gnupg.git
8 weeks agoagent: Stop scdaemon after reload when disable_scdaemon.
NIIBE Yutaka [Thu, 23 May 2019 01:15:18 +0000 (10:15 +0900)]
agent: Stop scdaemon after reload when disable_scdaemon.

* agent/call-scd.c (agent_card_killscd): New.
* agent/gpg-agent.c (agent_sighup_action): Call agent_card_killscd.

--

GnuPG-bug-id: 4326
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
8 weeks agog10: Copy expiredate from primary key when marked expired.
NIIBE Yutaka [Thu, 23 May 2019 00:40:01 +0000 (09:40 +0900)]
g10: Copy expiredate from primary key when marked expired.

* g10/getkey.c (merge_selfsigs): Update ->expiredate of subkey.

--

GnuPG-bug-id: 3343
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
8 weeks agogpg: Do not bail on an invalid packet in the local keyring.
Werner Koch [Tue, 21 May 2019 15:27:42 +0000 (17:27 +0200)]
gpg: Do not bail on an invalid packet in the local keyring.

* g10/keydb.c (parse_keyblock_image): Treat invalid packet special.
--

This is in particular useful to run --list-keys on a keyring with
corrupted packets.  The extra flush is to keep the diagnostic close to
the regular --list-key output.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 weeks agogpg: Do not allow creation of user ids larger than our parser allows.
Werner Koch [Tue, 21 May 2019 14:25:56 +0000 (16:25 +0200)]
gpg: Do not allow creation of user ids larger than our parser allows.

* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.
--

This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us.  Test case is

  gpg --batch --passphrase 'abc' -v  \
      --quick-gen-key $(yes 'a'| head -4000|tr -d '\n')

GnuPG-bug-id: 4532
Signed-off-by: Werner Koch <wk@gnupg.org>
8 weeks agogpg: Unify the the use of the print_pubkey_info functions.
Werner Koch [Tue, 21 May 2019 10:54:47 +0000 (12:54 +0200)]
gpg: Unify the the use of the print_pubkey_info functions.

* g10/keylist.c (format_seckey_info): Remove.
(print_pubkey_info, print_seckey_info): Remove.
(format_key_info): New.
(print_key_info): New.
(print_key_info_log): New.
* g10/card-util.c (current_card_status): Use print_key_info and remove
the useless condition on KEYBLOCK.
* g10/delkey.c (do_delete_key): Replace print_pubkey_info and
print_seckey_info by print_key_info.
* g10/keyedit.c (menu_addrevoker): Replace print_pubkey_info by
print_key_info.
* g10/pkclist.c (do_we_trust_pre): Ditto.
* g10/revoke.c (gen_desig_revoke): Ditto.
(gen_revoke): Ditto.  Also use print_key_info_log instead of separate
functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 weeks agoscd: Fix for SCARD_IO_REQUEST structure.
NIIBE Yutaka [Tue, 21 May 2019 07:18:36 +0000 (16:18 +0900)]
scd: Fix for SCARD_IO_REQUEST structure.

* scd/apdu.c (struct pcsc_io_request_s): Use pcsc_dword_t for Windows.

--

This fix is for correctness and for the future when we will support
64-bit Windows.

GnuPG-bug-id: 4454
Suggested-by: Juris Ozols
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
8 weeks agoagent: For SSH key, don't put NUL-byte at the end.
NIIBE Yutaka [Tue, 21 May 2019 06:50:28 +0000 (15:50 +0900)]
agent: For SSH key, don't put NUL-byte at the end.

* agent/command-ssh.c (ssh_key_to_protected_buffer): Update
the length by the second call of gcry_sexp_sprint.

--

GnuPG-bug-id: 4502
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
8 weeks agogpg: Do not delete any keys if --dry-run is passed.
Werner Koch [Mon, 20 May 2019 10:31:55 +0000 (12:31 +0200)]
gpg: Do not delete any keys if --dry-run is passed.

* g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs.
Do not clear the ownertrust.  Do not let the agent delete the key.
--

Co-authored-by: Matheus Afonso Martins Moreira
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agogpg: Fix using --decrypt along with --use-embedded-filename.
Werner Koch [Fri, 17 May 2019 11:40:24 +0000 (13:40 +0200)]
gpg: Fix using --decrypt along with --use-embedded-filename.

* g10/options.h (opt): Add flags.dummy_outfile.
* g10/decrypt.c (decrypt_message): Set this global flag instead of the
fucntion local flag.
* g10/plaintext.c (get_output_file): Ignore opt.output if that was
used as a dummy option aslong with --use-embedded-filename.
--

The problem here was that an explicit specified --decrypt, as
meanwhile suggested, did not work with that dangerous
--use-embedded-filename.  In contrast it worked when gpg decrypted as
a side-effect of parsing the data.

GnuPG-bug-id: 4500
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agogpg: Improve the photo image viewer selection.
Werner Koch [Fri, 17 May 2019 10:31:11 +0000 (12:31 +0200)]
gpg: Improve the photo image viewer selection.

* g10/exec.c (w32_system): Add "!ShellExecute" special.
* g10/photoid.c (get_default_photo_command): Use the new ShellExecute
under Windows and fallbac to 'display' and 'xdg-open' in the Unix
case.
(show_photos): Flush stdout so that the output is shown before the
image pops up.
--

For Unix this basically syncs the code with what we have in gpg 1.4.
Note that xdg-open may not be used when running as root which we
support here.

For Windows we now use ShellExecute as this seems to be preferred over
"cmd /c start"; however this does not solve the actual problem we had
in the bug report.  To solve that problem we resort to a wait
parameter which defaults to 400ms.  This works on my Windows-10
virtualized test box.  If we can figure out which simple viewers are
commonly installed on Windows we should enhance this patch to test for
them.

GnuPG-bug-id: 4334
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agokbx: Fix an endless loop under Windows due to an incomplete fix.
Werner Koch [Thu, 16 May 2019 11:57:04 +0000 (13:57 +0200)]
kbx: Fix an endless loop under Windows due to an incomplete fix.

* kbx/keybox-search.c (keybox_search):  We need to seek to the last
position in all cases not just when doing a NEXT.
--

This is because search from the beginning needs a keybox_search_reset.
We can only make an exception for KEYDB_SEARCH_MODE_FIRST..

Fixes-commit: 49b236af0ecbb6df67513feb4b63851f2e159ea2
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agogpgconf: Before --launch check that the config file is fine.
Werner Koch [Thu, 16 May 2019 10:24:08 +0000 (12:24 +0200)]
gpgconf: Before --launch check that the config file is fine.

* tools/gpgconf-comp.c (gc_component_launch): Check the conf file.
* tools/gpgconf.c (gpgconf_failure): Call log_flush.
--
GnuPG-bug-id: 4497
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoscd: Remove unused cruft from GnuPG 1.x
Werner Koch [Thu, 16 May 2019 06:24:29 +0000 (08:24 +0200)]
scd: Remove unused cruft from GnuPG 1.x

* scd/apdu.c: Remove code used only by GnuPG 1.
* scd/app-openpgp.c: Ditto.
* scd/ccid-driver.c: Ditto.
* scd/iso7816.c: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoagent,scd: Scan and load all public keys for availability.
NIIBE Yutaka [Thu, 16 May 2019 01:09:41 +0000 (10:09 +0900)]
agent,scd: Scan and load all public keys for availability.

* agent/divert-scd.c (ask_for_card): Scan by SERIALNO command.
* scd/app-openpgp.c (do_with_keygrip): Make sure to load pubkey.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agoagent: Support scdaemon operation using KEYGRIP.
NIIBE Yutaka [Wed, 15 May 2019 06:53:35 +0000 (15:53 +0900)]
agent: Support scdaemon operation using KEYGRIP.

* agent/agent.h (struct card_key_info_s): New.
(divert_pksign, divert_pkdecrypt): New API.
* agent/call-scd.c (card_keyinfo_cb): New.
(agent_card_free_keyinfo, agent_card_keyinfo): New.
* agent/divert-scd.c (ask_for_card): Having GRIP argument,
ask scdaemon with agent_card_keyinfo.
(divert_pksign, divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Supply GRIP.
* agent/pksign.c (agent_pksign_do): Ditto.

--

We are going to relax the requirment for SERIALNO of card.  It's OK,
when a card doesn't have recorded SERIALNO.  If a card has a key
with GRIP, it can be used.

GnuPG-bug-id: 2291, 4301
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agoscd: Don't put newline at the end of status.
NIIBE Yutaka [Wed, 15 May 2019 08:12:23 +0000 (17:12 +0900)]
scd: Don't put newline at the end of status.

* scd/command.c (send_keyinfo): Remove newline.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agodoc: Do not mention gpg's deprecated --keyserver option.
Werner Koch [Wed, 15 May 2019 07:18:28 +0000 (09:18 +0200)]
doc: Do not mention gpg's deprecated --keyserver option.

--
GnuPG-bug-id: 4466

2 months agogpg: enable OpenPGP export of cleartext keys with comments
Daniel Kahn Gillmor [Tue, 14 May 2019 01:22:38 +0000 (21:22 -0400)]
gpg: enable OpenPGP export of cleartext keys with comments

* g10/export.c (cleartext_secret_key_to_openpgp): ignore trailing
sublists in private-key S-expression.

--

When gpg-agent learns about a private key from its ssh-agent
interface, it stores its S-expression with the comment attached.  The
export mechanism for OpenPGP keys already in cleartext was too brittle
because it would choke on these comments.  This change lets it ignore
any additional trailing sublists.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gnupg-Bug-Id: 4490

2 months agogpgconf: Support --homedir for --launch.
Werner Koch [Wed, 15 May 2019 06:50:15 +0000 (08:50 +0200)]
gpgconf: Support --homedir for --launch.

* tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because
gnupg_homedir already returns abd absolute name.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
(gc_component_launch): Support --homedir.
--

GnuPG-bug-id: 4496
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agosm: Add a couple of debug calls to the keydb module.
Werner Koch [Tue, 14 May 2019 18:03:44 +0000 (20:03 +0200)]
sm: Add a couple of debug calls to the keydb module.

* sm/gpgsm.h (DBG_CLOCK_VALUE, DBG_CLOCK): New.
(DBG_LOOKUP_VALUE, DBG_LOOKUP): New.
* sm/gpgsm.c: new debug flags "lookup" and "clock"
* sm/keydb.c: Add log_clock calls to most functions.
(keydb_search_desc_dump): New.
(keydb_search) [DBG_LOOKUP]: Print descrh decription.
* sm/keylist.c (list_cert_std): Flush FP in debug mode to better
syncronize the output with the debug output
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoscd: Fix return value for KEYINFO command.
NIIBE Yutaka [Wed, 15 May 2019 06:44:32 +0000 (15:44 +0900)]
scd: Fix return value for KEYINFO command.

* scd/command.c (cmd_keyinfo): Return GPG_ERR_NOT_FOUND if none.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agokbx: Fix deadlock in gpgsm on Windows due to a sharing violation.
Werner Koch [Tue, 14 May 2019 17:05:58 +0000 (19:05 +0200)]
kbx: Fix deadlock in gpgsm on Windows due to a sharing violation.

* kbx/keybox-init.c (keybox_lock) [W32]: Use _keybox_close_file
instead of fclose so that a close is done if the file is opened by
another handle.
* kbx/keybox-search.c (keybox_search): Remember the last offset and
use that in NEXT search mode if we had to re-open the file.
--

GnuPG-bug-id: 4505
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agosm: Change keydb code to use the keybox locking.
Werner Koch [Tue, 14 May 2019 11:36:08 +0000 (13:36 +0200)]
sm: Change keydb code to use the keybox locking.

* kbx/keybox-init.c (keybox_lock): New arg TIMEOUT.  Change all
callers to pass -1 when locking.
* sm/keydb.c (struct resource_item): Remove LOCKANDLE.
(struct keydb_handle): Add KEEP_LOCK.
(keydb_add_resource): Use keybox locking instead of a separate dotlock
for testing whether we can run a compress.
(keydb_release): Reset KEEP_LOCK.
(keydb_lock): Set KEEP_LOCK.
(unlock_all): Take care of KEEP_LOCK.
(lock_all): Use keybox_lock instead of dotlock fucntions.
(keydb_delete): Remove arg UNLOCK.
* sm/delete.c (delete_one): Adjust keydb_delete.  Due to the KEEP_LOCK
the keydb_release takes care of unlocking.
--

This aligns the code more with g10/keydb.c and avoids the separate
calls to dotlock_take.

GnuPG-bug-id: 4505
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoagent: Replace most assert by log_assert.
Werner Koch [Tue, 14 May 2019 08:31:46 +0000 (10:31 +0200)]
agent: Replace most assert by log_assert.

--

2 months agoagent: correct length for uri and comment on 64-bit big-endian platforms
Daniel Kahn Gillmor [Tue, 14 May 2019 04:05:42 +0000 (00:05 -0400)]
agent: correct length for uri and comment on 64-bit big-endian platforms

* agent/findkey.c (agent_public_key_from_file): pass size_t as int to
gcry_sexp_build_array's %b.

--

This is only a problem on big-endian systems where size_t is not the
same size as an int.  It was causing failures on debian's s390x,
powerpc64, and sparc64 platforms.

There may well be other failures with %b on those platforms in the
codebase, and it probably needs an audit.

Once you have a key in private-keys-v1.d/$KEYGRIP.key with a comment
or a uri of reasonable length associated with it, this fix can be
tested with:

   gpg-agent --server <<<"READKEY $KEYGRIP"

On the failing platforms, the printed comment will be of length 0.

Gnupg-bug-id: 4501
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 months agodoc: Minor edit for a gpg option.
Werner Koch [Tue, 14 May 2019 08:07:06 +0000 (10:07 +0200)]
doc: Minor edit for a gpg option.

--
GnuPG-bug-id: 4507

2 months agogpg: Do not print a hint to use the deprecated --keyserver option.
Werner Koch [Tue, 14 May 2019 05:56:10 +0000 (07:56 +0200)]
gpg: Do not print a hint to use the deprecated --keyserver option.

* g10/keyserver.c (keyserver_search): Remove a specialized error
message.
--

Dirmngr comes with a default keyserver and the suggestion to use
gpg --keyserver
is not good because that option is deprecated.  An error message
"No keyserver available" is sufficient.

GnuPG-bug-id: 4512
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agog10: Fix possible null dereference.
NIIBE Yutaka [Tue, 14 May 2019 02:20:07 +0000 (11:20 +0900)]
g10: Fix possible null dereference.

* g10/armor.c (armor_filter): Access ->d in the internal loop.

--

GnuPG-bug-id: 4494
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agogpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
Werner Koch [Mon, 13 May 2019 17:01:28 +0000 (19:01 +0200)]
gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.

* g10/sign.c (update_keysig_packet): Convert digest algo when needed.
--

Several gpg commands try to keep most properties of a key signature
when updating (i.e. creating a new version of a key signature).  This
included the use of the current hash-algorithm.  This patch changes
this so that SHA-1 or RMD160 are replaced by SHA-256 if
possible (i.e. for RSA signatures).  Affected commands are for example
--quick-set-expire and --quick-set-primary-uid.

GnuPG-bug-id: 4508
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agogpg: Cleanup use of make_keysig_packet.
Werner Koch [Mon, 13 May 2019 10:38:32 +0000 (12:38 +0200)]
gpg: Cleanup use of make_keysig_packet.

* g10/sign.c (make_keysig_packet): Remove obsolete arg diegst_algo
which was always passed as 0.  Change all callers.

* g10/gpgcompose.c (signature): Warn when trying to set a digest algo.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agobuild: Update m4/iconv.m4.
NIIBE Yutaka [Mon, 13 May 2019 06:15:29 +0000 (15:15 +0900)]
build: Update m4/iconv.m4.

* m4/iconv.m4: Update from gettext 0.20.1.

--

This includes fixes of file descriptor leaks.

GnuPG-bug-id: 4504
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agodoc: correct documentation for gpgconf --kill
Daniel Kahn Gillmor [Fri, 10 May 2019 16:39:45 +0000 (12:39 -0400)]
doc: correct documentation for gpgconf --kill

* doc/tools.texi(gpgconf): Correct documentation for gpgconf --kill.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 months agodirmngr: Add a CSRF expection for pm.me
Werner Koch [Thu, 9 May 2019 12:49:59 +0000 (14:49 +0200)]
dirmngr: Add a CSRF expection for pm.me

--

Also comment typo fix.

2 months agoagent: If a Label is make sure that label is part of the prompt.
Werner Koch [Tue, 7 May 2019 09:50:38 +0000 (11:50 +0200)]
agent: If a Label is make sure that label is part of the prompt.

* agent/findkey.c (has_comment_expando): New.
(agent_key_from_file): Modify DESC_TEXT.
--

A Label entry in the keyfile is always set manually and thus we can
assume that the user wants to have this label in the prompt.  In case
the prompt template does not demand a comment this patch appends a
comment to thhe template.  This is a common case for on-disk keys used
by gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoagent: Allow the use of "Label:" in a key file.
Werner Koch [Tue, 7 May 2019 09:08:26 +0000 (11:08 +0200)]
agent: Allow the use of "Label:" in a key file.

* agent/findkey.c (linefeed_to_percent0A): New.
(read_key_file): Add optional arg 'keymeta' and change all callers.
(agent_key_from_file): Prefer "Label:" over the comment for protected
keys.
--

If in the extended key format an item

  Label: This is my key

is found, "This is my key" will be displayed instead of the comment
intially recorded in the s-expression.  This is pretty useful for the
ssh keys because often there is only the original file name recorded
in the comment.

If no Label is found or it is empty the S-expression comment is used.

To show more than one line, the standard name-value syntax can be
used, for example:

  Label: The Ssh key
  <blank line>
  <space>I registered on fencepost.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocommon: New functions nvc_delete_named and nvc_get_string.
Werner Koch [Tue, 7 May 2019 09:01:15 +0000 (11:01 +0200)]
common: New functions nvc_delete_named and nvc_get_string.

* common/name-value.c (nvc_delete_named): New.
(nvc_get_string): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoscd: Support direct use of app with PKSIGN/PKAUTH/PKDECRYPT.
NIIBE Yutaka [Tue, 7 May 2019 00:41:14 +0000 (09:41 +0900)]
scd: Support direct use of app with PKSIGN/PKAUTH/PKDECRYPT.

* scd/command.c (cmd_pksign, cmd_pkauth, cmd_pkdecrypt): When length
of keyidstr is 40, it is considered as a keygrip for direct use.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agodoc: Minor doc fix to dirmngr.
Werner Koch [Fri, 3 May 2019 14:15:04 +0000 (16:15 +0200)]
doc: Minor doc fix to dirmngr.

--

Reported-by: dkg
2 months agoagent: Put Token lines into the key files.
Werner Koch [Fri, 3 May 2019 13:54:54 +0000 (15:54 +0200)]
agent: Put Token lines into the key files.

* agent/findkey.c (write_extended_private_key): Add args serialno and
keyref.  Write a Token line if that does not yet exist.
(agent_write_private_key): Add args serialno and keyref and change all
callers.
(agent_write_shadow_key): Skip leading spaces.
* agent/keyformat.txt: Improve extended key format docs.
--

Noet that the extended key forma is the defaqult in 2.3.  This patch
is a first step to better handle tokens which carray the same key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocommon: In private key mode write "Key:" always last in name-value.
Werner Koch [Fri, 3 May 2019 12:24:07 +0000 (14:24 +0200)]
common: In private key mode write "Key:" always last in name-value.

* common/name-value.c (nvc_write): Take care of Key. Factor some code
out to ...
(write_one_entry): new.
--

The key item is in general not manual editable thus we put it at the
end of a file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agogpg: Use just the addrspec from the Signer's UID.
Werner Koch [Fri, 3 May 2019 08:53:34 +0000 (10:53 +0200)]
gpg: Use just the addrspec from the Signer's UID.

* g10/parse-packet.c (parse_signature): Take only rthe addrspec from a
Signer's UID subpacket.
--

This is to address a problem in the currentr OpenKeychain which put
the entire UID into the subpacket.  For example our Tofu code can only
use the addrspec and not the entire UID.

Reported-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agotools: Some changes to the ccidmon.c debug helper.
Werner Koch [Tue, 30 Apr 2019 06:26:59 +0000 (08:26 +0200)]
tools: Some changes to the ccidmon.c debug helper.

--

2 months agosm: Add yet inactive options to support authenticode
Werner Koch [Tue, 30 Apr 2019 06:25:59 +0000 (08:25 +0200)]
sm: Add yet inactive options to support authenticode

* sm/gpgsm.c (opts): New options --authenticode and --attribute.
* sm/gpgsm.h (opt): Add vars authenticode and attribute_list.
* sm/sign.c (add_signed_attribute): New but inactive.
(gpgsm_sign): Use new options.
--

Because libksba 1.4 is not yet ready the new code is not yet active.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocommon,w32: Breakaway detached childs when in job
Andre Heinecke [Mon, 29 Apr 2019 06:54:39 +0000 (08:54 +0200)]
common,w32: Breakaway detached childs when in job

* common/exechelp-w32.c (gnupg_spawn_process_detached): Add
CREATE_BREAKAWAY_FROM_JOB creation flag if required.

--
When the gpg process is assigned to a W32 "Job" the
child processes are killed once the Job is finished.
As we want our detached processes to linger e.g.
gpg-agent the breakaway flag is required in
that case.

GnuPG-Bug-Id: T4333

Thanks to Jan Echternach for reporting this and providing
a patch.

Signed-off-by: Andre Heinecke <aheinecke@gnupg.org>
2 months agoscd: Add new command: KEYINFO.
NIIBE Yutaka [Thu, 25 Apr 2019 05:49:49 +0000 (14:49 +0900)]
scd: Add new command: KEYINFO.

* scd/app-common.h (struct app_ctx_s): Add with_keygrip function.
* scd/app-openpgp.c (do_with_keygrip): New.
* scd/app.c (app_do_with_keygrip): New.
* scd/command.c (cmd_keyinfo): New.
(send_keyinfo): New.

--

KEYGRIP_ACTION_LOOKUP is not yet used.  It will be used for directly
asking PK* action to determine an APP.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agopo: Update Japanese Translation.
NIIBE Yutaka [Tue, 23 Apr 2019 02:57:56 +0000 (11:57 +0900)]
po: Update Japanese Translation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agoscd: Allow KEYGRIP as KEYIDSTR.
NIIBE Yutaka [Tue, 23 Apr 2019 01:51:01 +0000 (10:51 +0900)]
scd: Allow KEYGRIP as KEYIDSTR.

* scd/app-openpgp.c (struct app_local_s): Add keygrip_str.
(store_keygrip): New.
(read_public_key): Call store_keygrip to hold keygrip.
(get_public_key): Likewise.
(send_keypair_info): Use stored keygrip_str.
(check_keyidstr): Allow use of KEYGRIP.
(do_check_pin): Allow use of KEYGRIP of signing slot.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agoscd: Factor out a function to check keyidstr.
NIIBE Yutaka [Mon, 22 Apr 2019 11:34:36 +0000 (20:34 +0900)]
scd: Factor out a function to check keyidstr.

* scd/app-openpgp.c (check_keyidstr): New.
(do_sign, do_auth, do_decipher, do_check_pin): Use check_keyidstr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 months agogpgconf: correct capitalization of "Tor"
Daniel Kahn Gillmor [Fri, 19 Apr 2019 15:03:24 +0000 (11:03 -0400)]
gpgconf: correct capitalization of "Tor"

* tools/gpgconf-comp.cb (gc_options_dirmngr): correct capitalization
of Tor.

--

https://www.torproject.org/docs/faq.html.en#WhyCalledTor says:

> Note: even though it originally came from an acronym, Tor is not
> spelled "TOR". Only the first letter is capitalized. In fact, we can
> usually spot people who haven't read any of our website (and have
> instead learned everything they know about Tor from news articles) by
> the fact that they spell it wrong.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 months agog10: Fix double free when locating by mbox
Andre Heinecke [Thu, 18 Apr 2019 11:19:05 +0000 (13:19 +0200)]
g10: Fix double free when locating by mbox

* g10/getkey.c (get_best_pubkey_byname): Set new.uid always
to NULL after use.

--
pubkey_cmp is not guranteed to set new.uid.
So if the diff < 0 case is reached best is set to new.

If then diff > 0 is reached without modifying new.uid
e.g. if the key has no matching mboxes. new.uid is
free'd even though the uid is still referenced in
best.

GnuPG-Bug-Id: T4462

3 months agog10: Fix a memory leak.
NIIBE Yutaka [Wed, 17 Apr 2019 00:58:07 +0000 (09:58 +0900)]
g10: Fix a memory leak.

* g10/import.c (import): Care PNDING_PKT on error.

--

GnuPG-bug-id: 4461
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 months agocommon: Fix AWK portability.
NIIBE Yutaka [Tue, 16 Apr 2019 04:24:10 +0000 (13:24 +0900)]
common: Fix AWK portability.

* common/Makefile.am: Use pkg_namespace.
* common/mkstrtable.awk: Use pkg_namespace.  Regexp fix.

--

GnuPG-bug-Bug: 4459
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 months agogpg: New caching functions.
Werner Koch [Sat, 13 Apr 2019 09:48:58 +0000 (11:48 +0200)]
gpg: New caching functions.

* g10/objcache.c: New.
* g10/objcache.h: New.
* g10/Makefile.am (common_source): Add them.
* g10/gpg.c: Include objcache.h.
(g10_exit): Call objcache_dump_stats.
* g10/getkey.c: Include objcache.h.
(get_primary_uid, release_keyid_list): Remove.
(cache_user_id): Remove.
(finish_lookup): Call the new cache_put_keyblock instead of
cache_user_id.
(get_user_id_string): Remove code for mode 2.
(get_user_id): Implement using cache_get_uid_bykid.
--

This generic caching module is better than the ad-hoc code we used in
getkey.c.  More cleanup in getkey is still required but it is a
start.  There is also a small performance increase with the new cache:

With a large keyring and --list-sigs I get these numbers:

|      | before     | after      |
|------+------------+------------|
| real | 14m1.028s  | 12m16.186s |
| user |  2m18.484s |  1m36.040s |
| sys  | 11m42.420s | 10m40.044s |

Note the speedup in the user time which is due to the improved cache
algorithm.  This is obvious, because the old cache was just a long
linked list; the new cache are two hash tables.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Cache a once computed fingerprint in PKT_public_key.
Werner Koch [Fri, 12 Apr 2019 09:11:09 +0000 (11:11 +0200)]
gpg: Cache a once computed fingerprint in PKT_public_key.

* g10/packet.h (PKT_public_key): Add fields fpr and fprlen.
* g10/keyid.c (do_fingerprint_md): Remove.
(compute_fingerprint): New.
(keyid_from_pk): Simplify.
(fingerprint_from_pk): Simplify.
(hexfingerprint): Avoid using extra array.
--

This is similar to what we are doing with the keyid for a long time.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Accept also armored data from the WKD.
Werner Koch [Thu, 11 Apr 2019 07:54:28 +0000 (09:54 +0200)]
gpg: Accept also armored data from the WKD.

* g10/keyserver.c (keyserver_import_wkd): Clear NO_ARMOR.
--

We may even adjust the specs to allow that.  It should not be a
problem for any OpenPGP implementation because armored keys are very
common and de-armoring code is de-facto a mandatory feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Set a limit of 5 to the number of keys imported from the WKD.
Werner Koch [Thu, 11 Apr 2019 07:43:33 +0000 (09:43 +0200)]
gpg: Set a limit of 5 to the number of keys imported from the WKD.

* g10/import.c (import): Limit the number of considered keys to 5.
(import_one): Return the first fingerprint in case of WKD.
--

The Web Key Directory should carry only one key.  However, some
providers like to put old or expired keys also into the WKD.  I don't
thunk that this is a good idea but I heard claims that this is needed
for them to migrate existing key data bases.

This patch puts a limit on 5 on it (we had none right now) and also
fixes the issue that gpg could not work immediately with the requested
key because the code uses the fingerprint of the key to use the
imported key.  Now the first key is used.  On a second try (w/o
accessing the WKD) the regular key selection mechanism would be in
effect.  I think this is the most conservative approach.  Let's see
whether it helps.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agospeedo,w32: Install gpg-card.exe
Andre Heinecke [Thu, 11 Apr 2019 06:37:46 +0000 (08:37 +0200)]
speedo,w32: Install gpg-card.exe

* build-aux/speedo/w32/inst.nsi: Install gpg-card.exe

3 months agogpg: Fix printing of the user id during import.
Werner Koch [Fri, 5 Apr 2019 15:02:43 +0000 (17:02 +0200)]
gpg: Fix printing of the user id during import.

* g10/getkey.c (struct keyid_list): Add field fprlen.
(cache_user_id): Set and test it.
(get_user_id_byfpr): Make static, add arg fprlen and use it.
(get_user_id_byfpr_native): Add arg fprlen and change all callers.
--

This was a regression in the 2.3 base.
GnuPG-bug-id: 3801

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd:piv: Fix RSA decryption.
Werner Koch [Thu, 4 Apr 2019 10:51:21 +0000 (12:51 +0200)]
scd:piv: Fix RSA decryption.

* scd/app-piv.c (do_decipher): Fixup leading zero byte.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agodoc: Minor change to the included yat2m.
Werner Koch [Thu, 4 Apr 2019 10:49:06 +0000 (12:49 +0200)]
doc: Minor change to the included yat2m.

--

Getting the rendering of man pages is not really easy; let's see
whether this is better.  The change has also been done upstream.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: Better handling of timeout and time extension.
NIIBE Yutaka [Thu, 4 Apr 2019 06:58:21 +0000 (15:58 +0900)]
scd: Better handling of timeout and time extension.

* scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove.
(ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically
determined value.  Use value from variable wait_more for bulk_in.
Set wait_more by the value of time extension request.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 months agogpg: Improve the code to decrypt using PIV cards.
Werner Koch [Wed, 3 Apr 2019 15:45:35 +0000 (17:45 +0200)]
gpg: Improve the code to decrypt using PIV cards.

* g10/call-agent.c (agent_scd_keypairinfo): Add arg 'keyref'.
* g10/keygen.c (ask_algo): Adjust.
* g10/skclist.c (enum_secret_keys): Request the keyref directly.
--

This improves commit ec6a6779236a89d4784a6bb7de0def9cc0f9e8a4 to avoid
looping over all keypairinfos.  This way scdaemon does not need to
compute all the keypairinfos for all keys of a card.  This patch is
possible due the enhanced READKEY command in scdaemon.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: New options --info and --info-only for READKEY.
Werner Koch [Wed, 3 Apr 2019 15:31:09 +0000 (17:31 +0200)]
scd: New options --info and --info-only for READKEY.

* scd/command.c (cmd_readkey): New options --info and --info-only.
* scd/app.c (app_readkey): New arg 'flags'.
* scd/app-common.h (APP_READKEY_FLAG_INFO): New.
(struct app_ctx_s): New args 'ctrl' and 'flags' for member readkey.
Change all implementers.
* scd/app-nks.c (do_readkey): Stub implementation of
APP_READKEY_FLAG_INFO.
* scd/app-openpgp.c (do_readkey): Implement APP_READKEY_FLAG_INFO.
* scd/app-piv.c (do_readkey): Ditto.
--

This feature allows to quickly get the keygrip and in most cases also
the usage flags for one specific keyref.  Example:

 <- readkey --info-only  PIV.9D
 -> S KEYPAIRINFO FC6061FB457224370B85C6F34DD56CD29E669620 PIV.9D e
 -> OK

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Allow decryption using PIV cards.
Werner Koch [Wed, 3 Apr 2019 13:30:10 +0000 (15:30 +0200)]
gpg: Allow decryption using PIV cards.

* g10/call-agent.c (struct getattr_one_parm_s): New.
(getattr_one_status_cb): New.
(agent_scd_getattr_one): New.
* g10/pubkey-enc.c (get_it): Allow the standard leading zero byte from
pkcs#1.
* g10/skclist.c (enum_secret_keys): Handle non-OpenPGP cards.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: New standard attributes $ENCRKEYID and $SIGNKEYID.
Werner Koch [Wed, 3 Apr 2019 11:16:22 +0000 (13:16 +0200)]
scd: New standard attributes $ENCRKEYID and $SIGNKEYID.

* g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo.
* sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto.
* scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and
"$SIGNKEYID".
* scd/app-piv.c (do_getattr): Ditto.
--

We already have $AUTHKEYID to locate the keyref of the key to be used
with ssh.  It will also be useful to have default keyref for
encryption and signing.  For example, this will allow us to repalce
the use of "OPENPGP.2" by a app type specific keyref.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Avoid endless loop if a card's serial number can't be read.
Werner Koch [Wed, 3 Apr 2019 09:26:14 +0000 (11:26 +0200)]
gpg: Avoid endless loop if a card's serial number can't be read.

* g10/skclist.c (enum_secret_keys): Move list forward on error.
--

The error is not easy to reproduce but may occur if a card is removed
at the wrong time.  Tested by changing the code.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agocard: Allow card selection with LIST.
Werner Koch [Wed, 3 Apr 2019 08:27:08 +0000 (10:27 +0200)]
card: Allow card selection with LIST.

* tools/card-call-scd.c (start_agent): Request serialno only whean
started.
(scd_serialno): Allow NULL for r_serialno.
* tools/gpg-card.c (cmd_factoryreset): Use changed scd_serialno.
(cmd_list): New.
(dispatch_command): Use cmd_list for cmdLIST.
(interactive_loop): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Print modern style key info for non-decryptable keys.
Werner Koch [Wed, 3 Apr 2019 07:04:49 +0000 (09:04 +0200)]
gpg: Print modern style key info for non-decryptable keys.

* g10/mainproc.c (print_pkenc_list): Simplify.
--

This changes the output from

# ------------------------ >8 ------------------------
  gpg: encrypted with 2048-bit RSA key, ID D20073D46DF6C97D, created 2019-04-02
        "Test with PIV card"

to

  gpg: encrypted with rsa2048 key, ID D20073D46DF6C97D, created 2019-04-02
        "Test with PIV card"

Signed-off-by: Werner Koch <wk@gnupg.org>
# ------------------------ 8< ------------------------

3 months agogpg: Allow direct key generation from card with --full-gen-key.
Werner Koch [Tue, 2 Apr 2019 16:57:09 +0000 (18:57 +0200)]
gpg: Allow direct key generation from card with --full-gen-key.

* g10/call-agent.c (agent_scd_readkey): New.
* g10/keygen.c (ask_key_flags): Factor code out to ..
(ask_key_flags_with_mask): new.
(ask_algo): New mode 14.
--

Note that this new menu 14 is always displayed.  The usage flags can
be changed only in --expert mode, though.  Creating and using signing
keys works but decryption does not yet work; we will need to tweak a
couple of other places for that.  Tested with a Yubikey's PIV app.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agocommon: Extend function pubkey_algo_string.
Werner Koch [Tue, 2 Apr 2019 16:49:51 +0000 (18:49 +0200)]
common: Extend function pubkey_algo_string.

* common/sexputil.c (pubkey_algo_string): Add arg R_ALGOID.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Adjust.
* tools/gpg-card.c (list_one_kinfo): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agodirmngr: Improve domaininfo cache update algorithm.
Werner Koch [Tue, 2 Apr 2019 11:22:32 +0000 (13:22 +0200)]
dirmngr: Improve domaininfo cache update algorithm.

* dirmngr/domaininfo.c (struct domaininfo_s): Add field keepmark.
(insert_or_update): Implement new update algorithm.

--

The old algorithm limited the length of a bucket chain by purging the
last 50% or the entries.  Thus the first domains entered into the
cache were never purged.  The new algorithm is a bit better: It also
limits the chain length on overflow to 50% but tries to keep the
entries indicating that a WKD is available in the cache.  If there is
still space to keep more, those which clearly do not support WKD are
also kept.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agosm: Show the usage flags when generating a key from a card.
Werner Koch [Mon, 1 Apr 2019 17:58:33 +0000 (19:58 +0200)]
sm: Show the usage flags when generating a key from a card.

* g10/call-agent.c (scd_keypairinfo_status_cb): Also store the usage
flags.
* sm/call-agent.c (scd_keypairinfo_status_cb): Ditto.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Print the usage flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Prepare card code to allow other than OpenPGP cards.
Werner Koch [Mon, 1 Apr 2019 17:24:33 +0000 (19:24 +0200)]
gpg: Prepare card code to allow other than OpenPGP cards.

* g10/call-agent.c (start_agent): Use card app auto selection.
* g10/card-util.c (current_card_status): Print the Application type.
(card_status): Put empty line between card listings.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: New card function agent_scd_keypairinfo.
Werner Koch [Mon, 1 Apr 2019 16:37:02 +0000 (18:37 +0200)]
gpg: New card function agent_scd_keypairinfo.

* g10/call-agent.c (scd_keypairinfo_status_cb)
(agent_scd_keypairinfo): New.  Taken from gpgsm.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Remove two unused card related functions.
Werner Koch [Mon, 1 Apr 2019 16:34:19 +0000 (18:34 +0200)]
gpg: Remove two unused card related functions.

* g10/call-agent.c (inq_writekey_parms): Remove.
(agent_scd_writekey): Remove.
(agent_clear_pin_cache): Remove this stub.

3 months agogpg: Remove unused arg in a card related function.
Werner Koch [Mon, 1 Apr 2019 16:12:35 +0000 (18:12 +0200)]
gpg: Remove unused arg in a card related function.

* g10/call-agent.c (agent_scd_setattr): Remove unused arg serialno.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agodirmngr: Better for error code for http status 413.
Werner Koch [Fri, 29 Mar 2019 13:20:47 +0000 (14:20 +0100)]
dirmngr: Better for error code for http status 413.

* dirmngr/ks-engine-hkp.c (send_request): New case for 413.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: New option --application-priority.
Werner Koch [Thu, 28 Mar 2019 16:05:20 +0000 (17:05 +0100)]
scd: New option --application-priority.

* scd/scdaemon.c (oApplicationPriority): New.
(opts): Add "application_priority".
(main): Process option.
* scd/app.c (app_update_priority_list): New.
(get_supported_applications): Take apps from global list.

* tools/gpgconf-comp.c (gc_options_scdaemon): Add option.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agocard: For passwd add a PIV menu and make the OpenPGP menu optional.
Werner Koch [Thu, 28 Mar 2019 13:46:05 +0000 (14:46 +0100)]
card: For passwd add a PIV menu and make the OpenPGP menu optional.

* tools/gpg-card.c (get_selection): New.
(cmd_passwd): Reworked.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agocard: Allow "yubikey disable" only for Yubikey-5 and later.
Werner Koch [Thu, 28 Mar 2019 09:56:28 +0000 (10:56 +0100)]
card: Allow "yubikey disable" only for Yubikey-5 and later.

* tools/card-yubikey.c (yubikey_commands): Add new arg INFO and test
for Yubikey-5.
* tools/gpg-card.c (cmd_yubikey): Pass info to yubikey_commands.
--

The configuration can be read from a Yubikey-4 but not be written.
The mode command is also not useful because it allows only the
selection of transports.  It does not allow to disable single
applications based on one transport (like OPGP and PIV).  Thsi patch
shows an appropriate error message.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: Support reading the Yubikey 4 firmware version.
Werner Koch [Wed, 27 Mar 2019 16:34:50 +0000 (17:34 +0100)]
scd: Support reading the Yubikey 4 firmware version.

* scd/app.c (app_new_register): Detect yk4 version numbers.
--

Having the version of the yubikey is important to select which other
methods can be used with a Yubikey.  Note that we do not detect the
formfactor of a Yubikey 4 and instead use 0 for our serial number
prefix.  This does not affect app-openpgp becuase there we use the app
specific serial number.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agogpg: Don't use EdDSA algo ID for ECDSA curves.
Trevor Bentley [Mon, 25 Mar 2019 14:19:47 +0000 (15:19 +0100)]
gpg: Don't use EdDSA algo ID for ECDSA curves.

* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.

--

This change matters when it is called from ask_card_keyattr.

Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
3 months agosm: Allow decryption even if expired other keys are configured.
Werner Koch [Tue, 26 Mar 2019 12:31:06 +0000 (13:31 +0100)]
sm: Allow decryption even if expired other keys are configured.

* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
mode.
--

The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
a decryption command.  With that patch the errors are printed but
decryption continues and the process returns success unless other
errors occur.

GnuPG-bug-id: 4431
Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoagent: Allow other ssh fingerprint algos in KEYINFO.
Werner Koch [Tue, 26 Mar 2019 08:02:19 +0000 (09:02 +0100)]
agent: Allow other ssh fingerprint algos in KEYINFO.

* agent/command.c (cmd_keyinfo): Allow for --ssh-fpr=ALGO.  Default to
the standard algo.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agodoc: Add relevant NEWS items from 2.2.
Werner Koch [Mon, 25 Mar 2019 14:39:18 +0000 (15:39 +0100)]
doc: Add relevant NEWS items from 2.2.

--

3 months agowkd: New command --print-wkd-url for gpg-wks-client.
Werner Koch [Mon, 25 Mar 2019 14:13:59 +0000 (15:13 +0100)]
wkd: New command --print-wkd-url for gpg-wks-client.

* tools/gpg-wks-client.c (aPrintWKDURL): New.
(opts): Add option.
(main): Implement.
* tools/wks-util.c (wks_cmd_print_wkd_url): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agodoc: Clarify option --no-keyring.
Werner Koch [Mon, 25 Mar 2019 13:47:31 +0000 (14:47 +0100)]
doc: Clarify option --no-keyring.

--
GnuPG-bug-id: 4424

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agosm, w32: Translate logger and status fd to handles
Andre Heinecke [Mon, 25 Mar 2019 13:05:52 +0000 (14:05 +0100)]
sm, w32: Translate logger and status fd to handles

* sm/gpgsm.c (main): Call translate_sys2libc_fd_int to
convert the FDs.

--
This is required to actually pass gpgsm an fd on windows
and not a windows handle.

For the passphrase-fd this was already done.

3 months agolibdns: Don't use _[A-Z] which are reserved names.
NIIBE Yutaka [Mon, 25 Mar 2019 10:39:44 +0000 (19:39 +0900)]
libdns: Don't use _[A-Z] which are reserved names.

* dirmngr/dns.c: Use the identifiers of "*_instance" instead of
reserved "_[A-Z]".

--

GnuPG-bug-id: 4420
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 months agodoc: fix formatting error
Daniel Kahn Gillmor [Fri, 22 Mar 2019 22:49:03 +0000 (23:49 +0100)]
doc: fix formatting error

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
3 months agodoc: Add a spec comment to app-piv.c
Werner Koch [Fri, 22 Mar 2019 11:29:02 +0000 (12:29 +0100)]
doc: Add a spec comment to app-piv.c

--

3 months agowkd: New command --print-wkd-hash for gpg-wks-client.
Werner Koch [Fri, 22 Mar 2019 10:40:01 +0000 (11:40 +0100)]
wkd: New command --print-wkd-hash for gpg-wks-client.

* tools/gpg-wks-client.c (aPrintWKDHash): New.
(opts) : Add "--print-wkd-hash".
(main): Implement that command.
(proc_userid_from_stdin): New.
* tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY.
(wks_cmd_print_wkd_hash): New.
--

GnuPG-bug-id: 4418
Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agoscd: Refactor the app selection code.
Werner Koch [Fri, 22 Mar 2019 08:44:04 +0000 (09:44 +0100)]
scd: Refactor the app selection code.

* scd/app.c (app_priority_list): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 months agotests: Add a first v5 sample key
Werner Koch [Wed, 20 Mar 2019 08:16:46 +0000 (09:16 +0100)]
tests: Add a first v5 sample key

--

4 months agospeedo: Fix installer build with NSIS-3
Andre Heinecke [Mon, 18 Mar 2019 15:08:23 +0000 (16:08 +0100)]
speedo: Fix installer build with NSIS-3

* build-aux/speedo.mk: Add charset for nsis 3.

--
NSIS-3 defaults to UTF-8 but for NSIS-2 compatibility
we still stay on CP1252 for now.

4 months agogpg: Allow import of PGP desktop exported secret keys.
Werner Koch [Mon, 18 Mar 2019 12:07:14 +0000 (13:07 +0100)]
gpg: Allow import of PGP desktop exported secret keys.

* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic.  Change to take ownership of
arg keyblock.  Implement extra secret key import logic.  Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--

The PGP desktops exported secret keys are really stupid.  And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):

  [...]  Implementations SHOULD include self-signatures on any user
  IDs and subkeys, as this allows for a complete public key to be
  automatically extracted from the transferable secret key.
  Implementations MAY choose to omit the self-signatures, especially
  if a transferable public key accompanies the transferable secret
  key.

Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.

GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <wk@gnupg.org>
4 months agogpg: Avoid importing secret keys if the keyblock is not valid.
Werner Koch [Fri, 15 Mar 2019 18:50:37 +0000 (19:50 +0100)]
gpg: Avoid importing secret keys if the keyblock is not valid.

* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t.   Return an
error code if sec_to_pub_keyblock failed.  Resync secret keyblock.
--

When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway.  This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key.  After importing
the public key the secret keys suddenly showed up.

This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.

Caution: The ecc.scm test now fails because two of the sample keys
         don't have binding signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
4 months agotests: Add sample secret key w/o binding signatures.
Werner Koch [Fri, 15 Mar 2019 18:40:02 +0000 (19:40 +0100)]
tests: Add sample secret key w/o binding signatures.

--

GnuPG-bug-id: 4392

4 months agogpg: During secret key import print "sec" instead of "pub".
Werner Koch [Fri, 15 Mar 2019 18:11:32 +0000 (19:11 +0100)]
gpg: During secret key import print "sec" instead of "pub".

* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'.  Remove
useless code for "sub" and "ssb".
* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info.  Do
not print the first  keyinfo in FROM_SK mode.
printing.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
4 months agogpg: Simplify an interactive import status line.
Werner Koch [Fri, 15 Mar 2019 12:02:44 +0000 (13:02 +0100)]
gpg: Simplify an interactive import status line.

* g10/cpr.c (write_status_printf): Escape CR and LF.
* g10/import.c (print_import_check): Simplify by using
write_status_printf and hexfingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>