Imported Upstream version 2.2.12upstream/2.2.12

author: DongHun Kwak <dh0128.kwak@samsung.com> 2021-02-09 16:00:41 +0900
committer: DongHun Kwak <dh0128.kwak@samsung.com> 2021-02-09 16:00:41 +0900
commit: 0b02a3fcea1ca6f54c1148c08e983b0de24af8bf (patch)
tree: 649661be9166cd92b13298ba2aece8a7d99721eb /g10
parent: d91af91dcdf2dd7a0198747a2b4aa864ff288851 (diff)
download: gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.gz
gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.bz2
gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.zip
9 files changed, 99 insertions, 14 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c
index 6ee82a5..4630506 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -704,6 +704,10 @@ learn_status_cb (void *opaque, const char *line)
       xfree (parm->private_do[no]);
       parm->private_do[no] = unescape_status_string (line);
     }
+  else if (keywordlen == 3 && !memcmp (keyword, "KDF", 3))
+    {
+      parm->kdf_do_enabled = 1;
+    }
 
   return 0;
 }
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 7314ae8..d7f102c 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -71,6 +71,7 @@ struct agent_card_info_s
     unsigned int kdf:1;    /* KDF object to support PIN hashing available.  */
   } extcap;
   unsigned int status_indicator;
+  int kdf_do_enabled;      /* Card has a KDF object */
 };
 
 
@@ -192,14 +193,14 @@ gpg_error_t agent_keywrap_key (ctrl_t ctrl, int forexport,
 gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc,
                               char **cache_nonce_addr, const void *key,
                               size_t keylen, int unattended, int force,
-			      u32 *keyid, u32 *mainkeyid, int pubkey_algo);
+                              u32 *keyid, u32 *mainkeyid, int pubkey_algo);
 
 /* Receive a key from the agent.  */
 gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip,
                               const char *desc, int openpgp_protected,
                               char **cache_nonce_addr,
                               unsigned char **r_result, size_t *r_resultlen,
-			      u32 *keyid, u32 *mainkeyid, int pubkey_algo);
+                              u32 *keyid, u32 *mainkeyid, int pubkey_algo);
 
 /* Delete a key from the agent.  */
 gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip,
diff --git a/g10/card-util.c b/g10/card-util.c
index 52a09b5..13c2445 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -509,6 +509,10 @@ current_card_status (ctrl_t ctrl, estream_t fp,
       es_fprintf (fp, "pinretry:%d:%d:%d:\n",
                   info.chvretry[0], info.chvretry[1], info.chvretry[2]);
       es_fprintf (fp, "sigcount:%lu:::\n", info.sig_counter);
+      if (info.extcap.kdf)
+        {
+          es_fprintf (fp, "kdf:%s:\n", info.kdf_do_enabled ? "on" : "off");
+        }
 
       for (i=0; i < 4; i++)
         {
@@ -612,6 +616,11 @@ current_card_status (ctrl_t ctrl, estream_t fp,
       tty_fprintf (fp,    "PIN retry counter : %d %d %d\n",
                    info.chvretry[0], info.chvretry[1], info.chvretry[2]);
       tty_fprintf (fp,    "Signature counter : %lu\n", info.sig_counter);
+      if (info.extcap.kdf)
+        {
+          tty_fprintf (fp, "KDF setting ......: %s\n",
+                       info.kdf_do_enabled ? "on" : "off");
+        }
       tty_fprintf (fp, "Signature key ....:");
       print_sha1_fpr (fp, info.fpr1valid? info.fpr1:NULL);
       if (info.fpr1valid && info.fpr1time)
@@ -667,7 +676,7 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
 {
   int err;
   strlist_t card_list, sl;
-  char *serialno0;
+  char *serialno0, *serialno1;
   int all_cards = 0;
 
   if (serialno == NULL)
@@ -693,8 +702,6 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
 
   for (sl = card_list; sl; sl = sl->next)
     {
-      char *serialno1;
-
       if (!all_cards && strcmp (serialno, sl->d))
         continue;
 
@@ -715,7 +722,8 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
     }
 
   /* Select the original card again.  */
-  err = agent_scd_serialno (&serialno0, serialno0);
+  err = agent_scd_serialno (&serialno1, serialno0);
+  xfree (serialno1);
 
  leave:
   xfree (serialno0);
diff --git a/g10/gpg.c b/g10/gpg.c
index e18eefe..0e98c1a 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -1972,6 +1972,8 @@ parse_list_options(char *str)
        N_("show expiration dates during signature listings")},
       {"show-sig-subpackets",LIST_SHOW_SIG_SUBPACKETS,NULL,
        NULL},
+      {"show-only-fpr-mbox",LIST_SHOW_ONLY_FPR_MBOX, NULL,
+       NULL},
       {NULL,0,NULL,NULL}
     };
 
@@ -3487,7 +3489,7 @@ main (int argc, char **argv)
 	  case oAutoKeyLocate:
             if (default_akl)
               {
-                /* This is the first time --aito-key-locate is seen.
+                /* This is the first time --auto-key-locate is seen.
                  * We need to reset the default akl.  */
                 default_akl = 0;
                 release_akl();
diff --git a/g10/keyid.c b/g10/keyid.c
index ba35ec2..5b868cd 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -941,7 +941,12 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
 
   if (!gcry_pk_get_keygrip (s_pkey, array))
     {
-      log_info ("error computing keygrip\n");
+      char *hexfpr;
+
+      hexfpr = hexfingerprint (pk, NULL, 0);
+      log_info ("error computing keygrip (fpr=%s)\n", hexfpr);
+      xfree (hexfpr);
+
       memset (array, 0, 20);
       err = gpg_error (GPG_ERR_GENERAL);
     }
diff --git a/g10/keylist.c b/g10/keylist.c
index 7942558..66b03bb 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -211,7 +211,7 @@ print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk)
   else
     p = get_user_id_native (ctrl, keyid);
 
-  if (fp)
+  if (!fp)
     tty_printf ("\n");
   tty_fprintf (fp, "%s  %s/%s %s %s\n",
                pk->flags.primary? "pub":"sub",
@@ -540,7 +540,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
         ; /* Secret key listing requested but this isn't one.  */
       else
         {
-          if (!opt.with_colons)
+          if (!opt.with_colons && !(opt.list_options & LIST_SHOW_ONLY_FPR_MBOX))
             {
               resname = keydb_get_resource_name (hd);
               if (lastresname != resname)
@@ -1217,6 +1217,57 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
   xfree (hexgrip);
 }
 
+
+/* Do a simple key listing printing only the fingerprint and the mail
+ * address of valid keys.  */
+static void
+list_keyblock_simple (ctrl_t ctrl, kbnode_t keyblock)
+{
+  gpg_err_code_t ec;
+  kbnode_t kbctx;
+  kbnode_t node;
+  char hexfpr[2*MAX_FINGERPRINT_LEN+1];
+  char *mbox;
+
+  (void)ctrl;
+
+  node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
+  if (!node)
+    {
+      log_error ("Oops; key lost!\n");
+      dump_kbnode (keyblock);
+      return;
+    }
+  hexfingerprint (node->pkt->pkt.public_key, hexfpr, sizeof hexfpr);
+
+  for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
+    {
+      if (node->pkt->pkttype == PKT_USER_ID)
+	{
+	  PKT_user_id *uid = node->pkt->pkt.user_id;
+
+	  if (uid->attrib_data)
+	    continue;
+
+	  if (uid->flags.expired || uid->flags.revoked)
+            continue;
+
+          mbox = mailbox_from_userid (uid->name);
+          if (!mbox)
+            {
+              ec = gpg_err_code_from_syserror ();
+              if (ec != GPG_ERR_EINVAL)
+                log_error ("error getting mailbox from user-id: %s\n",
+                           gpg_strerror (ec));
+              continue;
+            }
+          es_fprintf (es_stdout, "%s %s\n", hexfpr, mbox);
+          xfree (mbox);
+	}
+    }
+}
+
+
 void
 print_revokers (estream_t fp, PKT_public_key * pk)
 {
@@ -1767,6 +1818,12 @@ list_keyblock (ctrl_t ctrl,
 
   if (opt.with_colons)
     list_keyblock_colon (ctrl, keyblock, secret, has_secret);
+  else if ((opt.list_options & LIST_SHOW_ONLY_FPR_MBOX))
+    {
+      if (!listctx->no_validity)
+        check_trustdb_stale (ctrl);
+      list_keyblock_simple (ctrl, keyblock);
+    }
   else
     list_keyblock_print (ctrl, keyblock, secret, fpr, listctx);
 
diff --git a/g10/keyserver.c b/g10/keyserver.c
index a8c222d..8509d83 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1528,7 +1528,7 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens)
 
   err = gpg_dirmngr_ks_search (ctrl, searchstr, search_line_handler, &parm);
 
-  if (parm.not_found)
+  if (parm.not_found || gpg_err_code (err) == GPG_ERR_NO_DATA)
     {
       if (parm.searchstr_disp)
         log_info (_("key \"%s\" not found on keyserver\n"),
@@ -1539,6 +1539,8 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens)
 
   if (gpg_err_code (err) == GPG_ERR_NO_KEYSERVER)
     log_error (_("no keyserver known (use option --keyserver)\n"));
+  else if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+    err = gpg_error (GPG_ERR_NOT_FOUND);
   else if (err)
     log_error ("error searching keyserver: %s\n", gpg_strerror (err));
 
diff --git a/g10/mainproc.c b/g10/mainproc.c
index f4e3db6..a0ec2e9 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -799,7 +799,10 @@ proc_plaintext( CTX c, PACKET *pkt )
           /* The onepass signature case. */
           if (n->pkt->pkt.onepass_sig->digest_algo)
             {
-              gcry_md_enable (c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo);
+              if (!opt.skip_verify)
+                gcry_md_enable (c->mfx.md,
+                                n->pkt->pkt.onepass_sig->digest_algo);
+
               any = 1;
             }
         }
@@ -817,7 +820,8 @@ proc_plaintext( CTX c, PACKET *pkt )
            * documents.  */
           clearsig = (*data == 0x01);
           for (data++, datalen--; datalen; datalen--, data++)
-            gcry_md_enable (c->mfx.md, *data);
+            if (!opt.skip_verify)
+              gcry_md_enable (c->mfx.md, *data);
           any = 1;
           break;  /* Stop here as one-pass signature packets are not
                      expected.  */
@@ -825,7 +829,8 @@ proc_plaintext( CTX c, PACKET *pkt )
       else if (n->pkt->pkttype == PKT_SIGNATURE)
         {
           /* The SIG+LITERAL case that PGP used to use.  */
-          gcry_md_enable ( c->mfx.md, n->pkt->pkt.signature->digest_algo );
+          if (!opt.skip_verify)
+            gcry_md_enable (c->mfx.md, n->pkt->pkt.signature->digest_algo);
           any = 1;
         }
     }
diff --git a/g10/options.h b/g10/options.h
index 6c67265..782c0cb 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -378,6 +378,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 #define LIST_SHOW_SIG_EXPIRE             (1<<9)
 #define LIST_SHOW_SIG_SUBPACKETS         (1<<10)
 #define LIST_SHOW_USAGE                  (1<<11)
+#define LIST_SHOW_ONLY_FPR_MBOX          (1<<12)
 
 #define VERIFY_SHOW_PHOTOS               (1<<0)
 #define VERIFY_SHOW_POLICY_URLS          (1<<1)
author	DongHun Kwak <dh0128.kwak@samsung.com>	2021-02-09 16:00:41 +0900
committer	DongHun Kwak <dh0128.kwak@samsung.com>	2021-02-09 16:00:41 +0900
commit	0b02a3fcea1ca6f54c1148c08e983b0de24af8bf (patch)
tree	649661be9166cd92b13298ba2aece8a7d99721eb /g10
parent	d91af91dcdf2dd7a0198747a2b4aa864ff288851 (diff)
download	gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.gz gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.bz2 gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.zip