1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

93 Commits

Author SHA1 Message Date
David Shaw
69ef25f8d6 * plaintext.c (handle_plaintext): Don't try and create a zero-length
filename when using --use-embedded-filename with input that has no
filename (clearsigned or message generated from a pipe).

* encode.c (encode_simple, encode_crypt), progress.c (handle_progress),
sign.c (write_plaintext_packet): Fix a few inconsistent calls (NULL
filename means a pipe here, so don't bother to check it twice).
2004-11-04 22:28:39 +00:00
Werner Koch
151ca81f1a Added SELInux hacks and did some cleanups. 2004-10-13 18:10:06 +00:00
Werner Koch
620ac79ebf * configure.ac: Actually name the option --disable-finger and not
http.

* openfile.c (overwrite_filep, make_outfile_name, open_outfile)
(open_sigfile): Use iobuf_is_pipe_filename to check for pipes so
that special filesnames are taken into account. This is bug 327.
* tdbdump.c (import_ownertrust): Ditto.
* sign.c (write_plaintext_packet): Ditto.
* progress.c (handle_progress): Ditto.
* plaintext.c (handle_plaintext): Ditto.
* encode.c (encode_simple, encode_crypt): Ditto.

* iobuf.c (iobuf_is_pipe_filename): New.
* fileutil.c (is_file_compressed): Use it here.
2004-10-13 09:59:46 +00:00
David Shaw
4d26ab92cc * main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo.  This helps fix a problem with PGP 2.x encrypted
symmetric messages.  Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).

* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings.  Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 20:34:38 +00:00
David Shaw
ea279f1bae * encode.c, exec.c, g10.c, sign.c: Some translatable string cleanup.
Change some "this" to `this'.
2004-08-27 17:32:31 +00:00
David Shaw
9d4327ba4d * keydb.h, getkey.c (get_user_id_printable): Rename to get_user_id_native
and remove the printable stuff since we're print-ifying valid utf8
characters.  Change all callers in import.c, sign.c, keylist.c, and
encode.c.
2004-08-23 17:55:49 +00:00
David Shaw
f2148f03c5 * delkey.c (do_delete_key): Allow deleting a public key with a secret
present if --expert is set.

* plaintext.c (handle_plaintext): Make bytecount static so it works with
multiple literal packets inside a message.

* encode.c, helptext.c (keygen.algo, keygen.algo.elg_se), keygen.c
(ask_algo), sig-check.c (do_check_messages), skclist.c (build_sk_list):
Rename "ElGamal" to "Elgamal" as that is the proper spelling nowadays.
Suggested by Jon Callas.
2004-02-26 02:03:27 +00:00
David Shaw
a84fe549da * plaintext.c: Copyright.
* encode.c (encode_simple): Show cipher with --verbose.

* options.h, g10.c (main), keyedit.c (sign_keys): Add --ask-cert-level
option to enable cert level prompts during sigs. Defaults to on.
Simplify --default-cert-check-level to --default-cert-level.  If
ask-cert-level is off, or batch is on, use the default-cert-level as the
cert level.

* options.h, g10.c (main), trustdb.c (mark_usable_uid_certs): Simplify
--min-cert-check-level to --min-cert-level.
2004-02-24 23:37:18 +00:00
David Shaw
995d712589 * options.h, g10.c (main), compress.c (init_compress), compress-bz2.c
(init_compress): Add --compress-level and --bzip2-compress-level.  -z sets
them both.  Change various callers.
2003-11-15 22:31:58 +00:00
David Shaw
3257edd4e4 * encode.c (encode_simple), sign.c (sign_symencrypt_file): Properly use
default_compress_algo (--compress-algo, followed by the highest
--personal-compress-preference, followed by ZIP) to get the algorithm.
2003-11-15 15:38:43 +00:00
David Shaw
bc1e4357a9 * g10.c (main): Add --symmetric --sign --encrypt.
* main.h, encode.c (setup_symkey): New.  Prompt for a passphrase and
create a DEK for symmetric encryption. (write_symkey_enc): New.  Write out
symmetrically encrypted session keys. (encode_crypt, encrypt_filter): Use
them here here when creating a message that can be decrypted with a
passphrase or a pk.

* sign.c (sign_file): Call setup_symkey if we are doing a --symmetric
--sign --encrypt.
2003-11-13 02:54:12 +00:00
David Shaw
869c6bb7e4 * misc.c (compress_algo_to_string, string_to_compress_algo,
check_compress_algo): Add bzip2.

* compress.c (compress_filter): Make static to help force the use of
push_compress_filter.  Remove default algorithm setting since that is done
in push_compress_filter now.

* main.h: Use named algorithm.

* filter.h, compress.c (push_compress_filter, push_compress_filter2): New.
Figure out which is the appropriate compression filter to use, and push it
into place.

* compress.c (handle_compressed), encode.c (encode_simple, encode_crypt),
sign.c (sign_file, sign_symencrypt_file), import.c (read_block), export.c
(do_export): Use push_compress_filter instead of pushing the compression
filter ourselves.

* compress-bz2.c: New.  Bzlib versions of the compression filter routines.

* Makefile.am: Include compress-bz2.c if bz2lib is available.
2003-10-31 05:39:02 +00:00
David Shaw
bb7986e9a6 * g10.c (main): Add --symmetric --encrypt command. This generates a
message that can be decrypted via a passphrase or public key system.

* main.h, encode.c (encode_seskey): Allow passing in an already-created
session key dek. (encode_simple): Use the actual symmetric cipher when
encrypting a session key for a symmetric message. (encode_crypt): Add a
flag to trigger a hybrid mode that can be decrypted via a passphrase or a
pk.  Change all callers.

* mainproc.c (symkey_decrypt_sesskey): There is no way to tell the
difference here between a bad passphrase and a cipher algorithm that we
don't have, so use a error message that makes that clear. Use the actual
list of ciphers when checking whether a cipher is invalid.  Return error
if the decrypted cipher algorithm is invalid. (proc_symkey_enc): In a
mixed passphrase/pk message, if a valid dek already exists from decrypting
via pk, do not try to process the passphrase. (proc_symkey_enc): Indicate
when we're decrypting a session key as opposed to decrypting data.  If a
passphrase is invalid, discard the dek so we'll keep trying.
2003-10-26 03:26:14 +00:00
David Shaw
b0fe35f60e * g10.c (main): Add --no-groups to zero --group list.
* encode.c (encode_simple): Allow for 32 bytes (256 bits) of symmetrically
encrypted session key.  Use --s2k-cipher-algo to choose cipher, rather
than the default cipher.

* parse-packet.c (parse_subkeyenc): Give a warning if an symmetrically
encrypted session key is seen without salt.  Show in --list-packets if a
symetrically encrypted session key is present.

* pubkey-enc.c (get_it): Always show cipher-not-in-prefs warning unless
--quiet is set.  Use text name of cipher in warning.
2003-10-01 15:15:58 +00:00
David Shaw
405d9dfc59 * g10.c (main): Error out if --multifile is used with the commands that
don't support it yet (--sign, --clearsign, --detach-sign, --symmetric, and
--store).

* g10.c (main): Add --multifile as an alias to turn --encrypt into
--encrypt-files (plus --verify-files, --decrypt-files).

* encode.c (use_mdc), g10.c (main): Use RFC1991 and RFC2440 directly to
check for MDC usability.  Do not set the force_mdc or disable_mdc flags
since there is no point any longer.
2003-09-09 00:25:53 +00:00
David Shaw
3a23c4230b * armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
2003-05-24 21:50:33 +00:00
Werner Koch
d0573d3db6 * progress.c (handle_progress)
* sign.c (write_plaintext_packet)
* encode.c (encode_simple,encode_crypt): Make sure that a filename
of "-" is considered to be stdin so that iobuf_get_filelength
won't get called.  This fixes bug 156 reported by Gregery Barton.
2003-05-21 08:48:26 +00:00
David Shaw
3afe991bb8 * packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket.  This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.

* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex.  This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.

* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.

* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.

* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.

* options.h, g10.c (main): Part two of the simplification.  Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)

* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
2003-05-03 04:07:45 +00:00
Werner Koch
b394776a80 * Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
* g10.c, options.h: New option --enable-progress-filter.
* progress.c (handle_progress): Make use of it.
2003-04-15 15:46:13 +00:00
Werner Koch
6b55878912 * passphrase.c (read_passphrase_from_fd): Do a dummy read if the
agent is to be used.  Noted by Ingo Kl�cker.
(agent_get_passphrase): Inhibit caching when we have no
fingerprint.  This is required for key generation as well as for
symmetric only encryption.

* passphrase .c (agent_get_passphrase): New arg CANCELED.
(passphrase_to_dek): Ditto.  Passed to above.  Changed all
callers to pass NULL.
* seckey-cert.c (do_check): New arg CANCELED.
(check_secret_key): Terminate loop when canceled.

* keyedit.c (change_passphrase): Pass ERRTEXT untranslated to
passphrase_to_dek and translate where appropriate.
* seckey-cert.c (check_secret_key): Ditto.
* keygen.c (ask_passphrase): Ditto.
* passphrase.c (agent_get_passphrase): Translate the TRYAGAIN_TEXT.
Switch the codeset to utf-8.
2003-04-10 09:56:47 +00:00
David Shaw
e357092285 * options.h, g10.c (main), encode.c (write_pubkey_enc_from_list),
pkclist.c (algo_available), revoke.c (gen_revoke): Add --pgp8 mode.  This
is basically identical to --pgp7 in all ways except that signing subkeys,
v4 data sigs (including expiration), and SK comments are allowed.

* getkey.c (finish_lookup): Comment.

* main.h, keylist.c (reorder_keyblock), keyedit.c (keyedit_menu): Reorder
user ID display in the --edit-key menu to match that of the --list-keys
display.

* g10.c (add_notation_data): Fix initialization.
2002-12-03 23:31:48 +00:00
David Shaw
0819797911 * main.h, misc.c (default_cipher_algo, default_compress_algo): New.
Return the default algorithm by trying --cipher-algo/--compress-algo, then
the first item in the pref list, then s2k-cipher-algo or ZIP.

* sign.c (sign_file, sign_symencrypt_file), encode.c (encode_simple,
encode_crypt): Call default_cipher_algo and default_compress_algo to get
algorithms.

* g10.c (main): Allow pref selection for compress algo with --openpgp.
2002-11-25 04:24:41 +00:00
David Shaw
0cd879cd9c * encode.c (encode_simple), passphrase.c (passphrase_to_dek), sign.c
(sign_symencrypt_file): Use --s2k-digest-algo for passphrase mangling
rather than --digest-algo.
2002-11-24 00:50:14 +00:00
David Shaw
fbffa8209b * encode.c (encode_simple): Make sure that files larger than about 4G use
partial length encoding.  This is required because OpenPGP allows only for
32 bit length fields.  From Werner on stable branch.

* getkey.c (get_pubkey_direct): Renamed to... (get_pubkey_fast): this and
made extern. (get_pubkey_byfprint_fast): New.  From Werner on stable
branch.

* keydb.h, import.c (import_one): Use get_pubkey_fast instead of
get_pubkey.  We don't need a merged key and actually this might lead to
recursions. (revocation_present): Likewise for search by fingerprint.
From Werner on stable branch.

* g10.c (main): Try to create the trustdb even for non-colon-mode list-key
operations.  This is required because getkey needs to know whether a a key
is ultimately trusted.  From Werner on stable branch.
2002-11-13 17:43:27 +00:00
David Shaw
bdf0e306df * g10.c (main): Add --no-throw-keyid.
* keydb.h, encode.c (write_pubkey_enc_from_list), g10.c (main), pkclist.c
(build_pk_list): Add --hidden-recipient (-R) and --hidden-encrypt-to,
which do a single-user variation on --throw-keyid.  The "hide this key"
flag is carried in bit 0 of the pk_list flags field.

* keyserver.c (parse_keyrec): Fix shadowing warning.
2002-11-01 16:15:45 +00:00
David Shaw
20c99d180a * build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead
of memset() to wipe sensitive memory as the memset() might be optimized
away.
2002-10-31 15:40:42 +00:00
Stefan Bellon
e4021a4c95 tidied RISC OS filetype support 2002-10-29 14:37:12 +00:00
Werner Koch
b324a5d2d1 Cleanups and minor fixes. 2002-09-10 08:40:12 +00:00
Werner Koch
5dfd5a6dac * pkclist.c (do_we_trust_pre): Changed the wording of a warning.
* encode.c (encode_simple,encode_crypt): Use new style CTB for
compressssed packets when using MDC.  We need to do this so that
concatenated messages are properly decrypted.  Old style
compression assumes that it is the last packet; given that we
can't determine the length in advance, the uncompressor does not
know where to start.  Actually we should use the new CTB always
but this would break PGP 2 compatibility.
* parse-packet.c (parse): Special treatment for new style CTB
compressed packets.

* build-packet.c (do_mdc): Removed. Was not used.
(do_encrypted_mdc): Count the version number and the MDC packet.
2002-08-30 16:34:13 +00:00
Werner Koch
89f8e7ef36 * getkey.c (get_user_id_native): Renamed to ..
(get_user_id_printable): this.  Filter out all dangerous
characters.  Checked all usages.
(get_user_id_string_native): Renamed to..
(get_user_id_string_printable): this.  Filter out all dangerous
characters.  Checked all usages.
* keyedit.c (show_basic_key_info): New.
* keylist.c (print_fingerprint): New mode 3.
* import.c (import_one): Use new function to display the user ID.
2002-08-19 08:28:00 +00:00
David Shaw
1111da19a8 * encode.c (encode_simple): Fix problem with using compression algo 2 and
symmetric compressed files.

* encode.c (encode_simple, encode_crypt): If we are not using a MDC,
compress even if a file is already compressed.  This is to help against
the chosen ciphertext attack.

* pkclist.c (select_algo_from_prefs): Fix requested algorithm bug so the
request succeeds even if the requested algorithm is not the first found.

* cipher.c (write_header), encode.c (use_mdc, encode_simple, encode_crypt,
encrypt_filter), g10.c (main): Be more eager to use a MDC.  We use a MDC
if the keys directly support it, if the keys list AES (any) or TWOFISH
anywhere in the prefs, or if the cipher chosen does not have a 64 bit
blocksize.
2002-08-13 19:00:23 +00:00
David Shaw
63a71c1ff9 * options.h, g10.c (main), mainproc.c (proc_encrypted): --ignore-mdc-error
option to turn a MDC check error into a warning.
2002-08-06 17:57:53 +00:00
David Shaw
58b0a36d6b * encode.c (encode_crypt), g10.c (main), sign.c (sign_file,
clearsign_file): Use the same --pgpX warning string everywhere to ease
translations.

* encode.c (write_pubkey_enc_from_list): Warn when using --throw-keyid
with --pgpX.  Noted by Vedaal Nistar.
2002-08-06 17:38:04 +00:00
Werner Koch
096cfcc5c7 * encode.c (encode_symmetric): Do not use the new encryption code. 2002-07-01 09:44:42 +00:00
David Shaw
3f51f7db3d Update head to match stable 1.0 2002-06-29 13:46:34 +00:00
Werner Koch
9c20f65cbe See ChangeLog: Wed Oct 4 13:16:18 CEST 2000 Werner Koch 2000-10-04 11:16:19 +00:00
Werner Koch
986d928ce2 See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch 2000-09-18 14:35:34 +00:00
Werner Koch
7a8c8b4826 See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
Werner Koch
b872ea2577 See ChangeLog: Tue Jul 25 17:44:15 CEST 2000 Werner Koch 2000-07-25 15:38:12 +00:00
Werner Koch
92cd255508 See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch 2000-07-14 17:34:53 +00:00
Werner Koch
baa30ad117 See ChangeLog: Thu Jan 27 18:00:44 CET 2000 Werner Koch 2000-01-27 16:50:45 +00:00
Werner Koch
db43afc923 See ChangeLog: Mon Jan 24 22:24:38 CET 2000 Werner Koch 2000-01-24 21:14:42 +00:00
Werner Koch
0070faa0ff See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner Koch 2000-01-24 11:55:49 +00:00
Werner Koch
4555c0be94 See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner Koch 1999-12-08 21:03:03 +00:00
Werner Koch
881e513237 See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner Koch 1999-11-13 16:43:23 +00:00
Werner Koch
cf70ca8d68 See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch 1999-10-26 12:14:37 +00:00
Werner Koch
28c861268d See ChangeLog: Wed Aug 4 10:34:46 CEST 1999 Werner Koch 1999-08-04 08:45:27 +00:00
Werner Koch
4dbfb24dbb See ChangeLog: Mon Jul 26 09:34:46 CEST 1999 Werner Koch 1999-07-26 07:44:46 +00:00
Werner Koch
28eb86c006 See ChangeLog: Thu Jul 1 12:47:31 CEST 1999 Werner Koch 1999-07-01 10:53:35 +00:00
Werner Koch
9da1694e19 See ChangeLog: Tue Jun 15 14:23:10 CEST 1999 Werner Koch 1999-06-15 12:31:07 +00:00