Documentaion updates.

Support doe Dirmngr under W32.
Fixed a yat2m bug.

13 files changed, 226 insertions, 45 deletions

diff --git a/NEWS b/NEWS
index 755e2cfba..40351234e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,4 @@
-Noteworthy changes in version 2.0.6
+Noteworthy changes in version 2.0.6 (2007-08-14)
 ------------------------------------------------
 
  * GPGSM does now grok --default-key.
@@ -8,6 +8,10 @@ Noteworthy changes in version 2.0.6
  * GPGSM does again correctly print the serial number as well the the
    various keyids.  This was broken since 2.0.4.
 
+ * New option --validation-model and support for the chain-model.
+
+ * Imporved Windows support.
+
  
 Noteworthy changes in version 2.0.5 (2007-07-05)
 ------------------------------------------------
diff --git a/TODO b/TODO
index 7b1c1cfd6..7cffa2446 100644
--- a/TODO
+++ b/TODO
@@ -110,6 +110,7 @@
 * Remove -sat PGP2 compatibility hack
 
 * UTF-8 specific TODOs
+  None.
 
 * Pinpad Reader
   We do not yet support P15 applications.  The trivial thing using
@@ -124,11 +125,7 @@
 * Howtos
 ** Migrate OpenPGP keys to another system
 
-
-* do_add_recipient 
- Prints wrong error message even when decrypting.
- *Decrypt* does even not work in this case.
-
 * Duplicate certifciates
   This may happen and lead to an Ambiguous Name error.  Solution is to
-  check the certs for identity beforethorwin this error.
+  check the certs for identity before throwing this error.
+
diff --git a/common/ChangeLog b/common/ChangeLog
index f963e5282..3a54c8683 100644
--- a/common/ChangeLog
+++ b/common/ChangeLog
@@ -1,3 +1,7 @@
+2007-08-14  Werner Koch  <wk@g10code.com>
+
+	* homedir.c (dirmngr_socket_name): New.
+
 2007-08-07  Werner Koch  <wk@g10code.com>
 
 	* tlv.c, tlv.h: Move from ../scd/.
diff --git a/common/homedir.c b/common/homedir.c
index 212c3509d..52206191e 100644
--- a/common/homedir.c
+++ b/common/homedir.c
@@ -290,6 +290,29 @@ gnupg_datadir (void)
 }
 
 
+/* Return the default socket name used by DirMngr. */
+const char *
+dirmngr_socket_name (void)
+{
+#ifdef HAVE_W32_SYSTEM
+  static char *name;
+
+  if (!name)
+    {
+      const char *s1, *s2;
+      s1 = w32_rootdir (); 
+      s2 = DIRSEP_S "S.dirmngr";
+      name = xmalloc (strlen (s1) + strlen (s2) + 1);
+      strcpy (stpcpy (name, s1), s2);
+    }
+  return name;
+#else /*!HAVE_W32_SYSTEM*/
+  return "/var/run/dirmngr/socket";
+#endif /*!HAVE_W32_SYSTEM*/
+}
+
+
+
 /* Return the file name of a helper tool.  WHICH is one of the
    GNUPG_MODULE_NAME_foo constants.  */
 const char *
diff --git a/common/util.h b/common/util.h
index 9821d6ab6..ad398ac97 100644
--- a/common/util.h
+++ b/common/util.h
@@ -178,6 +178,7 @@ const char *gnupg_bindir (void);
 const char *gnupg_libexecdir (void);
 const char *gnupg_libdir (void);
 const char *gnupg_datadir (void);
+const char *dirmngr_socket_name (void);
 
 #define GNUPG_MODULE_NAME_AGENT        1
 #define GNUPG_MODULE_NAME_PINENTRY     2
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 69f028c3c..07c497cc7 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,15 @@
+2007-08-14  Werner Koch  <wk@g10code.com>
+
+	* glossary.texi (Glossary): Add a more items.
+
+2007-08-13  Werner Koch  <wk@g10code.com>
+
+	* yat2m.c (proc_texi_cmd): Do not put @samp content between two
+	newlines.
+
+	* gpg-agent.texi (Agent Configuration): Explain the CM flag for
+	trustlist.txt.
+
 2007-08-09  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.texi (Certificate Options): Describe --validation-model.
diff --git a/doc/glossary.texi b/doc/glossary.texi
index 22bd7adc5..ff68f9d42 100644
--- a/doc/glossary.texi
+++ b/doc/glossary.texi
@@ -12,6 +12,21 @@
 @acronym{CRL} but used for @acronym{CA}s and not for end user
 certificates.
 
+@item Chain model
+     Verification model for X.509 which uses the creation date of a
+signature as the date the validation starts and in turn checks that each
+certificate has been issued within the time frame, the issuing
+certificate was valid.  This allows the verification of signatures after
+the the CA's certificate expired.  The validation test also required an
+online check of the certificate status.  The chain model is required by
+the German signature law.  See also @emph{Shell model}.
+
+@item CMS
+     The @emph{Cryptographic Message Standard} describes a message
+format for encryption and digital signing.  It is closely related to the
+X.509 certificate format.  @acronym{CMS} was formerly known under the
+name @code{PKCS#7} and is described by @code{RFC3369}.
+
 @item CRL
      The @emph{Certificate Revocation List} is a list containing
 certificates revoked by the issuer.
@@ -21,6 +36,12 @@ certificates revoked by the issuer.
 ask them to issue a new certificate.  The data format of such a signing
 request is called PCKS#10.
 
+@item OpenPGP
+      A data format used to build a PKI and to exchange encrypted or
+signed messages.  In contrast to X.509, OpenPGP also includes the
+message format but does not explicilty demand a specific PKI.  However
+any kind of PKI may be build upon the OpenPGP protocol.
+
 @item Keygrip
       This term is used by GnuPG to describe a 20 byte hash value used
 to identify a certain key without referencing to a concrete protocol.
@@ -37,4 +58,15 @@ store private keys.  This is either a smartcard or a collection of files
 on a disk; the latter is often called a Soft-PSE.
 
 
+@item Shell model
+The standard model for validation of certificates under X.509.  At the
+time of the verification all certifciates must be valid and not expired.
+See also @emph{Chain mode}.
+
+
+@item X.509
+Description of a PKI used with CMS.  It is for example
+defined by @code{RFC3280}.
+
+
 @end table
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index e9ef3a9e9..829530bd8 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -493,31 +493,40 @@ This is however not as secure as maintaining this file manually.  It is
 even advisable to change the permissions to read-only so that this file
 can't be changed inadvertently.
 
-It is possible to add further flags after the @code{S} for use by the
-caller.  The only flag currently defined is @code{relax} to relax
-checking of some root certificate requirements.
-
 As a special feature a line @code{include-default} will include a global
 list of trusted certificates (e.g. @file{/etc/gnupg/trustlist.txt}).
 This global list is also used if the local list is not available.
 
+It is possible to add further flags after the @code{S} for use by the
+caller:
+
+@table @code
+@item relax
+Relax checking of some root certificate requirements.
+
+@item cm
+If validation of a certificate finally issued by a CA with this flag set
+fails, try again using the chain validation model.
+
+@end table
+
   
 @item sshcontrol
 
-  This file is used when support for the secure shell agent protocol has
-  been enabled (@pxref{option --enable-ssh-support}). Only keys present in
-  this file are used in the SSH protocol.  The @command{ssh-add} tool y be
-  used to add new entries to this file; you may also add them manually.
-  Comment lines, indicated by a leading hash mark, as well as empty lines
-  are ignored.  An entry starts with optional white spaces, followed by
-  the keygrip of the key given as 40 hex digits, optionally followed by
-  the caching TTL in seconds and another optional field for arbitrary
-  flags.  A @code{!} may be prepended to the keygrip to disable this
-  entry.
+This file is used when support for the secure shell agent protocol has
+been enabled (@pxref{option --enable-ssh-support}). Only keys present
+in this file are used in the SSH protocol.  The @command{ssh-add} tool
+y be used to add new entries to this file; you may also add them
+manually.  Comment lines, indicated by a leading hash mark, as well as
+empty lines are ignored.  An entry starts with optional white spaces,
+followed by the keygrip of the key given as 40 hex digits, optionally
+followed by the caching TTL in seconds and another optional field for
+arbitrary flags.  A @code{!} may be prepended to the keygrip to
+disable this entry.
     
-  The follwoing example lists exactly one key.  Note that keys available
-  through a OpenPGP smartcard in the active smartcard reader are implictly
-  added to this list; i.e. there is no need to list them.
+The follwoing example lists exactly one key.  Note that keys available
+through a OpenPGP smartcard in the active smartcard reader are
+implictly added to this list; i.e. there is no need to list them.
   
   @example
   # Key added on 2005-02-25 15:08:29
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index 38b35364c..e98de1512 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -339,7 +339,8 @@ a running dirmngr can't be connected.
 @opindex prefer-system-dirmngr
 If a system wide @command{dirmngr} is running in daemon mode, first try
 to connect to this one.  Fallback to a pipe based server if this does
-not work.
+not work.  Under Windows this option is ignored because the system dirmngr is
+always used.
 
 @item --no-secmem-warning
 @opindex no-secmem-warning
diff --git a/doc/yat2m.c b/doc/yat2m.c
index dbb198b82..9411e3419 100644
--- a/doc/yat2m.c
+++ b/doc/yat2m.c
@@ -449,7 +449,7 @@ proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len,
     { "code",    0, "\\fB", "\\fR" },
     { "sc",      0, "\\fB", "\\fR" },
     { "var",     0, "\\fI", "\\fR" },
-    { "samp",    0, "\n'",  "'\n"  },
+    { "samp",    0, "'",  "'"  },
     { "file",    0, "`\\fI","\\fR'" }, 
     { "env",     0, "`\\fI","\\fR'" }, 
     { "acronym", 0 },
diff --git a/sm/ChangeLog b/sm/ChangeLog
index 5e51dae7a..eb7d50057 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,19 @@
+2007-08-14  Werner Koch  <wk@g10code.com>
+
+	* call-dirmngr.c (start_dirmngr): Use dirmngr_socket_name.  change
+	the way infostr is xstrdupped.
+
+	* gpgsm.c (main) [W32]: Make --prefer-system-dirmngr a dummy under
+	Windows.
+
+2007-08-13  Werner Koch  <wk@g10code.com>
+
+	* gpgsm.c (do_add_recipient): Add RECP_REQUIRED and make error
+	message depend on that.
+	(main): Add avriable RECP_REQUIRED, set ift for encryption
+	commands and pass it to do_add_recipient.
+	(our_pk_test_algo, our_cipher_test_algo, our_md_test_algo): Implement.
+
 2007-08-09  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.c (main) [W32]: Enable CRL check by default.
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 3beb57799..a35e93cde 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -34,8 +34,6 @@
 #include "i18n.h"
 #include "keydb.h"
 
-/* The name of the socket for a system daemon.  */
-#define DEFAULT_SOCKET_NAME "/var/run/dirmngr/socket"
 
 struct membuf {
   size_t len;
@@ -155,14 +153,23 @@ start_dirmngr (void)
   /* Note: if you change this to multiple connections, you also need
      to take care of the implicit option sending caching. */
 
+#ifdef HAVE_W32_SYSTEM
+  infostr = NULL;
+  opt.prefer_system_dirmngr = 1;
+#else
   infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO");
-  if (opt.prefer_system_dirmngr && !force_pipe_server
-      &&(!infostr || !*infostr))
+#endif /*HAVE_W32_SYSTEM*/
+  if (infostr && !*infostr)
+    infostr = NULL;
+  else if (infostr)
+    infostr = xstrdup (infostr);
+
+  if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr)
     {
-      infostr = DEFAULT_SOCKET_NAME;
+      infostr = xstrdup (dirmngr_socket_name ());
       try_default = 1;
     }
-  if (!infostr || !*infostr)
+  if (!infostr)
     {
       const char *pgmname;
       const char *argv[3];
@@ -206,8 +213,7 @@ start_dirmngr (void)
       int prot;
       int pid;
 
-      infostr = xstrdup (infostr);
-      if (!try_default && *infostr)
+      if (!try_default)
         {
           if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr)
             {
@@ -234,13 +240,20 @@ start_dirmngr (void)
         pid = -1;
 
       rc = assuan_socket_connect (&ctx, infostr, pid);
+#ifdef HAVE_W32_SYSTEM
+      if (rc)
+        log_debug ("connecting dirmngr at `%s' failed\n", infostr);
+#endif
+
       xfree (infostr);
+#ifndef HAVE_W32_SYSTEM
       if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED)
         {
           log_error (_("can't connect to the dirmngr - trying fall back\n"));
           force_pipe_server = 1;
           return start_dirmngr ();
         }
+#endif /*!HAVE_W32_SYSTEM*/
     }
 
   if (rc)
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 69f1532fd..c51eabd6d 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -491,25 +491,65 @@ static FILE *open_fwrite (const char *filename);
 static estream_t open_es_fwrite (const char *filename);
 static void run_protect_tool (int argc, char **argv);
 
+/* Remove this if libgcrypt 1.3.0 is required. */
+#define MY_GCRY_PK_ECDSA  301
+
 
 static int
 our_pk_test_algo (int algo)
 {
-  return 1;
+  switch (algo)
+    {
+    case GCRY_PK_RSA:
+    case MY_GCRY_PK_ECDSA:
+      return gcry_pk_test_algo (algo);
+    default:
+      return 1;
+    }
 }
 
 static int
 our_cipher_test_algo (int algo)
 {
-  return 1;
+  switch (algo)
+    {
+    case GCRY_CIPHER_3DES:
+    case GCRY_CIPHER_AES128:
+    case GCRY_CIPHER_AES192:
+    case GCRY_CIPHER_AES256:
+    case GCRY_CIPHER_SERPENT128:
+    case GCRY_CIPHER_SERPENT192:
+    case GCRY_CIPHER_SERPENT256:
+    case 309 /*GCRY_CIPHER_SEED*/:
+    case 310 /*GCRY_CIPHER_CAMELLIA128*/:
+    case 311 /*GCRY_CIPHER_CAMELLIA192*/:
+    case 312 /*GCRY_CIPHER_CAMELLIA256*/:
+      return gcry_cipher_test_algo (algo);
+    default:
+      return 1;
+    }
 }
 
+
 static int
 our_md_test_algo (int algo)
 {
-  return 1;
+  switch (algo)
+    {
+    case GCRY_MD_MD5:
+    case GCRY_MD_SHA1:
+    case GCRY_MD_RMD160:
+    case GCRY_MD_SHA256:
+    case GCRY_MD_SHA384:
+    case GCRY_MD_SHA512:
+    case 305 /*GCRY_MD_WHIRLPOOL*/:
+      return gcry_md_test_algo (algo);
+    default:
+      return 1;
+    }
 }
 
+
 static const char *
 my_strusage( int level )
 {
@@ -571,12 +611,12 @@ build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
     gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
   }
 
-  for (i=1; i < 110; i++ )
+  for (i=1; i < 400; i++ )
     if (!chkf(i))
       n += strlen(mapf(i)) + 2;
   list = xmalloc (21 + n);
   *list = 0;
-  for (p=NULL, i=1; i < 110; i++)
+  for (p=NULL, i=1; i < 400; i++)
     {
       if (!chkf(i))
         {
@@ -683,13 +723,15 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
 /* Helper to add recipients to a list. */
 static void
 do_add_recipient (ctrl_t ctrl, const char *name,
-                  certlist_t *recplist, int is_encrypt_to)
+                  certlist_t *recplist, int is_encrypt_to, int recp_required)
 {
   int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to);
   if (rc)
     {
-      log_error (_("can't encrypt to `%s': %s\n"), name, gpg_strerror (rc));
-      gpgsm_status2 (ctrl, STATUS_INV_RECP,
+      if (recp_required)
+        {
+          log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc));
+          gpgsm_status2 (ctrl, STATUS_INV_RECP,
                      gpg_err_code (rc) == -1?                         "1":
                      gpg_err_code (rc) == GPG_ERR_NO_PUBKEY?          "1":
                      gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME?     "2":
@@ -701,6 +743,10 @@ do_add_recipient (ctrl_t ctrl, const char *name,
                      gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH?    "8":
                      "0",
                      name, NULL);
+        }
+      else
+        log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"),
+                  name, gpg_strerror (rc));
     }
 }
 
@@ -747,6 +793,7 @@ main ( int argc, char **argv)
   certlist_t recplist = NULL;
   certlist_t signerlist = NULL;
   int do_not_setup_keys = 0;
+  int recp_required = 0;
 
   /*mtrace();*/
 
@@ -943,9 +990,13 @@ main ( int argc, char **argv)
           set_cmd (&cmd, pargs.r_opt);
           break;
 
+        case aEncr: 
+          recp_required = 1;
+          set_cmd (&cmd, pargs.r_opt);
+          break;
+
         case aSym:
         case aDecrypt: 
-        case aEncr: 
         case aSign: 
         case aClearsign: 
         case aVerify: 
@@ -1295,6 +1346,22 @@ main ( int argc, char **argv)
     opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2";
   else if (!strcmp (opt.def_cipher_algoid, "AES256") )
     opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42";
+  else if (!strcmp (opt.def_cipher_algoid, "SERPENT")
+           || !strcmp (opt.def_cipher_algoid, "SERPENT128") )
+    opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2";
+  else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
+    opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22";
+  else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
+    opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
+  else if (!strcmp (opt.def_cipher_algoid, "SEED") )
+    opt.def_cipher_algoid = "1.2.410.200004.1.4";
+  else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA") 
+           || !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
+    opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
+  else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
+    opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3";
+  else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") )
+    opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4";
 
   if (cmd != aGPGConfList)
     {
@@ -1384,12 +1451,12 @@ main ( int argc, char **argv)
          complain about no (regular) recipients. */
       for (sl = remusr; sl; sl = sl->next)
         if (!(sl->flags & 1))
-          do_add_recipient (&ctrl, sl->d, &recplist, 0);
+          do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required);
       if (!opt.no_encrypt_to)
         {
           for (sl = remusr; sl; sl = sl->next)
             if ((sl->flags & 1))
-              do_add_recipient (&ctrl, sl->d, &recplist, 1);
+              do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
         }
     }
 
@@ -1428,8 +1495,10 @@ main ( int argc, char **argv)
                 GC_OPT_FLAG_NONE );
         printf ("auto-issuer-key-retrieve:%lu:\n",
                 GC_OPT_FLAG_NONE );
+#ifndef HAVE_W32_SYSTEM
         printf ("prefer-system-dirmngr:%lu:\n",
                 GC_OPT_FLAG_NONE );
+#endif
         printf ("cipher-algo:%lu:\"3DES:\n",
                 GC_OPT_FLAG_DEFAULT );
         printf ("p12-charset:%lu:\n",