security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity
gnupg/g10
History
Werner Koch 3b69d8bf71
gpg: Fix leftover unprotected card backup key. 
* agent/command.c (cmd_learn): Add option --reallyforce.
* agent/findkey.c (agent_write_private_key): Implement reallyforce.
Also add arg reallyforce and pass it along the call chain.

* g10/call-agent.c (agent_scd_learn): Pass --reallyforce with a
special force value.
* g10/keygen.c (card_store_key_with_backup): Use that force value.
--

This was a regression in 2.2.42.  We took the easy path to fix it by
getting the behaviour back to what we did prior to 2.2.42.  With GnuPG
2.4.4 we use an entire different and safer approach by introducing an
ephemeral private key store.

GnuPG-bug-id: 6944
2024-01-24 11:45:31 +01:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c gpg: Make --list-packets work w/o --no-armor for plain OCB packets. 2022-11-25 13:56:15 +01:00
build-packet.c gpg: Print status line and proper diagnostics for write errors. 2023-07-05 11:15:55 +02:00
call-agent.c gpg: Fix leftover unprotected card backup key. 2024-01-24 11:45:31 +01:00
call-agent.h gpg: Pass ECDH parameters to OpenPGP smartcards 2023-10-27 13:56:02 +02:00
call-dirmngr.c gpg: Show just keyserver and port with --send-keys. 2022-10-07 13:37:09 +02:00
call-dirmngr.h gpg: Lookup a missing public key of the current card via LDAP. 2021-05-03 20:28:33 +02:00
card-util.c gpg: Pass ECDH parameters to OpenPGP smartcards 2023-10-27 13:56:02 +02:00
ChangeLog-2011 delete redundant characters 2023-06-20 09:06:30 +09:00
cipher.c gpg: New list-options show-pref and show-pref-verbose. 2022-11-15 17:22:32 +01:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c g10: Fix garbled status messages in NOTATION_DATA 2022-06-14 11:39:31 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Very minor cleanup in decrypt_data. 2022-08-29 13:07:43 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
dek.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
delkey.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
distsigkey.gpg Update release signing keys 2021-11-13 21:02:22 +01:00
ecdh.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
encrypt.c gpg: Make progress work for large files on Windows. 2023-07-05 11:30:16 +02:00
exec.c w32: Change spawn functions to use Unicode version of CreateProcess. 2021-06-08 10:52:45 +02:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Do not continue the export after a cancel for the primary key. 2023-08-25 15:37:16 +02:00
filter.h gpg: Make progress work for large files on Windows. 2023-07-05 11:30:16 +02:00
free-packet.c gpg: Skip the packet when not used for AEAD. 2021-10-06 20:03:34 +02:00
getkey.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Fix --no-utf8-strings. 2023-09-18 11:29:21 +02:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add missing manifests and set a requestedExecutionLevel. 2023-05-25 11:10:21 +02:00
gpgcompose.c gpg: Make progress work for large files on Windows. 2023-07-05 11:30:16 +02:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv-w32info.rc w32: Add missing manifests and set a requestedExecutionLevel. 2023-05-25 11:10:21 +02:00
gpgv.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
gpgv.w32-manifest.in w32: Add missing manifests and set a requestedExecutionLevel. 2023-05-25 11:10:21 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Keep the integrity of the code for KEYINFO command. 2023-09-26 10:05:05 +09:00
kbnode.c gpg: Import stray revocation certificates. 2022-11-25 13:56:22 +01:00
key-check.c gpg: Fix segv importing certain keys. 2020-09-02 16:06:46 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:07:24 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 10:25:06 +02:00
keydb.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
keydb.h gpg: Pass ECDH parameters to OpenPGP smartcards 2023-10-27 13:56:02 +02:00
keyedit.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
keyedit.h gpg: New option --quick-update-pref. 2022-11-15 17:24:04 +01:00
keygen.c gpg: Fix leftover unprotected card backup key. 2024-01-24 11:45:31 +01:00
keyid.c gpg: Pass ECDH parameters to OpenPGP smartcards 2023-10-27 13:56:02 +02:00
keylist.c gpg: Support key flags for RENC, TIME, and GROUP. 2023-03-03 09:04:29 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg,sm: Simplify keyserver spec parsing. 2021-05-26 14:30:17 +02:00
keyserver.c po: Update po files 2023-11-28 15:26:37 +01:00
main.h gpg: Delete secret key after "keytocard". 2023-03-15 09:36:36 +01:00
mainproc.c gpg: Do not require --status-fd along with --require-compliance. 2023-01-20 11:07:15 +01:00
Makefile.am w32: Add missing manifests and set a requestedExecutionLevel. 2023-05-25 11:10:21 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
misc.c gpg: Implement encryption to ADSKs. 2023-03-03 10:09:47 +01:00
openfile.c gpg: Partial fix for Unicode problem in output files. 2021-06-10 12:44:30 +02:00
options.h gpg: New option --add-desig-revoker 2023-09-07 19:05:39 +02:00
packet.h gpg: Implement encryption to ADSKs. 2023-03-03 10:09:47 +01:00
parse-packet.c gpg: Get the signature keyid from the issuer fpr. 2023-03-03 10:09:45 +01:00
passphrase.c gpg: Use a more descriptive prompt for symmetric decryption. 2021-05-17 19:30:15 +02:00
photoid.c gpg: Make progress work for large files on Windows. 2023-07-05 11:30:16 +02:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Implement encryption to ADSKs. 2023-03-03 10:09:47 +01:00
pkglue.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
pkglue.h gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
plaintext.c g10/plaintext: do_hash: use iobuf_read for higher performance 2022-11-29 11:48:55 +01:00
progress.c gpg: Make progress work for large files on Windows. 2023-07-05 11:30:16 +02:00
pubkey-enc.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Implement encryption to ADSKs. 2023-03-03 10:09:47 +01:00
sign.c gpg: Allow to create revocations even with non-compliant algos. 2024-01-10 17:18:58 +01:00
skclist.c gpg: Allow decryption w/o public key but with correct card inserted. 2021-05-04 10:06:57 +02:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
tdbio.c gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
tdbio.h gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
test-stubs.c gpg: Prepare enhancement of agent_probe_secret_key. 2023-09-06 09:24:35 +09:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: New option --add-desig-revoker 2023-09-07 19:05:39 +02:00
trustdb.c gpg: Fix validity of re-imported keys. 2023-09-06 12:09:55 +02:00
trustdb.h gpg: Fix adding the list of ultimate trusted keys. 2022-01-17 13:58:58 +09:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:33:53 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00