security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity
gnupg/g10
History
Werner Koch 14ac350f86
gpg: Changes to allow direct key generation from an OpenPGP card. 
* g10/call-agent.h (struct keypair_info_s): Add fields keytime and
usage.
* g10/call-agent.c (struct keypairinfo_cb_parm_s): New.
(scd_keypairinfo_status_cb): Rework to store parsed KEYPAIRINFO data.
(agent_scd_keypairinfo): Change accordingly.
(agent_scd_readkey): Add arg ctrl and change callers.  Change return
arg from an strlist_t to a keypair_info_t.
(readkey_status_cb): Use KEYPAIRINFO instead of KEY-TIME.
* g10/keygen.c (pSUBKEYCREATIONDATE): New.
(pAUTHKEYCREATIONDATE): New.
(get_parameter_u32): Allow for new parameters.
(do_create_from_keygrip): For card keys use direct scd call which does
not create a stub file.
(ask_algo): Rework to use the new keypair_info_t as return from
agent_scd_keypairinfo.
(parse_key_parameter_part): Likewise.  Also get and return the key
creation time using a arg.
(parse_key_parameter_string): New args r_keytime and r_subkeytime.
(parse_algo_usage_expire): New arg r_keytime.
(proc_parameter_file): Ignore the explict pCREATIONDATE for card keys.
(quickgen_set_para): New arg keytime.
(quick_generate_keypair): Get the keytimes and set the pCARDKEY flag.
(generate_keypair): Likewise.
(do_generate_keypair): Implement the cardkey with keytime thingy.
(generate_subkeypair): Use the keytime parameters.
* g10/keygen.c (pAUTHKEYCREATIONDATE): New.  Not yet set but may come
handy later.
(get_parameter_u32): Take care of that.
(do_generate_keypair): For cardkeys sign with the current time.
--

Key generation direct from the card used to work for all cards except
the OpenPGP cards. The key generation from card using an OpenPGP card
is special because the fingerprint is stored on the card and we must
make sure that the newly created key has the same fingerprint.  This
requires that we take the key creation date as stored on the card into
account.

Along with the recent change in gpg-agent this change also fixes a
problem with existing stub files.

Note that with a key take from a card the self-signature are created
with the current time and not the creation time.  This allows to
better distinguish keys created using the same card.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-02-13 14:07:04 +01:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:20:07 +09:00
build-packet.c gpg: Move a keydb function to another file. 2019-11-27 11:58:47 +01:00
call-agent.c gpg: Changes to allow direct key generation from an OpenPGP card. 2020-02-13 14:07:04 +01:00
call-agent.h gpg: Changes to allow direct key generation from an OpenPGP card. 2020-02-13 14:07:04 +01:00
call-dirmngr.c dirmngr: Tell gpg about WKD looks resulting from a cache. 2019-12-06 20:04:56 +01:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
call-keyboxd.c gpg: Implement insert, update, and delete via keyboxd. 2019-11-28 11:23:32 +01:00
card-util.c common: Extend the openpgp_curve_to_oid function. 2020-02-11 14:40:54 +01:00
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
cipher-aead.c g10: Fix log_debug formatting. 2018-11-08 12:14:23 +09:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:21:02 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c common: Allow a readlimit for iobuf_esopen. 2019-09-10 15:45:58 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
dek.h gpg: More check for symmetric key encryption. 2019-07-18 11:02:34 +09:00
delkey.c gpg: Prepare enhancement of agent_probe_secret_key. 2020-01-17 16:09:01 +09:00
distsigkey.gpg Update wk's signing key 2020-01-01 19:05:16 +01:00
ecdh.c Fix the previous commit. 2019-03-14 08:23:38 +09:00
encrypt.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
exec.c gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
exec.h gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
expand-group.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
export.c common: Extend the openpgp_curve_to_oid function. 2020-02-11 14:40:54 +01:00
filter.h g10/armor: use libgcrypt's CRC24 implementation 2018-11-08 21:31:12 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Prefer card key on use in multiple subkeys situation. 2020-01-17 16:09:01 +09:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c common: Extend the openpgp_curve_to_oid function. 2020-02-11 14:40:54 +01:00
gpg.h gpg: Change the way v5 fingerprints are printed. 2019-11-28 12:05:32 +01:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c gpg: Prepare enhancement of agent_probe_secret_key. 2020-01-17 16:09:01 +09:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Fix a potential loss of key sigs during import with self-sigs-only. 2019-11-07 15:07:25 +01:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-15 20:41:38 +01:00
key-check.c gpg: Improve import's repair-key duplicate signature detection. 2018-06-07 18:41:17 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
key-clean.h headers: fix spelling 2018-10-25 16:53:05 -04:00
keydb-private.h kbx: Redefine the UBID which is now the primary fingerprint. 2019-11-28 11:16:13 +01:00
keydb.c gpg: Fix printing of keyring name (regression in master) 2020-01-21 11:17:18 +01:00
keydb.h gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
keyedit.c gpg: Prepare enhancement of agent_probe_secret_key. 2020-01-17 16:09:01 +09:00
keyedit.h gpg: During secret key import print "sec" instead of "pub". 2019-03-15 19:14:34 +01:00
keygen.c gpg: Changes to allow direct key generation from an OpenPGP card. 2020-02-13 14:07:04 +01:00
keyid.c common: New function get_keyalgo_string. 2020-02-09 21:26:35 +01:00
keylist.c build: Require libgpg-error 1.37 2020-01-21 08:56:34 +01:00
keyring.c gpg: Fix keyring retrieval. 2019-07-10 15:06:54 +09:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Fix --recv-key in case of a given fingerprint. 2019-09-30 18:03:31 +02:00
main.h build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
mainproc.c gpg: Rework the signature subpacket iteration function. 2019-09-05 20:38:23 +02:00
Makefile.am Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c common: Add OpenPGP<->Gcrypt pubkey id mapping functions. 2020-02-09 14:04:18 +01:00
objcache.c doc: Minor doc updates and a typo fix. 2019-09-25 16:21:30 +02:00
objcache.h gpg: Fix getting User ID. 2019-07-11 12:32:44 +09:00
openfile.c gpg: Rename a misnomed arg in open_outfile. 2018-01-28 18:59:18 +01:00
options.h build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
packet.h gpg: Move a keydb function to another file. 2019-11-27 11:58:47 +01:00
parse-packet.c gpg: Print better debug info in case of broken sig subpackets. 2020-01-16 14:44:28 +01:00
passphrase.c gpg: Move S2K encoding function to a shared file. 2019-01-26 23:10:38 +01:00
photoid.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
photoid.h gpg: A little clean up. 2019-07-23 12:04:21 +09:00
pkclist.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Return the last error for pubkey decryption. 2019-07-05 15:16:08 +09:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Prepare enhancement of agent_probe_secret_key. 2020-01-17 16:09:01 +09:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
sig-check.c gpg: Add option --allow-weak-key-signatures. 2019-11-07 10:36:17 +01:00
sign.c gpg: Forbid the creation of SHA-1 third-party key signatures. 2019-11-11 11:41:00 +01:00
skclist.c gpg: Rename the struct card_key_info_s. 2020-02-12 17:29:51 +01:00
t-keydb-get-keyblock.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Prepare enhancement of agent_probe_secret_key. 2020-01-17 16:09:01 +09:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c Merge branch 'switch-to-gpgk' into master 2019-09-27 15:44:23 +02:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:32:55 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00