security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-17 00:39:50 +02:00
Code Activity
7f172404bf
gnupg/g10
History
Werner Koch 7f172404bf
gpg: Refresh expired keys originating from the WKD. 
* g10/getkey.c (getkey_ctx_s): New field found_via_akl.
(get_pubkey_byname): Set it.
(only_expired_enc_subkeys): New.
(get_best_pubkey_byname): Add support to refresh expired keys from the
WKD.
--

A little drawback of that code is that if the WKD has no update for an
expired key each access of the key will trigger a WKD lookup (unless
cached by the dirmngr).  To avoid this we need to record the last time
we have checked for an update but that would in turn require that we
update the keyring for each check.  We defer this until we have a
better key database which allows for fast updates of meta data.

Testing the code is currently a bit cumbersome because it requires to
update a key in the WKD several times.  Eventually we we need a
network emulation layer to provide sample data for the regression
tests.

GnuPG-bug-id: 2917
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-08-28 15:22:35 +02:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10, sm, dirmngr, common: Add comment for fall through. 2017-05-10 11:13:12 +09:00
build-packet.c gpg: Implement AEAD for SKESK packets. 2018-01-23 12:07:57 +01:00
call-agent.c gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
call-agent.h gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
call-dirmngr.c gpg: Set a limit for a WKD import of 256 KiB. 2018-07-27 17:48:18 +02:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
cipher-aead.c gpg: Avoid writing a zero length last chunk in AEAD mode. 2018-02-28 09:39:57 +01:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c gpg: Emit FAILURE stati now in almost all cases. 2018-04-06 17:32:25 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Avoid writing a zero length last chunk in AEAD mode. 2018-02-28 09:39:57 +01:00
decrypt.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
dek.h gpg: First take on PKT_ENCRYPTED_AEAD. 2018-01-21 16:30:53 +01:00
delkey.c gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
distsigkey.gpg build: Update distsigkey.gpg 2017-11-22 20:54:47 +01:00
ecdh.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00
encrypt.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
exec.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Let export-clean remove expired subkeys. 2018-07-09 09:49:21 +02:00
filter.h Merge branch 'STABLE-BRANCH-2-2' into master 2018-05-13 13:29:40 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Refresh expired keys originating from the WKD. 2018-08-28 15:22:35 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Use 128 MiB as default AEAD chunk size. 2018-07-24 09:58:02 +02:00
gpg.h Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c g10: Fix memory leak for PKT_signature. 2018-07-03 09:07:03 +09:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Refresh expired keys originating from the WKD. 2018-08-28 15:22:35 +02:00
kbnode.c gpg: Add option and preference framework for AEAD. 2018-01-10 11:51:03 +01:00
key-check.c gpg: Improve import's repair-key duplicate signature detection. 2018-06-07 18:41:17 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:01:02 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 09:49:21 +02:00
keydb.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keydb.h gpg: Remove unused arg from a function. 2018-08-28 15:16:19 +02:00
keyedit.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
keyedit.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
keygen.c doc: Typo fix in a comment. 2018-07-05 09:42:06 +02:00
keyid.c Merge branch 'STABLE-BRANCH-2-2' into master 2017-12-18 16:42:59 +01:00
keylist.c gpg: Remove unused arg from a function. 2018-08-28 15:16:19 +02:00
keyring.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Extend --key-origin to take an optional URL arg. 2017-07-24 21:10:58 +02:00
main.h gpg: Print revocation reason for "rev" records. 2018-06-21 20:28:51 +02:00
mainproc.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
Makefile.am gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
openfile.c gpg: Rename a misnomed arg in open_outfile. 2018-01-28 18:59:18 +01:00
options.h gpg: Ignore the multiple message override options. 2018-05-30 22:05:57 +02:00
packet.h g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
parse-packet.c g10: Fix undefined behavior when EOF in parsing packet for S2K. 2018-08-10 15:29:06 +09:00
passphrase.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
photoid.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Remove unused arg from a function. 2018-08-28 15:16:19 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c g10: Enumerated keys for decryption should be unique. 2018-08-27 16:24:00 +09:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Prepare for signatures with ISSUER_FPR but without ISSUER. 2018-07-05 20:55:32 +02:00
sign.c g10: Fix memory leak for PKT_signature. 2018-07-03 09:07:03 +09:00
skclist.c gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c gpg: Auto-fix a broken trustdb with just the version record. 2018-03-26 18:20:16 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
test.c tests: Locate resources and scripts relative to top source dir. 2017-04-24 14:14:05 +02:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c Merge branch 'STABLE-BRANCH-2-2' into master 2017-12-18 16:42:59 +01:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00