summaryrefslogtreecommitdiffstats
path: root/g10/seskey.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* gpg: Do not abort on certain invalid packets.Werner Koch2016-06-021-3/+6
| | | | | | | | | | | | | | | * g10/build-packet.c (write_fake_data): Check for non-opaque data. * g10/seskey.c (do_encode_md): Return NULL instead of abort. -- The first may happen if the usage flags of an algorithm do not match the allowed usage. When writing a backsig this would lead to a log_bug in libgcrypt due to the use of a regular MPI as opaque data. The second may happen with all kind of invalid data. It is easy to avoid an abort, though. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Remove debug output accidently introduced with 027c4e5.Werner Koch2016-05-211-3/+0
| | | | | | | -- Fixes-commit: 027c4e55522b8e18711a3331932a9869ab89ca26 Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Pass CTRL object down to the trust functionsWerner Koch2016-05-211-0/+3
| | | | Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Remove all assert.h and s/assert/log_assert/.Werner Koch2016-04-291-9/+8
| | | | Signed-off-by: Werner Koch <wk@gnupg.org>
* Put asterisks in front of two function descriptions.Werner Koch2016-02-141-9/+9
| | | | | | | -- This helps visual impaired hackers to easier read comments and also helps use when looking at a printout.
* gpg: Improve API documentation.Neal H. Walfield2016-02-141-11/+17
| | | | | | | | | | * g10/seskey.c (make_session_key): Improve documentation. (encode_session_key): Improve documentation. * g10/encrypt.c (encrypt_seskey): Remove gratuitous initialization. * g10/dek.h (DEK): Improve documenation. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
* gpg: Rename a debug macro.Werner Koch2015-04-061-2/+2
| | | | | * g10/options.h (DBG_CIPHER_VALUE): Rename to DBG_CRYPTO_VALUE. (DBG_CIPHER): Rename to DBG_CRYPTO.
* gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.Werner Koch2014-01-301-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a string. * g10/keygen.c (check_keygrip): Adjust for change. * sm/certreqgen-ui.c (check_keygrip): Likewise. * agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry. * g10/misc.c (map_pk_openpgp_to_gcry): Remove. (openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2. (openpgp_pk_test_algo2): Rewrite. (openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA. (openpgp_pk_algo_name): Rewrite to remove need for gcry calls. (pubkey_get_npkey, pubkey_get_nskey): Ditto. (pubkey_get_nsig, pubkey_get_nenc): Ditto. * g10/keygen.c(do_create_from_keygrip): Support EdDSA. (common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto. * g10/build-packet.c (do_key): Ditto. * g10/export.c (transfer_format_to_openpgp): Ditto. * g10/getkey.c (cache_public_key): Ditto. * g10/import.c (transfer_secret_keys): Ditto. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto. * g10/mainproc.c (proc_pubkey_enc): Ditto. * g10/parse-packet.c (parse_key): Ditto, * g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto. * g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name. * g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only OpenPGP algo ids and support EdDSA. * g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids. * g10/seskey.c (encode_md_value): Ditto. -- This patch separates Libgcrypt and OpenPGP public key algorithms ids and in most cases completely removes the Libgcrypt ones. This is useful because for Libgcrypt we specify the algorithm in the S-expressions and the public key ids are not anymore needed. This patch also adds some support for PUBKEY_ALGO_EDDSA which will eventually be used instead of merging EdDSA with ECDSA. As of now an experimental algorithm id is used but the plan is to write an I-D so that we can get a new id from the IETF. Note that EdDSA (Ed25519) does not yet work and that more changes are required. The ECC support is still broken right now. Needs to be fixed. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Remove cipher.h and put algo ids into a common file.Werner Koch2014-01-291-1/+0
| | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (cipher_algo_t, pubkey_algo_t, digest_algo_t) (compress_algo_t): New. * agent/gpg-agent.c: Remove ../g10/cipher.h. Add openpgpdefs.h. * g10/cipher.h (DEK): Move to ... * g10/dek.h: new file. * g10/cipher.h (is_RSA, is_ELGAMAL, is_DSA) (PUBKEY_MAX_NPKEY, PUBKEY_MAX_NSKEY, PUBKEY_MAX_NSIG, PUBKEY_MAX_NENC) (PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC, PUBKEY_USAGE_CERT) (PUBKEY_USAGE_AUTH, PUBKEY_USAGE_NONE): Move to * g10/packet.h: here. * g10/cipher.h: Remove. Remove from all files. * g10/filter.h, g10/packet.h: Include dek.h. * g10/Makefile.am (common_source): Remove cipher.h. Add dek.h. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Rework ECC support and add experimental support for Ed25519.Werner Koch2013-11-151-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/findkey.c (key_parms_from_sexp): Add algo name "ecc". (agent_is_dsa_key): Ditto. (agent_is_eddsa_key): New. Not finished, though. * agent/pksign.c (do_encode_eddsa): New. (agent_pksign_do): Use gcry_log_debug functions. * agent/protect.c (agent_protect): Parse a flags parameter. * g10/keygen.c (gpg_curve_to_oid): Move to ... * common/openpgp-oid.c (openpgp_curve_to_oid): here and rename. (oid_ed25519): New. (openpgp_oid_is_ed25519): New. (openpgp_oid_to_curve): New. * common/t-openpgp-oid.c (test_openpgp_oid_is_ed25519): New. * g10/build-packet.c (gpg_mpi_write): Write the length header also for opaque MPIs. (gpg_mpi_write_nohdr): New. (do_key): Use gpg_mpi_write_nohdr depending on algorithm. (do_pubkey_enc): Ditto. * g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Use gpg_mpi_write_nohdr. * g10/export.c (transfer_format_to_openpgp): * g10/keygen.c (ecckey_from_sexp): Return the error. (gen_ecc): Repalce arg NBITS by CURVE. (read_parameter_file): Add keywords "Key-Curve" and "Subkey-Curve". (ask_curve): New. (generate_keypair, generate_subkeypair): Use ask_curve. (do_generate_keypair): Also pass curve name. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Print curve name. * g10/parse-packet.c (mpi_read): Remove workaround for Libcgrypt < 1.5. (parse_key): Fix ECC case. Print the curve name. * g10/pkglue.c (mpi_from_sexp): Rename to get_mpi_from_sexp. (pk_verify, pk_check_secret_key): Add special case for Ed25519. * g10/seskey.c (encode_md_value): Ditto. * g10/sign.c (do_sign, hash_for, sign_file): Ditto. -- Be warned that this code is subject to further changes and that the format will very likely change before a release. There are also known bugs and missing code. Signed-off-by: Werner Koch <wk@gnupg.org>
* Fix typos spotted during translationsDavid Prévot2012-08-241-1/+1
| | | | | | | | | | | | | | | * agent/genkey.c: s/to to/to/ * sm/*.c: s/failed to allocated/failed to allocate/ * sm/certlist.c, ./dirmngr/validate.c: s/should have not/should not have/ * g10/seskey.c: missing closing parenthesis * dirmngr/crlcache.c: s/may has/may have/ Consistency fix: * g10/gpg.c, kbx/kbxutil.c, sm/gpgsm.c: uppercase after Syntax * dirmngr/dirmngr_ldap: no period in Syntax * dirmngr/dirmngr-client.c: infinitive for option description: s/certificates are expected/expect certificates/
* Fix size_t vs int issues.Marcus Brinkmann2011-06-011-1/+1
|
* Add ECC import regression tests and fixed a regression.Werner Koch2011-02-101-16/+12
| | | | | | The import test imports the keys as needed and because they are passphrase protected we now need a pinentry script to convey the passphrase to gpg-agent.
* Fix ECDSA 521 bit signing.Werner Koch2011-02-071-15/+14
| | | | | This fix also allows the creation and use of an 521 bit ECDH key which used to fail while creating the binding signature.
* Finished ECC integration.Werner Koch2011-02-031-14/+14
| | | | | | | | | | | | Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo the cleanups I did in the last week. Adjusted my own ChangeLog entries to be consistent with that entry. Nuked quite some trailing spaces; again sorry for that, I will better take care of not saving them in the future. "git diff -b" is useful to read the actual changes ;-). The ECC-INTEGRATION-2-1 branch can be closed now.
* Truncate the DSA hash; fixes regression.Werner Koch2011-01-211-4/+6
| | | | Removed left over debug code.
* Editorial changes and allow building with old libgcrypts.Werner Koch2011-01-211-127/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changed order of some conditional to make to put the special case into the true branch. Indentation changes. Minor other changes to make the ECC code more similar to the rest of our code. It builds but many sefltests still fail. Need to fix that before using it with an ECDH enabled libgcrypt. [/] 2011-01-21 Werner Koch <wk@g10code.com> * configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP. (HAVE_GCRY_PK_ECDH): Add new test. [agent/] 2011-01-21 Werner Koch <wk@g10code.com> * cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New. [include/] 2011-01-21 Werner Koch <wk@g10code.com> * cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros because we now require libgcrypt 1.4.6. (GCRY_PK_ECDH): Add replacement.
* Fixed key generation with P-521. Confirmed that signature generation and ↵Andrey Jivsov2011-01-131-2/+2
| | | | verification work.
* Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .Andrey Jivsov2011-01-061-12/+57
| | | | | | | | | | The following works: gpg2 --gen-key (ECC) gpg2 --list-keys gpg2 --list-packets ~/.gnupg/pubring.gpg gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys> ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
* Generating an OpenPGP key cia gpg-agent basically works.Werner Koch2010-04-201-16/+14
|
* Add full Camellia support.David Shaw2009-06-051-6/+6
| | | | | | | | | | | | | | | | | | * configure.ac: Remove Camellia restriction. * gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia restriction. * misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_* functions, but pass the algorithm number through map_cipher_openpgp_to_gcry. This is needed in case the gcry algorithm number doesn't match the OpenPGP number (c.f. Camellia). * encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c, passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
* Remove hacks which are not anymore needed since we now require Libgcrypt 1.4Werner Koch2008-09-291-4/+2
|
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* No more warnings for AMD64 (at least when cross-compiling). Thus tehre is aWerner Koch2006-11-211-10/+10
| | | | | | | good chance that gpg2 will now work. Other cleanups. Updated gettext.
* bug fixesWerner Koch2006-10-051-1/+3
|
* A couple of fixes. gpg2's key generation does now work.Werner Koch2006-06-301-3/+2
|
* Merged with gpg 1.4.3 code. Werner Koch2006-04-191-76/+117
| | | | | The gpg part does not yet build.
* Adjusted for use with current libgcrypt (1.1.42).Werner Koch2003-07-281-3/+3
|
* * options.h (DBG_CIPHER): Reintroduced it.Werner Koch2003-07-031-2/+6
| | | | | | | | | | | | | | | | | | * seskey.c (encode_session_key): Debug output of the session key. * pubkey-enc.c (get_it): Handle card case. * call-agent.c (agent_scd_pkdecrypt): New. * pkglue.c (pk_encrypt): Add RSA support. * g10.c (main): Default to --use-agent. * keygen.c (show_smartcard): Print info about the public key. (check_smartcard): Check for existing key here. (gen_card_key): And not anymore here. (fpr_is_zero): New. (generate_keypair): Generate both keys for a card. (smartcard_change_url): Nw.
* * app-openpgp.c (store_fpr): Fixed fingerprint calculation.Werner Koch2003-07-011-2/+4
| | | | | | | | * keygen.c (gen_card_key): Obviously we should use the creation date received from SCDAEMON, so that the fingerprints will match. * sign.c (do_sign): Pass the serialno to the sign code. * keyid.c (serialno_and_fpr_from_sk): New.
* Key generation and signing using the OpenPGP card does rudimentary work.Werner Koch2003-06-271-0/+5
|
* Finished the bulk of changes for gnupg 1.9. This included switchingWerner Koch2003-06-181-65/+81
| | | | | | | | | | | to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
* Update head to match stable 1.0David Shaw2002-06-291-57/+47
|
* See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner KochWerner Koch2000-07-141-6/+14
|
* See ChangeLog: Mon Jan 31 16:37:34 CET 2000 Werner KochWerner Koch2000-01-311-1/+0
|
* See ChangeLog: Mon Jan 24 13:04:28 CET 2000 Werner KochWerner Koch2000-01-241-19/+18
|
* See ChangeLog: Wed Dec 8 21:58:32 CET 1999 Werner KochWerner Koch1999-12-081-11/+7
|
* See ChangeLog: Sat Nov 13 17:44:23 CET 1999 Werner KochWerner Koch1999-11-131-5/+5
|
* See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner KochWerner Koch1999-10-261-20/+41
|
* See ChangeLog: Wed Dec 23 13:34:22 CET 1998 Werner KochWerner Koch1998-12-231-3/+3
|
* .Werner Koch1998-09-181-0/+1
|
* New releaseWerner Koch1998-09-141-1/+19
|
* ready for a new releaseWerner Koch1998-08-081-0/+18
|
* chnages done at the trainWerner Koch1998-08-071-7/+5
|
* syncWerner Koch1998-07-141-0/+1
|
* extensions are now working and fixed a lot of bugsWerner Koch1998-06-151-4/+16
|
* new releaseV0-2-17Werner Koch1998-05-041-2/+2
|
* *** empty log message ***Werner Koch1998-04-301-14/+3
|
* applied Mathews typo and grammar fixesWerner Koch1998-04-141-3/+3
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 09:33:52 +0100