summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.HEADmasterNIIBE Yutaka3 days1-3/+0
| | | | | | | | | | * configure.ac (GPG_ERR_ENABLE_ERRNO_MACROS): Remove. -- It was for Windows CE. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* speedo: Do not package zlib and bzip2 object filesWerner Koch4 days1-0/+4
| | | | | | * build-aux/speedo.mk (dist-source): Exclude them. -- GnuPG-bug-id: 7442
* agent: Fix a memory leak.Sorah Fukumori4 days1-0/+1
| | | | | | | | | * agent/findkey.c (read_key_file): Free BUF. -- Fixes-commit: 434a641d40cbff82beb9f485e0adca72419bfdf2 Signed-off-by: Sorah Fukumori <her@sorah.jp>
* build: Also emit the size of the w32 source tarballWerner Koch8 days1-0/+1
| | | | | | -- Not tested.
* po: Update Japanese Translation.NIIBE Yutaka8 days1-8/+10
| | | | | | -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools: Some tweaks to gpg-authcode-sign.shWerner Koch9 days1-0/+11
| | | | | | | | | | * tools/gpg-authcode-sign.sh: Skip too short files and rename certain files to ".dll". -- osslsigncode requires file suffixes of exe or dll but not dll-x or dll-ex which we use in our gpg4win build system. This adds workarounds for this and for short dummy files.
* gpg: Show the default PIN hint also before "name" and "key-attr"Werner Koch9 days1-14/+32
| | | | | | | | | | | | | | | | | * g10/card-util.c (USER_PIN_DEFAULT): Move to the top. Same for the other constants. (show_pin_hint): New. (generate_card_keys): Use show_pin_hint. (do_change_keyattr): Also show pin hint here. (change_name): And here. -- We used to show a hint for the default PINs only before generate. However it is often useful to first change the attributes and thus the hint should be show here as well. The above is only done if no name has yet been set, thus before setting the name we also show the hint.
* Post release updatesWerner Koch9 days2-1/+9
| | | | --
* Release 2.5.3gnupg-2.5.3Werner Koch9 days1-2/+2
|
* po: msgmerge runWerner Koch9 days27-37/+362
| | | | --
* Remove the default keyserver.Werner Koch9 days4-6/+7
|
* doc: One typo fix.Werner Koch10 days2-1/+6
| | | | | -- GnuPG-bug-id: 7479
* Stronger deprecate the --supervised option.Werner Koch10 days4-20/+21
| | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (opts): Rename option supervised. * dirmngr/dirmngr.c (opts): Ditto. -- The --supervised way to start gpg-agent has been deprecated for 2.5 years and will probably entirely removed with version 2.6.0. To allow its use until its removal the systemd service description need to be adjusted to use this option. The reason for the deprecation are conflicts with the way systemd starts gpg-agent and gpg expects how gpg-agent is started. In particular gpg expects that the gpg-agent matching its own version is started. Further the systemd way is not portable to other platforms and long term experience on Windows has show that the standard way of starting gpg-agent is less error prone. Note to those who want to re-introduse this option: Pretty please do not use socket names conflicting with our standard socket names. For example use /run/user/1000/foo-gnupg/S.gpg-agent.
* Update README and copyright years.Werner Koch10 days4-8/+37
| | | | --
* gpg: Print a warning if the card backup key could not be written.Werner Koch10 days1-4/+14
| | | | | | | | * g10/keygen.c (card_write_key_to_backup_file): Fix error handing by removing the RC variable. Add warning note. -- GnuPG-bug-id: 2169
* gpg: Force the use of AES-256 in some casesDamien Goutte-Gattat via Gnupg-devel11 days2-4/+25
| | | | | | | | | | | | | | | | | | | | | | * g10/encrypt.c (create_dek_with_warnings): Forcefully use AES-256 if PQC encryption was required or if all recipient keys are Kyber keys. -- If --require-pqc-encryption was set, then it should be safe to always force AES-256, without even checking if we are encrypting to Kyber keys (if some recipients do not have Kyber keys, --require-pqc-encryption will fail elsewhere). Otherwise, we force AES-256 if we encrypt *only* to Kyber keys -- unless the user explicitly requested another algo, in which case we assume they know what they are doing. GnuPG-bug-id: 7472 Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org> Man page entry extended Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Allow smaller session keys with KyberDamien Goutte-Gattat via Gnupg-devel11 days1-6/+2
| | | | | | | | | * g10/pubkey-enc.c (get_it): Do not error out when decrypting a session key of less than 32 octets encrypted to a Kyber key. -- GnuPG-bug-id: 7472 Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* po: Update French translationbubu2025-01-021-1177/+820
| | | | | | | | | | | -- (proofread by the debian-l10n-french team) GnuPG-bug-id:7469 Changed original patch to use positional arguments for "un hachage de %1$u bits n'est pa[...]"
* po: Update Japanese Translation.NIIBE Yutaka2024-12-201-23/+15
| | | | | | -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Use gpgrt_spawn_actions_set_env_rev to have clean semantics.NIIBE Yutaka2024-12-201-11/+3
| | | | | | | | | | * scd/app.c (report_change): Use gpgrt_spawn_actions_set_env_rev. -- It's UTF-8 string. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent: Clean up for the refactoring.NIIBE Yutaka2024-12-161-2/+2
| | | | | | | | | * agent/call-scd.c (agent_card_pkdecrypt): Remove unused variables. -- Fixes-commit: fe147645d2397dd77b646a253965c5994f360f26 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Fix key generation with existing key from card.NIIBE Yutaka2024-12-161-1/+1
| | | | | | | | | | | * g10/keygen.c (ask_algo): Fix condition. Continue the loop when failure. -- Fixes-commit: e7891225788ab5f6d050a06643b1f488c227771f GnuPG-bug-id: 7309, 7457 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Allow for longer signature subpackets.Werner Koch2024-12-091-7/+8
| | | | | | | | | | | | * g10/parse-packet.c (parse_signature): Increase the cap for hashed subpackets to 30000. Print the value in the error message. Do not return an error but skip a too long signature. -- The limit of 10000 served us well for decades but given the option to put a key into the signature, a larger limit will eventually be useful. The second part makes things a bit robust against rogue subpackets on a keyserver.
* speedo: Change the default to build a 64 bit versionWerner Koch2024-12-062-3/+4
| | | | | * build-aux/speedo.mk (W32VERSION): Default to 64 bit. * build-aux/speedo/w32/inst.nsi: Remove the doc dir.
* gpg: Silence expired trusted-key diagnostics in quiet mode.Werner Koch2024-12-052-4/+10
| | | | | | | * g10/trustdb.c (validate_keys): Take care of --quiet. -- GnuPG-bug-id: 7351
* Post release updatesWerner Koch2024-12-052-1/+5
| | | | --
* Release 2.5.2gnupg-2.5.2Werner Koch2024-12-052-3/+72
|
* po: Run msgmergeWerner Koch2024-12-0525-516/+940
| | | | --
* po: Update German translationWerner Koch2024-12-051-9/+35
| | | | --
* agent: Use SETDATA --apend for larger data to communicate scdaemon.NIIBE Yutaka2024-12-051-22/+31
| | | | | | | | | | | * agent/call-scd.c (prepare_setdata): New. (agent_card_pksign): Use prepare_setdata for SETDATA. (agent_card_pkdecrypt): Likewise. -- GnuPG-bug-id: 7436 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* Require gpgrt 1.51Werner Koch2024-12-043-2/+6
| | | | | | | | | * configure.ac (NEED_GPGRT_VERSION): Bump to 1.51. * g10/keydb.c (internal_keydb_update_keyblock) [!USE_TOFU]: Mark an arg unused. * common/homedir.c (create_common_conf) [!BUILD_WITH_KEYBOXD]: Mark an arg unused.
* w32: Introduce Registry key GNUPG_ASSUME_COMPLIANCE.Werner Koch2024-12-041-0/+12
| | | | | | | | * common/compliance.c (get_assumed_de_vs_compliance): Also consider a registry entry. -- On Windows it is easier to set the registry key than to use an envvar.
* po: Update Portuguese Translation.Daniel Cerqueira2024-12-021-8/+31
| | | | Signed-off-by: Daniel Cerqueira <dan.git@lispclub.com>
* po: Update Traditional Chinese Translation.Kisaragi Hiu2024-11-251-832/+748
| | | | | | | | | | | | | | | -- - Follow conventions from other zh_TW user interfaces - Use "確定" for "OK" like KDE - Remove extra space between keyboard accelerator like in "取消(_C)" - Follow conventions of modern zh_TW - Character -> 字元 - 衹有 -> 「只」有 - Fix some "pinentry" translations Sometimes it was translated as an entry of PIN codes among a list and not the "pinentry" tool Signed-off-by: Kisaragi Hiu <mail@kisaragi-hiu.com>
* gpg: Fix modifying signature data by pk_verify for Ed25519.NIIBE Yutaka2024-11-251-6/+21
| | | | | | | | | | | | | | | | * g10/pkglue.c (pk_verify): When fixing R and S, make sure those are copies. -- GnuPG-bug-id: 7426 Fixing-commit: 0a5a854510fda6e6990938a3fca424df868fe676 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> Also avoid clearing the error by the S code of a failed mpi_print of R. Signed-off-by: Werner Koch <wk@gnupg.org>
* common: Change daemon startup timeout from 5 to 8 seconds.Werner Koch2024-11-251-3/+3
| | | | | | | | | | | * common/asshelp.c (SECS_TO_WAIT_FOR_AGENT): Change from 5 to 8 seconds. (SECS_TO_WAIT_FOR_KEYBOXD): Ditto. (SECS_TO_WAIT_FOR_DIRMNGR): Ditto. -- Experience on Windows showed that right after re-booting we may need some more time to get things up.
* gpg: Fix comparing ed448 vs ed25519 with --assert-pubkey-algo.Werner Koch2024-11-222-1/+25
| | | | | | | | * g10/keyid.c (extra_algo_strength_offset): New. (compare_pubkey_string_part): Use the mapping. -- GnuPG-bug-id: 6425
* doc: Explain that qualified.txt is a legacy method.Werner Koch2024-11-221-10/+14
| | | | --
* scd: No hard lock-up when apdu_connect never returns.NIIBE Yutaka2024-11-181-4/+15
| | | | | | | | | | | | * scd/app.c (new_card_lock): New. (select_application): Scanning is serialized by NEW_CARD_LOCK. For app_new_register, we hold the W-lock. (initialize_module): Initialize NEW_CARD_LOCK. -- GnuPG-bug-id: 7402 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpgconf: Include a minimal secure version in the --query-swdb output.Werner Koch2024-11-151-2/+7
| | | | * tools/gpgconf.c (query_swdb): Parse the new minver tag.
* gpg: Consider Kyber to be de-vs compliant.Werner Koch2024-11-141-13/+61
| | | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant) <CO_DE_VS>: Consider Brainpool Kyber variants compliant. (gnupg_pk_is_allowed): Ditto. (assumed_de_vs_compliance): Remove variable. (get_assumed_de_vs_compliance): New. (get_compliance_cache): Use new accessor. (gnupg_status_compliance_flag): Ditto. -- Use GNUPG_ASSUME_COMPLIANCE=de-vs gpg --compliance=de-vs .... for testing. This returns 2023 instead of 23 to indicate the non-approval state. GnuPG-bug-id: 6638
* gpg: Allow "Kyber" as algorithm for the Subkey-Type keyword.Werner Koch2024-11-141-0/+2
| | | | | | | | * g10/keygen.c (get_parameter_algo): Make "KYBER" to PUBKEY_ALGO_KYBER. -- GnuPG-bug-id: 7397
* gpg: For composite algos add the algo string to the colons listings.Werner Koch2024-11-143-2/+20
| | | | | | | | * g10/keylist.c (list_keyblock_colon): Put the algo string into the curve field for Kyber. -- GnuPG-bug-id: 6638
* gpg: Add option to create Kyber with --full-gen-key.Werner Koch2024-11-132-8/+167
| | | | | | | | | | | | * g10/keygen.c (PQC_STD_KEY_PARAM_PRI, PQC_STD_KEY_PARAM_SUB): New. (PQC_STD_KEY_PARAM): Construct from above. (gen_kyber): Allow short curve names. (ask_algo): Add Entry for ecc+kyber. (ask_kyber_variant): New. (generate_keypair): Generate ECC primary and Kyber sub. -- GnuPG-bug-id: 6638
* gpgconf: Show also the used nPth version with -VWerner Koch2024-11-121-1/+4
| | | | | | | * dirmngr/dirmngr.c (gpgconf_versions): Get and show nPth version. -- Note that this requires nPth 1.8
* gpg-mail-tube: Fix content type for an attached non-plaintext.Werner Koch2024-11-121-2/+3
| | | | | | | | | * tools/gpg-mail-tube.c (mail_tube_encrypt): Fix content type for an attached message. -- We can't use message/rfc822 if we encrypt this message as a simple PGP file.
* scd: Clean up app_send_active_apps and app_send_card_list.NIIBE Yutaka2024-11-121-8/+6
| | | | | | | | | | | * scd/app.c (send_card_and_app_list): Only handle the case with WANTCARD=NULL. (app_send_card_list): Follow the change. (app_send_active_apps): Factor out the case with WANTCARD!=NULL. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix a memory leak.NIIBE Yutaka2024-11-111-0/+4
| | | | | | | | * scd/app-help.c (app_help_read_length_of_cert): Free the BUFFER. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* scd: Fix resource leaks on error paths.NIIBE Yutaka2024-11-112-4/+13
| | | | | | | | | | * scd/app-dinsig.c (do_readcert): Don't return directly but care about releasing memory. * scd/app-nks.c (readcert_from_ef): Likewise. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* gpg: Improve wording for only-pubkeys.Werner Koch2024-11-082-2/+3
| | | | | | | | * g10/import.c (parse_import_options): Add a description to only-pubkeys. -- See gnupg-devel for a brief discussion.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 06:05:35 +0100