1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-30 19:58:44 +01:00
Commit Graph

738 Commits

Author SHA1 Message Date
Werner Koch
d770715e15
gpgsm: Allow ECC encryption keys with just keyAgreement specified.
* sm/certlist.c (cert_usage_p): Allow keyAgreement for ECC.
* sm/fingerprint.c (gpgsm_is_ecc_key): New.
--

For ECC encryption keys keyAgreement is the keyUsage we want.

GnuPG-bug-id: 6253
2022-10-28 12:17:46 +02:00
Werner Koch
1cdb67d41a
gpgsm: Use macro constants for cert_usage_p.
* sm/certlist.c (USE_MODE_): New.  Use them for easier reading.
2022-10-28 12:14:54 +02:00
Werner Koch
ed62b74a17
gpgsm: Create ECC certificates with AKI and SKI by default.
* sm/certreqgen.c (create_request): Create AKI and SKI by default.
--

GnuPG-bug-id: 4098, 6253
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 44676819f2
2022-10-20 17:34:03 +02:00
Werner Koch
9f1181e1a7
gpgsm: Print the key types as standard key algorithm strings.
* sm/fingerprint.c (gpgsm_get_key_algo_info): Factor code out to ...
(gpgsm_get_key_algo_info2): new.
* sm/keylist.c (list_cert_colon): Put curve into field 17
(list_cert_raw): Print the unified key algotithm string instead of the
algo and size.
(list_cert_std): Ditto.
--

It is important to known whether a 256 bit ECC uses a NIST or a
Brainpool curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 5c29d25e6c
GnuPG-bug-id: 6253
2022-10-20 16:32:11 +02:00
Werner Koch
5ae2632002
gpgsm: Support decryption of ECDH data
* sm/decrypt.c (hash_ecc_cms_shared_info): New.
(ecdh_derive_kek): New global function.
(ecdh_decrypt): New with support for
dhSinglePass-stdDH-sha1kdf-scheme.
(prepare_decryption): Support ECDH.  Add args pk_algo and nbits.
(gpgsm_decrypt): Pass size of curve to prepare_decryption.  Lift some
variables from an inner code block.
--

This has been compiled from these commits in master:
Backported-from-master: 95d83cf906
(sm: Support decryption of ECDH data)
Backported-from-master: ee6d29f179
(sm: Support decryption of ECDH data using a smartcard.)
Backported-from-master: 68b857df13
(sm: Allow decryption using dhSinglePass-stdDH-sha1kdf-scheme.)

GnuPG-bug-id: 6253
Signed-off-by: Werner Koch <wk@gnupg.org>
2022-10-20 15:35:47 +02:00
NIIBE Yutaka
37a853d808
gpgsm: Support key generation with ECC.
* sm/certreqgen.c (pKEYCURVE): New.
(read_parameters): Add pKEYCURVE handling.
(proc_parameters): Support ECC key generation.
--

GnuPG-bug-id: 4888, 6253
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 49ea53b755)
2022-10-20 14:47:28 +02:00
NIIBE Yutaka
8b2c55d3c5
gpgsm: Remove restriction of key generation (only RSA).
* sm/certreqgen.c (proc_parameters): Remove checking GCRY_PK_RSA.

--

This is an initial change to support ECC key generation.

GnuPG-bug-id: 4888, 6253
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Backported-from-master: 238707db8b
2022-10-20 14:45:03 +02:00
Ingo Klöcker
94092793f6
sm: Fix reporting of bad passphrase error
* sm/minip12.c (p12_parse): Set badpass flag to result in ctx.
--

Fixes-commit: 4c14bbf56f
GnuPG-bug-id: 5713, 6037
(cherry picked from commit a47b3a4087)
2022-10-10 09:17:10 +02:00
Werner Koch
77b6896f7a
gpgsm: New option --compatibility-flags.
* sm/gpgsm.c (oCompatibilityFlags): New option.
(compatibility_flags): new.
(main): Parse and print them in verbose mode.
* sm/gpgsm.h (opt): Add field compat_glags.:
(COMPAT_ALLOW_KA_TO_ENCR): New.
* sm/keylist.c (print_capabilities): Take care of the new flag.
* sm/certlist.c (cert_usage_p): Ditto.

* common/miscellaneous.c (parse_compatibility_flags): New.
* common/util.h (struct compatibility_flags_s): New.
--

Backported-from-master: f0b373cec9
Backported-from-master: ce63eaa4f8
2022-08-19 10:49:20 +02:00
Werner Koch
4c14bbf56f
sm: Update pkcs#12 module from master
* sm/minip12.c: Update from master.
* sm/import.c (parse_p12): Pass NULL for curve.
--

Over the last years we had a couple of changes not backported to 2.2.
However, to support DFN p12 files and probably other p12 files we need
to update the minip12.c module.  Instead of picking commits we take
the module verbatim, which is relatively easy because it was
originally designed to be a standalone module.

Summary of commits taken from master:

  sm: Improve pkcs#12 debug output.
  sm: Rework the PKCS#12 parser to support DFN issued keys.
  sm: Fix parsing encrypted data.
  sm: Do not print certain issuer not found diags in quiet mode.
  sm: Silence some output on --quiet
  sm: Replace all assert calls by log_assert.
  doc: Typo fixes in code comments
  sm: Add support to export ECC private keys.

Detailed log messages for those commits:

  commit 52f9e13c0c

    sm: Improve pkcs#12 debug output.

    * sm/minip12.c (parse_shrouded_key_bag): Fix offset diagnostic.
    (parse_cert_bag): Ditto.
    (parse_bag_data): Remove debug output.  Pass startoffset.
    Fix offset diagnostic.

  commit a4e04375e8

    sm: Rework the PKCS#12 parser to support DFN issued keys.

    * sm/minip12.c (struct p12_parse_ctx_s): New.  Use this instead of
    passing several parameters to most functions.
    (parse_pag_data): Factor things out to  ...
    parse_shrouded_key_bag): new.
    (parse_cert_bag): New.
    (parse_bag_data): New.
    (p12_parse): Setup the parse context.

    To support newer pkcs#12 files like those issued by the DFN we
    need to support another ordering of data elements.  This rework
    reflects the P12 data structure a bit better than our old ad-hoc
    hacks.  Tests could only be done with the certificate parts and
    not the encrypted private keys.

GnuPG-bug-id: 6037

  commit 6c50834c09

    sm: Fix parsing encrypted data.

    * sm/minip12.c (cram_octet_string): Finish when N==0.
    (parse_bag_encrypted_data): Support constructed data with multiple
    octet strings.

GnuPG-bug-id: 5793

  commit a170f0e73f

    sm: Do not print certain issuer not found diags in quiet mode.

    * sm/certchain.c (find_up_dirmngr): Print one diagnostic only in
    verbose mode.  Do not print issuer not found diags in quiet mode.
    * sm/minip12.c (parse_bag_data): Add missing verbose condition.

GnuPG-bug-id: 4757

  commit 615d2e4fb1

    sm: Silence some output on --quiet

    * sm/encrypt.c (gpgsm_encrypt): Take care of --quiet.
    * sm/gpgsm.c: Include minip12.h.
    (set_debug): Call p12_set_verbosity.
    * sm/import.c (parse_p12): Dump keygrip only in debug mode.
    * sm/minip12.c (opt_verbose, p12_set_verbosity): New.
    (parse_bag_encrypted_data): Print info messages only in verbose
    mode.

GnuPG-bug-id: 4757

  commit 9ee975d588

    gpgsm: Replace all assert calls by log_assert.

  commit 9bc9d0818b

    doc: Typo fixes in code comments

  commit 5da6925a33

    sm: Add support to export ECC private keys.

    * sm/minip12.c [TEST]: Remove test code.  Include util.h, tlv.h. and
    openpgpdefs.h.  Remove the class and tag constants and replace
    them by those from tlv.h.
    (builder_add_oid, builder_add_mpi): New.
    (build_key_sequence): Rename to ...
    (build_rsa_key_sequence): this.
    (build_ecc_key_sequence): New.
    (p12_build): Call RSA or ECC builder.
    (p12_raw_build): Ditto.
    * sm/export.c (gpgsm_p12_export): Use correct armor header for ECC.
    (sexp_to_kparms): Support ECC.

GnuPG-bug-id: 4921
2022-06-21 18:22:14 +02:00
Werner Koch
a5faaf8bee
w32: Do no use Registry item DefaultLogFile for the main tools.
* g10/gpg.c (main): Set LOG_NO_REGISTRY.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
(show_other_registry_entries): Print "DefaultLogFile".
--

The intention of this mostly forgotten registry entry was to allow for
easy debugging of the tools.  However, with the global config
files (and in 2.3 with common.conf) things are anyway better.  We
disable the use for the commonly used tools so that it does not look
like calling gpg on the command line seems to block with no output if
the log server (e.g. tcp://1.2.3.4:11111) is not reachable.
2022-04-20 09:20:35 +02:00
NIIBE Yutaka
0c7dffe99d sm: Fix parsing encrypted data.
* sm/minip12.c (cram_octet_string): Finish when N==0.
(parse_bag_encrypted_data): Support constructed data with multiple
octet strings.

--

Backport master commit of:
	6c50834c09

GnuPG-bug-id: 5793
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-09 10:57:22 +09:00
Werner Koch
847d618454
gpgsm: New option --require-compliance
* sm/gpgsm.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* sm/gpgsm.h (opt): Add field require_compliance.
(gpgsm_errors_seen): Declare.
* sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
2022-03-08 19:06:30 +01:00
Werner Koch
bcf446b70c
sm: New option --ignore-cert-with-oid.
* sm/gpgsm.c (oIgnoreCertWithOID): New.
(opts): Add option.
(main): Store its value.
* sm/call-agent.c (learn_cb): Test against that list.
--
2022-02-03 14:29:19 +01:00
Werner Koch
e1fc053dc1
gpgconf: Tweak the use of ldapserver.
* tools/gpgconf-comp.c (known_options_gpgsm): Make "keyserver"
invisible.
(known_options_dirmngr): Add "ldapserver".
* sm/gpgsm.c (oKeyServer_deprecated): New.
(opts): Assign "ldapserver" to the new option and makr it as obsolete.
--

We want to use "ldapserver" in dirmngr but need to keep using
"keyserver" in gpgsm for existant versions of Kleopatra etc.

GnuPG-bug-id: 5801
2022-01-27 15:22:48 +01:00
Werner Koch
85300587cc
gpgconf: Fix --list-options for forced options
* tools/gpgconf-comp.c: Remove assert.h and replace all assert calls
by log_assert.
(known_options_gpg): Add "keyserver" as invisible.  Remove "options".
(known_pseudo_options_gpg, known_pseudo_options_gpgsm): New.
(gc_component): Add field known_pseudo_options.
(struct read_line_wrapper_parm_s): New.
(read_line_wrapper): New.
(retrieve_options_from_program): Use read_line_wrapper to handle
pseudo options.
(retrieve_options_from_program): Ignore to be ignored options.  Add
failsafe code to avoid calling percent_escape with NULL.
--

GnuPG-bug-id: 5341,5800

Due to reading the list of options from the argparser of the
component, we had no more information about the pseudo options and
thus could not emit them.  Well, there is just one pseudo option right
now, but with this change we have a generalized concept for them:
Pseudo options are used to convey information from a component to
gpgconf; for example build-in values.

This is a combined backport of patches to master.
2022-01-26 13:32:17 +01:00
Werner Koch
5fb71a8e03
gpgsm: Re-group the options in the --help output.
--

This looks better and is also required for further simplifications of
gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9bc3e7ec03)
2021-12-30 09:07:13 +01:00
Werner Koch
5f890f417f
gpgconf: Support reading global options (part 2).
* tools/gpgconf-comp.c: Remove all regular option descriptions.  They
are now read in from the component.  Also remove a few meanwhile
obsolete options.
* agent/gpg-agent.c: Add option description which were only set in
gpgconf-comp.c.
* dirmngr/dirmngr.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* g10/gpg.c: Ditto.
--

This second part removes all regular option descriptions because they
can be read from the components.  A few were missing in the components
and thus moved to there.

Signed-off-by: Werner Koch <wk@gnupg.org>

This is a backport from master (2.3).
2021-12-29 09:42:45 +01:00
Werner Koch
6ee01c1d26
gpg,gpgsm: Add option --min-rsa-length.
* common/compliance.c (min_compliant_rsa_length): New.
(gnupg_pk_is_compliant): Take in account.
(gnupg_pk_is_allowed): Ditto.
(gnupg_set_compliance_extra_info): New.
* g10/gpg.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* g10/options.h (opt): Add field min_rsa_length.
* sm/gpgsm.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* sm/gpgsm.h (opt): Add field min_rsa_length.
2021-11-18 21:11:10 +01:00
Werner Koch
c9343bec83
sm: Detect circular chains in --list-chain.
* sm/keylist.c (list_cert_chain): Break loop for a too long chain.
--

This avoids endless loops in case of circular chain definitions.  We
use such a limit at other palces as well.  Example for such a chain is

# ------------------------ >8 ------------------------
           ID: 0xBE231B05
          S/N: 51260A931CE27F9CC3A55F79E072AE82
        (dec): 107864989418777835411218143713715990146
       Issuer: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
      Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
     sha2_fpr: 92:5E:4B:37:2B:A3:2E:5E:87:30:22:84:B2:D7:C9:DF:BF:82:00:FF:CB:A0:D1:66:03:A1:A0:6F:F7:6C:D3:53
     sha1_fpr: 31:93:78:6A:48:BD:F2:D4:D2:0B:8F:C6:50:1F:4D:E8:BE:23:1B:05
      md5_fpr: AC:F3:10:0D:1A:96:A9:2E:B8:8B:9B:F8:7E:09:FA:E6
      pgp_fpr: E8D2CA1449A80D784FB1532C06B1611DB06A1678
       certid: 610C27E9D37835A8962EA5B8368D3FBED1A8A15D.51260A931CE27F9CC3A55F79E072AE82
      keygrip: CFCA58448222ECAAF77EEF8CC45F0D6DB4E412C9
    notBefore: 2005-06-07 08:09:10
     notAfter: 2019-06-24 19:06:30
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: ADBD987A34B426F7FAC42654EF03BDE024CB541A
    authKeyId: [none]
 authKeyId.ki: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
[...]

Certified by
           ID: 0xCE2E4C63
          S/N: 46EAF096054CC5E3FA65EA6E9F42C664
        (dec): 94265836834010752231943569188608722532
       Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
      Subject: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
     sha2_fpr: 21:3F:AD:03:B1:C5:23:47:E9:A8:0F:29:9A:F0:89:9B:CA:FF:3F:62:B3:4E:B0:60:66:F4:D7:EE:A5:EE:1A:73
     sha1_fpr: 9E:99:81:7D:12:28:0C:96:77:67:44:30:49:2E:DA:1D:CE:2E:4C:63
      md5_fpr: 55:07:0F:1F:9A:E5:EA:21:61:F3:72:2B:8B:41:7F:27
      pgp_fpr: 922A6D0A1C0027E75038F8A1503DA72CF2C53840
       certid: 14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.46EAF096054CC5E3FA65EA6E9F42C664
      keygrip: 10678FB5A458D99B7692851E49849F507688B847
    notBefore: 2005-06-07 08:09:10
     notAfter: 2020-05-30 10:48:38
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
    authKeyId: [none]
 authKeyId.ki: ADBD987A34B426F7FAC42654EF03BDE024CB541A
     keyUsage: certSign crlSign
[...]

Which has a circular dependency on subKeyId/authkeyId.ki.
2021-11-15 17:54:08 +01:00
Werner Koch
d6df1bf849
sm: New option --ldapserver as an alias for --keyserver.
* sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an
alias.
--

We should use "keyserver" for OpenPGP and thus it is better to allow
for "ldapserver" here - it is the same convention as now used in
dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-09 10:34:14 +02:00
Werner Koch
b722fd755c
sm: Support AES-GCM decryption.
* sm/gpgsm.c (main): Use gpgrt_fcancel on decryption error if gpgrt
supports this.
* sm/decrypt.c (decrypt_gcm_filter): New.
(gpgsm_decrypt): Use this filter if requested.  Check authtag.
* common/compliance.c (gnupg_cipher_is_allowed): Allow GCM for gpgsm
in consumer (decrypt) de-vs mode.
--

Backported-from-master: 4980fb3c6d

We allow GCM in de-vs mode for decryption although this has not been
evaluation.  It is decryption and thus no serious harm may happen.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-02 19:11:42 +02:00
Werner Koch
9f586700ec
gpg,sm: Simplify keyserver spec parsing.
* common/keyserver.h: Remove.
* sm/gpgsm.h (struct keyserver_spec): Remove.
(opt): Change keyserver to a strlist_t.
* sm/gpgsm.c (keyserver_list_free): Remove.
(parse_keyserver_line): Remove.
(main): Store keyserver in an strlist.
* sm/call-dirmngr.c (prepare_dirmngr): Adjust for the strlist.  Avoid
an ambiguity in dirmngr by adding a prefix if needed.

* g10/options.h (struct keyserver_spec): Move definition from
keyserver.h to here.  Remove most fields.
* g10/keyserver.c (free_keyserver_spec): Adjust.
(cmp_keyserver_spec): Adjust.
(parse_keyserver_uri): Simplify.
(keyidlist): Remove fakev3 arg which does not make any sense because
we don't even support v3 keys.
--

We now rely on the dirmngr to parse the keyserver specs.  Thus a bad
specification will not be caught immediately.  However, even before
that dirmngr had stricter tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-26 14:30:17 +02:00
Werner Koch
b677e2ec98
Assorted memory leak fixes on the error code paths.
--

These are taken from these commits:

98c52ae * card: Intialize pointer to avoid double free
fc5fac8 * kbx: Avoid uninitialized read
fa0771f * g10: Avoid memory leaks
25aa353 * dirmgr: Avoid double free
33a2362 * agent: Fix memory leaks
e6132bc * sm: Avoid memory leaks and double double-free
2af7bb2 * g10: Fix memory leaks
0d2c1e9 * dirmgr: clean up memory on error code paths

GnuPG-bug-id: 5393
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-20 14:51:42 +02:00
Werner Koch
50ea1b67e8
sm: Ask for the password for password based decryption (pwri)
* sm/decrypt.c (pwri_decrypt): Add arg ctrl.  Ask for passphrase.

* sm/export.c (export_p12): Mark string as translatable.
* sm/import.c (parse_p12): Ditto.
--

This is finishes the support for PWRI.

The N_() marks are added so that we don't rely of the side-effect of
having the same strings in protect-tool.c

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit eeb65d3bbd)
2021-05-17 19:29:06 +02:00
Werner Koch
6f31acac76
sm: Support decryption of password based encryption (pwri)
* sm/decrypt.c (string_from_gcry_buffer): New.
(pwri_parse_pbkdf2): New.
(pwri_decrypt): New.
(prepare_decryption): Support pwri.
(gpgsm_decrypt): Test for PWRI.  Move IS_DE_VS flag to DFPARM.

* common/sexputil.c (cipher_mode_to_string): New.
--

Note that this is not finished because we need to implement a password
callback.  For now "abc" is used as passwort.

Latest libksba is also required to return the required info.

Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 02029f9eab

Note that this change also prints the used algorithm and shows some
existsing diagnostics only in verbose mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-17 18:26:34 +02:00
Werner Koch
f3e68e39da
sm: Do away with the locked flag in keydb.c
* sm/keydb.c (struct keydb_handle): Remove field locked.
(keydb_lock): Remove use of locked flag.
(lock_all): Ditto.
(unlock_all): Ditto.
(keydb_set_flags): Use dotlock_is_locked instead of the locked flag.
(keydb_insert_cert): Ditto.
(keydb_delete): Ditto.
(keydb_search): s/keydb_lock/lock_all/.
(keydb_set_cert_flags): Ditto.
(keydb_clear_some_cert_flags): Ditto.

* sm/keydb.c (maybe_create_keybox): s/access/gnupg_access/.
--

We already keep the lock state in the dotlock module so it does not
make sense to add and sync another one here.  Instead we use a new
dotlock function to test whether we are locked.
2021-03-02 19:16:28 +01:00
Werner Koch
677245ba0e
sm: Lock kbx files also before a search.
* sm/keydb.c (keydb_search): Lock files.
--

This is required for Windows to avoid update locks.  We use it also on
Unix so that the locking behaviour is more or less indentical.

GnuPG-bug-id: 4505
2021-03-02 19:03:00 +01:00
Werner Koch
2b9ae79ad8
sm: On Windows close the kbx files at several places.
* kbx/keybox-search.c (keybox_search_reset) [W32]: Always close.

* kbx/keybox-init.c (keybox_close_all_files): New.
* sm/keydb.c (keydb_close_all_files): New.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Call new function.
(gpgsm_dirmngr_lookup): Ditto.
(gpgsm_dirmngr_run_command): Ditto.
--

We need to make sure that there are no open files on Windows.  Thus we
close them at several strategic locations.

GnuPG-bug-id: 4505
2021-03-02 19:01:07 +01:00
Werner Koch
c99f3599d8
sm: Remove unused function.
* sm/keydb.c (keydb_insert_cert): Remove.
* kbx/keybox-update.c (keybox_update_cert): Remove stub.
2021-03-02 13:49:55 +01:00
Werner Koch
e5af401fc4
sm: Silence some other pkcs#12 import prattle
* sm/minip12.c (parse_bag_data): Print a regular log_info only in
verbose mode.
--
2021-03-01 09:46:59 +01:00
Werner Koch
bcdbf0fcf3
sm: Silence some output on --quiet
* sm/encrypt.c (gpgsm_encrypt): Take care of --quiet.
* sm/gpgsm.c: Include minip12.h.
(set_debug): Call p12_set_verbosity.
* sm/import.c (parse_p12): Dump keygrip only in debug mode.
* sm/minip12.c (opt_verbose, p12_set_verbosity): New.
(parse_bag_encrypted_data): Print info messages only in verbose mode.
--

GnuPG-bug-id: 4757
2021-02-24 08:38:13 +01:00
Werner Koch
6e258babe7
Include the library version in the compliance checks.
* common/compliance.c (gnupg_gcrypt_is_compliant): New.
(gnupg_rng_is_compliant): Also check library version.
* g10/mainproc.c (proc_encrypted): Use new function.
(check_sig_and_print): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/verify.c (gpgsm_verify): Ditto
--

This will eventually allow us to declare Libgcrypt 1.9 to be de-vs
compliant.  GnuPG can use this information then for its own checks.
As of now GnuPG tests the version of the used library but that is a
bit cumbersome to maintain.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 90c514868f)
2021-01-28 16:01:53 +01:00
Werner Koch
a028f24136
Backport of the new option parser from 2.3
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* common/argparse.c, common/argparse.h: Rewrite.
* tests/gpgscm/main.c: Switch to the new option parser.

* g10/gpg.c: Switch to the new option parser and enable a global conf
file.
* g10/gpgv.c: Ditto.
* agent/gpg-agent.c: Ditto.
* agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c: Ditto.
* scd/scdaemon.c: Ditto.
* dirmngr/dirmngr.c: Ditto.
* dirmngr/dirmngr_ldap.c: Ditto
* dirmngr/dirmngr-client.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
* g13/g13.c: Ditto.
* g13/g13-syshelp.c: Ditto.  Do not force verbose mode.
* sm/gpgsm.c: Ditto. Add option --no-options.
--

This is backport from master

commit cdbe10b762
commit ba463128ce
commit 3bc004decd
commit 2c823bd878
commit 0e8f6e2aa9

but without changing all functions names to gpgrt.  Instead we use
wrapper functions which, when building against old Libgpg-error
versions, are implemented in argparse.c using code from the current
libgpg-error.  This allows to keep the dependency requirement at
libgpg-error 1.27 to support older distributions.  Tested builds
against 1.27 and 1.40-beta.

Note that g13-syshelp does not anymore default to --verbose because
that can now be enabled in /etc/gnupg/g13-syshelp.conf.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-12-04 12:12:20 +01:00
Werner Koch
163e4ff195
w32: Support Unicode also for config files etc.
* common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed.   Use
new function in most places where fopen is used.
--

The config files in 2.2 are still read using fopen - we need to change
this to allow Unicode directory names.  There is also one case where
files are written using the old fopen.  The new option parser in 2.3
does not have this problem but at some places fopen is also still used.

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-10 12:09:11 +01:00
Werner Koch
6fe5c8c06e
common: Fix duplicate implementation of try_make_homedir.
* g10/openfile.c (try_make_homedir): Move core of the code to ...
* common/homedir.c (gnupg_maybe_make_homedir): new.
* sm/keydb.c (try_make_homedir): Implement using new function.

* common/homedir.c: Include i18n.h.
* po/POTFILES.in: Add common/homedir.c.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:25:57 +01:00
Werner Koch
fc0fc4c2d3
g10,sm: Use gnupg_access at two more places.
--
2020-10-26 12:36:38 +01:00
Werner Koch
86e52e3c33
Replace most calls to open by a new wrapper.
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New.  Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--

This is yet another step for full Unicode support on Windows.

GnuPG-bug-id: 5098
(cherry picked from commit 4dcef0e178)
2020-10-23 10:02:25 +02:00
Werner Koch
5c6e9b44cc
Replace most of the remaining stdio calls by estream calls.
--

We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change.  At a
very few places we keep using stdio (for example due to the use of
popen).

GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 390497ea11
2020-10-21 21:09:38 +02:00
Werner Koch
dd5fd4a760
Replace all calls to access by gnupg_access
* common/sysutils.c (gnupg_access): New.  Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--

Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.

This is required to correctly handle non-ascii filenames on Windows.

GnuPG-bug-id: 5098
(cherry picked from commit c94ee1386e)
2020-10-21 20:49:18 +02:00
Werner Koch
c81f02c959
w32: Add manifest files to most binaries
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-02 17:04:12 +02:00
Werner Koch
d2fe2ffd75
sm: Fix a bug in the rfc2253 parser
* sm/certdump.c (parse_dn_part): Fix parser flaw.
--

This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory.  However, it is harmless because the rfc2253
strings have been constructed by libksba.

GnuPG-bug-id: 5037
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-28 09:09:34 +02:00
Werner Koch
0847133e4c
sm: Do not require a default keyring for --gpgconf-list.
* sm/gpgsm.c (main): No default keyring for gpgconf mode.
--

GnuPG-bug-id: 4867
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-25 11:38:44 +02:00
Werner Koch
5ac0cf1b81
gpg,gpgsm: Record the creation time of a private key.
* sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option.
(gpgsm_agent_import_key): Ditto.
* g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on.
(agent_import_key): Ditto.
* g10/import.c (transfer_secret_keys): Pass the creation date to the
agent.
* g10/keygen.c (common_gen): Ditto.
--

Having the creation time in the private key file makes it a lot easier
to re-create an OpenPGP public keyblock in case it was accidentally
lost.

Signed-off-by: Werner Koch <wk@gnupg.org>
Cherry-picked-from-master: 4031c42bfd
2020-08-23 12:31:18 +02:00
Werner Koch
9c57de75cf
sm: Also show the SHA-256 fingerprint.
* sm/keylist.c (list_cert_colon): Emit a new "fp2" record.
(list_cert_raw): Print the SHA2 fingerprint.
(list_cert_std): Ditto.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: e7d7092390

Here in 2.2 we keep the string "fingerprint:" and no not change it to
"sha1 fpr" as we did in master (2.3).
2020-08-04 11:15:47 +02:00
NIIBE Yutaka
f95d923090 w32: Add link to $(NETLIB) for -lws2_32.
* dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS).
* sm/Makefile.am (gpgsm_LDADD): Ditto.
* tools/Makefile.am (gpg_wks_client_LDADD): Ditto.

--

Cherry-picked master commit of:
	d69f5570ee

GnuPG-bug-id: 4994
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-30 15:10:15 +09:00
Werner Koch
b451c4f5ea
Do not use the pinentry's qualitybar
* agent/genkey.c (agent_ask_new_passphrase): No qualitybar.
* g10/call-agent.c (agent_get_passphrase): Ditto.
* sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto.
--

The concept of a passphrase quality indicator is anyway questionable
because user are smart enough to trick them out and they also tend to
limit the actually used entropy.

Except for the red/green switching (to show whether constraints are
fulfilled) our qualitybar is pretty bad and thus worse than none.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-08 16:14:43 +02:00
Werner Koch
4a36adaa64
sm: Exclude rsaPSS from de-vs compliance mode.
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS.  Adjust all callers.
* common/util.c (pubkey_algo_to_string): New.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg.  Add arg pkalgoflags.  Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags.  Pass algo flags along.  Change some of the
info output to be more like current master.
--
Signed-off-by: Werner Koch <wk@gnupg.org>

This backport from master
commit 969abcf40c
also includes some changes taken from
commit a759fa963a
(sm: Improve readability of the data verification output.)

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-03 17:08:58 +02:00
Werner Koch
ad6bf5d67f
sm: Print the serial number of a cert also in decimal.
* sm/certdump.c: Include membuf.h.
(gpgsm_print_serial_decimal): New.
* sm/keylist.c (list_cert_raw): Print s/n also in decimal
(list_cert_std): Ditto.
--

Many CA's print the serial number in decimal on their cards.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-26 15:27:51 +02:00
Werner Koch
c6324ee07a
common: Change argument order of log_printhex.
* common/logging.c (log_printhex): Chnage order of args.  Make it
printf alike.  Change all callers.
* configure.ac: Add -Wno-format-zero-length
--

This makes it consistent with modern libgpgrt logging and thus eases
back porting from newer GnuPG versions which use libgpgrt logging.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-12 18:51:47 +02:00
Werner Koch
aec7d136e4
sm: Always allow authorityInfoAccess lookup if CRLs are also enabled.
* sm/certchain.c (find_up): Disable external lookups in offline mode.
Always allow AKI lookup if CRLs are also enabled.
--

GnuPG-bug-id: 4898
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-16 19:07:36 +02:00
Werner Koch
d57209553d
sm: Lookup missing issuers first using authorityInfoAccess.
* sm/call-dirmngr.c (gpgsm_dirmngr_lookup): Add optional arg URL and
adjust all callers.
* sm/certchain.c (oidstr_caIssuers): New.
(struct find_up_store_certs_s): Add additional fields.
(find_up_store_certs_cb): Store the fingerprint.
(find_up_via_auth_info_access): New.
(find_up): Try the AIA URI first.
--

Note that --auto-issuer-key-retrieve is required to use that.

GnuPG-bug-id: 4898
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-16 18:05:44 +02:00
Werner Koch
ddc74f50d4
sm,dirmngr: Restrict allowed parameters used with rsaPSS.
* sm/certcheck.c (extract_pss_params): Check the used PSS params.
* dirmngr/crlcache.c (finish_sig_check): Ditto.
* dirmngr/validate.c (check_cert_sig): Ditto.
--

GnuPG-bug-id: 4538

# ------------------------ >8 ------------------------
See
https://www.metzdowd.com/pipermail/cryptography/2019-November/035449.html

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-15 15:45:58 +02:00
Werner Koch
24d563749f
sm: Support rsaPSS verification also for CMS signatures.
* sm/certcheck.c (gpgsm_check_cert_sig): Factor PSS parsing out to ...
(extract_pss_params): new.
(gpgsm_check_cms_signature): Implement PSS.
--

GnuPG-bug-id: 4538
2020-04-15 15:45:34 +02:00
Werner Koch
8bf17eb94d
dirmngr: Support rsaPSS also in the general validate module.
* dirmngr/validate.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(check_cert_sig): Support rsaPSS.
* sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on
error.
--

Yes, I know that there is a lot of code duplication.  In fact some of
the code is ugly and it would be better if we enhance Libgcrypt to
guarantee that returned memory buffers via gcry_sexp_extract_param are
allways Nul terminated and we should also enhance that function to
directly extract into an unsigned int or char *.

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-15 15:44:37 +02:00
Werner Koch
0626cc8fed
sm,dirmngr: Support rsaPSS signature verification.
* sm/certcheck.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(gpgsm_check_cert_sig): Handle PSS.
* dirmngr/crlcache.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(start_sig_check): Detect PSS and extract hash algo.  New arg to
return a PSS flag.
(finish_sig_check): New arg use_pss.  Extract PSS args and use them.
(crl_parse_insert): Pass use_pss flag along.
--

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-15 15:43:06 +02:00
Werner Koch
2b4b0b1223
sm: Fix possible NULL deref in error messages of --gen-key.
* sm/certreqgen.c: Protect printing the line numbers in case of !R.
--

GnuPG-bug-id: 4895
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-30 17:32:42 +02:00
Werner Koch
1424c12e4c
sm: Consider certificates w/o CRL DP as valid.
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from master)
2020-03-27 21:20:13 +01:00
Werner Koch
21d9bd8b87
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:37:34 +01:00
Werner Koch
8c167febc0
sm: Add special case for expired intermediate certificates.
* sm/gpgsm.h (struct server_control_s): Add field 'current_time'.
* sm/certchain.c (find_up_search_by_keyid): Detect a corner case.
Also simplify by using ref-ed cert objects in place of an anyfound
var.
--

See the code for a description of the problem. Tested using the certs
from the bug report and various command lines

  gpgsm --faked-system-time=XXXX --disable-crl-checks \
         -ea -v --debug x509  -r 0x95599828

with XXXX being 20190230T000000 -> target cert too young
with XXXX being 20190330T000000 -> okay
with XXXX being 20190830T000000 -> okay, using the long term cert
with XXXX being 20220330T000000 -> target cert expired

The --disabled-crl-checks option is required because in our a simple
test setting dirmngr does not know about the faked time.

GnuPG-bug-id: 4696
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d246f317c0)
2019-12-06 20:32:57 +01:00
Werner Koch
a8aacaf204
sm: Show the usage flags when generating a key from a card.
* g10/call-agent.c (scd_keypairinfo_status_cb): Also store the usage
flags.
* sm/call-agent.c (scd_keypairinfo_status_cb): Ditto.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Print the usage flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9ed1aa56c4)
2019-08-21 13:59:17 +02:00
Werner Koch
23784f8bf0
scd: New standard attributes $ENCRKEYID and $SIGNKEYID.
* g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo.
* sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto.
* scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and
"$SIGNKEYID".
* scd/app-nks.c (do_getattr): Add attributes too.
--

We already have $AUTHKEYID to locate the keyref of the key to be used
with ssh.  It will also be useful to have default keyref for
encryption and signing.  For example, this will allow us to replace
the use of "OPENPGP.2" by a app type specific keyref.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 2b1135cf92)

Removed changes for the non-existing app-piv.c.
Added support for NKS.
2019-08-21 11:00:18 +02:00
Werner Koch
0353cb0a5e
common: Extend function pubkey_algo_string.
* common/sexputil.c (pubkey_algo_string): Add arg R_ALGOID.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Adjust.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f952226043)

Removed the changes in gpg-card which is not part of 2.2

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-21 10:23:05 +02:00
NIIBE Yutaka
a9816d5fb1 sm: Support AES-256 key.
* sm/decrypt.c (prepare_decryption): Handle a case for AES-256.

--

Cherry-pick master commit of:
	ef2424144a

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-12 10:42:34 +09:00
NIIBE Yutaka
ccf5cc8b0b sm: Fix error checking of decryption result.
* sm/call-agent.c (gpgsm_agent_pkdecrypt): Fix condition.

--

Cherry-pick master commit of:
	15fe78184c

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-08-12 10:41:47 +09:00
Daniel Kahn Gillmor
64500e7f6d gpg,gpgsm: Handle pkdecrypt responses with/without NUL terminators.
* g10/call-agent.c (agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.
* sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.

--

Cherry-pick master commit of:
	3ba091ab8c

GnuPG-bug-id: 4652
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-08-12 10:40:49 +09:00
Werner Koch
f325102375
Return better error code for some getinfo IPC commands.
* agent/command.c (cmd_getinfo): Return GPG_ERR_FALSE as boolean False.
* g13/server.c (cmd_getinfo): Ditto.
* sm/server.c (cmd_getinfo): Ditto.
--

GPG_ERR_FALSE was introduced with libgpg-error 1.21 and we now require
a later version for gnupg 2.  Thus we can switch to this more
descriptive code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-03 16:33:50 +02:00
Werner Koch
32210e855c
sm: Avoid confusing diagnostic for the default key.
* sm/certlist.c (cert_usage_p): Add arg 'silent' and change all
callers.
(gpgsm_cert_use_sign_p): Add arg 'silent' and pass to cert_usage_p.
Change all callers.
* sm/sign.c (gpgsm_get_default_cert): Set SILENT when calling
gpgsm_cert_use_sign_p
--

GnuPG-bug-id: 4535
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-27 15:48:41 +02:00
Werner Koch
8d0d61aca3
sm: Fix a warning in an es_fopencooie function.
* sm/certdump.c (format_name_writer): Take care of a flush request.
--

We won't see a flush here so that fix does not solve a real bug but we
want to be correct.  Note that this function seems to predate the
es_fopenmem function and thus in master (2.3) we should replace it
entirely.

GnuPG-bug-id: 4495
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-12 20:41:32 +02:00
Werner Koch
30972d2182
sm: Allow decryption even if expired other keys are configured.
* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
mode.
--

The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
a decryption command.  With that patch the errors are printed but
decryption continues and the process returns success unless other
errors occur.

GnuPG-bug-id: 4431
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-26 13:35:18 +01:00
Andre Heinecke
b9d2759da1
sm, w32: Translate logger and status fd to handles
* sm/gpgsm.c (main): Call translate_sys2libc_fd_int to
convert the FDs.

--
This is required to actually pass gpgsm an fd on windows
and not a windows handle.

For the passphrase-fd this was already done.

(cherry picked from commit e4e0804ed1)
2019-03-25 14:09:46 +01:00
Werner Koch
b3c8ce9e43
sm: Print Yubikey attestation extensions with --dump-cert.
* sm/keylist.c (oidtranstbl): Add Yubikey OIDs.
(OID_FLAG_HEX): New.
(print_hex_extn): New.
(list_cert_raw): Make use of that flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 86c241a8c9)
2019-03-07 10:53:52 +01:00
Werner Koch
be69bf0cbd
sm: Don't mark a cert as de-vs compliant if it leads to SHA-1 sigs.
* sm/keylist.c (print_compliance_flags): Also check the digest_algo.
Add new arg 'cert'.
--

A certificate with algorithm sha1WithRSAEncryption can be de-vs
compliant (e.g. if the next in the chain used sha256WithRSAEncryption
to sign it and RSA is long enough) but flagging it as such is useless
because that certificate can't be used because it will create
signatures using the non-compliant SHA-1 algorithm.

Well, it could be used for encryption.  But also evaluating the
key-usage flags here would make it harder for the user to understand
why certain certificates are listed as de-vs compliant and others are
not.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 2c75af9f65)

Reworked to also pass the CERT.  Note that 2.2 won't get the PK
Screening feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-28 15:13:22 +01:00
Daniel Kahn Gillmor
121286d9d1
gpgsm: default to 3072-bit keys.
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
default to 3072 bits.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
3072 bits.
* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
* sm/gpgsm.c (main): print correct default_pubkey_algo.

--

3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Topic update-defaults
Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
(cherry picked from commit 7955262151)
2019-02-28 11:00:31 +01:00
Werner Koch
54c56230e3
sm: Fix certificate creation with key on card.
* sm/certreqgen.c (create_request): Fix for certmode.
--

When using an existing key from a card for certificate signing (in
contrast to the default of generating a CSR), the code tried to use
the same key for signing instead of the Signing-Key parameter.  It is
perfectly okay to use the regular signing path via gpg-agent for
certificate creation - only self-signed certificates with a key on the
card require the direct use of the card key (via "SCD PKSIGN").

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c1000c6738)
2019-02-25 08:49:59 +01:00
Werner Koch
d1bee9d1ef
sm: In --gen-key with "key from card" show also the algorithm.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Get and show algo.
--

This extends the prompt to show something like

  Serial number of the card: FF020001008A77F6
  Available keys:
     (1) 4130F84FA3704F4645924AEC3FFA48AD26D33656 PIV.9A nistp384
     (2) AB2988FB8C227BCD5175BF92F66AA3A95AE83214 PIV.9E rsa2048
     (3) DB7DDAEAA88534BA45CCD7A9B761425103EA2090 PIV.9C rsa2048
     (4) BABB48C3D80ACCF9839F101DF2910966C8B988DF PIV.9D nistp256
  Your selection? 1

Having the algorithm here is helpful in particular because right now
we support only RSA with X.509.  Take care: PIV card based certificate
creation does not yet work.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0328976c94)

Note that 2.2 does not support PIV cards, but the feature also works
also with other cards.
2019-02-11 10:59:36 +01:00
Werner Koch
1b9b0fc54b
sm: Use the correct string in an error message.
* sm/gpgsm.c (main): Fix error message.
--

GnuPG-bug-id: 4219
(cherry picked from commit 793fd8d876)
2018-10-24 20:30:17 +02:00
Andre Heinecke
6b36c16f77
sm: Fix dirmngr loadcrl for intermediate certs
* sm/call-dirmngr.c (run_command_inq_cb): Support ISTRUSTED.
(inq_certificate): Distinguish unsupported inquiry error.

--
When loading a CRL through "gpgsm --call-dirmngr loadcrl foo"
dirmngr can ask gpgsm back if a certificate used ISTRUSTED, which
previously resulted in an error.
2018-10-23 15:59:54 +02:00
Werner Koch
460e3812be
dirmngr: Fallback to CRL if no default OCSP responder is configured.
* dirmngr/server.c (cmd_isvalid): Use option second arg to trigger
OCSP checkibng.  Fallback to CRL if no default OCSP responder has been
configured.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Adjust accordingly.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-24 11:40:51 +02:00
Werner Koch
0336e5d1a7
gpg: Emit FAILURE stati now in almost all cases.
* g10/cpr.c (write_status_failure): Make it print only once.
* g10/gpg.c (wrong_args): Bump error counter.
(g10_exit): Print a FAILURE status if we ever did a log_error etc.
(main): Use log_error instead of log_fatal at one place.  Print a
FAILURE status for a bad option.  Ditto for certain exit points so
that we can see different error locations.
--

This makes it easier to detect errors by tools which have no way to
get the exit code (e.g. due to double forking).

GnuPG-bug-id: 3872
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-06 17:32:25 +02:00
Werner Koch
137644c9cb
sm: Add OPTION request-origin.
* sm/server.c: Include shareddefs.h.
(option_handler): Add option.
--

This is required when running gpgsm in server mode as done by GPGME.
Noet that a command line option takes precedence.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 15:07:56 +01:00
Werner Koch
2cd35df5db
gpg,sm: New option --request-origin.
* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 09:06:20 +01:00
Werner Koch
80719612b7
sm: Fix minor memory leak in --export-p12.
* sm/export.c (gpgsm_p12_export): Free KEYGRIP.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-14 14:54:51 +01:00
Katsuhiro Ueno
29aac77980
sm: Fix a wrong key parameter in an exported private key file
* sm/export.c (sexp_to_kparms): Fix the computation of array[6],
which must be 'd mod (q-1)' but was 'p mod (q-1)'.
--

This bug is not serious but makes some consistency checks fail.
For example, 'openssl rsa -check' reports the following error:

$ gpgsm --out my.key --export-secret-key-raw 0xXXXXXXXX
$ openssl rsa -check -noout -inform DER -in my.key
RSA key error: dmq1 not congruent to d

--
Let me(wk) add this:

This bug was introduced with
Fixes-commit: 91056b1976
right at the start of GnuPG 2.1 in July 2010.  Before that (in 2.0) we
used gpg-protect-tool which got it right.  We probably never noticed
this because gpgsm, and maybe other tools too, fix things up during
import.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-14 14:49:47 +01:00
Werner Koch
f19ff78f0f
common: Use new function to print status strings.
* common/asshelp2.c (vprint_assuan_status_strings): New.
(print_assuan_status_strings): New.
* agent/command.c (agent_write_status): Replace by call to new
function.
* dirmngr/server.c (dirmngr_status): Ditto.
* g13/server.c (g13_status): Ditto.
* g13/sh-cmd.c (g13_status): Ditto.
* sm/server.c (gpgsm_status2): Ditto.
* scd/command.c (send_status_info): Bump up N.
--

This fixes a potential overflow if LFs are passed to the status
string functions.  This is actually not the case and would be wrong
because neither the truncating in libassuan or our escaping is not the
Right Thing.  In any case the functions need to be more robust and
comply to the promised interface.  Thus the code has been factored out
to a helper function and N has been bumped up correctly and checked in
all cases.

For some uses this changes the behaviour in the error case (i.e. CR or
LF passed): It will now always be C-escaped and not passed to
libassuan which would truncate the line at the first LF.

Reported-by: private_pers
2018-02-14 12:21:44 +01:00
Werner Koch
f3ba66781a
kbx: Simplify by removing custom memory functions.
* kbx/keybox-util.c (keybox_set_malloc_hooks): Remove.
(_keybox_malloc, _keybox_calloc, keybox_realloc)
(_keybox_free): Remove.
(keybox_file_rename): Remove.  Was not used.
* sm/gpgsm.c (main): Remove call to keybox_set_malloc_hooks.
* kbx/kbxutil.c (main): Ditto.
* kbx/keybox-defs.h: Remove all separate includes.  Include util.h.
remove convenience macros.
* common/logging.h (return_if_fail): New.  Originally from
keybox-defs.h but now using log_debug.
(return_null_if_fail): Ditto.
(return_val_if_fail): Ditto.
(never_reached): Ditto.
--

Originally the KBX code was written to allow standalone use.  However
this required lot of ugliness like separate memory allocators and
such.  It also precludes the use of some standard functions from
common due to their use of the common gnupg malloc functions.
Dropping all that makes things easier.  Minor disadvantages: the kbx
call done for gpg will now use gcry malloc fucntions and not the
standard malloc functions.  This might be a bit slower but removing
them even fixes a possible bug in keybox_tmp_names which is used in
gpg and uses gpg's xfree which is actually gcry_free.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-22 12:55:46 +01:00
Werner Koch
8c878ae4c9
sm: Allow explicit setting of the default --compliance=gnupg
* sm/gpgsm.c (main): Allow setting of the default compliance.
* tools/gpgconf-comp.c (gc_options_gpgsm): Add "compliance".
--

This is required so that we can use this option in in gpgconf.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-18 12:05:31 +01:00
Andre Heinecke
5ecef193bc
sm, w32: Fix initial keybox creation
* sm/keydb.c (maybe_create_keybox): Open new keybox in bin mode.

--
As the header contains a timestamp we will have the conversion
problems if the keybox is not opened in binary mode.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2017-11-14 12:26:29 +01:00
Rainer Perske
1067403c8a
sm: Do not expect X.509 keyids to be unique
* sm/certlist.c (gpgsm_find_cert): Add arg allow_ambiguous and use it.
* sm/call-dirmngr.c (inq_certificate): Pass true to ALLOW_AMBIGUOUS
(run_command_inq_cb): Ditto.
* sm/gpgsm.c (main): Pass false.
* sm/server.c (cmd_passwd): Pass false.

--

As described in my report T1644, it is possible that multiple
certificates exist with the same Distinguished Name and the same key.
In this case, verifying S/MIME signatures and other actions fail with
"certificate not found: Ambiguous name". For details see the bug
report.

To circumvent the problem, I am patching GnuPG since 2014 so that in
this case the newest of the ambiguous certificates is used.

This is not an ultimate solution of the problem: You should try every
certificate with the same DN until verification succeeds or until all
certificates fail, and if multiple certificates of a chain are
ambiguous you even have to check every combination. You may even
consider checking the keyUsage attributes of the ambiguous certificates
to reduce the number of combinations.

But in the existing case of the certificates in the German Research
Network (DFN) PKI where the newest one is the valid one and all
ambiguous certificates have the same keyUsage attributes, this patch
has proven to be sufficient over the last three years.

With every GnuPG update, I have adapted the patch, luckily I never
needed to change anything except line numbers.

GnuPG-bug-id: 1644

ChangeLog log written by wk, comment taken from mail.  Signed-off line
was missing in the plain diff.  However the mail with the patch and
the DCO posted as reply to that mail were both signed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-10-24 17:29:04 +02:00
Werner Koch
1bf5cbd3ef
sm: Fix colon listing of fields > 12 in crt records.
* sm/keylist.c (print_capabilities): Move colon printing ...
(list_cert_colon): to here.
--

Fixes-commit: 7af008bfe1
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-10-19 14:59:34 +02:00
Werner Koch
0a8e20c4c6
sm: Always print the keygrip in colon mode.
* sm/keylist.c (list_cert_colon): Always print the keygrip as
described in the manual.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-08 13:05:50 +02:00
Werner Koch
4e117f206b
gpg,sm: Error out on compliance mismatch while decrypting.
* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not
allowed in the current compliance mode.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--

The idea here is that the owner of the key created a non-compliant key
and later receives a mail encrypted to that key.  The sender should
have checked this key too but we can't guarantee that.  By hard
failing here the owner of the key will notice that he had created a
non-compliant key and thus has a chance to generate a new compliant
key.  In case the compliant criteria changes and the owner wants to
decrypt an old message he can still switch gpg to another compliant
mode.

Fixes-commit: a0d0cbee76
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-01 08:41:47 +02:00
Werner Koch
4ad5bc1b6d
Explain the "server is older than xxx warning".
* g10/call-agent.c (warn_version_mismatch): Print a note on how to
restart the servers.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
--

We should move this fucntion to common.  However, the status output
functions are different and would need to be streamlined too.

GnuPG-bug-id: 3117
Debian-bug-id: 860745
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-31 11:20:47 +02:00
Werner Koch
efe187e8a2
gpg,sm: String changes for compliance diagnostics.
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-28 17:46:43 +02:00
Werner Koch
1bd22a85b4
gpg,sm: Allow encryption (with warning) to any key in de-vs mode.
* g10/encrypt.c (encrypt_crypt): Do not abort for a non-compliant key.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

GnuPG-bug-id: 3306
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 14:57:32 +02:00
Werner Koch
a0d0cbee76
gpg,sm: Fix compliance checking for decryption.
* common/compliance.c (gnupg_pk_is_compliant): Remove the Elgamal
signing check.  We don't support Elgamal signing at all.
(gnupg_pk_is_allowed) <de-vs>: Revert encryption/decryption for RSA.
Check the curvenames for ECDH.
* g10/pubkey-enc.c (get_session_key): Print only a warning if the key
is not compliant.
* sm/decrypt.c (gpgsm_decrypt): Ditto.  Use the same string as in gpg
so that we have only one translation.
--

We always allow decryption and print only a note if the key was not
complaint at the encryption site.

GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 13:56:38 +02:00
Werner Koch
a149afe338
gpg,sm: Check compliance of the RNG.
* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--

Under Windows we need to check that the Jitter RNG is active in de-vs
mode.  Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-17 15:53:16 +02:00
Werner Koch
f31dc2540a
gpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.
* common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New.
* g10/encrypt.c (encrypt_crypt): Emit new status code.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

This status code allows to report whether an encryption operation was
compliant to de-vs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-23 12:01:20 +02:00
Werner Koch
e0877a98a0
indent,i18n: Make some new strings translatable. Wrap too long lines.
--
2017-06-23 12:01:20 +02:00
Werner Koch
3621dbe525
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00