1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-13 22:08:52 +01:00
Commit Graph

199 Commits

Author SHA1 Message Date
David Shaw
c71639cfff * options.h, g10.c (main): Add new --default-sig-expire and
--default-cert-expire options.  Suggested by Florian Weimer.

* main.h, keygen.c (parse_expire_string, ask_expire_interval): Use
defaults passed in, or "0" to control what default expiration is.

* keyedit.c (sign_uids), sign.c (sign_file, clearsign_file,
sign_symencrypt_file): Call them here, so that default expiration
is used when --ask-xxxxx-expire is off.
2005-05-05 19:21:40 +00:00
Werner Koch
c43423f0bd (keygen_set_std_prefs): Explain the chosen order of
AES key sizes.
2005-04-01 09:03:15 +00:00
Werner Koch
a043c14d22 * cardglue.c (pin_cb): Disable debug output.
* mk-w32-dist: Check for patch files.
* w32installer.nsi: Translated a few more strings.  Print a
warning if permssions are not suitable for the installation.
Add Uninstaller entries.
2005-03-14 19:19:21 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
David Shaw
b883e9642b * keyedit.c (menu_set_keyserver_url): Make sure we only operate on the
chosen selfsig so we don't accidentally promote an older selfsig to
chosen.  Discovered by Simon Josefsson and 'Todd'.

* keygen.c (ask_expire_interval): Fix typo.
2004-12-21 15:49:56 +00:00
Werner Koch
29dd149778 (ask_expire_interval): For better translations chnage 2
strings.
2004-12-20 18:14:57 +00:00
David Shaw
07250279e7 * keyedit.c (keyedit_menu): Invisible alias "passwd" as "password".
* passphrase.c: Don't check for __CYGWIN__, so it is treated as a
unix-like system.

* options.h, g10.c (main), textfilter.c (standard): Use new option
--rfc2440-text to determine whether to filter "<space>\t\r\n" or just
"\r\n" before canonicalizing text line endings.  Default to
"<space>\t\r\n".
2004-12-20 05:19:09 +00:00
David Shaw
1e487ab1d6 * keygen.c (keygen_get_std_prefs): Set reference count when creating the
temporary user ID.

* keyedit.c (keyedit_menu): Merge updpref and setpref.  Keep updpref as an
invisible alias.  Add invisible alias for revphoto. Fix small memory leak
when using "setpref" (not all of the uid was freed). (menu_revkey):
Trigger a trust rebuild after revoking a key. Don't allow revoking an
already-revoked whole key. (menu_revsubkey): Don't allow revoking an
already-revoked subkey.
2004-12-19 05:20:07 +00:00
David Shaw
53ae360457 * keygen.c (ask_algo): Add a choose-your-own-capabilities option for DSA. 2004-12-09 15:49:47 +00:00
David Shaw
ea4d80b0a3 * keygen.c (ask_keysize): Change strings to always use %u instead of
hardcoding key sizes.  Bump default to 2048.  Bump minimum down to 512,
where possible, but require --expert to get there.  DSA is always 1024
unless --expert is given.
2004-12-07 17:58:35 +00:00
David Shaw
f15e944b98 * card-util.c, delkey.c, keygen.c, plaintext.c, keyedit.c, passphrase.c,
revoke.c: Collapse the two different "can't do that in batch mode" strings
into one.
2004-10-28 03:57:30 +00:00
Werner Koch
450f0d770b * pkclist.c (do_edit_ownertrust): Add a note to translators.
* keygen.c (ask_user_id): Ditto.

* helptext.c: Typo fix.
2004-10-15 09:39:25 +00:00
Werner Koch
8b7cb60229 another s/unsigned char*/byte*/ 2004-10-14 20:47:56 +00:00
Werner Koch
35774ec568 * misc.c (is_secured_filename): New.
* keydb.c (maybe_create_keyring)
* tdbio.c (tdbio_set_dbname)
* plaintext.c (handle_plaintext)
* openfile.c (copy_options_file, open_outfile)
* exec.c (exec_write)
* keygen.c (do_generate_keypair, gen_card_key_with_backup)
* sign.c (sign_file, clearsign_file)
* keyring.c (create_tmp_file, do_copy): Check for secured files
before creating them.

* keygen.c (print_status_key_created): s/unsigned char/byte/ due
to a strange typedef for RISC OS.  Noted by Stefan.
2004-10-14 07:11:57 +00:00
Werner Koch
151ca81f1a Added SELInux hacks and did some cleanups. 2004-10-13 18:10:06 +00:00
Werner Koch
690aa956f1 * keygen.c (read_parameter_file): New keyword "Handle". This is
bug 287.
	(print_status_key_not_created): New.
	(print_status_key_created): Add new arg HANDLE.
	(do_generate_keypair): Print not created status.
	* status.c, tatus.h (STATUS_KEY_NOT_CREATED): New.
2004-10-13 07:10:51 +00:00
Werner Koch
ca6dcb7258 (read_parameter_file): Changed to use iobuf based file
reading to allow the special file name feature to work.
2004-10-12 16:41:17 +00:00
David Shaw
f3687f6b6c * card-util.c, keyedit.c, openfile.c, pkclist.c, delkey.c, keygen.c,
photoid.c, revoke.c: Some yes-or-no prompts end in "(y/n)".  Some don't.
Consistently use y/n everywhere.
2004-10-10 15:27:14 +00:00
David Shaw
d41e6455a3 * keygen.c (ask_key_flags): New. (ask_algo): Call it here in --expert mode
so we don't need to specify each possible variation of RSA capabilities.
2004-10-10 14:33:37 +00:00
David Shaw
aa50dcff2f * keygen.c (do_add_key_flags): The spec says that all primary keys MUST be
able to certify.  Force the certify flag on for primaries (and off for
subkeys).
2004-10-10 14:19:39 +00:00
David Shaw
65ec9772a7 * keygen.c (generate_keypair): Fix generating keys with the auth flag. 2004-10-10 13:13:47 +00:00
David Shaw
4d26ab92cc * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo.  This helps fix a problem with PGP 2.x encrypted
symmetric messages.  Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).

* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings.  Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 20:34:38 +00:00
David Shaw
680be9be10 * keyedit.c (keyedit_menu), gpgv.c (agent_scd_getattr (stub)), keygen.c
(copy_mpi, generate_raw_key): Fix a compile problem and a few warnings
when building without card support.
2004-09-24 14:34:45 +00:00
Werner Koch
f36154535e Note: I have not fully tested the new key creation due to a pc/sc
error.  However the backupfile has been created successfully.

* rsa.c (rsa_generate): Return the dummy list of factors only if
the caller asked for it.

* card_util.c (generate_card_keys): ask whether backup should be
created.
(card_store_subkey): Factored some code out to ..
* keygen.c (save_unprotected_key_to_card): .. new function.
(gen_card_key_with_backup): New.
(generate_raw_key): New.
(generate_keypair): New arg BACKUP_ENCRYPTION_DIR.  Changed all
callers.
(do_generate_keypair): Divert to gen_card_key_with_backup when
desired.
2004-09-23 19:34:45 +00:00
Werner Koch
42c18de83a * gpg.sgml: Document "addcardkey" and "keytocard".
* apdu.c (open_pcsc_reader): Do not print empty reader string.

* keygen.c (ask_algo): Allow creation of AUTH keys.

* keyid.c (usagestr_from_pk): New.

* app-openpgp.c (app_openpgp_storekey): Call flush_cache.

* keyedit.c (keyedit_menu): New command "keytocard"
(keyedit_menu): Bad hack for the not_with_sk element.
(show_key_with_all_names): Print the usage.
(find_pk_from_sknode): New.

* card-util.c (card_store_subkey): New.
(copy_mpi): New.
* cardglue.c (agent_openpgp_storekey): New.
2004-09-23 13:32:31 +00:00
Werner Koch
9d17a635c9 * gpg.sgml: Document -K.
* g10.c: Make -K an alias for --list-secret-keys.

* keylist.c (print_card_serialno): New. Taken from gnupg 1.9.11.
(list_keyblock_print): Make use of it.
* keyedit.c (show_key_with_all_names): Print the card S/N.

* keyedit.c (keyedit_menu): New command ADDCARDKEY.
* card-util.c (card_generate_subkey): New.
* keygen.c (generate_card_subkeypair): New.
(gen_card_key): New arg IS_PRIMARY; changed all callers.

* cardglue.c (open_card): Use shutdown code if possible.
(check_card_serialno): Ditto.
2004-09-20 18:38:39 +00:00
David Shaw
0862ee6979 * keygen.c (keygen_add_keyserver_url), keyedit.c (menu_set_keyserver_url):
Allow setting a keyserver URL of "none" to remove an existing keyserver
URL.
2004-09-16 20:07:42 +00:00
David Shaw
2cba999f22 * g10.c (main): Alias --charset as --display-charset to help avoid the
continuing confusion and make room for possible changes in devel.

* parse-packet.c (parse_plaintext): Show the hex value for the literal
packet mode since it may not be printable.

* keygen.c (make_backsig): Make sure that the backsig was built
successfully before we try and use it.

* status.h, status.c (get_status_string), plaintext.c (handle_plaintext):
New status tags PLAINTEXT and PLAINTEXT_LENGTH.
2004-07-15 21:00:35 +00:00
Werner Koch
536841ecae * keylist.c (show_policy_url, show_keyserver_url, show_notation)
(list_one): Use const char* for i18n string helpers.

* keygen.c (do_generate_keypair, read_parameter_file): Really
close the files.
(do_generate_keypair): Create the secret key file using safe
permissions.  Noted by Atom Smasher.
2004-05-11 07:43:19 +00:00
David Shaw
732f049817 * keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create
backsigs.

* getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs
and verify they are valid.  If DO_BACKSIGS is not defined, fake this as
always valid.

* packet.h, parse-packet.c (parse_signature): Make parse_signature
non-static so we can parse 0x19s in self-sigs.

* main.h, sig-check.c (check_backsig): Check a 0x19 signature.
(signature_check2): Give a backsig warning if there is no or a bad 0x19
with signatures from a subkey.
2004-04-23 03:25:58 +00:00
David Shaw
4420275b83 * keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey.  Do not overload the ret_sk.  This is some early cleanup
to do backsigs for signing subkeys.

* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.

* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys.  Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.

* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).

* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 16:07:07 +00:00
David Shaw
f2148f03c5 * delkey.c (do_delete_key): Allow deleting a public key with a secret
present if --expert is set.

* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.

* encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c
(ask_algo), sig-check.c (do_check_messages), skclist.c (build_sk_list):
Rename "ElGamal" to "Elgamal" as that is the proper spelling nowadays.
Suggested by Jon Callas.
2004-02-26 02:03:27 +00:00
David Shaw
9842d84da0 * keygen.c (keygen_set_std_prefs): Build the default preferences list at
runtime as it properly handles algorithms disabled at build or run time.

* getkey.c (merge_selfsigs_main): Properly handle expired user IDs when
the expired self-sig is not the only self-sig.

* misc.c (compress_algo_to_string): Return NULL on failure like all of the
other xxxx_algo_to_string() functions.

* mainproc.c (list_node): Minor spacing tweak to match --list-keys output.

* keylist.c (list_keyblock_print), mainproc.c (list_node): Mark revoked
subkeys as revoked.  Requested by Matthew Wilcox.  Revoked overrides
expiration when both apply.

* keyedit.c (show_prefs): Use compress algo constants.
(show_basic_key_info): Make revoked and expired tags translatable.

* g10.c (rm_group): Properly ungroup from a list of groups.
2004-02-10 22:42:34 +00:00
David Shaw
1d12c12142 * misc.c (print_cipher_algo_note): May as well call Rijndael AES
at this point.

* keygen.c (do_create), misc.c (openpgp_pk_algo_usage): Remove the
last bits of Elgamal type 20 support.
2004-01-17 03:14:14 +00:00
David Shaw
973c868961 * keygen.c (ask_algo): Remove ability to generate Elgamal sign+encrypt
keys.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey): Disallow use of
sign+encrypt Elgamal keys.
2003-11-27 13:53:34 +00:00
David Shaw
5c37fd90bf * trustdb.h, trustdb.c (register_trusted_keyid): New. Adds a keyid to the
list of ultimately trusted keys.

* keygen.c (do_generate_keypair): Use it here so that the ultimate
ownertrust happens before the trustdb (might be) rebuilt.  Also fix an
error where the newly generated pk is thought to be a subkey by the
trustdb.

* g10.c (main): Fix --export-all do actually do something different than
--export.

* pkclist.c (build_pk_list): Show all recipients rather than showing each
recipient as they are added.

* mainproc.c (proc_symkey_enc, proc_encrypted): Keep a count of the number
of passphrases that can decrypt a symmetric or mixed symmetric/pk message
and include it in the list of keys shown to the user.
2003-11-01 01:13:16 +00:00
Werner Koch
bc14a878e2 Always enable the gen_card_key prototype. 2003-10-11 16:32:03 +00:00
Werner Koch
72c648c035 * cardglue.c (pin_cb): Detect whether an admin or regular PIN is
requested.
(genkey_status_cb): New.
(agent_scd_genkey): Implemented.

* keygen.c (generate_keypair): New arg CARD_SERIALNO and prepare
parameters for on card key generation. Changed all callers.
(do_generate_keypair): Add new arg card and merged casrd specific
changes from 1.9.
(proc_parameter_file): New arg card, apss it down to
do_generate_keypair and changed all callers.
(gen_card_key): New.

* g10.c: Include cardclue.h.
(main): s/app_set_default_reader_port/card_set_reader_port/.
* cardglue.c (card_set_reader_port): New to address include file
issues.
2003-10-08 15:21:20 +00:00
Werner Koch
8062cb418a * keygen.c (do_add_key_flags, parse_parameter_usage): Add support
the proposed AUTH key flag.
* getkey.c (fixup_uidnode, merge_selfsigs_main)
(merge_selfsigs_subkey, premerge_public_with_secret): Ditto.
* keylist.c (print_capabilities): Ditto.

* parse-packet.c (parse_key): Allow to parse the divert-to-card
S2K mode.
* build-packet.c (do_secret_key): Handle divert-to-card S2K
* seckey-cert.c (is_secret_key_protected): Ditto.
(check_secret_key): Ditto.

* keygen.c (do_ask_passphrase): Renamed from ask_passphrase.
* passphrase.c (ask_passphrase): New.
2003-09-30 08:00:08 +00:00
David Shaw
653da12d2c * main.h, keygen.c (keygen_add_keyserver_url): Signature callback for
adding a keyserver URL.

* keyedit.c (keyedit_menu, menu_set_keyserver_url): New command to set
preferred keyserver to specified (or all) user IDs.

* build-packet.c (build_sig_subpkt): Set preferred keyserver flag while
building a preferred keyserver subpacket.

* keylist.c (show_policy_url): Policy URLs might be UTF8.

* keyedit.c (menu_addrevoker): Fix leaking a few bytes.
2003-08-31 03:45:41 +00:00
David Shaw
fbdee01db9 * keygen.c (do_add_key_flags): Don't set the certify flag for subkeys.
(ask_algo): Provide key flags for DSA, Elgamal_e, and Elgamal subkeys.
(generate_keypair): Provide key flags for the default DSA/Elgamal keys.

* sig-check.c (signature_check, signature_check2, check_key_signature,
check_key_signature2): Allow passing NULLs for unused parameters in the x2
form of each function to avoid the need for dummy variables. getkey.c,
mainproc.c: Change all callers.

* trustdb.h, trustdb.c (read_trust_options): New.  Returns items from the
trustdb version record.

* keylist.c (public_key_list): Use it here for the new "tru" record.

* gpgv.c (read_trust_options): Stub.
2003-07-21 23:19:15 +00:00
David Shaw
f4617d97b8 * parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.

* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).

* Makefile.am: Include W32LIBS where appropriate.

* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.

* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.

* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.

* options.skel: Use subkeys.pgp.net as the default keyserver.

* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.

* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction.  This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.

* signal.c, tdbio.c: Comment out the transaction code.  It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).

* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading.  This
is a temporary kludge, and will be handled properly in 1.9/2.0.

* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.

* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids).  Do not allow signing a user ID without a
self-signature.  --expert overrides.  Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181

* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl.  Noted by Christian Biere.

* getkey.c (classify_user_id2): Replaced isspace by spacep

* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.

* keyedit.c (keyedit_menu): Ditto.

* tdbdump.c (import_ownertrust): Ditto.  s/isxdigit/hexdigitp/.

* revoke.c (ask_revocation_reason):

* keyserver.c (keyserver_spawn): Dito.
2003-07-10 14:30:07 +00:00
David Shaw
3a23c4230b * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
2003-05-24 21:50:33 +00:00
Werner Koch
6b55878912 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.

* passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.
* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
2003-04-10 09:56:47 +00:00
David Shaw
909f6a0637 * trustdb.c (validate_keys): Mask the ownertrust when building the list of
fully valid keys so that disabled keys are still counted in the web of
trust. (get_ownertrust_with_min): Do the same for the minimum ownertrust
calculation.

* parse-packet.c (dump_sig_subpkt): Show the notation names for
not-human-readable notations.  Fix cosmetic off-by-one length counter.

* options.skel: Add explantion and commented-out
"no-mangle-dos-filenames".

* mainproc.c (proc_encrypted): Make string translatable.

* keyserver.c (keyserver_spawn): Quote ':', '%', and any 8-bit characters
in the uid strings sent to the keyserver helper.

* keyring.c (keyring_rebuild_cache): Lock the keyring while rebuilding the
signature caches to prevent another gpg from tampering with the temporary
copy.

* keygen.c (keygen_set_std_prefs): Include AES192 and AES256 in default
prefs.

* keyedit.c (show_prefs): Make strings translatable.

* keydb.c: Double the maximum number of keyrings to 40.

* gpgv.c (main): Fix bug #113 - gpgv should accept the
--ignore-time-conflict option.

* g10.c (main): --openpgp disables --pgpX.  Double the amount of secure
memory to 32k (keys are getting bigger these days).

* Makefile.am: Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-03-04 15:24:12 +00:00
David Shaw
30d0fc519d * sign.c (sign_file): Do not push textmode filter onto an unopened IOBUF
(segfault).  Noted by Marcus Brinkmann.  Push and reinitialize textmode
filter for each file in a multiple file list.

* packet.h, getkey.c (fixup_uidnode), keyedit.c (show_prefs): Set and show
the keyserver no-modify flag.

* keygen.c (add_keyserver_modify): New. (keygen_upd_std_prefs): Call it
here. (keygen_set_std_prefs): Accept "ks-modify" and "no-ks-modify" as
prefs to set and unset keyserver modify flag.
2003-02-22 23:58:39 +00:00
David Shaw
4ee2d23892 * keygen.c (keygen_set_std_prefs): Don't put AES or CAST5 in default prefs
if they are disabled.
2003-02-21 22:16:43 +00:00
David Shaw
254225ac37 * keygen.c (keygen_set_std_prefs): Warn when setting an IDEA preference
when IDEA is not available.
2003-01-07 15:30:02 +00:00
David Shaw
f3f1015f6a * keydb.h, getkey.c (key_byname): Flag to enable or disable including
disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and
--encrypt-to.

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.

* gpgv.c (is_disabled): Stub.

* keygen.c (keygen_add_key_expire): Properly handle updating a key
expiration to a no-expiration value.

* keyedit.c (enable_disable_key): Comment.

* import.c (import_one): When in interactive mode and --verbose, don't
repeat some key information twice.
2002-12-26 22:22:50 +00:00
David Shaw
eb9607707e * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
RECTYPE_TRUST records a bit.

* g10.c (main): Comment out --list-trust-path until it can be implemented.

* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.

* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.
2002-12-11 17:50:38 +00:00
David Shaw
1aec20776c * main.h, keyedit.c, keygen.c: Back out previous (2002-12-01) change.
Minimal isn't always best.

* sign.c (update_keysig_packet): Use the current time rather then a
modification of the original signature time.  Make sure that this doesn't
cause a time warp.

* keygen.c (keygen_add_key_expire): Properly handle a key expiration date
in the past (use a duration of 0).

* keyedit.c (menu_expire): Use update_keysig_packet so any sig subpackets
are maintained during the update.

* build-packet.c (build_sig_subpkt): Mark sig expired or unexpired when
the sig expiration subpacket is added. (build_sig_subpkt_from_sig): Handle
making an expiration subpacket from a sig that has already expired (use a
duration of 0).

* packet.h, sign.c (update_keysig_packet), keyedit.c
(menu_set_primary_uid, menu_set_preferences): Add ability to issue 0x18
subkey binding sigs to update_keysig_packet and change all callers.
2002-12-04 18:50:10 +00:00
David Shaw
db9195c10b * keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
2002-12-01 20:59:04 +00:00
David Shaw
1c6bcef3ce * keygen.c (keygen_set_std_prefs): Properly handle an empty preference
string.

* misc.c (string_to_compress_algo): "none" is a bad choice since it
conflicts with the "none" in setpref.
2002-11-21 16:25:05 +00:00
David Shaw
39e659312e * keygen.c (set_one_pref, keygen_set_std_prefs): Allow using the full
algorithm name (CAST5, SHA1) rather than the short form (S3, H2).

* main.h, keygen.c (keygen_get_std_prefs), keyedit.c (keyedit_menu):
Return and use a fake uid packet rather than a string since we already
have a nice parser/printer in keyedit.c:show_prefs.

* main.h, misc.c (string_to_compress_algo): New.
2002-11-03 00:00:42 +00:00
Werner Koch
e5f14f15da * keygen.c (print_status_key_created): New.
(do_generate_keypair): Use it to print the fingerprint.
(generate_subkeypair): Likewise.
2002-10-12 11:47:40 +00:00
Werner Koch
c5445cc323 * g10.c, options.h: Removed option --emulate-checksum-bug.
* misc.c (checksum_u16_nobug): Removed.
(checksum_u16): Removed the bug emulation.
(checksum_mpi): Ditto.
(checksum_mpi_counted_nbits): Removed and replaced all calls
with checksum_mpi.
* parse-packet.c (read_protected_v3_mpi): New.
(parse_key): Use it here to store it as an opaque MPI.
* seckey-cert.c (do_check): Changed the v3 unprotection to the new
why to store these keys.
(protect_secret_key): Likewise.
* build-packet.c (do_secret_key): And changed the writing.
2002-09-11 07:27:54 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00
Werner Koch
986649bea0 Some configuration changes 2000-11-14 16:04:16 +00:00
Werner Koch
c287a8d05b Add features packet and fixes MIPS3. 2000-10-11 17:26:49 +00:00
Werner Koch
5a9ea8ff5c Changed keyring handling - saving still does not work.
Added new cipher mode and updated cipher test program.
2000-10-10 12:58:43 +00:00
Werner Koch
14974bc5d7 See ChangeLog: Fri Oct 6 14:29:16 CEST 2000 Werner Koch 2000-10-06 12:28:44 +00:00
Werner Koch
9c20f65cbe See ChangeLog: Wed Oct 4 13:16:18 CEST 2000 Werner Koch 2000-10-04 11:16:19 +00:00
Werner Koch
986d928ce2 See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch 2000-09-18 14:35:34 +00:00
Werner Koch
7a8c8b4826 See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
Werner Koch
d81c3f733b See ChangeLog: Fri Jul 28 18:19:11 CEST 2000 Werner Koch 2000-07-28 16:19:07 +00:00
Werner Koch
b872ea2577 See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch 2000-07-25 15:38:12 +00:00
Werner Koch
92cd255508 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch 2000-07-14 17:34:53 +00:00
Werner Koch
100fc8da59 See ChangeLog: Mon Jan 31 16:37:34 CET 2000 Werner Koch 2000-01-31 15:27:03 +00:00
Werner Koch
baa30ad117 See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch 2000-01-27 16:50:45 +00:00
Werner Koch
db43afc923 See ChangeLog: Mon Jan 24 22:24:38 CET 2000 Werner Koch 2000-01-24 21:14:42 +00:00
Werner Koch
0070faa0ff See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch 2000-01-24 11:55:49 +00:00
Werner Koch
ed0b0e09d3 See ChangeLog: Fri Dec 31 12:48:31 CET 1999 Werner Koch 1999-12-31 11:44:29 +00:00
Werner Koch
4555c0be94 See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner Koch 1999-12-08 21:03:03 +00:00
Werner Koch
881e513237 See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner Koch 1999-11-13 16:43:23 +00:00
Werner Koch
cf70ca8d68 See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch 1999-10-26 12:14:37 +00:00
Werner Koch
0428ca6da6 See ChangeLog: Wed Sep 1 15:30:44 CEST 1999 Werner Koch 1999-09-01 13:40:07 +00:00
Werner Koch
bd7298cf0d See ChangeLog: Wed Jul 7 13:23:40 CEST 1999 Werner Koch 1999-07-07 11:28:26 +00:00
Werner Koch
28eb86c006 See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch 1999-07-01 10:53:35 +00:00
Werner Koch
1423b4239b See ChangeLog: Wed Jun 16 20:16:21 CEST 1999 Werner Koch 1999-06-16 18:25:37 +00:00
Werner Koch
9f40263e56 See ChangeLog: Wed Apr 7 20:51:39 CEST 1999 Werner Koch 1999-04-07 18:58:34 +00:00
Werner Koch
dafcce0177 See ChangeLog: Sun Mar 14 19:34:36 CET 1999 Werner Koch 1999-03-14 18:35:18 +00:00
Werner Koch
20bb42bfe7 See ChangeLog: Tue Mar 2 16:44:57 CET 1999 Werner Koch 1999-03-02 15:48:37 +00:00
Werner Koch
0f5bb383b5 See ChangeLog: Sun Feb 28 19:11:00 CET 1999 Werner Koch 1999-02-28 18:14:18 +00:00
Werner Koch
e1a1b3fc90 See ChangeLog: Tue Feb 16 14:10:02 CET 1999 Werner Koch 1999-02-16 13:16:33 +00:00
Werner Koch
9a4f506a18 See ChangeLog: Wed Feb 10 17:15:39 CET 1999 Werner Koch 1999-02-10 16:22:40 +00:00
Werner Koch
ce650acf1f See ChangeLog: Tue Jan 19 19:34:58 CET 1999 Werner Koch 1999-01-19 18:37:41 +00:00
Werner Koch
62957ff4e7 See ChangeLog: Tue Jan 12 11:17:18 CET 1999 Werner Koch 1999-01-12 10:20:24 +00:00
Werner Koch
6e08b235cb See ChangeLog: Tue Dec 29 14:41:47 CET 1998 Werner Koch 1998-12-29 13:47:31 +00:00
Werner Koch
750d74333c See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner Koch 1998-12-23 12:41:40 +00:00
Werner Koch
af6e96e4f9 See ChangeLog: Thu Dec 10 20:15:36 CET 1998 Werner Koch 1998-12-10 19:20:47 +00:00
Werner Koch
a7d13c0d80 See ChangeLog: Fri Nov 27 12:39:29 CET 1998 Werner Koch 1998-11-27 11:42:49 +00:00
Werner Koch
47c61bafe3 Expiration time works (I hope so) 1998-11-20 17:42:18 +00:00
Werner Koch
b9dd2ebb2c (Does not compile yet) 1998-11-03 19:38:58 +00:00
Werner Koch
e309a875cb Epxerimenta support for GDBM keyings. 1998-10-21 17:34:36 +00:00
Werner Koch
6e16296864 Snapshot release 0.4.2 1998-10-18 15:21:22 +00:00
Werner Koch
e81e0970f7 last local commit 1998-10-16 16:00:17 +00:00