diff --git a/ChangeLog b/ChangeLog index 9ee82990e..b0cd08665 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,809 +1,813 @@ +2006-10-18 Werner Koch + + Released 1.9.93. + 2006-10-17 Werner Koch * autogen.sh <--build-w32>: Test also for a host "mingw32". * configure.ac: Removed W32LIBS. Use NETLIBS instead. 2006-10-11 Werner Koch Released 1.9.92. * configure.ac: Require libassuan 0.9.3. 2006-10-09 Werner Koch * acinclude.m4: Moved pth check to m4/gnupg-pth.m4. 2006-10-06 Werner Koch * configure.ac: Also check for libassuan's pth version. 2006-10-04 Werner Koch Released 1.9.91. * configure.ac: Require libassuan 0.9.1 which fixes a problem with gpgsm. 2006-09-27 Werner Koch * gl/strsep.h, gl/strsep.c, gl/m4/strsep.m4: Removed. * gl/strpbrk.h, gl/strpbrk.c, gl/m4/strpbrk.m4: Removed. * gl/Makefile.am: Removed module strsep and strpbrk. * configure.ac: Check for strsep in the context of jnlib. Remove check from gl_MODULES. Moved check for timegm into the jnlib context. 2006-09-27 Marcus Brinkmann * Makefile.am: Fix cut & paste error. 2006-09-25 Werner Koch Released 1.9.90. 2006-09-22 Werner Koch * AUTHORS: Add information about used licenses. 2006-09-20 Werner Koch * Makefile.am (dist-hook): Removed distfiles cruft. (SUBDIRS): Added include 2006-09-18 Werner Koch Released 1.9.23. * configure.ac (--enable-agent-only): Donot build tools and doc (--disable-tools,--disable-doc): New. * Makefile.am (SUBDIRS): Allow to conditional build tools and doc. 2006-09-14 Werner Koch Replaced all call gpg_error_from_errno(errno) by gpg_error_from_syserror(). * configure.ac: Build gpg by default. (GNUPG_SYS_SO_PEERCRED): Removed. 2006-09-13 Werner Koch * autogen.sh: Better detection of the cross compiler kit. 2006-09-06 Marcus Brinkmann * configure.ac: New automake conditional RUN_GPG_TESTS. 2006-09-06 Werner Koch * configure.ac: Define _ASSUAN_ONLY_GPG_ERRORS. Require Assuan 0.9 and libgpg-error 1.4 2006-08-31 Werner Koch * configure.ac: Require libksba 1.0 and added API check for it. (GPG_ERR_LOCKED): Removed DECL check as we require 1.2 anyway. (have_libusb): New to give a feedback about CCID support 2006-08-21 Werner Koch * configure.ac: Removed docbook tests. (AC_CONFIG_FILES): Added gpgkeys_test and gpgkeys_mailto. * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Enable gpg. 2006-08-17 Werner Koch * THANKS: Merged with the 1.4 one. 2006-08-16 Werner Koch * configure.ac: Removed test for capabilities and mlock. 2006-08-15 Werner Koch * Makefile.am (keyserver): Enable building of keyserver helpers. * configure.ac: Merged with the current configure from 1.4.5. Require libgpg-error 1.2 and libksba 0.9.16. 2006-07-29 Marcus Brinkmann * README: Spelling fixes. 2006-07-27 Werner Koch Released 1.9.22. * configure.ac: Call AB_INIT. 2006-07-03 Werner Koch * configure.ac: Test for ksba_dn_teststr. 2006-06-30 Werner Koch * keyserver/: New. Taken from 1.4.4 * Makefile.am (SUBDIRS): Include keyserver/. * configure.ac: Include keyserver/. (FAKE_CURL, GPGKEYS_CURL): New. 2006-06-20 Werner Koch Released 1.9.21. 2006-06-08 Marcus Brinkmann * configure.ac (PTH_LIBS): Add --all to pth-config invocation. 2006-05-24 Werner Koch * configure.ac: New option --disable-optimization taked from 1.4.3. 2006-05-23 Werner Koch * configure.ac (ZLIBS): New for zlib link commands. Add bzip2 support. 2006-05-22 Werner Koch * configure.ac (EXEEXT): New. 2006-04-18 Werner Koch * configure.ac (PK_UID_CACHE_SIZE): New. 2006-04-07 Werner Koch * configure.ac: Use new method to include the SVN revison. Now it is the actual global revision number. 2005-12-20 Werner Koch Released 1.9.20. 2005-11-28 Werner Koch * configure.ac: Append the revision to the version string. 2005-11-13 Werner Koch * am/cmacros.am (-DGNUPG_SYSCONFDIR): Define it. 2005-11-11 Werner Koch * configure.ac (NEED_KSBA_VERSION: Require 0.9.13. 2005-09-12 Werner Koch Released 1.9.19. 2005-08-01 Werner Koch Released 1.9.18. * configure.ac: Require libksba 0.9.12 to match new features in gpgsm. 2005-06-20 Werner Koch Released 1.9.17. 2005-06-02 Werner Koch * configure.ac (HAVE_PTH): Define as alias for USE_GNU_PTH. It is used by common/estream.c. 2005-06-01 Werner Koch * configure.ac (gl_INIT): Add gnulib stuff. (fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS by a simple check. (putc_unlocked): Removed check. Not used. (strsep, mkdtemp, asprintf): Replaced checks by gnulib checks. (xsize): Added will probably come handy soon. (CFLAGS): Use -Wformat-security instead of -Wformat-nonliteral. Add --Wno-format-y2k. * gl/, gl/m4/: New. 2005-05-15 Werner Koch * configure.ac: Remove option --disable-threads; require the use of GNU Pth. 2005-04-27 Werner Koch * configure.ac: Removed OpenSC detection and options. * acinclude.m4: Ditto. 2005-04-21 Werner Koch Released 1.9.16. * configure.ac: Do not build gpg by default. 2005-04-20 Werner Koch * configure.ac: Test whether GPG_ERR_LOCKED is declared and provide a replacement if not. 2005-04-15 Werner Koch * configure.ac: Require libksba 0.9.11. 2005-04-15 Marcus Brinkmann * configure.ac: Check for /usr/bin/shred and define SHRED. * configure.ac: Add --enable-symcryptrun, disabled by default. Define automake variable BUILD_SYMCRYPTRUN. Check for openpty -lutil, define LIBUTIL_LIBS. 2005-03-03 Werner Koch * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used --ldflags instead of --cflags. Reported by Kazu Yamamoto. 2005-02-03 Werner Koch * AUTHORS: Copied from 1.4 and edited to refelct the changes in 1.9. 2005-01-17 Werner Koch * configure.ac: Make --without-included-regex work as expected. Fixed FTP location info for some libraries. 2005-01-13 Werner Koch Released 1.9.15. * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test program to see whether the installation is sane. 2005-01-07 Werner Koch * configure.ac: Require gpg-error 1.0. 2005-01-04 Werner Koch * configure.ac: Remove hack not to build gpg2 for W32. * autogen.sh : Pass option --disable-gpg instead. 2004-12-22 Werner Koch Released 1.9.14. 2004-12-20 Werner Koch * configure.ac: Add PATHSEP_C and PATHSEP_S. For W32 let all directories default to c:/gnupg. Require libassuan 0.6.9. 2004-12-18 Werner Koch * configure.ac (AH_BOTTOM): Define EXEEXT_S. * autogen.sh: Updated --build-w32 feature. 2004-12-15 Werner Koch * Makefile.am (SUBDIRS) [W32]: Do not build in tests/. * acinclude.m4: Add proper macro name quoting for use with automake 1.9. * configure.ac: Add replacement check for ttyname. Removed support for a included zlib. 2004-12-06 Werner Koch * configure.ac (have_w32_system): New. Disable Pth checks for W32. Link jnlib/w32-pth.h to pth.h. 2004-12-03 Werner Koch Released 1.9.13. 2004-11-26 Werner Koch * configure.ac: Replace strsep. Replaced use of "target" by "host". 2004-10-22 Werner Koch Released 1.9.12. * Makefile.am (AUTOMAKE_OPTIONS): Set option to create bzip2 tarball. 2004-10-01 Werner Koch Released 1.9.11. 2004-09-30 Werner Koch * README: Minor updates. 2004-09-30 gettextize * configure.ac (AM_GNU_GETTEXT_VERSION): Bump to 0.14.1. 2004-08-16 Werner Koch * configure.ac: Build Makefile for tests/pkits. New option --with-pkits-tests. 2004-08-05 Werner Koch * configure.ac: Changed tests for libusb to also suuport the stable version 0.1.x. 2004-07-22 Werner Koch Released 1.9.10. * configure.ac: Define AM conditional HAVE_OPENSC. 2004-07-21 Werner Koch * configure.ac: Don't set DIE to no after it might has been set to yes. 2004-07-20 Werner Koch * Makefile.am (sm): Build kbx only if gpgsm is to be build. 2004-07-20 Werner Koch * configure.ac: New option --enable-agent-only. 2004-06-08 Werner Koch Released 1.9.9. 2004-06-06 Werner Koch * configure.ac: Require libksba 0.9.7. 2004-04-29 Werner Koch Released 1.9.8. 2004-04-20 Werner Koch * configure.ac: Remove the fopencookie test. We don't need the dummy function because we conditionally use fopencookie, fpencookie or a replacement at place. 2004-04-02 Thomas Schwinge * autogen.sh: Added ACLOCAL_FLAGS. 2004-04-06 Werner Koch Released 1.9.7. * configure.ac: Require libgcrypt 1.1.94. Introduce PACKAGE_GT and set it to gnupg2. 2004-03-23 Werner Koch * configure.ac: Define SAFE_VERSION_DASH and SAFE_VERSION_DOT. 2004-03-09 Werner Koch * configure.ac (NEED_GPG_ERROR_VERSION): Set to 0.7. 2004-03-06 Werner Koch Released 1.9.6. * configure.ac: Check the Libgcrypt API. 2004-02-25 Werner Koch * configure.ac: New option --disable-threads to inhibit unintentional builds without Pth. 2004-02-21 Werner Koch Released 1.9.5. 2004-02-20 Werner Koch * configure.ac: Fixed URLs in the notice messages. 2004-02-18 Werner Koch * acinclude.m4: Removed macros to detect gpg-error, libgcrypt, libassuan and ksba as they are now distributed in m4/. 2004-02-13 Werner Koch * configure.ac: Require libksba 0.9.4 and libgcrypt 1.1.92. 2004-02-12 Werner Koch * autogen.sh: Removed cruft from debugging. * am/cmacros.am: New. 2004-02-11 Werner Koch * configure.ac: Removed the need for g10defs.h. Reworked the --with-foo-pgm stuff. * autogen.sh (check_version): Removed bashism and simplified. * acinclude.m4 (AM_PATH_OPENSC): Kludge to avoid error output for a bad opensc-config. 2004-01-30 Werner Koch Released 1.9.4. * configure.ac: Require libksba 0.9.3 due to another bug fix there. 2004-01-29 Werner Koch * README: Updated. * configure.ac: Require libksba 0.9.2 due to bug fixes. 2004-01-24 Werner Koch * configure.ac: Now requires libassuan 0.6.3. 2003-12-23 Werner Koch Released 1.9.3. * README-alpha: Removed. * configure.ac, Makefile.am: Add the tests and tools directories. 2003-12-19 Werner Koch * configure.ac: Now require libgcrypt 1.1.91 to help testing the latest libgcrypt changes. Requires libksab 0.9.1. 2003-12-17 Werner Koch * configure.ac: Requires now libassuan 0.6.2. (CFLAGS): Add --Wformat-noliteral in gcc mode. 2003-12-16 Werner Koch * configure.ac: Check for funopen and fopencookie as part of the jnlib checks. 2003-12-09 Werner Koch * configure.ac: Add a min_automake_version. * README.CVS: New. * autogen.sh: Revamped except for the --build-w32 hack. * Makefile.am: Add README.CVS 2003-11-17 Werner Koch Release 1.9.2. * configure.ac: Requires now libassuan 0.6.1. 2003-10-31 Werner Koch * configure.ac (NEED_KSBA_VERSION): Set to 0.9.0 due the changed time interface. 2003-10-21 Werner Koch * configure.ac (PRINTABLE_OS_NAME): Remove special case for The Hurd; Robert Millan reported that the uname test is now sufficient. 2003-10-01 Werner Koch * configure.ac (AH_BOTTOM): Define GNUPG_MAJOR_VERSION. 2003-09-23 Werner Koch Merged most of David Shaw's changes in 1.3 since 2003-06-03. * configure.ac: Drop all TIGER/192 support. (uint64_t): Check for UINT64_C to go along with uint64_t. (getaddrinfo): Check for it. (sigset_t): Check for sigset_t and struct sigaction. This is for Forte c89 on Solaris which seems to define only the function call half of the two pairs by default. (W32LIBS): Include wsock32 in W32LIBS. This is different from NETLIBS so we don't need to force other platforms to pull in the netlibs when they aren't actually needed. 2003-09-06 Werner Koch Released 1.9.1. * configure.ac: Require newer versions of some libraries. 2003-09-02 Werner Koch * configure.ac (HAVE_LIBUSB): Added a simple test for libusb. 2003-08-19 Marcus Brinkmann * configure.ac (AM_PATH_GPG_ERROR): Add missing comma in invocation. 2003-08-06 Werner Koch * configure.ac: Check for libgpg-error. Print infos about missing libraries more nicely. * acinclude.m4 (AM_PATH_GPG_ERROR): Added. 2003-08-05 Werner Koch Released 1.9.0. * configure.ac (GNUPG_DEFAULT_HONMEDIR): Changed back to ~/.gnupg. 2003-07-31 Werner Koch * Makefile.am (DISTCLEANFILES): Add g10defs.h 2003-06-18 Werner Koch * configure.ac (GNUPG_DEFAULT_HOMEDIR): Changed temporary to .gnupg2 to avoid accidential use with production keys. 2003-06-11 Werner Koch * configure.ac: Merged all stuff from current 1.3 version in. * acinclude.m4: Merged required macros from current 1.2 version in. 2003-06-04 Werner Koch * configure.ac, Makefile.am: Enable building of gpg. 2003-04-29 Werner Koch * configure.ac: Build a limited version of scdaemon if libopensc is not available. * configure.ac (ALL_LINUGAS): Removed. * Makefile.am (ACLOCAL_AMFLAGS): New. * configure.ac (AM_GNU_GETTEXT_VERSION): New. Set to 0.11.5. 2003-04-29 gettextize * Makefile.am (SUBDIRS): Add m4. (ACLOCAL_AMFLAGS): New variable. (EXTRA_DIST): Add scripts/config.rpath. * configure.ac (AC_CONFIG_FILES): Add m4/Makefile. 2003-04-29 Werner Koch * assuan/ : Removed. We now use libassuan. * Makefile.am (SUBDIRS): Removed assuan * configure.ac: Check for libassuan. 2003-01-09 Werner Koch * configure.ac (GNUPG_PROTECT_TOOL): New option --with-protect-tool. (NEED_KSBA_VERSION): Does now require 0.4.6. * README: Noted where to find gpg-protect-tool. 2002-10-31 Neal H. Walfield * configure.ac: Check for flockfile and funlockfile. Check for isascii and putc_unlocked replacing them if not found. * configure.ac (PTH_LIBS): If pth is found, add the output of `$PTH_CONFIG --ldflags`, not just `$PTH_CONFIG --libs`. 2002-10-19 Werner Koch * configure.ac: Bumped version number to 1.9.0-cvs. NewPG (Aegypten project) to GnuPG merge. 2002-09-20 Werner Koch Released 0.9.2. 2002-09-05 Neal H. Walfield * configure.ac: Check for makeinfo. 2002-09-03 Neal H. Walfield * autogen.sh (have_version): New function. Generalize and simplify logic for finding and determining the versions of GNU programs. Use it. 2002-08-23 Werner Koch Released 0.9.1. * acinclude.m4 (AM_PATH_LIBGCRYPT): Updated from Libgcrypt. (AM_PATH_OPENSC): Strip non-digits from the micro version. 2002-08-21 Werner Koch Released 0.9.0. * configure.ac: Changed the default homedir to .gnupg. * README-alpha: Removed. 2002-08-19 Werner Koch * acinclude.m4: Removed -lpcsclite from KSBA_LIBS; copy+paste bug. 2002-08-13 Werner Koch * acinclude.m4 (AM_PATH_OPENSC, AM_PATH_KSBA): New. * configure.ac: Use them. 2002-08-10 Werner Koch Released 0.3.10. * configure.ac (NEED_LIBKSBA_VERSION): Require 0.4.4. Add support for gettext. 2002-07-22 Werner Koch * configure.ac: Check for ftello and provide a replacement. 2002-07-01 Werner Koch Released 0.3.9. * README: Short note on how to export in pkcs-12 format. 2002-06-29 Werner Koch * configure.ac: Define --with options to set the default location of the agent, scdaemon, pinentry and dirmngr. 2002-06-27 Werner Koch * README: Short blurb on how to import a PKCS-12 file. * configure.ac (AH_BOTTOM): New to define some constants. 2002-06-25 Werner Koch Released 0.3.8. * configure.ac (NEED_LIBGCRYPT_VERSION): Set to 1.1.8. 2002-06-12 Werner Koch * configure.ac (NEED_LIBKSBA_VERSION): We need 0.4.3 now. 2002-06-04 Werner Koch Released 0.3.7. 2002-05-21 Werner Koch * configure.ac: We now require libgcrypt 1.1.7 and libksba 0.4.2. 2002-05-14 Werner Koch * doc/: New * configure.ac, Makefile.am: Added doc/ 2002-05-03 Werner Koch Released 0.3.6. 2002-04-25 Werner Koch * configure.ac: Check for setlocale. 2002-04-24 Marcus Brinkmann * configure.ac: Check for locale.h. 2002-04-15 Werner Koch Released 0.3.5. * NEWS: Started to describe release notes. * configure.ac (NEED_LIBKSBA_VERSION, NEED_LIBGCRYPT_VERSION): Defined 2002-04-01 Werner Koch Released 0.3.4. 2002-03-18 Werner Koch Released 0.3.3. 2002-03-08 Werner Koch * README: Add some explanation on how to specify a user ID. 2002-03-06 Werner Koch Released 0.3.2. 2002-03-04 Werner Koch Released 0.3.1. * README: Explained some options and files. 2002-02-14 Werner Koch * configure.ac: Fixed status messages related to presence of Pth. 2002-02-13 Werner Koch * acinclude.m4 (GNUPG_SYS_SO_PEERCRED): New. * configure.ac: use it. 2002-02-12 Werner Koch * configure.ac: Check for PTH. Provide replacement fucntions for apsrintf and fopencookie. * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): New. 2002-02-07 Werner Koch Released 0.3.0. * configure.ac: Require libgcrypt 1.1.6. 2002-02-01 Marcus Brinkmann * configure.ac (KSBA_CONFIG): Remove superfluous x in front of variable. 2002-01-26 Werner Koch * configure.ac: Add options to disable the build of some programs and print a configure status at the end. * acinclude.m4 (GNUPG_BUILD_PROGRAM): New. * scd/ : New. Added to Makefile and configure. * configure.ac: Check for libopensc * Makefile.am: Build scd only when libopensc is available 2002-01-23 Werner Koch * configure.ac (mkdtemp): See whether we have to provide a replacement. 2001-12-18 Werner Koch Released 0.0.0. 2001-12-17 Werner Koch * acinclude.m4: Add AM_PATH_LIBGCRYPT macro. * configure.ac: and use it here. Figure out the location of libksba 2001-12-15 Werner Koch * configure.ac (missing_dir): Bail out if asprintf and fopencookie are not available. 2001-12-04 Werner Koch * configure.ac (HAVE_JNLIB_LOGGING): always define it. Copyright 2001, 2002, 2004 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/NEWS b/NEWS index 4ca4beca1..c9448265e 100644 --- a/NEWS +++ b/NEWS @@ -1,404 +1,411 @@ -Noteworthy changes in version 1.9.93 +Noteworthy changes in version 1.9.93 (2006-10-18) ------------------------------------------------- * In --with-validation mode gpgsm will now also ask whether a root certificate should be trusted. * Link to Pth only if really necessary. + * Fixed a pubring corruption bug in gpg2 occurring when importing + signatures or keys with insane lengths. + + * Fixed v3 keyID calculation bug in gpg2. + + * More tweaks for certificates without extensions. + Noteworthy changes in version 1.9.92 (2006-10-11) ------------------------------------------------- * Bug fixes. Noteworthy changes in version 1.9.91 (2006-10-04) ------------------------------------------------- * New "relax" flag for trustlist.txt to allow root CA certificates without BasicContraints. * [gpg2] Removed the -k PGP 2 compatibility hack. -k is now an alias for --list-keys. * [gpg2] Print a warning if "-sat" is used instead of "--clearsign". Noteworthy changes in version 1.9.90 (2006-09-25) ------------------------------------------------- * Made readline work for gpg. * Cleanups und minor bug fixes. * Included translations from gnupg 1.4.5. Noteworthy changes in version 1.9.23 (2006-09-18) ------------------------------------------------- * Regular man pages for most tools are now build directly from the Texinfo source. * The gpg code from 1.4.5 has been fully merged into this release. The configure option --enable-gpg is still required to build this gpg part. For production use of OpenPGP the gpg version 1.4.5 is still recommended. Note, that gpg will be installed under the name gpg2 to allow coexisting with an 1.4.x gpg. * API change in gpg-agent's pkdecrypt command. Thus an older gpgsm may not be used with the current gpg-agent. * The scdaemon will now call a script on reader status changes. * gpgsm now allows file descriptor passing for "INPUT", "OUTPUT" and "MESSAGE". * The gpgsm server may now output a key listing to the output file handle. This needs to be enabled using "OPTION list-to-output=1". * The --output option of gpgsm has now an effect on list-keys. * New gpgsm commands --dump-chain and list-chain. * gpg-connect-agent has new options to utilize descriptor passing. * A global trustlist may now be used. See doc/examples/trustlist.txt. * When creating a new pubring.kbx keybox common certificates are imported. Noteworthy changes in version 1.9.22 (2006-07-27) ------------------------------------------------- * Enhanced pkcs#12 support to allow import from simple keyBags. * Exporting to pkcs#12 now create bag attributes so that Mozilla is able to import the files. * Fixed uploading of certain keys to the smart card. Noteworthy changes in version 1.9.21 (2006-06-20) ------------------------------------------------- * New command APDU for scdaemon to allow using it for general card access. Might be used through gpg-connect-agent by using the SCD prefix command. * Support for the CardMan 4040 PCMCIA reader (Linux 2.6.15 required). * Scdaemon does not anymore reset cards at the end of a connection. * Kludge to allow use of Bundesnetzagentur issued X.509 certificates. * Added --hash=xxx option to scdaemon's PKSIGN command. * Pkcs#12 files are now created with a MAC. This is for better interoperability. * Collected bug fixes and minor other changes. Noteworthy changes in version 1.9.20 (2005-12-20) ------------------------------------------------- * Importing pkcs#12 files created be recent versions of Mozilla works again. * Basic support for qualified signatures. * New debug tool gpgparsemail. Noteworthy changes in version 1.9.19 (2005-09-12) ------------------------------------------------- * The Belgian eID card is now supported for signatures and ssh. Other pkcs#15 cards should work as well. * Fixed bug in --export-secret-key-p12 so that certificates are again included. Noteworthy changes in version 1.9.18 (2005-08-01) ------------------------------------------------- * [gpgsm] Now allows for more than one email address as well as URIs and dnsNames in certificate request generation. A keygrip may be given to create a request from an existing key. * A couple of minor bug fixes. Noteworthy changes in version 1.9.17 (2005-06-20) ------------------------------------------------- * gpg-connect-agent has now features to handle Assuan INQUIRE commands. * Internal changes for OpenPGP cards. New Assuan command WRITEKEY. * GNU Pth is now a hard requirement. * [scdaemon] Support for OpenSC has been removed. Instead a new and straightforward pkcs#15 modules has been written. As of now it does allows only signing using TCOS cards but we are going to enhance it to match all the old capabilities. * [gpg-agent] New option --write-env-file and Assuan command UPDATESTARTUPTTY. * [gpg-agent] New option --default-cache-ttl-ssh to set the TTL for SSH passphrase caching independent from the other passphrases. Noteworthy changes in version 1.9.16 (2005-04-21) ------------------------------------------------- * gpg-agent does now support the ssh-agent protocol and thus allows to use the pinentry as well as the OpenPGP smartcard with ssh. * New tool gpg-connect-agent as a general client for the gpg-agent. * New tool symcryptrun as a wrapper for certain encryption tools. * The gpg tool is not anymore build by default because those gpg versions available in the gnupg 1.4 series are far more matured. Noteworthy changes in version 1.9.15 (2005-01-13) ------------------------------------------------- * Fixed passphrase caching bug. * Better support for CCID readers; the reader from Cherry RS 6700 USB does now work. Noteworthy changes in version 1.9.14 (2004-12-22) ------------------------------------------------- * [gpg-agent] New option --use-standard-socket to allow the use of a fixed socket. gpgsm falls back to this socket if GPG_AGENT_INFO has not been set. * Ported to MS Windows with some functional limitations. * New tool gpg-preset-passphrase. Noteworthy changes in version 1.9.13 (2004-12-03) ------------------------------------------------- * [gpgsm] New option --prefer-system-dirmngr. * Minor cleanups and debugging aids. Noteworthy changes in version 1.9.12 (2004-10-22) ------------------------------------------------- * [scdaemon] Partly rewrote the PC/SC code. * Removed the sc-investigate tool. It is now in a separate package available at ftp://ftp.g10code.com/g10code/gscutils/ . * [gpg-agent] Fixed logging problem. Noteworthy changes in version 1.9.11 (2004-10-01) ------------------------------------------------- * When using --import along with --with-validation, the imported certificates are validated and only imported if they are fully valid. * [gpg-agent] New option --max-cache-ttl. * [gpg-agent] When used without --daemon or --server, gpg-agent now check whether a agent is already running and usable. * Fixed some i18n problems. Noteworthy changes in version 1.9.10 (2004-07-22) ------------------------------------------------- * Fixed a serious bug in the checking of trusted root certificates. * New configure option --enable-agent-pnly allows to build and install just the agent. * Fixed a problem with the log file handling. Noteworthy changes in version 1.9.9 (2004-06-08) ------------------------------------------------ * [gpg-agent] The new option --allow-mark-trusted is now required to allow gpg-agent to add a key to the trustlist.txt after user confirmation. * Creating PKCS#10 requests does now honor the key usage. Noteworthy changes in version 1.9.8 (2004-04-29) ------------------------------------------------ * [scdaemon] Overhauled the internal CCID driver. * [scdaemon] Status files named ~/.gnupg/reader_.status are now written when using the internal CCID driver. * [gpgsm] New commands --dump-{,secret,external}-keys to show a very detailed view of the certificates. * The keybox gets now compressed after 3 hours and ephemeral stored certificates are deleted after about a day. * [gpg] Usability fixes for --card-edit. Note, that this has already been ported back to gnupg-1.3 Noteworthy changes in version 1.9.7 (2004-04-06) ------------------------------------------------ * Instrumented the modules for gpgconf. * Added support for DINSIG card applications. * Include the smimeCapabilities attribute with signed messages. * Now uses the gettext domain "gnupg2" to avoid conflicts with gnupg versions < 1.9. Noteworthy changes in version 1.9.6 (2004-03-06) ------------------------------------------------ * Code cleanups and bug fixes. Noteworthy changes in version 1.9.5 (2004-02-21) ------------------------------------------------ * gpg-protect-tool gets now installed into libexec as it ought to be. Cleaned up the build system to better comply with the coding standards. * [gpgsm] The --import command is now able to autodetect pkcs#12 files and import secret and private keys from this file format. A new command --export-secret-key-p12 is provided to allow exporting of secret keys in PKCS\#12 format. * [gpgsm] The pinentry will now present a description of the key for whom the passphrase is requested. * [gpgsm] New option --with-validation to check the validity of key while listing it. * New option --debug-level={none,basic,advanced,expert,guru} to map the debug flags to sensitive levels on a per program base. Noteworthy changes in version 1.9.4 (2004-01-30) ------------------------------------------------ * Added support for the Telesec NKS 2.0 card application. * Added simple tool addgnupghome to create .gnupg directories from /etc/skel/.gnupg. * Various minor bug fixes and cleanups; mainly gpgsm and gpg-agent related. Noteworthy changes in version 1.9.3 (2003-12-23) ------------------------------------------------ * New gpgsm options --{enable,disable}-ocsp to validate keys using OCSP. This option requires a not yet released DirMngr version. Default is disabled. * The --log-file option may now be used to print logs to a socket. Prefix the socket name with "socket://" to enable this. This does not work on all systems and falls back to stderr if there is a problem with the socket. * The options --encrypt-to and --no-encrypt-to now work the same in gpgsm as in gpg. Note, they are also used in server mode. * Duplicated recipients are now silently removed in gpgsm. Noteworthy changes in version 1.9.2 (2003-11-17) ------------------------------------------------ * On card key generation is no longer done using the --gen-key command but from the menu provided by the new --card-edit command. * PINs are now properly cached and there are only 2 PINs visible. The 3rd PIN (CHV2) is internally syncronized with the regular PIN. * All kind of other internal stuff. Noteworthy changes in version 1.9.1 (2003-09-06) ------------------------------------------------ * Support for OpenSC is back. scdaemon supports a --disable-opensc to disable OpenSC use at runtime, so that PC/SC or ct-API can still be used directly. * Rudimentary support for the SCR335 smartcard reader using an internal driver. Requires current libusb from CVS. * Bug fixes. Noteworthy changes in version 1.9.0 (2003-08-05) ------------------------------------------------ ====== PLEASE SEE README-alpha ======= * gpg has been renamed to gpg2 and gpgv to gpgv2. This is a temporary change to allow co-existing with stable gpg versions. * ~/.gnupg/gpg.conf-1.9.0 is fist tried as config file before the usual gpg.conf. * Removed the -k, -kv and -kvv commands. -k is now an alias to --list-keys. New command -K as alias for --list-secret-keys. * Removed --run-as-shm-coprocess feature. * gpg does now also use libgcrypt, libgpg-error is required. * New gpgsm commands --call-dirmngr and --call-protect-tool. * Changing a passphrase is now possible using "gpgsm --passwd" * The content-type attribute is now recognized and created. * The agent does now reread certain options on receiving a HUP. * The pinentry is now forked for each request so that clients with different environments are supported. When running in daemon mode and --keep-display is not used the DISPLAY variable is ignored. * Merged stuff from the newpg branch and started this new development branch. Copyright 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/TODO b/TODO index c3b4b5b1f..f68cb82ea 100644 --- a/TODO +++ b/TODO @@ -1,111 +1,114 @@ -*- outline -*- * src/base64 ** Make parsing more robust Currently we don't cope with overlong lines in the best way. ** Check that we really release the ksba reader/writer objects. * sm/call-agent.c ** Some code should go into import.c ** When we allow concurrent service request in gpgsm, we might want to have an agent context for each service request (i.e. Assuan context). * sm/certchain.c ** When a certificate chain was sucessfully verified, make ephemeral certs used in this chain permanent. ** Try to keep certificate references somewhere This will help with some of our caching code. We also need to test that caching; in particular "regtp_ca_chainlen". * sm/decrypt.c ** replace leading zero in integer hack by a cleaner solution * sm/gpgsm.c ** mark all unimplemented commands and options. ** Implement --default-key ** support the anyPolicy semantic ** Check that we are really following the verification procedures in rfc3280. ** Implement a --card-status command. This is useful to check whether a card is supported at all. * sm/keydb.c ** Check file permissions ** Check that all error code mapping is done. ** Remove the inter-module dependencies between gpgsm and keybox ** Add an source_of_key field * agent/command.c ** Make sure that secure memory is used where appropriate * agent/pkdecrypt.c, agent/pksign.c ** Don't use stdio to return results. ** Support DSA * Move pkcs-1 encoding into libgcrypt. * Use a MAC to protect sensitive files. The problem here is that we need yet another key and it is unlikely that users are willing to remember that key too. It is possible to do this with a smartcard, though. * sm/export.c ** Return an error code or a status info per user ID. * scd/tlv.c The parse_sexp fucntion should not go into this file. Check whether we can change all S-expression handling code to make use of this function. * scd ** Application context vs. reader slot We have 2 concurrent method of tracking whether a read is in use: Using the session_list in command.c and the lock_table in app.c. IT would be better to do this just at one place. First we need to see how we can support cards with multiple applications. ** Detecting a removed card works only after the ticker detected it. We should check the card status in open-card to make this smoother. Needs to be integrated with the status file update, though. It is not a real problem because application will get a card removed status and should the send a reset to try solving the problem. ** app-p15.c:do_auth We assume SHA1 here. However we should also allow for TLS-MD5SHA1. To properly inplement this we need to extend the inetrnal API. A simple workaround by looking at the digest size if possible. ** Add a test to check the extkeyusage. * Windows port ** gpgsm's LISTKEYS does not yet work Fix is to change everything to libestream ** Signals are not support This means we can't reread a configuration ** No card status notifications. * sm/ ** check that we issue NO_SECKEY xxx if a -u key was not found We don't. The messages returned are also wrong (recipient vs. signer). * jnlib/ ** provide jnlib_malloc and try to remove all jnlib_xmalloc. * g10/ ** issue a NO_SECKEY xxxx if a -u key was not found. -** qbits - We pass a new qbit parameter to genkey - implement this in libgcrypt. + + +* When requiring libksba 1.0.1 +** Remove the extra GPG_ERR_NO_VALUE tests + They have need added on 2006-10-18 to fix a libksba problem. * When switching to libgcrypt 1.3 ** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md Remove the extra test for a valid algorithm as libgcrypt will do it then in gcry_md_algo_info. ** skclist.c Remove the hard coded constant in random_is_faked. ** g10/ Replace DIGEST_ALGO_SHA224 We can't do that right now because it is only defined by newer versions of libgcrypt. ** GCRY_MD_USER Remove these definitions. * Extend selinux support to other modules * Remove -sat PGP2 compatibility hack diff --git a/configure.ac b/configure.ac index b7a96a269..039b5f24d 100644 --- a/configure.ac +++ b/configure.ac @@ -1,1331 +1,1331 @@ # configure.ac - for GnuPG 1.9 # Copyright (C) 1998, 1999, 2000, 2001, 2002, # 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # # This file is part of GnuPG. # # GnuPG is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # GnuPG is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, # USA. # Process this file with autoconf to produce a configure script. AC_PREREQ(2.52) min_automake_version="1.9.3" # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [1.9.93]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) AC_INIT([gnupg], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), [bug-gnupg@gnupg.org]) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. development_version=yes NEED_GPG_ERROR_VERSION=1.4 NEED_LIBGCRYPT_API=1 NEED_LIBGCRYPT_VERSION=1.2.0 NEED_LIBASSUAN_API=1 NEED_LIBASSUAN_VERSION=0.9.3 NEED_KSBA_API=1 NEED_KSBA_VERSION=1.0.0 PACKAGE=$PACKAGE_NAME PACKAGE_GT=${PACKAGE_NAME}2 VERSION=$PACKAGE_VERSION AC_CONFIG_AUX_DIR(scripts) AC_CONFIG_SRCDIR(sm/gpgsm.c) AM_CONFIG_HEADER(config.h) AC_CANONICAL_TARGET() AM_INIT_AUTOMAKE($PACKAGE, $VERSION) AB_INIT AC_GNU_SOURCE # Some status variables. have_gpg_error=no have_libgcrypt=no have_libassuan=no have_ksba=no have_pth=no have_libusb=no use_bzip2=yes use_exec=yes disable_keyserver_path=no GNUPG_BUILD_PROGRAM(gpg, yes) GNUPG_BUILD_PROGRAM(gpgsm, yes) GNUPG_BUILD_PROGRAM(agent, yes) GNUPG_BUILD_PROGRAM(scdaemon, yes) GNUPG_BUILD_PROGRAM(tools, yes) GNUPG_BUILD_PROGRAM(doc, yes) GNUPG_BUILD_PROGRAM(symcryptrun, no) AC_SUBST(PACKAGE) AC_SUBST(PACKAGE_GT) AC_SUBST(VERSION) AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package]) AC_DEFINE_UNQUOTED(PACKAGE_GT, "$PACKAGE_GT", [Name of this package for gettext]) AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package]) AC_DEFINE_UNQUOTED(PACKAGE_BUGREPORT, "$PACKAGE_BUGREPORT", [Bug report address]) AC_DEFINE_UNQUOTED(NEED_LIBGCRYPT_VERSION, "$NEED_LIBGCRYPT_VERSION", [Required version of Libgcrypt]) AC_DEFINE_UNQUOTED(NEED_KSBA_VERSION, "$NEED_KSBA_VERSION", [Required version of Libksba]) # The default is to use the modules from this package and the few # other packages in a standard place; i.e where this package gets # installed. With these options it is possible to override these # ${prefix} depended values with fixed paths, which can't be replaced # at make time. See also am/cmacros.am and the defaults in AH_BOTTOM. AC_ARG_WITH(agent-pgm, [ --with-agent-pgm=PATH Use PATH as the default for the agent)], GNUPG_AGENT_PGM="$withval", GNUPG_AGENT_PGM="" ) AC_SUBST(GNUPG_AGENT_PGM) AM_CONDITIONAL(GNUPG_AGENT_PGM, test -n "$GNUPG_AGENT_PGM") show_gnupg_agent_pgm="(default)" test -n "$GNUPG_AGENT_PGM" && show_gnupg_agent_pgm="$GNUPG_AGENT_PGM" AC_ARG_WITH(pinentry-pgm, [ --with-pinentry-pgm=PATH Use PATH as the default for the pinentry)], GNUPG_PINENTRY_PGM="$withval", GNUPG_PINENTRY_PGM="" ) AC_SUBST(GNUPG_PINENTRY_PGM) AM_CONDITIONAL(GNUPG_PINENTRY_PGM, test -n "$GNUPG_PINENTRY_PGM") show_gnupg_pinentry_pgm="(default)" test -n "$GNUPG_PINENTRY_PGM" && show_gnupg_pinentry_pgm="$GNUPG_PINENTRY_PGM" AC_ARG_WITH(scdaemon-pgm, [ --with-scdaemon-pgm=PATH Use PATH as the default for the scdaemon)], GNUPG_SCDAEMON_PGM="$withval", GNUPG_SCDAEMON_PGM="" ) AC_SUBST(GNUPG_SCDAEMON_PGM) AM_CONDITIONAL(GNUPG_SCDAEMON_PGM, test -n "$GNUPG_SCDAEMON_PGM") show_gnupg_scdaemon_pgm="(default)" test -n "$GNUPG_SCDAEMON_PGM" && show_gnupg_scdaemon_pgm="$GNUPG_SCDAEMON_PGM" AC_ARG_WITH(dirmngr-pgm, [ --with-dirmngr-pgm=PATH Use PATH as the default for the dirmngr)], GNUPG_DIRMNGR_PGM="$withval", GNUPG_DIRMNGR_PGM="" ) AC_SUBST(GNUPG_DIRMNGR_PGM) AM_CONDITIONAL(GNUPG_DIRMNGR_PGM, test -n "$GNUPG_DIRMNGR_PGM") show_gnupg_dirmngr_pgm="(default)" test -n "$GNUPG_DIRMNGR_PGM" && show_gnupg_dirmngr_pgm="$GNUPG_DIRMNGR_PGM" AC_ARG_WITH(protect-tool-pgm, [ --with-protect-tool-pgm=PATH Use PATH as the default for the protect-tool)], GNUPG_PROTECT_TOOL_PGM="$withval", GNUPG_PROTECT_TOOL_PGM="" ) AC_SUBST(GNUPG_PROTECT_TOOL_PGM) AM_CONDITIONAL(GNUPG_PROTECT_TOOL_PGM, test -n "$GNUPG_PROTECT_TOOL_PGM") show_gnupg_protect_tool_pgm="(default)" test -n "$GNUPG_PROTECT_TOOL_PGM" \ && show_gnupg_protect_tool_pgm="$GNUPG_PROTECT_TOOL_PGM" # Some folks want to use only the agent from this packet. Make it # easier for them by providing the configure option # --enable-only-agent. AC_ARG_ENABLE(agent-only, AC_HELP_STRING([--enable-agent-only],[build only the gpg-agent]), build_agent_only=$enableval) # SELinux support includes tracking of sensitive files to avoid # leaking their contents through processing these files by gpg itself AC_MSG_CHECKING([whether SELinux support is requested]) AC_ARG_ENABLE(selinux-support, AC_HELP_STRING([--enable-selinux-support], [enable SELinux support]), selinux_support=$enableval, selinux_support=no) AC_MSG_RESULT($selinux_support) # Allow disabling of bzib2 support. # It is defined only after we confirm the library is available later AC_MSG_CHECKING([whether to enable the BZIP2 compression algorithm]) AC_ARG_ENABLE(bzip2, AC_HELP_STRING([--disable-bzip2],[disable the BZIP2 compression algorithm]), use_bzip2=$enableval) AC_MSG_RESULT($use_bzip2) # Configure option to allow or disallow execution of external # programs, like a photo viewer. AC_MSG_CHECKING([whether to enable external program execution]) AC_ARG_ENABLE(exec, AC_HELP_STRING([--disable-exec],[disable all external program execution]), use_exec=$enableval) AC_MSG_RESULT($use_exec) if test "$use_exec" = no ; then AC_DEFINE(NO_EXEC,1,[Define to disable all external program execution]) fi if test "$use_exec" = yes ; then AC_MSG_CHECKING([whether to enable photo ID viewing]) AC_ARG_ENABLE(photo-viewers, [ --disable-photo-viewers disable photo ID viewers], [if test "$enableval" = no ; then AC_DEFINE(DISABLE_PHOTO_VIEWER,1,[define to disable photo viewing]) fi],enableval=yes) gnupg_cv_enable_photo_viewers=$enableval AC_MSG_RESULT($enableval) if test "$gnupg_cv_enable_photo_viewers" = yes ; then AC_MSG_CHECKING([whether to use a fixed photo ID viewer]) AC_ARG_WITH(photo-viewer, [ --with-photo-viewer=FIXED_VIEWER set a fixed photo ID viewer], [if test "$withval" = yes ; then withval=no elif test "$withval" != no ; then AC_DEFINE_UNQUOTED(FIXED_PHOTO_VIEWER,"$withval", [if set, restrict photo-viewer to this]) fi],withval=no) AC_MSG_RESULT($withval) fi AC_MSG_CHECKING([whether to enable external keyserver helpers]) AC_ARG_ENABLE(keyserver-helpers, [ --disable-keyserver-helpers disable all external keyserver support], [if test "$enableval" = no ; then AC_DEFINE(DISABLE_KEYSERVER_HELPERS,1, [define to disable keyserver helpers]) fi],enableval=yes) gnupg_cv_enable_keyserver_helpers=$enableval AC_MSG_RESULT($enableval) if test "$gnupg_cv_enable_keyserver_helpers" = yes ; then # LDAP is defined only after we confirm the library is available later AC_MSG_CHECKING([whether LDAP keyserver support is requested]) AC_ARG_ENABLE(ldap, AC_HELP_STRING([--disable-ldap],[disable LDAP keyserver interface only]), try_ldap=$enableval, try_ldap=yes) AC_MSG_RESULT($try_ldap) AC_MSG_CHECKING([whether HKP keyserver support is requested]) AC_ARG_ENABLE(hkp, AC_HELP_STRING([--disable-hkp],[disable HKP keyserver interface only]), try_hkp=$enableval, try_hkp=yes) AC_MSG_RESULT($try_hkp) AC_MSG_CHECKING([whether finger key fetching support is requested]) AC_ARG_ENABLE(finger, AC_HELP_STRING([--disable-finger], [disable finger key fetching interface only]), try_finger=$enableval, try_finger=yes) AC_MSG_RESULT($try_finger) AC_MSG_CHECKING([whether generic object key fetching support is requested]) AC_ARG_ENABLE(generic, AC_HELP_STRING([--disable-generic], [disable generic object key fetching interface only]), try_generic=$enableval, try_generic=yes) AC_MSG_RESULT($try_generic) AC_MSG_CHECKING([whether email keyserver support is requested]) AC_ARG_ENABLE(mailto, AC_HELP_STRING([--enable-mailto], [enable email keyserver interface only]), try_mailto=$enableval, try_mailto=no) AC_MSG_RESULT($try_mailto) fi AC_MSG_CHECKING([whether keyserver exec-path is enabled]) AC_ARG_ENABLE(keyserver-path, AC_HELP_STRING([--disable-keyserver-path], [disable the exec-path option for keyserver helpers]), [if test "$enableval" = no ; then disable_keyserver_path=yes fi],enableval=yes) AC_MSG_RESULT($enableval) fi # # Check for the key/uid cache size. This can't be zero, but can be # pretty small on embedded systems. This is used for the gpg part. # AC_MSG_CHECKING([for the size of the key and uid cache]) AC_ARG_ENABLE(key-cache, AC_HELP_STRING([--enable-key-cache=SIZE], [Set key cache to SIZE (default 4096)]),,enableval=4096) if test "$enableval" = "no"; then enableval=5 elif test "$enableval" = "yes" || test "$enableval" = ""; then enableval=4096 fi changequote(,)dnl key_cache_size=`echo "$enableval" | sed 's/[A-Za-z]//g'` changequote([,])dnl if test "$enableval" != "$key_cache_size" || test "$key_cache_size" -lt 5; then AC_MSG_ERROR([invalid key-cache size]) fi AC_MSG_RESULT($key_cache_size) AC_DEFINE_UNQUOTED(PK_UID_CACHE_SIZE,$key_cache_size, [Size of the key and UID caches]) # # Check whether we want to use Linux capabilities # AC_MSG_CHECKING([whether use of capabilities is requested]) AC_ARG_WITH(capabilities, [ --with-capabilities use linux capabilities [default=no]], [use_capabilities="$withval"],[use_capabilities=no]) AC_MSG_RESULT($use_capabilities) # # To avoid double inclusion of config.h which might happen at some # places, we add the usual double inclusion protection at the top of # config.h. # AH_TOP([ #ifndef GNUPG_CONFIG_H_INCLUDED #define GNUPG_CONFIG_H_INCLUDED ]) # # Stuff which goes at the bottom of config.h. # AH_BOTTOM([ /* This is the major version number of GnuPG so that source included files can test for this. Note, that we use 2 here even for GnuPG 1.9.x. */ #define GNUPG_MAJOR_VERSION 2 /* Now to separate file name parts. Please note that the string version must not contain more than one character because the code assumes strlen()==1 */ #ifdef HAVE_DOSISH_SYSTEM #define DIRSEP_C '\\' #define DIRSEP_S "\\" #define EXTSEP_C '.' #define EXTSEP_S "." #define PATHSEP_C ';' #define PATHSEP_S ";" #define EXEEXT_S ".exe" #else #define DIRSEP_C '/' #define DIRSEP_S "/" #define EXTSEP_C '.' #define EXTSEP_S "." #define PATHSEP_C ':' #define PATHSEP_S ":" #define EXEEXT_S "" #endif /* This is the same as VERSION, but should be overridden if the platform cannot handle things like dots '.' in filenames. Set SAFE_VERSION_DOT and SAFE_VERSION_DASH to whatever SAFE_VERSION uses for dots and dashes. */ #define SAFE_VERSION VERSION #define SAFE_VERSION_DOT '.' #define SAFE_VERSION_DASH '-' /* Some global constants. */ #ifdef HAVE_DRIVE_LETTERS #define GNUPG_DEFAULT_HOMEDIR "c:/gnupg" #elif defined(__VMS) #define GNUPG_DEFAULT_HOMEDIR "/SYS\$LOGIN/gnupg" #else #define GNUPG_DEFAULT_HOMEDIR "~/.gnupg" #endif #define GNUPG_PRIVATE_KEYS_DIR "private-keys-v1.d" /* For some systems (DOS currently), we hardcode the path here. For POSIX systems the values are constructed by the Makefiles, so that the values may be overridden by the make invocations; this is to comply with the GNU coding standards. */ #ifdef HAVE_DRIVE_LETTERS #define GNUPG_BINDIR "c:\\gnupg" #define GNUPG_LIBEXECDIR "c:\\gnupg" #define GNUPG_LIBDIR "c:\\gnupg" #define GNUPG_DATADIR "c:\\gnupg" #endif /* Setup the hardwired names of modules. */ #ifndef GNUPG_DEFAULT_AGENT #define GNUPG_DEFAULT_AGENT ( GNUPG_BINDIR DIRSEP_S "gpg-agent" EXEEXT_S ) #endif #ifndef GNUPG_DEFAULT_PINENTRY #define GNUPG_DEFAULT_PINENTRY ( GNUPG_BINDIR DIRSEP_S "pinentry" EXEEXT_S ) #endif #ifndef GNUPG_DEFAULT_SCDAEMON #define GNUPG_DEFAULT_SCDAEMON ( GNUPG_BINDIR DIRSEP_S "scdaemon" EXEEXT_S ) #endif #ifndef GNUPG_DEFAULT_DIRMNGR #define GNUPG_DEFAULT_DIRMNGR ( GNUPG_BINDIR DIRSEP_S "dirmngr" EXEEXT_S ) #endif #ifndef GNUPG_DEFAULT_PROTECT_TOOL #define GNUPG_DEFAULT_PROTECT_TOOL \ ( GNUPG_LIBEXECDIR DIRSEP_S "gpg-protect-tool" EXEEXT_S ) #endif /* Derive some other constants. */ #if !(defined(HAVE_FORK) && defined(HAVE_PIPE) && defined(HAVE_WAITPID)) #define EXEC_TEMPFILE_ONLY #endif /* We didn't define endianness above, so get it from OS macros. This is intended for making fat binary builds on OS X. */ #if !defined(BIG_ENDIAN_HOST) && !defined(LITTLE_ENDIAN_HOST) #if defined(__BIG_ENDIAN__) #define BIG_ENDIAN_HOST 1 #elif defined(__LITTLE_ENDIAN__) #define LITTLE_ENDIAN_HOST 1 #else #error "No endianness found" #endif #endif /* Tell libgcrypt not to use its own libgpg-error implementation. */ #define USE_LIBGPG_ERROR 1 /* We use jnlib, so tell other modules about it. */ #define HAVE_JNLIB_LOGGING 1 /* Our HTTP code is used in estream mode. */ #define HTTP_USE_ESTREAM 1 /* We always include support for the OpenPGP card. */ #define ENABLE_CARD_SUPPORT 1 /* We don't want the old assuan codes anymore. */ #define _ASSUAN_ONLY_GPG_ERRORS 1 #endif /*GNUPG_CONFIG_H_INCLUDED*/ ]) AM_MAINTAINER_MODE # Checks for programs. AC_PROG_MAKE_SET AM_SANITY_CHECK missing_dir=`cd $ac_aux_dir && pwd` AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir) AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir) AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir) AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir) AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir) AC_PROG_AWK AC_PROG_CC AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_RANLIB AC_CHECK_TOOL(AR, ar, :) AC_PATH_PROG(PERL,"perl") AC_ISC_POSIX gl_EARLY AC_SYS_LARGEFILE GNUPG_CHECK_FAQPROG GNUPG_CHECK_USTAR try_gettext=yes have_dosish_system=no have_w32_system=no use_simple_gettext=no case "${host}" in *-mingw32*) # special stuff for Windoze NT ac_cv_have_dev_random=no AC_DEFINE(USE_ONLY_8DOT3,1, [set this to limit filenames to the 8.3 format]) AC_DEFINE(HAVE_DRIVE_LETTERS,1, [defined if we must run on a stupid file system]) AC_DEFINE(USE_SIMPLE_GETTEXT,1, [because the Unix gettext has too much overhead on MingW32 systems and these systems lack Posix functions, we use a simplified version of gettext]) disable_keyserver_path=yes have_dosish_system=yes have_w32_system=yes try_gettext="no" use_simple_gettext=yes ;; i?86-emx-os2 | i?86-*-os2*emx ) # OS/2 with the EMX environment ac_cv_have_dev_random=no AC_DEFINE(HAVE_DRIVE_LETTERS) have_dosish_system=yes try_gettext="no" ;; i?86-*-msdosdjgpp*) # DOS with the DJGPP environment ac_cv_have_dev_random=no AC_DEFINE(HAVE_DRIVE_LETTERS) have_dosish_system=yes try_gettext="no" ;; *-*-freebsd*) # FreeBSD CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" ;; *-*-hpux*) if test -z "$GCC" ; then CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE" fi ;; *-dec-osf4*) if test -z "$GCC" ; then # Suppress all warnings # to get rid of the unsigned/signed char mismatch warnings. CFLAGS="$CFLAGS -w" fi ;; *-dec-osf5*) if test -z "$GCC" ; then # Use the newer compiler `-msg_disable ptrmismatch1' to # get rid of the unsigned/signed char mismatch warnings. # Using this may hide other pointer mismatch warnings, but # it at least lets other warning classes through CFLAGS="$CFLAGS -msg_disable ptrmismatch1" fi ;; m68k-atari-mint) ;; *) ;; esac if test "$have_dosish_system" = yes; then AC_DEFINE(HAVE_DOSISH_SYSTEM,1, [Defined if we run on some of the PCDOS like systems (DOS, Windoze. OS/2) with special properties like no file modes]) fi AM_CONDITIONAL(HAVE_DOSISH_SYSTEM, test "$have_dosish_system" = yes) AM_CONDITIONAL(USE_SIMPLE_GETTEXT, test x"$use_simple_gettext" = xyes) if test "$have_w32_system" = yes; then AC_DEFINE(HAVE_W32_SYSTEM,1, [Defined if we run on a W32 API based system]) fi AM_CONDITIONAL(HAVE_W32_SYSTEM, test "$have_w32_system" = yes) if test "$disable_keyserver_path" = yes; then AC_DEFINE(DISABLE_KEYSERVER_PATH,1, [Defined to disable exec-path for keyserver helpers]) fi # (These need to go after AC_PROG_CC so that $EXEEXT is defined) AC_DEFINE_UNQUOTED(EXEEXT,"$EXEEXT",[The executable file extension, if any]) if test x"$try_hkp" = xyes ; then AC_SUBST(GPGKEYS_HKP,"gpg2keys_hkp$EXEEXT") fi if test x"$try_finger" = xyes ; then AC_SUBST(GPGKEYS_FINGER,"gpg2keys_finger$EXEEXT") fi # # Checks for libraries. # # # libgpg-error is a library with error codes shared between GnuPG # related projects. # AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION", have_gpg_error=yes,have_gpg_error=no) # # Libgcrypt is our generic crypto library # AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_API:$NEED_LIBGCRYPT_VERSION", have_libgcrypt=yes,have_libgcrypt=no) # # libassuan is used for IPC # AM_PATH_LIBASSUAN("$NEED_LIBASSUAN_API:$NEED_LIBASSUAN_VERSION", have_libassuan=yes,have_libassuan=no) if test "$have_libassuan" = "yes"; then have_libassuan=no AM_PATH_LIBASSUAN_PTH("$NEED_LIBASSUAN_API:$NEED_LIBASSUAN_VERSION", have_libassuan=yes,have_libassuan=no) fi # # libksba is our X.509 support library # AM_PATH_KSBA("$NEED_KSBA_API:$NEED_KSBA_VERSION",have_ksba=yes,have_ksba=no) # # libusb allows us to use the integrated CCID smartcard reader driver. # # FiXME: Use GNUPG_CHECK_LIBUSB and modify to use separate AC_SUBSTs. AC_CHECK_LIB(usb, usb_bulk_write, [ LIBUSB_LIBS="$LIBUSB_LIBS -lusb" AC_DEFINE(HAVE_LIBUSB,1, [defined if libusb is available]) have_libusb=yes ]) AC_SUBST(LIBUSB_LIBS) AC_CHECK_FUNCS(usb_create_match) # # Check wether it is necessary to link against libdl. # LIBS="" AC_SEARCH_LIBS(dlopen, c dl,,,) DL_LIBS=$LIBS AC_SUBST(DL_LIBS) # # Checks for symcryptrun: # # libutil has openpty() and login_tty(). AC_CHECK_LIB(util, openpty, [ LIBUTIL_LIBS="$LIBUTIL_LIBS -lutil" AC_DEFINE(HAVE_LIBUTIL,1, [defined if libutil is available]) ]) AC_SUBST(LIBUTIL_LIBS) # shred is used to clean temporary plain text files. AC_PATH_PROG(SHRED, shred, /usr/bin/shred) AC_DEFINE_UNQUOTED(SHRED, "${SHRED}", [defines the filename of the shred program]) # # Check whether the GNU Pth library is available # Note, that we include a Pth emulation for W32. # GNUPG_PATH_PTH if test "$have_pth" = "yes"; then AC_DEFINE(USE_GNU_PTH, 1, [Defined if the GNU Portable Thread Library should be used]) else AC_MSG_WARN([[ *** *** To support concurrent access to the gpg-agent and the SCdaemon *** we need the support of the GNU Portable Threads Library. *** Download it from ftp://ftp.gnu.org/gnu/pth/ *** On a Debian GNU/Linux system you might want to try *** apt-get install libpth-dev ***]]) fi # # Must check for network library requirements before doing link tests # for ldap, for example. If ldap libs are static (or dynamic and without # ELF runtime link paths), then link will fail and LDAP support won't # be detected. # AC_CHECK_FUNC(gethostbyname, , AC_CHECK_LIB(nsl, gethostbyname, [NETLIBS="-lnsl $NETLIBS"])) AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt, [NETLIBS="-lsocket $NETLIBS"])) # # Now try for the resolver functions so we can use DNS for SRV, PA and CERT. # if test x"$try_hkp" = xyes || test x"$try_http" = xyes ; then AC_ARG_ENABLE(dns-srv, AC_HELP_STRING([--disable-dns-srv], [disable the use of DNS SRV in HKP and HTTP]), use_dns_srv=$enableval,use_dns_srv=yes) fi AC_ARG_ENABLE(dns-pka, AC_HELP_STRING([--disable-dns-pka], [disable the use of PKA records in DNS]), use_dns_pka=$enableval,use_dns_pka=yes) AC_ARG_ENABLE(dns-cert, AC_HELP_STRING([--disable-dns-cert], [disable the use of CERT records in DNS]), use_dns_cert=$enableval,use_dns_cert=yes) if test x"$use_dns_pka" = xyes || test x"$use_dns_srv" = xyes \ || test x"$use_dns_cert" = xyes; then _dns_save_libs=$LIBS LIBS="" # the double underscore thing is a glibc-ism? AC_SEARCH_LIBS(res_query,resolv bind,, AC_SEARCH_LIBS(__res_query,resolv bind,,have_resolver=no)) AC_SEARCH_LIBS(dn_expand,resolv bind,, AC_SEARCH_LIBS(__dn_expand,resolv bind,,have_resolver=no)) AC_SEARCH_LIBS(dn_skipname,resolv bind,, AC_SEARCH_LIBS(__dn_skipname,resolv bind,,have_resolver=no)) if test x"$have_resolver" != xno ; then # Make sure that the BIND 4 resolver interface is workable before # enabling any code that calls it. At some point I'll rewrite the # code to use the BIND 8 resolver API. AC_MSG_CHECKING([whether the resolver is usable]) AC_LINK_IFELSE([AC_LANG_PROGRAM([#include #include #include #include ], [[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); dn_skipname(0,0); dn_expand(0,0,0,0,0); ]])],have_resolver=yes,have_resolver=no) AC_MSG_RESULT($have_resolver) # This is Apple-specific and somewhat bizarre as they changed the # define in bind 8 for some reason. if test x"$have_resolver" != xyes ; then AC_MSG_CHECKING( [whether I can make the resolver usable with BIND_8_COMPAT]) AC_LINK_IFELSE([AC_LANG_PROGRAM([#define BIND_8_COMPAT #include #include #include #include ], [[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); dn_skipname(0,0); dn_expand(0,0,0,0,0); ]])],[have_resolver=yes ; need_compat=yes]) AC_MSG_RESULT($have_resolver) fi fi if test x"$have_resolver" = xyes ; then DNSLIBS=$LIBS if test x"$use_dns_srv" = xyes ; then AC_DEFINE(USE_DNS_SRV,1,[define to use DNS SRV]) fi if test x"$use_dns_pka" = xyes ; then AC_DEFINE(USE_DNS_PKA,1,[define to use our experimental DNS PKA]) fi if test x"$use_dns_cert" = xyes ; then AC_DEFINE(USE_DNS_CERT,1,[define to use DNS CERT]) fi if test x"$need_compat" = xyes ; then AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism]) fi else use_dns_srv=no use_dns_pka=no use_dns_cert=no fi LIBS=$_dns_save_libs fi AC_SUBST(DNSLIBS) AM_CONDITIONAL(USE_DNS_SRV, test x"$use_dns_srv" = xyes) # # Check for LDAP # if test "$try_ldap" = yes ; then GNUPG_CHECK_LDAP($NETLIBS) fi # # Check for curl. We fake the curl API if libcurl isn't installed. # LIBCURL_CHECK_CONFIG([yes],,,[fake_curl=yes]) AM_CONDITIONAL(FAKE_CURL,test x"$fake_curl" = xyes) # Generic, for us, means curl if test x"$try_generic" = xyes ; then AC_SUBST(GPGKEYS_CURL,"gpg2keys_curl$EXEEXT") fi # # Check for sendmail # # This isn't necessarily sendmail itself, but anything that gives a # sendmail-ish interface to the outside world. That includes Exim, # Postfix, etc. Basically, anything that can handle "sendmail -t". if test "$try_mailto" = yes ; then AC_ARG_WITH(mailprog, AC_HELP_STRING([--with-mailprog=NAME], [use "NAME -t" for mail transport]), ,with_mailprog=yes) if test x"$with_mailprog" = xyes ; then AC_PATH_PROG(SENDMAIL,sendmail,,$PATH:/usr/sbin:/usr/libexec:/usr/lib) if test "$ac_cv_path_SENDMAIL" ; then GPGKEYS_MAILTO="gpg2keys_mailto" fi elif test x"$with_mailprog" != xno ; then AC_MSG_CHECKING([for a mail transport program]) AC_SUBST(SENDMAIL,$with_mailprog) AC_MSG_RESULT($with_mailprog) GPGKEYS_MAILTO="gpg2keys_mailto" fi fi AC_SUBST(GPGKEYS_MAILTO) # # Construct a printable name of the OS # case "${host}" in *-mingw32*) PRINTABLE_OS_NAME="MingW32" ;; *-*-cygwin*) PRINTABLE_OS_NAME="Cygwin" ;; i?86-emx-os2 | i?86-*-os2*emx ) PRINTABLE_OS_NAME="OS/2" ;; i?86-*-msdosdjgpp*) PRINTABLE_OS_NAME="MSDOS/DJGPP" try_dynload=no ;; *-linux*) PRINTABLE_OS_NAME="GNU/Linux" ;; *) PRINTABLE_OS_NAME=`uname -s || echo "Unknown"` ;; esac AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", [A human readable text with the name of the OS]) # # Check for gettext # AM_GNU_GETTEXT_VERSION(0.14.1) if test "$try_gettext" = yes; then AM_GNU_GETTEXT(,[need-ngettext]) # gettext requires some extra checks. These really should be part of # the basic AM_GNU_GETTEXT macro. TODO: move other gettext-specific # function checks to here. AC_CHECK_FUNCS(strchr) else USE_NLS=no USE_INCLUDED_LIBINTL=no BUILD_INCLUDED_LIBINTL=no AC_SUBST(USE_NLS) AC_SUBST(USE_INCLUDED_LIBINTL) AC_SUBST(BUILD_INCLUDED_LIBINTL) AM_PO_SUBDIRS fi # # SELinux support # if test "$selinux_support" = yes ; then AC_DEFINE(ENABLE_SELINUX_HACKS,1,[Define to enable SELinux support]) fi # # Checks for header files. # AC_HEADER_STDC AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h]) AC_CHECK_HEADERS([pwd.h inttypes.h]) # # Checks for typedefs, structures, and compiler characteristics. # AC_C_CONST AC_C_INLINE AC_C_VOLATILE AC_TYPE_SIZE_T AC_TYPE_MODE_T AC_TYPE_SIGNAL AC_DECL_SYS_SIGLIST AC_ARG_ENABLE(endian-check, AC_HELP_STRING([--disable-endian-check], [disable the endian check and trust the OS provided macros]), endiancheck=$enableval,endiancheck=yes) if test x"$endiancheck" = xyes ; then GNUPG_CHECK_ENDIAN fi # fixme: we should get rid of the byte type GNUPG_CHECK_TYPEDEF(byte, HAVE_BYTE_TYPEDEF) GNUPG_CHECK_TYPEDEF(ushort, HAVE_USHORT_TYPEDEF) GNUPG_CHECK_TYPEDEF(ulong, HAVE_ULONG_TYPEDEF) GNUPG_CHECK_TYPEDEF(u16, HAVE_U16_TYPEDEF) GNUPG_CHECK_TYPEDEF(u32, HAVE_U32_TYPEDEF) AC_CHECK_SIZEOF(unsigned short) AC_CHECK_SIZEOF(unsigned int) AC_CHECK_SIZEOF(unsigned long) AC_CHECK_SIZEOF(unsigned long long) # Ensure that we have UINT64_C before we bother to check for uint64_t # Fixme: really needed in gnupg? I think it is only useful in libcgrypt. AC_CACHE_CHECK([for UINT64_C],[gnupg_cv_uint64_c_works], AC_COMPILE_IFELSE(AC_LANG_PROGRAM([#include uint64_t foo=UINT64_C(42);]), gnupg_cv_uint64_c_works=yes,gnupg_cv_uint64_c_works=no)) if test "$gnupg_cv_uint64_c_works" = "yes" ; then AC_CHECK_SIZEOF(uint64_t) fi if test "$ac_cv_sizeof_unsigned_short" = "0" \ || test "$ac_cv_sizeof_unsigned_int" = "0" \ || test "$ac_cv_sizeof_unsigned_long" = "0"; then AC_MSG_WARN([Hmmm, something is wrong with the sizes - using defaults]); fi # # Checks for library functions. # AC_CHECK_DECLS(getpagesize) AC_FUNC_FSEEKO AC_FUNC_VPRINTF AC_FUNC_FORK AC_CHECK_FUNCS([strerror stpcpy strlwr tcgetattr strtoul mmap]) AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r]) AC_CHECK_FUNCS([unsetenv getpwnam getpwuid fcntl ftruncate]) AC_CHECK_FUNCS([memmove gettimeofday getrusage setrlimit clock_gettime]) AC_CHECK_FUNCS([atexit raise getpagesize strftime nl_langinfo setlocale]) AC_CHECK_FUNCS([waitpid wait4 sigaction sigprocmask pipe stat getaddrinfo]) AC_CHECK_FUNCS([ttyname isascii memrchr rand ftello]) AC_CHECK_TYPES([struct sigaction, sigset_t],,,[#include ]) # # These are needed by libjnlib - fixme: we should have macros for them # AC_CHECK_FUNCS([memicmp stpcpy strsep strlwr strtoul memmove stricmp strtol]) AC_CHECK_FUNCS([timegm getrusage setrlimit stat setlocale]) AC_CHECK_FUNCS([flockfile funlockfile fopencookie funopen]) # # gnulib checks # gl_SOURCE_BASE(gl) gl_M4_BASE(gl/m4) gl_MODULES(setenv mkdtemp vasprintf xsize) gl_INIT # # W32 specific test # GNUPG_FUNC_MKDIR_TAKES_ONE_ARG # # Sanity check regex. Tests adapted from mutt. # FIXME: We should use the the regex from gnulib # AC_MSG_CHECKING([whether regular expression support is requested]) AC_ARG_ENABLE(regex, AC_HELP_STRING([--disable-regex], [do not handle regular expressions in trust signatures]), use_regex=$enableval, use_regex=yes) AC_MSG_RESULT($use_regex) if test "$use_regex" = yes ; then AC_MSG_CHECKING([whether the included regex lib is requested]) AC_ARG_WITH(included-regex, [ --with-included-regex use the included GNU regex library], [gnupg_cv_included_regex="$withval"],[gnupg_cv_included_regex=no]) AC_MSG_RESULT($gnupg_cv_included_regex) if test $gnupg_cv_included_regex = no ; then # Does the system have regex functions at all? AC_CHECK_FUNC(regcomp,gnupg_cv_included_regex=no, gnupg_cv_included_regex=yes) fi if test $gnupg_cv_included_regex = no ; then AC_CACHE_CHECK([whether your system's regexp library is broken], [gnupg_cv_regex_broken], AC_TRY_RUN([ #include #include main() { regex_t blah ; regmatch_t p; p.rm_eo = p.rm_eo; return regcomp(&blah, "foo.*bar", REG_NOSUB) || regexec (&blah, "foobar", 0, NULL, 0); }], gnupg_cv_regex_broken=no, gnupg_cv_regex_broken=yes, gnupg_cv_regex_broken=yes)) if test $gnupg_cv_regex_broken = yes ; then AC_MSG_WARN(your regex is broken - using the included GNU regex instead.) gnupg_cv_included_regex=yes fi fi if test $gnupg_cv_included_regex = yes; then AC_DEFINE(USE_INTERNAL_REGEX,1,[ Define if you want to use the included regex lib ]) fi else AC_DEFINE(DISABLE_REGEX,1,[ Define to disable regular expression support ]) fi AM_CONDITIONAL(USE_INTERNAL_REGEX, test x"$gnupg_cv_included_regex" = xyes) # # Do we have zlib? Must do it here because Solaris failed # when compiling a conftest (due to the "-lz" from LIBS). # Note that we combine zlib and bzlib2 in ZLIBS. # _cppflags="${CPPFLAGS}" _ldflags="${LDFLAGS}" AC_ARG_WITH(zlib, [ --with-zlib=DIR use libz in DIR],[ if test -d "$withval"; then CPPFLAGS="${CPPFLAGS} -I$withval/include" LDFLAGS="${LDFLAGS} -L$withval/lib" fi ]) AC_CHECK_HEADER(zlib.h, AC_CHECK_LIB(z, deflateInit2_, ZLIBS="-lz", CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}), CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}) # # Check whether we can support bzip2 # if test "$use_bzip2" = yes ; then _cppflags="${CPPFLAGS}" _ldflags="${LDFLAGS}" AC_ARG_WITH(bzip2, AC_HELP_STRING([--with-bzip2=DIR],[look for bzip2 in DIR]), [ if test -d "$withval" ; then CPPFLAGS="${CPPFLAGS} -I$withval/include" LDFLAGS="${LDFLAGS} -L$withval/lib" fi ],withval="") # Checking alongside stdio.h as an early version of bzip2 (1.0) # required stdio.h to be included before bzlib.h, and Solaris 9 is # woefully out of date. if test "$withval" != no ; then AC_CHECK_HEADER(bzlib.h, AC_CHECK_LIB(bz2,BZ2_bzCompressInit, [ have_bz2=yes ZLIBS="$ZLIBS -lbz2" AC_DEFINE(HAVE_BZIP2,1, [Defined if the bz2 compression library is available]) ], CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}), CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags},[#include ]) fi fi AM_CONDITIONAL(ENABLE_BZIP2_SUPPORT,test x"$have_bz2" = "xyes") AC_SUBST(ZLIBS) # Check for readline support GNUPG_CHECK_READLINE # See wether we want to run the long test suite. AC_ARG_WITH(pkits-tests, AC_HELP_STRING([--with-pkits-tests],[run the PKITS based tests]), [run_pkits_tests=$withval], [run_pkits_tests=no]) AM_CONDITIONAL(RUN_PKITS_TESTS, test "$run_pkits_tests" = "yes") # # Allow users to append something to the version string without # flagging it as development version. The user version parts is # considered everything after a dash. # if test "$development_version" != yes; then changequote(,)dnl tmp_pat='[a-zA-Z]' changequote([,])dnl if echo "$VERSION" | sed 's/-.*//' | grep "$tmp_pat" >/dev/null ; then development_version=yes fi fi if test "$development_version" = yes; then AC_DEFINE(IS_DEVELOPMENT_VERSION,1, [Defined if this is not a regular release]) fi AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes) GNUPG_CHECK_GNUMAKE # Add some extra libs here so that previous tests don't fail for # mysterious reasons - the final link step should bail out. if test "$have_w32_system" = yes; then NETLIBS="${NETLIBS} -lwsock32" fi AC_SUBST(NETLIBS) # # Setup gcc specific options # if test "$GCC" = yes; then # Note that it is okay to use CFLAGS here because this are just # warning options and the user should have a chance of overriding # them. if test "$USE_MAINTAINER_MODE" = "yes"; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" CFLAGS="$CFLAGS -Wno-format-y2k -Wformat-security -Wformat-nonliteral" else CFLAGS="$CFLAGS -Wall" fi AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign]) _gcc_cflags_save=$CFLAGS CFLAGS="-Wno-pointer-sign" AC_COMPILE_IFELSE(AC_LANG_PROGRAM([]),_gcc_psign=yes,_gcc_psign=no) AC_MSG_RESULT($_gcc_psign) CFLAGS=$_gcc_cflags_save; if test x"$_gcc_psign" = xyes ; then CFLAGS="$CFLAGS -Wno-pointer-sign" fi fi # # This is handy for debugging so the compiler doesn't rearrange # things and eliminate variables. # AC_ARG_ENABLE(optimization, AC_HELP_STRING([--disable-optimization], [disable compiler optimization]), [if test $enableval = no ; then CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'` fi]) # # For W32 we need to use our Pth emulation code # if test "$have_w32_system" = yes; then AC_CONFIG_LINKS(pth.h:jnlib/w32-pth.h) fi # # Decide what to build # missing_pth=no if test $have_ksba = no; then build_gpgsm=no build_scdaemon=no fi build_agent_threaded="" if test "$build_agent" = "yes"; then if test $have_pth = no; then build_agent_threaded="(not multi-threaded)" missing_pth=yes fi fi build_scdaemon_extra="" if test "$build_scdaemon" = "yes"; then tmp="" if test $have_pth = no; then build_scdaemon_extra="not multi-threaded" tmp=", " missing_pth=yes fi if test $have_libusb = no; then build_scdaemon_extra="${tmp}without internal CCID driver" tmp=", " fi if test -n "$build_scdaemon_extra"; then build_scdaemon_extra="(${build_scdaemon_extra})" fi fi if test "$build_agent_only" = "yes" ; then build_gpg=no build_gpgsm=no build_scdaemon=no build_tools=no build_doc=no fi AM_CONDITIONAL(BUILD_GPG, test "$build_gpg" = "yes") AM_CONDITIONAL(BUILD_GPGSM, test "$build_gpgsm" = "yes") AM_CONDITIONAL(BUILD_AGENT, test "$build_agent" = "yes") AM_CONDITIONAL(BUILD_SCDAEMON, test "$build_scdaemon" = "yes") AM_CONDITIONAL(BUILD_TOOLS, test "$build_tools" = "yes") AM_CONDITIONAL(BUILD_DOC, test "$build_doc" = "yes") AM_CONDITIONAL(BUILD_SYMCRYPTRUN, test "$build_symcryptrun" = "yes") AM_CONDITIONAL(RUN_GPG_TESTS, test x$cross_compiling = xno -a "$build_gpg" = yes ) # # Print errors here so that they are visible all # together and the user can acquire them all together. # die=no if test "$have_gpg_error" = "no"; then die=yes AC_MSG_NOTICE([[ *** *** You need libgpg-error to build this program. ** This library is for example available at *** ftp://ftp.gnupg.org/gcrypt/libgpg-error *** (at least version $NEED_GPG_ERROR_VERSION is required.) ***]]) fi if test "$have_libgcrypt" = "no"; then die=yes AC_MSG_NOTICE([[ *** *** You need libgcrypt to build this program. ** This library is for example available at *** ftp://ftp.gnupg.org/gcrypt/libgcrypt/ *** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API is required.) ***]]) fi if test "$have_libassuan" = "no"; then die=yes AC_MSG_NOTICE([[ *** *** You need libassuan with Pth support to build this program. *** This library is for example available at *** ftp://ftp.gnupg.org/gcrypt/alpha/libassuan/ *** (at least version $NEED_LIBASSUAN_VERSION (API $NEED_LIBASSUAN_API) is required). ***]]) fi if test "$have_ksba" = "no"; then AC_MSG_NOTICE([[ *** *** You need libksba to build this program. *** This library is for example available at *** ftp://ftp.gnupg.org/gcrypt/libksba/ *** (at least version $NEED_KSBA_VERSION using API $NEED_KSBA_API is required). ***]]) fi if test "$missing_pth" = "yes"; then AC_MSG_NOTICE([[ *** *** It is now required to build with support for the *** GNU Portable Threads Library (Pth). Please install this *** library first. The library is for example available at *** ftp://ftp.gnu.org/gnu/pth/ *** On a Debian GNU/Linux system you can install it using *** apt-get install libpth-dev ***]]) die=yes fi if test "$die" = "yes"; then AC_MSG_ERROR([[ *** *** Required libraries not found. Please consult the above messages *** and install them before running configure again. ***]]) fi AC_CONFIG_FILES([ m4/Makefile Makefile po/Makefile.in intl/Makefile gl/Makefile include/Makefile jnlib/Makefile common/Makefile kbx/Makefile g10/Makefile sm/Makefile agent/Makefile scd/Makefile keyserver/Makefile keyserver/gpgkeys_mailto keyserver/gpgkeys_test tools/gpg-zip tools/Makefile doc/Makefile tests/Makefile tests/openpgp/Makefile ]) AC_OUTPUT #tests/pkits/Makefile echo " GnuPG v${VERSION} has been configured as follows: Platform: $PRINTABLE_OS_NAME ($host) OpenPGP: $build_gpg S/MIME: $build_gpgsm Agent: $build_agent $build_agent_threaded Smartcard: $build_scdaemon $build_scdaemon_extra Protect tool: $show_gnupg_protect_tool_pgm Default agent: $show_gnupg_agent_pgm Default pinentry: $show_gnupg_pinentry_pgm Default scdaemon: $show_gnupg_scdaemon_pgm Default dirmngr: $show_gnupg_dirmngr_pgm PKITS based tests: $run_pkits_tests " diff --git a/sm/ChangeLog b/sm/ChangeLog index b135a63b7..d2b5a4fa4 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,1738 +1,1748 @@ +2006-10-18 Werner Koch + + * keylist.c (list_cert_raw): Also test for GPG_ERR_NO_VALUE when + testing for GPG_ERR_NO_DATA. + * certlist.c (cert_usage_p, gpgsm_find_cert): Ditto. + * certchain.c (check_cert_policy): Ditto. + + * keylist.c (list_cert_std, list_cert_raw): Print "none" for no + chain length available. + 2006-10-17 Werner Koch * gpgsm.c: No need for pth.h. (main): or to init it. It used to be hack for W32. * sign.c (gpgsm_get_default_cert): Changed to return only certificates usable for signing. 2006-10-16 Werner Koch * certchain.c (already_asked_marktrusted) (set_already_asked_marktrusted): New. (gpgsm_validate_chain) : Keep track of certificates we already asked for. 2006-10-11 Werner Koch * certreqgen.c (proc_parameters, create_request): Allow for creation directly from a card. * call-agent.c (gpgsm_agent_readkey): New arg FROMCARD. (gpgsm_scd_pksign): New. 2006-10-06 Werner Koch * Makefile.am (AM_CFLAGS): Use PTH version of libassuan. (gpgsm_LDADD): Ditto. 2006-10-05 Werner Koch * certcheck.c (do_encode_md): Check that the has algo is valid. 2006-10-02 Marcus Brinkmann * server.c (register_commands): New commands DUMPKEYS and DUMPSECRETKEYS. (cmd_dumpkeys, cmd_dumpsecretkeys): New functions. (option_handler): Support with-key-data option. 2006-09-26 Werner Koch * certchain.c (gpgsm_validate_chain): More changes for the relax feature. Use certificate reference counting instead of the old explicit tests. Added a missing free. 2006-09-25 Werner Koch * gpgsm.h (struct rootca_flags_s): New. * call-agent.c (istrusted_status_cb): New. (gpgsm_agent_istrusted): New arg ROOTCA_FLAGS. * keylist.c (list_cert_colon): Use dummy for new arg. * certchain.c (gpgsm_validate_chain): Make use of the relax flag for root certificates. (unknown_criticals): Ignore a GPG_ERR_NO_VALUE. 2006-09-20 Werner Koch * gpgsm.c: Add alias command --dump-cert. * Makefile.am: Changes to allow parallel make runs. 2006-09-18 Werner Koch * gpgsm.c (main): Use this to import standard certificates. * keydb.c (keydb_add_resource): New arg AUTO_CREATED. 2006-09-14 Werner Koch Replaced all call gpg_error_from_errno(errno) by gpg_error_from_syserror(). 2006-09-13 Werner Koch * keylist.c (list_internal_keys): Print marker line to FP and not to stdout. * gpgsm.c (main): All list key list commands now make ose of --output. Cleaned up calls to list modes. New command --dump-chain. Renamed --list-sigs to --list-chain and added an alias for the old one. * server.c (cmd_message): Changed to use assuan_command_parse_fd. (option_handler): New option list-to-output. (do_listkeys): Use it. 2006-09-06 Werner Koch * gpgsm.h (OUT_OF_CORE): Removed and changed all callers to out_of_core. (CTRL): Removed and changed everywhere to ctrl_t. (CERTLIST): Ditto. Replaced all Assuan error codes by libgpg-error codes. Removed all map_to_assuan_status and map_assuan_err. * gpgsm.c (main): Call assuan_set_assuan_err_source to have Assuan switch to gpg-error codes. * server.c (set_error): Adjusted. 2006-08-29 Werner Koch * call-agent.c (gpgsm_agent_pkdecrypt): Allow decryption using complete S-expressions as implemented by the current gpg-agent. * gpgsm.c (main): Implement --output for encrypt, decrypt, sign and export. 2006-07-03 Werner Koch * certreqgen.c (proc_parameters): Print the component label of a faulty DN. 2006-06-26 Werner Koch * certdump.c (gpgsm_cert_log_name): New. * certchain.c (is_cert_still_valid): Log the name of the certificate. 2006-06-20 Werner Koch * gpgsm.c (gpgsm_init_default_ctrl): Take care of the command line option --include-certs. * keylist.c (list_cert_raw): Print the certid. 2006-05-23 Werner Koch * keydb.c (hextobyte): Deleted as it is now defined in jnlib. * Makefile.am (gpgsm_LDADD): Include ZLIBS. 2006-05-19 Marcus Brinkmann * keydb.c (keydb_insert_cert): Do not lock here, but only check if it is locked. (keydb_store_cert): Lock here. * keydb.h (keydb_delete): Accept new argument UNLOCK. * keydb.c (keydb_delete): Likewise. Only unlock if this is set. * delete.c (delete_one): Add new argument to invocation of keydb_delete. 2006-05-15 Werner Koch * keylist.c (print_names_raw): Sanitize URI. 2006-03-21 Werner Koch * certchain.c (get_regtp_ca_info): New. (allowed_ca): Use it. 2006-03-20 Werner Koch * qualified.c (gpgsm_is_in_qualified_list): New optional arg COUNTRY. 2006-02-17 Werner Koch * call-dirmngr.c (start_dirmngr): Print name of dirmngr to be started. 2005-11-23 Werner Koch * gpgsm.h: New member QUALSIG_APPROVAL. * sign.c (gpgsm_sign): Print a warning if a certificate is not qualified. * qualified.c (gpgsm_qualified_consent): Include a note that this is not approved software. (gpgsm_not_qualified_warning): New. * gpgsm.c (main): Prepared to print a note whether the software has been approved. 2005-11-13 Werner Koch * call-agent.c (gpgsm_agent_get_confirmation): New. * keylist.c (list_cert_std): Print qualified status. * qualified.c: New. * certchain.c (gpgsm_validate_chain): Check for qualified certificates. * certchain.c (gpgsm_basic_cert_check): Release keydb handle when no-chain-validation is used. 2005-11-11 Werner Koch * keylist.c (print_capabilities): Print is_qualified status. 2005-10-28 Werner Koch * certdump.c (pretty_print_sexp): New. (gpgsm_print_name2): Use it here. This allows proper printing of DNS names as used with server certificates. 2005-10-10 Werner Koch * keylist.c: Add pkaAdress OID as reference. 2005-10-08 Marcus Brinkmann * Makefile.am (gpgsm_LDADD): Add ../gl/libgnu.a after ../common/libcommon.a. 2005-09-13 Werner Koch * verify.c (gpgsm_verify): Print a note if the unknown algorithm is MD2. * sign.c (gpgsm_sign): Ditto. * certcheck.c (gpgsm_check_cert_sig): Ditto. 2005-09-08 Werner Koch * export.c (popen_protect_tool): Add option --have-cert. We probably lost this option with 1.9.14 due to restructuring of export.c. 2005-07-21 Werner Koch * gpgsm.c (main): New options --no-log-file and --debug-none. * certreqgen.c (get_parameter, get_parameter_value): Add SEQ arg to allow enumeration. Changed all callers. (create_request): Process DNS and URI parameters. 2005-07-20 Werner Koch * keylist.c (email_kludge): Reworked. * certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf arg to unsigned. * call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto 2005-07-19 Werner Koch * fingerprint.c (gpgsm_get_certid): Cast printf arg to unsigned. Bug accidently introduced while solving the #$%^& gcc signed/unsigned char* warnings. 2005-06-15 Werner Koch * delete.c (delete_one): Changed FPR to unsigned. * encrypt.c (encrypt_dek): Made ENCVAL unsigned. (gpgsm_encrypt): Ditto. * sign.c (gpgsm_sign): Made SIGVAL unsigned. * base64.c (base64_reader_cb): Need to use some casting to get around signed/unsigned char* warnings. * certcheck.c (gpgsm_check_cms_signature): Ditto. (gpgsm_create_cms_signature): Changed arg R_SIGVAL to unsigned char*. (do_encode_md): Made NFRAME a size_t. * certdump.c (gpgsm_print_serial): Fixed signed/unsigned warning. (gpgsm_dump_serial): Ditto. (gpgsm_format_serial): Ditto. (gpgsm_dump_string): Ditto. (gpgsm_dump_cert): Ditto. (parse_dn_part): Ditto. (gpgsm_print_name2): Ditto. * keylist.c (email_kludge): Ditto. * certreqgen.c (proc_parameters, create_request): Ditto. (create_request): Ditto. * call-agent.c (gpgsm_agent_pksign): Made arg R_BUF unsigned. (struct cipher_parm_s): Made CIPHERTEXT unsigned. (struct genkey_parm_s): Ditto. * server.c (strcpy_escaped_plus): Made arg S signed char*. * fingerprint.c (gpgsm_get_fingerprint): Made ARRAY unsigned. (gpgsm_get_keygrip): Ditto. * keydb.c (keydb_insert_cert): Made DIGEST unsigned. (keydb_update_cert): Ditto. (classify_user_id): Apply cast to signed/unsigned assignment. (hextobyte): Ditto. 2005-06-01 Werner Koch * misc.c: Include setenv.h. 2005-04-21 Werner Koch * gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check. * certchain.c (gpgsm_validate_chain): Make use of it. * certchain.c (gpgsm_validate_chain): Check revocations even for expired certificates. This is required because on signature verification an expired key is fine whereas a revoked one is not. 2005-04-20 Werner Koch * Makefile.am (AM_CFLAGS): Add PTH_CFLAGS as noted by several folks. 2005-04-19 Werner Koch * certchain.c (check_cert_policy): Print the diagnostic for a open failure of policies.txt only in verbose mode or when it is not ENOENT. 2005-04-17 Werner Koch * call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI. * certlist.c (gpgsm_find_cert): Add new arg KEYID and implement this filter. Changed all callers. * certchain.c (find_up_search_by_keyid): New helper. (find_up): Also try using the AKI.keyIdentifier. (find_up_external): Ditto. 2005-04-15 Werner Koch * keylist.c (list_cert_raw): Print the subjectKeyIdentifier as well as the keyIdentifier part of the authorityKeyIdentifier. 2005-03-31 Werner Koch * call-dirmngr.c (start_dirmngr): Use PATHSEP_C instead of ':'. * call-agent.c (start_agent): Ditto. 2005-03-17 Werner Koch * certcheck.c: Fixed use of DBG_CRYPTO and DBG_X509. * certchain.c (gpgsm_basic_cert_check): Dump certificates after a failed gcry_pk_verify. (find_up): Do an external lookup also for an authorityKeyIdentifier lookup. Factored external lookup code out to .. (find_up_external): .. new. 2005-03-03 Werner Koch * Makefile.am (gpgsm_LDADD): Added PTH_LIBS. Noted by Kazu Yamamoto. 2005-01-13 Werner Koch * certreqgen.c (proc_parameters): Cast printf arg. 2004-12-22 Werner Koch * gpgsm.c (set_binary): New. (main, open_read, open_fwrite): Use it. 2004-12-21 Werner Koch * gpgsm.c (main): Use default_homedir(). (main) [W32]: Default to disabled CRL checks. 2004-12-20 Werner Koch * call-agent.c (start_agent): Before starting a pipe server start to connect to a server on the standard socket. Use PATHSEP * call-dirmngr.c (start_dirmngr): Use PATHSEP. * import.c: Include unistd.h for dup and close. 2004-12-18 Werner Koch * gpgsm.h (map_assuan_err): Define in terms of map_assuan_err_with_source. * call-agent.c (start_agent): Pass error source to send_pinentry_environment. 2004-12-17 Werner Koch * call-dirmngr.c (isvalid_status_cb, lookup_status_cb) (run_command_status_cb): Return cancel status if gpgsm_status returned an error. * server.c (gpgsm_status, gpgsm_status2) (gpgsm_status_with_err_code): Return an error code. (gpgsm_status2): Always call va_end(). 2004-12-15 Werner Koch * call-dirmngr.c (lookup_status_cb): Send progress messages upstream. (isvalid_status_cb): Ditto. (gpgsm_dirmngr_isvalid): Put CTRL into status CB parameters. (gpgsm_dirmngr_run_command, run_command_status_cb): Pass CTRL to status callback and handle PROGRESS. * misc.c (setup_pinentry_env) [W32]: Don't use it. * gpgsm.c (main) [W32]: Init Pth because we need it for the socket operations and to resolve libassuan symbols. (run_protect_tool) [W32]: Disable it. * Makefile.am (gpgsm_LDADD): Move LIBASSUAN_LIBS more to the end. 2004-12-07 Werner Koch * Makefile.am (gpgsm_LDADD): Put libassuan before jnlib because under W32 we need the w32 pth code from jnlib. * misc.c (setup_pinentry_env) [W32]: Disabled. 2004-12-06 Werner Koch * gpgsm.c (run_protect_tool) [_WIN32]: Disabled. * import.c (popen_protect_tool): Simplified by making use of gnupg_spawn_process. (parse_p12): Likewise, using gnupg_wait_process. * export.c (popen_protect_tool): Ditto. (export_p12): Ditto. * keydb.c: Don't define DIRSEP_S here. 2004-12-02 Werner Koch * certchain.c (gpgsm_basic_cert_check): Dump certs with bad signature for debugging. (gpgsm_validate_chain): Ditto. 2004-11-29 Werner Koch * gpgsm.c (set_debug): Changed to use a globals DEBUG_LEVEL and DEBUG_VALUE. (main): Made DEBUG_LEVEL global and introduced DEBUG_VALUE. This now allows to add debug flags on top of a debug-level setting. 2004-11-23 Werner Koch * gpgsm.c: New option --prefer-system-dirmngr. * call-dirmngr.c (start_dirmngr): Implement this option. 2004-10-22 Werner Koch * certreqgen.c (gpgsm_genkey): Remove the NEW from the certificate request PEM header. This is according to the Sphinx standard. 2004-10-08 Moritz Schulte * certchain.c (gpgsm_validate_chain): Do not use keydb_new() in case the no_chain_validation-return-short-cut is used (fixes memory leak). 2004-10-04 Werner Koch * misc.c (setup_pinentry_env): Try hard to set a default for GPG_TTY. 2004-09-30 Werner Koch * gpgsm.c (i18n_init): Always use LC_ALL. * certdump.c (gpgsm_format_name): Factored code out to .. (gpgsm_format_name2): .. new. (gpgsm_print_name): Factored code out to .. (gpgsm_print_name2): .. new. (print_dn_part): New arg TRANSLATE. Changed all callers. (print_dn_parts): Ditto. (gpgsm_format_keydesc): Do not translate the SUBJECT; we require it to stay UTF-8 but we still want to filter out bad control characters. * Makefile.am: Adjusted for gettext 0.14. * keylist.c (list_cert_colon): Make sure that the expired flag has a higher precedence than the invalid flag. 2004-09-29 Werner Koch * import.c (parse_p12): Write an error status line for bad passphrases. Add new arg CTRL and changed caller. * export.c (export_p12): Likewise. 2004-09-14 Werner Koch * certchain.c (gpgsm_validate_chain): Give expired certificates a higher error precedence and don't bother to check any CRL in that case. 2004-08-24 Werner Koch * certlist.c: Fixed typo in ocsp OID. 2004-08-18 Werner Koch * certlist.c (gpgsm_cert_use_ocsp_p): New. (cert_usage_p): Support it here. * call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it here. 2004-08-17 Marcus Brinkmann * import.c: Fix typo in last change. 2004-08-17 Werner Koch * import.c (check_and_store): Do a full validation if --with-validation is set. * certchain.c (gpgsm_basic_cert_check): Print more detailed error messages. * certcheck.c (do_encode_md): Partly support DSA. Add new arg PKALGO. Changed all callers to pass it. (pk_algo_from_sexp): New. 2004-08-16 Werner Koch * gpgsm.c: New option --fixed-passphrase. * import.c (popen_protect_tool): Pass it to the protect-tool. * server.c (cmd_encrypt): Use DEFAULT_RECPLIST and not recplist for encrypt-to keys. 2004-08-06 Werner Koch * gpgsm.c: New option --with-ephemeral-keys. * keylist.c (list_internal_keys): Set it here. (list_cert_raw): And indicate those keys. Changed all our callers to pass the new arg HD through. 2004-07-23 Werner Koch * certreqgen.c (proc_parameters): Do not allow key length below 1024. 2004-07-22 Werner Koch * keylist.c (list_cert_raw): Print the keygrip. 2004-07-20 Werner Koch * certchain.c (gpgsm_validate_chain): The trust check didn't worked anymore, probably due to the changes at 2003-03-04. Fixed. 2004-06-06 Werner Koch * certreqgen.c (get_parameter_uint, create_request): Create an extension for key usage when requested. 2004-05-12 Werner Koch * gpgsm.c (main): Install emergency_cleanup also as an atexit handler. * verify.c (gpgsm_verify): Removed the separate error code handling for KSBA. We use shared error codes anyway. * export.c (export_p12): Removed debugging code. * encrypt.c (gpgsm_encrypt): Put the session key in to secure memory. 2004-05-11 Werner Koch * sign.c (gpgsm_sign): Include the error source in the final error message. * decrypt.c (gpgsm_decrypt): Ditto. * fingerprint.c (gpgsm_get_key_algo_info): New. * sign.c (gpgsm_sign): Don't assume RSA in the status line. * keylist.c (list_cert_colon): Really print the algorithm and key length. (list_cert_raw, list_cert_std): Ditto. (list_cert_colon): Reorganized to be able to tell whether a root certificate is trusted. * gpgsm.c: New option --debug-allow-core-dump. * gpgsm.h (opt): Add member CONFIG_FILENAME. * gpgsm.c (main): Use it here instead of the local var. * server.c (gpgsm_server): Print some additional information with the hello in verbose mode. 2004-04-30 Werner Koch * import.c (check_and_store): Do not update the stats for hidden imports of issuer certs. (popen_protect_tool): Request statusmessages from the protect-tool. (parse_p12): Detect status messages. Add new arg STATS and update them. (print_imported_summary): Include secret key stats. 2004-04-28 Werner Koch * gpgsm.c: New command --keydb-clear-some-cert-flags. * keydb.c (keydb_clear_some_cert_flags): New. (keydb_update_keyblock, keydb_set_flags): Change error code CONFLICT to NOT_LOCKED. 2004-04-26 Werner Koch * gpgsm.c (main) : Do not use /dev/null as default config filename. * call-agent.c (gpgsm_agent_pksign, gpgsm_agent_pkdecrypt) (gpgsm_agent_genkey, gpgsm_agent_istrusted) (gpgsm_agent_marktrusted, gpgsm_agent_havekey) (gpgsm_agent_passwd): Add new arg CTRL and changed all callers. (start_agent): New arg CTRL. Send progress item when starting a new agent. * sign.c (gpgsm_get_default_cert, get_default_signer): New arg CTRL to be passed down to the agent function. * decrypt.c (prepare_decryption): Ditto. * certreqgen.c (proc_parameters, read_parameters): Ditto. * certcheck.c (gpgsm_create_cms_signature): Ditto. 2004-04-23 Werner Koch * keydb.c (keydb_add_resource): Try to compress the file on init. * keylist.c (oidtranstbl): New. OIDs collected from several sources. (print_name_raw, print_names_raw, list_cert_raw): New. (gpgsm_list_keys): Check the dump mode and pass it down as necessary. 2004-04-22 Werner Koch * gpgsm.c (main): New commands --dump-keys, --dump-external-keys, --dump-secret-keys. 2004-04-13 Werner Koch * misc.c (setup_pinentry_env): New. * import.c (popen_protect_tool): Call it. * export.c (popen_protect_tool): Call it. 2004-04-08 Werner Koch * decrypt.c (gpgsm_decrypt): Return GPG_ERR_NO_DATA if it is not a encrypted message. 2004-04-07 Werner Koch * gpgsm.c: New option --force-crl-refresh. * call-dirmngr.c (gpgsm_dirmngr_isvalid): Pass option to dirmngr. 2004-04-05 Werner Koch * server.c (get_status_string): Add STATUS_NEWSIG. * verify.c (gpgsm_verify): Print STATUS_NEWSIG for each signature. * certchain.c (gpgsm_validate_chain) : Do not just warn if a cert is not suitable; bail out immediately. 2004-04-01 Werner Koch * call-dirmngr.c (isvalid_status_cb): New. (unhexify_fpr): New. Taken from ../g10/call-agent.c (gpgsm_dirmngr_isvalid): Add new arg CTRL, changed caller to pass it thru. Detect need to check the respondert cert and do that. * certchain.c (gpgsm_validate_chain): Add new arg FLAGS. Changed all callers. 2004-03-24 Werner Koch * sign.c (gpgsm_sign): Include a short list of capabilities. 2004-03-17 Werner Koch * gpgsm.c (main) : Fixed default value quoting. 2004-03-16 Werner Koch * gpgsm.c (main): Implemented --gpgconf-list. 2004-03-15 Werner Koch * keylist.c (list_cert_colon): Hack to set the expired flag. 2004-03-09 Werner Koch * gpgsm.c (main): Correctly intitialze USE_OCSP flag. * keydb.c (keydb_delete): s/GPG_ERR_CONFLICT/GPG_ERR_NOT_LOCKED/ 2004-03-04 Werner Koch * call-dirmngr.c (gpgsm_dirmngr_isvalid): New arg ISSUER_CERT. * certchain.c (is_cert_still_valid): New. Code moved from ... (gpgsm_validate_chain): ... here because we now need to check at two places and at a later stage, so that we can pass the issuer cert down to the dirmngr. 2004-03-03 Werner Koch * call-agent.c (start_agent): Replaced pinentry setup code by a call to a new common function. * certdump.c (gpgsm_format_keydesc): Make sure the string is returned as utf-8. * export.c (gpgsm_export): Make sure that we don't export more than one certificate. 2004-03-02 Werner Koch * export.c (create_duptable, destroy_duptable) (insert_duptable): New. (gpgsm_export): Avoid duplicates. 2004-02-26 Werner Koch * certchain.c (compare_certs): New. (gpgsm_validate_chain): Fixed infinite certificate checks after bad signatures. 2004-02-24 Werner Koch * keylist.c (list_cert_colon): Print the fingerprint as the cert-id for root certificates. 2004-02-21 Werner Koch * keylist.c (list_internal_keys): Return error codes. (list_external_keys, gpgsm_list_keys): Ditto. * server.c (do_listkeys): Ditto. * gpgsm.c (main): Display a key description for --passwd. * call-agent.c (gpgsm_agent_passwd): New arg DESC. 2004-02-20 Werner Koch * gpgsm.c (main): New option --debug-ignore-expiration. * certchain.c (gpgsm_validate_chain): Use it here. * certlist.c (cert_usage_p): Apply extKeyUsage. 2004-02-19 Werner Koch * export.c (export_p12, popen_protect_tool) (gpgsm_p12_export): New. * gpgsm.c (main): New command --export-secret-key-p12. 2004-02-18 Werner Koch * gpgsm.c (set_debug): Set the new --debug-level flags. (main): New option --gpgconf-list. (main): Do not setup -u and -r keys when not required. (main): Setup the used character set. * keydb.c (keydb_add_resource): Print a hint to start the gpg-agent. 2004-02-17 Werner Koch * gpgsm.c: Fixed value parsing for --with-validation. * call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO. * call-dirmngr.c (start_dirmngr): Likewise for DIRMNGR_INFO. * gpgsm.c: New option --with-md5-fingerprint. * keylist.c (list_cert_std): Print MD5 fpr. * gpgsm.c: New options --with-validation. * server.c (option_handler): New option "with-validation". * keylist.c (list_cert_std, list_internal_keys): New args CTRL and WITH_VALIDATION. Changed callers to set it. (list_external_cb, list_external_keys): Pass CTRL to the callback. (list_cert_colon): Add arg CTRL. Check validation if requested. * certchain.c (unknown_criticals, allowed_ca, check_cert_policy) (gpgsm_validate_chain): New args LISTMODE and FP. (do_list): New helper for info output. (find_up): New arg FIND_NEXT. (gpgsm_validate_chain): After a bad signature try again with other CA certificates. * import.c (print_imported_status): New arg NEW_CERT. Print additional STATUS_IMPORT_OK becuase that is what gpgme expects. (check_and_store): Always call above function after import. * server.c (get_status_string): Added STATUS_IMPORT_OK. 2004-02-13 Werner Koch * certcheck.c (gpgsm_create_cms_signature): Format a description for use by the pinentry. * decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP. * certdump.c (format_name_cookie, format_name_writer) (gpgsm_format_name): New. (gpgsm_format_serial): New. (gpgsm_format_keydesc): New. * call-agent.c (gpgsm_agent_pksign): New arg DESC. (gpgsm_agent_pkdecrypt): Ditto. * encrypt.c (init_dek): Check for too weak algorithms. * import.c (parse_p12, popen_protect_tool): New. * base64.c (gpgsm_create_reader): New arg ALLOW_MULTI_PEM. Changed all callers. (base64_reader_cb): Handle it here. (gpgsm_reader_eof_seen): New. (base64_reader_cb): Set a flag for EOF. (simple_reader_cb): Ditto. 2004-02-12 Werner Koch * gpgsm.h, gpgsm.c: New option --protect-tool-program. * gpgsm.c (run_protect_tool): Use it. 2004-02-11 Werner Koch * Makefile.am (AM_CPPFLAGS): Pass directory constants via -D; this will allow to override directory names at make time. 2004-02-02 Werner Koch * import.c (check_and_store): Import certificates even with missing issuer's cert. Fixed an "depending on the verbose setting" bug. * certchain.c (gpgsm_validate_chain): Mark revoked certs in the keybox. * keylist.c (list_cert_colon): New arg VALIDITY; use it to print a revoked flag. (list_internal_keys): Retrieve validity flag. (list_external_cb): Pass 0 as validity flag. * keydb.c (keydb_get_flags, keydb_set_flags): New. (keydb_set_cert_flags): New. (lock_all): Return a proper error code. (keydb_lock): New. (keydb_delete): Don't lock but check that it has been locked. (keydb_update_keyblock): Ditto. * delete.c (delete_one): Take a lock. 2004-01-30 Werner Koch * certchain.c (check_cert_policy): Fixed read error checking. (check_cert_policy): With no critical policies issue only a warning if the policy file does not exists. * sign.c (add_certificate_list): Decrement N for the first cert. 2004-01-29 Werner Koch * certdump.c (parse_dn_part): Map common OIDs to human readable labels. Make sure that a value won't get truncated if it includes a Nul. 2004-01-28 Werner Koch * certchain.c (gpgsm_validate_chain): Changed the message printed for an untrusted root certificate. 2004-01-27 Werner Koch * certdump.c (parse_dn_part): Pretty print the nameDistinguisher OID. (print_dn_part): Do not delimit multiple RDN by " + ". Handle multi-valued RDNs in a special way, i.e. in the order specified by the certificate. (print_dn_parts): Simplified. 2004-01-16 Werner Koch * sign.c (gpgsm_sign): Print an error message on all failures. * decrypt.c (gpgsm_decrypt): Ditto. 2003-12-17 Werner Koch * server.c (gpgsm_server): Add arg DEFAULT_RECPLIST. (cmd_encrypt): Add all enrypt-to marked certs to the list. * encrypt.c (gpgsm_encrypt): Check that real recipients are available. * gpgsm.c (main): Make the --encrypt-to and --no-encrypt-to options work. Pass the list of recients to gpgsm_server. * gpgsm.h (certlist_s): Add field IS_ENCRYPT_TO. (opt): Add NO_ENCRYPT_TO. * certlist.c (gpgsm_add_to_certlist): New arg IS_ENCRYPT_TO. Changed all callers and ignore duplicate entries. (is_cert_in_certlist): New. (gpgsm_add_cert_to_certlist): New. * certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul. (gpgsm_dump_serial): Ditto. * decrypt.c (gpgsm_decrypt): Replaced ERR by RC. 2003-12-16 Werner Koch * gpgsm.c (main): Set the prefixes for assuan logging. * sign.c (gpgsm_sign): Add validation checks for the default certificate. * gpgsm.c: Add -k as alias for --list-keys and -K for --list-secret-keys. 2003-12-15 Werner Koch * encrypt.c (init_dek): Use gry_create_nonce for the IV; there is not need for real strong random here and it even better protect the random bits used for the key. 2003-12-01 Werner Koch * gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp. (gpgsm_init_default_ctrl): Set USE_OCSP to the default value. * certchain.c (gpgsm_validate_chain): Handle USE_OCSP. * call-dirmngr.c (gpgsm_dirmngr_isvalid): Add arg USE_OCSP and proceed accordingly. 2003-11-19 Werner Koch * verify.c (gpgsm_verify): Use "0" instead of an empty string for the VALIDSIG status. 2003-11-18 Werner Koch * verify.c (gpgsm_verify): Fixed for changes API of gcry_md_info. * certchain.c (unknown_criticals): Fixed an error code test. 2003-11-12 Werner Koch Adjusted for API changes in Libksba. 2003-10-31 Werner Koch * certchain.c (gpgsm_validate_chain): Changed to use ksba_isotime_t. * verify.c (strtimestamp_r, gpgsm_verify): Ditto. * sign.c (gpgsm_sign): Ditto. * keylist.c (print_time, list_cert_std, list_cert_colon): Ditto. * certdump.c (gpgsm_print_time, gpgsm_dump_time, gpgsm_dump_cert): Ditto. 2003-10-25 Werner Koch * certreqgen.c (read_parameters): Fixed faulty of !spacep(). 2003-08-20 Marcus Brinkmann * encrypt.c (encode_session_key): Allocate enough space. Cast key byte to unsigned char to prevent sign extension. (encrypt_dek): Check return value before error. 2003-08-14 Timo Schulz * encrypt.c (encode_session_key): Use new Libgcrypt interface. 2003-07-31 Werner Koch * Makefile.am (gpgsm_LDADD): Added INTLLIBS. 2003-07-29 Werner Koch * gpgsm.c (main): Add secmem features and set the random seed file. (gpgsm_exit): Update the random seed file and enable debug output. 2003-07-27 Werner Koch Adjusted for gcry_mpi_print and gcry_mpi_scan API change. 2003-06-24 Werner Koch * server.c (gpgsm_status_with_err_code): New. * verify.c (gpgsm_verify): Use it here instead of the old tokenizing version. * verify.c (strtimestamp): Renamed to strtimestamp_r Adjusted for changes in the libgcrypt API. Some more fixes for the libgpg-error stuff. 2003-06-04 Werner Koch * call-agent.c (init_membuf,put_membuf,get_membuf): Removed. Include new membuf header and changed used type. Renamed error codes from INVALID to INV and removed _ERROR suffixes. 2003-06-03 Werner Koch Changed all error codes in all files to the new libgpg-error scheme. * gpgsm.h: Include gpg-error.h . * Makefile.am: Link with libgpg-error. 2003-04-29 Werner Koch * Makefile.am: Use libassuan. Don't override LDFLAGS anymore. * server.c (register_commands): Adjust for new Assuan semantics. 2002-12-03 Werner Koch * call-agent.c (gpgsm_agent_passwd): New. * gpgsm.c (main): New command --passwd and --call-protect-tool (run_protect_tool): New. 2002-11-25 Werner Koch * verify.c (gpgsm_verify): Handle content-type attribute. 2002-11-13 Werner Koch * call-agent.c (start_agent): Try to use $GPG_TTY instead of ttyname. Changed ttyname to test stdin becuase it can be assumed that output redirection is more common that input redirection. 2002-11-12 Werner Koch * gpgsm.c: New command --call-dirmngr. * call-dirmngr.c (gpgsm_dirmngr_run_command) (run_command_inq_cb,run_command_cb) (run_command_status_cb): New. 2002-11-11 Werner Koch * certcheck.c (gpgsm_check_cms_signature): Don't double free s_sig but free s_pkey at leave. 2002-11-10 Werner Koch * gpgsm.c: Removed duplicate --list-secret-key entry. 2002-09-19 Werner Koch * certcheck.c (gpgsm_check_cert_sig): Add cert hash debugging. * certchain.c (find_up): Print info when the cert was not found by the autorithyKeyIdentifier. 2002-09-03 Werner Koch * gpgsm.c (main): Disable the internal libgcrypt locking. 2002-08-21 Werner Koch * import.c (print_imported_summary): Cleaned up. Print new not_imported value. (check_and_store): Update non_imported counter. (print_import_problem): New. (check_and_store): Print error status message. * server.c (get_status_string): Added STATUS_IMPORT_PROBLEM. 2002-08-20 Werner Koch * gpgsm.c (main): Use the log file only in server mode. * import.c (print_imported_summary): New. (check_and_store): Update the counters, take new argument. (import_one): Factored out core of gpgsm_import. (gpgsm_import): Print counters. (gpgsm_import_files): New. * gpgsm.c (main): Use the new function for import. 2002-08-19 Werner Koch * decrypt.c (gpgsm_decrypt): Return a better error status token. * verify.c (gpgsm_verify): Don't error on messages with no signing time or no message digest. This is only the case for messages without any signed attributes. 2002-08-16 Werner Koch * certpath.c: Renamed to .. * certchain.c: this. Renamed all all other usages of "path" in the context of certificates to "chain". * call-agent.c (learn_cb): Special treatment when the issuer certificate is missing. 2002-08-10 Werner Koch * Makefile.am (INCLUDES): Add definition for localedir. * keylist.c (list_cert_colon): Print the short fingerprint in the key ID field. * fingerprint.c (gpgsm_get_short_fingerprint): New. * verify.c (gpgsm_verify): Print more verbose info for a good signature. 2002-08-09 Werner Koch * decrypt.c (prepare_decryption): Hack to detected already unpkcsedone keys. * gpgsm.c (emergency_cleanup): New. (main): Initialize the signal handler. * sign.c (gpgsm_sign): Reset the hash context for subsequent signers and release it at the end. 2002-08-05 Werner Koch * server.c (cmd_signer): New command "SIGNER" (register_commands): Register it. (cmd_sign): Pass the signer list to gpgsm_sign. * certlist.c (gpgsm_add_to_certlist): Add SECRET argument, check for secret key if set and changed all callers. * sign.c (gpgsm_sign): New argument SIGNERLIST and implemt multiple signers. * gpgsm.c (main): Support more than one -u. * server.c (cmd_recipient): Return reason code 1 for No_Public_Key which is actually what gets returned from add_to_certlist. 2002-07-26 Werner Koch * certcheck.c (gpgsm_check_cert_sig): Implement proper cleanup. (gpgsm_check_cms_signature): Ditto. 2002-07-22 Werner Koch * keydb.c (keydb_add_resource): Register a lock file. (lock_all, unlock_all): Implemented. * delete.c: New. * gpgsm.c: Made --delete-key work. * server.c (cmd_delkeys): New. (register_commands): New command DELKEYS. * decrypt.c (gpgsm_decrypt): Print a convenience note when RC2 is used and a STATUS_ERROR with the algorithm oid. 2002-07-03 Werner Koch * server.c (gpgsm_status2): Insert a blank between all optional arguments when using assuan. * server.c (cmd_recipient): No more need for extra blank in constants. * import.c (print_imported_status): Ditto. * gpgsm.c (main): Ditto. 2002-07-02 Werner Koch * verify.c (gpgsm_verify): Extend the STATUS_BADSIG line with the fingerprint. * certpath.c (check_cert_policy): Don't use log_error to print a warning. * keydb.c (keydb_store_cert): Add optional ar EXISTED and changed all callers. * call-agent.c (learn_cb): Print info message only for real imports. * import.c (gpgsm_import): Moved duplicated code to ... (check_and_store): new function. Added magic to import the entire chain. Print status only for real imports and moved printing code to .. (print_imported_status): New. * call-dirmngr.c (gpgsm_dirmngr_isvalid): print status of dirmngr call in very verbose mode. * gpgsm.c (main): Use the same error codes for STATUS_INV_RECP as with the server mode. 2002-06-29 Werner Koch * gpgsm.c: New option --auto-issuer-key-retrieve. * certpath.c (find_up): Try to retrieve an issuer key from an external source and from the ephemeral key DB. (find_up_store_certs_cb): New. * keydb.c (keydb_set_ephemeral): Does now return the old state. Call the backend only when required. * call-dirmngr.c (start_dirmngr): Use GNUPG_DEFAULT_DIRMNGR. (lookup_status_cb): Issue status only when CTRL is not NULL. (gpgsm_dirmngr_lookup): Document that CTRL is optional. * call-agent.c (start_agent): Use GNUPG_DEFAULT_AGENT. 2002-06-28 Werner Koch * server.c (cmd_recipient): Add more reason codes. 2002-06-27 Werner Koch * certpath.c (gpgsm_basic_cert_check): Use --debug-no-path-validation to also bypass this basic check. * gpgsm.c (main): Use GNUPG_DEFAULT_HOMEDIR constant. * call-agent.c (start_agent): Create and pass the list of FD to keep in the child to assuan. * call-dirmngr.c (start_dirmngr): Ditto. 2002-06-26 Werner Koch * import.c (gpgsm_import): Print an STATUS_IMPORTED. * gpgsm.c: --debug-no-path-validation does not take an argument. 2002-06-25 Werner Koch * certdump.c (print_dn_part): Always print a leading slash, removed NEED_DELIM arg and changed caller. * export.c (gpgsm_export): Print LFs to FP and not stdout. (print_short_info): Ditto. Make use of gpgsm_print_name. * server.c (cmd_export): Use output-fd instead of data lines; this was actually the specified way. 2002-06-24 Werner Koch * gpgsm.c: Removed duped help entry for --list-keys. * gpgsm.c, gpgsm.h: New option --debug-no-path-validation. * certpath.c (gpgsm_validate_path): Use it here instead of the debug flag hack. * certpath.c (check_cert_policy): Return No_Policy_Match if the policy file could not be opened. 2002-06-20 Werner Koch * certlist.c (gpgsm_add_to_certlist): Fixed locating of a certificate with the required key usage. * gpgsm.c (main): Fixed a segv when using --outfile without an argument. * keylist.c (print_capabilities): Also check for non-repudiation and data encipherment. * certlist.c (cert_usage_p): Test for signing and encryption was swapped. Add a case for certification usage, handle non-repudiation and data encipherment. (gpgsm_cert_use_cert_p): New. (gpgsm_add_to_certlist): Added a CTRL argument and changed all callers to pass it. * certpath.c (gpgsm_validate_path): Use it here to print a status message. Added a CTRL argument and changed all callers to pass it. * decrypt.c (gpgsm_decrypt): Print a status message for wrong key usage. * verify.c (gpgsm_verify): Ditto. * keydb.c (classify_user_id): Allow a colon delimited fingerprint. 2002-06-19 Werner Koch * call-agent.c (learn_cb): Use log_info instead of log_error on successful import. * keydb.c (keydb_set_ephemeral): New. (keydb_store_cert): New are ephemeral, changed all callers. * keylist.c (list_external_cb): Store cert as ephemeral. * export.c (gpgsm_export): Kludge to export epehmeral certificates. * gpgsm.c (main): New command --list-external-keys. 2002-06-17 Werner Koch * certreqgen.c (read_parameters): Improved error handling. (gpgsm_genkey): Print error message. 2002-06-13 Werner Koch * gpgsm.c (main): New option --log-file. 2002-06-12 Werner Koch * call-dirmngr.c (lookup_status_cb): New. (gpgsm_dirmngr_lookup): Use the status CB. Add new arg CTRL and changed caller to pass it. * gpgsm.c (open_fwrite): New. (main): Allow --output for --verify. * sign.c (hash_and_copy_data): New. (gpgsm_sign): Implemented normal (non-detached) signatures. * gpgsm.c (main): Ditto. * certpath.c (gpgsm_validate_path): Special error handling for no policy match. 2002-06-10 Werner Koch * server.c (get_status_string): Add STATUS_ERROR. * certpath.c (gpgsm_validate_path): Tweaked the error checking to return error codes in a more sensitive way. * verify.c (gpgsm_verify): Send status TRUST_NEVER also for a bad CA certificate and when the certificate has been revoked. Issue TRUST_FULLY even when the cert has expired. Append an error token to these status lines. Issue the new generic error status when a cert was not found and when leaving the function. 2002-06-04 Werner Koch * gpgsm.c (main): New command --list-sigs * keylist.c (list_cert_std): New. Use it whenever colon mode is not used. (list_cert_chain): New. 2002-05-31 Werner Koch * gpgsm.c (main): Don't print the "go ahead" message for an invalid command. 2002-05-23 Werner Koch * import.c (gpgsm_import): Add error messages. 2002-05-21 Werner Koch * keylist.c (list_internal_keys): Renamed from gpgsm_list_keys. (list_external_keys): New. (gpgsm_list_keys): Dispatcher for above. * call-dirmngr.c (lookup_cb,pattern_from_strlist) (gpgsm_dirmngr_lookup): New. * server.c (option_handler): Handle new option --list-mode. (do_listkeys): Handle options and actually use the mode argument. (get_status_string): New code TRUNCATED. * import.c (gpgsm_import): Try to identify the type of input and handle certs-only messages. 2002-05-14 Werner Koch * gpgsm.c: New option --faked-system-time * sign.c (gpgsm_sign): And use it here. * certpath.c (gpgsm_validate_path): Ditto. 2002-05-03 Werner Koch * certpath.c (gpgsm_validate_path): Added EXPTIME arg and changed all callers. * verify.c (gpgsm_verify): Tweaked usage of log_debug and log_error. Return EXPSIG status and add expiretime to VALIDSIG. 2002-04-26 Werner Koch * gpgsm.h (DBG_AGENT,DBG_AGENT_VALUE): Replaced by DBG_ASSUAN_*. Changed all users. * call-agent.c (start_agent): Be more silent without -v. * call-dirmngr.c (start_dirmngr): Ditto. 2002-04-25 Werner Koch * call-agent.c (start_agent): Make copies of old locales and check for setlocale. 2002-04-25 Marcus Brinkmann * call-agent.c (start_agent): Fix error handling logic so the locale is always correctly reset. 2002-04-25 Marcus Brinkmann * server.c (option_handler): Accept display, ttyname, ttytype, lc_ctype and lc_messages options. * gpgsm.c (main): Allocate memory for these options. * gpgsm.h (struct opt): Make corresponding members non-const. 2002-04-24 Marcus Brinkmann * gpgsm.h (struct opt): New members display, ttyname, ttytype, lc_ctype, lc_messages. * gpgsm.c (enum cmd_and_opt_values): New members oDisplay, oTTYname, oTTYtype, oLCctype, oLCmessages. (opts): New entries for these options. (main): Handle these new options. * call-agent.c (start_agent): Set the various display and tty parameter after resetting. 2002-04-18 Werner Koch * certreqgen.c (gpgsm_genkey): Write status output on success. 2002-04-15 Werner Koch * gpgsm.c (main): Check ksba version. * certpath.c (find_up): New to use the authorithKeyIdentifier. Use it in all other functions to locate the signing cert.. 2002-04-11 Werner Koch * certlist.c (cert_usable_p): New. (gpgsm_cert_use_sign_p,gpgsm_cert_use_encrypt_p): New. (gpgsm_cert_use_verify_p,gpgsm_cert_use_decrypt_p): New. (gpgsm_add_to_certlist): Check the key usage. * sign.c (gpgsm_sign): Ditto. * verify.c (gpgsm_verify): Print a message wehn an unsuitable certificate was used. * decrypt.c (gpgsm_decrypt): Ditto * keylist.c (print_capabilities): Determine values from the cert. 2002-03-28 Werner Koch * keylist.c (list_cert_colon): Fixed listing of crt record; the issuer is not at the right place. Print a chainingID. * certpath.c (gpgsm_walk_cert_chain): Be a bit more silent on common errors. 2002-03-21 Werner Koch * export.c: New. * gpgsm.c: Add command --export. * server.c (cmd_export): New. 2002-03-13 Werner Koch * decrypt.c (gpgsm_decrypt): Allow multiple recipients. 2002-03-12 Werner Koch * certpath.c (check_cert_policy): Print the policy list. * verify.c (gpgsm_verify): Detect certs-only message. 2002-03-11 Werner Koch * import.c (gpgsm_import): Print a notice about imported certificates when in verbose mode. * gpgsm.c (main): Print INV_RECP status. * server.c (cmd_recipient): Ditto. * server.c (gpgsm_status2): New. Allows for a list of strings. (gpgsm_status): Divert to gpgsm_status2. * encrypt.c (gpgsm_encrypt): Don't use a default key when no recipients are given. Print a NO_RECP status. 2002-03-06 Werner Koch * server.c (cmd_listkeys, cmd_listsecretkeys): Divert to (do_listkeys): new. Add pattern parsing. * keylist.c (gpgsm_list_keys): Handle selection pattern. * gpgsm.c: New command --learn-card * call-agent.c (learn_cb,gpgsm_agent_learn): New. * gpgsm.c (main): Print error messages for non-implemented commands. * base64.c (base64_reader_cb): Use case insensitive compare of the Content-Type string to detect plain base-64. 2002-03-05 Werner Koch * gpgsm.c, gpgsm.h: Add local_user. * sign.c (gpgsm_get_default_cert): New. (get_default_signer): Use the new function if local_user is not set otherwise used that value. * encrypt.c (get_default_recipient): Removed. (gpgsm_encrypt): Use gpgsm_get_default_cert. * verify.c (gpgsm_verify): Better error text for a bad signature found by comparing the hashs. 2002-02-27 Werner Koch * call-dirmngr.c, call-agent.c: Add 2 more arguments to all uses of assuan_transact. 2002-02-25 Werner Koch * server.c (option_handler): Allow to use -2 for "send all certs except the root cert". * sign.c (add_certificate_list): Implement it here. * certpath.c (gpgsm_is_root_cert): New. 2002-02-19 Werner Koch * certpath.c (check_cert_policy): New. (gpgsm_validate_path): And call it from here. * gpgsm.c (main): New options --policy-file, --disable-policy-checks and --enable-policy-checks. * gpgsm.h (opt): Added policy_file, no_policy_checks. 2002-02-18 Werner Koch * certpath.c (gpgsm_validate_path): Ask the agent to add the certificate into the trusted list. * call-agent.c (gpgsm_agent_marktrusted): New. 2002-02-07 Werner Koch * certlist.c (gpgsm_add_to_certlist): Check that the specified name identifies a certificate unambiguously. (gpgsm_find_cert): Ditto. * server.c (cmd_listkeys): Check that the data stream is available. (cmd_listsecretkeys): Ditto. (has_option): New. (cmd_sign): Fix ambiguousity in option recognition. * gpgsm.c (main): Enable --logger-fd. * encrypt.c (gpgsm_encrypt): Increased buffer size for better performance. * call-agent.c (gpgsm_agent_pksign): Check the S-Exp received from the agent. * keylist.c (list_cert_colon): Filter out control characters. 2002-02-06 Werner Koch * decrypt.c (gpgsm_decrypt): Bail out after an decryption error. * server.c (reset_notify): Close input and output FDs. (cmd_encrypt,cmd_decrypt,cmd_verify,cmd_sign.cmd_import) (cmd_genkey): Close the FDs and release the recipient list even in the error case. 2002-02-01 Marcus Brinkmann * sign.c (gpgsm_sign): Do not release certificate twice. 2002-01-29 Werner Koch * call-agent.c (gpgsm_agent_havekey): New. * keylist.c (list_cert_colon): New arg HAVE_SECRET, print "crs" when we know that the secret key is available. (gpgsm_list_keys): New arg MODE, check whether a secret key is available. Changed all callers. * gpgsm.c (main): New command --list-secret-keys. * server.c (cmd_listsecretkeys): New. (cmd_listkeys): Return secret keys with "crs" record. 2002-01-28 Werner Koch * certreqgen.c (create_request): Store the email address in the req. 2002-01-25 Werner Koch * gpgsm.c (main): Disable core dumps. * sign.c (add_certificate_list): New. (gpgsm_sign): Add the certificates to the CMS object. * certpath.c (gpgsm_walk_cert_chain): New. * gpgsm.h (server_control_s): Add included_certs. * gpgsm.c: Add option --include-certs. (gpgsm_init_default_ctrl): New. (main): Call it. * server.c (gpgsm_server): Ditto. (option_handler): Support --include-certs. 2002-01-23 Werner Koch * certpath.c (gpgsm_validate_path): Print the DN of a missing issuer. * certdump.c (gpgsm_dump_string): New. (print_dn): Replaced by above. 2002-01-22 Werner Koch * certpath.c (unknown_criticals): New. (allowed_ca): New. (gpgsm_validate_path): Check validity, CA attribute, path length and unknown critical extensions. 2002-01-21 Werner Koch * gpgsm.c: Add option --enable-crl-checks. * call-agent.c (start_agent): Implemented socket based access. * call-dirmngr.c (start_dirmngr): Ditto. 2002-01-20 Werner Koch * server.c (option_handler): New. (gpgsm_server): Register it with assuan. 2002-01-19 Werner Koch * server.c (gpgsm_server): Use assuan_deinit_server and setup assuan logging if enabled. * call-agent.c (inq_ciphertext_cb): Don't show the session key in an Assuan log file. * gpgsm.c (my_strusage): Take bugreport address from configure.ac 2002-01-15 Werner Koch * import.c (gpgsm_import): Just do a basic cert check before storing it. * certpath.c (gpgsm_basic_cert_check): New. * keydb.c (keydb_store_cert): New. * import.c (store_cert): Removed and change all caller to use the new function. * verify.c (store_cert): Ditto. * certlist.c (gpgsm_add_to_certlist): Validate the path * certpath.c (gpgsm_validate_path): Check the trust list. * call-agent.c (gpgsm_agent_istrusted): New. 2002-01-14 Werner Koch * call-dirmngr.c (inq_certificate): Changed for new interface semantic. * certlist.c (gpgsm_find_cert): New. 2002-01-13 Werner Koch * fingerprint.c (gpgsm_get_certid): Print the serial and not the hash after the dot. 2002-01-11 Werner Koch * call-dirmngr.c: New. * certpath.c (gpgsm_validate_path): Check the CRL here. * fingerprint.c (gpgsm_get_certid): New. * gpgsm.c: New options --dirmngr-program and --disable-crl-checks. 2002-01-10 Werner Koch * base64.c (gpgsm_create_writer): Allow to set the object name 2002-01-08 Werner Koch * keydb.c (spacep): Removed because it is now in util.c * server.c (cmd_genkey): New. * certreqgen.c: New. The parameter handling code has been taken from gnupg/g10/keygen.c version 1.0.6. * call-agent.c (gpgsm_agent_genkey): New. 2002-01-02 Werner Koch * server.c (rc_to_assuan_status): Removed and changed all callers to use map_to_assuan_status. 2001-12-20 Werner Koch * verify.c (gpgsm_verify): Implemented non-detached signature verification. Add OUT_FP arg, initialize a writer and changed all callers. * server.c (cmd_verify): Pass an out_fp if one has been set. * base64.c (base64_reader_cb): Try to detect an S/MIME body part. * certdump.c (print_sexp): Renamed to gpgsm_dump_serial, made global. (print_time): Renamed to gpgsm_dump_time, made global. (gpgsm_dump_serial): Take a real S-Expression as argument and print the first item. * keylist.c (list_cert_colon): Ditto. * keydb.c (keydb_search_issuer_sn): Ditto. * decrypt.c (print_integer_sexp): Removed and made callers use gpgsm_dump_serial. * verify.c (print_time): Removed, made callers use gpgsm_dump_time. 2001-12-19 Marcus Brinkmann * call-agent.c (start_agent): Add new argument to assuan_pipe_connect. 2001-12-18 Werner Koch * verify.c (print_integer_sexp): Renamed from print_integer and print the serial number according to the S-Exp rules. * decrypt.c (print_integer_sexp): Ditto. 2001-12-17 Werner Koch * keylist.c (list_cert_colon): Changed for new return value of get_serial. * keydb.c (keydb_search_issuer_sn): Ditto. * certcheck.c (gpgsm_check_cert_sig): Likewise for other S-Exp returingin functions. * fingerprint.c (gpgsm_get_keygrip): Ditto. * encrypt.c (encrypt_dek): Ditto * certcheck.c (gpgsm_check_cms_signature): Ditto * decrypt.c (prepare_decryption): Ditto. * call-agent.c (gpgsm_agent_pkdecrypt): Removed arg ciphertextlen, use KsbaSexp type and calculate the length. * certdump.c (print_sexp): Remaned from print_integer, changed caller. * Makefile.am: Use the LIBGCRYPT and LIBKSBA variables. * fingerprint.c (gpgsm_get_keygrip): Use the new gcry_pk_get_keygrip to calculate the grip - note the algorithm and therefore the grip values changed. 2001-12-15 Werner Koch * certcheck.c (gpgsm_check_cms_signature): Removed the faked-key kludge. (gpgsm_create_cms_signature): Removed the commented fake key code. This makes the function pretty simple. * gpgsm.c (main): Renamed the default key database to "keyring.kbx". * decrypt.c (gpgsm_decrypt): Write STATUS_DECRYPTION_*. * sign.c (gpgsm_sign): Write a STATUS_SIG_CREATED. 2001-12-14 Werner Koch * keylist.c (list_cert_colon): Kludge to show an email address encoded in the subject's DN. * verify.c (gpgsm_verify): Add hash debug helpers * sign.c (gpgsm_sign): Ditto. * base64.c (base64_reader_cb): Reset the linelen when we need to skip the line and adjusted test; I somehow forgot about DeMorgan. * server.c (cmd_encrypt,cmd_decrypt,cmd_sign,cmd_verify) (cmd_import): Close the FDs on success. (close_message_fd): New. (input_notify): Setting autodetect_encoding to 0 after initializing it to 0 is pretty pointless. Easy to fix. * gpgsm.c (main): New option --debug-wait n, so that it is possible to attach gdb when used in server mode. * sign.c (get_default_signer): Use keydb_classify_name here. 2001-12-14 Marcus Brinkmann * call-agent.c (LINELENGTH): Removed. (gpgsm_agent_pksign): Use ASSUAN_LINELENGTH, not LINELENGTH. (gpgsm_agent_pkdecrypt): Likewise. 2001-12-13 Werner Koch * keylist.c (list_cert_colon): Print alternative names of subject and a few other values. 2001-12-12 Werner Koch * gpgsm.c (main): New options --assume-{armor,base64,binary}. * base64.c (base64_reader_cb): Fixed non-autodetection mode. 2001-12-04 Werner Koch * call-agent.c (read_from_agent): Check for inquire responses. (request_reply): Handle them using a new callback arg, changed all callers. (gpgsm_agent_pkdecrypt): New. 2001-11-27 Werner Koch * base64.c: New. Changed all other functions to use this instead of direct creation of ksba_reader/writer. * gpgsm.c (main): Set ctrl.auto_encoding unless --no-armor is used. 2001-11-26 Werner Koch * gpgsm.c: New option --agent-program * call-agent.c (start_agent): Allow to override the default path to the agent. * keydb.c (keydb_add_resource): Create keybox * keylist.c (gpgsm_list_keys): Fixed non-server keylisting. * server.c (rc_to_assuan_status): New. Use it for all commands. Copyright 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/sm/certchain.c b/sm/certchain.c index d251e047e..09ffe014e 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -1,1446 +1,1447 @@ /* certchain.c - certificate chain validation * Copyright (C) 2001, 2002, 2003, 2004, 2005, * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * USA. */ #include #include #include #include #include #include #include #include #include #define JNLIB_NEED_LOG_LOGV /* We need log_logv. */ #include "gpgsm.h" #include #include #include "keydb.h" #include "../kbx/keybox.h" /* for KEYBOX_FLAG_* */ #include "i18n.h" /* Object to keep track of certain root certificates. */ struct marktrusted_info_s { struct marktrusted_info_s *next; unsigned char fpr[20]; }; static struct marktrusted_info_s *marktrusted_info; static int get_regtp_ca_info (ksba_cert_t cert, int *chainlen); /* This function returns true if we already asked during this session whether the root certificate CERT shall be marked as trusted. */ static int already_asked_marktrusted (ksba_cert_t cert) { unsigned char fpr[20]; struct marktrusted_info_s *r; gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, fpr, NULL); /* No context switches in the loop! */ for (r=marktrusted_info; r; r= r->next) if (!memcmp (r->fpr, fpr, 20)) return 1; return 0; } /* Flag certificate CERT as already asked whether it shall be marked as trusted. */ static void set_already_asked_marktrusted (ksba_cert_t cert) { unsigned char fpr[20]; struct marktrusted_info_s *r; gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, fpr, NULL); for (r=marktrusted_info; r; r= r->next) if (!memcmp (r->fpr, fpr, 20)) return; /* Already marked. */ r = xtrycalloc (1, sizeof *r); if (!r) return; memcpy (r->fpr, fpr, 20); r->next = marktrusted_info; marktrusted_info = r; } /* If LISTMODE is true, print FORMAT using LISTMODE to FP. If LISTMODE is false, use the string to print an log_info or, if IS_ERROR is true, and log_error. */ static void do_list (int is_error, int listmode, FILE *fp, const char *format, ...) { va_list arg_ptr; va_start (arg_ptr, format) ; if (listmode) { if (fp) { fputs (" [", fp); vfprintf (fp, format, arg_ptr); fputs ("]\n", fp); } } else { log_logv (is_error? JNLIB_LOG_ERROR: JNLIB_LOG_INFO, format, arg_ptr); log_printf ("\n"); } va_end (arg_ptr); } /* Return 0 if A and B are equal. */ static int compare_certs (ksba_cert_t a, ksba_cert_t b) { const unsigned char *img_a, *img_b; size_t len_a, len_b; img_a = ksba_cert_get_image (a, &len_a); if (!img_a) return 1; img_b = ksba_cert_get_image (b, &len_b); if (!img_b) return 1; return !(len_a == len_b && !memcmp (img_a, img_b, len_a)); } static int unknown_criticals (ksba_cert_t cert, int listmode, FILE *fp) { static const char *known[] = { "2.5.29.15", /* keyUsage */ "2.5.29.19", /* basic Constraints */ "2.5.29.32", /* certificatePolicies */ "2.5.29.37", /* extendedKeyUsage - handled by certlist.c */ NULL }; int rc = 0, i, idx, crit; const char *oid; gpg_error_t err; for (idx=0; !(err=ksba_cert_get_extension (cert, idx, &oid, &crit, NULL, NULL));idx++) { if (!crit) continue; for (i=0; known[i] && strcmp (known[i],oid); i++) ; if (!known[i]) { do_list (1, listmode, fp, _("critical certificate extension %s is not supported"), oid); rc = gpg_error (GPG_ERR_UNSUPPORTED_CERT); } } /* We ignore the error codes EOF as well as no-value. The later will occur for certificates with no extensions at all. */ if (err && gpg_err_code (err) != GPG_ERR_EOF && gpg_err_code (err) != GPG_ERR_NO_VALUE) rc = err; return rc; } /* Check whether CERT is an allowed certificate. This requires that CERT matches all requirements for such a CA, i.e. the BasicConstraints extension. The function returns 0 on success and the awlloed length of the chain at CHAINLEN. */ static int allowed_ca (ksba_cert_t cert, int *chainlen, int listmode, FILE *fp) { gpg_error_t err; int flag; err = ksba_cert_is_ca (cert, &flag, chainlen); if (err) return err; if (!flag) { if (get_regtp_ca_info (cert, chainlen)) { /* Note that dirmngr takes a different way to cope with such certs. */ return 0; /* RegTP issued certificate. */ } do_list (1, listmode, fp,_("issuer certificate is not marked as a CA")); return gpg_error (GPG_ERR_BAD_CA_CERT); } return 0; } static int check_cert_policy (ksba_cert_t cert, int listmode, FILE *fplist) { gpg_error_t err; char *policies; FILE *fp; int any_critical; err = ksba_cert_get_cert_policies (cert, &policies); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) - return 0; /* no policy given */ + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) + return 0; /* No policy given. */ if (err) return err; /* STRING is a line delimited list of certifiate policies as stored in the certificate. The line itself is colon delimited where the first field is the OID of the policy and the second field either N or C for normal or critical extension */ if (opt.verbose > 1 && !listmode) log_info ("certificate's policy list: %s\n", policies); /* The check is very minimal but won't give false positives */ any_critical = !!strstr (policies, ":C"); if (!opt.policy_file) { xfree (policies); if (any_critical) { do_list (1, listmode, fplist, _("critical marked policy without configured policies")); return gpg_error (GPG_ERR_NO_POLICY_MATCH); } return 0; } fp = fopen (opt.policy_file, "r"); if (!fp) { if (opt.verbose || errno != ENOENT) log_info (_("failed to open `%s': %s\n"), opt.policy_file, strerror (errno)); xfree (policies); /* With no critical policies this is only a warning */ if (!any_critical) { do_list (0, listmode, fplist, _("note: non-critical certificate policy not allowed")); return 0; } do_list (1, listmode, fplist, _("certificate policy not allowed")); return gpg_error (GPG_ERR_NO_POLICY_MATCH); } for (;;) { int c; char *p, line[256]; char *haystack, *allowed; /* read line */ do { if (!fgets (line, DIM(line)-1, fp) ) { gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (policies); if (feof (fp)) { fclose (fp); /* With no critical policies this is only a warning */ if (!any_critical) { do_list (0, listmode, fplist, _("note: non-critical certificate policy not allowed")); return 0; } do_list (1, listmode, fplist, _("certificate policy not allowed")); return gpg_error (GPG_ERR_NO_POLICY_MATCH); } fclose (fp); return tmperr; } if (!*line || line[strlen(line)-1] != '\n') { /* eat until end of line */ while ( (c=getc (fp)) != EOF && c != '\n') ; fclose (fp); xfree (policies); return gpg_error (*line? GPG_ERR_LINE_TOO_LONG : GPG_ERR_INCOMPLETE_LINE); } /* Allow for empty lines and spaces */ for (p=line; spacep (p); p++) ; } while (!*p || *p == '\n' || *p == '#'); /* parse line */ for (allowed=line; spacep (allowed); allowed++) ; p = strpbrk (allowed, " :\n"); if (!*p || p == allowed) { fclose (fp); xfree (policies); return gpg_error (GPG_ERR_CONFIGURATION); } *p = 0; /* strip the rest of the line */ /* See whether we find ALLOWED (which is an OID) in POLICIES */ for (haystack=policies; (p=strstr (haystack, allowed)); haystack = p+1) { if ( !(p == policies || p[-1] == '\n') ) continue; /* Does not match the begin of a line. */ if (p[strlen (allowed)] != ':') continue; /* The length does not match. */ /* Yep - it does match so return okay. */ fclose (fp); xfree (policies); return 0; } } } /* Helper function for find_up. This resets the key handle and search for an issuer ISSUER with a subjectKeyIdentifier of KEYID. Returns 0 obn success or -1 when not found. */ static int find_up_search_by_keyid (KEYDB_HANDLE kh, const char *issuer, ksba_sexp_t keyid) { int rc; ksba_cert_t cert = NULL; ksba_sexp_t subj = NULL; keydb_search_reset (kh); while (!(rc = keydb_search_subject (kh, issuer))) { ksba_cert_release (cert); cert = NULL; rc = keydb_get_cert (kh, &cert); if (rc) { log_error ("keydb_get_cert() failed: rc=%d\n", rc); rc = -1; break; } xfree (subj); if (!ksba_cert_get_subj_key_id (cert, NULL, &subj)) { if (!cmp_simple_canon_sexp (keyid, subj)) break; /* Found matching cert. */ } } ksba_cert_release (cert); xfree (subj); return rc? -1:0; } static void find_up_store_certs_cb (void *cb_value, ksba_cert_t cert) { if (keydb_store_cert (cert, 1, NULL)) log_error ("error storing issuer certificate as ephemeral\n"); ++*(int*)cb_value; } /* Helper for find_up(). Locate the certificate for ISSUER using an external lookup. KH is the keydb context we are currently using. On success 0 is returned and the certificate may be retrieved from the keydb using keydb_get_cert(). KEYID is the keyIdentifier from the AKI or NULL. */ static int find_up_external (KEYDB_HANDLE kh, const char *issuer, ksba_sexp_t keyid) { int rc; strlist_t names = NULL; int count = 0; char *pattern; const char *s; if (opt.verbose) log_info (_("looking up issuer at external location\n")); /* The DIRMNGR process is confused about unknown attributes. As a quick and ugly hack we locate the CN and use the issuer string starting at this attribite. Fixme: we should have far better parsing in the dirmngr. */ s = strstr (issuer, "CN="); if (!s || s == issuer || s[-1] != ',') s = issuer; pattern = xtrymalloc (strlen (s)+2); if (!pattern) return gpg_error_from_syserror (); strcpy (stpcpy (pattern, "/"), s); add_to_strlist (&names, pattern); xfree (pattern); rc = gpgsm_dirmngr_lookup (NULL, names, find_up_store_certs_cb, &count); free_strlist (names); if (opt.verbose) log_info (_("number of issuers matching: %d\n"), count); if (rc) { log_error ("external key lookup failed: %s\n", gpg_strerror (rc)); rc = -1; } else if (!count) rc = -1; else { int old; /* The issuers are currently stored in the ephemeral key DB, so we temporary switch to ephemeral mode. */ old = keydb_set_ephemeral (kh, 1); if (keyid) rc = find_up_search_by_keyid (kh, issuer, keyid); else { keydb_search_reset (kh); rc = keydb_search_subject (kh, issuer); } keydb_set_ephemeral (kh, old); } return rc; } /* Locate issuing certificate for CERT. ISSUER is the name of the issuer used as a fallback if the other methods don't work. If FIND_NEXT is true, the function shall return the next possible issuer. The certificate itself is not directly returned but a keydb_get_cert on the keyDb context KH will return it. Returns 0 on success, -1 if not found or an error code. */ static int find_up (KEYDB_HANDLE kh, ksba_cert_t cert, const char *issuer, int find_next) { ksba_name_t authid; ksba_sexp_t authidno; ksba_sexp_t keyid; int rc = -1; if (!ksba_cert_get_auth_key_id (cert, &keyid, &authid, &authidno)) { const char *s = ksba_name_enum (authid, 0); if (s && *authidno) { rc = keydb_search_issuer_sn (kh, s, authidno); if (rc) keydb_search_reset (kh); /* In case of an error try the ephemeral DB. We can't do that in find_next mode because we can't keep the search state then. */ if (rc == -1 && !find_next) { int old = keydb_set_ephemeral (kh, 1); if (!old) { rc = keydb_search_issuer_sn (kh, s, authidno); if (rc) keydb_search_reset (kh); } keydb_set_ephemeral (kh, old); } } if (rc == -1 && keyid && !find_next) { /* Not found by AIK.issuer_sn. Lets try the AIY.ki instead. Loop over all certificates with that issuer as subject and stop for the one with a matching subjectKeyIdentifier. */ rc = find_up_search_by_keyid (kh, issuer, keyid); if (rc) { int old = keydb_set_ephemeral (kh, 1); if (!old) rc = find_up_search_by_keyid (kh, issuer, keyid); keydb_set_ephemeral (kh, old); } if (rc) rc = -1; /* Need to make sure to have this error code. */ } /* If we still didn't found it, try an external lookup. */ if (rc == -1 && opt.auto_issuer_key_retrieve && !find_next) rc = find_up_external (kh, issuer, keyid); /* Print a note so that the user does not feel too helpless when an issuer certificate was found and gpgsm prints BAD signature because it is not the correct one. */ if (rc == -1) { log_info ("%sissuer certificate ", find_next?"next ":""); if (keyid) { log_printf ("{"); gpgsm_dump_serial (keyid); log_printf ("} "); } if (authidno) { log_printf ("(#"); gpgsm_dump_serial (authidno); log_printf ("/"); gpgsm_dump_string (s); log_printf (") "); } log_printf ("not found using authorityKeyIdentifier\n"); } else if (rc) log_error ("failed to find authorityKeyIdentifier: rc=%d\n", rc); xfree (keyid); ksba_name_release (authid); xfree (authidno); } if (rc) /* Not found via authorithyKeyIdentifier, try regular issuer name. */ rc = keydb_search_subject (kh, issuer); if (rc == -1 && !find_next) { /* Not found, lets see whether we have one in the ephemeral key DB. */ int old = keydb_set_ephemeral (kh, 1); if (!old) { keydb_search_reset (kh); rc = keydb_search_subject (kh, issuer); } keydb_set_ephemeral (kh, old); } /* Still not found. If enabled, try an external lookup. */ if (rc == -1 && opt.auto_issuer_key_retrieve && !find_next) rc = find_up_external (kh, issuer, NULL); return rc; } /* Return the next certificate up in the chain starting at START. Returns -1 when there are no more certificates. */ int gpgsm_walk_cert_chain (ksba_cert_t start, ksba_cert_t *r_next) { int rc = 0; char *issuer = NULL; char *subject = NULL; KEYDB_HANDLE kh = keydb_new (0); *r_next = NULL; if (!kh) { log_error (_("failed to allocated keyDB handle\n")); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } issuer = ksba_cert_get_issuer (start, 0); subject = ksba_cert_get_subject (start, 0); if (!issuer) { log_error ("no issuer found in certificate\n"); rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (!subject) { log_error ("no subject found in certificate\n"); rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (!strcmp (issuer, subject)) { rc = -1; /* we are at the root */ goto leave; } rc = find_up (kh, start, issuer, 0); if (rc) { /* it is quite common not to have a certificate, so better don't print an error here */ if (rc != -1 && opt.verbose > 1) log_error ("failed to find issuer's certificate: rc=%d\n", rc); rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } rc = keydb_get_cert (kh, r_next); if (rc) { log_error ("keydb_get_cert() failed: rc=%d\n", rc); rc = gpg_error (GPG_ERR_GENERAL); } leave: xfree (issuer); xfree (subject); keydb_release (kh); return rc; } /* Check whether the CERT is a root certificate. Returns True if this is the case. */ int gpgsm_is_root_cert (ksba_cert_t cert) { char *issuer; char *subject; int yes; issuer = ksba_cert_get_issuer (cert, 0); subject = ksba_cert_get_subject (cert, 0); yes = (issuer && subject && !strcmp (issuer, subject)); xfree (issuer); xfree (subject); return yes; } /* This is a helper for gpgsm_validate_chain. */ static gpg_error_t is_cert_still_valid (ctrl_t ctrl, int lm, FILE *fp, ksba_cert_t subject_cert, ksba_cert_t issuer_cert, int *any_revoked, int *any_no_crl, int *any_crl_too_old) { if (!opt.no_crl_check || ctrl->use_ocsp) { gpg_error_t err; err = gpgsm_dirmngr_isvalid (ctrl, subject_cert, issuer_cert, ctrl->use_ocsp); if (err) { /* Fixme: We should change the wording because we may have used OCSP. */ if (!lm) gpgsm_cert_log_name (NULL, subject_cert); switch (gpg_err_code (err)) { case GPG_ERR_CERT_REVOKED: do_list (1, lm, fp, _("certificate has been revoked")); *any_revoked = 1; /* Store that in the keybox so that key listings are able to return the revoked flag. We don't care about error, though. */ keydb_set_cert_flags (subject_cert, KEYBOX_FLAG_VALIDITY, 0, VALIDITY_REVOKED); break; case GPG_ERR_NO_CRL_KNOWN: do_list (1, lm, fp, _("no CRL found for certificate")); *any_no_crl = 1; break; case GPG_ERR_CRL_TOO_OLD: do_list (1, lm, fp, _("the available CRL is too old")); if (!lm) log_info (_("please make sure that the " "\"dirmngr\" is properly installed\n")); *any_crl_too_old = 1; break; default: do_list (1, lm, fp, _("checking the CRL failed: %s"), gpg_strerror (err)); return err; } } } return 0; } /* Validate a chain and optionally return the nearest expiration time in R_EXPTIME. With LISTMODE set to 1 a special listmode is activated where only information about the certificate is printed to FP and no output is send to the usual log stream. Defined flag bits: 0 - do not do any dirmngr isvalid checks. */ int gpgsm_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, int listmode, FILE *fp, unsigned int flags) { int rc = 0, depth = 0, maxdepth; char *issuer = NULL; char *subject = NULL; KEYDB_HANDLE kh = NULL; ksba_cert_t subject_cert = NULL, issuer_cert = NULL; ksba_isotime_t current_time; ksba_isotime_t exptime; int any_expired = 0; int any_revoked = 0; int any_no_crl = 0; int any_crl_too_old = 0; int any_no_policy_match = 0; int is_qualified = -1; /* Indicates whether the certificate stems from a qualified root certificate. -1 = unknown, 0 = no, 1 = yes. */ int lm = listmode; gnupg_get_isotime (current_time); if (r_exptime) *r_exptime = 0; *exptime = 0; if (opt.no_chain_validation && !listmode) { log_info ("WARNING: bypassing certificate chain validation\n"); return 0; } kh = keydb_new (0); if (!kh) { log_error (_("failed to allocated keyDB handle\n")); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } if (DBG_X509 && !listmode) gpgsm_dump_cert ("target", cert); subject_cert = cert; ksba_cert_ref (subject_cert); maxdepth = 50; for (;;) { int is_root; gpg_error_t istrusted_rc = -1; struct rootca_flags_s rootca_flags; xfree (issuer); xfree (subject); issuer = ksba_cert_get_issuer (subject_cert, 0); subject = ksba_cert_get_subject (subject_cert, 0); if (!issuer) { do_list (1, lm, fp, _("no issuer found in certificate")); rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } /* Is this a self-issued certificate (i.e. the root certificate)? */ is_root = (subject && !strcmp (issuer, subject)); if (is_root) { /* Check early whether the certificate is listed as trusted. We used to do this only later but changed it to call the check right here so that we can access special flags associated with that specific root certificate. */ istrusted_rc = gpgsm_agent_istrusted (ctrl, subject_cert, &rootca_flags); } /* Check the validity period. */ { ksba_isotime_t not_before, not_after; rc = ksba_cert_get_validity (subject_cert, 0, not_before); if (!rc) rc = ksba_cert_get_validity (subject_cert, 1, not_after); if (rc) { do_list (1, lm, fp, _("certificate with invalid validity: %s"), gpg_strerror (rc)); rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (*not_after) { if (!*exptime) gnupg_copy_time (exptime, not_after); else if (strcmp (not_after, exptime) < 0 ) gnupg_copy_time (exptime, not_after); } if (*not_before && strcmp (current_time, not_before) < 0 ) { do_list (1, lm, fp, _("certificate not yet valid")); if (!lm) { log_info ("(valid from "); gpgsm_dump_time (not_before); log_printf (")\n"); } rc = gpg_error (GPG_ERR_CERT_TOO_YOUNG); goto leave; } if (*not_after && strcmp (current_time, not_after) > 0 ) { do_list (opt.ignore_expiration?0:1, lm, fp, _("certificate has expired")); if (!lm) { log_info ("(expired at "); gpgsm_dump_time (not_after); log_printf (")\n"); } if (opt.ignore_expiration) log_info ("WARNING: ignoring expiration\n"); else any_expired = 1; } } /* Assert that we understand all critical extensions. */ rc = unknown_criticals (subject_cert, listmode, fp); if (rc) goto leave; /* Do a policy check. */ if (!opt.no_policy_check) { rc = check_cert_policy (subject_cert, listmode, fp); if (gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH) { any_no_policy_match = 1; rc = 1; } else if (rc) goto leave; } /* Is this a self-issued certificate? */ if (is_root) { if (!istrusted_rc) ; /* No need to check the certificate for a trusted one. */ else if (gpgsm_check_cert_sig (subject_cert, subject_cert) ) { /* We only check the signature if the certificate is not trusted for better diagnostics. */ do_list (1, lm, fp, _("self-signed certificate has a BAD signature")); if (DBG_X509) { gpgsm_dump_cert ("self-signing cert", subject_cert); } rc = gpg_error (depth? GPG_ERR_BAD_CERT_CHAIN : GPG_ERR_BAD_CERT); goto leave; } if (!rootca_flags.relax) { rc = allowed_ca (subject_cert, NULL, listmode, fp); if (rc) goto leave; } /* Set the flag for qualified signatures. This flag is deduced from a list of root certificates allowed for qualified signatures. */ if (is_qualified == -1) { gpg_error_t err; size_t buflen; char buf[1]; if (!ksba_cert_get_user_data (cert, "is_qualified", &buf, sizeof (buf), &buflen) && buflen) { /* We already checked this for this certificate, thus we simply take it from the user data. */ is_qualified = !!*buf; } else { /* Need to consult the list of root certificates for qualified signatures. */ err = gpgsm_is_in_qualified_list (ctrl, subject_cert, NULL); if (!err) is_qualified = 1; else if ( gpg_err_code (err) == GPG_ERR_NOT_FOUND) is_qualified = 0; else log_error ("checking the list of qualified " "root certificates failed: %s\n", gpg_strerror (err)); if ( is_qualified != -1 ) { /* Cache the result but don't care too much about an error. */ buf[0] = !!is_qualified; err = ksba_cert_set_user_data (subject_cert, "is_qualified", buf, 1); if (err) log_error ("set_user_data(is_qualified) failed: %s\n", gpg_strerror (err)); } } } /* Act on the check for a trusted root certificates. */ rc = istrusted_rc; if (!rc) ; else if (gpg_err_code (rc) == GPG_ERR_NOT_TRUSTED) { do_list (0, lm, fp, _("root certificate is not marked trusted")); /* If we already figured out that the certificate is expired it does not make much sense to ask the user whether we wants to trust the root certificate. He should do this only if the certificate under question will then be usable. We also check whether the agent is at all enabled to allo marktrusted and don't call it in this session again if it is not. */ if ( !any_expired && (!lm || !already_asked_marktrusted (subject_cert))) { static int no_more_questions; /* during this session. */ int rc2; char *fpr = gpgsm_get_fingerprint_string (subject_cert, GCRY_MD_SHA1); log_info (_("fingerprint=%s\n"), fpr? fpr : "?"); xfree (fpr); if (no_more_questions) rc2 = gpg_error (GPG_ERR_NOT_SUPPORTED); else rc2 = gpgsm_agent_marktrusted (ctrl, subject_cert); if (!rc2) { log_info (_("root certificate has now" " been marked as trusted\n")); rc = 0; } else if (!lm) { gpgsm_dump_cert ("issuer", subject_cert); log_info ("after checking the fingerprint, you may want " "to add it manually to the list of trusted " "certificates.\n"); } if (gpg_err_code (rc2) == GPG_ERR_NOT_SUPPORTED) { if (!no_more_questions) log_info (_("interactive marking as trusted " "not enabled in gpg-agent\n")); no_more_questions = 1; } else if (gpg_err_code (rc2) == GPG_ERR_CANCELED) { log_info (_("interactive marking as trusted " "disabled for this session\n")); no_more_questions = 1; } else set_already_asked_marktrusted (subject_cert); } } else { log_error (_("checking the trust list failed: %s\n"), gpg_strerror (rc)); } if (rc) goto leave; /* Check for revocations etc. */ if ((flags & 1)) ; else if (opt.no_trusted_cert_crl_check || rootca_flags.relax) ; else rc = is_cert_still_valid (ctrl, lm, fp, subject_cert, subject_cert, &any_revoked, &any_no_crl, &any_crl_too_old); if (rc) goto leave; break; /* Okay: a self-signed certicate is an end-point. */ } /* Take care that the chain does not get too long. */ depth++; if (depth > maxdepth) { do_list (1, lm, fp, _("certificate chain too long\n")); rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } /* Find the next cert up the tree. */ keydb_search_reset (kh); rc = find_up (kh, subject_cert, issuer, 0); if (rc) { if (rc == -1) { do_list (0, lm, fp, _("issuer certificate not found")); if (!lm) { log_info ("issuer certificate: #/"); gpgsm_dump_string (issuer); log_printf ("\n"); } } else log_error ("failed to find issuer's certificate: rc=%d\n", rc); rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } ksba_cert_release (issuer_cert); issuer_cert = NULL; rc = keydb_get_cert (kh, &issuer_cert); if (rc) { log_error ("keydb_get_cert() failed: rc=%d\n", rc); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } try_another_cert: if (DBG_X509) { log_debug ("got issuer's certificate:\n"); gpgsm_dump_cert ("issuer", issuer_cert); } rc = gpgsm_check_cert_sig (issuer_cert, subject_cert); if (rc) { do_list (0, lm, fp, _("certificate has a BAD signature")); if (DBG_X509) { gpgsm_dump_cert ("signing issuer", issuer_cert); gpgsm_dump_cert ("signed subject", subject_cert); } if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE) { /* We now try to find other issuer certificates which might have been used. This is required because some CAs are reusing the issuer and subject DN for new root certificates. */ /* FIXME: Do this only if we don't have an AKI.keyIdentifier */ rc = find_up (kh, subject_cert, issuer, 1); if (!rc) { ksba_cert_t tmp_cert; rc = keydb_get_cert (kh, &tmp_cert); if (rc || !compare_certs (issuer_cert, tmp_cert)) { /* The find next did not work or returned an identical certificate. We better stop here to avoid infinite checks. */ rc = gpg_error (GPG_ERR_BAD_SIGNATURE); ksba_cert_release (tmp_cert); } else { do_list (0, lm, fp, _("found another possible matching " "CA certificate - trying again")); ksba_cert_release (issuer_cert); issuer_cert = tmp_cert; goto try_another_cert; } } } /* We give a more descriptive error code than the one returned from the signature checking. */ rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } is_root = 0; istrusted_rc = -1; /* Check that a CA is allowed to issue certificates. */ { int chainlen; rc = allowed_ca (issuer_cert, &chainlen, listmode, fp); if (rc) { /* Not allowed. Check whether this is a trusted root certificate and whether we allow special exceptions. We could carry the result of the test over to the regular root check at the top of the loop but for clarity we won't do that. Given that the majority of certificates carry proper BasicContraints our way of overriding an error in the way is justified for performance reasons. */ if (gpgsm_is_root_cert (issuer_cert)) { is_root = 1; istrusted_rc = gpgsm_agent_istrusted (ctrl, issuer_cert, &rootca_flags); if (!istrusted_rc && rootca_flags.relax) { /* Ignore the error due to the relax flag. */ rc = 0; chainlen = -1; } } } if (rc) goto leave; if (chainlen >= 0 && (depth - 1) > chainlen) { do_list (1, lm, fp, _("certificate chain longer than allowed by CA (%d)"), chainlen); rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } } /* Is the certificate allowed to sign other certificates. */ if (!listmode) { rc = gpgsm_cert_use_cert_p (issuer_cert); if (rc) { char numbuf[50]; sprintf (numbuf, "%d", rc); gpgsm_status2 (ctrl, STATUS_ERROR, "certcert.issuer.keyusage", numbuf, NULL); goto leave; } } /* Check for revocations etc. Note that for a root certioficate this test is done a second time later. This should eventually be fixed. */ if ((flags & 1)) rc = 0; else if (is_root && (opt.no_trusted_cert_crl_check || (!istrusted_rc && rootca_flags.relax))) ; else rc = is_cert_still_valid (ctrl, lm, fp, subject_cert, issuer_cert, &any_revoked, &any_no_crl, &any_crl_too_old); if (rc) goto leave; if (opt.verbose && !listmode) log_info ("certificate is good\n"); /* For the next round the current issuer becomes the new subject. */ keydb_search_reset (kh); ksba_cert_release (subject_cert); subject_cert = issuer_cert; issuer_cert = NULL; } /* End chain traversal. */ if (!listmode) { if (opt.no_policy_check) log_info ("policies not checked due to %s option\n", "--disable-policy-checks"); if (opt.no_crl_check && !ctrl->use_ocsp) log_info ("CRLs not checked due to %s option\n", "--disable-crl-checks"); } if (!rc) { /* If we encountered an error somewhere during the checks, set the error code to the most critical one */ if (any_revoked) rc = gpg_error (GPG_ERR_CERT_REVOKED); else if (any_expired) rc = gpg_error (GPG_ERR_CERT_EXPIRED); else if (any_no_crl) rc = gpg_error (GPG_ERR_NO_CRL_KNOWN); else if (any_crl_too_old) rc = gpg_error (GPG_ERR_CRL_TOO_OLD); else if (any_no_policy_match) rc = gpg_error (GPG_ERR_NO_POLICY_MATCH); } leave: if (is_qualified != -1) { /* We figured something about the qualified signature capability of the certificate under question. Store the result as user data in the certificate object. We do this even if the validation itself failed. */ /* Fixme: We should set this flag for all certificates in the chain for optimizing reasons. */ char buf[1]; gpg_error_t err; buf[0] = !!is_qualified; err = ksba_cert_set_user_data (cert, "is_qualified", buf, 1); if (err) { log_error ("set_user_data(is_qualified) failed: %s\n", gpg_strerror (err)); if (!rc) rc = err; } } if (r_exptime) gnupg_copy_time (r_exptime, exptime); xfree (issuer); xfree (subject); keydb_release (kh); ksba_cert_release (issuer_cert); ksba_cert_release (subject_cert); return rc; } /* Check that the given certificate is valid but DO NOT check any constraints. We assume that the issuers certificate is already in the DB and that this one is valid; which it should be because it has been checked using this function. */ int gpgsm_basic_cert_check (ksba_cert_t cert) { int rc = 0; char *issuer = NULL; char *subject = NULL; KEYDB_HANDLE kh; ksba_cert_t issuer_cert = NULL; if (opt.no_chain_validation) { log_info ("WARNING: bypassing basic certificate checks\n"); return 0; } kh = keydb_new (0); if (!kh) { log_error (_("failed to allocated keyDB handle\n")); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } issuer = ksba_cert_get_issuer (cert, 0); subject = ksba_cert_get_subject (cert, 0); if (!issuer) { log_error ("no issuer found in certificate\n"); rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (subject && !strcmp (issuer, subject)) { rc = gpgsm_check_cert_sig (cert, cert); if (rc) { log_error ("self-signed certificate has a BAD signature: %s\n", gpg_strerror (rc)); if (DBG_X509) { gpgsm_dump_cert ("self-signing cert", cert); } rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } } else { /* Find the next cert up the tree. */ keydb_search_reset (kh); rc = find_up (kh, cert, issuer, 0); if (rc) { if (rc == -1) { log_info ("issuer certificate (#/"); gpgsm_dump_string (issuer); log_printf (") not found\n"); } else log_error ("failed to find issuer's certificate: rc=%d\n", rc); rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } ksba_cert_release (issuer_cert); issuer_cert = NULL; rc = keydb_get_cert (kh, &issuer_cert); if (rc) { log_error ("keydb_get_cert() failed: rc=%d\n", rc); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } rc = gpgsm_check_cert_sig (issuer_cert, cert); if (rc) { log_error ("certificate has a BAD signature: %s\n", gpg_strerror (rc)); if (DBG_X509) { gpgsm_dump_cert ("signing issuer", issuer_cert); gpgsm_dump_cert ("signed subject", cert); } rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (opt.verbose) log_info ("certificate is good\n"); } leave: xfree (issuer); keydb_release (kh); ksba_cert_release (issuer_cert); return rc; } /* Check whether the certificate CERT has been issued by the German authority for qualified signature. They do not set the basicConstraints and thus we need this workaround. It works by looking up the root certificate and checking whether that one is listed as a qualified certificate for Germany. We also try to cache this data but as long as don't keep a reference to the certificate this won't be used. Returns: True if CERT is a RegTP issued CA cert (i.e. the root certificate itself or one of the CAs). In that case CHAINLEN will receive the length of the chain which is either 0 or 1. */ static int get_regtp_ca_info (ksba_cert_t cert, int *chainlen) { gpg_error_t err; ksba_cert_t next; int rc = 0; int i, depth; char country[3]; ksba_cert_t array[4]; char buf[2]; size_t buflen; int dummy_chainlen; if (!chainlen) chainlen = &dummy_chainlen; *chainlen = 0; err = ksba_cert_get_user_data (cert, "regtp_ca_chainlen", &buf, sizeof (buf), &buflen); if (!err) { /* Got info. */ if (buflen < 2 || !*buf) return 0; /* Nothing found. */ *chainlen = buf[1]; return 1; /* This is a regtp CA. */ } else if (gpg_err_code (err) != GPG_ERR_NOT_FOUND) { log_error ("ksba_cert_get_user_data(%s) failed: %s\n", "regtp_ca_chainlen", gpg_strerror (err)); return 0; /* Nothing found. */ } /* Need to gather the info. This requires to walk up the chain until we have found the root. Because we are only interested in German Bundesnetzagentur (former RegTP) derived certificates 3 levels are enough. (The German signature law demands a 3 tier hierachy; thus there is only one CA between the EE and the Root CA.) */ memset (&array, 0, sizeof array); depth = 0; ksba_cert_ref (cert); array[depth++] = cert; ksba_cert_ref (cert); while (depth < DIM(array) && !(rc=gpgsm_walk_cert_chain (cert, &next))) { ksba_cert_release (cert); ksba_cert_ref (next); array[depth++] = next; cert = next; } ksba_cert_release (cert); if (rc != -1 || !depth || depth == DIM(array) ) { /* We did not reached the root. */ goto leave; } /* If this is a German signature law issued certificate, we store additional additional information. */ if (!gpgsm_is_in_qualified_list (NULL, array[depth-1], country) && !strcmp (country, "de")) { /* Setting the pathlen for the root CA and the CA flag for the next one is all what we need to do. */ err = ksba_cert_set_user_data (array[depth-1], "regtp_ca_chainlen", "\x01\x01", 2); if (!err && depth > 1) err = ksba_cert_set_user_data (array[depth-2], "regtp_ca_chainlen", "\x01\x00", 2); if (err) log_error ("ksba_set_user_data(%s) failed: %s\n", "regtp_ca_chainlen", gpg_strerror (err)); for (i=0; i < depth; i++) ksba_cert_release (array[i]); *chainlen = (depth>1? 0:1); return 1; } leave: /* Nothing special with this certificate. Mark the target certificate anyway to avoid duplicate lookups. */ err = ksba_cert_set_user_data (cert, "regtp_ca_chainlen", "", 1); if (err) log_error ("ksba_set_user_data(%s) failed: %s\n", "regtp_ca_chainlen", gpg_strerror (err)); for (i=0; i < depth; i++) ksba_cert_release (array[i]); return 0; } diff --git a/sm/certlist.c b/sm/certlist.c index 7e0d4e80a..650f3a958 100644 --- a/sm/certlist.c +++ b/sm/certlist.c @@ -1,485 +1,488 @@ /* certlist.c - build list of certificates * Copyright (C) 2001, 2003, 2004, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * USA. */ #include #include #include #include #include #include #include #include #include "gpgsm.h" #include #include #include "keydb.h" #include "i18n.h" static const char oid_kp_serverAuth[] = "1.3.6.1.5.5.7.3.1"; static const char oid_kp_clientAuth[] = "1.3.6.1.5.5.7.3.2"; static const char oid_kp_codeSigning[] = "1.3.6.1.5.5.7.3.3"; static const char oid_kp_emailProtection[]= "1.3.6.1.5.5.7.3.4"; static const char oid_kp_timeStamping[] = "1.3.6.1.5.5.7.3.8"; static const char oid_kp_ocspSigning[] = "1.3.6.1.5.5.7.3.9"; /* Return 0 if the cert is usable for encryption. A MODE of 0 checks for signing a MODE of 1 checks for encryption, a MODE of 2 checks for verification and a MODE of 3 for decryption (just for debugging). MODE 4 is for certificate signing, MODE for COSP response signing. */ static int cert_usage_p (ksba_cert_t cert, int mode) { gpg_error_t err; unsigned int use; char *extkeyusages; int have_ocsp_signing = 0; err = ksba_cert_get_ext_key_usages (cert, &extkeyusages); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) err = 0; /* no policy given */ if (!err) { unsigned int extusemask = ~0; /* Allow all. */ if (extkeyusages) { char *p, *pend; int any_critical = 0; extusemask = 0; p = extkeyusages; while (p && (pend=strchr (p, ':'))) { *pend++ = 0; /* Only care about critical flagged usages. */ if ( *pend == 'C' ) { any_critical = 1; if ( !strcmp (p, oid_kp_serverAuth)) extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE | KSBA_KEYUSAGE_KEY_ENCIPHERMENT | KSBA_KEYUSAGE_KEY_AGREEMENT); else if ( !strcmp (p, oid_kp_clientAuth)) extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE | KSBA_KEYUSAGE_KEY_AGREEMENT); else if ( !strcmp (p, oid_kp_codeSigning)) extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE); else if ( !strcmp (p, oid_kp_emailProtection)) extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE | KSBA_KEYUSAGE_NON_REPUDIATION | KSBA_KEYUSAGE_KEY_ENCIPHERMENT | KSBA_KEYUSAGE_KEY_AGREEMENT); else if ( !strcmp (p, oid_kp_timeStamping)) extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE | KSBA_KEYUSAGE_NON_REPUDIATION); } /* This is a hack to cope with OCSP. Note that we do not yet fully comply with the requirements and that the entire CRL/OCSP checking thing should undergo a thorough review and probably redesign. */ if ( !strcmp (p, oid_kp_ocspSigning)) have_ocsp_signing = 1; if ((p = strchr (pend, '\n'))) p++; } xfree (extkeyusages); extkeyusages = NULL; if (!any_critical) extusemask = ~0; /* Reset to the don't care mask. */ } err = ksba_cert_get_key_usage (cert, &use); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { err = 0; if (opt.verbose && mode < 2) log_info (_("no key usage specified - assuming all usages\n")); use = ~0; } /* Apply extKeyUsage. */ use &= extusemask; } if (err) { log_error (_("error getting key usage information: %s\n"), gpg_strerror (err)); xfree (extkeyusages); return err; } if (mode == 4) { if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN))) return 0; log_info (_("certificate should have not " "been used for certification\n")); return gpg_error (GPG_ERR_WRONG_KEY_USAGE); } if (mode == 5) { if (use != ~0 && (have_ocsp_signing || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN |KSBA_KEYUSAGE_CRL_SIGN)))) return 0; log_info (_("certificate should have not " "been used for OCSP response signing\n")); return gpg_error (GPG_ERR_WRONG_KEY_USAGE); } if ((use & ((mode&1)? (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT): (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION))) ) return 0; log_info (mode==3? _("certificate should have not been used for encryption\n"): mode==2? _("certificate should have not been used for signing\n"): mode==1? _("certificate is not usable for encryption\n"): _("certificate is not usable for signing\n")); return gpg_error (GPG_ERR_WRONG_KEY_USAGE); } /* Return 0 if the cert is usable for signing */ int gpgsm_cert_use_sign_p (ksba_cert_t cert) { return cert_usage_p (cert, 0); } /* Return 0 if the cert is usable for encryption */ int gpgsm_cert_use_encrypt_p (ksba_cert_t cert) { return cert_usage_p (cert, 1); } int gpgsm_cert_use_verify_p (ksba_cert_t cert) { return cert_usage_p (cert, 2); } int gpgsm_cert_use_decrypt_p (ksba_cert_t cert) { return cert_usage_p (cert, 3); } int gpgsm_cert_use_cert_p (ksba_cert_t cert) { return cert_usage_p (cert, 4); } int gpgsm_cert_use_ocsp_p (ksba_cert_t cert) { return cert_usage_p (cert, 5); } static int same_subject_issuer (const char *subject, const char *issuer, ksba_cert_t cert) { char *subject2 = ksba_cert_get_subject (cert, 0); char *issuer2 = ksba_cert_get_subject (cert, 0); int tmp; tmp = (subject && subject2 && !strcmp (subject, subject2) && issuer && issuer2 && !strcmp (issuer, issuer2)); xfree (subject2); xfree (issuer2); return tmp; } /* Return true if CERT is already contained in CERTLIST. */ static int is_cert_in_certlist (ksba_cert_t cert, certlist_t certlist) { const unsigned char *img_a, *img_b; size_t len_a, len_b; img_a = ksba_cert_get_image (cert, &len_a); if (img_a) { for ( ; certlist; certlist = certlist->next) { img_b = ksba_cert_get_image (certlist->cert, &len_b); if (img_b && len_a == len_b && !memcmp (img_a, img_b, len_a)) return 1; /* Already contained. */ } } return 0; } /* Add CERT to the list of certificates at CERTADDR but avoid duplicates. */ int gpgsm_add_cert_to_certlist (ctrl_t ctrl, ksba_cert_t cert, certlist_t *listaddr, int is_encrypt_to) { if (!is_cert_in_certlist (cert, *listaddr)) { certlist_t cl = xtrycalloc (1, sizeof *cl); if (!cl) return out_of_core (); cl->cert = cert; ksba_cert_ref (cert); cl->next = *listaddr; cl->is_encrypt_to = is_encrypt_to; *listaddr = cl; } return 0; } /* Add a certificate to a list of certificate and make sure that it is a valid certificate. With SECRET set to true a secret key must be available for the certificate. IS_ENCRYPT_TO sets the corresponding flag in the new create LISTADDR item. */ int gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret, certlist_t *listaddr, int is_encrypt_to) { int rc; KEYDB_SEARCH_DESC desc; KEYDB_HANDLE kh = NULL; ksba_cert_t cert = NULL; rc = keydb_classify_name (name, &desc); if (!rc) { kh = keydb_new (0); if (!kh) rc = gpg_error (GPG_ERR_ENOMEM); else { int wrong_usage = 0; char *subject = NULL; char *issuer = NULL; get_next: rc = keydb_search (kh, &desc, 1); if (!rc) rc = keydb_get_cert (kh, &cert); if (!rc) { rc = secret? gpgsm_cert_use_sign_p (cert) : gpgsm_cert_use_encrypt_p (cert); if (gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE) { /* There might be another certificate with the correct usage, so we try again */ if (!wrong_usage) { /* save the first match */ wrong_usage = rc; subject = ksba_cert_get_subject (cert, 0); issuer = ksba_cert_get_subject (cert, 0); ksba_cert_release (cert); cert = NULL; goto get_next; } else if (same_subject_issuer (subject, issuer, cert)) { wrong_usage = rc; ksba_cert_release (cert); cert = NULL; goto get_next; } else wrong_usage = rc; } } /* We want the error code from the first match in this case. */ if (rc && wrong_usage) rc = wrong_usage; if (!rc) { next_ambigious: rc = keydb_search (kh, &desc, 1); if (rc == -1) rc = 0; else if (!rc) { ksba_cert_t cert2 = NULL; /* We have to ignore ambigious names as long as there only fault is a bad key usage */ if (!keydb_get_cert (kh, &cert2)) { int tmp = (same_subject_issuer (subject, issuer, cert2) && ((gpg_err_code ( secret? gpgsm_cert_use_sign_p (cert2) : gpgsm_cert_use_encrypt_p (cert2) ) ) == GPG_ERR_WRONG_KEY_USAGE)); ksba_cert_release (cert2); if (tmp) goto next_ambigious; } rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); } } xfree (subject); xfree (issuer); if (!rc && !is_cert_in_certlist (cert, *listaddr)) { if (!rc && secret) { char *p; rc = gpg_error (GPG_ERR_NO_SECKEY); p = gpgsm_get_keygrip_hexstring (cert); if (p) { if (!gpgsm_agent_havekey (ctrl, p)) rc = 0; xfree (p); } } if (!rc) rc = gpgsm_validate_chain (ctrl, cert, NULL, 0, NULL, 0); if (!rc) { certlist_t cl = xtrycalloc (1, sizeof *cl); if (!cl) rc = out_of_core (); else { cl->cert = cert; cert = NULL; cl->next = *listaddr; cl->is_encrypt_to = is_encrypt_to; *listaddr = cl; } } } } } keydb_release (kh); ksba_cert_release (cert); return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc; } void gpgsm_release_certlist (certlist_t list) { while (list) { certlist_t cl = list->next; ksba_cert_release (list->cert); xfree (list); list = cl; } } /* Like gpgsm_add_to_certlist, but look only for one certificate. No chain validation is done. If KEYID is not NULL it is take as an additional filter value which must match the subjectKeyIdentifier. */ int gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert) { int rc; KEYDB_SEARCH_DESC desc; KEYDB_HANDLE kh = NULL; *r_cert = NULL; rc = keydb_classify_name (name, &desc); if (!rc) { kh = keydb_new (0); if (!kh) rc = gpg_error (GPG_ERR_ENOMEM); else { nextone: rc = keydb_search (kh, &desc, 1); if (!rc) { rc = keydb_get_cert (kh, r_cert); if (!rc && keyid) { ksba_sexp_t subj; rc = ksba_cert_get_subj_key_id (*r_cert, NULL, &subj); if (!rc) { if (cmp_simple_canon_sexp (keyid, subj)) { xfree (subj); goto nextone; } xfree (subj); /* Okay: Here we know that the certificate's subjectKeyIdentifier matches the requested one. */ } - else if (gpg_err_code (rc) == GPG_ERR_NO_DATA) + else if (gpg_err_code (rc) == GPG_ERR_NO_DATA + || gpg_err_code (rc) == GPG_ERR_NO_VALUE) goto nextone; } } /* If we don't have the KEYID filter we need to check for ambigious search results. Note, that it is somehwat reasonable to assume that a specification of a KEYID won't lead to ambiguous names. */ if (!rc && !keyid) { rc = keydb_search (kh, &desc, 1); if (rc == -1) rc = 0; else { if (!rc) rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); ksba_cert_release (*r_cert); *r_cert = NULL; } } } } keydb_release (kh); return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc; } diff --git a/sm/keylist.c b/sm/keylist.c index 39c4e5003..1c9323ca3 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -1,1371 +1,1389 @@ /* keylist.c - Print certificates in various formats. * Copyright (C) 1998, 1999, 2000, 2001, 2003, * 2004, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * USA. */ #include #include #include #include #include #include #include #include #include "gpgsm.h" #include #include #include "keydb.h" #include "../kbx/keybox.h" /* for KEYBOX_FLAG_* */ #include "i18n.h" struct list_external_parm_s { ctrl_t ctrl; FILE *fp; int print_header; int with_colons; int with_chain; int raw_mode; }; /* This table is to map Extended Key Usage OIDs to human readable names. */ struct { const char *oid; const char *name; } key_purpose_map[] = { { "1.3.6.1.5.5.7.3.1", "serverAuth" }, { "1.3.6.1.5.5.7.3.2", "clientAuth" }, { "1.3.6.1.5.5.7.3.3", "codeSigning" }, { "1.3.6.1.5.5.7.3.4", "emailProtection" }, { "1.3.6.1.5.5.7.3.5", "ipsecEndSystem" }, { "1.3.6.1.5.5.7.3.6", "ipsecTunnel" }, { "1.3.6.1.5.5.7.3.7", "ipsecUser" }, { "1.3.6.1.5.5.7.3.8", "timeStamping" }, { "1.3.6.1.5.5.7.3.9", "ocspSigning" }, { "1.3.6.1.5.5.7.3.10", "dvcs" }, { "1.3.6.1.5.5.7.3.11", "sbgpCertAAServerAuth" }, { "1.3.6.1.5.5.7.3.13", "eapOverPPP" }, { "1.3.6.1.5.5.7.3.14", "wlanSSID" }, { "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */ { "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */ { "1.3.6.1.5.5.7.48.1.5", "ocspNoCheck" }, { NULL, NULL } }; /* A table mapping OIDs to a descriptive string. */ static struct { char *oid; char *name; unsigned int flag; } oidtranstbl[] = { /* Algorithms. */ { "1.2.840.10040.4.1", "dsa" }, { "1.2.840.10040.4.3", "dsaWithSha1" }, { "1.2.840.113549.1.1.1", "rsaEncryption" }, { "1.2.840.113549.1.1.2", "md2WithRSAEncryption" }, { "1.2.840.113549.1.1.3", "md4WithRSAEncryption" }, { "1.2.840.113549.1.1.4", "md5WithRSAEncryption" }, { "1.2.840.113549.1.1.5", "sha1WithRSAEncryption" }, { "1.2.840.113549.1.1.7", "rsaOAEP" }, { "1.2.840.113549.1.1.8", "rsaOAEP-MGF" }, { "1.2.840.113549.1.1.9", "rsaOAEP-pSpecified" }, { "1.2.840.113549.1.1.10", "rsaPSS" }, { "1.2.840.113549.1.1.11", "sha256WithRSAEncryption" }, { "1.2.840.113549.1.1.12", "sha384WithRSAEncryption" }, { "1.2.840.113549.1.1.13", "sha512WithRSAEncryption" }, { "1.3.14.3.2.26", "sha1" }, { "1.3.14.3.2.29", "sha-1WithRSAEncryption" }, { "1.3.36.3.3.1.2", "rsaSignatureWithripemd160" }, /* Telesec extensions. */ { "0.2.262.1.10.12.0", "certExtensionLiabilityLimitationExt" }, { "0.2.262.1.10.12.1", "telesecCertIdExt" }, { "0.2.262.1.10.12.2", "telesecPolicyIdentifier" }, { "0.2.262.1.10.12.3", "telesecPolicyQualifierID" }, { "0.2.262.1.10.12.4", "telesecCRLFilteredExt" }, { "0.2.262.1.10.12.5", "telesecCRLFilterExt"}, { "0.2.262.1.10.12.6", "telesecNamingAuthorityExt" }, /* PKIX private extensions. */ { "1.3.6.1.5.5.7.1.1", "authorityInfoAccess" }, { "1.3.6.1.5.5.7.1.2", "biometricInfo" }, { "1.3.6.1.5.5.7.1.3", "qcStatements" }, { "1.3.6.1.5.5.7.1.4", "acAuditIdentity" }, { "1.3.6.1.5.5.7.1.5", "acTargeting" }, { "1.3.6.1.5.5.7.1.6", "acAaControls" }, { "1.3.6.1.5.5.7.1.7", "sbgp-ipAddrBlock" }, { "1.3.6.1.5.5.7.1.8", "sbgp-autonomousSysNum" }, { "1.3.6.1.5.5.7.1.9", "sbgp-routerIdentifier" }, { "1.3.6.1.5.5.7.1.10", "acProxying" }, { "1.3.6.1.5.5.7.1.11", "subjectInfoAccess" }, { "1.3.6.1.5.5.7.48.1", "ocsp" }, { "1.3.6.1.5.5.7.48.2", "caIssuers" }, { "1.3.6.1.5.5.7.48.3", "timeStamping" }, { "1.3.6.1.5.5.7.48.5", "caRepository" }, /* X.509 id-ce */ { "2.5.29.14", "subjectKeyIdentifier", 1}, { "2.5.29.15", "keyUsage", 1 }, { "2.5.29.16", "privateKeyUsagePeriod" }, { "2.5.29.17", "subjectAltName", 1 }, { "2.5.29.18", "issuerAltName", 1 }, { "2.5.29.19", "basicConstraints", 1}, { "2.5.29.20", "cRLNumber" }, { "2.5.29.21", "cRLReason" }, { "2.5.29.22", "expirationDate" }, { "2.5.29.23", "instructionCode" }, { "2.5.29.24", "invalidityDate" }, { "2.5.29.27", "deltaCRLIndicator" }, { "2.5.29.28", "issuingDistributionPoint" }, { "2.5.29.29", "certificateIssuer" }, { "2.5.29.30", "nameConstraints" }, { "2.5.29.31", "cRLDistributionPoints", 1 }, { "2.5.29.32", "certificatePolicies", 1 }, { "2.5.29.32.0", "anyPolicy" }, { "2.5.29.33", "policyMappings" }, { "2.5.29.35", "authorityKeyIdentifier", 1 }, { "2.5.29.36", "policyConstraints" }, { "2.5.29.37", "extKeyUsage", 1 }, { "2.5.29.46", "freshestCRL" }, { "2.5.29.54", "inhibitAnyPolicy" }, /* Netscape certificate extensions. */ { "2.16.840.1.113730.1.1", "netscape-cert-type" }, { "2.16.840.1.113730.1.2", "netscape-base-url" }, { "2.16.840.1.113730.1.3", "netscape-revocation-url" }, { "2.16.840.1.113730.1.4", "netscape-ca-revocation-url" }, { "2.16.840.1.113730.1.7", "netscape-cert-renewal-url" }, { "2.16.840.1.113730.1.8", "netscape-ca-policy-url" }, { "2.16.840.1.113730.1.9", "netscape-homePage-url" }, { "2.16.840.1.113730.1.10", "netscape-entitylogo" }, { "2.16.840.1.113730.1.11", "netscape-userPicture" }, { "2.16.840.1.113730.1.12", "netscape-ssl-server-name" }, { "2.16.840.1.113730.1.13", "netscape-comment" }, /* GnuPG extensions */ { "1.3.6.1.4.1.11591.2.1.1", "pkaAddress" }, { NULL } }; /* Return the description for OID; if no description is available NULL is returned. */ static const char * get_oid_desc (const char *oid, unsigned int *flag) { int i; if (oid) for (i=0; oidtranstbl[i].oid; i++) if (!strcmp (oidtranstbl[i].oid, oid)) { if (flag) *flag = oidtranstbl[i].flag; return oidtranstbl[i].name; } if (flag) *flag = 0; return NULL; } static void print_key_data (ksba_cert_t cert, FILE *fp) { #if 0 int n = pk ? pubkey_get_npkey( pk->pubkey_algo ) : 0; int i; for(i=0; i < n; i++ ) { fprintf (fp, "pkd:%d:%u:", i, mpi_get_nbits( pk->pkey[i] ) ); mpi_print(stdout, pk->pkey[i], 1 ); putchar(':'); putchar('\n'); } #endif } static void print_capabilities (ksba_cert_t cert, FILE *fp) { gpg_error_t err; unsigned int use; size_t buflen; char buffer[1]; err = ksba_cert_get_user_data (cert, "is_qualified", &buffer, sizeof (buffer), &buflen); if (!err && buflen) { if (*buffer) putc ('q', fp); } else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) ; /* Don't know - will not get marked as 'q' */ else log_debug ("get_user_data(is_qualified) failed: %s\n", gpg_strerror (err)); err = ksba_cert_get_key_usage (cert, &use); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { putc ('e', fp); putc ('s', fp); putc ('c', fp); putc ('E', fp); putc ('S', fp); putc ('C', fp); return; } if (err) { log_error (_("error getting key usage information: %s\n"), gpg_strerror (err)); return; } if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT))) putc ('e', fp); if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION))) putc ('s', fp); if ((use & KSBA_KEYUSAGE_KEY_CERT_SIGN)) putc ('c', fp); if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT))) putc ('E', fp); if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION))) putc ('S', fp); if ((use & KSBA_KEYUSAGE_KEY_CERT_SIGN)) putc ('C', fp); } static void print_time (gnupg_isotime_t t, FILE *fp) { if (!t || !*t) ; else fputs (t, fp); } /* Return an allocated string with the email address extracted from a DN */ static char * email_kludge (const char *name) { const char *p, *string; unsigned char *buf; int n; string = name; for (;;) { p = strstr (string, "1.2.840.113549.1.9.1=#"); if (!p) return NULL; if (p == name || (p > string+1 && p[-1] == ',' && p[-2] != '\\')) { name = p + 22; break; } string = p + 22; } /* This looks pretty much like an email address in the subject's DN we use this to add an additional user ID entry. This way, openSSL generated keys get a nicer and usable listing */ for (n=0, p=name; hexdigitp (p) && hexdigitp (p+1); p +=2, n++) ; if (!n) return NULL; buf = xtrymalloc (n+3); if (!buf) return NULL; /* oops, out of core */ *buf = '<'; for (n=1, p=name; hexdigitp (p); p +=2, n++) buf[n] = xtoi_2 (p); buf[n++] = '>'; buf[n] = 0; return (char*)buf; } /* List one certificate in colon mode */ static void list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity, FILE *fp, int have_secret) { int rc; int idx; char truststring[2]; char *p; ksba_sexp_t sexp; char *fpr; ksba_isotime_t t; gpg_error_t valerr; int algo; unsigned int nbits; const char *chain_id; char *chain_id_buffer = NULL; int is_root = 0; if (ctrl->with_validation) valerr = gpgsm_validate_chain (ctrl, cert, NULL, 1, NULL, 0); else valerr = 0; /* We need to get the fingerprint and the chaining ID in advance. */ fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); { ksba_cert_t next; rc = gpgsm_walk_cert_chain (cert, &next); if (!rc) /* We known the issuer's certificate. */ { p = gpgsm_get_fingerprint_hexstring (next, GCRY_MD_SHA1); chain_id_buffer = p; chain_id = chain_id_buffer; ksba_cert_release (next); } else if (rc == -1) /* We have reached the root certificate. */ { chain_id = fpr; is_root = 1; } else chain_id = NULL; } fputs (have_secret? "crs:":"crt:", fp); /* Note: We can't use multiple flags, like "ei", because the validation check does only return one error. */ truststring[0] = 0; truststring[1] = 0; if ((validity & VALIDITY_REVOKED) || gpg_err_code (valerr) == GPG_ERR_CERT_REVOKED) *truststring = 'r'; else if (gpg_err_code (valerr) == GPG_ERR_CERT_EXPIRED) *truststring = 'e'; else { /* Lets also check whether the certificate under question expired. This is merely a hack until we found a proper way to store the expiration flag in the keybox. */ ksba_isotime_t current_time, not_after; gnupg_get_isotime (current_time); if (!opt.ignore_expiration && !ksba_cert_get_validity (cert, 1, not_after) && *not_after && strcmp (current_time, not_after) > 0 ) *truststring = 'e'; else if (valerr) *truststring = 'i'; } /* If we have no truststring yet (i.e. the certificate might be good) and this is a root certificate, we ask the agent whether this is a trusted root certificate. */ if (!*truststring && is_root) { struct rootca_flags_s dummy_flags; rc = gpgsm_agent_istrusted (ctrl, cert, &dummy_flags); if (!rc) *truststring = 'u'; /* Yes, we trust this one (ultimately). */ else if (gpg_err_code (rc) == GPG_ERR_NOT_TRUSTED) *truststring = 'n'; /* No, we do not trust this one. */ /* (in case of an error we can't tell anything.) */ } if (*truststring) fputs (truststring, fp); algo = gpgsm_get_key_algo_info (cert, &nbits); fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24); /* We assume --fixed-list-mode for gpgsm */ ksba_cert_get_validity (cert, 0, t); print_time (t, fp); putc (':', fp); ksba_cert_get_validity (cert, 1, t); print_time ( t, fp); putc (':', fp); /* Field 8, serial number: */ if ((sexp = ksba_cert_get_serial (cert))) { int len; const unsigned char *s = sexp; if (*s == '(') { s++; for (len=0; *s && *s != ':' && digitp (s); s++) len = len*10 + atoi_1 (s); if (*s == ':') for (s++; len; len--, s++) fprintf (fp,"%02X", *s); } xfree (sexp); } putc (':', fp); /* Field 9, ownertrust - not used here */ putc (':', fp); /* field 10, old user ID - we use it here for the issuer DN */ if ((p = ksba_cert_get_issuer (cert,0))) { print_sanitized_string (fp, p, ':'); xfree (p); } putc (':', fp); /* Field 11, signature class - not used */ putc (':', fp); /* Field 12, capabilities: */ print_capabilities (cert, fp); putc (':', fp); putc ('\n', fp); /* FPR record */ fprintf (fp, "fpr:::::::::%s:::", fpr); /* Print chaining ID (field 13)*/ if (chain_id) fputs (chain_id, fp); putc (':', fp); putc ('\n', fp); xfree (fpr); fpr = NULL; chain_id = NULL; xfree (chain_id_buffer); chain_id_buffer = NULL; if (opt.with_key_data) { if ( (p = gpgsm_get_keygrip_hexstring (cert))) { fprintf (fp, "grp:::::::::%s:\n", p); xfree (p); } print_key_data (cert, fp); } for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++) { fprintf (fp, "uid:%s::::::::", truststring); print_sanitized_string (fp, p, ':'); putc (':', fp); putc (':', fp); putc ('\n', fp); if (!idx) { /* It would be better to get the faked email address from the keydb. But as long as we don't have a way to pass the meta data back, we just check it the same way as the code used to create the keybox meta data does */ char *pp = email_kludge (p); if (pp) { fprintf (fp, "uid:%s::::::::", truststring); print_sanitized_string (fp, pp, ':'); putc (':', fp); putc (':', fp); putc ('\n', fp); xfree (pp); } } xfree (p); } } static void print_name_raw (FILE *fp, const char *string) { if (!string) fputs ("[error]", fp); else print_sanitized_string (fp, string, 0); } static void print_names_raw (FILE *fp, int indent, ksba_name_t name) { int idx; const char *s; int indent_all; if ((indent_all = (indent < 0))) indent = - indent; if (!name) { fputs ("none\n", fp); return; } for (idx=0; (s = ksba_name_enum (name, idx)); idx++) { char *p = ksba_name_get_uri (name, idx); printf ("%*s", idx||indent_all?indent:0, ""); print_sanitized_string (fp, p?p:s, 0); putc ('\n', fp); xfree (p); } } /* List one certificate in raw mode useful to have a closer look at the certificate. This one does no beautification and only minimal output sanitation. It is mainly useful for debugging. */ static void list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, ksba_cert_t cert, FILE *fp, int have_secret, int with_validation) { gpg_error_t err; size_t off, len; ksba_sexp_t sexp, keyid; char *dn; ksba_isotime_t t; int idx, i; int is_ca, chainlen; unsigned int kusage; char *string, *p, *pend; const char *oid, *s; ksba_name_t name, name2; unsigned int reason; sexp = ksba_cert_get_serial (cert); fputs ("Serial number: ", fp); gpgsm_print_serial (fp, sexp); ksba_free (sexp); putc ('\n', fp); dn = ksba_cert_get_issuer (cert, 0); fputs (" Issuer: ", fp); print_name_raw (fp, dn); ksba_free (dn); putc ('\n', fp); for (idx=1; (dn = ksba_cert_get_issuer (cert, idx)); idx++) { fputs (" aka: ", fp); print_name_raw (fp, dn); ksba_free (dn); putc ('\n', fp); } dn = ksba_cert_get_subject (cert, 0); fputs (" Subject: ", fp); print_name_raw (fp, dn); ksba_free (dn); putc ('\n', fp); for (idx=1; (dn = ksba_cert_get_subject (cert, idx)); idx++) { fputs (" aka: ", fp); print_name_raw (fp, dn); ksba_free (dn); putc ('\n', fp); } dn = gpgsm_get_fingerprint_string (cert, 0); fprintf (fp, " sha1_fpr: %s\n", dn?dn:"error"); xfree (dn); dn = gpgsm_get_fingerprint_string (cert, GCRY_MD_MD5); fprintf (fp, " md5_fpr: %s\n", dn?dn:"error"); xfree (dn); dn = gpgsm_get_certid (cert); fprintf (fp, " certid: %s\n", dn?dn:"error"); xfree (dn); dn = gpgsm_get_keygrip_hexstring (cert); fprintf (fp, " keygrip: %s\n", dn?dn:"error"); xfree (dn); ksba_cert_get_validity (cert, 0, t); fputs (" notBefore: ", fp); gpgsm_print_time (fp, t); putc ('\n', fp); fputs (" notAfter: ", fp); ksba_cert_get_validity (cert, 1, t); gpgsm_print_time (fp, t); putc ('\n', fp); oid = ksba_cert_get_digest_algo (cert); s = get_oid_desc (oid, NULL); fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":""); { const char *algoname; unsigned int nbits; algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits)); fprintf (fp, " keyType: %u bit %s\n", nbits, algoname? algoname:"?"); } /* subjectKeyIdentifier */ fputs (" subjKeyId: ", fp); err = ksba_cert_get_subj_key_id (cert, NULL, &keyid); - if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) + if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) fputs ("[none]\n", fp); else { gpgsm_print_serial (fp, keyid); ksba_free (keyid); putc ('\n', fp); } } else fputs ("[?]\n", fp); /* authorityKeyIdentifier */ fputs (" authKeyId: ", fp); err = ksba_cert_get_auth_key_id (cert, &keyid, &name, &sexp); - if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) + if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { - if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name) + if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name + || gpg_err_code (err) == GPG_ERR_NO_VALUE) fputs ("[none]\n", fp); else { gpgsm_print_serial (fp, sexp); ksba_free (sexp); putc ('\n', fp); print_names_raw (fp, -15, name); ksba_name_release (name); } if (keyid) { fputs (" authKeyId.ki: ", fp); gpgsm_print_serial (fp, keyid); ksba_free (keyid); putc ('\n', fp); } } else fputs ("[?]\n", fp); fputs (" keyUsage:", fp); err = ksba_cert_get_key_usage (cert, &kusage); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, " [error: %s]", gpg_strerror (err)); else { if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE)) fputs (" digitalSignature", fp); if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION)) fputs (" nonRepudiation", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT)) fputs (" keyEncipherment", fp); if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT)) fputs (" dataEncipherment", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT)) fputs (" keyAgreement", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN)) fputs (" certSign", fp); if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN)) fputs (" crlSign", fp); if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY)) fputs (" encipherOnly", fp); if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY)) fputs (" decipherOnly", fp); } putc ('\n', fp); } else - fputs ("[none]\n", fp); + fputs (" [none]\n", fp); fputs (" extKeyUsage: ", fp); err = ksba_cert_get_ext_key_usages (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else { p = string; while (p && (pend=strchr (p, ':'))) { *pend++ = 0; for (i=0; key_purpose_map[i].oid; i++) if ( !strcmp (key_purpose_map[i].oid, p) ) break; fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp); p = pend; if (*p != 'C') fputs (" (suggested)", fp); if ((p = strchr (p, '\n'))) { p++; fputs ("\n ", fp); } } xfree (string); } putc ('\n', fp); } else fputs ("[none]\n", fp); fputs (" policies: ", fp); err = ksba_cert_get_cert_policies (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else { p = string; while (p && (pend=strchr (p, ':'))) { *pend++ = 0; for (i=0; key_purpose_map[i].oid; i++) if ( !strcmp (key_purpose_map[i].oid, p) ) break; fputs (p, fp); p = pend; if (*p == 'C') fputs (" (critical)", fp); if ((p = strchr (p, '\n'))) { p++; fputs ("\n ", fp); } } xfree (string); } putc ('\n', fp); } else fputs ("[none]\n", fp); fputs (" chainLength: ", fp); err = ksba_cert_is_ca (cert, &is_ca, &chainlen); if (err || is_ca) { - if (err) + if (gpg_err_code (err) == GPG_ERR_NO_VALUE ) + fprintf (fp, "[none]"); + else if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else if (chainlen == -1) fputs ("unlimited", fp); else fprintf (fp, "%d", chainlen); putc ('\n', fp); } else fputs ("not a CA\n", fp); /* CRL distribution point */ for (idx=0; !(err=ksba_cert_get_crl_dist_point (cert, idx, &name, &name2, &reason)) ;idx++) { fputs (" crlDP: ", fp); print_names_raw (fp, 15, name); if (reason) { fputs (" reason: ", fp); if ( (reason & KSBA_CRLREASON_UNSPECIFIED)) fputs (" unused", stdout); if ( (reason & KSBA_CRLREASON_KEY_COMPROMISE)) fputs (" keyCompromise", stdout); if ( (reason & KSBA_CRLREASON_CA_COMPROMISE)) fputs (" caCompromise", stdout); if ( (reason & KSBA_CRLREASON_AFFILIATION_CHANGED)) fputs (" affiliationChanged", stdout); if ( (reason & KSBA_CRLREASON_SUPERSEDED)) fputs (" superseded", stdout); if ( (reason & KSBA_CRLREASON_CESSATION_OF_OPERATION)) fputs (" cessationOfOperation", stdout); if ( (reason & KSBA_CRLREASON_CERTIFICATE_HOLD)) fputs (" certificateHold", stdout); putchar ('\n'); } fputs (" issuer: ", fp); print_names_raw (fp, 23, name2); ksba_name_release (name); ksba_name_release (name2); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" crlDP: [error]\n", fp); else if (!idx) fputs (" crlDP: [none]\n", fp); /* authorityInfoAccess. */ for (idx=0; !(err=ksba_cert_get_authority_info_access (cert, idx, &string, &name)); idx++) { fputs (" authInfo: ", fp); s = get_oid_desc (string, NULL); fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":""); print_names_raw (fp, -15, name); ksba_name_release (name); ksba_free (string); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" authInfo: [error]\n", fp); else if (!idx) fputs (" authInfo: [none]\n", fp); /* subjectInfoAccess. */ for (idx=0; !(err=ksba_cert_get_subject_info_access (cert, idx, &string, &name)); idx++) { fputs (" subjectInfo: ", fp); s = get_oid_desc (string, NULL); fprintf (fp, "%s%s%s%s\n", string, s?" (":"", s?s:"", s?")":""); print_names_raw (fp, -15, name); ksba_name_release (name); ksba_free (string); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" subjInfo: [error]\n", fp); else if (!idx) fputs (" subjInfo: [none]\n", fp); for (idx=0; !(err=ksba_cert_get_extension (cert, idx, &oid, &i, &off, &len));idx++) { unsigned int flag; s = get_oid_desc (oid, &flag); if (!(flag & 1)) fprintf (fp, " %s: %s%s%s%s [%d octets]\n", i? "critExtn":" extn", oid, s?" (":"", s?s:"", s?")":"", (int)len); } if (with_validation) { err = gpgsm_validate_chain (ctrl, cert, NULL, 1, fp, 0); if (!err) fprintf (fp, " [certificate is good]\n"); else fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err)); } if (opt.with_ephemeral_keys && hd) { unsigned int blobflags; err = keydb_get_flags (hd, KEYBOX_FLAG_BLOB, 0, &blobflags); if (err) fprintf (fp, " [error getting keyflags: %s]\n", gpg_strerror (err)); else if ((blobflags & 2)) fprintf (fp, " [stored as ephemeral]\n"); } } /* List one certificate in standard mode */ static void list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret, int with_validation) { gpg_error_t err; ksba_sexp_t sexp; char *dn; ksba_isotime_t t; int idx, i; int is_ca, chainlen; unsigned int kusage; char *string, *p, *pend; sexp = ksba_cert_get_serial (cert); fputs ("Serial number: ", fp); gpgsm_print_serial (fp, sexp); ksba_free (sexp); putc ('\n', fp); dn = ksba_cert_get_issuer (cert, 0); fputs (" Issuer: ", fp); gpgsm_print_name (fp, dn); ksba_free (dn); putc ('\n', fp); for (idx=1; (dn = ksba_cert_get_issuer (cert, idx)); idx++) { fputs (" aka: ", fp); gpgsm_print_name (fp, dn); ksba_free (dn); putc ('\n', fp); } dn = ksba_cert_get_subject (cert, 0); fputs (" Subject: ", fp); gpgsm_print_name (fp, dn); ksba_free (dn); putc ('\n', fp); for (idx=1; (dn = ksba_cert_get_subject (cert, idx)); idx++) { fputs (" aka: ", fp); gpgsm_print_name (fp, dn); ksba_free (dn); putc ('\n', fp); } ksba_cert_get_validity (cert, 0, t); fputs (" validity: ", fp); gpgsm_print_time (fp, t); fputs (" through ", fp); ksba_cert_get_validity (cert, 1, t); gpgsm_print_time (fp, t); putc ('\n', fp); { const char *algoname; unsigned int nbits; algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits)); fprintf (fp, " key type: %u bit %s\n", nbits, algoname? algoname:"?"); } err = ksba_cert_get_key_usage (cert, &kusage); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs (" key usage:", fp); if (err) fprintf (fp, " [error: %s]", gpg_strerror (err)); else { if ( (kusage & KSBA_KEYUSAGE_DIGITAL_SIGNATURE)) fputs (" digitalSignature", fp); if ( (kusage & KSBA_KEYUSAGE_NON_REPUDIATION)) fputs (" nonRepudiation", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_ENCIPHERMENT)) fputs (" keyEncipherment", fp); if ( (kusage & KSBA_KEYUSAGE_DATA_ENCIPHERMENT)) fputs (" dataEncipherment", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_AGREEMENT)) fputs (" keyAgreement", fp); if ( (kusage & KSBA_KEYUSAGE_KEY_CERT_SIGN)) fputs (" certSign", fp); if ( (kusage & KSBA_KEYUSAGE_CRL_SIGN)) fputs (" crlSign", fp); if ( (kusage & KSBA_KEYUSAGE_ENCIPHER_ONLY)) fputs (" encipherOnly", fp); if ( (kusage & KSBA_KEYUSAGE_DECIPHER_ONLY)) fputs (" decipherOnly", fp); } putc ('\n', fp); } err = ksba_cert_get_ext_key_usages (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs ("ext key usage: ", fp); if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else { p = string; while (p && (pend=strchr (p, ':'))) { *pend++ = 0; for (i=0; key_purpose_map[i].oid; i++) if ( !strcmp (key_purpose_map[i].oid, p) ) break; fputs (key_purpose_map[i].oid?key_purpose_map[i].name:p, fp); p = pend; if (*p != 'C') fputs (" (suggested)", fp); if ((p = strchr (p, '\n'))) { p++; fputs (", ", fp); } } xfree (string); } putc ('\n', fp); } err = ksba_cert_get_cert_policies (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs (" policies: ", fp); if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else { for (p=string; *p; p++) { if (*p == '\n') *p = ','; } print_sanitized_string (fp, string, 0); xfree (string); } putc ('\n', fp); } err = ksba_cert_is_ca (cert, &is_ca, &chainlen); if (err || is_ca) { fputs (" chain length: ", fp); - if (err) + if (gpg_err_code (err) == GPG_ERR_NO_VALUE ) + fprintf (fp, "none"); + else if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else if (chainlen == -1) fputs ("unlimited", fp); else fprintf (fp, "%d", chainlen); putc ('\n', fp); } if (opt.with_md5_fingerprint) { dn = gpgsm_get_fingerprint_string (cert, GCRY_MD_MD5); fprintf (fp, " md5 fpr: %s\n", dn?dn:"error"); xfree (dn); } dn = gpgsm_get_fingerprint_string (cert, 0); fprintf (fp, " fingerprint: %s\n", dn?dn:"error"); xfree (dn); if (with_validation) { gpg_error_t tmperr; size_t buflen; char buffer[1]; err = gpgsm_validate_chain (ctrl, cert, NULL, 1, fp, 0); tmperr = ksba_cert_get_user_data (cert, "is_qualified", &buffer, sizeof (buffer), &buflen); if (!tmperr && buflen) { if (*buffer) fputs (" [qualified]\n", fp); } else if (gpg_err_code (tmperr) == GPG_ERR_NOT_FOUND) ; /* Don't know - will not get marked as 'q' */ else log_debug ("get_user_data(is_qualified) failed: %s\n", gpg_strerror (tmperr)); if (!err) fprintf (fp, " [certificate is good]\n"); else fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err)); } } /* Same as standard mode mode list all certifying certs too. */ static void list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd, ksba_cert_t cert, int raw_mode, FILE *fp, int with_validation) { ksba_cert_t next = NULL; if (raw_mode) list_cert_raw (ctrl, hd, cert, fp, 0, with_validation); else list_cert_std (ctrl, cert, fp, 0, with_validation); ksba_cert_ref (cert); while (!gpgsm_walk_cert_chain (cert, &next)) { ksba_cert_release (cert); fputs ("Certified by\n", fp); if (raw_mode) list_cert_raw (ctrl, hd, next, fp, 0, with_validation); else list_cert_std (ctrl, next, fp, 0, with_validation); cert = next; } ksba_cert_release (cert); putc ('\n', fp); } /* List all internal keys or just the keys given as NAMES. MODE is a bit vector to specify what keys are to be included; see gpgsm_list_keys (below) for details. If RAW_MODE is true, the raw output mode will be used instead of the standard beautified one. */ static gpg_error_t list_internal_keys (ctrl_t ctrl, strlist_t names, FILE *fp, unsigned int mode, int raw_mode) { KEYDB_HANDLE hd; KEYDB_SEARCH_DESC *desc = NULL; strlist_t sl; int ndesc; ksba_cert_t cert = NULL; gpg_error_t rc = 0; const char *lastresname, *resname; int have_secret; hd = keydb_new (0); if (!hd) { log_error ("keydb_new failed\n"); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } if (!names) ndesc = 1; else { for (sl=names, ndesc=0; sl; sl = sl->next, ndesc++) ; } desc = xtrycalloc (ndesc, sizeof *desc); if (!ndesc) { rc = gpg_error_from_syserror (); log_error ("out of core\n"); goto leave; } if (!names) desc[0].mode = KEYDB_SEARCH_MODE_FIRST; else { for (ndesc=0, sl=names; sl; sl = sl->next) { rc = keydb_classify_name (sl->d, desc+ndesc); if (rc) { log_error ("key `%s' not found: %s\n", sl->d, gpg_strerror (rc)); rc = 0; } else ndesc++; } } if (opt.with_ephemeral_keys) keydb_set_ephemeral (hd, 1); /* It would be nice to see which of the given users did actually match one in the keyring. To implement this we need to have a found flag for each entry in desc and to set this we must check all those entries after a match to mark all matched one - currently we stop at the first match. To do this we need an extra flag to enable this feature so */ lastresname = NULL; while (!(rc = keydb_search (hd, desc, ndesc))) { unsigned int validity; if (!names) desc[0].mode = KEYDB_SEARCH_MODE_NEXT; rc = keydb_get_flags (hd, KEYBOX_FLAG_VALIDITY, 0, &validity); if (rc) { log_error ("keydb_get_flags failed: %s\n", gpg_strerror (rc)); goto leave; } rc = keydb_get_cert (hd, &cert); if (rc) { log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc)); goto leave; } resname = keydb_get_resource_name (hd); if (lastresname != resname ) { int i; if (ctrl->no_server) { fprintf (fp, "%s\n", resname ); for (i=strlen(resname); i; i-- ) putc ('-', fp); putc ('\n', fp); lastresname = resname; } } have_secret = 0; if (mode) { char *p = gpgsm_get_keygrip_hexstring (cert); if (p) { rc = gpgsm_agent_havekey (ctrl, p); if (!rc) have_secret = 1; else if ( gpg_err_code (rc) != GPG_ERR_NO_SECKEY) goto leave; rc = 0; xfree (p); } } if (!mode || ((mode & 1) && !have_secret) || ((mode & 2) && have_secret) ) { if (ctrl->with_colons) list_cert_colon (ctrl, cert, validity, fp, have_secret); else if (ctrl->with_chain) list_cert_chain (ctrl, hd, cert, raw_mode, fp, ctrl->with_validation); else { if (raw_mode) list_cert_raw (ctrl, hd, cert, fp, have_secret, ctrl->with_validation); else list_cert_std (ctrl, cert, fp, have_secret, ctrl->with_validation); putc ('\n', fp); } } ksba_cert_release (cert); cert = NULL; } if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1 ) rc = 0; if (rc) log_error ("keydb_search failed: %s\n", gpg_strerror (rc)); leave: ksba_cert_release (cert); xfree (desc); keydb_release (hd); return rc; } static void list_external_cb (void *cb_value, ksba_cert_t cert) { struct list_external_parm_s *parm = cb_value; if (keydb_store_cert (cert, 1, NULL)) log_error ("error storing certificate as ephemeral\n"); if (parm->print_header) { const char *resname = "[external keys]"; int i; fprintf (parm->fp, "%s\n", resname ); for (i=strlen(resname); i; i-- ) putchar('-'); putc ('\n', parm->fp); parm->print_header = 0; } if (parm->with_colons) list_cert_colon (parm->ctrl, cert, 0, parm->fp, 0); else if (parm->with_chain) list_cert_chain (parm->ctrl, NULL, cert, parm->raw_mode, parm->fp, 0); else { if (parm->raw_mode) list_cert_raw (parm->ctrl, NULL, cert, parm->fp, 0, 0); else list_cert_std (parm->ctrl, cert, parm->fp, 0, 0); putc ('\n', parm->fp); } } /* List external keys similar to internal one. Note: mode does not make sense here because it would be unwise to list external secret keys */ static gpg_error_t list_external_keys (ctrl_t ctrl, strlist_t names, FILE *fp, int raw_mode) { int rc; struct list_external_parm_s parm; parm.fp = fp; parm.ctrl = ctrl, parm.print_header = ctrl->no_server; parm.with_colons = ctrl->with_colons; parm.with_chain = ctrl->with_chain; parm.raw_mode = raw_mode; rc = gpgsm_dirmngr_lookup (ctrl, names, list_external_cb, &parm); if (rc) log_error ("listing external keys failed: %s\n", gpg_strerror (rc)); return rc; } /* List all keys or just the key given as NAMES. MODE controls the operation mode: Bit 0-2: 0 = list all public keys but don't flag secret ones 1 = list only public keys 2 = list only secret keys 3 = list secret and public keys Bit 6: list internal keys Bit 7: list external keys Bit 8: Do a raw format dump. */ gpg_error_t gpgsm_list_keys (ctrl_t ctrl, strlist_t names, FILE *fp, unsigned int mode) { gpg_error_t err = 0; if ((mode & (1<<6))) err = list_internal_keys (ctrl, names, fp, (mode & 3), (mode&256)); if (!err && (mode & (1<<7))) err = list_external_keys (ctrl, names, fp, (mode&256)); return err; }