PININFO->FAILED_TRIES.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* agent/call-pinentry.c (pinentry_status_cb): Or in
PINENTRY_STATUS_CLOSE_BUTTON; don't overwrite *FLAG.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* agent/call-pinentry.c (PINENTRY_STATUS_CLOSE_BUTTON): New constant.
(PINENTRY_STATUS_PIN_REPEATED): Likewise.
(close_button_status_cb): Rename from this...
(pinentry_status_cb): ... to this. Use the constants.
(agent_askpin): Rename local variable from close_button to
pinentry_status. Use symbolic constants rather than magic numbers.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* common/logging.h: Rename JNLIB_LOG_* to GPGRT_LOG_*.
* common/mischelp.h: Rename JNLIB_GCC_* to GPGRT_GCC_*.
--
JNLIB has no more meaning. Thus we switch to a GPGRT_ prefix in
anticipation that some code may eventually be moved to libgpg-error.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/call-pinentry.c (agent_askpin): Add args keyinfo and
cache_mode. Change all callers to pass (NULL,0) for them. Send
SETKEYINFO command.
* agent/findkey.c (unprotect): Pass the keygrip and the cache_mode for
the new args.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/cvt-openpgp.c (apply_protection): Strip leading zeroes from
opaque MPIs to comply with the OpenPGP spec.
--
This patch is the protected private key counterpart to commit ab17f7b.
Thanks to andy_s for describing the problem.
GnuPG-bug-id: 1853
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command-ssh.c (ssh_search_control_file): Check S before
upcasing it.
--
In contradiction to the comment we did not check the length of HEXGRIP
and thus the GPG_ERR_INV_LENGTH was never triggered.
Detected by Stack 0.3:
bug: anti-simplify
model: |
%cmp8 = icmp ne i32 %i.0, 40, !dbg !986
--> false
stack:
- /home/wk/s/gnupg/agent/command-ssh.c:1226:0
ncore: 2
core:
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
* agent/call-pinentry.c (unlock_pinentry): Add error logging. Map
error source of uncommon errors to Pinentry.
--
With this change it is possible to detect whether an error like
GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes
from another part of gpg-agent.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/pksign.c (agent_pksign_do): Use int.
* scd/app-openpgp.c (get_public_key): Likewise.
--
On 64-bit architecture, int and size_t might be different.
For the first argument for '%b', int is expected.
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--
Commit 91b826a388 was not enough to
avoid all sign extension on shift problems. Hanno Böck found a case
with an invalid read due to this problem. To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (get_default_pinentry_name): New.
(gnupg_module_name): Use that for the default pinentry.
(gnupg_module_name_flush_some): New.
* agent/gpg-agent.c (agent_sighup_action): Flush some module names.
* agent/call-pinentry.c (start_pinentry): Do not modify
opt.pinentry_program.
--
The idea with this change is that under Windows we can install a
simple native Windows pinentry as "pinentry-basic" and a full GUI
version may then later install pinentry-gtk etc which would then
automatically be used.
Unfortunately installing another pinentry from a different package
would clobber the GnuPG core directory which is not nice. To fix that
we would need to agree on standard installation directories for GUIs
to also look there.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/cvt-openpgp.c (extract_private_key): Add arg "arraysize".
Make sure that R_FLAGS and R_CURVE are set to NULL.
--
Given that extract_private_key is not file local it is good to have some
extra asserts to protect against future wrong use.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/cvt-openpgp.c (extract_private_key): New.
(convert_to_openpgp): Use extract_private_key.
* agent/findkey.c (agent_public_key_from_file): Use
extract_private_key.
--
This patch add support of ECC key with a curve name and flags. Since
same functionality is also needed for convert_to_openpgp, it was
factored out into the extract_private_key function.
* agent/divert-scd.c (divert_pkdecrypt): Support ECDH.
* scd/app-openpgp.c (get_algo_byte, store_fpr): Support ECDH.
(send_key_attr): Support ECDH. Fix EdDSA algorithm value.
(retrieve_key_material): Initialize fields.
(get_public_key, ecc_writekey, do_writekey): Support ECDH.
(ecdh_writekey): Remove.
(do_decipher): Support ECDH.
(parse_algorithm_attribute): Support ECDH. Fix EdDSA.
--
Following the gpg-agent protocol, SCDaemon's counter part is now
implemented.
* agent/gpg-agent.c (finalize_rereadable_options): New.
(main, reread_configuration): Call it.
--
This change should help to avoid surprising behaviour.
Signed-off-by: Werner Koch <wk@gnupg.org>
