~ubuntu-branches/ubuntu/vivid/gnupg2/vivid-proposed

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2014-10-30 15:32:48 UTC
mfrom: (14.1.17 sid)
Revision ID: package-import@ubuntu.com-20141030153248-yzgwg8613ms7hrrz

Tags: 2.0.26-3ubuntu1

* Merge from Debian, remaining changes:
  - Drop sh prefix from openpgp test environment as it leads to exec
    invocations of sh /bin/bash leading to syntax errors from sh.  Fixes
    FTBFS detected in Ubuntu saucy archive rebuild.
  - Add udev rules to give gpg access to some smartcard readers;
    Debian #543217.
  - debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers.
  - Add upstart user job for gpg-agent.
  - debian/control: drop dirmngr to Suggests as it is in universe.

files added:
.pc/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch

.pc/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch/g10

.pc/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch/g10/gpg.c

.pc/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch/g10/main.h

.pc/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch/g10/misc.c

.pc/fix_751266.patch

.pc/fix_751266.patch/g10

.pc/fix_751266.patch/g10/trustdb.c

.pc/fix_760273.patch

.pc/fix_760273.patch/doc

.pc/fix_760273.patch/doc/gnupg.info-1

.pc/fix_760273.patch/doc/gpg.texi

debian/gbp.conf

debian/patches/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch

debian/patches/fix_751266.patch

debian/patches/fix_760273.patch

debian/source/lintian-overrides

files modified:
.pc/01-gnupg2-rename.diff/configure.ac

.pc/applied-patches

ChangeLog

NEWS

VERSION

agent/protect-tool.c

common/estream-printf.c

configure

configure.ac

debian/changelog

debian/control

debian/copyright

debian/gnupg-agent.install

debian/gnupg2.install

debian/gpgv2.install

debian/patches/series

debian/rules

debian/scdaemon.install

doc/Makefile.am

doc/Makefile.in

doc/gnupg-card-architecture.eps

doc/gnupg-card-architecture.pdf

doc/gnupg.info

doc/gnupg.info-1

doc/gnupg.info-2

doc/gpg.texi

doc/stamp-vti

doc/version.texi

g10/card-util.c

g10/gpg.c

g10/gpg.h

g10/import.c

g10/keygen.c

g10/keyserver.c

g10/main.h

g10/misc.c

g10/openfile.c

g10/parse-packet.c

g10/trustdb.c

jnlib/mischelp.h

po/be.gmo

po/be.po

po/ca.gmo

po/ca.po

po/cs.gmo

po/cs.po

po/da.gmo

po/da.po

po/de.gmo

po/de.po

po/el.gmo

po/el.po

po/en@boldquot.gmo

po/en@boldquot.po

po/en@quot.gmo

po/en@quot.po

po/eo.gmo

po/eo.po

po/es.gmo

po/es.po

po/et.gmo

po/et.po

po/fi.gmo

po/fi.po

po/fr.gmo

po/fr.po

po/gl.gmo

po/gl.po

po/gnupg2.pot

po/hu.gmo

po/hu.po

po/id.gmo

po/id.po

po/it.gmo

po/it.po

po/ja.gmo

po/ja.po

po/nb.gmo

po/nb.po

po/pl.gmo

po/pl.po

po/pt.gmo

po/pt.po

po/pt_BR.gmo

po/pt_BR.po

po/ro.gmo

po/ro.po

po/ru.gmo

po/ru.po

po/sk.gmo

po/sk.po

po/sv.gmo

po/sv.po

po/tr.gmo

po/tr.po

po/uk.gmo

po/uk.po

po/zh_CN.gmo

po/zh_CN.po

po/zh_TW.gmo

po/zh_TW.po

scd/ccid-driver.c

scd/pcsc-wrapper.c

sm/gpgsm.c

sm/gpgsm.h

sm/keydb.c

Show diffs side-by-side

added added

removed removed

agent/protect-tool.c

#include "estream.h"

enum cmd_and_opt_values

{

enum cmd_and_opt_values

{

aNull = 0,

oVerbose = 'v',

oArmor = 'a',

oProtect = 'p',

oUnprotect = 'u',

oNoVerbose = 500,

oShadow,

oShowShadowInfo,

oNoFailOnExist,

oHomedir,

oPrompt,

oStatusMsg,

oAgentProgram

};

struct rsa_secret_key_s

{

gcry_mpi_t n; /* public modulus */

gcry_mpi_t e; /* public exponent */

101

static char *opt_prompt;

102

static int opt_status_msg;

103

static const char *opt_p12_charset;

104

static const char *opt_agent_program;

104

static const char *opt_agent_program;

105

static session_env_t opt_session_env;

105

106

107

static char *get_passphrase (int promptno);

107

108

static void release_passphrase (char *pw);

117

118

ARGPARSE_c (oShadow, "shadow", "create a shadow entry for a public key"),

118

119

ARGPARSE_c (oShowShadowInfo, "show-shadow-info", "return the shadow info"),

119

120

ARGPARSE_c (oShowKeygrip, "show-keygrip", "show the \"keygrip\""),

120

ARGPARSE_c (oP12Import, "p12-import",

121

ARGPARSE_c (oP12Import, "p12-import",

121

122

"import a pkcs#12 encoded private key"),

122

123

ARGPARSE_c (oP12Export, "p12-export",

123

124

"export a private key pkcs#12 encoded"),

124

125

126

ARGPARSE_c (oS2Kcalibration, "s2k-calibration", "@"),

126

127

128

ARGPARSE_group (301, N_("@\nOptions:\n ")),

128

129

130

ARGPARSE_s_n (oVerbose, "verbose", "verbose"),

135

136

"|NAME|set charset for a new PKCS#12 passphrase to NAME"),

136

137

ARGPARSE_s_n (oHaveCert, "have-cert",

137

138

"certificate to export provided on STDIN"),

138

ARGPARSE_s_n (oStore, "store",

139

ARGPARSE_s_n (oStore, "store",

139

140

"store the created key in the appropriate place"),

140

ARGPARSE_s_n (oForce, "force",

141

ARGPARSE_s_n (oForce, "force",

141

142

"force overwriting"),

142

143

ARGPARSE_s_n (oNoFailOnExist, "no-fail-on-exist", "@"),

143

ARGPARSE_s_s (oHomedir, "homedir", "@"),

144

ARGPARSE_s_s (oPrompt, "prompt",

145

"|ESCSTRING|use ESCSTRING as prompt in pinentry"),

144

ARGPARSE_s_s (oHomedir, "homedir", "@"),

145

ARGPARSE_s_s (oPrompt, "prompt",

146

"|ESCSTRING|use ESCSTRING as prompt in pinentry"),

146

147

ARGPARSE_s_n (oStatusMsg, "enable-status-msg", "@"),

147

148

149

ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),

168

169

case 41: p = _("Syntax: gpg-protect-tool [options] [args]\n"

169

170

"Secret key maintenance tool\n");

170

171

break;

171

172

173

default: p = NULL;

173

174

}

174

175

return p;

249

250

FILE *fp;

250

251

char *buf;

251

252

size_t buflen;

252

253

254

if (!strcmp (fname, "-"))

254

255

{

255

256

size_t nread, bufsize = 0;

261

262

buf = NULL;

262

263

buflen = 0;

263

264

#define NCHUNK 8192

264

265

266

{

266

267

bufsize += NCHUNK;

267

268

if (!buf)

292

293

log_error ("can't open `%s': %s\n", fname, strerror (errno));

293

294

return NULL;

294

295

}

295

296

297

if (fstat (fileno(fp), &st))

297

298

{

298

299

log_error ("can't stat `%s': %s\n", fname, strerror (errno));

299

300

fclose (fp);

300

301

return NULL;

301

302

}

302

303

304

buflen = st.st_size;

304

305

buf = xmalloc (buflen+1);

305

306

if (fread (buf, buflen, 1, fp) != 1)

323

324

char *buf;

324

325

size_t buflen;

325

326

unsigned char *key;

326

327

328

buf = read_file (fname, &buflen);

328

329

if (!buf)

329

330

return NULL;

342

343

unsigned char *result;

343

344

size_t resultlen;

344

345

char *pw;

345

346

347

key = read_key (fname);

347

348

if (!key)

348

349

return;

356

357

log_error ("protecting the key failed: %s\n", gpg_strerror (rc));

357

358

return;

358

359

}

359

360

361

if (opt_armor)

361

362

{

362

363

char *p = make_advanced (result, resultlen);

386

387

if (!key)

387

388

return;

388

389

rc = agent_unprotect (key, (pw=get_passphrase (1)),

390

rc = agent_unprotect (key, (pw=get_passphrase (1)),

390

391

protected_at, &result, &resultlen);

391

392

release_passphrase (pw);

392

393

xfree (key);

427

428

unsigned char *result;

428

429

size_t resultlen;

429

430

unsigned char dummy_info[] = "(8:313233342:43)";

430

431

432

key = read_key (fname);

432

433

if (!key)

433

434

return;

441

442

}

442

443

resultlen = gcry_sexp_canon_len (result, 0, NULL,NULL);

443

444

assert (resultlen);

444

445

446

if (opt_armor)

446

447

{

447

448

char *p = make_advanced (result, resultlen);

463

464

unsigned char *key;

464

465

const unsigned char *info;

465

466

size_t infolen;

466

467

468

key = read_key (fname);

468

469

if (!key)

469

470

return;

477

478

}

478

479

infolen = gcry_sexp_canon_len (info, 0, NULL,NULL);

479

480

assert (infolen);

480

481

482

if (opt_armor)

482

483

{

483

484

char *p = make_advanced (info, infolen);

497

498

unsigned char *key;

498

499

size_t keylen;

499

500

char *p;

500

501

502

key = read_key (fname);

502

503

if (!key)

503

504

return;

504

505

506

keylen = gcry_sexp_canon_len (key, 0, NULL,NULL);

506

507

assert (keylen);

507

508

509

if (opt_canonical)

509

510

{

510

511

fwrite (key, keylen, 1, stdout);

528

529

gcry_sexp_t private;

529

530

unsigned char grip[20];

530

531

int i;

531

532

533

key = read_key (fname);

533

534

if (!key)

534

535

return;

537

538

{

538

539

log_error ("gcry_sexp_new failed\n");

539

540

return;

540

}

541

}

541

542

xfree (key);

542

543

544

if (!gcry_pk_get_keygrip (private, grip))

672

673

char *pw;

673

674

675

/* fixme: we should release some stuff on error */

675

676

677

buf = read_file (fname, &buflen);

677

678

if (!buf)

678

679

return;

776

777

log_error ("protecting the key failed: %s\n", gpg_strerror (rc));

777

778

return;

778

779

}

779

780

781

if (opt_armor)

781

782

{

782

783

char *p = make_advanced (result, resultlen);

810

811

812

list = gcry_sexp_find_token (sexp, "private-key", 0 );

812

813

if(!list)

813

return NULL;

814

return NULL;

814

815

l2 = gcry_sexp_cadr (list);

815

816

gcry_sexp_release (list);

816

817

list = l2;

824

825

/* Parameter names used with RSA. */

825

826

elems = "nedpqu";

826

827

array = xcalloc (strlen(elems) + 1, sizeof *array);

827

for (idx=0, s=elems; *s; s++, idx++ )

828

for (idx=0, s=elems; *s; s++, idx++ )

828

829

{

829

830

l2 = gcry_sexp_find_token (list, s, 1);

830

831

if (!l2)

846

847

return NULL; /* required parameter is invalid */

847

848

}

848

849

}

849

850

851

gcry_sexp_release (list);

851

852

return array;

852

853

}

859

860

{

860

861

int i;

861

862

for(i=0; string[i] && i < 41; i++)

863

for(i=0; string[i] && i < 41; i++)

863

864

if (!strchr("01234567890ABCDEF", string[i]))

864

return 0;

865

return 0;

865

866

return i == 40;

866

867

}

867

868

886

887

{

887

888

char hexgrip[40+4+1];

888

889

char *p;

889

890

891

assert (strlen(fname) == 40);

891

892

strcpy (stpcpy (hexgrip, fname), ".key");

892

893

960

961

xfree (key);

961

962

xfree (cert);

962

963

return;

963

}

964

}

964

965

wipememory (key, keylen_for_wipe);

965

966

xfree (key);

966

967

971

972

log_error ("error converting key parameters\n");

972

973

xfree (cert);

973

974

return;

974

}

975

}

975

976

sk.n = kp[0];

976

977

sk.e = kp[1];

977

978

sk.d = kp[2];

980

981

sk.u = kp[5];

981

982

xfree (kp);

982

983

984

985

kparms[0] = sk.n;

985

986

kparms[1] = sk.e;

986

987

kparms[2] = sk.d;

988

989

kparms[4] = sk.p;

989

990

kparms[5] = gcry_mpi_snew (0); /* compute d mod (p-1) */

990

991

gcry_mpi_sub_ui (kparms[5], kparms[3], 1);

991

gcry_mpi_mod (kparms[5], sk.d, kparms[5]);

992

gcry_mpi_mod (kparms[5], sk.d, kparms[5]);

992

993

kparms[6] = gcry_mpi_snew (0); /* compute d mod (q-1) */

993

994

gcry_mpi_sub_ui (kparms[6], kparms[4], 1);

994

gcry_mpi_mod (kparms[6], sk.d, kparms[6]);

995

gcry_mpi_mod (kparms[6], sk.d, kparms[6]);

995

996

kparms[7] = sk.u;

996

997

kparms[8] = NULL;

997

998

1003

1004

gcry_mpi_release (kparms[i]);

1004

1005

if (!key)

1005

1006

return;

1006

1007

1008

#ifdef HAVE_DOSISH_SYSTEM

1008

1009

setmode ( fileno (stdout) , O_BINARY );

1009

1010

#endif

1022

1023

1024

set_strusage (my_strusage);

1024

1025

gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);

1025

log_set_prefix ("gpg-protect-tool", 1);

1026

log_set_prefix ("gpg-protect-tool", 1);

1026

1027

1028

/* Make sure that our subsystems are ready. */

1028

1029

i18n_init ();

1040

1041

1042

opt_homedir = default_homedir ();

1042

1043

1044

opt_session_env = session_env_new ();

1043

1045

1044

1046

pargs.argc = &argc;

1045

1047

pargs.argv = &argv;

1073

1075

case oHaveCert: opt_have_cert = 1; break;

1074

1076

case oPrompt: opt_prompt = pargs.r.ret_str; break;

1075

1077

case oStatusMsg: opt_status_msg = 1; break;

1076

1078

1077

1079

default: pargs.err = ARGPARSE_PRINT_ERROR; break;

1078

1080

}

1079

1081

}

1091

1093

opt.verbose,

1092

1094

opt_homedir,

1093

1095

opt_agent_program,

1094

NULL, NULL, NULL);

1096

NULL, NULL, opt_session_env);

1095

1097

1096

1098

if (opt_prompt)

1097

1099

opt_prompt = percent_plus_unescape (opt_prompt, 0);

1127

1129

agent_exit (int rc)

1128

1130

{

1129

1131

rc = rc? rc : log_get_errorcount(0)? 2 : 0;

1132

session_env_release (opt_session_env);

1133

opt_session_env = NULL;

1130

1134

exit (rc);

1131

1135

}

1132

1136

1147

1151

const char *desc;

1148

1152

char *orig_codeset;

1149

1153

int repeat = 0;

1150

1154

1151

1155

if (opt_passphrase)

1152

1156

return xstrdup (opt_passphrase);

1153

1157

1214

1218

char *fname;

1215

1219

estream_t fp;

1216

1220

char hexgrip[40+4+1];

1217

1221

1218

1222

bin2hex (grip, 20, hexgrip);

1219

1223

strcpy (hexgrip+40, ".key");

1220

1224

1236

1240

}

1237

1241

/* FWIW: Under Windows Vista the standard fopen in the msvcrt

1238

1242

fails if the "x" GNU extension is used. */

1239

fp = es_fopen (fname, "wbx");

1243

fp = es_fopen (fname, "wbx");

1240

1244

}

1241

1245

1242

if (!fp)

1243

{

1246

if (!fp)

1247

{

1244

1248

log_error ("can't create `%s': %s\n", fname, strerror (errno));

1245

1249

xfree (fname);

1246

1250

return -1;

Older »