diff --git a/NEWS b/NEWS index 3d28c9925..cd9c5ef59 100644 --- a/NEWS +++ b/NEWS @@ -1,5136 +1,5138 @@ Noteworthy changes in version 2.2.42 (unreleased) ------------------------------------------------- * gpg: Support OCB encryption. [T6263] * gpg: New command --quick-update-pref. [rGf16c946be7] * gpg: New list-options show-pref and show-pref-verbose. [rGb6ba7054a0] + * gpg: Add modes 16 and 30 to --gen-random. + * gpgsm: Support ECC certificates. [T6253] * gpgsm: Also announce AES256-CBC in signatures. [rGaa397fdcdb21] Release-info: https://dev.gnupg.org/T6307 Noteworthy changes in version 2.2.41 (2022-12-09) ------------------------------------------------- * gpg: Add a notation to encryption subkeys in de-vs mode. [T6279] * gpg: Fix trusted introducer for mbox only user-ids. [T6238] * gpg: Report an error via status-fd for receiving a key from the agent. [T5151] * gpg: Make --require-compliance work without the --status-fd option. [r11f3232716] * gpg: Improve signature verification speed by a factor of more than four. Double detached signing speed. [T5826] * gpg: New --export-filter export-revocs. [rGedbe30c152] * gpg: Import stray revocation certificates to improve WKD usability. [rGbd825ead36af] * wkd: New option --add-revocs for gpg-wks-client. [rG2f4492f3be] * wkd: Ignore expired user-ids in gpg-wks-client. [T6292] * scd: Support the Telesec Signature Card v2.0. [T6252] * Fix build regression depending on libgpg-error version. [T6244] Release-info: https://dev.gnupg.org/T6280 Noteworthy changes in version 2.2.40 (2022-10-10) ------------------------------------------------- * gpg: Do not consider unknown public keys as non-compliant while decrypting. [T6205] * gpg: Avoid to emit a compliance mode line if Libgcrypt is non-compliant. [T6221] * gpg: In de-vs mode use AES-128 instead of 3-DES as implicit preference. [T6063] * gpgsm: Fix reporting of bad passphrase error during PKCS#11 import. [T5713,T6037] * dirmngr: Fix CRL Distribution Point fallback to other schemes. [rG289fbc550d] * dirmngr: New LDAP server flag "areconly" (A-record-only). [rG6300035ba1] * dirmngr: Fix upload of multiple keys for an LDAP server specified using the colon format. [rG32ce7ac0c6] * dirmngr: Use LDAP schema v2 when a Base DN is specified. [T6047] * wkd: New command --mirror for gpg-wks-client. [T6224] Release-info: https://dev.gnupg.org/T6181 Noteworthy changes in version 2.2.39 (2022-09-02) ------------------------------------------------- * agent: Fix regression in 2.2.37 related to non-extended format private keys. [T6176] Release-info: https://dev.gnupg.org/T6175 Noteworthy changes in version 2.2.38 (2022-09-01) ------------------------------------------------- * gpg: Make --require-compliance work for sign+encrypt. [T6174] * gpg: Fix an encoding problem under Windows in the printed timezone. [T5073] * gpg: Emit a FAILURE status for --require-compliance errors. [rGe05fb5ca37] * dirmngr: Avoid caching expired certificates. [T6142] Release-info: https://dev.gnupg.org/T6159 Noteworthy changes in version 2.2.37 (2022-08-24) ------------------------------------------------- * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit preference. [T6043, T6063] * gpg: Actually show symmetric+pubkey encrypted data as de-vs compliant. Add extra compliance checks for symkey_enc packets. [T6119] * gpg: Request keygrip of key to be added via command-fd interface. [T5771] * gpg: Look up user ID to revoke by UID hash. [T5936] * gpg: Fix wrong error message for "keytocard". [T6122] * gpg: --card-status shows the application type for non-openpgp cards again. [rG8e393e2592] * gpg: The options --auto-key-import and --include-key-block are again listed by gpgconf. [T6138] * gpgsm: New option --compatibility-flags. [rG77b6896f7a] * agent: New options --no-user-trustlist and --sys-trustlist-name. [T5990] * agent: Track and update the Display-S/N of cards so that the "please insert card" prompt may now show more information. Use "gpg --card-status" to update stored card meta data. [T6135] * scd:openpgp: Fix problem with ECC algorithm attributes on Yubikeys. [rG225c66f13b87] * scd:openpgp: Fix problem with Yubikey 5.4 firmware. [T6070] * dirmngr: Ask keyservers to provide the key fingerprints. [T5741] * ssh: Allow authentication as used by OpenSSH's PQ crypto support. [T5935] * wkd: Fix path traversal attack in gpg-wks-server. Add the mail address to the pending request data. [rGc1489ca0e1, T6098] * gpgconf: Improve registry dumping. [rG6bc9592318] * Silence warnings from AllowSetForegroundWindow. [rG6583abedf3] Release-info: https://dev.gnupg.org/T6105 Noteworthy changes in version 2.2.36 (2022-07-06) ------------------------------------------------- * g10: Fix possibly garbled status messages in NOTATION_DATA. This bug could trick GPGME and other parsers to accept faked status lines. [T6027, CVE-2022-34903] * gpg: Handle leading zeroes in Ed25519 private keys and reverse change regarding Ed25519 SOS encoding as introduced with 2.2.34. [T5120] * gpg: Allow Unicode file names for iobuf_cancel under Windows. * gpgsm: Improve pkcs#12 import. [T6037,T5793,T4921,T4757] * scd,p15: Fix reading certificates w/o length info. * scd,p15: Improve the displayed S/N for Technology Nexus cards. * scd,openpgp: Add workaround for ECC attribute on Yubikey. [T5963] * scd: Fix use of SCardListReaders for PC/SC. [T5979] * gpgconf: New short options -X and -V. * Make sure to always set CONFIDENTIAL flag in Assuan. [T5977] Release-info: https://dev.gnupg.org/T5949 Noteworthy changes in version 2.2.35 (2022-04-25) ------------------------------------------------- * gpg,gpgsm: New option --require-compliance. [17890d4318] * gpgtar: New option --with-log. [rGce69d55f70] * gpg: Threefold decryption speedup for large files. [T5820,rG9116fd1e9a] * gpgtar: Support file names longer than MAX_PATH. [rG5492079def] * scdaemon: Add support for GeNUA cards. [rG44ec383cde] * gpg: Allow decryption of symmetric encrypted data even for non-compliant cipher. [rGe081a601f7] * gpg: Avoid possible race condition in --edit-card/factory-reset. [T5831] * gpg: Emit an ERROR status as hint for a bad passphrase. [T5943] * gpg: Avoid NULL-ptr access due to corrupted packets. [T5940] * gpgsm: Fix parsing of certain PKCS#12 files. [T5793] * gpgtar: Use a pipe for decryption and thus avoid memory exhaustion. [rGd431feb307] * scdaemon: Use extended mode for pkcs#15 already for rsa2048. [rGa2db490de5] * dirmngr: Make WKD lookups work for resolvers not handling SRV records. [T4729] * dirmngr: Escape more characters in WKD requests. [T5902] * gpgconf: Silence warnings from parsing the option files. [T5874] * Improve removing of stale lockfiles under Unix. [T5884] Release-info: https://dev.gnupg.org/T5928 Noteworthy changes in version 2.2.34 (2022-02-07) ------------------------------------------------- * gpgconf: Backport the improved option reading and writing code from 2.3. [rG7a3a1ef370,T4788] * gpgconf: Do not list ignored options and mark forced options as read-only. [T5732] * gpgconf: Correctly show registry entries with --show-configs. [T5724] * gpgconf: Add command aliases -L, -K, and -R. [rGf16c535eee] * gpgconf: Tweak the use of the ldapserver option. [T5801] * gpgconf: Make "--launch gpg-agent" work again. [rG5a7ed6dd8f] * gpg: Accept Ed25519 private keys in modernized encoding. [T5120] * gpg: Fix adding the list of ultimate trusted keys. [T5742] * gpgsm: New option --ignore-cert-with-oid. [rGbcf446b70c] * dirmngr: Avoid initial delay on the first keyserver access in presence of --no-use-tor. [rGdde88897e2] * scdaemon: Also prefer Yubikeys if no reader port is given. [rG38c666ec3f] * agent: Make missing strings translatable and update German and Japanese translations. [T4777] * ssh: Fix adding an ed25519 key with a zero length comment. [T5794] * gpgtar: Create and handle extended headers to support long file names. [T5754] * Fix the creation of socket directories under Windows for non-ascii account names. [rG7d1215cb9c] * Improve the registry HKCU->HKLM fallback. [rG96db487a4d] * Prettify the --help output of most commands. Release-info: https://dev.gnupg.org/T5703 See-also: gnupg-announce/2022q1/000470.html Noteworthy changes in version 2.2.33 (2021-11-23) ------------------------------------------------- * gpg: New option --min-rsa-length. [rG6ee01c1d26] * gpg: New option --forbid-gen-key. [rG985fb25c46] * gpg: New option --override-compliance-check. [T5655] * gpgconf: New command --show-configs. [rG8fe3f57643] * agent,dirmngr: New option --steal-socket. [rG6507c6ab10] * scd: Improve the selection of the default PC/SC reader. [T5644] * gpg: Fix printing of binary notations. [T5667] * gpg: Remove stale ultimately trusted keys from the trustdb. [T5685] * gpgsm: Detect circular chains in --list-chain. [rGc9343bec83] * gpgconf: Create the local option file even if the global file exists. [T5650] * dirmngr: Make reading resolv.conf more robust. [T5657] * gpg-wks-server: Fix created file permissions. [rGf54feb4470] * scd: Support longer data for ssh-agent authentication with openpgp cards. [T5682] * Support gpgconf.ctl for NetBSD and Solaris. [T5656,T5671] * Silence "Garbled console data" warning under Windows in most cases. * Silence warning about the rootdir under Unices w/o a mounted /proc file system. * Fix possible build problems about missing include files. [T5592] * i18n: Replace the term "PIN-Cache" by "Passswort-Cache" in the German translation. [rgf453d52e53] * i18n: Update the Russian translation. Release-info: https://dev.gnupg.org/T5641 See-also: gnupg-announce/2021q4/000467.html Noteworthy changes in version 2.2.32 (2021-10-06) ------------------------------------------------- * dirmngr: Fix Let's Encrypt certificate chain validation. [T5639] * dirmngr: New option --ignore-cert. [323a20399d] * gpg: Fix --list-packets for AEAD packets with unknown key. [T5584] Release-info: https://dev.gnupg.org/T5601 See-also: gnupg-announce/2021q4/000465.html Noteworthy changes in version 2.2.31 (2021-09-15) ------------------------------------------------- * agent: Fix a regression in GET_PASSPHRASE. [#5577] * scd: Fix an assertion failure in close_pcsc_reader. [67e1834ad4] * scd: Add support for PC/SC in "GETINFO reader_list". Release-info: https://dev.gnupg.org/T5571 See-also: gnupg-announce/2021q3/000464.html Noteworthy changes in version 2.2.30 (2021-08-26) ------------------------------------------------- * gpg: Extended gpg-check-pattern to support accept rules, conjunctions, and case-sensitive matching. [5ca15e58b2] * agent: New option --pinentry-formatted-passphrase. [#5553] * agent: New option --check-sym-passphrase-pattern. [#5517] * agent: Use the sysconfdir for the pattern files. [5ed8e598fa] * agent: Add "checkpin" inquiry for use by pinentry. [#5532] * wkd: Fix client issue with leading or trailing spaces in user-ids. [576e429d41] * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. [#3659] * Under Windows use LOCAL_APPDATA for the socket directory. [#5537] Release-info: https://dev.gnupg.org/T5519 See-also: gnupg-announce/2021q3/000463.html Noteworthy changes in version 2.2.29 (2021-07-04) ------------------------------------------------- * Fix regression in 2.2.28 for Yubikey NEO. [#5487] * Change the default keyserver to keyserver.ubuntu.com. This is a temporary change due to the shutdown of the SKS keyserver pools. [47c4e3e00a] * gpg: Let --fetch-key return an exit code on failure. [#5376] * dirmngr: Fix regression in KS_GET for mail address pattern. [#5497] * Add fallback in case the Windows console can't cope with Unicode. [#5491] * Improve initialization of SPR532 in the CCID driver and make the driver more robust. [#5297,b90c55fa66db] * Make test suite work in presence of a broken Libgcrypt installation. [#5502] * Make configure option --disable-ldap work again. Release-info: https://dev.gnupg.org/T5498 See-also: gnupg-announce/2021q3/000461.html Noteworthy changes in version 2.2.28 (2021-06-10) ------------------------------------------------- * gpg: Auto import keys specified with --trusted-keys. [e7251be84c79] * gpg: Allow decryption w/o public key but with correct card inserted. [e53f6037283e] * gpg: Allow fingerprint based lookup with --locate-external-key. [2af217ecd7e4] * gpg: Lookup a missing public key of the current card via LDAP. [b59af0e2a05a] * gpg: New option --force-sign-key. [#4584] * gpg: Use a more descriptive password prompt for symmetric decryption. [03f83bcda5d1] * gpg: Do not use the self-sigs-only option for LDAP keyserver imports. [#5387] * gpg: Keep temp files when opening images via xdg-open. [0441ed6e1c] * gpg: Fix mailbox based search via AKL keyserver method. [22fe23f46d31] * gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. [7bf8530e75d0] * gpg: Allow ECDH with a smartcard returning only the x-coordinate. [b203325ce1] * gpgsm: New option --ldapserver as an alias for --keyserver. Note that configuring servers in gpgsm and gpg is deprecated; please use the dirmngr configuration options. * gpgsm: Support AES-GCM decryption. [b722fd755c77] * gpgsm: Support decryption of password protected files. [6f31acac767f] * gpgsm: Lock keyboxes also during a search to fix lockups on Windows. [#4505] * agent: Skip unknown unknown ssh curves seen on cards. [bbf4bd3bfcb5] * scdaemon: New option --pcsc-shared. [5eec40f3d827] * scdaemon: Backport PKCS#15 card support from GnuPG 2.3 [7637d39fe20e] * scdaemon: Fix CCID driver for SCM SPR332/SPR532. [#5297] * scdaemon: Fix possible PC/SC removed card problem. [9d83bfb63968] * scdaemon: Fix unblock PIN by a Reset Code with KDF. [#5413] * scdaemon: Support compressed points. [96577e2e46e4] * scdaemon: Prettify S/N for Yubikeys and fix reading for early Yubikey 5 tokens. [f8588369bcb0,#5442] * dirmngr: New option --ldapserver to avoid the need for the separate dirmngr_ldapservers.conf file. * dirmngr: The dirmngr_ldap wrapper has been rewritten to properly support ldap-over-tls and starttls for X.509 certificates and CRLs. [39815c023f03] * dirmngr: OpenPGP LDAP keyservers may now also be configured using the same syntax as used for X.509 and CRL LDAP servers. This avoids the former cumbersome quoting rules and adds a flexible set of flags to control the connection. [2b4cddf9086f] * dirmngr: The "ldaps" scheme of an OpenPGP keyserver URL is now interpreted as ldap-with-starttls on port 389. To use the non-standardized ldap-over-tls the new LDAP configuration method of the new attribute "gpgNtds" needs to be used. [55f46b33df08] * dirmngr: Return the fingerprint as search result also for LDAP OpenPGP keyservers. This requires the modernized LDAP schema. [#5441] * dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked keys. [b6f8cd7eef4b] * gpgconf: Make runtime changes with non-default homedir work. [c8f0b02936c7] * gpgconf: Do not translate an empty string to the PO file's meta data. [#5363] * gpgconf: Fix argv overflow if --homedir is used. [#5366] * gpgconf: Return a new pseudo option "compliance_de_vs". [9feffc03f364] * gpgtar: Fix file size computation under Windows. [198b240b1955] * Full Unicode support for the Windows command line. [#4398] * Fix problem with Windows Job objects and auto start of our daemons. [#4333] * i18n: In German always use "Passwort" instead of "Passphrase" in prompts. Release-info: https://dev.gnupg.org/T5482 See-also: gnupg-announce/2021q2/000460.html Noteworthy changes in version 2.2.27 (2021-01-11) ------------------------------------------------- * gpg: Fix regression in 2.2.24 for gnupg_remove function under Windows. [#5230] * gpgconf: Fix case with neither local nor global gpg.conf. [9f37d3e6f3] * gpgconf: Fix description of two new options. [#5221] * Build Windows installer without timestamps. Note that the Authenticode signatures still carry a timestamp. Release-info: https://dev.gnupg.org/T5234 See-also: gnupg-announce/2021q1/000452.html Noteworthy changes in version 2.2.26 (2020-12-21) ------------------------------------------------- * gpg: New AKL method "ntds". [559efd23e9] * gpg: Fix --trusted-key with fingerprint arg. [8a2e5025eb] * scd: Fix writing of ECC keys to an OpenPGP card. [#5163] * scd: Make an USB error fix specific to SPR532 readers. [#5167] * dirmngr: With new LDAP keyservers store the new attributes. Never store the useless pgpSignerID. Fix a long standing bug storing some keys on an ldap server. [0e88c73bc9,e47de85382] * dirmngr: Support the new Active Direcory LDAP schema for keyservers. [ac8ece9266] * dirmngr: Allow LDAP OpenPGP searches via fingerprint. [c75fd75532] * dirmngr: Do not block other threads during keyserver LDAP calls. [15bfd189c0] * Support global configuration files. [#4788,a028f24136] * Fix the iconv fallback handling to UTF-8. [#5038] Release-info: https://dev.gnupg.org/T5153 See-also: gnupg-announce/2020q4/000451.html Noteworthy changes in version 2.2.25 (2020-11-23) ------------------------------------------------- * scd: Fix regression in 2.2.24 requiring gpg --card-status before signing or decrypting. [#5065] * gpgsm: Using Libksba 1.5.0 signatures with a rarely used combination of attributes can now be verified. [#5146] Release-info: https://dev.gnupg.org/T5140 See-also: gnupg-announce/2020q4/000450.html Noteworthy changes in version 2.2.24 (2020-11-17) ------------------------------------------------- * Allow Unicode file names on Windows almost everywhere. Note that it is still not possible to use Unicode strings on the command line. This change also fixes a regression in 2.2.22 related to non-ascii file names. [#5098] * Fix localized time printing on Windows. [#5073] * gpg: New command --quick-revoke-sig. [#5093] * gpg: Do not use weak digest algos if selected by recipient preference during sign+encrypt. [4c181d51a6] * gpg: Switch to AES256 for symmetric encryption in de-vs mode. [166e779634] * gpg: Silence weak digest warnings with --quiet. [#4893] * gpg: Print new status line CANCELED_BY_USER for a cancel during symmetric encryption. [f05d1772c4] * gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. This is in particular needed for keys created from existing smartcard based keys. [aeed0b93ff] * agent: Fix secret key import of GnuPG 2.3 generated Ed25519 keys. [#5114] * agent: Keep some permissions of private-keys-v1.d. [#2312] * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and gnutls builds. [e4f3b74c91] * dirmngr: Fix the pool keyserver case for a single host in the pool. [72e04b03b1a7] * scd: Fix the use case of verify_chv2 by CHECKPIN. [61aea64b3c] * scd: Various improvements to the ccid-driver. [#4616,#5065] * scd: Minor fixes for Yubikey [25bec16d0b] * gpgconf: New option --show-versions. * w32: Install gpg-check-pattern and example profiles. Install Windows subsystem variant of gpgconf (gpgconf-w32). * i18n: Complete overhaul and completion of the Italian translation. Thanks to Denis Renzi. * Require Libgcrypt 1.8 because 1.7 has long reached end-of-life. Release-info: https://dev.gnupg.org/T5052 See-also: gnupg-announce/2020q4/000449.html Noteworthy changes in version 2.2.23 (2020-09-03) ------------------------------------------------- * gpg: Fix AEAD preference list overflow. [#5050] * gpg: Fix a possible segv in the key cleaning code. * gpgsm: Fix a minor RFC2253 parser bug. [#5037] * scdaemon: Fix a PIN verify failure on certain OpenPGP card implementations. Regression in 2.2.22. [#5039] * po: Fix bug in the Hungarian translation. Updates for the Czech, Polish, and Ukrainian translations. Release-info: https://dev.gnupg.org/T5045 See-also: gnupg-announce/2020q3/000448.html Noteworthy changes in version 2.2.22 (2020-08-27) ------------------------------------------------- * gpg: Change the default key algorithm to rsa3072. * gpg: Add regular expression support for Trust Signatures on all platforms. [#4843] * gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat option. [#4991] * gpg: Ignore --personal-digest-prefs for ECDSA keys. [#5021] * gpgsm: Make rsaPSS a de-vs compliant scheme. * gpgsm: Show also the SHA256 fingerprint in key listings. * gpgsm: Do not require a default keyring for --gpgconf-list. [#4867] * gpg-agent: Default to extended key format and record the creation time of keys. Add new option --disable-extended-key-format. * gpg-agent: Support the WAYLAND_DISPLAY envvar. [#5016] * gpg-agent: Allow using --gpgconf-list even if HOME does not exist. [#4866] * gpg-agent: Make the Pinentry work even if the envvar TERM is set to the empty string. [#4137] * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly incremented the error counter when using the "verify" command of "gpg --edit-key" with only the signature key being present. * dirmngr: Better handle systems with disabled IPv6. [#4977] * gpgpslit: Install tool. It was not installed in the past to avoid conflicts with the version installed by GnuPG 1.4. [#5023] * gpgtar: Handle Unicode file names on Windows correctly (requires libgpg-error 1.39). [#4083] * gpgtar: Make --files-from and --null work as documented. [#5027] * Build the Windows installer with the new Ntbtls 0.2.0 so that TLS connections succeed for servers demanding GCM. Release-info: https://dev.gnupg.org/T5030 See-also: gnupg-announce/2020q3/000447.html Noteworthy changes in version 2.2.21 (2020-07-09) ------------------------------------------------- * gpg: Improve symmetric decryption speed by about 25%. See commit 144b95cc9d. * gpg: Support decryption of AEAD encrypted data packets. * gpg: Add option --no-include-key-block. [#4856] * gpg: Allow for extra padding in ECDH. [#4908] * gpg: Only a single pinentry is shown for symmetric encryption if the pinentry supports this. [#4971] * gpg: Print a note if no keys are given to --delete-key. [#4959] * gpg,gpgsm: The ridiculous passphrase quality bar is not anymore shown. [#2103] * gpgsm: Certificates without a CRL distribution point are now considered valid without looking up a CRL. The new option --enable-issuer-based-crl-check can be used to revert to the former behaviour. * gpgsm: Support rsaPSS signature verification. [#4538] * gpgsm: Unless CRL checking is disabled lookup a missing issuer certificate using the certificate's authorityInfoAccess. [#4898] * gpgsm: Print the certificate's serial number also in decimal notation. * gpgsm: Fix possible NULL-deref in messages of --gen-key. [#4895] * scd: Support the CardOS 5 based D-Trust Card 3.1. * dirmngr: Allow http URLs with "LOOKUP --url". * wkd: Take name of sendmail from configure. Fixes an OpenBSD specific bug. [#4886] Release-info: https://dev.gnupg.org/T4897 See-also: gnupg-announce/2020q3/000446.html Noteworthy changes in version 2.2.20 (2020-03-20) ------------------------------------------------- * Protect the error counter against overflow to guarantee that the tools can't be tricked into returning success after an error. * gpg: Make really sure that --verify-files always returns an error. * gpg: Fix key listing --with-secret if a pattern is given. [#4061] * gpg: Fix detection of certain keys used as default-key. [#4810] * gpg: Fix default-key selection when a card is available. [#4850] * gpg: Fix key expiration and key usage for keys created with a creation date of zero. [4670] * gpgsm: Fix import of some CR,LF terminated certificates. [#4847] * gpg: New options --include-key-block and --auto-key-import to allow encrypted replies after an initial signed message. [#4856] * gpg: Allow the use of a fingerprint with --trusted-key. [#4855] * gpg: New property "fpr" for use by --export-filter. * scdaemon: Disable the pinpad if a KDF DO is used. [#4832] * dirmngr: Improve finding OCSP certificates. [#4536] * Avoid build problems with LTO or gcc-10. [#4831] Release-info: https://dev.gnupg.org/T4860 See-also: gnupg-announce/2020q1/000444.html Noteworthy changes in version 2.2.19 (2019-12-07) ------------------------------------------------- * gpg: Fix double free when decrypting for hidden recipients. Regression in 2.2.18. [#4762]. * gpg: Use auto-key-locate for encryption even for mail addressed given with angle brackets. [#4726] * gpgsm: Add special case for certain expired intermediate certificates. [#4696] Release-info: https://dev.gnupg.org/T4768 See-also: gnupg-announce/2019q4/000443.html Noteworthy changes in version 2.2.18 (2019-11-25) ------------------------------------------------- * gpg: Changed the way keys are detected on a smartcards; this allows the use of non-OpenPGP cards. In the case of a not very likely regression the new option --use-only-openpgp-card is available. [#4681] * gpg: The commands --full-gen-key and --quick-gen-key now allow direct key generation from supported cards. [#4681] * gpg: Prepare against chosen-prefix SHA-1 collisions in key signatures. This change removes all SHA-1 based key signature newer than 2019-01-19 from the web-of-trust. Note that this includes all key signature created with dsa1024 keys. The new option --allow-weak-key-signatues can be used to override the new and safer behaviour. [#4755,CVE-2019-14855] * gpg: Improve performance for import of large keyblocks. [#4592] * gpg: Implement a keybox compression run. [#4644] * gpg: Show warnings from dirmngr about redirect and certificate problems (details require --verbose as usual). * gpg: Allow to pass the empty string for the passphrase if the '--passphase=' syntax is used. [#4633] * gpg: Fix printing of the KDF object attributes. * gpg: Avoid surprises with --locate-external-key and certain --auto-key-locate settings. [#4662] * gpg: Improve selection of best matching key. [#4713] * gpg: Delete key binding signature when deleting a subkey. [#4665,#4457] * gpg: Fix a potential loss of key signatures during import with self-sigs-only active. [#4628] * gpg: Silence "marked as ultimately trusted" diagnostics if option --quiet is used. [#4634] * gpg: Silence some diagnostics during in key listsing even with option --verbose. [#4627] * gpg, gpgsm: Change parsing of agent's pkdecrypt results. [#4652] * gpgsm: Support AES-256 keys. * gpgsm: Fix a bug in triggering a keybox compression run if --faked-system-time is used. * dirmngr: System CA certificates are no longer used for the SKS pool if GNUTLS instead of NTBTLS is used as TLS library. [#4594] * dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces to avoid long timeouts. [#4165] * scd: Fix BWI value for APDU level transfers to make Gemalto Ezio Shield and Trustica Cryptoucan work. [#4654,#4566] * wkd: gpg-wks-client --install-key now installs the required policy file. Release-info: https://dev.gnupg.org/T4684 See-also: gnupg-announce/2019q4/000442.html Noteworthy changes in version 2.2.17 (2019-07-09) ------------------------------------------------- * gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607] * gpg: If an imported keyblocks is too large to be stored in the keybox (pubring.kbx) do not error out but fallback to an import using the options "self-sigs-only,import-clean". [#4591] * gpg: New command --locate-external-key which can be used to refresh keys from the Web Key Directory or via other methods configured with --auto-key-locate. * gpg: New import option "self-sigs-only". * gpg: In --auto-key-retrieve prefer WKD over keyservers. [#4595] * dirmngr: Support the "openpgpkey" subdomain feature from draft-koch-openpgp-webkey-service-07. [#4590]. * dirmngr: Add an exception for the "openpgpkey" subdomain to the CSRF protection. [#4603] * dirmngr: Fix endless loop due to http errors 503 and 504. [#4600] * dirmngr: Fix TLS bug during redirection of HKP requests. [#4566] * gpgconf: Fix a race condition when killing components. [#4577] Release-info: https://dev.gnupg.org/T4606 See-also: gnupg-announce/2019q3/000439.html Noteworthy changes in version 2.2.16 (2019-05-28) ------------------------------------------------- * gpg,gpgsm: Fix deadlock on Windows due to a keybox sharing violation. [#4505] * gpg: Allow deletion of subkeys with --delete-key. This finally makes the bang-suffix work as expected for that command. [#4457] * gpg: Replace SHA-1 by SHA-256 in self-signatures when updating them with --quick-set-expire or --quick-set-primary-uid. [#4508] * gpg: Improve the photo image viewer selection. [#4334] * gpg: Fix decryption with --use-embedded-filename. [#4500] * gpg: Remove hints on using the --keyserver option. [#4512] * gpg: Fix export of certain secret keys with comments. [#4490] * gpg: Reject too long user-ids in --quick-gen-key. [#4532] * gpg: Fix a double free in the best key selection code. [#4462] * gpg: Fix the key generation dialog for switching back from EdDSA to ECDSA. * gpg: Use AES-192 with SHA-384 to comply with RFC-6637. * gpg: Use only the addrspec from the Signer's UID subpacket to mitigate a problem with another implementation. * gpg: Skip invalid packets during a keyring listing and sync diagnostics with the output. * gpgsm: Avoid confusing diagnostic when signing with the default key. [#4535] * agent: Do not delete any secret key in --dry-run mode. * agent: Fix failures on 64 bit big-endian boxes related to URIs in a keyfile. [#4501] * agent: Stop scdaemon after a reload with disable-scdaemon newly configured. [#4326] * dirmngr: Improve caching algorithm for WKD domains. * dirmngr: Support other hash algorithms than SHA-1 for OCSP. [#3966] * gpgconf: Make --homedir work for --launch. [#4496] * gpgconf: Before --launch check for a valid config file. [#4497] * wkd: Do not import more than 5 keys from one WKD address. * wkd: Accept keys which are stored in armored format in the directory. * The installer for Windows now comes with signed binaries. Release-info: https://dev.gnupg.org/T4509 See-also: gnupg-announce/2019q2/000438.html Noteworthy changes in version 2.2.15 (2019-03-26) ------------------------------------------------- * sm: Fix --logger-fd and --status-fd on Windows for non-standard file descriptors. * sm: Allow decryption even if expired keys are configured. [#4431] * agent: Change command KEYINFO to print ssh fingerprints with other hash algos. * dirmngr: Fix build problems on Solaris due to the use of reserved symbol names. [#4420] * wkd: New commands --print-wkd-hash and --print-wkd-url for gpg-wks-client. Release-info: https://dev.gnupg.org/T4434 See-also: gnupg-announce/2019q1/000436.html Noteworthy changes in version 2.2.14 (2019-03-19) ------------------------------------------------- * gpg: Allow import of PGP desktop exported secret keys. Also avoid importing secret keys if the secret keyblock is not valid. [#4392] * gpg: Do not error out on version 5 keys in the local keyring. * gpg: Make invalid primary key algo obvious in key listings. * sm: Do not mark a certificate in a key listing as de-vs compliant if its use for a signature will not be possible. * sm: Fix certificate creation with key on card. * sm: Create rsa3072 bit certificates by default. * sm: Print Yubikey attestation extensions with --dump-cert. * agent: Fix cancellation handling for scdaemon. * agent: Support --mode=ssh option for CLEAR_PASSPHRASE. [#4340] * scd: Fix flushing of the CA-FPR DOs in app-openpgp. * scd: Avoid a conflict error with the "undefined" app. * dirmngr: Add CSRF protection exception for protonmail. * dirmngr: Fix build problems with gcc 9 in libdns. * gpgconf: New option --show-socket for use with --launch. * gpgtar: Make option -C work for archive creation. Release-info: https://dev.gnupg.org/T4412 See-also: gnupg-announce/2019q1/000435.html Noteworthy changes in version 2.2.13 (2019-02-12) ------------------------------------------------- * gpg: Implement key lookup via keygrip (using the & prefix). * gpg: Allow generating Ed25519 key from existing key. * gpg: Emit an ERROR status line if no key was found with -k. * gpg: Stop early when trying to create a primary Elgamal key. [#4329] * gpgsm: Print the card's key algorithms along with their keygrips in interactive key generation. * agent: Clear bogus pinentry cache in the error case. [#4348] * scd: Support "acknowledge button" feature. * scd: Fix for USB INTERRUPT transfer. [#4308] * wks: Do no use compression for the the encrypted challenge and response. Release-info: https://dev.gnupg.org/T4290 See-also: gnupg-announce/2019q1/000434.html Noteworthy changes in version 2.2.12 (2018-12-14) ------------------------------------------------- * tools: New commands --install-key and --remove-key for gpg-wks-client. This allows to prepare a Web Key Directory on a local file system for later upload to a web server. * gpg: New --list-option "show-only-fpr-mbox". This makes the use of the new gpg-wks-client --install-key command easier on Windows. * gpg: Improve processing speed when --skip-verify is used. * gpg: Fix a bug where a LF was accidentally written to the console. * gpg: --card-status now shows whether a card has the new KDF feature enabled. * agent: New runtime option --s2k-calibration=MSEC. New configure option --with-agent-s2k-calibration=MSEC. [#3399] * dirmngr: Try another keyserver from the pool on receiving a 502, 503, or 504 error. [#4175] * dirmngr: Avoid possible CSRF attacks via http redirects. A HTTP query will not anymore follow a 3xx redirect unless the Location header gives the same host. If the host is different only the host and port is taken from the Location header and the original path and query parts are kept. * dirmngr: New command FLUSHCRL to flush all CRLS from disk and memory. [#3967] * New simplified Chinese translation (zh_CN). Release-info: https://dev.gnupg.org/T4289 See-also: gnupg-announce/2018q4/000433.html Noteworthy changes in version 2.2.11 (2018-11-06) ------------------------------------------------- * gpgsm: Fix CRL loading when intermediate certicates are not yet trusted. * gpgsm: Fix an error message about the digest algo. [#4219] * gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9. [#4014] * gpg: Print the "data source" even for an unsuccessful keyserver query. * gpg: Do not store the TOFU trust model in the trustdb. This allows to enable or disable a TOFO model without triggering a trustdb rebuild. [#4134] * scd: Fix cases of "Bad PIN" after using "forcesig". [#4177] * agent: Fix possible hang in the ssh handler. [#4221] * dirmngr: Tack the unmodified mail address to a WKD request. See commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details. * dirmngr: Tweak diagnostic about missing LDAP server file. * dirmngr: In verbose mode print the OCSP responder id. * dirmngr: Fix parsing of the LDAP port. [#4230] * wks: Add option --directory/-C to the server. Always build the server on Unix systems. * wks: Add option --with-colons to the client. Support sites which use the policy file instead of the submission-address file. * Fix EBADF when gpg et al. are called by broken CGI scripts. * Fix some minor memory leaks and bugs. Release-info: https://dev.gnupg.org/T4233 See-also: gnupg-announce/2018q4/000432.html Noteworthy changes in version 2.2.10 (2018-08-30) ------------------------------------------------- * gpg: Refresh expired keys originating from the WKD. [#2917] * gpg: Use a 256 KiB limit for a WKD imported key. * gpg: New option --known-notation. [#4060] * scd: Add support for the Trustica Cryptoucan reader. * agent: Speed up starting during on-demand launching. [#3490] * dirmngr: Validate SRV records in WKD queries. Release-info: https://dev.gnupg.org/T4112 See-also: gnupg-announce/2018q3/000428.html Noteworthy changes in version 2.2.9 (2018-07-12) ------------------------------------------------ * dirmngr: Fix recursive resolver mode and other bugs in the libdns code. [#3374,#3803,#3610] * dirmngr: When using libgpg-error 1.32 or later a GnuPG build with NTBTLS support (e.g. the standard Windows installer) does not anymore block for dozens of seconds before returning data. * gpg: Fix bug in --show-keys which actually imported revocation certificates. [#4017] * gpg: Ignore too long user-ID and comment packets. [#4022] * gpg: Fix crash due to bad German translation. Improved printf format compile time check. * gpg: Handle missing ISSUER sub packet gracefully in the presence of the new ISSUER_FPR. [#4046] * gpg: Allow decryption using several passphrases in most cases. [#3795,#4050] * gpg: Command --show-keys now enables the list options show-unusable-uids, show-unusable-subkeys, show-notations and show-policy-urls by default. * gpg: Command --show-keys now prints revocation certificates. [#4018] * gpg: Add revocation reason to the "rev" and "rvs" records of the option --with-colons. [#1173] * gpg: Export option export-clean does now remove certain expired subkeys; export-minimal removes all expired subkeys. [#3622] * gpg: New "usage" property for the drop-subkey filters. [#4019] Release-info: https://dev.gnupg.org/T4036 See-also: gnupg-announce/2018q3/000427.html Noteworthy changes in version 2.2.8 (2018-06-08) ------------------------------------------------ * gpg: Decryption of messages not using the MDC mode will now lead to a hard failure even if a legacy cipher algorithm was used. The option --ignore-mdc-error can be used to turn this failure into a warning. Take care: Never use that option unconditionally or without a prior warning. * gpg: The MDC encryption mode is now always used regardless of the cipher algorithm or any preferences. For testing --rfc2440 can be used to create a message without an MDC. * gpg: Sanitize the diagnostic output of the original file name in verbose mode. [#4012,CVE-2018-12020] * gpg: Detect suspicious multiple plaintext packets in a more reliable way. [#4000] * gpg: Fix the duplicate key signature detection code. [#3994] * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc, --disable-mdc and --no-disable-mdc have no more effect. * gpg: New command --show-keys. * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the list of startup environment variables. [#3947] See-also: gnupg-announce/2018q2/000425.html Noteworthy changes in version 2.2.7 (2018-05-02) ------------------------------------------------ * gpg: New option --no-symkey-cache to disable the passphrase cache for symmetrical en- and decryption. * gpg: The ERRSIG status now prints the fingerprint if that is part of the signature. * gpg: Relax emitting of FAILURE status lines * gpg: Add a status flag to "sig" lines printed with --list-sigs. * gpg: Fix "Too many open files" when using --multifile. [#3951] * ssh: Return an error for unknown ssh-agent flags. [#3880] * dirmngr: Fix a regression since 2.1.16 which caused corrupted CRL caches under Windows. [#2448,#3923] * dirmngr: Fix a CNAME problem with pools and TLS. Also use a fixed mapping of keys.gnupg.net to sks-keyservers.net. [#3755] * dirmngr: Try resurrecting dead hosts earlier (from 3 to 1.5 hours). * dirmngr: Fallback to CRL if no default OCSP responder is configured. * dirmngr: Implement CRL fetching via https. Here a redirection to http is explictly allowed. * dirmngr: Make LDAP searching and CRL fetching work under Windows. This stopped working with 2.1. [#3937] * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease debugging. See-also: gnupg-announce/2018q2/000424.html Noteworthy changes in version 2.2.6 (2018-04-09) ------------------------------------------------ * gpg,gpgsm: New option --request-origin to pretend requests coming from a browser or a remote site. * gpg: Fix race condition on trustdb.gpg updates due to too early released lock. [#3839] * gpg: Emit FAILURE status lines in almost all cases. [#3872] * gpg: Implement --dry-run for --passwd to make checking a key's passphrase straightforward. * gpg: Make sure to only accept a certification capable key for key signatures. [#3844] * gpg: Better user interaction in --card-edit for the factory-reset sub-command. * gpg: Improve changing key attributes in --card-edit by adding an explicit "key-attr" sub-command. [#3781] * gpg: Print the keygrips in the --card-status. * gpg: Improve the OpenPGP card's factory-reset. [7f765a98fd] * scd: Support KDF DO setup. [#3823] * scd: Fix some issues with PC/SC on Windows. [#3825] * scd: Fix suspend/resume handling in the CCID driver. * scd: Fix a race condition in the CCID driver leading to a segv for some readers. [#5121] * agent: Evict cached passphrases also via a timer. [#3829] * agent: Use separate passphrase caches depending on the request origin. [#3858] * ssh: Support signature flags. [#3880] * dirmngr: Handle failures related to missing IPv6 support gracefully. [#3331] * Fix corner cases related to specified home directory with drive letter on Windows. [#3720] * Allow the use of UNC directory names as homedir. [#3818] See-also: gnupg-announce/2018q2/000421.html Noteworthy changes in version 2.2.5 (2018-02-22) ------------------------------------------------ * gpg: Allow the use of the "cv25519" and "ed25519" short names in addition to the canonical curve names in --batch --gen-key. * gpg: Make sure to print all secret keys with option --list-only and --decrypt. [#3718] * gpg: Fix the use of future-default with --quick-add-key for signing keys. [#3747] * gpg: Select a secret key by checking availability under gpg-agent. [#1967] * gpg: Fix reversed prompt texts for --only-sign-text-ids. [#3787] * gpg,gpgsm: Fix detection of bogus keybox blobs on 32 bit systems. [#3770] * gpgsm: Fix regression since 2.1 in --export-secret-key-raw which got $d mod (q-1)$ wrong. Note that most tools automatically fixup that parameter anyway. * ssh: Fix a regression in getting the client'd PID on *BSD and macOS. * scd: Support the KDF Data Object of the OpenPGP card 3.3. [#3152] * scd: Fix a regression in the internal CCID driver for certain card readers. [#3508] * scd: Fix a problem on NetBSD killing scdaemon on gpg-agent shutdown. [#3778] * dirmngr: Improve returned error description on failure of DNS resolving. [#3756] * wks: Implement command --install-key for gpg-wks-server. * Add option STATIC=1 to the Speedo build system to allow a build with statically linked versions of the core GnuPG libraries. Also use --enable-wks-tools by default by Speedo builds for Unix. See-also: gnupg-announce/2018q1/000420.html Noteworthy changes in version 2.2.4 (2017-12-20) ------------------------------------------------ * gpg: Change default preferences to prefer SHA512. * gpg: Print a warning when more than 150 MiB are encrypted using a cipher with 64 bit block size. * gpg: Print a warning if the MDC feature has not been used for a message. * gpg: Fix regular expression of domain addresses in trust signatures. [#2923] * agent: New option --auto-expand-secmem to help with high numbers of concurrent connections. Requires libgcrypt 1.8.2 for having an effect. [#3530] * dirmngr: Cache responses of WKD queries. * gpgconf: Add option --status-fd. * wks: Add commands --check and --remove-key to gpg-wks-server. * Increase the backlog parameter of the daemons to 64 and add option --listen-backlog. * New configure option --enable-run-gnupg-user-socket to first try a socket directory which is not removed by systemd at session end. See-also: gnupg-announce/2017q4/000419.html Noteworthy changes in version 2.2.3 (2017-11-20) ------------------------------------------------ * gpgsm: Fix initial keybox creation on Windows. [#3507] * dirmngr: Fix crash in case of a CRL loading error. [#3510] * Fix the name of the Windows registry key. [Git#4f5afaf1fd] * gpgtar: Fix wrong behaviour of --set-filename. [#3500] * gpg: Silence AKL retrieval messages. [#3504] * agent: Use clock or clock_gettime for calibration. [#3056] * agent: Improve robustness of the shutdown pending state. [Git#7ffedfab89] See-also: gnupg-announce/2017q4/000417.html Noteworthy changes in version 2.2.2 (2017-11-07) ------------------------------------------------ * gpg: Avoid duplicate key imports by concurrently running gpg processes. [#3446] * gpg: Fix creating on-disk subkey with on-card primary key. [#3280] * gpg: Fix validity retrieval for multiple keyrings. [Debian#878812] * gpg: Fix --dry-run and import option show-only for secret keys. * gpg: Print "sec" or "sbb" for secret keys with import option import-show. [#3431] * gpg: Make import less verbose. [#3397] * gpg: Add alias "Key-Grip" for parameter "Keygrip" and new parameter "Subkey-Grip" to unattended key generation. [#3478] * gpg: Improve "factory-reset" command for OpenPGP cards. [#3286] * gpg: Ease switching Gnuk tokens into ECC mode by using the magic keysize value 25519. * gpgsm: Fix --with-colon listing in crt records for fields > 12. * gpgsm: Do not expect X.509 keyids to be unique. [#1644] * agent: Fix stucked Pinentry when using --max-passphrase-days. [#3190] * agent: New option --s2k-count. [#3276 (workaround)] * dirmngr: Do not follow https-to-http redirects. [#3436] * dirmngr: Reduce default LDAP timeout from 100 to 15 seconds. [#3487] * gpgconf: Ignore non-installed components for commands --apply-profile and --apply-defaults. [#3313] * Add configure option --enable-werror. [#2423] See-also: gnupg-announce/2017q4/000416.html Noteworthy changes in version 2.2.1 (2017-09-19) ------------------------------------------------ * gpg: Fix formatting of the user id in batch mode key generation if only "name-email" is given. * gpgv: Fix annoying "not suitable for" warnings. * wks: Convey only the newest user id to the provider. This is the case if different names are used with the same addr-spec. * wks: Create a complying user id for provider policy mailbox-only. * wks: Add workaround for posteo.de. * scd: Fix the use of large ECC keys with an OpenPGP card. * dirmngr: Use system provided root certificates if no specific HKP certificates are configured. If build with GNUTLS, this was already the case. See-also: gnupg-announce/2017q3/000415.html Noteworthy changes in version 2.2.0 (2017-08-28) ------------------------------------------------ This is the new long term stable branch. This branch will only see bug fixes and no new features. * gpg: Reverted change in 2.1.23 so that --no-auto-key-retrieve is again the default. * Fixed a few minor bugs. See-also: gnupg-announce/2017q3/000413.html Noteworthy changes in version 2.1.23 (2017-08-09) ------------------------------------------------- * gpg: "gpg" is now installed as "gpg" and not anymore as "gpg2". If needed, the new configure option --enable-gpg-is-gpg2 can be used to revert this. * gpg: Options --auto-key-retrieve and --auto-key-locate "local,wkd" are now used by default. Note: this enables keyserver and Web Key Directory operators to notice when a signature from a locally non-available key is being verified for the first time or when you intend to encrypt to a mail address without having the key locally. This new behaviour will eventually make key discovery much easier and mostly automatic. Disable this by adding no-auto-key-retrieve auto-key-locate local to your gpg.conf. * agent: Option --no-grab is now the default. The new option --grab allows to revert this. * gpg: New import option "show-only". * gpg: New option --disable-dirmngr to entirely disable network access for gpg. * gpg,gpgsm: Tweaked DE-VS compliance behaviour. * New configure flag --enable-all-tests to run more extensive tests during "make check". * gpgsm: The keygrip is now always printed in colon mode as documented in the man page. * Fixed connection timeout problem under Windows. See-also: gnupg-announce/2017q3/000412.html Noteworthy changes in version 2.1.22 (2017-07-28) ------------------------------------------------- * gpg: Extend command --quick-set-expire to allow for setting the expiration time of subkeys. * gpg: By default try to repair keys during import. New sub-option no-repair-keys for --import-options. * gpg,gpgsm: Improved checking and reporting of DE-VS compliance. * gpg: New options --key-origin and --with-key-origin. Store the time of the last key update from keyservers, WKD, or DANE. * agent: New option --ssh-fingerprint-digest. * dimngr: Lower timeouts on keyserver connection attempts and made it configurable. * dirmngr: Tor will now automatically be detected and used. The option --no-use-tor disables Tor detection. * dirmngr: Now detects a changed /etc/resolv.conf. * agent,dirmngr: Initiate shutdown on removal of the GnuPG home directory. * gpg: Avoid caching passphrase for failed symmetric encryption. * agent: Support for unprotected ssh keys. * dirmngr: Fixed name resolving on systems using only v6 nameservers. * dirmngr: Allow the use of TLS over http proxies. * w32: Change directory of the daemons after startup. * wks: New man pages for client and server. * Many other bug fixes. See-also: gnupg-announce/2017q3/000411.html Noteworthy changes in version 2.1.21 (2017-05-15) ------------------------------------------------- * gpg,gpgsm: Fix corruption of old style keyring.gpg files. This bug was introduced with version 2.1.20. Note that the default pubring.kbx format was not affected. * gpg,dirmngr: Removed the skeleton config file support. The system's standard methods for providing default configuration files should be used instead. * w32: The Windows installer now allows installation of GnuPG without Administrator permissions. * gpg: Fixed import filter property match bug. * scd: Removed Linux support for Cardman 4040 PCMCIA reader. * scd: Fixed some corner case bugs in resume/suspend handling. * Many minor bug fixes and code cleanup. See-also: gnupg-announce/2017q2/000405.html Noteworthy changes in version 2.1.20 (2017-04-03) ------------------------------------------------- * gpg: New properties 'expired', 'revoked', and 'disabled' for the import and export filters. * gpg: New command --quick-set-primary-uid. * gpg: New compliance field for the --with-colon key listing. * gpg: Changed the key parser to generalize the processing of local meta data packets. * gpg: Fixed assertion failure in the TOFU trust model. * gpg: Fixed exporting of zero length user ID packets. * scd: Improved support for multiple readers. * scd: Fixed timeout handling for key generation. * agent: New option --enable-extended-key-format. * dirmngr: Do not add a keyserver to a new dirmngr.conf. Dirmngr uses a default keyserver. * dimngr: Do not treat TLS warning alerts as severe error when building with GNUTLS. * dirmngr: Actually take /etc/hosts in account. * wks: Fixed client problems on Windows. Published keys are now set to world-readable. * tests: Fixed creation of temporary directories. * A socket directory for a non standard GNUGHOME is now created on the fly under /run/user. Thus "gpgconf --create-socketdir" is now optional. The use of "gpgconf --remove-socketdir" to clean up obsolete socket directories is however recommended to avoid cluttering /run/user with useless directories. * Fixed build problems on some platforms. See-also: gnupg-announce/2017q2/000404.html Noteworthy changes in version 2.1.19 (2017-03-01) ------------------------------------------------- * gpg: Print a warning if Tor mode is requested but the Tor daemon is not running. * gpg: New status code DECRYPTION_KEY to print the actual private key used for decryption. * gpgv: New options --log-file and --debug. * gpg-agent: Revamp the prompts to ask for card PINs. * scd: Support for multiple card readers. * scd: Removed option --debug-disable-ticker. Ticker is used only when it is required to watch removal of device/card. * scd: Improved detection of card inserting and removal. * dirmngr: New option --disable-ipv4. * dirmngr: New option --no-use-tor to explicitly disable the use of Tor. * dirmngr: The option --allow-version-check is now required even if the option --use-tor is also used. * dirmngr: Handle a missing nsswitch.conf gracefully. * dirmngr: Avoid PTR lookups for keyserver pools. The are only done for the debug command "keyserver --hosttable". * dirmngr: Rework the internal certificate cache to support classes of certificates. Load system provided certificates on startup. Add options --tls, --no-crl, and --systrust to the "VALIDATE" command. * dirmngr: Add support for the ntbtls library. * wks: Create mails with a "WKS-Phase" header. Fix detection of Draft-2 mode. * The Windows installer is now build with limited TLS support. * Many other bug fixes and new regression tests. See-also: gnupg-announce/2017q1/000402.html Noteworthy changes in version 2.1.18 (2017-01-23) ------------------------------------------------- * gpg: Remove bogus subkey signature while cleaning a key (with export-clean, import-clean, or --edit-key's sub-command clean) * gpg: Allow freezing the clock with --faked-system-time. * gpg: New --export-option flag "backup", new --import-option flag "restore". * gpg-agent: Fixed long delay due to a regression in the progress callback code. * scd: Lots of code cleanup and internal changes. * scd: Improved the internal CCID driver. * dirmngr: Fixed problem with the DNS glue code (removal of the trailing dot in domain names). * dirmngr: Make sure that Tor is actually enabled after changing the conf file and sending SIGHUP or "gpgconf --reload dirmngr". * dirmngr: Fixed Tor access to IPv6 addresses. Note that current versions of Tor may require that the flag "IPv6Traffic" is used with the option "SocksPort" in torrc to actually allow IPv6 traffic. * dirmngr: Fixed HKP for literally given IPv6 addresses. * dirmngr: Enabled reverse DNS lookups via Tor. * dirmngr: Added experimental SRV record lookup for WKD. See commit 88dc3af3d4ae1afe1d5e136bc4c38bc4e7d4cd10 for details. * dirmngr: For HKP use "pgpkey-hkps" and "pgpkey-hkp" in SRV record lookups. Avoid SRV record lookup when a port is explicitly specified. This fixes a regression from the 1.4 and 2.0 behavior. * dirmngr: Gracefully handle a missing /etc/nsswitch.conf. Ignore negation terms (e.g. "[!UNAVAIL=return]" instead of bailing out. * dirmngr: Better debug output for flags "dns" and "network". * dirmngr: On reload mark all known HKP servers alive. * gpgconf: Allow keyword "all" for --launch, --kill, and --reload. * tools: gpg-wks-client now ignores a missing policy file on the server. * Avoid unnecessary ambiguity error message in the option parsing. * Further improvements of the regression test suite. * Fixed building with --disable-libdns configure option. * Fixed a crash running the tests on 32 bit architectures. * Fixed spurious failures on BSD system in the spawn functions. This affected for example gpg-wks-client and gpgconf. See-also: gnupg-announce/2017q1/000401.html Noteworthy changes in version 2.1.17 (2016-12-20) ------------------------------------------------- * gpg: By default new keys expire after 2 years. * gpg: New command --quick-set-expire to conveniently change the expiration date of keys. * gpg: Option and command names have been changed for easier comprehension. The old names are still available as aliases. * gpg: Improved the TOFU trust model. * gpg: New option --default-new-key-algo. * scd: Support OpenPGP card V3 for RSA. * dirmngr: Support for the ADNS library has been removed. Instead William Ahern's Libdns is now source included and used on all platforms. This enables Tor support on all platforms. The new option --standard-resolver can be used to disable this code at runtime. In case of build problems the new configure option --disable-libdns can be used to build without Libdns. * dirmngr: Lazily launch ldap reaper thread. * tools: New options --check and --status-fd for gpg-wks-client. * The UTF-8 byte order mark is now skipped when reading conf files. * Fixed many bugs and regressions. * Major improvements to the test suite. For example it is possible to run the external test suite of GPGME. See-also: gnupg-announce/2016q4/000400.html Noteworthy changes in version 2.1.16 (2016-11-18) ------------------------------------------------- * gpg: New algorithm for selecting the best ranked public key when using a mail address with -r, -R, or --locate-key. * gpg: New option --with-tofu-info to print a new "tfs" record in colon formatted key listings. * gpg: New option --compliance as an alternative way to specify options like --rfc2440, --rfc4880, et al. * gpg: Many changes to the TOFU implementation. * gpg: Improve usability of --quick-gen-key. * gpg: In --verbose mode print a diagnostic when a pinentry is launched. * gpg: Remove code which warns for old versions of gnome-keyring. * gpg: New option --override-session-key-fd. * gpg: Option --output does now work with --verify. * gpgv: New option --output to allow saving the verified data. * gpgv: New option --enable-special-filenames. * agent, dirmngr: New --supervised mode for use by systemd and alike. * agent: By default listen on all available sockets using standard names. * agent: Invoke scdaemon with --homedir. * dirmngr: On Linux now detects the removal of its own socket and terminates. * scd: Support ECC key generation. * scd: Support more card readers. * dirmngr: New option --allow-version-check to download a software version database in the background. * dirmngr: Use system provided CAs if no --hkp-cacert is given. * dirmngr: Use a default keyserver if none is explicitly set * gpgconf: New command --query-swdb to check software versions against an copy of an online database. * gpgconf: Print the socket directory with --list-dirs. * tools: The WKS tools now support draft version -02. * tools: Always build gpg-wks-client and install under libexec. * tools: New option --supported for gpg-wks-client. * The log-file option now accepts a value "socket://" to log to the socket named "S.log" in the standard socket directory. * Provide fake pinentries for use by tests cases of downstream developers. * Fixed many bugs and regressions. * Many changes and improvements for the test suite. See-also: gnupg-announce/2016q4/000398.html Noteworthy changes in version 2.1.15 (2016-08-18) ------------------------------------------------- * gpg: Remove the --tofu-db-format option and support for the split TOFU database. * gpg: Add option --sender to prepare for coming features. * gpg: Add option --input-size-hint to help progress indicators. * gpg: Extend the PROGRESS status line with the counted unit. * gpg: Avoid publishing the GnuPG version by default with --armor. * gpg: Properly ignore legacy keys in the keyring cache. * gpg: Always print fingerprint records in --with-colons mode. * gpg: Make sure that keygrips are printed for each subkey in --with-colons mode. * gpg: New import filter "drop-sig". * gpgsm: Fix a bug in the machine-readable key listing. * gpg,gpgsm: Block signals during keyring updates to limits the effects of a Ctrl-C at the wrong time. * g13: Add command --umount and other fixes for dm-crypt. * agent: Fix regression in SIGTERM handling. * agent: Cleanup of the ssh-agent code. * agent: Allow import of overly long keys. * scd: Fix problems with card removal. * dirmngr: Remove all code for running as a system service. * tools: Make gpg-wks-client conforming to the specs. * tests: Improve the output of the new regression test tool. * tests: Distribute the standalone test runner. * tests: Run each test in a clean environment. * Spelling and grammar fixes. See-also: gnupg-announce/2016q3/000396.html Noteworthy changes in version 2.1.14 (2016-07-14) ------------------------------------------------- * gpg: Removed options --print-dane-records and --print-pka-records. The new export options "export-pka" and "export-dane" can instead be used with the export command. * gpg: New options --import-filter and --export-filter. * gpg: New import options "import-show" and "import-export". * gpg: New option --no-keyring. * gpg: New command --quick-revuid. * gpg: New options -f/--recipient-file and -F/--hidden-recipient-file to directly specify encryption keys. * gpg: New option --mimemode to indicate that the content is a MIME part. Does only enable --textmode right now. * gpg: New option --rfc4880bis to allow experiments with proposed changes to the current OpenPGP specs. * gpg: Fix regression in the "fetch" sub-command of --card-edit. * gpg: Fix regression since 2.1 in option --try-all-secrets. * gpgv: Change default options for extra security. * gpgsm: No more root certificates are installed by default. * agent: "updatestartuptty" does now affect more environment variables. * scd: The option --homedir does now work with scdaemon. * scd: Support some more GEMPlus card readers. * gpgtar: Fix handling of '-' as file name. * gpgtar: New commands --create and --extract. * gpgconf: Tweak for --list-dirs to better support shell scripts. * tools: Add programs gpg-wks-client and gpg-wks-server to implement a Web Key Service. The configure option --enable-wks-tools is required to build them; they should be considered Beta software. * tests: Complete rework of the openpgp part of the test suite. The test scripts have been changed from Bourne shell scripts to Scheme programs. A customized scheme interpreter (gpgscm) is included. This change was triggered by the need to run the test suite on non-Unix platforms. * The rendering of the man pages has been improved. See-also: gnupg-announce/2016q3/000393.html Noteworthy changes in version 2.1.13 (2016-06-16) ------------------------------------------------- * gpg: New command --quick-addkey. Extend the --quick-gen-key command. * gpg: New --keyid-format "none" which is now also the default. * gpg: New option --with-subkey-fingerprint. * gpg: Include Signer's UID subpacket in signatures if the secret key has been specified using a mail address and the new option --disable-signer-uid is not used. * gpg: Allow unattended deletion of a secret key. * gpg: Allow export of non-passphrase protected secret keys. * gpg: New status lines KEY_CONSIDERED and NOTATION_FLAGS. * gpg: Change status line TOFU_STATS_LONG to use '~' as a non-breaking-space character. * gpg: Speedup key listings in Tofu mode. * gpg: Make sure that the current and total values of a PROGRESS status line are small enough. * gpgsm: Allow the use of AES192 and SERPENT ciphers. * dirmngr: Adjust WKD lookup to current specs. * dirmngr: Fallback to LDAP v3 if v2 is is not supported. * gpgconf: New commands --create-socketdir and --remove-socketdir, new option --homedir. * If a /run/user/$UID directory exists, that directory is now used for IPC sockets instead of the GNUPGHOME directory. This fixes problems with NFS and too long socket names and thus avoids the need for redirection files. * The Speedo build systems now uses the new versions.gnupg.org server to retrieve the default package versions. * Fix detection of libusb on FreeBSD. * Speedup fd closing after a fork. See-also: gnupg-announce/2016q2/000390.html Noteworthy changes in version 2.1.12 (2016-05-04) ------------------------------------------------- * gpg: New --edit-key sub-command "change-usage" for testing purposes. * gpg: Out of order key-signatures are now systematically detected and fixed by --edit-key. * gpg: Improved detection of non-armored messages. * gpg: Removed the extra prompt needed to create Curve25519 keys. * gpg: Improved user ID selection for --quick-sign-key. * gpg: Use the root CAs provided by the system with --fetch-key. * gpg: Add support for the experimental Web Key Directory key location service. * gpg: Improve formatting of Tofu messages and emit new Tofu specific status lines. * gpgsm: Add option --pinentry-mode to support a loopback pinentry. * gpgsm: A new pubring.kbx is now created with the header blob so that gpg can detect that the keybox format needs to be used. * agent: Add read support for the new private key protection format openpgp-s2k-ocb-aes. * agent: Add read support for the new extended private key format. * agent: Default to --allow-loopback-pinentry and add option --no-allow-loopback-pinentry. * scd: Changed to use the new libusb 1.0 API for the internal CCID driver. * dirmngr: The dirmngr-client does now auto-detect the PEM format. * g13: Add experimental support for dm-crypt. * w32: Tofu support is now available with the Speedo build method. * w32: Removed the need for libiconv.dll. * The man pages for gpg and gpgv are now installed under the correct name (gpg2 or gpg - depending on a configure option). * Lots of internal cleanups and bug fixes. See-also: gnupg-announce/2016q2/000387.html Noteworthy changes in version 2.1.11 (2016-01-26) ------------------------------------------------- * gpg: New command --export-ssh-key to replace the gpgkey2ssh tool. * gpg: Allow to generate mail address only keys with --gen-key. * gpg: "--list-options show-usage" is now the default. * gpg: Make lookup of DNS CERT records holding an URL work. * gpg: Emit PROGRESS status lines during key generation. * gpg: Don't check for ambigious or non-matching key specification in the config file or given to --encrypt-to. This feature will return in 2.3.x. * gpg: Lock keybox files while updating them. * gpg: Solve rare error on Windows during keyring and Keybox updates. * gpg: Fix possible keyring corruption. (bug#2193) * gpg: Fix regression of "bkuptocard" sub-command in --edit-key and remove "checkbkupkey" sub-command introduced with 2.1. (bug#2169) * gpg: Fix internal error in gpgv when using default keyid-format. * gpg: Fix --auto-key-retrieve to work with dirmngr.conf configured keyservers. (bug#2147). * agent: New option --pinentry-timeout. * scd: Improve unplugging of USB readers under Windows. * scd: Fix regression for generating RSA keys on card. * dirmmgr: All configured keyservers are now searched. * dirmngr: Install CA certificate for hkps.pool.sks-keyservers.net. Use this certiticate even if --hkp-cacert is not used. * gpgtar: Add actual encryption code. gpgtar does now fully replace gpg-zip. * gpgtar: Fix filename encoding problem on Windows. * Print a warning if a GnuPG component is using an older version of gpg-agent, dirmngr, or scdaemon. See-also: gnupg-announce/2016q1/000383.html Noteworthy changes in version 2.1.10 (2015-12-04) ------------------------------------------------- * gpg: New trust models "tofu" and "tofu+pgp". * gpg: New command --tofu-policy. New options --tofu-default-policy and --tofu-db-format. * gpg: New option --weak-digest to specify hash algorithms which should be considered weak. * gpg: Allow the use of multiple --default-key options; take the last available key. * gpg: New option --encrypt-to-default-key. * gpg: New option --unwrap to only strip the encryption layer. * gpg: New option --only-sign-text-ids to exclude photo IDs from key signing. * gpg: Check for ambigious or non-matching key specification in the config file or given to --encrypt-to. * gpg: Show the used card reader with --card-status. * gpg: Print export statistics and an EXPORTED status line. * gpg: Allow selecting subkeys by keyid in --edit-key. * gpg: Allow updating the expiration time of multiple subkeys at once. * dirmngr: New option --use-tor. For full support this requires libassuan version 2.4.2 and a patched version of libadns (e.g. adns-1.4-g10-7 as used by the standard Windows installer). * dirmngr: New option --nameserver to specify the nameserver used in Tor mode. * dirmngr: Keyservers may again be specified by IP address. * dirmngr: Fixed problems in resolving keyserver pools. * dirmngr: Fixed handling of premature termination of TLS streams so that large numbers of keys can be refreshed via hkps. * gpg: Fixed a regression in --locate-key [since 2.1.9]. * gpg: Fixed another bug for keyrings with legacy keys. * gpgsm: Allow combinations of usage flags in --gen-key. * Make tilde expansion work with most options. * Many other cleanups and bug fixes. See-also: gnupg-announce/2015q4/000381.html Noteworthy changes in version 2.1.9 (2015-10-09) ------------------------------------------------ * gpg: Allow fetching keys via OpenPGP DANE (--auto-key-locate). New option --print-dane-records. [Update: --print-dane-records replaced in 2.1.4.] * gpg: Fix for a problem with PGP-2 keys in a keyring. * gpg: Fail with an error instead of a warning if a modern cipher algorithm is used without a MDC. * agent: New option --pinentry-invisible-char. * agent: Always do a RSA signature verification after creation. * agent: Fix a regression in ssh-add-ing Ed25519 keys. * agent: Fix ssh fingerprint computation for nistp384 and EdDSA. * agent: Fix crash during passphrase entry on some platforms. * scd: Change timeout to fix problems with some 2.1 cards. * dirmngr: Displayed name is now Key Acquirer. * dirmngr: Add option --keyserver. Deprecate that option for gpg. Install a dirmngr.conf file from a skeleton for new installations. See-also: gnupg-announce/2015q4/000380.html Noteworthy changes in version 2.1.8 (2015-09-10) ------------------------------------------------ * gpg: Sending very large keys to the keyservers works again. * gpg: Validity strings in key listings are now again translatable. * gpg: Emit FAILURE status lines to help GPGME. * gpg: Does not anymore link to Libksba to reduce dependencies. * gpgsm: Export of secret keys via Assuan is now possible. * agent: Raise the maximum passphrase length from 100 to 255 bytes. * agent: Fix regression using EdDSA keys with ssh. * Does not anymore use a build timestamp by default. * The fallback encoding for broken locale settings changed from Latin-1 to UTF-8. * Many code cleanups and improved internal documentation. * Various minor bug fixes. See-also: gnupg-announce/2015q3/000379.html Noteworthy changes in version 2.1.7 (2015-08-11) ------------------------------------------------ * gpg: Support encryption with Curve25519 if Libgcrypt 1.7 is used. * gpg: In the --edit-key menu: Removed the need for "toggle", changed how secret keys are indicated, new commands "fpr *" and "grip". * gpg: More fixes related to legacy keys in a keyring. * gpgv: Does now also work with a "trustedkeys.kbx" file. * scd: Support some feature from the OpenPGP card 3.0 specs. * scd: Improved ECC support * agent: New option --force for the DELETE_KEY command. * w32: Look for the Pinentry at more places. * Dropped deprecated gpgsm-gencert.sh * Various other bug fixes. See-also: gnupg-announce/2015q3/000371.html Noteworthy changes in version 2.1.6 (2015-07-01) ------------------------------------------------ * agent: New option --verify for the PASSWD command. * gpgsm: Add command option "offline" as an alternative to --disable-dirmngr. * gpg: Do not prompt multiple times for a password in pinentry loopback mode. * Allow the use of debug category names with --debug. * Using gpg-agent and gpg/gpgsm with different locales will now show the correct translations in Pinentry. * gpg: Improve speed of --list-sigs and --check-sigs. * gpg: Make --list-options show-sig-subpackets work again. * gpg: Fix an export problem for old keyrings with PGP-2 keys. * scd: Support PIN-pads on more readers. * dirmngr: Properly cleanup zombie LDAP helper processes and avoid hangs on dirmngr shutdown. * Various other bug fixes. See-also: gnupg-announce/2015q3/000370.html Noteworthy changes in version 2.1.5 (2015-06-11) ------------------------------------------------ * Support for an external passphrase cache. * Support for the forthcoming version 3 OpenPGP smartcard. * Manuals now show the actual used file names. * Prepared for improved integration with Emacs. * Code cleanups and minor bug fixes. See-also: gnupg-announce/2015q2/000369.html Noteworthy changes in version 2.1.4 (2015-05-12) ------------------------------------------------ * gpg: Add command --quick-adduid to non-interactively add a new user id to an existing key. * gpg: Do no enable honor-keyserver-url by default. Make it work if enabled. * gpg: Display the serial number in the --card-status output again. * agent: Support for external password managers. Add option --no-allow-external-cache. * scdaemon: Improved handling of extended APDUs. * Make HTTP proxies work again. * All network access including DNS as been moved to Dirmngr. * Allow building without LDAP support. * Fixed lots of smaller bugs. See-also: gnupg-announce/2015q2/000366.html Noteworthy changes in version 2.1.3 (2015-04-11) ------------------------------------------------ * gpg: LDAP keyservers are now supported by 2.1. * gpg: New option --with-icao-spelling. * gpg: New option --print-pka-records. Changed the PKA method to use CERT records and hashed names. [Update: --print-pka-records replaced in 2.1.14.] * gpg: New command --list-gcrypt-config. New parameter "curve" for --list-config. * gpg: Print a NEWSIG status line like gpgsm always did. * gpg: Print MPI values with --list-packets and --verbose. * gpg: Write correct MPI lengths with ECC keys. * gpg: Skip legacy PGP-2 keys while searching. * gpg: Improved searching for mail addresses when using a keybox. * gpgsm: Changed default algos to AES-128 and SHA-256. * gpgtar: Fixed extracting files with sizes of a multiple of 512. * dirmngr: Fixed SNI handling for hkps pools. * dirmngr: extra-certs and trusted-certs are now always loaded from the sysconfig dir instead of the homedir. * Fixed possible problems due to compiler optimization, two minor regressions, and other bugs. See-also: gnupg-announce/2015q2/000365.html Noteworthy changes in version 2.1.2 (2015-02-11) ------------------------------------------------ * gpg: The parameter 'Passphrase' for batch key generation works again. * gpg: Using a passphrase option in batch mode now has the expected effect on --quick-gen-key. * gpg: Improved reporting of unsupported PGP-2 keys. * gpg: Added support for algo names when generating keys using --command-fd. * gpg: Fixed DoS based on bogus and overlong key packets. * agent: When setting --default-cache-ttl the value for --max-cache-ttl is adjusted to be not lower than the former. * agent: Fixed problems with the new --extra-socket. * agent: Made --allow-loopback-pinentry changeable with gpgconf. * agent: Fixed importing of unprotected openpgp keys. * agent: Now tries to use a fallback pinentry if the standard pinentry is not installed. * scd: Added support for ECDH. * Fixed several bugs related to bogus keyrings and improved some other code. See-also: gnupg-announce/2015q1/000361.html Noteworthy changes in version 2.1.1 (2014-12-16) ------------------------------------------------ * gpg: Detect faulty use of --verify on detached signatures. * gpg: New import option "keep-ownertrust". * gpg: New sub-command "factory-reset" for --card-edit. * gpg: A stub key for smartcards is now created by --card-status. * gpg: Fixed regression in --refresh-keys. * gpg: Fixed regresion in %g and %p codes for --sig-notation. * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. * gpg: Improved perceived speed of secret key listisngs. * gpg: Print number of skipped PGP-2 keys on import. * gpg: Removed the option aliases --throw-keyid and --notation-data; use --throw-keyids and --set-notation instead. * gpg: New import option "keep-ownertrust". * gpg: Skip too large keys during import. * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or dirmngr. * gpg-agent: New option --extra-socket to provide a restricted command set for use with remote clients. * gpgconf --kill does not anymore start a service only to kill it. * gpg-pconnect-agent: Add convenience option --uiserver. * Fixed keyserver access for Windows. * Fixed build problems on Mac OS X * The Windows installer does now install development files * More translations (but most of them are not complete). * To support remotely mounted home directories, the IPC sockets may now be redirected. This feature requires Libassuan 2.2.0. * Improved portability and the usual bunch of bug fixes. See-also: gnupg-announce/2014q4/000360.html Noteworthy changes in version 2.1.0 (2014-11-06) ------------------------------------------------ This release introduces a lot of changes. Most of them are internal and thus not user visible. However, some long standing behavior has slightly changed and it is strongly suggested that an existing "~/.gnupg" directory is backed up before this version is used. A verbose description of the major new features and changes can be found in the file doc/whats-new-in-2.1.txt. * gpg: All support for v3 (PGP 2) keys has been dropped. All signatures are now created as v4 signatures. v3 keys will be removed from the keyring. * gpg: With pinentry-0.9.0 the passphrase "enter again" prompt shows up in the same window as the "new passphrase" prompt. * gpg: Allow importing keys with duplicated long key ids. * dirmngr: May now be build without support for LDAP. * For a complete list of changes see the lists of changes for the 2.1.0 beta versions below. Note that all relevant fixes from versions 2.0.14 to 2.0.26 are also applied to this version. [Noteworthy changes in version 2.1.0-beta864 (2014-10-03)] * gpg: Removed the GPG_AGENT_INFO related code. GnuPG does now always use a fixed socket name in its home directory. * gpg: Renamed --gen-key to --full-gen-key and re-added a --gen-key command with less choices. * gpg: Use SHA-256 for all signature types also on RSA keys. * gpg: Default keyring is now created with a .kbx suffix. * gpg: Add a shortcut to the key capabilies menu (e.g. "=e" sets the encryption capabilities). * gpg: Fixed obsolete options parsing. * Further improvements for the alternative speedo build system. [Noteworthy changes in version 2.1.0-beta834 (2014-09-18)] * gpg: Improved passphrase caching. * gpg: Switched to algorithm number 22 for EdDSA. * gpg: Removed CAST5 from the default preferences. * gpg: Order SHA-1 last in the hash preferences. * gpg: Changed default cipher for --symmetric to AES-128. * gpg: Fixed export of ECC keys and import of EdDSA keys. * dirmngr: Fixed the KS_FETCH command. * The speedo build system now downloads related packages and works for non-Windows platforms. [Noteworthy changes in version 2.1.0-beta783 (2014-08-14)] * gpg: Add command --quick-gen-key. * gpg: Make --quick-sign-key promote local key signatures. * gpg: Added "show-usage" sub-option to --list-options. * gpg: Screen keyserver responses to avoid importing unwanted keys from rogue servers. * gpg: Removed the option --pgp2 and --rfc1991 and the ability to create PGP-2 compatible messages. * gpg: Removed options --compress-keys and --compress-sigs. * gpg: Cap attribute packets at 16MB. * gpg: Improved output of --list-packets. * gpg: Make with-colons output of --search-keys work again. * gpgsm: Auto-create the ".gnupg" directory like gpg does. * agent: Fold new passphrase warning prompts into one. * scdaemon: Add support for the Smartcard-HSM card. * scdaemon: Remove the use of the pcsc-wrapper. [Noteworthy changes in version 2.1.0-beta751 (2014-07-03)] * gpg: Create revocation certificates during key generation. * gpg: Create exported secret keys and revocation certifciates with mode 0700 * gpg: The validity of user ids is now shown by default. To revert this add "list-options no-show-uid-validity" to gpg.conf. * gpg: Make export of secret keys work again. * gpg: The output of --list-packets does now print the offset of the packet and information about the packet header. * gpg: Avoid DoS due to garbled compressed data packets. [CVE-2014-4617] * gpg: Print more specific reason codes with the INV_RECP status. * gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended key generation. * scdaemon: Support reader Gemalto IDBridge CT30 and pinpad of SCT cyberJack go. * The speedo build system has been improved. It is now also possible to build a partly working installer for Windows. [Noteworthy changes in version 2.1.0-beta442 (2014-06-05)] * gpg: Changed the format of key listings. To revert to the old format the option --legacy-list-mode is available. * gpg: Add experimental signature support using curve Ed25519 and with a patched Libgcrypt also encryption support with Curve25519. [Update: this encryption support has been removed from 2.1.0 until we have agreed on a suitable format.] * gpg: Allow use of Brainpool curves. * gpg: Accepts a space separated fingerprint as user ID. This allows to copy and paste the fingerprint from the key listing. * gpg: The hash algorithm is now printed for signature records in key listings. * gpg: Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given. * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the communication with the gpg-agent. * gpg: New option --pinentry-mode. * gpg: Fixed decryption using an OpenPGP card. * gpg: Fixed bug with deeply nested compressed packets. * gpg: Only the major version number is by default included in the armored output. * gpg: Do not create a trustdb file if --trust-model=always is used. * gpg: Protect against rogue keyservers sending secret keys. * gpg: The format of the fallback key listing ("gpg KEYFILE") is now more aligned to the regular key listing ("gpg -k"). * gpg: The option--show-session-key prints its output now before the decryption of the bulk message starts. * gpg: New %U expando for the photo viewer. * gpg,gpgsm: New option --with-secret. * gpgsm: By default the users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. * gpgsm: New commands to export a secret RSA key in PKCS#1 or PKCS#8 format. * gpgsm: Improved handling of re-issued CA certificates. * agent: The included ssh agent does now support ECDSA keys. * agent: New option --enable-putty-support to allow gpg-agent on Windows to act as a Pageant replacement with full smartcard support. * scdaemon: New option --enable-pinpad-varlen. * scdaemon: Various fixes for pinpad equipped card readers. * scdaemon: Rename option --disable-pinpad (was --disable-keypad). * scdaemon: Better support fo CCID readers. Now, internal CCID driver supports readers with no auto configuration feature. * dirmngr: Removed support for the original HKP keyserver which is not anymore used by any site. * dirmngr: Improved support for keyserver pools. * tools: New option --dirmngr for gpg-connect-agent. * The GNU Pth library has been replaced by the new nPth library. * Support installation as portable application under Windows. * All kind of other improvements - see the git log. [Noteworthy changes in version 2.1.0beta3 (2011-12-20)] * gpg: Fixed regression in the secret key export function. * gpg: Allow generation of card keys up to 4096 bit. * gpgsm: Preliminary support for the validation model "steed". * gpgsm: Improved certificate creation. * agent: Support the SSH confirm flag. * agent: New option to select a passphrase mode. The loopback mode may be used to bypass Pinentry. * agent: The Assuan commands KILLAGENT and KILLSCD are working again. * scdaemon: Does not anymore block after changing a card (regression fix). * tools: gpg-connect-agent does now proberly display the help output for "SCD HELP" commands. [Noteworthy changes in version 2.1.0beta2 (2011-03-08)] * gpg: ECC support as described by draft-jivsov-openpgp-ecc-06.txt [Update: now known as RFC-6637]. * gpg: Print "AES128" instead of "AES". This change introduces a little incompatibility for tools using "gpg --list-config". We hope that these tools are written robust enough to accept this new algorithm name as well. * gpgsm: New feature to create certificates from a parameter file. Add prompt to the --gen-key UI to create self-signed certificates. * agent: TMPDIR is now also honored when creating a socket using the --no-standard-socket option and with symcryptrun's temp files. * scdaemon: Fixed a bug where scdaemon sends a signal to gpg-agent running in non-daemon mode. * dirmngr: Fixed CRL loading under W32 (bug#1010). * Dirmngr has taken over the function of the keyserver helpers. Thus we now have a specified direct interface to keyservers via Dirmngr. LDAP, DNS and mail backends are not yet implemented. * Fixed TTY management for pinentries and session variable update problem. [Noteworthy changes in version 2.1.0beta1 (2010-10-26)] * gpg: secring.gpg is not anymore used but all secret key operations are delegated to gpg-agent. The import command moves secret keys to the agent. * gpg: The OpenPGP import command is now able to merge secret keys. * gpg: Encrypted OpenPGP messages with trailing data (e.g. other OpenPGP packets) are now correctly parsed. * gpg: Given sufficient permissions Dirmngr is started automagically. * gpg: Fixed output of "gpgconf --check-options". * gpg: Removed options --export-options(export-secret-subkey-passwd) and --simple-sk-checksum. * gpg: New options --try-secret-key. * gpg: Support DNS lookups for SRV, PKA and CERT on W32. * gpgsm: The --audit-log feature is now more complete. * gpgsm: The default for --include-cert is now to include all certificates in the chain except for the root certificate. * gpgsm: New option --ignore-cert-extension. * g13: The G13 tool for disk encryption key management has been added. * agent: If the agent's --use-standard-socket option is active, all tools try to start and daemonize the agent on the fly. In the past this was only supported on W32; on non-W32 systems the new configure option --disable-standard-socket may now be used to disable this new default. * agent: New and changed passphrases are now created with an iteration count requiring about 100ms of CPU work. * dirmngr: Dirmngr is now a part of this package. It is now also expected to run as a system service and the configuration directories are changed to the GnuPG name space. [Update: 2.1.0 starts dirmngr on demand as user daemon.] * Support for Windows CE. [Update: This has not been tested for the 2.1.0 release] * Numerical values may now be used as an alternative to the debug-level keywords. See-also: gnupg-announce/2014q4/000358.html Version 2.0.28 (2015-06-02) Version 2.0.27 (2015-02-18) Version 2.0.26 (2014-08-12) Version 2.0.25 (2014-06-30) Version 2.0.24 (2014-06-24) Version 2.0.23 (2014-06-03) Version 2.0.22 (2013-10-04) Version 2.0.21 (2013-08-19) Version 2.0.20 (2013-05-10) Version 2.0.19 (2012-03-27) Version 2.0.18 (2011-08-04) Version 2.0.17 (2011-01-13) Version 2.0.16 (2010-07-19) Version 2.0.15 (2010-03-09) Version 2.0.14 (2009-12-21) Noteworthy changes in version 2.0.13 (2009-09-04) ------------------------------------------------- * GPG now generates 2048 bit RSA keys by default. The default hash algorithm preferences has changed to prefer SHA-256 over SHA-1. 2048 bit DSA keys are now generated to use a 256 bit hash algorithm * The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now passed to the Pinentry to make SCIM work. * The GPGSM command --gen-key features a --batch mode and implements all features of gpgsm-gencert.sh in standard mode. * New option --re-import for GPGSM's IMPORT server command. * Enhanced writing of existing keys to OpenPGP v2 cards. * Add hack to the internal CCID driver to allow the use of some Omnikey based card readers with 2048 bit keys. * GPG now repeatly asks the user to insert the requested OpenPGP card. This can be disabled with --limit-card-insert-tries=1. * Minor bug fixes. See-also: gnupg-announce/2009q3/000294.html Noteworthy changes in version 2.0.12 (2009-06-17) ------------------------------------------------- * GPGSM now always lists ephemeral certificates if specified by fingerprint or keygrip. * New command "KEYINFO" for GPG_AGENT. GPGSM now also returns information about smartcards. * Made sure not to leak file descriptors if running gpg-agent with a command. Restore the signal mask to solve a problem in Mono. * Changed order of the confirmation questions for root certificates and store negative answers in trustlist.txt. * Better synchronization of concurrent smartcard sessions. * Support 2048 bit OpenPGP cards. * Support Telesec Netkey 3 cards. * The gpg-protect-tool now uses gpg-agent via libassuan. Under Windows the Pinentry will now be put into the foreground. * Changed code to avoid a possible Mac OS X system freeze. See-also: gnupg-announce/2009q2/000288.html Noteworthy changes in version 2.0.11 (2009-03-03) ------------------------------------------------- * Fixed a problem in SCDAEMON which caused unexpected card resets. * SCDAEMON is now aware of the Geldkarte. * The SCDAEMON option --allow-admin is now used by default. * GPGCONF now restarts SCdaemon if necessary. * The default cipher algorithm in GPGSM is now again 3DES. This is due to interoperability problems with Outlook 2003 which still can't cope with AES. See-also: gnupg-announce/2009q1/000287.html Noteworthy changes in version 2.0.10 (2009-01-12) ------------------------------------------------- * [gpg] New keyserver helper gpg2keys_kdns as generic DNS CERT lookup. Run with --help for a short description. Requires the ADNS library. * [gpg] New mechanisms "local" and "nodefault" for --auto-key-locate. Fixed a few problems with this option. * [gpg] New command --locate-keys. * [gpg] New options --with-sig-list and --with-sig-check. * [gpg] The option "-sat" is no longer an alias for --clearsign. * [gpg] The option --fixed-list-mode is now implicitly used and obsolete. * [gpg] New control statement %ask-passphrase for the unattended key generation. * [gpg] The algorithm to compute the SIG_ID status has been changed. * [gpgsm] Now uses AES by default. * [gpgsm] Made --output option work with --export-secret-key-p12. * [gpg-agent] Terminate process if the own listening socket is not anymore served by ourself. * [scdaemon] Made it more robust on W32. * [gpg-connect-agent] Accept commands given as command line arguments. * [w32] Initialized the socket subsystem for all keyserver helpers. * [w32] The sysconf directory has been moved from a subdirectory of the installation directory to %CSIDL_COMMON_APPDATA%/GNU/etc/gnupg. * [w32] The gnupg2.nls directory is not anymore used. The standard locale directory is now used. * [w32] Fixed a race condition between gpg and gpgsm in the use of temporary file names. * The gpg-preset-passphrase mechanism works again. An arbitrary string may now be used for a custom cache ID. * Admin PINs are cached again (bug in 2.0.9). * Support for version 2 OpenPGP cards. * Libgcrypt 1.4 is now required. See-also: gnupg-announce/2009q1/000284.html Noteworthy changes in version 2.0.9 (2008-03-26) ------------------------------------------------ * Gpgsm always tries to locate missing certificates from a running Dirmngr's cache. * Tweaks for Windows. * The Admin PIN for OpenPGP cards may now be entered with the pinpad. * Improved certificate chain construction. * Extended the PKITS framework. * Fixed a bug in the ambigious name detection. * Fixed possible memory corruption while importing OpenPGP keys (bug introduced with 2.0.8). [CVE-2008-1530] * Minor bug fixes. Noteworthy changes in version 2.0.8 (2007-12-20) ------------------------------------------------ * Enhanced gpg-connect-agent with a small scripting language. * New option --list-config for gpgconf. * Fixed a crash in gpgconf. * Gpg-agent now supports the passphrase quality bar of the latest Pinentry. * The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the Pinentry. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Creating DSA2 keys is now possible. * New option --extra-digest-algo for gpgsm to allow verification of broken signatures. * Allow encryption with legacy Elgamal sign+encrypt keys with option --rfc2440. * Windows is now a supported platform. * Made sure that under Windows the file permissions of the socket are taken into account. This required a change of our socket emulation code and changed the IPC protocol under Windows. See-also: gnupg-announce/2007q4/000267.html Noteworthy changes in version 2.0.7 (2007-09-10) ------------------------------------------------ * Fixed encryption problem if duplicate certificates are in the keybox. * Made it work on Windows Vista. Note that the entire Windows port is still considered Beta. * Add new options min-passphrase-nonalpha, check-passphrase-pattern, enforce-passphrase-constraints and max-passphrase-days to gpg-agent. * Add command --check-components to gpgconf. Gpgconf now uses the installed versions of the programs and does not anymore search via PATH for them. See-also: gnupg-announce/2007q3/000259.html Noteworthy changes in version 2.0.6 (2007-08-16) ------------------------------------------------ * GPGSM does now grok --default-key. * GPGCONF is now aware of --default-key and --encrypt-to. * GPGSM does again correctly print the serial number as well the the various keyids. This was broken since 2.0.4. * New option --validation-model and support for the chain-model. * Improved Windows support. See-also: gnupg-announce/2007q3/000258.html Noteworthy changes in version 2.0.5 (2007-07-05) ------------------------------------------------ * Switched license to GPLv3. * Basic support for Windows. Run "./autogen.sh --build-w32" to build it. As usual the mingw cross compiling toolchain is required. * Fixed bug when using the --p12-charset without --armor. * The command --gen-key may now be used instead of the gpgsm-gencert.sh script. * Changed key generation to reveal less information about the machine. Bug fixes for gpg2's card key generation. See-also: gnupg-announce/2007q3/000255.html Noteworthy changes in version 2.0.4 (2007-05-09) ------------------------------------------------ * The server mode key listing commands are now also working for systems without the funopen/fopencookie API. * PKCS#12 import now tries several encodings in case the passphrase was not utf-8 encoded. New option --p12-charset for gpgsm. * Improved the libgcrypt logging support in all modules. See-also: gnupg-announce/2007q2/000254.html Noteworthy changes in version 2.0.3 (2007-03-08) ------------------------------------------------ * By default, do not allow processing multiple plaintexts in a single stream. Many programs that called GnuPG were assuming that GnuPG did not permit this, and were thus not using the plaintext boundary status tags that GnuPG provides. This change makes GnuPG reject such messages by default which makes those programs safe again. --allow-multiple-messages returns to the old behavior. [CVE-2007-1263]. * New --verify-option show-primary-uid-only. * gpgconf may now reads a global configuration file to select which options are changeable by a frontend. The new applygnupgdefaults tool may be used by an admin to set default options for all users. * The PIN pad of the Cherry XX44 keyboard is now supported. The DINSIG and the NKS applications are now also aware of PIN pads. See-also: gnupg-announce/2007q1/000252.html Noteworthy changes in version 2.0.2 (2007-01-31) ------------------------------------------------ * Fixed a serious and exploitable bug in processing encrypted packages. [CVE-2006-6235]. * Added --passphrase-repeat to set the number of times GPG will prompt for a new passphrase to be repeated. This is useful to help memorize a new passphrase. The default is 1 repetition. * Using a PIN pad does now also work for the signing key. * A warning is displayed by gpg-agent if a new passphrase is too short. New option --min-passphrase-len defaults to 8. * The status code BEGIN_SIGNING now shows the used hash algorithms. See-also: gnupg-announce/2007q1/000249.html Noteworthy changes in version 2.0.1 (2006-11-28) ------------------------------------------------ * Experimental support for the PIN pads of the SPR 532 and the Kaan Advanced card readers. Add "disable-keypad" scdaemon.conf if you don't want it. Does currently only work for the OpenPGP card and its authentication and decrypt keys. * Fixed build problems on some some platforms and crashes on amd64. * Fixed a buffer overflow in gpg2. [bug#728,CVE-2006-6169] See-also: gnupg-announce/2006q4/000242.html Noteworthy changes in version 2.0.0 (2006-11-11) ------------------------------------------------ * First stable version of a GnuPG integrating OpenPGP and S/MIME. See-also: gnupg-announce/2006q4/000239.html Noteworthy changes in version 1.9.95 (2006-11-06) ------------------------------------------------- * Minor bug fixes. Noteworthy changes in version 1.9.94 (2006-10-24) ------------------------------------------------- * Keys for gpgsm may now be specified using a keygrip. A keygrip is indicated by a prefixing it with an ampersand. * gpgconf now supports switching the CMS cipher algo (e.g. to AES). * New command --gpgconf-test for all major tools. This may be used to check whether the configuration file is sane. Noteworthy changes in version 1.9.93 (2006-10-18) ------------------------------------------------- * In --with-validation mode gpgsm will now also ask whether a root certificate should be trusted. * Link to Pth only if really necessary. * Fixed a pubring corruption bug in gpg2 occurring when importing signatures or keys with insane lengths. * Fixed v3 keyID calculation bug in gpg2. * More tweaks for certificates without extensions. Noteworthy changes in version 1.9.92 (2006-10-11) ------------------------------------------------- * Bug fixes. See-also: gnupg-announce/2006q4/000236.html Noteworthy changes in version 1.9.91 (2006-10-04) ------------------------------------------------- * New "relax" flag for trustlist.txt to allow root CA certificates without BasicContraints. * [gpg2] Removed the -k PGP 2 compatibility hack. -k is now an alias for --list-keys. * [gpg2] Print a warning if "-sat" is used instead of "--clearsign". Noteworthy changes in version 1.9.90 (2006-09-25) ------------------------------------------------- * Made readline work for gpg. * Cleanups und minor bug fixes. * Included translations from gnupg 1.4.5. Noteworthy changes in version 1.9.23 (2006-09-18) ------------------------------------------------- * Regular man pages for most tools are now build directly from the Texinfo source. * The gpg code from 1.4.5 has been fully merged into this release. The configure option --enable-gpg is still required to build this gpg part. For production use of OpenPGP the gpg version 1.4.5 is still recommended. Note, that gpg will be installed under the name gpg2 to allow coexisting with an 1.4.x gpg. * API change in gpg-agent's pkdecrypt command. Thus an older gpgsm may not be used with the current gpg-agent. * The scdaemon will now call a script on reader status changes. * gpgsm now allows file descriptor passing for "INPUT", "OUTPUT" and "MESSAGE". * The gpgsm server may now output a key listing to the output file handle. This needs to be enabled using "OPTION list-to-output=1". * The --output option of gpgsm has now an effect on list-keys. * New gpgsm commands --dump-chain and list-chain. * gpg-connect-agent has new options to utilize descriptor passing. * A global trustlist may now be used. See doc/examples/trustlist.txt. * When creating a new pubring.kbx keybox common certificates are imported. Noteworthy changes in version 1.9.22 (2006-07-27) ------------------------------------------------- * Enhanced pkcs#12 support to allow import from simple keyBags. * Exporting to pkcs#12 now create bag attributes so that Mozilla is able to import the files. * Fixed uploading of certain keys to the smart card. Noteworthy changes in version 1.9.21 (2006-06-20) ------------------------------------------------- * New command APDU for scdaemon to allow using it for general card access. Might be used through gpg-connect-agent by using the SCD prefix command. * Support for the CardMan 4040 PCMCIA reader (Linux 2.6.15 required). * Scdaemon does not anymore reset cards at the end of a connection. * Kludge to allow use of Bundesnetzagentur issued X.509 certificates. * Added --hash=xxx option to scdaemon's PKSIGN command. * Pkcs#12 files are now created with a MAC. This is for better interoperability. * Collected bug fixes and minor other changes. Noteworthy changes in version 1.9.20 (2005-12-20) ------------------------------------------------- * Importing pkcs#12 files created be recent versions of Mozilla works again. * Basic support for qualified signatures. * New debug tool gpgparsemail. Noteworthy changes in version 1.9.19 (2005-09-12) ------------------------------------------------- * The Belgian eID card is now supported for signatures and ssh. Other pkcs#15 cards should work as well. * Fixed bug in --export-secret-key-p12 so that certificates are again included. Noteworthy changes in version 1.9.18 (2005-08-01) ------------------------------------------------- * [gpgsm] Now allows for more than one email address as well as URIs and dnsNames in certificate request generation. A keygrip may be given to create a request from an existing key. * A couple of minor bug fixes. Noteworthy changes in version 1.9.17 (2005-06-20) ------------------------------------------------- * gpg-connect-agent has now features to handle Assuan INQUIRE commands. * Internal changes for OpenPGP cards. New Assuan command WRITEKEY. * GNU Pth is now a hard requirement. * [scdaemon] Support for OpenSC has been removed. Instead a new and straightforward pkcs#15 modules has been written. As of now it does allows only signing using TCOS cards but we are going to enhance it to match all the old capabilities. * [gpg-agent] New option --write-env-file and Assuan command UPDATESTARTUPTTY. * [gpg-agent] New option --default-cache-ttl-ssh to set the TTL for SSH passphrase caching independent from the other passphrases. Noteworthy changes in version 1.9.16 (2005-04-21) ------------------------------------------------- * gpg-agent does now support the ssh-agent protocol and thus allows to use the pinentry as well as the OpenPGP smartcard with ssh. * New tool gpg-connect-agent as a general client for the gpg-agent. * New tool symcryptrun as a wrapper for certain encryption tools. * The gpg tool is not anymore build by default because those gpg versions available in the gnupg 1.4 series are far more matured. Noteworthy changes in version 1.9.15 (2005-01-13) ------------------------------------------------- * Fixed passphrase caching bug. * Better support for CCID readers; the reader from Cherry RS 6700 USB does now work. Noteworthy changes in version 1.9.14 (2004-12-22) ------------------------------------------------- * [gpg-agent] New option --use-standard-socket to allow the use of a fixed socket. gpgsm falls back to this socket if GPG_AGENT_INFO has not been set. * Ported to MS Windows with some functional limitations. * New tool gpg-preset-passphrase. Noteworthy changes in version 1.9.13 (2004-12-03) ------------------------------------------------- * [gpgsm] New option --prefer-system-dirmngr. * Minor cleanups and debugging aids. Noteworthy changes in version 1.9.12 (2004-10-22) ------------------------------------------------- * [scdaemon] Partly rewrote the PC/SC code. * Removed the sc-investigate tool. It is now in a separate package available at ftp://ftp.g10code.com/g10code/gscutils/ . * [gpg-agent] Fixed logging problem. Noteworthy changes in version 1.9.11 (2004-10-01) ------------------------------------------------- * When using --import along with --with-validation, the imported certificates are validated and only imported if they are fully valid. * [gpg-agent] New option --max-cache-ttl. * [gpg-agent] When used without --daemon or --server, gpg-agent now check whether a agent is already running and usable. * Fixed some i18n problems. Noteworthy changes in version 1.9.10 (2004-07-22) ------------------------------------------------- * Fixed a serious bug in the checking of trusted root certificates. * New configure option --enable-agent-pnly allows to build and install just the agent. * Fixed a problem with the log file handling. Noteworthy changes in version 1.9.9 (2004-06-08) ------------------------------------------------ * [gpg-agent] The new option --allow-mark-trusted is now required to allow gpg-agent to add a key to the trustlist.txt after user confirmation. * Creating PKCS#10 requests does now honor the key usage. Noteworthy changes in version 1.9.8 (2004-04-29) ------------------------------------------------ * [scdaemon] Overhauled the internal CCID driver. * [scdaemon] Status files named ~/.gnupg/reader_.status are now written when using the internal CCID driver. * [gpgsm] New commands --dump-{,secret,external}-keys to show a very detailed view of the certificates. * The keybox gets now compressed after 3 hours and ephemeral stored certificates are deleted after about a day. * [gpg] Usability fixes for --card-edit. Note, that this has already been ported back to gnupg-1.3 Noteworthy changes in version 1.9.7 (2004-04-06) ------------------------------------------------ * Instrumented the modules for gpgconf. * Added support for DINSIG card applications. * Include the smimeCapabilities attribute with signed messages. * Now uses the gettext domain "gnupg2" to avoid conflicts with gnupg versions < 1.9. Noteworthy changes in version 1.9.6 (2004-03-06) ------------------------------------------------ * Code cleanups and bug fixes. Noteworthy changes in version 1.9.5 (2004-02-21) ------------------------------------------------ * gpg-protect-tool gets now installed into libexec as it ought to be. Cleaned up the build system to better comply with the coding standards. * [gpgsm] The --import command is now able to autodetect pkcs#12 files and import secret and private keys from this file format. A new command --export-secret-key-p12 is provided to allow exporting of secret keys in PKCS\#12 format. * [gpgsm] The pinentry will now present a description of the key for whom the passphrase is requested. * [gpgsm] New option --with-validation to check the validity of key while listing it. * New option --debug-level={none,basic,advanced,expert,guru} to map the debug flags to sensitive levels on a per program base. Noteworthy changes in version 1.9.4 (2004-01-30) ------------------------------------------------ * Added support for the Telesec NKS 2.0 card application. * Added simple tool addgnupghome to create .gnupg directories from /etc/skel/.gnupg. * Various minor bug fixes and cleanups; mainly gpgsm and gpg-agent related. Noteworthy changes in version 1.9.3 (2003-12-23) ------------------------------------------------ * New gpgsm options --{enable,disable}-ocsp to validate keys using OCSP. This option requires a not yet released DirMngr version. Default is disabled. * The --log-file option may now be used to print logs to a socket. Prefix the socket name with "socket://" to enable this. This does not work on all systems and falls back to stderr if there is a problem with the socket. * The options --encrypt-to and --no-encrypt-to now work the same in gpgsm as in gpg. Note, they are also used in server mode. * Duplicated recipients are now silently removed in gpgsm. Noteworthy changes in version 1.9.2 (2003-11-17) ------------------------------------------------ * On card key generation is no longer done using the --gen-key command but from the menu provided by the new --card-edit command. * PINs are now properly cached and there are only 2 PINs visible. The 3rd PIN (CHV2) is internally synchronized with the regular PIN. * All kind of other internal stuff. Noteworthy changes in version 1.9.1 (2003-09-06) ------------------------------------------------ * Support for OpenSC is back. scdaemon supports a --disable-opensc to disable OpenSC use at runtime, so that PC/SC or ct-API can still be used directly. * Rudimentary support for the SCR335 smartcard reader using an internal driver. Requires current libusb from CVS. * Bug fixes. Noteworthy changes in version 1.9.0 (2003-08-05) ------------------------------------------------ ====== PLEASE SEE README-alpha ======= * gpg has been renamed to gpg2 and gpgv to gpgv2. This is a temporary change to allow co-existing with stable gpg versions. * ~/.gnupg/gpg.conf-1.9.0 is fist tried as config file before the usual gpg.conf. * Removed the -k, -kv and -kvv commands. -k is now an alias to --list-keys. New command -K as alias for --list-secret-keys. * Removed --run-as-shm-coprocess feature. * gpg does now also use libgcrypt, libgpg-error is required. * New gpgsm commands --call-dirmngr and --call-protect-tool. * Changing a passphrase is now possible using "gpgsm --passwd" * The content-type attribute is now recognized and created. * The agent does now reread certain options on receiving a HUP. * The pinentry is now forked for each request so that clients with different environments are supported. When running in daemon mode and --keep-display is not used the DISPLAY variable is ignored. * Merged stuff from the newpg branch and started this new development branch. Version 1.4.19 (2015-02-27) Version 1.4.18 (2014-06-30) Version 1.4.17 (2014-06-23) Version 1.4.16 (2013-12-18) Version 1.4.15 (2013-10-04) Version 1.4.14 (2013-07-25) Version 1.4.13 (2012-12-20) Version 1.4.12 (2012-01-30) Version 1.4.11 (2010-10-18) Version 1.4.10 (2009-09-02) Version 1.4.9 (2008-03-26) Version 1.4.8 (2007-12-20) Version 1.4.7 (2007-03-05) Version 1.4.6 (2006-12-06) Version 1.4.5 (2006-08-01) Version 1.4.4 (2006-06-25) Version 1.4.3 (2006-04-03) Version 1.4.2 (2005-07-26) Version 1.4.1 (2005-03-15) Version 1.4.0 (2004-12-16) Noteworthy changes in version 1.3.2 (2003-05-27) ------------------------------------------------ * New "--gnupg" option (set by default) that disables --openpgp, and the various --pgpX emulation options. This replaces --no-openpgp, and --no-pgpX, and also means that GnuPG has finally grown a --gnupg option to make GnuPG act like GnuPG. * A bug in key validation has been fixed. This bug only affects keys with more than one user ID (photo IDs do not count here), and results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key. * Notation names that do not contain a '@' are no longer allowed unless --expert is set. This is to help prevent pollution of the (as yet unused) IETF notation namespace. * Multiple trust models are now supported via the --trust-model option. The options are "pgp" (web-of-trust plus trust signatures), "classic" (web-of-trust only), and "always" (identical to the --always-trust option). * The --personal-{cipher|digest|compression}-preferences are now consulted to get default algorithms before resorting to the last-ditch defaults of --s2k-cipher-algo, SHA1, and ZIP respectively. This allows a user to set algorithms to use in a safe manner so they are used when legal to do so, without forcing them on for all messages. * New --primary-keyring option to designate the keyring that the user wants new keys imported into. * --s2k-digest-algo is now used for all password mangling. Earlier versions used both --s2k-digest-algo and --digest-algo for passphrase mangling. * Handling of --hidden-recipient or --throw-keyid messages is now easier - the user only needs to give their passphrase once, and GnuPG will try it against all of the available secret keys. * Care is taken to prevent compiler optimization from removing memory wiping code. * New option --no-mangle-dos-filenames so that filenames are not truncated in the W32 version. * A "convert-from-106" script has been added. This is a simple script that automates the conversion from a 1.0.6 or earlier version of GnuPG to a 1.0.7 or later version. * Disabled keys are now skipped when selecting keys for encryption. If you are using the --with-colons key listings to detect disabled keys, please see doc/DETAILS for a minor format change in this release. * Minor trustdb changes to make the trust calculations match common usage. * New command "revuid" in the --edit-key menu to revoke a user ID. This is a simpler interface to the old method (which still works) of revoking the user ID self-signature. * Status VALIDSIG does now also print the primary key's fingerprint, as well as the signature version, pubkey algorithm, hash algorithm, and signature class. * Add read-only support for the SHA-256 hash, and optional read-only support for the SHA-384 and SHA-512 hashes. * New option --enable-progress-filter for use with frontends. * DNS SRV records are used in HKP keyserver lookups to allow administrators to load balance and select keyserver ports automatically. This is as specified in draft-shaw-openpgp-hkp-00.txt. * When using the "keyid!" syntax during a key export, only that specified key is exported. If the key in question is a subkey, the primary key plus only that subkey is exported. * configure --disable-xxx options to disable individual algorithms at build time. This can be used to build a smaller gpg binary for embedded uses where space is tight. See the README file for the algorithms that can be used with this option, or use --enable-minimal to build the smallest gpg possible (disables all optional algorithms, disables keyserver access, and disables photo IDs). * The keyserver no-modify flag on a key can now be displayed and modified. * Note that the TIGER/192 digest algorithm is in the process of being dropped from the OpenPGP standard. While this release of GnuPG still contains it, it is disabled by default. To ensure you will still be able to use your messages with future versions of GnuPG and other OpenPGP programs, please do not use this algorithm. See-also: gnupg-announce/2003q2/000153.html Noteworthy changes in version 1.3.1 (2002-11-12) ------------------------------------------------ * Trust signature support. This is based on the Maurer trust model where a user can specify the trust level along with the signature with multiple levels so users can delegate certification ability to other users, possibly restricted by a regular expression on the user ID. Note that full trust signature support requires a regular expression parsing library. The regexp code from glibc 2.3.1 is included for those platforms that don't have working regexp functions available. The configure option --disable-regex may be used to disable any regular expression code, which will make GnuPG ignore any trust signature with a regular expression included. * Two new commands --hidden-recipient (-R) and --hidden-encrypt-to encrypt to a user, but hide the identity of that user. This is the same functionality as --throw-keyid, but can be used on a per-user basis. * Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be used interchangeably with the short algorithm names (e.g. "S2", "H2", "Z1") anywhere algorithm names are used in GnuPG. Noteworthy changes in version 1.3.0 (2002-10-18) ------------------------------------------------ * The last piece of internal keyserver support has been removed, and now all keyserver access is done via the keyserver plugins. There is also a newer keyserver protocol used between GnuPG and the plugins, so plugins from earlier versions of GnuPG may not work properly. * The HKP keyserver plugin supports the new machine-readable key listing format for those keyservers that provide it. * When using a HKP keyserver with multiple DNS records (such as wwwkeys.pgp.net which has the addresses of multiple servers around the world), try all records until one succeeds. Note that it depends on the LDAP library used whether the LDAP keyserver plugin does this as well. * The library dependencies for OpenLDAP seem to change fairly frequently, and GnuPG's configure script cannot guess all the combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to override the script and use the libraries selected. * Secret keys generated with --export-secret-subkeys are now indicated in key listings with a '#' after the "sec", and in --with-colons listings by showing no capabilities (no lowercase characters). * --trusted-key has been un-obsoleted, as it is useful for adding ultimately trusted keys from the config file. It is identical to using --edit and "trust" to change a key to ultimately trusted. * Translations other than de are no longer distributed with the development branch. This is due to the frequent text changes during development, which cause the translations to rapidly go out of date. Version 1.2.8 (2006-12-07) Version 1.2.7 (2004-12-27) Version 1.2.6 (2004-08-25) Version 1.2.5 (2004-07-26) Version 1.2.4 (2003-12-23) Version 1.2.3 (2003-08-21) Version 1.2.2 (2003-05-01) Version 1.2.1 (2002-10-25) Version 1.2.0 (2002-09-21) Noteworthy changes in version 1.1.92 (2002-09-11) ------------------------------------------------- * [IMPORTANT] The default configuration file is now ~/.gnupg/gpg.conf. If an old ~/.gnupg/options is found it will still be used. This change is required to have a more consistent naming scheme with forthcoming tools. * The use of MDCs have increased. A MDC will be used if the recipients directly request it, if the recipients have AES, AES192, AES256, or TWOFISH in their cipher preferences, or if the chosen cipher has a blocksize not equal to 64 bits (currently this is also AES, AES192, AES256, and TWOFISH). * GnuPG will no longer automatically disable compression when processing an already-compressed file unless a MDC is being used. This is to give the message a certain amount of resistance to the chosen-ciphertext attack while communicating with other programs (most commonly PGP earlier than version 7.x) that do not support MDCs. * The option --interactive now has the desired effect when importing keys. * The file permission and ownership checks on files have been clarified. Specifically, the homedir (usually ~/.gnupg) is checked to protect everything within it. If the user specifies keyrings outside this homedir, they are presumed to be shared keyrings and therefore *not* checked. Configuration files specified with the --options option and the IDEA cipher extension specified with --load-extension are checked, along with their enclosing directories. * The configure option --with-static-rnd=auto allows to build gpg with all available entropy gathering modules included. At runtime the best usable one will be selected from the list linux, egd, unix. This is also the default for systems lacking a /dev/random device. * The default character set is now taken from the current locale; it can still be overridden by the --charset option. Using the option -vvv shows the used character set. * [REMOVED] --emulate-checksum-bug and --emulate-3des-s2k-bug have been removed. Noteworthy changes in version 1.1.91 (2002-08-04) ------------------------------------------------- * All modules are now linked statically; the --load-extension option is in general not useful anymore. The only exception is to specify the deprecated idea cipher. * The IDEA plugin has changed. Previous versions of the IDEA plugin will no longer work with GnuPG. However, the current version of the plugin will work with earlier GnuPG versions. * When using --batch with one of the --delete-key commands, the key must be specified by fingerprint. See the man page for details. * There are now various ways to restrict the ability GnuPG has to exec external programs (for the keyserver helpers or photo ID viewers). Read the README file for the complete list. * New export option to leave off attribute packets (photo IDs) during export. This is useful when exporting to HKP keyservers which do not understand attribute packets. * New import option to repair during import the HKP keyserver mangling multiple subkeys bug. Note that this cannot completely repair the damaged key as some crucial data is removed by the keyserver, but it does at least give you back one subkey. This is on by default for keyserver --recv-keys, and off by default for regular --import. * The keyserver helper programs now live in /usr/[local/]libexec/gnupg by default. If you are upgrading from 1.0.7, you might want to delete your old copies in /usr/[local/]bin. If you use an OS that does not use libexec for whatever reason, use configure --libexecdir=/usr/local/lib to place the keyserver helpers there. * The LDAP keyserver handler now works properly with very old (version 1) LDAP keyservers. Noteworthy changes in version 1.1.90 (2002-07-01) ------------------------------------------------- * New commands: --personal-cipher-preferences, --personal-digest-preferences, and --personal-compress-preferences allow the user to specify which algorithms are to be preferred. Note that this does not permit using an algorithm that is not present in the recipient's preferences (which would violate the OpenPGP standard). This just allows sorting the preferences differently. * New "group" command to refer to several keys with one name. * A warning is issued if the user forces the use of an algorithm that is not listed in the recipient's preferences. * Full revocation key (aka "designated revoker") support. * The preferred hash algorithms on a key are consulted when encrypting a signed message to that key. Note that this is disabled by default by a SHA1 preference in --personal-digest-preferences. * --cert-digest-algo allows the user to specify the hash algorithm to use when signing a key rather than the default SHA1 (or MD5 for PGP2 keys). Do not use this feature unless you fully understand the implications of this. * --pgp7 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 7.x. * New --attribute-fd command for frontends and scripts to get the contents of attribute packets (i.e. photos) * In expert mode, the user can now re-sign a v3 key with a v4 self-signature. This does not change the v3 key into a v4 key, but it does allow the user to use preferences, primary ID flags, etc. * Significantly improved photo ID support on non-unixlike platforms. * The version number has jumped ahead to 1.1.90 to skip over the old version 1.1 and to get ready for the upcoming 1.2. * ElGamal sign and encrypt is not anymore allowed in the key generation dialog unless in expert mode. RSA sign and encrypt has been added with the same restrictions. * [W32] Keyserver access does work with Windows NT. Noteworthy changes in version 1.0.7 (2002-04-29) ------------------------------------------------ * Secret keys are now stored and exported in a new format which uses SHA-1 for integrity checks. This format renders the Rosa/Klima attack useless. Other OpenPGP implementations might not yet support this, so the option --simple-sk-checksum creates the old vulnerable format. * The default cipher algorithm for encryption is now CAST5, default hash algorithm is SHA-1. This will give us better interoperability with other OpenPGP implementations. * Symmetric encrypted messages now use a fixed file size if possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2, 6, and 7. Note this was only an issue with RFC-1991 style symmetric messages. * Photographic user ID support. This uses an external program to view the images. * Enhanced keyserver support via keyserver "plugins". GnuPG comes with plugins for the NAI LDAP keyserver as well as the HKP email keyserver. It retains internal support for the HKP HTTP keyserver. * Nonrevocable signatures are now supported. If a user signs a key nonrevocably, this signature cannot be taken back so be careful! * Multiple signature classes are usable when signing a key to specify how carefully the key information (fingerprint, photo ID, etc) was checked. * --pgp2 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 2.x. * --pgp6 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 6.x. * Signatures may now be given an expiration date. When signing a key with an expiration date, the user is prompted whether they want their signature to expire at the same time. * Revocation keys (designated revokers) are now supported if present. There is currently no way to designate new keys as designated revokers. * Permissions on the .gnupg directory and its files are checked for safety. * --expert mode enables certain silly things such as signing a revoked user id, expired key, or revoked key. * Some fixes to build cleanly under Cygwin32. * New tool gpgsplit to split OpenPGP data formats into packets. * New option --preserve-permissions. * Subkeys created in the future are not used for encryption or signing unless the new option --ignore-valid-from is used. * Revoked user-IDs are not listed unless signatures are listed too or we are in verbose mode. * There is no default comment string with ascii armors anymore except for revocation certificates and --enarmor mode. * The command "primary" in the edit menu can be used to change the primary UID, "setpref" and "updpref" can be used to change the preferences. * Fixed the preference handling; since 1.0.5 they were erroneously matched against against the latest user ID and not the given one. * RSA key generation. * Merged Stefan's patches for RISC OS in. See comments in scripts/build-riscos. * It is now possible to sign and conventional encrypt a message (-cs). * The MDC feature flag is supported and can be set by using the "updpref" edit command. * The status messages GOODSIG and BADSIG are now returning the primary UID, encoded using %XX escaping (but with spaces left as spaces, so that it should not break too much) * Support for GDBM based keyrings has been removed. * The entire keyring management has been revamped. * The way signature stati are store has changed so that v3 signatures can be supported. To increase the speed of many operations for existing keyrings you can use the new --rebuild-keydb-caches command. * The entire key validation process (trustdb) has been revamped. See the man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb. * --trusted-keys is again obsolete, --edit can be used to set the ownertrust of any key to ultimately trusted. * A subkey is never used to sign keys. * Read only keyrings are now handled as expected. See-also: gnupg-announce/2002q2/000135.html Noteworthy changes in version 1.0.6 (2001-05-29) ------------------------------------------------ * Security fix for a format string bug in the tty code. * Fixed format string bugs in all PO files. * Removed Russian translation due to too many bugs. The FTP server has an unofficial but better translation in the contrib directory. * Fixed expire time calculation and keyserver access. * The usual set of minor bug fixes and enhancements. * non-writable keyrings are now correctly handled. See-also: gnupg-announce/2001q2/000123.html Noteworthy changes in version 1.0.5 (2001-04-29) ------------------------------------------------ * WARNING: The semantics of --verify have changed to address a problem with detached signature detection. --verify now ignores signed material given on stdin unless this is requested by using a "-" as the name for the file with the signed material. Please check all your detached signature handling applications and make sure that they don't pipe the signed material to stdin without using a filename together with "-" on the the command line. * WARNING: Corrected hash calculation for input data larger than 512M - it was just wrong, so you might notice bad signature in some very big files. It may be wise to keep an old copy of GnuPG around. * Secret keys are no longer imported unless you use the new option --allow-secret-key-import. This is a kludge and future versions will handle it in another way. * New command "showpref" in the --edit-key menu to show an easier to understand preference listing. * There is now the notation of a primary user ID. For example, it is printed with a signature verification as the first user ID; revoked user IDs are not printed there anymore. In general the primary user ID is the one with the latest self-signature. * New --charset=utf-8 to bypass all internal conversions. * Large File Support (LFS) is now working. * New options: --ignore-crc-error, --no-sig-create-check, --no-sig-cache, --fixed-list-mode, --no-expensive-trust-checks, --enable-special-filenames and --use-agent. See man page. * New command --pipemode, which can be used to run gpg as a co-process. Currently only the verification of detached signatures are working. See doc/DETAILS. * Keyserver support for the W32 version. * Rewritten key selection code so that GnuPG can better cope with multiple subkeys, expire dates and so. The drawback is that it is slower. * A whole lot of bug fixes. * The verification status of self-signatures are now cached. To increase the speed of key list operations for existing keys you can do the following in your GnuPG homedir (~/.gnupg): cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \ rm pubring.gpg && gpg --import x Only v4 keys (i.e not the old RSA keys) benefit from this caching. * New translations: Estonian, Turkish. See-also: gnupg-announce/2001q2/000122.html Noteworthy changes in version 1.0.4 (2000-10-17) ------------------------------------------------ * Fixed a serious bug which could lead to false signature verification results when more than one signature is fed to gpg. This is the primary reason for releasing this version. * New utility gpgv which is a stripped down version of gpg to be used to verify signatures against a list of trusted keys. * Rijndael (AES) is now supported and listed with top preference. * --with-colons now works with --print-md[s]. See-also: gnupg-announce/2000q4/000082.html Noteworthy changes in version 1.0.3 (2000-09-18) ------------------------------------------------ * Fixed problems with piping to/from other MS-Windows software * Expiration time of the primary key can be changed again. * Revoked user IDs are now marked in the output of --list-key * New options --show-session-key and --override-session-key to help the British folks to somewhat minimize the danger of this Orwellian RIP bill. * New options --merge-only and --try-all-secrets. * New configuration option --with-egd-socket. * The --trusted-key option is back after it left us with 0.9.5 * RSA is supported. Key generation does not yet work but will come soon. * CAST5 and SHA-1 are now the default algorithms to protect the key and for symmetric-only encryption. This should solve a couple of compatibility problems because the old algorithms are optional according to RFC2440 * Twofish and MDC enhanced encryption is now used. PGP 7 supports this. Older versions of GnuPG don't support it, so they should be upgraded to at least 1.0.2 See-also: gnupg-announce/2000q3/000075.html Noteworthy changes in version 1.0.2 (2000-07-12) ---------------------------------------------- * Fixed expiration handling of encryption keys. * Add an experimental feature to do unattended key generation. * The user is now asked for the reason of revocation as required by the new OpenPGP draft. * There is a ~/.gnupg/random_seed file now which saves the state of the internal RNG and increases system performance somewhat. This way the full entropy source is only used in cases were it is really required. Use the option --no-random-seed-file to disable this feature. * New options --ignore-time-conflict and --lock-never. * Some fixes for the W32 version. * The entropy.dll is not anymore used by the W32 version but replaced by code derived from Cryptlib. * Encryption is now much faster: About 2 times for 1k bit keys and 8 times for 4k keys. * New encryption keys are generated in a way which allows a much faster decryption. * New command --export-secret-subkeys which outputs the the _primary_ key with it's secret parts deleted. This is useful for automated decryption/signature creation as it allows to keep the real secret primary key offline and thereby protecting the key certificates and allowing to create revocations for the subkeys. See the FAQ for a procedure to install such secret keys. * Keygeneration now writes to the first writeable keyring or as default to the one in the homedirectory. Prior versions ignored all --keyring options. * New option --command-fd to take user input from a file descriptor; to be used with --status-fd by software which uses GnuPG as a backend. * There is a new status PROGRESS which is used to show progress during key generation. * Support for the new MDC encryption packets. To create them either --force-mdc must be use or cipher algorithm with a blocksize other than 64 bits is to be used. --openpgp currently disables MDC packets entirely. This option should not yet be used. * New option --no-auto-key-retrieve to disable retrieving of a missing public key from a keyserver, when a keyserver has been set. * Danish translation See-also: gnupg-announce/2000q3/000069.html Noteworthy changes in version 1.0.1 (1999-12-16) ----------------------------------- * New command --verify-files. New option --fast-list-mode. * $http_proxy is now used when --honor-http-proxy is set. * Fixed some minor bugs and the problem with conventional encrypted packets which did use the gpg v3 partial length headers. * Add Indonesian and Portugese translations. * Fixed a bug with symmetric-only encryption using the non-default 3DES. The option --emulate-3des-s2k-bug may be used to decrypt documents which have been encrypted this way; this should be done immediately as this workaround will be remove in 1.1 * Can now handle (but not display) PGP's photo IDs. I don't know the format of that packet but after stripping a few bytes from the start it looks like a JPEG (at least my test data). Handling of this package is required because otherwise it would mix up the self signatures and you can't import those keys. * Passing non-ascii user IDs on the commandline should now work in all cases. * New keys are now generated with an additional preference to Blowfish. * Removed the GNU Privacy Handbook from the distribution as it will go into a separate one. See-also: gnupg-announce/1999q4/000050.html Noteworthy changes in version 1.0.0 (1999-09-07) ----------------------------------- * Add a very preliminary version of the GNU Privacy Handbook to the distribution (lynx doc/gph/index.html). * Changed the version number to GnuPG 2001 ;-) See-also: gnupg-announce/1999q3/000037.html Noteworthy changes in version 0.9.11 (1999-09-03) ------------------------------------ * UTF-8 strings are now correctly printed (if --charset is set correctly). Output of --with-colons remains C-style escaped UTF-8. * Workaround for a problem with PGP 5 detached signature in textmode. * Fixed a problem when importing new subkeys (duplicated signatures). See-also: gnupg-announce/1999q3/000036.html Noteworthy changes in version 0.9.10 (1999-07-23) ------------------------------------ * Some strange new options to help pgpgpg * Cleaned up the dox a bit. See-also: gnupg-announce/1999q3/000034.html Noteworthy changes in version 0.9.9 ----------------------------------- * New options --[no-]utf8-strings. * New edit-menu commands "enable" and "disable" for entire keys. * You will be asked for a filename if gpg cannot deduce one. * Changes to support libtool which is needed for the development of libgcrypt. * New script tools/lspgpot to help transferring assigned trustvalues from PGP to GnuPG. * New commands --lsign-key and made --sign-key a shortcut for --edit and sign. * New options (#122--126 ;-) --[no-]default-recipient[-self], --disable-{cipher,pubkey}-algo. See the man page. * Enhanced info output in case of multiple recipients and fixed exit code. * New option --allow-non-selfsigned-uid to work around a problem with the German IN way of separating signing and encryption keys. See-also: gnupg-announce/1999q3/000028.html Noteworthy changes in version 0.9.8 (1999-06-26) ----------------------------------- * New subcommand "delsig" in the edit menu. * The name of the output file is not anymore the one which is embedded in the processed message, but the used filename with the extension stripped. To revert to the old behaviour you can use the option --use-embedded-filename. * Another hack to cope with pgp2 generated detached signatures. * latin-2 character set works (--charset=iso-8859-2). * New option --with-key-data to list the public key parameters. New option -N to insert notations and a --set-policy-url. A couple of other options to allow reseting of options. * Better support for HPUX. See-also: gnupg-announce/1999q2/000016.html Noteworthy changes in version 0.9.7 (1999-05-23) ----------------------------------- * Add some work arounds for a bugs in pgp 2 which led to bad signatures when used with canonical texts in some cases. * Enhanced some status outputs. See-also: gnupg-announce/1999q2/000000.html Noteworthy changes in version 0.9.6 (1999-05-06) ----------------------------------- * Twofish is now statically linked by default. The experimental 128 bit version is now disabled. Full support will be available as soon as the OpenPGP WG has decided on an interpretation of rfc2440. * Dropped support for the ancient Blowfish160 which is not OpenPGP. * Merged gpgm and gpg into one binary. * Add "revsig" and "revkey" commands to the edit menu. It is now possible to revoke signature and subkeys. Noteworthy changes in version 0.9.5 (1999-03-20) ----------------------------------- * New command "lsign" in the keyedit menu to create non-exportable signatures. Removed --trusted-keys option. * A bunch of changes to the key validation code. * --list-trust-path now has an optional --with-colons format. * New command --recv-keys to import keys from an keyserver. Noteworthy changes in version 0.9.4 (1999-03-08) ----------------------------------- * New configure option --enable-static-rnd=[egd|linux|unix|none] to select a random gathering module for static linking. * The original text is now verbatim copied to a cleartext signed message. * Bugfixes but there are still a couple of bugs. Noteworthy changes in version 0.9.3 (1999-02-19) ----------------------------------- * Changed the internal design of getkey which now allows a efficient lookup of multiple keys and add a word match mode. * New options --[no-]encrypt-to. * Some changes to the configure stuff. Switched to automake 1.4. Removed intl/ from CVS, autogen.sh now uses gettextize. * Preferences now include Twofish. Removed preference to Blowfish with a special hack to suppress the "not listed in preferences" warning; this is to allow us to switch completely to Twofish in the near future. * Changed the locking stuff. * Print all user ids of a good signature. Noteworthy changes in version 0.9.2 (1999-01-01) ----------------------------------- * add some additional time warp checks. * Option --keyserver and command --send-keys to utilize HKP servers. * Upgraded to zlib 1.1.3 and fixed an inflate bug * More cleanup on the cleartext signatures. Noteworthy changes in version 0.9.1 (1999-01-01) ----------------------------------- * Polish language support. * When querying the passphrase, the key ID of the primary key is displayed along with the one of the used secondary key. * Fixed a bug occurring when decrypting pgp 5 encrypted messages, fixed an infinite loop bug in the 3DES code and in the code which looks for trusted signatures. * Fixed a bug in the mpi library which caused signatures not to compare okay. * Rewrote the handling of cleartext signatures; the code is now better maintainable (I hope so). * New status output VALIDSIG only for valid signatures together with the fingerprint of the signer's key. Noteworthy changes in version 0.9.0 (1998-12-23) ----------------------------------- * --export does now only exports rfc2440 compatible keys; the old behaviour is available with --export-all. Generation of v3 ElGamal (sign and encrypt) keys is not longer supported. * Fixed the uncompress bug. * Rewrote the rndunix module. There are two environment variables used for debugging now: GNUPG_RNDUNIX_DBG give the file to write debugging information (use "-" for stdout) and if GNUPG_RNDUNIX_DBGALL is set, all programs which are only tried are also printed. * New option --escape-from-lines to "dash-escape" "From " lines to prevent mailers to change them to ">From ". This is not enabled by default because it is not in compliance with rfc2440 - however, you should turn it on. Noteworthy changes in version 0.4.5 (1998-12-08) ----------------------------------- * The keyrings and the trustdb is now locked, so that other GnuPG processes won't damage these files. You may want to put the option --lock-once into your options file. * The latest self-signatures are now used; this enables --import to see updated preferences etc. * Import of subkeys should now work. * Random gathering modules may now be loaded as extensions. Add such a module for most Unices but it is very experimental! * Brazilian language support. Noteworthy changes in version 0.4.4 (1998-11-20) ----------------------------------- * Fixed the way the key expiration time is stored. If you have an expiration time on your key you should fix it with --edit-key and the command "expire". I apologize for this inconvenience. * Add option --charset to support "koi8-r" encoding of user ids. (Not yet tested). * Preferences should now work again. You should run "gpgm --check-trustdb \*" to rebuild all preferences. * Checking of certificates should now work but this needs a lot of testing. Key validation values are now cached in the trustdb; they should be recalculated as needed, but you may use --check-trustdb or --update-trustdb to do this. * Spanish translation by Urko Lusa. * Patch files are from now on signed. See the man page for the new option --not-dash-escaped. * New syntax: --edit-key [] If you run it without --batch the commands are executed and then you are put into normal mode unless you use "quit" or "save" as one of the commands. When in batch mode, the program quits after the last command, so you have to use "save" if you did some changes. It does not yet work completely, but may be used to list so the keys etc. Noteworthy changes in version 0.4.3 (1998-11-08) ----------------------------------- * Fixed the gettext configure bug. * Kludge for RSA keys: keyid and length of a RSA key are correctly reported, but you get an error if you try to use this key (If you do not have the non-US version). * Experimental support for keyrings stored in a GDBM database. This is *much* faster than a standard keyring. You will notice that the import gets slower with time; the reason is that all new keys are used to verify signatures of previous inserted keys. Use "--keyring gnupg-gdbm:". This is not (yet) supported for secret keys. * A Russian language file in the distribution (alternatives are in the contrib directory of the FTP servers) * commandline option processing now works as expected for GNU programs with the exception that you can't mix options and normal arguments. * Now --list-key lists all matching keys. This is needed in some other places too. Noteworthy changes in version 0.4.2 (1998-10-18) ----------------------------------- * This is only a snapshot: There are still a few bugs. * Fixed this huge memory leak. * Redesigned the trust database: You should run "gpgm --check-trustdb". New command --update-trustdb, which adds new key from the public keyring into your trustdb * Fixed a bug in the armor code, leading to invalid packet errors. (a workaround for this was to use --no-armor). The shorten line length (64 instead of 72) fixes a problem with pgp5 and keyservers. * comment packets are not anymore generated. "--export" filters them out. One Exception: The comment packets in a secret keyring are still used because they carry the factorization of the public prime product. * --import now only looks for KEYBLOCK headers, so you can now simply remove the "- " in front of such a header if someone accidentally signed such a message or the keyblock is part of a cleartext signed message. * --with-colons now lists the key expiration time and not anymore the valid period. * Some keyblocks created with old releases have a wrong sequence of packets, so that the keyservers don't accept these keys. Simply using "--edit-key" fixes the problem. * New option --force-v3-sigs to generate signed messages which are compatible to PGP 5. * Add some code to support DLD (for non ELF systems) - but this is not tested because my BSD box is currently broken. * New command "expire" in the edit-key menu. Noteworthy changes in version 0.4.1 (1998-10-07) ----------------------------------- * A secondary key is used when the primary key is specified but cannot be used for the operation (if it is a sign-only key). * GNUPG can now handle concatenated armored messages: There is still a bug if different kinds of messages are mixed. * Iterated+Salted passphrases now work. If want to be sure that PGP5 is able to handle them you may want to use the options "--s2k-mode 3 --s2k-cipher-algo cast5 --s2k-digest-algo sha1" when changing a passphrase. * doc/OpenPGP talks about OpenPGP compliance, doc/HACKING gives a few hints about the internal structure. * Checked gnupg against the August 1998 draft (07) and I believe it is in compliance with this document (except for one point). * Fixed some bugs in the import merging code and rewrote some code for the trustdb. Noteworthy changes in version 0.4.0 (1998-09-18) ----------------------------------- * Triple DES is now supported. Michael Roth did this piece of needed work. We have now all the coded needed to be OpenPGP compliant. * Added a simple rpm spec file (see INSTALL). * detached and armored signatures are now using "PGP SIGNATURE", except when --rfc1991 is used. * All times which are not in the yyyy-mm-dd format are now printed in local time. Noteworthy changes in version 0.3.5 (1998-09-14) ----------------------------------- * New option --throw-keyid to create anonymous enciphered messages. If gpg detects such a message it tires all available secret keys in turn so decode it. This is a gnupg extension and not in OpenPGP but it has been discussed there and afaik some products use this scheme too (Suggested by Nimrod Zimmerman). * Fixed a bug with 5 byte length headers. * --delete-[secret-]key is now also available in gpgm. * cleartext signatures are not anymore converted to LF only. * Fixed a trustdb problem. Run "gpgm --check-trustdb" to fix old trust dbs. * Building in another directory should now work. * Weak key detection mechanism (Niklas Hernaeus). Noteworthy changes in version 0.3.4 (1998-08-11) ----------------------------------- * New options --comment and --set-filename; see g10/OPTIONS * yes/no, y/n localized. * Fixed some bugs. Noteworthy changes in version 0.3.3 (1998-08-08) ----------------------------------- * IMPORTANT: I found yet another bug in the way the secret keys are encrypted - I did it the way pgp 2.x did it, but OpenPGP and pgp 5.x specify another (in some aspects simpler) method. To convert your secret keys you have to do this: 1. Build the new release but don't install it and keep a copy of the old program. 2. Disable the network, make sure that you are the only user, be sure that there are no Trojan horses etc .... 3. Use your old gpg (version 0.3.1 or 0.3.2) and set the passphrases of ALL your secret keys to empty! (gpg --change-passphrase your-user-id). 4. Save your ownertrusts (see the next point) 5. rm ~/.gnupg/trustdb.gpg 6. install the new version of gpg (0.3.3) 7. For every secret key call "gpg --edit-key your-user-id", enter "passwd" at the prompt, follow the instructions and change your password back, enter "save" to store it. 8. Restore the ownertrust (see next point). * The format of the trust database has changed; you must delete the old one, so gnupg can create a new one. IMPORTANT: Use version 0.3.1 or .2 to save your assigned ownertrusts ("gpgm --list-ownertrust >saved-trust"); then build this new version and restore the ownertrust with this new version ("gpgm --import-ownertrust saved-trust"). Please note that --list-ownertrust has been renamed to --export-ownertrust in this release and it does now only export defined ownertrusts. * The command --edit-key now provides a commandline driven menu which can be used for various tasks. --sign-key is only an an alias to --edit-key and maybe removed in future: use the command "sign" of this new menu - you can select which user ids you want to sign. * Alternate user ids can now be created an signed. * Owner trust values can now be changed with --edit-key (trust) * GNUPG can now run as a coprocess; this enables sophisticated frontends. tools/shmtest.c is a simple sample implementation. This needs some more work: all tty_xxx() are to be replaced by cpr_xxx() and some changes in the display logics is needed. * Removed options --gen-prime and --gen-random. * Removed option --add-key; use --edit-key instead. * Removed option --change-passphrase; use --edit-key instead. * Signatures are now checked even if the output file could not be created. Command "--verify" tries to find the detached data. * gpg now disables core dumps. * compress and symmetric cipher preferences are now used. Because there is no 3DES yet, this is replaced by Blowfish. * We have added the Twofish as an experimental cipher algorithm. Many thanks to Matthew Skala for doing this work. Twofish is the AES submission from Schneier et al.; see "www.counterpane.com/twofish.html" for more information. * Started with a help system: If you enter a question mark at some prompt; you should get a specific help for this prompt. * There is no more backup copy of the secret keyring. * A lot of new bugs. I think this release is not as stable as the previous one. Noteworthy changes in version 0.3.2 (1998-07-09) ----------------------------------- * Fixed some bugs when using --textmode (-seat) * Now displays the trust status of a positive verified message. * Keyrings are now scanned in the sequence they are added with --[secret-]keyring. Note that the default keyring is implicitly added as the very first one unless --no-default-keyring is used. * Fixed setuid and dlopen bug. Noteworthy changes in version 0.3.1 (1998-07-06) ----------------------------------- * Partial headers are now written in the OpenPGP format if a key in a v4 packet is used. * Removed some unused options, removed the gnupg.sig stuff. * Key lookup by name now returns a key which can be used for the desired action. * New options --list-ownertrust (gpgm) to make a backup copy of the ownertrust values you assigned. * clear signature headers are now in compliance with OpenPGP. Noteworthy changes in version 0.3.0 (1998-06-25) ----------------------------------- * New option --emulate-checksum-bug. If your passphrase does not work anymore, use this option and --change-passphrase to rewrite your passphrase. * More complete v4 key support: Preferences and expiration time is set into the self signature. * Key generation defaults to DSA/ElGamal keys, so that new keys are interoperable with pgp5 * DSA key generation is faster and key generation does not anymore remove entropy from the random generator (the primes are public parameters, so there is really no need for a cryptographic secure prime number generator which we had used). * A complete new structure for representing the key parameters. * Removed most public key knowledge into the cipher library. * Support for dynamic loading of new algorithms. * Moved tiger to an extension module. Noteworthy changes in version 0.2.19 (1998-05-29) ------------------------------------ * Replaced /dev/urandom in checks with new tool mk-tdata. * Some assembler file cleanups; some more functions for the Alpha. * Tiger has now the OpenPGP assigned number 6. Because the OID has changed, old signatures using this algorithm can't be verified. * gnupg now encrypts the compressed packed and not any longer in the reverse order; anyway it can decrypt both versions. Thanks to Tom for telling me this (not security related) bug. * --add-key works and you are now able to generate subkeys. * It is now possible to generate ElGamal keys in v4 packets to create valid OpenPGP keys. * Some new features for better integration into MUAs. Noteworthy changes in version 0.2.18 (1998-05-15) ------------------------------------ * Splitted cipher/random.c, add new option "--disable-dev-random" to configure to support the development of a random source for other systems. Prepared sourcefiles rand-unix.c, rand-w32.c and rand-dummy.c (which is used to allow compilation on systems without a random source). * Fixed a small bug in the key generation (it was possible that 48 bits of a key were not taken from the random pool) * Add key generation for DSA and v4 signatures. * Add a function trap_unaligned(), so that a SIGBUS is issued on Alphas and not the slow emulation code is used. And success: rmd160 raised a SIGBUS. * Enhanced the formatting facility of argparse and changed the use of \r,\v to @ because gettext does not like it. * New option "--compress-algo 1" to allow the creation of compressed messages which are readable by PGP and "--print-md" (gpgm) to make speed measurement easier. Noteworthy changes in version 0.2.17 (1998-05-04) ------------------------------------ * Comment packets are now of private type 61. * Passphrase code still used a 160 bit blowfish key, added a silly workaround. Please change your passphrase again - sorry. * Conventional encryption now uses a type 3 packet to describe the used algorithms. * The new algorithm number for Blowfish is 20, 16 is still used for encryption only; for signing it is only used when it is in a v3 packet, so that GNUPG keys are still valid. Noteworthy changes in version 0.2.16 (1998-04-28) ------------------------------------ * Add experimental support for the TIGER/192 message digest algorithm. (But there is only a dummy ASN OID). * Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB mode. I renamed the old cipher to Blowfish160. Because the OpenPGP group refused to assign me a number for Blowfish160, I have to drop support for this in the future. You should use "--change-passphrase" to recode your current passphrase with 128 bit Blowfish. Noteworthy changes in version 0.2.15 (1998-04-09) ------------------------------------ * Fixed a bug with the old checksum calculation for secret keys. If you run the program without --batch, a warning does inform you if your secret key needs to be converted; simply use --change-passphrase to recalculate the checksum. Please do this soon, as the compatible mode will be removed sometime in the future. * CAST5 works (using the PGP's special CFB mode). * Again somewhat more PGP 5 compatible. * Some new test cases Noteworthy changes in version 0.2.14 (1998-04-02) ------------------------------------ * Changed the internal handling of keyrings. * Add support to list PGP 5 keyrings with subkeys * Timestamps of signatures are now verified. * A expiration time can now be specified during key generation. * Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform. Reduced the amount of random bytes needed for key generation in some cases. Noteworthy changes in version 0.2.13 (1998-03-10) ------------------------------------ * Verify of DSA signatures works. * Re-implemented the slower random number generator. Noteworthy changes in version 0.2.12 (1998-03-07) ------------------------------------ * --delete-key checks that there is no secret key. The new option --delete-secret-key maybe used to delete a secret key. * "-kv" now works as expected. Options "--list-{keys,sigs]" and "--check-sigs" are now working. * New options "--verify" and "--decrypt" to better support integration into MUAs (partly done for Mutt). * New option "--with-colons" to make parsing of key lists easier. Noteworthy changes in version 0.2.11 (1998-03-02) ------------------------------------ * GPG now asks for a recipient's name if option "-r" is not used. * If there is no good trust path, the program asks whether to use the public keys anyway. * "--delete-key" works for public keys. What semantics shall I use when there is a secret key too? Delete the secret key or leave him and auto-regenerate the public key, next time the secret key is used? Noteworthy changes in version 0.2.10 (1998-02-27) ------------------------------------ * Code for the alpha is much faster (about 20 times); the data was misaligned and the kernel traps this, so nearly all time was used by system to trap the misalignments and to write syslog messages. Shame on me and thanks to Ralph for pointing me at this while drinking some beer yesterday. * Changed some configure options and add an option --disable-m-guard to remove the memory checking code and to compile everything with optimization on. * New environment variable GNUPGHOME, which can be used to set another homedir than ~/.gnupg. Changed default homedir for Windoze version to c:/gnupg. * Fixed detached signatures; detached PGP signatures caused a SEGV. * The Windoze version works (as usual w/o a strong RNG). Noteworthy changes in version 0.2.9 (1998-02-26) ----------------------------------- * Fixed FreeBSD bug. * Added a simple man page. * Switched to automake1.2f and a newer gettext. Noteworthy changes in version 0.2.8 (1998-02-24) ----------------------------------- * Changed the name to GNUPG, the binaries are called gpg and gpgm. You must rename rename the directory "~/.g10" to ~/.gnupg/, rename {pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg and g10.sig to gnupg.sig. * New or changed passphrases are now salted. Noteworthy changes in version 0.2.7 (1998-02-18) ----------------------------------- * New command "gen-revoke" to create a key revocation certificate. * New option "homedir" to set the homedir (which defaults to "~/.g10"). This directory is created if it does not exists (only the last part of the name and not the complete hierarchy) * Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import") * New commands "dearmor/enarmor" for g10maint. These are mainly used for internal test purposes. * Option --version now conforming to the GNU standards and lists the available ciphers, message digests and public key algorithms. * Assembler code for m68k (not tested). * "make check" works. Noteworthy changes in version 0.2.6 (1998-02-13) ----------------------------------- * Option "--export" works. Noteworthy changes in version 0.2.5 (1998-02-12) ----------------------------------- * Added zlib for systems which don't have it. Use "./configure --with-zlib" to link with the static version. * Generalized some more functions and rewrote the encoding of message digests into MPIs. * Enhanced the checkit script Noteworthy changes in version 0.2.4 (1998-02-11) ----------------------------------- * nearly doubled the speed of the ElGamal signature verification. * backup copies of keyrings are created. * assembler stuff for Pentium; gives about 15% better performance. * fixed a lot of bugs. Noteworthy changes in version 0.2.3 (1998-02-09) ----------------------------------- * Found a bug in the calculation of ELG fingerprints. This is now fixed, but all existing fingerprints and keyids for ELG keys are not any more valid. * armor should now work; including clear signed text. * moved some options to the new program g10maint * It's now 64 bit clean and runs fine on an alpha--linux. * Key generation is much faster now. I fixed this by using not so strong random number for the primes (this was a bug because the ElGamal primes are public parameters and it does not make sense to generate them from strong random). The real secret is the x value which is still generated from strong (okay: /dev/random) random bits. * added option "--status-fd": see g10/OPTIONS * We have secure memory on systems which support mlock(). It is not complete yet, because we do not have signal handler which does a cleanup in very case. We should also check the ulimit for the user in the case that the admin does not have set a limit on locked pages. * started with internationalization support. * The logic to handle the web of trust is now implemented. It is has some bugs; but I'm going to change the algorithm anyway. It works by calculating the trustlevel on the fly. It may ask you to provide trust parameters if the calculated trust probability is too low. I will write a paper which discusses this new approach. * a couple of changes to the configure script. * New option "--quick-random" which uses a much quicker random number generator. Keys generated while this option is in effect are flags with "INSECURE!" in the user-id. This is a development only option. * Read support for new version packets (OpenPGP). * Comment packets are now of correct OpenPGP type 16. Old comment packets written by G10 are detected because they always start with a hash which is an invalid version byte. * The string "(INSECURE!)" is appended to a new user-id if this is generated on a system without a good random number generator. Version 0.2.2 (1998-02-09) Version 0.2.1 (1998-01-28) Version 0.2.0 (1998-01-25) Version 0.1.3 (1998-01-12) Version 0.1.2 (1998-01-07) Version 0.1.1 (1998-01-07) Version 0.1.0 (1998-01-05) Version 0.0.0 (1997-12-20) Copyright (C) 1998-2017 Free Software Foundation, Inc. Copyright (C) 1997-2017 Werner Koch This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/g10/getkey.c b/g10/getkey.c index 4642174e9..d883df63f 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1,4544 +1,4544 @@ /* getkey.c - Get a key from the database * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, * 2007, 2008, 2010 Free Software Foundation, Inc. * Copyright (C) 2015, 2016 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ #include #include #include #include #include #include "gpg.h" #include "../common/util.h" #include "packet.h" #include "../common/iobuf.h" #include "keydb.h" #include "options.h" #include "main.h" #include "trustdb.h" #include "../common/i18n.h" #include "keyserver-internal.h" #include "call-agent.h" #include "../common/host2net.h" #include "../common/mbox-util.h" #include "../common/status.h" #define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE #if MAX_PK_CACHE_ENTRIES < 2 #error We need the cache for key creation #endif /* Flags values returned by the lookup code. Note that the values are * directly used by the KEY_CONSIDERED status line. */ #define LOOKUP_NOT_SELECTED (1<<0) #define LOOKUP_ALL_SUBKEYS_EXPIRED (1<<1) /* or revoked */ /* A context object used by the lookup functions. */ struct getkey_ctx_s { /* Part of the search criteria: whether the search is an exact search or not. A search that is exact requires that a key or subkey meet all of the specified criteria. A search that is not exact allows selecting a different key or subkey from the keyblock that matched the critera. Further, an exact search returns the key or subkey that matched whereas a non-exact search typically returns the primary key. See finish_lookup for details. */ int exact; /* Part of the search criteria: Whether the caller only wants keys with an available secret key. This is used by getkey_next to get the next result with the same initial criteria. */ int want_secret; /* Part of the search criteria: The type of the requested key. A mask of PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT. If non-zero, then for a key to match, it must implement one of the required uses. */ int req_usage; /* The database handle. */ KEYDB_HANDLE kr_handle; /* Whether we should call xfree() on the context when the context is released using getkey_end()). */ int not_allocated; /* This variable is used as backing store for strings which have their address used in ITEMS. */ strlist_t extra_list; /* Hack to return the mechanism (AKL_foo) used to find the key. */ int found_via_akl; /* Part of the search criteria: The low-level search specification as passed to keydb_search. */ int nitems; /* This must be the last element in the structure. When we allocate the structure, we allocate it so that ITEMS can hold NITEMS. */ KEYDB_SEARCH_DESC items[1]; }; #if 0 static struct { int any; int okay_count; int nokey_count; int error_count; } lkup_stats[21]; #endif typedef struct keyid_list { struct keyid_list *next; char fpr[MAX_FINGERPRINT_LEN]; u32 keyid[2]; } *keyid_list_t; #if MAX_PK_CACHE_ENTRIES typedef struct pk_cache_entry { struct pk_cache_entry *next; u32 keyid[2]; PKT_public_key *pk; } *pk_cache_entry_t; static pk_cache_entry_t pk_cache; static int pk_cache_entries; /* Number of entries in pk cache. */ static int pk_cache_disabled; #endif #if MAX_UID_CACHE_ENTRIES < 5 #error we really need the userid cache #endif typedef struct user_id_db { struct user_id_db *next; keyid_list_t keyids; int len; char name[1]; } *user_id_db_t; static user_id_db_t user_id_db; static int uid_cache_entries; /* Number of entries in uid cache. */ static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock); static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret, kbnode_t *ret_keyblock, kbnode_t *ret_found_key); static kbnode_t finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, int want_secret, unsigned int *r_flags); static void print_status_key_considered (kbnode_t keyblock, unsigned int flags); #if 0 static void print_stats () { int i; for (i = 0; i < DIM (lkup_stats); i++) { if (lkup_stats[i].any) es_fprintf (es_stderr, "lookup stats: mode=%-2d ok=%-6d nokey=%-6d err=%-6d\n", i, lkup_stats[i].okay_count, lkup_stats[i].nokey_count, lkup_stats[i].error_count); } } #endif /* Cache a copy of a public key in the public key cache. PK is not * cached if caching is disabled (via getkey_disable_caches), if * PK->FLAGS.DONT_CACHE is set, we don't know how to derive a key id * from the public key (e.g., unsupported algorithm), or a key with * the key id is already in the cache. * * The public key packet is copied into the cache using * copy_public_key. Thus, any secret parts are not copied, for * instance. * * This cache is filled by get_pubkey and is read by get_pubkey and * get_pubkey_fast. */ void cache_public_key (PKT_public_key * pk) { #if MAX_PK_CACHE_ENTRIES pk_cache_entry_t ce, ce2; u32 keyid[2]; if (pk_cache_disabled) return; if (pk->flags.dont_cache) return; if (is_ELGAMAL (pk->pubkey_algo) || pk->pubkey_algo == PUBKEY_ALGO_DSA || pk->pubkey_algo == PUBKEY_ALGO_ECDSA || pk->pubkey_algo == PUBKEY_ALGO_EDDSA || pk->pubkey_algo == PUBKEY_ALGO_ECDH || is_RSA (pk->pubkey_algo)) { keyid_from_pk (pk, keyid); } else return; /* Don't know how to get the keyid. */ for (ce = pk_cache; ce; ce = ce->next) if (ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1]) { if (DBG_CACHE) log_debug ("cache_public_key: already in cache\n"); return; } if (pk_cache_entries >= MAX_PK_CACHE_ENTRIES) { int n; /* Remove the last 50% of the entries. */ for (ce = pk_cache, n = 0; ce && n < pk_cache_entries/2; n++) ce = ce->next; if (ce && ce != pk_cache && ce->next) { ce2 = ce->next; ce->next = NULL; ce = ce2; for (; ce; ce = ce2) { ce2 = ce->next; free_public_key (ce->pk); xfree (ce); pk_cache_entries--; } } log_assert (pk_cache_entries < MAX_PK_CACHE_ENTRIES); } pk_cache_entries++; ce = xmalloc (sizeof *ce); ce->next = pk_cache; pk_cache = ce; ce->pk = copy_public_key (NULL, pk); ce->keyid[0] = keyid[0]; ce->keyid[1] = keyid[1]; #endif } /* Return a const utf-8 string with the text "[User ID not found]". This function is required so that we don't need to switch gettext's encoding temporary. */ static const char * user_id_not_found_utf8 (void) { static char *text; if (!text) text = native_to_utf8 (_("[User ID not found]")); return text; } /* Return the user ID from the given keyblock. * We use the primary uid flag which has been set by the merge_selfsigs * function. The returned value is only valid as long as the given * keyblock is not changed. */ static const char * get_primary_uid (KBNODE keyblock, size_t * uidlen) { KBNODE k; const char *s; for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data && k->pkt->pkt.user_id->flags.primary) { *uidlen = k->pkt->pkt.user_id->len; return k->pkt->pkt.user_id->name; } } s = user_id_not_found_utf8 (); *uidlen = strlen (s); return s; } static void release_keyid_list (keyid_list_t k) { while (k) { keyid_list_t k2 = k->next; xfree (k); k = k2; } } /**************** * Store the association of keyid and userid * Feed only public keys to this function. */ static void cache_user_id (KBNODE keyblock) { user_id_db_t r; const char *uid; size_t uidlen; keyid_list_t keyids = NULL; KBNODE k; for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { keyid_list_t a = xmalloc_clear (sizeof *a); /* Hmmm: For a long list of keyids it might be an advantage * to append the keys. */ fingerprint_from_pk (k->pkt->pkt.public_key, a->fpr, NULL); keyid_from_pk (k->pkt->pkt.public_key, a->keyid); /* First check for duplicates. */ for (r = user_id_db; r; r = r->next) { keyid_list_t b; for (b = r->keyids; b; b = b->next) { if (!memcmp (b->fpr, a->fpr, MAX_FINGERPRINT_LEN)) { if (DBG_CACHE) log_debug ("cache_user_id: already in cache\n"); release_keyid_list (keyids); xfree (a); return; } } } /* Now put it into the cache. */ a->next = keyids; keyids = a; } } if (!keyids) BUG (); /* No key no fun. */ uid = get_primary_uid (keyblock, &uidlen); if (uid_cache_entries >= MAX_UID_CACHE_ENTRIES) { /* fixme: use another algorithm to free some cache slots */ r = user_id_db; user_id_db = r->next; release_keyid_list (r->keyids); xfree (r); uid_cache_entries--; } r = xmalloc (sizeof *r + uidlen - 1); r->keyids = keyids; r->len = uidlen; memcpy (r->name, uid, r->len); r->next = user_id_db; user_id_db = r; uid_cache_entries++; } /* Disable and drop the public key cache (which is filled by cache_public_key and get_pubkey). Note: there is currently no way to re-enable this cache. */ void getkey_disable_caches () { #if MAX_PK_CACHE_ENTRIES { pk_cache_entry_t ce, ce2; for (ce = pk_cache; ce; ce = ce2) { ce2 = ce->next; free_public_key (ce->pk); xfree (ce); } pk_cache_disabled = 1; pk_cache_entries = 0; pk_cache = NULL; } #endif /* fixme: disable user id cache ? */ } /* Free a list of pubkey_t objects. */ void pubkeys_free (pubkey_t keys) { while (keys) { pubkey_t next = keys->next; xfree (keys->pk); release_kbnode (keys->keyblock); xfree (keys); keys = next; } } static void pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key) { kbnode_t a = found_key ? found_key : keyblock; log_assert (a->pkt->pkttype == PKT_PUBLIC_KEY || a->pkt->pkttype == PKT_PUBLIC_SUBKEY); copy_public_key (pk, a->pkt->pkt.public_key); } /* Specialized version of get_pubkey which retrieves the key based on * information in SIG. In contrast to get_pubkey PK is required. IF * FORCED_PK is not NULL, this public key is used and copied to PK. */ gpg_error_t get_pubkey_for_sig (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig, PKT_public_key *forced_pk) { const byte *fpr; size_t fprlen; if (forced_pk) { copy_public_key (pk, forced_pk); return 0; } /* First try the new ISSUER_FPR info. */ fpr = issuer_fpr_raw (sig, &fprlen); if (fpr && !get_pubkey_byfprint (ctrl, pk, NULL, fpr, fprlen)) return 0; /* Fallback to use the ISSUER_KEYID. */ return get_pubkey (ctrl, pk, sig->keyid); } /* Return the public key with the key id KEYID and store it at PK. * The resources in *PK should be released using * release_public_key_parts(). This function also stores a copy of * the public key in the user id cache (see cache_public_key). * * If PK is NULL, this function just stores the public key in the * cache and returns the usual return code. * * PK->REQ_USAGE (which is a mask of PUBKEY_USAGE_SIG, * PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT) is passed through to the * lookup function. If this is non-zero, only keys with the specified * usage will be returned. As such, it is essential that * PK->REQ_USAGE be correctly initialized! * * Returns 0 on success, GPG_ERR_NO_PUBKEY if there is no public key * with the specified key id, or another error code if an error * occurs. * * If the data was not read from the cache, then the self-signed data * has definitely been merged into the public key using * merge_selfsigs. */ int get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) { int internal = 0; int rc = 0; #if MAX_PK_CACHE_ENTRIES if (pk) { /* Try to get it from the cache. We don't do this when pk is NULL as it does not guarantee that the user IDs are cached. */ pk_cache_entry_t ce; for (ce = pk_cache; ce; ce = ce->next) { if (ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1]) /* XXX: We don't check PK->REQ_USAGE here, but if we don't read from the cache, we do check it! */ { copy_public_key (pk, ce->pk); return 0; } } } #endif /* More init stuff. */ if (!pk) { internal++; pk = xtrycalloc (1, sizeof *pk); if (!pk) { rc = gpg_error_from_syserror (); goto leave; } } /* Do a lookup. */ { struct getkey_ctx_s ctx; kbnode_t kb = NULL; kbnode_t found_key = NULL; memset (&ctx, 0, sizeof ctx); ctx.exact = 1; /* Use the key ID exactly as given. */ ctx.not_allocated = 1; if (ctrl && ctrl->cached_getkey_kdb) { ctx.kr_handle = ctrl->cached_getkey_kdb; ctrl->cached_getkey_kdb = NULL; keydb_search_reset (ctx.kr_handle); } else { ctx.kr_handle = keydb_new (); if (!ctx.kr_handle) { rc = gpg_error_from_syserror (); goto leave; } } ctx.nitems = 1; ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID; ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; ctx.req_usage = pk->req_usage; rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc) { pk_from_block (pk, kb, found_key); } getkey_end (ctrl, &ctx); release_kbnode (kb); } if (!rc) goto leave; rc = GPG_ERR_NO_PUBKEY; leave: if (!rc) cache_public_key (pk); if (internal) free_public_key (pk); return rc; } /* Same as get_pubkey but if the key was not found the function tries * to import it from LDAP. FIXME: We should not need this but swicth * to a fingerprint lookup. */ gpg_error_t get_pubkey_with_ldap_fallback (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid) { gpg_error_t err; err = get_pubkey (ctrl, pk, keyid); if (!err) return 0; if (gpg_err_code (err) != GPG_ERR_NO_PUBKEY) return err; /* Note that this code does not handle the case for two readers * having both openpgp encryption keys. Only one will be tried. */ if (opt.debug) log_debug ("using LDAP to find a public key\n"); err = keyserver_import_keyid (ctrl, keyid, opt.keyserver, KEYSERVER_IMPORT_FLAG_LDAP); if (gpg_err_code (err) == GPG_ERR_NO_DATA || gpg_err_code (err) == GPG_ERR_NO_KEYSERVER) { /* Dirmngr returns NO DATA is the selected keyserver * does not have the requested key. It returns NO * KEYSERVER if no LDAP keyservers are configured. */ err = gpg_error (GPG_ERR_NO_PUBKEY); } if (err) return err; return get_pubkey (ctrl, pk, keyid); } /* Similar to get_pubkey, but it does not take PK->REQ_USAGE into * account nor does it merge in the self-signed data. This function * also only considers primary keys. It is intended to be used as a * quick check of the key to avoid recursion. It should only be used * in very certain cases. Like get_pubkey and unlike any of the other * lookup functions, this function also consults the user id cache * (see cache_public_key). * * Return the public key in *PK. The resources in *PK should be * released using release_public_key_parts(). */ int get_pubkey_fast (PKT_public_key * pk, u32 * keyid) { int rc = 0; KEYDB_HANDLE hd; KBNODE keyblock; u32 pkid[2]; log_assert (pk); #if MAX_PK_CACHE_ENTRIES { /* Try to get it from the cache */ pk_cache_entry_t ce; for (ce = pk_cache; ce; ce = ce->next) { if (ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1] /* Only consider primary keys. */ && ce->pk->keyid[0] == ce->pk->main_keyid[0] && ce->pk->keyid[1] == ce->pk->main_keyid[1]) { if (pk) copy_public_key (pk, ce->pk); return 0; } } } #endif hd = keydb_new (); if (!hd) return gpg_error_from_syserror (); rc = keydb_search_kid (hd, keyid); if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) { keydb_release (hd); return GPG_ERR_NO_PUBKEY; } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); if (rc) { log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); return GPG_ERR_NO_PUBKEY; } log_assert (keyblock && keyblock->pkt && keyblock->pkt->pkttype == PKT_PUBLIC_KEY); /* We return the primary key. If KEYID matched a subkey, then we return an error. */ keyid_from_pk (keyblock->pkt->pkt.public_key, pkid); if (keyid[0] == pkid[0] && keyid[1] == pkid[1]) copy_public_key (pk, keyblock->pkt->pkt.public_key); else rc = GPG_ERR_NO_PUBKEY; release_kbnode (keyblock); /* Not caching key here since it won't have all of the fields properly set. */ return rc; } /* Return the entire keyblock used to create SIG. This is a * specialized version of get_pubkeyblock. * * FIXME: This is a hack because get_pubkey_for_sig was already called * and it could have used a cache to hold the key. */ kbnode_t get_pubkeyblock_for_sig (ctrl_t ctrl, PKT_signature *sig) { const byte *fpr; size_t fprlen; kbnode_t keyblock; /* First try the new ISSUER_FPR info. */ fpr = issuer_fpr_raw (sig, &fprlen); if (fpr && !get_pubkey_byfprint (ctrl, NULL, &keyblock, fpr, fprlen)) return keyblock; /* Fallback to use the ISSUER_KEYID. */ return get_pubkeyblock (ctrl, sig->keyid); } /* Return the key block for the key with key id KEYID or NULL, if an * error occurs. Use release_kbnode() to release the key block. * * The self-signed data has already been merged into the public key * using merge_selfsigs. */ kbnode_t get_pubkeyblock (ctrl_t ctrl, u32 * keyid) { struct getkey_ctx_s ctx; int rc = 0; KBNODE keyblock = NULL; memset (&ctx, 0, sizeof ctx); /* No need to set exact here because we want the entire block. */ ctx.not_allocated = 1; ctx.kr_handle = keydb_new (); if (!ctx.kr_handle) return NULL; ctx.nitems = 1; ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID; ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; rc = lookup (ctrl, &ctx, 0, &keyblock, NULL); getkey_end (ctrl, &ctx); return rc ? NULL : keyblock; } /* Return the public key with the key id KEYID iff the secret key is * available and store it at PK. The resources should be released * using release_public_key_parts(). * * Unlike other lookup functions, PK may not be NULL. PK->REQ_USAGE * is passed through to the lookup function and is a mask of * PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT. Thus, it * must be valid! If this is non-zero, only keys with the specified * usage will be returned. * * Returns 0 on success. If a public key with the specified key id is * not found or a secret key is not available for that public key, an * error code is returned. Note: this function ignores legacy keys. * An error code is also return if an error occurs. * * The self-signed data has already been merged into the public key * using merge_selfsigs. */ gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid) { gpg_error_t err; struct getkey_ctx_s ctx; kbnode_t keyblock = NULL; kbnode_t found_key = NULL; memset (&ctx, 0, sizeof ctx); ctx.exact = 1; /* Use the key ID exactly as given. */ ctx.not_allocated = 1; ctx.kr_handle = keydb_new (); if (!ctx.kr_handle) return gpg_error_from_syserror (); ctx.nitems = 1; ctx.items[0].mode = KEYDB_SEARCH_MODE_LONG_KID; ctx.items[0].u.kid[0] = keyid[0]; ctx.items[0].u.kid[1] = keyid[1]; ctx.req_usage = pk->req_usage; err = lookup (ctrl, &ctx, 1, &keyblock, &found_key); if (!err) { pk_from_block (pk, keyblock, found_key); } getkey_end (ctrl, &ctx); release_kbnode (keyblock); if (!err) { err = agent_probe_secret_key (/*ctrl*/NULL, pk); if (err) release_public_key_parts (pk); } return err; } /* Skip unusable keys. A key is unusable if it is revoked, expired or disabled or if the selected user id is revoked or expired. */ static int skip_unusable (void *opaque, u32 * keyid, int uid_no) { ctrl_t ctrl = opaque; int unusable = 0; KBNODE keyblock; PKT_public_key *pk; keyblock = get_pubkeyblock (ctrl, keyid); if (!keyblock) { log_error ("error checking usability status of %s\n", keystr (keyid)); goto leave; } pk = keyblock->pkt->pkt.public_key; /* Is the key revoked or expired? */ if (pk->flags.revoked || pk->has_expired) unusable = 1; /* Is the user ID in question revoked or expired? */ if (!unusable && uid_no) { KBNODE node; int uids_seen = 0; for (node = keyblock; node; node = node->next) { if (node->pkt->pkttype == PKT_USER_ID) { PKT_user_id *user_id = node->pkt->pkt.user_id; uids_seen ++; if (uids_seen != uid_no) continue; if (user_id->flags.revoked || user_id->flags.expired) unusable = 1; break; } } /* If UID_NO is non-zero, then the keyblock better have at least that many UIDs. */ log_assert (uids_seen == uid_no); } if (!unusable) unusable = pk_is_disabled (pk); leave: release_kbnode (keyblock); return unusable; } /* Search for keys matching some criteria. If RETCTX is not NULL, then the constructed context is returned in *RETCTX so that getpubkey_next can be used to get subsequent results. In this case, getkey_end() must be used to free the search context. If RETCTX is not NULL, then RET_KDBHD must be NULL. If NAMELIST is not NULL, then a search query is constructed using classify_user_id on each of the strings in the list. (Recall: the database does an OR of the terms, not an AND.) If NAMELIST is NULL, then all results are returned. If PK is not NULL, the public key of the first result is returned in *PK. Note: PK->REQ_USAGE must be valid!!! If PK->REQ_USAGE is set, it is used to filter the search results. See the documentation for finish_lookup to understand exactly how this is used. Note: The self-signed data has already been merged into the public key using merge_selfsigs. Free *PK by calling release_public_key_parts (or, if PK was allocated using xfree, you can use free_public_key, which calls release_public_key_parts(PK) and then xfree(PK)). If WANT_SECRET is set, then only keys with an available secret key (either locally or via key registered on a smartcard) are returned. If INCLUDE_UNUSABLE is set, then unusable keys (see the documentation for skip_unusable for an exact definition) are skipped unless they are looked up by key id or by fingerprint. If RET_KB is not NULL, the keyblock is returned in *RET_KB. This should be freed using release_kbnode(). If RET_KDBHD is not NULL, then the new database handle used to conduct the search is returned in *RET_KDBHD. This can be used to get subsequent results using keydb_search_next. Note: in this case, no advanced filtering is done for subsequent results (e.g., WANT_SECRET and PK->REQ_USAGE are not respected). This function returns 0 on success. Otherwise, an error code is returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY (if want_secret is set) is returned if the key is not found. */ static int key_byname (ctrl_t ctrl, GETKEY_CTX *retctx, strlist_t namelist, PKT_public_key *pk, int want_secret, int include_unusable, KBNODE * ret_kb, KEYDB_HANDLE * ret_kdbhd) { int rc = 0; int n; strlist_t r; GETKEY_CTX ctx; KBNODE help_kb = NULL; KBNODE found_key = NULL; if (retctx) { /* Reset the returned context in case of error. */ log_assert (!ret_kdbhd); /* Not allowed because the handle is stored in the context. */ *retctx = NULL; } if (ret_kdbhd) *ret_kdbhd = NULL; if (!namelist) /* No search terms: iterate over the whole DB. */ { ctx = xmalloc_clear (sizeof *ctx); ctx->nitems = 1; ctx->items[0].mode = KEYDB_SEARCH_MODE_FIRST; if (!include_unusable) { ctx->items[0].skipfnc = skip_unusable; ctx->items[0].skipfncvalue = ctrl; } } else { /* Build the search context. */ for (n = 0, r = namelist; r; r = r->next) n++; /* CTX has space for a single search term at the end. Thus, we need to allocate sizeof *CTX plus (n - 1) sizeof CTX->ITEMS. */ ctx = xmalloc_clear (sizeof *ctx + (n - 1) * sizeof ctx->items); ctx->nitems = n; for (n = 0, r = namelist; r; r = r->next, n++) { gpg_error_t err; err = classify_user_id (r->d, &ctx->items[n], 1); if (ctx->items[n].exact) ctx->exact = 1; if (err) { xfree (ctx); return gpg_err_code (err); /* FIXME: remove gpg_err_code. */ } if (!include_unusable && ctx->items[n].mode != KEYDB_SEARCH_MODE_SHORT_KID && ctx->items[n].mode != KEYDB_SEARCH_MODE_LONG_KID && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR16 && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR20 && ctx->items[n].mode != KEYDB_SEARCH_MODE_FPR) { ctx->items[n].skipfnc = skip_unusable; ctx->items[n].skipfncvalue = ctrl; } } } ctx->want_secret = want_secret; ctx->kr_handle = keydb_new (); if (!ctx->kr_handle) { rc = gpg_error_from_syserror (); getkey_end (ctrl, ctx); return rc; } if (!ret_kb) ret_kb = &help_kb; if (pk) { ctx->req_usage = pk->req_usage; } rc = lookup (ctrl, ctx, want_secret, ret_kb, &found_key); if (!rc && pk) { pk_from_block (pk, *ret_kb, found_key); } release_kbnode (help_kb); if (retctx) /* Caller wants the context. */ *retctx = ctx; else { if (ret_kdbhd) { *ret_kdbhd = ctx->kr_handle; ctx->kr_handle = NULL; } getkey_end (ctrl, ctx); } return rc; } /* Find a public key identified by NAME. * * If name appears to be a valid RFC822 mailbox (i.e., email address) * and auto key lookup is enabled (mode != GET_PUBKEY_NO_AKL), then * the specified auto key lookup methods (--auto-key-lookup) are used * to import the key into the local keyring. Otherwise, just the * local keyring is consulted. * * MODE can be one of: * GET_PUBKEY_NORMAL - The standard mode * GET_PUBKEY_NO_AKL - The auto key locate functionality is * disabled and only the local key ring is * considered. Note: the local key ring is * consulted even if local is not in the * auto-key-locate option list! * GET_PUBKEY_NO_LOCAL - Only the auto key locate functionaly is * used and no local search is done. * * If RETCTX is not NULL, then the constructed context is returned in * *RETCTX so that getpubkey_next can be used to get subsequent * results. In this case, getkey_end() must be used to free the * search context. If RETCTX is not NULL, then RET_KDBHD must be * NULL. * * If PK is not NULL, the public key of the first result is returned * in *PK. Note: PK->REQ_USAGE must be valid!!! PK->REQ_USAGE is * passed through to the lookup function and is a mask of * PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT. If this * is non-zero, only keys with the specified usage will be returned. * Note: The self-signed data has already been merged into the public * key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xfree, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * NAME is a string, which is turned into a search query using * classify_user_id. * * If RET_KEYBLOCK is not NULL, the keyblock is returned in * *RET_KEYBLOCK. This should be freed using release_kbnode(). * * If RET_KDBHD is not NULL, then the new database handle used to * conduct the search is returned in *RET_KDBHD. This can be used to * get subsequent results using keydb_search_next or to modify the * returned record. Note: in this case, no advanced filtering is done * for subsequent results (e.g., PK->REQ_USAGE is not respected). * Unlike RETCTX, this is always returned. * * If INCLUDE_UNUSABLE is set, then unusable keys (see the * documentation for skip_unusable for an exact definition) are * skipped unless they are looked up by key id or by fingerprint. * * This function returns 0 on success. Otherwise, an error code is * returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY * (if want_secret is set) is returned if the key is not found. */ int get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, GETKEY_CTX * retctx, PKT_public_key * pk, const char *name, KBNODE * ret_keyblock, KEYDB_HANDLE * ret_kdbhd, int include_unusable) { int rc; strlist_t namelist = NULL; struct akl *akl; int is_mbox, is_fpr; KEYDB_SEARCH_DESC fprbuf; int nodefault = 0; int anylocalfirst = 0; int mechanism_type = AKL_NODEFAULT; size_t fprbuf_fprlen = 0; /* If RETCTX is not NULL, then RET_KDBHD must be NULL. */ log_assert (retctx == NULL || ret_kdbhd == NULL); if (retctx) *retctx = NULL; /* Does NAME appear to be a mailbox (mail address)? */ is_mbox = is_valid_mailbox (name); if (!is_mbox && *name == '<' && name[1] && name[strlen(name)-1]=='>' && name[1] != '>' && is_valid_mailbox_mem (name+1, strlen (name)-2)) { /* The mailbox is in the form "" which is not * detected by is_valid_mailbox. Set the flag but keep name as * it is because the bracketed name is actual the better * specification for a local search and the other methods * extract the mail address anyway. */ is_mbox = 1; } /* If we are called due to --locate-external-key Check whether NAME * is a fingerprint and then try to lookup that key by configured * method which support lookup by fingerprint. FPRBUF carries the * parsed fingerpint iff IS_FPR is true. */ is_fpr = 0; if (!is_mbox && mode == GET_PUBKEY_NO_LOCAL) { if (!classify_user_id (name, &fprbuf, 1) && (fprbuf.mode == KEYDB_SEARCH_MODE_FPR16 || fprbuf.mode == KEYDB_SEARCH_MODE_FPR20 || fprbuf.mode == KEYDB_SEARCH_MODE_FPR)) { /* Note: We should get rid of the FPR16 because we don't * support v3 keys anymore. However, in 2.3 the fingerprint * code has already been reworked and thus it is * questionable whether we should really tackle this here. */ if (fprbuf.mode == KEYDB_SEARCH_MODE_FPR16) fprbuf_fprlen = 16; else fprbuf_fprlen = 20; is_fpr = 1; } } /* The auto-key-locate feature works as follows: there are a number * of methods to look up keys. By default, the local keyring is * tried first. Then, each method listed in the --auto-key-locate is * tried in the order it appears. * * This can be changed as follows: * * - if nodefault appears anywhere in the list of options, then * the local keyring is not tried first, or, * * - if local appears anywhere in the list of options, then the * local keyring is not tried first, but in the order in which * it was listed in the --auto-key-locate option. * * Note: we only save the search context in RETCTX if the local * method is the first method tried (either explicitly or * implicitly). */ if (mode == GET_PUBKEY_NO_LOCAL) nodefault = 1; /* Auto-key-locate but ignore "local". */ else if (mode != GET_PUBKEY_NO_AKL) { /* auto-key-locate is enabled. */ /* nodefault is true if "nodefault" or "local" appear. */ for (akl = opt.auto_key_locate; akl; akl = akl->next) if (akl->type == AKL_NODEFAULT || akl->type == AKL_LOCAL) { nodefault = 1; break; } /* anylocalfirst is true if "local" appears before any other search methods (except "nodefault"). */ for (akl = opt.auto_key_locate; akl; akl = akl->next) if (akl->type != AKL_NODEFAULT) { if (akl->type == AKL_LOCAL) anylocalfirst = 1; break; } } if (!nodefault) { /* "nodefault" didn't occur. Thus, "local" is implicitly the * first method to try. */ anylocalfirst = 1; } if (mode == GET_PUBKEY_NO_LOCAL) { /* Force using the AKL. If IS_MBOX is not set this is the final * error code. */ rc = GPG_ERR_NO_PUBKEY; } else if (nodefault && is_mbox) { /* Either "nodefault" or "local" (explicitly) appeared in the * auto key locate list and NAME appears to be an email address. * Don't try the local keyring. */ rc = GPG_ERR_NO_PUBKEY; } else { /* Either "nodefault" and "local" don't appear in the auto key * locate list (in which case we try the local keyring first) or * NAME does not appear to be an email address (in which case we * only try the local keyring). In this case, lookup NAME in * the local keyring. */ add_to_strlist (&namelist, name); rc = key_byname (ctrl, retctx, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); } /* If the requested name resembles a valid mailbox and automatic retrieval has been enabled, we try to import the key. */ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY && mode != GET_PUBKEY_NO_AKL && (is_mbox || is_fpr)) { /* NAME wasn't present in the local keyring (or we didn't try * the local keyring). Since the auto key locate feature is * enabled and NAME appears to be an email address, try the auto * locate feature. */ for (akl = opt.auto_key_locate; akl; akl = akl->next) { unsigned char *fpr = NULL; size_t fpr_len; int did_akl_local = 0; int no_fingerprint = 0; const char *mechanism_string = "?"; mechanism_type = akl->type; switch (mechanism_type) { case AKL_NODEFAULT: /* This is a dummy mechanism. */ mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; break; case AKL_LOCAL: if (mode == GET_PUBKEY_NO_LOCAL) { /* Note that we get here in is_fpr more, so there is * no extra check for it required. */ mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "Local"; did_akl_local = 1; if (retctx) { getkey_end (ctrl, *retctx); *retctx = NULL; } add_to_strlist (&namelist, name); rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); } break; case AKL_CERT: if (is_fpr) { mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "DNS CERT"; glo_ctrl.in_auto_key_retrieve++; rc = keyserver_import_cert (ctrl, name, 0, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; } break; case AKL_PKA: if (is_fpr) { mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "PKA"; glo_ctrl.in_auto_key_retrieve++; rc = keyserver_import_pka (ctrl, name, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; } break; case AKL_DANE: if (is_fpr) { mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "DANE"; glo_ctrl.in_auto_key_retrieve++; rc = keyserver_import_cert (ctrl, name, 1, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; } break; case AKL_WKD: if (is_fpr) { mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "WKD"; glo_ctrl.in_auto_key_retrieve++; rc = keyserver_import_wkd (ctrl, name, 0, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; } break; case AKL_LDAP: if (is_fpr) { mechanism_string = ""; rc = GPG_ERR_NO_PUBKEY; } else { mechanism_string = "LDAP"; glo_ctrl.in_auto_key_retrieve++; rc = keyserver_import_ldap (ctrl, name, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; } break; case AKL_NTDS: mechanism_string = "NTDS"; glo_ctrl.in_auto_key_retrieve++; if (is_fpr) rc = keyserver_import_fprint_ntds (ctrl, fprbuf.u.fpr, fprbuf_fprlen); else rc = keyserver_import_ntds (ctrl, name, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; break; case AKL_KEYSERVER: /* Strictly speaking, we don't need to only use a valid * mailbox for the getname search, but it helps cut down * on the problem of searching for something like "john" * and getting a whole lot of keys back. */ if (keyserver_any_configured (ctrl)) { mechanism_string = "keyserver"; glo_ctrl.in_auto_key_retrieve++; if (is_fpr) { rc = keyserver_import_fprint (ctrl, fprbuf.u.fpr, fprbuf_fprlen, opt.keyserver, KEYSERVER_IMPORT_FLAG_LDAP); /* Map error codes because Dirmngr returns NO * DATA if the keyserver does not have the * requested key. It returns NO KEYSERVER if no * LDAP keyservers are configured. */ if (gpg_err_code (rc) == GPG_ERR_NO_DATA || gpg_err_code (rc) == GPG_ERR_NO_KEYSERVER) rc = gpg_error (GPG_ERR_NO_PUBKEY); } else { rc = keyserver_import_mbox (ctrl, name, &fpr, &fpr_len, opt.keyserver); } glo_ctrl.in_auto_key_retrieve--; } else { mechanism_string = "Unconfigured keyserver"; rc = GPG_ERR_NO_PUBKEY; } break; case AKL_SPEC: { struct keyserver_spec *keyserver; mechanism_string = akl->spec->uri; keyserver = keyserver_match (akl->spec); glo_ctrl.in_auto_key_retrieve++; if (is_fpr) { rc = keyserver_import_fprint (ctrl, fprbuf.u.fpr, fprbuf_fprlen, opt.keyserver, KEYSERVER_IMPORT_FLAG_LDAP); if (gpg_err_code (rc) == GPG_ERR_NO_DATA || gpg_err_code (rc) == GPG_ERR_NO_KEYSERVER) rc = gpg_error (GPG_ERR_NO_PUBKEY); } else { rc = keyserver_import_mbox (ctrl, name, &fpr, &fpr_len, keyserver); } glo_ctrl.in_auto_key_retrieve--; } break; } /* Use the fingerprint of the key that we actually fetched. * This helps prevent problems where the key that we fetched * doesn't have the same name that we used to fetch it. In * the case of CERT and PKA, this is an actual security * requirement as the URL might point to a key put in by an * attacker. By forcing the use of the fingerprint, we * won't use the attacker's key here. */ if (!rc && (fpr || is_fpr)) { char fpr_string[MAX_FINGERPRINT_LEN * 2 + 1]; if (is_fpr) { log_assert (fprbuf_fprlen <= MAX_FINGERPRINT_LEN); bin2hex (fprbuf.u.fpr, fprbuf_fprlen, fpr_string); } else { log_assert (fpr_len <= MAX_FINGERPRINT_LEN); bin2hex (fpr, fpr_len, fpr_string); } if (opt.verbose) log_info ("auto-key-locate found fingerprint %s\n", fpr_string); free_strlist (namelist); namelist = NULL; add_to_strlist (&namelist, fpr_string); } else if (!rc && !fpr && !did_akl_local) { /* The acquisition method said no failure occurred, but * it didn't return a fingerprint. That's a failure. */ no_fingerprint = 1; rc = GPG_ERR_NO_PUBKEY; } xfree (fpr); fpr = NULL; if (!rc && !did_akl_local) { /* There was no error and we didn't do a local lookup. * This means that we imported a key into the local * keyring. Try to read the imported key from the * keyring. */ if (retctx) { getkey_end (ctrl, *retctx); *retctx = NULL; } rc = key_byname (ctrl, anylocalfirst ? retctx : NULL, namelist, pk, 0, include_unusable, ret_keyblock, ret_kdbhd); } if (!rc) { /* Key found. */ if (opt.verbose) log_info (_("automatically retrieved '%s' via %s\n"), name, mechanism_string); break; } if ((gpg_err_code (rc) != GPG_ERR_NO_PUBKEY || opt.verbose || no_fingerprint) && *mechanism_string) log_info (_("error retrieving '%s' via %s: %s\n"), name, mechanism_string, no_fingerprint ? _("No fingerprint") : gpg_strerror (rc)); } } if (rc && retctx) { getkey_end (ctrl, *retctx); *retctx = NULL; } if (retctx && *retctx) { log_assert (!(*retctx)->extra_list); (*retctx)->extra_list = namelist; (*retctx)->found_via_akl = mechanism_type; } else free_strlist (namelist); return rc; } /* Comparison machinery for get_best_pubkey_byname. */ /* First we have a struct to cache computed information about the key * in question. */ struct pubkey_cmp_cookie { int valid; /* Is this cookie valid? */ PKT_public_key key; /* The key. */ PKT_user_id *uid; /* The matching UID packet. */ unsigned int validity; /* Computed validity of (KEY, UID). */ u32 creation_time; /* Creation time of the newest subkey capable of encryption. */ }; /* Then we have a series of helper functions. */ static int key_is_ok (const PKT_public_key *key) { return (! key->has_expired && ! key->flags.revoked && key->flags.valid && ! key->flags.disabled); } static int uid_is_ok (const PKT_public_key *key, const PKT_user_id *uid) { return key_is_ok (key) && ! uid->flags.revoked; } static int subkey_is_ok (const PKT_public_key *sub) { return ! sub->flags.revoked && sub->flags.valid && ! sub->flags.disabled; } /* Return true if KEYBLOCK has only expired encryption subkyes. Note * that the function returns false if the key has no encryption * subkeys at all or the subkeys are revoked. */ static int only_expired_enc_subkeys (kbnode_t keyblock) { kbnode_t node; PKT_public_key *sub; int any = 0; for (node = find_next_kbnode (keyblock, PKT_PUBLIC_SUBKEY); node; node = find_next_kbnode (node, PKT_PUBLIC_SUBKEY)) { sub = node->pkt->pkt.public_key; if (!(sub->pubkey_usage & PUBKEY_USAGE_ENC)) continue; if (!subkey_is_ok (sub)) continue; any = 1; if (!sub->has_expired) return 0; } return any? 1 : 0; } /* Finally this function compares a NEW key to the former candidate * OLD. Returns < 0 if the old key is worse, > 0 if the old key is * better, == 0 if it is a tie. */ static int pubkey_cmp (ctrl_t ctrl, const char *name, struct pubkey_cmp_cookie *old, struct pubkey_cmp_cookie *new, KBNODE new_keyblock) { kbnode_t n; new->creation_time = 0; for (n = find_next_kbnode (new_keyblock, PKT_PUBLIC_SUBKEY); n; n = find_next_kbnode (n, PKT_PUBLIC_SUBKEY)) { PKT_public_key *sub = n->pkt->pkt.public_key; if ((sub->pubkey_usage & PUBKEY_USAGE_ENC) == 0) continue; if (! subkey_is_ok (sub)) continue; if (sub->timestamp > new->creation_time) new->creation_time = sub->timestamp; } for (n = find_next_kbnode (new_keyblock, PKT_USER_ID); n; n = find_next_kbnode (n, PKT_USER_ID)) { PKT_user_id *uid = n->pkt->pkt.user_id; char *mbox = mailbox_from_userid (uid->name); int match = mbox ? strcasecmp (name, mbox) == 0 : 0; xfree (mbox); if (! match) continue; new->uid = scopy_user_id (uid); new->validity = get_validity (ctrl, new_keyblock, &new->key, uid, NULL, 0) & TRUST_MASK; new->valid = 1; if (! old->valid) return -1; /* No OLD key. */ if (! uid_is_ok (&old->key, old->uid) && uid_is_ok (&new->key, uid)) return -1; /* Validity of the NEW key is better. */ if (old->validity < new->validity) return -1; /* Validity of the NEW key is better. */ if (old->validity == new->validity && uid_is_ok (&new->key, uid) && old->creation_time < new->creation_time) return -1; /* Both keys are of the same validity, but the NEW key is newer. */ } /* Stick with the OLD key. */ return 1; } /* This function works like get_pubkey_byname, but if the name * resembles a mail address, the results are ranked and only the best * result is returned. */ gpg_error_t get_best_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, GETKEY_CTX *retctx, PKT_public_key *pk, const char *name, KBNODE *ret_keyblock, int include_unusable) { gpg_error_t err; struct getkey_ctx_s *ctx = NULL; int is_mbox; int wkd_tried = 0; if (retctx) *retctx = NULL; is_mbox = is_valid_mailbox (name); if (!is_mbox && *name == '<' && name[1] && name[strlen(name)-1]=='>' && name[1] != '>' && is_valid_mailbox_mem (name+1, strlen (name)-2)) { /* The mailbox is in the form "" which is not * detected by is_valid_mailbox. Set the flag but keep name as * it is because get_pubkey_byname does an is_valid_mailbox_mem * itself. */ is_mbox = 1; } start_over: if (ctx) /* Clear in case of a start over. */ { if (ret_keyblock) { release_kbnode (*ret_keyblock); *ret_keyblock = NULL; } getkey_end (ctrl, ctx); ctx = NULL; } err = get_pubkey_byname (ctrl, mode, &ctx, pk, name, ret_keyblock, NULL, include_unusable); if (err) { goto leave; } /* If the keyblock was retrieved from the local database and the key * has expired, do further checks. However, we can do this only if * the caller requested a keyblock. */ if (is_mbox && ctx && ctx->found_via_akl == AKL_LOCAL && ret_keyblock) { u32 now = make_timestamp (); PKT_public_key *pk2 = (*ret_keyblock)->pkt->pkt.public_key; int found; /* If the key has expired and its origin was the WKD then try to * get a fresh key from the WKD. We also try this if the key * has any only expired encryption subkeys. In case we checked * for a fresh copy in the last 3 hours we won't do that again. * Unfortunately that does not yet work because KEYUPDATE is * only updated during import iff the key has actually changed * (see import.c:import_one). */ if (!wkd_tried && pk2->keyorg == KEYORG_WKD && (pk2->keyupdate + 3*3600) < now && (pk2->has_expired || only_expired_enc_subkeys (*ret_keyblock))) { if (opt.verbose) log_info (_("checking for a fresh copy of an expired key via %s\n"), "WKD"); wkd_tried = 1; glo_ctrl.in_auto_key_retrieve++; found = !keyserver_import_wkd (ctrl, name, 0, NULL, NULL); glo_ctrl.in_auto_key_retrieve--; if (found) goto start_over; } } if (is_mbox && ctx) { /* Rank results and return only the most relevant key. */ struct pubkey_cmp_cookie best = { 0 }; struct pubkey_cmp_cookie new = { 0 }; kbnode_t new_keyblock; while (getkey_next (ctrl, ctx, &new.key, &new_keyblock) == 0) { int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock); release_kbnode (new_keyblock); if (diff < 0) { /* New key is better. */ release_public_key_parts (&best.key); free_user_id (best.uid); best = new; } else if (diff > 0) { /* Old key is better. */ release_public_key_parts (&new.key); free_user_id (new.uid); } else { /* A tie. Keep the old key. */ release_public_key_parts (&new.key); free_user_id (new.uid); } new.uid = NULL; } getkey_end (ctrl, ctx); ctx = NULL; free_user_id (best.uid); best.uid = NULL; if (best.valid) { if (retctx || ret_keyblock) { ctx = xtrycalloc (1, sizeof **retctx); if (! ctx) err = gpg_error_from_syserror (); else { ctx->kr_handle = keydb_new (); if (! ctx->kr_handle) { err = gpg_error_from_syserror (); xfree (ctx); ctx = NULL; if (retctx) *retctx = NULL; } else { u32 *keyid = pk_keyid (&best.key); ctx->exact = 1; ctx->nitems = 1; ctx->items[0].mode = KEYDB_SEARCH_MODE_LONG_KID; ctx->items[0].u.kid[0] = keyid[0]; ctx->items[0].u.kid[1] = keyid[1]; if (ret_keyblock) { release_kbnode (*ret_keyblock); *ret_keyblock = NULL; err = getkey_next (ctrl, ctx, NULL, ret_keyblock); } } } } if (pk) { release_public_key_parts (pk); *pk = best.key; } else release_public_key_parts (&best.key); } } if (err && ctx) { getkey_end (ctrl, ctx); ctx = NULL; } if (retctx && ctx) { *retctx = ctx; ctx = NULL; } leave: getkey_end (ctrl, ctx); return err; } /* Get a public key from a file. * * PK is the buffer to store the key. The caller needs to make sure * that PK->REQ_USAGE is valid. PK->REQ_USAGE is passed through to * the lookup function and is a mask of PUBKEY_USAGE_SIG, * PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT. If this is non-zero, only * keys with the specified usage will be returned. * * FNAME is the file name. That file should contain exactly one * keyblock. * * This function returns 0 on success. Otherwise, an error code is * returned. In particular, GPG_ERR_NO_PUBKEY is returned if the key * is not found. * * The self-signed data has already been merged into the public key * using merge_selfsigs. The caller must release the content of PK by * calling release_public_key_parts (or, if PK was malloced, using * free_public_key). */ gpg_error_t get_pubkey_fromfile (ctrl_t ctrl, PKT_public_key *pk, const char *fname) { gpg_error_t err; kbnode_t keyblock; kbnode_t found_key; unsigned int infoflags; err = read_key_from_file_or_buffer (ctrl, fname, NULL, 0, &keyblock); if (!err) { /* Warning: node flag bits 0 and 1 should be preserved by * merge_selfsigs. FIXME: Check whether this still holds. */ merge_selfsigs (ctrl, keyblock); found_key = finish_lookup (keyblock, pk->req_usage, 0, 0, &infoflags); print_status_key_considered (keyblock, infoflags); if (found_key) pk_from_block (pk, keyblock, found_key); else err = gpg_error (GPG_ERR_UNUSABLE_PUBKEY); } release_kbnode (keyblock); return err; } /* Return a public key from the buffer (BUFFER, BUFLEN). The key is * onlyretruned if it matches the keyid given in WANT_KEYID. On * success the key is stored at the caller provided PKBUF structure. * The caller must release the content of PK by calling * release_public_key_parts (or, if PKBUF was malloced, using * free_public_key). If R_KEYBLOCK is not NULL the full keyblock is * also stored there. */ gpg_error_t get_pubkey_from_buffer (ctrl_t ctrl, PKT_public_key *pkbuf, const void *buffer, size_t buflen, u32 *want_keyid, kbnode_t *r_keyblock) { gpg_error_t err; kbnode_t keyblock; kbnode_t node; PKT_public_key *pk; if (r_keyblock) *r_keyblock = NULL; err = read_key_from_file_or_buffer (ctrl, NULL, buffer, buflen, &keyblock); if (!err) { merge_selfsigs (ctrl, keyblock); for (node = keyblock; node; node = node->next) { if (node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) { pk = node->pkt->pkt.public_key; keyid_from_pk (pk, NULL); if (pk->keyid[0] == want_keyid[0] && pk->keyid[1] == want_keyid[1]) break; } } if (node) copy_public_key (pkbuf, pk); else err = gpg_error (GPG_ERR_NO_PUBKEY); } if (!err && r_keyblock) *r_keyblock = keyblock; else release_kbnode (keyblock); return err; } /* Lookup a key with the specified fingerprint. * * If PK is not NULL, the public key of the first result is returned * in *PK. Note: this function does an exact search and thus the * returned public key may be a subkey rather than the primary key. * Note: The self-signed data has already been merged into the public * key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xfree, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * If PK->REQ_USAGE is set, it is used to filter the search results. * (Thus, if PK is not NULL, PK->REQ_USAGE must be valid!!!) See the * documentation for finish_lookup to understand exactly how this is * used. * * If R_KEYBLOCK is not NULL, then the first result's keyblock is * returned in *R_KEYBLOCK. This should be freed using * release_kbnode(). * * FPRINT is a byte array whose contents is the fingerprint to use as * the search term. FPRINT_LEN specifies the length of the * fingerprint (in bytes). Currently, only 16 and 20-byte * fingerprints are supported. * * FIXME: We should replace this with the _byname function. This can * be done by creating a userID conforming to the unified fingerprint * style. */ int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, const byte * fprint, size_t fprint_len) { int rc; if (r_keyblock) *r_keyblock = NULL; if (fprint_len == 20 || fprint_len == 16) { struct getkey_ctx_s ctx; KBNODE kb = NULL; KBNODE found_key = NULL; memset (&ctx, 0, sizeof ctx); ctx.exact = 1; ctx.not_allocated = 1; /* FIXME: We should get the handle from the cache like we do in * get_pubkey. */ ctx.kr_handle = keydb_new (); if (!ctx.kr_handle) return gpg_error_from_syserror (); ctx.nitems = 1; ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16 : KEYDB_SEARCH_MODE_FPR20; memcpy (ctx.items[0].u.fpr, fprint, fprint_len); if (pk) ctx.req_usage = pk->req_usage; rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc && pk) pk_from_block (pk, kb, found_key); if (!rc && r_keyblock) { *r_keyblock = kb; kb = NULL; } release_kbnode (kb); getkey_end (ctrl, &ctx); } else rc = GPG_ERR_GENERAL; /* Oops */ return rc; } /* This function is similar to get_pubkey_byfprint, but it doesn't * merge the self-signed data into the public key and subkeys or into * the user ids. It also doesn't add the key to the user id cache. * Further, this function ignores PK->REQ_USAGE. * * This function is intended to avoid recursion and, as such, should * only be used in very specific situations. * * Like get_pubkey_byfprint, PK may be NULL. In that case, this * function effectively just checks for the existence of the key. */ gpg_error_t get_pubkey_byfprint_fast (PKT_public_key * pk, const byte * fprint, size_t fprint_len) { gpg_error_t err; KBNODE keyblock; err = get_keyblock_byfprint_fast (&keyblock, NULL, fprint, fprint_len, 0); if (!err) { if (pk) copy_public_key (pk, keyblock->pkt->pkt.public_key); release_kbnode (keyblock); } return err; } /* This function is similar to get_pubkey_byfprint_fast but returns a * keydb handle at R_HD and the keyblock at R_KEYBLOCK. R_KEYBLOCK or * R_HD may be NULL. If LOCK is set the handle has been opend in * locked mode and keydb_disable_caching () has been called. On error * R_KEYBLOCK is set to NULL but R_HD must be released by the caller; * it may have a value of NULL, though. This allows to do an insert * operation on a locked keydb handle. */ gpg_error_t get_keyblock_byfprint_fast (kbnode_t *r_keyblock, KEYDB_HANDLE *r_hd, const byte *fprint, size_t fprint_len, int lock) { gpg_error_t err; KEYDB_HANDLE hd; kbnode_t keyblock; byte fprbuf[MAX_FINGERPRINT_LEN]; int i; if (r_keyblock) *r_keyblock = NULL; if (r_hd) *r_hd = NULL; for (i = 0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++) fprbuf[i] = fprint[i]; while (i < MAX_FINGERPRINT_LEN) fprbuf[i++] = 0; hd = keydb_new (); if (!hd) return gpg_error_from_syserror (); if (lock) { err = keydb_lock (hd); if (err) { /* If locking did not work, we better don't return a handle * at all - there was a reason that locking has been * requested. */ keydb_release (hd); return err; } keydb_disable_caching (hd); } /* Fo all other errors we return the handle. */ if (r_hd) *r_hd = hd; err = keydb_search_fpr (hd, fprbuf); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) { if (!r_hd) keydb_release (hd); return gpg_error (GPG_ERR_NO_PUBKEY); } err = keydb_get_keyblock (hd, &keyblock); if (err) { log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (err)); if (!r_hd) keydb_release (hd); return gpg_error (GPG_ERR_NO_PUBKEY); } log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY || keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY); /* Not caching key here since it won't have all of the fields properly set. */ if (r_keyblock) *r_keyblock = keyblock; else release_kbnode (keyblock); if (!r_hd) keydb_release (hd); return 0; } const char * parse_def_secret_key (ctrl_t ctrl) { KEYDB_HANDLE hd = NULL; strlist_t t; static int warned; for (t = opt.def_secret_key; t; t = t->next) { gpg_error_t err; KEYDB_SEARCH_DESC desc; KBNODE kb; KBNODE node; err = classify_user_id (t->d, &desc, 1); if (err) { log_error (_("secret key \"%s\" not found: %s\n"), t->d, gpg_strerror (err)); if (!opt.quiet) log_info (_("(check argument of option '%s')\n"), "--default-key"); continue; } if (! hd) { hd = keydb_new (); if (!hd) return NULL; } else keydb_search_reset (hd); err = keydb_search (hd, &desc, 1, NULL); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) continue; if (err) { log_error (_("key \"%s\" not found: %s\n"), t->d, gpg_strerror (err)); t = NULL; break; } err = keydb_get_keyblock (hd, &kb); if (err) { log_error (_("error reading keyblock: %s\n"), gpg_strerror (err)); continue; } merge_selfsigs (ctrl, kb); err = gpg_error (GPG_ERR_NO_SECKEY); node = kb; do { PKT_public_key *pk = node->pkt->pkt.public_key; /* Check if the key is valid. */ if (pk->flags.revoked) { if (DBG_LOOKUP) log_debug ("not using %s as default key, %s", keystr_from_pk (pk), "revoked"); continue; } if (pk->has_expired) { if (DBG_LOOKUP) log_debug ("not using %s as default key, %s", keystr_from_pk (pk), "expired"); continue; } if (pk_is_disabled (pk)) { if (DBG_LOOKUP) log_debug ("not using %s as default key, %s", keystr_from_pk (pk), "disabled"); continue; } err = agent_probe_secret_key (ctrl, pk); if (! err) /* This is a valid key. */ break; } while ((node = find_next_kbnode (node, PKT_PUBLIC_SUBKEY))); release_kbnode (kb); if (err) { if (! warned && ! opt.quiet) { log_info (_("Warning: not using '%s' as default key: %s\n"), t->d, gpg_strerror (GPG_ERR_NO_SECKEY)); print_reported_error (err, GPG_ERR_NO_SECKEY); } } else { if (! warned && ! opt.quiet) log_info (_("using \"%s\" as default secret key for signing\n"), t->d); break; } } if (! warned && opt.def_secret_key && ! t) log_info (_("all values passed to '%s' ignored\n"), "--default-key"); warned = 1; if (hd) keydb_release (hd); if (t) return t->d; return NULL; } /* Look up a secret key. * * If PK is not NULL, the public key of the first result is returned * in *PK. Note: PK->REQ_USAGE must be valid!!! If PK->REQ_USAGE is * set, it is used to filter the search results. See the * documentation for finish_lookup to understand exactly how this is * used. Note: The self-signed data has already been merged into the * public key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xfree, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * If --default-key was set, then the specified key is looked up. (In * this case, the default key is returned even if it is considered * unusable. See the documentation for skip_unusable for exactly what * this means.) * * Otherwise, this initiates a DB scan that returns all keys that are * usable (see previous paragraph for exactly what usable means) and * for which a secret key is available. * * This function returns the first match. Additional results can be * returned using getkey_next. */ gpg_error_t get_seckey_default (ctrl_t ctrl, PKT_public_key *pk) { gpg_error_t err; strlist_t namelist = NULL; int include_unusable = 1; const char *def_secret_key = parse_def_secret_key (ctrl); if (def_secret_key) add_to_strlist (&namelist, def_secret_key); else include_unusable = 0; err = key_byname (ctrl, NULL, namelist, pk, 1, include_unusable, NULL, NULL); free_strlist (namelist); return err; } /* Search for keys matching some criteria. * * If RETCTX is not NULL, then the constructed context is returned in * *RETCTX so that getpubkey_next can be used to get subsequent * results. In this case, getkey_end() must be used to free the * search context. If RETCTX is not NULL, then RET_KDBHD must be * NULL. * * If PK is not NULL, the public key of the first result is returned * in *PK. Note: PK->REQ_USAGE must be valid!!! If PK->REQ_USAGE is * set, it is used to filter the search results. See the * documentation for finish_lookup to understand exactly how this is * used. Note: The self-signed data has already been merged into the * public key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xfree, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * If NAMES is not NULL, then a search query is constructed using * classify_user_id on each of the strings in the list. (Recall: the * database does an OR of the terms, not an AND.) If NAMES is * NULL, then all results are returned. * * If WANT_SECRET is set, then only keys with an available secret key * (either locally or via key registered on a smartcard) are returned. * * This function does not skip unusable keys (see the documentation * for skip_unusable for an exact definition). * * If RET_KEYBLOCK is not NULL, the keyblock is returned in * *RET_KEYBLOCK. This should be freed using release_kbnode(). * * This function returns 0 on success. Otherwise, an error code is * returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY * (if want_secret is set) is returned if the key is not found. */ gpg_error_t getkey_bynames (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk, strlist_t names, int want_secret, kbnode_t *ret_keyblock) { return key_byname (ctrl, retctx, names, pk, want_secret, 1, ret_keyblock, NULL); } /* Search for one key matching some criteria. * * If RETCTX is not NULL, then the constructed context is returned in * *RETCTX so that getpubkey_next can be used to get subsequent * results. In this case, getkey_end() must be used to free the * search context. If RETCTX is not NULL, then RET_KDBHD must be * NULL. * * If PK is not NULL, the public key of the first result is returned * in *PK. Note: PK->REQ_USAGE must be valid!!! If PK->REQ_USAGE is * set, it is used to filter the search results. See the * documentation for finish_lookup to understand exactly how this is * used. Note: The self-signed data has already been merged into the * public key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xfree, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * If NAME is not NULL, then a search query is constructed using * classify_user_id on the string. In this case, even unusable keys * (see the documentation for skip_unusable for an exact definition of * unusable) are returned. Otherwise, if --default-key was set, then * that key is returned (even if it is unusable). If neither of these * conditions holds, then the first usable key is returned. * * If WANT_SECRET is set, then only keys with an available secret key * (either locally or via key registered on a smartcard) are returned. * * This function does not skip unusable keys (see the documentation * for skip_unusable for an exact definition). * * If RET_KEYBLOCK is not NULL, the keyblock is returned in * *RET_KEYBLOCK. This should be freed using release_kbnode(). * * This function returns 0 on success. Otherwise, an error code is * returned. In particular, GPG_ERR_NO_PUBKEY or GPG_ERR_NO_SECKEY * (if want_secret is set) is returned if the key is not found. * * FIXME: We also have the get_pubkey_byname function which has a * different semantic. Should be merged with this one. */ gpg_error_t getkey_byname (ctrl_t ctrl, getkey_ctx_t *retctx, PKT_public_key *pk, const char *name, int want_secret, kbnode_t *ret_keyblock) { gpg_error_t err; strlist_t namelist = NULL; int with_unusable = 1; const char *def_secret_key = NULL; if (want_secret && !name) def_secret_key = parse_def_secret_key (ctrl); if (want_secret && !name && def_secret_key) add_to_strlist (&namelist, def_secret_key); else if (name) add_to_strlist (&namelist, name); else with_unusable = 0; err = key_byname (ctrl, retctx, namelist, pk, want_secret, with_unusable, ret_keyblock, NULL); /* FIXME: Check that we really return GPG_ERR_NO_SECKEY if WANT_SECRET has been used. */ free_strlist (namelist); return err; } /* Return the next search result. * * If PK is not NULL, the public key of the next result is returned in * *PK. Note: The self-signed data has already been merged into the * public key using merge_selfsigs. Free *PK by calling * release_public_key_parts (or, if PK was allocated using xmalloc, you * can use free_public_key, which calls release_public_key_parts(PK) * and then xfree(PK)). * * RET_KEYBLOCK can be given as NULL; if it is not NULL it the entire * found keyblock is returned which must be released with * release_kbnode. If the function returns an error NULL is stored at * RET_KEYBLOCK. * * The self-signed data has already been merged into the public key * using merge_selfsigs. */ gpg_error_t getkey_next (ctrl_t ctrl, getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock) { int rc; /* Fixme: Make sure this is proper gpg_error */ KBNODE keyblock = NULL; KBNODE found_key = NULL; /* We need to disable the caching so that for an exact key search we won't get the result back from the cache and thus end up in an endless loop. The endless loop can occur, because the cache is used without respecting the current file pointer! */ keydb_disable_caching (ctx->kr_handle); /* FOUND_KEY is only valid as long as RET_KEYBLOCK is. If the * caller wants PK, but not RET_KEYBLOCK, we need hand in our own * keyblock. */ if (pk && ret_keyblock == NULL) ret_keyblock = &keyblock; rc = lookup (ctrl, ctx, ctx->want_secret, ret_keyblock, pk ? &found_key : NULL); if (!rc && pk) { log_assert (found_key); pk_from_block (pk, NULL, found_key); release_kbnode (keyblock); } return rc; } /* Release any resources used by a key listing context. This must be * called on the context returned by, e.g., getkey_byname. */ void getkey_end (ctrl_t ctrl, getkey_ctx_t ctx) { if (ctx) { #ifdef HAVE_W32_SYSTEM /* FIXME: This creates a big regression for Windows because the * keyring is only released after the global ctrl is released. * So if an operation does a getkey and then tries to modify the * keyring it will fail on Windows with a sharing violation. We * need to modify all keyring write operations to also take the * ctrl and close the cached_getkey_kdb handle to make writing * work. See: GnuPG-bug-id: 3097 */ (void)ctrl; keydb_release (ctx->kr_handle); #else /*!HAVE_W32_SYSTEM*/ if (ctrl && !ctrl->cached_getkey_kdb) ctrl->cached_getkey_kdb = ctx->kr_handle; else keydb_release (ctx->kr_handle); #endif /*!HAVE_W32_SYSTEM*/ free_strlist (ctx->extra_list); if (!ctx->not_allocated) xfree (ctx); } } /************************************************ ************* Merging stuff ******************** ************************************************/ /* Set the mainkey_id fields for all keys in KEYBLOCK. This is * usually done by merge_selfsigs but at some places we only need the * main_kid not a full merge. The function also guarantees that all * pk->keyids are computed. */ void setup_main_keyids (kbnode_t keyblock) { u32 kid[2], mainkid[2]; kbnode_t kbctx, node; PKT_public_key *pk; if (keyblock->pkt->pkttype != PKT_PUBLIC_KEY) BUG (); pk = keyblock->pkt->pkt.public_key; keyid_from_pk (pk, mainkid); for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); ) { if (!(node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)) continue; pk = node->pkt->pkt.public_key; keyid_from_pk (pk, kid); /* Make sure pk->keyid is set. */ if (!pk->main_keyid[0] && !pk->main_keyid[1]) { pk->main_keyid[0] = mainkid[0]; pk->main_keyid[1] = mainkid[1]; } } } /* KEYBLOCK corresponds to a public key block. This function merges * much of the information from the self-signed data into the public * key, public subkey and user id data structures. If you use the * high-level search API (e.g., get_pubkey) for looking up key blocks, * then you don't need to call this function. This function is * useful, however, if you change the keyblock, e.g., by adding or * removing a self-signed data packet. */ void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock) { if (!keyblock) ; else if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY) merge_selfsigs (ctrl, keyblock); else log_debug ("FIXME: merging secret key blocks is not anymore available\n"); } static int parse_key_usage (PKT_signature * sig) { int key_usage = 0; const byte *p; size_t n; byte flags; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n); if (p && n) { /* First octet of the keyflags. */ flags = *p; if (flags & 1) { key_usage |= PUBKEY_USAGE_CERT; flags &= ~1; } if (flags & 2) { key_usage |= PUBKEY_USAGE_SIG; flags &= ~2; } /* We do not distinguish between encrypting communications and encrypting storage. */ if (flags & (0x04 | 0x08)) { key_usage |= PUBKEY_USAGE_ENC; flags &= ~(0x04 | 0x08); } if (flags & 0x20) { key_usage |= PUBKEY_USAGE_AUTH; flags &= ~0x20; } if (flags) key_usage |= PUBKEY_USAGE_UNKNOWN; if (!key_usage) key_usage |= PUBKEY_USAGE_NONE; } else if (p) /* Key flags of length zero. */ key_usage |= PUBKEY_USAGE_NONE; /* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a capability that we do not handle. This serves to distinguish between a zero key usage which we handle as the default capabilities for that algorithm, and a usage that we do not handle. Likewise we use PUBKEY_USAGE_NONE to indicate that key_flags have been given but they do not specify any usage. */ return key_usage; } /* Apply information from SIGNODE (which is the valid self-signature * associated with that UID) to the UIDNODE: * - wether the UID has been revoked * - assumed creation date of the UID * - temporary store the keyflags here * - temporary store the key expiration time here * - mark whether the primary user ID flag hat been set. * - store the preferences */ static void fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated) { PKT_user_id *uid = uidnode->pkt->pkt.user_id; PKT_signature *sig = signode->pkt->pkt.signature; const byte *p, *sym, *aead, *hash, *zip; size_t n, nsym, naead, nhash, nzip; sig->flags.chosen_selfsig = 1;/* We chose this one. */ uid->created = 0; /* Not created == invalid. */ if (IS_UID_REV (sig)) { uid->flags.revoked = 1; return; /* Has been revoked. */ } else uid->flags.revoked = 0; uid->expiredate = sig->expiredate; if (sig->flags.expired) { uid->flags.expired = 1; return; /* Has expired. */ } else uid->flags.expired = 0; uid->created = sig->timestamp; /* This one is okay. */ uid->selfsigversion = sig->version; /* If we got this far, it's not expired :) */ uid->flags.expired = 0; /* Store the key flags in the helper variable for later processing. */ uid->help_key_usage = parse_key_usage (sig); /* Ditto for the key expiration. */ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); if (p && buf32_to_u32 (p)) uid->help_key_expire = keycreated + buf32_to_u32 (p); else uid->help_key_expire = 0; /* Set the primary user ID flag - we will later wipe out some * of them to only have one in our keyblock. */ uid->flags.primary = 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID, NULL); if (p && *p) uid->flags.primary = 2; /* We could also query this from the unhashed area if it is not in * the hased area and then later try to decide which is the better * there should be no security problem with this. * For now we only look at the hashed one. */ /* Now build the preferences list. These must come from the hashed section so nobody can modify the ciphers a key is willing to accept. */ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_SYM, &n); sym = p; nsym = p ? n : 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_AEAD, &n); aead = p; naead = p ? n : 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_HASH, &n); hash = p; nhash = p ? n : 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_COMPR, &n); zip = p; nzip = p ? n : 0; if (uid->prefs) xfree (uid->prefs); n = nsym + naead + nhash + nzip; if (!n) uid->prefs = NULL; else { uid->prefs = xmalloc (sizeof (*uid->prefs) * (n + 1)); n = 0; for (; nsym; nsym--, n++) { uid->prefs[n].type = PREFTYPE_SYM; uid->prefs[n].value = *sym++; } for (; naead; naead--, n++) { uid->prefs[n].type = PREFTYPE_AEAD; uid->prefs[n].value = *aead++; } for (; nhash; nhash--, n++) { uid->prefs[n].type = PREFTYPE_HASH; uid->prefs[n].value = *hash++; } for (; nzip; nzip--, n++) { uid->prefs[n].type = PREFTYPE_ZIP; uid->prefs[n].value = *zip++; } uid->prefs[n].type = PREFTYPE_NONE; /* End of list marker */ uid->prefs[n].value = 0; } /* See whether we have the MDC feature. */ uid->flags.mdc = 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n); if (p && n && (p[0] & 0x01)) uid->flags.mdc = 1; /* See whether we have the AEAD feature. */ uid->flags.aead = 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n); if (p && n && (p[0] & 0x02)) uid->flags.aead = 1; /* And the keyserver modify flag. */ uid->flags.ks_modify = 1; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KS_FLAGS, &n); if (p && n && (p[0] & 0x80)) uid->flags.ks_modify = 0; } static void sig_to_revoke_info (PKT_signature * sig, struct revoke_info *rinfo) { rinfo->date = sig->timestamp; rinfo->algo = sig->pubkey_algo; rinfo->keyid[0] = sig->keyid[0]; rinfo->keyid[1] = sig->keyid[1]; } /* Given a keyblock, parse the key block and extract various pieces of * information and save them with the primary key packet and the user * id packets. For instance, some information is stored in signature * packets. We find the latest such valid packet (since the user can * change that information) and copy its contents into the * PKT_public_key. * * Note that R_REVOKED may be set to 0, 1 or 2. * * This function fills in the following fields in the primary key's * keyblock: * * main_keyid (computed) * revkey / numrevkeys (derived from self signed key data) * flags.valid (whether we have at least 1 self-sig) * flags.maybe_revoked (whether a designed revoked the key, but * we are missing the key to check the sig) * selfsigversion (highest version of any valid self-sig) * pubkey_usage (derived from most recent self-sig or most * recent user id) * has_expired (various sources) * expiredate (various sources) * * See the documentation for fixup_uidnode for how the user id packets * are modified. In addition to that the primary user id's is_primary * field is set to 1 and the other user id's is_primary are set to 0. */ static void merge_selfsigs_main (ctrl_t ctrl, kbnode_t keyblock, int *r_revoked, struct revoke_info *rinfo) { PKT_public_key *pk = NULL; KBNODE k; u32 kid[2]; u32 sigdate, uiddate, uiddate2; KBNODE signode, uidnode, uidnode2; u32 curtime = make_timestamp (); unsigned int key_usage = 0; u32 keytimestamp = 0; /* Creation time of the key. */ u32 key_expire = 0; int key_expire_seen = 0; byte sigversion = 0; *r_revoked = 0; memset (rinfo, 0, sizeof (*rinfo)); /* Section 11.1 of RFC 4880 determines the order of packets within a * message. There are three sections, which must occur in the * following order: the public key, the user ids and user attributes * and the subkeys. Within each section, each primary packet (e.g., * a user id packet) is followed by one or more signature packets, * which modify that packet. */ /* According to Section 11.1 of RFC 4880, the public key must be the first packet. Note that parse_keyblock_image ensures that the first packet is the public key. */ if (keyblock->pkt->pkttype != PKT_PUBLIC_KEY) BUG (); pk = keyblock->pkt->pkt.public_key; keytimestamp = pk->timestamp; keyid_from_pk (pk, kid); pk->main_keyid[0] = kid[0]; pk->main_keyid[1] = kid[1]; if (pk->version < 4) { /* Before v4 the key packet itself contains the expiration date * and there was no way to change it, so we start with the one * from the key packet. We do not support v3 keys anymore but * we keep the code in case a future key versions introduces a - * hadr expire time again. */ + * hard expire time again. */ key_expire = pk->max_expiredate; key_expire_seen = 1; } /* First pass: * * - Find the latest direct key self-signature. We assume that the * newest one overrides all others. * * - Determine whether the key has been revoked. * * - Gather all revocation keys (unlike other data, we don't just * take them from the latest self-signed packet). * * - Determine max (sig[...]->version). */ /* Reset this in case this key was already merged. */ xfree (pk->revkey); pk->revkey = NULL; pk->numrevkeys = 0; signode = NULL; sigdate = 0; /* Helper variable to find the latest signature. */ /* According to Section 11.1 of RFC 4880, the public key comes first * and is immediately followed by any signature packets that modify * it. */ for (k = keyblock; k && k->pkt->pkttype != PKT_USER_ID && k->pkt->pkttype != PKT_ATTRIBUTE && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_SIGNATURE) { PKT_signature *sig = k->pkt->pkt.signature; if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1]) { /* Self sig. */ if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* Signature did not verify. */ else if (IS_KEY_REV (sig)) { /* Key has been revoked - there is no way to * override such a revocation, so we theoretically * can stop now. We should not cope with expiration * times for revocations here because we have to * assume that an attacker can generate all kinds of * signatures. However due to the fact that the key * has been revoked it does not harm either and by * continuing we gather some more info on that * key. */ *r_revoked = 1; sig_to_revoke_info (sig, rinfo); } else if (IS_KEY_SIG (sig)) { /* Add the indicated revocations keys from all * signatures not just the latest. We do this * because you need multiple 1F sigs to properly * handle revocation keys (PGP does it this way, and * a revocation key could be sensitive and hence in * a different signature). */ if (sig->revkey) { int i; pk->revkey = xrealloc (pk->revkey, sizeof (struct revocation_key) * (pk->numrevkeys + sig->numrevkeys)); for (i = 0; i < sig->numrevkeys; i++) memcpy (&pk->revkey[pk->numrevkeys++], &sig->revkey[i], sizeof (struct revocation_key)); } if (sig->timestamp >= sigdate) { /* This is the latest signature so far. */ if (sig->flags.expired) ; /* Signature has expired - ignore it. */ else { sigdate = sig->timestamp; signode = k; if (sig->version > sigversion) sigversion = sig->version; } } } } } } /* Remove dupes from the revocation keys. */ if (pk->revkey) { int i, j, x, changed = 0; for (i = 0; i < pk->numrevkeys; i++) { for (j = i + 1; j < pk->numrevkeys; j++) { if (memcmp (&pk->revkey[i], &pk->revkey[j], sizeof (struct revocation_key)) == 0) { /* remove j */ for (x = j; x < pk->numrevkeys - 1; x++) pk->revkey[x] = pk->revkey[x + 1]; pk->numrevkeys--; j--; changed = 1; } } } if (changed) pk->revkey = xrealloc (pk->revkey, pk->numrevkeys * sizeof (struct revocation_key)); } /* SIGNODE is the direct key signature packet (sigclass 0x1f) with * the latest creation time. Extract some information from it. */ if (signode) { /* Some information from a direct key signature take precedence * over the same information given in UID sigs. */ PKT_signature *sig = signode->pkt->pkt.signature; const byte *p; key_usage = parse_key_usage (sig); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); if (p && buf32_to_u32 (p)) { key_expire = keytimestamp + buf32_to_u32 (p); key_expire_seen = 1; } /* Mark that key as valid: One direct key signature should * render a key as valid. */ pk->flags.valid = 1; } /* Pass 1.5: Look for key revocation signatures that were not made * by the key (i.e. did a revocation key issue a revocation for * us?). Only bother to do this if there is a revocation key in the * first place and we're not revoked already. */ if (!*r_revoked && pk->revkey) for (k = keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next) { if (k->pkt->pkttype == PKT_SIGNATURE) { PKT_signature *sig = k->pkt->pkt.signature; if (IS_KEY_REV (sig) && (sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1])) { int rc = check_revocation_keys (ctrl, pk, sig); if (rc == 0) { *r_revoked = 2; sig_to_revoke_info (sig, rinfo); /* Don't continue checking since we can't be any * more revoked than this. */ break; } else if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) pk->flags.maybe_revoked = 1; /* A failure here means the sig did not verify, was * not issued by a revocation key, or a revocation * key loop was broken. If a revocation key isn't * findable, however, the key might be revoked and * we don't know it. */ /* Fixme: In the future handle subkey and cert * revocations? PGP doesn't, but it's in 2440. */ } } } /* Second pass: Look at the self-signature of all user IDs. */ /* According to RFC 4880 section 11.1, user id and attribute packets * are in the second section, after the public key packet and before * the subkey packets. */ signode = uidnode = NULL; sigdate = 0; /* Helper variable to find the latest signature in one UID. */ for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID || k->pkt->pkttype == PKT_ATTRIBUTE) { /* New user id packet. */ /* Apply the data from the most recent self-signed packet to * the preceding user id packet. */ if (uidnode && signode) { fixup_uidnode (uidnode, signode, keytimestamp); pk->flags.valid = 1; } /* Clear SIGNODE. The only relevant self-signed data for * UIDNODE follows it. */ if (k->pkt->pkttype == PKT_USER_ID) uidnode = k; else uidnode = NULL; signode = NULL; sigdate = 0; } else if (k->pkt->pkttype == PKT_SIGNATURE && uidnode) { PKT_signature *sig = k->pkt->pkt.signature; if (sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1]) { if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* signature did not verify */ else if ((IS_UID_SIG (sig) || IS_UID_REV (sig)) && sig->timestamp >= sigdate) { /* Note: we allow invalidation of cert revocations * by a newer signature. An attacker can't use this * because a key should be revoked with a key revocation. * The reason why we have to allow for that is that at * one time an email address may become invalid but later * the same email address may become valid again (hired, * fired, hired again). */ sigdate = sig->timestamp; signode = k; signode->pkt->pkt.signature->flags.chosen_selfsig = 0; if (sig->version > sigversion) sigversion = sig->version; } } } } if (uidnode && signode) { fixup_uidnode (uidnode, signode, keytimestamp); pk->flags.valid = 1; } /* If the key isn't valid yet, and we have * --allow-non-selfsigned-uid set, then force it valid. */ if (!pk->flags.valid && opt.allow_non_selfsigned_uid) { if (opt.verbose) log_info (_("Invalid key %s made valid by" " --allow-non-selfsigned-uid\n"), keystr_from_pk (pk)); pk->flags.valid = 1; } /* The key STILL isn't valid, so try and find an ultimately * trusted signature. */ if (!pk->flags.valid) { uidnode = NULL; for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID) uidnode = k; else if (k->pkt->pkttype == PKT_SIGNATURE && uidnode) { PKT_signature *sig = k->pkt->pkt.signature; if (sig->keyid[0] != kid[0] || sig->keyid[1] != kid[1]) { PKT_public_key *ultimate_pk; ultimate_pk = xmalloc_clear (sizeof (*ultimate_pk)); /* We don't want to use the full get_pubkey to avoid * infinite recursion in certain cases. There is no * reason to check that an ultimately trusted key is * still valid - if it has been revoked the user * should also remove the ultimate trust flag. */ if (get_pubkey_fast (ultimate_pk, sig->keyid) == 0 && check_key_signature2 (ctrl, keyblock, k, ultimate_pk, NULL, NULL, NULL, NULL) == 0 && get_ownertrust (ctrl, ultimate_pk) == TRUST_ULTIMATE) { free_public_key (ultimate_pk); pk->flags.valid = 1; break; } free_public_key (ultimate_pk); } } } } /* Record the highest selfsig version so we know if this is a v3 key * through and through, or a v3 key with a v4 selfsig somewhere. * This is useful in a few places to know if the key must be treated * as PGP2-style or OpenPGP-style. Note that a selfsig revocation * with a higher version number will also raise this value. This is * okay since such a revocation must be issued by the user (i.e. it * cannot be issued by someone else to modify the key behavior.) */ pk->selfsigversion = sigversion; /* Now that we had a look at all user IDs we can now get some * information from those user IDs. */ if (!key_usage) { /* Find the latest user ID with key flags set. */ uiddate = 0; /* Helper to find the latest user ID. */ for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID) { PKT_user_id *uid = k->pkt->pkt.user_id; if (uid->help_key_usage && (uid->created > uiddate || (!uid->created && !uiddate))) { key_usage = uid->help_key_usage; uiddate = uid->created; } } } } if (!key_usage) { /* No key flags at all: get it from the algo. */ key_usage = openpgp_pk_algo_usage (pk->pubkey_algo); } else { /* Check that the usage matches the usage as given by the algo. */ int x = openpgp_pk_algo_usage (pk->pubkey_algo); if (x) /* Mask it down to the actual allowed usage. */ key_usage &= x; } /* Whatever happens, it's a primary key, so it can certify. */ pk->pubkey_usage = key_usage | PUBKEY_USAGE_CERT; if (!key_expire_seen) { /* Find the latest valid user ID with a key expiration set. * This may be a different one than from usage computation above * because some user IDs may have no expiration date set. */ uiddate = 0; for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID) { PKT_user_id *uid = k->pkt->pkt.user_id; if (uid->help_key_expire && (uid->created > uiddate || (!uid->created && !uiddate))) { key_expire = uid->help_key_expire; uiddate = uid->created; } } } } /* Currently only the not anymore supported v3 keys have a maximum * expiration date, but future key versions may get this feature again. */ if (key_expire == 0 || (pk->max_expiredate && key_expire > pk->max_expiredate)) key_expire = pk->max_expiredate; pk->has_expired = key_expire >= curtime ? 0 : key_expire; pk->expiredate = key_expire; /* Fixme: we should see how to get rid of the expiretime fields but * this needs changes at other places too. */ /* And now find the real primary user ID and delete all others. */ uiddate = uiddate2 = 0; uidnode = uidnode2 = NULL; for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data) { PKT_user_id *uid = k->pkt->pkt.user_id; if (uid->flags.primary) { if (uid->created > uiddate) { uiddate = uid->created; uidnode = k; } else if (uid->created == uiddate && uidnode) { /* The dates are equal, so we need to do a different * (and arbitrary) comparison. This should rarely, * if ever, happen. It's good to try and guarantee * that two different GnuPG users with two different * keyrings at least pick the same primary. */ if (cmp_user_ids (uid, uidnode->pkt->pkt.user_id) > 0) uidnode = k; } } else { if (uid->created > uiddate2) { uiddate2 = uid->created; uidnode2 = k; } else if (uid->created == uiddate2 && uidnode2) { if (cmp_user_ids (uid, uidnode2->pkt->pkt.user_id) > 0) uidnode2 = k; } } } } if (uidnode) { for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data) { PKT_user_id *uid = k->pkt->pkt.user_id; if (k != uidnode) uid->flags.primary = 0; } } } else if (uidnode2) { /* None is flagged primary - use the latest user ID we have, * and disambiguate with the arbitrary packet comparison. */ uidnode2->pkt->pkt.user_id->flags.primary = 1; } else { /* None of our uids were self-signed, so pick the one that * sorts first to be the primary. This is the best we can do * here since there are no self sigs to date the uids. */ uidnode = NULL; for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data) { if (!uidnode) { uidnode = k; uidnode->pkt->pkt.user_id->flags.primary = 1; continue; } else { if (cmp_user_ids (k->pkt->pkt.user_id, uidnode->pkt->pkt.user_id) > 0) { uidnode->pkt->pkt.user_id->flags.primary = 0; uidnode = k; uidnode->pkt->pkt.user_id->flags.primary = 1; } else { /* just to be safe: */ k->pkt->pkt.user_id->flags.primary = 0; } } } } } } /* Convert a buffer to a signature. Useful for 0x19 embedded sigs. * Caller must free the signature when they are done. */ static PKT_signature * buf_to_sig (const byte * buf, size_t len) { PKT_signature *sig = xmalloc_clear (sizeof (PKT_signature)); IOBUF iobuf = iobuf_temp_with_content (buf, len); int save_mode = set_packet_list_mode (0); if (parse_signature (iobuf, PKT_SIGNATURE, len, sig) != 0) { free_seckey_enc (sig); sig = NULL; } set_packet_list_mode (save_mode); iobuf_close (iobuf); return sig; } /* Use the self-signed data to fill in various fields in subkeys. * * KEYBLOCK is the whole keyblock. SUBNODE is the subkey to fill in. * * Sets the following fields on the subkey: * * main_keyid * flags.valid if the subkey has a valid self-sig binding * flags.revoked * flags.backsig * pubkey_usage * has_expired * expired_date * * On this subkey's most revent valid self-signed packet, the * following field is set: * * flags.chosen_selfsig */ static void merge_selfsigs_subkey (ctrl_t ctrl, kbnode_t keyblock, kbnode_t subnode) { PKT_public_key *mainpk = NULL, *subpk = NULL; PKT_signature *sig; KBNODE k; u32 mainkid[2]; u32 sigdate = 0; KBNODE signode; u32 curtime = make_timestamp (); unsigned int key_usage = 0; u32 keytimestamp = 0; u32 key_expire = 0; const byte *p; if (subnode->pkt->pkttype != PKT_PUBLIC_SUBKEY) BUG (); mainpk = keyblock->pkt->pkt.public_key; if (mainpk->version < 4) return;/* (actually this should never happen) */ keyid_from_pk (mainpk, mainkid); subpk = subnode->pkt->pkt.public_key; keytimestamp = subpk->timestamp; subpk->flags.valid = 0; subpk->flags.exact = 0; subpk->main_keyid[0] = mainpk->main_keyid[0]; subpk->main_keyid[1] = mainpk->main_keyid[1]; /* Find the latest key binding self-signature. */ signode = NULL; sigdate = 0; /* Helper to find the latest signature. */ for (k = subnode->next; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_SIGNATURE) { sig = k->pkt->pkt.signature; if (sig->keyid[0] == mainkid[0] && sig->keyid[1] == mainkid[1]) { if (check_key_signature (ctrl, keyblock, k, NULL)) ; /* Signature did not verify. */ else if (IS_SUBKEY_REV (sig)) { /* Note that this means that the date on a * revocation sig does not matter - even if the * binding sig is dated after the revocation sig, * the subkey is still marked as revoked. This * seems ok, as it is just as easy to make new * subkeys rather than re-sign old ones as the * problem is in the distribution. Plus, PGP (7) * does this the same way. */ subpk->flags.revoked = 1; sig_to_revoke_info (sig, &subpk->revoked); /* Although we could stop now, we continue to * figure out other information like the old expiration * time. */ } else if (IS_SUBKEY_SIG (sig) && sig->timestamp >= sigdate) { if (sig->flags.expired) ; /* Signature has expired - ignore it. */ else { sigdate = sig->timestamp; signode = k; signode->pkt->pkt.signature->flags.chosen_selfsig = 0; } } } } } /* No valid key binding. */ if (!signode) return; sig = signode->pkt->pkt.signature; sig->flags.chosen_selfsig = 1; /* So we know which selfsig we chose later. */ key_usage = parse_key_usage (sig); if (!key_usage) { /* No key flags at all: get it from the algo. */ key_usage = openpgp_pk_algo_usage (subpk->pubkey_algo); } else { /* Check that the usage matches the usage as given by the algo. */ int x = openpgp_pk_algo_usage (subpk->pubkey_algo); if (x) /* Mask it down to the actual allowed usage. */ key_usage &= x; } subpk->pubkey_usage = key_usage; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); if (p && buf32_to_u32 (p)) key_expire = keytimestamp + buf32_to_u32 (p); else key_expire = 0; subpk->has_expired = key_expire >= curtime ? 0 : key_expire; subpk->expiredate = key_expire; /* Algo doesn't exist. */ if (openpgp_pk_test_algo (subpk->pubkey_algo)) return; subpk->flags.valid = 1; /* Find the most recent 0x19 embedded signature on our self-sig. */ if (!subpk->flags.backsig) { int seq = 0; size_t n; PKT_signature *backsig = NULL; sigdate = 0; /* We do this while() since there may be other embedded * signatures in the future. We only want 0x19 here. */ while ((p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_SIGNATURE, &n, &seq, NULL))) if (n > 3 && ((p[0] == 3 && p[2] == 0x19) || (p[0] == 4 && p[1] == 0x19))) { PKT_signature *tempsig = buf_to_sig (p, n); if (tempsig) { if (tempsig->timestamp > sigdate) { if (backsig) free_seckey_enc (backsig); backsig = tempsig; sigdate = backsig->timestamp; } else free_seckey_enc (tempsig); } } seq = 0; /* It is safe to have this in the unhashed area since the 0x19 * is located on the selfsig for convenience, not security. */ while ((p = enum_sig_subpkt (sig->unhashed, SIGSUBPKT_SIGNATURE, &n, &seq, NULL))) if (n > 3 && ((p[0] == 3 && p[2] == 0x19) || (p[0] == 4 && p[1] == 0x19))) { PKT_signature *tempsig = buf_to_sig (p, n); if (tempsig) { if (tempsig->timestamp > sigdate) { if (backsig) free_seckey_enc (backsig); backsig = tempsig; sigdate = backsig->timestamp; } else free_seckey_enc (tempsig); } } if (backsig) { /* At this point, backsig contains the most recent 0x19 sig. * Let's see if it is good. */ /* 2==valid, 1==invalid, 0==didn't check */ if (check_backsig (mainpk, subpk, backsig) == 0) subpk->flags.backsig = 2; else subpk->flags.backsig = 1; free_seckey_enc (backsig); } } } /* Merge information from the self-signatures with the public key, * subkeys and user ids to make using them more easy. * * See documentation for merge_selfsigs_main, merge_selfsigs_subkey * and fixup_uidnode for exactly which fields are updated. */ static void merge_selfsigs (ctrl_t ctrl, kbnode_t keyblock) { KBNODE k; int revoked; struct revoke_info rinfo; PKT_public_key *main_pk; prefitem_t *prefs; unsigned int mdc_feature; unsigned int aead_feature; if (keyblock->pkt->pkttype != PKT_PUBLIC_KEY) { if (keyblock->pkt->pkttype == PKT_SECRET_KEY) { log_error ("expected public key but found secret key " "- must stop\n"); /* We better exit here because a public key is expected at * other places too. FIXME: Figure this out earlier and * don't get to here at all */ g10_exit (1); } BUG (); } merge_selfsigs_main (ctrl, keyblock, &revoked, &rinfo); /* Now merge in the data from each of the subkeys. */ for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { merge_selfsigs_subkey (ctrl, keyblock, k); } } main_pk = keyblock->pkt->pkt.public_key; if (revoked || main_pk->has_expired || !main_pk->flags.valid) { /* If the primary key is revoked, expired, or invalid we * better set the appropriate flags on that key and all * subkeys. */ for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { PKT_public_key *pk = k->pkt->pkt.public_key; if (!main_pk->flags.valid) pk->flags.valid = 0; if (revoked && !pk->flags.revoked) { pk->flags.revoked = revoked; memcpy (&pk->revoked, &rinfo, sizeof (rinfo)); } if (main_pk->has_expired) pk->has_expired = main_pk->has_expired; } } return; } /* Set the preference list of all keys to those of the primary real * user ID. Note: we use these preferences when we don't know by * which user ID the key has been selected. * fixme: we should keep atoms of commonly used preferences or * use reference counting to optimize the preference lists storage. * FIXME: it might be better to use the intersection of * all preferences. * Do a similar thing for the MDC feature flag. */ prefs = NULL; mdc_feature = aead_feature = 0; for (k = keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next) { if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data && k->pkt->pkt.user_id->flags.primary) { prefs = k->pkt->pkt.user_id->prefs; mdc_feature = k->pkt->pkt.user_id->flags.mdc; aead_feature = k->pkt->pkt.user_id->flags.aead; break; } } for (k = keyblock; k; k = k->next) { if (k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY) { PKT_public_key *pk = k->pkt->pkt.public_key; if (pk->prefs) xfree (pk->prefs); pk->prefs = copy_prefs (prefs); pk->flags.mdc = mdc_feature; pk->flags.aead = aead_feature; } } } /* See whether the key satisfies any additional requirements specified * in CTX. If so, return the node of an appropriate key or subkey. * Otherwise, return NULL if there was no appropriate key. * * Note that we do not return a reference, i.e. the result must not be * freed using 'release_kbnode'. * * In case the primary key is not required, select a suitable subkey. * We need the primary key if PUBKEY_USAGE_CERT is set in REQ_USAGE or * we are in PGP6 or PGP7 mode and PUBKEY_USAGE_SIG is set in * REQ_USAGE. * * If any of PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT * are set in REQ_USAGE, we filter by the key's function. Concretely, * if PUBKEY_USAGE_SIG and PUBKEY_USAGE_CERT are set, then we only * return a key if it is (at least) either a signing or a * certification key. * * If REQ_USAGE is set, then we reject any keys that are not good * (i.e., valid, not revoked, not expired, etc.). This allows the * getkey functions to be used for plain key listings. * * Sets the matched key's user id field (pk->user_id) to the user id * that matched the low-level search criteria or NULL. * * If R_FLAGS is not NULL set certain flags for more detailed error * reporting. Used flags are: * * - LOOKUP_ALL_SUBKEYS_EXPIRED :: All Subkeys are expired or have * been revoked. * - LOOKUP_NOT_SELECTED :: No suitable key found * * This function needs to handle several different cases: * * 1. No requested usage and no primary key requested * Examples for this case are that we have a keyID to be used * for decrytion or verification. * 2. No usage but primary key requested * This is the case for all functions which work on an * entire keyblock, e.g. for editing or listing * 3. Usage and primary key requested * FIXME * 4. Usage but no primary key requested * FIXME * */ static kbnode_t finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, int want_secret, unsigned int *r_flags) { kbnode_t k; /* If WANT_EXACT is set, the key or subkey that actually matched the low-level search criteria. */ kbnode_t foundk = NULL; /* The user id (if any) that matched the low-level search criteria. */ PKT_user_id *foundu = NULL; u32 latest_date; kbnode_t latest_key; PKT_public_key *pk; int req_prim; u32 curtime = make_timestamp (); if (r_flags) *r_flags = 0; #define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC|PUBKEY_USAGE_CERT) req_usage &= USAGE_MASK; /* Request the primary if we're certifying another key, and also if * signing data while --pgp6 or --pgp7 is on since pgp 6 and 7 do * not understand signatures made by a signing subkey. PGP 8 does. */ req_prim = ((req_usage & PUBKEY_USAGE_CERT) || ((PGP6 || PGP7) && (req_usage & PUBKEY_USAGE_SIG))); log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); /* For an exact match mark the primary or subkey that matched the low-level search criteria. */ if (want_exact) { for (k = keyblock; k; k = k->next) { if ((k->flag & 1)) { log_assert (k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY); foundk = k; pk = k->pkt->pkt.public_key; pk->flags.exact = 1; break; } } } /* Get the user id that matched that low-level search criteria. */ for (k = keyblock; k; k = k->next) { if ((k->flag & 2)) { log_assert (k->pkt->pkttype == PKT_USER_ID); foundu = k->pkt->pkt.user_id; break; } } if (DBG_LOOKUP) log_debug ("finish_lookup: checking key %08lX (%s)(req_usage=%x)\n", (ulong) keyid_from_pk (keyblock->pkt->pkt.public_key, NULL), foundk ? "one" : "all", req_usage); if (!req_usage) { latest_key = foundk ? foundk : keyblock; goto found; } latest_date = 0; latest_key = NULL; /* Set LATEST_KEY to the latest (the one with the most recent * timestamp) good (valid, not revoked, not expired, etc.) subkey. * * Don't bother if we are only looking for a primary key or we need * an exact match and the exact match is not a subkey. */ if (req_prim || (foundk && foundk->pkt->pkttype != PKT_PUBLIC_SUBKEY)) ; else { kbnode_t nextk; int n_subkeys = 0; int n_revoked_or_expired = 0; /* Either start a loop or check just this one subkey. */ for (k = foundk ? foundk : keyblock; k; k = nextk) { if (foundk) { /* If FOUNDK is not NULL, then only consider that exact key, i.e., don't iterate. */ nextk = NULL; } else nextk = k->next; if (k->pkt->pkttype != PKT_PUBLIC_SUBKEY) continue; pk = k->pkt->pkt.public_key; if (DBG_LOOKUP) log_debug ("\tchecking subkey %08lX\n", (ulong) keyid_from_pk (pk, NULL)); if (!pk->flags.valid) { if (DBG_LOOKUP) log_debug ("\tsubkey not valid\n"); continue; } if (!((pk->pubkey_usage & USAGE_MASK) & req_usage)) { if (DBG_LOOKUP) log_debug ("\tusage does not match: want=%x have=%x\n", req_usage, pk->pubkey_usage); continue; } n_subkeys++; if (pk->flags.revoked) { if (DBG_LOOKUP) log_debug ("\tsubkey has been revoked\n"); n_revoked_or_expired++; continue; } if (pk->has_expired) { if (DBG_LOOKUP) log_debug ("\tsubkey has expired\n"); n_revoked_or_expired++; continue; } if (pk->timestamp > curtime && !opt.ignore_valid_from) { if (DBG_LOOKUP) log_debug ("\tsubkey not yet valid\n"); continue; } if (want_secret && agent_probe_secret_key (NULL, pk)) { if (DBG_LOOKUP) log_debug ("\tno secret key\n"); continue; } if (DBG_LOOKUP) log_debug ("\tsubkey might be fine\n"); /* In case a key has a timestamp of 0 set, we make sure that it is used. A better change would be to compare ">=" but that might also change the selected keys and is as such a more intrusive change. */ if (pk->timestamp > latest_date || (!pk->timestamp && !latest_date)) { latest_date = pk->timestamp; latest_key = k; } } if (n_subkeys == n_revoked_or_expired && r_flags) *r_flags |= LOOKUP_ALL_SUBKEYS_EXPIRED; } /* Check if the primary key is ok (valid, not revoke, not expire, * matches requested usage) if: * * - we didn't find an appropriate subkey and we're not doing an * exact search, * * - we're doing an exact match and the exact match was the * primary key, or, * * - we're just considering the primary key. */ if ((!latest_key && !want_exact) || foundk == keyblock || req_prim) { if (DBG_LOOKUP && !foundk && !req_prim) log_debug ("\tno suitable subkeys found - trying primary\n"); pk = keyblock->pkt->pkt.public_key; if (!pk->flags.valid) { if (DBG_LOOKUP) log_debug ("\tprimary key not valid\n"); } else if (!((pk->pubkey_usage & USAGE_MASK) & req_usage)) { if (DBG_LOOKUP) log_debug ("\tprimary key usage does not match: " "want=%x have=%x\n", req_usage, pk->pubkey_usage); } else if (pk->flags.revoked) { if (DBG_LOOKUP) log_debug ("\tprimary key has been revoked\n"); } else if (pk->has_expired) { if (DBG_LOOKUP) log_debug ("\tprimary key has expired\n"); } else /* Okay. */ { if (DBG_LOOKUP) log_debug ("\tprimary key may be used\n"); latest_key = keyblock; } } if (!latest_key) { if (DBG_LOOKUP) log_debug ("\tno suitable key found - giving up\n"); if (r_flags) *r_flags |= LOOKUP_NOT_SELECTED; return NULL; /* Not found. */ } found: if (DBG_LOOKUP) log_debug ("\tusing key %08lX\n", (ulong) keyid_from_pk (latest_key->pkt->pkt.public_key, NULL)); if (latest_key) { pk = latest_key->pkt->pkt.public_key; free_user_id (pk->user_id); pk->user_id = scopy_user_id (foundu); } if (latest_key != keyblock && opt.verbose) { char *tempkeystr = xstrdup (keystr_from_pk (latest_key->pkt->pkt.public_key)); log_info (_("using subkey %s instead of primary key %s\n"), tempkeystr, keystr_from_pk (keyblock->pkt->pkt.public_key)); xfree (tempkeystr); } cache_user_id (keyblock); return latest_key ? latest_key : keyblock; /* Found. */ } /* Print a KEY_CONSIDERED status line. */ static void print_status_key_considered (kbnode_t keyblock, unsigned int flags) { char hexfpr[2*MAX_FINGERPRINT_LEN + 1]; kbnode_t node; char flagbuf[20]; if (!is_status_enabled ()) return; for (node=keyblock; node; node = node->next) if (node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_SECRET_KEY) break; if (!node) { log_error ("%s: keyblock w/o primary key\n", __func__); return; } hexfingerprint (node->pkt->pkt.public_key, hexfpr, sizeof hexfpr); snprintf (flagbuf, sizeof flagbuf, " %u", flags); write_status_strings (STATUS_KEY_CONSIDERED, hexfpr, flagbuf, NULL); } /* A high-level function to lookup keys. * * This function builds on top of the low-level keydb API. It first * searches the database using the description stored in CTX->ITEMS, * then it filters the results using CTX and, finally, if WANT_SECRET * is set, it ignores any keys for which no secret key is available. * * Unlike the low-level search functions, this function also merges * all of the self-signed data into the keys, subkeys and user id * packets (see the merge_selfsigs for details). * * On success the key's keyblock is stored at *RET_KEYBLOCK, and the * specific subkey is stored at *RET_FOUND_KEY. Note that we do not * return a reference in *RET_FOUND_KEY, i.e. the result must not be * freed using 'release_kbnode', and it is only valid until * *RET_KEYBLOCK is deallocated. Therefore, if RET_FOUND_KEY is not * NULL, then RET_KEYBLOCK must not be NULL. */ static int lookup (ctrl_t ctrl, getkey_ctx_t ctx, int want_secret, kbnode_t *ret_keyblock, kbnode_t *ret_found_key) { int rc; int no_suitable_key = 0; KBNODE keyblock = NULL; KBNODE found_key = NULL; unsigned int infoflags; log_assert (ret_found_key == NULL || ret_keyblock != NULL); if (ret_keyblock) *ret_keyblock = NULL; for (;;) { rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems, NULL); if (rc) break; /* If we are iterating over the entire database, then we need to * change from KEYDB_SEARCH_MODE_FIRST, which does an implicit * reset, to KEYDB_SEARCH_MODE_NEXT, which gets the next record. */ if (ctx->nitems && ctx->items->mode == KEYDB_SEARCH_MODE_FIRST) ctx->items->mode = KEYDB_SEARCH_MODE_NEXT; rc = keydb_get_keyblock (ctx->kr_handle, &keyblock); if (rc) { log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); goto skip; } if (want_secret) { rc = agent_probe_any_secret_key (NULL, keyblock); if (gpg_err_code(rc) == GPG_ERR_NO_SECKEY) goto skip; /* No secret key available. */ if (rc) goto found; /* Unexpected error. */ } /* Warning: node flag bits 0 and 1 should be preserved by * merge_selfsigs. */ merge_selfsigs (ctrl, keyblock); found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact, want_secret, &infoflags); print_status_key_considered (keyblock, infoflags); if (found_key) { no_suitable_key = 0; goto found; } else { no_suitable_key = 1; } skip: /* Release resources and continue search. */ release_kbnode (keyblock); keyblock = NULL; /* The keyblock cache ignores the current "file position". * Thus, if we request the next result and the cache matches * (and it will since it is what we just looked for), we'll get * the same entry back! We can avoid this infinite loop by * disabling the cache. */ keydb_disable_caching (ctx->kr_handle); } found: if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND) log_error ("keydb_search failed: %s\n", gpg_strerror (rc)); if (!rc) { if (ret_keyblock) { *ret_keyblock = keyblock; /* Return the keyblock. */ keyblock = NULL; } } else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND && no_suitable_key) rc = want_secret? GPG_ERR_UNUSABLE_SECKEY : GPG_ERR_UNUSABLE_PUBKEY; else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) rc = want_secret? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY; release_kbnode (keyblock); if (ret_found_key) { if (! rc) *ret_found_key = found_key; else *ret_found_key = NULL; } return rc; } /* If a default key has been specified, return that key. If a card * based key is also available as indicated by FPR_CARD not being * NULL, return that key if suitable. */ gpg_error_t get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk, const byte *fpr_card, size_t fpr_len) { gpg_error_t err; strlist_t namelist = NULL; const char *def_secret_key; def_secret_key = parse_def_secret_key (ctrl); if (def_secret_key) add_to_strlist (&namelist, def_secret_key); else if (fpr_card) { err = get_pubkey_byfprint (ctrl, pk, NULL, fpr_card, fpr_len); if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) { if (opt.debug) log_debug ("using LDAP to find public key for current card\n"); err = keyserver_import_fprint (ctrl, fpr_card, fpr_len, opt.keyserver, KEYSERVER_IMPORT_FLAG_LDAP); if (!err) err = get_pubkey_byfprint (ctrl, pk, NULL, fpr_card, fpr_len); else if (gpg_err_code (err) == GPG_ERR_NO_DATA || gpg_err_code (err) == GPG_ERR_NO_KEYSERVER) { /* Dirmngr returns NO DATA is the selected keyserver * does not have the requested key. It returns NO * KEYSERVER if no LDAP keyservers are configured. */ err = gpg_error (GPG_ERR_NO_PUBKEY); } } /* The key on card can be not suitable for requested usage. */ if (gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY) fpr_card = NULL; /* Fallthrough as no card. */ else return err; /* Success or other error. */ } if (!fpr_card || (def_secret_key && *def_secret_key && def_secret_key[strlen (def_secret_key)-1] == '!')) { err = key_byname (ctrl, NULL, namelist, pk, 1, 0, NULL, NULL); } else { /* Default key is specified and card key is also available. */ kbnode_t k, keyblock = NULL; err = key_byname (ctrl, NULL, namelist, pk, 1, 0, &keyblock, NULL); if (err) goto leave; for (k = keyblock; k; k = k->next) { PKT_public_key *pk_candidate; char fpr[MAX_FINGERPRINT_LEN]; if (k->pkt->pkttype != PKT_PUBLIC_KEY &&k->pkt->pkttype != PKT_PUBLIC_SUBKEY) continue; pk_candidate = k->pkt->pkt.public_key; if (!pk_candidate->flags.valid) continue; if (!((pk_candidate->pubkey_usage & USAGE_MASK) & pk->req_usage)) continue; fingerprint_from_pk (pk_candidate, fpr, NULL); if (!memcmp (fpr_card, fpr, fpr_len)) { release_public_key_parts (pk); copy_public_key (pk, pk_candidate); break; } } release_kbnode (keyblock); } leave: free_strlist (namelist); return err; } /********************************************* *********** User ID printing helpers ******* *********************************************/ /* Return a string with a printable representation of the user_id. * this string must be freed by xfree. If R_NOUID is not NULL it is * set to true if a user id was not found; otherwise to false. */ static char * get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len, int *r_nouid) { user_id_db_t r; keyid_list_t a; int pass = 0; char *p; if (r_nouid) *r_nouid = 0; /* Try it two times; second pass reads from the database. */ do { for (r = user_id_db; r; r = r->next) { for (a = r->keyids; a; a = a->next) { if (a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1]) { if (mode == 2) { /* An empty string as user id is possible. Make sure that the malloc allocates one byte and does not bail out. */ p = xmalloc (r->len? r->len : 1); memcpy (p, r->name, r->len); if (r_len) *r_len = r->len; } else { if (mode) p = xasprintf ("%08lX%08lX %.*s", (ulong) keyid[0], (ulong) keyid[1], r->len, r->name); else p = xasprintf ("%s %.*s", keystr (keyid), r->len, r->name); if (r_len) *r_len = strlen (p); } return p; } } } } while (++pass < 2 && !get_pubkey (ctrl, NULL, keyid)); if (mode == 2) p = xstrdup (user_id_not_found_utf8 ()); else if (mode) p = xasprintf ("%08lX%08lX [?]", (ulong) keyid[0], (ulong) keyid[1]); else p = xasprintf ("%s [?]", keystr (keyid)); if (r_nouid) *r_nouid = 1; if (r_len) *r_len = strlen (p); return p; } char * get_user_id_string_native (ctrl_t ctrl, u32 * keyid) { char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL); char *p2 = utf8_to_native (p, strlen (p), 0); xfree (p); return p2; } char * get_long_user_id_string (ctrl_t ctrl, u32 * keyid) { return get_user_id_string (ctrl, keyid, 1, NULL, NULL); } /* Please try to use get_user_byfpr instead of this one. */ char * get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid) { return get_user_id_string (ctrl, keyid, 2, rn, r_nouid); } /* Please try to use get_user_id_byfpr_native instead of this one. */ char * get_user_id_native (ctrl_t ctrl, u32 *keyid) { size_t rn; char *p = get_user_id (ctrl, keyid, &rn, NULL); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; } /* Return the user id for a key designated by its fingerprint, FPR, which must be MAX_FINGERPRINT_LEN bytes in size. Note: the returned string, which must be freed using xfree, may not be NUL terminated. To determine the length of the string, you must use *RN. */ char * get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn) { user_id_db_t r; char *p; int pass = 0; /* Try it two times; second pass reads from the database. */ do { for (r = user_id_db; r; r = r->next) { keyid_list_t a; for (a = r->keyids; a; a = a->next) { if (!memcmp (a->fpr, fpr, MAX_FINGERPRINT_LEN)) { /* An empty string as user id is possible. Make sure that the malloc allocates one byte and does not bail out. */ p = xmalloc (r->len? r->len : 1); memcpy (p, r->name, r->len); *rn = r->len; return p; } } } } while (++pass < 2 && !get_pubkey_byfprint (ctrl, NULL, NULL, fpr, MAX_FINGERPRINT_LEN)); p = xstrdup (user_id_not_found_utf8 ()); *rn = strlen (p); return p; } /* Like get_user_id_byfpr, but convert the string to the native encoding. The returned string needs to be freed. Unlike get_user_id_byfpr, the returned string is NUL terminated. */ char * get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr) { size_t rn; char *p = get_user_id_byfpr (ctrl, fpr, &rn); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; } /* Return the database handle used by this context. The context still owns the handle. */ KEYDB_HANDLE get_ctx_handle (GETKEY_CTX ctx) { return ctx->kr_handle; } static void free_akl (struct akl *akl) { if (! akl) return; if (akl->spec) free_keyserver_spec (akl->spec); xfree (akl); } void release_akl (void) { while (opt.auto_key_locate) { struct akl *akl2 = opt.auto_key_locate; opt.auto_key_locate = opt.auto_key_locate->next; free_akl (akl2); } } /* Returns true if the AKL is empty or has only the local method * active. */ int akl_empty_or_only_local (void) { struct akl *akl; int any = 0; for (akl = opt.auto_key_locate; akl; akl = akl->next) if (akl->type != AKL_NODEFAULT && akl->type != AKL_LOCAL) { any = 1; break; } return !any; } /* Returns false on error. */ int parse_auto_key_locate (const char *options_arg) { char *tok; char *options, *options_buf; options = options_buf = xstrdup (options_arg); while ((tok = optsep (&options))) { struct akl *akl, *check, *last = NULL; int dupe = 0; if (tok[0] == '\0') continue; akl = xmalloc_clear (sizeof (*akl)); if (ascii_strcasecmp (tok, "clear") == 0) { xfree (akl); free_akl (opt.auto_key_locate); opt.auto_key_locate = NULL; continue; } else if (ascii_strcasecmp (tok, "nodefault") == 0) akl->type = AKL_NODEFAULT; else if (ascii_strcasecmp (tok, "local") == 0) akl->type = AKL_LOCAL; else if (ascii_strcasecmp (tok, "ldap") == 0) akl->type = AKL_LDAP; else if (ascii_strcasecmp (tok, "keyserver") == 0) akl->type = AKL_KEYSERVER; else if (ascii_strcasecmp (tok, "cert") == 0) akl->type = AKL_CERT; else if (ascii_strcasecmp (tok, "pka") == 0) akl->type = AKL_PKA; else if (ascii_strcasecmp (tok, "dane") == 0) akl->type = AKL_DANE; else if (ascii_strcasecmp (tok, "wkd") == 0) akl->type = AKL_WKD; else if (ascii_strcasecmp (tok, "ntds") == 0) akl->type = AKL_NTDS; else if ((akl->spec = parse_keyserver_uri (tok, 1))) akl->type = AKL_SPEC; else { free_akl (akl); xfree (options_buf); return 0; } /* We must maintain the order the user gave us */ for (check = opt.auto_key_locate; check; last = check, check = check->next) { /* Check for duplicates */ if (check->type == akl->type && (akl->type != AKL_SPEC || (akl->type == AKL_SPEC && strcmp (check->spec->uri, akl->spec->uri) == 0))) { dupe = 1; free_akl (akl); break; } } if (!dupe) { if (last) last->next = akl; else opt.auto_key_locate = akl; } } xfree (options_buf); return 1; } /* The list of key origins. */ static struct { const char *name; int origin; } key_origin_list[] = { { "self", KEYORG_SELF }, { "file", KEYORG_FILE }, { "url", KEYORG_URL }, { "wkd", KEYORG_WKD }, { "dane", KEYORG_DANE }, { "ks-pref", KEYORG_KS_PREF }, { "ks", KEYORG_KS }, { "unknown", KEYORG_UNKNOWN } }; /* Parse the argument for --key-origin. Return false on error. */ int parse_key_origin (char *string) { int i; char *comma; comma = strchr (string, ','); if (comma) *comma = 0; if (!ascii_strcasecmp (string, "help")) { log_info (_("valid values for option '%s':\n"), "--key-origin"); for (i=0; i < DIM (key_origin_list); i++) log_info (" %s\n", key_origin_list[i].name); g10_exit (1); } for (i=0; i < DIM (key_origin_list); i++) if (!ascii_strcasecmp (string, key_origin_list[i].name)) { opt.key_origin = key_origin_list[i].origin; xfree (opt.key_origin_url); opt.key_origin_url = NULL; if (comma && comma[1]) { opt.key_origin_url = xstrdup (comma+1); trim_spaces (opt.key_origin_url); } return 1; } if (comma) *comma = ','; return 0; } /* Return a string or "?" for the key ORIGIN. */ const char * key_origin_string (int origin) { int i; for (i=0; i < DIM (key_origin_list); i++) if (key_origin_list[i].origin == origin) return key_origin_list[i].name; return "?"; } /* Returns true if a secret key is available for the public key with key id KEYID; returns false if not. This function ignores legacy keys. Note: this is just a fast check and does not tell us whether the secret key is valid; this check merely indicates whether there is some secret key with the specified key id. */ int have_secret_key_with_kid (u32 *keyid) { gpg_error_t err; KEYDB_HANDLE kdbhd; KEYDB_SEARCH_DESC desc; kbnode_t keyblock; kbnode_t node; int result = 0; kdbhd = keydb_new (); if (!kdbhd) return 0; memset (&desc, 0, sizeof desc); desc.mode = KEYDB_SEARCH_MODE_LONG_KID; desc.u.kid[0] = keyid[0]; desc.u.kid[1] = keyid[1]; while (!result) { err = keydb_search (kdbhd, &desc, 1, NULL); if (err) break; err = keydb_get_keyblock (kdbhd, &keyblock); if (err) { log_error (_("error reading keyblock: %s\n"), gpg_strerror (err)); break; } for (node = keyblock; node; node = node->next) { /* Bit 0 of the flags is set if the search found the key using that key or subkey. Note: a search will only ever match a single key or subkey. */ if ((node->flag & 1)) { log_assert (node->pkt->pkttype == PKT_PUBLIC_KEY || node->pkt->pkttype == PKT_PUBLIC_SUBKEY); if (!agent_probe_secret_key (NULL, node->pkt->pkt.public_key)) result = 1; /* Secret key available. */ else result = 0; break; } } release_kbnode (keyblock); } keydb_release (kdbhd); return result; } diff --git a/g10/gpg.c b/g10/gpg.c index 97ca93314..b22d79522 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1,5643 +1,5641 @@ /* gpg.c - The GnuPG utility (main for gpg) * Copyright (C) 1998-2020 Free Software Foundation, Inc. * Copyright (C) 1997-2019 Werner Koch * Copyright (C) 2015-2022 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * SPDX-License-Identifier: GPL-3.0-or-later */ #include #include #include #include #include #include #include #ifdef HAVE_STAT #include /* for stat() */ #endif #include #ifdef HAVE_W32_SYSTEM # ifdef HAVE_WINSOCK2_H # include # endif # include #endif #define INCLUDED_BY_MAIN_MODULE 1 #include "gpg.h" #include #include "../common/iobuf.h" #include "../common/util.h" #include "packet.h" #include "../common/membuf.h" #include "main.h" #include "options.h" #include "keydb.h" #include "trustdb.h" #include "filter.h" #include "../common/ttyio.h" #include "../common/i18n.h" #include "../common/sysutils.h" #include "../common/status.h" #include "keyserver-internal.h" #include "exec.h" #include "../common/gc-opt-flags.h" #include "../common/asshelp.h" #include "call-dirmngr.h" #include "tofu.h" #include "../common/init.h" #include "../common/mbox-util.h" #include "../common/zb32.h" #include "../common/shareddefs.h" #include "../common/compliance.h" #if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__) #define MY_O_BINARY O_BINARY #ifndef S_IRGRP # define S_IRGRP 0 # define S_IWGRP 0 #endif #else #define MY_O_BINARY 0 #endif enum cmd_and_opt_values { aNull = 0, oArmor = 'a', aDetachedSign = 'b', aSym = 'c', aDecrypt = 'd', aEncr = 'e', oRecipientFile = 'f', oHiddenRecipientFile = 'F', oInteractive = 'i', aListKeys = 'k', oDryRun = 'n', oOutput = 'o', oQuiet = 'q', oRecipient = 'r', oHiddenRecipient = 'R', aSign = 's', oTextmodeShort= 't', oLocalUser = 'u', oVerbose = 'v', oCompress = 'z', oSetNotation = 'N', aListSecretKeys = 'K', oBatch = 500, oMaxOutput, oInputSizeHint, oSigNotation, oCertNotation, oShowNotation, oNoShowNotation, oKnownNotation, aEncrFiles, aEncrSym, aDecryptFiles, aClearsign, aStore, aQuickKeygen, aFullKeygen, aKeygen, aSignEncr, aSignEncrSym, aSignSym, aSignKey, aLSignKey, aQuickSignKey, aQuickLSignKey, aQuickRevSig, aQuickAddUid, aQuickAddKey, aQuickRevUid, aQuickSetExpire, aQuickSetPrimaryUid, aQuickUpdatePref, aListConfig, aListGcryptConfig, aGPGConfList, aGPGConfTest, aListPackets, aEditKey, aDeleteKeys, aDeleteSecretKeys, aDeleteSecretAndPublicKeys, aImport, aFastImport, aVerify, aVerifyFiles, aListSigs, aSendKeys, aRecvKeys, aLocateKeys, aLocateExtKeys, aSearchKeys, aRefreshKeys, aFetchKeys, aShowKeys, aExport, aExportSecret, aExportSecretSub, aExportSshKey, aCheckKeys, aGenRevoke, aDesigRevoke, aPrimegen, aPrintMD, aPrintMDs, aCheckTrustDB, aUpdateTrustDB, aFixTrustDB, aListTrustDB, aListTrustPath, aExportOwnerTrust, aImportOwnerTrust, aDeArmor, aEnArmor, aGenRandom, aRebuildKeydbCaches, aCardStatus, aCardEdit, aChangePIN, aPasswd, aServer, aTOFUPolicy, oMimemode, oTextmode, oNoTextmode, oExpert, oNoExpert, oDefSigExpire, oAskSigExpire, oNoAskSigExpire, oDefCertExpire, oAskCertExpire, oNoAskCertExpire, oDefCertLevel, oMinCertLevel, oAskCertLevel, oNoAskCertLevel, oFingerprint, oWithFingerprint, oWithSubkeyFingerprint, oWithICAOSpelling, oWithKeygrip, oWithSecret, oWithWKDHash, oWithColons, oWithKeyData, oWithKeyOrigin, oWithTofuInfo, oWithSigList, oWithSigCheck, oAnswerYes, oAnswerNo, oKeyring, oPrimaryKeyring, oSecretKeyring, oShowKeyring, oDefaultKey, oDefRecipient, oDefRecipientSelf, oNoDefRecipient, oTrySecretKey, oOptions, oDebug, oDebugLevel, oDebugAll, oDebugIOLBF, oStatusFD, oStatusFile, oAttributeFD, oAttributeFile, oEmitVersion, oNoEmitVersion, oCompletesNeeded, oMarginalsNeeded, oMaxCertDepth, oLoadExtension, oCompliance, oGnuPG, oRFC2440, oRFC4880, oRFC4880bis, oOpenPGP, oPGP6, oPGP7, oPGP8, oDE_VS, oMinRSALength, oRFC2440Text, oNoRFC2440Text, oCipherAlgo, oDigestAlgo, oCertDigestAlgo, oCompressAlgo, oCompressLevel, oBZ2CompressLevel, oBZ2DecompressLowmem, oPassphrase, oPassphraseFD, oPassphraseFile, oPassphraseRepeat, oPinentryMode, oCommandFD, oCommandFile, oQuickRandom, oNoVerbose, oTrustDBName, oNoSecmemWarn, oRequireSecmem, oNoRequireSecmem, oNoPermissionWarn, oNoArmor, oNoDefKeyring, oNoKeyring, oNoGreeting, oNoTTY, oNoOptions, oNoBatch, oHomedir, oSkipVerify, oSkipHiddenRecipients, oNoSkipHiddenRecipients, oAlwaysTrust, oTrustModel, oForceOwnertrust, oSetFilename, oForYourEyesOnly, oNoForYourEyesOnly, oSetPolicyURL, oSigPolicyURL, oCertPolicyURL, oShowPolicyURL, oNoShowPolicyURL, oSigKeyserverURL, oUseEmbeddedFilename, oNoUseEmbeddedFilename, oComment, oDefaultComment, oNoComments, oThrowKeyids, oNoThrowKeyids, oShowPhotos, oNoShowPhotos, oPhotoViewer, oForceOCB, oS2KMode, oS2KDigest, oS2KCipher, oS2KCount, oDisplayCharset, oNotDashEscaped, oEscapeFrom, oNoEscapeFrom, oLockOnce, oLockMultiple, oLockNever, oKeyServer, oKeyServerOptions, oImportOptions, oImportFilter, oExportOptions, oExportFilter, oListOptions, oVerifyOptions, oTempDir, oExecPath, oEncryptTo, oHiddenEncryptTo, oNoEncryptTo, oEncryptToDefaultKey, oLoggerFD, oLoggerFile, oUtf8Strings, oNoUtf8Strings, oDisableCipherAlgo, oDisablePubkeyAlgo, oAllowNonSelfsignedUID, oNoAllowNonSelfsignedUID, oAllowFreeformUID, oNoAllowFreeformUID, oAllowSecretKeyImport, oEnableSpecialFilenames, oNoLiteral, oSetFilesize, oHonorHttpProxy, oFastListMode, oListOnly, oIgnoreTimeConflict, oIgnoreValidFrom, oIgnoreCrcError, oIgnoreMDCError, oShowSessionKey, oOverrideSessionKey, oOverrideSessionKeyFD, oNoRandomSeedFile, oAutoKeyRetrieve, oNoAutoKeyRetrieve, oAutoKeyImport, oNoAutoKeyImport, oUseAgent, oNoUseAgent, oGpgAgentInfo, oMergeOnly, oTryAllSecrets, oTrustedKey, oNoExpensiveTrustChecks, oFixedListMode, oLegacyListMode, oNoSigCache, oAutoCheckTrustDB, oNoAutoCheckTrustDB, oPreservePermissions, oDefaultPreferenceList, oDefaultKeyserverURL, oPersonalCipherPreferences, oPersonalDigestPreferences, oPersonalCompressPreferences, oAgentProgram, oDirmngrProgram, oDisableDirmngr, oDisplay, oTTYname, oTTYtype, oLCctype, oLCmessages, oXauthority, oGroup, oUnGroup, oNoGroups, oStrict, oNoStrict, oMangleDosFilenames, oNoMangleDosFilenames, oEnableProgressFilter, oMultifile, oKeyidFormat, oExitOnStatusWriteError, oLimitCardInsertTries, oReaderPort, octapiDriver, opcscDriver, oDisableCCID, oRequireCrossCert, oNoRequireCrossCert, oAutoKeyLocate, oNoAutoKeyLocate, oAllowMultisigVerification, oEnableLargeRSA, oDisableLargeRSA, oEnableDSA2, oDisableDSA2, oAllowMultipleMessages, oNoAllowMultipleMessages, oAllowWeakDigestAlgos, oAllowWeakKeySignatures, oFakedSystemTime, oNoAutostart, oPrintPKARecords, oPrintDANERecords, oTOFUDefaultPolicy, oTOFUDBFormat, oDefaultNewKeyAlgo, oWeakDigest, oUnwrap, oOnlySignTextIDs, oDisableSignerUID, oSender, oKeyOrigin, oRequestOrigin, oNoSymkeyCache, oUseOnlyOpenPGPCard, oIncludeKeyBlock, oNoIncludeKeyBlock, oForceSignKey, oForbidGenKey, oRequireCompliance, oCompatibilityFlags, oNoop }; static ARGPARSE_OPTS opts[] = { ARGPARSE_group (300, N_("@Commands:\n ")), ARGPARSE_c (aSign, "sign", N_("make a signature")), ARGPARSE_c (aClearsign, "clear-sign", N_("make a clear text signature")), ARGPARSE_c (aClearsign, "clearsign", "@"), ARGPARSE_c (aDetachedSign, "detach-sign", N_("make a detached signature")), ARGPARSE_c (aEncr, "encrypt", N_("encrypt data")), ARGPARSE_c (aEncrFiles, "encrypt-files", "@"), ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")), ARGPARSE_c (aStore, "store", "@"), ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")), ARGPARSE_c (aDecryptFiles, "decrypt-files", "@"), ARGPARSE_c (aVerify, "verify" , N_("verify a signature")), ARGPARSE_c (aVerifyFiles, "verify-files" , "@" ), ARGPARSE_c (aListKeys, "list-keys", N_("list keys")), ARGPARSE_c (aListKeys, "list-public-keys", "@" ), ARGPARSE_c (aListSigs, "list-signatures", N_("list keys and signatures")), ARGPARSE_c (aListSigs, "list-sigs", "@"), ARGPARSE_c (aCheckKeys, "check-signatures", N_("list and check key signatures")), ARGPARSE_c (aCheckKeys, "check-sigs", "@"), ARGPARSE_c (oFingerprint, "fingerprint", N_("list keys and fingerprints")), ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")), ARGPARSE_c (aKeygen, "generate-key", N_("generate a new key pair")), ARGPARSE_c (aKeygen, "gen-key", "@"), ARGPARSE_c (aQuickKeygen, "quick-generate-key" , N_("quickly generate a new key pair")), ARGPARSE_c (aQuickKeygen, "quick-gen-key", "@"), ARGPARSE_c (aQuickAddUid, "quick-add-uid", N_("quickly add a new user-id")), ARGPARSE_c (aQuickAddUid, "quick-adduid", "@"), ARGPARSE_c (aQuickAddKey, "quick-add-key", "@"), ARGPARSE_c (aQuickAddKey, "quick-addkey", "@"), ARGPARSE_c (aQuickRevUid, "quick-revoke-uid", N_("quickly revoke a user-id")), ARGPARSE_c (aQuickRevUid, "quick-revuid", "@"), ARGPARSE_c (aQuickSetExpire, "quick-set-expire", N_("quickly set a new expiration date")), ARGPARSE_c (aQuickSetPrimaryUid, "quick-set-primary-uid", "@"), ARGPARSE_c (aQuickUpdatePref, "quick-update-pref", "@"), ARGPARSE_c (aFullKeygen, "full-generate-key" , N_("full featured key pair generation")), ARGPARSE_c (aFullKeygen, "full-gen-key", "@"), ARGPARSE_c (aGenRevoke, "generate-revocation", N_("generate a revocation certificate")), ARGPARSE_c (aGenRevoke, "gen-revoke", "@"), ARGPARSE_c (aDeleteKeys,"delete-keys", N_("remove keys from the public keyring")), ARGPARSE_c (aDeleteSecretKeys, "delete-secret-keys", N_("remove keys from the secret keyring")), ARGPARSE_c (aQuickSignKey, "quick-sign-key" , N_("quickly sign a key")), ARGPARSE_c (aQuickLSignKey, "quick-lsign-key", N_("quickly sign a key locally")), ARGPARSE_c (aQuickRevSig, "quick-revoke-sig" , N_("quickly revoke a key signature")), ARGPARSE_c (aSignKey, "sign-key" ,N_("sign a key")), ARGPARSE_c (aLSignKey, "lsign-key" ,N_("sign a key locally")), ARGPARSE_c (aEditKey, "edit-key" ,N_("sign or edit a key")), ARGPARSE_c (aEditKey, "key-edit" ,"@"), ARGPARSE_c (aPasswd, "change-passphrase", N_("change a passphrase")), ARGPARSE_c (aPasswd, "passwd", "@"), ARGPARSE_c (aDesigRevoke, "generate-designated-revocation", "@"), ARGPARSE_c (aDesigRevoke, "desig-revoke","@" ), ARGPARSE_c (aExport, "export" , N_("export keys") ), ARGPARSE_c (aSendKeys, "send-keys" , N_("export keys to a keyserver") ), ARGPARSE_c (aRecvKeys, "receive-keys" , N_("import keys from a keyserver") ), ARGPARSE_c (aRecvKeys, "recv-keys" , "@"), ARGPARSE_c (aSearchKeys, "search-keys" , N_("search for keys on a keyserver") ), ARGPARSE_c (aRefreshKeys, "refresh-keys", N_("update all keys from a keyserver")), ARGPARSE_c (aLocateKeys, "locate-keys", "@"), ARGPARSE_c (aLocateExtKeys, "locate-external-keys", "@"), ARGPARSE_c (aFetchKeys, "fetch-keys" , "@" ), ARGPARSE_c (aShowKeys, "show-keys" , "@" ), ARGPARSE_c (aExportSecret, "export-secret-keys" , "@" ), ARGPARSE_c (aExportSecretSub, "export-secret-subkeys" , "@" ), ARGPARSE_c (aExportSshKey, "export-ssh-key", "@" ), ARGPARSE_c (aImport, "import", N_("import/merge keys")), ARGPARSE_c (aFastImport, "fast-import", "@"), #ifdef ENABLE_CARD_SUPPORT ARGPARSE_c (aCardStatus, "card-status", N_("print the card status")), ARGPARSE_c (aCardEdit, "edit-card", N_("change data on a card")), ARGPARSE_c (aCardEdit, "card-edit", "@"), ARGPARSE_c (aChangePIN, "change-pin", N_("change a card's PIN")), #endif ARGPARSE_c (aListConfig, "list-config", "@"), ARGPARSE_c (aListGcryptConfig, "list-gcrypt-config", "@"), ARGPARSE_c (aGPGConfList, "gpgconf-list", "@" ), ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@" ), ARGPARSE_c (aListPackets, "list-packets","@"), #ifndef NO_TRUST_MODELS ARGPARSE_c (aExportOwnerTrust, "export-ownertrust", "@"), ARGPARSE_c (aImportOwnerTrust, "import-ownertrust", "@"), ARGPARSE_c (aUpdateTrustDB,"update-trustdb", N_("update the trust database")), ARGPARSE_c (aCheckTrustDB, "check-trustdb", "@"), ARGPARSE_c (aFixTrustDB, "fix-trustdb", "@"), ARGPARSE_c (aListTrustDB, "list-trustdb", "@"), #endif ARGPARSE_c (aDeArmor, "dearmor", "@"), ARGPARSE_c (aDeArmor, "dearmour", "@"), ARGPARSE_c (aEnArmor, "enarmor", "@"), ARGPARSE_c (aEnArmor, "enarmour", "@"), ARGPARSE_c (aPrintMD, "print-md", N_("print message digests")), ARGPARSE_c (aPrintMDs, "print-mds", "@"), /* old */ ARGPARSE_c (aPrimegen, "gen-prime", "@" ), ARGPARSE_c (aGenRandom,"gen-random", "@" ), ARGPARSE_c (aServer, "server", N_("run in server mode")), ARGPARSE_c (aTOFUPolicy, "tofu-policy", N_("|VALUE|set the TOFU policy for a key")), /* Not yet used: ARGPARSE_c (aListTrustPath, "list-trust-path", "@"), */ ARGPARSE_c (aDeleteSecretAndPublicKeys, "delete-secret-and-public-keys", "@"), ARGPARSE_c (aRebuildKeydbCaches, "rebuild-keydb-caches", "@"), ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */ ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */ ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */ ARGPARSE_c (aShowKeys, "show-key", "@"), /* alias */ ARGPARSE_header ("Monitor", N_("Options controlling the diagnostic output")), ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")), ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"), ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")), ARGPARSE_s_n (oNoTTY, "no-tty", "@"), ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"), ARGPARSE_s_s (oDebug, "debug", "@"), ARGPARSE_s_s (oDebugLevel, "debug-level", "@"), ARGPARSE_s_n (oDebugAll, "debug-all", "@"), ARGPARSE_s_n (oDebugIOLBF, "debug-iolbf", "@"), ARGPARSE_s_s (oDisplayCharset, "display-charset", "@"), ARGPARSE_s_s (oDisplayCharset, "charset", "@"), ARGPARSE_conffile (oOptions, "options", N_("|FILE|read options from FILE")), ARGPARSE_noconffile (oNoOptions, "no-options", "@"), ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"), ARGPARSE_s_s (oLoggerFile, "log-file", N_("|FILE|write server mode logs to FILE")), ARGPARSE_s_s (oLoggerFile, "logger-file", "@"), /* 1.4 compatibility. */ ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"), ARGPARSE_header ("Configuration", N_("Options controlling the configuration")), ARGPARSE_s_s (oHomedir, "homedir", "@"), ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), ARGPARSE_s_s (oDefaultKey, "default-key", N_("|NAME|use NAME as default secret key")), ARGPARSE_s_s (oEncryptTo, "encrypt-to", N_("|NAME|encrypt to user ID NAME as well")), ARGPARSE_s_n (oNoEncryptTo, "no-encrypt-to", "@"), ARGPARSE_s_s (oHiddenEncryptTo, "hidden-encrypt-to", "@"), ARGPARSE_s_n (oEncryptToDefaultKey, "encrypt-to-default-key", "@"), ARGPARSE_s_s (oDefRecipient, "default-recipient", "@"), ARGPARSE_s_n (oDefRecipientSelf, "default-recipient-self", "@"), ARGPARSE_s_n (oNoDefRecipient, "no-default-recipient", "@"), ARGPARSE_s_s (oGroup, "group", N_("|SPEC|set up email aliases")), ARGPARSE_s_s (oUnGroup, "ungroup", "@"), ARGPARSE_s_n (oNoGroups, "no-groups", "@"), ARGPARSE_s_s (oCompliance, "compliance", "@"), ARGPARSE_s_n (oGnuPG, "gnupg", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp2", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp6", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp7", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"), ARGPARSE_s_n (oRFC2440, "rfc2440", "@"), ARGPARSE_s_n (oRFC4880, "rfc4880", "@"), ARGPARSE_s_n (oRFC4880bis, "rfc4880bis", "@"), ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")), ARGPARSE_s_n (oPGP6, "pgp6", "@"), ARGPARSE_s_n (oPGP7, "pgp7", "@"), ARGPARSE_s_n (oPGP8, "pgp8", "@"), ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"), ARGPARSE_p_u (oMinRSALength, "min-rsa-length", "@"), #ifndef NO_TRUST_MODELS ARGPARSE_s_n (oAlwaysTrust, "always-trust", "@"), #endif ARGPARSE_s_s (oTrustModel, "trust-model", "@"), ARGPARSE_s_s (oPhotoViewer, "photo-viewer", "@"), ARGPARSE_s_s (oKnownNotation, "known-notation", "@"), ARGPARSE_s_s (oAgentProgram, "agent-program", "@"), ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"), ARGPARSE_s_n (oExitOnStatusWriteError, "exit-on-status-write-error", "@"), ARGPARSE_s_i (oLimitCardInsertTries, "limit-card-insert-tries", "@"), ARGPARSE_s_n (oEnableProgressFilter, "enable-progress-filter", "@"), ARGPARSE_s_s (oTempDir, "temp-directory", "@"), ARGPARSE_s_s (oExecPath, "exec-path", "@"), ARGPARSE_s_n (oExpert, "expert", "@"), ARGPARSE_s_n (oNoExpert, "no-expert", "@"), ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"), ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"), ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"), ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"), ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")), ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")), ARGPARSE_s_s (oDefSigExpire, "default-sig-expire", "@"), ARGPARSE_s_n (oAskSigExpire, "ask-sig-expire", "@"), ARGPARSE_s_n (oNoAskSigExpire, "no-ask-sig-expire", "@"), ARGPARSE_s_s (oDefCertExpire, "default-cert-expire", "@"), ARGPARSE_s_n (oAskCertExpire, "ask-cert-expire", "@"), ARGPARSE_s_n (oNoAskCertExpire, "no-ask-cert-expire", "@"), ARGPARSE_s_i (oDefCertLevel, "default-cert-level", "@"), ARGPARSE_s_i (oMinCertLevel, "min-cert-level", "@"), ARGPARSE_s_n (oAskCertLevel, "ask-cert-level", "@"), ARGPARSE_s_n (oNoAskCertLevel, "no-ask-cert-level", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"), ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"), ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"), ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"), ARGPARSE_s_s (oPersonalCipherPreferences, "personal-cipher-preferences","@"), ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), ARGPARSE_s_s (oDefaultPreferenceList, "default-preference-list", "@"), ARGPARSE_s_s (oDefaultKeyserverURL, "default-keyserver-url", "@"), ARGPARSE_s_n (oNoExpensiveTrustChecks, "no-expensive-trust-checks", "@"), ARGPARSE_s_n (oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", "@"), ARGPARSE_s_n (oNoAllowNonSelfsignedUID, "no-allow-non-selfsigned-uid", "@"), ARGPARSE_s_n (oAllowFreeformUID, "allow-freeform-uid", "@"), ARGPARSE_s_n (oNoAllowFreeformUID, "no-allow-freeform-uid", "@"), ARGPARSE_s_n (oPreservePermissions, "preserve-permissions", "@"), ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */ ARGPARSE_s_s (oTOFUDefaultPolicy, "tofu-default-policy", "@"), ARGPARSE_s_n (oLockOnce, "lock-once", "@"), ARGPARSE_s_n (oLockMultiple, "lock-multiple", "@"), ARGPARSE_s_n (oLockNever, "lock-never", "@"), ARGPARSE_s_s (oCompressAlgo,"compress-algo", "@"), ARGPARSE_s_s (oCompressAlgo, "compression-algo", "@"), /* Alias */ ARGPARSE_s_n (oBZ2DecompressLowmem, "bzip2-decompress-lowmem", "@"), ARGPARSE_s_i (oCompletesNeeded, "completes-needed", "@"), ARGPARSE_s_i (oMarginalsNeeded, "marginals-needed", "@"), ARGPARSE_s_i (oMaxCertDepth, "max-cert-depth", "@" ), #ifndef NO_TRUST_MODELS ARGPARSE_s_s (oTrustDBName, "trustdb-name", "@"), ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"), ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"), ARGPARSE_s_s (oForceOwnertrust, "force-ownertrust", "@"), #endif ARGPARSE_header ("Input", N_("Options controlling the input")), ARGPARSE_s_n (oMultifile, "multifile", "@"), ARGPARSE_s_s (oInputSizeHint, "input-size-hint", "@"), ARGPARSE_s_n (oUtf8Strings, "utf8-strings", "@"), ARGPARSE_s_n (oNoUtf8Strings, "no-utf8-strings", "@"), ARGPARSE_p_u (oSetFilesize, "set-filesize", "@"), ARGPARSE_s_n (oNoLiteral, "no-literal", "@"), ARGPARSE_s_s (oSetNotation, "set-notation", "@"), ARGPARSE_s_s (oSigNotation, "sig-notation", "@"), ARGPARSE_s_s (oCertNotation, "cert-notation", "@"), ARGPARSE_s_s (oSetPolicyURL, "set-policy-url", "@"), ARGPARSE_s_s (oSigPolicyURL, "sig-policy-url", "@"), ARGPARSE_s_s (oCertPolicyURL, "cert-policy-url", "@"), ARGPARSE_s_s (oSigKeyserverURL, "sig-keyserver-url", "@"), ARGPARSE_header ("Output", N_("Options controlling the output")), ARGPARSE_s_n (oArmor, "armor", N_("create ascii armored output")), ARGPARSE_s_n (oArmor, "armour", "@"), ARGPARSE_s_n (oNoArmor, "no-armor", "@"), ARGPARSE_s_n (oNoArmor, "no-armour", "@"), ARGPARSE_s_s (oOutput, "output", N_("|FILE|write output to FILE")), ARGPARSE_p_u (oMaxOutput, "max-output", "@"), ARGPARSE_s_s (oComment, "comment", "@"), ARGPARSE_s_n (oDefaultComment, "default-comment", "@"), ARGPARSE_s_n (oNoComments, "no-comments", "@"), ARGPARSE_s_n (oEmitVersion, "emit-version", "@"), ARGPARSE_s_n (oNoEmitVersion, "no-emit-version", "@"), ARGPARSE_s_n (oNoEmitVersion, "no-version", "@"), /* alias */ ARGPARSE_s_n (oNotDashEscaped, "not-dash-escaped", "@"), ARGPARSE_s_n (oEscapeFrom, "escape-from-lines", "@"), ARGPARSE_s_n (oNoEscapeFrom, "no-escape-from-lines", "@"), ARGPARSE_s_n (oMimemode, "mimemode", "@"), ARGPARSE_s_n (oTextmodeShort, NULL, "@"), ARGPARSE_s_n (oTextmode, "textmode", N_("use canonical text mode")), ARGPARSE_s_n (oNoTextmode, "no-textmode", "@"), ARGPARSE_s_s (oSetFilename, "set-filename", "@"), ARGPARSE_s_n (oForYourEyesOnly, "for-your-eyes-only", "@"), ARGPARSE_s_n (oNoForYourEyesOnly, "no-for-your-eyes-only", "@"), ARGPARSE_s_n (oShowNotation, "show-notation", "@"), ARGPARSE_s_n (oNoShowNotation, "no-show-notation", "@"), ARGPARSE_s_n (oShowSessionKey, "show-session-key", "@"), ARGPARSE_s_n (oUseEmbeddedFilename, "use-embedded-filename", "@"), ARGPARSE_s_n (oNoUseEmbeddedFilename, "no-use-embedded-filename", "@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oMangleDosFilenames, "mangle-dos-filenames", "@"), ARGPARSE_s_n (oNoMangleDosFilenames, "no-mangle-dos-filenames", "@"), ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), ARGPARSE_s_n (oListOnly, "list-only", "@"), ARGPARSE_s_i (oCompress, NULL, N_("|N|set compress level to N (0 disables)")), ARGPARSE_s_i (oCompressLevel, "compress-level", "@"), ARGPARSE_s_i (oBZ2CompressLevel, "bzip2-compress-level", "@"), ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"), ARGPARSE_header ("ImportExport", N_("Options controlling key import and export")), ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", N_("|MECHANISMS|use MECHANISMS to locate keys by mail address")), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oAutoKeyImport, "auto-key-import", N_("import missing key from a signature")), ARGPARSE_s_n (oNoAutoKeyImport, "no-auto-key-import", "@"), ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"), ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"), ARGPARSE_s_n (oIncludeKeyBlock, "include-key-block", N_("include the public key in signatures")), ARGPARSE_s_n (oNoIncludeKeyBlock, "no-include-key-block", "@"), ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr", N_("disable all access to the dirmngr")), ARGPARSE_s_s (oKeyServer, "keyserver", "@"), /* Deprecated. */ ARGPARSE_s_s (oKeyServerOptions, "keyserver-options", "@"), ARGPARSE_s_s (oKeyOrigin, "key-origin", "@"), ARGPARSE_s_s (oImportOptions, "import-options", "@"), ARGPARSE_s_s (oImportFilter, "import-filter", "@"), ARGPARSE_s_s (oExportOptions, "export-options", "@"), ARGPARSE_s_s (oExportFilter, "export-filter", "@"), ARGPARSE_s_n (oMergeOnly, "merge-only", "@" ), ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"), ARGPARSE_header ("Keylist", N_("Options controlling key listings")), ARGPARSE_s_s (oListOptions, "list-options", "@"), ARGPARSE_s_n (oShowPhotos, "show-photos", "@"), ARGPARSE_s_n (oNoShowPhotos, "no-show-photos", "@"), ARGPARSE_s_n (oShowPolicyURL, "show-policy-url", "@"), ARGPARSE_s_n (oNoShowPolicyURL, "no-show-policy-url", "@"), ARGPARSE_s_n (oWithColons, "with-colons", "@"), ARGPARSE_s_n (oWithTofuInfo,"with-tofu-info", "@"), ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"), ARGPARSE_s_n (oWithSigList,"with-sig-list", "@"), ARGPARSE_s_n (oWithSigCheck,"with-sig-check", "@"), ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"), ARGPARSE_s_n (oWithSubkeyFingerprint, "with-subkey-fingerprint", "@"), ARGPARSE_s_n (oWithSubkeyFingerprint, "with-subkey-fingerprints", "@"), ARGPARSE_s_n (oWithICAOSpelling, "with-icao-spelling", "@"), ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"), ARGPARSE_s_n (oWithSecret, "with-secret", "@"), ARGPARSE_s_n (oWithWKDHash, "with-wkd-hash", "@"), ARGPARSE_s_n (oWithKeyOrigin, "with-key-origin", "@"), ARGPARSE_s_n (oFastListMode, "fast-list-mode", "@"), ARGPARSE_s_n (oFixedListMode, "fixed-list-mode", "@"), ARGPARSE_s_n (oLegacyListMode, "legacy-list-mode", "@"), ARGPARSE_s_n (oPrintPKARecords, "print-pka-records", "@"), ARGPARSE_s_n (oPrintDANERecords, "print-dane-records", "@"), ARGPARSE_s_s (oKeyidFormat, "keyid-format", "@"), ARGPARSE_s_n (oShowKeyring, "show-keyring", "@"), ARGPARSE_header (NULL, N_("Options to specify keys")), ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")), ARGPARSE_s_s (oHiddenRecipient, "hidden-recipient", "@"), ARGPARSE_s_s (oRecipientFile, "recipient-file", "@"), ARGPARSE_s_s (oHiddenRecipientFile, "hidden-recipient-file", "@"), ARGPARSE_s_s (oRecipient, "remote-user", "@"), /* (old option name) */ ARGPARSE_s_n (oThrowKeyids, "throw-keyids", "@"), ARGPARSE_s_n (oNoThrowKeyids, "no-throw-keyids", "@"), ARGPARSE_s_s (oLocalUser, "local-user", N_("|USER-ID|use USER-ID to sign or decrypt")), ARGPARSE_s_s (oTrustedKey, "trusted-key", "@"), ARGPARSE_s_s (oSender, "sender", "@"), ARGPARSE_s_s (oTrySecretKey, "try-secret-key", "@"), ARGPARSE_s_n (oTryAllSecrets, "try-all-secrets", "@"), ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"), ARGPARSE_s_n (oNoKeyring, "no-keyring", "@"), ARGPARSE_s_s (oKeyring, "keyring", "@"), ARGPARSE_s_s (oPrimaryKeyring, "primary-keyring", "@"), ARGPARSE_s_s (oSecretKeyring, "secret-keyring", "@"), ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), ARGPARSE_s_s (oOverrideSessionKey, "override-session-key", "@"), ARGPARSE_s_i (oOverrideSessionKeyFD, "override-session-key-fd", "@"), ARGPARSE_header ("Security", N_("Options controlling the security")), ARGPARSE_s_i (oS2KMode, "s2k-mode", "@"), ARGPARSE_s_s (oS2KDigest, "s2k-digest-algo", "@"), ARGPARSE_s_s (oS2KCipher, "s2k-cipher-algo", "@"), ARGPARSE_s_i (oS2KCount, "s2k-count", "@"), ARGPARSE_s_n (oForceOCB, "force-ocb", "@"), ARGPARSE_s_n (oRequireCrossCert, "require-backsigs", "@"), ARGPARSE_s_n (oRequireCrossCert, "require-cross-certification", "@"), ARGPARSE_s_n (oNoRequireCrossCert, "no-require-backsigs", "@"), ARGPARSE_s_n (oNoRequireCrossCert, "no-require-cross-certification", "@"), ARGPARSE_s_s (oVerifyOptions, "verify-options", "@"), ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"), ARGPARSE_s_n (oNoRandomSeedFile, "no-random-seed-file", "@"), ARGPARSE_s_n (oNoSigCache, "no-sig-cache", "@"), ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"), ARGPARSE_s_n (oIgnoreValidFrom, "ignore-valid-from", "@"), ARGPARSE_s_n (oIgnoreCrcError, "ignore-crc-error", "@"), ARGPARSE_s_n (oIgnoreMDCError, "ignore-mdc-error", "@"), ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"), ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"), ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"), ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"), ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"), /* Options to override new security defaults. */ ARGPARSE_s_n (oAllowWeakKeySignatures, "allow-weak-key-signatures", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oAllowMultisigVerification, "allow-multisig-verification", "@"), ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_header (NULL, N_("Options for unattended use")), ARGPARSE_s_n (oBatch, "batch", "@"), ARGPARSE_s_n (oNoBatch, "no-batch", "@"), ARGPARSE_s_n (oAnswerYes, "yes", "@"), ARGPARSE_s_n (oAnswerNo, "no", "@"), ARGPARSE_s_i (oStatusFD, "status-fd", "@"), ARGPARSE_s_s (oStatusFile, "status-file", "@"), ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"), ARGPARSE_s_s (oAttributeFile, "attribute-file", "@"), ARGPARSE_s_i (oCommandFD, "command-fd", "@"), ARGPARSE_s_s (oCommandFile, "command-file", "@"), ARGPARSE_o_s (oPassphrase, "passphrase", "@"), ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"), ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"), ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"), ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"), ARGPARSE_s_n (oForceSignKey, "force-sign-key", "@"), ARGPARSE_header (NULL, N_("Other options")), ARGPARSE_s_s (oRequestOrigin, "request-origin", "@"), ARGPARSE_s_s (oDisplay, "display", "@"), ARGPARSE_s_s (oTTYname, "ttyname", "@"), ARGPARSE_s_s (oTTYtype, "ttytype", "@"), ARGPARSE_s_s (oLCctype, "lc-ctype", "@"), ARGPARSE_s_s (oLCmessages, "lc-messages","@"), ARGPARSE_s_s (oXauthority, "xauthority", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), ARGPARSE_s_n (oForbidGenKey, "forbid-gen-key", "@"), ARGPARSE_s_n (oRequireCompliance, "require-compliance", "@"), ARGPARSE_s_s (oCompatibilityFlags, "compatibility-flags", "@"), /* Options which can be used in special circumstances. They are not * published and we hope they are never required. */ ARGPARSE_s_n (oUseOnlyOpenPGPCard, "use-only-openpgp-card", "@"), /* Esoteric compatibility options. */ ARGPARSE_s_n (oRFC2440Text, "rfc2440-text", "@"), ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"), ARGPARSE_header (NULL, ""), /* Stop the header group. */ /* Aliases. I constantly mistype these, and assume other people do as well. */ ARGPARSE_s_s (oPersonalCipherPreferences, "personal-cipher-prefs", "@"), ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-prefs", "@"), ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-prefs", "@"), /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common already as they seem to have borrowed commands from us. Now I'm returning the favor. */ ARGPARSE_s_s (oLocalUser, "sign-with", "@"), ARGPARSE_s_s (oRecipient, "user", "@"), /* Dummy options with warnings. */ ARGPARSE_s_n (oUseAgent, "use-agent", "@"), ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"), ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"), ARGPARSE_s_s (oReaderPort, "reader-port", "@"), ARGPARSE_s_s (octapiDriver, "ctapi-driver", "@"), ARGPARSE_s_s (opcscDriver, "pcsc-driver", "@"), ARGPARSE_s_n (oDisableCCID, "disable-ccid", "@"), ARGPARSE_s_n (oHonorHttpProxy, "honor-http-proxy", "@"), ARGPARSE_s_s (oTOFUDBFormat, "tofu-db-format", "@"), /* Dummy options. */ ARGPARSE_ignore (oStrict, "strict"), ARGPARSE_ignore (oNoStrict, "no-strict"), ARGPARSE_ignore (oLoadExtension, "load-extension"), /* from 1.4. */ ARGPARSE_s_n (oNoop, "sk-comments", "@"), ARGPARSE_s_n (oNoop, "no-sk-comments", "@"), ARGPARSE_s_n (oNoop, "compress-keys", "@"), ARGPARSE_s_n (oNoop, "compress-sigs", "@"), ARGPARSE_s_n (oNoop, "force-v3-sigs", "@"), ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"), ARGPARSE_s_n (oNoop, "force-v4-certs", "@"), ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"), ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"), ARGPARSE_s_n (oNoop, "force-mdc", "@"), ARGPARSE_s_n (oNoop, "no-force-mdc", "@"), ARGPARSE_s_n (oNoop, "disable-mdc", "@"), ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"), ARGPARSE_s_n (oNoop, "override-compliance-check", "@"), ARGPARSE_group (302, N_( "@\n(See the man page for a complete listing of all commands and options)\n" )), ARGPARSE_group (303, N_("@\nExamples:\n\n" " -se -r Bob [file] sign and encrypt for user Bob\n" " --clear-sign [file] make a clear text signature\n" " --detach-sign [file] make a detached signature\n" " --list-keys [names] show keys\n" " --fingerprint [names] show fingerprints\n")), ARGPARSE_end () }; /* The list of supported debug flags. */ static struct debug_flags_s debug_flags [] = { { DBG_PACKET_VALUE , "packet" }, { DBG_MPI_VALUE , "mpi" }, { DBG_CRYPTO_VALUE , "crypto" }, { DBG_FILTER_VALUE , "filter" }, { DBG_IOBUF_VALUE , "iobuf" }, { DBG_MEMORY_VALUE , "memory" }, { DBG_CACHE_VALUE , "cache" }, { DBG_MEMSTAT_VALUE, "memstat" }, { DBG_TRUST_VALUE , "trust" }, { DBG_HASHING_VALUE, "hashing" }, { DBG_IPC_VALUE , "ipc" }, { DBG_CLOCK_VALUE , "clock" }, { DBG_LOOKUP_VALUE , "lookup" }, { DBG_EXTPROG_VALUE, "extprog" }, { 0, NULL } }; /* The list of compatibility flags. */ static struct compatibility_flags_s compatibility_flags [] = { { COMPAT_VSD_ALLOW_OCB, "vsd-allow-ocb" }, { 0, NULL } }; #ifdef ENABLE_SELINUX_HACKS #define ALWAYS_ADD_KEYRINGS 1 #else #define ALWAYS_ADD_KEYRINGS 0 #endif /* The list of the default AKL methods. */ #define DEFAULT_AKL_LIST "local,wkd" int g10_errors_seen = 0; static int utf8_strings = #ifdef HAVE_W32_SYSTEM 1 #else 0 #endif ; static int maybe_setuid = 1; /* Collection of options used only in this module. */ static struct { unsigned int forbid_gen_key; } mopt; static char *build_list( const char *text, char letter, const char *(*mapf)(int), int (*chkf)(int) ); static void set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd ); static void print_mds( const char *fname, int algo ); static void add_notation_data( const char *string, int which ); static void add_policy_url( const char *string, int which ); static void add_keyserver_url( const char *string, int which ); static void emergency_cleanup (void); static void read_sessionkey_from_fd (int fd); static char * make_libversion (const char *libname, const char *(*getfnc)(const char*)) { const char *s; char *result; if (maybe_setuid) { gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ maybe_setuid = 0; } s = getfnc (NULL); result = xmalloc (strlen (libname) + 1 + strlen (s) + 1); strcpy (stpcpy (stpcpy (result, libname), " "), s); return result; } static int build_list_pk_test_algo (int algo) { /* Show only one "RSA" string. If RSA_E or RSA_S is available RSA is also available. */ if (algo == PUBKEY_ALGO_RSA_E || algo == PUBKEY_ALGO_RSA_S) return GPG_ERR_DIGEST_ALGO; return openpgp_pk_test_algo (algo); } static const char * build_list_pk_algo_name (int algo) { return openpgp_pk_algo_name (algo); } static int build_list_cipher_test_algo (int algo) { return openpgp_cipher_test_algo (algo); } static const char * build_list_cipher_algo_name (int algo) { return openpgp_cipher_algo_name (algo); } static int build_list_md_test_algo (int algo) { /* By default we do not accept MD5 based signatures. To avoid confusion we do not announce support for it either. */ if (algo == DIGEST_ALGO_MD5) return GPG_ERR_DIGEST_ALGO; return openpgp_md_test_algo (algo); } static const char * build_list_md_algo_name (int algo) { return openpgp_md_algo_name (algo); } static const char * my_strusage( int level ) { static char *digests, *pubkeys, *ciphers, *zips, *ver_gcry; const char *p; switch (level) { case 9: p = "GPL-3.0-or-later"; break; case 11: p = "@GPG@ (@GNUPG@)"; break; case 13: p = VERSION; break; case 14: p = GNUPG_DEF_COPYRIGHT_LINE; break; case 17: p = PRINTABLE_OS_NAME; break; case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break; case 20: if (!ver_gcry) ver_gcry = make_libversion ("libgcrypt", gcry_check_version); p = ver_gcry; break; #ifdef IS_DEVELOPMENT_VERSION case 25: p="NOTE: THIS IS A DEVELOPMENT VERSION!"; break; case 26: p="It is only intended for test purposes and should NOT be"; break; case 27: p="used in a production environment or with production keys!"; break; #endif case 1: case 40: p = _("Usage: @GPG@ [options] [files] (-h for help)"); break; case 41: p = _("Syntax: @GPG@ [options] [files]\n" "Sign, check, encrypt or decrypt\n" "Default operation depends on the input data\n"); break; case 31: p = "\nHome: "; break; #ifndef __riscos__ case 32: p = gnupg_homedir (); break; #else /* __riscos__ */ case 32: p = make_filename(gnupg_homedir (), NULL); break; #endif /* __riscos__ */ case 33: p = _("\nSupported algorithms:\n"); break; case 34: if (!pubkeys) pubkeys = build_list (_("Pubkey: "), 1, build_list_pk_algo_name, build_list_pk_test_algo ); p = pubkeys; break; case 35: if( !ciphers ) ciphers = build_list(_("Cipher: "), 'S', build_list_cipher_algo_name, build_list_cipher_test_algo ); p = ciphers; break; case 36: if( !digests ) digests = build_list(_("Hash: "), 'H', build_list_md_algo_name, build_list_md_test_algo ); p = digests; break; case 37: if( !zips ) zips = build_list(_("Compression: "),'Z', compress_algo_to_string, check_compress_algo); p = zips; break; case 95: p = "1"; /* <-- Enable globbing under Windows (see init.c) */ break; default: p = NULL; } return p; } static char * build_list (const char *text, char letter, const char * (*mapf)(int), int (*chkf)(int)) { membuf_t mb; int indent; int i, j, len; const char *s; char *string; if (maybe_setuid) gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ indent = utf8_charcount (text, -1); len = 0; init_membuf (&mb, 512); for (i=0; i <= 110; i++ ) { if (!chkf (i) && (s = mapf (i))) { if (mb.len - len > 60) { put_membuf_str (&mb, ",\n"); len = mb.len; for (j=0; j < indent; j++) put_membuf_str (&mb, " "); } else if (mb.len) put_membuf_str (&mb, ", "); else put_membuf_str (&mb, text); put_membuf_str (&mb, s); if (opt.verbose && letter) { char num[20]; if (letter == 1) snprintf (num, sizeof num, " (%d)", i); else snprintf (num, sizeof num, " (%c%d)", letter, i); put_membuf_str (&mb, num); } } } if (mb.len) put_membuf_str (&mb, "\n"); put_membuf (&mb, "", 1); string = get_membuf (&mb, NULL); return xrealloc (string, strlen (string)+1); } static void wrong_args( const char *text) { es_fprintf (es_stderr, _("usage: %s [options] %s\n"), GPG_NAME, text); log_inc_errorcount (); g10_exit(2); } static char * make_username( const char *string ) { char *p; if( utf8_strings ) p = xstrdup(string); else p = native_to_utf8( string ); return p; } static void set_opt_session_env (const char *name, const char *value) { gpg_error_t err; err = session_env_setenv (opt.session_env, name, value); if (err) log_fatal ("error setting session environment: %s\n", gpg_strerror (err)); } /* Setup the debugging. With a LEVEL of NULL only the active debug flags are propagated to the subsystems. With LEVEL set, a specific set of debug flags is set; thus overriding all flags already set. */ static void set_debug (const char *level) { int numok = (level && digitp (level)); int numlvl = numok? atoi (level) : 0; if (!level) ; else if (!strcmp (level, "none") || (numok && numlvl < 1)) opt.debug = 0; else if (!strcmp (level, "basic") || (numok && numlvl <= 2)) opt.debug = DBG_MEMSTAT_VALUE; else if (!strcmp (level, "advanced") || (numok && numlvl <= 5)) opt.debug = DBG_MEMSTAT_VALUE|DBG_TRUST_VALUE|DBG_EXTPROG_VALUE; else if (!strcmp (level, "expert") || (numok && numlvl <= 8)) opt.debug = (DBG_MEMSTAT_VALUE|DBG_TRUST_VALUE|DBG_EXTPROG_VALUE |DBG_CACHE_VALUE|DBG_LOOKUP|DBG_FILTER_VALUE|DBG_PACKET_VALUE); else if (!strcmp (level, "guru") || numok) { opt.debug = ~0; /* Unless the "guru" string has been used we don't want to allow hashing debugging. The rationale is that people tend to select the highest debug value and would then clutter their disk with debug files which may reveal confidential data. */ if (numok) opt.debug &= ~(DBG_HASHING_VALUE); } else { log_error (_("invalid debug-level '%s' given\n"), level); g10_exit (2); } if ((opt.debug & DBG_MEMORY_VALUE)) memory_debug_mode = 1; if ((opt.debug & DBG_MEMSTAT_VALUE)) memory_stat_debug_mode = 1; if (DBG_MPI) gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2); if (DBG_CRYPTO) gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1); if ((opt.debug & DBG_IOBUF_VALUE)) iobuf_debug_mode = 1; gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose); if (opt.debug) parse_debug_flag (NULL, &opt.debug, debug_flags); /* Make sure that we are --verbose in debug mode. */ if (opt.debug && !opt.verbose) opt.verbose = 1; if (opt.debug && opt.quiet) opt.quiet = 0; } /* We set the screen dimensions for UI purposes. Do not allow screens smaller than 80x24 for the sake of simplicity. */ static void set_screen_dimensions(void) { #ifndef HAVE_W32_SYSTEM char *str; str=getenv("COLUMNS"); if(str) opt.screen_columns=atoi(str); str=getenv("LINES"); if(str) opt.screen_lines=atoi(str); #endif if(opt.screen_columns<80 || opt.screen_columns>255) opt.screen_columns=80; if(opt.screen_lines<24 || opt.screen_lines>255) opt.screen_lines=24; } /* Helper to open a file FNAME either for reading or writing to be used with --status-file etc functions. Not generally useful but it avoids the riscos specific functions and well some Windows people might like it too. Prints an error message and returns -1 on error. On success the file descriptor is returned. */ static int open_info_file (const char *fname, int for_write, int binary) { #ifdef __riscos__ return riscos_fdopenfile (fname, for_write); #elif defined (ENABLE_SELINUX_HACKS) /* We can't allow these even when testing for a secured filename because files to be secured might not yet been secured. This is similar to the option file but in that case it is unlikely that sensitive information may be retrieved by means of error messages. */ (void)fname; (void)for_write; (void)binary; return -1; #else int fd; if (binary) binary = MY_O_BINARY; /* if (is_secured_filename (fname)) */ /* { */ /* fd = -1; */ /* gpg_err_set_errno (EPERM); */ /* } */ /* else */ /* { */ do { if (for_write) fd = gnupg_open (fname, O_CREAT | O_TRUNC | O_WRONLY | binary, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); else fd = gnupg_open (fname, O_RDONLY | binary, 0); } while (fd == -1 && errno == EINTR); /* } */ if ( fd == -1) log_error ( for_write? _("can't create '%s': %s\n") : _("can't open '%s': %s\n"), fname, strerror(errno)); return fd; #endif } static void set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd ) { enum cmd_and_opt_values cmd = *ret_cmd; if( !cmd || cmd == new_cmd ) cmd = new_cmd; else if( cmd == aSign && new_cmd == aEncr ) cmd = aSignEncr; else if( cmd == aEncr && new_cmd == aSign ) cmd = aSignEncr; else if( cmd == aSign && new_cmd == aSym ) cmd = aSignSym; else if( cmd == aSym && new_cmd == aSign ) cmd = aSignSym; else if( cmd == aSym && new_cmd == aEncr ) cmd = aEncrSym; else if( cmd == aEncr && new_cmd == aSym ) cmd = aEncrSym; else if (cmd == aSignEncr && new_cmd == aSym) cmd = aSignEncrSym; else if (cmd == aSignSym && new_cmd == aEncr) cmd = aSignEncrSym; else if (cmd == aEncrSym && new_cmd == aSign) cmd = aSignEncrSym; else if( ( cmd == aSign && new_cmd == aClearsign ) || ( cmd == aClearsign && new_cmd == aSign ) ) cmd = aClearsign; else { log_error(_("conflicting commands\n")); g10_exit(2); } *ret_cmd = cmd; } static void add_group(char *string) { char *name,*value; struct groupitem *item; /* Break off the group name */ name=strsep(&string,"="); if(string==NULL) { log_error(_("no = sign found in group definition '%s'\n"),name); return; } trim_trailing_ws(name,strlen(name)); /* Does this group already exist? */ for(item=opt.grouplist;item;item=item->next) if(strcasecmp(item->name,name)==0) break; if(!item) { item=xmalloc(sizeof(struct groupitem)); item->name=name; item->next=opt.grouplist; item->values=NULL; opt.grouplist=item; } /* Break apart the values */ while ((value= strsep(&string," \t"))) { if (*value) add_to_strlist2(&item->values,value,utf8_strings); } } static void rm_group(char *name) { struct groupitem *item,*last=NULL; trim_trailing_ws(name,strlen(name)); for(item=opt.grouplist;item;last=item,item=item->next) { if(strcasecmp(item->name,name)==0) { if(last) last->next=item->next; else opt.grouplist=item->next; free_strlist(item->values); xfree(item); break; } } } /* We need to check three things. 0) The homedir. It must be x00, a directory, and owned by the user. 1) The options/gpg.conf file. Okay unless it or its containing directory is group or other writable or not owned by us. Disable exec in this case. 2) Extensions. Same as #1. Returns true if the item is unsafe. */ static int check_permissions (const char *path, int item) { #if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM) static int homedir_cache=-1; char *tmppath,*dir; struct stat statbuf,dirbuf; int homedir=0,ret=0,checkonly=0; int perm=0,own=0,enc_dir_perm=0,enc_dir_own=0; if(opt.no_perm_warn) return 0; log_assert(item==0 || item==1 || item==2); /* extensions may attach a path */ if(item==2 && path[0]!=DIRSEP_C) { if(strchr(path,DIRSEP_C)) tmppath=make_filename(path,NULL); else tmppath=make_filename(gnupg_libdir (),path,NULL); } else tmppath=xstrdup(path); /* If the item is located in the homedir, but isn't the homedir, don't continue if we already checked the homedir itself. This is to avoid user confusion with an extra options file warning which could be rectified if the homedir itself had proper permissions. */ if(item!=0 && homedir_cache>-1 && !ascii_strncasecmp (gnupg_homedir (), tmppath, strlen (gnupg_homedir ()))) { ret=homedir_cache; goto end; } /* It's okay if the file or directory doesn't exist */ if (gnupg_stat (tmppath,&statbuf)) { ret=0; goto end; } /* Now check the enclosing directory. Theoretically, we could walk this test up to the root directory /, but for the sake of sanity, I'm stopping at one level down. */ dir=make_dirname(tmppath); if (gnupg_stat (dir,&dirbuf) || !S_ISDIR (dirbuf.st_mode)) { /* Weird error */ ret=1; goto end; } xfree(dir); /* Assume failure */ ret=1; if(item==0) { /* The homedir must be x00, a directory, and owned by the user. */ if(S_ISDIR(statbuf.st_mode)) { if(statbuf.st_uid==getuid()) { if((statbuf.st_mode & (S_IRWXG|S_IRWXO))==0) ret=0; else perm=1; } else own=1; homedir_cache=ret; } } else if(item==1 || item==2) { /* The options or extension file. Okay unless it or its containing directory is group or other writable or not owned by us or root. */ if(S_ISREG(statbuf.st_mode)) { if(statbuf.st_uid==getuid() || statbuf.st_uid==0) { if((statbuf.st_mode & (S_IWGRP|S_IWOTH))==0) { /* it's not writable, so make sure the enclosing directory is also not writable */ if(dirbuf.st_uid==getuid() || dirbuf.st_uid==0) { if((dirbuf.st_mode & (S_IWGRP|S_IWOTH))==0) ret=0; else enc_dir_perm=1; } else enc_dir_own=1; } else { /* it's writable, so the enclosing directory had better not let people get to it. */ if(dirbuf.st_uid==getuid() || dirbuf.st_uid==0) { if((dirbuf.st_mode & (S_IRWXG|S_IRWXO))==0) ret=0; else perm=enc_dir_perm=1; /* unclear which one to fix! */ } else enc_dir_own=1; } } else own=1; } } else BUG(); if(!checkonly) { if(own) { if(item==0) log_info(_("WARNING: unsafe ownership on" " homedir '%s'\n"),tmppath); else if(item==1) log_info(_("WARNING: unsafe ownership on" " configuration file '%s'\n"),tmppath); else log_info(_("WARNING: unsafe ownership on" " extension '%s'\n"),tmppath); } if(perm) { if(item==0) log_info(_("WARNING: unsafe permissions on" " homedir '%s'\n"),tmppath); else if(item==1) log_info(_("WARNING: unsafe permissions on" " configuration file '%s'\n"),tmppath); else log_info(_("WARNING: unsafe permissions on" " extension '%s'\n"),tmppath); } if(enc_dir_own) { if(item==0) log_info(_("WARNING: unsafe enclosing directory ownership on" " homedir '%s'\n"),tmppath); else if(item==1) log_info(_("WARNING: unsafe enclosing directory ownership on" " configuration file '%s'\n"),tmppath); else log_info(_("WARNING: unsafe enclosing directory ownership on" " extension '%s'\n"),tmppath); } if(enc_dir_perm) { if(item==0) log_info(_("WARNING: unsafe enclosing directory permissions on" " homedir '%s'\n"),tmppath); else if(item==1) log_info(_("WARNING: unsafe enclosing directory permissions on" " configuration file '%s'\n"),tmppath); else log_info(_("WARNING: unsafe enclosing directory permissions on" " extension '%s'\n"),tmppath); } } end: xfree(tmppath); if(homedir) homedir_cache=ret; return ret; #else /*!(HAVE_STAT && !HAVE_DOSISH_SYSTEM)*/ (void)path; (void)item; return 0; #endif /*!(HAVE_STAT && !HAVE_DOSISH_SYSTEM)*/ } /* Print the OpenPGP defined algo numbers. */ static void print_algo_numbers(int (*checker)(int)) { int i,first=1; for(i=0;i<=110;i++) { if(!checker(i)) { if(first) first=0; else es_printf (";"); es_printf ("%d",i); } } } static void print_algo_names(int (*checker)(int),const char *(*mapper)(int)) { int i,first=1; for(i=0;i<=110;i++) { if(!checker(i)) { if(first) first=0; else es_printf (";"); es_printf ("%s",mapper(i)); } } } /* In the future, we can do all sorts of interesting configuration output here. For now, just give "group" as the Enigmail folks need it, and pubkey, cipher, hash, and compress as they may be useful for frontends. */ static void list_config(char *items) { int show_all = !items; char *name = NULL; const char *s; struct groupitem *giter; int first, iter; if(!opt.with_colons) return; while(show_all || (name=strsep(&items," "))) { int any=0; if(show_all || ascii_strcasecmp(name,"group")==0) { for (giter = opt.grouplist; giter; giter = giter->next) { strlist_t sl; es_fprintf (es_stdout, "cfg:group:"); es_write_sanitized (es_stdout, giter->name, strlen(giter->name), ":", NULL); es_putc (':', es_stdout); for(sl=giter->values; sl; sl=sl->next) { es_write_sanitized (es_stdout, sl->d, strlen (sl->d), ":;", NULL); if(sl->next) es_printf(";"); } es_printf("\n"); } any=1; } if(show_all || ascii_strcasecmp(name,"version")==0) { es_printf("cfg:version:"); es_write_sanitized (es_stdout, VERSION, strlen(VERSION), ":", NULL); es_printf ("\n"); any=1; } if(show_all || ascii_strcasecmp(name,"pubkey")==0) { es_printf ("cfg:pubkey:"); print_algo_numbers (build_list_pk_test_algo); es_printf ("\n"); any=1; } if(show_all || ascii_strcasecmp(name,"pubkeyname")==0) { es_printf ("cfg:pubkeyname:"); print_algo_names (build_list_pk_test_algo, build_list_pk_algo_name); es_printf ("\n"); any=1; } if(show_all || ascii_strcasecmp(name,"cipher")==0) { es_printf ("cfg:cipher:"); print_algo_numbers (build_list_cipher_test_algo); es_printf ("\n"); any=1; } if (show_all || !ascii_strcasecmp (name,"ciphername")) { es_printf ("cfg:ciphername:"); print_algo_names (build_list_cipher_test_algo, build_list_cipher_algo_name); es_printf ("\n"); any = 1; } if(show_all || ascii_strcasecmp(name,"digest")==0 || ascii_strcasecmp(name,"hash")==0) { es_printf ("cfg:digest:"); print_algo_numbers (build_list_md_test_algo); es_printf ("\n"); any=1; } if (show_all || !ascii_strcasecmp(name,"digestname") || !ascii_strcasecmp(name,"hashname")) { es_printf ("cfg:digestname:"); print_algo_names (build_list_md_test_algo, build_list_md_algo_name); es_printf ("\n"); any=1; } if(show_all || ascii_strcasecmp(name,"compress")==0) { es_printf ("cfg:compress:"); print_algo_numbers(check_compress_algo); es_printf ("\n"); any=1; } if(show_all || ascii_strcasecmp (name, "compressname") == 0) { es_printf ("cfg:compressname:"); print_algo_names (check_compress_algo, compress_algo_to_string); es_printf ("\n"); any=1; } if (show_all || !ascii_strcasecmp(name,"ccid-reader-id")) { /* We ignore this for GnuPG 1.4 backward compatibility. */ any=1; } if (show_all || !ascii_strcasecmp (name,"curve")) { es_printf ("cfg:curve:"); for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first=0) es_printf ("%s%s", first?"":";", s); es_printf ("\n"); any=1; } /* Curve OIDs are rarely useful and thus only printed if requested. */ if (name && !ascii_strcasecmp (name,"curveoid")) { es_printf ("cfg:curveoid:"); for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first = 0) { s = openpgp_curve_to_oid (s, NULL, NULL); es_printf ("%s%s", first?"":";", s? s:"[?]"); } es_printf ("\n"); any=1; } if(show_all) break; if(!any) log_error(_("unknown configuration item '%s'\n"),name); } } /* List options and default values in the GPG Conf format. This is a new tool distributed with gnupg 1.9.x but we also want some limited support in older gpg versions. The output is the name of the configuration file and a list of options available for editing by gpgconf. */ static void gpgconf_list (const char *configfile) { char *configfile_esc = percent_escape (configfile, NULL); es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg"); /* The next one is an info only item and should match the macros at the top of keygen.c */ es_printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, get_default_pubkey_algo ()); /* This info only mode tells whether the we are running in de-vs * compliance mode. This does not test all parameters but the basic * conditions like a proper RNG and Libgcrypt. */ es_printf ("compliance_de_vs:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, opt.compliance==CO_DE_VS && gnupg_rng_is_compliant (CO_DE_VS)); xfree (configfile_esc); } static int parse_subpacket_list(char *list) { char *tok; byte subpackets[128],i; int count=0; if(!list) { /* No arguments means all subpackets */ memset(subpackets+1,1,sizeof(subpackets)-1); count=127; } else { memset(subpackets,0,sizeof(subpackets)); /* Merge with earlier copy */ if(opt.show_subpackets) { byte *in; for(in=opt.show_subpackets;*in;in++) { if(*in>127 || *in<1) BUG(); if(!subpackets[*in]) count++; subpackets[*in]=1; } } while((tok=strsep(&list," ,"))) { if(!*tok) continue; i=atoi(tok); if(i>127 || i<1) return 0; if(!subpackets[i]) count++; subpackets[i]=1; } } xfree(opt.show_subpackets); opt.show_subpackets=xmalloc(count+1); opt.show_subpackets[count--]=0; for(i=1;i<128 && count>=0;i++) if(subpackets[i]) opt.show_subpackets[count--]=i; return 1; } static int parse_list_options(char *str) { char *subpackets=""; /* something that isn't NULL */ struct parse_options lopts[]= { {"show-sig-subpackets",LIST_SHOW_SIG_SUBPACKETS,NULL, NULL}, {"show-photos",LIST_SHOW_PHOTOS,NULL, N_("display photo IDs during key listings")}, {"show-usage",LIST_SHOW_USAGE,NULL, N_("show key usage information during key listings")}, {"show-policy-urls",LIST_SHOW_POLICY_URLS,NULL, N_("show policy URLs during signature listings")}, {"show-notations",LIST_SHOW_NOTATIONS,NULL, N_("show all notations during signature listings")}, {"show-std-notations",LIST_SHOW_STD_NOTATIONS,NULL, N_("show IETF standard notations during signature listings")}, {"show-standard-notations",LIST_SHOW_STD_NOTATIONS,NULL, NULL}, {"show-user-notations",LIST_SHOW_USER_NOTATIONS,NULL, N_("show user-supplied notations during signature listings")}, {"show-keyserver-urls",LIST_SHOW_KEYSERVER_URLS,NULL, N_("show preferred keyserver URLs during signature listings")}, {"show-uid-validity",LIST_SHOW_UID_VALIDITY,NULL, N_("show user ID validity during key listings")}, {"show-unusable-uids",LIST_SHOW_UNUSABLE_UIDS,NULL, N_("show revoked and expired user IDs in key listings")}, {"show-unusable-subkeys",LIST_SHOW_UNUSABLE_SUBKEYS,NULL, N_("show revoked and expired subkeys in key listings")}, {"show-keyring",LIST_SHOW_KEYRING,NULL, N_("show the keyring name in key listings")}, {"show-sig-expire",LIST_SHOW_SIG_EXPIRE,NULL, N_("show expiration dates during signature listings")}, {"show-pref", LIST_SHOW_PREF, NULL, N_("show preferences")}, {"show-pref-verbose", LIST_SHOW_PREF_VERBOSE, NULL, N_("show preferences")}, {"show-only-fpr-mbox",LIST_SHOW_ONLY_FPR_MBOX, NULL, NULL}, {NULL,0,NULL,NULL} }; int i; /* C99 allows for non-constant initializers, but we'd like to compile everywhere, so fill in the show-sig-subpackets argument here. Note that if the parse_options array changes, we'll have to change the subscript here. We use a loop here in case the list above is reordered. */ for (i=0; lopts[i].name; i++) if (lopts[i].bit == LIST_SHOW_SIG_SUBPACKETS) { lopts[i].value = &subpackets; break; } if(parse_options(str,&opt.list_options,lopts,1)) { if(opt.list_options&LIST_SHOW_SIG_SUBPACKETS) { /* Unset so users can pass multiple lists in. */ opt.list_options&=~LIST_SHOW_SIG_SUBPACKETS; if(!parse_subpacket_list(subpackets)) return 0; } else if(subpackets==NULL && opt.show_subpackets) { /* User did 'no-show-subpackets' */ xfree(opt.show_subpackets); opt.show_subpackets=NULL; } return 1; } else return 0; } /* Collapses argc/argv into a single string that must be freed */ static char * collapse_args(int argc,char *argv[]) { char *str=NULL; int i,first=1,len=0; for(i=0;imagic = SERVER_CONTROL_MAGIC; } /* This function is called to deinitialize a control object. It is not deallocated. */ static void gpg_deinit_default_ctrl (ctrl_t ctrl) { #ifdef USE_TOFU tofu_closedbs (ctrl); #endif gpg_dirmngr_deinit_session_data (ctrl); keydb_release (ctrl->cached_getkey_kdb); } int main (int argc, char **argv) { ARGPARSE_ARGS pargs; IOBUF a; int rc=0; int orig_argc; char **orig_argv; const char *fname; char *username; int may_coredump; strlist_t sl; strlist_t remusr = NULL; strlist_t locusr = NULL; strlist_t nrings = NULL; armor_filter_context_t *afx = NULL; int detached_sig = 0; char *last_configname = NULL; const char *configname = NULL; /* NULL or points to last_configname. * NULL also indicates that we are * processing options from the cmdline. */ int debug_argparser = 0; int default_keyring = 1; int greeting = 0; int nogreeting = 0; char *logfile = NULL; int use_random_seed = 1; enum cmd_and_opt_values cmd = 0; const char *debug_level = NULL; #ifndef NO_TRUST_MODELS const char *trustdb_name = NULL; #endif /*!NO_TRUST_MODELS*/ char *def_cipher_string = NULL; char *def_digest_string = NULL; char *compress_algo_string = NULL; char *cert_digest_string = NULL; char *s2k_cipher_string = NULL; char *s2k_digest_string = NULL; char *pers_cipher_list = NULL; char *pers_digest_list = NULL; char *pers_compress_list = NULL; int eyes_only=0; int multifile=0; int pwfd = -1; int ovrseskeyfd = -1; int fpr_maybe_cmd = 0; /* --fingerprint maybe a command. */ int any_explicit_recipient = 0; int default_akl = 1; int require_secmem = 0; int got_secmem = 0; struct assuan_malloc_hooks malloc_hooks; ctrl_t ctrl; static int print_dane_records; static int print_pka_records; #ifdef __riscos__ opt.lock_once = 1; #endif /* __riscos__ */ /* Please note that we may running SUID(ROOT), so be very CAREFUL when adding any stuff between here and the call to secmem_init() somewhere after the option parsing. */ early_system_init (); gnupg_reopen_std (GPG_NAME); trap_unaligned (); gnupg_rl_initialize (); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); log_set_prefix (GPG_NAME, GPGRT_LOG_WITH_PREFIX|GPGRT_LOG_NO_REGISTRY); /* Make sure that our subsystems are ready. */ i18n_init(); init_common_subsystems (&argc, &argv); /* Use our own logging handler for Libcgrypt. */ setup_libgcrypt_logging (); /* Put random number into secure memory */ gcry_control (GCRYCTL_USE_SECURE_RNDPOOL); may_coredump = disable_core_dumps(); gnupg_init_signals (0, emergency_cleanup); dotlock_create (NULL, 0); /* Register lock file cleanup. */ /* Tell the compliance module who we are. */ gnupg_initialize_compliance (GNUPG_MODULE_NAME_GPG); opt.autostart = 1; opt.session_env = session_env_new (); if (!opt.session_env) log_fatal ("error allocating session environment block: %s\n", strerror (errno)); opt.command_fd = -1; /* no command fd */ opt.compress_level = -1; /* defaults to standard compress level */ opt.bz2_compress_level = -1; /* defaults to standard compress level */ /* note: if you change these lines, look at oOpenPGP */ opt.def_cipher_algo = 0; opt.def_digest_algo = 0; opt.cert_digest_algo = 0; opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_count = 0; /* Auto-calibrate when needed. */ opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO; opt.completes_needed = 1; opt.marginals_needed = 3; opt.max_cert_depth = 5; opt.escape_from = 1; opt.flags.require_cross_cert = 1; opt.import_options = IMPORT_REPAIR_KEYS; opt.export_options = EXPORT_ATTRIBUTES; opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS | IMPORT_REPAIR_PKS_SUBKEY_BUG | IMPORT_SELF_SIGS_ONLY | IMPORT_CLEAN); opt.keyserver_options.export_options = EXPORT_ATTRIBUTES; opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD; opt.verify_options = (LIST_SHOW_UID_VALIDITY | VERIFY_SHOW_POLICY_URLS | VERIFY_SHOW_STD_NOTATIONS | VERIFY_SHOW_KEYSERVER_URLS); opt.list_options = (LIST_SHOW_UID_VALIDITY | LIST_SHOW_USAGE); #ifdef NO_TRUST_MODELS opt.trust_model = TM_ALWAYS; #else opt.trust_model = TM_AUTO; #endif opt.tofu_default_policy = TOFU_POLICY_AUTO; opt.mangle_dos_filenames = 0; opt.min_cert_level = 2; set_screen_dimensions (); opt.keyid_format = KF_NONE; opt.def_sig_expire = "0"; opt.def_cert_expire = "0"; gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; opt.emit_version = 0; opt.weak_digests = NULL; /* Check special options given on the command line. */ orig_argc = argc; orig_argv = argv; pargs.argc = &argc; pargs.argv = &argv; pargs.flags= (ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION); while (gnupg_argparse (NULL, &pargs, opts)) { switch (pargs.r_opt) { case oDebug: case oDebugAll: debug_argparser++; break; case oDebugIOLBF: es_setvbuf (es_stdout, NULL, _IOLBF, 0); break; case oNoOptions: /* Set here here because the homedir would otherwise be * created before main option parsing starts. */ opt.no_homedir_creation = 1; break; case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break; case oNoPermissionWarn: opt.no_perm_warn = 1; break; } } /* Reset the flags. */ pargs.flags &= ~(ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION); #ifdef HAVE_DOSISH_SYSTEM if ( strchr (gnupg_homedir (), '\\') ) { char *d, *buf = xmalloc (strlen (gnupg_homedir ())+1); const char *s; for (d=buf, s = gnupg_homedir (); *s; s++) { *d++ = *s == '\\'? '/': *s; #ifdef HAVE_W32_SYSTEM if (s[1] && IsDBCSLeadByte (*s)) *d++ = *++s; #endif } *d = 0; gnupg_set_homedir (buf); } #endif /* Initialize the secure memory. */ if (!gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0)) got_secmem = 1; #if defined(HAVE_GETUID) && defined(HAVE_GETEUID) /* There should be no way to get to this spot while still carrying setuid privs. Just in case, bomb out if we are. */ if ( getuid () != geteuid () ) BUG (); #endif maybe_setuid = 0; /* Okay, we are now working under our real uid */ /* malloc hooks go here ... */ malloc_hooks.malloc = gcry_malloc; malloc_hooks.realloc = gcry_realloc; malloc_hooks.free = gcry_free; assuan_set_malloc_hooks (&malloc_hooks); assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT); setup_libassuan_logging (&opt.debug, NULL); /* Set default options which require that malloc stuff is ready. */ additional_weak_digest ("MD5"); parse_auto_key_locate (DEFAULT_AKL_LIST); argc = orig_argc; argv = orig_argv; pargs.argc = &argc; pargs.argv = &argv; /* We are re-using the struct, thus the reset flag. We OR the * flags so that the internal intialized flag won't be cleared. */ pargs.flags |= (ARGPARSE_FLAG_RESET | ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_SYS | ARGPARSE_FLAG_USER | ARGPARSE_FLAG_USERVERS); /* By this point we have a homedir, and cannot change it. */ check_permissions (gnupg_homedir (), 0); /* The configuraton directories for use by gpgrt_argparser. */ gnupg_set_confdir (GNUPG_CONFDIR_SYS, gnupg_sysconfdir ()); gnupg_set_confdir (GNUPG_CONFDIR_USER, gnupg_homedir ()); while (gnupg_argparser (&pargs, opts, GPG_NAME EXTSEP_S "conf")) { switch (pargs.r_opt) { case ARGPARSE_CONFFILE: if (debug_argparser) log_info (_("reading options from '%s'\n"), pargs.r_type? pargs.r.ret_str: "[cmdline]"); if (pargs.r_type) { xfree (last_configname); last_configname = xstrdup (pargs.r.ret_str); configname = last_configname; if (is_secured_filename (configname)) { pargs.r_opt = ARGPARSE_PERMISSION_ERROR; pargs.err = ARGPARSE_PRINT_ERROR; } else if (strncmp (configname, gnupg_sysconfdir (), strlen (gnupg_sysconfdir ()))) { /* This is not the global config file and thus we * need to check the permissions: If the file is * unsafe, then disable any external programs for * keyserver calls or photo IDs. Since the * external program to call is set in the options * file, a unsafe options file can lead to an * arbitrary program being run. */ if (check_permissions (configname, 1)) opt.exec_disable=1; } } else configname = NULL; break; /* case oOptions: * case oNoOptions: * We will never see these options here because * gpgrt_argparse handles them for us. */ case aListConfig: case aListGcryptConfig: case aGPGConfList: case aGPGConfTest: set_cmd (&cmd, pargs.r_opt); /* Do not register a keyring for these commands. */ default_keyring = -1; break; case aCheckKeys: case aListPackets: case aImport: case aFastImport: case aSendKeys: case aRecvKeys: case aSearchKeys: case aRefreshKeys: case aFetchKeys: case aExport: #ifdef ENABLE_CARD_SUPPORT case aCardStatus: case aCardEdit: case aChangePIN: #endif /* ENABLE_CARD_SUPPORT*/ case aListKeys: case aLocateKeys: case aLocateExtKeys: case aListSigs: case aExportSecret: case aExportSecretSub: case aExportSshKey: case aSym: case aClearsign: case aGenRevoke: case aDesigRevoke: case aPrimegen: case aGenRandom: case aPrintMD: case aPrintMDs: case aListTrustDB: case aCheckTrustDB: case aUpdateTrustDB: case aFixTrustDB: case aListTrustPath: case aDeArmor: case aEnArmor: case aSign: case aQuickSignKey: case aQuickLSignKey: case aQuickRevSig: case aSignKey: case aLSignKey: case aStore: case aQuickKeygen: case aQuickAddUid: case aQuickAddKey: case aQuickRevUid: case aQuickSetExpire: case aQuickSetPrimaryUid: case aQuickUpdatePref: case aExportOwnerTrust: case aImportOwnerTrust: case aRebuildKeydbCaches: set_cmd (&cmd, pargs.r_opt); break; case aKeygen: case aFullKeygen: case aEditKey: case aDeleteSecretKeys: case aDeleteSecretAndPublicKeys: case aDeleteKeys: case aPasswd: set_cmd (&cmd, pargs.r_opt); greeting=1; break; case aShowKeys: set_cmd (&cmd, pargs.r_opt); opt.import_options |= IMPORT_SHOW; opt.import_options |= IMPORT_DRY_RUN; opt.import_options &= ~IMPORT_REPAIR_KEYS; opt.list_options |= LIST_SHOW_UNUSABLE_UIDS; opt.list_options |= LIST_SHOW_UNUSABLE_SUBKEYS; opt.list_options |= LIST_SHOW_NOTATIONS; opt.list_options |= LIST_SHOW_POLICY_URLS; break; case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break; case aDecryptFiles: multifile=1; /* fall through */ case aDecrypt: set_cmd( &cmd, aDecrypt); break; case aEncrFiles: multifile=1; /* fall through */ case aEncr: set_cmd( &cmd, aEncr); break; case aVerifyFiles: multifile=1; /* fall through */ case aVerify: set_cmd( &cmd, aVerify); break; case aServer: set_cmd (&cmd, pargs.r_opt); opt.batch = 1; break; case aTOFUPolicy: set_cmd (&cmd, pargs.r_opt); break; case oArmor: opt.armor = 1; opt.no_armor=0; break; case oOutput: opt.outfile = pargs.r.ret_str; break; case oMaxOutput: opt.max_output = pargs.r.ret_ulong; break; case oInputSizeHint: opt.input_size_hint = string_to_u64 (pargs.r.ret_str); break; case oQuiet: opt.quiet = 1; break; case oNoTTY: tty_no_terminal(1); break; case oDryRun: opt.dry_run = 1; break; case oInteractive: opt.interactive = 1; break; case oVerbose: opt.verbose++; gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose); opt.list_options|=LIST_SHOW_UNUSABLE_UIDS; opt.list_options|=LIST_SHOW_UNUSABLE_SUBKEYS; break; case oBatch: opt.batch = 1; nogreeting = 1; break; case oUseAgent: /* Dummy. */ break; case oNoUseAgent: obsolete_option (configname, pargs.lineno, "no-use-agent"); break; case oGpgAgentInfo: obsolete_option (configname, pargs.lineno, "gpg-agent-info"); break; case oReaderPort: obsolete_scdaemon_option (configname, pargs.lineno, "reader-port"); break; case octapiDriver: obsolete_scdaemon_option (configname, pargs.lineno, "ctapi-driver"); break; case opcscDriver: obsolete_scdaemon_option (configname, pargs.lineno, "pcsc-driver"); break; case oDisableCCID: obsolete_scdaemon_option (configname, pargs.lineno, "disable-ccid"); break; case oHonorHttpProxy: obsolete_option (configname, pargs.lineno, "honor-http-proxy"); break; case oAnswerYes: opt.answer_yes = 1; break; case oAnswerNo: opt.answer_no = 1; break; case oForceSignKey: opt.flags.force_sign_key = 1; break; case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break; case oPrimaryKeyring: sl = append_to_strlist (&nrings, pargs.r.ret_str); sl->flags = KEYDB_RESOURCE_FLAG_PRIMARY; break; case oShowKeyring: deprecated_warning(configname,pargs.lineno,"--show-keyring", "--list-options ","show-keyring"); opt.list_options|=LIST_SHOW_KEYRING; break; case oDebug: if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags)) { pargs.r_opt = ARGPARSE_INVALID_ARG; pargs.err = ARGPARSE_PRINT_ERROR; } break; case oDebugAll: opt.debug = ~0; break; case oDebugLevel: debug_level = pargs.r.ret_str; break; case oDebugIOLBF: break; /* Already set in pre-parse step. */ case oCompatibilityFlags: if (parse_compatibility_flags (pargs.r.ret_str, &opt.compat_flags, compatibility_flags)) { pargs.r_opt = ARGPARSE_INVALID_ARG; pargs.err = ARGPARSE_PRINT_ERROR; } break; case oStatusFD: set_status_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) ); break; case oStatusFile: set_status_fd ( open_info_file (pargs.r.ret_str, 1, 0) ); break; case oAttributeFD: set_attrib_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) ); break; case oAttributeFile: set_attrib_fd ( open_info_file (pargs.r.ret_str, 1, 1) ); break; case oLoggerFD: log_set_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1)); break; case oLoggerFile: logfile = pargs.r.ret_str; break; case oWithFingerprint: opt.with_fingerprint = 1; opt.fingerprint++; break; case oWithSubkeyFingerprint: opt.with_subkey_fingerprint = 1; break; case oWithICAOSpelling: opt.with_icao_spelling = 1; break; case oFingerprint: opt.fingerprint++; fpr_maybe_cmd = 1; break; case oWithKeygrip: opt.with_keygrip = 1; break; case oWithSecret: opt.with_secret = 1; break; case oWithWKDHash: opt.with_wkd_hash = 1; break; case oWithKeyOrigin: opt.with_key_origin = 1; break; case oSecretKeyring: obsolete_option (configname, pargs.lineno, "secret-keyring"); break; case oNoArmor: opt.no_armor=1; opt.armor=0; break; case oNoDefKeyring: if (default_keyring > 0) default_keyring = 0; break; case oNoKeyring: default_keyring = -1; break; case oNoGreeting: nogreeting = 1; break; case oNoVerbose: opt.verbose = 0; gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose); opt.list_sigs=0; break; case oQuickRandom: gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); break; case oEmitVersion: opt.emit_version++; break; case oNoEmitVersion: opt.emit_version=0; break; case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break; case oMarginalsNeeded: opt.marginals_needed = pargs.r.ret_int; break; case oMaxCertDepth: opt.max_cert_depth = pargs.r.ret_int; break; #ifndef NO_TRUST_MODELS case oTrustDBName: trustdb_name = pargs.r.ret_str; break; #endif /*!NO_TRUST_MODELS*/ case oDefaultKey: sl = add_to_strlist (&opt.def_secret_key, pargs.r.ret_str); sl->flags = (pargs.r_opt << PK_LIST_SHIFT); if (configname) sl->flags |= PK_LIST_CONFIG; break; case oDefRecipient: if( *pargs.r.ret_str ) { xfree (opt.def_recipient); opt.def_recipient = make_username(pargs.r.ret_str); } break; case oDefRecipientSelf: xfree(opt.def_recipient); opt.def_recipient = NULL; opt.def_recipient_self = 1; break; case oNoDefRecipient: xfree(opt.def_recipient); opt.def_recipient = NULL; opt.def_recipient_self = 0; break; case oHomedir: break; case oNoBatch: opt.batch = 0; break; case oWithTofuInfo: opt.with_tofu_info = 1; break; case oWithKeyData: opt.with_key_data=1; /*FALLTHRU*/ case oWithColons: opt.with_colons=':'; break; case oWithSigCheck: opt.check_sigs = 1; /*FALLTHRU*/ case oWithSigList: opt.list_sigs = 1; break; case oSkipVerify: opt.skip_verify=1; break; case oSkipHiddenRecipients: opt.skip_hidden_recipients = 1; break; case oNoSkipHiddenRecipients: opt.skip_hidden_recipients = 0; break; case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break; #ifndef NO_TRUST_MODELS /* There are many programs (like mutt) that call gpg with --always-trust so keep this option around for a long time. */ case oAlwaysTrust: opt.trust_model=TM_ALWAYS; break; case oTrustModel: parse_trust_model(pargs.r.ret_str); break; #endif /*!NO_TRUST_MODELS*/ case oTOFUDefaultPolicy: opt.tofu_default_policy = parse_tofu_policy (pargs.r.ret_str); break; case oTOFUDBFormat: obsolete_option (configname, pargs.lineno, "tofu-db-format"); break; case oForceOwnertrust: log_info(_("Note: %s is not for normal use!\n"), "--force-ownertrust"); opt.force_ownertrust=string_to_trust_value(pargs.r.ret_str); if(opt.force_ownertrust==-1) { log_error("invalid ownertrust '%s'\n",pargs.r.ret_str); opt.force_ownertrust=0; } break; case oCompliance: { int compliance = gnupg_parse_compliance_option (pargs.r.ret_str, compliance_options, DIM (compliance_options), opt.quiet); if (compliance < 0) g10_exit (1); set_compliance_option (compliance); } break; case oOpenPGP: case oRFC2440: case oRFC4880: case oRFC4880bis: case oPGP6: case oPGP7: case oPGP8: case oGnuPG: set_compliance_option (pargs.r_opt); break; case oMinRSALength: opt.min_rsa_length = pargs.r.ret_ulong; break; case oRFC2440Text: opt.rfc2440_text=1; break; case oNoRFC2440Text: opt.rfc2440_text=0; break; case oSetFilename: if(utf8_strings) opt.set_filename = pargs.r.ret_str; else opt.set_filename = native_to_utf8(pargs.r.ret_str); break; case oForYourEyesOnly: eyes_only = 1; break; case oNoForYourEyesOnly: eyes_only = 0; break; case oSetPolicyURL: add_policy_url(pargs.r.ret_str,0); add_policy_url(pargs.r.ret_str,1); break; case oSigPolicyURL: add_policy_url(pargs.r.ret_str,0); break; case oCertPolicyURL: add_policy_url(pargs.r.ret_str,1); break; case oShowPolicyURL: deprecated_warning(configname,pargs.lineno,"--show-policy-url", "--list-options ","show-policy-urls"); deprecated_warning(configname,pargs.lineno,"--show-policy-url", "--verify-options ","show-policy-urls"); opt.list_options|=LIST_SHOW_POLICY_URLS; opt.verify_options|=VERIFY_SHOW_POLICY_URLS; break; case oNoShowPolicyURL: deprecated_warning(configname,pargs.lineno,"--no-show-policy-url", "--list-options ","no-show-policy-urls"); deprecated_warning(configname,pargs.lineno,"--no-show-policy-url", "--verify-options ","no-show-policy-urls"); opt.list_options&=~LIST_SHOW_POLICY_URLS; opt.verify_options&=~VERIFY_SHOW_POLICY_URLS; break; case oSigKeyserverURL: add_keyserver_url(pargs.r.ret_str,0); break; case oUseEmbeddedFilename: opt.flags.use_embedded_filename=1; break; case oNoUseEmbeddedFilename: opt.flags.use_embedded_filename=0; break; case oComment: if(pargs.r.ret_str[0]) append_to_strlist(&opt.comments,pargs.r.ret_str); break; case oDefaultComment: deprecated_warning(configname,pargs.lineno, "--default-comment","--no-comments",""); /* fall through */ case oNoComments: free_strlist(opt.comments); opt.comments=NULL; break; case oThrowKeyids: opt.throw_keyids = 1; break; case oNoThrowKeyids: opt.throw_keyids = 0; break; case oShowPhotos: deprecated_warning(configname,pargs.lineno,"--show-photos", "--list-options ","show-photos"); deprecated_warning(configname,pargs.lineno,"--show-photos", "--verify-options ","show-photos"); opt.list_options|=LIST_SHOW_PHOTOS; opt.verify_options|=VERIFY_SHOW_PHOTOS; break; case oNoShowPhotos: deprecated_warning(configname,pargs.lineno,"--no-show-photos", "--list-options ","no-show-photos"); deprecated_warning(configname,pargs.lineno,"--no-show-photos", "--verify-options ","no-show-photos"); opt.list_options&=~LIST_SHOW_PHOTOS; opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; case oForceOCB: opt.force_ocb = 1; break; case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break; case oIncludeKeyBlock: opt.flags.include_key_block = 1; break; case oNoIncludeKeyBlock: opt.flags.include_key_block = 0; break; case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break; case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break; case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break; case oS2KCount: if (pargs.r.ret_int) opt.s2k_count = encode_s2k_iterations (pargs.r.ret_int); else opt.s2k_count = 0; /* Auto-calibrate when needed. */ break; case oRecipient: case oHiddenRecipient: case oRecipientFile: case oHiddenRecipientFile: /* Store the recipient. Note that we also store the * option as private data in the flags. This is achieved * by shifting the option value to the left so to keep * enough space for the flags. */ sl = add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings ); sl->flags = (pargs.r_opt << PK_LIST_SHIFT); if (configname) sl->flags |= PK_LIST_CONFIG; if (pargs.r_opt == oHiddenRecipient || pargs.r_opt == oHiddenRecipientFile) sl->flags |= PK_LIST_HIDDEN; if (pargs.r_opt == oRecipientFile || pargs.r_opt == oHiddenRecipientFile) sl->flags |= PK_LIST_FROM_FILE; any_explicit_recipient = 1; break; case oEncryptTo: case oHiddenEncryptTo: /* Store an additional recipient. */ sl = add_to_strlist2( &remusr, pargs.r.ret_str, utf8_strings ); sl->flags = ((pargs.r_opt << PK_LIST_SHIFT) | PK_LIST_ENCRYPT_TO); if (configname) sl->flags |= PK_LIST_CONFIG; if (pargs.r_opt == oHiddenEncryptTo) sl->flags |= PK_LIST_HIDDEN; break; case oNoEncryptTo: opt.no_encrypt_to = 1; break; case oEncryptToDefaultKey: opt.encrypt_to_default_key = configname ? 2 : 1; break; case oTrySecretKey: add_to_strlist2 (&opt.secret_keys_to_try, pargs.r.ret_str, utf8_strings); break; case oMimemode: opt.mimemode = opt.textmode = 1; break; case oTextmodeShort: opt.textmode = 2; break; case oTextmode: opt.textmode=1; break; case oNoTextmode: opt.textmode=opt.mimemode=0; break; case oExpert: opt.expert = 1; break; case oNoExpert: opt.expert = 0; break; case oDefSigExpire: if(*pargs.r.ret_str!='\0') { if(parse_expire_string(pargs.r.ret_str)==(u32)-1) log_error(_("'%s' is not a valid signature expiration\n"), pargs.r.ret_str); else opt.def_sig_expire=pargs.r.ret_str; } break; case oAskSigExpire: opt.ask_sig_expire = 1; break; case oNoAskSigExpire: opt.ask_sig_expire = 0; break; case oDefCertExpire: if(*pargs.r.ret_str!='\0') { if(parse_expire_string(pargs.r.ret_str)==(u32)-1) log_error(_("'%s' is not a valid signature expiration\n"), pargs.r.ret_str); else opt.def_cert_expire=pargs.r.ret_str; } break; case oAskCertExpire: opt.ask_cert_expire = 1; break; case oNoAskCertExpire: opt.ask_cert_expire = 0; break; case oDefCertLevel: opt.def_cert_level=pargs.r.ret_int; break; case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break; case oAskCertLevel: opt.ask_cert_level = 1; break; case oNoAskCertLevel: opt.ask_cert_level = 0; break; case oLocalUser: /* store the local users */ sl = add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings ); sl->flags = (pargs.r_opt << PK_LIST_SHIFT); if (configname) sl->flags |= PK_LIST_CONFIG; break; case oSender: { char *mbox = mailbox_from_userid (pargs.r.ret_str); if (!mbox) log_error (_("\"%s\" is not a proper mail address\n"), pargs.r.ret_str); else { add_to_strlist (&opt.sender_list, mbox); xfree (mbox); } } break; case oCompress: /* this is the -z command line option */ opt.compress_level = opt.bz2_compress_level = pargs.r.ret_int; opt.explicit_compress_option = 1; break; case oCompressLevel: opt.compress_level = pargs.r.ret_int; break; case oBZ2CompressLevel: opt.bz2_compress_level = pargs.r.ret_int; break; case oBZ2DecompressLowmem: opt.bz2_decompress_lowmem=1; break; case oPassphrase: set_passphrase_from_string (pargs.r_type ? pargs.r.ret_str : ""); break; case oPassphraseFD: pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); break; case oPassphraseFile: pwfd = open_info_file (pargs.r.ret_str, 0, 1); break; case oPassphraseRepeat: opt.passphrase_repeat = pargs.r.ret_int; break; case oPinentryMode: opt.pinentry_mode = parse_pinentry_mode (pargs.r.ret_str); if (opt.pinentry_mode == -1) log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str); break; case oRequestOrigin: opt.request_origin = parse_request_origin (pargs.r.ret_str); if (opt.request_origin == -1) log_error (_("invalid request origin '%s'\n"), pargs.r.ret_str); break; case oCommandFD: opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); if (! gnupg_fd_valid (opt.command_fd)) log_error ("command-fd is invalid: %s\n", strerror (errno)); break; case oCommandFile: opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1); break; case oCipherAlgo: def_cipher_string = xstrdup(pargs.r.ret_str); break; case oDigestAlgo: def_digest_string = xstrdup(pargs.r.ret_str); break; case oCompressAlgo: /* If it is all digits, stick a Z in front of it for later. This is for backwards compatibility with versions that took the compress algorithm number. */ { char *pt=pargs.r.ret_str; while(*pt) { if (!isascii (*pt) || !isdigit (*pt)) break; pt++; } if(*pt=='\0') { compress_algo_string=xmalloc(strlen(pargs.r.ret_str)+2); strcpy(compress_algo_string,"Z"); strcat(compress_algo_string,pargs.r.ret_str); } else compress_algo_string = xstrdup(pargs.r.ret_str); } break; case oCertDigestAlgo: cert_digest_string = xstrdup(pargs.r.ret_str); break; case oNoSecmemWarn: gcry_control (GCRYCTL_DISABLE_SECMEM_WARN); break; case oRequireSecmem: require_secmem=1; break; case oNoRequireSecmem: require_secmem=0; break; case oNoPermissionWarn: opt.no_perm_warn=1; break; case oDisplayCharset: if( set_native_charset( pargs.r.ret_str ) ) log_error(_("'%s' is not a valid character set\n"), pargs.r.ret_str); break; case oNotDashEscaped: opt.not_dash_escaped = 1; break; case oEscapeFrom: opt.escape_from = 1; break; case oNoEscapeFrom: opt.escape_from = 0; break; case oLockOnce: opt.lock_once = 1; break; case oLockNever: dotlock_disable (); break; case oLockMultiple: #ifndef __riscos__ opt.lock_once = 0; #else /* __riscos__ */ riscos_not_implemented("lock-multiple"); #endif /* __riscos__ */ break; case oKeyServer: { keyserver_spec_t keyserver; keyserver = parse_keyserver_uri (pargs.r.ret_str, 0); if (!keyserver) log_error (_("could not parse keyserver URL\n")); else { /* We only support a single keyserver. Later ones override earlier ones. (Since we parse the config file first and then the command line arguments, the command line takes precedence.) */ if (opt.keyserver) free_keyserver_spec (opt.keyserver); opt.keyserver = keyserver; } } break; case oKeyServerOptions: if(!parse_keyserver_options(pargs.r.ret_str)) { if(configname) log_error(_("%s:%d: invalid keyserver options\n"), configname,pargs.lineno); else log_error(_("invalid keyserver options\n")); } break; case oImportOptions: if(!parse_import_options(pargs.r.ret_str,&opt.import_options,1)) { if(configname) log_error(_("%s:%d: invalid import options\n"), configname,pargs.lineno); else log_error(_("invalid import options\n")); } break; case oImportFilter: rc = parse_and_set_import_filter (pargs.r.ret_str); if (rc) log_error (_("invalid filter option: %s\n"), gpg_strerror (rc)); break; case oExportOptions: if(!parse_export_options(pargs.r.ret_str,&opt.export_options,1)) { if(configname) log_error(_("%s:%d: invalid export options\n"), configname,pargs.lineno); else log_error(_("invalid export options\n")); } break; case oExportFilter: rc = parse_and_set_export_filter (pargs.r.ret_str); if (rc) log_error (_("invalid filter option: %s\n"), gpg_strerror (rc)); break; case oListOptions: if(!parse_list_options(pargs.r.ret_str)) { if(configname) log_error(_("%s:%d: invalid list options\n"), configname,pargs.lineno); else log_error(_("invalid list options\n")); } break; case oVerifyOptions: { struct parse_options vopts[]= { {"show-photos",VERIFY_SHOW_PHOTOS,NULL, N_("display photo IDs during signature verification")}, {"show-policy-urls",VERIFY_SHOW_POLICY_URLS,NULL, N_("show policy URLs during signature verification")}, {"show-notations",VERIFY_SHOW_NOTATIONS,NULL, N_("show all notations during signature verification")}, {"show-std-notations",VERIFY_SHOW_STD_NOTATIONS,NULL, N_("show IETF standard notations during signature verification")}, {"show-standard-notations",VERIFY_SHOW_STD_NOTATIONS,NULL, NULL}, {"show-user-notations",VERIFY_SHOW_USER_NOTATIONS,NULL, N_("show user-supplied notations during signature verification")}, {"show-keyserver-urls",VERIFY_SHOW_KEYSERVER_URLS,NULL, N_("show preferred keyserver URLs during signature verification")}, {"show-uid-validity",VERIFY_SHOW_UID_VALIDITY,NULL, N_("show user ID validity during signature verification")}, {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL, N_("show revoked and expired user IDs in signature verification")}, {"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL, N_("show only the primary user ID in signature verification")}, {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL, N_("validate signatures with PKA data")}, {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL, N_("elevate the trust of signatures with valid PKA data")}, {NULL,0,NULL,NULL} }; if(!parse_options(pargs.r.ret_str,&opt.verify_options,vopts,1)) { if(configname) log_error(_("%s:%d: invalid verify options\n"), configname,pargs.lineno); else log_error(_("invalid verify options\n")); } } break; case oTempDir: opt.temp_dir=pargs.r.ret_str; break; case oExecPath: if(set_exec_path(pargs.r.ret_str)) log_error(_("unable to set exec-path to %s\n"),pargs.r.ret_str); else opt.exec_path_set=1; break; case oSetNotation: add_notation_data( pargs.r.ret_str, 0 ); add_notation_data( pargs.r.ret_str, 1 ); break; case oSigNotation: add_notation_data( pargs.r.ret_str, 0 ); break; case oCertNotation: add_notation_data( pargs.r.ret_str, 1 ); break; case oKnownNotation: register_known_notation (pargs.r.ret_str); break; case oShowNotation: deprecated_warning(configname,pargs.lineno,"--show-notation", "--list-options ","show-notations"); deprecated_warning(configname,pargs.lineno,"--show-notation", "--verify-options ","show-notations"); opt.list_options|=LIST_SHOW_NOTATIONS; opt.verify_options|=VERIFY_SHOW_NOTATIONS; break; case oNoShowNotation: deprecated_warning(configname,pargs.lineno,"--no-show-notation", "--list-options ","no-show-notations"); deprecated_warning(configname,pargs.lineno,"--no-show-notation", "--verify-options ","no-show-notations"); opt.list_options&=~LIST_SHOW_NOTATIONS; opt.verify_options&=~VERIFY_SHOW_NOTATIONS; break; case oUtf8Strings: utf8_strings = 1; break; case oNoUtf8Strings: #ifdef HAVE_W32_SYSTEM utf8_strings = 0; #endif break; case oDisableCipherAlgo: { int algo = string_to_cipher_algo (pargs.r.ret_str); gcry_cipher_ctl (NULL, GCRYCTL_DISABLE_ALGO, &algo, sizeof algo); } break; case oDisablePubkeyAlgo: { int algo = gcry_pk_map_name (pargs.r.ret_str); gcry_pk_ctl (GCRYCTL_DISABLE_ALGO, &algo, sizeof algo); } break; case oNoSigCache: opt.no_sig_cache = 1; break; case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break; case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break; case oAllowFreeformUID: opt.allow_freeform_uid = 1; break; case oNoAllowFreeformUID: opt.allow_freeform_uid = 0; break; case oNoLiteral: opt.no_literal = 1; break; case oSetFilesize: opt.set_filesize = pargs.r.ret_ulong; break; case oFastListMode: opt.fast_list_mode = 1; break; case oFixedListMode: /* Dummy */ break; case oLegacyListMode: opt.legacy_list_mode = 1; break; case oPrintPKARecords: print_pka_records = 1; break; case oPrintDANERecords: print_dane_records = 1; break; case oListOnly: opt.list_only=1; break; case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break; case oIgnoreValidFrom: opt.ignore_valid_from = 1; break; case oIgnoreCrcError: opt.ignore_crc_error = 1; break; case oIgnoreMDCError: opt.ignore_mdc_error = 1; break; case oNoRandomSeedFile: use_random_seed = 0; break; case oAutoKeyImport: opt.flags.auto_key_import = 1; break; case oNoAutoKeyImport: opt.flags.auto_key_import = 0; break; case oAutoKeyRetrieve: opt.keyserver_options.options |= KEYSERVER_AUTO_KEY_RETRIEVE; break; case oNoAutoKeyRetrieve: opt.keyserver_options.options &= ~KEYSERVER_AUTO_KEY_RETRIEVE; break; case oShowSessionKey: opt.show_session_key = 1; break; case oOverrideSessionKey: opt.override_session_key = pargs.r.ret_str; break; case oOverrideSessionKeyFD: ovrseskeyfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); break; case oMergeOnly: deprecated_warning(configname,pargs.lineno,"--merge-only", "--import-options ","merge-only"); opt.import_options|=IMPORT_MERGE_ONLY; break; case oAllowSecretKeyImport: /* obsolete */ break; case oTryAllSecrets: opt.try_all_secrets = 1; break; case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break; case oEnableSpecialFilenames: enable_special_filenames (); break; case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break; case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break; case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break; case oPreservePermissions: opt.preserve_permissions=1; break; case oDefaultPreferenceList: opt.def_preference_list = pargs.r.ret_str; break; case oDefaultKeyserverURL: { keyserver_spec_t keyserver; keyserver = parse_keyserver_uri (pargs.r.ret_str,1 ); if (!keyserver) log_error (_("could not parse keyserver URL\n")); else free_keyserver_spec (keyserver); opt.def_keyserver_url = pargs.r.ret_str; } break; case oPersonalCipherPreferences: pers_cipher_list=pargs.r.ret_str; break; case oPersonalDigestPreferences: pers_digest_list=pargs.r.ret_str; break; case oPersonalCompressPreferences: pers_compress_list=pargs.r.ret_str; break; case oAgentProgram: opt.agent_program = pargs.r.ret_str; break; case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break; case oDisableDirmngr: opt.disable_dirmngr = 1; break; case oWeakDigest: additional_weak_digest(pargs.r.ret_str); break; case oUnwrap: opt.unwrap_encryption = 1; break; case oOnlySignTextIDs: opt.only_sign_text_ids = 1; break; case oDisplay: set_opt_session_env ("DISPLAY", pargs.r.ret_str); break; case oTTYname: set_opt_session_env ("GPG_TTY", pargs.r.ret_str); break; case oTTYtype: set_opt_session_env ("TERM", pargs.r.ret_str); break; case oXauthority: set_opt_session_env ("XAUTHORITY", pargs.r.ret_str); break; case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; case oGroup: add_group(pargs.r.ret_str); break; case oUnGroup: rm_group(pargs.r.ret_str); break; case oNoGroups: while(opt.grouplist) { struct groupitem *iter=opt.grouplist; free_strlist(iter->values); opt.grouplist=opt.grouplist->next; xfree(iter); } break; case oMangleDosFilenames: opt.mangle_dos_filenames = 1; break; case oNoMangleDosFilenames: opt.mangle_dos_filenames = 0; break; case oEnableProgressFilter: opt.enable_progress_filter = 1; break; case oMultifile: multifile=1; break; case oKeyidFormat: if(ascii_strcasecmp(pargs.r.ret_str,"short")==0) opt.keyid_format=KF_SHORT; else if(ascii_strcasecmp(pargs.r.ret_str,"long")==0) opt.keyid_format=KF_LONG; else if(ascii_strcasecmp(pargs.r.ret_str,"0xshort")==0) opt.keyid_format=KF_0xSHORT; else if(ascii_strcasecmp(pargs.r.ret_str,"0xlong")==0) opt.keyid_format=KF_0xLONG; else if(ascii_strcasecmp(pargs.r.ret_str,"none")==0) opt.keyid_format = KF_NONE; else log_error("unknown keyid-format '%s'\n",pargs.r.ret_str); break; case oExitOnStatusWriteError: opt.exit_on_status_write_error = 1; break; case oLimitCardInsertTries: opt.limit_card_insert_tries = pargs.r.ret_int; break; case oRequireCrossCert: opt.flags.require_cross_cert=1; break; case oNoRequireCrossCert: opt.flags.require_cross_cert=0; break; case oAutoKeyLocate: if (default_akl) { /* This is the first time --auto-key-locate is seen. * We need to reset the default akl. */ default_akl = 0; release_akl(); } if(!parse_auto_key_locate(pargs.r.ret_str)) { if(configname) log_error(_("%s:%d: invalid auto-key-locate list\n"), configname,pargs.lineno); else log_error(_("invalid auto-key-locate list\n")); } break; case oNoAutoKeyLocate: release_akl(); break; case oKeyOrigin: if(!parse_key_origin (pargs.r.ret_str)) log_error (_("invalid argument for option \"%.50s\"\n"), "--key-origin"); break; case oEnableLargeRSA: #if SECMEM_BUFFER_SIZE >= 65536 opt.flags.large_rsa=1; #else if (configname) log_info("%s:%d: WARNING: gpg not built with large secure " "memory buffer. Ignoring enable-large-rsa\n", configname,pargs.lineno); else log_info("WARNING: gpg not built with large secure " "memory buffer. Ignoring --enable-large-rsa\n"); #endif /* SECMEM_BUFFER_SIZE >= 65536 */ break; case oDisableLargeRSA: opt.flags.large_rsa=0; break; case oEnableDSA2: opt.flags.dsa2=1; break; case oDisableDSA2: opt.flags.dsa2=0; break; case oAllowMultisigVerification: case oAllowMultipleMessages: opt.flags.allow_multiple_messages=1; break; case oNoAllowMultipleMessages: opt.flags.allow_multiple_messages=0; break; case oAllowWeakDigestAlgos: opt.flags.allow_weak_digest_algos = 1; break; case oAllowWeakKeySignatures: opt.flags.allow_weak_key_signatures = 1; break; case oFakedSystemTime: { size_t len = strlen (pargs.r.ret_str); int freeze = 0; time_t faked_time; if (len > 0 && pargs.r.ret_str[len-1] == '!') { freeze = 1; pargs.r.ret_str[len-1] = '\0'; } faked_time = isotime2epoch (pargs.r.ret_str); if (faked_time == (time_t)(-1)) faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10); gnupg_set_time (faked_time, freeze); } break; case oNoAutostart: opt.autostart = 0; break; case oNoSymkeyCache: opt.no_symkey_cache = 1; break; case oDefaultNewKeyAlgo: opt.def_new_key_algo = pargs.r.ret_str; break; case oUseOnlyOpenPGPCard: opt.flags.use_only_openpgp_card = 1; break; case oForbidGenKey: mopt.forbid_gen_key = 1; break; case oRequireCompliance: opt.flags.require_compliance = 1; break; case oNoop: break; default: if (configname) pargs.err = ARGPARSE_PRINT_WARNING; else { pargs.err = ARGPARSE_PRINT_ERROR; /* The argparse fucntion calls a plain exit and thus * we need to print a status here. */ write_status_failure ("option-parser", gpg_error(GPG_ERR_GENERAL)); } break; } } gnupg_argparse (NULL, &pargs, NULL); /* Release internal state. */ if (log_get_errorcount (0)) { write_status_failure ("option-parser", gpg_error(GPG_ERR_GENERAL)); g10_exit(2); } /* The command --gpgconf-list is pretty simple and may be called directly after the option parsing. */ if (cmd == aGPGConfList) { /* Note: Here in gpg 2.2 we need to provide a proper config * file even if that file does not exist. This is because * gpgconf checks that an absolute filename is provided. */ if (!last_configname) last_configname= make_filename (gnupg_homedir (), GPG_NAME EXTSEP_S "conf", NULL); gpgconf_list (last_configname); g10_exit (0); } xfree (last_configname); last_configname = NULL; if (print_dane_records) log_error ("invalid option \"%s\"; use \"%s\" instead\n", "--print-dane-records", "--export-options export-dane"); if (print_pka_records) log_error ("invalid option \"%s\"; use \"%s\" instead\n", "--print-pks-records", "--export-options export-pka"); if (log_get_errorcount (0)) { write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); g10_exit(2); } if( nogreeting ) greeting = 0; if( greeting ) { es_fprintf (es_stderr, "%s %s; %s\n", strusage(11), strusage(13), strusage(14) ); es_fprintf (es_stderr, "%s\n", strusage(15) ); } #ifdef IS_DEVELOPMENT_VERSION if (!opt.batch) { const char *s; if((s=strusage(25))) log_info("%s\n",s); if((s=strusage(26))) log_info("%s\n",s); if((s=strusage(27))) log_info("%s\n",s); } #endif /* FIXME: We should use logging to a file only in server mode; however we have not yet implemetyed that. Thus we try to get away with --batch as indication for logging to file required. */ if (logfile && opt.batch) { log_set_file (logfile); log_set_prefix (NULL, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID); } if (opt.verbose > 2) log_info ("using character set '%s'\n", get_native_charset ()); if( may_coredump && !opt.quiet ) log_info(_("WARNING: program may create a core file!\n")); if (opt.flags.rfc4880bis) log_info ("WARNING: using experimental features from RFC4880bis!\n"); else { opt.mimemode = 0; /* This will use text mode instead. */ } if (eyes_only) { if (opt.set_filename) log_info(_("WARNING: %s overrides %s\n"), "--for-your-eyes-only","--set-filename"); opt.set_filename="_CONSOLE"; } if (opt.no_literal) { log_info(_("Note: %s is not for normal use!\n"), "--no-literal"); if (opt.textmode) log_error(_("%s not allowed with %s!\n"), "--textmode", "--no-literal" ); if (opt.set_filename) log_error(_("%s makes no sense with %s!\n"), eyes_only?"--for-your-eyes-only":"--set-filename", "--no-literal" ); } if (opt.set_filesize) log_info(_("Note: %s is not for normal use!\n"), "--set-filesize"); if( opt.batch ) tty_batchmode( 1 ); if (gnupg_faked_time_p ()) { gnupg_isotime_t tbuf; log_info (_("WARNING: running with faked system time: ")); gnupg_get_isotime (tbuf); dump_isotime (tbuf); log_printf ("\n"); } /* Print a warning if an argument looks like an option. */ if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN)) { int i; for (i=0; i < argc; i++) if (argv[i][0] == '-' && argv[i][1] == '-') log_info (_("Note: '%s' is not considered an option\n"), argv[i]); } gcry_control (GCRYCTL_RESUME_SECMEM_WARN); if(require_secmem && !got_secmem) { log_info(_("will not run with insecure memory due to %s\n"), "--require-secmem"); write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); g10_exit(2); } set_debug (debug_level); if (opt.verbose) /* Print the compatibility flags. */ parse_compatibility_flags (NULL, &opt.compat_flags, compatibility_flags); gnupg_set_compliance_extra_info (CO_EXTRA_INFO_MIN_RSA, opt.min_rsa_length); if ((opt.compat_flags & COMPAT_VSD_ALLOW_OCB)) gnupg_set_compliance_extra_info (CO_EXTRA_INFO_VSD_ALLOW_OCB, 1); if (DBG_CLOCK) log_clock ("start"); /* Do these after the switch(), so they can override settings. */ if(PGP6) { /* That does not anymore work because we have no more support for v3 signatures. */ opt.escape_from=1; opt.ask_sig_expire=0; } else if(PGP7) { /* That does not anymore work because we have no more support for v3 signatures. */ opt.escape_from=1; opt.ask_sig_expire=0; } else if(PGP8) { opt.escape_from=1; } if( def_cipher_string ) { opt.def_cipher_algo = string_to_cipher_algo (def_cipher_string); xfree(def_cipher_string); def_cipher_string = NULL; if ( openpgp_cipher_test_algo (opt.def_cipher_algo) ) log_error(_("selected cipher algorithm is invalid\n")); } if( def_digest_string ) { opt.def_digest_algo = string_to_digest_algo (def_digest_string); xfree(def_digest_string); def_digest_string = NULL; if ( openpgp_md_test_algo (opt.def_digest_algo) ) log_error(_("selected digest algorithm is invalid\n")); } if( compress_algo_string ) { opt.compress_algo = string_to_compress_algo(compress_algo_string); xfree(compress_algo_string); compress_algo_string = NULL; if( check_compress_algo(opt.compress_algo) ) log_error(_("selected compression algorithm is invalid\n")); } if( cert_digest_string ) { opt.cert_digest_algo = string_to_digest_algo (cert_digest_string); xfree(cert_digest_string); cert_digest_string = NULL; if (openpgp_md_test_algo(opt.cert_digest_algo)) log_error(_("selected certification digest algorithm is invalid\n")); } if( s2k_cipher_string ) { opt.s2k_cipher_algo = string_to_cipher_algo (s2k_cipher_string); xfree(s2k_cipher_string); s2k_cipher_string = NULL; if (openpgp_cipher_test_algo (opt.s2k_cipher_algo)) log_error(_("selected cipher algorithm is invalid\n")); } if( s2k_digest_string ) { opt.s2k_digest_algo = string_to_digest_algo (s2k_digest_string); xfree(s2k_digest_string); s2k_digest_string = NULL; if (openpgp_md_test_algo(opt.s2k_digest_algo)) log_error(_("selected digest algorithm is invalid\n")); } if( opt.completes_needed < 1 ) log_error(_("completes-needed must be greater than 0\n")); if( opt.marginals_needed < 2 ) log_error(_("marginals-needed must be greater than 1\n")); if( opt.max_cert_depth < 1 || opt.max_cert_depth > 255 ) log_error(_("max-cert-depth must be in the range from 1 to 255\n")); if(opt.def_cert_level<0 || opt.def_cert_level>3) log_error(_("invalid default-cert-level; must be 0, 1, 2, or 3\n")); if( opt.min_cert_level < 1 || opt.min_cert_level > 3 ) log_error(_("invalid min-cert-level; must be 1, 2, or 3\n")); switch( opt.s2k_mode ) { case 0: if (!opt.quiet) log_info(_("Note: simple S2K mode (0) is strongly discouraged\n")); break; case 1: case 3: break; default: log_error(_("invalid S2K mode; must be 0, 1 or 3\n")); } /* This isn't actually needed, but does serve to error out if the string is invalid. */ if(opt.def_preference_list && keygen_set_std_prefs(opt.def_preference_list,0)) log_error(_("invalid default preferences\n")); if(pers_cipher_list && keygen_set_std_prefs(pers_cipher_list,PREFTYPE_SYM)) log_error(_("invalid personal cipher preferences\n")); if(pers_digest_list && keygen_set_std_prefs(pers_digest_list,PREFTYPE_HASH)) log_error(_("invalid personal digest preferences\n")); if(pers_compress_list && keygen_set_std_prefs(pers_compress_list,PREFTYPE_ZIP)) log_error(_("invalid personal compress preferences\n")); /* We don't support all possible commands with multifile yet */ if(multifile) { char *cmdname; switch(cmd) { case aSign: cmdname="--sign"; break; case aSignEncr: cmdname="--sign --encrypt"; break; case aClearsign: cmdname="--clear-sign"; break; case aDetachedSign: cmdname="--detach-sign"; break; case aSym: cmdname="--symmetric"; break; case aEncrSym: cmdname="--symmetric --encrypt"; break; case aStore: cmdname="--store"; break; default: cmdname=NULL; break; } if(cmdname) log_error(_("%s does not yet work with %s\n"),cmdname,"--multifile"); } if( log_get_errorcount(0) ) { write_status_failure ("option-postprocessing", gpg_error(GPG_ERR_GENERAL)); g10_exit (2); } if(opt.compress_level==0) opt.compress_algo=COMPRESS_ALGO_NONE; /* Check our chosen algorithms against the list of legal algorithms. */ if(!GNUPG) { const char *badalg=NULL; preftype_t badtype=PREFTYPE_NONE; if(opt.def_cipher_algo && !algo_available(PREFTYPE_SYM,opt.def_cipher_algo,NULL)) { badalg = openpgp_cipher_algo_name (opt.def_cipher_algo); badtype = PREFTYPE_SYM; } else if(opt.def_digest_algo && !algo_available(PREFTYPE_HASH,opt.def_digest_algo,NULL)) { badalg = gcry_md_algo_name (opt.def_digest_algo); badtype = PREFTYPE_HASH; } else if(opt.cert_digest_algo && !algo_available(PREFTYPE_HASH,opt.cert_digest_algo,NULL)) { badalg = gcry_md_algo_name (opt.cert_digest_algo); badtype = PREFTYPE_HASH; } else if(opt.compress_algo!=-1 && !algo_available(PREFTYPE_ZIP,opt.compress_algo,NULL)) { badalg = compress_algo_to_string(opt.compress_algo); badtype = PREFTYPE_ZIP; } if(badalg) { switch(badtype) { case PREFTYPE_SYM: log_info (_("cipher algorithm '%s'" " may not be used in %s mode\n"), badalg, gnupg_compliance_option_string (opt.compliance)); break; case PREFTYPE_HASH: log_info (_("digest algorithm '%s'" " may not be used in %s mode\n"), badalg, gnupg_compliance_option_string (opt.compliance)); break; case PREFTYPE_ZIP: log_info (_("compression algorithm '%s'" " may not be used in %s mode\n"), badalg, gnupg_compliance_option_string (opt.compliance)); break; default: BUG(); } compliance_failure(); } } /* Check our chosen algorithms against the list of allowed * algorithms in the current compliance mode, and fail hard if it * is not. This is us being nice to the user informing her early * that the chosen algorithms are not available. We also check * and enforce this right before the actual operation. */ if (opt.def_cipher_algo && ! gnupg_cipher_is_allowed (opt.compliance, cmd == aEncr || cmd == aSignEncr || cmd == aEncrSym || cmd == aSym || cmd == aSignSym || cmd == aSignEncrSym, opt.def_cipher_algo, GCRY_CIPHER_MODE_NONE)) log_error (_("cipher algorithm '%s' may not be used in %s mode\n"), openpgp_cipher_algo_name (opt.def_cipher_algo), gnupg_compliance_option_string (opt.compliance)); if (opt.def_digest_algo && ! gnupg_digest_is_allowed (opt.compliance, cmd == aSign || cmd == aSignEncr || cmd == aSignEncrSym || cmd == aSignSym || cmd == aClearsign, opt.def_digest_algo)) log_error (_("digest algorithm '%s' may not be used in %s mode\n"), gcry_md_algo_name (opt.def_digest_algo), gnupg_compliance_option_string (opt.compliance)); /* Fail hard. */ if (log_get_errorcount (0)) { write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); g10_exit (2); } /* Set the random seed file. */ if (use_random_seed) { char *p = make_filename (gnupg_homedir (), "random_seed", NULL ); gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p); if (!gnupg_access (p, F_OK)) register_secured_file (p); xfree(p); } /* If there is no command but the --fingerprint is given, default to the --list-keys command. */ if (!cmd && fpr_maybe_cmd) { set_cmd (&cmd, aListKeys); } if( opt.verbose > 1 ) set_packet_list_mode(1); /* Add the keyrings, but not for some special commands. We always * need to add the keyrings if we are running under SELinux, this * is so that the rings are added to the list of secured files. * We do not add any keyring if --no-keyring has been used. */ if (default_keyring >= 0 && (ALWAYS_ADD_KEYRINGS || (cmd != aDeArmor && cmd != aEnArmor && cmd != aGPGConfTest))) { if (!nrings || default_keyring > 0) /* Add default ring. */ keydb_add_resource ("pubring" EXTSEP_S GPGEXT_GPG, KEYDB_RESOURCE_FLAG_DEFAULT); for (sl = nrings; sl; sl = sl->next ) keydb_add_resource (sl->d, sl->flags); } FREE_STRLIST(nrings); if (opt.pinentry_mode == PINENTRY_MODE_LOOPBACK) /* In loopback mode, never ask for the password multiple times. */ { opt.passphrase_repeat = 0; } if (cmd == aGPGConfTest) g10_exit(0); if (pwfd != -1) /* Read the passphrase now. */ read_passphrase_from_fd (pwfd); if (ovrseskeyfd != -1 ) /* Read the sessionkey now. */ read_sessionkey_from_fd (ovrseskeyfd); fname = argc? *argv : NULL; if(fname && utf8_strings) opt.flags.utf8_filename=1; ctrl = xcalloc (1, sizeof *ctrl); gpg_init_default_ctrl (ctrl); #ifndef NO_TRUST_MODELS switch (cmd) { case aPrimegen: case aPrintMD: case aPrintMDs: case aGenRandom: case aDeArmor: case aEnArmor: case aListConfig: case aListGcryptConfig: break; case aFixTrustDB: case aExportOwnerTrust: rc = setup_trustdb (0, trustdb_name); break; case aListTrustDB: rc = setup_trustdb (argc? 1:0, trustdb_name); break; case aKeygen: case aFullKeygen: case aQuickKeygen: rc = setup_trustdb (1, trustdb_name); break; default: /* If we are using TM_ALWAYS, we do not need to create the trustdb. */ rc = setup_trustdb (opt.trust_model != TM_ALWAYS, trustdb_name); break; } if (rc) log_error (_("failed to initialize the TrustDB: %s\n"), gpg_strerror (rc)); #endif /*!NO_TRUST_MODELS*/ switch (cmd) { case aStore: case aSym: case aSign: case aSignSym: case aClearsign: if (!opt.quiet && any_explicit_recipient) log_info (_("WARNING: recipients (-r) given " "without using public key encryption\n")); break; default: break; } /* Check for certain command whether we need to migrate a secring.gpg to the gpg-agent. */ switch (cmd) { case aListSecretKeys: case aSign: case aSignEncr: case aSignEncrSym: case aSignSym: case aClearsign: case aDecrypt: case aSignKey: case aLSignKey: case aEditKey: case aPasswd: case aDeleteSecretKeys: case aDeleteSecretAndPublicKeys: case aQuickKeygen: case aQuickAddUid: case aQuickAddKey: case aQuickRevUid: case aQuickSetPrimaryUid: case aQuickUpdatePref: case aFullKeygen: case aKeygen: case aImport: case aExportSecret: case aExportSecretSub: case aGenRevoke: case aDesigRevoke: case aCardEdit: case aChangePIN: migrate_secring (ctrl); break; case aListKeys: if (opt.with_secret) migrate_secring (ctrl); break; default: break; } /* The command dispatcher. */ switch( cmd ) { case aServer: gpg_server (ctrl); break; case aStore: /* only store the file */ if( argc > 1 ) wrong_args("--store [filename]"); if( (rc = encrypt_store(fname)) ) { write_status_failure ("store", rc); log_error ("storing '%s' failed: %s\n", print_fname_stdin(fname),gpg_strerror (rc) ); } break; case aSym: /* encrypt the given file only with the symmetric cipher */ if( argc > 1 ) wrong_args("--symmetric [filename]"); if( (rc = encrypt_symmetric(fname)) ) { write_status_failure ("symencrypt", rc); log_error (_("symmetric encryption of '%s' failed: %s\n"), print_fname_stdin(fname),gpg_strerror (rc) ); } break; case aEncr: /* encrypt the given file */ if(multifile) encrypt_crypt_files (ctrl, argc, argv, remusr); else { if( argc > 1 ) wrong_args("--encrypt [filename]"); if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 0, NULL, -1)) ) { write_status_failure ("encrypt", rc); log_error("%s: encryption failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } } break; case aEncrSym: /* This works with PGP 8 in the sense that it acts just like a symmetric message. It doesn't work at all with 2 or 6. It might work with 7, but alas, I don't have a copy to test with right now. */ if( argc > 1 ) wrong_args("--symmetric --encrypt [filename]"); else if(opt.s2k_mode==0) log_error(_("you cannot use --symmetric --encrypt" " with --s2k-mode 0\n")); else if(PGP6 || PGP7) log_error(_("you cannot use --symmetric --encrypt" " in %s mode\n"), gnupg_compliance_option_string (opt.compliance)); else { if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 1, NULL, -1)) ) { write_status_failure ("encrypt", rc); log_error ("%s: encryption failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } } break; case aSign: /* sign the given file */ sl = NULL; if( detached_sig ) { /* sign all files */ for( ; argc; argc--, argv++ ) add_to_strlist( &sl, *argv ); } else { if( argc > 1 ) wrong_args("--sign [filename]"); if( argc ) { sl = xmalloc_clear( sizeof *sl + strlen(fname)); strcpy(sl->d, fname); } } if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 0, NULL, NULL))) { write_status_failure ("sign", rc); log_error ("signing failed: %s\n", gpg_strerror (rc) ); } free_strlist(sl); break; case aSignEncr: /* sign and encrypt the given file */ if( argc > 1 ) wrong_args("--sign --encrypt [filename]"); if( argc ) { sl = xmalloc_clear( sizeof *sl + strlen(fname)); strcpy(sl->d, fname); } else sl = NULL; if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 1, remusr, NULL))) { write_status_failure ("sign-encrypt", rc); log_error("%s: sign+encrypt failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } free_strlist(sl); break; case aSignEncrSym: /* sign and encrypt the given file */ if( argc > 1 ) wrong_args("--symmetric --sign --encrypt [filename]"); else if(opt.s2k_mode==0) log_error(_("you cannot use --symmetric --sign --encrypt" " with --s2k-mode 0\n")); else if(PGP6 || PGP7) log_error(_("you cannot use --symmetric --sign --encrypt" " in %s mode\n"), gnupg_compliance_option_string (opt.compliance)); else { if( argc ) { sl = xmalloc_clear( sizeof *sl + strlen(fname)); strcpy(sl->d, fname); } else sl = NULL; if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 2, remusr, NULL))) { write_status_failure ("sign-encrypt", rc); log_error("%s: symmetric+sign+encrypt failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } free_strlist(sl); } break; case aSignSym: /* sign and conventionally encrypt the given file */ if (argc > 1) wrong_args("--sign --symmetric [filename]"); rc = sign_symencrypt_file (ctrl, fname, locusr); if (rc) { write_status_failure ("sign-symencrypt", rc); log_error("%s: sign+symmetric failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } break; case aClearsign: /* make a clearsig */ if( argc > 1 ) wrong_args("--clear-sign [filename]"); if( (rc = clearsign_file (ctrl, fname, locusr, NULL)) ) { write_status_failure ("sign", rc); log_error("%s: clear-sign failed: %s\n", print_fname_stdin(fname), gpg_strerror (rc) ); } break; case aVerify: if (multifile) { if ((rc = verify_files (ctrl, argc, argv))) log_error("verify files failed: %s\n", gpg_strerror (rc) ); } else { if ((rc = verify_signatures (ctrl, argc, argv))) log_error("verify signatures failed: %s\n", gpg_strerror (rc) ); } if (rc) write_status_failure ("verify", rc); break; case aDecrypt: if (multifile) decrypt_messages (ctrl, argc, argv); else { if( argc > 1 ) wrong_args("--decrypt [filename]"); if( (rc = decrypt_message (ctrl, fname) )) { write_status_failure ("decrypt", rc); log_error("decrypt_message failed: %s\n", gpg_strerror (rc) ); } } break; case aQuickSignKey: case aQuickLSignKey: { const char *fpr; if (argc < 1) wrong_args ("--quick-[l]sign-key fingerprint [userids]"); fpr = *argv++; argc--; sl = NULL; for( ; argc; argc--, argv++) append_to_strlist2 (&sl, *argv, utf8_strings); keyedit_quick_sign (ctrl, fpr, sl, locusr, (cmd == aQuickLSignKey)); free_strlist (sl); } break; case aQuickRevSig: { const char *userid, *siguserid; if (argc < 2) wrong_args ("--quick-revoke-sig USER-ID SIG-USER-ID [userids]"); userid = *argv++; argc--; siguserid = *argv++; argc--; sl = NULL; for( ; argc; argc--, argv++) append_to_strlist2 (&sl, *argv, utf8_strings); keyedit_quick_revsig (ctrl, userid, siguserid, sl); free_strlist (sl); } break; case aSignKey: if( argc != 1 ) wrong_args("--sign-key user-id"); /* fall through */ case aLSignKey: if( argc != 1 ) wrong_args("--lsign-key user-id"); /* fall through */ sl=NULL; if(cmd==aSignKey) append_to_strlist(&sl,"sign"); else if(cmd==aLSignKey) append_to_strlist(&sl,"lsign"); else BUG(); append_to_strlist( &sl, "save" ); username = make_username( fname ); keyedit_menu (ctrl, username, locusr, sl, 0, 0 ); xfree(username); free_strlist(sl); break; case aEditKey: /* Edit a key signature */ if( !argc ) wrong_args("--edit-key user-id [commands]"); username = make_username( fname ); if( argc > 1 ) { sl = NULL; for( argc--, argv++ ; argc; argc--, argv++ ) append_to_strlist( &sl, *argv ); keyedit_menu (ctrl, username, locusr, sl, 0, 1 ); free_strlist(sl); } else keyedit_menu (ctrl, username, locusr, NULL, 0, 1 ); xfree(username); break; case aPasswd: if (argc != 1) wrong_args("--change-passphrase "); else { username = make_username (fname); keyedit_passwd (ctrl, username); xfree (username); } break; case aDeleteKeys: case aDeleteSecretKeys: case aDeleteSecretAndPublicKeys: sl = NULL; /* Print a note if the user did not specify any key. */ if (!argc && !opt.quiet) log_info (_("Note: %s\n"), gpg_strerror (GPG_ERR_NO_KEY)); /* I'm adding these in reverse order as add_to_strlist2 reverses them again, and it's easier to understand in the proper order :) */ for( ; argc; argc-- ) add_to_strlist2( &sl, argv[argc-1], utf8_strings ); delete_keys (ctrl, sl, cmd==aDeleteSecretKeys, cmd==aDeleteSecretAndPublicKeys); free_strlist(sl); break; case aCheckKeys: opt.check_sigs = 1; /* fall through */ case aListSigs: opt.list_sigs = 1; /* fall through */ case aListKeys: sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist2( &sl, *argv, utf8_strings ); public_key_list (ctrl, sl, 0, 0); free_strlist(sl); break; case aListSecretKeys: sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist2( &sl, *argv, utf8_strings ); secret_key_list (ctrl, sl); free_strlist(sl); break; case aLocateKeys: case aLocateExtKeys: sl = NULL; for (; argc; argc--, argv++) add_to_strlist2( &sl, *argv, utf8_strings ); if (cmd == aLocateExtKeys && akl_empty_or_only_local ()) { /* This is a kludge to let --locate-external-keys even * work if the config file has --no-auto-key-locate. This * better matches the expectations of the user. */ release_akl (); parse_auto_key_locate (DEFAULT_AKL_LIST); } public_key_list (ctrl, sl, 1, cmd == aLocateExtKeys); free_strlist (sl); break; case aQuickKeygen: { const char *x_algo, *x_usage, *x_expire; if (argc < 1 || argc > 4) wrong_args("--quick-generate-key USER-ID [ALGO [USAGE [EXPIRE]]]"); username = make_username (fname); argv++, argc--; x_algo = ""; x_usage = ""; x_expire = ""; if (argc) { x_algo = *argv++; argc--; if (argc) { x_usage = *argv++; argc--; if (argc) { x_expire = *argv++; argc--; } } } if (mopt.forbid_gen_key) gen_key_forbidden (); else quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire); xfree (username); } break; case aKeygen: /* generate a key */ if (mopt.forbid_gen_key) gen_key_forbidden (); else if( opt.batch ) { if( argc > 1 ) wrong_args("--generate-key [parameterfile]"); generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0); } else { if (opt.command_fd != -1 && argc) { if( argc > 1 ) wrong_args("--generate-key [parameterfile]"); opt.batch = 1; generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0); } else if (argc) wrong_args ("--generate-key"); else generate_keypair (ctrl, 0, NULL, NULL, 0); } break; case aFullKeygen: /* Generate a key with all options. */ if (mopt.forbid_gen_key) gen_key_forbidden (); else if (opt.batch) { if (argc > 1) wrong_args ("--full-generate-key [parameterfile]"); generate_keypair (ctrl, 1, argc? *argv : NULL, NULL, 0); } else { if (argc) wrong_args("--full-generate-key"); generate_keypair (ctrl, 1, NULL, NULL, 0); } break; case aQuickAddUid: { const char *uid, *newuid; if (argc != 2) wrong_args ("--quick-add-uid USER-ID NEW-USER-ID"); uid = *argv++; argc--; newuid = *argv++; argc--; keyedit_quick_adduid (ctrl, uid, newuid); } break; case aQuickAddKey: { const char *x_fpr, *x_algo, *x_usage, *x_expire; if (argc < 1 || argc > 4) wrong_args ("--quick-add-key FINGERPRINT [ALGO [USAGE [EXPIRE]]]"); x_fpr = *argv++; argc--; x_algo = ""; x_usage = ""; x_expire = ""; if (argc) { x_algo = *argv++; argc--; if (argc) { x_usage = *argv++; argc--; if (argc) { x_expire = *argv++; argc--; } } } if (mopt.forbid_gen_key) gen_key_forbidden (); else keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire); } break; case aQuickRevUid: { const char *uid, *uidtorev; if (argc != 2) wrong_args ("--quick-revoke-uid USER-ID USER-ID-TO-REVOKE"); uid = *argv++; argc--; uidtorev = *argv++; argc--; keyedit_quick_revuid (ctrl, uid, uidtorev); } break; case aQuickSetExpire: { const char *x_fpr, *x_expire; if (argc < 2) wrong_args ("--quick-set-exipre FINGERPRINT EXPIRE [SUBKEY-FPRS]"); x_fpr = *argv++; argc--; x_expire = *argv++; argc--; keyedit_quick_set_expire (ctrl, x_fpr, x_expire, argv); } break; case aQuickSetPrimaryUid: { const char *uid, *primaryuid; if (argc != 2) wrong_args ("--quick-set-primary-uid USER-ID PRIMARY-USER-ID"); uid = *argv++; argc--; primaryuid = *argv++; argc--; keyedit_quick_set_primary (ctrl, uid, primaryuid); } break; case aQuickUpdatePref: { if (argc != 1) wrong_args ("--quick-update-pref USER-ID"); keyedit_quick_update_pref (ctrl, *argv); } break; case aFastImport: opt.import_options |= IMPORT_FAST; /* fall through */ case aImport: case aShowKeys: import_keys (ctrl, argc? argv:NULL, argc, NULL, opt.import_options, opt.key_origin, opt.key_origin_url); break; /* TODO: There are a number of command that use this same "make strlist, call function, report error, free strlist" pattern. Join them together here and avoid all that duplicated code. */ case aExport: case aSendKeys: case aRecvKeys: sl = NULL; for( ; argc; argc--, argv++ ) append_to_strlist2( &sl, *argv, utf8_strings ); if( cmd == aSendKeys ) rc = keyserver_export (ctrl, sl ); else if( cmd == aRecvKeys ) rc = keyserver_import (ctrl, sl ); else { export_stats_t stats = export_new_stats (); rc = export_pubkeys (ctrl, sl, opt.export_options, stats); export_print_stats (stats); export_release_stats (stats); } if(rc) { if(cmd==aSendKeys) { write_status_failure ("send-keys", rc); log_error(_("keyserver send failed: %s\n"),gpg_strerror (rc)); } else if(cmd==aRecvKeys) { write_status_failure ("recv-keys", rc); log_error (_("keyserver receive failed: %s\n"), gpg_strerror (rc)); } else { write_status_failure ("export", rc); log_error (_("key export failed: %s\n"), gpg_strerror (rc)); } } free_strlist(sl); break; case aExportSshKey: if (argc != 1) wrong_args ("--export-ssh-key "); rc = export_ssh_key (ctrl, argv[0]); if (rc) { write_status_failure ("export-ssh-key", rc); log_error (_("export as ssh key failed: %s\n"), gpg_strerror (rc)); } break; case aSearchKeys: sl = NULL; for (; argc; argc--, argv++) append_to_strlist2 (&sl, *argv, utf8_strings); rc = keyserver_search (ctrl, sl); if (rc) { write_status_failure ("search-keys", rc); log_error (_("keyserver search failed: %s\n"), gpg_strerror (rc)); } free_strlist (sl); break; case aRefreshKeys: sl = NULL; for( ; argc; argc--, argv++ ) append_to_strlist2( &sl, *argv, utf8_strings ); rc = keyserver_refresh (ctrl, sl); if(rc) { write_status_failure ("refresh-keys", rc); log_error (_("keyserver refresh failed: %s\n"),gpg_strerror (rc)); } free_strlist(sl); break; case aFetchKeys: sl = NULL; for( ; argc; argc--, argv++ ) append_to_strlist2( &sl, *argv, utf8_strings ); rc = keyserver_fetch (ctrl, sl, opt.key_origin); free_strlist (sl); if(rc) { write_status_failure ("fetch-keys", rc); log_error ("key fetch failed: %s\n",gpg_strerror (rc)); if (gpg_err_code (rc) == GPG_ERR_NO_DATA) g10_exit (1); /* In this case return 1 and not 2. */ } break; case aExportSecret: sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist2( &sl, *argv, utf8_strings ); { export_stats_t stats = export_new_stats (); export_seckeys (ctrl, sl, opt.export_options, stats); export_print_stats (stats); export_release_stats (stats); } free_strlist(sl); break; case aExportSecretSub: sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist2( &sl, *argv, utf8_strings ); { export_stats_t stats = export_new_stats (); export_secsubkeys (ctrl, sl, opt.export_options, stats); export_print_stats (stats); export_release_stats (stats); } free_strlist(sl); break; case aGenRevoke: if( argc != 1 ) wrong_args("--generate-revocation user-id"); username = make_username(*argv); gen_revoke (ctrl, username ); xfree( username ); break; case aDesigRevoke: if (argc != 1) wrong_args ("--generate-designated-revocation user-id"); username = make_username (*argv); gen_desig_revoke (ctrl, username, locusr); xfree (username); break; case aDeArmor: if( argc > 1 ) wrong_args("--dearmor [file]"); rc = dearmor_file( argc? *argv: NULL ); if( rc ) { write_status_failure ("dearmor", rc); log_error (_("dearmoring failed: %s\n"), gpg_strerror (rc)); } break; case aEnArmor: if( argc > 1 ) wrong_args("--enarmor [file]"); rc = enarmor_file( argc? *argv: NULL ); if( rc ) { write_status_failure ("enarmor", rc); log_error (_("enarmoring failed: %s\n"), gpg_strerror (rc)); } break; case aPrimegen: #if 0 /*FIXME*/ { int mode = argc < 2 ? 0 : atoi(*argv); if( mode == 1 && argc == 2 ) { mpi_print (es_stdout, generate_public_prime( atoi(argv[1]) ), 1); } else if( mode == 2 && argc == 3 ) { mpi_print (es_stdout, generate_elg_prime( 0, atoi(argv[1]), atoi(argv[2]), NULL,NULL ), 1); } else if( mode == 3 && argc == 3 ) { MPI *factors; mpi_print (es_stdout, generate_elg_prime( 1, atoi(argv[1]), atoi(argv[2]), NULL,&factors ), 1); es_putc ('\n', es_stdout); mpi_print (es_stdout, factors[0], 1 ); /* print q */ } else if( mode == 4 && argc == 3 ) { MPI g = mpi_alloc(1); mpi_print (es_stdout, generate_elg_prime( 0, atoi(argv[1]), atoi(argv[2]), g, NULL ), 1); es_putc ('\n', es_stdout); mpi_print (es_stdout, g, 1 ); mpi_free (g); } else wrong_args("--gen-prime mode bits [qbits] "); es_putc ('\n', es_stdout); } #endif wrong_args("--gen-prime not yet supported "); break; case aGenRandom: { int level = argc ? atoi(*argv):0; int count = argc > 1 ? atoi(argv[1]): 0; int endless = !count; int hexhack = (level == 16); if (hexhack) level = 1; /* Level 30 uses the same algorithm as our magic wand in * pinentry/gpg-agent. */ if (level == 30) { unsigned int nbits = 150; size_t nbytes = (nbits + 7) / 8; void *rand; char *generated; rand = gcry_random_bytes_secure (nbytes, GCRY_STRONG_RANDOM); if (!rand) log_fatal ("failed to generate random password\n"); generated = zb32_encode (rand, nbits); gcry_free (rand); es_fputs (generated, es_stdout); es_putc ('\n', es_stdout); xfree (generated); break; } if (argc < 1 || argc > 2 || level < 0 || level > 2 || count < 0) wrong_args ("--gen-random 0|1|2|16|30 [count]"); while (endless || count) { byte *p; /* We need a multiple of 3, so that in case of armored * output we get a correct string. No linefolding is * done, as it is best to leave this to other tools */ size_t n = !endless && count < 99? count : 99; size_t nn; p = gcry_random_bytes (n, level); -#ifdef HAVE_DOSISH_SYSTEM - setmode ( fileno(stdout), O_BINARY ); -#endif if (hexhack) { for (nn = 0; nn < n; nn++) es_fprintf (es_stdout, "%02x", p[nn]); } else if (opt.armor) { char *tmp = make_radix64_string (p, n); es_fputs (tmp, es_stdout); xfree (tmp); if (n%3 == 1) es_putc ('=', es_stdout); if (n%3) es_putc ('=', es_stdout); } else { + es_set_binary (es_stdout); es_fwrite( p, n, 1, es_stdout ); } xfree(p); if (!endless) count -= n; } if (opt.armor || hexhack) es_putc ('\n', es_stdout); } break; case aPrintMD: if( argc < 1) wrong_args("--print-md algo [files]"); { int all_algos = (**argv=='*' && !(*argv)[1]); int algo = all_algos? 0 : gcry_md_map_name (*argv); if( !algo && !all_algos ) log_error(_("invalid hash algorithm '%s'\n"), *argv ); else { argc--; argv++; if( !argc ) print_mds(NULL, algo); else { for(; argc; argc--, argv++ ) print_mds(*argv, algo); } } } break; case aPrintMDs: /* old option */ if( !argc ) print_mds(NULL,0); else { for(; argc; argc--, argv++ ) print_mds(*argv,0); } break; #ifndef NO_TRUST_MODELS case aListTrustDB: if( !argc ) list_trustdb (ctrl, es_stdout, NULL); else { for( ; argc; argc--, argv++ ) list_trustdb (ctrl, es_stdout, *argv ); } break; case aUpdateTrustDB: if( argc ) wrong_args("--update-trustdb"); update_trustdb (ctrl); break; case aCheckTrustDB: /* Old versions allowed for arguments - ignore them */ check_trustdb (ctrl); break; case aFixTrustDB: how_to_fix_the_trustdb (); break; case aListTrustPath: if( !argc ) wrong_args("--list-trust-path "); for( ; argc; argc--, argv++ ) { username = make_username( *argv ); list_trust_path( username ); xfree(username); } break; case aExportOwnerTrust: if( argc ) wrong_args("--export-ownertrust"); export_ownertrust (ctrl); break; case aImportOwnerTrust: if( argc > 1 ) wrong_args("--import-ownertrust [file]"); import_ownertrust (ctrl, argc? *argv:NULL ); break; #endif /*!NO_TRUST_MODELS*/ case aRebuildKeydbCaches: if (argc) wrong_args ("--rebuild-keydb-caches"); keydb_rebuild_caches (ctrl, 1); break; #ifdef ENABLE_CARD_SUPPORT case aCardStatus: if (argc == 0) card_status (ctrl, es_stdout, NULL); else if (argc == 1) card_status (ctrl, es_stdout, *argv); else wrong_args ("--card-status [serialno]"); break; case aCardEdit: if (argc) { sl = NULL; for (argc--, argv++ ; argc; argc--, argv++) append_to_strlist (&sl, *argv); card_edit (ctrl, sl); free_strlist (sl); } else card_edit (ctrl, NULL); break; case aChangePIN: if (!argc) change_pin (0,1); else if (argc == 1) change_pin (atoi (*argv),1); else wrong_args ("--change-pin [no]"); break; #endif /* ENABLE_CARD_SUPPORT*/ case aListConfig: { char *str=collapse_args(argc,argv); list_config(str); xfree(str); } break; case aListGcryptConfig: /* Fixme: It would be nice to integrate that with --list-config but unfortunately there is no way yet to have libgcrypt print it to an estream for further parsing. */ gcry_control (GCRYCTL_PRINT_CONFIG, stdout); break; case aTOFUPolicy: #ifdef USE_TOFU { int policy; int i; KEYDB_HANDLE hd; if (argc < 2) wrong_args ("--tofu-policy POLICY KEYID [KEYID...]"); policy = parse_tofu_policy (argv[0]); hd = keydb_new (); if (! hd) { write_status_failure ("tofu-driver", gpg_error(GPG_ERR_GENERAL)); g10_exit (1); } tofu_begin_batch_update (ctrl); for (i = 1; i < argc; i ++) { KEYDB_SEARCH_DESC desc; kbnode_t kb; rc = classify_user_id (argv[i], &desc, 0); if (rc) { log_error (_("error parsing key specification '%s': %s\n"), argv[i], gpg_strerror (rc)); write_status_failure ("tofu-driver", rc); g10_exit (1); } if (! (desc.mode == KEYDB_SEARCH_MODE_SHORT_KID || desc.mode == KEYDB_SEARCH_MODE_LONG_KID || desc.mode == KEYDB_SEARCH_MODE_FPR16 || desc.mode == KEYDB_SEARCH_MODE_FPR20 || desc.mode == KEYDB_SEARCH_MODE_FPR || desc.mode == KEYDB_SEARCH_MODE_KEYGRIP)) { log_error (_("'%s' does not appear to be a valid" " key ID, fingerprint or keygrip\n"), argv[i]); write_status_failure ("tofu-driver", gpg_error(GPG_ERR_GENERAL)); g10_exit (1); } rc = keydb_search_reset (hd); if (rc) { /* This should not happen, thus no need to tranalate the string. */ log_error ("keydb_search_reset failed: %s\n", gpg_strerror (rc)); write_status_failure ("tofu-driver", rc); g10_exit (1); } rc = keydb_search (hd, &desc, 1, NULL); if (rc) { log_error (_("key \"%s\" not found: %s\n"), argv[i], gpg_strerror (rc)); write_status_failure ("tofu-driver", rc); g10_exit (1); } rc = keydb_get_keyblock (hd, &kb); if (rc) { log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc)); write_status_failure ("tofu-driver", rc); g10_exit (1); } merge_keys_and_selfsig (ctrl, kb); if (tofu_set_policy (ctrl, kb, policy)) { write_status_failure ("tofu-driver", rc); g10_exit (1); } release_kbnode (kb); } tofu_end_batch_update (ctrl); keydb_release (hd); } #endif /*USE_TOFU*/ break; default: if (!opt.quiet) log_info (_("WARNING: no command supplied." " Trying to guess what you mean ...\n")); /*FALLTHRU*/ case aListPackets: if( argc > 1 ) wrong_args("[filename]"); /* Issue some output for the unix newbie */ if (!fname && !opt.outfile && gnupg_isatty (fileno (stdin)) && gnupg_isatty (fileno (stdout)) && gnupg_isatty (fileno (stderr))) log_info(_("Go ahead and type your message ...\n")); a = iobuf_open(fname); if (a && is_secured_file (iobuf_get_fd (a))) { iobuf_close (a); a = NULL; gpg_err_set_errno (EPERM); } if( !a ) log_error(_("can't open '%s'\n"), print_fname_stdin(fname)); else { if( !opt.no_armor ) { if( use_armor_filter( a ) ) { afx = new_armor_context (); push_armor_filter (afx, a); } } if( cmd == aListPackets ) { opt.list_packets=1; set_packet_list_mode(1); } rc = proc_packets (ctrl, NULL, a ); if( rc ) { write_status_failure ("-", rc); log_error ("processing message failed: %s\n", gpg_strerror (rc)); } iobuf_close(a); } break; } /* cleanup */ gpg_deinit_default_ctrl (ctrl); xfree (ctrl); release_armor_context (afx); FREE_STRLIST(remusr); FREE_STRLIST(locusr); g10_exit(0); return 8; /*NEVER REACHED*/ } /* Note: This function is used by signal handlers!. */ static void emergency_cleanup (void) { gcry_control (GCRYCTL_TERM_SECMEM ); } void g10_exit( int rc ) { /* If we had an error but not printed an error message, do it now. * Note that write_status_failure will never print a second failure * status line. */ if (rc) write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL)); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); if (DBG_CLOCK) log_clock ("stop"); if ( (opt.debug & DBG_MEMSTAT_VALUE) ) { keydb_dump_stats (); sig_check_dump_stats (); gcry_control (GCRYCTL_DUMP_MEMORY_STATS); gcry_control (GCRYCTL_DUMP_RANDOM_STATS); } if (opt.debug) gcry_control (GCRYCTL_DUMP_SECMEM_STATS ); emergency_cleanup (); rc = rc? rc : log_get_errorcount(0)? 2 : g10_errors_seen? 1 : 0; exit (rc); } /* Pretty-print hex hashes. This assumes at least an 80-character display, but there are a few other similar assumptions in the display code. */ static void print_hex (gcry_md_hd_t md, int algo, const char *fname) { int i,n,count,indent=0; const byte *p; if (fname) indent = es_printf("%s: ",fname); if (indent>40) { es_printf ("\n"); indent=0; } if (algo==DIGEST_ALGO_RMD160) indent += es_printf("RMD160 = "); else if (algo>0) indent += es_printf("%6s = ", gcry_md_algo_name (algo)); else algo = abs(algo); count = indent; p = gcry_md_read (md, algo); n = gcry_md_get_algo_dlen (algo); count += es_printf ("%02X",*p++); for(i=1;i79) { es_printf ("\n%*s",indent," "); count = indent; } else count += es_printf(" "); if (!(i%8)) count += es_printf(" "); } else if (n==20) { if(!(i%2)) { if(count+4>79) { es_printf ("\n%*s",indent," "); count=indent; } else count += es_printf(" "); } if (!(i%10)) count += es_printf(" "); } else { if(!(i%4)) { if (count+8>79) { es_printf ("\n%*s",indent," "); count=indent; } else count += es_printf(" "); } } count += es_printf("%02X",*p); } es_printf ("\n"); } static void print_hashline( gcry_md_hd_t md, int algo, const char *fname ) { int i, n; const byte *p; if ( fname ) { for (p = fname; *p; p++ ) { if ( *p <= 32 || *p > 127 || *p == ':' || *p == '%' ) es_printf ("%%%02X", *p ); else es_putc (*p, es_stdout); } } es_putc (':', es_stdout); es_printf ("%d:", algo); p = gcry_md_read (md, algo); n = gcry_md_get_algo_dlen (algo); for(i=0; i < n ; i++, p++ ) es_printf ("%02X", *p); es_fputs (":\n", es_stdout); } static void print_mds( const char *fname, int algo ) { estream_t fp; char buf[1024]; size_t n; gcry_md_hd_t md; if (!fname) { fp = es_stdin; es_set_binary (fp); } else { fp = es_fopen (fname, "rb" ); if (fp && is_secured_file (es_fileno (fp))) { es_fclose (fp); fp = NULL; gpg_err_set_errno (EPERM); } } if (!fp) { log_error("%s: %s\n", fname?fname:"[stdin]", strerror(errno) ); return; } gcry_md_open (&md, 0, 0); if (algo) gcry_md_enable (md, algo); else { if (!gcry_md_test_algo (GCRY_MD_MD5)) gcry_md_enable (md, GCRY_MD_MD5); gcry_md_enable (md, GCRY_MD_SHA1); if (!gcry_md_test_algo (GCRY_MD_RMD160)) gcry_md_enable (md, GCRY_MD_RMD160); if (!gcry_md_test_algo (GCRY_MD_SHA224)) gcry_md_enable (md, GCRY_MD_SHA224); if (!gcry_md_test_algo (GCRY_MD_SHA256)) gcry_md_enable (md, GCRY_MD_SHA256); if (!gcry_md_test_algo (GCRY_MD_SHA384)) gcry_md_enable (md, GCRY_MD_SHA384); if (!gcry_md_test_algo (GCRY_MD_SHA512)) gcry_md_enable (md, GCRY_MD_SHA512); } while ((n=es_fread (buf, 1, DIM(buf), fp))) gcry_md_write (md, buf, n); if (es_ferror(fp)) log_error ("%s: %s\n", fname?fname:"[stdin]", strerror(errno)); else { gcry_md_final (md); if (opt.with_colons) { if ( algo ) print_hashline (md, algo, fname); else { if (!gcry_md_test_algo (GCRY_MD_MD5)) print_hashline( md, GCRY_MD_MD5, fname ); print_hashline( md, GCRY_MD_SHA1, fname ); if (!gcry_md_test_algo (GCRY_MD_RMD160)) print_hashline( md, GCRY_MD_RMD160, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA224)) print_hashline (md, GCRY_MD_SHA224, fname); if (!gcry_md_test_algo (GCRY_MD_SHA256)) print_hashline( md, GCRY_MD_SHA256, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA384)) print_hashline ( md, GCRY_MD_SHA384, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA512)) print_hashline ( md, GCRY_MD_SHA512, fname ); } } else { if (algo) print_hex (md, -algo, fname); else { if (!gcry_md_test_algo (GCRY_MD_MD5)) print_hex (md, GCRY_MD_MD5, fname); print_hex (md, GCRY_MD_SHA1, fname ); if (!gcry_md_test_algo (GCRY_MD_RMD160)) print_hex (md, GCRY_MD_RMD160, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA224)) print_hex (md, GCRY_MD_SHA224, fname); if (!gcry_md_test_algo (GCRY_MD_SHA256)) print_hex (md, GCRY_MD_SHA256, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA384)) print_hex (md, GCRY_MD_SHA384, fname ); if (!gcry_md_test_algo (GCRY_MD_SHA512)) print_hex (md, GCRY_MD_SHA512, fname ); } } } gcry_md_close (md); if (fp != es_stdin) es_fclose (fp); } /**************** * Check the supplied name,value string and add it to the notation * data to be used for signatures. which==0 for sig notations, and 1 * for cert notations. */ static void add_notation_data( const char *string, int which ) { struct notation *notation; notation=string_to_notation(string,utf8_strings); if(notation) { if(which) { notation->next=opt.cert_notations; opt.cert_notations=notation; } else { notation->next=opt.sig_notations; opt.sig_notations=notation; } } } static void add_policy_url( const char *string, int which ) { unsigned int i,critical=0; strlist_t sl; if(*string=='!') { string++; critical=1; } for(i=0;iflags |= 1; } static void add_keyserver_url( const char *string, int which ) { unsigned int i,critical=0; strlist_t sl; if(*string=='!') { string++; critical=1; } for(i=0;iflags |= 1; } static void read_sessionkey_from_fd (int fd) { int i, len; char *line; if (! gnupg_fd_valid (fd)) log_fatal ("override-session-key-fd is invalid: %s\n", strerror (errno)); for (line = NULL, i = len = 100; ; i++ ) { if (i >= len-1 ) { char *tmp = line; len += 100; line = xmalloc_secure (len); if (tmp) { memcpy (line, tmp, i); xfree (tmp); } else i=0; } if (read (fd, line + i, 1) != 1 || line[i] == '\n') break; } line[i] = 0; log_debug ("seskey: %s\n", line); gpgrt_annotate_leaked_object (line); opt.override_session_key = line; }