+Noteworthy changes in version 2.2.8 (2018-06-08)
+------------------------------------------------
+
+ * gpg: Decryption of messages not using the MDC mode will now lead
+ to a hard failure even if a legacy cipher algorithm was used. The
+ option --ignore-mdc-error can be used to turn this failure into a
+ warning. Take care: Never use that option unconditionally or
+ without a prior warning.
+
+ * gpg: The MDC encryption mode is now always used regardless of the
+ cipher algorithm or any preferences. For testing --rfc2440 can be
+ used to create a message without an MDC.
+
+ * gpg: Sanitize the diagnostic output of the original file name in
+ verbose mode. [#4012,CVE-2018-12020]
+
+ * gpg: Detect suspicious multiple plaintext packets in a more
+ reliable way. [#4000]
+
+ * gpg: Fix the duplicate key signature detection code. [#3994]
+
+ * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
+ --disable-mdc and --no-disable-mdc have no more effect.
+
+ * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
+ list of startup environment variables. [#3947]
+
+
Noteworthy changes in version 2.2.7 (2018-05-02)
------------------------------------------------
* agent,dirmngr: New sub-command "getenv" for "getinfo" to ease
debugging.
- See-also: gnupg-announce/2018q2/000422.html
+ See-also: gnupg-announce/2018q2/000424.html
Noteworthy changes in version 2.2.6 (2018-04-09)
gpg_error_t
agent_copy_startup_env (ctrl_t ctrl)
{
- static const char *names[] =
- {"GPG_TTY", "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL};
gpg_error_t err = 0;
- int idx;
- const char *value;
+ int iterator = 0;
+ const char *name, *value;
- for (idx=0; !err && names[idx]; idx++)
- if ((value = session_env_getenv (opt.startup_env, names[idx])))
- err = session_env_setenv (ctrl->session_env, names[idx], value);
+ while (!err && (name = session_env_list_stdenvnames (&iterator, NULL)))
+ {
+ if ((value = session_env_getenv (opt.startup_env, name)))
+ err = session_env_setenv (ctrl->session_env, name, value);
+ }
if (!err && !ctrl->lc_ctype && opt.startup_lc_ctype)
if (!(ctrl->lc_ctype = xtrystrdup (opt.startup_lc_ctype)))
m4_define([mym4_package],[gnupg])
m4_define([mym4_major], [2])
m4_define([mym4_minor], [2])
-m4_define([mym4_micro], [7])
+m4_define([mym4_micro], [8])
# To start a new development series, i.e a new major or minor number
# you need to mark an arbitrary commit before the first beta release
gnupg-card-architecture.png gnupg-card-architecture.pdf \
FAQ gnupg7.texi mkdefsinc.c defsincdate \
opt-homedir.texi see-also-note.texi specify-user-id.texi \
- gpgv.texi yat2m.c ChangeLog-2011 whats-new-in-2.1.txt
+ gpgv.texi yat2m.c ChangeLog-2011 whats-new-in-2.1.txt \
+ trust-values.texi
BUILT_SOURCES = gnupg-module-overview.png gnupg-module-overview.pdf \
gnupg-card-architecture.png gnupg-card-architecture.pdf \
* Invoking GPGSM:: Using the S/MIME protocol.
* Invoking SCDAEMON:: How to handle Smartcards.
* Specify a User ID:: How to Specify a User Id.
+* Trust Values:: How GnuPG displays trust values.
* Helper Tools:: Description of small helper tools
* Web Key Service:: Tools for the Web Key Service
@anchor{how-to-specify-a-user-id}
@include specify-user-id.texi
+@node Trust Values
+@chapter Trust Values
+@anchor{trust-values}
+@cindex trust values
+@include trust-values.texi
@include tools.texi
@include wks.texi
"!" indicates that the signature has been successfully verified, a "-"
denotes a bad signature and a "%" is used if an error occurred while
checking the signature (e.g. a non supported algorithm). Signatures
-where the public key is not availabale are not listed; to see their
+where the public key is not available are not listed; to see their
keyids the command @option{--list-sigs} can be used.
For each signature listed, there are several flags in between the
particular external methods as defined by @option{--auto-key-locate} may
be used to locate a key. Only public keys are listed.
+@item --show-keys
+@opindex show-keys
+This commands takes OpenPGP keys as input and prints information about
+them in the same way the command @option{--list-keys} does for
+imported key. No internal state is changed. For automated processing
+this command should be combined with the option
+@option{--with-colons}.
+
@item --fingerprint
@opindex fingerprint
List all keys (or the specified ones) along with their
@c man:.RS
The listing shows you the key with its secondary keys and all user
-ids. The primary user id is indicated by a dot, and selected keys or
-user ids are indicated by an asterisk. The trust
-value is displayed with the primary key: the first is the assigned owner
-trust and the second is the calculated trust value. Letters are used for
-the values:
+IDs. The primary user ID is indicated by a dot, and selected keys or
+user IDs are indicated by an asterisk. The trust
+value is displayed with the primary key: "trust" is the assigned owner
+trust and "validity" is the calculated validity of the key. Validity
+values are also displayed for all user IDs.
+For possible values of trust, @pxref{trust-values}.
@c man:.RE
-
-@table @asis
-
- @item -
- No ownertrust assigned / not yet calculated.
-
- @item e
- Trust
- calculation has failed; probably due to an expired key.
-
- @item q
- Not enough information for calculation.
-
- @item n
- Never trust this key.
-
- @item m
- Marginally trusted.
-
- @item f
- Fully trusted.
-
- @item u
- Ultimately trusted.
-
-@end table
@c ******** End Edit-key Options **********
@item --sign-key @var{name}
warnings about itself. The @option{--homedir} permissions warning may only be
suppressed on the command line.
-@item --no-mdc-warning
-@opindex no-mdc-warning
-Suppress the warning about missing MDC integrity protection.
-
@item --require-secmem
@itemx --no-require-secmem
@opindex require-secmem
Show a listing of the key as imported right before it is stored.
This can be combined with the option @option{--dry-run} to only look
at keys; the option @option{show-only} is a shortcut for this
- combination. Note that suffixes like '#' for "sec" and "sbb" lines
+ combination. The command @option{--show-keys} is another shortcut
+ for this. Note that suffixes like '#' for "sec" and "sbb" lines
may or may not be printed.
@item import-export
These options are obsolete and have no effect since GnuPG 2.1.
@item --force-mdc
+@itemx --disable-mdc
@opindex force-mdc
-Force the use of encryption with a modification detection code. This
-is always used with the newer ciphers (those with a blocksize greater
-than 64 bits), or if all of the recipient keys indicate MDC support in
-their feature flags.
-
-@item --disable-mdc
@opindex disable-mdc
-Disable the use of the modification detection code. Note that by
-using this option, the encrypted message becomes vulnerable to a
-message modification attack.
+These options are obsolete and have no effect since GnuPG 2.2.8. The
+MDC is always used. But note: If the creation of a legacy non-MDC
+message is exceptionally required, the option @option{--rfc2440}
+allows for this.
@item --disable-signer-uid
@opindex disable-signer-uid
@item --rfc2440
@opindex rfc2440
Reset all packet, cipher and digest options to strict RFC-2440
-behavior.
+behavior. Note that by using this option encryption packets are
+created in a legacy mode without MDC protection. This is dangerous
+and should thus only be used for experiments. See also option
+@option{--ignore-mdc-error}.
@item --pgp6
@opindex pgp6
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
does not understand signatures made by signing subkeys.
-This option implies @option{--disable-mdc --escape-from-lines}.
+This option implies @option{--escape-from-lines}.
@item --pgp7
@opindex pgp7
@item --ignore-mdc-error
@opindex ignore-mdc-error
This option changes a MDC integrity protection failure into a warning.
-This can be useful if a message is partially corrupt, but it is
-necessary to get as much data as possible out of the corrupt message.
-However, be aware that a MDC protection failure may also mean that the
-message was tampered with intentionally by an attacker.
+It is required to decrypt old messages which did not use an MDC. It
+may also be useful if a message is partially garbled, but it is
+necessary to get as much data as possible out of that garbled message.
+Be aware that a missing or failed MDC can be an indication of an
+attack. Use with great caution; see also option @option{--rfc2440}.
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos
@opindex default-new-key-algo @var{string}
This option can be used to change the default algorithms for key
generation. The @var{string} is similar to the arguments required for
-the command @option{--quick-add-key} but slighly different. For
+the command @option{--quick-add-key} but slightly different. For
example the current default of @code{"rsa2048/cert,sign+rsa2048/encr"}
(or @code{"rsa3072"}) can be changed to the value of what we currently
call future default, which is @code{"ed25519/cert,sign+cv25519/encr"}.
imports only the user ids of a key containing the strings "Alfa"
or "Alpha" but not the string "test".
+@mansect trust values
+@ifset isman
+@include trust-values.texi
+@end ifset
@mansect return value
@chapheading RETURN VALUE
This application adds read-only support for keys and certificates
stored on a @uref{http://www.smartcard-hsm.com, SmartCard-HSM}.
-To generate keys and store certifiates you may use
+To generate keys and store certificates you may use
@uref{https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM, OpenSC} or
the tools from @uref{http://www.openscdp.org, OpenSCDP}.
Apply the configuration settings listed in @var{file} to the
configuration files. If @var{file} has no suffix and no slashes the
command first tries to read a file with the suffix @code{.prf} from
-the the data directory (@code{gpgconf --list-dirs datadir}) before it
+the data directory (@code{gpgconf --list-dirs datadir}) before it
reads the file verbatim. A profile is divided into sections using the
bracketed component name. Each section then lists the option which
shall go into the respective configuration file.
--- /dev/null
+@c Copyright (C) 2018 Free Software Foundation, Inc.
+@c This is part of the GnuPG manual.
+@c For copying conditions, see the file gnupg.texi.
+
+Trust values are used to indicate ownertrust and validity of keys and
+user IDs. They are displayed with letters or strings:
+
+@table @asis
+
+ @item -
+ @itemx unknown
+ No ownertrust assigned / not yet calculated.
+
+ @item e
+ @itemx expired
+
+ Trust calculation has failed; probably due to an expired key.
+
+ @item q
+ @itemx undefined, undef
+ Not enough information for calculation.
+
+ @item n
+ @itemx never
+ Never trust this key.
+
+ @item m
+ @itemx marginal
+ Marginally trusted.
+
+ @item f
+ @itemx full
+ Fully trusted.
+
+ @item u
+ @itemx ultimate
+ Ultimately trusted.
+
+ @item r
+ @itemx revoked
+ For validity only: the key or the user ID has been revoked.
+
+ @item ?
+ @itemx err
+ The program encountered an unknown trust value.
+
+@end table
#include "packet.h"
#include "options.h"
#include "main.h"
+#include "../common/i18n.h"
#include "../common/status.h"
if (DBG_HASHING)
gcry_md_debug (cfx->mdc_hash, "creatmdc");
}
- else if (!opt.no_mdc_warn)
+ else
{
- log_info ("WARNING: "
- "encrypting without integrity protection is dangerous\n");
+ log_info (_("WARNING: "
+ "encrypting without integrity protection is dangerous\n"));
+ log_info (_("Hint: Do not use option %s\n"), "--rfc2440");
}
write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
}
-/* We try very hard to use a MDC */
+/* Shall we use the MDC? Yes - unless rfc-2440 compatibility is
+ * requested. */
int
use_mdc (pk_list_t pk_list,int algo)
{
- /* RFC-2440 don't has MDC */
- if (RFC2440)
- return 0;
+ (void)pk_list;
+ (void)algo;
- /* --force-mdc overrides --disable-mdc */
- if(opt.force_mdc)
- return 1;
-
- if(opt.disable_mdc)
+ /* RFC-2440 don't has MDC - this is the only way to create a legacy
+ * non-MDC encryption packet. */
+ if (RFC2440)
return 0;
- /* Do the keys really support MDC? */
-
- if(select_mdc_from_pklist(pk_list))
- return 1;
-
- /* The keys don't support MDC, so now we do a bit of a hack - if any
- of the AESes or TWOFISH are in the prefs, we assume that the user
- can handle a MDC. This is valid for PGP 7, which can handle MDCs
- though it will not generate them. 2440bis allows this, by the
- way. */
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES,NULL)==CIPHER_ALGO_AES)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES192,NULL)==CIPHER_ALGO_AES192)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES256,NULL)==CIPHER_ALGO_AES256)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_TWOFISH,NULL)==CIPHER_ALGO_TWOFISH)
- return 1;
-
- /* Last try. Use MDC for the modern ciphers. */
-
- if (openpgp_cipher_get_algo_blklen (algo) != 8)
- return 1;
-
- if (opt.verbose)
- warn_missing_mdc_from_pklist (pk_list);
-
- return 0; /* No MDC */
+ return 1; /* In all other cases we use the MDC */
}
aSearchKeys,
aRefreshKeys,
aFetchKeys,
+ aShowKeys,
aExport,
aExportSecret,
aExportSecretSub,
oRequireSecmem,
oNoRequireSecmem,
oNoPermissionWarn,
- oNoMDCWarn,
oNoArmor,
oNoDefKeyring,
oNoKeyring,
oShowPhotos,
oNoShowPhotos,
oPhotoViewer,
- oForceMDC,
- oNoForceMDC,
- oDisableMDC,
- oNoDisableMDC,
oS2KMode,
oS2KDigest,
oS2KCipher,
N_("update all keys from a keyserver")),
ARGPARSE_c (aLocateKeys, "locate-keys", "@"),
ARGPARSE_c (aFetchKeys, "fetch-keys" , "@" ),
+ ARGPARSE_c (aShowKeys, "show-keys" , "@" ),
ARGPARSE_c (aExportSecret, "export-secret-keys" , "@" ),
ARGPARSE_c (aExportSecretSub, "export-secret-subkeys" , "@" ),
ARGPARSE_c (aExportSshKey, "export-ssh-key", "@" ),
ARGPARSE_s_n (oQuiet, "quiet", "@"),
ARGPARSE_s_n (oNoTTY, "no-tty", "@"),
- ARGPARSE_s_n (oForceMDC, "force-mdc", "@"),
- ARGPARSE_s_n (oNoForceMDC, "no-force-mdc", "@"),
- ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
- ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
-
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"),
ARGPARSE_s_n (oNoRequireSecmem, "no-require-secmem", "@"),
ARGPARSE_s_n (oNoPermissionWarn, "no-permission-warning", "@"),
- ARGPARSE_s_n (oNoMDCWarn, "no-mdc-warning", "@"),
ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */
ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */
ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */
+ ARGPARSE_c (aShowKeys, "show-key", "@"), /* alias */
ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"),
ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"),
ARGPARSE_s_n (oNoop, "no-force-v3-sigs", "@"),
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
+ ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"),
+ ARGPARSE_s_n (oNoop, "force-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "no-force-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "disable-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"),
+
ARGPARSE_end ()
};
case oDE_VS:
set_compliance_option (oOpenPGP);
opt.compliance = CO_DE_VS;
- opt.force_mdc = 1;
/* Fixme: Change other options. */
break;
greeting=1;
break;
+ case aShowKeys:
+ set_cmd (&cmd, pargs.r_opt);
+ opt.import_options |= IMPORT_SHOW;
+ opt.import_options |= IMPORT_DRY_RUN;
+ opt.import_options &= ~IMPORT_REPAIR_KEYS;
+ break;
+
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
case aDecryptFiles: multifile=1; /* fall through */
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
- case oForceMDC: opt.force_mdc = 1; break;
- case oNoForceMDC: opt.force_mdc = 0; break;
- case oDisableMDC: opt.disable_mdc = 1; break;
- case oNoDisableMDC: opt.disable_mdc = 0; break;
-
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break;
case oRequireSecmem: require_secmem=1; break;
case oNoRequireSecmem: require_secmem=0; break;
case oNoPermissionWarn: opt.no_perm_warn=1; break;
- case oNoMDCWarn: opt.no_mdc_warn=1; break;
case oDisplayCharset:
if( set_native_charset( pargs.r.ret_str ) )
log_error(_("'%s' is not a valid character set\n"),
{
/* That does not anymore work because we have no more support
for v3 signatures. */
- opt.disable_mdc=1;
opt.escape_from=1;
opt.ask_sig_expire=0;
}
case aFastImport:
opt.import_options |= IMPORT_FAST; /* fall through */
case aImport:
+ case aShowKeys:
import_keys (ctrl, argc? argv:NULL, argc, NULL,
opt.import_options, opt.key_origin, opt.key_origin_url);
break;
if (!stats_handle)
{
- import_print_stats (stats);
+ if ((options & (IMPORT_SHOW | IMPORT_DRY_RUN))
+ != (IMPORT_SHOW | IMPORT_DRY_RUN))
+ import_print_stats (stats);
import_release_stats_handle (stats);
}
int any_filter = 0;
KEYDB_HANDLE hd = NULL;
+ /* If show-only is active we don't won't any extra output. */
+ if ((options & (IMPORT_SHOW | IMPORT_DRY_RUN)))
+ silent = 1;
+
/* Get the key and print some info about it. */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
if (!node )
}
-/* Loop over the keyblock and check all self signatures. On return
- * the following bis in the node flags are set:
+/* Loop over the KEYBLOCK and check all self signatures. KEYID is the
+ * keyid of the primary key for reporting purposes. On return the
+ * following bits in the node flags are set:
*
* - NODE_GOOD_SELFSIG :: User ID or subkey has a self-signature
* - NODE_BAD_SELFSIG :: Used ID or subkey has an invalid self-signature
static int
chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
{
- kbnode_t n, knode = NULL;
+ kbnode_t knode = NULL; /* The node of the current subkey. */
+ PKT_public_key *subpk = NULL; /* and its packet. */
+ kbnode_t bsnode = NULL; /* Subkey binding signature node. */
+ u32 bsdate = 0; /* Timestamp of that node. */
+ kbnode_t rsnode = NULL; /* Subkey recocation signature node. */
+ u32 rsdate = 0; /* Timestamp of tha node. */
PKT_signature *sig;
int rc;
- u32 bsdate=0, rsdate=0;
- kbnode_t bsnode = NULL, rsnode = NULL;
+ kbnode_t n;
for (n=keyblock; (n = find_next_kbnode (n, 0)); )
{
if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
knode = n;
+ subpk = knode->pkt->pkt.public_key;
bsdate = 0;
rsdate = 0;
bsnode = NULL;
if ( rc )
{
if (opt.verbose)
- log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
- _("key %s: unsupported public key"
- " algorithm\n"):
- _("key %s: invalid subkey binding\n"),
- keystr (keyid));
+ {
+ keyid_from_pk (subpk, NULL);
+ log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
+ _("key %s: unsupported public key"
+ " algorithm\n"):
+ _("key %s: invalid subkey binding\n"),
+ keystr_with_sub (keyid, subpk->keyid));
+ }
n->flag |= NODE_DELETION_MARK;
}
else
one is newer */
bsnode->flag |= NODE_DELETION_MARK;
if (opt.verbose)
- log_info (_("key %s: removed multiple subkey"
- " binding\n"),keystr(keyid));
+ {
+ keyid_from_pk (subpk, NULL);
+ log_info (_("key %s: removed multiple subkey"
+ " binding\n"),
+ keystr_with_sub (keyid, subpk->keyid));
+ }
}
bsnode = n;
{
kbnode_t node;
int nvalid=0, uid_seen=0, subkey_seen=0;
+ PKT_public_key *pk;
for (node=keyblock->next; node; node = node->next )
{
|| !(node->flag & NODE_GOOD_SELFSIG))
{
if (opt.verbose )
- log_info( _("key %s: skipped subkey\n"),keystr(keyid));
+ {
+ pk = node->pkt->pkt.public_key;
+ keyid_from_pk (pk, NULL);
+ log_info (_("key %s: skipped subkey\n"),
+ keystr_with_sub (keyid, pk->keyid));
+ }
delete_kbnode( node ); /* the subkey */
/* and all following signature packets */
/* key-check.c - Detect and fix various problems with keys
* Copyright (C) 1998-2010 Free Software Foundation, Inc.
* Copyright (C) 1998-2017 Werner Koch
- * Copyright (C) 2015-2017 g10 Code GmbH
+ * Copyright (C) 2015-2018 g10 Code GmbH
*
* This file is part of GnuPG.
*
a = an->pkt->pkt.signature;
b = bn->pkt->pkt.signature;
+ /* Signatures with a different help counter are not identical for
+ * our purpose. */
+ if (a->help_counter < b->help_counter)
+ return -1;
+ if (a->help_counter > b->help_counter)
+ return 1;
+
if (a->digest_algo < b->digest_algo)
return -1;
if (a->digest_algo > b->digest_algo)
}
+static gpg_error_t
+remove_duplicate_sigs (kbnode_t kb, int *dups, int *modified)
+{
+ gpg_error_t err;
+ kbnode_t n;
+ int nsigs;
+ kbnode_t *sigs; /* Allocated array with the signature packet. */
+ int i;
+ int last_i;
+ int block;
+ PKT_signature *sig;
+
+ /* Count the sigs. */
+ for (nsigs = 0, n = kb; n; n = n->next)
+ {
+ if (is_deleted_kbnode (n))
+ continue;
+ else if (n->pkt->pkttype == PKT_SIGNATURE)
+ nsigs ++;
+ }
+
+ if (!nsigs)
+ return 0; /* No signatures at all. */
+
+ /* Add them all to the SIGS array. */
+ sigs = xtrycalloc (nsigs, sizeof *sigs);
+ if (!sigs)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("error allocating memory: %s\n"), gpg_strerror (err));
+ return err;
+ }
+
+ block = 0;
+ i = 0;
+ for (n = kb; n; n = n->next)
+ {
+ if (is_deleted_kbnode (n))
+ continue;
+
+ if (n->pkt->pkttype != PKT_SIGNATURE)
+ {
+ switch (n->pkt->pkttype)
+ {
+ case PKT_PUBLIC_SUBKEY:
+ case PKT_SECRET_SUBKEY:
+ case PKT_USER_ID:
+ case PKT_ATTRIBUTE:
+ /* Bump the block number so that we only consider
+ * signatures below the same object as duplicates. */
+ block++;
+ break;
+ default:
+ break;
+ }
+ continue;
+ }
+ sig = n->pkt->pkt.signature;
+ sig->help_counter = block;
+ sigs[i++] = n;
+ }
+ log_assert (i == nsigs);
+
+ qsort (sigs, nsigs, sizeof (sigs[0]), sig_comparison);
+
+ last_i = 0;
+ for (i = 1; i < nsigs; i ++)
+ {
+ log_assert (sigs[last_i]);
+ log_assert (sigs[last_i]->pkt->pkttype == PKT_SIGNATURE);
+ log_assert (sigs[i]);
+ log_assert (sigs[i]->pkt->pkttype == PKT_SIGNATURE);
+
+ if (sig_comparison (&sigs[last_i], &sigs[i]) == 0)
+ {
+ /* They are the same. Kill the latter. */
+ if (DBG_PACKET)
+ {
+ sig = sigs[i]->pkt->pkt.signature;
+
+ log_debug ("Signature appears multiple times, "
+ "deleting duplicate:\n");
+ log_debug (" sig: class 0x%x, issuer: %s,"
+ " timestamp: %s (%lld), digest: %02x %02x\n",
+ sig->sig_class, keystr (sig->keyid),
+ isotimestamp (sig->timestamp),
+ (long long) sig->timestamp,
+ sig->digest_start[0], sig->digest_start[1]);
+ }
+
+ /* Remove sigs[i] from the keyblock. */
+ {
+ kbnode_t z, *prevp;
+ int to_kill = last_i;
+ last_i = i;
+
+ for (prevp = &kb, z = kb; z; prevp = &z->next, z = z->next)
+ if (z == sigs[to_kill])
+ break;
+
+ *prevp = sigs[to_kill]->next;
+
+ sigs[to_kill]->next = NULL;
+ release_kbnode (sigs[to_kill]);
+ sigs[to_kill] = NULL;
+
+ ++*dups;
+ *modified = 1;
+ }
+ }
+ else
+ last_i = i;
+ }
+
+ xfree (sigs);
+ return 0;
+}
+
+
/* Perform a few sanity checks on a keyblock is okay and possibly
* repair some damage. Concretely:
*
int bad_signature = 0;
int missing_selfsig = 0;
int modified = 0;
+ PKT_signature *sig;
log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY);
pk = kb->pkt->pkt.public_key;
/* First we look for duplicates. */
- {
- int nsigs;
- kbnode_t *sigs;
- int i;
- int last_i;
-
- /* Count the sigs. */
- for (nsigs = 0, n = kb; n; n = n->next)
- {
- if (is_deleted_kbnode (n))
- continue;
- else if (n->pkt->pkttype == PKT_SIGNATURE)
- nsigs ++;
- }
-
- if (!nsigs)
- return 0; /* No signatures at all. */
-
- /* Add them all to the SIGS array. */
- sigs = xtrycalloc (nsigs, sizeof *sigs);
- if (!sigs)
- {
- log_error (_("error allocating memory: %s\n"),
- gpg_strerror (gpg_error_from_syserror ()));
- return 0;
- }
-
- i = 0;
- for (n = kb; n; n = n->next)
- {
- if (is_deleted_kbnode (n))
- continue;
+ if (remove_duplicate_sigs (kb, &dups, &modified))
+ goto leave; /* Error */
- if (n->pkt->pkttype != PKT_SIGNATURE)
- continue;
-
- sigs[i] = n;
- i ++;
- }
- log_assert (i == nsigs);
-
- qsort (sigs, nsigs, sizeof (sigs[0]), sig_comparison);
-
- last_i = 0;
- for (i = 1; i < nsigs; i ++)
- {
- log_assert (sigs[last_i]);
- log_assert (sigs[last_i]->pkt->pkttype == PKT_SIGNATURE);
- log_assert (sigs[i]);
- log_assert (sigs[i]->pkt->pkttype == PKT_SIGNATURE);
-
- if (sig_comparison (&sigs[last_i], &sigs[i]) == 0)
- /* They are the same. Kill the latter. */
- {
- if (DBG_PACKET)
- {
- PKT_signature *sig = sigs[i]->pkt->pkt.signature;
-
- log_debug ("Signature appears multiple times, "
- "deleting duplicate:\n");
- log_debug (" sig: class 0x%x, issuer: %s,"
- " timestamp: %s (%lld), digest: %02x %02x\n",
- sig->sig_class, keystr (sig->keyid),
- isotimestamp (sig->timestamp),
- (long long) sig->timestamp,
- sig->digest_start[0], sig->digest_start[1]);
- }
-
- /* Remove sigs[i] from the keyblock. */
- {
- KBNODE z, *prevp;
- int to_kill = last_i;
- last_i = i;
-
- for (prevp = &kb, z = kb; z; prevp = &z->next, z = z->next)
- if (z == sigs[to_kill])
- break;
-
- *prevp = sigs[to_kill]->next;
-
- sigs[to_kill]->next = NULL;
- release_kbnode (sigs[to_kill]);
- sigs[to_kill] = NULL;
-
- dups ++;
- modified = 1;
- }
- }
- else
- last_i = i;
- }
-
- xfree (sigs);
- }
-
- /* Make sure the sigs occur after the component (public key, subkey,
- user id) that they sign. */
+ /* Now make sure the sigs occur after the component (aka block)
+ * (public key, subkey, user id) that they sign. */
issuer = NULL;
last_printed_component = NULL;
for (n_prevp = &kb, n = kb;
{
PACKET *p;
int processed_current_component;
- PKT_signature *sig;
int rc;
int dump_sig_params = 0;
free_public_key (issuer);
issuer = NULL;
+ /* If we reordered signatures we need to de-duplicate again because
+ * a signature can now be a duplicate in another block. */
+ if (reordered)
+ {
+ if (remove_duplicate_sigs (kb, &dups, &modified))
+ goto leave;
+ }
+
/* Identify keys / uids that don't have a self-sig. */
{
int has_selfsig = 0;
PACKET *p;
- PKT_signature *sig;
current_component = NULL;
for (n = kb; n; n = n->next)
}
}
+
+ leave:
if (!opt.quiet)
{
char prefix[100];
};
+/* Counter with the number of literal data packets seen. Note that
+ * this is also bumped at the end of an encryption. This counter is
+ * used for a basic consistency check of a received PGP message. */
+static int literals_seen;
+
+
/*** Local prototypes. ***/
static int do_proc_packets (ctrl_t ctrl, CTX c, iobuf_t a);
static void list_node (CTX c, kbnode_t node);
static void proc_tree (CTX c, kbnode_t node);
-static int literals_seen;
/*** Functions. ***/
-
+/* Reset the literal data counter. This is required to setup a new
+ * decryption or verification context. */
void
reset_literals_seen(void)
{
proc_encrypted (CTX c, PACKET *pkt)
{
int result = 0;
+ int early_plaintext = literals_seen;
+
+ if (early_plaintext)
+ {
+ log_info (_("WARNING: multiple plaintexts seen\n"));
+ write_status_errcode ("decryption.early_plaintext", GPG_ERR_BAD_DATA);
+ /* We fail only later so that we can print some more info first. */
+ }
if (!opt.quiet)
{
if (!result)
result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek );
+ /* Trigger the deferred error. */
+ if (!result && early_plaintext)
+ result = gpg_error (GPG_ERR_BAD_DATA);
+
if (result == -1)
;
else if (!result
&& !opt.ignore_mdc_error
- && !pkt->pkt.encrypted->mdc_method
- && openpgp_cipher_get_algo_blklen (c->dek->algo) != 8
- && c->dek->algo != CIPHER_ALGO_TWOFISH)
+ && !pkt->pkt.encrypted->mdc_method)
{
- /* The message has been decrypted but has no MDC despite that a
- modern cipher (blocklength != 64 bit, except for Twofish) is
- used and the option to ignore MDC errors is not used: To
- avoid attacks changing an MDC message to a non-MDC message,
- we fail here. */
+ /* The message has been decrypted but does not carry an MDC.
+ * The option --ignore-mdc-error has also not been used. To
+ * avoid attacks changing an MDC message to a non-MDC message,
+ * we fail here. */
log_error (_("WARNING: message was not integrity protected\n"));
- if (opt.verbose > 1)
- log_info ("decryption forced to fail\n");
+ if (!pkt->pkt.encrypted->mdc_method
+ && (openpgp_cipher_get_algo_blklen (c->dek->algo) == 8
+ || c->dek->algo == CIPHER_ALGO_TWOFISH))
+ {
+ /* Before 2.2.8 we did not fail hard for a missing MDC if
+ * one of the old ciphers where used. Although these cases
+ * are rare in practice we print a hint on how to decrypt
+ * such messages. */
+ log_string
+ (GPGRT_LOGLVL_INFO,
+ _("Hint: If this message was created before the year 2003 it is\n"
+ "likely that this message is legitimate. This is because back\n"
+ "then integrity protection was not widely used.\n"));
+ log_info (_("Use the option '%s' to decrypt anyway.\n"),
+ "--ignore-mdc-error");
+ write_status_errcode ("nomdc_with_legacy_cipher",
+ GPG_ERR_DECRYPT_FAILED);
+ }
+ log_info (_("decryption forced to fail!\n"));
write_status (STATUS_DECRYPTION_FAILED);
}
else if (!result || (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE
log_info(_("decryption okay\n"));
if (pkt->pkt.encrypted->mdc_method && !result)
write_status (STATUS_GOODMDC);
- else if (!opt.no_mdc_warn)
+ else
log_info (_("WARNING: message was not integrity protected\n"));
}
else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE)
free_packet (pkt, NULL);
c->last_was_session_key = 0;
write_status (STATUS_END_DECRYPTION);
+
+ /* Bump the counter even if we have not seen a literal data packet
+ * inside an encryption container. This acts as a sentinel in case
+ * a misplace extra literal data packets follows after this
+ * encrypted packet. */
+ literals_seen++;
}
int any, clearsig, rc;
kbnode_t n;
+ /* This is a literal data packet. Bumb a counter for later checks. */
literals_seen++;
if (pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8))
log_info (_("Note: sender requested \"for-your-eyes-only\"\n"));
else if (opt.verbose)
- log_info (_("original file name='%.*s'\n"), pt->namelen, pt->name);
+ {
+ /* We don't use print_utf8_buffer because that would require a
+ * string change which we don't want in 2.2. It is also not
+ * clear whether the filename is always utf-8 encoded. */
+ char *tmp = make_printable_string (pt->name, pt->namelen, 0);
+ log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp);
+ xfree (tmp);
+ }
free_md_filter_context (&c->mfx);
if (gcry_md_open (&c->mfx.md, 0, 0))
int no_armor;
int list_packets; /* Option --list-packets active. */
int def_cipher_algo;
- int force_mdc;
- int disable_mdc;
int def_digest_algo;
int cert_digest_algo;
int compress_algo;
prefitem_t *personal_compress_prefs;
struct weakhash *weak_digests;
int no_perm_warn;
- int no_mdc_warn;
char *temp_dir;
int no_encrypt_to;
int encrypt_to_default_key;
const byte *trust_regexp;
struct revocation_key *revkey;
int numrevkeys;
+ int help_counter; /* Used internally bu some fucntions. */
pka_info_t *pka_info; /* Malloced PKA data or NULL if not
available. See also flags.pka_tried. */
char *signers_uid; /* Malloced value of the SIGNERS_UID
msgid "public key decryption failed: %s\n"
msgstr "ha fallat el desxifratge amb la clau pública: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "xifrat amb %lu contrasenyes\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "AVÍS: el missatge no tenia protecció d'integritat\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "ha fallat el desxifratge: %s\n"
+
msgid "decryption okay\n"
msgstr "desxifratge correcte\n"
msgid "original file name='%.*s'\n"
msgstr "nom del fitxer original='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revocació autònoma: useu \"gpg --import\" per a aplicar-la\n"
msgid "public key decryption failed: %s\n"
msgstr "dešifrování veřejným klíčem selhalo: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "VAROVÁNÍ: zachyceno více prostých textů\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "zašifrováno s heslem %lu\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "VAROVÁNÍ: zpráva nebyla chráněna proti porušení její integrity\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "dešifrování selhalo: %s\n"
+
msgid "decryption okay\n"
msgstr "dešifrování o.k.\n"
msgid "original file name='%.*s'\n"
msgstr "původní jméno souboru='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "VAROVÁNÍ: zachyceno více prostých textů\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"samostatný revokační certifikát – použijte „gpg --import“, chcete-li jej "
msgid "public key decryption failed: %s\n"
msgstr "afkryptering af offentlig nøgle mislykkedes: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "ADVARSEL: flere klartekster set\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "krypteret med %lu adgangsfraser\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "ADVARSEL: besked var ikke integritetsbeskyttet\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "afkryptering mislykkedes: %s\n"
+
msgid "decryption okay\n"
msgstr "afkryptering okay\n"
msgid "original file name='%.*s'\n"
msgstr "oprindeligt filnavn=»%.*s«\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "ADVARSEL: flere klartekster set\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "uafhængig tilbagekald - brug »gpg --import« for at anvende\n"
#. q = quit
#.
msgid "iImMqQsS"
-msgstr "iImMqQsS"
+msgstr "iIhHaAsS"
msgid "No trust value assigned to:\n"
msgstr "Ingen tillidsværdi tildelt til:\n"
msgstr ""
"Project-Id-Version: gnupg-2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2018-04-09 20:39+0200\n"
+"PO-Revision-Date: 2018-06-08 11:22+0200\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: German <de@li.org>\n"
"Language: de\n"
msgid "public key decryption failed: %s\n"
msgstr "Entschlüsselung mit Public-Key-Verfahren fehlgeschlagen: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "WARNUNG: Mehr als ein Klartext erkannt\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "Verschlüsselt mit %lu Passphrases\n"
msgstr ""
"WARNUNG: Botschaft wurde nicht integritätsgeschützt (integrity protected)\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+"Tip: Falls diese Botschaft vor dem Jahr 2003 erzeugt wurde, so wird es\n"
+"vermutlich eine legitime Botschaft sein. Die kann vermutet werden, da\n"
+"vor diesem Zeitpunkt ein Integritätsschutz nur selten verwendet wurde.\n"
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr "Mit der Option '%s' kann trotzdem entschlüsselt werden.\n"
+
+msgid "decryption forced to fail!\n"
+msgstr "Entschlüsselung als fehlgeschlagen angesehen: %s\n"
+
msgid "decryption okay\n"
msgstr "Entschlüsselung erfolgreich\n"
msgid "original file name='%.*s'\n"
msgstr "Ursprünglicher Dateiname='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "WARNUNG: Mehr als ein Klartext erkannt\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"Einzelner Widerruf - verwenden Sie \"gpg --import\", um ihn anzuwenden\n"
msgid "public key decryption failed: %s\n"
msgstr "κρυπτογράφηση με δημόσιο κλειδί απέτυχε: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "κρυπτογραφημένο με %lu φράσεις κλειδιά\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "ΠΡΟΕΙΔΟΠΟΙΗΣΗ: δεν προστατεύτηκε η ακεραιότητα του μηύματος\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "αποκρυπτογράφηση απέτυχε: %s\n"
+
msgid "decryption okay\n"
msgstr "αποκρυπτογράφηση OK\n"
msgid "original file name='%.*s'\n"
msgstr "αρχικό όνομα αρχείου='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "ανεξάρτητη ανάκληση - χρησιμοποιείστε \"gpg --import\" για εφαρμογή\n"
msgid "public key decryption failed: %s\n"
msgstr "publikŝlosila malĉifrado malsukcesis: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, fuzzy, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "Ripetu pasfrazon\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "AVERTO: nenio estis eksportita\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "malĉifrado malsukcesis: %s\n"
+
msgid "decryption okay\n"
msgstr "malĉifrado sukcesis\n"
msgid "original file name='%.*s'\n"
msgstr "originala dosiernomo='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "memstara revoko - uzu \"gpg --import\" por apliki ĝin\n"
msgstr ""
"Project-Id-Version: gnupg 2.0.9\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2018-04-16 14:06+0000\n"
+"PO-Revision-Date: 2018-05-25 15:44+0000\n"
"Last-Translator: emma peel <emma.peel@riseup.net>\n"
"Language-Team: Spanish <es@li.org>\n"
"Language: es\n"
msgstr "los tamaños de claves %s deben estar en el rango %u-%u\n"
msgid "Changing card key attribute for: "
-msgstr ""
+msgstr "Cambiando el atributo de la clave de tarjeta por: "
-#, fuzzy
-#| msgid " (1) Signature key\n"
msgid "Signature key\n"
-msgstr " (1) Clave de firmado\n"
+msgstr "Clave de firmado\n"
-#, fuzzy
-#| msgid " (2) Encryption key\n"
msgid "Encryption key\n"
-msgstr " (2) Clave de cifrado\n"
+msgstr "Clave de cifrado\n"
-#, fuzzy
-#| msgid " (3) Authentication key\n"
msgid "Authentication key\n"
-msgstr " (3) Clave de autentificación\n"
+msgstr "Clave de autentificación\n"
msgid "Please select what kind of key you want:\n"
msgstr "Por favor seleccione tipo de clave deseado:\n"
msgid " (%d) RSA\n"
msgstr " (%d) RSA\n"
-#, fuzzy, c-format
-#| msgid " (%d) ECC and ECC\n"
+#, c-format
msgid " (%d) ECC\n"
-msgstr " (%d) ECC y ECC\n"
+msgstr " (%d) ECC\n"
msgid "Invalid selection.\n"
msgstr "Elección inválida.\n"
msgid "The card will now be re-configured to generate a key of type: %s\n"
msgstr "Ahora la tarjeta se reconfigurará para generar una clave de tipo: %s\n"
-#, fuzzy, c-format
-#| msgid "error changing size of key %d to %u bits: %s\n"
+#, c-format
msgid "error changing key attribute for key %d: %s\n"
-msgstr "error cambiando el tamaño de la clave %d a %u bits: %s\n"
+msgstr "error cambiando el atributo de clave de la clave %d: %s\n"
-#, fuzzy, c-format
-#| msgid "error getting current key info: %s\n"
+#, c-format
msgid "error getting card info: %s\n"
-msgstr "error obteniendo la información actual de la clave: %s\n"
+msgstr "error al obtener información de la clave: %s\n"
msgid "This command is not supported by this card\n"
msgstr "Esta orden no se puede usar con esta tarjeta\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "¿Realmente quiere volver a los valores de fábrica? (escriba \"sí\") "
-#, fuzzy, c-format
-#| msgid "error looking up: %s\n"
+#, c-format
msgid "error for setup KDF: %s\n"
-msgstr "error al buscar: %s\n"
+msgstr "error de la configuración KDF: %s\n"
msgid "quit this menu"
msgstr "salir de este menú"
msgid "destroy all keys and data"
msgstr "destruir todas las claves y datos"
-#, fuzzy
-#| msgid "|NAME|use user NAME for authentication"
msgid "setup KDF for PIN authentication"
-msgstr "|NAME|usa NOMBRE como destinatario por defecto"
+msgstr "configurar KDF para autentificación de PIN"
-#, fuzzy
-#| msgid "change the ownertrust"
msgid "change the key attribute"
-msgstr "cambia valores de confianza"
+msgstr "cambia valores de la clave"
msgid "gpg/card> "
msgstr "gpg/tarjeta> "
msgid "invalid pinentry mode '%s'\n"
msgstr "modo de entrada de pin inválido '%s'\n"
-#, fuzzy, c-format
-#| msgid "invalid value for option '%s'\n"
+#, c-format
msgid "invalid request origin '%s'\n"
-msgstr "parámetro incorrecto para la opción '%s'\n"
+msgstr "origen incorrecto de la consulta '%s'\n"
#, c-format
msgid "'%s' is not a valid character set\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "No puede cambiar la fecha de caducidad de una clave v3\n"
-#, fuzzy
-#| msgid "Changing expiration time for a subkey.\n"
msgid "Changing usage of a subkey.\n"
-msgstr "Cambiando fecha de caducidad de subclave.\n"
+msgstr "Cambiando el uso de una subclave.\n"
-#, fuzzy
-#| msgid "Changing expiration time for the primary key.\n"
msgid "Changing usage of the primary key.\n"
-msgstr "Cambiando caducidad de clave primaria.\n"
+msgstr "Cambiando uso de clave primaria.\n"
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgid "public key decryption failed: %s\n"
msgstr "descifrado de la clave pública fallido: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "AVISO: se observan varios textos en claro\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "cifrado con %lu frases contraseña\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "ATENCIÓN: la intgridad del mensaje no está protegida\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "descifrado fallido: %s\n"
+
msgid "decryption okay\n"
msgstr "descifrado correcto\n"
msgid "original file name='%.*s'\n"
msgstr "nombre fichero original='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "AVISO: se observan varios textos en claro\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revocación independiente - use \"gpg --import\" para aplicarla\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "NOTA: la clave de firmado %s ha sido revocada\n"
-#, fuzzy, c-format
-#| msgid "standalone signature of class 0x%02x\n"
+#, c-format
msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
-msgstr "firma independiente de clase 0x%02x\n"
+msgstr "firma incorrecta de la clave %s: %s (0x%02x, 0x%x)\n"
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgid "Messages verified over the past %d day: %d."
msgid_plural "Messages verified over the past %d days: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes verificados los últimos %d días: %d."
#, c-format
msgid "Messages encrypted over the past %d day: %d."
msgid_plural "Messages encrypted over the past %d days: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes cifrados los últimos %d días: %d."
#, c-format
msgid "Messages verified over the past %d month: %d."
msgid_plural "Messages verified over the past %d months: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes verificados los últimos %d meses: %d."
#, c-format
msgid "Messages encrypted over the past %d month: %d."
msgid_plural "Messages encrypted over the past %d months: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes cifrados los últimos %d meses: %d."
#, c-format
msgid "Messages verified over the past %d year: %d."
msgid_plural "Messages verified over the past %d years: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes verificados los últimos %d años: %d."
#, c-format
msgid "Messages encrypted over the past %d year: %d."
msgid_plural "Messages encrypted over the past %d years: %d."
msgstr[0] ""
-msgstr[1] ""
+msgstr[1] "Mensajes cifrados los últimos %d años: %d."
#, c-format
msgid "Messages verified in the past: %d."
msgid "public key decryption failed: %s\n"
msgstr "avaliku võtmega lahtikrüpteerimine ebaõnnestus: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "krüpteeritud kasutades %lu parooli\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "HOIATUS: teate kooskõlalisus ei ole tagatud\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "lahtikrüpteerimine ebaõnnestus: %s\n"
+
msgid "decryption okay\n"
msgstr "lahtikrüpteerimine õnnestus\n"
msgid "original file name='%.*s'\n"
msgstr "algne failinimi on='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "eraldiseisev tühistus - realiseerimiseks kasutage \"gpg --import\"\n"
msgid "public key decryption failed: %s\n"
msgstr "julkisen avaimen avaus epäonnistui: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "salattu %lu salasanalla\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "VAROITUS: viestin eheyttä ei oltu suojattu\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "avaus epäonnistui: %s\n"
+
msgid "decryption okay\n"
msgstr "avaus onnistui\n"
msgid "original file name='%.*s'\n"
msgstr "alkuperäisen tiedoston nimi=\"%.*s\"\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "itsenäinen mitätöinti - käytä \"gpg --import\" ottaaksesi käyttöön\n"
msgid "public key decryption failed: %s\n"
msgstr "échec du déchiffrement par clef publique : %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "Attention : plusieurs textes en clair ont été vus\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "chiffré avec %lu phrases secrètes\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "Attention : l'intégrité du message n'était pas protégée\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "échec du déchiffrement : %s\n"
+
msgid "decryption okay\n"
msgstr "le déchiffrement a réussi\n"
msgid "original file name='%.*s'\n"
msgstr "nom de fichier original : « %.*s »\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "Attention : plusieurs textes en clair ont été vus\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "révocation autonome — utilisez « gpg --import » pour l'appliquer\n"
msgid "public key decryption failed: %s\n"
msgstr "fallou o descifrado de chave pública: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "cifrado con %lu contrasinais\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "AVISO: a mensaxe non tiña protección de integridade\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "o descifrado fallou: %s\n"
+
msgid "decryption okay\n"
msgstr "descifrado correcto\n"
msgid "original file name='%.*s'\n"
msgstr "nome do ficheiro orixinal='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revocación independente - empregue \"gpg --import\" para aplicar\n"
msgid "public key decryption failed: %s\n"
msgstr "Nyilvános kulcsú visszafejtés sikertelen: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "%lu jelszóval rejtjelezve\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "FIGYELEM: Az üzenetet nem látták el integritásvédelemmel.\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "Visszafejtés sikertelen: %s.\n"
+
msgid "decryption okay\n"
msgstr "Visszafejtés rendben.\n"
msgid "original file name='%.*s'\n"
msgstr "Eredeti fájlnév: '%.*s'.\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"Különálló visszavonás. Használja a \"gpg --import\"-ot az alkalmazásához!\n"
msgid "public key decryption failed: %s\n"
msgstr "gagal dekripsi kunci publik: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "dienkripsi dengan passphrase %lu\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "PERINGATAN: integritas pesan tidak terlindungi\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "dekripsi gagal: %s\n"
+
msgid "decryption okay\n"
msgstr "dekripsi lancar\n"
msgid "original file name='%.*s'\n"
msgstr "original file name='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "pembatalan mandiri - gunakan \"gpg --import\" untuk mengaplikasikan\n"
msgid "public key decryption failed: %s\n"
msgstr "decifratura della chiave pubblica fallita: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "cifratto con %lu passphrase\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "ATTENZIONE: l'integrità del messaggio non era protetta\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "decifratura fallita: %s\n"
+
msgid "decryption okay\n"
msgstr "decifratura corretta\n"
msgid "original file name='%.*s'\n"
msgstr "nome del file originale='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revoca solitaria - usa \"gpg --import\" per applicarla\n"
msgid "public key decryption failed: %s\n"
msgstr "公開鍵の復号に失敗しました: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "*警告*: 複数のプレインテクストが見られます\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "%lu 個のパスフレーズで暗号化\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "*警告*: メッセージの完全性は保護されていません\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "復号に失敗しました: %s\n"
+
msgid "decryption okay\n"
msgstr "復号に成功\n"
msgid "original file name='%.*s'\n"
msgstr "元のファイル名='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "*警告*: 複数のプレインテクストが見られます\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "スタンドアロン失効 - \"gpg --import\"を使って適用してください\n"
msgid "public key decryption failed: %s\n"
msgstr "offentlig nøkkel-dekryptering mislyktes: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "ADVARSEL: fant flere elementer i ren tekst\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "kryptert med %lu passordfraser\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "ADVARSEL: meldinga var ikke integritetsbeskyttet\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "dekryptering mislyktes: %s\n"
+
msgid "decryption okay\n"
msgstr "dekryptering ok\n"
msgid "original file name='%.*s'\n"
msgstr "opprinnelig filnavn=«%.*s»\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "ADVARSEL: fant flere elementer i ren tekst\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "selvstendig opphevelse - bruk «gpg --import» for å ta i bruk\n"
msgid "public key decryption failed: %s\n"
msgstr "błąd odszyfrowywania kluczem publicznym: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "OSTRZEŻENIE: widziano wiele czystych tekstów\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "zaszyfrowane za pomocą %lu haseł\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "OSTRZEŻENIE: wiadomość nie była zabezpieczona przed manipulacją\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "błąd odszyfrowywania: %s\n"
+
msgid "decryption okay\n"
msgstr "odszyfrowanie poprawne\n"
msgid "original file name='%.*s'\n"
msgstr "pierwotna nazwa pliku='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "OSTRZEŻENIE: widziano wiele czystych tekstów\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"osobny certyfikat unieważnienia - użyj ,,gpg --import'' aby go wczytać\n"
msgid "public key decryption failed: %s\n"
msgstr "decifragem de chave pública falhou: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, fuzzy, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "Repita a frase secreta\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "AVISO: a mensagem não tinha a sua integridade protegida\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "decifragem falhou: %s\n"
+
msgid "decryption okay\n"
msgstr "decifragem correcta\n"
msgid "original file name='%.*s'\n"
msgstr "nome do ficheiro original='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revocação solitária - utilize \"gpg --import\" para aplicar\n"
msgid "public key decryption failed: %s\n"
msgstr "decriptarea cu cheie publică a eşuat: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "cifrată cu %lu fraze-parolă\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "AVERTISMENT: mesajul nu a avut integritatea protejată\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "decriptarea a eşuat: %s\n"
+
msgid "decryption okay\n"
msgstr "decriptare OK\n"
msgid "original file name='%.*s'\n"
msgstr "nume fişier original='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "revocare standalone - folosiţi \"gpg --import\" pentru a aplica\n"
msgstr ""
"Project-Id-Version: GnuPG 2.2.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-12-13 17:41+0100\n"
+"PO-Revision-Date: 2018-05-05 17:41+0100\n"
"Last-Translator: Ineiev <ineiev@gnu.org>\n"
"Language-Team: Russian <gnupg-ru@gnupg.org>\n"
"Language: ru\n"
msgstr "размер ключей %s должен быть в пределах %u-%u\n"
msgid "Changing card key attribute for: "
-msgstr ""
+msgstr "Изменение атрибутов ключа на карте:"
-#, fuzzy
-#| msgid " (1) Signature key\n"
msgid "Signature key\n"
-msgstr " (1) Ключ подписи\n"
+msgstr "Ключа для подписи\n"
-#, fuzzy
-#| msgid " (2) Encryption key\n"
msgid "Encryption key\n"
-msgstr " (2) Ключ шифрования\n"
+msgstr "Ключа для шифрования\n"
-#, fuzzy
-#| msgid " (3) Authentication key\n"
msgid "Authentication key\n"
-msgstr " (3) Ключ удостоверения личности\n"
+msgstr "Ключа для удостоверения личности\n"
msgid "Please select what kind of key you want:\n"
msgstr "Выберите тип ключа:\n"
msgid " (%d) RSA\n"
msgstr " (%d) RSA\n"
-#, fuzzy, c-format
-#| msgid " (%d) ECC and ECC\n"
+#, c-format
msgid " (%d) ECC\n"
-msgstr " (%d) ECC и ECC\n"
+msgstr " (%d) ECC\n"
msgid "Invalid selection.\n"
msgstr "Неправильный выбор.\n"
msgid "The card will now be re-configured to generate a key of type: %s\n"
msgstr "Теперь карта будет перенастроена на генерацию ключа типа %s\n"
-#, fuzzy, c-format
-#| msgid "error changing size of key %d to %u bits: %s\n"
+#, c-format
msgid "error changing key attribute for key %d: %s\n"
-msgstr "ошибка изменения размера ключа %d до %u бит: %s\n"
+msgstr "ошибка изменения атрибута ключа %d: %s\n"
-#, fuzzy, c-format
-#| msgid "error getting current key info: %s\n"
+#, c-format
msgid "error getting card info: %s\n"
-msgstr "оÑ\88ибка пÑ\80и Ñ\81Ñ\87иÑ\82Ñ\8bвании инÑ\84оÑ\80маÑ\86ии клÑ\8eÑ\87а: %s\n"
+msgstr "оÑ\88ибка пÑ\80и Ñ\81Ñ\87иÑ\82Ñ\8bвании инÑ\84оÑ\80маÑ\86ии каÑ\80Ñ\82Ñ\8b: %s\n"
msgid "This command is not supported by this card\n"
msgstr "Данная команда этой картой не поддерживается\n"
msgid "Really do a factory reset? (enter \"yes\") "
msgstr "Подтвердите сброс к заводским установкам (введите \"yes\") "
-#, fuzzy, c-format
-#| msgid "error looking up: %s\n"
+#, c-format
msgid "error for setup KDF: %s\n"
-msgstr "ошибка поиска: %s\n"
+msgstr "ошибка при настройке KDF: %s\n"
msgid "quit this menu"
msgstr "выйти из этого меню"
msgid "destroy all keys and data"
msgstr "уничтожить все ключи и данные"
-#, fuzzy
-#| msgid "|NAME|use user NAME for authentication"
msgid "setup KDF for PIN authentication"
-msgstr "|NAME|использовать имя пользователя NAME для удостоверения личности"
+msgstr "настроить KDF для проверки по PIN"
-#, fuzzy
-#| msgid "change the ownertrust"
msgid "change the key attribute"
-msgstr "изменить уровень доверия владельцу"
+msgstr "изменить атрибут ключа"
msgid "gpg/card> "
msgstr "gpg/card> "
msgid "invalid pinentry mode '%s'\n"
msgstr "недопустимый режим ввода пароля '%s'\n"
-#, fuzzy, c-format
-#| msgid "invalid value for option '%s'\n"
+#, c-format
msgid "invalid request origin '%s'\n"
-msgstr "недопустимое значения параметра \"%s\"\n"
+msgstr "недопустимый источник запроса '%s'\n"
#, c-format
msgid "'%s' is not a valid character set\n"
msgid "You can't change the expiration date of a v3 key\n"
msgstr "Нельзя изменить срок действия ключа v3\n"
-#, fuzzy
-#| msgid "Changing expiration time for a subkey.\n"
msgid "Changing usage of a subkey.\n"
-msgstr "Смена Ñ\81Ñ\80ока дейÑ\81Ñ\82вия подключа.\n"
+msgstr "Смена Ñ\80ежимов иÑ\81полÑ\8cзования подключа.\n"
-#, fuzzy
-#| msgid "Changing expiration time for the primary key.\n"
msgid "Changing usage of the primary key.\n"
-msgstr "Смена Ñ\81Ñ\80ока дейÑ\81Ñ\82вия первичного ключа.\n"
+msgstr "Смена Ñ\80ежимов иÑ\81полÑ\8cзования первичного ключа.\n"
#, c-format
msgid "signing subkey %s is already cross-certified\n"
msgid "public key decryption failed: %s\n"
msgstr "сбой расшифровки с открытым ключом: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "Внимание: наблюдается несколько текстов\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "зашифровано %lu фразами-паролями\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "Внимание: целостность сообщения не защищена\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "сбой расшифровки: %s\n"
+
msgid "decryption okay\n"
msgstr "расшифровано нормально\n"
msgid "original file name='%.*s'\n"
msgstr "первоначальное имя файла='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "Внимание: наблюдается несколько текстов\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "отдельный сертификат отзыва: задействуется командой \"gpg --import\"\n"
msgid "Note: signature key %s has been revoked\n"
msgstr "Замечание: ключ для подписей %s отозван\n"
-#, fuzzy, c-format
-#| msgid "standalone signature of class 0x%02x\n"
+#, c-format
msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
-msgstr "оÑ\82делÑ\8cнаÑ\8f подпиÑ\81Ñ\8c клаÑ\81Ñ\81а 0x%02x\n"
+msgstr "плоÑ\85аÑ\8f подпиÑ\81Ñ\8c клÑ\8eÑ\87ом %s: %s (0x%02x 0x%x)\n"
#, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgid "public key decryption failed: %s\n"
msgstr "dešifrovanie verejným kľúčom zlyhalo: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "zašifrované s %lu heslami\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "VAROVANIE: správa nemá ochranu integrity\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "dešifrovanie zlyhalo: %s\n"
+
msgid "decryption okay\n"
msgstr "dešifrovanie o.k.\n"
msgid "original file name='%.*s'\n"
msgstr "pôvodné meno súboru='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"samostatný revokačný certifikát - použite \"gpg --import\", ak ho chcete "
msgid "public key decryption failed: %s\n"
msgstr "dekryptering med publik nyckel misslyckades: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "VARNING: multipla klartexter har påträffats\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "krypterad med %lu lösenfraser\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "VARNING: detta meddelande var inte integritetsskyddat\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "dekrypteringen misslyckades: %s\n"
+
msgid "decryption okay\n"
msgstr "dekrypteringen lyckades\n"
msgid "original file name='%.*s'\n"
msgstr "ursprungligt filnamn=\"%.*s\"\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "VARNING: multipla klartexter har påträffats\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"fristående spärrcertifikat - använd \"gpg --import\" för\n"
#. q = quit
#.
msgid "iImMqQsS"
-msgstr "iImHhAsS"
+msgstr "iIhHaAsS"
msgid "No trust value assigned to:\n"
msgstr "Inget tillitsvärde tilldelat till:\n"
msgid "public key decryption failed: %s\n"
msgstr "genel anahtar şifre çözümü başarısız: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "UYAR: çok sayıda salt metin görüldü\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "%lu anahtar parolası ile şifrelenmiş\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "UYARI: ileti bütünlük korumalı değildi\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "şifre çözme başarısız: %s\n"
+
msgid "decryption okay\n"
msgstr "Şifre çözme tamam\n"
msgid "original file name='%.*s'\n"
msgstr "özgün dosya adı = '%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "UYAR: çok sayıda salt metin görüldü\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"tek başına yürürlükten kaldırma - uygulamak için \"gpg --import\" kullanın\n"
#. q = quit
#.
msgid "iImMqQsS"
-msgstr "bBmMaAkK"
+msgstr "bBmMkKaA"
msgid "No trust value assigned to:\n"
msgstr "Güven değeri belirtilmemiş:\n"
msgstr " a = bu anahtarı atla\n"
msgid " q = quit\n"
-msgstr " ç = çık\n"
+msgstr " k = çık\n"
#, c-format
msgid ""
msgid "public key decryption failed: %s\n"
msgstr "невдала спроба розшифровування відкритим ключем: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "УВАГА: виявлено декілька фрагментів нешифрованого тексту\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "зашифровано за допомогою %lu паролів\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "УВАГА: цілісність повідомлення не захищено\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "невдала спроба розшифрування: %s\n"
+
msgid "decryption okay\n"
msgstr "розшифровано\n"
msgid "original file name='%.*s'\n"
msgstr "початкова назва файла=«%.*s»\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "УВАГА: виявлено декілька фрагментів нешифрованого тексту\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr ""
"окреме відкликання — скористайтеся командою «gpg --import» для застосування\n"
msgid "public key decryption failed: %s\n"
msgstr "公钥解密失败:%s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr ""
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "以 %lu 个密码加密\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "警告:报文未受到完整的保护\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "解密失败:%s\n"
+
msgid "decryption okay\n"
msgstr "解密成功\n"
msgid "original file name='%.*s'\n"
msgstr "原始文件名 =‘%.*s’\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr ""
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "独立的吊销证书――请用“gpg --import”来应用\n"
msgid "public key decryption failed: %s\n"
msgstr "公鑰解密失敗: %s\n"
+msgid "WARNING: multiple plaintexts seen\n"
+msgstr "警告: 看到了多份明文\n"
+
#, c-format
msgid "encrypted with %lu passphrases\n"
msgstr "已用 %lu 個密語加密了\n"
msgid "WARNING: message was not integrity protected\n"
msgstr "警告: 訊息未受到完整的保護\n"
+msgid ""
+"Hint: If this message was created before the year 2003 it is\n"
+"likely that this message is legitimate. This is because back\n"
+"then integrity protection was not widely used.\n"
+msgstr ""
+
+#, c-format
+msgid "Use the option '%s' to decrypt anyway.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "decryption failed: %s\n"
+msgid "decryption forced to fail!\n"
+msgstr "解密失敗: %s\n"
+
msgid "decryption okay\n"
msgstr "解密成功\n"
msgid "original file name='%.*s'\n"
msgstr "原始的檔名 ='%.*s'\n"
-msgid "WARNING: multiple plaintexts seen\n"
-msgstr "警告: 看到了多份明文\n"
-
msgid "standalone revocation - use \"gpg --import\" to apply\n"
msgstr "獨立撤銷 - 請用 \"gpg --import\" 來套用\n"
"no-auto-key-retrieve"
"no-auto-key-locate"
"allow-weak-digest-algos"
+ "ignore-mdc-error"
(if have-opt-always-trust
"no-auto-check-trustdb" "#no-auto-check-trustdb")
(string-append "agent-program "