+Noteworthy changes in version 2.2.6 (2018-04-09)
+------------------------------------------------
+
+ * gpg,gpgsm: New option --request-origin to pretend requests coming
+ from a browser or a remote site.
+
+ * gpg: Fix race condition on trustdb.gpg updates due to too early
+ released lock. [#3839]
+
+ * gpg: Emit FAILURE status lines in almost all cases. [#3872]
+
+ * gpg: Implement --dry-run for --passwd to make checking a key's
+ passphrase straightforward.
+
+ * gpg: Make sure to only accept a certification capable key for key
+ signatures. [#3844]
+
+ * gpg: Better user interaction in --card-edit for the factory-reset
+ sub-command.
+
+ * gpg: Improve changing key attributes in --card-edit by adding an
+ explicit "key-attr" sub-command. [#3781]
+
+ * gpg: Print the keygrips in the --card-status.
+
+ * scd: Support KDF DO setup. [#3823]
+
+ * scd: Fix some issues with PC/SC on Windows. [#3825]
+
+ * scd: Fix suspend/resume handling in the CCID driver.
+
+ * agent: Evict cached passphrases also via a timer. [#3829]
+
+ * agent: Use separate passphrase caches depending on the request
+ origin. [#3858]
+
+ * ssh: Support signature flags. [#3880]
+
+ * dirmngr: Handle failures related to missing IPv6 support
+ gracefully. [#3331]
+
+ * Fix corner cases related to specified home directory with
+ drive letter on Windows. [#3720]
+
+ * Allow the use of UNC directory names as homedir. [#3818]
+
+
Noteworthy changes in version 2.2.5 (2018-02-22)
------------------------------------------------
/*-- cache.c --*/
void initialize_module_cache (void);
void deinitialize_module_cache (void);
+void agent_cache_housekeeping (void);
void agent_flush_cache (void);
-int agent_put_cache (const char *key, cache_mode_t cache_mode,
+int agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
const char *data, int ttl);
-char *agent_get_cache (const char *key, cache_mode_t cache_mode);
+char *agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode);
void agent_store_cache_hit (const char *key);
int ttl; /* max. lifetime given in seconds, -1 one means infinite */
struct secret_data_s *pw;
cache_mode_t cache_mode;
+ int restricted; /* The value of ctrl->restricted is part of the key. */
char key[1];
};
if (r->pw && r->ttl >= 0 && r->accessed + r->ttl < current)
{
if (DBG_CACHE)
- log_debug (" expired '%s' (%ds after last access)\n",
- r->key, r->ttl);
+ log_debug (" expired '%s'.%d (%ds after last access)\n",
+ r->key, r->restricted, r->ttl);
release_data (r->pw);
r->pw = NULL;
r->accessed = current;
if (r->pw && r->created + maxttl < current)
{
if (DBG_CACHE)
- log_debug (" expired '%s' (%lus after creation)\n",
- r->key, opt.max_cache_ttl);
+ log_debug (" expired '%s'.%d (%lus after creation)\n",
+ r->key, r->restricted, opt.max_cache_ttl);
release_data (r->pw);
r->pw = NULL;
r->accessed = current;
}
/* Third, make sure that we don't have too many items in the list.
- Expire old and unused entries after 30 minutes */
+ * Expire old and unused entries after 30 minutes. */
for (rprev=NULL, r=thecache; r; )
{
if (!r->pw && r->ttl >= 0 && r->accessed + 60*30 < current)
{
ITEM r2 = r->next;
if (DBG_CACHE)
- log_debug (" removed '%s' (mode %d) (slot not used for 30m)\n",
- r->key, r->cache_mode);
+ log_debug (" removed '%s'.%d (mode %d) (slot not used for 30m)\n",
+ r->key, r->restricted, r->cache_mode);
xfree (r);
if (!rprev)
thecache = r2;
void
+agent_cache_housekeeping (void)
+{
+ int res;
+
+ if (DBG_CACHE)
+ log_debug ("agent_cache_housekeeping\n");
+
+ res = npth_mutex_lock (&cache_lock);
+ if (res)
+ log_fatal ("failed to acquire cache mutex: %s\n", strerror (res));
+
+ housekeeping ();
+
+ res = npth_mutex_unlock (&cache_lock);
+ if (res)
+ log_fatal ("failed to release cache mutex: %s\n", strerror (res));
+}
+
+
+void
agent_flush_cache (void)
{
ITEM r;
if (r->pw)
{
if (DBG_CACHE)
- log_debug (" flushing '%s'\n", r->key);
+ log_debug (" flushing '%s'.%d\n", r->key, r->restricted);
release_data (r->pw);
r->pw = NULL;
r->accessed = 0;
set infinite timeout. CACHE_MODE is stored with the cache entry
and used to select different timeouts. */
int
-agent_put_cache (const char *key, cache_mode_t cache_mode,
+agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
const char *data, int ttl)
{
gpg_error_t err = 0;
ITEM r;
int res;
+ int restricted = ctrl? ctrl->restricted : -1;
res = npth_mutex_lock (&cache_lock);
if (res)
log_fatal ("failed to acquire cache mutex: %s\n", strerror (res));
if (DBG_CACHE)
- log_debug ("agent_put_cache '%s' (mode %d) requested ttl=%d\n",
- key, cache_mode, ttl);
+ log_debug ("agent_put_cache '%s'.%d (mode %d) requested ttl=%d\n",
+ key, restricted, cache_mode, ttl);
housekeeping ();
if (!ttl)
if (((cache_mode != CACHE_MODE_USER
&& cache_mode != CACHE_MODE_NONCE)
|| cache_mode_equal (r->cache_mode, cache_mode))
+ && r->restricted == restricted
&& !strcmp (r->key, key))
break;
}
else
{
strcpy (r->key, key);
+ r->restricted = restricted;
r->created = r->accessed = gnupg_get_time ();
r->ttl = ttl;
r->cache_mode = cache_mode;
make use of CACHE_MODE except for CACHE_MODE_NONCE and
CACHE_MODE_USER. */
char *
-agent_get_cache (const char *key, cache_mode_t cache_mode)
+agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
{
gpg_error_t err;
ITEM r;
char *value = NULL;
int res;
int last_stored = 0;
+ int restricted = ctrl? ctrl->restricted : -1;
if (cache_mode == CACHE_MODE_IGNORE)
return NULL;
}
if (DBG_CACHE)
- log_debug ("agent_get_cache '%s' (mode %d)%s ...\n",
- key, cache_mode,
+ log_debug ("agent_get_cache '%s'.%d (mode %d)%s ...\n",
+ key, ctrl->restricted, cache_mode,
last_stored? " (stored cache key)":"");
housekeeping ();
&& ((cache_mode != CACHE_MODE_USER
&& cache_mode != CACHE_MODE_NONCE)
|| cache_mode_equal (r->cache_mode, cache_mode))
+ && r->restricted == restricted
&& !strcmp (r->key, key))
{
/* Note: To avoid races KEY may not be accessed anymore below. */
{
xfree (value);
value = NULL;
- log_error ("retrieving cache entry '%s' failed: %s\n",
- key, gpg_strerror (err));
+ log_error ("retrieving cache entry '%s'.%d failed: %s\n",
+ key, restricted, gpg_strerror (err));
}
break;
}
char buf[100];
#ifdef HAVE_W32_SYSTEM
- snprintf (buf, sizeof buf, "OPTION event-signal=%lx",
- (unsigned long)get_agent_scd_notify_event ());
+ snprintf (buf, sizeof buf, "OPTION event-signal=%p",
+ get_agent_scd_notify_event ());
#else
snprintf (buf, sizeof buf, "OPTION event-signal=%d", SIGUSR2);
#endif
/* Other constants. */
#define SSH_DSA_SIGNATURE_PADDING 20
#define SSH_DSA_SIGNATURE_ELEMS 2
+#define SSH_AGENT_RSA_SHA2_256 0x02
+#define SSH_AGENT_RSA_SHA2_512 0x04
#define SPEC_FLAG_USE_PKCS1V2 (1 << 0)
#define SPEC_FLAG_IS_ECDSA (1 << 1)
#define SPEC_FLAG_IS_EdDSA (1 << 2) /*(lowercase 'd' on purpose.)*/
if (err)
goto out;
- /* FIXME? */
err = stream_read_uint32 (request, &flags);
if (err)
goto out;
+ if (spec.algo == GCRY_PK_RSA)
+ {
+ if ((flags & SSH_AGENT_RSA_SHA2_256))
+ {
+ spec.ssh_identifier = "rsa-sha2-256";
+ spec.hash_algo = GCRY_MD_SHA256;
+ }
+ else if ((flags & SSH_AGENT_RSA_SHA2_512))
+ {
+ spec.ssh_identifier = "rsa-sha2-512";
+ spec.hash_algo = GCRY_MD_SHA512;
+ }
+ }
+
hash_algo = spec.hash_algo;
if (!hash_algo)
hash_algo = GCRY_MD_SHA1; /* Use the default. */
goto out;
/* Cache this passphrase. */
- err = agent_put_cache (key_grip, CACHE_MODE_SSH, pi->pin, ttl);
+ err = agent_put_cache (ctrl, key_grip, CACHE_MODE_SSH, pi->pin, ttl);
if (err)
goto out;
{
if (ctrl->server_local->last_cache_nonce)
{
- agent_put_cache (ctrl->server_local->last_cache_nonce,
+ agent_put_cache (ctrl, ctrl->server_local->last_cache_nonce,
CACHE_MODE_NONCE, NULL, 0);
xfree (ctrl->server_local->last_cache_nonce);
ctrl->server_local->last_cache_nonce = NULL;
}
if (ctrl->server_local->last_passwd_nonce)
{
- agent_put_cache (ctrl->server_local->last_passwd_nonce,
+ agent_put_cache (ctrl, ctrl->server_local->last_passwd_nonce,
CACHE_MODE_NONCE, NULL, 0);
xfree (ctrl->server_local->last_passwd_nonce);
ctrl->server_local->last_passwd_nonce = NULL;
}
else if (passwd_nonce)
- newpasswd = agent_get_cache (passwd_nonce, CACHE_MODE_NONCE);
+ newpasswd = agent_get_cache (ctrl, passwd_nonce, CACHE_MODE_NONCE);
rc = agent_genkey (ctrl, cache_nonce, (char*)value, valuelen, no_protection,
newpasswd, opt_preset, &outbuf);
/* Here we have a little race by doing the cache check separately
from the retrieval function. Given that the cache flag is only a
hint, it should not really matter. */
- pw = agent_get_cache (hexgrip, CACHE_MODE_NORMAL);
+ pw = agent_get_cache (ctrl, hexgrip, CACHE_MODE_NORMAL);
cached = pw ? "1" : "-";
xfree (pw);
if (!strcmp (desc, "X"))
desc = NULL;
- pw = cacheid ? agent_get_cache (cacheid, CACHE_MODE_USER) : NULL;
+ pw = cacheid ? agent_get_cache (ctrl, cacheid, CACHE_MODE_USER) : NULL;
if (pw)
{
rc = send_back_passphrase (ctx, opt_data, pw);
if (!rc)
{
if (cacheid)
- agent_put_cache (cacheid, CACHE_MODE_USER, response, 0);
+ agent_put_cache (ctrl, cacheid, CACHE_MODE_USER, response, 0);
rc = send_back_passphrase (ctx, opt_data, response);
}
xfree (response);
if (!*cacheid || strlen (cacheid) > 50)
return set_error (GPG_ERR_ASS_PARAMETER, "invalid length of cacheID");
- agent_put_cache (cacheid, opt_normal ? CACHE_MODE_NORMAL : CACHE_MODE_USER,
+ agent_put_cache (ctrl, cacheid,
+ opt_normal ? CACHE_MODE_NORMAL : CACHE_MODE_USER,
NULL, 0);
agent_clear_passphrase (ctrl, cacheid,
passwd_nonce = bin2hex (buf, 12, NULL);
}
if (passwd_nonce
- && !agent_put_cache (passwd_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, passwd_nonce, CACHE_MODE_NONCE,
passphrase, CACHE_TTL_NONCE))
{
assuan_write_status (ctx, "PASSWD_NONCE", passwd_nonce);
char *newpass = NULL;
if (passwd_nonce)
- newpass = agent_get_cache (passwd_nonce, CACHE_MODE_NONCE);
+ newpass = agent_get_cache (ctrl, passwd_nonce, CACHE_MODE_NONCE);
err = agent_protect_and_store (ctrl, s_skey, &newpass);
if (!err && passphrase)
{
cache_nonce = bin2hex (buf, 12, NULL);
}
if (cache_nonce
- && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, cache_nonce, CACHE_MODE_NONCE,
passphrase, CACHE_TTL_NONCE))
{
assuan_write_status (ctx, "CACHE_NONCE", cache_nonce);
passwd_nonce = bin2hex (buf, 12, NULL);
}
if (passwd_nonce
- && !agent_put_cache (passwd_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, passwd_nonce, CACHE_MODE_NONCE,
newpass, CACHE_TTL_NONCE))
{
assuan_write_status (ctx, "PASSWD_NONCE", passwd_nonce);
{
char hexgrip[40+1];
bin2hex(grip, 20, hexgrip);
- err = agent_put_cache (hexgrip, CACHE_MODE_ANY, newpass,
+ err = agent_put_cache (ctrl, hexgrip, CACHE_MODE_ANY, newpass,
ctrl->cache_ttl_opt_preset);
}
xfree (newpass);
if (!rc)
{
- rc = agent_put_cache (grip_clear, CACHE_MODE_ANY, passphrase, ttl);
+ rc = agent_put_cache (ctrl, grip_clear, CACHE_MODE_ANY, passphrase, ttl);
if (opt_inquire)
xfree (passphrase);
}
cache_nonce = bin2hex (buf, 12, NULL);
}
if (cache_nonce
- && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, cache_nonce, CACHE_MODE_NONCE,
passphrase, CACHE_TTL_NONCE))
assuan_write_status (ctx, "CACHE_NONCE", cache_nonce);
}
cache_nonce = bin2hex (buf, 12, NULL);
}
if (cache_nonce
- && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, cache_nonce, CACHE_MODE_NONCE,
passphrase, CACHE_TTL_NONCE))
{
assuan_write_status (ctx, "CACHE_NONCE", cache_nonce);
ctrl->s2k_count = 0;
}
}
+ else if (!strcmp (key, "pretend-request-origin"))
+ {
+ log_assert (!ctrl->restricted);
+ switch (parse_request_origin (value))
+ {
+ case REQUEST_ORIGIN_LOCAL: ctrl->restricted = 0; break;
+ case REQUEST_ORIGIN_REMOTE: ctrl->restricted = 1; break;
+ case REQUEST_ORIGIN_BROWSER: ctrl->restricted = 2; break;
+ default:
+ err = gpg_error (GPG_ERR_INV_VALUE);
+ /* Better pretend to be remote in case of a bad value. */
+ ctrl->restricted = 1;
+ break;
+ }
+ }
else
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
{
char *cache_value;
- cache_value = agent_get_cache (cache_nonce, CACHE_MODE_NONCE);
+ cache_value = agent_get_cache (ctrl, cache_nonce, CACHE_MODE_NONCE);
if (cache_value)
{
if (strlen (cache_value) < pi->max_length)
{
char *pw;
- pw = agent_get_cache (cache_nonce, CACHE_MODE_NONCE);
+ pw = agent_get_cache (ctrl, cache_nonce, CACHE_MODE_NONCE);
if (pw)
{
rc = agent_unprotect (ctrl, *keybuf, pw, NULL, &result, &resultlen);
char *pw;
retry:
- pw = agent_get_cache (hexgrip, cache_mode);
+ pw = agent_get_cache (ctrl, hexgrip, cache_mode);
if (pw)
{
rc = agent_unprotect (ctrl, *keybuf, pw, NULL, &result, &resultlen);
We can often avoid the passphrase entry in the second
step. We do this only in normal mode, so not to
interfere with unrelated cache entries. */
- pw = agent_get_cache (NULL, cache_mode);
+ pw = agent_get_cache (ctrl, NULL, cache_mode);
if (pw)
{
rc = agent_unprotect (ctrl, *keybuf, pw, NULL,
else
{
/* Passphrase is fine. */
- agent_put_cache (hexgrip, cache_mode, pi->pin,
+ agent_put_cache (ctrl, hexgrip, cache_mode, pi->pin,
lookup_ttl? lookup_ttl (hexgrip) : 0);
agent_store_cache_hit (hexgrip);
if (r_passphrase && *pi->pin)
passphrase = NULL;
else
{
- passphrase_buffer = agent_get_cache (cache_nonce, CACHE_MODE_NONCE);
+ passphrase_buffer = agent_get_cache (ctrl, cache_nonce, CACHE_MODE_NONCE);
passphrase = passphrase_buffer;
}
}
if (cache_nonce
&& !no_protection
- && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
+ && !agent_put_cache (ctrl, cache_nonce, CACHE_MODE_NONCE,
passphrase, ctrl->cache_ttl_opt_preset))
agent_write_status (ctrl, "CACHE_NONCE", cache_nonce, NULL);
if (preset && !no_protection)
if (gcry_pk_get_keygrip (s_private, grip))
{
bin2hex(grip, 20, hexgrip);
- rc = agent_put_cache (hexgrip, CACHE_MODE_ANY, passphrase,
+ rc = agent_put_cache (ctrl, hexgrip, CACHE_MODE_ANY, passphrase,
ctrl->cache_ttl_opt_preset);
}
}
}
#endif
+ /* Need to check for expired cache entries. */
+ agent_cache_housekeeping ();
+
/* Check whether the homedir is still available. */
if (!shutdown_pending
&& (!have_homedir_inotify || !reliable_homedir_inotify)
}
char *
-agent_get_cache (const char *key, cache_mode_t cache_mode)
+agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
{
+ (void)ctrl;
(void)key;
(void)cache_mode;
return NULL;
}
return "?";
}
+
+
+/* Parse VALUE and return an integer representing a request_origin_t.
+ * (-1) is returned for an invalid VALUE. */
+int
+parse_request_origin (const char *value)
+{
+ int result;
+
+ if (!strcmp (value, "none") || !strcmp (value, "local"))
+ result = REQUEST_ORIGIN_LOCAL;
+ else if (!strcmp (value, "remote"))
+ result = REQUEST_ORIGIN_REMOTE;
+ else if (!strcmp (value, "browser"))
+ result = REQUEST_ORIGIN_BROWSER;
+ else
+ result = -1;
+
+ return result;
+}
+
+
+/* Return the string representation for the request origin. Returns
+ * "?" for an invalid mode. */
+const char *
+str_request_origin (request_origin_t mode)
+{
+ switch (mode)
+ {
+ case REQUEST_ORIGIN_LOCAL: return "local";
+ case REQUEST_ORIGIN_REMOTE: return "remote";
+ case REQUEST_ORIGIN_BROWSER: return "browser";
+ }
+ return "?";
+}
}
+/* Helper to remove trailing slashes from NEWDIR. Return a new
+ * allocated string if that has been done or NULL if there are no
+ * slashes to remove. Also inserts a missing slash after a Windows
+ * drive letter. */
+static char *
+copy_dir_with_fixup (const char *newdir)
+{
+ char *result = NULL;
+ char *p;
+
+ if (!*newdir)
+ return NULL;
+
+#ifdef HAVE_W32_SYSTEM
+ if (newdir[0] && newdir[1] == ':'
+ && !(newdir[2] == '/' || newdir[2] == '\\'))
+ {
+ /* Drive letter with missing leading slash. */
+ p = result = xmalloc (strlen (newdir) + 1 + 1);
+ *p++ = newdir[0];
+ *p++ = newdir[1];
+ *p++ = '\\';
+ strcpy (p, newdir+2);
+
+ /* Remove trailing slashes. */
+ p = result + strlen (result) - 1;
+ while (p > result+2 && (*p == '/' || *p == '\\'))
+ *p-- = 0;
+ }
+ else if (newdir[strlen (newdir)-1] == '/'
+ || newdir[strlen (newdir)-1] == '\\' )
+ {
+ result = xstrdup (newdir);
+ p = result + strlen (result) - 1;
+ while (p > result
+ && (*p == '/' || *p == '\\')
+ && (p-1 > result && p[-1] != ':')) /* We keep "c:/". */
+ *p-- = 0;
+ }
+
+#else /*!HAVE_W32_SYSTEM*/
+
+ if (newdir[strlen (newdir)-1] == '/')
+ {
+ result = xstrdup (newdir);
+ p = result + strlen (result) - 1;
+ while (p > result && *p == '/')
+ *p-- = 0;
+ }
+
+#endif /*!HAVE_W32_SYSTEM*/
+
+ return result;
+}
+
+
/* Get the standard home directory. In general this function should
not be used as it does not consider a registry value (under W32) or
the GNUPGHOME environment variable. It is better to use
dir = GNUPG_DEFAULT_HOMEDIR;
else
{
- /* Strip trailing slashes if any. */
- if (dir[strlen (dir)-1] == '/')
- {
- char *tmp, *p;
-
- tmp = xstrdup (dir);
- p = tmp + strlen (tmp) - 1;
- while (p > tmp && *p == '/')
- *p-- = 0;
+ char *p;
- dir = tmp;
- }
+ p = copy_dir_with_fixup (dir);
+ if (p)
+ dir = p;
if (!is_gnupg_default_homedir (dir))
non_default_homedir = 1;
newdir = default_homedir ();
else
{
- /* Remove trailing slashes from NEWSDIR. */
- if (newdir[strlen (newdir)-1] == '/'
-#ifdef HAVE_W32_SYSTEM
- || newdir[strlen (newdir)-1] == '\\'
-#endif
- )
- {
- char *p;
+ tmp = copy_dir_with_fixup (newdir);
+ if (tmp)
+ newdir = tmp;
- tmp = xstrdup (newdir);
- p = tmp + strlen (tmp) - 1;
- while (p > tmp
- && (*p == '/'
-#ifdef HAVE_W32_SYSTEM
- || *p == '\\'
-#endif
- )
- )
- *p-- = 0;
-
- newdir = tmp;
- }
if (!is_gnupg_default_homedir (newdir))
non_default_homedir = 1;
}
pinentry_mode_t;
+/* Values for the request origin. */
+typedef enum
+ {
+ REQUEST_ORIGIN_LOCAL = 0,
+ REQUEST_ORIGIN_REMOTE,
+ REQUEST_ORIGIN_BROWSER
+ }
+request_origin_t;
+
+
/*-- agent-opt.c --*/
int parse_pinentry_mode (const char *value);
const char *str_pinentry_mode (pinentry_mode_t mode);
+int parse_request_origin (const char *value);
+const char *str_request_origin (request_origin_t mode);
+
#endif /*GNUPG_COMMON_SHAREDDEFS_H*/
m4_define([mym4_package],[gnupg])
m4_define([mym4_major], [2])
m4_define([mym4_minor], [2])
-m4_define([mym4_micro], [5])
+m4_define([mym4_micro], [6])
# To start a new development series, i.e a new major or minor number
# you need to mark an arbitrary commit before the first beta release
use_simple_gettext=no
use_ldapwrapper=yes
mmap_needed=yes
-require_pipe_to_unblock_pselect=no
+require_pipe_to_unblock_pselect=yes
case "${host}" in
*-mingw32*)
# special stuff for Windoze NT
have_w32_system=yes
require_iconv=no
use_ldapwrapper=no # Fixme: Do this only for CE.
+ require_pipe_to_unblock_pselect=no
case "${host}" in
*-mingw32ce*)
have_w32ce_system=yes
case GPG_ERR_UNKNOWN_HOST:
case GPG_ERR_NETWORK:
case GPG_ERR_EIO: /* Sometimes used by estream cookie functions. */
+ case GPG_ERR_EADDRNOTAVAIL: /* e.g. when IPv6 is disabled */
+ case GPG_ERR_EAFNOSUPPORT: /* e.g. when IPv6 is not compiled in */
if (mark_host_dead (request) && *tries_left)
retry = 1;
break;
AM_MAKEINFOFLAGS = -I $(srcdir) --css-ref=/share/site.css
YAT2M_OPTIONS = -I $(srcdir) \
- --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard 2.1"
+ --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard 2.2"
myman_sources = gnupg7.texi gpg.texi gpgsm.texi gpg-agent.texi \
dirmngr.texi scdaemon.texi tools.texi wks.texi
# vsnfd.prf - Configure options for the VS-NfD mode -*- conf -*-
+#
+# The options for each tool are configured in a section ("[TOOL]");
+# see the respective man page for a description of these options and
+# the gpgconf manpage for a description of this file's syntax.
[gpg]
compliance de-vs
default-new-key-algo rsa3072/cert,sign+rsa3072/encr
[gpgsm]
-enable-crl-checks
compliance de-vs
+enable-crl-checks
[gpg-agent]
enable-extended-key-format
Set the time a cache entry is valid to @var{n} seconds. The default
is 600 seconds. Each time a cache entry is accessed, the entry's
timer is reset. To set an entry's maximum lifetime, use
-@command{max-cache-ttl}.
+@command{max-cache-ttl}. Note that a cached passphrase may not
+evicted immediately from memory if no client requests a cache
+operation. This is due to an internal housekeeping function which is
+only run every few seconds.
@item --default-cache-ttl-ssh @var{n}
@opindex default-cache-ttl
option is useful if the key is later used on boxes which are either
much slower or faster than the actual box.
+@item pretend-request-origin
+This option switches the connection into a restricted mode which
+handles all further commands in the same way as they would be handled
+when originating from the extra or browser socket. Note that this
+option is not available in the restricted mode. Valid values for this
+option are:
+
+ @table @code
+ @item none
+ @itemx local
+ This is a NOP and leaves the connection in the standard way.
+
+ @item remote
+ Pretend to come from a remote origin in the same way as connections
+ from the @option{--extra-socket}.
+
+ @item browser
+ Pretend to come from a local web browser in the same way as connections
+ from the @option{--browser-socket}.
+ @end table
+
@end table
known secret keys are listed. A @code{#} after the initial tags
@code{sec} or @code{ssb} means that the secret key or subkey is
currently not usable. We also say that this key has been taken
-offline (for example, a primary key can be taken offline by exported
+offline (for example, a primary key can be taken offline by exporting
the key using the command @option{--export-secret-subkeys}). A
@code{>} after these tags indicate that the key is stored on a
smartcard. See also @option{--list-keys}.
Make the key as small as possible. This removes all signatures from
each user ID except for the most recent self-signature.
+ @item change-usage
+ @opindex keyedit:change-usage
+ Change the usage flags (capabilities) of the primary key or of
+ subkeys. These usage flags (e.g. Certify, Sign, Authenticate,
+ Encrypt) are set during key creation. Sometimes it is useful to
+ have the opportunity to change them (for example to add
+ Authenticate) after they have been created. Please take care when
+ doing this; the allowed usage flags depend on the key algorithm.
+
@item cross-certify
@opindex keyedit:cross-certify
Add cross-certification signatures to signing subkeys that may not
@opindex passwd
Change the passphrase of the secret key belonging to the certificate
specified as @var{user-id}. This is a shortcut for the sub-command
-@code{passwd} of the edit key menu.
+@code{passwd} of the edit key menu. When using together with the
+option @option{--dry-run} this will not actually change the passphrase
+but check that the current passphrase is correct.
@end table
@opindex skip-hidden-recipients
@opindex no-skip-hidden-recipients
During decryption skip all anonymous recipients. This option helps in
-the case that people use the hidden recipients feature to hide there
-own encrypt-to key from others. If oneself has many secret keys this
+the case that people use the hidden recipients feature to hide their
+own encrypt-to key from others. If one has many secret keys this
may lead to a major annoyance because all keys are tried in turn to
decrypt something which was not really intended for it. The drawback
of this option is that it is currently not possible to decrypt a
Pinentry the user is not prompted again if he enters a bad password.
@end table
+@item --request-origin @var{origin}
+@opindex request-origin
+Tell gpg to assume that the operation ultimately originated at
+@var{origin}. Depending on the origin certain restrictions are applied
+and the Pinentry may include an extra note on the origin. Supported
+values for @var{origin} are: @code{local} which is the default,
+@code{remote} to indicate a remote origin or @code{browser} for an
+operation requested by a web browser.
+
@item --command-fd @var{n}
@opindex command-fd
This is a replacement for the deprecated shared-memory IPC mode.
@item --default-new-key-algo @var{string}
@opindex default-new-key-algo @var{string}
This option can be used to change the default algorithms for key
-generation. Note that the advanced key generation commands can always
-be used to specify a key algorithm directly. Please consult the
-source code to learn the syntax of @var{string}.
+generation. The @var{string} is similar to the arguments required for
+the command @option{--quick-add-key} but slighly different. For
+example the current default of @code{"rsa2048/cert,sign+rsa2048/encr"}
+(or @code{"rsa3072"}) can be changed to the value of what we currently
+call future default, which is @code{"ed25519/cert,sign+cv25519/encr"}.
+You need to consult the source code to learn the details. Note that
+the advanced key generation commands can always be used to specify a
+key algorithm directly.
@item --allow-secret-key-import
@opindex allow-secret-key-import
@item --export-secret-key-p12 @var{key-id}
@opindex export-secret-key-p12
-Export the private key and the certificate identified by @var{key-id} in
+Export the private key and the certificate identified by @var{key-id}
using the PKCS#12 format. When used with the @code{--armor} option a few
informational lines are prepended to the output. Note, that the PKCS#12
format is not very secure and proper transport security should be used
Pinentry the user is not prompted again if he enters a bad password.
@end table
+@item --request-origin @var{origin}
+@opindex request-origin
+Tell gpgsm to assume that the operation ultimately originated at
+@var{origin}. Depending on the origin certain restrictions are applied
+and the Pinentry may include an extra note on the origin. Supported
+values for @var{origin} are: @code{local} which is the default,
+@code{remote} to indicate a remote origin or @code{browser} for an
+operation requested by a web browser.
+
@item --no-common-certs-import
@opindex no-common-certs-import
Suppress the import of common certificates on keybox creation.
}
}
+ /* Pass on the request origin. */
+ if (opt.request_origin)
+ {
+ char *tmp = xasprintf ("OPTION pretend-request-origin=%s",
+ str_request_origin (opt.request_origin));
+ rc = assuan_transact (agent_ctx, tmp,
+ NULL, NULL, NULL, NULL, NULL, NULL);
+ xfree (tmp);
+ if (rc)
+ {
+ log_error ("setting request origin '%s' failed: %s\n",
+ str_request_origin (opt.request_origin),
+ gpg_strerror (rc));
+ write_status_error ("set_request_origin", rc);
+ }
+ }
+
/* In DE_VS mode under Windows we require that the JENT RNG
* is active. */
#ifdef HAVE_W32_SYSTEM
for (s=hexstr, n=0; hexdigitp (s); s++, n++)
;
- if (*s || (n != 40))
+ if ((*s && *s != ' ') || (n != 40))
return 0; /* no fingerprint (invalid or wrong length). */
- for (s=hexstr, n=0; *s; s += 2, n++)
+ for (s=hexstr, n=0; *s && n < 20; s += 2, n++)
fpr[n] = xtoi_2 (s);
+
return 1; /* okay */
}
parm->extcap.ki = abool;
else if (!strcmp (p, "aac"))
parm->extcap.aac = abool;
+ else if (!strcmp (p, "kdf"))
+ parm->extcap.kdf = abool;
else if (!strcmp (p, "si"))
parm->status_indicator = strtoul (p2, NULL, 10);
}
else if (no == 3)
parm->fpr3time = strtoul (line, NULL, 10);
}
+ else if (keywordlen == 11 && !memcmp (keyword, "KEYPAIRINFO", keywordlen))
+ {
+ const char *hexgrp = line;
+ int no;
+
+ while (*line && !spacep (line))
+ line++;
+ while (spacep (line))
+ line++;
+ if (strncmp (line, "OPENPGP.", 8))
+ ;
+ else if ((no = atoi (line+8)) == 1)
+ unhexify_fpr (hexgrp, parm->grp1);
+ else if (no == 2)
+ unhexify_fpr (hexgrp, parm->grp2);
+ else if (no == 3)
+ unhexify_fpr (hexgrp, parm->grp3);
+ }
else if (keywordlen == 6 && !memcmp (keyword, "CA-FPR", keywordlen))
{
int no = atoi (line);
#ifndef GNUPG_G10_CALL_AGENT_H
#define GNUPG_G10_CALL_AGENT_H
+struct key_attr {
+ int algo; /* Algorithm identifier. */
+ union {
+ unsigned int nbits; /* Supported keysize. */
+ const char *curve; /* Name of curve. */
+ };
+};
struct agent_card_info_s
{
u32 fpr1time;
u32 fpr2time;
u32 fpr3time;
+ char grp1[20]; /* The keygrip for OPENPGP.1 */
+ char grp2[20]; /* The keygrip for OPENPGP.2 */
+ char grp3[20]; /* The keygrip for OPENPGP.3 */
unsigned long sig_counter;
int chv1_cached; /* True if a PIN is not required for each
signing. Note that the gpg-agent might cache
int is_v2; /* True if this is a v2 card. */
int chvmaxlen[3]; /* Maximum allowed length of a CHV. */
int chvretry[3]; /* Allowed retries for the CHV; 0 = blocked. */
- struct { /* Array with key attributes. */
- int algo; /* Algorithm identifier. */
- union {
- unsigned int nbits; /* Supported keysize. */
- const char *curve; /* Name of curve. */
- };
- } key_attr[3];
+ struct key_attr key_attr[3];
struct {
unsigned int ki:1; /* Key import available. */
unsigned int aac:1; /* Algorithm attributes are changeable. */
+ unsigned int kdf:1; /* KDF object to support PIN hashing available. */
} extcap;
unsigned int status_indicator;
};
case 0x1337: return "Warsaw Hackerspace";
case 0x2342: return "warpzone"; /* hackerspace Muenster. */
+ case 0x63AF: return "Trustica";
case 0xBD0E: return "Paranoidlabs";
case 0xF517: return "FSIJ";
static void
+print_keygrip (estream_t fp, const unsigned char *grp)
+{
+ int i;
+
+ if (opt.with_keygrip)
+ {
+ tty_fprintf (fp, " keygrip ....: ");
+ for (i=0; i < 20 ; i++, grp++)
+ es_fprintf (fp, "%02X", *grp);
+ tty_fprintf (fp, "\n");
+ }
+}
+
+
+static void
print_name (estream_t fp, const char *text, const char *name)
{
tty_fprintf (fp, "%s", text);
es_fprintf (fp, "fprtime:%lu:%lu:%lu:\n",
(unsigned long)info.fpr1time, (unsigned long)info.fpr2time,
(unsigned long)info.fpr3time);
+ es_fputs ("grp:", fp);
+ print_sha1_fpr_colon (fp, info.grp1);
+ print_sha1_fpr_colon (fp, info.grp2);
+ print_sha1_fpr_colon (fp, info.grp3);
+ es_putc ('\n', fp);
}
else
{
tty_fprintf (fp, "Signature key ....:");
print_sha1_fpr (fp, info.fpr1valid? info.fpr1:NULL);
if (info.fpr1valid && info.fpr1time)
- tty_fprintf (fp, " created ....: %s\n",
- isotimestamp (info.fpr1time));
+ {
+ tty_fprintf (fp, " created ....: %s\n",
+ isotimestamp (info.fpr1time));
+ print_keygrip (fp, info.grp1);
+ }
tty_fprintf (fp, "Encryption key....:");
print_sha1_fpr (fp, info.fpr2valid? info.fpr2:NULL);
if (info.fpr2valid && info.fpr2time)
- tty_fprintf (fp, " created ....: %s\n",
- isotimestamp (info.fpr2time));
+ {
+ tty_fprintf (fp, " created ....: %s\n",
+ isotimestamp (info.fpr2time));
+ print_keygrip (fp, info.grp2);
+ }
tty_fprintf (fp, "Authentication key:");
print_sha1_fpr (fp, info.fpr3valid? info.fpr3:NULL);
if (info.fpr3valid && info.fpr3time)
- tty_fprintf (fp, " created ....: %s\n",
- isotimestamp (info.fpr3time));
+ {
+ tty_fprintf (fp, " created ....: %s\n",
+ isotimestamp (info.fpr3time));
+ print_keygrip (fp, info.grp2);
+ }
tty_fprintf (fp, "General key info..: ");
thefpr = (info.fpr1valid? info.fpr1 : info.fpr2valid? info.fpr2 :
/* Print all available information for specific card with SERIALNO.
Print all available information for current card when SERIALNO is NULL.
- Or print llfor all cards when SERIALNO is "all". */
+ Or print for all cards when SERIALNO is "all". */
void
card_status (ctrl_t ctrl, estream_t fp, const char *serialno)
{
/* Ask for the size of a card key. NBITS is the current size
- configured for the card. KEYNO is the number of the key used to
- select the prompt. Returns 0 to use the default size (i.e. NBITS)
- or the selected size. */
+ configured for the card. Returns 0 to use the default size
+ (i.e. NBITS) or the selected size. */
static unsigned int
-ask_card_keyattr (int keyno, unsigned int nbits)
+ask_card_rsa_keysize (unsigned int nbits)
{
unsigned int min_nbits = 1024;
unsigned int max_nbits = 4096;
for (;;)
{
- prompt = xasprintf
- (keyno == 0?
- _("What keysize do you want for the Signature key? (%u) "):
- keyno == 1?
- _("What keysize do you want for the Encryption key? (%u) "):
- _("What keysize do you want for the Authentication key? (%u) "),
- nbits);
+ prompt = xasprintf (_("What keysize do you want? (%u) "), nbits);
answer = cpr_get ("cardedit.genkeys.size", prompt);
cpr_kill_prompt ();
req_nbits = *answer? atoi (answer): nbits;
xfree (prompt);
xfree (answer);
- if (req_nbits == 25519)
+ if (req_nbits != nbits && (req_nbits % 32) )
{
- if (req_nbits == nbits)
- return 0; /* Use default. */
-
- tty_printf (_("The card will now be re-configured"
- " to generate a key of type: %s\n"),
- keyno==1? "cv25519":"ed25519");
- show_keysize_warning ();
- return req_nbits;
+ req_nbits = ((req_nbits + 31) / 32) * 32;
+ tty_printf (_("rounded up to %u bits\n"), req_nbits);
}
- else
+
+ if (req_nbits == nbits)
+ return 0; /* Use default. */
+
+ if (req_nbits < min_nbits || req_nbits > max_nbits)
{
- if (req_nbits != nbits && (req_nbits % 32) )
- {
- req_nbits = ((req_nbits + 31) / 32) * 32;
- tty_printf (_("rounded up to %u bits\n"), req_nbits);
- }
+ tty_printf (_("%s keysizes must be in the range %u-%u\n"),
+ "RSA", min_nbits, max_nbits);
+ }
+ else
+ return req_nbits;
+ }
+}
+
+/* Ask for the key attribute of a card key. CURRENT is the current
+ attribute configured for the card. KEYNO is the number of the key
+ used to select the prompt. Returns NULL to use the default
+ attribute or the selected attribute structure. */
+static struct key_attr *
+ask_card_keyattr (int keyno, const struct key_attr *current)
+{
+ struct key_attr *key_attr = NULL;
+ char *answer = NULL;
+ int algo;
+
+ tty_printf (_("Changing card key attribute for: "));
+ if (keyno == 0)
+ tty_printf (_("Signature key\n"));
+ else if (keyno == 1)
+ tty_printf (_("Encryption key\n"));
+ else
+ tty_printf (_("Authentication key\n"));
+
+ tty_printf (_("Please select what kind of key you want:\n"));
+ tty_printf (_(" (%d) RSA\n"), 1 );
+ tty_printf (_(" (%d) ECC\n"), 2 );
- if (req_nbits == nbits)
- return 0; /* Use default. */
+ for (;;)
+ {
+ xfree (answer);
+ answer = cpr_get ("cardedit.genkeys.algo", _("Your selection? "));
+ cpr_kill_prompt ();
+ algo = *answer? atoi (answer) : 0;
+
+ if (!*answer || algo == 1 || algo == 2)
+ break;
+ else
+ tty_printf (_("Invalid selection.\n"));
+ }
+
+ if (algo == 0)
+ goto leave;
+
+ key_attr = xmalloc (sizeof (struct key_attr));
+
+ if (algo == 1)
+ {
+ unsigned int nbits, result_nbits;
+
+ if (current->algo == PUBKEY_ALGO_RSA)
+ nbits = current->nbits;
+ else
+ nbits = 2048;
- if (req_nbits < min_nbits || req_nbits > max_nbits)
+ result_nbits = ask_card_rsa_keysize (nbits);
+ if (result_nbits == 0)
+ {
+ if (current->algo == PUBKEY_ALGO_RSA)
{
- tty_printf (_("%s keysizes must be in the range %u-%u\n"),
- "RSA", min_nbits, max_nbits);
+ xfree (key_attr);
+ key_attr = NULL;
}
else
- {
- tty_printf (_("The card will now be re-configured"
- " to generate a key of %u bits\n"), req_nbits);
- show_keysize_warning ();
- return req_nbits;
- }
+ result_nbits = nbits;
+ }
+
+ if (key_attr)
+ {
+ key_attr->algo = PUBKEY_ALGO_RSA;
+ key_attr->nbits = result_nbits;
+ }
+ }
+ else
+ {
+ const char *curve;
+ const char *oid_str;
+
+ if (current->algo == PUBKEY_ALGO_RSA)
+ {
+ if (keyno == 1)
+ /* Encryption key */
+ algo = PUBKEY_ALGO_ECDH;
+ else /* Signature key or Authentication key */
+ algo = PUBKEY_ALGO_ECDSA;
+ curve = NULL;
+ }
+ else
+ {
+ algo = current->algo;
+ curve = current->curve;
+ }
+
+ curve = ask_curve (&algo, NULL, curve);
+ if (curve)
+ {
+ key_attr->algo = algo;
+ oid_str = openpgp_curve_to_oid (curve, NULL);
+ key_attr->curve = openpgp_oid_to_curve (oid_str, 0);
+ }
+ else
+ {
+ xfree (key_attr);
+ key_attr = NULL;
}
}
+
+ leave:
+ if (key_attr)
+ {
+ if (key_attr->algo == PUBKEY_ALGO_RSA)
+ tty_printf (_("The card will now be re-configured"
+ " to generate a key of %u bits\n"), key_attr->nbits);
+ else if (key_attr->algo == PUBKEY_ALGO_ECDH
+ || key_attr->algo == PUBKEY_ALGO_ECDSA
+ || key_attr->algo == PUBKEY_ALGO_EDDSA)
+ tty_printf (_("The card will now be re-configured"
+ " to generate a key of type: %s\n"), key_attr->curve),
+
+ show_keysize_warning ();
+ }
+
+ return key_attr;
}
-/* Change the size of key KEYNO (0..2) to NBITS and show an error
- * message if that fails. Using the magic value 25519 for NBITS
- * switches to ed25519 or cv25519 depending on the KEYNO. */
+
+/* Change the key attribute of key KEYNO (0..2) and show an error
+ * message if that fails. */
static gpg_error_t
-do_change_keyattr (int keyno, unsigned int nbits)
+do_change_keyattr (int keyno, const struct key_attr *key_attr)
{
- gpg_error_t err;
+ gpg_error_t err = 0;
char args[100];
- if (nbits == 25519)
+ if (key_attr->algo == PUBKEY_ALGO_RSA)
+ snprintf (args, sizeof args, "--force %d 1 rsa%u", keyno+1,
+ key_attr->nbits);
+ else if (key_attr->algo == PUBKEY_ALGO_ECDH
+ || key_attr->algo == PUBKEY_ALGO_ECDSA
+ || key_attr->algo == PUBKEY_ALGO_EDDSA)
snprintf (args, sizeof args, "--force %d %d %s",
- keyno+1,
- keyno == 1? PUBKEY_ALGO_ECDH : PUBKEY_ALGO_EDDSA,
- keyno == 1? "cv25519" : "ed25519");
+ keyno+1, key_attr->algo, key_attr->curve);
else
- snprintf (args, sizeof args, "--force %d 1 rsa%u", keyno+1, nbits);
+ {
+ log_error (_("public key algorithm %d (%s) is not supported\n"),
+ key_attr->algo, gcry_pk_algo_name (key_attr->algo));
+ return gpg_error (GPG_ERR_PUBKEY_ALGO);
+ }
+
err = agent_scd_setattr ("KEY-ATTR", args, strlen (args), NULL);
if (err)
- log_error (_("error changing size of key %d to %u bits: %s\n"),
- keyno+1, nbits, gpg_strerror (err));
+ log_error (_("error changing key attribute for key %d: %s\n"),
+ keyno+1, gpg_strerror (err));
return err;
}
static void
+key_attr (void)
+{
+ struct agent_card_info_s info;
+ gpg_error_t err;
+ int keyno;
+
+ err = get_info_for_key_operation (&info);
+ if (err)
+ {
+ log_error (_("error getting card info: %s\n"), gpg_strerror (err));
+ return;
+ }
+
+ if (!(info.is_v2 && info.extcap.aac))
+ {
+ log_error (_("This command is not supported by this card\n"));
+ goto leave;
+ }
+
+ for (keyno = 0; keyno < DIM (info.key_attr); keyno++)
+ {
+ struct key_attr *key_attr;
+
+ if ((key_attr = ask_card_keyattr (keyno, &info.key_attr[keyno])))
+ {
+ err = do_change_keyattr (keyno, key_attr);
+ xfree (key_attr);
+ if (err)
+ {
+ /* Error: Better read the default key attribute again. */
+ agent_release_card_info (&info);
+ if (get_info_for_key_operation (&info))
+ goto leave;
+ /* Ask again for this key. */
+ keyno--;
+ }
+ }
+ }
+
+ leave:
+ agent_release_card_info (&info);
+}
+
+
+static void
generate_card_keys (ctrl_t ctrl)
{
struct agent_card_info_s info;
int forced_chv1;
int want_backup;
- int keyno;
if (get_info_for_key_operation (&info))
return;
tty_printf ("\n");
}
+
if (check_pin_for_key_operation (&info, &forced_chv1))
goto leave;
- /* If the cards features changeable key attributes, we ask for the
- key size. */
- if (info.is_v2 && info.extcap.aac)
- {
- unsigned int nbits;
-
- for (keyno = 0; keyno < DIM (info.key_attr); keyno++)
- {
- if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA
- || info.key_attr[keyno].algo == PUBKEY_ALGO_ECDH
- || info.key_attr[keyno].algo == PUBKEY_ALGO_EDDSA)
- {
- if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA)
- nbits = ask_card_keyattr (keyno, info.key_attr[keyno].nbits);
- else
- nbits = ask_card_keyattr (keyno, 25519 /* magic */);
-
- if (nbits && do_change_keyattr (keyno, nbits))
- {
- /* Error: Better read the default key size again. */
- agent_release_card_info (&info);
- if (get_info_for_key_operation (&info))
- goto leave;
- /* Ask again for this key size. */
- keyno--;
- }
- }
- }
- /* Note that INFO has not be synced. However we will only use
- the serialnumber and thus it won't harm. */
- }
-
generate_keypair (ctrl, 1, NULL, info.serialno, want_backup);
leave:
if (err)
goto leave;
- /* If the cards features changeable key attributes, we ask for the
- key size. */
- if (info.is_v2 && info.extcap.aac)
- {
- if (info.key_attr[keyno-1].algo == PUBKEY_ALGO_RSA
- || info.key_attr[keyno].algo == PUBKEY_ALGO_ECDH
- || info.key_attr[keyno].algo == PUBKEY_ALGO_EDDSA)
- {
- unsigned int nbits;
-
- ask_again:
- if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA)
- nbits = ask_card_keyattr (keyno-1, info.key_attr[keyno-1].nbits);
- else
- nbits = ask_card_keyattr (keyno-1, 25519);
-
- if (nbits && do_change_keyattr (keyno-1, nbits))
- {
- /* Error: Better read the default key size again. */
- agent_release_card_info (&info);
- err = get_info_for_key_operation (&info);
- if (err)
- goto leave;
- goto ask_again;
- }
- }
- /* Note that INFO has not be synced. However we will only use
- the serialnumber and thus it won't harm. */
- }
-
err = generate_card_subkeypair (ctrl, pub_keyblock, keyno, info.serialno);
leave:
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
scd apdu 00 44 00 00
+ scd reset
/echo Card has been reset to factory defaults
but tries to find out something about the card first.
else if (err)
{
log_error (_("OpenPGP card not available: %s\n"), gpg_strerror (err));
- return;
+ goto leave;
}
if (!termstate)
command because there is no machinery in scdaemon to catch
the verify command and ask for the PIN when the "APDU"
command is used. */
+ /* Here, the length of dummy wrong PIN is 32-byte, also
+ supporting authentication with KDF DO. */
for (i=0; i < 4; i++)
- send_apdu ("00200081084040404040404040", "VERIFY", 0xffff);
+ send_apdu ("0020008120"
+ "40404040404040404040404040404040"
+ "40404040404040404040404040404040", "VERIFY", 0xffff);
for (i=0; i < 4; i++)
- send_apdu ("00200083084040404040404040", "VERIFY", 0xffff);
+ send_apdu ("0020008320"
+ "40404040404040404040404040404040"
+ "40404040404040404040404040404040", "VERIFY", 0xffff);
/* Send terminate datafile command. */
err = send_apdu ("00e60000", "TERMINATE DF", 0x6985);
/* Finally we reset the card reader once more. */
err = send_apdu (NULL, "RESET", 0);
- if (err)
- goto leave;
+
+ /* Then, connect the card again. */
+ if (!err)
+ {
+ char *serialno0;
+
+ err = agent_scd_serialno (&serialno0, NULL);
+ if (!err)
+ xfree (serialno0);
+ }
leave:
xfree (answer);
}
+#define USER_PIN_DEFAULT "123456"
+#define ADMIN_PIN_DEFAULT "12345678"
+#define KDF_DATA_LENGTH_MIN 90
+#define KDF_DATA_LENGTH_MAX 110
+
+/* Generate KDF data. */
+static gpg_error_t
+gen_kdf_data (unsigned char *data, int single_salt)
+{
+ const unsigned char h0[] = { 0x81, 0x01, 0x03,
+ 0x82, 0x01, 0x08,
+ 0x83, 0x04 };
+ const unsigned char h1[] = { 0x84, 0x08 };
+ const unsigned char h2[] = { 0x85, 0x08 };
+ const unsigned char h3[] = { 0x86, 0x08 };
+ const unsigned char h4[] = { 0x87, 0x20 };
+ const unsigned char h5[] = { 0x88, 0x20 };
+ unsigned char *p, *salt_user, *salt_admin;
+ unsigned char s2k_char;
+ unsigned int iterations;
+ unsigned char count_4byte[4];
+ gpg_error_t err = 0;
+
+ p = data;
+
+ s2k_char = encode_s2k_iterations (0);
+ iterations = S2K_DECODE_COUNT (s2k_char);
+ count_4byte[0] = (iterations >> 24) & 0xff;
+ count_4byte[1] = (iterations >> 16) & 0xff;
+ count_4byte[2] = (iterations >> 8) & 0xff;
+ count_4byte[3] = (iterations & 0xff);
+
+ memcpy (p, h0, sizeof h0);
+ p += sizeof h0;
+ memcpy (p, count_4byte, sizeof count_4byte);
+ p += sizeof count_4byte;
+ memcpy (p, h1, sizeof h1);
+ salt_user = (p += sizeof h1);
+ gcry_randomize (p, 8, GCRY_STRONG_RANDOM);
+ p += 8;
+
+ if (single_salt)
+ salt_admin = salt_user;
+ else
+ {
+ memcpy (p, h2, sizeof h2);
+ p += sizeof h2;
+ gcry_randomize (p, 8, GCRY_STRONG_RANDOM);
+ p += 8;
+ memcpy (p, h3, sizeof h3);
+ salt_admin = (p += sizeof h3);
+ gcry_randomize (p, 8, GCRY_STRONG_RANDOM);
+ p += 8;
+ }
+
+ memcpy (p, h4, sizeof h4);
+ p += sizeof h4;
+ err = gcry_kdf_derive (USER_PIN_DEFAULT, strlen (USER_PIN_DEFAULT),
+ GCRY_KDF_ITERSALTED_S2K, DIGEST_ALGO_SHA256,
+ salt_user, 8, iterations, 32, p);
+ p += 32;
+ if (!err)
+ {
+ memcpy (p, h5, sizeof h5);
+ p += sizeof h5;
+ err = gcry_kdf_derive (ADMIN_PIN_DEFAULT, strlen (ADMIN_PIN_DEFAULT),
+ GCRY_KDF_ITERSALTED_S2K, DIGEST_ALGO_SHA256,
+ salt_admin, 8, iterations, 32, p);
+ }
+
+ return err;
+}
+
+/* Setup KDF data object which is used for PIN authentication. */
+static void
+kdf_setup (const char *args)
+{
+ struct agent_card_info_s info;
+ gpg_error_t err;
+ unsigned char kdf_data[KDF_DATA_LENGTH_MAX];
+ int single = (*args != 0);
+
+ memset (&info, 0, sizeof info);
+
+ err = agent_scd_getattr ("EXTCAP", &info);
+ if (err)
+ {
+ log_error (_("error getting card info: %s\n"), gpg_strerror (err));
+ return;
+ }
+
+ if (!info.extcap.kdf)
+ {
+ log_error (_("This command is not supported by this card\n"));
+ goto leave;
+ }
+
+ err = gen_kdf_data (kdf_data, single);
+ if (err)
+ goto leave_error;
+
+ err = agent_scd_setattr ("KDF", kdf_data,
+ single ? KDF_DATA_LENGTH_MIN : KDF_DATA_LENGTH_MAX,
+ NULL);
+ if (err)
+ goto leave_error;
+
+ err = agent_scd_getattr ("KDF", &info);
+
+ leave_error:
+ if (err)
+ log_error (_("error for setup KDF: %s\n"), gpg_strerror (err));
+
+ leave:
+ agent_release_card_info (&info);
+}
\f
/* Data used by the command parser. This needs to be outside of the
function scope to allow readline based command completion. */
cmdQUIT, cmdADMIN, cmdHELP, cmdLIST, cmdDEBUG, cmdVERIFY,
cmdNAME, cmdURL, cmdFETCH, cmdLOGIN, cmdLANG, cmdSEX, cmdCAFPR,
cmdFORCESIG, cmdGENERATE, cmdPASSWD, cmdPRIVATEDO, cmdWRITECERT,
- cmdREADCERT, cmdUNBLOCK, cmdFACTORYRESET,
+ cmdREADCERT, cmdUNBLOCK, cmdFACTORYRESET, cmdKDFSETUP,
+ cmdKEYATTR,
cmdINVCMD
};
{ "verify" , cmdVERIFY, 0, N_("verify the PIN and list all data")},
{ "unblock" , cmdUNBLOCK,0, N_("unblock the PIN using a Reset Code") },
{ "factory-reset", cmdFACTORYRESET, 1, N_("destroy all keys and data")},
+ { "kdf-setup", cmdKDFSETUP, 1, N_("setup KDF for PIN authentication")},
+ { "key-attr", cmdKEYATTR, 1, N_("change the key attribute")},
/* Note, that we do not announce these command yet. */
{ "privatedo", cmdPRIVATEDO, 0, NULL },
{ "readcert", cmdREADCERT, 0, NULL },
factory_reset ();
break;
+ case cmdKDFSETUP:
+ kdf_setup (arg_string);
+ break;
+
+ case cmdKEYATTR:
+ key_attr ();
+ break;
+
case cmdQUIT:
goto leave;
void
write_status_failure (const char *where, gpg_error_t err)
{
+ static int any_failure_printed;
+
if (!statusfp || !status_currently_allowed (STATUS_FAILURE))
return; /* Not enabled or allowed. */
-
+ if (any_failure_printed)
+ return;
+ any_failure_printed = 1;
es_fprintf (statusfp, "[GNUPG:] %s %s %u\n",
get_status_string (STATUS_FAILURE), where, err);
if (es_fflush (statusfp) && opt.exit_on_status_write_error)
ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
: KEYDB_SEARCH_MODE_FPR20;
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
+ if (pk)
+ ctx.req_usage = pk->req_usage;
rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
if (!rc && pk)
pk_from_block (pk, kb, found_key);
oDisableSignerUID,
oSender,
oKeyOrigin,
+ oRequestOrigin,
oNoop
};
ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"),
ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"),
+ ARGPARSE_s_s (oRequestOrigin, "request-origin", "@"),
ARGPARSE_s_i (oCommandFD, "command-fd", "@"),
ARGPARSE_s_s (oCommandFile, "command-file", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
wrong_args( const char *text)
{
es_fprintf (es_stderr, _("usage: %s [options] %s\n"), GPG_NAME, text);
+ log_inc_errorcount ();
g10_exit(2);
}
log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
break;
+ case oRequestOrigin:
+ opt.request_origin = parse_request_origin (pargs.r.ret_str);
+ if (opt.request_origin == -1)
+ log_error (_("invalid request origin '%s'\n"), pargs.r.ret_str);
+ break;
+
case oCommandFD:
opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
if (! gnupg_fd_valid (opt.command_fd))
- log_fatal ("command-fd is invalid: %s\n", strerror (errno));
+ log_error ("command-fd is invalid: %s\n", strerror (errno));
break;
case oCommandFile:
opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1);
case oNoop: break;
default:
- pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
+ if (configfp)
+ pargs.err = ARGPARSE_PRINT_WARNING;
+ else
+ {
+ pargs.err = ARGPARSE_PRINT_ERROR;
+ /* The argparse fucntion calls a plain exit and thus
+ * we need to print a status here. */
+ write_status_failure ("option-parser",
+ gpg_error(GPG_ERR_GENERAL));
+ }
break;
}
}
}
xfree(configname); configname = NULL;
if (log_get_errorcount (0))
- g10_exit(2);
+ {
+ write_status_failure ("option-parser", gpg_error(GPG_ERR_GENERAL));
+ g10_exit(2);
+ }
/* The command --gpgconf-list is pretty simple and may be called
directly after the option parsing. */
"--print-pks-records",
"--export-options export-pka");
if (log_get_errorcount (0))
- g10_exit(2);
+ {
+ write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL));
+ g10_exit(2);
+ }
if( nogreeting )
{
log_info(_("will not run with insecure memory due to %s\n"),
"--require-secmem");
+ write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL));
g10_exit(2);
}
}
if( log_get_errorcount(0) )
- g10_exit(2);
+ {
+ write_status_failure ("option-postprocessing",
+ gpg_error(GPG_ERR_GENERAL));
+ g10_exit (2);
+ }
if(opt.compress_level==0)
opt.compress_algo=COMPRESS_ALGO_NONE;
/* Fail hard. */
if (log_get_errorcount (0))
+ {
+ write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL));
g10_exit (2);
+ }
/* Set the random seed file. */
if( use_random_seed ) {
hd = keydb_new ();
if (! hd)
- g10_exit (1);
+ {
+ write_status_failure ("tofu-driver", gpg_error(GPG_ERR_GENERAL));
+ g10_exit (1);
+ }
tofu_begin_batch_update (ctrl);
{
log_error (_("error parsing key specification '%s': %s\n"),
argv[i], gpg_strerror (rc));
+ write_status_failure ("tofu-driver", rc);
g10_exit (1);
}
log_error (_("'%s' does not appear to be a valid"
" key ID, fingerprint or keygrip\n"),
argv[i]);
+ write_status_failure ("tofu-driver",
+ gpg_error(GPG_ERR_GENERAL));
g10_exit (1);
}
the string. */
log_error ("keydb_search_reset failed: %s\n",
gpg_strerror (rc));
+ write_status_failure ("tofu-driver", rc);
g10_exit (1);
}
{
log_error (_("key \"%s\" not found: %s\n"), argv[i],
gpg_strerror (rc));
+ write_status_failure ("tofu-driver", rc);
g10_exit (1);
}
{
log_error (_("error reading keyblock: %s\n"),
gpg_strerror (rc));
+ write_status_failure ("tofu-driver", rc);
g10_exit (1);
}
merge_keys_and_selfsig (ctrl, kb);
if (tofu_set_policy (ctrl, kb, policy))
- g10_exit (1);
+ {
+ write_status_failure ("tofu-driver", rc);
+ g10_exit (1);
+ }
release_kbnode (kb);
}
void
g10_exit( int rc )
{
+ /* If we had an error but not printed an error message, do it now.
+ * Note that write_status_failure will never print a second failure
+ * status line. */
+ if (log_get_errorcount (0))
+ write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL));
+
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
if (DBG_CLOCK)
log_clock ("stop");
correct value and may be of advantage if we ever have to do
special things. */
+#ifdef HAVE_W32_SYSTEM
+# define WIN32_LEAN_AND_MEAN 1
+#endif
+
#ifdef GPG_ERR_SOURCE_DEFAULT
#error GPG_ERR_SOURCE_DEFAULT already defined
#endif
#include "../common/util.h"
#include "packet.h"
-/* What qualifies as a certification (rather than a signature?) */
+/* What qualifies as a certification (key-signature in contrast to a
+ * data signature)? Note that a back signature is special and can be
+ * made by key and data signatures capable subkeys.) */
#define IS_CERT(s) (IS_KEY_SIG(s) || IS_UID_SIG(s) || IS_SUBKEY_SIG(s) \
|| IS_KEY_REV(s) || IS_UID_REV(s) || IS_SUBKEY_REV(s))
#define IS_SIG(s) (!IS_CERT(s))
#define IS_KEY_SIG(s) ((s)->sig_class == 0x1f)
#define IS_UID_SIG(s) (((s)->sig_class & ~3) == 0x10)
#define IS_SUBKEY_SIG(s) ((s)->sig_class == 0x18)
+#define IS_BACK_SIG(s) ((s)->sig_class == 0x19)
#define IS_KEY_REV(s) ((s)->sig_class == 0x20)
#define IS_UID_REV(s) ((s)->sig_class == 0x30)
#define IS_SUBKEY_REV(s) ((s)->sig_class == 0x28)
if (err)
goto leave;
+ /* Note that when using --dry-run we don't change the
+ * passphrase but merely verify the current passphrase. */
desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1);
- err = agent_passwd (ctrl, hexgrip, desc, 0,
+ err = agent_passwd (ctrl, hexgrip, desc, !!opt.dry_run,
&cache_nonce, &passwd_nonce);
xfree (desc);
return 0;
}
else if (n1)
- tty_printf ("Changing usage of a subkey.\n");
+ tty_printf (_("Changing usage of a subkey.\n"));
else
{
- tty_printf ("Changing usage of the primary key.\n");
+ tty_printf (_("Changing usage of the primary key.\n"));
mainkey = 1;
}
if ((mainkey && main_pk->version < 4)
|| (!mainkey && sub_pk->version < 4))
{
+ /* Note: This won't happen because we don't support
+ * v3 keys anymore. */
log_info ("You can't change the capabilities of a v3 key\n");
return 0;
}
if (rc)
{
log_error ("make_keysig_packet failed: %s\n",
- gpg_strerror (rc));
+ gpg_strerror (rc));
return 0;
}
const char *algostr, const char *usagestr,
const char *expirestr,
int *r_algo, unsigned int *r_usage,
- u32 *r_expire,
- unsigned int *r_nbits, char **r_curve);
+ u32 *r_expire, unsigned int *r_nbits,
+ const char **r_curve);
static void do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
struct output_control_s *outctrl, int card );
static int write_keyblock (iobuf_t out, kbnode_t node);
/* Ask for the curve. ALGO is the selected algorithm which this
- function may adjust. Returns a malloced string with the name of
- the curve. BOTH tells that gpg creates a primary and subkey. */
-static char *
-ask_curve (int *algo, int *subkey_algo)
+ function may adjust. Returns a const string of the name of the
+ curve. */
+const char *
+ask_curve (int *algo, int *subkey_algo, const char *current)
{
/* NB: We always use a complete algo list so that we have stable
numbers in the menu regardless on how Gpg was configured. */
#undef MY_USE_ECDSADH
int idx;
char *answer;
- char *result = NULL;
+ const char *result = NULL;
gcry_sexp_t keyparms;
tty_printf (_("Please select which elliptic curve you want:\n"));
answer = cpr_get ("keygen.curve", _("Your selection? "));
cpr_kill_prompt ();
idx = *answer? atoi (answer) : 1;
- if (*answer && !idx)
+ if (!*answer && current)
+ {
+ xfree(answer);
+ return NULL;
+ }
+ else if (*answer && !idx)
{
/* See whether the user entered the name of the curve. */
for (idx=0; idx < DIM(curves); idx++)
if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
*subkey_algo = PUBKEY_ALGO_EDDSA;
*algo = PUBKEY_ALGO_EDDSA;
- result = xstrdup (curves[idx].eddsa_curve);
+ result = curves[idx].eddsa_curve;
}
else
- result = xstrdup (curves[idx].name);
+ result = curves[idx].name;
break;
}
}
if (!result)
- result = xstrdup (curves[0].name);
+ result = curves[0].name;
return result;
}
unsigned int use;
u32 expire;
unsigned int nbits;
- char *curve;
+ const char *curve;
err = parse_algo_usage_expire (ctrl, 0, algostr, usagestr, expirestr,
&algo, &use, &expire, &nbits, &curve);
}
else
{
- char *curve = NULL;
+ const char *curve = NULL;
if (subkey_algo)
{
|| algo == PUBKEY_ALGO_EDDSA
|| algo == PUBKEY_ALGO_ECDH)
{
- curve = ask_curve (&algo, &subkey_algo);
+ curve = ask_curve (&algo, &subkey_algo, NULL);
r = xmalloc_clear( sizeof *r + 20 );
r->key = pKEYTYPE;
sprintf( r->u.value, "%d", algo);
{
/* Need to switch to a different curve for the
encryption key. */
- xfree (curve);
- curve = xstrdup ("Curve25519");
+ curve = "Curve25519";
}
r = xmalloc_clear (sizeof *r + strlen (curve));
r->key = pSUBKEYCURVE;
|| algo == PUBKEY_ALGO_EDDSA
|| algo == PUBKEY_ALGO_ECDH)
{
- curve = ask_curve (&algo, NULL);
+ curve = ask_curve (&algo, NULL, NULL);
r = xmalloc_clear (sizeof *r + strlen (curve));
r->key = pKEYCURVE;
strcpy (r->u.value, curve);
r->next = para;
para = r;
}
-
- xfree (curve);
}
}
else /* Default key generation. */
const char *algostr, const char *usagestr,
const char *expirestr,
int *r_algo, unsigned int *r_usage, u32 *r_expire,
- unsigned int *r_nbits, char **r_curve)
+ unsigned int *r_nbits, const char **r_curve)
{
gpg_error_t err;
int algo;
return gpg_error (GPG_ERR_INV_VALUE);
if (curve)
- {
- *r_curve = xtrystrdup (curve);
- if (!*r_curve)
- return gpg_error_from_syserror ();
- }
+ *r_curve = curve;
*r_algo = algo;
*r_usage = use;
*r_expire = expire;
unsigned int use;
u32 expire;
unsigned int nbits = 0;
- char *curve = NULL;
+ const char *curve = NULL;
u32 cur_time;
char *key_from_hexgrip = NULL;
char *hexgrip = NULL;
else if (algo == PUBKEY_ALGO_ECDSA
|| algo == PUBKEY_ALGO_EDDSA
|| algo == PUBKEY_ALGO_ECDH)
- curve = ask_curve (&algo, NULL);
+ curve = ask_curve (&algo, NULL, NULL);
else
nbits = ask_keysize (algo, 0);
leave:
xfree (key_from_hexgrip);
- xfree (curve);
xfree (hexgrip);
xfree (serialno);
xfree (cache_nonce);
u32 ask_expire_interval(int object,const char *def_expire);
u32 ask_expiredate(void);
unsigned int ask_key_flags (int algo, int subkey, unsigned int current);
+const char *ask_curve (int *algo, int *subkey_algo, const char *current);
void quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
const char *usagestr, const char *expirestr);
void generate_keypair (ctrl_t ctrl, int full, const char *fname,
#include <time.h>
#include <process.h>
#ifdef HAVE_WINSOCK2_H
+# define WIN32_LEAN_AND_MEAN 1
# include <winsock2.h>
#endif
#include <windows.h>
int passphrase_repeat;
int pinentry_mode;
+ int request_origin;
int unwrap_encryption;
int only_sign_text_ids;
}
-/* Read PKTLEN bytes form INP and return them in a newly allocated
- buffer. In case of an error (including reading fewer than PKTLEN
- bytes from INP before EOF is returned), NULL is returned and an
- error message is logged. */
+/* Read PKTLEN bytes from INP and return them in a newly allocated
+ * buffer. In case of an error (including reading fewer than PKTLEN
+ * bytes from INP before EOF is returned), NULL is returned and an
+ * error message is logged. */
static void *
read_rest (IOBUF inp, size_t pktlen)
{
}
if (buflen < n)
goto too_short;
+ if (!buflen)
+ goto no_type_byte;
type = *buffer;
if (type & 0x80)
{
if (start)
*start = -1;
return NULL;
+
+ no_type_byte:
+ if (opt.verbose)
+ log_info ("type octet missing in subpacket\n");
+ if (start)
+ *start = -1;
+ return NULL;
}
PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
int *r_expired, int *r_revoked, PKT_public_key **r_pk)
{
- int rc=0;
- PKT_public_key *pk;
-
- if (r_expiredate)
- *r_expiredate = 0;
- if (r_expired)
- *r_expired = 0;
- if (r_revoked)
- *r_revoked = 0;
- if (r_pk)
- *r_pk = NULL;
-
- pk = xtrycalloc (1, sizeof *pk);
- if (!pk)
- return gpg_error_from_syserror ();
-
- if ( (rc=openpgp_md_test_algo(sig->digest_algo)) )
- ; /* We don't have this digest. */
- else if (! gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo))
- {
- /* Compliance failure. */
- log_info (_("digest algorithm '%s' may not be used in %s mode\n"),
- gcry_md_algo_name (sig->digest_algo),
- gnupg_compliance_option_string (opt.compliance));
- rc = gpg_error (GPG_ERR_DIGEST_ALGO);
- }
- else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo)))
- ; /* We don't have this pubkey algo. */
- else if (!gcry_md_is_enabled (digest,sig->digest_algo))
- {
- /* Sanity check that the md has a context for the hash that the
- sig is expecting. This can happen if a onepass sig header does
- not match the actual sig, and also if the clearsign "Hash:"
- header is missing or does not match the actual sig. */
+ int rc=0;
+ PKT_public_key *pk;
- log_info(_("WARNING: signature digest conflict in message\n"));
- rc = gpg_error (GPG_ERR_GENERAL);
- }
- else if( get_pubkey (ctrl, pk, sig->keyid ) )
- rc = gpg_error (GPG_ERR_NO_PUBKEY);
- else if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION,
- pk->pubkey_algo, pk->pkey,
- nbits_from_pk (pk),
- NULL))
- {
- /* Compliance failure. */
- log_error (_("key %s may not be used for signing in %s mode\n"),
- keystr_from_pk (pk),
- gnupg_compliance_option_string (opt.compliance));
- rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
- }
- else if(!pk->flags.valid)
- {
- /* You cannot have a good sig from an invalid key. */
- rc = gpg_error (GPG_ERR_BAD_PUBKEY);
- }
- else
- {
- if(r_expiredate)
- *r_expiredate = pk->expiredate;
-
- rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL);
-
- /* Check the backsig. This is a 0x19 signature from the
- subkey on the primary key. The idea here is that it should
- not be possible for someone to "steal" subkeys and claim
- them as their own. The attacker couldn't actually use the
- subkey, but they could try and claim ownership of any
- signatures issued by it. */
- if (!rc && !pk->flags.primary && pk->flags.backsig < 2)
- {
- if (!pk->flags.backsig)
- {
- log_info(_("WARNING: signing subkey %s is not"
- " cross-certified\n"),keystr_from_pk(pk));
- log_info(_("please see %s for more information\n"),
- "https://gnupg.org/faq/subkey-cross-certify.html");
- /* --require-cross-certification makes this warning an
- error. TODO: change the default to require this
- after more keys have backsigs. */
- if(opt.flags.require_cross_cert)
- rc = gpg_error (GPG_ERR_GENERAL);
- }
- else if(pk->flags.backsig == 1)
- {
- log_info(_("WARNING: signing subkey %s has an invalid"
- " cross-certification\n"),keystr_from_pk(pk));
- rc = gpg_error (GPG_ERR_GENERAL);
- }
- }
+ if (r_expiredate)
+ *r_expiredate = 0;
+ if (r_expired)
+ *r_expired = 0;
+ if (r_revoked)
+ *r_revoked = 0;
+ if (r_pk)
+ *r_pk = NULL;
- }
+ pk = xtrycalloc (1, sizeof *pk);
+ if (!pk)
+ return gpg_error_from_syserror ();
- if( !rc && sig->sig_class < 2 && is_status_enabled() ) {
- /* This signature id works best with DLP algorithms because
- * they use a random parameter for every signature. Instead of
- * this sig-id we could have also used the hash of the document
- * and the timestamp, but the drawback of this is, that it is
- * not possible to sign more than one identical document within
- * one second. Some remote batch processing applications might
- * like this feature here.
- *
- * Note that before 2.0.10, we used RIPE-MD160 for the hash
- * and accidentally didn't include the timestamp and algorithm
- * information in the hash. Given that this feature is not
- * commonly used and that a replay attacks detection should
- * not solely be based on this feature (because it does not
- * work with RSA), we take the freedom and switch to SHA-1
- * with 2.0.10 to take advantage of hardware supported SHA-1
- * implementations. We also include the missing information
- * in the hash. Note also the SIG_ID as computed by gpg 1.x
- * and gpg 2.x didn't matched either because 2.x used to print
- * MPIs not in PGP format. */
- u32 a = sig->timestamp;
- int nsig = pubkey_get_nsig( sig->pubkey_algo );
- unsigned char *p, *buffer;
- size_t n, nbytes;
- int i;
- char hashbuf[20];
-
- nbytes = 6;
- for (i=0; i < nsig; i++ )
- {
- if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i]))
- BUG();
- nbytes += n;
- }
+ if ((rc=openpgp_md_test_algo(sig->digest_algo)))
+ {
+ /* We don't have this digest. */
+ }
+ else if (!gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo))
+ {
+ /* Compliance failure. */
+ log_info (_("digest algorithm '%s' may not be used in %s mode\n"),
+ gcry_md_algo_name (sig->digest_algo),
+ gnupg_compliance_option_string (opt.compliance));
+ rc = gpg_error (GPG_ERR_DIGEST_ALGO);
+ }
+ else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo)))
+ {
+ /* We don't have this pubkey algo. */
+ }
+ else if (!gcry_md_is_enabled (digest,sig->digest_algo))
+ {
+ /* Sanity check that the md has a context for the hash that the
+ * sig is expecting. This can happen if a onepass sig header
+ * does not match the actual sig, and also if the clearsign
+ * "Hash:" header is missing or does not match the actual sig. */
+ log_info(_("WARNING: signature digest conflict in message\n"));
+ rc = gpg_error (GPG_ERR_GENERAL);
+ }
+ else if (get_pubkey (ctrl, pk, sig->keyid))
+ rc = gpg_error (GPG_ERR_NO_PUBKEY);
+ else if (!gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION,
+ pk->pubkey_algo, pk->pkey,
+ nbits_from_pk (pk),
+ NULL))
+ {
+ /* Compliance failure. */
+ log_error (_("key %s may not be used for signing in %s mode\n"),
+ keystr_from_pk (pk),
+ gnupg_compliance_option_string (opt.compliance));
+ rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
+ }
+ else if (!pk->flags.valid)
+ {
+ /* You cannot have a good sig from an invalid key. */
+ rc = gpg_error (GPG_ERR_BAD_PUBKEY);
+ }
+ else
+ {
+ if (r_expiredate)
+ *r_expiredate = pk->expiredate;
+
+ rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL);
+
+ /* Check the backsig. This is a back signature (0x19) from
+ * the subkey on the primary key. The idea here is that it
+ * should not be possible for someone to "steal" subkeys and
+ * claim them as their own. The attacker couldn't actually
+ * use the subkey, but they could try and claim ownership of
+ * any signatures issued by it. */
+ if (!rc && !pk->flags.primary && pk->flags.backsig < 2)
+ {
+ if (!pk->flags.backsig)
+ {
+ log_info (_("WARNING: signing subkey %s is not"
+ " cross-certified\n"),keystr_from_pk(pk));
+ log_info (_("please see %s for more information\n"),
+ "https://gnupg.org/faq/subkey-cross-certify.html");
+ /* The default option --require-cross-certification
+ * makes this warning an error. */
+ if (opt.flags.require_cross_cert)
+ rc = gpg_error (GPG_ERR_GENERAL);
+ }
+ else if(pk->flags.backsig == 1)
+ {
+ log_info (_("WARNING: signing subkey %s has an invalid"
+ " cross-certification\n"), keystr_from_pk(pk));
+ rc = gpg_error (GPG_ERR_GENERAL);
+ }
+ }
- /* Make buffer large enough to be later used as output buffer. */
- if (nbytes < 100)
- nbytes = 100;
- nbytes += 10; /* Safety margin. */
-
- /* Fill and hash buffer. */
- buffer = p = xmalloc (nbytes);
- *p++ = sig->pubkey_algo;
- *p++ = sig->digest_algo;
- *p++ = (a >> 24) & 0xff;
- *p++ = (a >> 16) & 0xff;
- *p++ = (a >> 8) & 0xff;
- *p++ = a & 0xff;
- nbytes -= 6;
- for (i=0; i < nsig; i++ )
- {
- if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i]))
- BUG();
- p += n;
- nbytes -= n;
- }
- gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer);
-
- p = make_radix64_string (hashbuf, 20);
- sprintf (buffer, "%s %s %lu",
- p, strtimestamp (sig->timestamp), (ulong)sig->timestamp);
- xfree (p);
- write_status_text (STATUS_SIG_ID, buffer);
- xfree (buffer);
}
- if (r_pk)
- *r_pk = pk;
- else
- {
- release_public_key_parts (pk);
- xfree (pk);
- }
+ if (!rc && sig->sig_class < 2 && is_status_enabled ())
+ {
+ /* This signature id works best with DLP algorithms because
+ * they use a random parameter for every signature. Instead of
+ * this sig-id we could have also used the hash of the document
+ * and the timestamp, but the drawback of this is, that it is
+ * not possible to sign more than one identical document within
+ * one second. Some remote batch processing applications might
+ * like this feature here.
+ *
+ * Note that before 2.0.10, we used RIPE-MD160 for the hash
+ * and accidentally didn't include the timestamp and algorithm
+ * information in the hash. Given that this feature is not
+ * commonly used and that a replay attacks detection should
+ * not solely be based on this feature (because it does not
+ * work with RSA), we take the freedom and switch to SHA-1
+ * with 2.0.10 to take advantage of hardware supported SHA-1
+ * implementations. We also include the missing information
+ * in the hash. Note also the SIG_ID as computed by gpg 1.x
+ * and gpg 2.x didn't matched either because 2.x used to print
+ * MPIs not in PGP format. */
+ u32 a = sig->timestamp;
+ int nsig = pubkey_get_nsig (sig->pubkey_algo);
+ unsigned char *p, *buffer;
+ size_t n, nbytes;
+ int i;
+ char hashbuf[20];
+
+ nbytes = 6;
+ for (i=0; i < nsig; i++ )
+ {
+ if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i]))
+ BUG();
+ nbytes += n;
+ }
- return rc;
+ /* Make buffer large enough to be later used as output buffer. */
+ if (nbytes < 100)
+ nbytes = 100;
+ nbytes += 10; /* Safety margin. */
+
+ /* Fill and hash buffer. */
+ buffer = p = xmalloc (nbytes);
+ *p++ = sig->pubkey_algo;
+ *p++ = sig->digest_algo;
+ *p++ = (a >> 24) & 0xff;
+ *p++ = (a >> 16) & 0xff;
+ *p++ = (a >> 8) & 0xff;
+ *p++ = a & 0xff;
+ nbytes -= 6;
+ for (i=0; i < nsig; i++ )
+ {
+ if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i]))
+ BUG();
+ p += n;
+ nbytes -= n;
+ }
+ gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer);
+
+ p = make_radix64_string (hashbuf, 20);
+ sprintf (buffer, "%s %s %lu",
+ p, strtimestamp (sig->timestamp), (ulong)sig->timestamp);
+ xfree (p);
+ write_status_text (STATUS_SIG_ID, buffer);
+ xfree (buffer);
+ }
+
+ if (r_pk)
+ *r_pk = pk;
+ else
+ {
+ release_public_key_parts (pk);
+ xfree (pk);
+ }
+
+ return rc;
}
check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
int *r_expired, int *r_revoked)
{
- u32 cur_time;
+ u32 cur_time;
- if(r_expired)
- *r_expired = 0;
- if(r_revoked)
- *r_revoked = 0;
+ if (r_expired)
+ *r_expired = 0;
+ if (r_revoked)
+ *r_revoked = 0;
- if( pk->timestamp > sig->timestamp )
- {
- ulong d = pk->timestamp - sig->timestamp;
- if ( d < 86400 )
- {
- log_info
- (ngettext
- ("public key %s is %lu second newer than the signature\n",
- "public key %s is %lu seconds newer than the signature\n",
- d), keystr_from_pk (pk), d);
- }
- else
- {
- d /= 86400;
- log_info
- (ngettext
- ("public key %s is %lu day newer than the signature\n",
- "public key %s is %lu days newer than the signature\n",
- d), keystr_from_pk (pk), d);
- }
- if (!opt.ignore_time_conflict)
- return GPG_ERR_TIME_CONFLICT; /* pubkey newer than signature. */
- }
+ if (pk->timestamp > sig->timestamp )
+ {
+ ulong d = pk->timestamp - sig->timestamp;
+ if ( d < 86400 )
+ {
+ log_info (ngettext
+ ("public key %s is %lu second newer than the signature\n",
+ "public key %s is %lu seconds newer than the signature\n",
+ d), keystr_from_pk (pk), d);
+ }
+ else
+ {
+ d /= 86400;
+ log_info (ngettext
+ ("public key %s is %lu day newer than the signature\n",
+ "public key %s is %lu days newer than the signature\n",
+ d), keystr_from_pk (pk), d);
+ }
+ if (!opt.ignore_time_conflict)
+ return GPG_ERR_TIME_CONFLICT; /* pubkey newer than signature. */
+ }
- cur_time = make_timestamp();
- if( pk->timestamp > cur_time )
- {
- ulong d = pk->timestamp - cur_time;
- if (d < 86400)
- {
- log_info (ngettext("key %s was created %lu second"
- " in the future (time warp or clock problem)\n",
- "key %s was created %lu seconds"
- " in the future (time warp or clock problem)\n",
- d), keystr_from_pk (pk), d);
- }
- else
- {
- d /= 86400;
- log_info (ngettext("key %s was created %lu day"
- " in the future (time warp or clock problem)\n",
- "key %s was created %lu days"
- " in the future (time warp or clock problem)\n",
- d), keystr_from_pk (pk), d);
- }
- if (!opt.ignore_time_conflict)
- return GPG_ERR_TIME_CONFLICT;
- }
+ cur_time = make_timestamp ();
+ if (pk->timestamp > cur_time)
+ {
+ ulong d = pk->timestamp - cur_time;
+ if (d < 86400)
+ {
+ log_info (ngettext("key %s was created %lu second"
+ " in the future (time warp or clock problem)\n",
+ "key %s was created %lu seconds"
+ " in the future (time warp or clock problem)\n",
+ d), keystr_from_pk (pk), d);
+ }
+ else
+ {
+ d /= 86400;
+ log_info (ngettext("key %s was created %lu day"
+ " in the future (time warp or clock problem)\n",
+ "key %s was created %lu days"
+ " in the future (time warp or clock problem)\n",
+ d), keystr_from_pk (pk), d);
+ }
+ if (!opt.ignore_time_conflict)
+ return GPG_ERR_TIME_CONFLICT;
+ }
- /* Check whether the key has expired. We check the has_expired
- flag which is set after a full evaluation of the key (getkey.c)
- as well as a simple compare to the current time in case the
- merge has for whatever reasons not been done. */
- if( pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) {
- char buf[11];
- if (opt.verbose)
- log_info(_("Note: signature key %s expired %s\n"),
- keystr_from_pk(pk), asctimestamp( pk->expiredate ) );
- sprintf(buf,"%lu",(ulong)pk->expiredate);
- write_status_text(STATUS_KEYEXPIRED,buf);
- if(r_expired)
- *r_expired = 1;
+ /* Check whether the key has expired. We check the has_expired
+ * flag which is set after a full evaluation of the key (getkey.c)
+ * as well as a simple compare to the current time in case the
+ * merge has for whatever reasons not been done. */
+ if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time))
+ {
+ char buf[11];
+ if (opt.verbose)
+ log_info (_("Note: signature key %s expired %s\n"),
+ keystr_from_pk(pk), asctimestamp( pk->expiredate ) );
+ snprintf (buf, sizeof buf, "%lu",(ulong)pk->expiredate);
+ write_status_text (STATUS_KEYEXPIRED, buf);
+ if (r_expired)
+ *r_expired = 1;
}
- if (pk->flags.revoked)
- {
- if (opt.verbose)
- log_info (_("Note: signature key %s has been revoked\n"),
- keystr_from_pk(pk));
- if (r_revoked)
- *r_revoked=1;
- }
+ if (pk->flags.revoked)
+ {
+ if (opt.verbose)
+ log_info (_("Note: signature key %s has been revoked\n"),
+ keystr_from_pk(pk));
+ if (r_revoked)
+ *r_revoked=1;
+ }
- return 0;
+ return 0;
}
gcry_md_hd_t digest,
int *r_expired, int *r_revoked, PKT_public_key *ret_pk)
{
- int rc = 0;
+ int rc = 0;
- if ((rc = check_signature_metadata_validity (pk, sig,
- r_expired, r_revoked)))
- return rc;
+ if ((rc = check_signature_metadata_validity (pk, sig,
+ r_expired, r_revoked)))
+ return rc;
- if ((rc = check_signature_end_simple (pk, sig, digest)))
- return rc;
+ if ((rc = check_signature_end_simple (pk, sig, digest)))
+ return rc;
- if(!rc && ret_pk)
- copy_public_key(ret_pk,pk);
+ if (!rc && ret_pk)
+ copy_public_key(ret_pk,pk);
- return rc;
+ return rc;
}
+
/* This function is similar to check_signature_end, but it only checks
- whether the signature was generated by PK. It does not check
- expiration, revocation, etc. */
+ * whether the signature was generated by PK. It does not check
+ * expiration, revocation, etc. */
static int
check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
gcry_md_hd_t digest)
{
- gcry_mpi_t result = NULL;
- int rc = 0;
- const struct weakhash *weak;
+ gcry_mpi_t result = NULL;
+ int rc = 0;
+ const struct weakhash *weak;
- if (!opt.flags.allow_weak_digest_algos)
+ if (!opt.flags.allow_weak_digest_algos)
+ {
for (weak = opt.weak_digests; weak; weak = weak->next)
if (sig->digest_algo == weak->algo)
{
print_digest_rejected_note(sig->digest_algo);
return GPG_ERR_DIGEST_ALGO;
}
+ }
+
+ /* For key signatures check that the key has a cert usage. We may
+ * do this only for subkeys because the primary may always issue key
+ * signature. The latter may not be reflected in the pubkey_usage
+ * field because we need to check the key signatures to extract the
+ * key usage. */
+ if (!pk->flags.primary
+ && IS_CERT (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_CERT))
+ {
+ rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
+ if (!opt.quiet)
+ log_info (_("bad key signature from key %s: %s (0x%02x, 0x%x)\n"),
+ keystr_from_pk (pk), gpg_strerror (rc),
+ sig->sig_class, pk->pubkey_usage);
+ return rc;
+ }
+ /* Fixme: Should we also check the signing capability here for data
+ * signature? */
+
+ /* Make sure the digest algo is enabled (in case of a detached
+ * signature). */
+ gcry_md_enable (digest, sig->digest_algo);
+
+ /* Complete the digest. */
+ if (sig->version >= 4)
+ gcry_md_putc (digest, sig->version);
- /* Make sure the digest algo is enabled (in case of a detached
- signature). */
- gcry_md_enable (digest, sig->digest_algo);
-
- /* Complete the digest. */
- if( sig->version >= 4 )
- gcry_md_putc( digest, sig->version );
- gcry_md_putc( digest, sig->sig_class );
- if( sig->version < 4 ) {
- u32 a = sig->timestamp;
- gcry_md_putc( digest, (a >> 24) & 0xff );
- gcry_md_putc( digest, (a >> 16) & 0xff );
- gcry_md_putc( digest, (a >> 8) & 0xff );
- gcry_md_putc( digest, a & 0xff );
+ gcry_md_putc( digest, sig->sig_class );
+ if (sig->version < 4)
+ {
+ u32 a = sig->timestamp;
+ gcry_md_putc (digest, ((a >> 24) & 0xff));
+ gcry_md_putc (digest, ((a >> 16) & 0xff));
+ gcry_md_putc (digest, ((a >> 8) & 0xff));
+ gcry_md_putc (digest, ( a & 0xff));
}
- else {
- byte buf[6];
- size_t n;
- gcry_md_putc( digest, sig->pubkey_algo );
- gcry_md_putc( digest, sig->digest_algo );
- if( sig->hashed ) {
- n = sig->hashed->len;
- gcry_md_putc (digest, (n >> 8) );
- gcry_md_putc (digest, n );
- gcry_md_write (digest, sig->hashed->data, n);
- n += 6;
+ else
+ {
+ byte buf[6];
+ size_t n;
+ gcry_md_putc (digest, sig->pubkey_algo);
+ gcry_md_putc (digest, sig->digest_algo);
+ if (sig->hashed)
+ {
+ n = sig->hashed->len;
+ gcry_md_putc (digest, (n >> 8) );
+ gcry_md_putc (digest, n );
+ gcry_md_write (digest, sig->hashed->data, n);
+ n += 6;
}
- else {
+ else
+ {
/* Two octets for the (empty) length of the hashed
- section. */
+ * section. */
gcry_md_putc (digest, 0);
gcry_md_putc (digest, 0);
n = 6;
}
- /* add some magic per Section 5.2.4 of RFC 4880. */
- buf[0] = sig->version;
- buf[1] = 0xff;
- buf[2] = n >> 24;
- buf[3] = n >> 16;
- buf[4] = n >> 8;
- buf[5] = n;
- gcry_md_write( digest, buf, 6 );
+ /* Add some magic per Section 5.2.4 of RFC 4880. */
+ buf[0] = sig->version;
+ buf[1] = 0xff;
+ buf[2] = n >> 24;
+ buf[3] = n >> 16;
+ buf[4] = n >> 8;
+ buf[5] = n;
+ gcry_md_write( digest, buf, 6 );
}
- gcry_md_final( digest );
+ gcry_md_final( digest );
- /* Convert the digest to an MPI. */
- result = encode_md_value (pk, digest, sig->digest_algo );
- if (!result)
- return GPG_ERR_GENERAL;
+ /* Convert the digest to an MPI. */
+ result = encode_md_value (pk, digest, sig->digest_algo );
+ if (!result)
+ return GPG_ERR_GENERAL;
- /* Verify the signature. */
- rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey );
- gcry_mpi_release (result);
+ /* Verify the signature. */
+ rc = pk_verify (pk->pubkey_algo, result, sig->data, pk->pkey);
+ gcry_mpi_release (result);
- if( !rc && sig->flags.unknown_critical )
- {
- log_info(_("assuming bad signature from key %s"
- " due to an unknown critical bit\n"),keystr_from_pk(pk));
- rc = GPG_ERR_BAD_SIGNATURE;
- }
+ if (!rc && sig->flags.unknown_critical)
+ {
+ log_info(_("assuming bad signature from key %s"
+ " due to an unknown critical bit\n"),keystr_from_pk(pk));
+ rc = GPG_ERR_BAD_SIGNATURE;
+ }
- return rc;
+ return rc;
}
/* Add a uid node to a hash context. See section 5.2.4, paragraph 4
- of RFC 4880. */
+ * of RFC 4880. */
static void
hash_uid_packet (PKT_user_id *uid, gcry_md_hd_t md, PKT_signature *sig )
{
- if( uid->attrib_data ) {
- if( sig->version >=4 ) {
- byte buf[5];
- buf[0] = 0xd1; /* packet of type 17 */
- buf[1] = uid->attrib_len >> 24; /* always use 4 length bytes */
- buf[2] = uid->attrib_len >> 16;
- buf[3] = uid->attrib_len >> 8;
- buf[4] = uid->attrib_len;
- gcry_md_write( md, buf, 5 );
+ if (uid->attrib_data)
+ {
+ if (sig->version >=4)
+ {
+ byte buf[5];
+ buf[0] = 0xd1; /* packet of type 17 */
+ buf[1] = uid->attrib_len >> 24; /* always use 4 length bytes */
+ buf[2] = uid->attrib_len >> 16;
+ buf[3] = uid->attrib_len >> 8;
+ buf[4] = uid->attrib_len;
+ gcry_md_write( md, buf, 5 );
}
- gcry_md_write( md, uid->attrib_data, uid->attrib_len );
+ gcry_md_write( md, uid->attrib_data, uid->attrib_len );
}
- else {
- if( sig->version >=4 ) {
- byte buf[5];
- buf[0] = 0xb4; /* indicates a userid packet */
- buf[1] = uid->len >> 24; /* always use 4 length bytes */
- buf[2] = uid->len >> 16;
- buf[3] = uid->len >> 8;
- buf[4] = uid->len;
- gcry_md_write( md, buf, 5 );
+ else
+ {
+ if (sig->version >=4)
+ {
+ byte buf[5];
+ buf[0] = 0xb4; /* indicates a userid packet */
+ buf[1] = uid->len >> 24; /* always use 4 length bytes */
+ buf[2] = uid->len >> 16;
+ buf[3] = uid->len >> 8;
+ buf[4] = uid->len;
+ gcry_md_write( md, buf, 5 );
}
- gcry_md_write( md, uid->name, uid->len );
+ gcry_md_write( md, uid->name, uid->len );
}
}
static void
cache_sig_result ( PKT_signature *sig, int result )
{
- if ( !result ) {
- sig->flags.checked = 1;
- sig->flags.valid = 1;
+ if (!result)
+ {
+ sig->flags.checked = 1;
+ sig->flags.valid = 1;
}
- else if ( gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE ) {
- sig->flags.checked = 1;
- sig->flags.valid = 0;
+ else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE)
+ {
+ sig->flags.checked = 1;
+ sig->flags.valid = 0;
}
- else {
- sig->flags.checked = 0;
- sig->flags.valid = 0;
+ else
+ {
+ sig->flags.checked = 0;
+ sig->flags.valid = 0;
}
}
}
/* Check that the backsig BACKSIG from the subkey SUB_PK to its
- primary key MAIN_PK is valid.
-
- Backsigs (0x19) have the same format as binding sigs (0x18), but
- this function is simpler than check_key_signature in a few ways.
- For example, there is no support for expiring backsigs since it is
- questionable what such a thing actually means. Note also that the
- sig cache check here, unlike other sig caches in GnuPG, is not
- persistent. */
+ * primary key MAIN_PK is valid.
+ *
+ * Backsigs (0x19) have the same format as binding sigs (0x18), but
+ * this function is simpler than check_key_signature in a few ways.
+ * For example, there is no support for expiring backsigs since it is
+ * questionable what such a thing actually means. Note also that the
+ * sig cache check here, unlike other sig caches in GnuPG, is not
+ * persistent. */
int
check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk,
PKT_signature *backsig)
/* A signature's class indicates the type of packet that it
signs. */
- if (/* Primary key binding (made by a subkey). */
- sig->sig_class == 0x19
- /* Direct key signature. */
- || sig->sig_class == 0x1f
- /* Primary key revocation. */
- || sig->sig_class == 0x20)
+ if (IS_BACK_SIG (sig) || IS_KEY_SIG (sig) || IS_KEY_REV (sig))
{
/* Key revocations can only be over primary keys. */
if (packet->pkttype != PKT_PUBLIC_KEY)
return gpg_error (GPG_ERR_SIG_CLASS);
}
- else if (/* Subkey binding. */
- sig->sig_class == 0x18
- /* Subkey revocation. */
- || sig->sig_class == 0x28)
+ else if (IS_SUBKEY_SIG (sig) || IS_SUBKEY_REV (sig))
{
if (packet->pkttype != PKT_PUBLIC_SUBKEY)
return gpg_error (GPG_ERR_SIG_CLASS);
}
- else if (/* Certification. */
- sig->sig_class == 0x10
- || sig->sig_class == 0x11
- || sig->sig_class == 0x12
- || sig->sig_class == 0x13
- /* Certification revocation. */
- || sig->sig_class == 0x30)
+ else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
if (packet->pkttype != PKT_USER_ID)
return gpg_error (GPG_ERR_SIG_CLASS);
else
{
/* See if one of the subkeys was the signer (although this
- is extremely unlikely). */
+ * is extremely unlikely). */
kbnode_t ctx = NULL;
kbnode_t n;
signer_alloced = 2;
}
+ if (IS_CERT (sig))
+ signer->req_usage = PUBKEY_USAGE_CERT;
+
rc = get_pubkey (ctrl, signer, sig->keyid);
if (rc)
{
/* Hash the relevant data. */
- if (/* Direct key signature. */
- sig->sig_class == 0x1f
- /* Primary key revocation. */
- || sig->sig_class == 0x20)
+ if (IS_KEY_SIG (sig) || IS_KEY_REV (sig))
{
log_assert (packet->pkttype == PKT_PUBLIC_KEY);
hash_public_key (md, packet->pkt.public_key);
rc = check_signature_end_simple (signer, sig, md);
}
- else if (/* Primary key binding (made by a subkey). */
- sig->sig_class == 0x19)
+ else if (IS_BACK_SIG (sig))
{
log_assert (packet->pkttype == PKT_PUBLIC_KEY);
hash_public_key (md, packet->pkt.public_key);
hash_public_key (md, signer);
rc = check_signature_end_simple (signer, sig, md);
}
- else if (/* Subkey binding. */
- sig->sig_class == 0x18
- /* Subkey revocation. */
- || sig->sig_class == 0x28)
+ else if (IS_SUBKEY_SIG (sig) || IS_SUBKEY_REV (sig))
{
log_assert (packet->pkttype == PKT_PUBLIC_SUBKEY);
hash_public_key (md, pripk);
hash_public_key (md, packet->pkt.public_key);
rc = check_signature_end_simple (signer, sig, md);
}
- else if (/* Certification. */
- sig->sig_class == 0x10
- || sig->sig_class == 0x11
- || sig->sig_class == 0x12
- || sig->sig_class == 0x13
- /* Certification revocation. */
- || sig->sig_class == 0x30)
+ else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
log_assert (packet->pkttype == PKT_USER_ID);
hash_public_key (md, pripk);
if (rc)
return rc;
- if (sig->sig_class == 0x20) /* key revocation */
+ if (IS_KEY_REV (sig))
{
u32 keyid[2];
keyid_from_pk( pk, keyid );
is_selfsig, ret_pk);
}
}
- else if (sig->sig_class == 0x28 /* subkey revocation */
- || sig->sig_class == 0x18) /* key binding */
+ else if (IS_SUBKEY_REV (sig) || IS_SUBKEY_SIG (sig))
{
kbnode_t snode = find_prev_kbnode (root, node, PKT_PUBLIC_SUBKEY);
r_expired, NULL);
if (! rc)
{
- /* 0x28 must be a self-sig, but 0x18 needn't be. */
+ /* A subkey revocation (0x28) must be a self-sig, but a
+ * subkey signature (0x18) needn't be. */
rc = check_signature_over_key_or_uid (ctrl,
- sig->sig_class == 0x18
+ IS_SUBKEY_SIG (sig)
? NULL : pk,
sig, root, snode->pkt,
is_selfsig, ret_pk);
{
if (opt.verbose)
{
- if (sig->sig_class == 0x28)
+ if (IS_SUBKEY_REV (sig))
log_info (_("key %s: no subkey for subkey"
" revocation signature\n"), keystr_from_pk(pk));
else if (sig->sig_class == 0x18)
rc = GPG_ERR_SIG_CLASS;
}
}
- else if (sig->sig_class == 0x1f) /* direct key signature */
+ else if (IS_KEY_SIG (sig)) /* direct key signature */
{
rc = check_signature_metadata_validity (pk, sig,
r_expired, NULL);
rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt,
is_selfsig, ret_pk);
}
- else if (/* Certification. */
- sig->sig_class == 0x10
- || sig->sig_class == 0x11
- || sig->sig_class == 0x12
- || sig->sig_class == 0x13
- /* Certification revocation. */
- || sig->sig_class == 0x30)
+ else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
kbnode_t unode = find_prev_kbnode (root, node, PKT_USER_ID);
while (fprlen < 20)
fpr[fprlen++] = 0;
- rc = tdbio_search_trust_byfpr (fpr, &rec);
+ rc = tdbio_search_trust_byfpr (ctrl, fpr, &rec);
if( !rc ) { /* found: update */
if (rec.r.trust.ownertrust != otrust)
{
/* The name of the trustdb file. */
static char *db_name;
-/* The handle for locking the trustdb file and a flag to record
- whether a lock has been taken. */
+/* The handle for locking the trustdb file and a counter to record how
+ * often this lock has been taken. That counter is required becuase
+ * dotlock does not implemen recursive locks. */
static dotlock_t lockhandle;
-static int is_locked;
+static unsigned int is_locked;
/* The file descriptor of the trustdb. */
static int db_fd = -1;
/* A flag indicating that a transaction is active. */
-static int in_transaction;
+/* static int in_transaction; Not yet used. */
\f
\f
/*
* Take a lock on the trustdb file name. I a lock file can't be
- * created the function terminates the process. Excvept for a
+ * created the function terminates the process. Except for a
* different return code the function does nothing if the lock has
* already been taken.
*
static int
take_write_lock (void)
{
+ int rc;
+
if (!lockhandle)
lockhandle = dotlock_create (db_name, 0);
if (!lockhandle)
{
if (dotlock_take (lockhandle, -1) )
log_fatal ( _("can't lock '%s'\n"), db_name );
- else
- is_locked = 1;
- return 0;
+ rc = 0;
}
else
- return 1;
+ rc = 1;
+
+ if (opt.lock_once)
+ is_locked = 1;
+ else
+ is_locked++;
+ return rc;
}
static void
release_write_lock (void)
{
- if (!opt.lock_once)
- if (!dotlock_release (lockhandle))
- is_locked = 0;
+ if (opt.lock_once)
+ return; /* Don't care; here IS_LOCKED is fixed to 1. */
+
+ if (!is_locked)
+ {
+ log_error ("Ooops, tdbio:release_write_lock with no lock held\n");
+ return;
+ }
+ if (--is_locked)
+ return;
+
+ if (dotlock_release (lockhandle))
+ log_error ("Oops, tdbio:release_write_locked failed\n");
}
+
+
\f
/*************************************
************* record cache **********
}
/* No clean entries: We have to flush some dirty entries. */
+#if 0 /* Transactions are not yet used. */
if (in_transaction)
{
/* But we can't do this while in a transaction. Thus we
log_info (_("trustdb transaction too large\n"));
return GPG_ERR_RESOURCE_LIMIT;
}
+#endif
if (dirty_count)
{
if( db_fd == -1 )
open_db();
+#if 0 /* Transactions are not yet used. */
if( in_transaction )
log_bug("tdbio: syncing while in transaction\n");
+#endif
if( !cache_is_dirty )
return 0;
/*
* Create and write the trustdb version record.
- *
+ * This is called with the writelock activ.
* Returns: 0 on success or an error code.
*/
static int
* Return: record number
*/
static ulong
-get_trusthashrec(void)
+get_trusthashrec (ctrl_t ctrl)
{
static ulong trusthashtbl; /* Record number of the trust hashtable. */
+ (void)ctrl;
+
if (!trusthashtbl)
{
TRUSTREC vr;
log_fatal (_("%s: error reading version record: %s\n"),
db_name, gpg_strerror (rc) );
+ if (!vr.r.ver.trusthashtbl)
+ {
+ /* Oops: the trustdb is corrupt because the hashtable is
+ * always created along with the version record. However,
+ * if something went initially wrong it may happen that
+ * there is just the version record. We try to fix it here.
+ * If we can't do that we return 0 - this is the version
+ * record and thus the actual read will detect the mismatch
+ * and bail out. Note that create_hashtable updates VR. */
+ take_write_lock ();
+ if (lseek (db_fd, 0, SEEK_END) == TRUST_RECORD_LEN)
+ create_hashtable (ctrl, &vr, 0);
+ release_write_lock ();
+ }
trusthashtbl = vr.r.ver.trusthashtbl;
}
int msb;
int level = 0;
+ if (!table)
+ {
+ rc = gpg_error (GPG_ERR_INV_RECORD);
+ log_error("lookup_hashtable failed: %s\n", "request for record 0");
+ return rc;
+ }
+
hashrec = table;
next_level:
msb = key[level];
static int
update_trusthashtbl (ctrl_t ctrl, TRUSTREC *tr)
{
- return upd_hashtable (ctrl, get_trusthashrec (),
+ return upd_hashtable (ctrl, get_trusthashrec (ctrl),
tr->r.trust.fingerprint, 20, tr->recnum);
}
* EXPECTED is not 0 reading any other record type will return an
* error.
*
- * Return: 0 on success, -1 on EOF, or an error code.
+ * Return: 0 on success or an error code.
*/
int
tdbio_read_record (ulong recnum, TRUSTREC *rec, int expected)
n = read (db_fd, readbuf, TRUST_RECORD_LEN);
if (!n)
{
- return -1; /* eof */
+ return gpg_error (GPG_ERR_EOF);
}
else if (n != TRUST_RECORD_LEN)
{
;
else if (rec.rectype == RECTYPE_TRUST)
{
- rc = drop_from_hashtable (ctrl, get_trusthashrec(),
+ rc = drop_from_hashtable (ctrl, get_trusthashrec (ctrl),
rec.r.trust.fingerprint, 20, rec.recnum);
}
recnum = vr.r.ver.firstfree;
rc = tdbio_read_record (recnum, &rec, RECTYPE_FREE);
if (rc)
- {
- log_error (_("%s: error reading free record: %s\n"),
- db_name, gpg_strerror (rc));
- return rc;
- }
+ log_fatal (_("%s: error reading free record: %s\n"),
+ db_name, gpg_strerror (rc));
/* Update dir record. */
vr.r.ver.firstfree = rec.r.free.next;
rc = tdbio_write_record (ctrl, &vr);
if (rc)
- {
- log_error (_("%s: error writing dir record: %s\n"),
- db_name, gpg_strerror (rc));
- return rc;
- }
+ log_fatal (_("%s: error writing dir record: %s\n"),
+ db_name, gpg_strerror (rc));
/* Zero out the new record. */
memset (&rec, 0, sizeof rec);
rec.rectype = 0; /* Mark as unused record (actually already done
if (offset == (off_t)(-1))
log_fatal ("trustdb: lseek to end failed: %s\n", strerror (errno));
recnum = offset / TRUST_RECORD_LEN;
- log_assert (recnum); /* this is will never be the first record */
+ log_assert (recnum); /* This will never be the first record */
/* We must write a record, so that the next call to this
* function returns another recnum. */
memset (&rec, 0, sizeof rec);
{
rc = gpg_error_from_syserror ();
log_error (_("trustdb rec %lu: write failed (n=%d): %s\n"),
- recnum, n, strerror (errno));
+ recnum, n, gpg_strerror (rc));
}
}
if (rc)
log_fatal (_("%s: failed to append a record: %s\n"),
- db_name, gpg_strerror (rc));
+ db_name, gpg_strerror (rc));
}
return recnum ;
* Return: 0 if found, GPG_ERR_NOT_FOUND, or another error code.
*/
gpg_error_t
-tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec)
+tdbio_search_trust_byfpr (ctrl_t ctrl, const byte *fingerprint, TRUSTREC *rec)
{
int rc;
/* Locate the trust record using the hash table */
- rc = lookup_hashtable (get_trusthashrec(), fingerprint, 20,
+ rc = lookup_hashtable (get_trusthashrec (ctrl), fingerprint, 20,
cmp_trec_fpr, fingerprint, rec );
return rc;
}
* Return: 0 if found, GPG_ERR_NOT_FOUND, or another error code.
*/
gpg_error_t
-tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec)
+tdbio_search_trust_bypk (ctrl_t ctrl, PKT_public_key *pk, TRUSTREC *rec)
{
byte fingerprint[MAX_FINGERPRINT_LEN];
size_t fingerlen;
fingerprint_from_pk( pk, fingerprint, &fingerlen );
for (; fingerlen < 20; fingerlen++)
fingerprint[fingerlen] = 0;
- return tdbio_search_trust_byfpr (fingerprint, rec);
+ return tdbio_search_trust_byfpr (ctrl, fingerprint, rec);
}
int tdbio_cancel_transaction(void);
int tdbio_delete_record (ctrl_t ctrl, ulong recnum);
ulong tdbio_new_recnum (ctrl_t ctrl);
-gpg_error_t tdbio_search_trust_byfpr (const byte *fingerprint, TRUSTREC *rec);
-gpg_error_t tdbio_search_trust_bypk (PKT_public_key *pk, TRUSTREC *rec);
+gpg_error_t tdbio_search_trust_byfpr (ctrl_t ctrl, const byte *fingerprint,
+ TRUSTREC *rec);
+gpg_error_t tdbio_search_trust_bypk (ctrl_t ctrl, PKT_public_key *pk,
+ TRUSTREC *rec);
void tdbio_how_to_fix (void);
void tdbio_invalid(void);
int rc;
init_trustdb (ctrl, 0);
- rc = tdbio_search_trust_bypk (pk, rec);
+ rc = tdbio_search_trust_bypk (ctrl, pk, rec);
if (rc)
{
if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Quina grandària voleu? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Quina grandària voleu? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Quina grandària voleu? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrodonida fins a %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Aquesta signatura va caducar el %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (només xifrar)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Seleccioneu quin tipus de clau voleu:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (només signar)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA i ElGamal (predeterminat)\n"
+
+msgid "Invalid selection.\n"
+msgstr "La selecció és invàlida.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "error mentre s'enviava a «%s»: %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "s'ha produït un error mentre s'escrivia l'anell secret «%s»: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Aquesta ordre no està permesa mentre s'està en mode %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "La selecció és invàlida.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Seleccioneu la raó de la revocació:\n"
msgstr "ha fallat l'actualització: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Aquesta ordre no està permesa mentre s'està en mode %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "es descarta: la clau secreta ja és present\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "error en la lectura de «%s»: %s\n"
+
msgid "quit this menu"
msgstr "ix del menú"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOM|usa NOM com a destinatari predeterminat"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "canvia la confiança"
+
msgid "gpg/card> "
msgstr ""
msgstr "l'algoritme de dispersió és invàlid «%s»\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opcions d'importació no vàlides\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s no és un joc de caràcters vàlid\n"
msgstr "La clau està revocada."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Realment voleu signar tots els ID d'usuari? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Realment voleu signar tots els ID d'usuari? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "No podeu canviar la data de caducitat de les claus v3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "S'està canviant la data de caducitat per a una clau secundària.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "S'està canviant la data de caducitat per a una clau primària.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr ""
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Seleccioneu quin tipus de clau voleu:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA i ElGamal (predeterminat)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Quina grandària voleu? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Quina grandària voleu? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "La grandària sol·licitada és %u bits\n"
msgstr "NOTA: aquesta clau ha estat revocada!"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "signatura autònoma de classe 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"es supossa una signatura incorrecta de la clau %08lX a causa d'un bit crític "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (només signar)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (només xifrar)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Quina grandària voleu? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Quina grandària voleu? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Quina grandària voleu? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "ha fallat l'actualització: %s\n"
" své karty, kde se dozvíte, jaké velikosti jsou dovoleny.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Jakou délku klíče pro podepisování si přejete? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Jakou délku klíče pro šifrování si přejete? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Jakou délku klíče pro autentizaci si přejete? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Karta bude nyní přenastavena na generování klíče dlouhého %u bitů\n"
+msgid "What keysize do you want? (%u) "
+msgstr "Jakou délku klíče si přejete? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "velikost klíče %s musí být v intervalu %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Podepisovací klíč\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Šifrovací klíč\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Autentizační klíč\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Prosím, vyberte druh klíče, který chcete:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) ECC and ECC\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC a ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Neplatný výběr.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Karta bude nyní přenastavena na generování klíče dlouhého %u bitů\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Karta bude nyní přenastavena na generování klíče dlouhého %u bitů\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "chyba při změně velikosti klíče %d na %u bitů: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "chyba při získání informací o aktuálním klíči: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "Tento příkaz není touto kartou podporován\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Vytvořit zálohu šifrovacího klíče mimo kartu? (A/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Autentizační klíč\n"
-msgid "Invalid selection.\n"
-msgstr "Neplatný výběr.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Prosím vyberte, kam uložit klíč:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "Volání KEYTOCARD selhalo: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "Tento příkaz není touto kartou podporován\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Poznámka: Tento příkaz zničí všechny klíče uložené na kartě!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "Opravdu obnovit tovární nastavení (zadejte „yes“) "
+#, fuzzy, c-format
+#| msgid "error looking up: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "chyba při vyhledávání: %s\n"
+
msgid "quit this menu"
msgstr "ukončit toto menu"
msgid "destroy all keys and data"
msgstr "zničit všechny klíče a data"
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|JMÉNO|pro autentizaci použije JMÉNO uživatele"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "změnit důvěryhodnost vlastníka klíče"
+
msgid "gpg/card> "
msgstr "gpg/karta> "
msgid "invalid pinentry mode '%s'\n"
msgstr "neplatný režim pinentry „%s“\n"
+#, fuzzy, c-format
+#| msgid "invalid value for option '%s'\n"
+msgid "invalid request origin '%s'\n"
+msgstr "neplatný argument u volby „%s“\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "„%s“ není platná znaková sada\n"
msgid "Key is revoked."
msgstr "Klíč je odvolán."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Opravdu podepsat všechny id uživatele? (a/N) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr "Opravdu podepsat všechna textová ID uživatele? (a/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Opravdu podepsat všechny id uživatele? (a/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Nápověda: Vyberte id uživatele k podepsání\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Nemůžete změnit dobu platnosti klíče verze 3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Měním dobu expirace podklíče.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Měním dobu expirace primárního klíče.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "podepisovací podklíč %s je již křížově certifikován\n"
msgid " (%c) Finished\n"
msgstr " (%c) Konec\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Prosím, vyberte druh klíče, který chcete:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA a RSA (implicitní)\n"
msgstr "Jakou délku podklíče si přejete? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Jakou délku klíče si přejete? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Požadovaná délka klíče je %u bitů.\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "Poznámka: podpisový klíč %s byl odvolán\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "samostatný podpis třídy 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"právě vytvořili, ještě jednou.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Existující klíč\n"
"Syntaxe: gpg-check-pattern [volby] soubor_se_vzorem\n"
"Prověří heslo zadané na vstupu proti souboru se vzory\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Jakou délku klíče pro podepisování si přejete? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Jakou délku klíče pro šifrování si přejete? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Jakou délku klíče pro autentizaci si přejete? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "volání listen() selhalo: %s\n"
" er tilladt.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Hvilken nøglestørrelse ønsker du for underskriftsnøglen (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Hvilken nøglestørrelse ønsker du for krypteringsnøglen? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Hvilken nøglestørrelse ønsker du for godkendelsesnøglen? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Kortet vil nu blive omkonfigureret til at oprette en nøgle på %u bit\n"
+msgid "What keysize do you want? (%u) "
+msgstr "Hvilken nøglestørrelse ønsker du? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "%s nøglestørrelser skal være i intervallet %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Underskriftsnøgle\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Krypteringsnøgle\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Godkendelsesnøgle\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Vælg venligst hvilken slags nøgle du vil have:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) DSA and Elgamal\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA og Elgamal\n"
+
+msgid "Invalid selection.\n"
+msgstr "Ugyldigt valg.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Kortet vil nu blive omkonfigureret til at oprette en nøgle på %u bit\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Kortet vil nu blive omkonfigureret til at oprette en nøgle på %u bit\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "fejl ved ændring af størrelsen på nøglen %d til %u bit: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "fejl ved indhentelse af aktuel nøgleinformation: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Denne kommando er ikke tilladt i tilstanden %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
"Lav sikkerhedskopi et andet sted end på kortet for krypteringsnøglen? (J/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Godkendelsesnøgle\n"
-msgid "Invalid selection.\n"
-msgstr "Ugyldigt valg.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Vælg venligst hvor nøglen skal gemmes:\n"
msgstr "læsning mislykkedes: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Denne kommando er ikke tilladt i tilstanden %s.\n"
-
-#, fuzzy
#| msgid "NOTE: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "BEMÆRK: Nøgler er allerede gemt på kortet!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "fejl ved lukning af %s: %s\n"
+
msgid "quit this menu"
msgstr "afslut denne menu"
msgid "destroy all keys and data"
msgstr ""
+msgid "setup KDF for PIN authentication"
+msgstr ""
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "ændr ejertroværdigheden"
+
msgid "gpg/card> "
msgstr "gpg/card> "
msgstr "ugyldig landekode i »%s«, linje %d\n"
#, fuzzy, c-format
+#| msgid "missing argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "manglende parameter for indstilling »%.50s«\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "»%s« er ikke et gyldigt tegnsæt\n"
msgid "Key is revoked."
msgstr "Nøglen er tilbagekaldt."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Vil du gerne underskrive alle bruger-id'er (j/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Vil du gerne underskrive alle bruger-id'er (j/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Vil du gerne underskrive alle bruger-id'er (j/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Fif: Vælg bruger-id'erne at underskrive\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Du kan ikke ændre udløbsdatoen for en v3-nøgle\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Ændrer udløbstidspunkt for en undernøgle.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Ændrer udløbstidspunkt for den primære nøgle.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "underskriftsundernøgle %s er allerede krydscertificeret\n"
msgid " (%c) Finished\n"
msgstr " (%c) Afsluttet\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Vælg venligst hvilken slags nøgle du vil have:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA og RSA (standard)\n"
msgstr "Hvilken nøglestørrelse ønsker du for undernøglen? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Hvilken nøglestørrelse ønsker du? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Ønsket nøglestørrelse er %u bit\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "BEMÆRK: underskriftnøgle %s er blevet tilbagekaldt\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "uafhængig underskrift for klasse 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"adgangsfrasen for nøglen du netop oprettede endnu en gang.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Eksisterende nøgle\n"
"Syntaks: gpg-check-pattern [tilvalg] mønsterfil\n"
"Kontroller en adgangsfrase angivet på stdin mod mønsterfilen\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Hvilken nøglestørrelse ønsker du for underskriftsnøglen (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Hvilken nøglestørrelse ønsker du for krypteringsnøglen? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Hvilken nøglestørrelse ønsker du for godkendelsesnøglen? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() mislykkedes: %s\n"
msgstr ""
"Project-Id-Version: gnupg-2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-12-19 12:28+0100\n"
+"PO-Revision-Date: 2018-04-09 20:39+0200\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: German <de@li.org>\n"
"Language: de\n"
" zu Rate.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (%u) "
+msgid "What keysize do you want? (%u) "
+msgstr "Welche Schlüssellänge wünschen Sie? (%u) "
#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr ""
-"Welche Schlüssellänge wünschen Sie für den Verschlüsselungs-Schlüssel? (%u) "
+msgid "rounded up to %u bits\n"
+msgstr "aufgerundet auf %u Bit\n"
#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr ""
-"Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? (%u) "
+msgid "%s keysizes must be in the range %u-%u\n"
+msgstr "%s-Schlüssellängen müssen im Bereich %u-%u sein\n"
-#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Die Karte wird nun rekonfiguriert für einen Schlüssel des Typs: %s\n"
+msgid "Changing card key attribute for: "
+msgstr "Ändern des Schlüsselattributs für den: "
+
+msgid "Signature key\n"
+msgstr "Signatur-Schlüssel\n"
+
+msgid "Encryption key\n"
+msgstr "Verschlüsselungs-Schlüssel\n"
+
+msgid "Authentication key\n"
+msgstr "Authentisierungs-Schlüssel\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Bitte wählen Sie, welche Art von Schlüssel Sie möchten:\n"
#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "aufgerundet auf %u Bit\n"
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
#, c-format
-msgid "%s keysizes must be in the range %u-%u\n"
-msgstr "%s-Schlüssellängen müssen im Bereich %u-%u sein\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Ungültige Auswahl.\n"
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
"erzeugen\n"
#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
-msgstr "Fehler bem Ändern der Länge des Schlüssels %d auf %u Bit: %s\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Die Karte wird nun rekonfiguriert für einen Schlüssel des Typs: %s\n"
+
+#, c-format
+msgid "error changing key attribute for key %d: %s\n"
+msgstr "Fehler beim Ändern der Attributs des Schlüssels %d: %s\n"
+
+#, c-format
+msgid "error getting card info: %s\n"
+msgstr "Fehler beim Holen der aktuellen Schlüsselinfo: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "Dieser Befehl wird von dieser Karte nicht unterstützt.\n"
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr " (3) Authentisierungs-Schlüssel\n"
-msgid "Invalid selection.\n"
-msgstr "Ungültige Auswahl.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Wählen Sie den Speicherort für den Schlüssel:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "Das KEYTOCARD Kommando schlug fehl: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "Dieser Befehl wird von dieser Karte nicht unterstützt.\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr ""
"Hinweis: Dieses Kommando zerstörrt alle auf der Karte gespeicherten "
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "Möchten Sie die Karte wirklich komplett löschen? (\"yes\" eingeben) "
+#, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "Fehler beim Einstellen der KDF: %s\n"
+
msgid "quit this menu"
msgstr "Menü verlassen"
msgid "destroy all keys and data"
msgstr "alle Schlüssel und Daten löschen"
+msgid "setup KDF for PIN authentication"
+msgstr "Einrichten der KDF zur Authentifizierung"
+
+msgid "change the key attribute"
+msgstr "Das Schlüsselattribut ändern"
+
msgid "gpg/card> "
msgstr "gpg/card> "
msgstr "Ungültiger Subjekt-Name '%s'\n"
#, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "Ungültiges \"Herkunft\"-Argument '%s'\n"
+
+#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "`%s' ist kein gültiger Zeichensatz\n"
msgid "Key is revoked."
msgstr "Schlüssel wurde widerrufen."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Wirklich alle User-IDs beglaubigen? (j/N) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr "Wirklich alle textbasierten User-IDs beglaubigen? (j/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Wirklich alle User-IDs beglaubigen? (j/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Tip: Wählen Sie die User-IDs, die beglaubigt werden sollen\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Sie können das Verfallsdatum eines v3-Schlüssels nicht ändern\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Ändern des Schlüsselverwendungszweckes des Unterschlüssels.\n"
+
+msgid "Changing usage of the primary key.\n"
+msgstr "Ändern des Schlüsselverwendungszweckes des Hauptschlüssels.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "Signaturunterschlüssel %s ist bereits rücksigniert\n"
msgid " (%c) Finished\n"
msgstr " (%c) Beenden\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Bitte wählen Sie, welche Art von Schlüssel Sie möchten:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA und RSA (voreingestellt)\n"
msgstr "Welche Schlüssellänge wünschen Sie für den Unterschlüssel? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Welche Schlüssellänge wünschen Sie? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Die verlangte Schlüssellänge beträgt %u Bit\n"
msgstr "Hinweis: Signaturschlüssel %s wurde widerrufen\n"
#, c-format
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "Falsche Schlüsselsignatur von Schlüssel %s: %s (0x%02x, 0x%x)\n"
+
+#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"Vermutlich eine FALSCHE Signatur von Schlüssel %s, wegen unbekanntem "
"noch einmal die Passphrase des soeben erzeugten Schlüssels ein.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Vorhandener Schlüssel\n"
"Syntax: gpg-check-pattern [optionen] Musterdatei\n"
"Die von stdin gelesene Passphrase gegen die Musterdatei prüfen\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr ""
+#~ "Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr ""
+#~ "Welche Schlüssellänge wünschen Sie für den Verschlüsselungs-Schlüssel? "
+#~ "(%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr ""
+#~ "Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? "
+#~ "(%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "Der listen()-Aufruf ist fehlgeschlagen: %s\n"
#~ msgstr ""
#~ "Verbindung zum gpg-agent nicht möglich - Ersatzmethode wird versucht\n"
-#~ msgid " (%d) ECC\n"
-#~ msgstr " (%d) ECC\n"
-
#~ msgid "can't create directory `%s': %s\n"
#~ msgstr " git describe --match gnupg-2.1.*[0-9] --long"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "στρογγυλοποιήθηκε έως τα %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Υπογραφή έληξε στις %s.\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (για κρυπτογράφηση μόνο)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Παρακαλώ επιλέξτε τον τύπο του κλειδιού που θέλετε:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (για υπογραφή μόνο)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA και ElGamal (προκαθορισμένο)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Μη έγκυρη επιλογή.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "σφάλμα στη αποστολή προς το `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "αδυναμία εγγραφής μυστικής κλειδοθήκης `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Αυτή η εντολή απαγορεύετε σε αυτή την κατάσταση %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Μη έγκυρη επιλογή.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Παρακαλώ επιλέξτε την αιτία για την ανάκληση:\n"
msgstr "η ενημέρωση απέτυχε: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Αυτή η εντολή απαγορεύετε σε αυτή την κατάσταση %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "παραλείφθηκε: μυστικό κλειδί ήδη παρών\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n"
+
msgid "quit this menu"
msgstr "τερματισμός αυτού του μενού"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|ΟΝΟΜΑ|χρήση του ΟΝΟΜΑτος ως προκαθορισμένου παραλήπτη"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "αλλαγή της εμπιστοσύνης ιδιοκτήτη"
+
msgid "gpg/card> "
msgstr ""
msgstr "μη έγκυρος αλγόριθμος hash `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "μη έγκυρες επιλογές ειγαγωγής\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "το %s δεν είναι έγκυρο σετ χαρακτήρων\n"
msgstr "Το κλειδί ανακλήθηκε."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Σίγουρα να υπογραφούν όλα τα user ID; "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Σίγουρα να υπογραφούν όλα τα user ID; "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Δεν μπορείτε να αλλάξετε την ημερομηνία λήξης σε ένα v3 κλειδί\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Αλλαγή ημερομηνίας λήξης για ένα δευτερεύον κλειδί.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Αλλαγή ημερομηνίας λήξης για ένα πρωτεύον κλειδί.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr ""
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Παρακαλώ επιλέξτε τον τύπο του κλειδιού που θέλετε:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA και ElGamal (προκαθορισμένο)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Το μέγεθος κλειδιού που ζητήθηκε είναι %u bits\n"
msgstr "ΣΗΜΕΙΩΣΗ: το κλειδί έχει ανακληθεί"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "ανεξάρτητη υπογραφή κλάσης 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "υπόθεση κακής υπογραφής από κλειδί %08lX λόγω άγνωστου κρίσιμου bit\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (για υπογραφή μόνο)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (για κρυπτογράφηση μόνο)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "η ενημέρωση απέτυχε: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "rondigita ĝis %u bitoj\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Ĉi tiu ŝlosilo eksvalidiĝos je %s.\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (nur ĉifri)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Bonvolu elekti, kian ŝlosilon vi deziras:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (nur subskribi)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA kaj ElGamal (implicita elekto)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Nevalida elekto.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "eraro dum sendo al '%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "eraro dum skribado de sekreta ŝlosilaro '%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Tiu komando ne eblas en la reĝimo %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Nevalida elekto.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Kialo por revoko: "
msgstr "aktualigo malsukcesis: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Tiu komando ne eblas en la reĝimo %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "ignorita: sekreta ŝlosilo jam ĉeestas\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "eraro dum legado de '%s': %s\n"
+
msgid "quit this menu"
msgstr "forlasi ĉi tiun menuon"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOMO|uzi NOMOn kiel implicitan ricevonton"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "ŝanĝi la posedantofidon"
+
msgid "gpg/card> "
msgstr ""
msgstr "nevalida kompendi-metodo '%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "nevalida kiraso"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s ne estas valida signaro\n"
msgstr "Ŝlosilo estas revokita.\n"
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Ĉu vere subskribi ĉiujn uzantidentigilojn? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Ĉu vere subskribi ĉiujn uzantidentigilojn? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Vi ne povas ŝanĝi la daton de eksvalidiĝo de v3-ŝlosilo\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Ŝanĝas la daton de eksvalidiĝo de flanka ŝlosilo.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Ŝanĝas la daton de eksvalidiĝo de la ĉefa ŝlosilo.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "Uzantidentigilo \"%s\" estas revokita.\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Bonvolu elekti, kian ŝlosilon vi deziras:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA kaj ElGamal (implicita elekto)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Petita ŝlosilgrando estas %u bitoj\n"
msgstr "ŝlosilo %08lX: ŝlosilo estas revokita!\n"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "memstara subskribo de klaso 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "supozas malbonan subskribon pro nekonata \"critical bit\"\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (nur subskribi)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (nur ĉifri)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "aktualigo malsukcesis: %s\n"
" la documentación de su tarjeta para ver los tamaños posibles.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "¿De qué tamaño quiere la clave de Firmado? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "¿De qué tamaño quiere la clave de Cifrado? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "¿De qué tamaño quiere la clave de Autenticación? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Ahora la tarjeta se reconfigurará para generar una clave de %u bits\n"
+msgid "What keysize do you want? (%u) "
+msgstr "¿De qué tamaño quiere la clave? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "los tamaños de claves %s deben estar en el rango %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Clave de firmado\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Clave de cifrado\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Clave de autentificación\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Por favor seleccione tipo de clave deseado:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) DSA and Elgamal\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA y ElGamal\n"
+
+msgid "Invalid selection.\n"
+msgstr "Elección inválida.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Ahora la tarjeta se reconfigurará para generar una clave de %u bits\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Ahora la tarjeta se reconfigurará para generar una clave de %u bits\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "error cambiando el tamaño de la clave %d a %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "error obteniendo la información actual de la clave: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Esta orden no se permite en modo %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
"¿Hacer copia de seguridad externa a la tarjeta de clave de cifrado? (S/n)"
msgid " (3) Authentication key\n"
msgstr " (3) Clave de autentificación\n"
-msgid "Invalid selection.\n"
-msgstr "Elección inválida.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Por favor elija donde guardar la clave:\n"
msgstr "lectura fallida: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Esta orden no se permite en modo %s.\n"
-
-#, fuzzy
#| msgid "NOTE: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "NOTA: ¡claves ya almacenadas en la tarjeta!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "error cerrando %s: %s\n"
+
msgid "quit this menu"
msgstr "sale de este menú"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOMBRE|usa NOMBRE como destinatario por defecto"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "cambia valores de confianza"
+
msgid "gpg/card> "
msgstr "gpg/tarjeta> "
msgstr "código de país inválido en `%s', línea %d\n"
#, fuzzy, c-format
+#| msgid "missing argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "falta parámetro para la opción \"%.50s\"\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "`%s' no es un juego de caracteres válido\n"
msgid "Key is revoked."
msgstr "La clave está revocada."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "¿Firmar realmente todos los IDs de usuario? (s/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "¿Firmar realmente todos los IDs de usuario? (s/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "¿Firmar realmente todos los IDs de usuario? (s/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Sugerencia: seleccione los identificadores de usuario que firmar\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "No puede cambiar la fecha de caducidad de una clave v3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Cambiando fecha de caducidad de subclave.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Cambiando caducidad de clave primaria.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "la subclave de firmado %s ya está certificada en cruz\n"
msgid " (%c) Finished\n"
msgstr " (%c) Acabado\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Por favor seleccione tipo de clave deseado:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA y RSA (por defecto)\n"
msgstr "¿De qué tamaño quiere la subclave? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "¿De qué tamaño quiere la clave? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "El tamaño requerido es de %u bits\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "NOTA: la clave de firmado %s ha sido revocada\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "firma independiente de clase 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"la clave que acaba de crear una vez más.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Clave existente\n"
"Compara frase contraseña dada en entrada estándar con un fichero de "
"patrones\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "¿De qué tamaño quiere la clave de Firmado? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "¿De qué tamaño quiere la clave de Cifrado? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "¿De qué tamaño quiere la clave de Autenticación? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() falló: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Millist võtmepikkust te soovite? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Millist võtmepikkust te soovite? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Millist võtmepikkust te soovite? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "ümardatud üles %u bitini\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Allkiri aegus %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (ainult krüpteerimiseks)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Palun valige, millist võtmetüüpi te soovite:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (ainult allkirjastamiseks)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA ja ElGamal (vaikimisi)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Vigane valik.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "viga teate saatmisel serverile `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "viga salajase võtme võtmehoidlasse `%s' kirjutamisel: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "See käsklus ei ole %s moodis lubatud.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Vigane valik.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Palun valige tühistamise põhjus:\n"
msgstr "uuendamine ebaõnnestus: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "See käsklus ei ole %s moodis lubatud.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "jätsin vahele: avalik võti on juba olemas\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "viga `%s' lugemisel: %s\n"
+
msgid "quit this menu"
msgstr "välju sellest menüüst"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NIMI|kasuta NIME vaikimisi saajana"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "muuda omaniku usaldust"
+
msgid "gpg/card> "
msgstr ""
msgstr "vigane räsialgoritm `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "vigased impordi võtmed\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s ei ole lubatud kooditabel\n"
msgstr "Võti on tühistatud."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Kas allkirjastan tõesti kõik kasutaja IDd? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Kas allkirjastan tõesti kõik kasutaja IDd? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "v3 võtme aegumise aega ei saa muuta.\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Muudan sekundaarse võtme aegumise aega.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Muudan primaarse võtme aegumise aega.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "HOIATUS: allkirjastamise alamvõti %08lX ei ole rist-sertifitseeritud\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Palun valige, millist võtmetüüpi te soovite:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA ja ElGamal (vaikimisi)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Millist võtmepikkust te soovite? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Millist võtmepikkust te soovite? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Soovitud võtmepikkus on %u bitti\n"
msgstr "MÄRKUS: võti on tühistatud"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "eraldiseisev allkiri klassiga 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "eeldan tundmatu kriitilise biti tõttu võtmel %08lX vigast allkirja\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (ainult allkirjastamiseks)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (ainult krüpteerimiseks)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Millist võtmepikkust te soovite? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Millist võtmepikkust te soovite? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Millist võtmepikkust te soovite? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "uuendamine ebaõnnestus: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Minkä kokoisen avaimen haluat? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Minkä kokoisen avaimen haluat? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Minkä kokoisen avaimen haluat? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "pyöristetty %u bittiin\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Allekirjoitus vanheni %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (vain salaus)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Valitse millaisen avaimen haluat:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (vain allekirjoitus)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA ja ElGamal (oletus)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Valinta ei kelpaa.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "virhe lähettäessä kohteeseen \"%s\": %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "virhe kirjoitettaessa salaiseen avainrenkaaseen \"%s\": %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Tätä komentoa ei sallita %s-tilassa.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Valinta ei kelpaa.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Valitse mitätöinnin syy:\n"
msgstr "päivitys epäonnistui: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Tätä komentoa ei sallita %s-tilassa.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "ohitetaan: salainen avain on jo paikalla\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "virhe luettaessa tiedostoa \"%s\": %s\n"
+
msgid "quit this menu"
msgstr "ulos tästä valikosta"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NIMI|käytä NIMI oletusvastaanottajana"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "muuta luottamusastetta"
+
msgid "gpg/card> "
msgstr ""
msgstr "virheellinen tiivistealgoritmi \"%s\"\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "virheelliset tuontivalitsimet\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s ei kelpaa merkistöksi\n"
msgstr "Avain on mitätöity."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Varmastiko allekirjoita kaikki käyttäjätunnukset?"
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Varmastiko allekirjoita kaikki käyttäjätunnukset?"
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Et voi muuttaa v3-avainten vanhentumispäivää\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Muutetaan toissijaisen avaimen vanhentumisaikaa.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Muutetaan ensisijaisen avaimen vanhentumisaikaa.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "VAROITUS: allekirjoitusaliavain %08lX ei ole ristiinvarmennettu\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Valitse millaisen avaimen haluat:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA ja ElGamal (oletus)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Minkä kokoisen avaimen haluat? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Minkä kokoisen avaimen haluat? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Halutun avaimen koko on %u bittiä\n"
msgstr "HUOM: avain on mitätöity!"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "itsenäinen allekirjoitus luokkaa 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"Epäkelpo allekirjoitus avaimelta %08lX oletettavasti johtuen tuntemattomasta "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (vain allekirjoitus)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (vain salaus)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Minkä kokoisen avaimen haluat? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Minkä kokoisen avaimen haluat? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Minkä kokoisen avaimen haluat? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "päivitys epäonnistui: %s\n"
" tailles permises dans la documentation de la carte.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Quelle taille de clef désirez-vous pour la clef de signature ? (%u) "
+msgid "What keysize do you want? (%u) "
+msgstr "Quelle taille de clef désirez-vous ? (%u) "
#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Quelle taille de clef désirez-vous pour la clef de chiffrement ? (%u) "
+msgid "rounded up to %u bits\n"
+msgstr "arrondie à %u bits\n"
#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr ""
-"Quelle taille de clef désirez-vous pour la clef d'authentification ? (%u) "
+msgid "%s keysizes must be in the range %u-%u\n"
+msgstr "les tailles de clefs %s doivent être dans l'intervalle %u-%u\n"
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgid "Changing card key attribute for: "
msgstr ""
-"La carte sera maintenant reconfigurée pour générer une clef de %u bits\n"
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Clef de signature\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Clef de chiffrement\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Clef d'authentification\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Sélectionnez le type de clef désiré :\n"
#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "arrondie à %u bits\n"
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
#, c-format
-msgid "%s keysizes must be in the range %u-%u\n"
-msgstr "les tailles de clefs %s doivent être dans l'intervalle %u-%u\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Choix incorrect.\n"
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
"La carte sera maintenant reconfigurée pour générer une clef de %u bits\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"La carte sera maintenant reconfigurée pour générer une clef de %u bits\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "erreur de modification de taille de clef %d en %u bits : %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr ""
+"erreur de lecture des renseignements actuellement contenus\n"
+"dans la clef : %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Cette commande n'est pas permise en mode %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
"Faut-il faire une sauvegarde hors carte de la clef de chiffrement ? (O/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Clef d'authentification\n"
-msgid "Invalid selection.\n"
-msgstr "Choix incorrect.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Veuillez sélectionner l'endroit où stocker la clef :\n"
msgstr "échec de KEYTOCARD : %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Cette commande n'est pas permise en mode %s.\n"
-
-#, fuzzy
#| msgid "Note: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Remarque : les clefs sont déjà stockées sur la carte.\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "erreur de fermeture de %s : %s\n"
+
msgid "quit this menu"
msgstr "quitter ce menu"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOM|utiliser le NOM d'utilisateur pour authentif."
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "modifier la confiance du propriétaire"
+
msgid "gpg/card> "
msgstr "gpg/carte> "
msgid "invalid pinentry mode '%s'\n"
msgstr "mode pinentry « %s » incorrect\n"
+#, fuzzy, c-format
+#| msgid "invalid argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "argument incorrect pour l'option « %.50s »\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "« %s » n'est pas un jeu de caractères valable\n"
msgid "Key is revoked."
msgstr "La clef est révoquée."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Voulez-vous vraiment signer toutes les identités ? (o/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Voulez-vous vraiment signer toutes les identités ? (o/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Voulez-vous vraiment signer toutes les identités ? (o/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Conseil : sélectionner les identités à signer\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Vous ne pouvez pas modifier la date d'expiration d'une clef v3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Modification de la date d'expiration d'une sous-clef.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Modification de la date d'expiration de la clef principale.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "la sous-clef de signature %s a déjà une certification croisée\n"
msgid " (%c) Finished\n"
msgstr " (%c) Terminé\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Sélectionnez le type de clef désiré :\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA et RSA (par défaut)\n"
msgstr "Quelle taille de clef désirez-vous pour la sous-clef ? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Quelle taille de clef désirez-vous ? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "La taille demandée est %u bits\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "Remarque : la clef de signature %s a été révoquée\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "signature autonome de classe 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"la phrase secrète pour la clef que vous venez de créer.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Clef existante\n"
"Vérifier une phrase secrète donnée sur l'entrée standard par rapport à "
"ficmotif\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr ""
+#~ "Quelle taille de clef désirez-vous pour la clef de signature ? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr ""
+#~ "Quelle taille de clef désirez-vous pour la clef de chiffrement ? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr ""
+#~ "Quelle taille de clef désirez-vous pour la clef d'authentification ? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "échec de listen() : %s\n"
#~ msgid "no secret subkey for public subkey %s - ignoring\n"
#~ msgstr "pas de sous-clef secrète pour la sous-clef publique %s — ignorée\n"
-#~ msgid " (%d) ECC\n"
-#~ msgstr " (%d) ECC\n"
-
#, fuzzy
#~| msgid "can't create directory '%s': %s\n"
#~ msgid "can't create directory `%s': %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "¿Qué tamaño de chave quere? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "¿Qué tamaño de chave quere? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "¿Qué tamaño de chave quere? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "redondeado a %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "A sinatura caducou o %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (só cifrar)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Por favor, seleccione o tipo de chave que quere:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (só asinar)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA e ElGamal (por defecto)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Selección non válida.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "erro ao enviar a `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "erro escribindo no chaveiro secreto `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Non se admite este comando no modo %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Selección non válida.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Por favor, escolla o motivo da revocación:\n"
msgstr "a actualización fallou: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Non se admite este comando no modo %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "omítese: a chave secreta xa está presente\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "erro lendo `%s': %s\n"
+
msgid "quit this menu"
msgstr "saír deste menú"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOME|empregar NOME como valor por defecto do destinatario"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "cambia-la confianza sobre o dono"
+
msgid "gpg/card> "
msgstr ""
msgstr "algoritmo de hash non válido `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opcións de importación non válidas\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s non é un xogo de caracteres válido\n"
msgstr "A chave está revocada."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "¿Seguro de que quere asinar tódolos IDs de usuario? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "¿Seguro de que quere asinar tódolos IDs de usuario? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Non pode cambia-la data de expiración dunha chave v3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Cambiando a data de expiración para a chave secundaria.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Cambiando a data de expiración da chave primaria.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr ""
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Por favor, seleccione o tipo de chave que quere:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA e ElGamal (por defecto)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "¿Qué tamaño de chave quere? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "¿Qué tamaño de chave quere? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "O tamaño de chave requerido son %u bits\n"
msgstr "NOTA: a chave está revocada"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "sinatura independiente de clase 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"asumindo unha sinatura incorrecta da chave %08lX debido a un bit crítico "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (só asinar)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (só cifrar)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "¿Qué tamaño de chave quere? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "¿Qué tamaño de chave quere? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "¿Qué tamaño de chave quere? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "a actualización fallou: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Milyen kulcsméretet szeretne? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Milyen kulcsméretet szeretne? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Milyen kulcsméretet szeretne? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "Felkerekítve %u bitre.\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Az aláírás lejárt: %s.\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (csak titkosítás)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Kérem, adja meg, milyen kulcsot kíván:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (csak aláírás)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA és ElGamal (alapértelmezés)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Érvénytelen választás.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "Hiba %s-ra/-re küldéskor: %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "Hiba a(z) \"%s\" titkoskulcs-karika írásakor: %s.\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Ez a parancs %s módban nem engedélyezett.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Érvénytelen választás.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Kérem, válassza ki a visszavonás okát:\n"
msgstr "Frissítés sikertelen: %s.\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Ez a parancs %s módban nem engedélyezett.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Kihagytam: titkos kulcs már jelen van.\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "Hiba \"%s\" olvasásakor: %s\n"
+
msgid "quit this menu"
msgstr "kilépés ebből a menüből"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NÉV|NÉV használata alapértelmezett címzettként"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "kulcstulajdonos megbízhatóságának beállítása"
+
msgid "gpg/card> "
msgstr ""
msgstr "Érvénytelen kivonatoló algoritmus: %s\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "Érvénytelen import opciók!\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s nem érvényes karakterkiosztás!\n"
msgstr "A kulcsot visszavonták."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Valóban aláírja az összes felhasználóazonosítót? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Valóban aláírja az összes felhasználóazonosítót? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Nem változtathatja meg egy v3 kulcs lejárati dátumát!\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Másodlagos kulcs lejárati idejének változtatása.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Elsődleges kulcs lejárati idejének változtatása.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "FIGYELEM: %08lX aláíró alkulcs nem kereszthitelesített.\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Kérem, adja meg, milyen kulcsot kíván:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA és ElGamal (alapértelmezés)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Milyen kulcsméretet szeretne? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Milyen kulcsméretet szeretne? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "A kívánt kulcsméret %u bit.\n"
msgstr "MEGJEGYZÉS: A kulcsot visszavonták."
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "0x%02x osztályú különálló aláírás.\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"Rossz aláírást feltételezek a %08lX kulcstól egy ismeretlen\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (csak aláírás)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (csak titkosítás)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Milyen kulcsméretet szeretne? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Milyen kulcsméretet szeretne? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Milyen kulcsméretet szeretne? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "Frissítés sikertelen: %s.\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Keysize yang anda inginkan? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Keysize yang anda inginkan? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Keysize yang anda inginkan? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "dibulatkan hingga %u bit\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Signature kadaluwarsa %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (hanya enkripsi)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Silakan pilih kunci yang anda inginkan:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (hanya menandai)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA dan ElGamal (baku)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Pilihan tidak valid.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "kesalahan mengirim ke `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "kesalahan menulis keyring rahasia `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Perintah ini tidak dibolehkan saat dalam mode %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Pilihan tidak valid.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Silakan pilih alasan untuk pembatalan:\n"
msgstr "gagal memperbarui: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Perintah ini tidak dibolehkan saat dalam mode %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "dilewati: kunci pribadi telah ada\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "kesalahan membaca `%s': %s\n"
+
msgid "quit this menu"
msgstr "berhenti dari menu ini"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NAMA|gunakan NAMA sebagai penerima baku"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "ubah ownertrust"
+
msgid "gpg/card> "
msgstr ""
msgstr "algoritma hash tidak valid `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opsi impor tidak valid\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s bukanlah set karakter yang valid\n"
msgstr "Kunci dibatalkan"
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Tandai ID seluruh user? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Tandai ID seluruh user? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Anda tidak dapat merubah batas waktu kunci v3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Merubah batas waktu untuk kunci sekunder.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Merubah batas waktu untuk kunci primer.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "PERINGATAN: subkey penandatangan %08lX tidak tersertifikasi silang\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Silakan pilih kunci yang anda inginkan:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA dan ElGamal (baku)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Keysize yang anda inginkan? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Keysize yang anda inginkan? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Keysize yang diminta adalah %u bit\n"
msgstr "CATATAN: kunci telah dibatalkan"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "kelas signature mandiri 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"mengasumsikan signature buruk dari kunci %08lX karena ada bit kritik tidak "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (hanya menandai)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (hanya enkripsi)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Keysize yang anda inginkan? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Keysize yang anda inginkan? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Keysize yang anda inginkan? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "gagal memperbarui: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Di che dimensioni vuoi la chiave? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Di che dimensioni vuoi la chiave? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Di che dimensioni vuoi la chiave? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrotondate a %u bit\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Firma scaduta il %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (cifra solo)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Per favore scegli che tipo di chiave vuoi:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (firma solo)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA e ElGamal (default)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Scelta non valida.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "errore leggendo `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "errore scrivendo il portachiavi segreto `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Questo comando non è permesso in modalità %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Scelta non valida.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Per favore scegli il motivo della revoca:\n"
msgstr "aggiornamento fallito: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Questo comando non è permesso in modalità %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "saltata: chiave pubblica già presente\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "errore leggendo `%s': %s\n"
+
msgid "quit this menu"
msgstr "abbandona questo menù"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOME|usa NOME come destinatario predefinito"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "cambia il valore di fiducia"
+
msgid "gpg/card> "
msgstr ""
msgstr "algoritmo di hash non valido `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opzioni di importazione non valide\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s non è un set di caratteri valido\n"
msgstr "La chiave è stata revocata."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Firmo davvero tutti gli user ID? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Firmo davvero tutti gli user ID? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Non è possibile cambiare la data di scadenza di una chiave v3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Cambio la data di scadenza per una chiave secondaria.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Cambio la data di scadenza per la chiave primaria.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr ""
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Per favore scegli che tipo di chiave vuoi:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA e ElGamal (default)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Di che dimensioni vuoi la chiave? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Di che dimensioni vuoi la chiave? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "La dimensione richiesta della chiave è %u bit\n"
msgstr "NOTA: la chiave è stata revocata"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "firma solitaria di classe 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"si suppone una firma non valida della chiave %08lX a causa di un\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (firma solo)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (cifra solo)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Di che dimensioni vuoi la chiave? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Di che dimensioni vuoi la chiave? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Di che dimensioni vuoi la chiave? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "aggiornamento fallito: %s\n"
#
msgid ""
msgstr ""
-"Project-Id-Version: gnupg 2.2.3\n"
+"Project-Id-Version: gnupg 2.2.6\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-12-18 14:07+0900\n"
+"PO-Revision-Date: 2018-03-30 19:31+0900\n"
"Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n"
"Language-Team: none\n"
"Language: ja\n"
" 利用できる鍵長について確認ください。\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "署名鍵の鍵長は? (%u) "
+msgid "What keysize do you want? (%u) "
+msgstr "鍵長は? (%u) "
#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "暗号化鍵の鍵長は? (%u) "
+msgid "rounded up to %u bits\n"
+msgstr "%uビットに切り上げます\n"
#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "認証鍵の鍵長は? (%u) "
+msgid "%s keysizes must be in the range %u-%u\n"
+msgstr "%s 鍵長は %u-%u の範囲でなければなりません\n"
-#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-"カードは、今、こちらのタイプの鍵を生成するように再コンフィグされました: %s\n"
+msgid "Changing card key attribute for: "
+msgstr "こちらのカード鍵の属性を変更します: "
+
+msgid "Signature key\n"
+msgstr "署名鍵\n"
+
+msgid "Encryption key\n"
+msgstr "暗号化鍵\n"
+
+msgid "Authentication key\n"
+msgstr "認証鍵\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "ご希望の鍵の種類を選択してください:\n"
#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "%uビットに切り上げます\n"
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
#, c-format
-msgid "%s keysizes must be in the range %u-%u\n"
-msgstr "%s 鍵長は %u-%u の範囲でなければなりません\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "無効な選択です。\n"
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "今、%uビットの鍵を生成するようにカードは再コンフィグされました\n"
#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
-msgstr "鍵%dの長さを%u bit に変更する際にエラー: %s\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"カードは、今、こちらのタイプの鍵を生成するように再コンフィグされました: %s\n"
+
+#, c-format
+msgid "error changing key attribute for key %d: %s\n"
+msgstr "鍵%dの属性を変更する際にエラー: %s\n"
+
+#, c-format
+msgid "error getting card info: %s\n"
+msgstr "鍵情報の取得エラー: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "このカードでは、このコマンドはサポートされていません。\n"
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "暗号化鍵のカード外バックアップを作成しますか? (Y/n) "
msgid " (3) Authentication key\n"
msgstr " (3) 認証鍵\n"
-msgid "Invalid selection.\n"
-msgstr "無効な選択です。\n"
-
msgid "Please select where to store the key:\n"
msgstr "鍵を保管する場所を選択してください:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "KEYTOCARDが失敗しました: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "このカードでは、このコマンドはサポートされていません。\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "*注意*: このコマンドはカードに保管してあるすべての鍵を破壊します!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "工場出荷リセットを行いますか? (本当なら \"yes\" と入力) "
+#, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "KDF設定のエラー: %s\n"
+
msgid "quit this menu"
msgstr "このメニューを終了"
msgid "destroy all keys and data"
msgstr "すべての鍵とデータを破壊します"
+msgid "setup KDF for PIN authentication"
+msgstr "PIN認証のKDFを設定する"
+
+msgid "change the key attribute"
+msgstr "鍵の属性の変更"
+
msgid "gpg/card> "
msgstr "gpg/card> "
msgstr "無効な pinentry mode '%s'です\n"
#, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "無効な送信元要求 '%s' です\n"
+
+#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "'%s'は、有効な文字集合ではありません\n"
msgid "Key is revoked."
msgstr "鍵は、失効されています。"
-msgid "Really sign all user IDs? (y/N) "
-msgstr "本当に全ユーザIDに署名しますか? (y/N) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr "本当に全てのテキストユーザIDに署名しますか? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "本当に全ユーザIDに署名しますか? (y/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "ヒント: まず署名するユーザIDを選択します\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "v3鍵の有効期限は変更できません\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "副鍵の有効期限を変更します。\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "主鍵の有効期限を変更します。\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "署名する副鍵%sはすでに相互証明されています\n"
msgid " (%c) Finished\n"
msgstr " (%c) 完了\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "ご希望の鍵の種類を選択してください:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA と RSA (デフォルト)\n"
msgstr "副鍵の鍵長は? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "鍵長は? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "要求された鍵長は%uビット\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "*注意*: 鍵 %s は失効済みです\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "クラス0x%02xのスタンドアロン署名\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "不明のクリティカル・ビットにより、鍵%sの署名を不正とみなします\n"
"さい。\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) 既存の鍵\n"
"形式: gpg-check-pattern [オプション] パターンファイル\n"
"パターンファイルに対して標準入力のパスフレーズを確認する\n"
+#~ msgid "No change."
+#~ msgstr "変更なし。"
+
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "署名鍵の鍵長は? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "暗号化鍵の鍵長は? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "認証鍵の鍵長は? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() に失敗しました: %s\n"
" det tillater hvis nøkkelgenerering mislykkes.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Hvor stor skal signaturnøkkelen være? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Hvor stor skal krypteringsnøkkelen være? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Hvor stor skal autentiseringsnøkkelen være? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Kortet blir nå satt opp på nytt for å lage nøkkel på %u bit\n"
+msgid "What keysize do you want? (%u) "
+msgstr "Hvor stor skal nøkkelen være? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "%s nøkkelstørrelser må ligge i rekkevidden %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Signaturnøkkel\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Krypteringsnøkkel\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Autentiseringsnøkkel\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Velg hvilken type nøkkel du vil ha:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) ECC and ECC\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC og ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Ugyldig valg.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Kortet blir nå satt opp på nytt for å lage nøkkel på %u bit\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Kortet blir nå satt opp på nytt for å lage nøkkel på %u bit\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "feil under endring av størrelse på nøkkel %d til %u bit: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "feil under henting av nøkkelinfo: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "Denne kommandoen støttes ikke av dette kortet\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Lage sikkerhetskopi av krypteringsnøkler utenfor kortet? (J/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Autentiseringsnøkkel\n"
-msgid "Invalid selection.\n"
-msgstr "Ugyldig valg.\n"
-
msgid "Please select where to store the key:\n"
msgstr "velg hvor nøkkelen skal lagres:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "KEYTOCARD mislyktes: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "Denne kommandoen støttes ikke av dette kortet\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Merk: denne kommandoen ødelegger alle nøkler på kortet.\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "Er du sikker på at du vil gjenopprette fabrikkoppsett? (skriv «ja») "
+#, fuzzy, c-format
+#| msgid "error looking up: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "feil under oppslag av %s\n"
+
msgid "quit this menu"
msgstr "gå ut av denne menyen"
msgid "destroy all keys and data"
msgstr "ødelegg alle nøkler og data"
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|NAVN|bruk valgt brukerNAVN til autentisering"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "endre eiertillit"
+
msgid "gpg/card> "
msgstr "gpg/kort> "
msgid "invalid pinentry mode '%s'\n"
msgstr "PIN-inntastingsmodus «%s» er ugyldig\n"
+#, fuzzy, c-format
+#| msgid "invalid value for option '%s'\n"
+msgid "invalid request origin '%s'\n"
+msgstr "ugyldig verdi for valg «%s»\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "«%s» er ikke et gyldig tegnsett\n"
msgid "Key is revoked."
msgstr "Nøkkelen er opphevet."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Er du sikekr på at du vil signerere alle bruker-id-er? (j/N) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr "Er du sikker på at du vil signerere alle bruker-id-er? (j/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Er du sikekr på at du vil signerere alle bruker-id-er? (j/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Tips: Velg bruker-id-en(e) du vil signere\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Du kan ikke endre utløpsdato for v3-nøkler\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Endrer utløpstid for undernøkkel.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Endrer utløpstid for primærnøkkel.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "signerings-undernøkkel %s er allerede kryssertifisert\n"
msgid " (%c) Finished\n"
msgstr " (%c) Ferdig\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Velg hvilken type nøkkel du vil ha:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA og RSA (standard)\n"
msgstr "Hvor stor vil du at undernøkkelen skal være? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Hvor stor skal nøkkelen være? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Forespurt nøkkelstørrelse er %u bit\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "Merk: signaturnøkkel %s er opphevet\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "separat signatur av klasse 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "antatt ugyldig signatur fra nøkkel %s pga. ukjent «kritisk»-bit\n"
"sertifikat-forespørselen.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Nøkkel\n"
"Syntaks: gpg-check-pattern [valg] mønsterfil\n"
"Kontroller passordfrase oppgitt på standard innkanal mot valgt mønsterfil\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Hvor stor skal signaturnøkkelen være? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Hvor stor skal krypteringsnøkkelen være? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Hvor stor skal autentiseringsnøkkelen være? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() mislyktes: %s\n"
" dokumentację karty, aby poznać dozwolone rozmiary.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Jakiej długości klucz do podpisywania wygenerować? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Jakiej długości klucz do szyfrowania wygenerować? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Jakiej długości klucz do uwierzytelniania wygenerować? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Karta zostanie przekonfigurowana do tworzenia klucza %u-bitowego\n"
+msgid "What keysize do you want? (%u) "
+msgstr "Jakiej długości klucz wygenerować? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "Rozmiary kluczy %s muszą być z przedziału %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Klucz do podpisów\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Klucz do szyfrowania\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Klucz do uwierzytelniania\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Proszę wybrać rodzaj klucza:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) DSA and Elgamal\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA i Elgamala\n"
+
+msgid "Invalid selection.\n"
+msgstr "Niewłaściwy wybór.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Karta zostanie przekonfigurowana do tworzenia klucza %u-bitowego\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Karta zostanie przekonfigurowana do tworzenia klucza %u-bitowego\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "błąd podczas zmiany rozmiaru klucza %d na %u bitów: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "błąd podczas odczytu aktualnych informacji o kluczu: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "To polecenie nie jest dostępne w trybie %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Stworzyć poza kartą kopię zapasową klucza szyfrującego? (T/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Klucz do uwierzytelniania\n"
-msgid "Invalid selection.\n"
-msgstr "Niewłaściwy wybór.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Proszę wybrać gdzie zapisać klucz:\n"
msgstr "odczyt nie powiódł się: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "To polecenie nie jest dostępne w trybie %s.\n"
-
-#, fuzzy
#| msgid "NOTE: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "UWAGA: klucze są już zapisane na karcie!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "błąd zamykania %s: %s\n"
+
msgid "quit this menu"
msgstr "wyjście z tego menu"
msgid "destroy all keys and data"
msgstr ""
+msgid "setup KDF for PIN authentication"
+msgstr ""
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "zmiana zaufania właściciela"
+
msgid "gpg/card> "
msgstr "gpg/karta> "
msgstr "niewłaściwy kod kraju w ,,%s'', w linii %d\n"
#, fuzzy, c-format
+#| msgid "missing argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "brak argumentu dla opcji ,,%.50s''\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr ",,%s'' nie jest poprawną nazwą zestawu znaków\n"
msgid "Key is revoked."
msgstr "Klucz unieważniony."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Czy na pewno podpisać wszystkie identyfikatory użytkownika? (t/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Czy na pewno podpisać wszystkie identyfikatory użytkownika? (t/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Czy na pewno podpisać wszystkie identyfikatory użytkownika? (t/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Podpowiedź: wybierz identyfikatory użytkownika do podpisania.\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Nie można zmienić daty ważności klucza w wersji 3.\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Zmiana daty ważności podklucza.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Zmiana daty ważności głównego klucza.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "podklucz podpisujący %s jest już skrośnie podpisany\n"
msgid " (%c) Finished\n"
msgstr " (%c) Zakończenie\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Proszę wybrać rodzaj klucza:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA i RSA (domyślne)\n"
msgstr "Jakiej długości podklucz wygenerować? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Jakiej długości klucz wygenerować? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Żądana długość klucza to %u bitów.\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "UWAGA: klucz podpisujący %s został unieważniony\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "oddzielony podpis klasy 0x%02x.\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"utworzonego klucza.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Istniejący klucz\n"
"Składnia: gpg-check-pattern [opcje] plik-wzorców\n"
"Sprawdzanie hasła ze standardowego wejścia względem pliku wzorców\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Jakiej długości klucz do podpisywania wygenerować? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Jakiej długości klucz do szyfrowania wygenerować? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Jakiej długości klucz do uwierzytelniania wygenerować? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() nie powiodło się: %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Qual o tamanho de chave desejado? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Qual o tamanho de chave desejado? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Qual o tamanho de chave desejado? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "arredondado para %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Esta assinatura expirou em %s.\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (apenas cifragem)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Por favor selecione o tipo de chave desejado:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (apenas assinatura)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA e ElGamal (por omissão)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Opção inválida.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "erro ao enviar para `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "erro ao escrever no porta-chaves secreto `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Este comando não é permitido no modo %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Opção inválida.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "motivo da revocação: "
msgstr "actualização falhou: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Este comando não é permitido no modo %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "ignorado: a chave secreta já está presente\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "erro na leitura de `%s': %s\n"
+
msgid "quit this menu"
msgstr "sair deste menu"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NOME|usar NOME como destinatário por omissão"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "muda os valores de confiança"
+
msgid "gpg/card> "
msgstr ""
msgstr "algoritmo de dispersão inválido `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opções de importação inválidas\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s não é um conjunto de caracteres válido\n"
msgstr "A chave está revogada."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Realmente assinar todos os IDs de utilizador? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Realmente assinar todos os IDs de utilizador? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Você não pode modificar a data de validade de uma chave v3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "A modificar a data de validade para uma chave secundária.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Modificar a data de validade para uma chave primária.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "não pode escolher uma chave como revogadora de si mesmo\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Por favor selecione o tipo de chave desejado:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA e ElGamal (por omissão)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Qual o tamanho de chave desejado? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Qual o tamanho de chave desejado? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "O tamanho de chave pedido é %u bits\n"
msgstr "NOTA: a chave foi revogada"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "assinatura de classe 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"assumindo assinatura incorrecta na chave %08lX devido a um bit crítico "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (apenas assinatura)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (apenas cifragem)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Qual o tamanho de chave desejado? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Qual o tamanho de chave desejado? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Qual o tamanho de chave desejado? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "actualização falhou: %s\n"
" documentation of your card to see what sizes are allowed.\n"
msgstr ""
-#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Ce lungime de cheie doriţi? (%u) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Ce lungime de cheie doriţi? (%u) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Ce lungime de cheie doriţi? (%u) "
-
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
+msgid "What keysize do you want? (%u) "
+msgstr "Ce lungime de cheie doriţi? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "dimensiunile cheii %s trebuie să fie în intervalul %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Cheie de semnare\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Cheie de cifrare\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Cheie de autentificare\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Selectaţi ce fel de cheie doriţi:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (numai semnare)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA şi Elgamal (implicit)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Selecţie invalidă.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "eroare trimitere la `%s': %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "eroare la obţinerea informaţiei pentru cheia curentă: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Această comandă nu este permisă în modul %s.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Creez copie de rezervă a cheii de cifrare în afara cardului? (d/N) "
msgid " (3) Authentication key\n"
msgstr " (3) Cheie de autentificare\n"
-msgid "Invalid selection.\n"
-msgstr "Selecţie invalidă.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Vă rugăm selectaţi unde să fie stocată cheia:\n"
msgstr "actualizarea a eşuat: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Această comandă nu este permisă în modul %s.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "cheia secretă deja stocată pe un card\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "eroare în `%s': %s\n"
+
msgid "quit this menu"
msgstr "ieşi din acest meniu"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NUME|foloseşte NUME ca destinatar implicit"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "schimbă încrederea pentru proprietar"
+
msgid "gpg/card> "
msgstr ""
msgstr "algoritm hash invalid `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "opţiuni enumerare invalide\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "`%s' nu este un set de carectere valid\n"
msgid "Key is revoked."
msgstr "Cheia este revocată."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Semnaţi într-adevăr toate ID-urile utilizator? (d/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Semnaţi într-adevăr toate ID-urile utilizator? (d/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Semnaţi într-adevăr toate ID-urile utilizator? (d/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Sugestie: Selectaţi ID-ul utilizator de semnat\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Nu puteţi schimba data de expirare a unei chei v3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Schimb timpul de expirare pentru o subcheie.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Schimb timpul de expirare pentru cheia primară.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr ""
msgid " (%c) Finished\n"
msgstr " (%c) Terminat\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Selectaţi ce fel de cheie doriţi:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA şi Elgamal (implicit)\n"
msgstr "Ce lungime de cheie doriţi? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Ce lungime de cheie doriţi? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Lungimea cheii necesară este %u biţi\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "NOTĂ: cheia a fost revocată"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "semnătură de sine stătătoare (standalone) de clasă 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (numai semnare)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (2) Cheie de cifrare\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Ce lungime de cheie doriţi? (%u) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Ce lungime de cheie doriţi? (%u) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Ce lungime de cheie doriţi? (%u) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "actualizarea a eşuat: %s\n"
" на карту и выясните, какие размеры допустимы.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Какой Вам нужен размер ключа для подписей? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Какой Вам нужен размер ключа для шифрования? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Какой Вам нужен размер ключа для удостоверения личности? (%u) "
-
-#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "Теперь карта будет перенастроена на генерацию ключа типа %s\n"
+msgid "What keysize do you want? (%u) "
+msgstr "Какой размер ключа Вам необходим? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "размер ключей %s должен быть в пределах %u-%u\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Ключ подписи\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Ключ шифрования\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Ключ удостоверения личности\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Выберите тип ключа:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) ECC and ECC\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC и ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Неправильный выбор.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "Теперь карта будет перенастроена на генерацию ключа длиной %u бит\n"
#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Теперь карта будет перенастроена на генерацию ключа типа %s\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "ошибка изменения размера ключа %d до %u бит: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "ошибка при считывании информации ключа: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "Данная команда этой картой не поддерживается\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Сделать вне карты архивную копию ключа шифрования? (Y/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Ключ удостоверения личности\n"
-msgid "Invalid selection.\n"
-msgstr "Неправильный выбор.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Выберите, где хранить ключ:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "сбой записи ключа на карту: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "Данная команда этой картой не поддерживается\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Замечание: эта команда сотрет с карты все ключи!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "Подтвердите сброс к заводским установкам (введите \"yes\") "
+#, fuzzy, c-format
+#| msgid "error looking up: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "ошибка поиска: %s\n"
+
msgid "quit this menu"
msgstr "выйти из этого меню"
msgid "destroy all keys and data"
msgstr "уничтожить все ключи и данные"
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|NAME|использовать имя пользователя NAME для удостоверения личности"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "изменить уровень доверия владельцу"
+
msgid "gpg/card> "
msgstr "gpg/card> "
msgid "invalid pinentry mode '%s'\n"
msgstr "недопустимый режим ввода пароля '%s'\n"
+#, fuzzy, c-format
+#| msgid "invalid value for option '%s'\n"
+msgid "invalid request origin '%s'\n"
+msgstr "недопустимое значения параметра \"%s\"\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "'%s' - не допустимая таблица символов\n"
msgid "Key is revoked."
msgstr "Ключ отозван."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Действительно подписать все идентификаторы пользователя? (y/N) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr ""
"Действительно подписать все текстовые идентификаторы пользователя? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Действительно подписать все идентификаторы пользователя? (y/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr ""
"Подсказка: Выберите идентификаторы пользователей, которые нужно подписать\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Нельзя изменить срок действия ключа v3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Смена срока действия подключа.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Смена срока действия первичного ключа.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "подписывающий подключ %s уже перекрестно заверен\n"
msgid " (%c) Finished\n"
msgstr " (%c) Завершено\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Выберите тип ключа:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA и RSA (по умолчанию)\n"
msgstr "Какой размер подключа необходим? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Какой размер ключа Вам необходим? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Запрошенный размер ключа - %u бит\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "Замечание: ключ для подписей %s отозван\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "отдельная подпись класса 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"ключа, который вы только что создали, еще раз.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Имеющийся ключ\n"
"Синтаксис: gpg-check-pattern [параметры] файл_образцов\n"
"Проверить фразу-пароль, поступающую из stdin, по файлу образцов\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Какой Вам нужен размер ключа для подписей? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Какой Вам нужен размер ключа для шифрования? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Какой Вам нужен размер ключа для удостоверения личности? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "сбой listen(): %s\n"
msgstr ""
#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Akú veľkosť kľúča si prajete? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Akú veľkosť kľúča si prajete? (1024) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
+msgid "What keysize do you want? (%u) "
msgstr "Akú veľkosť kľúča si prajete? (1024) "
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
-
-#, c-format
msgid "rounded up to %u bits\n"
msgstr "zaokrúhlené na %u bitov\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr ""
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+msgid "Signature key\n"
+msgstr "Platnosť podpisu vypršala %s\n"
+
+#, fuzzy
+msgid "Encryption key\n"
+msgstr " (%d) RSA (len na šifrovanie)\n"
+
+msgid "Authentication key\n"
+msgstr ""
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Prosím, vyberte druh kľúča, ktorý chcete:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (len na podpis)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA a ElGamal (implicitný)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Neplatný výber.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "chyba pri posielaní na `%s': %s\n"
+#, fuzzy, c-format
+msgid "error getting card info: %s\n"
+msgstr "chyba pri zápise do súboru tajných kľúčov `%s': %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Tento príkaz nie je v módoch %s dovolený.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr ""
msgid " (3) Authentication key\n"
msgstr ""
-msgid "Invalid selection.\n"
-msgstr "Neplatný výber.\n"
-
#, fuzzy
msgid "Please select where to store the key:\n"
msgstr "Prosím výberte dôvod na revokáciu:\n"
msgstr "aktualizácia zlyhala: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Tento príkaz nie je v módoch %s dovolený.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "preskočené: tajný kľúč je už v databáze\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "chyba pri čítaní `%s': %s\n"
+
msgid "quit this menu"
msgstr "ukončiť toto menu"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|MENO|použiť MENO ako implicitného adresáta"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "zmeniť dôveryhodnosť vlastníka kľúča"
+
msgid "gpg/card> "
msgstr ""
msgstr "neplatný hashovací algoritmus `%s'\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "neplatný parameter pre import\n"
+
+#, fuzzy, c-format
msgid "'%s' is not a valid character set\n"
msgstr "%s nie je platná znaková sada\n"
msgstr "Kľúč revokovaný."
#, fuzzy
-msgid "Really sign all user IDs? (y/N) "
+msgid "Really sign all text user IDs? (y/N) "
msgstr "Skutočne podpísať všetky id užívateľa? "
#, fuzzy
-msgid "Really sign all text user IDs? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
msgstr "Skutočne podpísať všetky id užívateľa? "
msgid "Hint: Select the user IDs to sign\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Nemôžete zmeniť dobu platnosti kľúča verzie 3\n"
+#, fuzzy
+msgid "Changing usage of a subkey.\n"
+msgstr "Mením dobu platnosti sekundárneho kľúča.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Mením dobu platnosti primárneho kľúča.\n"
+
#, fuzzy, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "VAROVANIE: podpisovací podkľúč %08lX nie je krížovo certifikovaný\n"
msgid " (%c) Finished\n"
msgstr ""
-msgid "Please select what kind of key you want:\n"
-msgstr "Prosím, vyberte druh kľúča, ktorý chcete:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA a ElGamal (implicitný)\n"
msgid "What keysize do you want for the subkey? (%u) "
msgstr "Akú veľkosť kľúča si prajete? (1024) "
-#, fuzzy, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Akú veľkosť kľúča si prajete? (1024) "
-
#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Požadovaná dĺžka kľúča je %u bitov.\n"
msgstr "POZNÁMKA: kľúč bol revokovaný"
#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "samostatný podpis triedy 0x%02x\n"
+
+#, fuzzy, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"predpokladám neplatný podpis kľúčom %08lX, pretože je nastavený neznámy "
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (len na podpis)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) RSA (len na šifrovanie)\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Akú veľkosť kľúča si prajete? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Akú veľkosť kľúča si prajete? (1024) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Akú veľkosť kľúča si prajete? (1024) "
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "aktualizácia zlyhala: %s\n"
" som tillåts.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Vilken nyckelstorlek vill du använda för signaturnyckeln? (%u) "
+msgid "What keysize do you want? (%u) "
+msgstr "Vilken nyckelstorlek vill du ha? (%u) "
#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Vilken nyckelstorlek vill du använda för krypteringsnyckeln? (%u) "
+msgid "rounded up to %u bits\n"
+msgstr "avrundade uppåt till %u bitar\n"
#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Vilken nyckelstorlek vill du använda för autentiseringsnyckeln? (%u) "
+msgid "%s keysizes must be in the range %u-%u\n"
+msgstr "%s nyckelstorlekar måste vara inom intervallet %u-%u\n"
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgid "Changing card key attribute for: "
msgstr ""
-"Kortet kommer nu att konfigureras om för att generera en nyckel med %u "
-"bitar\n"
-#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "avrundade uppåt till %u bitar\n"
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Signeringsnyckel\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Krypteringsnyckel\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Autentiseringsnyckel\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Välj vilken typ av nyckel du vill ha:\n"
#, c-format
-msgid "%s keysizes must be in the range %u-%u\n"
-msgstr "%s nyckelstorlekar måste vara inom intervallet %u-%u\n"
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) DSA and Elgamal\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA och Elgamal\n"
+
+msgid "Invalid selection.\n"
+msgstr "Ogiltigt val.\n"
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
"Kortet kommer nu att konfigureras om för att generera en nyckel med %u "
"bitar\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"Kortet kommer nu att konfigureras om för att generera en nyckel med %u "
+"bitar\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "fel vid ändring av storlek för nyckel %d till %u bitar: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "fel vid hämtning av aktuell nyckelinformation: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "Detta kommando är inte tillåtet när du är i %s-läge.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Skapa säkerhetskopia av krypteringsnyckel utanför kortet? (J/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Autentiseringsnyckel\n"
-msgid "Invalid selection.\n"
-msgstr "Ogiltigt val.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Välj var nyckeln ska sparas:\n"
msgstr "läsning misslyckades: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "Detta kommando är inte tillåtet när du är i %s-läge.\n"
-
-#, fuzzy
#| msgid "NOTE: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "OBSERVERA: nycklar har redan lagrats på kortet!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "fel vid stängning av %s: %s\n"
+
msgid "quit this menu"
msgstr "avsluta denna meny"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use NAME as default recipient"
+msgid "setup KDF for PIN authentication"
+msgstr "|NAMN|använd NAMN som standardmottagare"
+
+# originalet borde ha ett value
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "ändra ägartillitsvärdet"
+
msgid "gpg/card> "
msgstr "gpg/kort> "
msgstr "ogiltig landskod i \"%s\", rad %d\n"
#, fuzzy, c-format
+#| msgid "missing argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "argument för flaggan \"%.50s\" saknas\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "\"%s\" är ingen giltig teckentabell\n"
msgid "Key is revoked."
msgstr "Nyckeln är spärrad."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Verkligen signera alla användaridentiteter? (j/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Verkligen signera alla användaridentiteter? (j/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Verkligen signera alla användaridentiteter? (j/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Tips: Välj de användaridentiteter som du vill signera\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Du kan inte ändra giltighetsdatum för en v3-nyckel\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Ändrar utgångstid för en undernyckel.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Ändrar giltighetstid för den primära nyckeln.\n"
+
# Vad betyder det?
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgid " (%c) Finished\n"
msgstr " (%c) Färdig\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Välj vilken typ av nyckel du vill ha:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA och RSA (standard)\n"
msgstr "Vilken nyckelstorlek vill du använda för undernyckeln? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Vilken nyckelstorlek vill du ha? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Den efterfrågade nyckelstorleken är %u bitar\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "OBSERVERA: signaturnyckeln %s har spärrats\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "fristående signatur av klassen 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"färdigställa denna certifikatbegäran.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Befintlig nyckel\n"
"Syntax: gpg-check-pattern [flaggor] mönsterfil\n"
"Kontrollera en lösenfras angiven på standard in mot mönsterfilen\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Vilken nyckelstorlek vill du använda för signaturnyckeln? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Vilken nyckelstorlek vill du använda för krypteringsnyckeln? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr ""
+#~ "Vilken nyckelstorlek vill du använda för autentiseringsnyckeln? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() misslyckades: %s\n"
" documentation of your card to see what sizes are allowed.\n"
msgstr ""
-#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
-
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
+msgid "What keysize do you want? (%u) "
+msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "%s anahtar uzunlukları %u-%u aralığında olmalı\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) İmzalama anahtarı\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Şifreleme anahtarı\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Kimlik kanıtlama anahtarı\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Lütfen istediğiniz anahtarı seçiniz:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA ve ElGamal (öntanımlı)\n"
+
+msgid "Invalid selection.\n"
+msgstr "Seçim geçersiz.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "soket `%s'e bağlanırken hata: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "geçerli anahtar bilgisi alınırken hata: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "%s kipindeyken bu komut kullanılamaz.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Şifreli anahtarın kartsız yedeği yapılsın mı? (E/h ya da Y/n) "
msgid " (3) Authentication key\n"
msgstr " (3) Kimlik kanıtlama anahtarı\n"
-msgid "Invalid selection.\n"
-msgstr "Seçim geçersiz.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Lütfen anahtarın saklanacağı yeri seçiniz:\n"
msgstr "read başarısız: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "%s kipindeyken bu komut kullanılamaz.\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "gizli anahtar zaten bir kartın üzerinde saklı\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "%s kapanırken hata: %s\n"
+
msgid "quit this menu"
msgstr "bu menüden çık"
msgid "destroy all keys and data"
msgstr ""
+msgid "setup KDF for PIN authentication"
+msgstr ""
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "sahibiningüvencesini değiştirir"
+
msgid "gpg/card> "
msgstr ""
msgstr "`%s', %d. satırındaki ülke kodu geçersiz\n"
#, fuzzy, c-format
+#| msgid "missing argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "\"%.50s\" seçeneği için değiştirge eksik\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "'%s' geçerli bir karakter kümesi değil\n"
msgid "Key is revoked."
msgstr "Anahtar yürürlükten kaldırıldı."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Tüm kullanıcı kimlikler gerçekten imzalanacak mı? (e/H ya da y/N)"
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "Tüm kullanıcı kimlikler gerçekten imzalanacak mı? (e/H ya da y/N)"
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Tüm kullanıcı kimlikler gerçekten imzalanacak mı? (e/H ya da y/N)"
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "İpucu: İmzalamak için bir kullanıcı kimliği seçiniz\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Bir v3 anahtarının son kullanma tarihini değiştiremezsiniz\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Bir yardımcı anahtar için son kullanma tarihi değiştiriliyor.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Asıl anahtar için son kullanma tarihi değiştiriliyor.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "yardımcı imzalama anahtarı %s zaten çapraz sertifikalı\n"
msgid " (%c) Finished\n"
msgstr " (%c) Bitti\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Lütfen istediğiniz anahtarı seçiniz:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA ve ElGamal (öntanımlı)\n"
msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "İstenen anahtar uzunluğu: %u bit\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "BİLGİ: imza anahtarı %s yürürlükten kaldırılmıştı\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "0x%02x sınıfı tek başına imza\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"anahtarınızı bir kere daha oluşturun.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Mevcut anahtar\n"
"Standart girdiden verilen anahtar parolasını örüntü dosyasıyla "
"karşılaştırır\n"
+#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "soket dinleme başarısız: %s\n"
" визначити дозволені розміри.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "Якому розміру ключа підписування ви надаєте перевагу? (%u) "
+msgid "What keysize do you want? (%u) "
+msgstr "Якою має бути довжина ключа? (%u) "
#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "Яким маÑ\94 бÑ\83Ñ\82и Ñ\80озмÑ\96Ñ\80 клÑ\8eÑ\87а длÑ\8f Ñ\88иÑ\84Ñ\80Ñ\83ваннÑ\8f? (%u) "
+msgid "rounded up to %u bits\n"
+msgstr "окÑ\80Ñ\83глено до %u бÑ\96Ñ\82Ñ\96в\n"
#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "ЯкомÑ\83 Ñ\80озмÑ\96Ñ\80Ñ\83 клÑ\8eÑ\87а длÑ\8f Ñ\80озпÑ\96знаваннÑ\8f ви надаÑ\94Ñ\82е пеÑ\80евагÑ\83? (%u) "
+msgid "%s keysizes must be in the range %u-%u\n"
+msgstr "РозмÑ\96Ñ\80и клÑ\8eÑ\87Ñ\96в %s маÑ\8eÑ\82Ñ\8c пеÑ\80ебÑ\83ваÑ\82и Ñ\83 дÑ\96апазонÑ\96 %uâ\80\94%u\n"
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgid "Changing card key attribute for: "
msgstr ""
-"Зараз налаштування картки буде змінено для створення %u-бітового ключа\n"
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) Ключ підписування\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) Ключ шифрування\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) Ключ розпізнавання\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "Вкажіть потрібний вам тип ключа:\n"
#, c-format
-msgid "rounded up to %u bits\n"
-msgstr "округлено до %u бітів\n"
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
#, c-format
-msgid "%s keysizes must be in the range %u-%u\n"
-msgstr "Розміри ключів %s мають перебувати у діапазоні %u—%u\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "Некоректний вибір.\n"
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
"Зараз налаштування картки буде змінено для створення %u-бітового ключа\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"Зараз налаштування картки буде змінено для створення %u-бітового ключа\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "помилка під час спроби зміни розміру ключа з %d на %u: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "помилка під час отримання даних поточного ключа: %s\n"
+
+msgid "This command is not supported by this card\n"
+msgstr "Цією карткою не передбачено підтримки вказаної команди\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "Створити резервну копію ключа шифрування поза карткою? (Y/n або Т/н) "
msgid " (3) Authentication key\n"
msgstr " (3) Ключ розпізнавання\n"
-msgid "Invalid selection.\n"
-msgstr "Некоректний вибір.\n"
-
msgid "Please select where to store the key:\n"
msgstr "Виберіть сховище для зберігання ключа:\n"
msgid "KEYTOCARD failed: %s\n"
msgstr "Помилка KEYTOCARD: %s\n"
-msgid "This command is not supported by this card\n"
-msgstr "Цією карткою не передбачено підтримки вказаної команди\n"
-
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr ""
"Зауваження: у результаті виконання цієї команди усі ключі на картці буде "
msgstr ""
"Справді хочете скинути усе до типових налаштувань? (введіть «yes» («так»)) "
+#, fuzzy, c-format
+#| msgid "error looking up: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "помилка під час пошуку: %s\n"
+
msgid "quit this menu"
msgstr "вийти з цього меню"
msgid "destroy all keys and data"
msgstr "знищити усі ключі і дані"
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|NAME|використовувати вказаного користувача для розпізнавання"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "змінити рівень довіри до власника"
+
msgid "gpg/card> "
msgstr "gpg/картка> "
msgid "invalid pinentry mode '%s'\n"
msgstr "некоректний режим pinentry, «%s»\n"
+#, fuzzy, c-format
+#| msgid "invalid value for option '%s'\n"
+msgid "invalid request origin '%s'\n"
+msgstr "некоректне значення параметра «%s»\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "«%s» не є коректним набором символів\n"
msgid "Key is revoked."
msgstr "Ключ відкликано."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "Підписати всі ідентифікатори користувача? (y/N або т/Н) "
-
msgid "Really sign all text user IDs? (y/N) "
msgstr "Підписати всі текстові ідентифікатори користувача? (y/N або т/Н) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "Підписати всі ідентифікатори користувача? (y/N або т/Н) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "Підказка: виберіть ідентифікатори користувача для підписування\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Не можна змінювати дату завершення строку дії ключа v3\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "Зміна часу завершення строку дії для підключа.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "Зміна часу завершення строку дії для основного ключа.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "підписування підключа %s вже перехресно сертифіковано\n"
msgid " (%c) Finished\n"
msgstr " (%c) вийти\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "Вкажіть потрібний вам тип ключа:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA і RSA (типовий)\n"
msgstr "Якою має бути довжина підключа? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "Якою має бути довжина ключа? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "Запитана довжина ключа — %u бітів\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "ЗАУВАЖЕННЯ: ключ підпису %s було відкликано\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "окремий підпис класу 0x%02x\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr ""
"для ключа, який ви щойно створили.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) Вже записаний ключ\n"
"Синтаксис: gpg-check-pattern [параметри] файл_шаблонів\n"
"Перевірити пароль, вказаний у stdin, за допомогою файла_шаблонів\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "Якому розміру ключа підписування ви надаєте перевагу? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "Яким має бути розмір ключа для шифрування? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "Якому розміру ключа для розпізнавання ви надаєте перевагу? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "помилка listen(): %s\n"
#~ "не вдалося встановити з’єднання з агентом, використовуємо резервний "
#~ "варіант\n"
-#~ msgid " (%d) ECC\n"
-#~ msgstr " (%d) ECC\n"
-
#, fuzzy
#~| msgid "can't create directory '%s': %s\n"
#~ msgid "can't create directory `%s': %s\n"
" documentation of your card to see what sizes are allowed.\n"
msgstr ""
-#, fuzzy, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "您想要用多大的密钥尺寸?(%u)"
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "您想要用多大的密钥尺寸?(%u)"
-
-#, fuzzy, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "您想要用多大的密钥尺寸?(%u)"
-
#, c-format
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr ""
+msgid "What keysize do you want? (%u) "
+msgstr "您想要用多大的密钥尺寸?(%u)"
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "%s 密钥尺寸必须在 %u 与 %u 间\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) 签名密钥\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) 加密密钥\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) 认证密钥\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "请选择您要使用的密钥种类:\n"
+
+#, fuzzy, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA (仅用于签名)\n"
+
+#, fuzzy, c-format
+msgid " (%d) ECC\n"
+msgstr " (%d) DSA 和 ElGamal (默认)\n"
+
+msgid "Invalid selection.\n"
+msgstr "无效的选择。\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr ""
+#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
#, fuzzy, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "在‘%s’中寻找信任度记录时出错:%s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "取得当前密钥信息时出错:%s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "在 %s 模式中不允许使用这个指令。\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "是否为加密密钥创建卡外的备份?(Y/n)"
msgid " (3) Authentication key\n"
msgstr " (3) 认证密钥\n"
-msgid "Invalid selection.\n"
-msgstr "无效的选择。\n"
-
msgid "Please select where to store the key:\n"
msgstr "请选择在哪里存储密钥:\n"
msgstr "更新失败:%s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "在 %s 模式中不允许使用这个指令。\n"
-
-#, fuzzy
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "私钥已存储在卡上\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+msgid "error for setup KDF: %s\n"
+msgstr "‘%s’中出错:%s\n"
+
msgid "quit this menu"
msgstr "离开这个菜单"
msgid "destroy all keys and data"
msgstr ""
+msgid "setup KDF for PIN authentication"
+msgstr ""
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "更改信任度"
+
msgid "gpg/card> "
msgstr ""
msgstr "无效的‘%s’散列算法\n"
#, fuzzy, c-format
+msgid "invalid request origin '%s'\n"
+msgstr "无效的列表选项\n"
+
+#, fuzzy, c-format
#| msgid "`%s' is not a valid character set\n"
msgid "'%s' is not a valid character set\n"
msgstr "‘%s’不是一个有效的字符集\n"
msgid "Key is revoked."
msgstr "密钥已被吊销。"
-msgid "Really sign all user IDs? (y/N) "
-msgstr "真的为所有的用户标识签名吗?(y/N)"
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "真的为所有的用户标识签名吗?(y/N)"
+msgid "Really sign all user IDs? (y/N) "
+msgstr "真的为所有的用户标识签名吗?(y/N)"
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "提示:选择要添加签名的用户标识\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "您不能变更 v3 密钥的使用期限\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "将要变更子钥的使用期限。\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "将要变更主钥的使用期限。\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "签名的子钥 %s 已经交叉验证\n"
msgid " (%c) Finished\n"
msgstr " (%c) 已完成\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "请选择您要使用的密钥种类:\n"
-
#, fuzzy, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) DSA 和 ElGamal (默认)\n"
msgstr "您想要用多大的密钥尺寸?(%u)"
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "您想要用多大的密钥尺寸?(%u)"
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "您所要求的密钥尺寸是 %u 位\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "注意:密钥已被吊销"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "等级 0x%02x 的独立签名\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "假定密钥 %s 的签名由于某个未知的关键位出错而损坏\n"
msgstr ""
#, fuzzy, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA (仅用于签名)\n"
-
-#, fuzzy, c-format
msgid " (%d) Existing key\n"
msgstr " (2) 加密密钥\n"
msgstr ""
#, fuzzy
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "您想要用多大的密钥尺寸?(%u)"
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "您想要用多大的密钥尺寸?(%u)"
+
+#, fuzzy
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "您想要用多大的密钥尺寸?(%u)"
+
+#, fuzzy
#~ msgid "listen() failed: %s\n"
#~ msgstr "更新失败:%s\n"
" 看看這張卡片支援哪些尺寸.\n"
#, c-format
-msgid "What keysize do you want for the Signature key? (%u) "
-msgstr "你的簽署金鑰想要用多大的金鑰尺寸? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Encryption key? (%u) "
-msgstr "你的加密金鑰想要用多大的金鑰尺寸? (%u) "
-
-#, c-format
-msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "你的認證金鑰想要用多大的金鑰尺寸? (%u) "
-
-#, fuzzy, c-format
-#| msgid "The card will now be re-configured to generate a key of %u bits\n"
-msgid "The card will now be re-configured to generate a key of type: %s\n"
-msgstr "這張卡片將重新加以組態, 以便產生 %u 位元的金鑰\n"
+msgid "What keysize do you want? (%u) "
+msgstr "你想要用多大的金鑰尺寸? (%u) "
#, c-format
msgid "rounded up to %u bits\n"
msgid "%s keysizes must be in the range %u-%u\n"
msgstr "%s 金鑰尺寸一定要介於 %u 到 %u 之間\n"
+msgid "Changing card key attribute for: "
+msgstr ""
+
+#, fuzzy
+#| msgid " (1) Signature key\n"
+msgid "Signature key\n"
+msgstr " (1) 簽署用金鑰\n"
+
+#, fuzzy
+#| msgid " (2) Encryption key\n"
+msgid "Encryption key\n"
+msgstr " (2) 加密用金鑰\n"
+
+#, fuzzy
+#| msgid " (3) Authentication key\n"
+msgid "Authentication key\n"
+msgstr " (3) 憑證用金鑰\n"
+
+msgid "Please select what kind of key you want:\n"
+msgstr "請選擇你要使用的金鑰種類:\n"
+
+#, c-format
+msgid " (%d) RSA\n"
+msgstr " (%d) RSA\n"
+
+#, fuzzy, c-format
+#| msgid " (%d) ECC and ECC\n"
+msgid " (%d) ECC\n"
+msgstr " (%d) ECC 和 ECC\n"
+
+msgid "Invalid selection.\n"
+msgstr "無效的選擇.\n"
+
#, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "這張卡片將重新加以組態, 以便產生 %u 位元的金鑰\n"
-#, c-format
-msgid "error changing size of key %d to %u bits: %s\n"
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "這張卡片將重新加以組態, 以便產生 %u 位元的金鑰\n"
+
+#, fuzzy, c-format
+#| msgid "error changing size of key %d to %u bits: %s\n"
+msgid "error changing key attribute for key %d: %s\n"
msgstr "將金鑰 %d 尺寸變更至 %u 位元時出錯: %s\n"
+#, fuzzy, c-format
+#| msgid "error getting current key info: %s\n"
+msgid "error getting card info: %s\n"
+msgstr "取得現用金鑰資訊時出錯: %s\n"
+
+#, fuzzy
+#| msgid "This command is not allowed while in %s mode.\n"
+msgid "This command is not supported by this card\n"
+msgstr "在 %s 模式中不允許使用這個指令.\n"
+
msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "是否要為加密用金鑰建立卡外備份? (Y/n) "
msgid " (3) Authentication key\n"
msgstr " (3) 憑證用金鑰\n"
-msgid "Invalid selection.\n"
-msgstr "無效的選擇.\n"
-
msgid "Please select where to store the key:\n"
msgstr "請選擇要把金鑰存放在哪裡:\n"
msgstr "KEYTOCARD 失敗: %s\n"
#, fuzzy
-#| msgid "This command is not allowed while in %s mode.\n"
-msgid "This command is not supported by this card\n"
-msgstr "在 %s 模式中不允許使用這個指令.\n"
-
-#, fuzzy
#| msgid "Note: keys are already stored on the card!\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "請注意: 金鑰已經存放在卡片上了!\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr ""
+#, fuzzy, c-format
+#| msgid "error closing %s: %s\n"
+msgid "error for setup KDF: %s\n"
+msgstr "關閉 %s 時出錯: %s\n"
+
msgid "quit this menu"
msgstr "離開這個選單"
msgid "destroy all keys and data"
msgstr ""
+#, fuzzy
+#| msgid "|NAME|use user NAME for authentication"
+msgid "setup KDF for PIN authentication"
+msgstr "|名字|使用指定名字做為認證用的使用者名稱"
+
+#, fuzzy
+#| msgid "change the ownertrust"
+msgid "change the key attribute"
+msgstr "更改主觀信任"
+
msgid "gpg/card> "
msgstr "gpg/卡片> "
msgid "invalid pinentry mode '%s'\n"
msgstr "無效的個人識別碼項目模式 '%s'\n"
+#, fuzzy, c-format
+#| msgid "invalid argument for option \"%.50s\"\n"
+msgid "invalid request origin '%s'\n"
+msgstr "選項 \"%.50s\" 的引數無效\n"
+
#, c-format
msgid "'%s' is not a valid character set\n"
msgstr "'%s' 不是有效的字元集\n"
msgid "Key is revoked."
msgstr "金鑰已撤銷."
-msgid "Really sign all user IDs? (y/N) "
-msgstr "真的要簽署所有的使用者 ID 嗎? (y/N) "
-
#, fuzzy
#| msgid "Really sign all user IDs? (y/N) "
msgid "Really sign all text user IDs? (y/N) "
msgstr "真的要簽署所有的使用者 ID 嗎? (y/N) "
+msgid "Really sign all user IDs? (y/N) "
+msgstr "真的要簽署所有的使用者 ID 嗎? (y/N) "
+
msgid "Hint: Select the user IDs to sign\n"
msgstr "提示: 選擇使用者 ID 來加以簽署\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "你不能變更 v3 金鑰的使用期限\n"
+#, fuzzy
+#| msgid "Changing expiration time for a subkey.\n"
+msgid "Changing usage of a subkey.\n"
+msgstr "正在變更子鑰的使用期限.\n"
+
+#, fuzzy
+#| msgid "Changing expiration time for the primary key.\n"
+msgid "Changing usage of the primary key.\n"
+msgstr "正在變更主鑰的使用期限.\n"
+
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgstr "簽署子鑰 %s 已經交叉認證過了\n"
msgid " (%c) Finished\n"
msgstr " (%c) 已完成\n"
-msgid "Please select what kind of key you want:\n"
-msgstr "請選擇你要使用的金鑰種類:\n"
-
#, c-format
msgid " (%d) RSA and RSA (default)\n"
msgstr " (%d) RSA 和 RSA (預設)\n"
msgstr "你的子鑰想要用多大的金鑰尺寸? (%u) "
#, c-format
-msgid "What keysize do you want? (%u) "
-msgstr "你想要用多大的金鑰尺寸? (%u) "
-
-#, c-format
msgid "Requested keysize is %u bits\n"
msgstr "你所要求的金鑰尺寸是 %u 位元\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "請注意: 簽章金鑰 %s 已遭撤銷\n"
+#, fuzzy, c-format
+#| msgid "standalone signature of class 0x%02x\n"
+msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
+msgstr "等級 0x%02x 的獨立簽章\n"
+
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "假設金鑰 %s 的損壞簽章導因於某個未知的關鍵位元\n"
msgstr "如欲完成此憑證請求, 請再輸入一次你剛才建立的金鑰密語.\n"
#, c-format
-msgid " (%d) RSA\n"
-msgstr " (%d) RSA\n"
-
-#, c-format
msgid " (%d) Existing key\n"
msgstr " (%d) 現有的金鑰\n"
"語法: gpg-check-pattern [選項] 樣式檔案\n"
"用樣式檔案來檢查由標準輸入給定的密語\n"
+#~ msgid "What keysize do you want for the Signature key? (%u) "
+#~ msgstr "你的簽署金鑰想要用多大的金鑰尺寸? (%u) "
+
+#~ msgid "What keysize do you want for the Encryption key? (%u) "
+#~ msgstr "你的加密金鑰想要用多大的金鑰尺寸? (%u) "
+
+#~ msgid "What keysize do you want for the Authentication key? (%u) "
+#~ msgstr "你的認證金鑰想要用多大的金鑰尺寸? (%u) "
+
#~ msgid "listen() failed: %s\n"
#~ msgstr "listen() 失敗: %s\n"
pcsc_dword_t modify_ioctl;
int pinmin;
int pinmax;
+ pcsc_dword_t current_state;
} pcsc;
#ifdef USE_G10CODE_RAPDU
struct {
#define PCSC_E_READER_UNAVAILABLE 0x80100017
#define PCSC_E_NO_SERVICE 0x8010001D
#define PCSC_E_SERVICE_STOPPED 0x8010001E
+#define PCSC_W_RESET_CARD 0x80100068
#define PCSC_W_REMOVED_CARD 0x80100069
/* Fix pcsc-lite ABI incompatibility. */
reader_table[reader].pcsc.modify_ioctl = 0;
reader_table[reader].pcsc.pinmin = -1;
reader_table[reader].pcsc.pinmax = -1;
+ reader_table[reader].pcsc.current_state = PCSC_STATE_UNAWARE;
return reader;
}
(void)on_wire;
memset (rdrstates, 0, sizeof *rdrstates);
rdrstates[0].reader = reader_table[slot].rdrname;
- rdrstates[0].current_state = PCSC_STATE_UNAWARE;
+ rdrstates[0].current_state = reader_table[slot].pcsc.current_state;
err = pcsc_get_status_change (reader_table[slot].pcsc.context,
0,
rdrstates, 1);
if (err == PCSC_E_TIMEOUT)
- err = 0; /* Timeout is no error error here. */
+ err = 0; /* Timeout is no error here. */
if (err)
{
log_error ("pcsc_get_status_change failed: %s (0x%lx)\n",
return pcsc_error_to_sw (err);
}
- /* log_debug */
- /* ("pcsc_get_status_change: %s%s%s%s%s%s%s%s%s%s\n", */
- /* (rdrstates[0].event_state & PCSC_STATE_IGNORE)? " ignore":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_CHANGED)? " changed":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_UNKNOWN)? " unknown":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_UNAVAILABLE)?" unavail":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_EMPTY)? " empty":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_PRESENT)? " present":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_ATRMATCH)? " atr":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_EXCLUSIVE)? " excl":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_INUSE)? " unuse":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_MUTE)? " mute":"" ); */
+ if ((rdrstates[0].event_state & PCSC_STATE_CHANGED))
+ reader_table[slot].pcsc.current_state =
+ (rdrstates[0].event_state & ~PCSC_STATE_CHANGED);
+
+ if (DBG_CARD_IO)
+ log_debug
+ ("pcsc_get_status_change: %s%s%s%s%s%s%s%s%s%s\n",
+ (rdrstates[0].event_state & PCSC_STATE_IGNORE)? " ignore":"",
+ (rdrstates[0].event_state & PCSC_STATE_CHANGED)? " changed":"",
+ (rdrstates[0].event_state & PCSC_STATE_UNKNOWN)? " unknown":"",
+ (rdrstates[0].event_state & PCSC_STATE_UNAVAILABLE)?" unavail":"",
+ (rdrstates[0].event_state & PCSC_STATE_EMPTY)? " empty":"",
+ (rdrstates[0].event_state & PCSC_STATE_PRESENT)? " present":"",
+ (rdrstates[0].event_state & PCSC_STATE_ATRMATCH)? " atr":"",
+ (rdrstates[0].event_state & PCSC_STATE_EXCLUSIVE)? " excl":"",
+ (rdrstates[0].event_state & PCSC_STATE_INUSE)? " inuse":"",
+ (rdrstates[0].event_state & PCSC_STATE_MUTE)? " mute":"" );
*status = 0;
- if ( (rdrstates[0].event_state & PCSC_STATE_PRESENT) )
+ if ( (reader_table[slot].pcsc.current_state & PCSC_STATE_PRESENT) )
{
*status |= APDU_CARD_PRESENT;
- if ( !(rdrstates[0].event_state & PCSC_STATE_MUTE) )
+ if ( !(reader_table[slot].pcsc.current_state & PCSC_STATE_MUTE) )
*status |= APDU_CARD_ACTIVE;
}
#ifndef HAVE_W32_SYSTEM
mode. */
if ( (*status & (APDU_CARD_PRESENT|APDU_CARD_ACTIVE))
== (APDU_CARD_PRESENT|APDU_CARD_ACTIVE)
- && !(rdrstates[0].event_state & PCSC_STATE_INUSE) )
+ && !(reader_table[slot].pcsc.current_state & PCSC_STATE_INUSE) )
*status |= APDU_CARD_USABLE;
#else
/* Some winscard drivers may set EXCLUSIVE and INUSE at the same
*status |= APDU_CARD_USABLE;
#endif
- return 0;
+ if (!on_wire && (rdrstates[0].event_state & PCSC_STATE_CHANGED))
+ /* Event like sleep/resume occurs, which requires RESET. */
+ return SW_HOST_NO_READER;
+ else
+ return 0;
}
log_error ("pcsc_transmit failed: %s (0x%lx)\n",
pcsc_error_string (err), err);
+ /* Handle fatal errors which require shutdown of reader. */
+ if (err == PCSC_E_NOT_TRANSACTED || err == PCSC_W_RESET_CARD
+ || err == PCSC_W_REMOVED_CARD)
+ {
+ reader_table[slot].pcsc.current_state = PCSC_STATE_UNAWARE;
+ scd_kick_the_loop ();
+ }
+
return pcsc_error_to_sw (err);
}
snprintf (tmp, sizeof tmp,
"gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d "
- "sm=%d si=%u dec=%d bt=%d",
+ "sm=%d si=%u dec=%d bt=%d kdf=%d",
app->app_local->extcap.get_challenge,
app->app_local->extcap.key_import,
app->app_local->extcap.change_force_chv,
: 0),
app->app_local->status_indicator,
app->app_local->extcap.has_decrypt,
- app->app_local->extcap.has_button);
+ app->app_local->extcap.has_button,
+ app->app_local->extcap.kdf_do);
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
return 0;
}
return result;
}
+#define KDF_DATA_LENGTH_MIN 90
+#define KDF_DATA_LENGTH_MAX 110
+
/* Compute hash if KDF-DO is available. CHVNO must be 0 for reset
code, 1 or 2 for user pin and 3 for admin pin.
*/
pin2hash_if_kdf (app_t app, int chvno, char *pinvalue, int *r_pinlen)
{
gpg_error_t err = 0;
- void *relptr;
+ void *relptr = NULL;
unsigned char *buffer;
size_t buflen;
if (app->app_local->extcap.kdf_do
&& (relptr = get_one_do (app, 0x00F9, &buffer, &buflen, NULL))
- && buflen == 110 && (buffer[2] == 0x03))
+ && buflen >= KDF_DATA_LENGTH_MIN && (buffer[2] == 0x03))
{
- char *salt;
+ const char *salt;
unsigned long s2k_count;
char dek[32];
+ int salt_index;
- salt = &buffer[(chvno==3 ? 34 : (chvno==0 ? 24 : 14))];
s2k_count = (((unsigned int)buffer[8] << 24)
| (buffer[9] << 16) | (buffer[10] << 8) | buffer[11]);
+
+ if (buflen == KDF_DATA_LENGTH_MIN)
+ salt_index =14;
+ else if (buflen == KDF_DATA_LENGTH_MAX)
+ salt_index = (chvno==3 ? 34 : (chvno==0 ? 24 : 14));
+ else
+ {
+ err = gpg_error (GPG_ERR_INV_DATA);
+ goto leave;
+ }
+
+ salt = &buffer[salt_index];
err = gcry_kdf_derive (pinvalue, strlen (pinvalue),
GCRY_KDF_ITERSALTED_S2K,
DIGEST_ALGO_SHA256, salt, 8,
memcpy (pinvalue, dek, *r_pinlen);
wipememory (dek, *r_pinlen);
}
-
- xfree (relptr);
- }
+ }
else
*r_pinlen = strlen (pinvalue);
+ leave:
+ xfree (relptr);
return err;
}
{ "SM-KEY-MAC", 0x00D2, 3, 0, 1 },
{ "KEY-ATTR", 0, 0, 3, 1 },
{ "AESKEY", 0x00D5, 3, 0, 1 },
- { "KDF", 0x00F9, 3, 0, 1 },
+ { "KDF", 0x00F9, 3, 4, 1 },
{ NULL, 0 }
};
int exmode;
app->force_chv1 = (valuelen && *value == 0);
else if (table[idx].special == 2)
parse_login_data (app);
+ else if (table[idx].special == 4)
+ {
+ app->did_chv1 = 0;
+ app->did_chv2 = 0;
+ app->did_chv3 = 0;
+ }
return rc;
}
relptr = get_one_do (app, 0xC1+keyno, &buf, &buflen, NULL);
if (!relptr)
err = gpg_error (GPG_ERR_CARD);
- else if (buflen < 6 || buf[0] != PUBKEY_ALGO_RSA)
+ else if (buflen < 6)
{
- /* Attriutes too short or not an RSA key. */
+ /* Attributes too short. */
xfree (relptr);
err = gpg_error (GPG_ERR_CARD);
}
else
{
- /* We only change n_bits and don't touch anything else. Before we
- do so, we round up NBITS to a sensible way in the same way as
- gpg's key generation does it. This may help to sort out problems
- with a few bits too short keys. */
+ /* If key attribute was RSA, we only change n_bits and don't
+ touch anything else. Before we do so, we round up NBITS to a
+ sensible way in the same way as gpg's key generation does it.
+ This may help to sort out problems with a few bits too short
+ keys. */
nbits = ((nbits + 31) / 32) * 32;
buf[1] = (nbits >> 8);
buf[2] = nbits;
+
+ /* If it was not RSA, we need to fill other parts. */
+ if (buf[0] != PUBKEY_ALGO_RSA)
+ {
+ buf[0] = PUBKEY_ALGO_RSA;
+ buf[3] = 0;
+ buf[4] = 32;
+ buf[5] = 0;
+ buflen = 6;
+ }
+
err = change_keyattr (app, keyno, buf, buflen, pincb, pincb_arg);
xfree (relptr);
}
DEBUGOUT_1 ("CCID: interrupt callback %d\n", transfer->status);
- if (transfer->status == LIBUSB_TRANSFER_TIMED_OUT)
+ if (transfer->status == LIBUSB_TRANSFER_TIMED_OUT
+ || transfer->status == LIBUSB_TRANSFER_NO_DEVICE)
{
int err;
assuan_context_t assuan_ctx;
#ifdef HAVE_W32_SYSTEM
- unsigned long event_signal; /* Or 0 if not used. */
+ void *event_signal; /* Or NULL if not used. */
#else
int event_signal; /* Or 0 if not used. */
#endif
#ifdef HAVE_W32_SYSTEM
if (!*value)
return gpg_error (GPG_ERR_ASS_PARAMETER);
- ctrl->server_local->event_signal = strtoul (value, NULL, 16);
+#ifdef _WIN64
+ ctrl->server_local->event_signal = (void *)strtoull (value, NULL, 16);
+#else
+ ctrl->server_local->event_signal = (void *)strtoul (value, NULL, 16);
+#endif
#else
int i = *value? atoi (value) : -1;
if (i < 0)
pid = assuan_get_pid (sl->assuan_ctx);
#ifdef HAVE_W32_SYSTEM
- handle = (void *)sl->event_signal;
+ handle = sl->event_signal;
for (kidx=0; kidx < killidx; kidx++)
if (killed[kidx].pid == pid
&& killed[kidx].handle == handle)
break;
if (kidx < killidx)
- log_info ("event %lx (%p) already triggered for client %d\n",
+ log_info ("event %p (%p) already triggered for client %d\n",
sl->event_signal, handle, (int)pid);
else
{
- log_info ("triggering event %lx (%p) for client %d\n",
+ log_info ("triggering event %p (%p) for client %d\n",
sl->event_signal, handle, (int)pid);
if (!SetEvent (handle))
- log_error ("SetEvent(%lx) failed: %s\n",
+ log_error ("SetEvent(%p) failed: %s\n",
sl->event_signal, w32_strerror (-1));
if (killidx < DIM (killed))
{
}
}
-
+static void
+setup_signal_mask (void)
+{
+#ifndef HAVE_W32_SYSTEM
+ npth_sigev_init ();
+ npth_sigev_add (SIGHUP);
+ npth_sigev_add (SIGUSR1);
+ npth_sigev_add (SIGUSR2);
+ npth_sigev_add (SIGINT);
+ npth_sigev_add (SIGCONT);
+ npth_sigev_add (SIGTERM);
+ npth_sigev_fini ();
+ main_thread_pid = getpid ();
+#endif
+}
int
main (int argc, char **argv )
#endif
npth_init ();
+ setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
/* If --debug-allow-core-dump has been given we also need to
/* This is the child. */
npth_init ();
+ setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
/* Detach from tty and put process into a new session. */
void
scd_kick_the_loop (void)
{
- int ret;
-
/* Kick the select loop. */
#ifdef HAVE_W32_SYSTEM
- ret = SetEvent (the_event);
+ int ret = SetEvent (the_event);
if (ret == 0)
log_error ("SetEvent for scd_kick_the_loop failed: %s\n",
w32_strerror (-1));
#elif defined(HAVE_PSELECT_NO_EINTR)
write (notify_fd, "", 1);
#else
- ret = kill (main_thread_pid, SIGCONT);
+ int ret = kill (main_thread_pid, SIGCONT);
if (ret < 0)
log_error ("SetEvent for scd_kick_the_loop failed: %s\n",
gpg_strerror (gpg_error_from_syserror ()));
events[0] = the_event = h2;
}
}
-#else
- npth_sigev_init ();
- npth_sigev_add (SIGHUP);
- npth_sigev_add (SIGUSR1);
- npth_sigev_add (SIGUSR2);
- npth_sigev_add (SIGINT);
- npth_sigev_add (SIGCONT);
- npth_sigev_add (SIGTERM);
- npth_sigev_fini ();
- main_thread_pid = getpid ();
#endif
FD_ZERO (&fdset);
FD_SET (pipe_fd[0], &read_fdset);
if (max_fd < pipe_fd[0])
max_fd = pipe_fd[0];
+#else
+ (void)max_fd;
#endif
#ifndef HAVE_W32_SYSTEM
gpg_strerror (rc));
}
+ /* Pass on the request origin. */
+ if (opt.request_origin)
+ {
+ char *tmp = xasprintf ("OPTION pretend-request-origin=%s",
+ str_request_origin (opt.request_origin));
+ rc = assuan_transact (agent_ctx, tmp,
+ NULL, NULL, NULL, NULL, NULL, NULL);
+ xfree (tmp);
+ if (rc)
+ log_error ("setting request origin '%s' failed: %s\n",
+ str_request_origin (opt.request_origin),
+ gpg_strerror (rc));
+ }
+
/* In DE_VS mode under Windows we require that the JENT RNG
* is active. */
#ifdef HAVE_W32_SYSTEM
oPassphraseFD,
oPinentryMode,
+ oRequestOrigin,
oAssumeArmor,
oAssumeBase64,
ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"),
ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"),
+ ARGPARSE_s_s (oRequestOrigin, "request-origin", "@"),
ARGPARSE_s_n (oAssumeArmor, "assume-armor",
N_("assume input is in PEM format")),
log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
break;
+ case oRequestOrigin:
+ opt.request_origin = parse_request_origin (pargs.r.ret_str);
+ if (opt.request_origin == -1)
+ log_error (_("invalid request origin '%s'\n"), pargs.r.ret_str);
+ break;
+
/* Input encoding selection. */
case oAssumeArmor:
ctrl.autodetect_encoding = 0;
DIM (compliance_options),
opt.quiet);
if (compliance < 0)
- gpgsm_exit (1);
+ log_inc_errorcount (); /* Force later termination. */
opt.compliance = compliance;
}
break;
NULL);
if (log_get_errorcount(0))
- gpgsm_exit(2);
+ {
+ gpgsm_status_with_error (&ctrl, STATUS_FAILURE,
+ "option-parser", gpg_error (GPG_ERR_GENERAL));
+ gpgsm_exit(2);
+ }
if (pwfd != -1) /* Read the passphrase now. */
read_passphrase_from_fd (pwfd);
gnupg_compliance_option_string (opt.compliance));
if (log_get_errorcount(0))
- gpgsm_exit(2);
+ {
+ gpgsm_status_with_error (&ctrl, STATUS_FAILURE, "option-postprocessing",
+ gpg_error (GPG_ERR_GENERAL));
+ gpgsm_exit (2);
+ }
/* Set the random seed file. */
if (use_random_seed)
int with_keygrip; /* Option --with-keygrip active. */
int pinentry_mode;
+ int request_origin;
int armor; /* force base64 armoring (see also ctrl.with_base64) */
int no_armor; /* don't try to figure out whether data is base64 armored*/
#include "../common/sysutils.h"
#include "../common/server-help.h"
#include "../common/asshelp.h"
+#include "../common/shareddefs.h"
#define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t))
ctrl->offline = i;
}
}
+ else if (!strcmp (key, "request-origin"))
+ {
+ if (!opt.request_origin)
+ {
+ int i = parse_request_origin (value);
+ if (i == -1)
+ err = gpg_error (GPG_ERR_INV_VALUE);
+ else
+ opt.request_origin = i;
+ }
+ }
else
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
;; Evaluate a sequence of expressions with an ephemeral home
;; directory.
-(define-macro (with-ephemeral-home-directory setup-fn . expressions)
+(define-macro (with-ephemeral-home-directory setup-fn teardown-fn . expressions)
(let ((original-home-directory (gensym))
(ephemeral-home-directory (gensym))
- (setup (gensym)))
+ (setup (gensym))
+ (teardown (gensym)))
`(let ((,original-home-directory (getenv "GNUPGHOME"))
(,ephemeral-home-directory (mkdtemp))
- (,setup (delay (,setup-fn))))
+ (,setup (delay (,setup-fn)))
+ (,teardown (delay (,teardown-fn))))
(finally (unlink-recursively ,ephemeral-home-directory)
(dynamic-wind
(lambda ()
(setenv "GNUPGHOME" ,ephemeral-home-directory #t)
(with-working-directory ,ephemeral-home-directory (force ,setup)))
(lambda () ,@expressions)
- (lambda () (setenv "GNUPGHOME" ,original-home-directory #t)))))))
+ (lambda ()
+ (setenv "GNUPGHOME" ,ephemeral-home-directory #t)
+ (with-working-directory ,ephemeral-home-directory (force ,teardown))
+ (setenv "GNUPGHOME" ,original-home-directory #t)))))))
(lambda (cert)
(lettmp (exported)
(call-check `(,@gpgsm --output ,exported --export ,cert::uid::CN))
- (with-ephemeral-home-directory setup-gpgsm-environment
+ (with-ephemeral-home-directory setup-gpgsm-environment-no-atexit stop-agent
(call-check `(,@gpgsm --import ,exported))
(assert (sm-have-public-key? cert)))))
(lambda (cert) cert::uid::CN)
(call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*)))
(create-gpgsm-gpghome))
(start-agent))
+
+(define (setup-gpgsm-environment-no-atexit)
+ (if (member "--unpack-tarball" *args*)
+ (call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*)))
+ (create-gpgsm-gpghome))
+ (start-agent #t))
(define GPGTAR (path-join (getenv "objdir") "tools" (qualify "gpgtar")))
(define (untar-armored source-name)
- (with-ephemeral-home-directory (lambda ())
+ (with-ephemeral-home-directory (lambda ()) (lambda ())
(pipe:do
(pipe:open source-name (logior O_RDONLY O_BINARY))
(pipe:spawn `(,@GPG --dearmor))
(lambda (name)
(let* ((source (in-srcdir "tests" "openpgp" (string-append name ".asc")))
(key (get-session-key source)))
- (with-ephemeral-home-directory setup-environment
+ (with-ephemeral-home-directory setup-environment-no-atexit stop-agent
(tr:do
(tr:open source)
(tr:gpg "" `(--yes --decrypt --override-session-key ,key))
;; Then, verify the signature with a clean working directory
;; containing only Steve's public key.
- (with-ephemeral-home-directory setup-environment
+ (with-ephemeral-home-directory setup-environment-no-atexit stop-agent
(call-check `(,@gpg --import ,steve's-key))
(call-check `(,@gpg --verify ,unwrapped)))))
'("encsig-2-keys-3" "encsig-2-keys-4")))
(define have-opt-always-trust
(catch #f
- (with-ephemeral-home-directory (lambda ())
+ (with-ephemeral-home-directory (lambda ()) (lambda ())
(call-check `(,(tool 'gpg) --gpgconf-test --always-trust)))
#t))
(create-gpghome)
(start-agent))
+(define (setup-environment-no-atexit)
+ (create-gpghome)
+ (start-agent #t))
+
(define (create-sample-files)
(log "Creating sample data files")
(for-each
(preset-passphrases))
;; Create the socket dir and start the agent.
-(define (start-agent)
+(define (start-agent . args)
(log "Starting gpg-agent...")
(let ((gnupghome (getenv "GNUPGHOME")))
- (atexit (lambda ()
- (with-home-directory gnupghome
- (stop-agent)))))
+ (if (null? args)
+ (atexit (lambda ()
+ (with-home-directory gnupghome (stop-agent))))))
(catch (log "Warning: Creating socket directory failed:" (car *error*))
(gpg-conf '--create-socketdir))
(call-check `(,(tool 'gpg-connect-agent) --verbose
#elif defined(HAVE_DOSISH_SYSTEM)
if (!(filename[0]
&& filename[1] == ':'
- && (filename[2] == '/' || filename[2] == '\\')))
+ && (filename[2] == '/' || filename[2] == '\\')) /* x:\ or x:/ */
+ && !((filename[0] == '\\' && filename[1] == '\\')
+ || (filename[0] == '/' && filename[1] == '/'))) /* \\server */
#else
if (filename[0] != '/')
#endif
projects / platform / upstream / gpg2.git / commitdiff