* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
ECC strength 384, according to RFC-6637.
--
Reported-by: Trevor Bentley
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit af3efd149f555d36a455cb2ea311ff81caf5124c)
* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.
--
(cherry picked from commit 4324560b2c0bb76a1769535c383424a042e505ae)
This change matters when it is called from ask_card_keyattr.
Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
mode.
--
The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
a decryption command. With that patch the errors are printed but
decryption continues and the process returns success unless other
errors occur.
GnuPG-bug-id: 4431
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main): Call translate_sys2libc_fd_int to
convert the FDs.
--
This is required to actually pass gpgsm an fd on windows
and not a windows handle.
For the passphrase-fd this was already done.
(cherry picked from commit e4e0804ed123516fa00f8a876a862b2c6d34ba5c)
* g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION
instead of invalid packet.
* g10/keydb.c (parse_keyblock_image): Do not map the unknown version
error to invalid keyring.
(keydb_search): Skip unknown version errors simlar to legacy keys.
* g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown
versions.
* g10/import.c (read_block): Handle unknown version.
--
When using gpg 2.3 the local keyring may contain v5 keys. This patch
allows the use of such a keyring also with a 2.2 version which does
not support v5 keys. We will probably need some more tweaking here
but this covers the most common cases of listing keys and also
importing v5 keys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic. Change to take ownership of
arg keyblock. Implement extra secret key import logic. Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--
The PGP desktops exported secret keys are really stupid. And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):
[...] Implementations SHOULD include self-signatures on any user
IDs and subkeys, as this allows for a complete public key to be
automatically extracted from the transferable secret key.
Implementations MAY choose to omit the self-signatures, especially
if a transferable public key accompanies the transferable secret
key.
Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.
GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t. Return an
error code if sec_to_pub_keyblock failed. Resync secret keyblock.
--
When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway. This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key. After importing
the public key the secret keys suddenly showed up.
This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.
Caution: The ecc.scm test now fails because two of the sample keys
don't have binding signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f799e9728bcadb3d4148a47848c78c5647860ea4)
* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do
not print the first keyinfo in FROM_SK mode.
printing.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f64477db86568bdc28c313bfeb8b95d8edf05a3c)
* g10/cpr.c (write_status_printf): Escape CR and LF.
* g10/import.c (print_import_check): Simplify by using
write_status_printf and hexfingerprint.
Signed-off-by: Werner Koch <wk@gnupg.org>
Fixed one conlict in a comment.
* dirmngr/dns.h (dns_quietinit): Remove.
(dns_hints_i_new): Remove.
--
Even before our change, dns_quietinit was questionable macro; There
was no place in dns.c which requires overrides in initializer list.
Only redundant zero were.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 371ae25f8f6f2d1ac030bf984bca479393a5ed43)
* dirmngr/dns.h (DNS_OPTS_INIT, dns_opts): Remove.
* dirmngr/dns-stuff.c (libdns_res_open): Use zero-ed, and initialized
automatic variable for opts.
* dirmngr/dns.c (send_query, resolve_query, resolve_addrinfo):
Likewise.
--
In fact, DNS_OPTS_INIT was only needed when args are none. With
partially specified initialization, C99 guarantees zero-ed other
members just like static object.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit d661acd483236d34720a4959fc816d05f89c2cb7)
* dirmngr/dns.h (dns_rr_foreach): Don't use dns_rr_i_new.
Call dns_rr_grep with NULL.
* dirmngr/dns.c (dns_rr_grep): Support NULL for error_.
--
Here we still use C99 feature of struct member initialization in
dns_rr_foreach, for struct dns_rr_i. Note that in C99, it guarantees
non-specified member fields are initialized by zero. So, there's no
need to use dns_rr_i_new at all.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit a1ccfe2b37847cce0db2fb94a7365c9fa501eda4)
* dirmngr/dns.c (dns_inet_pton, dns_so_tcp_keep): Use automatic
variables.
(dns_poll, dns_send_nopipe): Likewise, adding const qualifier.
--
Compound literals is a feature of C99. Because we only use C90 plus
some limited features, in the project, it's better to avoid it.
Besides, we make sure when it's read-only.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 1c405499388fd5bed0968ab5c6c5d1b3373537b9)
* dirmngr/http.c (same_host_p): Add exception table.
--
Please: Adding entries to this table shall be an exception and not the
rule.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 134c3c16523b1a267ebdd2df6339240fd9e1e3b3)
* tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory.
--
The -C option is pretty useful given that pattern are always relative
to the current directory. In contrast to GNU tar, the switching is
done only once.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit b3a7a5140784b5a015107b5c5c73b15ae44e71dc)
* tools/gpgtar.h (struct tarinfo_s): New.
* tools/gpgtar.c (cmd, skip_crypto, files_from, null_names): Move
global vars more to the top.
(set_cmd): Rename 'cmd' to 'c'.
* tools/gpgtar-list.c (parse_header): Add arg 'info' and improve error
messages.
(read_header): Add arg 'info' and update counter.
(skip_data): Ditto.
(gpgtar_list): Pass info object to read functions.
(gpgtar_read_header): Add arg 'info'.
* tools/gpgtar-extract.c (gpgtar_extract): add arg 'info' and pass on.
(extract_regular): Add arg 'info' and update counter.
--
This now prints the block number of a header with error.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 72feb8fa8280aba674573a1afc955a92e8065242)
* g10/keylist.c (print_key_line): Print a warning for invalid algos.
--
Non-OpenPGP compliant keys now show a warning flag on the sec or pub
line like in:
gpg: can't encode a 256 bit MD into a 88 bits frame, algo=8
sec cv25519 2019-01-30 [INVALID_ALGO]
4239F3D606A19258E7A88C3F9A3F4F909C5034C5
uid [ultimate] ffffff
Instead of showing the usage flags "[CE]". Without this patch only
the error message is printed and the reason for it was not immediately
obvious (cv25519 is encryption only but we always consider the primary
key as having the "C" flag).
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit db87132b10664718b7db6ec1dad584b54d1fb265)
* sm/keylist.c (oidtranstbl): Add Yubikey OIDs.
(OID_FLAG_HEX): New.
(print_hex_extn): New.
(list_cert_raw): Make use of that flag.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 86c241a8c9a952ea8007066b70b04f435e2e483e)
* tests/openpgp/defs.scm: Add "disable-scdaemon". Remove
"scdaemon-program".
* tests/gpgme/gpgme-defs.scm, tests/gpgsm/gpgsm-defs.scm: Likewise.
* tests/inittests, tests/pkits/inittests: Add "disable-scdaemon"
--
Before this change, running "make check" accesses USB device by
scdaemon on host computer. If there is any smartcard/token available,
it may affect test results. Because default key choice depends on
smartcard/token availability now and existing tests have nothing about
testing smartcard/token, disabling scdaemon is good.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 64b7c6fd1945bc206cf56979633dfca8a7494374)
* scd/app-openpgp.c (do_setattr): Add new table item to flush a
different tag.
--
For whatever reasons the OpenPGP card reads the 3 CA fingerprints from
one object but sets them individually using 3 different tags. The
cache flushing was not prepared for this and so a changed CA
fingerprint showed only up after a card reset. This patch fixes it.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c9f4c1f0de06672c6ae2b793d86cc001d131f9a6)
Fixed conflict by removing the UIF-* entries from the table.
* doc/gpgv.texi: Improve documentation for keyring choices
--
From the existing documentation, it's not clear whether the default
keyring will always be mixed into the set of keyrings, or whether it
will be skipped if a --keyring is present. The updated text here
attempts to describe the keyring selection logic more completely.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* sm/keylist.c (print_compliance_flags): Also check the digest_algo.
Add new arg 'cert'.
--
A certificate with algorithm sha1WithRSAEncryption can be de-vs
compliant (e.g. if the next in the chain used sha256WithRSAEncryption
to sign it and RSA is long enough) but flagging it as such is useless
because that certificate can't be used because it will create
signatures using the non-compliant SHA-1 algorithm.
Well, it could be used for encryption. But also evaluating the
key-usage flags here would make it harder for the user to understand
why certain certificates are listed as de-vs compliant and others are
not.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 2c75af9f65d15653ed1bc191f1098ae316607041)
Reworked to also pass the CERT. Note that 2.2 won't get the PK
Screening feature.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
default to 3072 bits.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
3072 bits.
* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
* sm/gpgsm.c (main): print correct default_pubkey_algo.
--
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gbp-Pq: Topic update-defaults
Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
(cherry picked from commit 7955262151a5c755814dd23414e6804f79125355)
* tools/gpgconf-comp.c (gc_component_t): Move this enum to ...
* tools/gpgconf.h: here.
* tools/gpgconf.c (oShowSocket): New.
(opts): Add new option.
(main): Implement new option.
--
This is a convenience options for software which directly connects to
gpg-agent and thus needs to new the socket. By using --show-socket
along with --launch that software can also autostart the agent or the
dirmngr. Without this two calls to gpgconf would be required.
Actually the same behaviour can be achieved by running
gpg-connect-agent to query the running gpg-agent's socket via GETINFO.
The gpg-connect also makes sure that the agent is started. This is
not anymore suggested because gpgconf shall in future be used for all
such things.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit ac485b4f253ad6bbd2bc648650b56d60fc82f89d)
* sm/certreqgen.c (create_request): Fix for certmode.
--
When using an existing key from a card for certificate signing (in
contrast to the default of generating a CSR), the code tried to use
the same key for signing instead of the Signing-Key parameter. It is
perfectly okay to use the regular signing path via gpg-agent for
certificate creation - only self-signed certificates with a key on the
card require the direct use of the card key (via "SCD PKSIGN").
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c1000c673814e552923cf1361346d7dfeee55608)
* agent/divert-scd.c (divert_pkdecrypt): Skip a flags parameter.
--
The libgcrypt docs say that a "flags" parameter should always be used
in the input of pkdecrypt. Thus we should allow that parameter also
when parsing an s-expression to figure out the algorithm for use with
scdaemon.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit a12c3a566e2e4b10bc02976a2819070877ee895c)
* gpgscm/scheme.c (gc_reservation_failure): Fix adding ";".
[!NDEBUG] (scheme_init_custom_alloc): Don't init seserved_lineno.
--
Cherry icked from master commit of:
e140c6d4f581be1a60a34b67b16430452f3987e8
In some build environment, NDEBUG is defined (although it's
bad practice). This change supports such a situation.
GnuPG-bug-id: 3959
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/gpgcompose.c (literal_name): Complain if passed zero arguments,
not one or fewer.
--
Cherry-picked master commit of:
1ed21eee79749b976b4a935f2279b162634e9c5e
Signed-off-by: Neal H. Walfield <neal@walfield.org>
* agent/call-scd.c (cancel_inquire): Remove.
(agent_card_pksign, agent_card_pkdecrypt, agent_card_writekey)
(agent_card_scd): Don't call cancel_inquire.
--
Cherry-picked master commit of:
9f5e50e7c85aa8b847d38010241ed570ac114fc3
Since libassuan 2.1.0, cancellation command "CAN" is handled within
the library, by assuan_transact. So, cancel_inquire just caused
spurious "CAN" command to scdaemon which resulted an error.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
