* g10/armor.c (radix64_read): Detect the end of armor when
there is no CRC24 checksum.
--
Cherry-pick master commit of:
3a344d6236521d768793e8b34a96a18ce13bab0e
GnuPG-bug-id: 7071
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/keylist.c (list_all): Handle error from list_keyblock.
(list_one): Ditto.
(locate_one): Ditto.
(list_keyblock): Detect write error, print, and return it.
(list_keyblock_direct): Return error from list_keyblock.
* g10/import.c (import_one_real): Break on listing error.
--
Test by using
gpg -k >/dev/full
GnuPG-bug-id: 6185
* g10/keygen.c (parse_key_parameter_part): Change Kyber defaults.
--
Also kyber1024 is now a shortcut for ky1024_bp384. This change is to
align it with the original wussler draft.
* g10/keygen.c (struct opaque_data_usage_and_pk): New.
(do_add_notation): New.
(keygen_add_key_flags_from_oduap): New.
(write_keybinding): Prepare for de-vs cplimance notation. Add a
notation to Kyber subkeys.
--
This code is based on the 2.2
commit b284412786d71c1cf382e1dff3a36ec6cce11556
However the de-vs notation is currently ineffective as long as
Libgcrypt won't claim compliance.
The new notation fips203.ipd.2023-08-24 has been added to allow
detection of subkeys which have been crated with a pre-final FIPS203
spec for Kyber.
* common/openpgp-oid.c (oidtable): Support KEM for bp256 and bp384.
* g10/pkglue.c (do_encrypt_kem): Ditto.
--
GnuPG-bug-id: 6815
Note, this needs the very latest Libgcrypt to work properly
* g10/pkglue.c (do_encrypt_kem): Support cv25519 w/o 0x40
prefix. Support X448.
(ECC_POINT_LEN_MAX): New.
(ECC_HASH_LEN_MAX): New.
* common/openpgp-oid.c (oidtable): Support X448 KEM.
--
This needs more work. For example we should use a parameter table
like what we do in agent/pkdecrypt.c.
GnuPG-bug-id: 6815
* g10/options.h (LIST_SHOW_OWNERTRUST): New.
* g10/keylist.c (print_key_line): Show wonertrust and always show
whether a key is disabled.
* g10/gpg.c (parse_list_options): Add "show-ownertrust".
* g10/gpgv.c (get_ownertrust_string): Add stub.
* g10/test-stubs.c (get_ownertrust_string): Add stub.
--
Note that in a --with-colons listing the ownertrust has always been
emitted and the disabled state is marked in that listing with a
special 'D' usage.
* g10/options.h (LIST_SHOW_OWNERTRUST): New.
* g10/keylist.c (print_key_line): Show wonertrust and always show
whether a key is disabled.
* g10/gpg.c (parse_list_options): Add "show-ownertrust".
* g10/gpgv.c (get_ownertrust_string): Add stub.
* g10/test-stubs.c (get_ownertrust_string): Add stub.
--
Note that in a --with-colons listing the ownertrust has always been
emitted and the disabled state is marked in that listing with a
special 'D' usage.
* g10/gpg.c (oWithoutSubkeyFingerprint): New.
(opts): Add "without-subkey-fingerprint".
(main): Make --with-subkey-fingerprint the default. Implementation
the without option.
--
Given that the default for the keyid format is none, the subkey
fingerprints are important to do anything with a subkey. Thus we make
the old option the default and provide a new option to revert it.
* g10/build-packet.c (do_pubkey_enc): Support Kyber.
* g10/pkglue.c (do_encrypt_kem): Implement.
--
Note that the code does only work for ky768_cv25519 for now.
GnuPG-bug-id: 6815
* common/kem.c: Move constants to the top. Add some documentation.
* g10/pkglue.c (pk_encrypt): Add arguments session_key and factor code
out to ...
(do_encrypt_rsa_elg): here,
(do_encrypt_ecdh): and here,
(do_encrypt_kem): and here.
* g10/encrypt.c (write_pubkey_enc): Call with session key algorithm.
--
This makes it easier to review the code.
* g10/pkglue.c (pk_encrypt): Remove superfluous arguments and reanem
variable rc to err.
* g10/encrypt.c (write_pubkey_enc): Adjust for this change.
--
We used to pass PK as well as information which could be taken
directly from PK. Using ERR instead of RC is just for more uniform
naming of variables.
* g10/packet.h (PKT_pubkey_enc): Add field seskey_algo.
(struct pubkey_enc_list): Ditto.
* g10/misc.c (pubkey_get_nenc): Change value for Kyber from 4 to 3.
* g10/parse-packet.c (parse_pubkeyenc): Store the Kyber algo in the
new field and adjust data. Do not store the length byte in data[2].
* g10/build-packet.c (do_pubkey_enc): Take the session algo for Kyber
from the new field.
* g10/encrypt.c (write_pubkey_enc): Ses the seskey_algo.
* g10/mainproc.c (proc_pubkey_enc): Copy it.
* g10/pubkey-enc.c (get_it): Support Kyber decryption.
* g10/seskey.c (encode_session_key): Handle Kyber different from ECDH.
--
Having always the single byte in the packet data than to store and
retrieve it from an MPI is much easier. Thus this patch changes the
original internal format. With this chnages decryption of the slighly
modified test data works now. See the bug tracker for test data.
GnuPG-bug-id: 6815
* common/openpgp-oid.c (openpgp_is_curve_supported): Allow the
abbreviated curve name.
* g10/pkglue.c (pk_encrypt): Add debug output.
* g10/seskey.c (encode_session_key): Handle Kyber session key like
ECDH. This is just a stub.
* g10/keygen.c (ecckey_from_sexp): Use the modern OID for cv25519.
(parse_key_parameter_part): Allow more Kyber variants.
--
Test by creating an ed25519 key and using
gpg --quick-add-key --batch --passphrase "" <fingerprint> <algo>
to create several subkeys. Tested with ALGOs:
kyber768
kyber1024
ky768_cv25519
ky768_bp256
kyber768_nistp256
ky1024_cv448
All curves capable of encryption should work.
GnuPG-bug-id: 6815
* g10/armor.c (radix64_read): Detect the end of armor when
there is no CRC24 checksum.
--
GnuPG-bug-id: 7071
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/keygen.c (print_key_flags): Print "RENC" if set.
(ask_key_flags_with_mask): Remove RENC from the possible set of
usages. Add a direct way to set it iff the key is encryption capable.
--
This could be done by using "set your own capabilities" for an RSA
key. In fact it was always set in this case.
GnuPG-bug-id: 7072
* agent/cvt-openpgp.c (extract_private_key): Support Kyber algorithms.
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): Map KEM to Kyber.
* common/sexputil.c (get_pk_algo_from_key): Increase buffer for use
with "kyber1024".
* g10/call-agent.c (agent_get_keyinfo): Fix warning.
* g10/keygen.c (do_create_from_keygrip): Support Kyber.
(ask_algo): Ditto.
--
To test create a standard key and the use --edit-key and "addkey" with
selection 13 and use the comma delimited keygrips.
GnuPG-bug-id: 7014
* g10/keyid.c (keygrip_from_pk): Add arg get_second to support dual
algos. Implement for Kyber.
(hexkeygrip_from_pk): Extend for dual algos.
* g10/call-agent.c (agent_keytotpm): Bail out for dual algos.
(agent_keytocard): Ditto.
(agent_probe_secret_key): Handle dual algos.
(agent_probe_any_secret_key): Ditto.
(agent_get_keyinfo): Allow for dual algos but take only the first key.
* g10/export.c (do_export_one_keyblock): Bail out for dual algos.
--
This also adds some fixmes which we eventually need to address.
GnuPG-bug-id: 6815
* g10/call-agent.c (agent_probe_any_secret_key): Act on --quiet.
--
When using the extra-socket this disagnostic will be printed because a
listing of all secret keys is not allowed by a remote gpg.
* g10/keygen.c (print_key_flags): Print "RENC" if set.
(ask_key_flags_with_mask): Remove RENC from the possible set of
usages. Add a direct way to set it iff the key is encryption capable.
--
This could be done by using "set your own capabilities" for an RSA
key. In fact it was always set in this case.
GnuPG-bug-id: 7072
* common/openpgpdefs.h (PUBKEY_ALGO_KY768_25519): Remove.
(PUBKEY_ALGO_KY1024_448): Remove.
(PUBKEY_ALGO_KYBER): New. Use them everywhere instead of the removed.
* g10/build-packet.c (gpg_mpi_write_nohdr): Rename to
(gpg_mpi_write_opaque_nohdr): this. Change callers.
(gpg_mpi_write_opaque_32): New.
(do_key): Support Kyber keys using the revised format.
* g10/gpg.h (MAX_EXTERN_KEYPARM_BITS): New.
* g10/parse-packet.c (read_octet_string): Add arg nbytes so support
reading with a length prefix. Adjust callers.
(parse_key): Parse Kyber public keys.
* g10/misc.c (pubkey_get_npkey): Support Kyber.
(pubkey_get_nskey): Ditto.
* g10/keyid.c (pubkey_string): Support dual algorithms.
(do_hash_public_key): Support Kyber.
(nbits_from_pk): Ditto.
(keygrip_from_pk): Return the Kyber part for the ECC+Kyber dual algo.
* g10/keygen.c (struct common_gen_cb_parm_s): Add genkey_result2.
Note that this callback is not yet used.
(ecckey_from_sexp): Add optional arg sexp2 and use it for Kyber.
Change callers.
(ecckey_from_sexp): Do not leak LIST in case of an error.
(common_gen): Add arg keyparms2, change callers, and support Kyber.
(gen_kyber): New.
(get_keysize_range): Support Kyber.
(fixup_keysize): Simplify and support Kyber.
(do_create): Handle Kyber.
(parse_key_parameter_part): Remove algo strings "ky768" and "ky1024"
and add a generic "kyber" with default parameters.
--
This uses a revised format which is more aligned with the usual
OpenPGP structure. A lot of things are still missing. For example
support for handling two keygrips and checking both of them in a -K
listing. There is also only ky768_bp384 as fixed algorithm for now.
No passphrase for the Kyber part of the dual algorithm is on purpose.
A test was done using
gpg --quick-gen-key pqc1 nistp256
and then running
gpg -v --quick-add-key <fingerprint> kyber
which creates a v5 subkey on a v4 primary key. A second test using
gpg --quick-gen-key pqc2 Ed448
followed by a --quick-add-key created a v5 key with a v5 subkey.
GnuPG-bug-id: 6815
* common/sysutils.c (no_translate_sys2libc_fd) [W32]: New global.
(disable_translate_sys2libc_fd): New.
(translate_sys2libc_fd): Make static and cobuild only for Windows.
(translate_sys2libc_fd_int): Use no_translate_sys2libc_fd flag.
* g10/gpg.c, sm/gpgsm.c (oDisableFdTranslation): New const.
(opts): Add option "disable-fd-translation".
(main): Set option.
--
GnuPG-bug-id: 7060
* g10/mainproc.c (proc_encrypted): Force a decryption failure if any
error has been seen.
* g10/decrypt-data.c (aead_checktag): Issue an ERROR line.
--
GnuPG-bug-id: 7042
Note that gpg in any case returns a failure exit code but due to
double forking GPGME would not see it.
* g10/mainproc.c (proc_encrypted): Force a decryption failure if any
error has been seen.
* g10/decrypt-data.c (aead_checktag): Issue an ERROR line.
--
GnuPG-bug-id: 7042
Note that gpg in any case returns a failure exit code but due to
double forking GPGME would not see it.
* g10/options.h (LIST_STORE_X509_NOTATIONS): New.
* g10/gpg.c (parse_list_options): Add "store-x509-notations".
* g10/keylist.c (print_x509_notations): Add arg PK and code to write a
file.
(list_signature_print): Add arg lastpk and handle new option.
(list_keyblock_print): Track last key or subkey and pass to
list_signature_print.
* g10/sign.c (sign_symencrypt_file): Initialize MD for the error case.
--
Reported-by: Falko Strenzke
Fixes-commit: 1ddd69935da629188dcf9215cd9e7a8f68b34a97
in the not yet released master branch.
* tools/gpg-wks-client.c (mirror_one_key): Test for no domain
specified.
--
The code did not really work if no domain was given. It worked but
filtered out all keys so that no key was actually exported.
* g10/trustdb.c: Move a function and some definitions around.
(user_utk_list): Rename to trusted_key_list. Change all users.
(any_trusted_key_seen): New.
(tdb_register_trusted_key): Set it here. Handle the new value "none".
(verify_own_keys): Do not delete a trusted key from the trustdb if a
trusted-key option was not used.
--
GnuPG-bug-id: 7025
* g10/options.h (EXPORT_REALCLEAN): New. Also re-assign other values
to keep them more in sync with the corresponding import values.
* g10/export.c (parse_export_options): Add "export-realclean".
(do_export_stream): Call clean_all_uids directly with the options
arg.
* g10/import.c (import_one_real): Change for direct use of options in
clean_all_uids.
* g10/key-clean.c (is_trusted_key_sig): New. Stub for now.
(clean_sigs_from_uid): Re-purpose self_only to a general options arg.
Implement EXPORT_REALCLEAN code path.
(clean_one_uid): Re-purpose self_only to a general options arg.
(clean_all_uids): Ditto.
* g10/keyedit.c (keyedit_menu): Use EXPORT_MINIMAL instead of a simple
flag.
(menu_clean): Re-purpose self_only to a general options arg.
* g10/keyid.c (fpr20_from_pk): Factor code out to ....
(fpr20_from_fpr): new. Remove useless case for ARRAY being NULL.
* g10/tdbio.c (tdbio_search_trust_byfpr): Add arg fprlen and use
fpr20_from_fpr if needed.
(tdbio_search_trust_bypk): Pass 20 for the fingerprint length.
--
Note that this code has no function yet. Another patch will follow to
extract the trusted-keys flag from the trustdb.
* g10/compress-bz2.c: Replace all log_fatal by log_error,
write_status_error, and g10_exit.
(do_uncompress): Ditto.
--
This gives gpgme a better way to detect corrupted data in the
compression layer.
GnuPG-bug-id: 6977
* agent/gpg-agent.c (parse_rereadable_options): Use make_filename_try
for opt.pinentry_program. Change definition accordingly.
* g10/gpg.c (main): Use make_filename for agent_program,
dirmngr_program, and keyboxd_program. Change definition accordingly.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-card.c (parse_arguments): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpg-wks-client.c (parse_arguments): Likewise. Do it also for
option --output.
(process_confirmation_request): Print a note for a successful sent.
--
GnuPG-bug-id: 7017
* g10/build-packet.c (gpg_mpi_write): Take care of the fact that
get_opaque already returns a bit-exact value.
--
Fixes-commit: ab17f7b6c392782718f57eaea94fc18a0ff49389
Reported-by: Falko Strenzke <falko.strenzke@mtg.de>