| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Since 2009-12-08 gpg was not able to find email addresses indicated
by a leading '<'. This happened when I merged the user id
classification code of gpgsm and gpg.
|
| |
|
|
|
| |
* keylist.c (list_keyblock_colon): Use get_ownertrust_info, not
get_ownertrust (which lead to binary zeroes in the output!).
|
| |
|
|
|
|
|
|
|
|
|
| |
This helps in the case of an unknown key algorithm with a corrupted
packet which claims a longer packet length. This used to allocate the
announced packet length and then tried to fill it up without detecting
an EOF, thus taking quite some time. IT is easy to fix, thus we do
it. However, there are many other ways to force gpg to use large
amount of resources; thus as before it is strongly suggested that the
sysadm uses ulimit do assign suitable resource limits to the gpg
process. Suggested by Timo Schulz.
|
| |
|
|
|
|
| |
Factoring common code out is always a Good Thing. Also added a
configure test to print an error if gcry_kdf_derive is missing in
Libgcrypt.
|
| |
|
|
|
|
|
|
| |
Without Libgcrypt 1.5 is was not possible to use ECC keys. ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.
Also fixed a few missing prototypes.
|
| | |
|
| |
|
|
|
|
|
| |
* keyid.c (hash_public_key): Remove shadowing NBITS.
* misc.c (pubkey_nbits): Replace GCRY_PK_ by PUBKEY_ALGO_.
(get_signature_count): Remove warning.
|
| | |
|
| |
|
|
|
|
|
| |
This was a regression in 2.1 introduced due to having the agent do the
signing in contrast to the old "SCD PKSIGN" command which accesses the
scdaemon directly and passed the hash algorithm. The hash algorithm
is used by app-openpgp.c only for a sanity check.
|
| |
|
|
|
|
| |
The import test imports the keys as needed and because they are
passphrase protected we now need a pinentry script to convey the
passphrase to gpg-agent.
|
| |
|
|
| |
This is similar to the change in keylist.c and elsewhere.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The basic network code from http.c is used for finger. This keeps the
network related code at one place and we are able to use the somewhat
matured code form http.c. Unfortunately I had to enhance the http
code for more robustness and probably introduced new bugs.
Test this code using
gpg --fetch-key finger:wk@g10code.com
(I might be the last user of finger ;-)
|
| |
|
|
|
| |
This fix also allows the creation and use of an 521 bit ECDH key which
used to fail while creating the binding signature.
|
| |
|
|
|
|
|
|
| |
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
|
| | |
|
| |
|
|
|
| |
Add a compatibility fixes for the non-curve case.
Remove -lber from the dirmngr link line.
|
| |
|
|
|
|
|
| |
DECRYPTION_INFO <mdc_method> <sym_algo>
Print information about the symmetric encryption algorithm and
the MDC method. This will be emitted even if the decryption
fails.
|
| | |
|
| |
|
|
|
|
|
| |
This allows to add an ECC key and to set the capabilities of an ECDSA
key.
Fix printing of the ECC algorithm when creating a signature.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week. Adjusted my own ChangeLog
entries to be consistent with that entry.
Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future. "git diff -b" is useful
to read the actual changes ;-).
The ECC-INTEGRATION-2-1 branch can be closed now.
|
| |
|
|
|
| |
This also fixes a failed assertion when using a v3 key where the
fingerprint size is not 20.
|
| |
|
|
|
|
|
|
| |
Import and export of secret keys does now work. Encryption has been
fixed to be compatible with the sample messages.
This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
|
| |
|
|
|
|
|
| |
This is needed so that the agent will be able to export and import
OpenPGP secret keys. Add test case.
Removed unused function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
version.
Quite some changes were needed but in the end we have less code than
before. Instead of trying to do everything with MPIs and pass them
back and forth between Libgcrypt and GnuPG, we know use the
S-expression based interface and make heavy use of our opaque MPI
feature.
Encryption, decryption, signing and verification work with
self-generared keys.
Import and export does not yet work; thus it was not possible to check
the test keys at https://sites.google.com/site/brainhub/pgpecckeys .
|
| |
|
|
|
| |
See ChangeLog for details. Key generation, signing and verification works.
Encryption does not yet work. Requires latest Libgcrypt changes.
|
| |
|
|
| |
Also nuked some trailing spaces.
|
| |
|
|
|
|
| |
The goal is to have the ECDH code more uniform with the other
algorithms. Also make error messages and variable names more similar
to other places.
|
| | |
|
| |
|
|
|
| |
Also fixed a regression introduced by me in pubkey_enc.c.
Added extra checks. Removed unused code.
|
| |\ |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Signing and verification using a new key works again.
|
| | |
| |
| |
| | |
Removed left over debug code.
|
| | |
| |
| |
| |
| | |
Note that there is still a problem with tests/openpgp/sigs.test while
using the option --digest-algo SHA256.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changed order of some conditional to make to put the special case into
the true branch. Indentation changes. Minor other changes to make the
ECC code more similar to the rest of our code.
It builds but many sefltests still fail. Need to fix that before
using it with an ECDH enabled libgcrypt.
[/]
2011-01-21 Werner Koch <wk@g10code.com>
* configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP.
(HAVE_GCRY_PK_ECDH): Add new test.
[agent/]
2011-01-21 Werner Koch <wk@g10code.com>
* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.
[include/]
2011-01-21 Werner Koch <wk@g10code.com>
* cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros
because we now require libgcrypt 1.4.6.
(GCRY_PK_ECDH): Add replacement.
|
| | |
| |
| |
| | |
verification work.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
--debug 15 _e.asc', as well as decoding of an old message posted on https://sites.google.com/site/brainhub/pgpecckeys work.
This is the milestone 2 that brings in ECDH support from http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
This corresponds to the commit 899386826c85f1e757e75bcc5d5b2159d05676a0 in libgcrypt
|
| | |
| |
| |
| | |
ECDSA.
|
| |/
|
|
|
|
|
|
|
|
| |
The following works:
gpg2 --gen-key (ECC)
gpg2 --list-keys
gpg2 --list-packets ~/.gnupg/pubring.gpg
gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>
ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
|
| | |
|
| |
|
|
|
| |
Fix trustdb open problem under W32CE.
|
| | |
|
| |
|
|
|
|
| |
Allow for a longer agent atartup under wince.
Print gpg output via estream.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
overflow when picking an algorithm (not a security issue since we
can't pick something not present in all preference lists, but we might
pick something that isn't scored first choice).
* pkclist.c (select_algo_from_prefs): Slightly improve the handling of
MD5 in preference lists. Instead of replacing MD5 with SHA-1, just
remove MD5 from the list altogether, and let the next-highest ranked
algorithm be chosen.
|
| | |
|
| | |
|
| |
|
|
|
| |
Make --gen-revoke work
|
