summaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpgtar: Emit progress status lines in create mode.Werner Koch2023-01-301-1/+7
| | | | | | | | | | | | | | | | | * tools/gpgtar.h (opt): Add field status_stream. * tools/gpgtar.c (main): Set status_stream. * tools/gpgtar-create.c (global_header_count): Rename to global_total_files. (global_written_files): New. (global_total_data, global_written_data): New. (struct scanctrl_s): Add field file_count. (write_progress): New. (write_file): Add arg skipped_open. Don't bail out immediatly on open error. Write progress lines. (gpgtar_create): Write progress lines. Print info aout skipped files. -- GnuPG-bug-id: 6363
* gpgtar: Allow decryption from stdin.Werner Koch2023-01-261-2/+6
| | | | | | | | * tools/gpgtar.c (main): Revamp switch and fix usage test for aDecrypt and aList. -- GnuPG-bug-id: 6355
* doc: Remove profile and systemd example files.Werner Koch2023-01-2313-212/+6
| | | | | | | | | | | | -- The profiles are not any longer useful because global options are way more powerful (/etc/gnupg/gpg.conf et al.). The use of systemd is deprecated because of additional complexity and the race between systemd based autolaunching and the explicit gnupg based and lockfile protected autolaunching. GnuPG-bug-id: 6336
* gpg: Replace --override-compliance-check by a real fix.Werner Koch2023-01-201-7/+1
| | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_allowed): Handle EdDSA. * g10/gpg.c (oOverrideComplianceCheck): Remove. (opts): Turn --override-compliance-check into a dummy option. * g10/options.h (opt): Remove override_compliance_check. * g10/sig-check.c (check_key_verify_compliance): Remove use of that option. -- The introduction of --override-compliance-check actually hid the real cause for the signature verification problem in de-vs mode for the Ed25519 key. The real fix is to handle the EdDSA algorithm in gnupg_pk_is_allowed. Fixes-commit: fb26e144adfd93051501d58f5d0d4f8826ddf436 GnuPG-bug-id: 5655
* doc: Update copyright notices.Werner Koch2023-01-201-1/+1
| | | | | | -- Note that we now print Copyright g10 Code instead of FSF.
* wkd: Support option --output for command --check.Werner Koch2023-01-201-1/+3
| | | | | | * tools/wks-util.c (write_to_file): Rename to ... (wks_write_to_file): this, make global, and support NULL for fname. * tools/gpg-wks-client.c (command_check): Write to key.
* doc: Revert last change the gpg --unwrap descriptionWerner Koch2023-01-191-3/+2
| | | | | | | -- Note that --unwrap is an option and not a command. Thus it modifies the behaviour of the default operation or of -d.
* gpg: Detect already compressed data also when using a pipe.Werner Koch2023-01-191-6/+18
| | | | | | | | | | | | | | | | | | | | | * common/iobuf.c (file_filter_ctx_t): Add fields for the peek feature. (file_filter): Implement peeking. (iobuf_ioctl): Add new IOBUF_IOCTL_PEEK. * common/iobuf.h (IOBUF_IOCTL_PEEK, IOBUFCTRL_PEEK): New. * common/miscellaneous.c (is_file_compressed): Rewrite. Detect PDF. * g10/encrypt.c (encrypt_simple): Peek before detecting compression. (encrypt_crypt): Ditto. * g10/sign.c (sign_file): Also detect already compressed data. * g10/options.h (opt): Add explicit_compress_option. * g10/gpg.c (main): Set opt.explicit_compress_option for -z. -- Note that this patch also introduces a compression check for signing which was never done in the past. GnuPG-bug-id: 6332
* doc: Minor fix of the --keyserver option.Werner Koch2023-01-111-9/+9
| | | | | | -- Unfortunately the a reflow took place.
* Update NEWS for 2.4.0Werner Koch2022-12-161-2/+4
|
* doc: Typo fixesWerner Koch2022-12-164-7/+7
| | | | | | | -- Reported-by: Andreas Metzler GnuPG-bug-id: 6309
* gpgsm: Always use the chain model if the root-CA requests this.Werner Koch2022-12-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Do not use option --force-default-responder. * sm/certchain.c (is_cert_still_valid): Rename arg for clarity. (gpgsm_validate_chain): Always switch to chain model. -- The trustlist.txt may indicate that a root CA issues certificates which shall be validated using the chain model. This is for example the case for qualified signatures. Before this change we did this only if the default shell model indicated that a certificate has expired. This optimization is technically okay but has one problem: The chain model requires the use of OCSP but we switch to this only when running the chain model validation. To catch revoked certificates using OCSP we need to always switch to the chain model unless OCSP has been enabled anyway. Note that the old --force-default-responder option is not anymore used. Test cases are certificates issued by # CN=TeleSec qualified Root CA 1 # O=Deutsche Telekom AG # C=DE # 2.5.4.97=USt-IdNr. DE 123475223 90:C6:13:6C:7D:EF:EF:E9:7C:C7:64:F9:D2:67:8E:AD:03:E5:52:96 \ S cm qual relax A sample revoked certificate is -----BEGIN CERTIFICATE----- MIIDTzCCAvSgAwIBAgIQIXfquQjq32B03CdaflIbiDAMBggqhkjOPQQDAgUAMHEx CzAJBgNVBAYTAkRFMRwwGgYDVQQKDBNEZXV0c2NoZSBUZWxla29tIEFHMSMwIQYD VQQDDBpUZWxlU2VjIFBLUyBlSURBUyBRRVMgQ0EgMTEfMB0GA1UEYQwWVVN0LUlk TnIuIERFIDEyMzQ3NTIyMzAeFw0yMDA2MjIxMDQ1NDJaFw0yMzA2MjUyMzU5MDBa MDAxCzAJBgNVBAYTAkRFMRUwEwYDVQQDDAxLb2NoLCBXZXJuZXIxCjAIBgNVBAUT ATMwWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEbkEXUuXTriWOwqQhjlh11oCc 6Z8lQdQDz3zY/OEh8fMJS7AKBNo8zkpPKDJ2olPph18b1goEbLiqHQsPRPahDaOC AaowggGmMB8GA1UdIwQYMBaAFP/0iep1rMXT0iQ0+WUqBvLM6bqBMB0GA1UdDgQW BBQEI3xsIUDnoOx+gLYbG63v5/f9kjAOBgNVHQ8BAf8EBAMCBkAwDAYDVR0TAQH/ BAIwADAgBgNVHREEGTAXgRV3ZXJuZXIua29jaEBnbnVwZy5jb20wPQYDVR0gBDYw NDAyBgcEAIvsQAECMCcwJQYIKwYBBQUHAgEWGWh0dHA6Ly9wa3MudGVsZXNlYy5k ZS9jcHMwgYQGCCsGAQUFBwEBBHgwdjBLBggrBgEFBQcwAoY/aHR0cDovL3RxcmNh MS5wa2kudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19QS1NfZUlEQVNfUUVTX0NBXzEu Y3J0MCcGCCsGAQUFBzABhhtodHRwOi8vcGtzLnRlbGVzZWMuZGUvb2NzcHIwXgYI KwYBBQUHAQMEUjBQMAgGBgQAjkYBATAIBgYEAI5GAQQwOgYGBACORgEFMDAwLhYo aHR0cHM6Ly93d3cudGVsZXNlYy5kZS9zaWduYXR1cmthcnRlL2FnYhMCZW4wDAYI KoZIzj0EAwIFAANHADBEAiAqgB8gyZyj05CRdHD5KJcpG68DzQECYnYP6ZPasUYK AQIgI1GtRMJWvFTIKsZpgY+ty0pRb5/K09fbmvaSAKFpv/I= -----END CERTIFICATE-----
* gpg: New export option "mode1003".Werner Koch2022-12-022-0/+18
| | | | | | | | | | | | | | | | | | | | | | * agent/command.c (cmd_export_key): Add option --mode1003. (command_has_option): Ditto. * g10/build-packet.c (do_key): Implement mode 1003. * g10/parse-packet.c (parse_key): Ditto. * g10/options.h (EXPORT_MODE1003): New.o * g10/call-agent.c (agent_export_key): Add arg mode1003. * g10/export.c (parse_export_options): Add "mode1003" (secret_key_to_mode1003): New. (receive_seckey_from_agent): Add arg mode1003. (do_export_one_keyblock): Pass option down. -- This option allows to export a secret key in GnuPG's native format. Thus no re-encryption is required and further the public key parameters are also authenticated if a protection passphrase has been used. Note that --import is not yet able to handle this new mode. Although old version of GnuPG will bail out with "invalid packet" if a mode1003 exported secret key is seen.
* doc: Deprecate scd-event option of scdaemon.NIIBE Yutaka2022-11-301-1/+2
| | | | | | -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* wkd: New option --add-revocs and some fixes.Werner Koch2022-11-291-0/+8
| | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add add_revocs. * tools/wks-util.c (wks_get_key): Add arg 'binary'. (wks_armor_key): New. (wks_find_add_revocs): New. (wks_cmd_install_key): Get key in binary mode and add revocations if enabled. * tools/gpg-wks-client.c (oAddRevocs): New. (opts): Add --add-revocs. (parse_arguments): Set option, (command_send): Get key in binary mode, add revocations if enabled, and explictly armor key. Remove kludge to skip the Content-type line in no_encrypt mode. (mirror_one_keys_userid): Always filter the key to get rid of the armor as received from dirmngr. Add revocations from the local keyring. -- Note that this also fixes an oddity of the new mirror command which used to store the keys armored as received from dirmngr.
* gpg: New export-filter export-revocsWerner Koch2022-11-281-0/+5
| | | | | | | | | | | * g10/options.h (EXPORT_REVOCS): New. * g10/export.c (export_select_filter): New. (struct export_filter_attic_s): Add field. (cleanup_export_globals): Cleanup. (parse_export_options): Add option "export-revocs". (parse_and_set_export_filter): Parse the select type. (do_export_revocs): New. (do_export_stream): Add a way to select things for export.
* gpg: New option --list-filterWerner Koch2022-11-251-2/+39
| | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oListFilter): New. (opts): Add --list-filter. (main): Parse oListFilter. * g10/keylist.c: Include init.h and recsel.h. (struct list_filter_s, list_filter): New. (release_list_filter): New. (cleanup_keylist_globals): New. (parse_and_set_list_filter): New. (list_keyblock): Implement --list-filter type "select". * g10/import.c (impex_filter_getval): Add scope support and new property names "key-size", "algostr", "origin", "lastupd", and "url". -- This option is pretty useful to select keys based on their properties. The scope thing can be sued to limit a selection to just the primary key or to subkeys. For example: gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519' Lists all non-revoked keys with an ed25519 (signing)-subkey.
* dirmngr: Silence ocsp debug output.Werner Koch2022-11-251-0/+4
| | | | | | | * dirmngr/ocsp.c (check_signature_core): No debug output -- Also typo and doc fixes.
* agent: Allow trustlist on Windows in Unicode homedirs.Werner Koch2022-11-101-8/+13
| | | | * agent/trustlist.c (agent_marktrusted): Use gnupg_access.
* gpg: New option --quick-update-pref.Werner Koch2022-11-041-1/+12
| | | | | | | | | | | | * g10/gpg.c (aQuickUpdatePref): New. (opts): Add --quick-update-pref. (main): Implement. * g10/keyedit.c (keyedit_quick_update_pref): New. (menu_set_preferences): Add arg 'unattended' and adjust caller. -- This new quick command is in particular useful to update existing keys so that they can be used with OCB mode.
* gpg: Allow only OCB for AEAD encryption.Werner Koch2022-10-311-23/+12
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): New option--force-ocb as alias for force-aead. Turn --aead-algo and --personal-aead-preferences into dummy options. (build_list_md_test_algo, build_list_aead_algo_name): Remove. (my_strusage): Remove output of AEAD algos. (main): Remove code from the --aead options. * g10/encrypt.c (encrypt_seskey): Make file local. (use_aead): Remove requirement for rfc4880bis. Always return AEAD_ALGO_OCB. * g10/main.h (DEFAULT_AEAD_ALGO): Removed unused macro. * g10/misc.c (default_aead_algo): Remove. * g10/pkclist.c (select_aead_from_pklist): Return AEAD_ALGO_OCB or 0. (select_algo_from_prefs): Remove personal AEAD algo setting. * g10/keygen.c (keygen_set_std_prefs): Remove AEAD preference option parsing. * g10/options.h (opt): Remove def_aead_algo and personal_aead_prefs. -- Due to the meanwhile expired patent on OCB there is no more reason for using EAX. Thus we forcefully use OCB if the AEAD feature flag is set on a key.
* gpg: New option --compatibility-flagsWerner Koch2022-10-311-0/+8
| | | | | | | | | | | * g10/gpg.c (oCompatibilityFlags): New. (opts): Add option. (compatibility_flags): New list. (main): Set flags and print help. * g10/options.h (opt): Add field compatibility_flags. -- No flags are yet defined but it is good to have the framework.
* wkd: Implement --blacklist option for gpg-wks-clientWerner Koch2022-10-071-2/+37
| | | | | | | | | | | | * tools/gpg-wks-client.c (blacklist_array, blacklist_array_len): New. (parse_arguments): Install blacklist. (read_file): New. (cmp_blacklist, add_blacklist, is_in_blacklist): New. (mirror_one_key): Check list. * tools/gpg-wks.h (opt): Remove field blacklist. -- GnuPG-bug-id: 6224
* dirmngr: New server flag "areconly" (A-record-only)Werner Koch2022-09-281-0/+3
| | | | | | | | | | | | | | | * dirmngr/dirmngr.h (struct ldap_server_s): Add field areconly. * dirmngr/ldapserver.c (ldapserver_parse_one): Parse "areconly" * dirmngr/ks-engine-ldap.c (my_ldap_connect): Implement this flag. * dirmngr/dirmngr_ldap.c: Add option --areconly (connect_ldap): Implement option. * dirmngr/ldap.c (run_ldap_wrapper): Add and pass that option. -- This flag is used to pass the Windows specific option LDAP_OPT_AREC_EXCLUSIVE. It is ignored on other systems. Signed-off-by: Werner Koch <wk@gnupg.org>
* doc: Keep list of RFCs only in DETAILSWerner Koch2022-09-162-25/+9
| | | | --
* dirmngr:dns,doc,gpg: Fix for noreturn for C11.NIIBE Yutaka2022-09-161-1/+1
| | | | | | | | | | | * dirmngr/dns.c: Use __noreturn__. * doc/yat2m.c: Likewise. * g10/main.h: Likewise. -- GnuPG-bug-id: 4002 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent: Don't start in --supervised mode if no-autostart is enabled.Werner Koch2022-09-071-0/+3
| | | | | * agent/gpg-agent.c (main): Print an error message if no-autostart is set in common.conf.
* gpg: Support key flags for RENC, TIME, and GROUP.Werner Koch2022-09-071-0/+17
| | | | | | | | | | | | | | | | | | * g10/packet.h (PUBKEY_USAGE_RENC): New. (PUBKEY_USAGE_TIME): New. (PUBKEY_USAGE_GROUP): New. * g10/getkey.c (parse_key_usage): Set the new key flags. * g10/keyedit.c (show_key_with_all_names_colon): Show the new key flags. * g10/keyid.c (usagestr_from_pk): Ditto * g10/keylist.c (print_capabilities): Ditto. * g10/keygen.c (parse_usagestr): Parse line and set new flags. (quickgen_set_para): Show flags. -- See draft-koch-openpgp-2015-rfc4880bis-00 for the current version. Actually these flags have been in the draft for years now. This patch is a first step to make use of them.
* common: Silence warnings from AllowSetForegroundWindow.Werner Koch2022-08-031-0/+6
| | | | | * common/sysutils.c (gnupg_allow_set_foregound_window): Print warning only with debug flag set.
* gpgconf: Add config file for Windows Registry dumps.Werner Koch2022-08-032-1/+14
| | | | | | | * tools/gpgconf.c (show_registry_entries_from_file): New. (show_configs): Call it. * doc/examples/gpgconf.rnames: New. * doc/Makefile.am (examples): Add it.
* doc: Minor typo fixWerner Koch2022-07-261-1/+1
| | | | | | -- GnuPG-bug-id: 6092
* agent: Do not consider --min-passphrase-len for the magic wand.Werner Koch2022-06-271-3/+4
| | | | | * agent/call-pinentry.c (generate_pin): Lock to exactly 30 octets. * g10/gpg.c (main) <aGenRandom>: Add Level 30.
* agent: New option --no-user-trustlist and --sys-trustlist-name.Werner Koch2022-06-141-1/+18
| | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New. (opts): Add new option names. (parse_rereadable_options): Parse options. (finalize_rereadable_options): Reset allow-mark-trusted for the new option. * agent/agent.h (opt): Add fields no_user_trustlist and sys_trustlist_name. * agent/trustlist.c (make_sys_trustlist_name): New. (read_one_trustfile): Use here. (read_trustfiles): Use here. Implement --no-user-trustlist. -- With the global options we can now avoid that a user changes the Root-CA trust by editing the trustlist.txt. However, to implement this we need a new option so that we don't need to rely on some magic like --no-allow-mark-trusted has been put into a force section. The second option makes system administration easier as it allows to keep the trustlist in a non-distributed file. GnuPG-bug-id: 5990
* gpgsm: New option --compatibility-flags.Werner Koch2022-06-131-0/+8
| | | | | | | | | | * sm/gpgsm.c (oCompatibilityFlags): New option. (compatibility_flags): new. (main): Parse and print them in verbose mode. * sm/gpgsm.h (opt): Add field compat_glags.: (COMPAT_ALLOW_KA_TO_ENCR): New. * sm/keylist.c (print_capabilities): Take care of the new flag. * sm/certlist.c (cert_usage_p): Ditto.
* w32: Allow Unicode filenames for iobuf_cancel.Werner Koch2022-06-031-3/+4
| | | | | | | | | * common/iobuf.c (iobuf_cancel): Use gnupg_remove * common/mischelp.c (same_file_p): Allow for Unicode names. -- Note that the second patch is used to handle Unicode filenames which are symbolic links.
* tools: Minor fix to gpg-connect-agent options.Werner Koch2022-06-021-0/+7
| | | | | * tools/gpg-connect-agent.c (enum cmd_and_opt_values): Move oUnBuffered more to the top so that oNoop won't not get the value 'v'.
* Deprecate the --supervised options.Werner Koch2022-04-252-5/+3
| | | | | | | | * agent/gpg-agent.c (main): Mark --supervised as deprecated. * dirmngr/dirmngr.c (main): Ditto. -- The supervised thing causes more trouble than it pretends to solve.
* gpgtar: New option --with-logWerner Koch2022-03-221-0/+5
| | | | | | | | | | * tools/gpgtar.c: New option --with-log. * tools/gpgtar.h (opt): Add field with_log. * tools/gpgtar-extract.c (gpgtar_extract): Move directory string building up. Add option --log-file if needed. * tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it is used outside of its scope. * tools/gpgtar-list.c (gpgtar_list): Ditto.
* gpgtar: Finally use a pipe for decryption.Werner Koch2022-03-211-0/+25
| | | | | | | | | | | | | | | | * tools/gpgtar.h (opt): Add new flags. * tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and --require-compliance. (main): Init signals. * tools/gpgtar-create.c: Add new header files. (gpgtar_create): Rework to use a pipe for encryption and signing. * tools/gpgtar-list.c: Add new header files. (gpgtar_list): Rework to use a pipe for decryption. * tools/gpgtar-extract.c: Add new header files. (gpgtar_extract): Rework to use a pipe for decryption. -- Fixes-commit: 40dbee86f3043aff8a8c2055521e270318e33068
* gpgsm: New option --require-complianceWerner Koch2022-03-081-0/+11
| | | | | | | | | | | | * sm/gpgsm.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * sm/gpgsm.h (opt): Add field require_compliance. (gpgsm_errors_seen): Declare. * sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant. * sm/encrypt.c (gpgsm_encrypt): Ditto. * sm/decrypt.c (gpgsm_decrypt): Ditto. --
* gpg: New option --require-compliance.Werner Koch2022-03-081-0/+11
| | | | | | | | | | | | | | * g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
* agent: New flag "qual" for the trustlist.txt.Werner Koch2022-02-271-0/+6
| | | | | | | | | | * agent/trustlist.c (struct trustitem_s): Add flag "qual". (read_one_trustfile): Rename arg "allow_include" to "systrust" and change callers. Parse new flag "qual". (istrusted_internal): Print all flags. * sm/call-agent.c (istrusted_status_cb): Detect the "qual" flag. * sm/gpgsm.h (struct rootca_flags_s): Add flag "qualified". * sm/certchain.c (do_validate_chain): Take care of the qualified flag.
* dirmngr: Support ECDSA for OCSP.Werner Koch2022-02-271-0/+2
| | | | | | | | | | | | * dirmngr/validate.c (pk_algo_from_sexp): Make public. Support ECC. * dirmngr/ocsp.c (check_signature): Remove hash preparation out to ... (check_signature_core): here. This changes the arg s_hash to md. Support ECDSA. -- The test was done with my qualified signature certificate from the Telesec and their responder http://tqrca1.ocsp.telesec.de/ocspr . See also libksba commit rK24992a4a7a61d93759e1dbd104b845903d4589bf
* sm: New option --ignore-cert-with-oid.Werner Koch2022-02-031-0/+10
| | | | | | | * sm/gpgsm.c (oIgnoreCertWithOID): New. (opts): Add option. (main): Store its value. * sm/call-agent.c (learn_cb): Test against that list.
* gpg: Allow --dearmor to decode all kinds of armor files.Werner Koch2022-01-281-0/+1
| | | | | | | | | | | * g10/filter.h (armor_filter_context_t): New fields dearmor_mode and dearmor_state. * g10/dearmor.c (dearmor_file): Set dearmor_mode. * g10/armor.c (is_armor_header): Magic to switch to generic dearmor mode. (parse_header_line): Treat non OpenPGP armor in a special way. (check_input): Ditto. (radix64_read): Detect non OpenPGP armor END lines.
* gpgsm: Retire the new --ldapserver.Werner Koch2022-01-271-9/+7
| | | | | | | | | | | * sm/gpgsm.c (oKeyServer_deprecated): New. (opts): Assign "ldapserver" to the new option and mark it as obsolete. -- We want to use "ldapserver" in dirmngr but need to keep using "keyserver" in gpgsm for existant versions of Kleopatra etc. GnuPG-bug-id: 5801
* doc: Add comments on the legacy status of gpgconf.conf.Werner Koch2022-01-252-8/+19
| | | | --
* doc: Minor typo fixesWerner Koch2022-01-241-2/+2
| | | | --
* gpgconf: Add command aliases -L -K -R.Werner Koch2022-01-121-1/+3
| | | | | | | * tools/gpgconf.c (enum cmd_and_opt_values): Assign shortcuts. -- I have to type them to often ;-)
* gpg: Request keygrip of key to add via command interfaceIngo Klöcker2022-01-111-0/+9
| | | | | | | | | | | * g10/keygen.c (ask_algo): Request keygrip via cpr_get. * doc/help.txt (gpg.keygen.keygrip): New help text. -- This change makes it possible to add an existing (sub)key to another key via the status/command interface. GnuPG-bug-id: 5771
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 23:43:45 +0100