8 years agoFixed gpg-agent SCD inquire command cancellation.
Ben Kibbey [Sat, 9 Jul 2011 12:25:22 +0000 (08:25 -0400)]
Fixed gpg-agent SCD inquire command cancellation.

Need to send the CANCEL command back to scdaemon otherwise the next SCD
command will fail.

8 years agoFix crash while reading unsupported ssh keys.
Werner Koch [Fri, 22 Jul 2011 07:29:40 +0000 (09:29 +0200)]
Fix crash while reading unsupported ssh keys.

This bug was found by n-roeser at
(gnupg-devel@, msgid

8 years agoTry to get the only-valid-if-cert-valid cert from the dirmngr first.
Werner Koch [Thu, 21 Jul 2011 08:24:03 +0000 (10:24 +0200)]
Try to get the only-valid-if-cert-valid cert from the dirmngr first.

This should always work because the dirmngr asked us to validate the
given certificate.  This should make OCSP configuration easier because
there is less requirement to install all certificates for Dirmngr and

CAUTION:  This code has not yet been tested.

8 years agoAllow listing of ssh fingerprint with the agent's KEYINFO command.
Werner Koch [Wed, 20 Jul 2011 19:13:24 +0000 (21:13 +0200)]
Allow listing of ssh fingerprint with the agent's KEYINFO command.

8 years agoSupport a confirm flag for ssh.
Werner Koch [Wed, 20 Jul 2011 18:49:41 +0000 (20:49 +0200)]
Support a confirm flag for ssh.

This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.

8 years agoNew functions to compute an ssh style fingerprint.
Werner Koch [Wed, 20 Jul 2011 14:40:29 +0000 (16:40 +0200)]
New functions to compute an ssh style fingerprint.

8 years agoPrint decoded S2K count in --list-packets mode.
Werner Koch [Mon, 18 Jul 2011 08:57:33 +0000 (10:57 +0200)]
Print decoded S2K count in --list-packets mode.

Fixes bug#1355.

8 years agoClarify documentation of --keyid-format.
Werner Koch [Mon, 18 Jul 2011 08:38:14 +0000 (10:38 +0200)]
Clarify documentation of --keyid-format.

Fixes bug#1354.

8 years agoDocument OPTION s2k-count
Werner Koch [Wed, 29 Jun 2011 11:23:41 +0000 (13:23 +0200)]
Document OPTION s2k-count

8 years agoAdded gpg-agent OPTION "s2k-count".
Ben Kibbey [Wed, 29 Jun 2011 00:35:13 +0000 (20:35 -0400)]
Added gpg-agent OPTION "s2k-count".

When unset or 0, the calibrated count will be used.

8 years agoFixed an URL typo in the FAQ.
Werner Koch [Tue, 28 Jun 2011 08:32:46 +0000 (10:32 +0200)]
Fixed an URL typo in the FAQ.

8 years agodoc/gpgsm.texi com-certs.pem mini-fix
Bernhard Reiter [Wed, 22 Jun 2011 10:18:50 +0000 (12:18 +0200)]
doc/gpgsm.texi com-certs.pem mini-fix

[[PGP Signed Part:Undecided]]
[1. text/plain]

Example path for com-certs.pem corrected.
[2. text/x-diff; doc.diff]

8 years agoAdd question "What are DH/DSS keys?"
Werner Koch [Mon, 27 Jun 2011 13:56:47 +0000 (15:56 +0200)]
Add question "What are DH/DSS keys?"

... and the answer of course.

8 years agoAllow generation of card keys up to 4096 bit.
Werner Koch [Thu, 16 Jun 2011 12:27:33 +0000 (14:27 +0200)]
Allow generation of card keys up to 4096 bit.

This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg.  This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.

Note: the card key generation in gpg is currently broken.  The keys
are generated but it is not possible to create the self-signature
because at that time the gpg-agent does not yet know about the new
keys and thus can't divert the sign request to the card.  We either
need to run the learn command right after calling agent_scd_genkey or
implement a way to sign using the currently inserted card.  Another
option would be to get rid of agent_scd_genkey and implement the
feature directly in agent_genkey.

8 years agoFix for latest fix in Libgcrypt.
Werner Koch [Mon, 13 Jun 2011 12:54:40 +0000 (14:54 +0200)]
Fix for latest fix in Libgcrypt.

8 years agoRevert latest po add-line-number patch.
Werner Koch [Mon, 13 Jun 2011 12:49:37 +0000 (14:49 +0200)]
Revert latest po add-line-number patch.

To avoid this in the future, everyone should really use the clean-po
filter as installed with ./ .  Thanks.

8 years agoFix size_t vs int issues.
Marcus Brinkmann [Wed, 1 Jun 2011 19:43:30 +0000 (21:43 +0200)]
Fix size_t vs int issues.

8 years agopo
Marcus Brinkmann [Wed, 1 Jun 2011 13:47:41 +0000 (15:47 +0200)]

8 years agodd
Marcus Brinkmann [Wed, 1 Jun 2011 13:45:24 +0000 (15:45 +0200)]

8 years agoAdd missing LIBGCRYPT_CFLAGS for dirmngr_ldap.
Marcus Brinkmann [Wed, 1 Jun 2011 13:44:52 +0000 (15:44 +0200)]
Add missing LIBGCRYPT_CFLAGS for dirmngr_ldap.

8 years agoAdd LIBICONV to LDFLAGS.
Marcus Brinkmann [Wed, 1 Jun 2011 13:43:22 +0000 (15:43 +0200)]

8 years agoMerge branch 'master' of git+ssh://
Werner Koch [Fri, 20 May 2011 08:30:36 +0000 (10:30 +0200)]
Merge branch 'master' of git+ssh://

8 years agoRequire libgpg-error 1.10
Werner Koch [Fri, 20 May 2011 08:14:21 +0000 (10:14 +0200)]
Require libgpg-error 1.10

This allows to remove some error code substitutes.
Fixed a typo in gpg.text.

8 years agoMerge dirmgr cs.po into gnupg cs.po.
Marcus Brinkmann [Wed, 11 May 2011 23:34:04 +0000 (01:34 +0200)]
Merge dirmgr cs.po into gnupg cs.po.

8 years agoAdd fixme note regarding pth_kill
Werner Koch [Fri, 29 Apr 2011 14:44:28 +0000 (16:44 +0200)]
Add fixme note regarding pth_kill

8 years agoMerge branch 'wk-gpg-keybox'
Werner Koch [Fri, 29 Apr 2011 13:10:36 +0000 (15:10 +0200)]
Merge branch 'wk-gpg-keybox'

8 years agoRe-indentation of keydb.c and error code changes.
Werner Koch [Fri, 29 Apr 2011 13:07:11 +0000 (15:07 +0200)]
Re-indentation of keydb.c and error code changes.

Returning -1 as an error code is not very clean given that gpg error
has more descriptive error codes.  Thus we now return
GPG_ERR_NOT_FOUND for all search operations and adjusted all callers.

8 years agoFix import stat counter and abort secret key import on merge-only error case.
Marcus Brinkmann [Fri, 29 Apr 2011 10:02:46 +0000 (12:02 +0200)]
Fix import stat counter and abort secret key import on merge-only error case.

8 years agoGive sensible error messages when trying to delete secret key.
Marcus Brinkmann [Fri, 29 Apr 2011 10:01:52 +0000 (12:01 +0200)]
Give sensible error messages when trying to delete secret key.

8 years agoUpdate OpenPGP parser to support ECC
Werner Koch [Thu, 28 Apr 2011 18:21:14 +0000 (20:21 +0200)]
Update OpenPGP parser to support ECC

8 years agoRemoved memory leak in the ECDH code.
Werner Koch [Thu, 28 Apr 2011 08:51:14 +0000 (10:51 +0200)]
Removed memory leak in the ECDH code.

8 years agoFixed regression in OpenPGP secret key export.
Werner Koch [Tue, 26 Apr 2011 18:33:46 +0000 (20:33 +0200)]
Fixed regression in OpenPGP secret key export.

The protection used in the exported key used a different iteration
count than given in the S2K field.  Thus all OpenPGP keys exported
from GnuPG 2.1-beta can't be imported again.  Given that the actual
secret key material is kept in private-keys-v1.d/ the can be
re-exported with this fixed version.

8 years agoFix regression in gpg's mail address parsing.
Werner Koch [Mon, 25 Apr 2011 21:56:47 +0000 (23:56 +0200)]
Fix regression in gpg's mail address parsing.

Since 2009-12-08 gpg was not able to find email addresses indicated
by a leading '<'.  This happened when I merged the user id
classification code of gpgsm and gpg.

8 years agoAdd OPTION:cache-ttl-opt-preset to gpg-agent.
Werner Koch [Thu, 21 Apr 2011 13:40:48 +0000 (15:40 +0200)]
Add OPTION:cache-ttl-opt-preset to gpg-agent.

This option may be used to change the default ttl values use with the
--preset option of GENKEY and PASSWD.

8 years ago2011-04-20 Marcus Brinkmann <>
Marcus Brinkmann [Wed, 20 Apr 2011 20:41:22 +0000 (22:41 +0200)]
2011-04-20  Marcus Brinkmann  <>

        * keylist.c (list_keyblock_colon): Use get_ownertrust_info, not
        get_ownertrust (which lead to binary zeroes in the output!).

8 years agoFix gpg-agent secure memory leak in OpenPGP private key import.
Marcus Brinkmann [Wed, 20 Apr 2011 09:33:09 +0000 (11:33 +0200)]
Fix gpg-agent secure memory leak in OpenPGP private key import.

2011-04-20  Marcus Brinkmann  <>

        * command.c (cmd_import_key): Release key from failed import
        before converting openpgp private key in the openpgp-private-key

8 years agoAnother PASSWD --preset fix.
Ben Kibbey [Sun, 17 Apr 2011 20:48:44 +0000 (16:48 -0400)]
Another PASSWD --preset fix.

Check for an error before presetting the passphrase.

8 years agoFixed PASSWD --preset.
Ben Kibbey [Wed, 13 Apr 2011 00:02:05 +0000 (20:02 -0400)]
Fixed PASSWD --preset.

The previous patch required that the keygrip be cached before adding the
new passphrase to the cache. No more.

8 years agoUse macros for the 120 and 900s cache TTLs.
Werner Koch [Tue, 12 Apr 2011 16:20:46 +0000 (18:20 +0200)]
Use macros for the 120 and 900s cache TTLs.

8 years agoAdded PASSWD --preset.
Ben Kibbey [Sun, 10 Apr 2011 20:06:18 +0000 (16:06 -0400)]
Added PASSWD --preset.

8 years agoAdded GENKEY --preset to add the passphrase of the generated key to the cache.
Ben Kibbey [Sun, 10 Apr 2011 13:37:18 +0000 (09:37 -0400)]
Added GENKEY --preset to add the passphrase of the generated key to the cache.

8 years agoAdded KEYINFO field to show the protection type of a key. This differs from the secon...
Ben Kibbey [Wed, 6 Apr 2011 23:23:05 +0000 (19:23 -0400)]
Added KEYINFO field to show the protection type of a key. This differs from the second field which shows the location of the key.

8 years agoAdd code for explicit selection of pooled A records.
Werner Koch [Tue, 12 Apr 2011 14:30:08 +0000 (16:30 +0200)]
Add code for explicit selection of pooled A records.

To better cope with round robin pooled A records like
we need to keep some information on unresponsive hosts etc.  What we
do now is to resolve the hostnames, remember them and select a random
one.  If a host is dead it will be marked and a different one
selected.  This is intended to solve the problem of long timeouts due
to unresponsive hosts.

The code is not yet finished but selection works.

8 years agoDetect premature EOF while parsing corrupted key packets.
Werner Koch [Wed, 23 Mar 2011 09:07:59 +0000 (10:07 +0100)]
Detect premature EOF while parsing corrupted key packets.

This helps in the case of an unknown key algorithm with a corrupted
packet which claims a longer packet length.  This used to allocate the
announced packet length and then tried to fill it up without detecting
an EOF, thus taking quite some time.  IT is easy to fix, thus we do
it.  However, there are many other ways to force gpg to use large
amount of resources; thus as before it is strongly suggested that the
sysadm uses ulimit do assign suitable resource limits to the gpg
process.  Suggested by Timo Schulz.

8 years agoMake use of gcry_kdf_derive.
Werner Koch [Thu, 10 Mar 2011 17:39:34 +0000 (18:39 +0100)]
Make use of gcry_kdf_derive.

Factoring common code out is always a Good Thing.  Also added a
configure test to print an error if gcry_kdf_derive is missing in

8 years agoSupport pkcs#12 import of PBES2 encoded data.
Werner Koch [Thu, 10 Mar 2011 14:27:10 +0000 (15:27 +0100)]
Support pkcs#12 import of PBES2 encoded data.

This is so that we read compatible with gnutls's certtool.  Only
AES-128 is supported.  The latest Libgcrypt from git is required.

Fixes bug#1321.

8 years agoPost beta release updates
Werner Koch [Tue, 8 Mar 2011 13:00:04 +0000 (14:00 +0100)]
Post beta release updates

8 years agoPrepare for 1.5.0beta2 gnupg-2.1.0beta2
Werner Koch [Tue, 8 Mar 2011 11:56:45 +0000 (12:56 +0100)]
Prepare for 1.5.0beta2

8 years agoRequire libgcrypt 1.5
Werner Koch [Tue, 8 Mar 2011 11:23:59 +0000 (12:23 +0100)]
Require libgcrypt 1.5

Without Libgcrypt 1.5 is was not possible to use ECC keys.  ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.

Also fixed a few missing prototypes.

8 years agoAdded option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will...
Ben Kibbey [Fri, 4 Mar 2011 03:20:08 +0000 (22:20 -0500)]
Added option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will be truncated to the first encountered null byte.

8 years agoNew agent option pinentry-mode.
Werner Koch [Thu, 3 Mar 2011 17:35:08 +0000 (18:35 +0100)]
New agent option pinentry-mode.

This provides the framework and implements the ask, cancel and error.
loopback will be implemented later.

8 years agoPrint the secret keyinfo stuff with --card-status again.
Werner Koch [Thu, 3 Mar 2011 15:16:24 +0000 (16:16 +0100)]
Print the secret keyinfo stuff with --card-status again.

8 years agoMinor code cleanups.
Werner Koch [Thu, 3 Mar 2011 11:57:31 +0000 (12:57 +0100)]
Minor code cleanups.

* keyid.c (hash_public_key): Remove shadowing NBITS.

* misc.c (pubkey_nbits): Replace GCRY_PK_ by PUBKEY_ALGO_.
(get_signature_count): Remove warning.

8 years agoFix faulty gcc warnings
Werner Koch [Thu, 3 Mar 2011 11:40:54 +0000 (12:40 +0100)]
Fix faulty gcc warnings

8 years agoSimplify the management of the stream list in estream.c
Werner Koch [Thu, 3 Mar 2011 10:51:04 +0000 (11:51 +0100)]
Simplify the management of the stream list in estream.c

8 years agofix wLangId in ccid-driver.c
NIIBE Yutaka [Thu, 13 Jan 2011 07:38:31 +0000 (16:38 +0900)]
fix wLangId in ccid-driver.c

This is not a part of pin pad support series of mine.

As I found the bug while I am preparing the patches, I report this.

As CCID protocol is little endian, wLangId of US English = 0x0409
is represented as two bytes of 0x09 then 0x04.

It is really confusing that the code like following is floating
pin_verify -> wLangId = HOST_TO_CCID_16(0x0904);

But, it is 0x0409 (not 0x0904).  It is defined in the documentation:

and origin of this table is Microsoft.  We can see it at:

Yes, it would be better not to hard-code 0x0409.  It would be better
to try current locale of the user, or to use the first entry of string
descriptor.  I don't have time to implement such a thing...

8 years agoFix usage of SHA-2 algorithm with OpenPGP cards.
Werner Koch [Wed, 2 Mar 2011 14:35:10 +0000 (15:35 +0100)]
Fix usage of SHA-2 algorithm with OpenPGP cards.

This was a regression in 2.1 introduced due to having the agent do the
signing in contrast to the old "SCD PKSIGN" command which accesses the
scdaemon directly and passed the hash algorithm.  The hash algorithm
is used by app-openpgp.c only for a sanity check.

8 years agoAdd comment to last patch.
Werner Koch [Wed, 2 Mar 2011 08:50:12 +0000 (09:50 +0100)]
Add comment to last patch.

8 years agoAdded option --data to KEYINFO to return the result with a data response.
Ben Kibbey [Wed, 2 Mar 2011 02:18:45 +0000 (21:18 -0500)]
Added option --data to KEYINFO to return the result with a data response.

8 years agoLet KEYINFO show the cached status of a key grip.
Ben Kibbey [Wed, 2 Mar 2011 01:29:08 +0000 (20:29 -0500)]
Let KEYINFO show the cached status of a key grip.

8 years agoRename Ben's new option.
Werner Koch [Wed, 2 Mar 2011 08:11:40 +0000 (09:11 +0100)]
Rename Ben's new option.

8 years agoAdded CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with a mode...
Ben Kibbey [Sun, 27 Feb 2011 13:35:16 +0000 (08:35 -0500)]
Added CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with a mode of CACHE_MODE_NORMAL. These cache modes are created with PKDECRYPT.

8 years agoFix doc/Makefile target online
Werner Koch [Wed, 2 Mar 2011 08:04:16 +0000 (09:04 +0100)]
Fix doc/Makefile target online

8 years agoMove parameter file description to the manual.
Werner Koch [Tue, 1 Mar 2011 16:08:49 +0000 (17:08 +0100)]
Move parameter file description to the manual.

8 years agoSupport X.509 certificate creation.
Werner Koch [Tue, 1 Mar 2011 13:42:56 +0000 (14:42 +0100)]
Support X.509 certificate creation.

Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.

8 years agoUpdate some M4 files and AUTHORS.
Werner Koch [Tue, 1 Mar 2011 13:28:59 +0000 (14:28 +0100)]
Update some M4 files and AUTHORS.

8 years agoAdd new functions to convert iso time strings.
Werner Koch [Tue, 1 Mar 2011 13:22:41 +0000 (14:22 +0100)]
Add new functions to convert iso time strings.

8 years agoUpdate gpg-error.m4 and libgcrypt.m4
Werner Koch [Wed, 23 Feb 2011 15:29:45 +0000 (16:29 +0100)]
Update gpg-error.m4 and libgcrypt.m4

8 years agoFix dirmngr crash (bug#1300)
Werner Koch [Wed, 23 Feb 2011 09:51:36 +0000 (10:51 +0100)]
Fix dirmngr crash (bug#1300)

8 years agoLock scdaemon to CCID if once found.
Werner Koch [Wed, 23 Feb 2011 09:15:34 +0000 (10:15 +0100)]
Lock scdaemon to CCID if once found.

This solves a problem where ccid was used, the card unplugged and then
scdaemon tries to find a new (plugged in) reader and thus will
eventually try PC/SC over and over again.

Also added an explicit --kill command to gpgconf.

8 years agoFix ChnageLog entries.
Werner Koch [Tue, 15 Feb 2011 08:29:01 +0000 (09:29 +0100)]
Fix ChnageLog entries.

8 years agofixed --list-keys on Linux64 bit
Andrey Jivsov [Sat, 12 Feb 2011 01:38:39 +0000 (17:38 -0800)]
fixed --list-keys on Linux64 bit

8 years agoAdd ECC sign, verify, encrypt and decrypt tests
Werner Koch [Fri, 11 Feb 2011 08:59:16 +0000 (09:59 +0100)]
Add ECC sign, verify, encrypt and decrypt tests

8 years agoRemove debug code from regression test pinentry
Werner Koch [Thu, 10 Feb 2011 19:54:37 +0000 (20:54 +0100)]
Remove debug code from regression test pinentry

Also updated de.po

8 years agoAdd ECC import regression tests and fixed a regression.
Werner Koch [Thu, 10 Feb 2011 19:16:06 +0000 (20:16 +0100)]
Add ECC import regression tests and fixed a regression.

The import test imports the keys as needed and because they are
passphrase protected we now need a pinentry script to convey the
passphrase to gpg-agent.

8 years agoReplace printf by es_printf in keyserver.c
Werner Koch [Wed, 9 Feb 2011 18:46:00 +0000 (19:46 +0100)]
Replace printf by es_printf in keyserver.c

This is similar to the change in keylist.c and elsewhere.

8 years agoAdd framework to print keyserver engine information
Werner Koch [Wed, 9 Feb 2011 16:48:00 +0000 (17:48 +0100)]
Add framework to print keyserver engine information

8 years agoSupport key fetching using HTTP.
Werner Koch [Wed, 9 Feb 2011 14:42:29 +0000 (15:42 +0100)]
Support key fetching using HTTP.

A simple test case is:

  gpg2 --fetch-key

8 years agoAdd finger support to dirmngr.
Werner Koch [Tue, 8 Feb 2011 20:11:19 +0000 (21:11 +0100)]
Add finger support to dirmngr.

The basic network code from http.c is used for finger.  This keeps the
network related code at one place and we are able to use the somewhat
matured code form http.c.  Unfortunately I had to enhance the http
code for more robustness and probably introduced new bugs.

Test this code using

  gpg --fetch-key

(I might be the last user of finger ;-)

8 years agoFix ECDSA 521 bit signing.
Werner Koch [Mon, 7 Feb 2011 13:38:39 +0000 (14:38 +0100)]
Fix ECDSA 521 bit signing.

This fix also allows the creation and use of an 521 bit ECDH key which
used to fail while creating the binding signature.

8 years agoNuked almost all trailing white space. post-nuke-of-trailing-ws
Werner Koch [Fri, 4 Feb 2011 11:57:53 +0000 (12:57 +0100)]
Nuked almost all trailing white space.

We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.

8 years agoLet check the git config
Werner Koch [Fri, 4 Feb 2011 11:12:51 +0000 (12:12 +0100)]
Let check the git config

To avoid checking in trailing scripts the script now
enables the standard pre-commit hook, which check for this.

Add a cleanpo filter if not yet set.  This works with together with

8 years agoRemoved deprecated SIGEXPIRED status line.
Werner Koch [Fri, 4 Feb 2011 09:28:28 +0000 (10:28 +0100)]
Removed deprecated SIGEXPIRED status line.

8 years agoFix test for gcry_pk_get_curve.
Werner Koch [Thu, 3 Feb 2011 21:04:31 +0000 (22:04 +0100)]
Fix test for gcry_pk_get_curve.

Add a compatibility fixes for the non-curve case.
Remove -lber from the dirmngr link line.

8 years agoAdd a DECRYPTION_INFO status.
Werner Koch [Thu, 3 Feb 2011 19:59:01 +0000 (20:59 +0100)]

    DECRYPTION_INFO <mdc_method> <sym_algo>
        Print information about the symmetric encryption algorithm and
        the MDC method.  This will be emitted even if the decryption

8 years agoRelax mailbox name checking. Fixes bug#1315.
Werner Koch [Thu, 3 Feb 2011 17:05:56 +0000 (18:05 +0100)]
Relax mailbox name checking.  Fixes bug#1315.

8 years agoExtend algo selection menu.
Werner Koch [Thu, 3 Feb 2011 16:40:43 +0000 (17:40 +0100)]
Extend algo selection menu.

This allows to add an ECC key and to set the capabilities of an ECDSA

Fix printing of the ECC algorithm when creating a signature.

8 years agoUpdate copyright year
Werner Koch [Thu, 3 Feb 2011 15:50:01 +0000 (16:50 +0100)]
Update copyright year

Nuked some trailing spaces.

8 years agoMerge branch 'ECC-INTEGRATION-2-1' ecc-integration-done
Werner Koch [Thu, 3 Feb 2011 15:39:03 +0000 (16:39 +0100)]
Merge branch 'ECC-INTEGRATION-2-1'

8 years agoFinished ECC integration. ECC-INTEGRATION-2-1
Werner Koch [Thu, 3 Feb 2011 15:31:42 +0000 (16:31 +0100)]
Finished ECC integration.

Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.

8 years agoCompute the fingerprint for ECDH only on demand.
Werner Koch [Wed, 2 Feb 2011 16:40:32 +0000 (17:40 +0100)]
Compute the fingerprint for ECDH only on demand.

This also fixes a failed assertion when using a v3 key where the
fingerprint size is not 20.

8 years agoSample ECC keys and message do now work.
Werner Koch [Wed, 2 Feb 2011 14:48:54 +0000 (15:48 +0100)]
Sample ECC keys and message do now work.

Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.

8 years agoMove OpenPGP OID helpers to common/.
Werner Koch [Mon, 31 Jan 2011 17:19:14 +0000 (18:19 +0100)]
Move OpenPGP OID helpers to common/.

This is needed so that the agent will be able to export and import
OpenPGP secret keys.  Add test case.

Removed unused function.

8 years agoFixed the ECC interface to Libgcrypt to be ABI compatible with the previous version.
Werner Koch [Mon, 31 Jan 2011 14:44:24 +0000 (15:44 +0100)]
Fixed the ECC interface to Libgcrypt to be ABI compatible with the previous version.

Quite some changes were needed but in the end we have less code than
before.  Instead of trying to do everything with MPIs and pass them
back and forth between Libgcrypt and GnuPG, we know use the
S-expression based interface and make heavy use of our opaque MPI

Encryption, decryption, signing and verification work with
self-generared keys.

Import and export does not yet work; thus it was not possible to check
the test keys at .

8 years agoReworked the ECC changes to better fit into the Libgcrypt API.
Werner Koch [Mon, 31 Jan 2011 08:27:06 +0000 (09:27 +0100)]
Reworked the ECC changes to better fit into the Libgcrypt API.

See ChangeLog for details.  Key generation, signing and verification works.
Encryption does not yet work.  Requires latest Libgcrypt changes.

8 years agoUpdate gitignore
Werner Koch [Wed, 26 Jan 2011 17:27:56 +0000 (18:27 +0100)]
Update gitignore

8 years agoUpdate gitignore to the one used in tye 2.0 branch.
Werner Koch [Wed, 26 Jan 2011 17:23:46 +0000 (18:23 +0100)]
Update gitignore to the one used in tye 2.0 branch.

8 years agoUpdate gitignore and add attributes to po/
Werner Koch [Wed, 26 Jan 2011 17:20:32 +0000 (18:20 +0100)]
Update gitignore and add attributes to po/

8 years agoAdd gitattributes
Werner Koch [Wed, 26 Jan 2011 16:19:39 +0000 (17:19 +0100)]
Add gitattributes

8 years agoFunction name cleanups
Werner Koch [Wed, 26 Jan 2011 16:17:43 +0000 (17:17 +0100)]
Function name cleanups

Also nuked some trailing spaces.