summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* gpg: New option --use-only-openpgp-cardWerner Koch2019-08-214-1/+22
| | | | | | | | | | | | | | | | * g10/gpg.c (opts): Add option. (main): Set flag. * g10/options.h: Add flags.use_only_openpgp_card. * g10/call-agent.c (start_agent): Implement option. -- With the previous patch we switch to autoselect an application instead of requesting an openpgp card. This option allows to revert this in case of use use cases which expected the former behaviour. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit c185f6dfbd1bfd809369da789239a371e9d1610e) This was first added to the 2.2 branch.
* scd: Fix check_application_conflict.NIIBE Yutaka2019-08-211-0/+6
| | | | | | | * scd/scd/app.c (check_application_conflict): Compare APPTYPE. Fixes-commit: 5a5288d051a551a1a8f169225e62572f6ee8cb10 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix selecting additional APP.NIIBE Yutaka2019-08-211-28/+59
| | | | | | | | | | * scd/app.c (select_additional_application_internal): Factor out. (select_additional_application): Getting the lock and call select_additional_application_internal, set current_apptype, then. (select_application): Call select_additional_application_internal for Yubikey. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix how select_additional_application is called.NIIBE Yutaka2019-08-211-10/+3
| | | | | | | * scd/app.c (check_application_conflict): Check against current APP. (select_additional_application): Update current_apptype of CTRL. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix resetting CARD_CTX.NIIBE Yutaka2019-08-213-17/+4
| | | | | | | | | | | | | | | * scd/app.c (deallocate_card): Don't call scd_clear_current_app. (card_reset): Reset ctrl->current_apptype. * scd/command.c (open_card_with_request): Likewise. (send_client_notifications): Likewise. (scd_clear_current_app): Remove. -- It's too late to call scd_clear_current_app from deallocate_card, because CARD_CTX is already reset. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix switching to another APP.NIIBE Yutaka2019-08-211-4/+9
| | | | | | | | * scd/app.c (select_additional_application): Initialize card of APP. Break after the selection. Don't free APP if success. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* doc: fix minor spelling and tense errorsDaniel Kahn Gillmor2019-08-203-6/+6
| | | | | | * doc/{gpg,gpgsm,wks}.texi: minor orthographic cleanup. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* doc: clarify CARD event counter.Daniel Kahn Gillmor2019-08-201-1/+1
| | | | | | | | | | | | | * doc/gpg-agent.texi: improve documentation of CARD entry in GETEVENTCOUNTER description. -- "stati" is unclear and confusing, and describing something in the singular is almost always less ambiguous than leaving it in the plural. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* speedo, w32: Add w32-wixlib target for MSI packageAndre Heinecke2019-08-083-2/+752
| | | | | | | | | | | | | | | | | | | | | | | | | * Makefile.am (EXTRA_DIST): Add wixlib.wxs * build-aux/speedo.mk (w32-wixlib): New target. (w32-release): Build wixlib if WIXPREFIX is set. (help): Add documentation. * build-aux/speedo/w32/wixlib.wxs -- This build a wixlib of the Windows binaries of GnuPG. A wixlib is a module that can be linked into another wix project to create an installer including this module. Gpg4win uses the wixlib from GnuPG for it's MSI Package. To build the wixlib you need wine with wine-mono installed and the wixtoolset. When calling speedo set the variable WIXPREFIX to the location containing the extracted toolset. e.g.: make -f build-aux/speedo.mk w32-wixlib WIXPREFIX=~/wix
* build: Sign all Windows binaries.Werner Koch2019-08-081-7/+71
| | | | | | | | | | | | | | | | | | * build-aux/speedo.mk (AUTHENTICODE_SIGNHOST): New. (AUTHENTICODE_TOOL): New. (AUTHENTICODE_FILES): New. (installer): Sign listed files. (AUTHENTICODE_SIGNHOST): New macro. (sign-installer): Use that macro instead of direct use of osslsigncode. -- This also adds code to support signing via a Token. Because there is no specification of that token, I was not able to write a free driver for it. Thus we resort to use a running Windows-10 instance with an enabled ssh server to do the code signing. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit e6901c2bc802996c24335bcb35012ccb74b4ced0)
* scd: Remove fallback mechanism to PC/SC.NIIBE Yutaka2019-08-071-8/+2
| | | | | | | * scd/apdu.c [HAVE_LIBUSB] (apdu_open_reader): Simply let it fail. GnuPG-bug-id: 4673 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent: Fix an error path of agent_get_confirmation.NIIBE Yutaka2019-08-061-8/+9
| | | | | | | * agent/call-pinentry.c (agent_get_confirmation): Make sure unlock_pinentry is always called. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common: Fix line break handling, finding a space.NIIBE Yutaka2019-08-061-3/+3
| | | | | | * common/name-value.c (assert_raw_value): Correctly find a space. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Don't report NO_SECKEY for valid key.NIIBE Yutaka2019-08-061-1/+1
| | | | | | | | | | * g10/mainproc.c (proc_encrypted): Report status of STATUS_NO_SECKEY only when some error occurred. -- Fixes-commit: 6cc4119ec03be61c78189a0bec99372035289b91 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* sm: Support AES-256 key.NIIBE Yutaka2019-08-051-3/+3
| | | | | | * sm/decrypt.c (prepare_decryption): Handle a case for AES-256. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* sm: Fix error checking of decryption result.NIIBE Yutaka2019-07-261-7/+8
| | | | | | * sm/call-agent.c (gpgsm_agent_pkdecrypt): Fix condition. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg,gpgsm: Handle pkdecrypt responses with/without NUL terminators.Daniel Kahn Gillmor2019-07-262-8/+17
| | | | | | | | | | * g10/call-agent.c (agent_pkdecrypt): accept but do not require NUL-terminated data from the agent. * sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require NUL-terminated data from the agent. GnuPG-bug-id: 4652 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* gpg: photoid: Use standard spawn API.NIIBE Yutaka2019-07-251-460/+229
| | | | | | | | | | | | * g10/photoid.c (exec_write, exec_read, exec_finish): Remove. (setup_input_file): Rename from make_tempdir. (expand_args): Drop support of 'o' and 'O'. (fill_command_argv, run_with_pipe, create_temp_file) New. (show_photo): New with gnupg_spawn_process_fd and gnupg_wait_process. (show_photos): Call show_photo. GnuPG-bug-id: 4362 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: photoid: Move functions from exec.c.NIIBE Yutaka2019-07-253-561/+550
| | | | | | | | | | | * g10/exec.c (w32_system): Expose to public. (exec_write, exec_read, exec_finish, make_tempdir, expand_args): Move to photoid.c. * g10/exec.h: Likewise. * g10/photoid.c (exec_write, exec_read, exec_finish, make_tempdir) (expand_args): Move here. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Handle CCID bwi of time extension.NIIBE Yutaka2019-07-251-1/+6
| | | | | | | | | | | | | * scd/ccid-driver.c (bulk_in): Increase timeout by the multiplier value as defined section 6.2.6 in CCID specification. -- For TPDU level transfer, it was handled. This is fix for APDU level transfer. GnuPG-bug-id: 4646 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix bBWI value.NIIBE Yutaka2019-07-251-2/+2
| | | | | | | | | | * scd/ccid-driver.c (ccid_transceive_apdu_level): Use bBWI=0 for APDU level transfer. (ccid_transceive): Use bBWI=0 or the value returend by WTX for TPDU level transfer. GnuPG-bug-id: 4654 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common: Fix the previous commit.NIIBE Yutaka2019-07-241-0/+9
| | | | | | | | * common/asshelp.c [HAVE_W32_SYSTEM] (start_new_gpg_agent): Use gnupg_spawn_process_detached. (start_new_dirmngr): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common: Use gnupg_spawn_process_fd to invoke gpg-agent/dirmngr.NIIBE Yutaka2019-07-241-3/+13
| | | | | | | | | | | | * common/asshelp.c (start_new_gpg_agent): Call gnupg_spawn_process_fd and gnupg_wait_process. (start_new_dirmngr): Likewise. -- With --daemon option, gpg-agent/dirmngr detaches by itself. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common,w32: Fix cast from gnupg_fd_t to call _open_osfhandle.NIIBE Yutaka2019-07-241-2/+2
| | | | | | | * common/sysutils.c (translate_sys2libc_fd): Use intptr_t. (gnupg_tmpfile): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: A little clean up.NIIBE Yutaka2019-07-233-4/+4
| | | | | | | | * g10/keyserver.c: Don't include exec.h. * g10/photoid.c (image_type_to_string): It's constant. * g10/photoid.h (image_type_to_string): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Error code map fix for older Yubikey.NIIBE Yutaka2019-07-221-0/+1
| | | | | | | * scd/iso7816.c (map_sw): Recognize 6A86. Fixes-commit: ec56996029d95d4bd26e1badfe207232270c6247 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: The option --passphrase= can be empty.NIIBE Yutaka2019-07-191-2/+2
| | | | | | | | * g10/gpg.c (opts): Use ARGPARSE_o_s for oPassphrase to allow empty string. GnuPG-bug-id: 4633 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* card: Fix showing KDF object attribute.NIIBE Yutaka2019-07-193-5/+30
| | | | | | | * g10/call-agent.c (learn_status_cb): Parse the KDF DO. * g10/card-util.c (current_card_status): Show it correctly. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Support "[CHV3]" attribute for keyid string.NIIBE Yutaka2019-07-191-3/+2
| | | | | | | * scd/app-openpgp.c (check_keyidstr0: Relax the check. Fixes-commit: b0f0791e4ade845b2a0e2a94dbda4f3bf1ceb039 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* card: Support disabling KDF functionality.NIIBE Yutaka2019-07-191-7/+21
| | | | | | * g10/card-util.c (kdf_setup): Can be "off". Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* doc: Fix a debug hint on the keybox format.Werner Koch2019-07-181-6/+2
| | | | --
* kbx: Allow "gpgsm --faked-system-time" to kick off a compression run.Werner Koch2019-07-182-2/+2
| | | | | | * kbx/keybox-update.c (keybox_compress): Use make_timestamp. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: More check for symmetric key encryption.NIIBE Yutaka2019-07-182-4/+5
| | | | | | | * g10/dek.h (DEK): Use debugger friendly type of unsigned int. * g10/mainproc.c (symkey_decrypt_seskey): Add another check. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* doc: Fix description of the field 11.NIIBE Yutaka2019-07-161-2/+3
| | | | | | | * doc/DETAILS: Fix. GnuPG-bug-id: 4105 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr: Don't add system CAs for SKS HKPS pool.NIIBE Yutaka2019-07-161-0/+2
| | | | | | | | * dirmngr/http.c [HTTP_USE_GNUTLS] (http_session_new): Clear add_system_cas. GnuPG-bug-id: 4594 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Remove useless GNUPG_SCD_MAIN_HEADER macro.Werner Koch2019-07-123-16/+7
| | | | | | | | | * scd/apdu.c (): Remove never set and useless macro. * scd/ccid-driver.c: Ditto. * scd/iso7816.c: Ditto. -- Signed-off-by: Werner Koch <wk@gnupg.org>
* doc: Dependencies for figures are only for maintainers.NIIBE Yutaka2019-07-121-0/+2
| | | | | | | | * doc/Makefile.am [MAINTAINER_MODE] (.svg.eps, etc.): Enable only when maintainer-mode. GnuPG-bug-id: 4280 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* Fix a reference in comment.NIIBE Yutaka2019-07-121-1/+1
| | | | | | * common/openpgp-s2k.c: Fix. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Don't try decryption by session key when NULL.NIIBE Yutaka2019-07-121-3/+6
| | | | | | | | | * g10/mainproc.c (proc_encrypted): Only call get_session_key when PKENC_LIST is not NULL. Return GPG_ERR_BAD_KEY, instead of GPG_ERR_NO_SECKEY, when it's encrypted only by symmetric key. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent: Relax the handling of pinentry error for keyboard grab.NIIBE Yutaka2019-07-111-1/+11
| | | | | | | | * agent/call-pinentry.c (start_pinentry): It's not fatal when pinentry doesn't support no-grab/grab option. GnuPG-bug-id: 4587 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix internal CCID driver, so that -DTEST works.NIIBE Yutaka2019-07-111-42/+55
| | | | | | * scd/ccid-driver.c: Support a test program by ccid-driver. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix debug logging of the internal CCID driver.NIIBE Yutaka2019-07-111-4/+9
| | | | | | | * scd/ccid-driver.c [GNUPG_MAJOR_VERSION] (DEBUGOUT): Use log_debug. Fixes-commit: 79c99921e35921140c83d7c101829d95f038f3da Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Fix getting User ID.NIIBE Yutaka2019-07-113-83/+88
| | | | | | | | | | | * g10/getkey.c (user_id_db): Remove, as no use anymore. (get_user_id_string): Use cache_get_uid_bykid. (get_user_id_byfpr): Use cache_get_uid_byfpr. * g10/objcache.c (cache_get_uid_byfpr): New. * g10/objcache.h (cache_get_uid_byfpr): New. Fixes-commit: 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Improve import slowness.NIIBE Yutaka2019-07-101-5/+13
| | | | | | | * g10/import.c (read_block): Avoid O(N^2) append. (sec_to_pub_keyblock): Likewise. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Fix keyring retrieval.NIIBE Yutaka2019-07-101-3/+6
| | | | | | | * g10/keyring.c (keyring_get_keyblock): Avoid O(N^2) append. GnuPG-bug-id: 4592 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Do not try the import fallback if the options are already used.Werner Koch2019-07-091-1/+3
| | | | | | * g10/import.c (import_one): Check options. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Fix regression in option "self-sigs-only".Werner Koch2019-07-091-1/+11
| | | | | | | | | | * g10/import.c (read_block): Make sure KEYID is availabale also on a pending packet. -- Reported-by: Phil Pennock Fixes-commit: 2e349bb6173789e0e9e42c32873d89c7bc36cea4 Signed-off-by: Werner Koch <wk@gnupg.org>
* sm: Fix card access.NIIBE Yutaka2019-07-091-5/+5
| | | | | | | | | | | * sm/call-agent.c (gpgsm_scd_pksign): Cast to integer for %b. -- This fix is needed on big endian machine where size_t is bigger than integer. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: ccid-driver: Initial getting ATR more robustly.NIIBE Yutaka2019-07-091-18/+39
| | | | | | | | | * scd/ccid-driver.c (send_power_off): New. (do_close_reader): Use send_power_off. (ccid_get_atr): Add error recovery. GnuPG-bug-id: 4616 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix keygrip search.NIIBE Yutaka2019-07-081-1/+3
| | | | | | | * scd/app.c (app_do_with_keygrip): Break the entire loop. Fixes-commit: 5a5288d051a551a1a8f169225e62572f6ee8cb10 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>