summaryrefslogtreecommitdiffstats
path: root/TODO
blob: 213cbb6d89bb2e6354855a0fe40b50764abd1138 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
                                                              -*- outline -*-

* src/base64
** Make parsing more robust
Currently we don't cope with overlong lines in the best way.

* sm/call-agent.c
** The protocol uses an incomplete S-expression
We should always use valid S-Exp and not just parts.
** Some code should go into import.c
** When we allow concurrent service request in gpgsm, we
might want to have an agent context for each service request
(i.e. Assuan context).

* sm/certreqgen.c
** Improve error reporting
** Do some basic checks on the supplied DNs

* sm/certchain.c
** When a certificate chain was sucessfully verified, make ephemeral certs used  in this chain permanent.
** figure out how to auto retrieve a key by serialno+issuer.
   Dirmngr is currently not able to parse more than the CN.

* sm/decrypt.c
** replace leading zero in integer hack by a cleaner solution

* sm/sign.c
** Don't hardcode the use of RSA.

* sm/gpgsm.c
** Support --output
** mark all unimplemented commands and options.

* sm/keydb.c
** Check file permissions
** Write a keybox header and check for that magic value.
** Check that all error code mapping is done.
** Remove the inter-module dependencies between gpgsm and keybox


* agent/command.c
** Make sure that secure memory is used where appropriate

* agent/pkdecrypt.c, agent/pksign.c
** Don't use stdio to return results.

* agent/protect-tool.c
** Export and import certificates along with the secret key.
** Make it more comfortable; i.e. copy files to the correct place.

* Move pkcs-1 encoding into libgcrypt.

* Use a MAC to protect some files.

* sm/export.c
** Return an error code or a status info per user ID.