security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-21 14:47:03 +01:00
Code Activity
gnupg/g10
History
Werner Koch db1f74ba53 gpg: Protect against rogue keyservers sending secret keys. 
* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.
--

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id.  The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

Suggested-by: Stefan Tomanek
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e7abed3448c1c1a4e756c12f95b665b517d22ebe)

Resolved conflicts:
	g10/import.c
	g10/keyserver.c
2014-03-07 10:14:05 +01:00
..
armor.c
gpg: Change armor Version header to emit only the major version.
2013-11-27 09:20:02 +01:00
build-packet.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
call-agent.c
gpg: Make decryption with the OpenPGP card work.
2013-08-28 17:40:32 +02:00
call-agent.h
gpg: Make decryption with the OpenPGP card work.
2013-08-28 17:40:32 +02:00
call-dirmngr.c
Use has_leading_keyword in the assuan callbacks.
2013-02-22 10:56:13 +01:00
call-dirmngr.h
Require libgcrypt 1.5
2011-03-08 12:23:59 +01:00
card-util.c
gpg: Add another card vendor id.
2014-01-29 15:19:20 +01:00
ChangeLog-2011
Generate the ChangeLog from commit logs.
2011-12-01 11:09:02 +01:00
cipher.c
Replace gcry_md_start_debug by gcry_md_debug.
2011-09-20 09:54:27 +02:00
comment.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
compress-bz2.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
compress.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
cpr.c
gpg: Start using OpenPGP digest algo ids.
2014-01-31 15:33:03 +01:00
dearmor.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
decrypt-data.c
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
decrypt.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
dek.h
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
delkey.c
gpg: Remove a function wrapper.
2013-01-08 09:43:21 +01:00
ecdh.c
gpg: Use only OpenPGP cipher algo ids.
2014-01-31 14:35:49 +01:00
encrypt.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
exec.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
exec.h
Changed to GPLv3.
2007-07-04 19:49:40 +00:00
export.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
filter.h
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
free-packet.c
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
getkey.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
gpg-w32info.rc
w32: Add icons and version information.
2013-05-07 21:35:48 +02:00
gpg.c
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
gpg.h
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
gpgv.c
gpgv: Init Libgcrypt to avoid syslog warning.
2014-03-07 09:58:22 +01:00
helptext.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
import.c
gpg: Protect against rogue keyservers sending secret keys.
2014-03-07 10:14:05 +01:00
kbnode.c
Fix minor compiler warnings.
2013-11-15 15:49:34 +01:00
keydb.c
kbx: Implement update operation for OpenPGP keyblocks.
2013-11-15 15:54:31 +01:00
keydb.h
gpg: Change format for the key size in --list-key and --edit-key.
2014-02-05 10:37:59 +01:00
keyedit.c
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
keygen.c
gpg: Silent more compiler warnings due to some configure options.
2014-02-10 23:15:34 +01:00
keyid.c
gpg: Change format for the key size in --list-key and --edit-key.
2014-02-05 10:37:59 +01:00
keylist.c
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
keyring.c
Make use of the *_NAME etc macros.
2013-11-18 14:09:47 +01:00
keyring.h
Decryption and signi via agent is now implemented.
2010-04-23 11:36:59 +00:00
keyserver-internal.h
Initial code checking for backup - not yet working.
2011-01-10 14:30:17 +01:00
keyserver.c
gpg: Protect against rogue keyservers sending secret keys.
2014-03-07 10:14:05 +01:00
main.h
gpg: Start using OpenPGP digest algo ids.
2014-01-31 15:33:03 +01:00
mainproc.c
gpg: Change format for the key size in --list-key and --edit-key.
2014-02-05 10:37:59 +01:00
Makefile.am
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
mdfilter.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
misc.c
gpg: Avoid compiler warnings for disabled algos.
2014-02-07 13:41:04 +01:00
openfile.c
Make use of the *_NAME etc macros.
2013-11-18 14:09:47 +01:00
OPTIONS
See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
2000-07-31 08:04:16 +00:00
options.h
gpg: Protect against rogue keyservers sending secret keys.
2014-03-07 10:14:05 +01:00
options.skel
gpg: Remove legacy keyserver examples from the template conf file.
2014-03-07 09:53:29 +01:00
packet.h
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
parse-packet.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
passphrase.c
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
photoid.c
gpg: Cleanup compiler warnings due to some configure options.
2014-02-10 23:15:28 +01:00
photoid.h
Decryption and signi via agent is now implemented.
2010-04-23 11:36:59 +00:00
pkclist.c
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
pkglue.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
pkglue.h
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
plaintext.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
progress.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
pubkey-enc.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
pubring.asc
See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch
2000-07-31 08:04:16 +00:00
revoke.c
gpg: Remove a function wrapper.
2013-01-08 09:43:21 +01:00
rmd160.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
rmd160.h
Add missing header file.
2008-12-12 08:54:50 +00:00
seckey-cert.c
Add tweaks for the not anymore patented IDEA algorithm.
2012-05-08 18:18:32 +02:00
server.c
Make use of the *_NAME etc macros.
2013-11-18 14:09:47 +01:00
seskey.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
sig-check.c
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
sign.c
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
2014-01-30 18:48:37 +01:00
signal.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
skclist.c
gpg: Remove cipher.h and put algo ids into a common file.
2014-01-29 20:35:05 +01:00
t-rmd160.c
Nuked almost all trailing white space.
2011-02-04 12:57:53 +01:00
tdbdump.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
tdbio.c
Make use of the *_NAME etc macros.
2013-11-18 14:09:47 +01:00
tdbio.h
Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
2012-01-20 16:50:42 -05:00
textfilter.c
Started to implement the audit log feature.
2007-11-19 16:03:50 +00:00
trust.c
Fix g10/trust.c.
2014-03-06 16:23:10 +09:00
trustdb.c
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
trustdb.h
gpg: Allow building without any trust model support.
2014-02-10 17:46:40 +01:00
verify.c
Change all quotes in strings and comments to the new GNU standard.
2012-06-05 19:29:22 +02:00
zlib-riscos.h
include: Remove this directory.
2014-01-29 17:45:05 +01:00