4 years agodirmngr: Minor usage output fix.
Werner Koch [Fri, 17 Oct 2014 11:31:07 +0000 (13:31 +0200)]
dirmngr: Minor usage output fix.


4 years agodoc: Minor doc fix for --quick-lsign-key.
Werner Koch [Wed, 15 Oct 2014 14:22:03 +0000 (16:22 +0200)]
doc: Minor doc fix for --quick-lsign-key.


4 years agogpg: Remove extra RSA import status line.
Werner Koch [Mon, 13 Oct 2014 13:00:39 +0000 (15:00 +0200)]
gpg: Remove extra RSA import status line.

* g10/import.c (stats_s): Remove field "imported_rsa".
(import_print_stats): Do not print separate value for RSA.
(import_one): Remove the RSA counter.

RSA is the standard key format and thus there is no more need to have
a separate counter.  This is a remain from the RSA patent times.

Signed-off-by: Werner Koch <>
4 years agogpg: Fix informative printing of user ids.
Werner Koch [Mon, 13 Oct 2014 12:54:26 +0000 (14:54 +0200)]
gpg: Fix informative printing of user ids.

* g10/getkey.c (keyid_list): Add field "fpr".
(cache_user_id): Store fpr and check for dups only by fpr.
(get_pubkey_byfpr): New.
(get_user_id_string): Make static and use xasprintf.
(get_long_user_id_string): Use xasprintf.
(get_user_id_byfpr): New.
(get_user_id_byfpr_native): New.
* g10/keyid.c (fingerprint_from_pk): Make arg RET_LEN optional.
* g10/import.c (import_one): Use get_user_id_byfpr_native.

We now cache the userids using the fingerprint.  This allows to print
the correct user id for keys with a duplicated key id.  We should
eventually start to retire the use of all the old keyid based
functions.  However, at some places we only have the keyid and thus
some of them will need to be kept (maybe changed with an indication to
show that more than several user ids are matching).

Signed-off-by: Werner Koch <>
4 years agogpg: Allow importing keys with duplicated long key ids.
Werner Koch [Mon, 13 Oct 2014 12:01:29 +0000 (14:01 +0200)]
gpg: Allow importing keys with duplicated long key ids.

* g10/keydb.c (keydb_handle): Add field no_caching.
(keyblock_cache): Repalce field kid by fpr.
(keydb_disable_caching): New.
(keydb_search): Use the fingerprint as cache index.

* g10/import.c (import_one): Use the fingerprint and not the kid to
lookup the key.  Call keydb_disable_caching beofre re-searching for

* tests/openpgp/import.test: Add a test case.

Signed-off-by: Werner Koch <>
4 years agotests: Add sample keys with colliding long keu ids.
Werner Koch [Mon, 13 Oct 2014 11:56:47 +0000 (13:56 +0200)]
tests: Add sample keys with colliding long keu ids.


Thanks to David Leon Gil <> who posted these keys to on Fri, 13 Dec 2013 07:09:54 -0800 (PST).

4 years agotests: Speed up conventional encryption tests for gpg.
Werner Koch [Mon, 13 Oct 2014 09:45:34 +0000 (11:45 +0200)]
tests: Speed up conventional encryption tests for gpg.

* tests/openpgp/conventional-mdc.test: Add an s2k-count option.
* tests/openpgp/conventional.test: Ditto.

Due to measuring the iteration count for the passphrase hashing, the
conventional encryption tests are running quite slow.  This patch
fixes it by using a fixed and lower value for the iteration count.

Signed-off-by: Werner Koch <>
4 years agogpg: Minor change for better readability.
Werner Koch [Sun, 12 Oct 2014 17:15:20 +0000 (19:15 +0200)]
gpg: Minor change for better readability.

* g10/build-packet.c (write_version): Remove.
(do_pubkey_enc, do_onepass_sig): Write version directly.

Signed-off-by: Werner Koch <>
4 years agoUse a unique capitalization for "Note:".
Werner Koch [Fri, 10 Oct 2014 13:29:42 +0000 (15:29 +0200)]
Use a unique capitalization for "Note:".


4 years agopo: Fix some grammar buglets in the German translation.
Werner Koch [Fri, 10 Oct 2014 13:02:02 +0000 (15:02 +0200)]
po: Fix some grammar buglets in the German translation.


Reported-by: Thomas Gries
  "GnuPG erstellt eine User-ID,[Komma fehlt] um Ihren Schlüssel …"
  "Die Karte wird nun konfiguriert,[<<< Komma fehlt] um einen  …"
  in gpg-agent
  "verbite" → "verbiete"
  in gpg-agent --help

  ich fände eine einheitliche Groß- bzw. Kleinschreibung der Befehle
  besser, derzeit gibt es einen Mix aus Groß- und Kleinschreibung
  "Benutze... ", "benutze..." usw:

Item 3 was already fixed.  Also fixed some capitalization

Signed-off-by: Werner Koch <>
4 years agodoc: Fix a man page rendering problem.
Werner Koch [Fri, 10 Oct 2014 11:51:19 +0000 (13:51 +0200)]
doc: Fix a man page rendering problem.

* doc/gpg-agent.texi (Agent Configuration): Fix rendering of the
sshcontrol example.

4 years agogpg: Add build and runtime support for larger RSA keys
Daniel Kahn Gillmor [Thu, 9 Oct 2014 20:54:15 +0000 (16:54 -0400)]
gpg: Add build and runtime support for larger RSA keys

* Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.


This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from
STABLE-BRANCH-1-4 against master

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732

4 years agogpg: Skip overlong keys and a print a warning.
Werner Koch [Thu, 9 Oct 2014 19:01:49 +0000 (21:01 +0200)]
gpg: Skip overlong keys and a print a warning.

* kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too
long blobs.
* sm/keydb.c (keydb_search): Call keybox_search with a dummy param.
* g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs.
(keydb_search_reset): Reset that field.
(keydb_search): Update that field.
(keydb_get_skipped_counter): New.
* g10/keylist.c (list_all): Print count of skipped keys.

Signed-off-by: Werner Koch <>
4 years agogpg: Sync keylist output and warning messages.
Werner Koch [Thu, 9 Oct 2014 18:57:02 +0000 (20:57 +0200)]
gpg: Sync keylist output and warning messages.

* g10/keylist.c (list_all): Flush stdout before logging.
* g10/misc.c (print_pubkey_algo_note): Ditto.
(print_cipher_algo_note): Ditto.
(print_digest_algo_note): Ditto.
(print_md5_rejected_note): Ditto.

Signed-off-by: Werner Koch <>
4 years agokbx: Fix handling of overlong keys.
Werner Koch [Thu, 9 Oct 2014 18:19:05 +0000 (20:19 +0200)]
kbx: Fix handling of overlong keys.

* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 10^6 to 2MiB.
(_keybox_read_blob2): Skip too long record records.
(_keybox_write_blob): Do not accept too long record.
* kbx/keybox-dump.c (file_stats_s): Add field skipped_long_blobs.
(_keybox_dump_file): Print new counter.
(_keybox_dump_file): Skip too long records.

To test this feature you may set the limit back to 1MiB and use key
F7F0E70F307D56ED which is in my local copy close to 2MiB.  Without
this patch it was possible to import the key but access to that key
and all keys stored after it was not possible.

Signed-off-by: Werner Koch <>
4 years agogpg: Take care to use pubring.kbx if it has ever been used.
Werner Koch [Thu, 9 Oct 2014 17:10:32 +0000 (19:10 +0200)]
gpg: Take care to use pubring.kbx if it has ever been used.

* kbx/keybox-defs.h (struct keybox_handle): Add field for_openpgp.
* kbx/keybox-file.c (_keybox_write_header_blob): Set openpgp header
* kbx/keybox-blob.c (_keybox_update_header_blob): Add arg for_openpgp
and set header flag.
* kbx/keybox-init.c (keybox_new): Rename to do_keybox_new, make static
and add arg for_openpgp.
(keybox_new_openpgp, keybox_new_x509): New.  Use them instead of the
former keybox_new.
* kbx/keybox-update.c (blob_filecopy): Add arg for_openpgp and set the
openpgp header flags.

* g10/keydb.c (rt_from_file): New.  Factored out and extended from
(keydb_add_resource): Switch to the kbx file if it has the openpgp
flag set.

* kbx/keybox-dump.c (dump_header_blob): Print header flags.

The problem was reported by dkg on gnupg-devel (2014-10-07):

  I just discovered a new problem, though, which will affect people on
  systems that have gpg and gpg2 coinstalled:

   0) create a new keyring with gpg2, and use it exclusively with gpg2
  for a while.
   1) somehow (accidentally?) use gpg (1.4.x) again -- this creates
   2) future runs of gpg2 now only look at pubring.gpg and ignore
  pubring.kbx -- the keys you had accumulated in the keybox are no
  longer listed in the output of gpg2 --list-keys

Note that gpgsm has always used pubring.kbx and thus this file might
already be there but without gpg ever inserted a key.  The new flag in
the KBX header gives us an indication whether a KBX file has ever been
written by gpg >= 2.1.  If that is the case we will use it instead of
the default pubring.gpg.

Signed-off-by: Werner Koch <>
4 years agogpg: Change wording of a migration error message.
Werner Koch [Thu, 9 Oct 2014 08:56:25 +0000 (10:56 +0200)]
gpg: Change wording of a migration error message.


4 years agodoc: Add missing entry for allow-preset-passphase
Kristian Fiskerstrand [Tue, 7 Oct 2014 18:37:16 +0000 (20:37 +0200)]
doc: Add missing entry for allow-preset-passphase


4 years agoAvoid unnecessary library linkage
Daniel Kahn Gillmor [Wed, 8 Oct 2014 07:12:51 +0000 (03:12 -0400)]
Avoid unnecessary library linkage

* dirmngr/ Avoid $(DNSLIBS) for dirmngr_ldap
* g10/ $(LIBREADLINE) is only for gpg2; gpgv2 does not
* sm/ gpgsm does not need $(ZLIBS)
* tools/ gpgconf does not need $(NPTH_LIBS)


In the course of building GnuPG 2.1.0 beta864 on debian, i found that
several of the installed executables were linked to libraries that
they did not need to be linked to, which would cause unnecessary
package dependencies at runtime.

The changeset here removes these unnecessary libraries from linking.

Something similar could possibly also be done by passing --as-needed
to the linker, but trimming the depenencies seems more parsimonious.

4 years agogpg: Avoid error exit if keygrip computations fails in a key listing.
Werner Koch [Wed, 8 Oct 2014 19:40:34 +0000 (21:40 +0200)]
gpg: Avoid error exit if keygrip computations fails in a key listing.

* g10/keyid.c (keygrip_from_pk): Use log_info and clear array on error.

This may happen due to algorithms or curves not supported by
Libgcrypt.  We should only print a warning and not have gpg return
with failure for a secret key listing.

Signed-off-by: Werner Koch <>
4 years agodoc: Minor fix.
Werner Koch [Fri, 3 Oct 2014 18:19:08 +0000 (20:19 +0200)]
doc: Minor fix.


Due to todays reminder:

  On Tue 2014-04-22 18:46:15 -0400, Daniel Kahn Gillmor wrote:
  > With --trust-model=always, all keys and user IDs are considered
  > automatically valid; they are not automatically trusted (setting
  > universal ownertrust to anything other than "ultimate" would be
  > insufficient to acheive the effect of --trust-model=always, due to
  > --max-cert-depth and certificate path reachability).
  > Thanks to Nicolai Josuttis for pointing out this documentation

4 years agoRelease 2.1.0-beta864. gnupg-2.1.0-beta864
Werner Koch [Fri, 3 Oct 2014 13:45:32 +0000 (15:45 +0200)]
Release 2.1.0-beta864.

4 years agospeedo: Add INSTALL_PREFIX feature.
Werner Koch [Fri, 3 Oct 2014 13:30:38 +0000 (15:30 +0200)]
speedo: Add INSTALL_PREFIX feature.


With this it is now possible build and install gnupg 2.1 properly
below /usr/local:

  make -f TOPSRC/build-aux/ native INSTALL_PREFIX=/usr/local

Of course you need installation priviliges for the /usr/local tree.

4 years agogpg: Allow creating a cert-only primary key.
Werner Koch [Fri, 3 Oct 2014 13:05:47 +0000 (15:05 +0200)]
gpg: Allow creating a cert-only primary key.

* g10/keygen.c (ask_key_flags): Allow a 'c' in direct entry.

GnuPG-bug-id: 1726

4 years agoSome doc fixes and a fix for "make distcheck".
Werner Koch [Fri, 3 Oct 2014 11:02:06 +0000 (13:02 +0200)]
Some doc fixes and a fix for "make distcheck".


4 years agobuild: Add configure options --disable-{ntb,gnu}tls.
Werner Koch [Fri, 3 Oct 2014 10:35:22 +0000 (12:35 +0200)]
build: Add configure options --disable-{ntb,gnu}tls.

* Add --disable-ntbtls and --disable-gnutls.

4 years agogpg: Check gpg-agent version before 2.1 migration.
Andre Heinecke [Fri, 19 Sep 2014 17:38:13 +0000 (19:38 +0200)]
gpg: Check gpg-agent version before 2.1 migration.

* g10/call-agent.c, g10/call-agent.h (agent_get_version): New.
* g10/migrate.c (migrate_secring): Abort migration if
agent_get_version returns not at least 2.1.0

GnuPG-bug-id: 1718

On the first installation of GnuPG 2.1 it is likely that an
old gpg-agent is still running in the environment. In that
case the migration would fail.

Signed-off-by: Andre Heinecke <>
4 years agopo: Auto update translations.
Werner Koch [Fri, 3 Oct 2014 10:13:25 +0000 (12:13 +0200)]
po: Auto update translations.


4 years agopo: Update German translation.
Werner Koch [Fri, 3 Oct 2014 10:13:05 +0000 (12:13 +0200)]
po: Update German translation.

4 years agoRemove support for the GPG_AGENT_INFO envvar.
Werner Koch [Fri, 3 Oct 2014 09:58:58 +0000 (11:58 +0200)]
Remove support for the GPG_AGENT_INFO envvar.

* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options.  Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket

The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.

4 years agogpg: Fix regression removing SHA256.
Werner Koch [Thu, 2 Oct 2014 17:17:34 +0000 (19:17 +0200)]
gpg: Fix regression removing SHA256.

* g10/misc.c (map_md_openpgp_to_gcry): Always use SHA256.

Regression due to commit d33246700578cddd1cb8ed8164cfbba50aba4ef3

GnuPG-bug-id: 1733.

4 years agoFirst changes for future use of NTBTLS.
Werner Koch [Thu, 2 Oct 2014 15:33:57 +0000 (17:33 +0200)]
First changes for future use of NTBTLS.

(HTTP_USE_NTBTLS): New.  Prefer over GNUTLS.
* m4/ntbtls.m4: New.
* m4/ (EXTRA_DIST): Add new file.
* common/http.c: Add conditionals to eventually use NTBTLS.

This is only the configure stuff.  If you have NTBTLS installed GNUTLS
will not be used but there won't be any https support either :-(.
This patch is used to have a real world test bench for the forthcoming

4 years agobuild: Update m4 scripts
Werner Koch [Thu, 2 Oct 2014 14:17:45 +0000 (16:17 +0200)]
build: Update m4 scripts

* m4/gpg-error.m4: Update from Libgpg-error git master.
* m4/libgcrypt.m4: Update from Libgcrypt git master.
* Declare SYSROOT a precious variable.  Add extra error
message for library configuration mismatches.

4 years agodoc: Remove GnuPG-1 related parts from gpg.texi.
Werner Koch [Mon, 29 Sep 2014 09:49:50 +0000 (11:49 +0200)]
doc: Remove GnuPG-1 related parts from gpg.texi.

* doc/ (YAT2M_OPTIONS): Add 2.1 to the source info.
* doc/gpg.texi: Remove gpg1 related texts.

4 years agogpg: Default to SHA-256 for all signature types on RSA keys.
Werner Koch [Sat, 27 Sep 2014 13:21:02 +0000 (15:21 +0200)]
gpg: Default to SHA-256 for all signature types on RSA keys.

* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
strict RFC or PGP modes.
* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
RSA key signatures.
* Do not allow to disable sha256.

4 years agogpg: Simplify command --gen-key and add --full-gen-key.
Werner Koch [Sat, 27 Sep 2014 13:14:13 +0000 (15:14 +0200)]
gpg: Simplify command --gen-key and add --full-gen-key.

* g10/gpg.c (aFullKeygen): New.
(opts): Add command --full-key-gen.
(main): Implement it.
* g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although
the value is identical.
(quick_generate_keypair): Use new macros here.
(generate_keypair): Add arg "full" and fix call callers. Do not ask
for keysize in non-full node.
(ask_user_id): Add arg "full" and simplify for non-full mode.

4 years agodoc: Update the file OpenPGP
Werner Koch [Sat, 27 Sep 2014 09:17:07 +0000 (11:17 +0200)]
doc: Update the file OpenPGP


It should actually be completey reworked but for now I added just a
few notes.

4 years agogpg: Add shortcut for setting key capabilities.
Werner Koch [Fri, 26 Sep 2014 12:43:48 +0000 (14:43 +0200)]
gpg: Add shortcut for setting key capabilities.

* g10/keygen.c (ask_key_flags): Add shortcut '='.
* doc/help.txt (gpg.keygen.flags): New.

4 years agogpg: Do not always print dashes in obsolete_option.
Werner Koch [Thu, 25 Sep 2014 20:13:03 +0000 (22:13 +0200)]
gpg: Do not always print dashes in obsolete_option.

* g10/gpg.c (main): Pass option names to obsolete_option without
double dash.
* g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double
dash only for command line options.

4 years agogpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
Daniel Kahn Gillmor [Thu, 25 Sep 2014 18:45:37 +0000 (14:45 -0400)]
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.

* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.


In gpg2, the following options are only relevant for scdaemon:


but in gpg1, they are options for gpg itself.

Some users of gpg1 might have these options in their
~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
config file.

gpg2 should not fail hard, though giving a warning (and suggesting a
move to scdaemon.conf) seems OK.

This patch does *not* reintroduce any documentation for these options
in gpg.texi, even to indicate that they are "dummy" options, since
scdaemon.texi contains the appropriate documentation.

Debian-bug-id: 762844

- Program names factored out from obsolete_scdaemon_option to make
  reuse without new translations easier. -wk

4 years agobuild: Change urlbase of
Werner Koch [Thu, 25 Sep 2014 06:44:57 +0000 (08:44 +0200)]
build: Change urlbase of


4 years agoReformat README and minor gpg.texi improvement.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Reformat README and minor gpg.texi improvement.


The second thing is to explain the file names below under

4 years agoRegister DCO for Daniel Kahn Gillmor.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Register DCO for Daniel Kahn Gillmor.


4 years agospeedo: Check that wget and gpgv are installed.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
speedo: Check that wget and gpgv are installed.

* build-aux/ Check for required tools.

4 years agospeedo: Autodetect sha1sum tools.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
speedo: Autodetect sha1sum tools.

* build-aux/ Add option --find-sha1sum.
* build-aux/ (check-tools): New phony target.  Not yet used.
(SHA1SUM): New var.  Use it instead of sha1sum.

4 years agogpg: Create default keyring with .kbx suffix.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: Create default keyring with .kbx suffix.

* g10/keydb.c (maybe_create_keyring_or_box): Rename arg for clarity.
(keydb_add_resource): Fix order of args to maybe_create_keyring_or_box
and check and create .kbx.

4 years agodoc: Fix --secret-keyring option for 2.1
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
doc: Fix --secret-keyring option for 2.1


4 years agogpg: --delete-secret-key - check that a secret key exists.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: --delete-secret-key - check that a secret key exists.

* g10/delkey.c (do_delete_key): Check availibility of a secret key.

Actually we check that at least one secret subkey exists.

4 years agogpg: Make algorithm selection prompt for ECC more clear.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: Make algorithm selection prompt for ECC more clear.

* g10/keygen.c (ask_algo): Change 9 to "ECC and ECC".

4 years agoRegister DCO for Andre Heinecke.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Register DCO for Andre Heinecke.


4 years agoPost beta release update.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Post beta release update.


4 years agoRelease 2.1.0-beta834. gnupg-2.1.0-beta834
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Release 2.1.0-beta834.

4 years agospeedo: Distribute needed files.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
speedo: Distribute needed files.

* (EXTRA_DIST): Add speedo stuff.

4 years agobuild: Enable gpgtar by default.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
build: Enable gpgtar by default.

4 years agocommon: Do not build maintainer modules in non-maintainer mode.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
common: Do not build maintainer modules in non-maintainer mode.

* common/ (module_maint_tests): Use only in maintainer
(t_common_cflags): New.

4 years agocommon: Remove superfluous statements.
Werner Koch [Thu, 18 Sep 2014 13:49:44 +0000 (15:49 +0200)]
common: Remove superfluous statements.

* common/exechelp-posix.c: Remove weak pragmas.
* common/sexputil.c (make_canon_sexp_from_rsa_pk): Remove double

We do not use Pth anymore and thus there is no more need for the weak

4 years agog13: Avoid segv after pipe creation failure.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
g13: Avoid segv after pipe creation failure.

* g13/call-gpg.c (gpg_encrypt_blob): Init some vars in case of an
early error.
(gpg_decrypt_blob): Ditto.

4 years agoscd: Fix int/short mismatch in format string of app-p15.c
Werner Koch [Thu, 18 Sep 2014 13:39:50 +0000 (15:39 +0200)]
scd: Fix int/short mismatch in format string of app-p15.c

* scd/app-p15.c (parse_certid): Use snprintf and cast value.
(send_certinfo): Ditto.
(send_keypairinfo): Ditto.
(do_getattr): Ditto.

4 years agoagent: Init a local variable in the error case.
Werner Koch [Thu, 18 Sep 2014 13:32:17 +0000 (15:32 +0200)]
agent: Init a local variable in the error case.

* agent/pksign.c (do_encode_md): Init HASH on error.

4 years agoagent: Remove left over debug output.
Werner Koch [Thu, 18 Sep 2014 13:28:40 +0000 (15:28 +0200)]
agent: Remove left over debug output.

* agent/command-ssh.c (ssh_signature_encoder_eddsa): Remove debug

4 years agoagent: Silence compiler warning for a debug message.
Werner Koch [Thu, 18 Sep 2014 13:21:56 +0000 (15:21 +0200)]
agent: Silence compiler warning for a debug message.

* agent/call-pinentry.c (agent_query_dump_state): Use %p for

4 years agosm: Silence compiler warnings.
Werner Koch [Thu, 18 Sep 2014 13:17:44 +0000 (15:17 +0200)]
sm: Silence compiler warnings.

* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Remove unused var I.
* sm/certreqgen.c (proc_parameters): Init PUBLIC to avoid compiler

4 years agogpg: Silence a compiler warning.
Werner Koch [Thu, 18 Sep 2014 13:08:51 +0000 (15:08 +0200)]
gpg: Silence a compiler warning.

* g10/parse-packet.c (enum_sig_subpkt): Replace hack.

4 years agogpg: Replace a hash algo test function.
Werner Koch [Thu, 18 Sep 2014 12:56:39 +0000 (14:56 +0200)]
gpg: Replace a hash algo test function.

* g10/gpg.c (print_mds): Replace openpgp_md_test_algo.

This is actually not required because as of now the used OpenPGP and
Gcrypt hash algorithm numbers are identical.  But that might change in
the future.

This changes the behavior of GnuPG in case it has been build with
some algorithms disabled: If those algorithms are available in
Libgcrypt, their results will be used printed anyway.

4 years agogpg: Re-indent a function.
Werner Koch [Thu, 18 Sep 2014 12:50:02 +0000 (14:50 +0200)]
gpg: Re-indent a function.


4 years agospeedo: Various fixes
Werner Koch [Thu, 18 Sep 2014 09:08:45 +0000 (11:08 +0200)]
speedo: Various fixes

* build-aux/ Take zlib and bzip2 from  Minor
other fixes.

4 years agospeedo: Improve speedo Makefile.
Werner Koch [Wed, 17 Sep 2014 19:33:32 +0000 (21:33 +0200)]
speedo: Improve speedo Makefile.


Building for the native platform is now a mere

  make -f build-aux/ native

You may also use "help" as target.

4 years agopo: Auto-update
Werner Koch [Wed, 17 Sep 2014 17:31:27 +0000 (19:31 +0200)]
po: Auto-update


4 years agogpg: Print a warning if the subkey expiration may not be what you want.
Werner Koch [Wed, 17 Sep 2014 14:27:37 +0000 (16:27 +0200)]
gpg: Print a warning if the subkey expiration may not be what you want.

* g10/keyedit.c (subkey_expire_warning): New.
(keyedit_menu): Call it when needed.
GnuPG-bug-id: 1715

The heuristic to detect a problem is not very advanced but it should
catch the most common cases.

4 years agogpg: Improve passphrase caching.
Werner Koch [Wed, 17 Sep 2014 13:12:08 +0000 (15:12 +0200)]
gpg: Improve passphrase caching.

* agent/cache.c (last_stored_cache_key): New.
(agent_get_cache): Allow NULL for KEY.
(agent_store_cache_hit): New.
* agent/findkey.c (unprotect): Call new function and try to use the
last stored key.

* g10/revoke.c (create_revocation): Add arg CACHE_NONCE and pass to
(gen_standard_revoke): Add arg CACHE_NONCE and pass to
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke with
cache nonce.

This patch adds two features:

1. The key for the last passphrase successfully used for unprotecting
a key is stored away.  On a cache miss the stored away passphrase is
tried as well.  This helps for the common GPG use case of having a
signing and encryption (sub)key with the same passphrase.  See the
code for more comments.

2. The now auto-generated revocation certificate does not anymore
popup a passphrase prompt.  Thus for standard key generation the
passphrase needs to be given only once (well, two with the

4 years agogpg: Use algorithm id 22 for EdDSA.
Werner Koch [Fri, 12 Sep 2014 09:31:49 +0000 (11:31 +0200)]
gpg: Use algorithm id 22 for EdDSA.

* common/openpgpdefs.h (PUBKEY_ALGO_EDDSA): Change to 22.
* g10/keygen.c (ask_curve): Reword the Curve25519 warning note.

In the hope that the IETF will eventually assign 22 for EdDSA using
the draft-koch-eddsa-for-openpgp-01 specs we start using this number.

4 years agobuild: Require libgpg-error 1.15
Werner Koch [Fri, 12 Sep 2014 08:57:49 +0000 (10:57 +0200)]
build: Require libgpg-error 1.15


1.14 had a problem in its ABI and was thus remove from the FTP Server
after 3 days. 1.15 fixes this.

4 years agodoc: Small grammar fix
Werner Koch [Fri, 12 Sep 2014 08:49:31 +0000 (10:49 +0200)]
doc: Small grammar fix


4 years agogpg: Stop early on bogus old style comment packets.
Werner Koch [Thu, 11 Sep 2014 14:40:45 +0000 (16:40 +0200)]
gpg: Stop early on bogus old style comment packets.

* g10/parse-packet.c (parse_key): Take care of too short packets for
old style commet packets.

GnuPG-bug-id: 1714

4 years agodirmngr: Support https for KS_FETCH.
Werner Koch [Wed, 10 Sep 2014 08:37:48 +0000 (10:37 +0200)]
dirmngr: Support https for KS_FETCH.

* dirmngr/ks-engine-hkp.c (cert_log_cb): Move to ...
* dirmngr/misc.c (cert_log_cb): here.
* dirmngr/ks-engine-http.c (ks_http_fetch): Support 307-redirection
and https.

Note that this requires that the root certificates are registered using
the --hkp-cacert option.  Eventually we may introduce a separate
option to allow using different CAs for KS_FETCH and keyserver based

4 years agodirmngr: Fix the ks_fetch command for the http scheme.
Werner Koch [Wed, 10 Sep 2014 07:15:57 +0000 (09:15 +0200)]
dirmngr: Fix the ks_fetch command for the http scheme.

* common/http.c (http_session_ref): Allow for NULL arg.

We always test for a an existing session and thus passing NULL as
session object should be allowed.

Reported-by: Jens Lechtenboerger
4 years agoMerge branch 'wk/test-gpgrt-estream'
Werner Koch [Mon, 8 Sep 2014 17:26:02 +0000 (19:26 +0200)]
Merge branch 'wk/test-gpgrt-estream'

4 years agogpg: Fix memory leak in ECC encryption.
Werner Koch [Mon, 8 Sep 2014 16:25:06 +0000 (18:25 +0200)]
gpg: Fix memory leak in ECC encryption.

* g10/pkglue.c (pk_encrypt): Fix memory leak and streamline error

4 years agodoc: Remove some stuff for the very incomplete instguide.
Werner Koch [Wed, 3 Sep 2014 07:45:20 +0000 (09:45 +0200)]
doc: Remove some stuff for the very incomplete instguide.


4 years agodoc: Typo fix
Werner Koch [Tue, 2 Sep 2014 14:01:25 +0000 (16:01 +0200)]
doc: Typo fix

Debian-bug-id: 760273

4 years agogpg: Fix export of NIST ECC keys.
Werner Koch [Tue, 2 Sep 2014 10:10:19 +0000 (12:10 +0200)]
gpg: Fix export of NIST ECC keys.

* common/openpgp-oid.c (struct oidtable): New.
(openpgp_curve_to_oid): Rewrite and allow OID as input.
(openpgp_oid_to_curve): Make use of the new table.

Due to the previous change we now usually store the OID with the
private key and not the name.  Thus during import we do not anymore
need to map the name to an oid but can use the oid directly.  We fix
that by extending openpgp_curve_to_oid to allow an oidstr as input.

4 years agoagent: Fix import of OpenPGP EdDSA keys.
Werner Koch [Tue, 2 Sep 2014 09:22:07 +0000 (11:22 +0200)]
agent: Fix import of OpenPGP EdDSA keys.

* agent/cvt-openpgp.c (get_keygrip): Special case EdDSA.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(apply_protection): Handle opaque MPIs.

(do_unprotect): Check FLAG_OPAQUE instead of FLAG_USER1 before
unpacking an opaque mpi.

The key transfer protocol between gpg and gpg-agent uses gcrypt
algorithm numbers which merge all ECC algorithms into one.  Thus it is
not possible to use the algorithm number to determine the EdDSA
algorithm.  We need to known that because Libgcrypt requires the
"eddsa" flag with the curve "Ed25519" to actually use the Ed25519
signature specification.

The last fix is for correctness; the first case won't be used anyway.

4 years agogpg: Fix export of ecc secret keys by adjusting check ordering.
Kyle Butt [Tue, 26 Aug 2014 21:11:47 +0000 (14:11 -0700)]
gpg: Fix export of ecc secret keys by adjusting check ordering.

* g10/export.c (transfer_format_to_openpgp): Move the check against
PUBKEY_MAX_NSKEY to after the ECC code adjusts the number of

4 years agoagent: Allow key unprotection using AES-256.
Werner Koch [Mon, 1 Sep 2014 08:15:21 +0000 (10:15 +0200)]
agent: Allow key unprotection using AES-256.

* agent/protect.c (PROT_CIPHER): Rename to GCRY_CIPHER_AES128 for
(do_decryption): Add args prot_cipher and prot_cipher_keylen.  USe
them instead of the hardwired values.
(agent_unprotect): Change to use a table of protection algorithms.
Add AES-256 variant.

This patch will make a possible future key protection algorithm
changes smoother.  AES-256 is also allowed although there is currently
no way to encrypt using it.

4 years agospeedo: Fix for non-Windows build of glib.
Werner Koch [Mon, 1 Sep 2014 08:10:30 +0000 (10:10 +0200)]
speedo: Fix for non-Windows build of glib.


4 years agogpg: Do not show "MD5" and triplicated "RSA" in --version.
Werner Koch [Thu, 28 Aug 2014 14:01:22 +0000 (16:01 +0200)]
gpg: Do not show "MD5" and triplicated "RSA" in --version.

* g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases
(build_list_md_test_algo): Ignore MD5.

4 years agogpg: Do not show "MD5" and triplicated "RSA" in --version.
Werner Koch [Thu, 28 Aug 2014 14:01:22 +0000 (16:01 +0200)]
gpg: Do not show "MD5" and triplicated "RSA" in --version.

* g10/gpg.c (build_list_pk_test_algo): Ignore RSA aliases
(build_list_md_test_algo): Ignore MD5.

4 years agogpg: Remove CAST5 from the default prefs and order SHA-1 last.
Werner Koch [Tue, 26 Aug 2014 21:20:07 +0000 (23:20 +0200)]
gpg: Remove CAST5 from the default prefs and order SHA-1 last.

* g10/keygen.c (keygen_set_std_prefs): Update prefs.

4 years agoSwitch to the libgpg-error provided estream.
Werner Koch [Tue, 26 Aug 2014 15:47:22 +0000 (17:47 +0200)]
Switch to the libgpg-error provided estream.

* (NEED_GPG_ERROR_VERSION): Reguire 1.14.
(estream_INIT): Remove.
* m4/estream.m4: Remove.
* common/estream-printf.c, common/estream-printf.h: Remove.
* common/estream.c, common/estream.h: Remove.
* common/init.c (_init_common_subsystems): Call gpgrt initialization.

4 years agogpg: Allow for positional parameters in the passphrase prompt.
Werner Koch [Tue, 26 Aug 2014 08:16:04 +0000 (10:16 +0200)]
gpg: Allow for positional parameters in the passphrase prompt.

* g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf.

Without that at least the French translation does not always work
because it requires positional parameters.  Windows for example does
not support them as they are not defined by C99 but by POSIX.

5 years agogpg: Fix "can't handle public key algorithm" warning.
Werner Koch [Wed, 20 Aug 2014 07:59:36 +0000 (09:59 +0200)]
gpg: Fix "can't handle public key algorithm" warning.

* g10/parse-packet.c (unknown_pubkey_warning): Check for encr/sign

5 years agospeedo: Get version numbers from online database.
Werner Koch [Tue, 19 Aug 2014 10:49:45 +0000 (12:49 +0200)]
speedo: Get version numbers from online database.

* build-aux/ New.
* build-aux/ Get release version numbers from swdb.lst.

This should make maintaining GnuPG installations easier.  Running

 make -f /foo/gnupg/build-aux/ TARGETOS=native WHAT=release

downloads all GnuPG related packages and builds them.  The gnupg
directory may be a GIT checkout but in that case please run
./ on it first.  Note that currently swdb.lst is always
downloaded from and thus monitoring the network or the gnupg
machine reveal information on who is currently building GnuPG.  If
there is an easy way to detect that TOR is enabled this can be changed
to directly download from the GnuPG hidden service.

5 years agobuild: Create VERSION file via autoconf.
Werner Koch [Tue, 19 Aug 2014 09:12:26 +0000 (11:12 +0200)]
build: Create VERSION file via autoconf.

* (dist-hook): Remove creation of VERSION.
* Let autoconf create VERSION.

5 years agogpg: Install the current release signing pubkey.
Werner Koch [Mon, 18 Aug 2014 14:38:13 +0000 (16:38 +0200)]
gpg: Install the current release signing pubkey.

* g10/distsigkey.gpg: New.

This might be useful to help installing updates.

5 years agoagent: Return NO_SECKEY instead of ENONET for PKSIGN and others.
Werner Koch [Mon, 18 Aug 2014 13:42:54 +0000 (15:42 +0200)]
agent: Return NO_SECKEY instead of ENONET for PKSIGN and others.

* agent/pksign.c (agent_pksign_do): Replace ENONET by NO_SECKEY.
* agent/findkey.c (agent_key_from_file): No diagnostic for NO_SECKEY.
* agent/pkdecrypt.c (agent_pkdecrypt): Replace checking for ENOENT.

5 years agotests: Re-enable OpenPGP ecc test.
Werner Koch [Mon, 18 Aug 2014 10:55:54 +0000 (12:55 +0200)]
tests: Re-enable OpenPGP ecc test.


5 years agokbx: Make user id and signature data optional for OpenPGP.
Werner Koch [Mon, 18 Aug 2014 10:55:29 +0000 (12:55 +0200)]
kbx: Make user id and signature data optional for OpenPGP.

* kbx/keybox-blob.c (_keybox_create_openpgp_blob): Remove restriction.

Although self-signature and key binding signatures are required by
OpenPGP, we should not enforce that in the storage backend.

5 years agogpg: Change default cipher for --symmetric from CAST5 to AES-128.
Werner Koch [Mon, 18 Aug 2014 09:45:00 +0000 (11:45 +0200)]
gpg: Change default cipher for --symmetric from CAST5 to AES-128.

* g10/main.h (DEFAULT_CIPHER_ALGO): Chhange to AES or CAST5 or 3DES
depending on configure option.
* g10/gpg.c (main): Set opt.s2k_cipher_algo to DEFAULT_CIPHER_ALGO.

5 years agoyat2m: Support @set and @value.
Werner Koch [Mon, 18 Aug 2014 09:42:10 +0000 (11:42 +0200)]
yat2m: Support @set and @value.

* doc/yat2m.c (variablelist): New.
(set_variable): New.
(macro_set_p): Also check the variables.
(proc_texi_cmd): Support the @value command.
(parse_file): Support the @set command.
(top_parse_file): Release variablelist.

5 years agoyat2m: Support the $* command for man page rendering.
Werner Koch [Mon, 18 Aug 2014 09:39:57 +0000 (11:39 +0200)]
yat2m: Support the $* command for man page rendering.