5 years agoRemove use of gnulib (part 1)
Werner Koch [Tue, 11 Nov 2014 09:13:10 +0000 (10:13 +0100)]
Remove use of gnulib (part 1)

* gl/: Remove entire tree.
* Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/ (common_libs): Remove ../gl/gnulib.a
* common/ (t_common_ldadd): Ditto.
* dirmngr/ (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/ (needed_libs): Ditto.
* g13/ (g13_LDADD): Ditto.
* kbx/ (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/ (scdaemon_LDADD): Ditto.
* sm/ (common_libs): Ditto.
* tools/ (common_libs, commonpth_libs): Ditto.

* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"

* common/t-timestuff.c: Use putenv if setenv is not available.

gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X.  This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.

In part two we will address the functions


which may bot be implemented on all platforms.  They are not required
on a libc based system.

Signed-off-by: Werner Koch <>
5 years agogpg: Remove warning message for non-implemented search modes.
Werner Koch [Fri, 7 Nov 2014 17:42:37 +0000 (18:42 +0100)]
gpg: Remove warning message for non-implemented search modes.

* kbx/keybox-search.c (keybox_search): Silently ignore.
* doc/specify-user-id.texi: Docuement '@", '+', and '.' search

5 years agow32: Fix http access module.
Werner Koch [Fri, 7 Nov 2014 17:21:50 +0000 (18:21 +0100)]
w32: Fix http access module.

* common/http.c (write_server) [W32]: Rework to use send() instead of
write even when build with npth.
(cookie_read) [W32]: Rework to use recv() instead of read even when
build with npth.

5 years agobuild: Add method to use a custom swdb.lst and use adns with Windows.
Werner Koch [Fri, 7 Nov 2014 17:20:06 +0000 (18:20 +0100)]
build: Add method to use a custom swdb.lst and use adns with Windows.

* build-aux/ Add option --skip-verify.
* build-aux/ Add config var CUSTOM_SWDB.  Tage adns version
from swdb and build for Windows with adns.

5 years agobuild: Improve test for ADNS
Werner Koch [Fri, 7 Nov 2014 17:17:52 +0000 (18:17 +0100)]
build: Improve test for ADNS

* <adns>: Use adns_free as probe function for libadns.
(HAVE_ADNS_FREE): Remove bogus tests to set this and remove the macro.
(ADNSLIBS): Do not ac_subst - it is only used within configure.

adns_free is required on Windows anyway (for robustness reasons) and
it has been around for so long now that we do not need a separate
test.  An upstream adns 1.5 has meanwhile been release but I doubt that
this has the required Windows code - and it is not libtool based

5 years agodoc: Add announce text for 2.1
Werner Koch [Thu, 6 Nov 2014 09:03:39 +0000 (10:03 +0100)]
doc: Add announce text for 2.1


5 years agospeedo: Append the date to the Windows installer.
Werner Koch [Wed, 5 Nov 2014 20:40:52 +0000 (21:40 +0100)]
speedo: Append the date to the Windows installer.

* build-aux/ (BUILD_DATESTR): New.
(dist-source, installer): Use it.

5 years agoPost release updates.
Werner Koch [Wed, 5 Nov 2014 15:46:52 +0000 (16:46 +0100)]
Post release updates.


5 years agoRelease 2.1.0 gnupg-2.1.0
Werner Koch [Wed, 5 Nov 2014 14:29:58 +0000 (15:29 +0100)]
Release 2.1.0

5 years agospeedo: Do not not assume GNU tar.
Werner Koch [Wed, 5 Nov 2014 07:56:52 +0000 (08:56 +0100)]
speedo: Do not not assume GNU tar.

Signed-off-by: Werner Koch <>
5 years agobuild: Update README.maint.
Werner Koch [Wed, 5 Nov 2014 07:42:56 +0000 (08:42 +0100)]
build: Update README.maint.

Also fixed some typos.

5 years agopo: Auto update.
Werner Koch [Wed, 5 Nov 2014 07:27:47 +0000 (08:27 +0100)]
po: Auto update.


Due to removed strings.

5 years agoAvoid sign extension when shifting the MSB.
Werner Koch [Wed, 5 Nov 2014 07:23:15 +0000 (08:23 +0100)]
Avoid sign extension when shifting the MSB.

* sm/fingerprint.c (gpgsm_get_short_fingerprint): Cast MSB before
* g10/build-packet.c (delete_sig_subpkt): Ditto.

Signed-off-by: Werner Koch <>
5 years agoRemove all expired common CA certificates.
Werner Koch [Tue, 4 Nov 2014 20:47:03 +0000 (21:47 +0100)]
Remove all expired common CA certificates.

* doc/com-certs.pem: Remove certifciates.

They might be useful for the chain validation mode but I doubt that it
is used often enough to justify having all these expired certificates
in the store.

5 years agoTypo fixes.
Werner Koch [Tue, 4 Nov 2014 20:29:58 +0000 (21:29 +0100)]
Typo fixes.


5 years agodoc: Added What's new in 2.1 article.
Werner Koch [Tue, 4 Nov 2014 20:29:45 +0000 (21:29 +0100)]
doc: Added What's new in 2.1 article.


5 years agoAdd open card manufacturer 0x0008.
Werner Koch [Tue, 4 Nov 2014 15:32:30 +0000 (16:32 +0100)]
Add open card manufacturer 0x0008.


5 years agoRemove note about estream from AUTHORS.
Werner Koch [Tue, 4 Nov 2014 15:31:44 +0000 (16:31 +0100)]
Remove note about estream from AUTHORS.


estream has been moved to libgpg-error.

5 years agoChange a couple of files to use abbreviated copyright notes.
Werner Koch [Tue, 4 Nov 2014 15:28:03 +0000 (16:28 +0100)]
Change a couple of files to use abbreviated copyright notes.


Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.

5 years agogpg: Print use --full-gen-key note using the installed name of gpg.
Werner Koch [Tue, 4 Nov 2014 09:52:46 +0000 (10:52 +0100)]
gpg: Print use --full-gen-key note using the installed name of gpg.


5 years agopo: Update French translation
David Prévot [Tue, 2 Sep 2014 02:53:18 +0000 (22:53 -0400)]
po: Update French translation

Proofread-By: Frédéric Marchal <>
Proofread-By: appzer0 <>
Proofread-By: Jean-Philippe Guérard

5 years agogpg: Avoid extra pinentries for each subkey in --export-secret-keys.
Werner Koch [Sun, 2 Nov 2014 16:51:30 +0000 (17:51 +0100)]
gpg: Avoid extra pinentries for each subkey in --export-secret-keys.

* agent/command.c (cmd_export_key): Actually implement the cache_nonce
* g10/export.c (do_export_stream): Make use of a cache_nonce.

Signed-off-by: Werner Koch <>
5 years agogpg: Fix endless loop in keylisting with fingerprint.
Werner Koch [Sun, 2 Nov 2014 15:36:40 +0000 (16:36 +0100)]
gpg: Fix endless loop in keylisting with fingerprint.

* g10/getkey.c (getkey_next): Disable cache.

Signed-off-by: Werner Koch <>
5 years agogpg: Minor cleanup for key listing related code.
Werner Koch [Sun, 2 Nov 2014 15:31:30 +0000 (16:31 +0100)]
gpg: Minor cleanup for key listing related code.

* g10/getkey.c (get_pubkey_next): Divert to getkey_next.
(get_pubkey_end): Move code to getkey_end.
* g10/keydb.c (keydb_search_reset): Add a debug statement.
(dump_search_desc): Add arg HD and print the handle.

Signed-off-by: Werner Koch <>
5 years agogpg: Do not show an useless passphrase prompt in batch mode.
Werner Koch [Sun, 2 Nov 2014 14:43:52 +0000 (15:43 +0100)]
gpg: Do not show an useless passphrase prompt in batch mode.

* g10/keygen.c: Remove unused PASSPHRASE related code.
(proc_parameter_file): Remove useless asking for a passphrase in batch

Signed-off-by: Werner Koch <>
5 years agospeedo: Use --disable-ntbtls for gnupg for now.
Werner Koch [Fri, 31 Oct 2014 20:33:18 +0000 (21:33 +0100)]
speedo: Use --disable-ntbtls for gnupg for now.


5 years agogpg: Remove superfluous check for Libgcrypt >= 1.4.0.
Werner Koch [Fri, 31 Oct 2014 13:47:02 +0000 (14:47 +0100)]
gpg: Remove superfluous check for Libgcrypt >= 1.4.0.

* g10/gpg.c (main): Remove check.

We require 1.6.0 anyway.

5 years agoAdd more signing keys.
Werner Koch [Fri, 31 Oct 2014 13:21:34 +0000 (14:21 +0100)]
Add more signing keys.

The keys which may be used to sign GnuPG packages are:

  rsa2048/4F25E3B6 2011-01-12 [expires: 2019-12-31]
  D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
  Werner Koch (dist sig)

  rsa2048/E0856959 2014-10-29 [expires: 2019-12-31]
  46CC 7308 65BB 5C78 EBAB  ADCF 0437 6F3E E085 6959
  David Shaw (GnuPG Release Signing Key) <>

  rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28]
  031E C253 6E58 0D8E A286  A9F2 2071 B08A 33BD 3F06
  NIIBE Yutaka (GnuPG Release Key) <>

  rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31]
  D238 EA65 D64C 67ED 4C30  73F2 8A86 1B1C 7EFD 60D9
  Werner Koch (Release Signing Key)

These keys are all created and used on tokens.  7EFD60D9 is currently
not used but ready to replace 4F25E3B6 in case the former token break.

5 years agokbx: Let keydb_search skip unwanted blobs.
Werner Koch [Fri, 31 Oct 2014 11:15:34 +0000 (12:15 +0100)]
kbx: Let keydb_search skip unwanted blobs.

* kbx/keybox.h (keybox_blobtype_t): New.
* kbx/keybox-defs.h (BLOBTYPE_*): Replace by KEYBOX_BLOBTYPE_*.
* kbx/keybox-search.c (keybox_search): Add arg want_blobtype and skip
non-matching blobs.
* sm/keydb.c (keydb_search): Pass KEYBOX_BLOBTYPE_X509 to keybox_search.
* g10/keydb.c (keydb_search): Pass KEYBOX_BLOBTYPE_PGP to keybox_search.

Without this fix a listing of all keys would fail because the wrong
blob type would be returned for the gpg or gpgsm.

Signed-off-by: Werner Koch <>
5 years agogpg: Fix --rebuild-keydb-caches.
Werner Koch [Fri, 31 Oct 2014 09:29:02 +0000 (10:29 +0100)]
gpg: Fix --rebuild-keydb-caches.

* g10/parse-packet.c (parse_key): Store even unsupported packet
* g10/keyring.c (keyring_rebuild_cache): Do not copy keys with
versions less than 4.

That function, which is implicitly called while checking the keydb, led
to corruption of v3 key packets in the keyring which would later spit
out "packet(6)too short" messages.

Signed-off-by: Werner Koch <>
5 years agogpg: Fix testing for secret key availability.
Werner Koch [Fri, 31 Oct 2014 08:22:47 +0000 (09:22 +0100)]
gpg: Fix testing for secret key availability.

* g10/getkey.c (have_secret_key_with_kid): Do not change the search

The search mode was accidentally changed to search-next after finding
the first keyblock.  The intention was to look for a duplicate keyid
in the keydb which works by not doing a keydb_search_reset.

Signed-off-by: Werner Koch <>
5 years agogpg: Remove commented code.
Werner Koch [Fri, 31 Oct 2014 08:14:03 +0000 (09:14 +0100)]
gpg: Remove commented code.


5 years agobuild: Avoid distributing backup files etc.
Werner Koch [Fri, 31 Oct 2014 07:04:38 +0000 (08:04 +0100)]
build: Avoid distributing backup files etc.

* (EXTRA_DIST): Do not include directories.

The make dist rules uses "cp -R" for each listed file.  Thus all cruft
from a directory is also put into the tarball.  Obviously we do not
want this.

Signed-off-by: Werner Koch <>
5 years agotests: Speed up the genkey1024.test by using not so strong random.
Werner Koch [Thu, 30 Oct 2014 08:55:51 +0000 (09:55 +0100)]
tests: Speed up the genkey1024.test by using not so strong random.

* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/ Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.

Signed-off-by: Werner Koch <>
5 years agopo: Add a new German translation
Werner Koch [Wed, 29 Oct 2014 16:10:03 +0000 (17:10 +0100)]
po: Add a new German translation

Also fixed a typo in the docs.

5 years agocommon: Check option arguments for a valid range.
Werner Koch [Wed, 29 Oct 2014 16:07:51 +0000 (17:07 +0100)]
common: Check option arguments for a valid range.

* common/argparse.h (ARGPARSE_INVALID_ARG): New.
* common/argparse.c: Include limits h and errno.h.
(initialize): Add error strings for new error constant.
(set_opt_arg): Add range checking.

Signed-off-by: Werner Koch <>
5 years agoFix stdint.h problem for Apple.
Werner Koch [Wed, 29 Oct 2014 14:41:28 +0000 (15:41 +0100)]
Fix stdint.h problem for Apple.

* gl/stdint_.h [__APPLE__]: Include hack.

Patch suggested by Patrick Brunschwig.

5 years agospeedo: Fixes for native build.
Werner Koch [Mon, 27 Oct 2014 17:02:46 +0000 (18:02 +0100)]
speedo: Fixes for native build.

* build-aux/ (TARGETOS): Init with empty string.
(speedo_pkg_gnupg_configure): Use --enable-gpg2-is-gpg only for w32.
(INST_VERSION, INST_PROD_VERSION): Create only for w32.

5 years agopo: Fixed one wrong German string.
Werner Koch [Mon, 27 Oct 2014 13:12:51 +0000 (14:12 +0100)]
po: Fixed one wrong German string.


5 years agodoc: Re-formated some NEWS entries and added update notes to some.
Werner Koch [Sun, 26 Oct 2014 19:07:16 +0000 (20:07 +0100)]
doc: Re-formated some NEWS entries and added update notes to some.


5 years agoUpdate NEWS. gnupg-2.1.0-beta895
Werner Koch [Sun, 26 Oct 2014 11:48:34 +0000 (12:48 +0100)]
Update NEWS.


5 years agopo: Auto update
Werner Koch [Sun, 26 Oct 2014 11:40:30 +0000 (12:40 +0100)]
po: Auto update


5 years agopo: Translate new string to German.
Werner Koch [Sun, 26 Oct 2014 11:40:11 +0000 (12:40 +0100)]
po: Translate new string to German.


5 years agoagent: Support pinentries with integrated repeat passphrase feature.
Werner Koch [Fri, 24 Oct 2014 14:20:20 +0000 (16:20 +0200)]
agent: Support pinentries with integrated repeat passphrase feature.

* agent/agent.h (struct pin_entry_info_s): Add fields repeat_okay and
* agent/call-pinentry.c (close_button_status_cb): Rewrite and check
for PIN_REPEAT.  Change users to check only the relevant bit.
(agent_askpin): Support repeat logic of new Pinentries.

* agent/command-ssh.c (ssh_identity_register): Use the new repeat
* agent/genkey.c (agent_ask_new_passphrase): Ditto.


If we need to confirm a passphrase entry (e.g. for new passphrase) we
set a flag into the pinentry info block.  The we try to use the new
pinentry command SETREPEATERROR; if that fails, we continue as usual.
If that succeeds we ask the pinentry to show the repeat (confirmation)
prompt and on successful return we set another flag in the pinentry
info block so that the caller can skip its own confirmation check. A
new status line from the pinentry indicates that the feature is
actually supported (it may not be supported on certain systems for
example when using the ncurses backend).

Signed-off-by: Werner Koch <>
5 years agomisc: Add logo as used with PayPal.
Werner Koch [Fri, 24 Oct 2014 07:39:22 +0000 (09:39 +0200)]
misc: Add logo as used with PayPal.


5 years agogpg: Silence "packet with obsolete versoin" warnings.
Werner Koch [Sun, 19 Oct 2014 12:17:23 +0000 (14:17 +0200)]
gpg: Silence "packet with obsolete versoin" warnings.

* g10/parse-packet.c (parse_key): Print warning only in very verbose

Signed-off-by: Werner Koch <>
5 years agogpg: Make card key generation work again.
Werner Koch [Sun, 19 Oct 2014 12:09:04 +0000 (14:09 +0200)]
gpg: Make card key generation work again.

* g10/call-agent.c (agent_scd_learn): Rename from agent_learn.
(agent_learn): New.
* g10/keygen.c (gen_card_key): Call new agent-learn.

Without a shadow key we can't create the self-signatures.  Thus we
need to issue the learn command after each key generation.

Signed-off-by: Werner Koch <>
5 years agodirmngr: Allow building without LDAP support.
Werner Koch [Fri, 17 Oct 2014 13:59:45 +0000 (15:59 +0200)]
dirmngr: Allow building without LDAP support.

* Add option --disable-ldap.
(USE_LDAP): New ac_define and am_conditional.
* dirmngr/ Take care of USE_LDAP.
* dirmngr/dirmngr.c (!USE_LDAP): Make all ldap options dummy options
and do not call any ldap function.
* dirmngr/server.c (!USE_LDAP): Do not call any ldap function.
* dirmngr/crlfetch.c (!USE_LDAP): Ditto.

Signed-off-by: Werner Koch <>
5 years agow32: Set SYSROOT to help finding config scripts.
Werner Koch [Fri, 17 Oct 2014 13:55:08 +0000 (15:55 +0200)]
w32: Set SYSROOT to help finding config scripts.

* <build-w32>: Set SYSROOT.

5 years agogpg: Remove all support for v3 keys and always create v4-signatures.
Werner Koch [Sun, 12 Oct 2014 18:07:12 +0000 (20:07 +0200)]
gpg: Remove all support for v3 keys and always create v4-signatures.

* g10/build-packet.c (do_key): Remove support for building v3 keys.
* g10/parse-packet.c (read_protected_v3_mpi): Remove.
(parse_key): Remove support for v3-keys.  Add dedicated warnings for
v3-key packets.
* g10/keyid.c (hash_public_key): Remove v3-key support.
(keyid_from_pk): Ditto.
(fingerprint_from_pk): Ditto.

* g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs.
* g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs,
oForceV4Certs, oNoForceV4Certs.
(opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs,
--no-force-v4-certs int dummy options.
(main): Remove setting of the force_v3_sigs force_v4_certs flags.
* g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs.
* g10/sign.c (hash_uid): Remove support for v3-signatures
(hash_sigversion_to_magic): Ditto.
(only_old_style): Remove this v3-key function.
(write_signature_packets): Remove support for creating v3-signatures.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
(clearsign_file): Ditto.  Remove code to emit no Hash armor line if
only v3-keys are used.
(make_keysig_packet): Remove arg SIGVERSION and force using
v4-signatures.  Change all callers to not pass a value for this arg.
Remove all v3-key related code.
(update_keysig_packet): Remove v3-signature support.
* g10/keyedit.c (sign_uids): Always create v4-signatures.

* g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and
change caller.

v3 keys are deprecated for about 15 years and due the severe
weaknesses of MD5 it does not make any sense to keep code around to
use these old and broken keys.  Users who need to decrypt old messages
should use gpg 1.4 and best re-encrypt them to modern standards.
verification of old (i.e. PGP2) created signatures is thus also not
anymore possible but such signatures have no values anyway - MD5 is
just too broken.

We have also kept support for v3 signatures until now.  With the
removal of support for v3 keys it is questionable whether it makes any
sense to keep support for v3-signatures.  What we do now is to keep
support for verification of v3-signatures but we force the use of
v4-signatures.  The latter makes the --pgp6 and --pgp7 switch a bit
obsolete because those PGP versions require v3-signatures for
messages.  These versions of PGP are also really old and not anymore
maintained so they have not received any bug fixes and should not be
used anyway.

Signed-off-by: Werner Koch <>
5 years agodirmngr: Minor usage output fix.
Werner Koch [Fri, 17 Oct 2014 11:31:07 +0000 (13:31 +0200)]
dirmngr: Minor usage output fix.


5 years agodoc: Minor doc fix for --quick-lsign-key.
Werner Koch [Wed, 15 Oct 2014 14:22:03 +0000 (16:22 +0200)]
doc: Minor doc fix for --quick-lsign-key.


5 years agogpg: Remove extra RSA import status line.
Werner Koch [Mon, 13 Oct 2014 13:00:39 +0000 (15:00 +0200)]
gpg: Remove extra RSA import status line.

* g10/import.c (stats_s): Remove field "imported_rsa".
(import_print_stats): Do not print separate value for RSA.
(import_one): Remove the RSA counter.

RSA is the standard key format and thus there is no more need to have
a separate counter.  This is a remain from the RSA patent times.

Signed-off-by: Werner Koch <>
5 years agogpg: Fix informative printing of user ids.
Werner Koch [Mon, 13 Oct 2014 12:54:26 +0000 (14:54 +0200)]
gpg: Fix informative printing of user ids.

* g10/getkey.c (keyid_list): Add field "fpr".
(cache_user_id): Store fpr and check for dups only by fpr.
(get_pubkey_byfpr): New.
(get_user_id_string): Make static and use xasprintf.
(get_long_user_id_string): Use xasprintf.
(get_user_id_byfpr): New.
(get_user_id_byfpr_native): New.
* g10/keyid.c (fingerprint_from_pk): Make arg RET_LEN optional.
* g10/import.c (import_one): Use get_user_id_byfpr_native.

We now cache the userids using the fingerprint.  This allows to print
the correct user id for keys with a duplicated key id.  We should
eventually start to retire the use of all the old keyid based
functions.  However, at some places we only have the keyid and thus
some of them will need to be kept (maybe changed with an indication to
show that more than several user ids are matching).

Signed-off-by: Werner Koch <>
5 years agogpg: Allow importing keys with duplicated long key ids.
Werner Koch [Mon, 13 Oct 2014 12:01:29 +0000 (14:01 +0200)]
gpg: Allow importing keys with duplicated long key ids.

* g10/keydb.c (keydb_handle): Add field no_caching.
(keyblock_cache): Repalce field kid by fpr.
(keydb_disable_caching): New.
(keydb_search): Use the fingerprint as cache index.

* g10/import.c (import_one): Use the fingerprint and not the kid to
lookup the key.  Call keydb_disable_caching beofre re-searching for

* tests/openpgp/import.test: Add a test case.

Signed-off-by: Werner Koch <>
5 years agotests: Add sample keys with colliding long keu ids.
Werner Koch [Mon, 13 Oct 2014 11:56:47 +0000 (13:56 +0200)]
tests: Add sample keys with colliding long keu ids.


Thanks to David Leon Gil <> who posted these keys to on Fri, 13 Dec 2013 07:09:54 -0800 (PST).

5 years agotests: Speed up conventional encryption tests for gpg.
Werner Koch [Mon, 13 Oct 2014 09:45:34 +0000 (11:45 +0200)]
tests: Speed up conventional encryption tests for gpg.

* tests/openpgp/conventional-mdc.test: Add an s2k-count option.
* tests/openpgp/conventional.test: Ditto.

Due to measuring the iteration count for the passphrase hashing, the
conventional encryption tests are running quite slow.  This patch
fixes it by using a fixed and lower value for the iteration count.

Signed-off-by: Werner Koch <>
5 years agogpg: Minor change for better readability.
Werner Koch [Sun, 12 Oct 2014 17:15:20 +0000 (19:15 +0200)]
gpg: Minor change for better readability.

* g10/build-packet.c (write_version): Remove.
(do_pubkey_enc, do_onepass_sig): Write version directly.

Signed-off-by: Werner Koch <>
5 years agoUse a unique capitalization for "Note:".
Werner Koch [Fri, 10 Oct 2014 13:29:42 +0000 (15:29 +0200)]
Use a unique capitalization for "Note:".


5 years agopo: Fix some grammar buglets in the German translation.
Werner Koch [Fri, 10 Oct 2014 13:02:02 +0000 (15:02 +0200)]
po: Fix some grammar buglets in the German translation.


Reported-by: Thomas Gries
  "GnuPG erstellt eine User-ID,[Komma fehlt] um Ihren Schlüssel …"
  "Die Karte wird nun konfiguriert,[<<< Komma fehlt] um einen  …"
  in gpg-agent
  "verbite" → "verbiete"
  in gpg-agent --help

  ich fände eine einheitliche Groß- bzw. Kleinschreibung der Befehle
  besser, derzeit gibt es einen Mix aus Groß- und Kleinschreibung
  "Benutze... ", "benutze..." usw:

Item 3 was already fixed.  Also fixed some capitalization

Signed-off-by: Werner Koch <>
5 years agodoc: Fix a man page rendering problem.
Werner Koch [Fri, 10 Oct 2014 11:51:19 +0000 (13:51 +0200)]
doc: Fix a man page rendering problem.

* doc/gpg-agent.texi (Agent Configuration): Fix rendering of the
sshcontrol example.

5 years agogpg: Add build and runtime support for larger RSA keys
Daniel Kahn Gillmor [Thu, 9 Oct 2014 20:54:15 +0000 (16:54 -0400)]
gpg: Add build and runtime support for larger RSA keys

* Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.


This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from
STABLE-BRANCH-1-4 against master

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732

5 years agogpg: Skip overlong keys and a print a warning.
Werner Koch [Thu, 9 Oct 2014 19:01:49 +0000 (21:01 +0200)]
gpg: Skip overlong keys and a print a warning.

* kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too
long blobs.
* sm/keydb.c (keydb_search): Call keybox_search with a dummy param.
* g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs.
(keydb_search_reset): Reset that field.
(keydb_search): Update that field.
(keydb_get_skipped_counter): New.
* g10/keylist.c (list_all): Print count of skipped keys.

Signed-off-by: Werner Koch <>
5 years agogpg: Sync keylist output and warning messages.
Werner Koch [Thu, 9 Oct 2014 18:57:02 +0000 (20:57 +0200)]
gpg: Sync keylist output and warning messages.

* g10/keylist.c (list_all): Flush stdout before logging.
* g10/misc.c (print_pubkey_algo_note): Ditto.
(print_cipher_algo_note): Ditto.
(print_digest_algo_note): Ditto.
(print_md5_rejected_note): Ditto.

Signed-off-by: Werner Koch <>
5 years agokbx: Fix handling of overlong keys.
Werner Koch [Thu, 9 Oct 2014 18:19:05 +0000 (20:19 +0200)]
kbx: Fix handling of overlong keys.

* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 10^6 to 2MiB.
(_keybox_read_blob2): Skip too long record records.
(_keybox_write_blob): Do not accept too long record.
* kbx/keybox-dump.c (file_stats_s): Add field skipped_long_blobs.
(_keybox_dump_file): Print new counter.
(_keybox_dump_file): Skip too long records.

To test this feature you may set the limit back to 1MiB and use key
F7F0E70F307D56ED which is in my local copy close to 2MiB.  Without
this patch it was possible to import the key but access to that key
and all keys stored after it was not possible.

Signed-off-by: Werner Koch <>
5 years agogpg: Take care to use pubring.kbx if it has ever been used.
Werner Koch [Thu, 9 Oct 2014 17:10:32 +0000 (19:10 +0200)]
gpg: Take care to use pubring.kbx if it has ever been used.

* kbx/keybox-defs.h (struct keybox_handle): Add field for_openpgp.
* kbx/keybox-file.c (_keybox_write_header_blob): Set openpgp header
* kbx/keybox-blob.c (_keybox_update_header_blob): Add arg for_openpgp
and set header flag.
* kbx/keybox-init.c (keybox_new): Rename to do_keybox_new, make static
and add arg for_openpgp.
(keybox_new_openpgp, keybox_new_x509): New.  Use them instead of the
former keybox_new.
* kbx/keybox-update.c (blob_filecopy): Add arg for_openpgp and set the
openpgp header flags.

* g10/keydb.c (rt_from_file): New.  Factored out and extended from
(keydb_add_resource): Switch to the kbx file if it has the openpgp
flag set.

* kbx/keybox-dump.c (dump_header_blob): Print header flags.

The problem was reported by dkg on gnupg-devel (2014-10-07):

  I just discovered a new problem, though, which will affect people on
  systems that have gpg and gpg2 coinstalled:

   0) create a new keyring with gpg2, and use it exclusively with gpg2
  for a while.
   1) somehow (accidentally?) use gpg (1.4.x) again -- this creates
   2) future runs of gpg2 now only look at pubring.gpg and ignore
  pubring.kbx -- the keys you had accumulated in the keybox are no
  longer listed in the output of gpg2 --list-keys

Note that gpgsm has always used pubring.kbx and thus this file might
already be there but without gpg ever inserted a key.  The new flag in
the KBX header gives us an indication whether a KBX file has ever been
written by gpg >= 2.1.  If that is the case we will use it instead of
the default pubring.gpg.

Signed-off-by: Werner Koch <>
5 years agogpg: Change wording of a migration error message.
Werner Koch [Thu, 9 Oct 2014 08:56:25 +0000 (10:56 +0200)]
gpg: Change wording of a migration error message.


5 years agodoc: Add missing entry for allow-preset-passphase
Kristian Fiskerstrand [Tue, 7 Oct 2014 18:37:16 +0000 (20:37 +0200)]
doc: Add missing entry for allow-preset-passphase


5 years agoAvoid unnecessary library linkage
Daniel Kahn Gillmor [Wed, 8 Oct 2014 07:12:51 +0000 (03:12 -0400)]
Avoid unnecessary library linkage

* dirmngr/ Avoid $(DNSLIBS) for dirmngr_ldap
* g10/ $(LIBREADLINE) is only for gpg2; gpgv2 does not
* sm/ gpgsm does not need $(ZLIBS)
* tools/ gpgconf does not need $(NPTH_LIBS)


In the course of building GnuPG 2.1.0 beta864 on debian, i found that
several of the installed executables were linked to libraries that
they did not need to be linked to, which would cause unnecessary
package dependencies at runtime.

The changeset here removes these unnecessary libraries from linking.

Something similar could possibly also be done by passing --as-needed
to the linker, but trimming the depenencies seems more parsimonious.

5 years agogpg: Avoid error exit if keygrip computations fails in a key listing.
Werner Koch [Wed, 8 Oct 2014 19:40:34 +0000 (21:40 +0200)]
gpg: Avoid error exit if keygrip computations fails in a key listing.

* g10/keyid.c (keygrip_from_pk): Use log_info and clear array on error.

This may happen due to algorithms or curves not supported by
Libgcrypt.  We should only print a warning and not have gpg return
with failure for a secret key listing.

Signed-off-by: Werner Koch <>
5 years agodoc: Minor fix.
Werner Koch [Fri, 3 Oct 2014 18:19:08 +0000 (20:19 +0200)]
doc: Minor fix.


Due to todays reminder:

  On Tue 2014-04-22 18:46:15 -0400, Daniel Kahn Gillmor wrote:
  > With --trust-model=always, all keys and user IDs are considered
  > automatically valid; they are not automatically trusted (setting
  > universal ownertrust to anything other than "ultimate" would be
  > insufficient to acheive the effect of --trust-model=always, due to
  > --max-cert-depth and certificate path reachability).
  > Thanks to Nicolai Josuttis for pointing out this documentation

5 years agoRelease 2.1.0-beta864. gnupg-2.1.0-beta864
Werner Koch [Fri, 3 Oct 2014 13:45:32 +0000 (15:45 +0200)]
Release 2.1.0-beta864.

5 years agospeedo: Add INSTALL_PREFIX feature.
Werner Koch [Fri, 3 Oct 2014 13:30:38 +0000 (15:30 +0200)]
speedo: Add INSTALL_PREFIX feature.


With this it is now possible build and install gnupg 2.1 properly
below /usr/local:

  make -f TOPSRC/build-aux/ native INSTALL_PREFIX=/usr/local

Of course you need installation priviliges for the /usr/local tree.

5 years agogpg: Allow creating a cert-only primary key.
Werner Koch [Fri, 3 Oct 2014 13:05:47 +0000 (15:05 +0200)]
gpg: Allow creating a cert-only primary key.

* g10/keygen.c (ask_key_flags): Allow a 'c' in direct entry.

GnuPG-bug-id: 1726

5 years agoSome doc fixes and a fix for "make distcheck".
Werner Koch [Fri, 3 Oct 2014 11:02:06 +0000 (13:02 +0200)]
Some doc fixes and a fix for "make distcheck".


5 years agobuild: Add configure options --disable-{ntb,gnu}tls.
Werner Koch [Fri, 3 Oct 2014 10:35:22 +0000 (12:35 +0200)]
build: Add configure options --disable-{ntb,gnu}tls.

* Add --disable-ntbtls and --disable-gnutls.

5 years agogpg: Check gpg-agent version before 2.1 migration.
Andre Heinecke [Fri, 19 Sep 2014 17:38:13 +0000 (19:38 +0200)]
gpg: Check gpg-agent version before 2.1 migration.

* g10/call-agent.c, g10/call-agent.h (agent_get_version): New.
* g10/migrate.c (migrate_secring): Abort migration if
agent_get_version returns not at least 2.1.0

GnuPG-bug-id: 1718

On the first installation of GnuPG 2.1 it is likely that an
old gpg-agent is still running in the environment. In that
case the migration would fail.

Signed-off-by: Andre Heinecke <>
5 years agopo: Auto update translations.
Werner Koch [Fri, 3 Oct 2014 10:13:25 +0000 (12:13 +0200)]
po: Auto update translations.


5 years agopo: Update German translation.
Werner Koch [Fri, 3 Oct 2014 10:13:05 +0000 (12:13 +0200)]
po: Update German translation.

5 years agoRemove support for the GPG_AGENT_INFO envvar.
Werner Koch [Fri, 3 Oct 2014 09:58:58 +0000 (11:58 +0200)]
Remove support for the GPG_AGENT_INFO envvar.

* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options.  Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket

The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.

5 years agogpg: Fix regression removing SHA256.
Werner Koch [Thu, 2 Oct 2014 17:17:34 +0000 (19:17 +0200)]
gpg: Fix regression removing SHA256.

* g10/misc.c (map_md_openpgp_to_gcry): Always use SHA256.

Regression due to commit d33246700578cddd1cb8ed8164cfbba50aba4ef3

GnuPG-bug-id: 1733.

5 years agoFirst changes for future use of NTBTLS.
Werner Koch [Thu, 2 Oct 2014 15:33:57 +0000 (17:33 +0200)]
First changes for future use of NTBTLS.

(HTTP_USE_NTBTLS): New.  Prefer over GNUTLS.
* m4/ntbtls.m4: New.
* m4/ (EXTRA_DIST): Add new file.
* common/http.c: Add conditionals to eventually use NTBTLS.

This is only the configure stuff.  If you have NTBTLS installed GNUTLS
will not be used but there won't be any https support either :-(.
This patch is used to have a real world test bench for the forthcoming

5 years agobuild: Update m4 scripts
Werner Koch [Thu, 2 Oct 2014 14:17:45 +0000 (16:17 +0200)]
build: Update m4 scripts

* m4/gpg-error.m4: Update from Libgpg-error git master.
* m4/libgcrypt.m4: Update from Libgcrypt git master.
* Declare SYSROOT a precious variable.  Add extra error
message for library configuration mismatches.

5 years agodoc: Remove GnuPG-1 related parts from gpg.texi.
Werner Koch [Mon, 29 Sep 2014 09:49:50 +0000 (11:49 +0200)]
doc: Remove GnuPG-1 related parts from gpg.texi.

* doc/ (YAT2M_OPTIONS): Add 2.1 to the source info.
* doc/gpg.texi: Remove gpg1 related texts.

5 years agogpg: Default to SHA-256 for all signature types on RSA keys.
Werner Koch [Sat, 27 Sep 2014 13:21:02 +0000 (15:21 +0200)]
gpg: Default to SHA-256 for all signature types on RSA keys.

* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
strict RFC or PGP modes.
* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
RSA key signatures.
* Do not allow to disable sha256.

5 years agogpg: Simplify command --gen-key and add --full-gen-key.
Werner Koch [Sat, 27 Sep 2014 13:14:13 +0000 (15:14 +0200)]
gpg: Simplify command --gen-key and add --full-gen-key.

* g10/gpg.c (aFullKeygen): New.
(opts): Add command --full-key-gen.
(main): Implement it.
* g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although
the value is identical.
(quick_generate_keypair): Use new macros here.
(generate_keypair): Add arg "full" and fix call callers. Do not ask
for keysize in non-full node.
(ask_user_id): Add arg "full" and simplify for non-full mode.

5 years agodoc: Update the file OpenPGP
Werner Koch [Sat, 27 Sep 2014 09:17:07 +0000 (11:17 +0200)]
doc: Update the file OpenPGP


It should actually be completey reworked but for now I added just a
few notes.

5 years agogpg: Add shortcut for setting key capabilities.
Werner Koch [Fri, 26 Sep 2014 12:43:48 +0000 (14:43 +0200)]
gpg: Add shortcut for setting key capabilities.

* g10/keygen.c (ask_key_flags): Add shortcut '='.
* doc/help.txt (gpg.keygen.flags): New.

5 years agogpg: Do not always print dashes in obsolete_option.
Werner Koch [Thu, 25 Sep 2014 20:13:03 +0000 (22:13 +0200)]
gpg: Do not always print dashes in obsolete_option.

* g10/gpg.c (main): Pass option names to obsolete_option without
double dash.
* g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double
dash only for command line options.

5 years agogpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
Daniel Kahn Gillmor [Thu, 25 Sep 2014 18:45:37 +0000 (14:45 -0400)]
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.

* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.


In gpg2, the following options are only relevant for scdaemon:


but in gpg1, they are options for gpg itself.

Some users of gpg1 might have these options in their
~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
config file.

gpg2 should not fail hard, though giving a warning (and suggesting a
move to scdaemon.conf) seems OK.

This patch does *not* reintroduce any documentation for these options
in gpg.texi, even to indicate that they are "dummy" options, since
scdaemon.texi contains the appropriate documentation.

Debian-bug-id: 762844

- Program names factored out from obsolete_scdaemon_option to make
  reuse without new translations easier. -wk

5 years agobuild: Change urlbase of
Werner Koch [Thu, 25 Sep 2014 06:44:57 +0000 (08:44 +0200)]
build: Change urlbase of


5 years agoReformat README and minor gpg.texi improvement.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Reformat README and minor gpg.texi improvement.


The second thing is to explain the file names below under

5 years agoRegister DCO for Daniel Kahn Gillmor.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Register DCO for Daniel Kahn Gillmor.


5 years agospeedo: Check that wget and gpgv are installed.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
speedo: Check that wget and gpgv are installed.

* build-aux/ Check for required tools.

5 years agospeedo: Autodetect sha1sum tools.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
speedo: Autodetect sha1sum tools.

* build-aux/ Add option --find-sha1sum.
* build-aux/ (check-tools): New phony target.  Not yet used.
(SHA1SUM): New var.  Use it instead of sha1sum.

5 years agogpg: Create default keyring with .kbx suffix.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: Create default keyring with .kbx suffix.

* g10/keydb.c (maybe_create_keyring_or_box): Rename arg for clarity.
(keydb_add_resource): Fix order of args to maybe_create_keyring_or_box
and check and create .kbx.

5 years agodoc: Fix --secret-keyring option for 2.1
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
doc: Fix --secret-keyring option for 2.1


5 years agogpg: --delete-secret-key - check that a secret key exists.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: --delete-secret-key - check that a secret key exists.

* g10/delkey.c (do_delete_key): Check availibility of a secret key.

Actually we check that at least one secret subkey exists.

5 years agogpg: Make algorithm selection prompt for ECC more clear.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
gpg: Make algorithm selection prompt for ECC more clear.

* g10/keygen.c (ask_algo): Change 9 to "ECC and ECC".

5 years agoRegister DCO for Andre Heinecke.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Register DCO for Andre Heinecke.