1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-29 19:48:43 +01:00
Commit Graph

1384 Commits

Author SHA1 Message Date
Werner Koch
b7e1afe9a4
doc: Minor typo fixes
--
2022-01-24 22:22:34 +01:00
Werner Koch
ec4a1cffb8
gpgconf: Add command aliases -L -K -R.
* tools/gpgconf.c (enum cmd_and_opt_values): Assign shortcuts.
--

I have to type them to often ;-)
2022-01-12 20:27:14 +01:00
Ingo Klöcker
19b1a28621 gpg: Request keygrip of key to add via command interface
* g10/keygen.c (ask_algo): Request keygrip via cpr_get.
* doc/help.txt (gpg.keygen.keygrip): New help text.
--

This change makes it possible to add an existing (sub)key to
another key via the status/command interface.

GnuPG-bug-id: 5771
2022-01-11 10:12:07 +01:00
Werner Koch
4d52ba9431
doc: Fix the title of the man pages to GnuPG 2.3
--
2022-01-03 11:59:46 +01:00
Werner Koch
c397ba3ac0
gpg: New option --forbid-gen-key.
* g10/gpg.c (oForbidGenKey, opts): New option.
(mopt): New local struct
(gen_key_forbidden): New.
(main): Set and handle the option.
--

In large system installation it is sometimes useful to make it a bit
harder for users to generate their own keys.  An example is a policy
to not use on-disk keys.
2021-11-22 20:59:22 +01:00
Werner Koch
5f39db70c0
gpg,gpgsm: Add option --min-rsa-length.
* common/compliance.c (min_compliant_rsa_length): New.
(gnupg_pk_is_compliant): Take in account.
(gnupg_pk_is_allowed): Ditto.
(gnupg_set_compliance_extra_info): New.
* g10/gpg.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* g10/options.h (opt): Add field min_rsa_length.
* sm/gpgsm.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* sm/gpgsm.h (opt): Add field min_rsa_length.
2021-11-18 20:49:37 +01:00
Werner Koch
99ef78aa0c
gpg: Remove stale ultimately trusted keys from the trustdb.
* g10/tdbdump.c (export_ownertrust): Skip records marked with the
option --trusted-key.
(import_ownertrust): Clear the trusted-key flag.
* g10/tdbio.h (struct trust_record): Add field flags.
* g10/tdbio.c (tdbio_dump_record): Improve output.
(tdbio_read_record, tdbio_write_record): Handle flags.
* g10/trustdb.c (verify_own_keys): Clear stale trusted-keys and set
the flag for new --trusted-keys.
(tdb_update_ownertrust): Add arg as_trusted_key.  Update callers.
--

GnuPG-bug-id: 5685
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-13 20:34:06 +01:00
Werner Koch
dd708f60d5
agent,dirmngr: New option --steal-socket
* agent/gpg-agent.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option.
(create_server_socket): Implement option.

* dirmngr/dirmngr.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option.  Add comment to eventually implement it.
--

Note that --steal-socket has currently no effect on dirmngr because
dirmngr does this anway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-13 14:56:40 +01:00
Werner Koch
6d52cb966e
doc: Clarify the "ntds" AKL mechanism.
--
2021-11-12 16:11:56 +01:00
Werner Koch
fb26e144ad
gpg: New option --override-compliance-check
* g10/gpg.c (oOverrideComplianceCheck): New.
(opts): Add new option.
(main): Set option and add check for batch mode.
* g10/options.h (opt): Add flags.override_compliance_check.

* g10/sig-check.c (check_signature2): Factor complaince checking out
to ...
(check_key_verify_compliance): this.  Turn error into a warning in
override mode.
--

There is one important use case for this: For systems configured
globally to use de-vs mode, Ed25519 and other key types are not
allowed because they are not listred in the BSI algorithm catalog.
Now, our release signing keys happen to be Ed25519 and thus we need to
offer a way for users to check new versions even if the system is in
de-vs mode.  This does on purpose not work in --batch mode so that
scripted solutions won't accidently pass a signature check.

GnuPG-bug-id: 5655
2021-10-13 17:25:28 +02:00
Werner Koch
4b3e9a44b5
dirmngr: New option --ignore-cert
* dirmngr/dirmngr.h (struct fingerprint_list_s): Add field binlen.
(opt): Add field ignored_certs.
* dirmngr/dirmngr.c: Add option --ignore-cert
(parse_rereadable_options): Handle that option.
(parse_ocsp_signer): Rename to ...
(parse_fingerprint_item): this and add two args.
* dirmngr/certcache.c (put_cert): Ignore all to be igored certs.
Change callers to handle the new error return.
--

This option is useful as a workaround in case we ill run into other
chain validation errors like what we fixed in
GnuPG-bug-id: 5639
2021-10-06 10:35:51 +02:00
Werner Koch
dbe1b237a6
common: Support gpgconf.ctl also for BSDs.
* common/homedir.c (MYPROC_SELF_EXE): New.
(unix_rootdir): Use it here.  Also support GNUPG_BUILD_ROOT as
fallback.
--

In addition this adds a fallback method for AIX etc which do not have
an easy way to get the info.
2021-10-01 14:44:06 +02:00
Werner Koch
7f8ccb67e3
doc: Clarify some gpg keyring options
--
GnuPG-bug-id: 5594
2021-09-14 15:15:05 +02:00
Werner Koch
265d993c76
doc: Minor update of the AD schema.
--
2021-09-09 13:30:22 +02:00
Werner Koch
fdb726f77d
gpg: Print a note about the obsolete option --secret-keyring.
--

GnuPG-bug-id: 2749
2021-08-28 18:34:26 +02:00
Werner Koch
ad3dabc9fb
gpg: Change default and max AEAD chunk size to 4 MiB
--

This is per OpenPGP WG design team decision from 2021-08-13
(raising a new wall after exactly 60 years ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-08-27 12:06:57 +02:00
Werner Koch
55b5928099
dirmngr: Change the default keyserver.
* configure.ac (DIRMNGR_DEFAULT_KEYSERVER): Change to
keyserver.ubuntu.com.

* dirmngr/certcache.c (cert_cache_init): Disable default pool cert.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/http.c (http_session_new): Ditto.

* dirmngr/server.c (make_keyserver_item): Use a different mapping for
the gnupg.net names.
--

Due to the unfortunate shutdown of the keyserver pool, the long term
defaults won't work anymore.  Thus it is better to change them.

For https access keyserver.ubuntu.com is now used because it can be
expected that this server can stand the load from newer gnupg LTS
versions.

For http based access the Dutch Surfnet keyserver is used.  However
due to a non-standard TLS certificate this server can not easily be
made the default for https.

Note: that the default server will be changed again as soon as a new
connected keyserver infrastructure has been established.

(cherry picked from commit 47c4e3e00a)
2021-08-24 18:09:56 +02:00
Werner Koch
b4345f7521
wkd: Fix client issue with leading or trailing spaces in user-ids.
* common/recsel.c (recsel_parse_expr): Add flag -t.
* common/stringhelp.c: Remove assert.h.
(strtokenize): Factor code out to do_strtokenize.
(strtokenize_nt): New.
(do_strtokenize): Add arg trim to support the strtokenize_nt.
* common/t-stringhelp.c (test_strtokenize_nt): New test cases.

* tools/wks-util.c (wks_list_key): Use strtokenize_nt and the recsel
flag -t.
--

This fixes a bug with user ids with leading spaces because:

wks-client lists all mail addresses from the key and matches them to the
requested mail address.

If there are several user-ids all with the same mail address
wks-client picks one of them and then extracts exactly that user id.
However, here it does not match by the mail address but by the full
user-id so that we can be sure that there will be only one user-id in
the final key.

The filter built expression unfortunately strips leading blanks but
requires a verbatim match.  Thus it won't find the user id again and
errors out.

The new -t flag and a non-trimming strtokenize solves the problem.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-08-20 09:18:22 +02:00
Werner Koch
661c2ae966
agent: Use the sysconfdir for a pattern file.
* agent/genkey.c (do_check_passphrase_pattern): Use make_filename.
2021-08-18 19:21:22 +02:00
Werner Koch
b89b1f35c2
agent: Ignore passphrase constraints for a generated passphrase.
* agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New.
(MAX_GENPIN_TRIES): Remove.
* agent/call-pinentry.c (struct entry_parm_s):
(struct inq_cb_parm_s): Add genpinhash and genpinhas_valid.
(is_generated_pin): New.
(inq_cb): Suppress constraints checking for a generated passphrase.
No more need for several tries to generate the passphrase.
(do_getpin): Store a generated passphrase/pin in the status field.
(agent_askpin): Suppress constraints checking for a generated
passphrase.
(agent_get_passphrase): Ditto.
* agent/command.c (cmd_get_passphrase): Ditto.
--

A generated passphrase has enough entropy so that all kind of extra
checks would only reduce the actual available entropy.  We thus detect
if a passphrase has been generated (and not changed) and skip all
passphrase constraints checking.
2021-08-18 18:46:39 +02:00
Werner Koch
c622cf59fd
doc: Add sample texts for Pinentry hints
--
2021-08-18 10:33:31 +02:00
Werner Koch
7c45a69eb9
agent: New option --check-sym-passphrase-pattern.
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New.
(opts): Add --check-sym-passphrase-pattern.
(parse_rereadable_options): Set option.
(main): Return option info.
* tools/gpgconf-comp.c: Add new option.
* agent/agent.h (opt): Add var check_sym_passphrase_pattern.
(struct pin_entry_info_s): Add var constraints_flags.
(CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1.
(CHECK_CONSTRAINTS_NEW_SYMKEY): New.
* agent/genkey.c (check_passphrase_pattern): Rename to ...
(do_check_passphrase_pattern): this to make code reading
easier. Handle the --check-sym-passphrase-pattern option.
(check_passphrase_constraints): Replace arg no_empty by a generic
flags arg.  Also handle --check-sym-passphrase-pattern here.
* agent/command.c (cmd_get_passphrase): In --newsymkey mode pass
CHECK_CONSTRAINTS_NEW_SYMKEY flag.
* agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags.
(struct inq_cb_parm_s): New.
(inq_cb): Use new struct for parameter passing.  Pass flags to teh
constraints checking.
(do_getpin): Pass constraints flag down.
(agent_askpin): Take constrainst flag from the supplied pinentry
struct.
--

Requirements for a passphrase to protect a private key and for a
passphrase used for symmetric encryption are different.  Thus a
the use of a different pattern file will be useful.  Note that a
pattern file can be used to replace the other passphrase constraints
options and thus we don't need to duplicate them for symmetric
encryption.

GnuPG-bug-id: 5517
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-08-13 13:42:31 +02:00
Ingo Klöcker
99601778f4 agent: Make --pinentry-formatted-passphrase a simple flag
* agent/agent.h (opt): Change type of pinentry_formatted_passphrase
to int (as for other flags).
* agent/call-pinentry.c (setup_formatted_passphrase): Remove no longer
needed translated strings. Write option without value to Assuan
connection.
* agent/gpg-agent.c (opts): Use ARGPARSE_s_n for
oPinentryFormattedPassphrase.
(parse_rereadable_options): Set option to 1.
--

GnuPG-bug-id: 5553, 5517
2021-08-12 10:50:33 +02:00
Ingo Klöcker
bf20a80f68
agent: New option --pinentry-formatted-passphrase
* agent/agent.h (opt): Add field pinentry_formatted_passphrase.
* agent/call-pinentry.c (setup_formatted_passphrase): New.
(agent_get_passphrase): Pass option to pinentry.
* agent/gpg-agent.c (oPinentryFormattedPassphrase): New.
(opts): Add option.
(parse_rereadable_options): Set option.
--

GnuPG-bug-id: 5517
2021-08-10 12:05:53 +02:00
Werner Koch
73c03e0232
tools: Extend gpg-check-pattern.
* tools/gpg-check-pattern.c: Major rewrite.
--
Signed-off-by: Werner Koch <wk@gnupg.org>

Here is a simple pattern file:

====================
# Pattern to reject passwords which do not comply to
#   - at least 1 uppercase letter
#   - at least 1 lowercase letter
#   - at least one number
#   - at least one special character
# and a few extra things to show the reject mode

# Reject is the default mode, ignore case is the default
#[reject]
#[icase]

# If the password starts with "foo" (case insensitive) it is rejected.
/foo.*/

[case]

# If the password starts with "bar" (case sensitive) it is rejected.
/bar.*/

# Switch to accept mode: Only if all patterns up to the next "accept"
# or "reject" tag or EOF match, the password is accepted.  Otherwise
# the password is rejected.

[accept]

/[A-Z]+/
/[a-z]+/
/[0-9]+/
/[^A-Za-z0-9]+/
=================

Someone™ please write regression tests.
2021-07-29 11:33:24 +02:00
Werner Koch
89df86157e
sm: New option --ldapserver as an alias for --keyserver.
* sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an
alias.
--

We should use "keyserver" for OpenPGP and thus it is better to allow
for "ldapserver" here - it is the same convention as now used in
dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d6df1bf849)
2021-06-16 13:04:34 +02:00
Werner Koch
0426e6e869
doc: Update description of LDAP keyservers
--

(cherry picked from commit 7c4b0eda74)
2021-06-16 12:46:21 +02:00
Werner Koch
3e05f99e8d
dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers.
* dirmngr/ks-engine-ldap.c (my_ldap_connect): Use LDAP_OPT_TIMEOUT.

* dirmngr/dirmngr.c (main): Move --ldaptimeout setting to ...
(parse_rereadable_options): here.
--

Note that this has not yet been tested.  In fact a test with OpenLDAP
using a modified route got stuck in the connection attempt.  Maybe it
works on Windows - will be tested later.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 317d5947b8)
2021-06-16 12:43:11 +02:00
Werner Koch
52cf32ce2f
dirmngr: New option --ldapserver
* dirmngr/dirmngr.c (opts): Add option --ldapserver.
(ldapserver_list_needs_reset): New var.
(parse_rereadable_options): Implement option.
(main): Ignore dirmngr_ldapservers.conf if no --ldapserver is used.

* dirmngr/server.c (cmd_ldapserver): Add option --clear and list
configured servers if none are given.
--

This option allows to specify LDAP keyserver in dirmngr instead of
using gpgsm.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit ff17aee5d1)
2021-06-16 12:42:02 +02:00
Werner Koch
bebc71d229
gpg,sm: Simplify keyserver spec parsing.
* common/keyserver.h: Remove.
* sm/gpgsm.h (struct keyserver_spec): Remove.
(opt): Change keyserver to a strlist_t.
* sm/gpgsm.c (keyserver_list_free): Remove.
(parse_keyserver_line): Remove.
(main): Store keyserver in an strlist.
* sm/call-dirmngr.c (prepare_dirmngr): Adjust for the strlist.  Avoid
an ambiguity in dirmngr by adding a prefix if needed.

* g10/options.h (struct keyserver_spec): Move definition from
keyserver.h to here.  Remove most fields.
* g10/keyserver.c (free_keyserver_spec): Adjust.
(cmp_keyserver_spec): Adjust.
(parse_keyserver_uri): Simplify.
(keyidlist): Remove fakev3 arg which does not make any sense because
we don't even support v3 keys.
--

We now rely on the dirmngr to parse the keyserver specs.  Thus a bad
specification will not be caught immediately.  However, even before
that dirmngr had stricter tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
Ported-from: 9f586700ec
2021-06-16 12:03:13 +02:00
Werner Koch
4980fb3c6d
sm: Support AES-GCM decryption.
* tests/cms/samplemsgs/: Add sample messages.
* sm/gpgsm.c (main): Use gpgrt_fcancel on decryption error.
* sm/decrypt.c (decrypt_gcm_filter): New.
(gpgsm_decrypt): Use this filter if requested.  Check authtag.
--

Note that the sample message pwri-sample.gcm.p7m is broken: The
authtag is duplicated to the authEncryptedContentInfo.  I used a
temporary code during testing hack to that test message out.
2021-06-02 11:03:55 +02:00
Werner Koch
1ca4df446f
doc: Add notes on how to enable TLS in openldap.
--
2021-05-28 17:48:14 +02:00
Werner Koch
965bb0693c
A few minor code cleanups and typo fixes.
* agent/command-ssh.c (ssh_handler_request_identities): Remove double
check of ERR.
* g10/getkey.c (get_pubkey_byname): Remove double use of break.
* g10/pkglue.c (pk_encrypt): Handle possible NULL-ptr access due to
failed malloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-05-11 09:06:34 +02:00
Werner Koch
100037ac0f
gpg: Auto import keys specified with --trusted-keys.
* g10/getkey.c (get_pubkey_with_ldap_fallback): New.
* g10/trustdb.c (verify_own_keys): Use it.
2021-04-25 20:03:07 +02:00
Werner Koch
cc5aa68b63
scd:p15: Fix last commit and improve D-TRUST detection.
* scd/app-p15.c (read_p15_info): Improve D-TRUST card detection.
(do_getattr): Fix faulty code for the last commit.  Append the product
name to MANUFACTURER.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-25 16:35:36 +02:00
Werner Koch
883f1a5173
doc: Typo fix
--
2021-04-23 08:50:39 +02:00
Werner Koch
ec36eca08c
gpg: Allow fingerprint based lookup with --locate-external-key.
* g10/keyserver.c (keyserver_import_fprint_ntds): New.
* g10/getkey.c (get_pubkey_byname): Detect an attempt to search by
fingerprint in no_local mode.
--

See the man page.  For testing use

  gpg --auto-key-locate local,wkd,keyserver --locate-external-key  \
    FINGERPRINT

with at least one LDAP keyserver given in dirmngr.conf.  On Windows
"ntds" may be used instead or in addtion to "keyserver".

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-21 18:32:21 +02:00
Werner Koch
b657d6c3bd
gpgconf: Fix a diagnostic output.
* tools/gpgconf-comp.c (gc_component_launch): Fix diagnostic.
* doc/examples/common.conf: Fix example.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-20 10:27:04 +02:00
Werner Koch
51419d6341
sm: New command --show-certs
* sm/keylist.c (do_show_certs): New.
(gpgsm_show_certs): New.
* sm/gpgsm.c (aShowCerts): New.
(opts): Add --show-certs.
(main): Call gpgsm_show_certs.
--

I have been using libksba test programs for countless times to look at
certificates and I always wanted to add such a feature to gpgsm.  This
is simply much more convenient.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-20 09:37:56 +02:00
Werner Koch
8576c34750
doc: Fix an example in README.ldap
--
2021-04-19 13:01:37 +02:00
Werner Koch
d13c5bc244
gpg,gpgsm: Move use-keyboxd to the new conf file common.conf
* common/comopt.c, common/comopt.h: New.
* common/Makefile.am: Add them.
* g10/gpg.c: Include comopt.h.
(main): Also parse common.conf.
* sm/gpgsm.c: Include comopt.h.
(main): Set a flag for the --no-logfile option.  Parse common.conf.

* tools/gpgconf-comp.c (known_options_gpg): Remove "use-keyboxd", add
pseudo option "use_keyboxd".
(known_pseudo_options_gpg): Add pseudo option "use_keyboxd".
(known_options_gpgsm): Remove "use-keyboxd".

* tests/openpgp/defs.scm (create-gpghome): Create common.conf.

* doc/examples/common.conf: New.
--

Note that --use-keybox still works but prints a warning.  We will
eventually remove this option becuase it was marked as an experimental
feature anyway.

It would be too confusing if gpg and gpgsm use different key storages.
Further, other components (e.g. dirmngr or gpg-wks-client) which call
gpg or gpgsm need to be aware that the keyboxd is used and pass that
option on the command line.  Now that common.conf is always read (even
if --no-options is used) those tools will work instantly.
2021-04-19 11:33:19 +02:00
Werner Koch
30f90fc857
scd:p15: Support attribute KEY-FPR.
* scd/app-p15.c: Include openpgpdefs.h.
(struct prkdf_object_s): Add fields have_keytime and ecdh_kdf.
(read_p15_info): Set ecdh_kdf.
(keygrip_from_prkdf): Flag that we have the keytime.
(send_keypairinfo): Send the key time only if valid.
(send_key_fpr_line): New.
(send_key_fpr): New.
(do_getattr): Add KEY-FPR.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-04-16 12:49:37 +02:00
Werner Koch
6c26e593df
gpg: Do not use self-sigs-only for LDAP keyserver imports.
* dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status.
* g10/options.h (opts): New field expl_import_self_sigs_only.
* g10/import.c (parse_import_options): Set it.
* g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP.
--

I can be assumed that configured LDAP servers are somehow curated and
not affected by rogue key signatures as the HKP servers are.  Thus we
can allow the import of key signature from LDAP keyservers by default.

GnuPG-bug-id: 5387
2021-04-13 14:33:50 +02:00
Werner Koch
e0eefba56c
doc: Add some error locations to DETAILS.
--

This should actually be enhanced to describe all error locations as
known by GPGME.
2021-04-06 09:54:52 +02:00
Werner Koch
7f91263632
scd:p15: Return labels for keys and certificates.
* scd/app-p15.c (send_certinfo): Extend certinfo.
(do_getattr): Support KEY-LABEL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-30 17:25:24 +02:00
Werner Koch
de4d3c99aa
scd:p15: Return the creation time of the keys.
* scd/app-p15.c (struct prkdf_object_s): Add keytime and keyalgostr.
(keygrip_from_prkdf): Set them.
(send_keypairinfo): Extend KEYPAIRINFO.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-30 10:27:20 +02:00
NIIBE Yutaka
d1bac0a3be build: Fix for make distcheck, no EPS support.
* Makefile.am (AM_DISTCHECK_DVI_TARGET): Specify 'pdf'.
* doc/Makefile.am (EXTRA_DIST, BUILT_SOURCES): Remove EPS files.
(gnupg.dvi): Remove.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-03-30 12:38:50 +09:00
Werner Koch
e03ddb66c7
doc: Fix option name.
--
2021-03-22 16:30:11 +01:00
Werner Koch
1523b5f76f
gpg: New option --no-auto-trust-new-key.
* g10/gpg.c (oNoAutoTrustNewKey): New.
(opts): Add --no-auto-trust-new-key.
(main): Set it.
* g10/options.h (opt): Add flags.no_auto_trust_new_key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-15 10:47:19 +01:00
Werner Koch
3f1c3f55ea
doc: Typo fix in scdaemon.texi
--
2021-03-14 11:30:23 +01:00
James Bottomley
4997838c7b
doc: add documentation for gpg's keytotpm command
--
The tpm2d patches introduced a new --edit-key command: keytotpm.  Add
a descriptive entry explaining what it does and how it works.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2021-03-12 19:24:37 +01:00
Werner Koch
5732e7a8e9
scd: New option --pcsc-shared.
* scd/scdaemon.h (opt): Add field opcsc_shared.
* scd/scdaemon.c (opcscShared): New.
(opts): Add "--pcsc-shared".
(main): Set flag.
* scd/apdu.c (connect_pcsc_card): Use it.
(pcsc_get_status): Take flag in account.
* scd/app-openpgp.c (cache_pin): Bypass in shared mode.
(verify_chv2: Do not auto verify chv1 in shared mode.
* scd/app-piv.c (cache_pin): By pass caceh in shared mode.
--

This option should in general not be used.  The patch tries to limit
bad effects but using shared mode is somewhat dangerous depending on
the other PC/SC users.
2021-03-12 09:31:17 +01:00
Valtteri Vuorikoski
8cad11d13b
scd:piv: Improve APT parser compatibility.
* scd/app-piv.c (app_select_piv): Allow for full AID.
--

It appears that SP-800-73-x is not too clear about the format of these
objects. Many current cards (such as the Yubikey 5 series) apparently
have only the PIX in DO 0x4F and only the RID in object 0x79/0x4F.

However, other cards as well as the PivApplet Javacard applet have the
full AID in 0x4F (which actually seems closer to what the standard
says). PivApplet also has the full AID in 0x79/0x4F, but this is
probably incorrect. (Here is a long discussion of the matter from an
OpenSC author:
https://github.com/arekinath/PivApplet/issues/43#issuecomment-772649709)

[Taken from a mail to gnupg-devel date 2021-02-03.]

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-11 14:06:51 +01:00
Werner Koch
6976a70270
doc: Add a sending patches section to HACKING.
--

This is based on a patch by

Co-authored-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Co-authored-by: Todd Zullinger <tmz@pobox.com>

regarding Libassuan sent to gnupg-devel on 2018-02-02
2021-03-11 13:05:10 +01:00
Werner Koch
752adf8a6b
doc: Always use --edit-key and not just the --edit abbreviation.
--

Reported-by: Carl Michael Skog
2021-03-11 12:38:51 +01:00
Werner Koch
fe02ef0450
gpg: New option --force-sign-key
* g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key".
(main): Set it.
* g10/options.h (opt): New flag flags.force_sign_key.
* g10/keyedit.c (sign_uids): Use new flag.
--

GnuPG-bug-id: 4584
2021-03-11 11:27:07 +01:00
Werner Koch
08b5ac492a
scd:p15: Support special extended usage flags for OpenPGP keys.
* scd/app-p15.c (struct gpgusage_flags_s): New.
(struct prkdf_object_s): Add field gpgusage.
(struct app_local_s): Add field any_gpgusage.
(dump_gpgusage_flags): New.
(read_p15_info): Parse athe gpgusage flags.
(do_getattr): Take care of the gpgusage flags.
--

This features allows to mark keys to be used for OpenPGP.  This is
done by putting additional extended key infos into the certificate
stored on the cards.  Only if any such extended key usage is detected
for a stored certificate this new mode chimes in.

This feature gives the card issuer a high flexibility on how to make
sure certain keys are used with OpenPGP.
2021-03-10 11:03:02 +01:00
Werner Koch
8c41b8aac3
w32: Always use Unicode for console input and output.
* common/init.c (_init_common_subsystems) [W32]: Set the codepage to
UTF-8 for input and putput.  Switch gettext to UTF-8.
* tools/gpgconf.c (main): Display the input and output codepage if
they differ.
* g10/gpg.c (utf8_strings) [W32]: Make sure this is always set.
--

With this patch the former patch to use ReadConsoleW and WriteConsoleW
in ttyio.c are kind of superfluous because the ANSI version of these
functions are also able to read/write UTF-8 directly given the console
code page has been set correctly.  However, this seems to work only
with recent versions of Windows-10.

GnuPG-bug-id: 4365
2021-03-05 15:33:40 +01:00
Werner Koch
e54cd36bbb
doc: Typo fixes for dirmngr.texi
--
2021-02-25 17:03:35 +01:00
Werner Koch
8f353cbacb
doc: Explain how Tor is detected.
--
2021-02-24 11:08:45 +01:00
Werner Koch
4da91414e7
wkd: Install gpg-wks-client under bin and add wrapper for libexec
--

gpg-wks-client is a pretty useful command on the command line.
Thus we now install it at bin and provide a compatibility wrapper.
2021-02-19 12:11:38 +01:00
Werner Koch
ab7dc4b524
dirmngr: Support new gpgNtds parameter in LDAP keyserver URLs.
* dirmngr/ldap-parse-uri.c (ldap_parse_uri): Support a new gpgNtds
extension.
* dirmngr/ks-engine-ldap.c (my_ldap_connect): Do ldap_init always with
hostname - which is NULL and thus the same if not given.  Fix minor
error in error code handling.
--

Note that "gpgNtds" is per RFC-4512 case insensitive and has not yet
been officially regisetered.  Thus for correctness the OID can be
used:

  1.3.6.1.4.1.11591.2.5          LDAP URL extensions
  1.3.6.1.4.1.11591.2.5.1          gpgNtds=1 (auth. with current user)

Note that the value must be 1; all other values won't enable AD
authentication and are resevered for future use.

This has been cherry-picked from the 2.2 branch,
commit 55f46b33df

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-02-17 17:40:02 +01:00
Werner Koch
b770393b76
doc: Improve the gpg-card man page.
--
2021-02-11 12:15:49 +01:00
Werner Koch
825dd7220f
gpg: Do not allow old cipher algorithms for encryption.
* g10/gpg.c: New option --allow-old-cipher-algos.
(set_compliance_option): Set --rfc4880bis explictly to SHA256 and
AES256.  Allow old cipher algos for OpenPGP, rfc4880, and rfc2440.
* g10/options.h (opt): Add flags.allow_old_cipher_algos.
* g10/misc.c (print_sha1_keysig_rejected_note): Always print the note
unless in --quiet mode.
* g10/encrypt.c (setup_symkey): Disallow by default algos with a
blocklengt < 128.
(encrypt_crypt): Ditto.  Fallback by default to AES instead of 3DES.
* g10/pkclist.c (algo_available): Take care of old cipher also.
(select_algo_from_prefs): Use AES as implicit algorithm by default.

* tests/openpgp/defs.scm (create-gpghome): Set allow-old-cipher-algos.
--

GnuPG-bug-id: 3415
2021-02-10 14:40:02 +01:00
Werner Koch
209b7113f3
tools: Remove the symcryptrun tool.
* tools/symcryptrun.c: Remove.
* tools/Makefile.am: Ditto.
* doc/tools.texi: Remove man page.
* configure.ac: Remove build option and tests used only by this tool.
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Do not build
symcryptrun.
--

symcryptrun is too ancient to be of any use and has not been tested in
many years.  Thus we should not distribute it anymore.
2021-02-09 18:42:25 +01:00
Werner Koch
7f3ce66ec5
gpg: Remove support for PKA.
* g10/gpg.c (oPrintPKARecords): Remove.
(opts): Remove --print-pka-records.
(main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff.
* g10/options.h (EXPORT_DANE_FORMAT): Remove.
(VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove.
(KEYSERVER_HONOR_PKA_RECORD): Remove.
* g10/packet.h (pka_info_t): Remove.
(PKT_signature): Remove flags.pka_tried and pka_info.
* g10/parse-packet.c (register_known_notation): Remove
"pka-address@gnupg.org".
* g10/pkclist.c (check_signatures_trust): Remove PKA stuff.
* g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove.
* g10/export.c (parse_export_options): Remove "export-pka".
(do_export): Adjust for this.
(write_keyblock_to_output): Ditto.
(do_export_stream): Ditto.
(print_pka_or_dane_records): Rename to ...
(print_dane_records): this and remove two args. Remove PKA printing.
* g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed
pka_info field.
* g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy.
* g10/keyserver.c: Remove "honor-pka-record".
(keyserver_import_pka): Remove.
* g10/mainproc.c (get_pka_address): Remove.
(pka_uri_from_sig): Remove.
(check_sig_and_print): Remove code for PKA.
--

PKA (Public Key Association) was a DNS based key discovery method
which looked up fingerprint by mail addresses in the DNS.  This goes
back to the conference where DKIM was suggested to show that we
already had a better method for this available with PGP/MIME.  PKA was
was later superseded by an experimental DANE method and is today not
anymore relevant.  It is anyway doubtful whether PKA was ever widely
used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-02-02 19:53:21 +01:00
Werner Koch
3491faa3bb
gpg: Remove experimental feature to export w/o user-ids.
* g10/options.h (IMPORT_DROP_UIDS, EXPORT_DROP_UIDS): Remove.
* g10/import.c (parse_import_options): Remove option import-drop-uids.
(import_one_real): Remove drop uids code.
(remove_all_uids): Remove function.
* g10/export.c (parse_export_options): Remove option export-drop-uids.
(do_export_one_keyblock): Remove drop uids code.
2021-02-02 12:57:00 +01:00
Yao Wei
22f7dddc34 Update Traditional Chinese doc/help.zh_TW.txt
--

Signed-off-by: Yao Wei <mwei@debian.org>
2020-12-28 17:16:11 +09:00
Werner Koch
15e065dee8
doc: Add instructions on how to setup an Active Directory.
--
2020-12-23 14:45:55 +01:00
bobwxc
ea3fb3dc94 doc: Update Simplified Chinese doc/help.zh_CN.txt.
--

GnuPG-bug-id: 5189
Signed-off-by: bobwxc  <bobwxc@yeah.net>
2020-12-23 11:38:50 +09:00
NIIBE Yutaka
eeea4f0fab doc: Update Japanese doc/help.ja.txt.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-23 11:25:03 +09:00
Werner Koch
e0cbb97925
doc: Explain LDAP keyserver parameters 2020-12-21 16:06:16 +01:00
Werner Koch
4a3836e2b2
gpg: New AKL method "ntds"
* dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Change the new
support for KEYDB_SEARCH_MODE_MAIL.
(ks_ldap_get): Add a debug.
* g10/options.h (AKL_NTDS): New.
* g10/keyserver.c (keyserver_import_ntds): New.
(keyserver_get_chunk): Allow KEYDB_SEARCH_MODE_MAIL.
* g10/getkey.c (parse_auto_key_locate): Support "ntds".
(get_pubkey_byname): Ditto.
2020-12-17 18:25:34 +01:00
Werner Koch
2b06afbf26
dirmngr: Finalize Active Directory LDAP Schema
--

With these modifications it is now possible to store and retrieve keys
from an AD without manually tweaking the schema.  Permissions need to
be set manuallay, though.
2020-12-17 10:17:22 +01:00
Werner Koch
2c6bb03cfb
dirmngr: Remove superfluous attribute from the LDAP schema.
--

I accidently added a gpgSubCertID attribute not realizing that the
pgpSubKeyID already carries the long keyid.  Remove that.  Note that
the pgpkeyID has the short keyid and the long keyid has the name
pgpCertID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-12-15 08:52:06 +01:00
Werner Koch
e9ddd61fe9
dirmngr: Support the new Active Directory schema
* dirmngr/ks-engine-ldap.c (SERVERINFO_): New constants.
(my_ldap_connect): Relace args pgpkeyattrp and real_ldapp by a new
serverinfo arg.  Set the new info flags.
(ks_ldap_get): Adjust for change.
(ks_ldap_search): Ditto.
(ks_ldap_put): Ditto.  Replace xmalloc by xtrymalloc.  Change the DN
for use with NTDS (aka Active Directory).
* doc/ldap/gnupg-ldap-init.ldif (pgpSoftware): Update definition of
pgpVersion.
* doc/ldap/gnupg-ldap-ad-init.ldif: New.
* doc/ldap/gnupg-ldap-ad-schema.ldif: New.
--

This is a first take on better Active Directory support.  The main
change for NTDS in the code is that the an top-RDN of CN is used
instead of the old pgpCertID.  More changes to come; for example using
and storing the fingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-12-14 19:29:49 +01:00
Jens Meißner
4f9ac5dac0
doc: Add parameters for batch generation of ECC keys.
* doc/gpg.texi: Add parameters for batch generation of ECC keys.

--

There are parameters required for batch generation of ECC keys which
weren't mentioned in the documentation.

Signed-off-by: Jens Meißner <meissner@b1-systems.de>
2020-12-01 09:56:42 +01:00
Werner Koch
764c69a841
scd: Add special serialno compare for OpenPGP cards.
* scd/app.c (is_same_serialno): New.
(check_application_conflict): Use this.
(select_application): Ditto.
(app_switch_current_card): Ditto.
* scd/app-openpgp.c (check_keyidstr): Ignore the card version and also
compare case insensitive.
--

This is required because we change what we emit as serialno of OpenPGP
cards but existing keys still use the old form of the serial
number (i.e. with a firmware version).

See-commit: 3a8250c020
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-26 09:54:23 +01:00
Gavin L. Rebeiro
572bcacc28
doc: Fix typos
--
GnuPG-bug-id: 5071

Also fixed one in keyformat.txt [wk].
2020-11-23 12:11:15 +01:00
Werner Koch
e37c2e1844
gpg: Fix the encrypt+sign hash algo preference selection for ECDSA.
* g10/keydb.h (pref_hint): Change from union to struct and add field
'exact'.  Adjust callers.
* g10/pkclist.c (algo_available): Take care of the exact hint.
* g10/sign.c (sign_file): Rework the hash detection from
recipient prefs.
--

This fixes a encrypt+sign case like: One recipient key has SHA512 as
highest ranked hash preference but the the signing key is a 256 bit
curve.  Because we don't want to use a truncated hash with ECDSA, we
need to have an exact match - this is in particular important for
smartcard which check that the hash matches the curves.

Signed-off-by: Werner Koch <wk@gnupg.org>

Ported-from-stable: aeed0b93ff
2020-11-13 16:34:21 +01:00
Werner Koch
8fb0d5e3c7
card: Run factory-reset in locked stated.
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--

This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 13:41:26 +01:00
Werner Koch
f5a81953e1
speedo,w32: Install gpg-check-pattern and example profiles.
* doc/examples/vsnfd.prf: Rename to VS-NfD.prf.
* doc/examples/Automatic.prf: New.
* doc/Makefile.am (examples): Adjust.
* build-aux/speedo/w32/inst.nsi: Install gpg-check-pattern.exe and 3
example files.
* build-aux/speedo/w32/wixlib.wxs: Add new files.
--

Note that we renamed the existing example profile so that kleopatra
shows a nicer name.  In fact the gpg4win installer just copies of
theses file but it is better to maintain them here.

gpg-check-pattern.exe can no be installed because we meanwhile have a
regex lib which works also on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-04 16:22:44 +01:00
Werner Koch
243f9176e7
gpg: New command --quick-revoke-sig
* g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig.
(opts): Add --quick-revoke-sig.
(main): Implement.
* g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and
adjust all callers.
(keyedit_quick_revsig): new.
* g10/revoke.c (get_default_sig_revocation_reason): New.
* g10/keylist.c (cmp_signodes): Make global.
--

GnuPG-bug-id: 5093
2020-10-28 17:06:27 +01:00
Werner Koch
742e2729f4
gpg: Sort the signatures in standard key listings.
* g10/gpg.c (parse_list_options): Add "sort-sigs".
(main): Make it the default.
* g10/options.h (LIST_SORT_SIGS): New.
* g10/keylist.c (cmp_signodes): New.
(list_keyblock_print): Sort signatures and factor signature printing
code out to ...
(list_signature_print): new.
--

In particular together with --full-timestamps this makes it easier to
see the history of key signatures and their revocations.  The
self-signatures are also printed first.  To disable this

  --list-options no-sort-sigs

can be used.

Also don't print the annoying "no recocation reason specified"
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-27 17:21:19 +01:00
Werner Koch
32f336d955
common: Allow building with released libgpg-error.
* common/sysutils.c (gnupg_access) [W32]: Fix for older libgpgrt.
--

Fixes-commit: c94ee1386e
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-23 20:16:18 +02:00
Werner Koch
f4166209e3
doc: Add notes on how to setup LDAP
--
2020-10-07 18:33:58 +02:00
Werner Koch
210575d882
dirmngr: Add warning on the use of --add-servers.
* tools/gpgconf-comp.c (known_options_dirmngr): Degrade add-servers to
expert mode.
2020-10-05 17:25:24 +02:00
Andre Heinecke
d84862cf10
doc: Remove enable-extended-key-format in vsnfd
* doc/examples/vsnfd.prf: Remove enable-extended-key-format

--
This is no longer a valid option for gpg-agent because it
is now the default.

(cherry picked from commit d833030f8c)
2020-10-01 18:24:32 +02:00
Werner Koch
d49a945b12
gpg: New experimental import option "bulk-import"
* g10/options.h (IMPORT_BULK): New.
* g10/import.c (parse_import_options): Add "bulk-import".
* g10/call-keyboxd.c (in_transaction): New var.
(gpg_keyboxd_deinit_session_data): Run a commit if in bulk import
mode.
(create_new_context): Run a begin transaction if in bulk import mode.
--

Initial tests with this option are not very promising.  Importing
about 3000 real world keys with --use-keyboxd and full logging took:

   real    33m31.724s
   user    19m54.265s
   sys     2m49.662s

With bulk-import this saves a mere 12%:

   real    29m36.542s
   user    19m3.391s
   sys     2m46.728s

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-24 16:47:10 +02:00
Werner Koch
0e892bda4e
keyboxd: Extend PUBKEY_INFO status line with an uid ordinal.
* kbx/backend-sqlite.c (table_definitions): Add column UINO to
userids.
(be_sqlite_local_s): Add fields select_col_uidno and
select_col_subkey.
(run_select_statement): Also select subkey or uidno column.
(be_sqlite_search): Return their values.
(store_into_userid): Store the UIDNO.
* kbx/backend-support.c (be_return_pubkey): Extend PUBKEY_INFO.
--

For an existing database adding the new column to the table userid is
straightforward.  However if the original version of the schema used an
integer for the keyid column, that column has likely be renamed.  Make
sure that the NOT NULL constraint has also be removed; check the
SQLite documentation on how this can be done.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-22 15:42:40 +02:00
Werner Koch
26da47ae53
scd: Extend KEYPAIRINFO with an algorithm string.
* scd/app-openpgp.c (send_keypair_info): Emit the algo string as part
of a KEYPAIRINFO.
* scd/command.c (do_readkey): Ditto.
* scd/app-piv.c (do_readkey): Ditto.
* scd/app-nks.c (do_learn_status_core): Ditto.
(struct fid_cache_s): Add field algostr.
(flush_fid_cache): Release it.
(keygripstr_from_pk_file): Fill it and add it to the cache.  Use a
single exit label.
* scd/app-help.c (app_help_get_keygrip_string_pk): Add new arg
r_algostr.  Change all callers.
--

This is helpful so that callers do not need to parse the key for this
basic information.  Use "scd readkey --info-only" to return the info
status line instead of the key material; using just --info returns the
info in addition to the key material.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-21 14:47:53 +02:00
Werner Koch
babd87f2da
doc: Some documentation updates.
--

Also fixed some typos and documented soon to be used OIDs
2020-09-21 09:20:47 +02:00
Werner Koch
616c60d93d
keyboxd: Add ephemeral and revoked flag to the sqlite backend.
* kbx/backend-support.c (be_return_pubkey): Add args is_ephemeral and
is_revoked.  Adjust callers.
* kbx/backend-sqlite.c: Alter table pubkey to add new columns.
(run_select_statement): Add new column to all selects.
(be_sqlite_search): Return the new flags.
--

For existing test databases the new column can be added with:

  alter table pubkey add ephemeral integer not null default 0;
  alter table pubkey add revoked integer not null default 0;

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-11 12:10:05 +02:00
Andre Heinecke
d62797ebcc
doc: Update and extend module overview
* doc/gnupg-module-overview.svg: Add examples of GPGME aware
applications

--
Whenever I used this overview I needed to explain what this
meant so giving examples might help a bit and also illustrate
the codesharing between GpgOL, Kleopatra and KMail.
2020-09-10 13:58:47 +02:00
NIIBE Yutaka
eba2563dab scd: Parse "Algorithm Information" data object in scdaemon.
* scd/app-openpgp.c (data_objects): 0x00FA for binary data.
(do_getattr): Parse the data and send it in status lines.
(get_algorithm_attribute_string): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-09-04 13:12:57 +09:00
Gavin L. Rebeiro
d45e92cf88
doc: Fix typos
--
2020-08-28 09:09:05 +02:00
Werner Koch
cde92d3e23
doc: Add a remark about keyservers.
--
2020-08-27 12:50:33 +02:00
Werner Koch
40acc5ef3e
examples: Simplify vsnfd.prf
* doc/examples/vsnfd.prf: Remove default-new-key-algo option.
2020-08-25 13:10:36 +02:00
Werner Koch
34e7703a96
gpgtar,w32: Handle Unicode file names.
* tools/gpgtar.c (oUtf8Strings): New.
(opts): Add option --utf8-strings.
(parse_arguments): Set option.
* tools/gpgtar.h (opt): Add field utf8strings.
* tools/gpgtar-create.c (name_to_utf8): New.
(fillup_entry_w32): Use that.
(scan_directory): Ditto.
(scan_directory) [W32]: Convert file name to utf8.
(gpgtar_create): Convert pattern.
--

Note that this works only with file names read from a file or if the
specified files on the command line are plain ascii.  When recursing
into a directory Unicode file names work again.  This limitation is
due to  main(int, char**) which can't get the wchar version.  We could
fix that but is needs a bit more work in our init code.

GnuPG-bug-id: 4083
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-21 21:28:28 +02:00
Werner Koch
ba873216ff
gpgtar: Add dummy option --tar
--
GnuPG-bug-id: 3772

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-20 16:11:58 +02:00
Werner Koch
4c54a0e34f
doc: Describe the relation between pubring.gpg and pubring.kbx
--
GnuPG-bug-id: 4958
2020-08-20 10:15:45 +02:00
Werner Koch
b8c4dd902d
gpg: Fix regression for non-default --passphrase-repeat option.
* agent/command.c (cmd_get_passphrase): Take care of --repeat with
--newsymkey.
--

GnuPG-bug-id: 4997
2020-08-20 09:34:41 +02:00
Werner Koch
6bcb609e1b
Add --chuid to gpg, gpg-card, and gpg-connect-agent.
* g10/gpg.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.  Delay setting of homedir until the new
chuid is done.
* sm/gpgsm.c (main): Delay setting of homedir until the new chuid is
done.
* tools/gpg-card.c (oChUid): New.
(opts): Add --chuid.
(changeuser): New helper var.
(main): Implement --chuid.
* tools/gpg-connect-agent.c (oChUid): New.
(opts): Add --chuid.
(main): Implement --chuid.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-14 12:19:11 +02:00
Werner Koch
d516ae685e
doc: Add a list of RFCS to DETAIL.
--
2020-08-13 11:00:59 +02:00
Werner Koch
646a30fd39
gpgsm: New option --chuid.
* sm/gpgsm.c (oChUid, opts): New option --chuid.
(main): Implement option.
--

This option will at least be useful for Scute.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-06 16:03:57 +02:00
Werner Koch
d10f45184c
gpgconf: New option --chuid.
* tools/gpgconf.c (oChUid, opts): New option --chuid.
(main): Implement.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-06 16:03:57 +02:00
Werner Koch
e7d7092390
sm: Also show the SHA-256 fingerprint.
* sm/keylist.c (list_cert_colon): Emit a new "fp2" record.
(list_cert_raw): Print the SHA2 fingerprint.
(list_cert_std): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-04 11:11:22 +02:00
Werner Koch
d70b8769c8
Support a history file in gpg-card and gpg-connect-agent.
* common/gpgrlhelp.c (read_write_history): New.
(gnupg_rl_initialize): Register new function.
* common/ttyio.c (my_rl_rw_history): New var.
(tty_private_set_rl_hooks): Add arg read_write_history.
(tty_read_history): New.
(tty_write_history): New.
* tools/gpg-card.c (HISTORYNAME): New.
(oNoHistory): New enum value.
(opts): New option --no-history.
(cmd_history): New.
(cmds): New command "history".
(interactive_loop): Read and save the history.
* tools/gpg-connect-agent.c (HISTORYNAME): New.
(opts): New option --no-history.
(main): Read and save the history.  New command /history.
--

Yeah, finally we have stored history; I should have added this much
earlier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-02 15:48:55 +02:00
Werner Koch
96f1ed5468
gpg: Extend the TRUST_ status lines.
* g10/pkclist.c (write_trust_status): Add arg mbox.
(check_signatures_trust): Appenmd mbox to the status lines.
--

GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-09 11:00:16 +02:00
Werner Koch
5c2080f467
gpg: If possible TRUST values now depend on signer's UID or --sender.
* g10/mainproc.c (check_sig_and_print): Add failsafe check for PK.
Pass KEYBLOCK down do check_signatures_trust.  Protect existsing error
ocde in case the signature expired.
* g10/pkclist.c (is_in_sender_list): New.
(check_signatures_trust): Add args keyblock and pk.  Add new uid based
checking code.
* g10/test-stubs.c, g10/gpgv.c: Adjust stubs.
--

GnuPG-bug-id: 4735
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-08 20:13:25 +02:00
Werner Koch
61bb75d045
build: Fix recent commit for SOURCE_DATE_EPOCH.
--

Fixes-commit: 074ab108e7
which was recently pushed to make use of $SOURCE_DATE_EPOCH
as fallback.

Also fixes two typos
2020-06-08 18:45:55 +02:00
Werner Koch
074ab108e7
doc: Minor enhancement for reproducibility.
* doc/Makefile.am (defsincdate): In no repo mode and with
SOURCE_DATE_EPOCH set, use that instead of blanking the date.
--

GnuPG-bug-id: 4947
2020-06-03 17:15:33 +02:00
Werner Koch
2d9592e78f
card: Allow to store and retrieve keyblocks in OpenPGP cards.
* tools/gpg-card.c: Include tlv.h.
(cmd_writecert): Add option --openpgp.
(cmd_readcert): Ditto.
--

We use the CERT object for this and encapsulate the key block in a CMS
object.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-28 15:55:54 +02:00
Werner Koch
2149676122
scd:openpgp: New KEY-STATUS attribute.
* scd/app-openpgp.c (do_getattr): Return KEY-STATUS
2020-05-27 13:47:13 +02:00
Werner Koch
44676819f2
sm: Create ECC certificates with AKI and SKI by default.
* sm/certreqgen.c (create_request): Create AKI and SKI by default.
--
GnuPG-bug-id: 4098

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-19 14:30:24 +02:00
Werner Koch
5c29d25e6c
sm: Print the key types as standard key algorithm strings.
* sm/fingerprint.c (gpgsm_get_key_algo_info): Factor code out to ...
(gpgsm_get_key_algo_info2): new.
(gpgsm_pubkey_algo_string): New.
* sm/keylist.c (list_cert_colon): Put curve into field 17
(list_cert_raw): Print the unified key algotithm string instead of the
algo and size.
(list_cert_std): Ditto.
--

It is important to known whether a 256 bit ECC uses a NIST or a
Brainpool curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-07 09:45:49 +02:00
Werner Koch
bbb7edb880
sm: Always allow authorityInfoAccess lookup if CRLs are also enabled.
* sm/certchain.c (find_up): Disable external lookups in offline mode.
Always allow AKI lookup if CRLs are also enabled.
--

GnuPG-bug-id: 4898
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-16 19:05:49 +02:00
Werner Koch
5c47e7825b
indent: Some typo and indentation changes for gpg.
--
2020-04-15 22:23:10 +02:00
Werner Koch
60d018f6a9
scd: Factor common PIN status check out.
* scd/iso7816.h (ISO7816_VERIFY_ERROR): New.
(ISO7816_VERIFY_NO_PIN): New.
(ISO7816_VERIFY_BLOCKED): New.
(ISO7816_VERIFY_NULLPIN): New.
(ISO7816_VERIFY_NOT_NEEDED): New.
* scd/iso7816.c (iso7816_verify_status): New.
* scd/app-nks.c (get_chv_status): Use new function.
* scd/app-piv.c (get_chv_status): Ditto.
(verify_chv): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 18:26:00 +02:00
Werner Koch
541a6a903e
scd:openpgp: New attribute "MANUFACTURER".
* scd/app-openpgp.c (get_manufacturer): New..
(do_getattr): Add new attribute "MANUFACTURER".
(do_learn_status): Always print it.
--

This will make it easy to maintain the list of OpenPGP vendors at just
one place.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 09:56:56 +02:00
Werner Koch
0b583a555e
sm: Consider certificates w/o CRL DP as valid.
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 21:16:07 +01:00
Werner Koch
4287f89557
gpg: Also allow a v5 fingerprint for --trusted-key.
* g10/trustdb.c (tdb_register_trusted_key): Add case for 32 octet
fingerprints.
--
GnuPG-bug-id: 4855

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:56:43 +01:00
Daniel Kahn Gillmor
810ea2cc68
gpg: Update --trusted-key to accept fingerprint as well as long key id.
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--

GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Fixed uses or return and kept the old string to avoid breaking
translations.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:50:52 +01:00
Werner Koch
8c0323a758
doc: Remove duplicate description of --include-key-block.
--
2020-03-14 19:34:18 +01:00
Werner Koch
6b306f45f4
gpg: New option --auto-key-import
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 18:04:47 +01:00
Werner Koch
865d485180
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--

This patch adds support for a to be proposed OpenPGP ferature:

  Introduce the Key Block subpacket to align OpenPGP with CMS.

  This new subpacket may be used similar to the CertificateSet of
  CMS (RFC-5652) and thus allows to start encrypted communication
  after having received a signed message.  In practice a stripped down
  version of the key should be including having only the key material
  and the self-signatures which are really useful and shall be used by
  the recipient to reply encrypted.

  #### Key Block

  (1 octet with value 0, N octets of key data)

  This subpacket MAY be used to convey key data along with a signature
  of class 0x00, 0x01, or 0x02.  It MUST contain the key used to create
  the signature; either as the primary key or as a subkey.  The key
  SHOULD contain a primary or subkey capable of encryption and the
  entire key must be a valid OpenPGP key including at least one User ID
  packet and the corresponding self-signatures.

  Implementations MUST ignore this subpacket if the first octet does not
  have a value of zero or if the key data does not represent a valid
  transferable public key.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:34:49 +01:00
Werner Koch
32493ce50a
gpg: Add property "fpr" for use by --export-filter.
* g10/export.c (push_export_filters): New.
(pop_export_filters): New.
(export_pubkey_buffer): Add args prefix and prefixlen.  Adjust
callers.
* g10/import.c (impex_filter_getval): Add property "fpr".
* g10/main.h (struct impex_filter_parm_s): Add field hexfpr.
--

The push and pop feature will help us to use the export filter
internally in gpg.  Same for the export_pubkey_buffer change.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:19:31 +01:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Nick Piper
0e1cbabc0a doc: Correction of typo in documentation of KEY_CONSIDERED
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:33 -05:00
Werner Koch
86312b920a
gpg: New option --full-timestrings.
* g10/options.h (opt): Add flags.full_timestrings.
* g10/gpg.c (oFullTimestrings): New.
(opts): New option.
(main): Set new flag.
* g10/keyid.c (dateonlystr_from_pk): New.
(dateonlystr_from_sig): New.
(datestr_from_pk): Divert to isotimestamp if requested.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
* g10/import.c (impex_filter_getval): Use dateonlystr_from_sig and
dateonlystr_from_pk.
--

Quite helpful for debugging keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:09 +01:00
Werner Koch
1ad84aabb4
scd:openpgp: Return key creation time as part of KEYPARIINFO.
* scd/app-openpgp.c (send_keypair_info): Reaturn the key creation time
as part of a KEYPAIRINFO.
(do_readkey): Do not return the KEY-TIME anymore.
--

Sending the KEY_TIME status as part of a READKEY command was only
recently added.  It is better to merge that into the KEYPAIRINFO line.
Another patch with chnage this for the consumers of that info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 11:52:10 +01:00
Werner Koch
113a8288b8
doc: Improve the warning section of the gpg man page.
* doc/gpg.texi: Update return valeu and warning sections.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-10 17:11:53 +01:00
Werner Koch
e0d9181ad1
tools: Let watchgnupg determine the socket name via gpgconf.
* tools/watchgnupg.c: Include sys/wait.h.
(GNUPG_DEF_COPYRIGHT_LINE): Add a default value for standalone
building.
(get_logname): New.
(main): Use a default socket name and add option --homedir.
--

This is quite convenient and saves a lot of typing or shell alias
definitions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-20 16:50:56 +01:00
Werner Koch
915297705a
kbx: Redefine the UBID which is now the primary fingerprint.
* common/util.h (UBID_LEN): New.  Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.

* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.

* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new.  Change all callers.

* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'.  Seek using the
ubid.  Take care of the mode.
--

It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob.  In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash.  Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference.  Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:16:13 +01:00
Werner Koch
c21267e1c7
doc,dirmngr: Clarify --standard-resolver.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-23 20:29:34 +01:00
Werner Koch
d9c7935188
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
* doc/DETAILS: Specify new status code "NOTE".
* dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a
bad TLS certificate.
* g10/call-dirmngr.c (ks_status_cb): Detect this status.
--

For example a

  gpg -v --locate-external-keys dd9jn@posteo.net

now yields

  gpg: Note: server uses an invalid certificate
  gpg: (further info: bad cert for 'posteo.net': \
                      Hostname does not match the certificate)
  gpg: error retrieving 'dd9jn@posteo.net' via WKD: Wrong name
  gpg: error reading key: Wrong name

(without -v the "further info" line is not shown).  Note that even
after years Posteo is not able to provide a valid certificate for
their .net addresses.  Anyway, this help to show the feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-18 18:26:55 +01:00
Werner Koch
6e1c99bc39
gpgsm: Allow sepcification of ldaps servers.
* sm/gpgsm.h (struct keyserver_spec): Add field use_ldaps.
* sm/gpgsm.c (parse_keyserver_line): Parse flags.
* sm/call-dirmngr.c (prepare_dirmngr): Send ldaps flag to the dirmngr.

* dirmngr/dirmngr.h (struct ldap_server_s): Add field use_ldaps.
* dirmngr/ldapserver.c (ldapserver_parse_one): Parse flags.
* dirmngr/ldap.c (start_cert_fetch_ldap): Call wrapper with --tls.

* dirmngr/dirmngr_ldap.c: New option --tls.
(fetch_ldap): Make use of that option.
--

There was no way to specify an LDAPS server in
dirmngr_ldapserver.socnf or with gpgsm's --keyserver option.  This
patch fixes this.  Eventually we should allow to replace host and port
by a partial URI in the same way ldap_initialize does it.  For backward
compatibility we do not yet do that.

Although the dirmngr code accepts an URL (eg. taken from a
certificate), I can't see how the scheme was ever used.  Thus the
patch also detects an ldaps scheme and uses this.  That part has not
been tested, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-09 11:29:59 +01:00
Werner Koch
2b9d399cf0
doc: Document gpgsm's --keyserver option.
--

Also fix a few related entries.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 17:41:19 +01:00
Werner Koch
eae1ea6f39
doc: Improved description of status PLAINTEXT_LENGTH.
--

GnuPG-bug-id: 4741
2019-11-07 15:45:36 +01:00
Werner Koch
6701a38f8e
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
* g10/import.c (import_one_real): Don't do the final clean in the
merge case.
--

This fixes a regression introduced with self-sigs-only.

GnuPG-bug-id: 4628
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 15:07:25 +01:00
Werner Koch
e624c41dba
gpg: Add option --allow-weak-key-signatures.
* g10/gpg.c (oAllowWeakKeySignatures): New.
(opts): Add --allow-weak-key-signatures.
(main): Set it.
* g10/options.h (struct opt): Add flags.allow_weak_key_signatures.
* g10/misc.c (print_sha1_keysig_rejected_note): New.
* g10/sig-check.c (check_signature_over_key_or_uid): Print note and
act on new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-07 10:36:17 +01:00
Werner Koch
a1f8ca7eee
doc: Make clear that by default RFC-4880bis features are used.
--
2019-11-07 09:07:30 +01:00
Werner Koch
c6be407251
doc: Document the --unwrap command.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-06 14:43:34 +01:00
NIIBE Yutaka
627a990f8e doc: Fix documentation about --locate-keys.
* doc/gpg.texi (--locate-keys): Remove mentioning signing keys.

--

GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-10-17 08:29:46 +09:00
Werner Koch
926cccef85
doc: Fix c+p bug in the examples for --import-filter.
--

Reported-by: Steve McIntyre
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-12 12:32:43 +02:00
Werner Koch
9698761933
Merge branch 'switch-to-gpgk' into master
--
Resolved Conflicts:

* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 15:44:23 +02:00
Werner Koch
4be79b5abe
kbx,gpg: Allow lookup using a UBID.
* common/userids.c (classify_user_id): Detect UBIDs.
* kbx/backend-cache.c (blob_table_put): Store the public key type.
(be_cache_search): Add search mode for UBIDs.
* kbx/backend.h (struct db_request_part_s): Add cache.seqno_ubid.
* g10/keydb.c (keydb_search_desc_dump): Fix printing of keygrip.  Add
ubid printing.
* g10/call-keyboxd.c (keydb_search): Support search by UBID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 10:05:07 +02:00
Werner Koch
d38f877bd8
doc: Minor doc updates and a typo fix.
--
2019-09-25 16:21:30 +02:00
Andre Heinecke
c69a37dcbd
doc: Fix distchek for generated eps file
* doc/Makefile.am (EXTRA_DIST, BUILT_SOURCES): Add
gnupg-module-overview.eps, gnupg-card-architecture.eps
(DISTCLEANFILES): Remove them.

--
The files needs to be added so that it is properly
included in the dist tarball. As the rule
for it was moved into maintainer mode by 58bab1a.
2019-09-10 10:07:19 +02:00
Werner Koch
61ed02211a
doc: Update description of --debug
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-05 13:12:14 +02:00
Werner Koch
1d277c9670
doc: Fix grammar error.
--
GnuPG-bug-id: 4691
2019-08-30 08:32:22 +02:00
Werner Koch
d3f5d8544f
gpg: Extend --quick-gen-key for creating keys from a card.
* g10/keygen.c (parse_key_parameter_part): Add arg R_KEYGRIP and
support the special algo "card".
(parse_key_parameter_string): Add args R_KEYGRIP and R_SUBKEYGRIP.
Handle the "card" algo.  Adjust callers.
(parse_algo_usage_expire): Add arg R_KEYGRIP.
(quickgen_set_para): Add arg KEYGRIP and put it into the parameter
list.
(quick_generate_keypair): Handle algo "card".
(generate_keypair): Also handle the keygrips as returned by
parse_key_parameter_string.
(ask_algo): Support ed25519 from a card.
--

Note that this allows to create a new OpenPGP key from an initialized
OpenPGP card or from any other supported cards.  It has been tested
with the TCOS Netkey card.  Right now a stub file for the cards might
be needed; this can be achieved by running "gpgsm --learn" with the
card plugged in.

Example:

  gpg --quick-gen-key foo@example.org card

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-22 16:38:27 +02:00
Werner Koch
ce403c74db
gpg: In a list of card keys show the standard keys.
* g10/keygen.c (ask_algo): Identify the standard keys.
--

The asterisks mark the usages of a key as retruned by scd via the
$AUTHKEYID et al. attributes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-21 15:26:34 +02:00
Werner Koch
c97c2e578d
gpg: New option --use-only-openpgp-card
* g10/gpg.c (opts): Add option.
(main): Set flag.
* g10/options.h: Add flags.use_only_openpgp_card.
* g10/call-agent.c (start_agent): Implement option.
--

With the previous patch we switch to autoselect an application
instead of requesting an openpgp card.  This option allows to revert
this in case of use use cases which expected the former behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c185f6dfbd)
This was first added to the 2.2 branch.
2019-08-21 14:13:51 +02:00
Daniel Kahn Gillmor
b7793c3af3 doc: fix minor spelling and tense errors
* doc/{gpg,gpgsm,wks}.texi: minor orthographic cleanup.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-08-20 15:16:19 -04:00
Daniel Kahn Gillmor
cba6e1bd72 doc: clarify CARD event counter.
* doc/gpg-agent.texi: improve documentation of CARD entry in
GETEVENTCOUNTER description.

--

"stati" is unclear and confusing, and describing something in the
singular is almost always less ambiguous than leaving it in the
plural.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-08-20 15:12:05 -04:00
Werner Koch
5ea6250cc5
kbx: Add framework for the SEARCH command
* kbx/backend-kbx.c: New.
* kbx/backend-support.c: New.
* kbx/backend.h: New.
* kbx/frontend.c: New.
* kbx/frontend.h: New.
* kbx/kbxserver.c: Implement SEARCH and NEXT command.
* kbx/keybox-search-desc.h (enum pubkey_types): New.
* kbx/keybox-search.c (keybox_get_data): New.
* kbx/keyboxd.c (main): Add a standard resource.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
Werner Koch
0611f548bc
tools: New option --keyboxd for gpg-connect-agent.
* configure.ac: New option --keyboxd-pgm.
(KEYBOXD_NAME, KEYBOXD_DISP_NAME): New ac_defines.
* common/util.h: Add substitutes for new error codes.
(GNUPG_MODULE_NAME_KEYBOXD): New.
* common/homedir.c (gnupg_module_name): Support
GNUPG_MODULE_NAME_KEYBOXD.
* common/asshelp.c (SECS_TO_WAIT_FOR_KEYBOXD): New.
(wait_for_sock): Support keyboxd.
(start_new_service): Ditto.
(start_new_keyboxd): New.
* tools/gpg-connect-agent.c: New options --keyboxd and
--keyboxd-program.
(start_agent): Implement new option.
--

This change allows us to test the new keyboxd using our standard
helper.  It also provides the necessary code to start keyboxd on the
fly.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 14:57:07 +02:00
Werner Koch
e07584b523
doc: Fix a debug hint on the keybox format.
--
2019-07-18 14:11:55 +02:00
NIIBE Yutaka
4195ce15f4 doc: Fix description of the field 11.
* doc/DETAILS: Fix.

GnuPG-bug-id: 4105
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-16 16:54:03 +09:00
NIIBE Yutaka
58bab1a878 doc: Dependencies for figures are only for maintainers.
* doc/Makefile.am [MAINTAINER_MODE] (.svg.eps, etc.): Enable only
when maintainer-mode.

GnuPG-bug-id: 4280
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-12 17:24:26 +09:00
Werner Koch
96bf8f4778
gpg: With --auto-key-retrieve prefer WKD over keyservers.
* g10/mainproc.c (check_sig_and_print): Print a hint on how to make
use of the preferred keyserver.  Remove keyserver lookup just by the
keyid.  Try a WKD lookup before a keyserver lookup.
--

The use of the the keyid for lookups does not make much sense anymore
since for quite some time we do have the fingerprint as part of the
signature.

GnuPG-bug-id: 4595
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-05 10:33:13 +02:00
Werner Koch
23c9786408
gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
* g10/gpg.c (main): Change default.
--

Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures.  That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.

To revert to the old behavior add

  keyserver-optiions  no-self-sigs-only,no-import-clean

to gpg.conf.

GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:45:39 +02:00
Werner Koch
d00c8024e5
gpg: New command --locate-external-key.
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname.  Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto.  Pass on to get_best_pubkey_byname.
--

This new command is a shortcut for

  --auto-key-locate nodefault,clear,wkd,... --locate-key

and uses the default or configured AKL list but does so without local.

See also
GnuPG-bug-id: 4599

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-04 15:13:26 +02:00
Peter Lebbing
cf92f7d96f
Mention --sender in documentation 2019-07-02 13:34:15 +02:00
Werner Koch
2e349bb617
gpg: New import and keyserver option "self-sigs-only"
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--

This option is intended to help against importing keys with many bogus
key-signatures.  It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.

GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-07-01 15:15:30 +02:00
Daniel Kahn Gillmor
6e46862abd fix up 6562de7475
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-06-14 16:49:27 +01:00
Daniel Kahn Gillmor
6562de7475 doc/gpgsm: explain what "policy-file" refers to.
A new user who sees "policy-file" and searches naively through the
documentation to find it again won't be able to tell what this refers
to, since "policies.txt" doesn't otherwise match the search string
"policy".  This gives them a fighting chance at finding the
documentation.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-06-11 08:17:06 +01:00
NIIBE Yutaka
72fe8d652f scd: Bring back --card-timeout option as deprecated.
* doc/scdaemon.texi (card-timeout): Add.
* scd/scdaemon.c (main): Revert the change.

--

GnuPG-bug-id: 3383
Fixes-commit: 4262933ef6
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-06 09:55:10 +09:00
NIIBE Yutaka
4262933ef6 scd: Remove unsupported --card-timeout option.
* doc/scdaemon.texi (card-timeout): Remove.
* scd/scdaemon.c (main): Remove oCardTimeout handling.

--

There was the card-timeout option in GnuPG 2.0, but it was never
implemented correctly.  The intention of this option was to allow
sharing smartcard among multiple applications, but this didn't work
well as user's expectation (it only worked with DISCONNECT command).
This is because other parts of scdaemon assumes exclusive access.  In
GnuPG 2.1, the support of the option was removed, improving
"DISCONNECT" command always works well without this option.

GnuPG-bug-id: 3383
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 09:47:14 +09:00
NIIBE Yutaka
eaf3b89d11 doc: Add a section for gpg-check-pattern.
* doc/Makefile.am: Add gpg-check-pattern.1.
* doc/tools.texi (GPG-CHECK-PATTERN): New.

--

GnuPG-bug-id: 4031
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-06-04 08:49:05 +09:00
Werner Koch
cc6069ac6e
gpg: Allow deletion of subkeys with --delete-[secret-]key.
* common/userids.c (classify_user_id): Do not set the EXACT flag in
the default case.
* g10/export.c (exact_subkey_match_p): Make static,
* g10/delkey.c (do_delete_key): Implement subkey only deleting.
--

GnuPG-bug-id: 4457
2019-05-27 10:40:38 +02:00
Werner Koch
386bacd974
gpg: Fix using --decrypt along with --use-embedded-filename.
* g10/options.h (opt): Add flags.dummy_outfile.
* g10/decrypt.c (decrypt_message): Set this global flag instead of the
fucntion local flag.
* g10/plaintext.c (get_output_file): Ignore opt.output if that was
used as a dummy option aslong with --use-embedded-filename.
--

The problem here was that an explicit specified --decrypt, as
meanwhile suggested, did not work with that dangerous
--use-embedded-filename.  In contrast it worked when gpg decrypted as
a side-effect of parsing the data.

GnuPG-bug-id: 4500
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-17 13:40:24 +02:00
Werner Koch
7e5847da0f
gpg: Improve the photo image viewer selection.
* g10/exec.c (w32_system): Add "!ShellExecute" special.
* g10/photoid.c (get_default_photo_command): Use the new ShellExecute
under Windows and fallbac to 'display' and 'xdg-open' in the Unix
case.
(show_photos): Flush stdout so that the output is shown before the
image pops up.
--

For Unix this basically syncs the code with what we have in gpg 1.4.
Note that xdg-open may not be used when running as root which we
support here.

For Windows we now use ShellExecute as this seems to be preferred over
"cmd /c start"; however this does not solve the actual problem we had
in the bug report.  To solve that problem we resort to a wait
parameter which defaults to 400ms.  This works on my Windows-10
virtualized test box.  If we can figure out which simple viewers are
commonly installed on Windows we should enhance this patch to test for
them.

GnuPG-bug-id: 4334
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-17 12:47:13 +02:00
Werner Koch
42adb56e66
doc: Do not mention gpg's deprecated --keyserver option.
--
GnuPG-bug-id: 4466
2019-05-15 09:18:28 +02:00
Werner Koch
a4be077abd
gpgconf: Support --homedir for --launch.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because
gnupg_homedir already returns abd absolute name.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
(gc_component_launch): Support --homedir.
--

GnuPG-bug-id: 4496
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-15 08:52:21 +02:00
Werner Koch
3c2198e907
doc: Minor edit for a gpg option.
--
GnuPG-bug-id: 4507
2019-05-14 10:07:06 +02:00
Werner Koch
d07666412d
gpg: Cleanup use of make_keysig_packet.
* g10/sign.c (make_keysig_packet): Remove obsolete arg diegst_algo
which was always passed as 0.  Change all callers.

* g10/gpgcompose.c (signature): Warn when trying to set a digest algo.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-05-13 12:39:17 +02:00
Daniel Kahn Gillmor
9662538be6 doc: correct documentation for gpgconf --kill
* doc/tools.texi(gpgconf): Correct documentation for gpgconf --kill.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-10 12:41:38 -04:00
Werner Koch
f43560a4d6
doc: Minor doc fix to dirmngr.
--

Reported-by: dkg
2019-05-03 16:15:04 +02:00
Werner Koch
310944aa37
doc: Minor change to the included yat2m.
--

Getting the rendering of man pages is not really easy; let's see
whether this is better.  The change has also been done upstream.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-04 12:52:09 +02:00
Werner Koch
a480182f9d
gpg: Allow direct key generation from card with --full-gen-key.
* g10/call-agent.c (agent_scd_readkey): New.
* g10/keygen.c (ask_key_flags): Factor code out to ..
(ask_key_flags_with_mask): new.
(ask_algo): New mode 14.
--

Note that this new menu 14 is always displayed.  The usage flags can
be changed only in --expert mode, though.  Creating and using signing
keys works but decryption does not yet work; we will need to tweak a
couple of other places for that.  Tested with a Yubikey's PIV app.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-04-02 18:57:09 +02:00
Werner Koch
97feef8ee9
scd: New option --application-priority.
* scd/scdaemon.c (oApplicationPriority): New.
(opts): Add "application_priority".
(main): Process option.
* scd/app.c (app_update_priority_list): New.
(get_supported_applications): Take apps from global list.

* tools/gpgconf-comp.c (gc_options_scdaemon): Add option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-28 17:38:05 +01:00
Werner Koch
70c97a862a
wkd: New command --print-wkd-url for gpg-wks-client.
* tools/gpg-wks-client.c (aPrintWKDURL): New.
(opts): Add option.
(main): Implement.
* tools/wks-util.c (wks_cmd_print_wkd_url): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-25 15:13:59 +01:00
Werner Koch
2fc9a51751
doc: Clarify option --no-keyring.
--
GnuPG-bug-id: 4424

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-25 14:47:42 +01:00
Daniel Kahn Gillmor
b30528f487 doc: fix formatting error
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-03-22 23:50:34 +01:00
Werner Koch
e847cf1df7
wkd: New command --print-wkd-hash for gpg-wks-client.
* tools/gpg-wks-client.c (aPrintWKDHash): New.
(opts) : Add "--print-wkd-hash".
(main): Implement that command.
(proc_userid_from_stdin): New.
* tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY.
(wks_cmd_print_wkd_hash): New.
--

GnuPG-bug-id: 4418
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-22 11:42:55 +01:00
Daniel Kahn Gillmor
096c2aa705
gpgv: Improve documentation for keyring choices
* doc/gpgv.texi: Improve documentation for keyring choices

--

From the existing documentation, it's not clear whether the default
keyring will always be mixed into the set of keyrings, or whether it
will be skipped if a --keyring is present.  The updated text here
attempts to describe the keyring selection logic more completely.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-03-07 07:54:29 +01:00
Werner Koch
b3a7a51407
gpgtar: Make option -C work for archive creation.
* tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory.
--

The -C option is pretty useful given that pattern are always relative
to the current directory.  In contrast to GNU tar, the switching is
done only once.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 20:08:26 +01:00
Werner Koch
91ae3e7fb6
agent: Re-introduce --enable-extended-key-format.
* agent/gpg-agent.c (oEnableExtendedKeyFormat): Re-introduce.
(parse_rereadable_options): Handle it in a special way.
* agent/protect.c (agent_protect): Be safe and set use_ocb only to 1
or 0.
* tools/gpgconf-comp.c: Add --enable-extended-key-format again.
--

This is required for backward compatible with profiles.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 17:58:39 +01:00
Werner Koch
05eff1f662
agent: Default to extended key format.
* agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New.
(oEnableExtendedKeyFormat): Remove.
(opts): Make --enable-extended-key-format a dummy option.  Add
disable-extended-key-format.
(parse_rereadable_options): Implement oDisableExtendedKeyFormat.
--

Extended key format is supported since vesion 2.1.12 which should have
long been replaced by a newer version inh all installations.  Thus for
2.3 we will make use of the extended-key-format by default.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 14:09:57 +01:00
Werner Koch
af9f4fb3d2
doc: First take on instructions on how to init PIV cards
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-06 12:46:09 +01:00
Werner Koch
28de5c0ea5
card: Rename gpg-card-tool to gpg-card.
* tools/card-tool-keys.c: Rename to card-keys.c.
* tools/card-tool-misc.c: Rename to card-misc.c.
* tools/card-tool-yubikey.c: Rename to card-yubikey.c.
* tools/card-tool.h: Rename to gpg-card.h.
* tools/gpg-card-tool-w32info.rc: Rename to gpg-card-w32info.rc
* doc/card-tool.texi: Rename top gpg-card.texi

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-25 09:34:30 +01:00
Werner Koch
6c581cc468
doc: Add basic man page for the gpg-card-tool.
--
2019-02-06 10:37:03 +01:00
Werner Koch
3231ecdafd
scd: Allow standard keyref scheme for app-openpgp.
* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
* tools/card-call-scd.c (scd_change_pin): Change API to use strings.
* tools/gpg-card-tool.c (cmd_passwd): Adjust for change.
(cmd_unblock): Ditto.
--

The generic keyref allows for better error detection in case a keyref
is send to a wrong card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-05 15:01:45 +01:00
Werner Koch
dee0138dc0
doc: Fix typo
--
2019-01-29 22:15:49 +01:00
Werner Koch
c128667b3c
gpg: Implement searching keys via keygrip.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field grip.
* kbx/keybox-openpgp.c (struct keyparm_s): New.
(keygrip_from_keyparm): New.
(parse_key): Compute keygrip.
* kbx/keybox-search.c (blob_openpgp_has_grip): New.
(has_keygrip): Call it.
--

This has been marked for too long as not yet working.  However, it is
a pretty useful feature and will come pretty handy when looking for
all keys matching one keygrip.

Can be optimized a lot by storing the keygrip in the meta data.  This
will be done along with the upgrade of KBX for v5 fingerprints.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-29 20:10:11 +01:00
Werner Koch
6c000d4b78
doc: Mark keyserver-options timeout and http-proxy as obsolete.
--
2019-01-08 11:21:35 +01:00
Werner Koch
cbcc8c1954
agent: Make the S2K calibration time runtime configurabe.
* agent/protect.c (s2k_calibration_time): New file global var.
(calibrate_s2k_count): Use it here.
(get_calibrated_s2k_count): Replace function static var by ...
(s2k_calibrated_count): new file global var.
(set_s2k_calibration_time): New function.
* agent/gpg-agent.c (oS2KCalibration): New const.
(opts): New option --s2k-calibration.
(parse_rereadable_options): Parse that option.
--

Note that using an unrelistic high value (like 60000) takes quite some
time for calibration.

GnuPG-bug-id: 3399
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-11 18:12:51 +01:00
Werner Koch
ba46a359b9
wks: Allow reading of --install-key arguments from stdin.
* tools/wks-util.c (install_key_from_spec_file): New.
(wks_cmd_install_key): Call it.
* tools/gpg-wks-client.c (main): Allow --install-key w/o arguments.
* tools/gpg-wks-server.c (main): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-04 15:31:41 +01:00