1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

97 Commits

Author SHA1 Message Date
Werner Koch
a731c22952 gpg: Allow for positional parameters in the passphrase prompt.
* g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf.
--

Without that at least the French translation does not always work
because it requires positional parameters.  Windows for example does
not support them as they are not defined by C99 but by POSIX.
2014-08-26 10:16:04 +02:00
Werner Koch
03018ef9ee gpg: Auto-create revocation certificates.
* configure.ac (GNUPG_OPENPGP_REVOC_DIR): New config define.
* g10/revoke.c (create_revocation): Add arg "leadin".
(gen_standard_revoke): New.
* g10/openfile.c (get_openpgp_revocdir): New.
(open_outfile): Add MODE value 3.
* g10/keyid.c (hexfingerprint): New.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke.
--

GnuPG-bug-id: 1042
2014-06-30 16:40:55 +02:00
Werner Koch
db3b528239 gpg: Re-enable secret key deletion.
* g10/call-agent.c (agent_delete_key): New.
* g10/keydb.h (FORMAT_KEYDESC_DELKEY): New.
* g10/passphrase.c (gpg_format_keydesc): Support new format.
* g10/delkey.c (do_delete_key): Add secret key deletion.
2014-04-15 19:44:50 +02:00
Werner Koch
e549799db6 gpg: Change pinentry prompt to talk about "secret key".
* g10/passphrase.c (gpg_format_keydesc): Add mode 2.  Change strings.
* g10/keydb.h (FORMAT_KEYDESC_NORMAL, FORMAT_KEYDESC_IMPORT)
(FORMAT_KEYDESC_EXPORT): New.  Use them for clarity.
--

The use of the term "certificate" was more confusing than helpful.
2014-04-15 19:29:57 +02:00
Werner Koch
ea8a1685f7 gpg: Remove cipher.h and put algo ids into a common file.
* common/openpgpdefs.h (cipher_algo_t, pubkey_algo_t, digest_algo_t)
(compress_algo_t): New.
* agent/gpg-agent.c: Remove ../g10/cipher.h. Add openpgpdefs.h.
* g10/cipher.h (DEK): Move to ...
* g10/dek.h: new file.
* g10/cipher.h (is_RSA, is_ELGAMAL, is_DSA)
(PUBKEY_MAX_NPKEY, PUBKEY_MAX_NSKEY, PUBKEY_MAX_NSIG, PUBKEY_MAX_NENC)
(PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC, PUBKEY_USAGE_CERT)
(PUBKEY_USAGE_AUTH, PUBKEY_USAGE_NONE): Move to
* g10/packet.h: here.
* g10/cipher.h: Remove.  Remove from all files.
* g10/filter.h, g10/packet.h:  Include dek.h.
* g10/Makefile.am (common_source): Remove cipher.h.  Add dek.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-29 20:35:05 +01:00
Werner Koch
273bb38cd7 gpg: Fix a memory leak in batch key generation
* g10/keygen.c (append_to_parameter): New.
(proc_parameter_file): Use new func to extend the parameter list.

* g10/passphrase.c (passphrase_to_dek_ext): Print a diagnostic of
gcry_kdf_derive failed.
* g10/keygen.c (proc_parameter_file): Print a diagnostic if
passphrase_to_dek failed.
--

Due to an improper way of using the linked list head, all memory for
items allocated in proc_parameter_file was never released.  If batched
key generation with a passphrase and more than ~200 keys was used this
exhausted the secure memory.
2013-02-21 20:35:10 +01:00
Werner Koch
21feecd48f gpg: Add pinentry-mode feature.
* g10/gpg.c: Include shareddefs.h.
(main): Add option --pinentry-mode.
* g10/options.h (struct opt): Add field pinentry_mode.
* g10/passphrase.c: Include shareddefs.h.
(have_static_passphrase): Take care of loopback pinentry_mode.
(read_passphrase_from_fd): Ditto.
(get_static_passphrase): New.
(passphrase_to_dek_ext): Factor some code out to ...
(emit_status_need_passphrase): new.
* g10/call-agent.c (start_agent): Send the pinentry mode.
(default_inq_cb): Take care of the PASSPHRASE inquiry.  Return a
proper error code.
(agent_pksign): Add args keyid, mainkeyid and pubkey_algo.
(agent_pkdecrypt): Ditto.
* g10/pubkey-enc.c (get_it): Pass new args.
* g10/sign.c (do_sign): Pass new args.

* g10/call-agent.c (struct default_inq_parm_s): New.  Change all
similar structs to reference this one.  Change all users and inquire
callback to use this struct, instead of NULL or some undefined but not
used structs.  This change will help to eventually get rid of global
variables.
--

This new features allows to use gpg without a Pinentry.  As a
prerequisite the agent must be configured to allow the loopback
pinentry mode (option --allow-loopback-pinentry).  For example

  gpg2 --pinentry-mode=loopback FILE.gpg

may be used to decrypt FILE.gpg while entering the passphrase on the
tty.  If batch is used, --passphrase et al. may be used, if
--command-fd is used, the passphrase may be provided by another
process.  Note that there are no try-again prompts in case of a bad
passphrase.
2013-02-07 20:37:58 +01:00
Werner Koch
6cf8890dc1 Allow NULL for free_public_key. 2011-09-20 19:24:52 +02:00
Werner Koch
b9bcc77d6c Make use of gcry_kdf_derive.
Factoring common code out is always a Good Thing.  Also added a
configure test to print an error if gcry_kdf_derive is missing in
Libgcrypt.
2011-03-10 18:39:34 +01:00
Werner Koch
4659c923a0 Sample ECC keys and message do now work.
Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
Andrey Jivsov
e0972d3d96 Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
The following works:
   gpg2 --gen-key (ECC)
   gpg2 --list-keys
   gpg2 --list-packets ~/.gnupg/pubring.gpg
   gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>

ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
2011-01-05 17:33:17 -08:00
Werner Koch
02e4c3cb7e Re-implemented GPG's --passwd command and improved it. 2010-10-26 09:10:29 +00:00
Werner Koch
54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch
299ed4c9e2 Removed more secret key related code.
It builds fine and passes some of the tests but there are quite some
features which don't work yet.
2010-09-06 19:57:42 +00:00
Werner Koch
a0b9ebfb7d Even less prompts for a new key now. 2010-09-01 12:49:05 +00:00
Werner Koch
03d34be425 Provide a useful pinentry prompt. 2010-04-27 14:11:41 +00:00
Werner Koch
be45bf3d54 Add dummu option --passwd for gpg.
Collected changes.
2010-01-08 19:18:49 +00:00
Werner Koch
7cde92403c 2009-08-20 Daiki Ueno <ueno@unixuser.org>
* mainproc.c (proc_encrypted): Clear passphrase cached with S2K
      cache ID if decryption failed.
    * passphrase.c (passphrase_to_dek_ext): Set dek->s2k_cacheid.
    * gpgv.c (passphrase_clear_cache): New stub.
2009-08-20 08:41:15 +00:00
Werner Koch
2c7a03d54b Comment changes.
Changed --learn-card.
2009-07-30 16:45:06 +00:00
Werner Koch
2e0ce7d97f Fixed a bunch of little bugs as reported by Fabian Keil.
Still one problem left; marked with a gcc #warning.
2009-06-24 14:03:09 +00:00
David Shaw
047d97e95e Add full Camellia support.
* configure.ac: Remove Camellia restriction.

* gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
restriction.

* misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_*
functions, but pass the algorithm number through
map_cipher_openpgp_to_gcry.  This is needed in case the gcry algorithm
number doesn't match the OpenPGP number (c.f. Camellia).

* encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c,
passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
2009-06-05 14:11:03 +00:00
Werner Koch
387a51f951 New gpgsm server option no-encrypt-to.
Add caching for symkey encryption.
Minor cleanups.
2009-05-18 17:38:34 +00:00
Werner Koch
c4e92c3344 Made card key generate with backup key work for 2048 bit.
Improved card key generation prompts.
2009-05-15 19:26:46 +00:00
Werner Koch
f8b4cd7650 Import/export of pkcs#12 now uses the gpg-agent directly.
Removed duplicated code (percent unescaping).
2009-04-01 10:51:53 +00:00
Werner Koch
6e7c855d98 Move password repetition from gpg to gpg-agent. 2009-03-17 12:13:32 +00:00
Werner Koch
fb12b4fad3 Add rmd160.c.
Emit anotehr error code status line.
2008-12-12 12:01:20 +00:00
Werner Koch
0a5f742466 Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
Werner Koch
6a78bca874 Fixed an email/DN bug.
Changed pinentry prompts.
2008-03-13 08:46:08 +00:00
Werner Koch
c12ce55b25 Factored utf8 switching code out to i18n.c. 2007-10-19 15:58:38 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Marcus Brinkmann
bc078f97a9 2007-05-19 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (passphrase_get): Use PACKAGE_GT, not PACKAGE.
2007-05-18 23:32:51 +00:00
Marcus Brinkmann
b9042f1cec agent/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* protect-tool.c (get_passphrase): Free ORIG_CODESET on error.

g10/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* passphrase.c (passphrase_get): Free ORIG_CODESET on error.

sm/
2007-05-18  Marcus Brinkmann  <marcus@g10code.de>

	* qualified.c (gpgsm_qualified_consent,
	gpgsm_not_qualified_warning): Free ORIG_CODESET on error.
	* certdump.c (gpgsm_format_keydesc): Likewise.

tools/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (confucius_get_pass): Free ORIG_CODESET on error.
2007-05-18 22:58:59 +00:00
Marcus Brinkmann
1843485de9 2007-04-26 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (passphrase_to_dek): Write missing passphrase
	status message in case of cancellation.
2007-04-28 16:04:44 +00:00
Werner Koch
b861561e47 Included LIBICONV in all Makefiles.
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
2007-01-31 14:24:41 +00:00
Werner Koch
0173cd5a98 Fixes for CVE-2006-6235 2006-12-06 10:16:50 +00:00
David Shaw
884d1af0ae * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add
--passphrase-repeat option to control how many times gpg will
re-prompt for a passphrase to ensure the user has typed it correctly.
Defaults to 1.
2006-12-03 04:41:59 +00:00
David Shaw
c6465b0654 * parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.

* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.
2006-10-13 04:06:24 +00:00
Werner Koch
3b1f186c87 Re-enabled --passphrase-fd 2006-10-04 17:22:24 +00:00
Werner Koch
8684a78518 Fixed agent access for gpg. 2006-10-04 16:45:04 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Werner Koch
d0907e64f4 Continued with merging.
Still does not build.
2006-04-19 13:24:36 +00:00
Werner Koch
29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Marcus Brinkmann
9d864ebef7 2004-08-18 Marcus Brinkmann <marcus@g10code.de>
* passphrase.c (agent_get_passphrase):
2004-08-18 00:03:07 +00:00
Werner Koch
d84d632583 * configure.ac: Require libgcrypt 1.1.94.
Introduce PACKAGE_GT and set it to gnupg2.

* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.

* Makevars (DOMAIN): Init from PACKAGE_GT
2004-04-06 10:01:04 +00:00
Werner Koch
16f3d8396e * call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* passphrase.c (agent_open): Ditto.
2004-02-18 16:59:03 +00:00
Werner Koch
23fa5c9792 * card-util.c (print_name): Fixed bad format string usage.
(print_isoname): Ditto.

* trustdb.c (check_regexp): s/exp/expr/.

* keyedit.c (trustsig_prompt): Removed a "> 255" term; it is
always false due to the data type.

* passphrase.c (agent_get_passphrase): Use xasprintf and avoid
non-literal format strings.

* tdbio.c (upd_hashtable, drop_from_hashtable, lookup_hashtable):
Fixed log_error format string bugs.  Kudos to the now working
gcc-3.3 -Wformat-nonliteral and Florian Weimer's investigations in
gnupg 1.2.3.
2003-12-17 12:26:56 +00:00
Werner Koch
4c66e94ff9 Merged most of David Shaw's changes in 1.3 since 2003-06-03. 2003-09-23 17:48:33 +00:00
Werner Koch
5c46f134e2 Key generation and signing using the OpenPGP card does rudimentary work. 2003-06-27 20:53:09 +00:00
Werner Koch
c0c2c58054 Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
2003-06-18 19:56:13 +00:00