security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/g10
History
Werner Koch 5d98f95aa9
gpg: Provide better diagnostic for replaced card keys. 
* agent/divert-scd.c (divert_pksign): Add arg 'grip'.  Replace OPENPGP
key reference to keygrips.
(divert_pkdecrypt): Ditto.
* agent/protect.c (parse_shadow_info): Trim spaces.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass the keygrip.
* agent/pksign.c (agent_pksign_do): Ditto.

* g10/mainproc.c (print_pkenc_list): Print extra info for an invalid
id error.
* g10/sign.c (do_sign): Ditto.
--

Using the keygrip instead of the identifier works on OpenPGP cards and
thus we use that to make sure that we are working on the right card.
For other cards we better don't do that to avoid regressions.  Those
other cards are also usually provided and do not allow to
self-generate the keys.

Note that old versions of the code (gpg 1.4) used the fingerprint as
additional check but that was eventually removed and now that we use
the keygrip all over the place, it is best to use this to identify a
key.

Signed-off-by: Werner Koch <wk@gnupg.org>
 		2020-11-13 16:06:59 +01:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:24:35 +09:00
build-packet.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:28:11 +02:00
call-agent.c card: Run factory-reset in locked stated. 2020-11-09 13:04:38 +01:00
call-agent.h gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
call-dirmngr.c po: Make g10/call-dirmngr.c translatable. 2019-12-07 11:56:13 +01:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c card: Run factory-reset in locked stated. 2020-11-09 13:04:38 +01:00
cipher.c gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:17:47 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
dek.h gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
delkey.c gpg: Print a hint for --batch mode and --delete-secret-key. 2020-03-18 15:26:43 +01:00
distsigkey.gpg Add a new dist signing key 2020-08-24 19:48:13 +02:00
ecdh.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
encrypt.c gpg: Switch to AES256 for symmetric encryption in de-vs mode. 2020-11-03 15:42:59 +01:00
exec.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Do not close stdout after --export-ssh-key 2020-07-16 11:38:40 +02:00
filter.h gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Fix AEAD preference list overflow 2020-09-03 17:06:29 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgcompose.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgv.c gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
gpgv.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-18 13:16:35 +01:00
key-check.c gpg: Fix segv importing certain keys. 2020-09-02 16:06:46 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:07:24 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 10:25:06 +02:00
keydb.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
keydb.h gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:02:00 +01:00
keyedit.c gpg: Fix iteration over signatures 2020-10-30 15:52:16 +01:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keygen.c gpg: Support brainpool keygen with "key from card". 2020-11-11 14:52:32 +01:00
keyid.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
keylist.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Add property "fpr" for use by --export-filter. 2020-03-14 19:15:00 +01:00
main.h gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
mainproc.c gpg: Provide better diagnostic for replaced card keys. 2020-11-13 16:06:59 +01:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
misc.c gpg: Do not print rejected digest algo notes with --quiet. 2020-11-09 08:34:24 +01:00
openfile.c common: Fix duplicate implementation of try_make_homedir. 2020-11-04 16:25:57 +01:00
options.h gpg: New option --auto-key-import 2020-03-14 20:07:37 +01:00
packet.h gpg: Show AEAD preferences 2020-04-16 08:36:28 +02:00
parse-packet.c gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
passphrase.c gpg: Add canceled status message. 2020-11-09 11:53:33 +01:00
photoid.c gpg: Allow setting notations with the empty string as value. 2020-11-02 17:48:39 +01:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:02:00 +01:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
sign.c gpg: Provide better diagnostic for replaced card keys. 2020-11-13 16:06:59 +01:00
skclist.c gpg: Fix double free with anonymous recipients. 2019-11-29 17:44:12 +01:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
tdbio.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
trustdb.c gpg: Add regular expression support. 2020-07-15 14:16:57 +09:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:33:53 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00