* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#ifndef G10_MAIN_H
#define G10_MAIN_H
struct groupitem *next;
};
+struct weakhash
+{
+ enum gcry_md_algos algo;
+ int rejection_shown;
+ struct weakhash *next;
+};
+
/*-- gpg.c --*/
extern int g10_errors_seen;
void print_pubkey_algo_note (pubkey_algo_t algo);
void print_cipher_algo_note (cipher_algo_t algo);
void print_digest_algo_note (digest_algo_t algo);
-void print_md5_rejected_note (void);
+void print_digest_rejected_note (enum gcry_md_algos algo);
+void print_reported_error (gpg_error_t err, gpg_err_code_t skip_if_ec);
+void print_further_info (const char *format, ...) GPGRT_ATTR_PRINTF(1,2);
+void additional_weak_digest (const char* digestname);
/*-- armor.c --*/
char *make_radix64_string( const byte *data, size_t len );
/*-- misc.c --*/
void trap_unaligned(void);
-int disable_core_dumps(void);
void register_secured_file (const char *fname);
void unregister_secured_file (const char *fname);
int is_secured_file (int fd);
void deprecated_warning(const char *configname,unsigned int configlineno,
const char *option,const char *repl1,const char *repl2);
void deprecated_command (const char *name);
-void obsolete_option (const char *configname, unsigned int configlineno,
- const char *name);
void obsolete_scdaemon_option (const char *configname,
unsigned int configlineno, const char *name);
char *argsplit(char *string);
int parse_options(char *str,unsigned int *options,
struct parse_options *opts,int noisy);
-int has_invalid_email_chars (const char *s);
-int is_valid_mailbox (const char *name);
-int is_valid_user_id (const char *uid);
const char *get_libexecdir (void);
int path_access(const char *file,int mode);
unsigned int ecdsa_qbits_from_Q (unsigned int qbits);
-/*-- status.c --*/
+/*-- cpr.c --*/
void set_status_fd ( int fd );
int is_status_enabled ( void );
void write_status ( int no );
void write_status_error (const char *where, gpg_error_t err);
void write_status_errcode (const char *where, int errcode);
+void write_status_failure (const char *where, gpg_error_t err);
void write_status_text ( int no, const char *text );
+void write_status_printf (int no, const char *format,
+ ...) GPGRT_ATTR_PRINTF(2,3);
void write_status_strings (int no, const char *text,
- ...) GNUPG_GCC_A_SENTINEL(0);
+ ...) GPGRT_ATTR_SENTINEL(0);
void write_status_buffer ( int no,
const char *buffer, size_t len, int wrap );
void write_status_text_and_buffer ( int no, const char *text,
/*-- encode.c --*/
int setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek);
+void encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey);
+int use_mdc (pk_list_t pk_list,int algo);
int encrypt_symmetric (const char *filename );
int encrypt_store (const char *filename );
int encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
int encrypt_filter (void *opaque, int control,
iobuf_t a, byte *buf, size_t *ret_len);
+int write_pubkey_enc (PKT_public_key *pk, int throw_keyid,
+ DEK *dek, iobuf_t out);
/*-- sign.c --*/
int complete_sig (PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
const char *cache_nonce);
int sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
int do_encrypt, strlist_t remusr, const char *outfile );
-int clearsign_file( const char *fname, strlist_t locusr, const char *outfile );
-int sign_symencrypt_file (const char *fname, strlist_t locusr);
+int clearsign_file (ctrl_t ctrl,
+ const char *fname, strlist_t locusr, const char *outfile);
+int sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr);
/*-- sig-check.c --*/
+
+/* SIG is a revocation signature. Check if any of PK's designated
+ revokers generated it. If so, return 0. Note: this function
+ (correctly) doesn't care if the designated revoker is revoked. */
int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
+/* Check that the backsig BACKSIG from the subkey SUB_PK to its
+ primary key MAIN_PK is valid. */
int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
PKT_signature *backsig);
-int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
+/* Check that the signature SIG over a key (e.g., a key binding or a
+ key revocation) is valid. (To check signatures over data, use
+ check_signature.) */
+int check_key_signature( KBNODE root, KBNODE sig, int *is_selfsig );
+/* Like check_key_signature, but with the ability to specify some
+ additional parameters and get back additional information. See the
+ documentation for the implementation for details. */
int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
PKT_public_key *ret_pk, int *is_selfsig,
u32 *r_expiredate, int *r_expired );
+/* Returns whether SIGNER generated the signature SIG over the packet
+ PACKET, which is a key, subkey or uid, and comes from the key block
+ KB. If SIGNER is NULL, it is looked up based on the information in
+ SIG. If not NULL, sets *IS_SELFSIG to indicate whether the
+ signature is a self-signature and *RET_PK to a copy of the signer's
+ key. */
+gpg_error_t check_signature_over_key_or_uid (PKT_public_key *signer,
+ PKT_signature *sig,
+ KBNODE kb, PACKET *packet,
+ int *is_selfsig,
+ PKT_public_key *ret_pk);
+
+
/*-- delkey.c --*/
gpg_error_t delete_keys (strlist_t names, int secret, int allow_both);
void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
strlist_t commands, int quiet, int seckey_check );
void keyedit_passwd (ctrl_t ctrl, const char *username);
+void keyedit_quick_adduid (ctrl_t ctrl, const char *username,
+ const char *newuid);
+void keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
+ const char *usagestr, const char *expirestr);
+void keyedit_quick_revuid (ctrl_t ctrl, const char *username,
+ const char *uidtorev);
void keyedit_quick_sign (ctrl_t ctrl, const char *fpr,
strlist_t uids, strlist_t locusr, int local);
+void keyedit_quick_set_expire (ctrl_t ctrl,
+ const char *fpr, const char *expirestr);
void show_basic_key_info (KBNODE keyblock);
/*-- keygen.c --*/
+const char *get_default_pubkey_algo (void);
u32 parse_expire_string(const char *string);
u32 ask_expire_interval(int object,const char *def_expire);
u32 ask_expiredate(void);
-void quick_generate_keypair (const char *uid);
+unsigned int ask_key_flags (int algo, int subkey, unsigned int current);
+void quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
+ const char *usagestr, const char *expirestr);
void generate_keypair (ctrl_t ctrl, int full, const char *fname,
const char *card_serialno, int card_backup_key);
int keygen_set_std_prefs (const char *string,int personal);
PKT_user_id *keygen_get_std_prefs (void);
int keygen_add_key_expire( PKT_signature *sig, void *opaque );
+int keygen_add_key_flags (PKT_signature *sig, void *opaque);
int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
int keygen_add_keyserver_url(PKT_signature *sig, void *opaque);
gpg_error_t make_backsig (PKT_signature *sig, PKT_public_key *pk,
PKT_public_key *sub_pk, PKT_public_key *sub_psk,
u32 timestamp, const char *cache_nonce);
-gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock);
+gpg_error_t generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock,
+ const char *algostr,
+ const char *usagestr,
+ const char *expirestr);
#ifdef ENABLE_CARD_SUPPORT
gpg_error_t generate_card_subkeypair (kbnode_t pub_keyblock,
int keyno, const char *serialno);
-int save_unprotected_key_to_card (PKT_public_key *sk, int keyno);
#endif
gcry_md_hd_t md, int hash_algo );
/*-- import.c --*/
+struct import_stats_s;
+typedef struct import_stats_s *import_stats_t;
+struct import_filter_s;
+typedef struct import_filter_s *import_filter_t;
typedef gpg_error_t (*import_screener_t)(kbnode_t keyblock, void *arg);
int parse_import_options(char *str,unsigned int *options,int noisy);
+
+gpg_error_t parse_and_set_import_filter (const char *string);
+import_filter_t save_and_clear_import_filter (void);
+void restore_import_filter (import_filter_t filt);
+
+gpg_error_t read_key_from_file (ctrl_t ctrl, const char *fname,
+ kbnode_t *r_keyblock);
void import_keys (ctrl_t ctrl, char **fnames, int nnames,
- void *stats_hd, unsigned int options);
-int import_keys_stream (ctrl_t ctrl, iobuf_t inp, void *stats_hd,
+ import_stats_t stats_hd, unsigned int options);
+int import_keys_stream (ctrl_t ctrl, iobuf_t inp, import_stats_t stats_hd,
unsigned char **fpr,
size_t *fpr_len, unsigned int options);
-int import_keys_es_stream (ctrl_t ctrl, estream_t fp, void *stats_handle,
+int import_keys_es_stream (ctrl_t ctrl, estream_t fp,
+ import_stats_t stats_handle,
unsigned char **fpr, size_t *fpr_len,
unsigned int options,
import_screener_t screener, void *screener_arg);
gpg_error_t import_old_secring (ctrl_t ctrl, const char *fname);
-void *import_new_stats_handle (void);
-void import_release_stats_handle (void *p);
-void import_print_stats (void *hd);
+import_stats_t import_new_stats_handle (void);
+void import_release_stats_handle (import_stats_t hd);
+void import_print_stats (import_stats_t hd);
+const char *impex_filter_getval (void *cookie, const char *propname);
+gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
+ kbnode_t sec_keyblock, int batch, int force);
int collapse_uids( KBNODE *keyblock );
/*-- export.c --*/
+struct export_stats_s;
+typedef struct export_stats_s *export_stats_t;
+
+export_stats_t export_new_stats (void);
+void export_release_stats (export_stats_t stats);
+void export_print_stats (export_stats_t stats);
+
int parse_export_options(char *str,unsigned int *options,int noisy);
-int export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options );
-int export_pubkeys_stream (ctrl_t ctrl, iobuf_t out, strlist_t users,
- kbnode_t *keyblock_out, unsigned int options );
+gpg_error_t parse_and_set_export_filter (const char *string);
+
+int export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options,
+ export_stats_t stats);
+int export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options,
+ export_stats_t stats);
+int export_secsubkeys (ctrl_t ctrl, strlist_t users, unsigned int options,
+ export_stats_t stats);
+
gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec,
unsigned int options,
+ export_stats_t stats,
kbnode_t *r_keyblock,
void **r_data, size_t *r_datalen);
-int export_seckeys (ctrl_t ctrl, strlist_t users);
-int export_secsubkeys (ctrl_t ctrl, strlist_t users);
+
+gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
+ int cleartext,
+ char **cache_nonce_addr,
+ const char *hexgrip,
+ PKT_public_key *pk);
+
+gpg_error_t write_keyblock_to_output (kbnode_t keyblock,
+ int with_armor, unsigned int options);
+
+gpg_error_t export_ssh_key (ctrl_t ctrl, const char *userid);
/*-- dearmor.c --*/
int dearmor_file( const char *fname );
struct revocation_reason_info;
int gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce);
int gen_revoke( const char *uname );
-int gen_desig_revoke( const char *uname, strlist_t locusr);
+int gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr);
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
struct revocation_reason_info *
ask_revocation_reason( int key_rev, int cert_rev, int hint );
+struct revocation_reason_info * get_default_uid_revocation_reason(void);
void release_revocation_reason_info( struct revocation_reason_info *reason );
/*-- keylist.c --*/
void secret_key_list (ctrl_t ctrl, strlist_t list );
void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock);
-void list_keyblock (kbnode_t keyblock, int secret, int has_secret,
- int fpr, void *opaque);
+void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret,
+ int has_secret, int fpr, int no_validity);
void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
void print_revokers (estream_t fp, PKT_public_key *pk);
void show_policy_url(PKT_signature *sig,int indent,int mode);
void show_notation(PKT_signature *sig,int indent,int mode,int which);
void dump_attribs (const PKT_user_id *uid, PKT_public_key *pk);
void set_attrib_fd(int fd);
+char *format_seckey_info (PKT_public_key *pk);
void print_seckey_info (PKT_public_key *pk);
void print_pubkey_info (estream_t fp, PKT_public_key *pk);
void print_card_key_info (estream_t fp, KBNODE keyblock);
+void print_key_line (estream_t fp, PKT_public_key *pk, int secret);
/*-- verify.c --*/
void print_file_status( int status, const char *name, int what );
int textmode );
PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf);
-/*-- signal.c --*/
-void init_signals(void);
-void block_all_signals(void);
-void unblock_all_signals(void);
-
/*-- server.c --*/
int gpg_server (ctrl_t);
gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl,