1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

1679 Commits

Author SHA1 Message Date
NIIBE Yutaka
9a34e2142b agent, g10: Fix keygen.
* agent/command.c (cmd_readkey): Get length after card_readkey.
* g10/keygen.c (gen_card_key): Fix off-by-one error.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-20 20:01:46 +09:00
NIIBE Yutaka
980c037bed g10: smartcard keygen change.
* g10/call-agent.c (scd_genkey_cb_append_savedbytes): Remove.
(scd_genkey_cb): Only handle KEY-CREATED-AT and PROGRESS.
(agent_scd_genkey): Remove INFO argument.  CREATETIME is now in/out
argument.
(agent_readkey): Use READKEY --card instead of SCD READKEY.
* g10/keygen.c (gen_card_key): Use READKEY --card command of the agent
to retrieve public key information from card and let the agent make
a file for private key with shadow info.
--

This change removes gpg's KEY-DATA handling for SCD GENKEY.  Information
with KEY-DATA is simply not used.  Instead, it is read by READKEY --card
command of gpg-agent.  This can consolidate public key handling in a
single method by READKEY.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-20 13:30:47 +09:00
Neal H. Walfield
95d0f3e5ee g10: Be more careful when checking if a binding is signed by a UTK.
* g10/tofu.c (signed_by_utk): When checking if a key is signed by an
ultimately trusted key, only consider the signatures on the specified
user id.
* tests/openpgp/tofu.scm: Add test for the above.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-13 21:14:55 +02:00
Neal H. Walfield
4c0389f8eb g10: Be more careful when checking cross signatures.
* g10/tofu.c (cross_sigs): When checking cross signatures, only
consider the signatures on the specified user id.
* tests/openpgp/tofu.scm: Add test for the above.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg:
  New file.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
  DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/README: New file.

--
Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
Neal H. Walfield
e09166c772 g10: Still check if the key is an UTK or cross signed in batch mode.
* g10/tofu.c (get_trust): If POLICY is ask, but we can't ask, don't
bail immediately.  Instead, check if the key in question is an
ultimately trusted key or cross signed.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-13 12:40:03 +02:00
Neal H. Walfield
5bf92e51df g10: If an sqlite operation fails, map the error code to GPG_ERR_GENERAL
* g10/tofu.c (get_policy): If an sqlite operation fails, map the error
  code to GPG_ERR_GENERAL.
(ask_about_binding): Likewise.
(build_conflict_set): Likewise.
(get_trust): Likewise.
(show_statistics): Likewise.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-13 12:32:03 +02:00
Neal H. Walfield
3ad17e72fa g10: When changing a TOFU binding's policy, update the conflict info
* g10/tofu.c (record_binding): Take an additional argument, CONFLICT.
Set the binding's conflict accordingly.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-12 21:42:10 +02:00
Neal H. Walfield
ca84f65c7c g10: Make a singular string singular.
* g10/tofu.c (ask_about_binding): Make the singular string singular.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-12 21:40:03 +02:00
Neal H. Walfield
6fdf37f083 g10: Correctly determine whether a binding has a conflict.
* g10/tofu.c (build_conflict_set): A binding has a conflict is
conflict is *not* NULL, not if it is NULL.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-10-12 21:39:12 +02:00
Neal H. Walfield
78eda335fd g10: Fix a column's type in TOFU DB.
* g10/tofu.c (initdb): Change policy from a boolean to an integer.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Note: sqlite ignores type information so this change has no real
impact.
2016-10-12 21:37:34 +02:00
Werner Koch
1a24c67e20
Revert "g10: Fix singular term."
--

This reverts commit b0d2526bc4.

The number of format elements may not change in ngettext.  The entire
construct is anyway wrong because ngettext is passed a different value
than what is used in the printf.

We need to rework the use of most strings in tofu.c.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 08:06:13 +02:00
Werner Koch
5d43d28aa3
gpg: Put extra parens around bit tests.
* g10/options.h (DBG_MPI): New.
* g10/gpg.c (set_debug): Use macro or extra parens for binary operator.
* g10/parse-packet.c (set_packet_list_mode): Use dbg macro.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-07 07:54:38 +02:00
Justus Winter
b0d2526bc4 g10: Fix singular term.
* g10/tofu.c (ask_about_binding): Fix singular message.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-06 14:33:20 +02:00
Justus Winter
73000d1ce0 g10: Use appropriate variant of 'abs'.
* g10/tofu.c (ask_about_binding): Use 'labs' instead of 'abs'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-06 14:32:10 +02:00
Justus Winter
6b626824c8 g10: Fix testing for debug flag.
* g10/parse-packet.c (set_packet_list_mode): Fix testing for debug
flag.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-06 14:17:55 +02:00
Werner Koch
a43739a245
agent: Remove the warning for the GKR hijacking.
* g10/call-agent.c (check_hijacking): Remove.
(start_agent): Remove call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-30 19:38:03 +02:00
Werner Koch
cbf2ac6669
gpg: Improve WKD by importing only the requested UID.
* g10/keyserver.c: Include mbox-util.h.
(keyserver_import_wkd): Do not use the global import options but
employ an import filter.
--

We also make sure that an mbox has been passed to keyserver_import_wkd
so it may also be called with a complete user id (which is currently
not the case).

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-28 15:35:31 +02:00
Werner Koch
80393661bd
gpg: Reject import if an import filter removed all user ids.
* g10/import.c (any_uid_left): New.
(import_one): Check that a UID is left.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-28 15:32:04 +02:00
Werner Koch
c9237bf2ba
gpg: Make import filter data object more flexible.
* g10/main.h (import_filter_t): New.
* g10/import.c (struct import_filter_s): Declare struct.
(import_keep_uid, import_drop_sig): Replace by ...
(import_filter): new.  Adjust all users.
(cleanup_import_globals): Move code to ...
(release_import_filter): new.
(save_and_clear_import_filter): New.
(restore_import_filter): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-28 13:47:34 +02:00
Werner Koch
829949f382
gpg: Make sure that internal key import is done with a binary stream.
* g10/import.c (import_keys_internal): Open stream in binary mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-28 13:36:28 +02:00
NIIBE Yutaka
4e4843e735 agent, sm: Set CTX after start_agent.
* g10/call-agent.c (agent_keytocard): Assign parm.ctx after start_agent.
* sm/call-agent.c (gpgsm_agent_pksign, gpgsm_scd_pksign)
(gpgsm_agent_readkey, gpgsm_agent_scd_serialno)
(gpgsm_agent_scd_keypairinfo, gpgsm_agent_marktrusted)
(gpgsm_agent_passwd, gpgsm_agent_get_confirmation)
(gpgsm_agent_ask_passphrase, gpgsm_agent_keywrap_key)
(gpgsm_agent_export_key): Likewise.

--

Reported-by: Rainer Perske
GnuPG-bug-id: 2699
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-09-27 14:45:21 +09:00
Neal H. Walfield
df5353b95e g10: When adding a user id, make sure the keyblock has been prepared.
* g10/keyedit.c (keyedit_quick_adduid): Call merge_keys_and_selfsig on
KEYBLOCK before adding the user id.
* tests/openpgp/quick-key-manipulation.scm: Make sure that the key
capabilities don't change when adding a user id.
(key-data): New function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2697
2016-09-22 21:32:31 +02:00
Werner Koch
998643666c
gpg: Fix regression in fingerprint printing.
* g10/keylist.c (list_keyblock_print): Do not depend calling
print_fingerprint on opt.keyid_format.
--

Regression-due-to: d757009a24
Debian-bug-id: 838153
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-19 17:48:04 +02:00
Justus Winter
086d219d96 g10: Fix memory leak.
* g10/tofu.c (build_conflict_set): Free 'kb_all'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-19 12:32:50 +02:00
Werner Koch
18bbefa27f
gpg: Avoid malloc failure due to no key signatures
* g10/keyedit.c (check_all_keysigs): Check early for no key
signatures.  Use xtrycalloc.
--

GnuPG-bug-id: 2690
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-19 08:27:56 +02:00
Daniel Kahn Gillmor
0d67241e31 Fix more spelling
* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c,
  agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c,
  common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS,
  doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi,
  doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
  doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c,
  g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c,
  g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c,
  sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt,
  tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm,
  tests/openpgp/multisig.test, tests/openpgp/verify.scm,
  tests/pkits/README, tools/applygnupgdefaults,
  tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c:
  minor spelling cleanup.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-17 16:00:37 +09:00
Neal H. Walfield
6e930f0e40 g10: On failure, propagate the return code.
* g10/tofu.c (tofu_register_encryption): If get_trust fails, set RC.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-16 15:35:21 +02:00
Neal H. Walfield
3825847300 g10: Improve some comments and a string.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-16 15:35:20 +02:00
Neal H. Walfield
221b0bd0e5 g10: Don't ignore failure. On failure, rollback.
* g10/tofu.c (tofu_set_policy): If record_binding fails, fail.  If the
function fails, rollback the transaction.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-16 15:35:20 +02:00
Neal H. Walfield
c2e563421e g10: Load the key block if the supplied user id list is NULL.
* g10/tofu.c (tofu_register_encryption): Load the key block if
USER_ID_LIST is NULL.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-16 15:35:19 +02:00
Neal H. Walfield
af196342bf g10: Use the accessor functions for accessing and comparing key ids
* g10/tofu.c (get_trust): Use the pk_main_keyid accessor function.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.
(tofu_set_policy): Likewise and also use pk_keyid and keyid_cmp.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-16 15:35:18 +02:00
Justus Winter
c0e620cee8 g10: Add missing header.
* g10/trustdb.c: Include 'mbox-util.h'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-15 14:46:06 +02:00
Neal H. Walfield
3f7f744731 g10: Only consider bindings matching the signer's user id.
* g10/trustdb.c (tdb_get_validity_core): If the signer's user id
subpacket is present, only consider matching user ids.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-15 12:21:35 +02:00
Neal H. Walfield
dcc6466305 g10: Don't include the signature when printing a binding's validity.
* g10/mainproc.c (check_sig_and_print): When printing information
about a binding don't include the current signature.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-15 12:21:34 +02:00
Neal H. Walfield
9799b5d18f g10: Fix whitespace.
* g10/tofu.c (show_statistics): Fix whitespace.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-14 15:22:11 +02:00
Neal H. Walfield
05b2b13efd g10: Correctly compute the euclidean distance.
* g10/tofu.c (write_stats_status): Correctly compute the euclidean
distance.
(show_statistics): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-14 15:22:10 +02:00
Neal H. Walfield
ca91caabb5 g10: Change the default TOFU policy for UTKs to good.
* g10/tofu.c (get_trust): Change the default TOFU policy for UTKs to
good.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-14 15:22:09 +02:00
Neal H. Walfield
9d62b79e62 g10: Add missing static qualifier.
* g10/tofu.c (cross_sigs): Add missing static qualifier.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-14 15:22:09 +02:00
Neal H. Walfield
8df8aa13c7 g10: Default to the "good" TOFU policy for keys signed by a UTK.
* g10/tofu.c (signed_by_utk): New function.
(get_trust): If a key is signed by an ultimately trusted key, then
set any bindings to good.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-14 15:22:08 +02:00
Werner Koch
f4e11f2e9e
gpg: Emit a new error status line in --quick-adduid.
* g10/keyedit.c (menu_adduid): Emit an ERROR status for an existsing
user id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 10:59:18 +02:00
Werner Koch
0fd332bc1f
gpg: Allow use of "default" algo for--quick-addkey.
* g10/keygen.c (quick_generate_keypair): Write a status error.
(parse_algo_usage_expire): Set a default curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 09:46:10 +02:00
Werner Koch
30a011cfd6
gpg: Improve usability of --quick-gen-key.
* g10/keygen.c (FUTURE_STD_): New constants.
(parse_expire_string): Handle special keywords.
(parse_algo_usage_expire): Allow "future-default".  Simplify call to
parse_expire_string.
(quick_generate_keypair): Always allow an expiration date.  Replace
former "test-default" by "future-default".
--

Using an expiration date is pretty common, thus we now allow the
creation of a standard key with expiration date.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 11:30:54 +02:00
Werner Koch
31fc420727
gpg: Avoid mixing up status and colon line output.
* g10/keylist.c (list_keyblock_colon): Avoid calling functions which
trigger a status line output before having printed a LF.
--

Status lines like KEY_CONSIDERED and KEYEPXIRED were messing up the
colons output, like here:

  pub:[GNUPG:] KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF46[...]

Reported-by: Andreas Stieger <astieger@suse.com>
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-12 17:45:01 +02:00
Ben Kibbey
937ec53eff Fix symbol conflict.
* g10/gpgcompose.c: Rename struct siginfo to signinfo.
--

Fixes android-ndk and OpenIndiana (Solaris) builds.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-09-10 13:42:09 -04:00
Daniel Kahn Gillmor
d757009a24
gpg: print fingerprint regardless of keyid-format
* g10/keylist.c (print_fingerprint): use compact format independent of
  keyid-format; (print_key_line): always print the fingerprint

--

The choice of fingerprint display should be independent of the
keyid-format.

Currently, the representation of the fingerprint changes depending on
whether the user has specified --keyid-format to anything besides
"none".  (this is common, for example, if someone happens to have
"keyid-format long" in their gpg.conf for interoperability with older
versions of gpg)

With this changeset, keyid-format governs only the format of the
displayed keyID, while the fingerprint display is governed only by the
fingerprint options:

 [default]::
    compact fpr of pubkey only
 --with-fingerprint::
    human-readable form of fpr of pubkey only
 --with-fingerprint --with-fingerprint::
    human-readable form of pubkey and subkey
 --with-subkey-fingerprint:
    compact fpr for pubkey and subkeys

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-09 08:17:49 +02:00
Werner Koch
30a9f53a0f
gpg: Remove option --yes from gpgv
* g10/gpgv.c (opts): Remove --yes.
(main): Always set opt.ANSWER_YES.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-08 14:34:13 +02:00
Werner Koch
a8363b7d0b
gpg: Add options --output and --yes to gpgv.
* g10/gpgv.c (oOutput, oAnswerYes): New.
(opts): Add --output and --yes.
(main): Implement options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-08 10:50:51 +02:00
Werner Koch
bbe940c095
gpg: Make --output work with --verify.
* g10/mainproc.c (proc_plaintext): Handle opt.output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-08 00:45:45 +02:00
Neal H. Walfield
bde29a46ce g10: Use the time a signature was seen, not the embedded time, for stats
* g10/tofu.c (ask_about_binding): Use the time that a signature was
seen, not allegedly generated, when generating statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-09-07 11:17:47 +02:00
Neal H. Walfield
ee06b3f788 g10: Check for a new binding a bit later.
* g10/tofu.c (build_conflict_set): Check for the current key after
looking for conflicts and removing any '!'.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 1f1f56e6
2016-09-07 10:53:28 +02:00