* scd/app-openpgp.c (determine_rsa_response): Round bits up.
--
Co-authored-by: Arnaud Fontaine <arnaud.fontaine@ssi.gouv.fr>
Arnaud wrote:
Actually, when the incorrect expected response length (i.e. Le
field) is transmitted to the card, the card's answer is missing a
byte (i.e. ... 6101) so an additional command has to be sent to the
card to retrieve the last byte. Using the correct length avoids to
send the additional command to retrieve the missing byte, when the
computed length is wrong.
Note that an value of 65537 for E is pretty standard and thus we can
avoid the 6101 return code inmost cases.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/sig-check.c (check_signature_over_key_or_uid): Remove useless
condition. Actually free when SIGNER was allocated by us.
--
SIGNER_ALLOCATED never received a value of -1 but that was tested.
IF SIGNER_ALLOCATED was 2 the memory was never freed:
if (signer_allocated == 1)
if (signer_allocated == 2)
free()
Fixes-commit: 44cdb9d73f1a0b7d2c8483a119b9c4d6caabc1ec
This function needs to be audited more thoroughly.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
This is to make those function better readable.
if (foo)
/* Comment */
{
}
is bad style because it requires extra time to notice the begin of the
block and vice versa when noticing the block it is not clear whether
this is an conditioned or unconditioned block.
Having asterisks on the left is better for view impaired people and
for b/w printouts.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (gpgconf_list): Announce "auto-key-retrieve".
(main): Simplify setting of KEYSERVER_AUTO_KEY_RETRIEVE.
* tools/gpgconf-comp.c: Make "no-auto-key-retrieve" invisible. Make
"auto-key-retrieve" an expert option.
--
This basically reverts 9bb13a0e819334681caca38c9074bd7bfc04e45e
because --no-auto-key-retrieve is again the default. Note that we
allow both options for the sake of profiles.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/openpgp/Makefile.am (XTESTS): Remove test.
(EXTRA_DIST): Add test file.
--
There are two problems with this test: First a syntax error in the
file name so that the test was not used at all. Second the test
currently returns FAIL.
Fixes-commit: c23a69970ba38edae9d3b2603825d18fbb732423
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (GNUPG_SWDB_TAG): New ac_define. Set it to "gnupg22".
* tools/gpgconf.c (query_swdb): Use it.
* build-aux/speedo.mk: Change tag "gnupg21" to "gnupg22".
* Makefile.am (distcheck-hook): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (L_): Define agent_Lunderscore when simple
gettext is used.
--
This fixes a regression introduced by b3286af3 ENABLE_NLS
is not defined if we use simple gettext and not gettext.
GnuPG-Bug-Id: T3364
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* tests/openpgp/trust-pgp-1.scm: New file.
* tests/openpgp/trust-pgp-2.scm: New file.
* tests/openpgp/trust-pgp-3.scm: New file.
* tests/openpgp/trust-pgp-4.scm: New file.
* tests/openpgp/trust-pgp/common.scm: New file.
* tests/openpgp/trust-pgp/scenario1.asc: New file.
* tests/openpgp/trust-pgp/scenario2.asc: New file.
* tests/openpgp/trust-pgp/scenario3.asc: New file.
* tests/openpgp/trust-pgp/scenario4.asc: New file.
* tests/openpgp/trust-pgp/alice.sec.asc: New file.
* tests/openpgp/trust-pgp/bobby.sec.asc: New file.
* tests/openpgp/trust-pgp/carol.sec.asc: New file.
* tests/openpgp/trust-pgp/david.sec.asc: New file.
* tests/openpgp/trust-pgp/frank.sec.asc: New file.
* tests/openpgp/trust-pgp/grace.sec.asc: New file.
* tests/openpgp/trust-pgp/heidi.sec.asc: New file.
* tests/openpgp/Makefile.am (XTESTS): Add new tests.
(TEST_FILES): Add new files.
(EXTRA_DIST): Add new common file.
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* tests/openpgp/tofu.scm (gettrust): Moved to the common defs.scm
module.
(checktrust): Likewise.
* tests/openpgp/defs.scm (gettrust): New function.
(checktrust): Likewise.
--
These functions will be re-used by the tests for the PGP trust
model.
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* tools/gpgconf-comp.c (gc_options_gpg): Add max-cert-depth,
completes-needed, and marginals-needed options.
* g10/gpg.c (gpgconf_list): Likewise.
--
Some tests to come for the PGP trust model will need to manipulate
these parameters.
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* tests/gpgscm/scheme.c (CASE): Rearrange so that the case statement
is at the front.
(Eval_Cycle): Improve fallthrough annotations.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/gpg.c (main): remove KEYSERVER_AUTO_KEY_RETRIEVE from the
default keyserver options.
* doc/gpg.texi: document this change.
--
This is a partial reversion of
7e1fe791d188b078398bf83c9af992cb1bd2a4b3. Werner and i discussed it
earlier today, and came to the conclusion that:
* the risk of metadata leakage represented by a default
--auto-key-retrieve, both in e-mail (as a "web bug") and in other
contexts where GnuPG is used to verified signatures, is quite high.
* the advantages of --auto-key-retrieve (in terms of signature
verification) can sometimes be achieved in other ways, such as when
a signed message includes a copy of its own key.
* when those other ways are not useful, a graphical, user-facing
application can still offer the user the opportunity to choose to
fetch the key; or it can apply its own policy about when to set
--auto-key-retrieve, without needing to affect the defaults.
Note that --auto-key-retrieve is specifically about signature
verification. Decisions about how and whether to look up a key during
message encryption are governed by --auto-key-locate. This change
does not touch the --auto-key-locate default of "local,wkd". The user
deliberately asking gpg to encrypt to an e-mail address is a different
scenario than having an incoming e-mail trigger a potentially unique
network request.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/openpgp/README: Add quickstart instructions, how to use
shell.scm, remove no longer used MKDATA.
Signed-off-by: Justus Winter <justus@g10code.com>
* configure.ac: New option --enable-all-tests.
* tests/gpgscm/ffi.c (ffi_init): New gloabl var *run-all-tests*.
* tests/openpgp/all-tests.scm (all-tests): Use that var instead
of *maintainer-mode*.
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Add --enable-all-tests.
--
It is better to have a separate option to run all tests than to put
this on top of --enable-maintainer-mode. This way we can also make
sure to run all tests during "make distcheck".
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/tests.scm (test-pool): Add delimiter lines.
--
This is to make those summaries a bit more simlar to those from
automake.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpg.texi: Document new option.
* g10/call-dirmngr.c (create_context): Fail if option is given.
* g10/gpg.c (cmd_and_opt_values): New value.
(opts): New option.
(gpgconf_list): Add new option.
(main): Handle new option.
* g10/options.h (struct opt): New field 'disable_dirmngr'.
* tools/gpgconf-comp.c (gc_options_gpg): New option.
GnuPG-bug-id: 3334
Signed-off-by: Justus Winter <justus@g10code.com>
* doc/examples/systemd-user/*.service: Drop redundant After=*.socket
directive.
--
systemd.socket(5) says:
Socket units will have a Before= dependency on the service which
they trigger added implicitly.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* doc/examples/systemd-user/*.service: drop RefuseManualStart=true
--
These user services can be safely started manually as long as at least
their primary sockets are available. They'll just start with nothing
to do, which should be fine.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* configure.ac: Leak the maintainer mode flag into 'config.h'.
* tests/gpgscm/ffi.c: Pass it into the scheme environment.
* tests/openpgp/all-tests.scm: Only run tests against non-default
configurations (keyring, extended-key-format) in maintainer mode.
--
Werner is concerned that the tests do take up too much time and asked
me to reduce the runtime of the tests for normal users.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (gc_options_gpg): Re-add "auto-key_retrieve".
--
Although this option is invisible, it might be in use by gpgconf
profiles. We don't want to break them.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (gpgconf_list): Print no-auto-key-retrieve instead of
auto-key-retrieve.
* tools/gpgconf-comp.c (gc_options_gpg): Replace auto-key-retrieve by
no-auto-key-retrieve and chnage level from invisible to advanced.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (main): Add KEYSERVER_AUTO_KEY_RETRIEVE to the default
keyserver options. Set the default for --auto-key-locate to
"local,wkd". Reset that default iff --auto-key-locate has been given
in the option file or in the commandline.
* g10/getkey.c (parse_auto_key_locate): Work on a copy of the arg.
--
GnuPG-bug-id: 3324
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (IMPORT_DRY_RUN): New.
* g10/import.c (parse_import_options): Add "show-only".
(import_one): use that as alternative to opt.dry_run.
--
This is just a convenience thing for
--import-options import-show --dry-run
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/revoke.c (gen_standard_revocation): Set opt.outfile to NULL
temporarily to create certificate in right place.
Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3015
* g10/main.h (open_outfile): New parameter NO_OUTFILE.
* g10/openfile.c (open_outfile): New parameter NO_OUTFILE. If given,
never use opt.outfile.
* g10/revoke.c (create_revocation): If FILENAME is true, also set
NO_OUTFILE to true (for standard revocation certificates).
* g10/dearmor.c, g10/encrypt.c, g10/export.c, g10/revoke.c,
g10/sign.c: Adjust all other callers.
Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3015
* artwork/icons/index.css: New file.
* artwork/icons/index.html: New file.
* artwork/icons/lock-12.png: New file.
* artwork/icons/lock-128.png: New file.
* artwork/icons/lock-16.png: New file.
* artwork/icons/lock-24.png: New file.
* artwork/icons/lock-256.png: New file.
* artwork/icons/lock-32.png: New file.
* artwork/icons/lock-48.png: New file.
* artwork/icons/lock-64.png: New file.
* artwork/icons/lock-wing-12.png: New file.
* artwork/icons/lock-wing-128.png: New file.
* artwork/icons/lock-wing-16.png: New file.
* artwork/icons/lock-wing-24.png: New file.
* artwork/icons/lock-wing-256.png: New file.
* artwork/icons/lock-wing-32.png: New file.
* artwork/icons/lock-wing-48.png: New file.
* artwork/icons/lock-wing-64.png: New file.
* artwork/icons/lock-wing.svg: New file.
* artwork/icons/lock.svg: New file.
* artwork/icons/wing-12.png: New file.
* artwork/icons/wing-128.png: New file.
* artwork/icons/wing-16.png: New file.
* artwork/icons/wing-24.png: New file.
* artwork/icons/wing-256.png: New file.
* artwork/icons/wing-32.png: New file.
* artwork/icons/wing-48.png: New file.
* artwork/icons/wing-64.png: New file.
* artwork/icons/wing.svg: New file.
Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3019
* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not
allowed in the current compliance mode.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--
The idea here is that the owner of the key created a non-compliant key
and later receives a mail encrypted to that key. The sender should
have checked this key too but we can't guarantee that. By hard
failing here the owner of the key will notice that he had created a
non-compliant key and thus has a chance to generate a new compliant
key. In case the compliant criteria changes and the owner wants to
decrypt an old message he can still switch gpg to another compliant
mode.
Fixes-commit: a0d0cbee7654ad7582400efaa92d493cd8e669e9
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>