| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
--
The second thing is to explain the file names below under
~/.gnupg/openpgp-revocs.d/.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
--
The copyright list in AUTHORS as been compiled from a distribution
tarball.
|
| |
|
|
|
|
|
|
|
| |
* g10/migrate.c: New.
* g10/import.c (import_old_secring): New.
(import_one): Add arg silent.
(transfer_secret_keys): Add arg batch.
(import_secret_one): Add args batch and for_migration.
* g10/gpg.c (main): Call migration function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_import_key): Add option --unattended.
* agent/cvt-openpgp.c (convert_transfer_key): New.
(do_unprotect): Factor some code out to ...
(prepare_unprotect): new function.
(convert_from_openpgp): Factor all code out to ...
(convert_from_openpgp_main): this. Add arg 'passphrase'. Implement
openpgp-native protection modes.
(convert_from_openpgp_native): New.
* agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion
* agent/protect-tool.c (convert_from_openpgp_native): Ditto.
* agent/protect.c (agent_unprotect): Add arg CTRL. Adjust all
callers. Support openpgp-native protection.
* g10/call-agent.c (agent_import_key): Add arg 'unattended'.
* g10/import.c (transfer_secret_keys): Use unattended in batch mode.
--
With the gpg-agent taking care of the secret keys, the user needs to
migrate existing keys from secring.gpg to the agent. This and also
the standard import of secret keys required the user to unprotect the
secret keys first, so that gpg-agent was able to re-protected them
using its own scheme. With many secret keys this is quite some
usability hurdle. In particular if a passphrase is not instantly
available.
To make this migration smoother, this patch implements an unattended
key import/migration which delays the conversion to the gpg-agent
format until the key is actually used. For example:
gpg2 --batch --import mysecretkey.gpg
works without any user interaction due to the use of --batch. Now if
a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent
has to ask for the passphrase anyway, converts the key from the
openpgp format to the internal format, signs, re-encrypts the key and
tries to store it in the gpg-agent format to the disk. The next time,
the internal format of the key is used.
This patch has only been tested with the old demo keys, more tests
with other protection formats and no protection are needed.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
| |
Without Libgcrypt 1.5 is was not possible to use ECC keys. ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.
Also fixed a few missing prototypes.
|
| |
|
|
| |
Nuked some trailing spaces.
|
| | |
|
| | |
|
| |
|
|
|
| |
Translations are for now disabled.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Removed intl/.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
* README: Spelling fixes.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.
* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates. This is required because on signature
verification an expired key is fine whereas a revoked one is not.
* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter. Changed all callers.
* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Makefile.am (sc_investigate): Removed.
* pcsc-wrapper.c (load_pcsc_driver): Load get_status_change func.
(handle_open): Succeed even without a present card.
(handle_status, handle_reset): New.
* apdu.c (apdu_open_reader): Load pcsc_get_status_change fucntion.
(pcsc_get_status): Implemented.
(reset_pcsc_reader): Implemented.
(open_pcsc_reader): Succeed even with no card inserted.
(open_ccid_reader): Set LAST_STATUS.
* iso7816.c (iso7816_select_application): Always use 0 for P1.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(headerblurb): Rephrased.
* gpg-agent.c (handle_connections): Increase the stack size ot 256k.
* de.po: Updated.
* scdaemon.c (main): Bumbed thread stack size up to 512k.
* keylist.c (list_cert_raw): Print the keygrip.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
labels. Make sure that a value won't get truncated if it includes
a Nul.
|
| |
|
|
|
| |
smartcard applications.
|
| |
|
|
|
| |
* configure.ac, Makefile.am: Add the tests and tools directories.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
structure, so that it can indeed be updated.
* card-util.c (fpr_is_zero): New.
(generate_card_keys): New.
(card_edit): New command "generate".
* keygen.c (generate_keypair): New arg CARD_SERIALNO, removed call
to check_smartcard.
(check_smartcard,show_smartcard): Removed.
(show_sha1_fpr,fpr_is_zero): Removed.
* app-openpgp.c (do_getattr): Support SERIALNO and AID.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Makefile.am (ACLOCAL_AMFLAGS): New.
* configure.ac (AM_GNU_GETTEXT_VERSION): New. Set to 0.11.5.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
system lacking a /dev/random is now auto selected at runtime.
|
| | |
|
| |
|
|
|
|
| |
* README: Removed the note about a development version so that we
later don't forget this. Minor other changes.
|
| |
|
|
|
| |
random module. Define USE_ALL_RANDOM_MODULES for value all.
|
| | |
|
