[git] GnuPG - branch, master, updated. gnupg-2.1.2-25-g7b5b52f
by Werner Koch
cvs at cvs.gnupg.org
Tue Mar 10 15:43:41 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 7b5b52f3268b093eebbac3f199fb69bf246d9cd1 (commit)
via 14af2be022ccaf826db048fc16959d0222ff1134 (commit)
from bb5a1b7c738d74d5b46340ec7b50000a2d343ca9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7b5b52f3268b093eebbac3f199fb69bf246d9cd1
Author: Werner Koch <wk at gnupg.org>
Date: Tue Mar 10 13:44:40 2015 +0100
gpg: Change --print-pka-records into an option.
* g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not
use it as a command.
* g10/keylist.c (list_keyblock): List PKA rceords also for secret
keys.
--
An option allows to use it more flexible. For example to select only
secret keys.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/gpg.texi b/doc/gpg.texi
index a326233..11d8919 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2114,6 +2114,13 @@ as it is easily machine parsed. The details of this format are
documented in the file @file{doc/DETAILS}, which is included in the GnuPG
source distribution.
+
+ at item --print-pka-records
+ at opindex print-pka-records
+Modify the output of the list commands to print PKA records suitable
+to put into DNS zone files. An ORIGIN line is printed before each
+record to allow diverting the records to the corresponding zone file.
+
@item --fixed-list-mode
@opindex fixed-list-mode
Do not merge primary user ID and primary key in @option{--with-colon}
diff --git a/g10/gpg.c b/g10/gpg.c
index deb3966..eb75409 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -132,7 +132,6 @@ enum cmd_and_opt_values
aSendKeys,
aRecvKeys,
aLocateKeys,
- aPrintPKARecords,
aSearchKeys,
aRefreshKeys,
aFetchKeys,
@@ -383,6 +382,7 @@ enum cmd_and_opt_values
oAllowWeakDigestAlgos,
oFakedSystemTime,
oNoAutostart,
+ oPrintPKARecords,
oNoop
};
@@ -409,7 +409,6 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aCheckKeys, "check-sigs",N_("list and check key signatures")),
ARGPARSE_c (oFingerprint, "fingerprint", N_("list keys and fingerprints")),
ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
- ARGPARSE_c (aPrintPKARecords, "print-pka-records", "@"),
ARGPARSE_c (aKeygen, "gen-key",
N_("generate a new key pair")),
ARGPARSE_c (aQuickKeygen, "quick-gen-key" ,
@@ -712,6 +711,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oFixedListMode, "fixed-list-mode", "@"),
ARGPARSE_s_n (oLegacyListMode, "legacy-list-mode", "@"),
ARGPARSE_s_n (oListOnly, "list-only", "@"),
+ ARGPARSE_s_n (oPrintPKARecords, "print-pka-records", "@"),
ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
ARGPARSE_s_n (oIgnoreValidFrom, "ignore-valid-from", "@"),
ARGPARSE_s_n (oIgnoreCrcError, "ignore-crc-error", "@"),
@@ -2329,11 +2329,6 @@ main (int argc, char **argv)
set_cmd (&cmd, pargs.r_opt);
break;
- case aPrintPKARecords:
- set_cmd (&cmd, pargs.r_opt);
- opt.print_pka_records = 1;
- break;
-
case aKeygen:
case aFullKeygen:
case aEditKey:
@@ -2974,6 +2969,7 @@ main (int argc, char **argv)
case oFastListMode: opt.fast_list_mode = 1; break;
case oFixedListMode: /* Dummy */ break;
case oLegacyListMode: opt.legacy_list_mode = 1; break;
+ case oPrintPKARecords: opt.print_pka_records = 1; break;
case oListOnly: opt.list_only=1; break;
case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
case oIgnoreValidFrom: opt.ignore_valid_from = 1; break;
@@ -3879,13 +3875,6 @@ main (int argc, char **argv)
public_key_list (ctrl, sl, 1);
free_strlist (sl);
break;
- case aPrintPKARecords:
- sl = NULL;
- for (; argc; argc--, argv++)
- add_to_strlist2( &sl, *argv, utf8_strings );
- public_key_list (ctrl, sl, 0);
- free_strlist (sl);
- break;
case aQuickKeygen:
if (argc != 1 )
diff --git a/g10/keylist.c b/g10/keylist.c
index 7f13d8b..03b9bbb 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1647,10 +1647,7 @@ list_keyblock (KBNODE keyblock, int secret, int has_secret, int fpr,
{
reorder_keyblock (keyblock);
if (opt.print_pka_records)
- {
- if (!secret)
- list_keyblock_pka (keyblock);
- }
+ list_keyblock_pka (keyblock);
else if (opt.with_colons)
list_keyblock_colon (keyblock, secret, has_secret, fpr);
else
commit 14af2be022ccaf826db048fc16959d0222ff1134
Author: Werner Koch <wk at gnupg.org>
Date: Tue Mar 10 15:26:02 2015 +0100
gpg: Add --list-gcrypt-config and "curve" item for --list-config.
* common/openpgp-oid.c (curve_supported_p): New.
(openpgp_enum_curves): New.
* common/t-openpgp-oid.c (test_openpgp_enum_curves): New.
(main): Add option --verbose.
* g10/gpg.c (opts): Add --list-gcrypt-config.
(list_config): Add items "curve" and "curveoid". Remove unused code.
--
GnuPG-bug-id: 1917
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c
index a0e5566..ccb67bb 100644
--- a/common/openpgp-oid.c
+++ b/common/openpgp-oid.c
@@ -347,3 +347,41 @@ openpgp_oid_to_curve (const char *oidstr)
return "?";
}
+
+
+/* Return true if the curve with NAME is supported. */
+static int
+curve_supported_p (const char *name)
+{
+ int result = 0;
+ gcry_sexp_t keyparms;
+
+ if (!gcry_sexp_build (&keyparms, NULL, "(public-key(ecc(curve %s)))", name))
+ {
+ result = !!gcry_pk_get_curve (keyparms, 0, NULL);
+ gcry_sexp_release (keyparms);
+ }
+ return result;
+}
+
+
+/* Enumerate available and supported OpenPGP curves. The caller needs
+ to set the integer variable at ITERP to zero and keep on calling
+ this fucntion until NULL is returned. */
+const char *
+openpgp_enum_curves (int *iterp)
+{
+ int idx = *iterp;
+
+ while (idx >= 0 && idx < DIM (oidtable) && oidtable[idx].name)
+ {
+ if (curve_supported_p (oidtable[idx].name))
+ {
+ *iterp = idx + 1;
+ return oidtable[idx].alias? oidtable[idx].alias : oidtable[idx].name;
+ }
+ idx++;
+ }
+ *iterp = idx;
+ return NULL;
+}
diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c
index 5cd778d..afb6ebe 100644
--- a/common/t-openpgp-oid.c
+++ b/common/t-openpgp-oid.c
@@ -35,6 +35,10 @@
#define BADOID "1.3.6.1.4.1.11591.2.12242973"
+static int verbose;
+
+
+
static void
test_openpgp_oid_from_str (void)
{
@@ -184,15 +188,51 @@ test_openpgp_oid_is_ed25519 (void)
}
+static void
+test_openpgp_enum_curves (void)
+{
+ int iter = 0;
+ const char *name;
+ int p256 = 0;
+ int p384 = 0;
+ int p521 = 0;
+
+ while ((name = openpgp_enum_curves (&iter)))
+ {
+ if (verbose)
+ printf ("curve: %s\n", name);
+ if (!strcmp (name, "nistp256"))
+ p256++;
+ else if (!strcmp (name, "nistp384"))
+ p384++;
+ else if (!strcmp (name, "nistp521"))
+ p521++;
+ }
+
+ if (p256 != 1 || p384 != 1 || p521 != 1)
+ {
+ /* We can only check the basic RFC-6637 requirements. */
+ fputs ("standard ECC curve missing\n", stderr);
+ exit (1);
+ }
+}
+
+
int
main (int argc, char **argv)
{
- (void)argc;
- (void)argv;
+ if (argc)
+ { argc--; argv++; }
+ if (argc && !strcmp (argv[0], "--verbose"))
+ {
+ verbose = 1;
+ argc--; argv++;
+ }
test_openpgp_oid_from_str ();
test_openpgp_oid_to_str ();
test_openpgp_oid_is_ed25519 ();
+ test_openpgp_enum_curves ();
return 0;
}
diff --git a/common/util.h b/common/util.h
index 9103e09..0a54718 100644
--- a/common/util.h
+++ b/common/util.h
@@ -224,6 +224,7 @@ char *openpgp_oid_to_str (gcry_mpi_t a);
int openpgp_oid_is_ed25519 (gcry_mpi_t a);
const char *openpgp_curve_to_oid (const char *name, unsigned int *r_nbits);
const char *openpgp_oid_to_curve (const char *oid);
+const char *openpgp_enum_curves (int *idxp);
diff --git a/doc/DETAILS b/doc/DETAILS
index dcc877a..4b82497 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -287,19 +287,22 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
semicolons. The algorithm numbers are as specified in
RFC-4880. Note that in contrast to the --status-fd
interface these are _not_ the Libgcrypt identifiers.
+ Using =pubkeyname= prints names instead of numbers.
: cfg:pubkey:1;2;3;16;17
- cipher :: The third field contains the symmetric ciphers this
version of GnuPG supports, separated by semicolons.
The cipher numbers are as specified in RFC-4880.
+ Using =ciphername= prints names instead of numbers.
: cfg:cipher:2;3;4;7;8;9;10
- digest :: The third field contains the digest (hash) algorithms
this version of GnuPG supports, separated by
semicolons. The digest numbers are as specified in
- RFC-4880.
+ RFC-4880. Using =digestname= prints names instead of
+ numbers.
: cfg:digest:1;2;3;8;9;10
@@ -319,6 +322,12 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
would result in:
: cfg:group:mynames:patti;joe;0x12345678;paige
+ - curve :: The third field contains the curve names this version
+ of GnuPG supports, separated by semicolons. Using
+ =curveoid= prints OIDs instead of numbers.
+
+ : cfg:curve:ed25519;nistp256;nistp384;nistp521
+
* Format of the --status-fd output
diff --git a/doc/gpg.texi b/doc/gpg.texi
index b90f487..a326233 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2945,6 +2945,10 @@ source distribution for the details of which configuration items may be
listed. @option{--list-config} is only usable with
@option{--with-colons} set.
+ at item --list-gcrypt-config
+ at opindex list-gcrypt-config
+Display various internal configuration parameters of Libgcrypt.
+
@item --gpgconf-list
@opindex gpgconf-list
This command is similar to @option{--list-config} but in general only
diff --git a/g10/gpg.c b/g10/gpg.c
index ea331d6..deb3966 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -116,6 +116,7 @@ enum cmd_and_opt_values
aQuickSignKey,
aQuickLSignKey,
aListConfig,
+ aListGcryptConfig,
aGPGConfList,
aGPGConfTest,
aListPackets,
@@ -449,6 +450,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aChangePIN, "change-pin", N_("change a card's PIN")),
#endif
ARGPARSE_c (aListConfig, "list-config", "@"),
+ ARGPARSE_c (aListGcryptConfig, "list-gcrypt-config", "@"),
ARGPARSE_c (aGPGConfList, "gpgconf-list", "@" ),
ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@" ),
ARGPARSE_c (aListPackets, "list-packets","@"),
@@ -1578,8 +1580,11 @@ print_algo_names(int (*checker)(int),const char *(*mapper)(int))
static void
list_config(char *items)
{
- int show_all=(items==NULL);
- char *name=NULL;
+ int show_all = !items;
+ char *name = NULL;
+ const char *s;
+ struct groupitem *giter;
+ int first, iter;
if(!opt.with_colons)
return;
@@ -1590,18 +1595,16 @@ list_config(char *items)
if(show_all || ascii_strcasecmp(name,"group")==0)
{
- struct groupitem *iter;
-
- for(iter=opt.grouplist;iter;iter=iter->next)
+ for (giter = opt.grouplist; giter; giter = giter->next)
{
strlist_t sl;
es_fprintf (es_stdout, "cfg:group:");
- es_write_sanitized (es_stdout, iter->name, strlen(iter->name),
+ es_write_sanitized (es_stdout, giter->name, strlen(giter->name),
":", NULL);
es_putc (':', es_stdout);
- for(sl=iter->values;sl;sl=sl->next)
+ for(sl=giter->values; sl; sl=sl->next)
{
es_write_sanitized (es_stdout, sl->d, strlen (sl->d),
":;", NULL);
@@ -1686,20 +1689,31 @@ list_config(char *items)
any=1;
}
- if(show_all || ascii_strcasecmp(name,"ccid-reader-id")==0)
+ if (show_all || !ascii_strcasecmp(name,"ccid-reader-id"))
{
-#if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB) \
- && GNUPG_MAJOR_VERSION == 1
+ /* We ignore this for GnuPG 1.4 backward compatibility. */
+ any=1;
+ }
- char *p, *p2, *list = ccid_get_reader_list ();
+ if (show_all || !ascii_strcasecmp (name,"curve"))
+ {
+ es_printf ("cfg:curve:");
+ for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first=0)
+ es_printf ("%s%s", first?"":";", s);
+ es_printf ("\n");
+ any=1;
+ }
- for (p=list; p && (p2 = strchr (p, '\n')); p = p2+1)
+ /* Curve OIDs are rarely useful and thus only printed if requested. */
+ if (name && !ascii_strcasecmp (name,"curveoid"))
+ {
+ es_printf ("cfg:curveoid:");
+ for (iter=0, first=1; (s = openpgp_enum_curves (&iter)); first = 0)
{
- *p2 = 0;
- es_printf ("cfg:ccid-reader-id:%s\n", p);
+ s = openpgp_curve_to_oid (s, NULL);
+ es_printf ("%s%s", first?"":";", s? s:"[?]");
}
- free (list);
-#endif
+ es_printf ("\n");
any=1;
}
@@ -2265,6 +2279,7 @@ main (int argc, char **argv)
{
case aCheckKeys:
case aListConfig:
+ case aListGcryptConfig:
case aGPGConfList:
case aGPGConfTest:
case aListPackets:
@@ -4222,6 +4237,13 @@ main (int argc, char **argv)
}
break;
+ case aListGcryptConfig:
+ /* Fixme: It would be nice to integrate that with
+ --list-config but unfortunately there is no way yet to have
+ libgcrypt print it to an estream for further parsing. */
+ gcry_control (GCRYCTL_PRINT_CONFIG, stdout);
+ break;
+
case aListPackets:
opt.list_packets=2;
default:
-----------------------------------------------------------------------
Summary of changes:
common/openpgp-oid.c | 38 +++++++++++++++++++++++++++
common/t-openpgp-oid.c | 44 +++++++++++++++++++++++++++++--
common/util.h | 1 +
doc/DETAILS | 11 +++++++-
doc/gpg.texi | 11 ++++++++
g10/gpg.c | 71 +++++++++++++++++++++++++++++---------------------
g10/keylist.c | 5 +---
7 files changed, 144 insertions(+), 37 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list