From wk at gnupg.org Mon Feb 3 14:18:25 2025 From: wk at gnupg.org (Werner Koch) Date: Mon, 03 Feb 2025 14:18:25 +0100 Subject: [gnupg] Update to po/pt.po In-Reply-To: <874j1btkr7.fsf@lispclub.com> (Daniel Cerqueira's message of "Mon, 03 Feb 2025 09:55:56 +0000") References: <874j1btkr7.fsf@lispclub.com> Message-ID: <87seovkvz2.fsf@jacob.g10code.de> Hi! Thanks for the update. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From dkg at fifthhorseman.net Tue Feb 4 04:56:21 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 3 Feb 2025 22:56:21 -0500 Subject: [PATCH GnuPG] options: drop opt.flags.rfc4880bis (no longer in use) Message-ID: <20250204035621.896845-1-dkg@fifthhorseman.net> g10/options.h (opt): remove unused flags member rfc4880bis (not used). -- Signed-off-by: Daniel Kahn Gillmor --- g10/options.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/g10/options.h b/g10/options.h index 6f5017196..2f73a9cf4 100644 --- a/g10/options.h +++ b/g10/options.h @@ -285,8 +285,6 @@ struct unsigned int disable_signer_uid:1; unsigned int include_key_block:1; unsigned int auto_key_import:1; - /* Flag to enable experimental features from RFC4880bis. */ - unsigned int rfc4880bis:1; /* Hack: --output is not given but OUTFILE was temporary set to "-". */ unsigned int dummy_outfile:1; /* Force the use of the OpenPGP card and do not allow the use of -- 2.47.2 From dkg at fifthhorseman.net Tue Feb 4 05:52:59 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 3 Feb 2025 23:52:59 -0500 Subject: [PATCH GnuPG STABLE-BRANCH-2-4] gpg: Sync compliance mode cleanup with master Message-ID: <20250204045259.950267-1-dkg@fifthhorseman.net> * g10/gpg.c (set_compliance_option): Clean up option settings for compliance modes. * doc/gpg.texi: note that --allow-old-cipher-algos must come after any compliance setting. -- This makes it possible to reset all options affected by any non-gnupg compliance mode to their default values by using --compliance=gnupg. This synchronizes the compliance mode behaviors with the master branch, including commits: - 54a8770aeb20eb9e18b5e95e51c376ec7820f8f6 - 0bdf5859935e3db15baaf5d0d96b723ddbd2acd5 - 04d58ff8475575f22a5ee1fb8c4f2c2dca0b5522 - aa46ba28ba75fc479b407c572c723b51b22d4a73 - 4b2729b983bf3c6c1186ebdf1962f64d8cb1b3a1 - c2ff47d5bcd2953fc2095ef2242af2c7e9cd4420 GnuPG-Bug-id: 7501 Signed-off-by: Daniel Kahn Gillmor --- doc/gpg.texi | 4 +++- g10/gpg.c | 51 +++++++++++++++++++++++++++++---------------------- 2 files changed, 32 insertions(+), 23 deletions(-) diff --git a/doc/gpg.texi b/doc/gpg.texi index 7e80a293a..474ed66ac 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3691,7 +3691,9 @@ blocks of 64 bits; modern algorithms use blocks of 128 bit instead. To avoid certain attack on these old algorithms it is suggested not to encrypt more than 150 MiByte using the same key. For this reason gpg does not allow the use of 64 bit block size algorithms for encryption -unless this option is specified. +unless this option is specified. Some compliance modes already set or +clear this flag and thus this flag should be used after a compliance +mode setting. @item --allow-weak-digest-algos @opindex allow-weak-digest-algos diff --git a/g10/gpg.c b/g10/gpg.c index 1a96db989..d9daade72 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2265,17 +2265,14 @@ set_compliance_option (enum cmd_and_opt_values option) { switch (option) { - case oOpenPGP: - case oRFC4880: - /* This is effectively the same as RFC2440, but with - "--enable-dsa2 --no-rfc2440-text --escape-from-lines - --require-cross-certification". */ - opt.compliance = CO_RFC4880; - opt.flags.dsa2 = 1; + case oGnuPG: + /* set up default options affected by policy compliance: */ + opt.compliance = CO_GNUPG; + opt.flags.dsa2 = 0; opt.flags.require_cross_cert = 1; opt.rfc2440_text = 0; - opt.allow_non_selfsigned_uid = 1; - opt.allow_freeform_uid = 1; + opt.allow_non_selfsigned_uid = 0; + opt.allow_freeform_uid = 0; opt.escape_from = 1; opt.not_dash_escaped = 0; opt.def_cipher_algo = 0; @@ -2283,35 +2280,45 @@ set_compliance_option (enum cmd_and_opt_values option) opt.cert_digest_algo = 0; opt.compress_algo = -1; opt.s2k_mode = 3; /* iterated+salted */ + opt.s2k_digest_algo = 0; + opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO; + break; + case oOpenPGP: + case oRFC4880: + set_compliance_option (oGnuPG); + /* This is effectively the same as RFC2440, but with + "--enable-dsa2 --no-rfc2440-text --escape-from-lines + --require-cross-certification". */ + opt.compliance = CO_RFC4880; + opt.flags.dsa2 = 1; + opt.allow_non_selfsigned_uid = 1; + opt.allow_freeform_uid = 1; opt.s2k_digest_algo = DIGEST_ALGO_SHA1; opt.s2k_cipher_algo = CIPHER_ALGO_3DES; opt.flags.allow_old_cipher_algos = 1; break; case oRFC2440: + set_compliance_option (oGnuPG); opt.compliance = CO_RFC2440; - opt.flags.dsa2 = 0; + opt.flags.require_cross_cert = 0; opt.rfc2440_text = 1; opt.allow_non_selfsigned_uid = 1; opt.allow_freeform_uid = 1; opt.escape_from = 0; - opt.not_dash_escaped = 0; - opt.def_cipher_algo = 0; - opt.def_digest_algo = 0; - opt.cert_digest_algo = 0; - opt.compress_algo = -1; - opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_digest_algo = DIGEST_ALGO_SHA1; opt.s2k_cipher_algo = CIPHER_ALGO_3DES; opt.flags.allow_old_cipher_algos = 1; break; - case oPGP7: opt.compliance = CO_PGP7; break; - case oPGP8: opt.compliance = CO_PGP8; break; - case oGnuPG: - opt.compliance = CO_GNUPG; + case oPGP7: + set_compliance_option (oGnuPG); + opt.compliance = CO_PGP7; + break; + case oPGP8: + set_compliance_option (oGnuPG); + opt.compliance = CO_PGP8; break; - case oDE_VS: - set_compliance_option (oOpenPGP); + set_compliance_option (oGnuPG); opt.compliance = CO_DE_VS; /* We divert here from the backward compatible rfc4880 algos. */ opt.s2k_digest_algo = DIGEST_ALGO_SHA256; -- 2.47.2 From dkg at fifthhorseman.net Wed Feb 5 00:46:07 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:07 -0500 Subject: [PATCH GnuPG 4/5] compliance: add gnupg_compliance_label In-Reply-To: <20250204234906.1713904-1-dkg@fifthhorseman.net> References: <20250204234906.1713904-1-dkg@fifthhorseman.net> Message-ID: <20250204234906.1713904-5-dkg@fifthhorseman.net> * common/compliance.c (gnupg_compliance_label) new function, prototyped... * common/compliance.h: ...here. --- This will be useful when we need to display the current compliance mode to the user. Signed-off-by: Daniel Kahn Gillmor --- common/compliance.c | 7 +++++++ common/compliance.h | 2 ++ 2 files changed, 9 insertions(+) diff --git a/common/compliance.c b/common/compliance.c index 6c271c199..9707f3a20 100644 --- a/common/compliance.c +++ b/common/compliance.c @@ -782,6 +782,13 @@ gnupg_parse_compliance_option (const char *string, return -1; } +/* Return label for the given COMPLIANCE mode. */ +const char * +gnupg_compliance_label (enum gnupg_compliance_mode compliance) +{ + /* just offset by strlen("--compliance=") */ + return gnupg_compliance_option_string (compliance) + 13; +} /* Return the command line option for the given COMPLIANCE mode. */ const char * diff --git a/common/compliance.h b/common/compliance.h index 111fdc74b..2ddf38f83 100644 --- a/common/compliance.h +++ b/common/compliance.h @@ -91,6 +91,8 @@ int gnupg_parse_compliance_option (const char *string, int quiet); const char *gnupg_compliance_option_string (enum gnupg_compliance_mode compliance); +const char *gnupg_compliance_label (enum gnupg_compliance_mode + compliance); void gnupg_set_compliance_extra_info (unsigned int min_rsa); -- 2.47.2 From dkg at fifthhorseman.net Wed Feb 5 00:46:06 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:06 -0500 Subject: [PATCH GnuPG 3/5] gpg: use rsa3072 for legacy compliance modes In-Reply-To: <20250204234906.1713904-1-dkg@fifthhorseman.net> References: <20250204234906.1713904-1-dkg@fifthhorseman.net> Message-ID: <20250204234906.1713904-4-dkg@fifthhorseman.net> * doc/gpg.texi (default-new-key-algo): Remind the user that this should come after any compliance modes, like --allow-old-cipher-algos. -- GnuPG-bug-id: 7511 Signed-off-by: Daniel Kahn Gillmor --- doc/gpg.texi | 3 ++- g10/gpg.c | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/gpg.texi b/doc/gpg.texi index 7a709d170..5572cba7d 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3848,7 +3848,8 @@ generation. The @var{string} is similar to the arguments required for the command @option{--quick-add-key} but slightly different. You need to consult the source code to learn the details. Note that the advanced key generation commands can always be used to specify a key -algorithm directly. +algorithm directly. Setting a compliance mode will set or clear this +flag, so it should only be used after a compliance mode setting. @item --no-auto-trust-new-key @opindex no-auto-trust-new-key diff --git a/g10/gpg.c b/g10/gpg.c index 994b83b94..e16c92373 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -2295,6 +2295,7 @@ set_compliance_option (enum cmd_and_opt_values option) opt.s2k_digest_algo = 0; opt.s2k_cipher_algo = DEFAULT_CIPHER_ALGO; opt.flags.allow_old_cipher_algos = 0; + opt.def_new_key_algo = NULL; break; case oOpenPGP: @@ -2310,6 +2311,7 @@ set_compliance_option (enum cmd_and_opt_values option) opt.s2k_digest_algo = DIGEST_ALGO_SHA1; opt.s2k_cipher_algo = CIPHER_ALGO_3DES; opt.flags.allow_old_cipher_algos = 1; + opt.def_new_key_algo = "rsa3072/cert,sign+rsa3072/encr"; break; case oRFC2440: @@ -2323,6 +2325,7 @@ set_compliance_option (enum cmd_and_opt_values option) opt.s2k_digest_algo = DIGEST_ALGO_SHA1; opt.s2k_cipher_algo = CIPHER_ALGO_3DES; opt.flags.allow_old_cipher_algos = 1; + opt.def_new_key_algo = "rsa3072/cert,sign+rsa3072/encr"; break; case oPGP7: -- 2.47.2 From dkg at fifthhorseman.net Wed Feb 5 00:46:08 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:08 -0500 Subject: [PATCH GnuPG 5/5] gpg: Emit only RSA, DSA, and ElGamal with legacy compliance modes In-Reply-To: <20250204234906.1713904-1-dkg@fifthhorseman.net> References: <20250204234906.1713904-1-dkg@fifthhorseman.net> Message-ID: <20250204234906.1713904-6-dkg@fifthhorseman.net> * g10/keygen.c (parse_key_parameter_part): when using a legacy compliance mode, ensure that new keys are only algorithms known by the corresponding tools. -- GnuPG-bug-id: 7511 Signed-off-by: Daniel Kahn Gillmor --- g10/keygen.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/g10/keygen.c b/g10/keygen.c index 185585e3f..10a2eb9a1 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -3998,6 +3998,15 @@ parse_key_parameter_part (ctrl_t ctrl, else return gpg_error (GPG_ERR_UNKNOWN_CURVE); + if ((RFC4880||RFC2440||PGP8||PGP7) && + (algo != PUBKEY_ALGO_RSA) && + (algo != PUBKEY_ALGO_DSA) && + (algo != PUBKEY_ALGO_ELGAMAL_E)) { + log_error (_("Cannot generate pubkey algorithm \"%s\" in compliance mode: %s\n"), + string, gnupg_compliance_label (opt.compliance)); + return gpg_error (GPG_ERR_UNKNOWN_ALGORITHM); + } + /* Parse the flags. */ keyuse = 0; if (flags) -- 2.47.2 From dkg at fifthhorseman.net Wed Feb 5 00:46:03 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:03 -0500 Subject: Generate compatible keys in legacy compliance modes (T7511) Message-ID: <20250204234906.1713904-1-dkg@fifthhorseman.net> The following series of 5 patches attempt to ensure that using gpg with --compliance=rfc4880 (or earlier compliance modes), the OpenPGP keys produced will be readable by clients that only implement the particular legacy standard. This is intended to address https://dev.gnupg.org/T7511 Happy to hear feedback on it! Regards, --dkg From dkg at fifthhorseman.net Wed Feb 5 00:46:04 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:04 -0500 Subject: [PATCH GnuPG 1/5] doc: Update documentation of compliance modes In-Reply-To: <20250204234906.1713904-1-dkg@fifthhorseman.net> References: <20250204234906.1713904-1-dkg@fifthhorseman.net> Message-ID: <20250204234906.1713904-2-dkg@fifthhorseman.net> * doc/gpg.texi (Compliance Options): --gnupg offers LibrePGP behavior, and prefers LibrePGP where it diverges from OpenPGP; --rfc4880bis is an alias for --gnupg; Explain that --rfc2440 is ancient; correct punctuation. -- Signed-off-by: Daniel Kahn Gillmor --- doc/gpg.texi | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/doc/gpg.texi b/doc/gpg.texi index 9a621c89b..ab475c085 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3078,12 +3078,11 @@ options. @item --gnupg @opindex gnupg -Use standard GnuPG behavior. This is essentially OpenPGP behavior (see - at option{--openpgp}), but with extension from the proposed update to -OpenPGP and with some additional workarounds for common compatibility -problems in different versions of PGP. This is the default option, so -it is not generally needed, but it may be useful to override a -different compliance option in the gpg.conf file. +Use standard GnuPG behavior. This is now LibrePGP behavior, which is a +different draft protocol that overlaps in some cases with +OpenPGP. This is the default option, so it is not generally needed, +but it may be useful to override a different compliance option in the +gpg.conf file. @item --openpgp @opindex openpgp @@ -3102,21 +3101,20 @@ Note that this is currently the same thing as @option{--openpgp}. @item --rfc4880bis @opindex rfc4880bis -Reset all packet, cipher and digest options to strict according to the -proposed updates of RFC-4880. +This option is obsolete; it is handled as an alias for @option{--gnupg}. @item --rfc2440 @opindex rfc2440 -Reset all packet, cipher and digest options to strict RFC-2440 -behavior. Note that by using this option encryption packets are -created in a legacy mode without MDC protection. This is dangerous -and should thus only be used for experiments. This option implies - at option{--allow-old-cipher-algos}. See also option - at option{--ignore-mdc-error}. +Set all packet, cipher and digest options to strict RFC-2440 behavior. +RFC-2440 is a very old version of OpenPGP. Note that by using this +option encryption packets are created in a legacy mode without MDC +protection. This is dangerous and should thus only be used for +experiments. This option implies @option{--allow-old-cipher-algos}. +See also option @option{--ignore-mdc-error}. @item --pgp6 @opindex pgp6 -This option is obsolete; it is handled as an alias for @option{--pgp7} +This option is obsolete; it is handled as an alias for @option{--pgp7}. @item --pgp7 @opindex pgp7 -- 2.47.2 From dkg at fifthhorseman.net Wed Feb 5 00:46:05 2025 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 4 Feb 2025 18:46:05 -0500 Subject: [PATCH GnuPG 2/5] doc: drop incorrect information about --default-new-key-algo In-Reply-To: <20250204234906.1713904-1-dkg@fifthhorseman.net> References: <20250204234906.1713904-1-dkg@fifthhorseman.net> Message-ID: <20250204234906.1713904-3-dkg@fifthhorseman.net> * doc/gpg.texi (default-new-key-algo): drop incorrect information about defaults. -- The claimed default (rsa2048) is not set in the codebase at all. Signed-off-by: Daniel Kahn Gillmor --- doc/gpg.texi | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/doc/gpg.texi b/doc/gpg.texi index ab475c085..7a709d170 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3845,13 +3845,10 @@ absolute date in the form YYYY-MM-DD. Defaults to "0". @opindex default-new-key-algo @var{string} This option can be used to change the default algorithms for key generation. The @var{string} is similar to the arguments required for -the command @option{--quick-add-key} but slightly different. For -example the current default of @code{"rsa2048/cert,sign+rsa2048/encr"} -(or @code{"rsa3072"}) can be changed to the value of what we currently -call future default, which is @code{"ed25519/cert,sign+cv25519/encr"}. -You need to consult the source code to learn the details. Note that -the advanced key generation commands can always be used to specify a -key algorithm directly. +the command @option{--quick-add-key} but slightly different. You need +to consult the source code to learn the details. Note that the +advanced key generation commands can always be used to specify a key +algorithm directly. @item --no-auto-trust-new-key @opindex no-auto-trust-new-key -- 2.47.2