1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

1059 Commits

Author SHA1 Message Date
Werner Koch
eec70e539e
common: Use gpgrt functions for mkdir and chdir.
* common/sysutils.c (gnupg_mkdir): Divert to gpgrt_mkdir.
(gnupg_chdir): Divert to gpgrt_chdir
2020-08-21 21:17:48 +02:00
Werner Koch
5305ce17ff
common,w32: Do not assume the ANSI code during string conversion.
* common/utf8conv.c (get_w32_codepage): New.
(wchar_to_native): Use instead oc CP_ACP.
(native_to_wchar): Ditto.
--

This should fix quite some issue; we fixed it when using the iconv
based machinery about 14 years ago.  At some point we introduced the
new conversion functions because Windows started to support UTF-8
natively.  The fix comes late but well, it is done.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-21 14:42:08 +02:00
Werner Koch
33fd55ca6f
common: Strip trailing CR,LF from w32_strerror.
* common/stringhelp.c (w32_strerror): Strip trailing CR,LF.
* common/iobuf.c (iobuf_get_filelength): Use -1 and not 0 for the
arg to w32_strerror.

--

This is in particular annoying since we started to use a string
argument sanitizer in the logging code.  Before that we just add an
extra blank line.

The second patch corrects a never yet seen error message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-21 11:30:38 +02:00
Werner Koch
e276f63e4a
gpgtar: Make --files-from and --null work as described.
* tools/gpgtar-create.c (gpgtar_create): Add args files_from and
null_names.  Improve reading from a file.
* tools/gpgtar.c: Make global vars static.
(main): Remove tests for --files-from and --null option combinations.
Pass option variables to gpgtar_create.
--

GnuPG-bug-id: 5027
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-20 15:50:50 +02:00
Werner Koch
32aac55875
build: New configure option --disable-tests
* configure.ac: Add option --disable-tests.  Print warnings in the
summary.
(DISABLE_TESTS): New am_conditional.
--
GnuPG-bug-id: 4960
2020-08-20 10:54:17 +02:00
NIIBE Yutaka
f58d441bee common: Fix iobuf.c.
* common/iobuf.c (iobuf_cancel): Initialize DUMMY.
(do_iobuf_fdopen): Initialize LEN.
(iobuf_read_line): Fix the loop condition.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-19 14:48:06 +09:00
NIIBE Yutaka
f3e424d4e7 Silence compiler warnings.
* common/openpgp-oid.c (map_openpgp_pk_to_gcry): Use cast for enum
conversion.
* dirmngr/dns-stuff.c (get_dns_srv): Use explicit conversion from
int to float.
* sm/gpgsm.c (parse_keyserver_line): Initialize ERR.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-19 13:21:32 +09:00
Werner Koch
3944430ffe
common: Pass the WAYLAND_DISPLAY envvar along
* common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY.
--
GnuPG-bug-id: 5016

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-12 09:27:08 +02:00
Werner Koch
8ff00ef0de
common: New helper function gnupg_chuid.
* common/sysutils.c (try_set_envvar): New.
(gnupg_chuid): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-06 16:03:56 +02:00
NIIBE Yutaka
8e04cf969e w32: Fix cast from intptr_t of _get_osfhandle.
* common/exectool.c (gnupg_exec_tool_stream): Cast to unsigned long.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-08-03 13:34:26 +09:00
NIIBE Yutaka
5fa4427419 w32: More adding NETLIBS.
* common/Makefile.am (t_common_ldadd): Add $(NETLIBS).

--

GnuPG-bug-id: 4994
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-30 14:59:05 +09:00
NIIBE Yutaka
d17b838921 Revert patches applied wrongly.
--

In the experiment for 4994, and patches were wrongly applied.

Fixes-commit: 46d185f60397f68830bfdfb99627b29aea5016f1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-28 16:57:52 +09:00
NIIBE Yutaka
46d185f603 scd: PC/SC: Don't release the context when it's in use.
* scd/apdu.c (close_pcsc_reader): Check if it's not in the loop.

--

GnuPG-bug-id: 4998
Reported-by: Kevin Locke
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-17 11:11:45 +09:00
NIIBE Yutaka
8abf065307 common: Avoid undefined behavior of left shift operator.
* common/iobuf.c (block_filter): Handle an error earlier.
Make sure it's unsigned.

--

GnuPG-bug-id: 4975
Suggested-by: lutianxiong <lutianxiong@huawei.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-16 11:00:45 +09:00
Werner Koch
5fe3cdfc76
gpgsm: Make rsaPSS a compliant scheme in de-vs mode.
--

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-14 12:27:45 +02:00
Werner Koch
969abcf40c
sm: Exclude rsaPSS from de-vs compliance mode.
* common/compliance.h (PK_ALGO_FLAG_RSAPSS): New.
* common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and
test rsaPSS.  Adjust all callers.
(gnupg_pk_is_allowed): Ditto.
* sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function.
(gpgsm_get_hash_algo_from_sigval): New.
* sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval
arg.  Add arg pkalgoflags.  Use the PK_ALGO_FLAG_RSAPSS.
* sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to
also get the algo flags.  Pass algo flags along.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-03 16:15:29 +02:00
Werner Koch
d70b8769c8
Support a history file in gpg-card and gpg-connect-agent.
* common/gpgrlhelp.c (read_write_history): New.
(gnupg_rl_initialize): Register new function.
* common/ttyio.c (my_rl_rw_history): New var.
(tty_private_set_rl_hooks): Add arg read_write_history.
(tty_read_history): New.
(tty_write_history): New.
* tools/gpg-card.c (HISTORYNAME): New.
(oNoHistory): New enum value.
(opts): New option --no-history.
(cmd_history): New.
(cmds): New command "history".
(interactive_loop): Read and save the history.
* tools/gpg-connect-agent.c (HISTORYNAME): New.
(opts): New option --no-history.
(main): Read and save the history.  New command /history.
--

Yeah, finally we have stored history; I should have added this much
earlier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-02 15:48:55 +02:00
NIIBE Yutaka
a763bb2580 gpg,agent: Support Ed448 signing.
* agent/pksign.c (do_encode_eddsa): First argument is NBITs,
so that it can support Ed448, as well as Ed25519.
(agent_pksign_do): Follow the change.
* agent/sexp-secret.c (fixup_when_ecc_private_key): No fix-up needed
for Ed448, it's only for classic curves.
* common/openpgp-oid.c (oidtable): Add Ed448.
* common/sexputil.c (get_pk_algo_from_key): Ed448 is only for EdDSA.
* g10/export.c (match_curve_skey_pk): Ed448 is for EdDSA.
* g10/keygen.c (gen_ecc): Support Ed448 with the name of "ed448".
(ask_algo, parse_key_parameter_part): Handle "ed448".
* g10/pkglue.c (pk_verify): Support Ed448.
(pk_check_secret_key): Support Ed448.
* g10/sign.c (hash_for): Defaults to SHA512 for Ed448.
(make_keysig_packet): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-24 10:05:03 +09:00
NIIBE Yutaka
c94eea15d6 ecc: Use "cv448" to specify key using X448.
* common/openpgp-oid.c (oidtable): Use "cv448".
(oid_cv448): Rename from oid_x448.
(openpgp_oidbuf_is_cv448, openpgp_oid_is_cv448): Likewise.
* common/util.h (openpgp_oid_is_cv448): Follow the change.
* g10/ecdh.c (pk_ecdh_generate_ephemeral_key): Likewise.
* g10/keygen.c (gen_ecc, ask_algo): Use "cv448".
(parse_key_parameter_part): Likewise.
* g10/pkglue.c (get_data_from_sexp): Fix for debug output.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-23 10:10:29 +09:00
NIIBE Yutaka
e9760eb9e7 gpg: Add X448 support.
* common/openpgp-oid.c (oidtable): Add X448.
(oid_x448,openpgp_oidbuf_is_x448,openpgp_oid_is_x448): New.
* common/util.h (openpgp_oid_is_x448): New.
* g10/ecdh.c (gen_k): Add handling of opaque MPI and support
endianness.
(pk_ecdh_generate_ephemeral_key): X448 requires opaque MPI.
* g10/keygen.c (gen_ecc): Add support for X448.
(ask_algo, parse_key_parameter_part): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-06-09 14:56:50 +09:00
Werner Koch
3cd9dac7e0
common: New function to extract Q from an ECC key.
* common/sexputil.c (get_ecc_q_from_canon_sexp): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-19 14:28:48 +02:00
Werner Koch
439c9b5cb5
sm: Print algorithm infos in data decryption mode.
* common/sexputil.c (cipher_mode_to_string): New.
* sm/decrypt.c (prepare_decryption): Show cipher algo and mode.
(gpgsm_decrypt): Show key algo and fingerprint

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-08 15:21:51 +02:00
Werner Koch
34b628db46
sm: Cleanup the use of GCRY_PK_ECC and GCRY_PK_ECDSA.
* common/sexputil.c (pubkey_algo_to_string): New.
* sm/certcheck.c (do_encode_md): Replace GCRY_PK_ECDSA by GCRY_PK_ECC.
* sm/certreqgen-ui.c (check_keygrip): Add all ECC algorithms.
* sm/gpgsm.c (our_pk_test_algo): Also allow EdDSA.
* sm/verify.c (gpgsm_verify): Map ECC algo to ECDSA.  Use new pubkey
algo name function

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-08 15:10:13 +02:00
Werner Koch
5c29d25e6c
sm: Print the key types as standard key algorithm strings.
* sm/fingerprint.c (gpgsm_get_key_algo_info): Factor code out to ...
(gpgsm_get_key_algo_info2): new.
(gpgsm_pubkey_algo_string): New.
* sm/keylist.c (list_cert_colon): Put curve into field 17
(list_cert_raw): Print the unified key algotithm string instead of the
algo and size.
(list_cert_std): Ditto.
--

It is important to known whether a 256 bit ECC uses a NIST or a
Brainpool curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-07 09:45:49 +02:00
Werner Koch
9bc9d0818b
doc: Typo fixes in code comments
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-04 14:55:34 +02:00
Werner Koch
5ea878274e
common: Add an easy to use DER builder.
* common/tlv-builder.c: New.
* common/tlv.c: Remove stuff only used by GnuPG 1.
(put_tlv_to_membuf, get_tlv_length): Move to ...
* common/tlv-builder.c: here.
* common/tlv.h (tlv_builder_t): New.
--

Such code should actually go into libksba and we will eventually do
that.  However, for now it is easier to keep it here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-24 15:37:48 +02:00
Werner Koch
5d015b38eb
common: Add functions to help create DER objects.
* common/tlv.c (put_tlv_to_membuf): New.
(get_tlv_length): New.
* common/tlv.h: Include membuf.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-23 09:51:15 +02:00
Werner Koch
5d5b70ae0f
common: New function to map hash algo names.
* common/sexputil.c (hash_algo_to_string): New.
--

Libgcrypt expects lowercase names and it is cumbersome to downcase
those retrieved via gcry_md_algo_name.  It is easier and also faster
to use a dedicated map function.
2020-04-09 12:20:19 +02:00
Werner Koch
0b583a555e
sm: Consider certificates w/o CRL DP as valid.
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 21:16:07 +01:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
865d485180
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--

This patch adds support for a to be proposed OpenPGP ferature:

  Introduce the Key Block subpacket to align OpenPGP with CMS.

  This new subpacket may be used similar to the CertificateSet of
  CMS (RFC-5652) and thus allows to start encrypted communication
  after having received a signed message.  In practice a stripped down
  version of the key should be including having only the key material
  and the self-signatures which are really useful and shall be used by
  the recipient to reply encrypted.

  #### Key Block

  (1 octet with value 0, N octets of key data)

  This subpacket MAY be used to convey key data along with a signature
  of class 0x00, 0x01, or 0x02.  It MUST contain the key used to create
  the signature; either as the primary key or as a subkey.  The key
  SHOULD contain a primary or subkey capable of encryption and the
  entire key must be a valid OpenPGP key including at least one User ID
  packet and the corresponding self-signatures.

  Implementations MUST ignore this subpacket if the first octet does not
  have a value of zero or if the key data does not represent a valid
  transferable public key.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:34:49 +01:00
Werner Koch
6fa1808cb7
common: Add xreallocarray function.
* common/miscellaneous.c (xreallocarray): New func.
* common/util.h (xtryreallocarray): New macro.
--

Very useful to match calloc behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-04 13:55:53 +01:00
Werner Koch
cdbe10b762
Remove the now obsolete argparse code.
* tests/gpgscm/main.c: Switch to the new option parser.
* common/argparse.c, common/argparse.h: Remove.
* common/init.c (_init_common_subsystems): Do not call obsolete func.
* common/Makefile.am (common_sources): Remove those files.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-22 09:52:48 +01:00
Werner Koch
0e8f6e2aa9
gpg: Use gpgrt's new option parser to provide a global conf file.
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h.  Do this also for all main modules which use our option
parser except for gpg.  Replace calls to strusage by calls to
gpgrt_strusage everywhere.

* g10/gpg.c (opts): Change type to gpgrt_opt_t.  Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t.  Rework the option
parser to make use of the new gpgrt_argparser.
--

This is not yet finished but a make check works.  gpg has the most
complex and oldest option handling and thus this is the first
migration target.  SE-Linux checks and version-ed config files are
missing and will be added later.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-20 11:13:32 +01:00
Werner Koch
ccdf988b40
build: Require libgpg-error 1.38
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-19 20:42:02 +01:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
d272308cc5
sm: Remove left over debug output.
--
2020-02-17 11:36:43 +01:00
Werner Koch
6248739799
gpgsm: Fix import of some CR,LF ternminated certificates
* common/ksba-io-support.c (base64_reader_cb): Detect the END tag and
don't just rely on the padding chars.  This could happen only with
CR+LF termnmated PEM files.  Also move the detection into the invalid
character detection branch for a minor parser speedup.
--

GnuPG-bug-id: 4847
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-15 19:20:21 +01:00
Werner Koch
24095101a5
common: Extend the openpgp_curve_to_oid function.
* common/openpgp-oid.c (openpgp_curve_to_oid): Add optional arg R_NBITS.
Change all callers.
--

In particular for ed25519 and cv25519 it is quite useful to have an
ability to get the required algorithm.
2020-02-11 14:40:54 +01:00
Werner Koch
6aff8a1328
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C.  Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.

* g10/main.h: Put util.h before the local header files.
--

This change is required for use with gcc/ld's LTO feature which does
not allow common blocks.  Further gcc 10 will make -fno-common the
default and thus this chnage is always needed.  What a pitty.

Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7)

- Applied respective chnages also to gpg-card and keyboxd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 16:50:47 +01:00
Werner Koch
332a72f734
common: Extend the new get_keyalgo_string function
* common/openpgp-oid.c (openpgp_oid_or_name_to_curve): New.
(get_keyalgo_string): Use it.
--

We do not always have an OID, so except the name or the alias of the
curve as well.  This creates a second entry mapping to the same name
but that does not matter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 00:31:07 +01:00
Werner Koch
d1c518cdc9
common: Remove duplicated call to a function.
* common/openpgp-oid.c (openpgp_oid_to_str): Remove duplicated call.
--

The removed function was already called.  No memleak etc, though.

Fixes-commit: 4a1558d0c7190cf13d35385e47291a7aa121be3e
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 23:22:20 +01:00
Werner Koch
3a1fa13eed
common: New function get_keyalgo_string.
* common/openpgp-oid.c (struct keyalgo_string_s): New.
(keyalgo_strings): New.
(keyalgo_strings_size, keyalgo_strings_used): New.
(get_keyalgo_string): New.
--

This function is intended as a more general version of gpg's
pubkey_string function.  It has the advantage to avoid mallocs and
uses static table of algorithm strings instead.  There should be only
a few dozen of such strings (if at all) and thus all those allocations
we do internally in gpg's pubkey_string and the static buffers all
over the place are not too nice.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 21:26:35 +01:00
Werner Koch
49c891a9bf
common: Add OpenPGP<->Gcrypt pubkey id mapping functions.
* g10/misc.c (map_pk_gcry_to_openpgp): Move to ...
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): here and rename.
Change all 4 callers.
(map_openpgp_pk_to_gcry): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-09 14:04:18 +01:00
Werner Koch
7f12fb55f9
gpgconf,w32: Print a warning for a suspicious homedir.
* tools/gpgconf.c (list_dirs): Check whether the homedir has been
taken from the registry.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-17 14:24:24 +01:00
Werner Koch
14aa797bb8
gpg,sm: Avoid useless ASFW diagnostic in loopback mode.
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-13 15:20:49 +01:00
Werner Koch
ce5a7fb72b
scd: Use a scdaemon internal key to protect the PIN cache IPC.
* agent/call-scd.c (handle_pincache_put): Do not decrypt.
(handle_pincache_get): New.
(inq_needpin): Call it.
* scd/command.c (set_key_for_pincache): New.
(pincache_put): Restructure and set key.
(pincache_get): Ditto.
--

This change does away with encrypting and decrypting the cached PIN in
the agent.  There is no need for this we can simply cache the
cryptogram and let scdaemon decrypt after retrieving it from the
agent.  This way we do not need to share a key between gpg-agent and
scdaemon and further the cached content is invalid after the scdaemon
process has been replaced.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-09 12:00:50 +01:00
Werner Koch
cc531cc210
doc: Typ fix in comment
--
2019-12-23 12:40:43 +01:00
Werner Koch
915297705a
kbx: Redefine the UBID which is now the primary fingerprint.
* common/util.h (UBID_LEN): New.  Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.

* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.

* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new.  Change all callers.

* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'.  Seek using the
ubid.  Take care of the mode.
--

It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob.  In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash.  Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference.  Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:16:13 +01:00
Werner Koch
61765136cf
common: New function hex2fixedbuf.
* common/convert.c (hex2fixedbuf): New.
--

This function is useful for converting hex strings received via assuan
if they have a known length.  For example keygrips or the new UBID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 10:32:31 +02:00