4 years agoscd: Avoid double-free on error condition in scd
Daniel Kahn Gillmor [Fri, 19 Dec 2014 23:07:55 +0000 (18:07 -0500)]
scd: Avoid double-free on error condition in scd

* scd/command.c (cmd_readkey): avoid double-free of cert


When ksba_cert_new() fails, cert will be double-freed.

Debian-Bug-Id: 773471

Original patch changed by wk to do the free only at leave.

4 years agoavoid future chance of using uninitialized memory
Daniel Kahn Gillmor [Fri, 19 Dec 2014 22:53:36 +0000 (17:53 -0500)]
avoid future chance of using uninitialized memory

* common/iobuf.c: (iobuf_open): initialize len


In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized

With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.

However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.

Debian-Bug-Id: 773469

4 years agogpgkey2ssh: clean up varargs
Daniel Kahn Gillmor [Fri, 19 Dec 2014 22:12:05 +0000 (17:12 -0500)]
gpgkey2ssh: clean up varargs

* tools/gpgkey2ssh.c (key_to_blob) : ensure that va_end is called.


stdarg(3) says:
       Each invocation of va_start() must be matched by a
       corresponding invocation of va_end() in the same function.

Observed by Joshua Rogers <>

Debian-Bug-Id: 773415

4 years agodoc: Fix memory leak in yat2m.
Werner Koch [Mon, 22 Dec 2014 11:44:13 +0000 (12:44 +0100)]
doc: Fix memory leak in yat2m.

* doc/yat2m.c (write_th): Free NAME.

Reported-by: Joshua Rogers <>
4 years agogpgsm: Return NULL on fail
Werner Koch [Mon, 22 Dec 2014 11:16:46 +0000 (12:16 +0100)]
gpgsm: Return NULL on fail

* sm/gpgsm.c (parse_keyserver_line): Set SERVER to NULL.


Cherry-pick of abd5f6752d693b7f313c19604f0723ecec4d39a6.

Reported-by: Joshua Rogers <>
  "If something inside the ldapserver_parse_one function failed,
   'server' would be freed, then returned, leading to a
   use-after-free.  This code is likely copied from sm/gpgsm.c, which
   was also susceptible to this bug."

Signed-off-by: Werner Koch <>
4 years agogpg: Fix possible read of unallocated memory
Werner Koch [Fri, 12 Dec 2014 09:41:25 +0000 (10:41 +0100)]
gpg: Fix possible read of unallocated memory

* g10/parse-packet.c (can_handle_critical): Check content length
before calling can_handle_critical_notation.

The problem was found by Jan Bee and gniibe proposed the used fix.

This bug can't be exploited: Only if the announced length of the
notation is 21 or 32 a memcmp against fixed strings using that length
would be done.  The compared data is followed by the actual signature
and thus it is highly likely that not even read of unallocated memory
will happen.  Nevertheless such a bug needs to be fixed.

Signed-off-by: Werner Koch <>
4 years agoscd: Fix possibly inhibited checkpin of the admin pin.
Werner Koch [Fri, 12 Dec 2014 19:08:45 +0000 (20:08 +0100)]
scd: Fix possibly inhibited checkpin of the admin pin.

* scd/app-openpgp.c (do_check_pin): Do not check a byte of a released

Signed-off-by: Werner Koch <>
4 years agoscd: fix get_public_key for OpenPGPcard v1.0.
Joshua Rogers [Sat, 20 Dec 2014 00:38:53 +0000 (11:38 +1100)]
scd: fix get_public_key for OpenPGPcard v1.0.

* scd/app-openpgp.c (get_public_key): correctly close 'fp' upon use.


Inside the get_public_key function, 'fp' was opened using popen, but
incorrectly closed using fclose.

Debian-Bug-Id: 773474

4 years agogpg: release DEK soon after its use.
NIIBE Yutaka [Fri, 12 Dec 2014 08:41:56 +0000 (17:41 +0900)]
gpg: release DEK soon after its use.

* g10/keygen.c (generate_subkeypair): Release DEK soon.


This fixes the out_of_core error in the test case of adding
RSA-4096 subkey to RSA-4096 primary key with configuration:

    s2k-cipher-algo S10

Debian-bug-id: 772780

Cherry-picked da66ad5bba4215b9ddd0cb927a89aa75355632aa from
STABLE-BRANCH-1-4 branch.

4 years agopo: Update French translation
David Prévot [Mon, 3 Nov 2014 03:24:09 +0000 (23:24 -0400)]
po: Update French translation

4 years agopo: Update Danish translation
David Prévot [Sun, 16 Nov 2014 21:00:18 +0000 (17:00 -0400)]
po: Update Danish translation

4 years agopo: Update Ukrainian translation
Yuri Chornoivan [Wed, 26 Nov 2014 10:04:49 +0000 (11:04 +0100)]
po: Update Ukrainian translation

4 years agopo: Update Chinese (traditional) translation
Jedi Lin [Tue, 18 Nov 2014 21:12:29 +0000 (17:12 -0400)]
po: Update Chinese (traditional) translation

4 years agopo: Update Russian translation
Ineiev [Tue, 18 Nov 2014 21:30:00 +0000 (17:30 -0400)]
po: Update Russian translation

4 years agopo: Update pl.po
Jakub Bogusz [Wed, 26 Nov 2014 09:56:37 +0000 (10:56 +0100)]
po: Update pl.po


4 years agopo: Convert pl.po to utf-8
Werner Koch [Wed, 26 Nov 2014 09:54:24 +0000 (10:54 +0100)]
po: Convert pl.po to utf-8


4 years agopo: New Dutch translation
Frans Spiesschaert [Tue, 25 Nov 2014 19:46:25 +0000 (15:46 -0400)]
po: New Dutch translation

* po/LINGUAS: Add nl.po.
Debian-Bug-Id: 770981

4 years agopo: Update es.po
Manuel "Venturi" Porras Peralta [Wed, 26 Nov 2014 09:37:37 +0000 (10:37 +0100)]
po: Update es.po


4 years agopo: Convert es.po to utf-8
Werner Koch [Wed, 26 Nov 2014 09:36:08 +0000 (10:36 +0100)]
po: Convert es.po to utf-8


4 years agogpg: Fix use of uninit.value in listing sig subpkts.
Werner Koch [Mon, 24 Nov 2014 18:24:47 +0000 (19:24 +0100)]
gpg: Fix use of uninit.value in listing sig subpkts.

* g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket

We may not use "%s" to print an arbitrary buffer.  At least "%.*s"
should have been used.  However, it is in general preferable to escape
control characters while printf user data.

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <>
(backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8)

4 years agogpg: Fix off-by-one read in the attribute subpacket parser.
Werner Koch [Mon, 24 Nov 2014 18:12:37 +0000 (19:12 +0100)]
gpg: Fix off-by-one read in the attribute subpacket parser.

* g10/parse-packet.c (parse_attribute_subpkts): Check that the
attribute packet is large enough for the subpacket type.

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <>
(backported from commit 0988764397f99db4efef1eabcdb8072d6159af76)

4 years agogpg: Fix a NULL-deref for invalid input data.
Werner Koch [Mon, 24 Nov 2014 17:19:31 +0000 (18:19 +0100)]
gpg: Fix a NULL-deref for invalid input data.

* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse

GnuPG-bug-id: 1761
Signed-off-by: Werner Koch <>
(backported from commit 32e85668b82f6fbcb824eea9548970804fb41d9e)

4 years agopo: Update Japanese translation.
NIIBE Yutaka [Tue, 18 Nov 2014 02:19:51 +0000 (11:19 +0900)]
po: Update Japanese translation.


4 years agogpg: Make the use of "--verify FILE" for detached sigs harder.
Werner Koch [Fri, 14 Nov 2014 08:36:19 +0000 (09:36 +0100)]
gpg: Make the use of "--verify FILE" for detached sigs harder.

* g10/openfile.c (open_sigfile): Factor some code out to ...
(get_matching_datafile): new function.
* g10/plaintext.c (hash_datafiles): Do not try to find matching file
in batch mode.
* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
matching data file is not used by a standard signatures.

Allowing to use the abbreviated form for detached signatures is a long
standing bug which has only been noticed by the public with the
release of 2.1.0.  :-(

What we do is to remove the ability to check detached signature in
--batch using the one file abbreviated mode.  This should exhibit
problems in scripts which use this insecure practice.  We also print a
warning if a matching data file exists but was not considered because
the detached signature was actually a standard signature:

  gpgv: Good signature from "Werner Koch (dist sig)"
  gpgv: WARNING: not a detached signature; \
  file 'gnupg-2.1.0.tar.bz2' was NOT verified!

We can only print a warning because it is possible that a standard
signature is indeed to be verified but by coincidence a file with a
matching name is stored alongside the standard signature.

Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
Signed-off-by: Werner Koch <>
(backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)

4 years agogpg: Add import option "keep-ownertrust".
Werner Koch [Wed, 12 Nov 2014 08:56:40 +0000 (09:56 +0100)]
gpg: Add import option "keep-ownertrust".

* g10/options.h (IMPORT_KEEP_OWNERTTRUST): New.
* g10/import.c (parse_import_options): Add "keep-ownertrust".
(import_one): Act upon new option.

This option is in particular useful to convert from a pubring.gpg to
the new pubring.kbx in GnuPG 2.1 or vice versa:

gpg1 --export | gpg2 --import-options keep-ownertrust --import

(cherry-picked from commit ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39)

4 years agogpg: Show v3 key fingerprints as all zero.
Werner Koch [Sat, 11 Oct 2014 17:44:13 +0000 (19:44 +0200)]
gpg: Show v3 key fingerprints as all zero.

* g10/keyid.c (fingerprint_from_pk): Show v3 fingerprints as all zero.

MD5 is considered broken for a long time now.  To make it easier for
users to notice that a listing shows a v3 key, the fingerprint is now
displayed as 16 zero bytes unless --allow-weak-digest-algos is active.

Signed-off-by: Werner Koch <>
4 years agogpg: Avoid using cached MD5 signature status.
Werner Koch [Sat, 11 Oct 2014 17:41:51 +0000 (19:41 +0200)]
gpg: Avoid using cached MD5 signature status.

* g10/sig-check.c (check_key_signature2): Avoid using a cached MD5
signature status.
* g10/keyring.c (keyring_get_keyblock): Ditto.
(write_keyblock): Ditto.

* g10/sig-check.c (do_check): Move reject warning to ...
* g10/misc.c (print_md5_rejected_note): new.

Signed-off-by: Werner Koch <>
4 years agogpg: Add build and runtime support for larger RSA keys
Daniel Kahn Gillmor [Fri, 3 Oct 2014 17:59:34 +0000 (13:59 -0400)]
gpg: Add build and runtime support for larger RSA keys

* Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.


This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732

4 years agobuild: Update m4 scripts
Werner Koch [Thu, 2 Oct 2014 14:17:45 +0000 (16:17 +0200)]
build: Update m4 scripts

* m4/gpg-error.m4: Update from Libgpg-error git master.
* m4/libgcrypt.m4: Update from Libgcrypt git master.
* Declare SYSROOT a precious variable.  Add extra error
message for library configuration mismatches.

4 years agogpg: --compress-sigs and --compress-keys are not no-ops in 2.0
Daniel Kahn Gillmor [Mon, 29 Sep 2014 21:49:53 +0000 (17:49 -0400)]
gpg: --compress-sigs and --compress-keys are not no-ops in 2.0

* g10/gpg.c: Cleanup argument parsing.


c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab mistakenly marked
compress-sigs and compress-keys as no-ops on the 2.0.x branch.

These options still have an effect on the 2.0.x branch, and the
duplicate declaration also causes the gpg argument parser to fail when
shortened versions of the option are present, like:

  gpg: option "--compress-k" is ambiguous

4 years agogpg: Avoid duplicate declaration of {no-,}sk-comments noops.
Daniel Kahn Gillmor [Mon, 29 Sep 2014 21:49:52 +0000 (17:49 -0400)]
gpg: Avoid duplicate declaration of {no-,}sk-comments noops.

* g10/gpg.c: Cleanup argument parsing.


With c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab, the GnuPG 2.0.x branch
accidentally introduced a second (identical) argument parser for both
--sk-comments, and for --no-sk-comments.

This caused short versions (e.g. omitting the trailing "s", as gpgme
does) of either command to fail with:

   gpg: option "--sk-comment" is ambiguous

4 years agogpg: Default to SHA-256 for all signature types on RSA keys.
Werner Koch [Sat, 27 Sep 2014 13:21:02 +0000 (15:21 +0200)]
gpg: Default to SHA-256 for all signature types on RSA keys.

* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
strict RFC or PGP modes.
* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
RSA key signatures.

(Backported from commit d33246700578cddd1cb8ed8164cfbba50aba4ef3)

4 years agodoc: Update the file OpenPGP
Werner Koch [Sat, 27 Sep 2014 09:17:07 +0000 (11:17 +0200)]
doc: Update the file OpenPGP


It should actually be completey reworked but for now I added just a
few notes.

4 years agogpg: Add shortcut for setting key capabilities.
Werner Koch [Fri, 26 Sep 2014 12:43:48 +0000 (14:43 +0200)]
gpg: Add shortcut for setting key capabilities.

* g10/keygen.c (ask_key_flags): Add shortcut '='.
* doc/help.txt (gpg.keygen.flags): New.

4 years agogpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
Daniel Kahn Gillmor [Thu, 25 Sep 2014 18:45:37 +0000 (14:45 -0400)]
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.

* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.


In gpg2, the following options are only relevant for scdaemon:


but in gpg1, they are options for gpg itself.

Some users of gpg1 might have these options in their
~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
config file.

gpg2 should not fail hard, though giving a warning (and suggesting a
move to scdaemon.conf) seems OK.

This patch does *not* reintroduce any documentation for these options
in gpg.texi, even to indicate that they are "dummy" options, since
scdaemon.texi contains the appropriate documentation.

Debian-bug-id: 762844

Program names factored out from obsolete_scdaemon_option to make
reuse without new translations easier. -wk

This is a backport of commit 371c2b14b0347209efd23b4e54e1981a12d7aeab
with parts of 20c6da50d4f6264d26d113d7de606971f719a0ca but without those
which would change existing translated strings. -wk

4 years agogpg: Need to init the trustdb for import.
Kristian Fiskerstrand [Wed, 13 Aug 2014 09:13:34 +0000 (11:13 +0200)]
gpg: Need to init the trustdb for import.

* g10/trustdb.c (clear_ownertrusts): Init trustdb.


This was fixed in 1.4 branch in commit
23191d7851eae2217ecdac6484349849a24fd94a but was not applied to the
2.0 branch that exhibits the same problem. This is actually a hack
to fix a bug introduced with commit 2528178.

GnuPG-bug-id: 1622

4 years agobuild: Print an error message if zlib is not installed.
Werner Koch [Tue, 26 Aug 2014 14:13:21 +0000 (16:13 +0200)]
build: Print an error message if zlib is not installed.

* (missing_zlib): New.

4 years agogpg: Allow for positional parameters in the passphrase prompt.
Werner Koch [Tue, 26 Aug 2014 08:16:04 +0000 (10:16 +0200)]
gpg: Allow for positional parameters in the passphrase prompt.

* g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf.

Without that at least the French translation does not always work
because it requires positional parameters.  Windows for example does
not support them as they are not defined by C99 but by POSIX.

4 years agoPost release updates.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
Post release updates.


4 years agoRelease 2.0.26 gnupg-2.0.26
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
Release 2.0.26

4 years agopo: Auto-update due to removed string.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
po: Auto-update due to removed string.


4 years agosm: Create homedir and lock empty keybox creation.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
sm: Create homedir and lock empty keybox creation.

* sm/gpgsm.h (opt): Add field "no_homedir_creation".
* sm/gpgsm.c (main): Set it if --no-options is used.
* sm/keydb.c: Include fcntl.h.
(try_make_homedir): New.  Similar to the one from g10/openfile.c
(maybe_create_keybox): New.  Similar to the one from g10/keydb.c.
(keydb_add_resource): Replace some code by maybe_create_keybox.

4 years agoRemove trailing white space from two files.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
Remove trailing white space from two files.


4 years agojnlib: Fix typo in header inclusion protection macro.
Werner Koch [Mon, 11 Aug 2014 15:21:07 +0000 (17:21 +0200)]
jnlib: Fix typo in header inclusion protection macro.

GnuPG-bug-id: 1669

4 years agopo: Update Japanese translation.
NIIBE Yutaka [Fri, 8 Aug 2014 01:08:01 +0000 (10:08 +0900)]
po: Update Japanese translation.

4 years agogpg: Fix regression due to the keyserver import filter.
Werner Koch [Wed, 6 Aug 2014 15:11:21 +0000 (17:11 +0200)]
gpg: Fix regression due to the keyserver import filter.

* g10/keyserver.c (keyserver_retrieval_filter): Change args.  Rewrite
to take subpakets in account.
* g10/import.c (import_one, import_secret_one): Pass keyblock to

GnuPG-bug-id: 1680

4 years agogpg: Add kbnode_t for easier backporting.
Werner Koch [Wed, 6 Aug 2014 15:09:15 +0000 (17:09 +0200)]
gpg: Add kbnode_t for easier backporting.

* g10/gpg.h (kbnode_t): New.

4 years agoAdd OpenPGP card manufacturer Yubico (6).
Simon Josefsson [Wed, 16 Jul 2014 19:49:17 +0000 (21:49 +0200)]
Add OpenPGP card manufacturer Yubico (6).

4 years agoscd: Allow for certificates > 1024 with PC/SC.
Andreas Schwier [Fri, 18 Jul 2014 16:22:26 +0000 (18:22 +0200)]
scd: Allow for certificates > 1024 with PC/SC.

* scd/pcsc-wrapper.c (handle_transmit): Enlarge buffer to 4096 too
allow for larger certificates.

4 years agogpg: Cap size of attribute packets at 16MB.
Werner Koch [Mon, 21 Jul 2014 11:50:36 +0000 (13:50 +0200)]
gpg: Cap size of attribute packets at 16MB.

* g10/parse-packet.c (parse_attribute): Avoid xmalloc failure and cap
size of packet.

Tavis Ormandy reported a fatal error for attribute packets with a zero
length payload.  This is due to a check in Libgcrypt's xmalloc which
rejects a malloc(0) instead of silently allocating 1 byte.  The fix is

In addition we cap the size of attribute packets similar to what we do
with user id packets.  OpenPGP keys are not the proper way to store

Resolved conflicts:
g10/parse-packet.c - indentation.  Use plain fprintf.

4 years agoPost release updates.
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
Post release updates.


4 years agoRelease 2.0.25 gnupg-2.0.25
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
Release 2.0.25

4 years agoestream: Fix minor glitch in "%.*s" format.
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
estream: Fix minor glitch in "%.*s" format.

* common/estream-printf.c (pr_string): Take care of non-nul terminated
Resolved conflicts:
common/estream-printf.c - white spaces

4 years agoscd: Support reader Gemalto IDBridge CT30
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
scd: Support reader Gemalto IDBridge CT30

* scd/ccid-driver.c (parse_ccid_descriptor): Add quirk for that
(GEMPC_CT30): New product id.

GnuPG-bug-id: 1638

Resolved conflicts:
scd/ccid-driver.h - Removed. product ids are in ccid-driver.c.

4 years agogpg: Limit keysize for unattended key generation to useful values.
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
gpg: Limit keysize for unattended key generation to useful values.

* g10/keygen.c (gen_elg): Enforce keysize 1024 to 4096.
(gen_rsa): Enforce keysize 1024 to 4096.
(gen_dsa): Enforce keysize 768 to 3072.

It was possible to create 16k RSA keys in batch mode. In addition to the
silliness of such keys, they have the major drawback that under GnuPG
and Libgcrypt, with their limited amount of specially secured memory
areas, the use of such keys may lead to an "out of secure memory"

4 years agoagent: Let gpg-protect-tool pass envvars to pinentry.
Werner Koch [Wed, 25 Jun 2014 15:16:40 +0000 (17:16 +0200)]
agent: Let gpg-protect-tool pass envvars to pinentry.

* agent/protect-tool.c (opt_session_env): New.
(main): Pass session environment object to
GnuPG-bug-id: 1402

The full story can be found at

Sorry for the delay.

4 years agogpg: Make screening of keyserver result work with multi-key commands.
Werner Koch [Wed, 25 Jun 2014 12:33:34 +0000 (14:33 +0200)]
gpg: Make screening of keyserver result work with multi-key commands.

* g10/keyserver.c (ks_retrieval_filter_arg_s): new.
(keyserver_retrieval_filter): Use new struct and check all
(keyserver_spawn): Pass filter arg suing the new struct.

This is a fix for commit 5e933008.

The old code did only work for a single key.  It failed as soon as
several keys are specified ("gpg --refresh-keys" or "gpg --recv-key A
B C").

4 years agoAdd CVE number
Werner Koch [Tue, 24 Jun 2014 18:12:26 +0000 (20:12 +0200)]
Add CVE number


4 years agoPost release updates
Werner Koch [Tue, 24 Jun 2014 13:43:46 +0000 (15:43 +0200)]
Post release updates


4 years agoRelease 2.0.24 gnupg-2.0.24
Werner Koch [Tue, 24 Jun 2014 13:11:12 +0000 (15:11 +0200)]
Release 2.0.24

4 years agopo: Auto-update
Werner Koch [Tue, 24 Jun 2014 13:10:54 +0000 (15:10 +0200)]
po: Auto-update


4 years agogpg: Fix a couple of spelling errors
Kristian Fiskerstrand [Thu, 12 Jun 2014 14:12:28 +0000 (16:12 +0200)]
gpg: Fix a couple of spelling errors

4 years agodoc: Update from master.
Werner Koch [Tue, 24 Jun 2014 11:54:30 +0000 (13:54 +0200)]
doc: Update from master.


4 years agogpg: Do not link gpgv against libassuan.
Werner Koch [Tue, 24 Jun 2014 11:52:02 +0000 (13:52 +0200)]
gpg: Do not link gpgv against libassuan.

* g10/ (gpgv2_LDADD): Remove LIBASSUAN_LIBS.

This is not required.

GnuPG-bug-id: 1533

4 years agopo: Update de.po
Werner Koch [Tue, 24 Jun 2014 09:14:20 +0000 (11:14 +0200)]
po: Update de.po

4 years agocommon: Fix commit ceef5568 so that it builds with libgcrypt < 1.6
Werner Koch [Tue, 24 Jun 2014 09:06:32 +0000 (11:06 +0200)]
common: Fix commit ceef5568 so that it builds with libgcrypt < 1.6

* common/ssh-utils.c (get_fingerprint): Use GCRY_PK_ECC only if

4 years agoRemove thread callbacks for libgcrypt >= 1.6.
Werner Koch [Tue, 24 Jun 2014 08:56:19 +0000 (10:56 +0200)]
Remove thread callbacks for libgcrypt >= 1.6.

* agent/gpg-agent.c (GCRY_THREAD_OPTION_PTH_IMPL): Do not use with
libgcrypt >= 1.6.
(main): Ditto.
* scd/scdaemon.c (GCRY_THREAD_OPTION_PTH_IMPL): Ditto.
(main): Ditto.

This is not anymore needed but kept for compatibility with Libgcrypt <

4 years agoImprove configure option --with-libgpg-error-prefix
Werner Koch [Tue, 24 Jun 2014 08:36:15 +0000 (10:36 +0200)]
Improve configure option --with-libgpg-error-prefix

GnuPG-bug-id: 1561

Note that this is not a complete solution.  The libgpg-error include
directory has now a higher preference but ld may not pick up the right
library if another one is installed.  The problem is that the -L
option and the -l options are not emitted separately by

4 years agogpg: Use more specific reason codes for INV_RECP.
Werner Koch [Tue, 10 Jun 2014 12:54:55 +0000 (14:54 +0200)]
gpg: Use more specific reason codes for INV_RECP.

* g10/pkclist.c (build_pk_list): Use more specific reasons codes for

GnuPG-bug-id: 1650

Note that this patch is a bit more limited than the one in 2.1.

4 years agogpg: Make show-uid-validity the default.
Werner Koch [Tue, 24 Jun 2014 07:53:46 +0000 (09:53 +0200)]
gpg: Make show-uid-validity the default.

4 years agogpg: Screen keyserver responses.
Stefan Tomanek [Wed, 29 Jan 2014 23:57:43 +0000 (00:57 +0100)]
gpg: Screen keyserver responses.

* g10/main.h (import_filter_t): New.
* g10/import.c (import): Add filter callbacks to param list.
(import_one): Ditto.
(import_secret_one): Ditto.
(import_keys_internal): Ditto.
(import_keys_stream): Ditto.
* g10/keyserver.c (keyserver_retrieval_filter): New.
(keyserver_spawn): Pass filter to import_keys_stream()

These changes introduces import functions that apply a constraining
filter to imported keys. These filters can verify the fingerprints of
the keys returned before importing them into the keyring, ensuring that
the keys fetched from the keyserver are in fact those selected by the
user beforehand.

Signed-off-by: Stefan Tomanek <>
Re-indention and minor changes by wk.

Resolved conflicts:

4 years agogpg: Allow key-to-card upload for cert-only keys
Werner Koch [Tue, 24 Jun 2014 07:13:38 +0000 (09:13 +0200)]
gpg: Allow key-to-card upload for cert-only keys

* g10/card-util.c (card_store_subkey): Allo CERT usage for key 0.

Suggested-by: Dominik Heidler <>
4 years agossh: Fix for newer Libgcrypt versions.
Werner Koch [Mon, 23 Jun 2014 11:16:44 +0000 (13:16 +0200)]
ssh: Fix for newer Libgcrypt versions.

* common/ssh-utils.c (get_fingerprint): Add GCRY_PK_ECC case.

Reported-by: Anatol Pomozov
4 years agogpg: Avoid infinite loop in uncompressing garbled packets.
Werner Koch [Fri, 20 Jun 2014 08:39:26 +0000 (10:39 +0200)]
gpg: Avoid infinite loop in uncompressing garbled packets.

* g10/compress.c (do_uncompress): Limit the number of extra FF bytes.

A packet like (a3 01 5b ff) leads to an infinite loop.  Using
--max-output won't help if it is a partial packet.  This patch
actually fixes a regression introduced on 1999-05-31 (c34c6769).
Actually it would be sufficient to stuff just one extra 0xff byte.
Given that this problem popped up only after 15 years, I feel safer to
allow for a very few FF bytes.

Thanks to Olivier Levillain and Florian Maury for their detailed

4 years agodoc: Update for modern makeinfo.
Werner Koch [Tue, 3 Jun 2014 11:34:24 +0000 (13:34 +0200)]
doc: Update for modern makeinfo.

* doc/texi.css: Remove.
* doc/ (AM_MAKEINFOFLAGS): Use --css-ref.

4 years agomaint: Of course we only use https in the announcements.
Werner Koch [Tue, 3 Jun 2014 09:29:34 +0000 (11:29 +0200)]
maint: Of course we only use https in the announcements.


4 years agoPost release updates.
Werner Koch [Tue, 3 Jun 2014 09:25:04 +0000 (11:25 +0200)]
Post release updates.


4 years agoRelease 2.0.23 gnupg-2.0.23
Werner Koch [Tue, 3 Jun 2014 08:02:45 +0000 (10:02 +0200)]
Release 2.0.23

4 years agopo: Auto-update due to one new entry.
Werner Koch [Tue, 3 Jun 2014 07:54:56 +0000 (09:54 +0200)]
po: Auto-update due to one new entry.


4 years agodoc: Adjust Makefile for fixed yat2m.
Werner Koch [Tue, 3 Jun 2014 07:48:48 +0000 (09:48 +0200)]
doc: Adjust Makefile for fixed yat2m.

* doc/ (yat2m-stamp): Remove dirmngr-client hack.

4 years agodoc: Update from master
Werner Koch [Tue, 3 Jun 2014 07:02:00 +0000 (09:02 +0200)]
doc: Update from master


4 years agogpg: New %U expando for the photo viewer.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
gpg: New %U expando for the photo viewer.

* g10/photoid.c (show_photos): Set namehash.
* g10/misc.c (pct_expando): Add "%U" expando.

This makes is possible to extract all photos ids from a key to
different files.

(cherry picked from commit e184a11f94e2d41cd9266484542631bec23628b5)

Resolved conflicts:
g10/photoid.c - whitespaces

4 years agocommon: Add z-base-32 encoder.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
common: Add z-base-32 encoder.

* common/zb32.c: New.
* common/t-zb32.c: New.
* common/ (common_sources): Add zb82.c
(cherry picked from commit b8a91ebf46a927801866e99bb5a66ab00651424e)

Resolved conflicts:

4 years agogpg: Reject signatures made with MD5.
Werner Koch [Mon, 17 Mar 2014 16:54:36 +0000 (17:54 +0100)]
gpg: Reject signatures made with MD5.

* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/gpg.conf.tmpl: Add allow_weak_digest_algos.
(cherry picked from commit f90cfe6b66269de0154d810c5cee1fe9a5af475c)

Resolved conflicts:
g10/gpg.c - adjust.
tests/openpgp/ - no changes

4 years agogpg: Remove useless diagnostic in MDC verification.
Werner Koch [Wed, 14 May 2014 06:55:58 +0000 (08:55 +0200)]
gpg: Remove useless diagnostic in MDC verification.

* g10/decrypt-data.c (decrypt_data): Do not distinguish between a bad
MDC packer header and a bad MDC.

The separate diagnostic was introduced for debugging a problems.  For
explaining an MDC error a single error message is easier to

4 years agogpg: Fix glitch entering a full expiration time.
Werner Koch [Wed, 14 May 2014 06:49:37 +0000 (08:49 +0200)]
gpg: Fix glitch entering a full expiration time.

* g10/keygen.c (ask_expire_interval): Get the current time after the

This almost avoid that an entered full ISO timestamp is not used as
given but off by the time the user required to enter the timestamp.

GnuPG-bug-id: 1639

4 years agogpg: Graceful skip reading of corrupt MPIs.
Werner Koch [Mon, 2 Jun 2014 16:38:04 +0000 (18:38 +0200)]
gpg: Graceful skip reading of corrupt MPIs.

* g10/parse-packet.c (mpi_read): Change error message on overflow.

This gets gpg 2.x in sync to what gpg 1.4 does.  No need to die for a
broken MPI.

GnuPG-bug-id: 1593

4 years agogpg: Simplify default key listing.
Werner Koch [Mon, 2 Jun 2014 15:33:18 +0000 (17:33 +0200)]
gpg: Simplify default key listing.

* g10/mainproc.c (list_node): Rework.

The old code still merged the first user id into the key packet line
which resulted in all kind of complexity.  --fixed-list-mode is
meanwhile the default and thus we also change this part of the code.

GnuPG-bug-id: 1640

4 years agogpgsm: Handle re-issued CA certificates in a better way.
Werner Koch [Mon, 2 Jun 2014 14:02:30 +0000 (16:02 +0200)]
gpgsm: Handle re-issued CA certificates in a better way.

* sm/certchain.c (find_up_search_by_keyid): Consider all matching
(find_up): Add some debug messages.

The DFN-Verein recently re-issued its CA certificates without
generating new keys.  Thus looking up the chain using the authority
keyids works but may use still existing old certificates.  This may
break the CRL lookup in the Dirmngr.  The hack to fix this is by using
the latest issued certificate with the same subject key identifier.

As usual Peter Gutman's X.509 style guide has some comments on that

GnuPG-bug-id: 1644

Resolved conflicts:
sm/certchain.c  - whitespace fixes.

4 years agogpgsm: Add a way to save a found state.
Werner Koch [Mon, 2 Jun 2014 13:55:00 +0000 (15:55 +0200)]
gpgsm: Add a way to save a found state.

* kbx/keybox-defs.h (keybox_found_s): New.
(keybox_handle): Factor FOUND out to above.  Add saved_found.
* kbx/keybox-init.c (keybox_release): Release saved_found.
(keybox_push_found_state, keybox_pop_found_state): New.

* sm/keydb.c (keydb_handle): Add field saved_found.
(keydb_new): Init it.
(keydb_push_found_state, keydb_pop_found_state): New.

Resolved conflicts:
kbx/keybox-defs.h - whitespace fixes.

4 years agogpg: Fix bug parsing a zero length user id.
Werner Koch [Mon, 2 Jun 2014 09:47:25 +0000 (11:47 +0200)]
gpg: Fix bug parsing a zero length user id.

* g10/getkey.c (get_user_id): Do not call xmalloc with 0.

* common/xmalloc.c (xmalloc, xcalloc): Take extra precaution not to
pass 0 to the arguments.

The problem did not occur in 1.x because over there the xmalloc makes
sure to allocate at least one byte.  With 2.x for most calls the
xmalloc of Libgcrypt is used and Libgcrypt returns an error insteead
of silent allocating a byte.  Thus gpg 2.x bailed out with an
"Fatal: out of core while allocating 0 bytes".

The extra code in xmalloc.c is for more robustness for the other
xmalloc calls.

(cherry picked from commit 99972bd6e9abea71f270284f49997de5f00208af)

Resolved conflicts:
g10/getkey.c - ignore whitespace changes.

4 years agogpg: Print a warning if GKR has hijacked gpg-agent.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
gpg: Print a warning if GKR has hijacked gpg-agent.

* g10/call-agent.c (check_hijacking): New.
(start_agent): Call it.
(membuf_data_cb, default_inq_cb): Move more to the top.

Note that GUIs may use the gpg status line

[GNUPG:] ERROR check_hijacking 33554509

to detect this and print an appropriate warning.

5 years agogpg: Fix use of deprecated RSA_E and RSA_E with newer libgcrypts.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
gpg: Fix use of deprecated RSA_E and RSA_E with newer libgcrypts.

* g10/misc.c (pubkey_get_npkey): Map RSA_E and RSA_S to RSA.
(pubkey_get_nskey): Ditto.
(pubkey_get_nsig): Ditto.
(pubkey_get_nenc): Ditto.
(pubkey_nbits): Take care of RSA_E and RSA_S.

The problem was that parse_key did not know about RSA_S and thus used
an opaque MPI which later crashed Libgcrypt. It is possible to fix
that also in Libgcrypt but we better do it here as well.

A test key using RSA_S is 0x98EEB6F7D87171CF.

Reported-by: Hanno Böck
5 years agoscd: Skip S/N reading for the "undefined" application.
Werner Koch [Wed, 14 Dec 2011 17:56:10 +0000 (18:56 +0100)]
scd: Skip S/N reading for the "undefined" application.

* scd/app.c (select_application): Skip serial number reading.
(cherry picked from commit 792e137ec7997a0ff5c54ff970611238d28d4ba8)

Resolved conflicts:

scd/app.c: Take care of already changed geldkarte/dinsig

5 years agogpg: Change --show-session-key to print the session key earlier.
Werner Koch [Wed, 11 Dec 2013 09:20:15 +0000 (10:20 +0100)]
gpg: Change --show-session-key to print the session key earlier.

* g10/cpr.c (write_status_strings): New.
(write_status_text): Replace code by a call to write_status_strings.
* g10/mainproc.c (proc_encrypted): Remove show_session_key code.
* g10/decrypt-data.c (decrypt_data): Add new show_session_key code.

This feature can be used to return the session key for just a part of
a file.  For example to downloading just the first 32k of a huge file,
decrypting that incomplete part and while ignoring all the errors
break out the session key.  The session key may then be used on the
server to decrypt the entire file without the need to have the private
key on the server.

GnuPG-bug-id: 1389
Signed-off-by: Werner Koch <>
(cherry picked from commit 101a54add351ff62793cbfbf3877787c4791f833)

Resolved Conflicts:
doc/DETAILS    - removed
g10/cpr.c      - replace estream fucntion by stdio.
g10/mainproc.c - Adjust for changed calling convention.

5 years agoSilence annoying ABI change warning.
Werner Koch [Wed, 27 Nov 2013 17:38:20 +0000 (18:38 +0100)]
Silence annoying ABI change warning.

* [GCC]: Pass -Wno-psabi for gcc >= 4.6.  Avoid some gcc
option tests for gcc >= 4.6

Signed-off-by: Werner Koch <>
5 years agoscd: Fix two compiler warnings.
Werner Koch [Wed, 27 Nov 2013 08:33:50 +0000 (09:33 +0100)]
scd: Fix two compiler warnings.

* scd/apdu.c (pcsc_vendor_specific_init): Add suggested parens.
* scd/ccid-driver.c (ccid_get_atr): Cast DEBUGOUT_1 arg to int.

5 years agogpg: Change armor Version header to emit only the major version.
Werner Koch [Wed, 27 Nov 2013 08:20:02 +0000 (09:20 +0100)]
gpg: Change armor Version header to emit only the major version.

* g10/options.h (opt): Rename field no_version to emit_version.
* g10/gpg.c (main): Init opt.emit_vesion to 1.  Change --emit-version
to bump up opt.emit_version.
* g10/armor.c (armor_filter): Implement different --emit-version

GnuPG-bug-id: 1572
Signed-off-by: Werner Koch <>
(cherry picked from commit e951782e937ce290be0d89d83e84b3daea997587)

Resolved conflicts:

5 years agocommon: Fix build problem with Sun Studio compiler.
Werner Koch [Fri, 15 Nov 2013 08:08:58 +0000 (09:08 +0100)]
common: Fix build problem with Sun Studio compiler.

* common/estream.c (ESTREAM_MUTEX_UNLOCK): Use int dummy dummy

GnuPG-bug-id: 1566
Signed-off-by: Werner Koch <>
5 years agoscd: more pinpad input fix for PC/SC.
NIIBE Yutaka [Wed, 13 Nov 2013 07:43:26 +0000 (16:43 +0900)]
scd: more pinpad input fix for PC/SC.

* scd/apdu.c (check_pcsc_pinpad): Set default values here.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Remove setting default
values, as it's too late.


cherry picked from master.