security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-09-22 15:11:41 +02:00
Code Activity
91baea2dcd
gnupg/common
History
Werner Koch 2fc27c8696
gpg: Switch to a hash and CERT record based PKA system. 
* common/dns-cert.c (get_dns_cert): Make r_key optional.
* common/pka.c: Rewrite for the new hash based lookup.
* common/t-pka.c: New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.

--

Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.

The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time.  Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified.  Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key.  Having a solid way of getting a key matching
a mail address is however a must have.

More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase.  The auto-key-locate mechanism
should also be able to continue key fetching with another methods once
the fingerprint has been retrieved with PKA.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-25 16:34:19 +01:00
..
agent-opt.c agent: Move a typedef to common and provide parse_pinentry_mode. 2013-02-06 12:56:19 +01:00
argparse.c Update copyright years. 2015-02-03 09:12:45 +01:00
argparse.h common: Check option arguments for a valid range. 2014-10-29 17:07:51 +01:00
asshelp2.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
asshelp.c gpg-agent: Add restricted connection feature. 2014-11-27 20:41:37 +01:00
asshelp.h Add "gpgconf --kill dirmngr" and avoid useless launch before a kill. 2014-11-19 10:47:56 +01:00
audit.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
audit.h Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
b64dec.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
b64enc.c Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
ChangeLog-2011.include include: Remove this directory. 2014-01-29 17:45:05 +01:00
ChangeLog.jnlib Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
common-defs.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
convert.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
dns-cert.c gpg: Switch to a hash and CERT record based PKA system. 2015-02-25 16:34:19 +01:00
dns-cert.h common: Allow requesting a specific certtype with get_dns_cert() 2015-02-25 12:03:21 +01:00
dotlock.c avoid double-close in unusual dotlock situations 2014-12-22 12:56:13 +01:00
dotlock.h Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
dynload.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
exaudit.awk Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
exechelp-posix.c common: Remove superfluous statements. 2014-09-18 16:01:11 +02:00
exechelp-w32.c Remove support for the GPG_AGENT_INFO envvar. 2014-10-03 11:58:58 +02:00
exechelp-w32ce.c common: Cleanup the use of USE_NPTH and HAVE_NPTH macros. 2014-05-02 08:22:38 +02:00
exechelp.h Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
exstatus.awk Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
gc-opt-flags.h gpg: Add option --dirmngr-program. 2014-03-12 18:35:36 +01:00
get-passphrase.c Add "gpgconf --kill dirmngr" and avoid useless launch before a kill. 2014-11-19 10:47:56 +01:00
get-passphrase.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
gettime.c common: New function elapsed_time_string. 2014-03-18 11:02:50 +01:00
gettime.h common: New function elapsed_time_string. 2014-03-18 11:02:50 +01:00
gnupg.ico w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
gpgrlhelp.c Make use of the *_NAME etc macros. 2013-11-18 14:09:47 +01:00
helpfile.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
homedir.c gpg-agent: Use "pinentry-basic" as fallback. 2015-02-04 10:28:38 +01:00
host2net.h Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
http.c http: Improve diagnostic messages. 2014-12-08 17:12:23 +01:00
http.h Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
i18n.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
i18n.h Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
init.c Add a hook to be called right after main. 2015-01-28 19:57:22 +01:00
init.h Add a hook to be called right after main. 2015-01-28 19:57:22 +01:00
iobuf.c Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
iobuf.h Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
isascii.c Changed to GPLv3. 2007-07-04 19:49:40 +00:00
keyserver.h Initial code checking for backup - not yet working. 2011-01-10 14:30:17 +01:00
libjnlib-config.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
localename.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
logging.c Silence several warnings when building under Windows. 2014-03-07 16:06:35 +01:00
logging.h Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
Makefile.am gpg: Switch to a hash and CERT record based PKA system. 2015-02-25 16:34:19 +01:00
mapstrings.c common: New function map_static_macro_string. 2014-02-26 16:18:45 +01:00
mbox-util.c Move new mailbox.c source file to common/. 2015-02-25 11:43:50 +01:00
mbox-util.h Move new mailbox.c source file to common/. 2015-02-25 11:43:50 +01:00
membuf.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
membuf.h common: New function get_membuf_shrink. 2014-02-26 16:16:30 +01:00
miscellaneous.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
mischelp.c Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
mischelp.h common: Fix typo in header inclusion protection macro. 2014-08-11 17:22:47 +02:00
mkerrors Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
mkerrtok Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
mkstrtable.awk Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
openpgp-oid.c Fix buffer overflow in openpgp_oid_to_str. 2014-11-25 11:58:56 +01:00
openpgpdefs.h gpg: Use algorithm id 22 for EdDSA. 2014-09-12 11:31:49 +02:00
percent.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
pka.c gpg: Switch to a hash and CERT record based PKA system. 2015-02-25 16:34:19 +01:00
pka.h gpg: Switch to a hash and CERT record based PKA system. 2015-02-25 16:34:19 +01:00
README This commit was manufactured by cvs2svn to create branch 2003-08-05 17:11:04 +00:00
README.jnlib Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
session-env.c agent: Keep the session environment for restricted connections. 2014-12-19 13:07:09 +01:00
session-env.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
sexp-parse.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
sexputil.c common: Remove superfluous statements. 2014-09-18 16:01:11 +02:00
shareddefs.h agent: Move a typedef to common and provide parse_pinentry_mode. 2013-02-06 12:56:19 +01:00
signal.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
simple-pwquery.c common: Change a string to a simlar one to ease translation. 2014-11-19 10:47:56 +01:00
simple-pwquery.h Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
srv.c Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
srv.h w32: Include winsock2.h to silence warnings. 2014-03-07 14:18:43 +01:00
ssh-utils.c agent: Cleanups to prepare implementation of Ed25519. 2014-03-22 20:52:03 +01:00
ssh-utils.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
status.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
status.h Remove unused status codes 2013-01-30 18:51:56 +01:00
stringhelp.c gpg: Fix buffering problem in --list-config. 2015-01-28 20:12:21 +01:00
stringhelp.h gpg: Fix buffering problem in --list-config. 2015-01-28 20:12:21 +01:00
strlist.c Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
strlist.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
sysutils.c Remove use of gnulib (part 2) 2014-11-11 15:14:31 +01:00
sysutils.h Remove use of gnulib (part 2) 2014-11-11 15:14:31 +01:00
t-b64.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
t-convert.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
t-dns-cert.c common: Allow requesting a specific certtype with get_dns_cert() 2015-02-25 12:03:21 +01:00
t-dotlock.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
t-exechelp.c Fixed set but unused variable bugs 2011-08-10 14:11:30 +02:00
t-gettime.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
t-helpfile.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
t-http.c First changes for future use of NTBTLS. 2014-10-02 17:33:57 +02:00
t-mapstrings.c common: New function map_static_macro_string. 2014-02-26 16:18:45 +01:00
t-mbox-util.c Move new mailbox.c source file to common/. 2015-02-25 11:43:50 +01:00
t-openpgp-oid.c Fix buffer overflow in openpgp_oid_to_str. 2014-11-25 11:58:56 +01:00
t-percent.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
t-pka.c gpg: Switch to a hash and CERT record based PKA system. 2015-02-25 16:34:19 +01:00
t-session-env.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
t-sexputil.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
t-ssh-utils.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
t-stringhelp.c common: Add functions make_absfilename and make_absfilename_try. 2014-04-22 15:58:33 +02:00
t-support.c Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
t-support.h common: New function map_static_macro_string. 2014-02-26 16:18:45 +01:00
t-sysutils.c Remove use of gnulib (part 2) 2014-11-11 15:14:31 +01:00
t-timestuff.c Remove use of gnulib (part 1) 2014-11-11 10:13:10 +01:00
t-w32-reg.c Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
t-zb32.c common: Add another test case to zb32.c 2015-02-24 17:02:00 +01:00
tls-ca.pem http: Revamp TLS API. 2014-05-02 11:19:25 +02:00
tlv.c Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
tlv.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
ttyio.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
ttyio.h Change some keyedit functions to allow printing to arbitrary streams. 2014-03-27 12:59:55 +01:00
types.h include: Remove this directory. 2014-01-29 17:45:05 +01:00
userids.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
userids.h Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
utf8conv.c common: Require an installed libiconv. 2014-02-26 14:03:57 +01:00
utf8conv.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
util.h gpg-agent: Use "pinentry-basic" as fallback. 2015-02-04 10:28:38 +01:00
w32-afunix.c Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
w32-afunix.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
w32-reg.c w32: Include winsock2.h to silence warnings. 2014-03-07 14:18:43 +01:00
w32help.h common: Comment out unused code. 2013-07-31 16:25:41 +02:00
w32info-rc.h.in Update copyright years. 2015-02-03 09:12:45 +01:00
xasprintf.c Switch to the libgpg-error provided estream. 2014-08-26 17:47:54 +02:00
xmalloc.c gpg: Fix bug parsing a zero length user id. 2014-06-02 11:47:25 +02:00
xmalloc.h Change JNLIB license to LGPLv3+ or GPLv2+. 2011-09-30 12:53:34 +02:00
xreadline.c Change license for some files in common to LGPLv3+/GPLv2+. 2012-04-20 15:48:48 +02:00
yesno.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
zb32.c common: Add z-base-32 encoder. 2014-04-17 21:09:10 +02:00

README 

Stuff used by several modules of GnuPG.

These directories use it:

gpg
sm
agent

These directories don't use it:

kbx